maketank/Froxlor
2
0
Fork 0
Code Pull Requests Releases Activity

ininitial froxlor commit;

Browse Source 
'reverted' old-style update-process;
removed billing-classes, -functions and -templates;
some sql-fixes;
This commit is contained in:
Michael Kaufmann (d00p)
2010-01-20 09:12:52 +00:00
commit 9907afe630
580 changed files with 60898 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
templates/misc/configfiles/debian_etch/awstats/etc_apache_vhosts_05_awstats.conf Normal file
View File

@@ -0,0 +1,14 @@
ScriptAlias /awstats/ "/usr/lib/cgi-bin/"
ScriptAlias /awstats "/usr/lib/cgi-bin/awstats.pl"
ScriptAlias /awstats.pl "/usr/lib/cgi-bin/awstats.pl"
Alias /awstats-icon/ "/usr/share/awstats/icon/"
<Directory "/usr/lib/cgi-bin">
Options ExecCGI
AllowOverride None
<IfModule mod_access.c>
Order allow,deny
Allow from all
</IfModule>
</Directory>

9
templates/misc/configfiles/debian_etch/awstats/etc_awstats_awstats.model.conf.syscp Normal file
View File

@@ -0,0 +1,9 @@
LogFile="{LOG_FILE}"
LogType=W
LogFormat = 1
LogSeparator=" "
SiteDomain="{SITE_DOMAIN}"
HostAliases="{HOST_ALIASES}"
# Include local configuration options identical for all virtual hosts
Include "/etc/awstats/awstats.conf.local"

9
templates/misc/configfiles/debian_etch/awstats/etc_awstats_awstats.model_log_sql.conf.syscp Normal file
View File

@@ -0,0 +1,9 @@
LogFile="{LOG_FILE}"
LogType=W
LogFormat = "%host %virtualname %logname %time1 %methodurl %code %bytesd %refererquot %uaquot"
LogSeparator=" "
SiteDomain="{SITE_DOMAIN}"
HostAliases="{HOST_ALIASES}"
# Include local configuration options identical for all virtual hosts
Include "/etc/awstats/awstats.conf.local"

6
templates/misc/configfiles/debian_etch/awstats/etc_cron.d_awstats Normal file
View File

@@ -0,0 +1,6 @@
#
# Set PATH, otherwise restart-scripts won't find start-stop-daemon
#
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
*/10 * * * * www-data [ -x /usr/bin/awstats_updateall.pl ] && /usr/bin/awstats_updateall.pl now -awstatsprog=/usr/lib/cgi-bin/awstats.pl -configdir=/etc/awstats -excludeconf=awstats.model.conf.syscp,awstats.conf

6
templates/misc/configfiles/debian_etch/awstats/etc_cron.d_awstats_log_sql Normal file
View File

@@ -0,0 +1,6 @@
#
# Set PATH, otherwise restart-scripts won't find start-stop-daemon
#
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
45 0 * * * www-data [ -x /usr/bin/awstats_updateall.pl ] && /usr/bin/awstats_updateall.pl now -awstatsprog=/usr/lib/cgi-bin/awstats.pl -configdir=/etc/awstats -excludeconf=awstats.model.conf.syscp,awstats.conf

19
templates/misc/configfiles/debian_etch/awstats/etc_lighttpd_syscp-awstats.conf Normal file
View File

@@ -0,0 +1,19 @@
#alias.url += (
# "/js/awstats_misc_tracker.js" => "/usr/share/awstats/wwwroot/js/awstats_misc_tracker.js"
#)
$HTTP["url"] =~ "^/awstats" {
alias.url += (
"/awstats/" => "<AWSTATS_PATH>",
"/awstats" => "<AWSTATS_PATH>awstats.pl",
"/awstats.pl" => "<AWSTATS_PATH>awstats.pl"
# "/awstatsicons/" => "/usr/share/awstats/wwwroot/icon/"
)
index-file.names = ( "awstatstotals.php" )
cgi.assign = (
".pl" => "/usr/bin/perl",
".cgi" => "/usr/bin/perl"
)
}

68
templates/misc/configfiles/debian_etch/courier/etc_courier_authdaemonrc Normal file
View File

@@ -0,0 +1,68 @@
##VERSION: $Id: authdaemonrc.in,v 1.8 2001/10/07 02:16:22 mrsam Exp $
#
# Copyright 2000-2001 Double Precision, Inc. See COPYING for
# distribution information.
#
# authdaemonrc created from authdaemonrc.dist by sysconftool
#
# Do not alter lines that begin with ##, they are used when upgrading
# this configuration.
#
# This file configures authdaemond, the resident authentication daemon.
#
# Comments in this file are ignored. Although this file is intended to
# be sourced as a shell script, authdaemond parses it manually, so
# the acceptable syntax is a bit limited. Multiline variable contents,
# with the \ continuation character, are not allowed. Everything must
# fit on one line. Do not use any additional whitespace for indentation,
# or anything else.
##NAME: authmodulelist:0
#
# The authentication modules that are linked into authdaemond. The
# default list is installed. You may selectively disable modules simply
# by removing them from the following list. The available modules you
# can use are: authcustom authcram authuserdb authldap authmysql authpam
authmodulelist="authmysql"
##NAME: authmodulelistorig:1
#
# This setting is used by Courier's webadmin module, and should be left
# alone
authmodulelistorig="authcustom authcram authuserdb authldap authmysql authpam"
##NAME: daemons:0
#
# The number of daemon processes that are started. authdaemon is typically
# installed where authentication modules are relatively expensive: such
# as authldap, or authmysql, so it's better to have a number of them running.
# PLEASE NOTE: Some platforms may experience a problem if there's more than
# one daemon. Specifically, SystemV derived platforms that use TLI with
# socket emulation. I'm suspicious of TLI's ability to handle multiple
# processes accepting connections on the same filesystem domain socket.
#
# You may need to increase daemons if as your system load increases. Symptoms
# include sporadic authentication failures. If you start getting
# authentication failures, increase daemons. However, the default of 5
# SHOULD be sufficient. Bumping up daemon count is only a short-term
# solution. The permanent solution is to add more resources: RAM, faster
# disks, faster CPUs...
daemons=5
##NAME: version:0
#
# When you have multiple versions of authdaemond.* installed, authdaemond
# just picks the first one it finds. Set "version" to override that.
# For example: version=authdaemond.plain
version=""
##NAME: authdaemonvar:0
#
# authdaemonvar is here, but is not used directly by authdaemond. It's
# used by various configuration and build scripts, so don't touch it!
authdaemonvar=/var/run/courier/authdaemon

13
templates/misc/configfiles/debian_etch/courier/etc_courier_authmysqlrc Normal file
View File

@@ -0,0 +1,13 @@
MYSQL_SERVER <SQL_HOST>
MYSQL_USERNAME <SQL_UNPRIVILEGED_USER>
MYSQL_PASSWORD <SQL_UNPRIVILEGED_PASSWORD>
MYSQL_PORT 3306
MYSQL_DATABASE <SQL_DB>
MYSQL_USER_TABLE mail_users
MYSQL_CRYPT_PWFIELD password_enc
MYSQL_UID_FIELD uid
MYSQL_GID_FIELD gid
MYSQL_LOGIN_FIELD username
MYSQL_HOME_FIELD homedir
MYSQL_MAILDIR_FIELD maildir
MYSQL_QUOTA_FIELD (quota*1024*1024)

14
templates/misc/configfiles/debian_etch/cron/etc_cron.d_syscp Normal file
View File

@@ -0,0 +1,14 @@
#
# Set PATH, otherwise restart-scripts won't find start-stop-daemon
#
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
#
# Regular cron jobs for the syscp package
#
*/5 * * * * root /usr/bin/php5 -q /var/www/syscp/scripts/cron_tasks.php
0 0 * * * root /usr/bin/php5 -q /var/www/syscp/scripts/cron_traffic.php
30 0 * * * root /usr/bin/php5 -q /var/www/syscp/scripts/cron_ticketarchive.php
0 1 * * * root /usr/bin/php5 -q /var/www/syscp/scripts/cron_used_tickets_reset.php
*/5 * * * * root /usr/bin/php5 -q /var/www/syscp/scripts/cron_autoresponder.php
*/5 * * * * root /usr/bin/php5 -q /var/www/syscp/scripts/cron_apsinstaller.php
*/30 * * * * root /usr/bin/php5 -q /var/www/syscp/scripts/cron_apsupdater.php

3
templates/misc/configfiles/debian_etch/dkim/dkim-filter.conf Normal file
View File

@@ -0,0 +1,3 @@
Syslog yes
Domain /etc/postfix/dkim/domains
KeyList /etc/postfix/dkim/dkim-keys.conf

5
templates/misc/configfiles/debian_etch/dovecot/etc_dovecot_dovecot-sql.conf Normal file
View File

@@ -0,0 +1,5 @@
driver = mysql
connect = host=<SQL_HOST> dbname=<SQL_DB> user=<SQL_UNPRIVILEGED_USER> password=<SQL_UNPRIVILEGED_PASSWORD>
default_pass_scheme = CRYPT
password_query = SELECT username AS user, password_enc AS password, CONCAT(homedir, maildir) AS userdb_home, uid AS userdb_uid, gid AS userdb_gid, CONCAT('maildir:storage=', (quota*1024)) as userdb_quota FROM mail_users WHERE username = '%u' OR email = '%u'
user_query = SELECT CONCAT(homedir, maildir) AS home, uid, gid, CONCAT('maildir:storage=', (quota*1024)) as quota FROM mail_users WHERE username = '%u' OR email = '%u'

72
templates/misc/configfiles/debian_etch/dovecot/etc_dovecot_dovecot.conf Normal file
View File

@@ -0,0 +1,72 @@
base_dir = /var/run/dovecot
protocols = imap pop3 <SSLPROTOCOLS>
listen = *
mail_access_groups = vmail
mail_debug = no
## Uncomment this line to allow Plaintext Logins from foreign IP if the Connection doesn't use TLS
disable_plaintext_auth = no
### SSL Settings
### After setting this options, set disable_plaintext_auth to yes (see above)
### and add imaps pop3s to the protocols
#ssl_cert_file = /etc/ssl/server/<SERVERNAME>.pem
#ssl_key_file = /etc/ssl/server/<SERVERNAME>.key
## This is an example with CACerts class3 cert!
#ssl_ca_file = /path/to/cacert.class3.crt
#ssl_cipher_list = ALL:!LOW:!SSLv2
protocol imap {
mail_plugins = quota imap_quota
}
protocol pop3 {
# Uncomment this line if you are migrating from Courier also see Migration from Courier
pop3_uidl_format = UID%u-%v
mail_plugins = quota
}
protocol lda {
# postmaster is the one in charge of the mail system. MUST be set to a vailid address!
postmaster_address = <postmaster-address>
auth_socket_path = /var/run/dovecot/auth-master
mail_plugins = quota
sendmail_path = /usr/sbin/sendmail
}
auth default {
mechanisms = plain login
passdb sql {
args = /etc/dovecot/dovecot-sql.conf
}
userdb prefetch {
}
userdb sql {
args = /etc/dovecot/dovecot-sql.conf
}
user = vmail
socket listen {
# Postfix uses the client socket for SMTP Auth
client {
# Assuming the default Postfix $queue_directory setting
path = /var/spool/postfix/private/auth
mode = 0660
# Assuming the default Postfix user and group
user = postfix
group = postfix
}
# Note that we're setting a master socket. SMTP AUTH for Postfix and Exim uses client sockets.
master {
path = /var/run/dovecot/auth-master
mode = 0660
user = vmail
group = vmail
}
}
}
plugin {
quota = maildir
}

125
templates/misc/configfiles/debian_etch/exim4/etc_exim4_conf.d_acl_30_exim4-config_check_rcpt.rul Normal file
View File

@@ -0,0 +1,125 @@
### acl/30_exim4-config_check_rcpt
#################################
acl_check_rcpt:
accept
hosts = :
warn
hosts = +relay_from_hosts
control = submission/sender_retain
.ifdef CHECK_RCPT_LOCAL_LOCALPARTS
deny
domains = +local_domains:+syscp_domain
local_parts = CHECK_RCPT_LOCAL_LOCALPARTS
message = restricted characters in address
.endif
.ifdef CHECK_RCPT_REMOTE_LOCALPARTS
deny
domains = !+local_domains
local_parts = CHECK_RCPT_REMOTE_LOCALPARTS
message = restricted characters in address
.endif
accept
.ifndef CHECK_RCPT_POSTMASTER
local_parts = postmaster
.else
local_parts = CHECK_RCPT_POSTMASTER
.endif
domains = +local_domains:+syscp_domain
deny
message = sender envelope address $sender_address is locally blacklisted here. If you think this is wrong, get in touch with postmaster
!acl = acl_local_deny_exceptions
senders = ${if exists{CONFDIR/local_sender_blacklist}\
{CONFDIR/local_sender_blacklist}\
{}}
deny
message = sender IP address $sender_host_address is locally blacklisted here. If you think this is wrong, get in touch with postmaster
!acl = acl_local_deny_exceptions
hosts = ${if exists{CONFDIR/local_host_blacklist}\
{CONFDIR/local_host_blacklist}\
{}}
.ifdef CHECK_RCPT_VERIFY_SENDER
deny
message = Sender verification failed
!acl = acl_local_deny_exceptions
!verify = sender
.endif
deny
!acl = acl_local_deny_exceptions
senders = ${if exists{CONFDIR/local_sender_callout}\
{CONFDIR/local_sender_callout}\
{}}
!verify = sender/callout
deny
!acl = acl_local_deny_exceptions
recipients = ${if exists{CONFDIR/local_rcpt_callout}\
{CONFDIR/local_rcpt_callout}\
{}}
!verify = recipient/callout
.ifdef CHECK_RCPT_REVERSE_DNS
warn
message = X-Host-Lookup-Failed: Reverse DNS lookup failed for $sender_host_address (${if eq{$host_lookup_failed}{1}{failed}{deferred}})
condition = ${if and{{def:sender_host_address}{!def:sender_host_name}}\
{yes}{no}}
.endif
.ifdef CHECK_RCPT_IP_DNSBLS
warn
message = X-Warning: $sender_host_address is listed at $dnslist_domain ($dnslist_value: $dnslist_text)
log_message = $sender_host_address is listed at $dnslist_domain ($dnslist_value: $dnslist_text)
dnslists = CHECK_RCPT_IP_DNSBLS
.endif
.ifdef CHECK_RCPT_DOMAIN_DNSBLS
warn
message = X-Warning: $sender_address_domain is listed at $dnslist_domain ($dnslist_value: $dnslist_text)
log_message = $sender_address_domain is listed at $dnslist_domain ($dnslist_value: $dnslist_text)
!senders = ${if exists{CONFDIR/local_domain_dnsbl_whitelist}\
{CONFDIR/local_domain_dnsbl_whitelist}\
{}}
dnslists = CHECK_RCPT_DOMAIN_DNSBLS/$sender_address_domain
.endif
.ifdef CHECK_RCPT_LOCAL_ACL_FILE
.include CHECK_RCPT_LOCAL_ACL_FILE
.endif
accept
domains = +local_domains:+syscp_domain
endpass
message = unknown user
verify = recipient
accept
domains = +relay_to_domains
endpass
.ifdef CHECK_RCPT_GIVE_UNKNOWN_USER
message = ${if eq{$acl_verify_message}{Unrouteable address}{unknown user}{$acl_verify_message}}
.else
message = unrouteable address
.endif
verify = recipient
############
# If control reaches this point, the domain is neither in +local_domains
# nor in +relay_to_domains.
############
accept
hosts = +relay_from_hosts
accept
authenticated = *
deny
message = relay not permitted

30
templates/misc/configfiles/debian_etch/exim4/etc_exim4_conf.d_auth_30_syscp-config Normal file
View File

@@ -0,0 +1,30 @@
### auth/30_syscp-config
#################################
plain_server:
driver = plaintext
public_name = PLAIN
server_condition = "${if and { \
{!eq{$2}{}} \
{!eq{$3}{}} \
{crypteq{$3}{${lookup mysql{SYSCP_AUTH_PLAIN}{$value}fail}}} \
} {yes}{no}}"
server_set_id = $2
server_prompts = :
# .ifndef AUTH_SERVER_ALLOW_NOTLS_PASSWORDS
# server_advertise_condition = ${if eq{$tls_cipher}{}{}{*}}
# .endif
login_server:
driver = plaintext
public_name = LOGIN
server_prompts = "Username:: : Password::"
server_condition = "${if and { \
{!eq{$1}{}} \
{!eq{$2}{}} \
{crypteq{$2}{${lookup mysql{SYSCP_AUTH_LOGIN}{$value}fail}}} \
} {yes}{no}}"
server_set_id = $1
# .ifndef AUTH_SERVER_ALLOW_NOTLS_PASSWORDS
# server_advertise_condition = ${if eq{$tls_cipher}{}{}{*}}
# .endif

20
templates/misc/configfiles/debian_etch/exim4/etc_exim4_conf.d_main_10_syscp-config_options Normal file
View File

@@ -0,0 +1,20 @@
hide mysql_servers = <SQL_HOST>/<SQL_DB>/<SQL_UNPRIVILEGED_USER>/<SQL_UNPRIVILEGED_PASSWORD>
SYSCP_LOCAL_DOMAIN = SELECT domain FROM panel_domains WHERE domain = '${quote_mysql:$domain}' AND isemaildomain = '1'
SYSCP_MAILALIAS = SELECT REPLACE(destination,' ',',') FROM mail_virtual WHERE \
(( email = '${quote_mysql:$local_part}@${quote_mysql:$domain}' ) \
OR ( email = '@${quote_mysql:$domain}' AND iscatchall > 0 )) \
AND destination <> '' AND destination <> ' ' ORDER BY iscatchall ASC LIMIT 1
SYSCP_MAILUSER = SELECT CONCAT(homedir,maildir) FROM mail_users WHERE \
email = '${quote_mysql:$local_part}@${quote_mysql:$domain}' AND postfix = 'y'
SYSCP_PARENT_DOMAIN = SELECT parent.domain FROM `panel_domains` AS parent INNER JOIN panel_domains AS alias \
ON alias.domain = '${quote_mysql:$domain}' AND parent.id = alias.aliasdomain
SYSCP_AUTH_PLAIN = SELECT password_enc FROM mail_users WHERE username = '${quote_mysql:$2}'
SYSCP_AUTH_LOGIN = SELECT password_enc FROM mail_users WHERE username = '${quote_mysql:$1}'
domainlist syscp_domain = mysql;SYSCP_LOCAL_DOMAIN

12
templates/misc/configfiles/debian_etch/exim4/etc_exim4_conf.d_router_180_syscp-config Normal file
View File

@@ -0,0 +1,12 @@
syscp_mailalias:
debug_print = "R: syscp_mailalias for $local_part@$domain"
driver = redirect
domains = +syscp_domain
data = ${lookup mysql {SYSCP_MAILALIAS}{$value}fail}
syscp_mailuser:
debug_print = "R: syscp_mailuser for $local_part@$domain"
driver = redirect
domains = +syscp_domain
data = ${lookup mysql {SYSCP_MAILUSER}{$value}fail}
directory_transport = maildir_syscp

13
templates/misc/configfiles/debian_etch/exim4/etc_exim4_conf.d_transport_30_syscp-config Normal file
View File

@@ -0,0 +1,13 @@
maildir_syscp:
debug_print = "T: maildir_syscp for $local_part@$domain"
driver = appendfile
create_directory
delivery_date_add
envelope_to_add
return_path_add
maildir_format
directory_mode = 0770
mode = 0660
mode_fail_narrower = false
user = 2000
group = 2000

16
templates/misc/configfiles/debian_etch/libnss/etc_nss-mysql-root.conf Normal file
View File

@@ -0,0 +1,16 @@
conf.version = 2;
shadow.host = inet:<SQL_HOST>:3306;
shadow.database = <SQL_DB>;
shadow.db_user = <SQL_UNPRIVILEGED_USER>;
shadow.db_password = <SQL_UNPRIVILEGED_PASSWORD>;
shadow.table = ftp_users u;
shadow.where_clause = ;
shadow.userid_column = u.id;
shadow.user_column = u.username;
shadow.password_column = u.password;
shadow.lastchange_column = UNIX_TIMESTAMP()-10;
shadow.min_column = 1;
shadow.max_column = 2;
shadow.warn_column = 7;
shadow.inact_column = -1;
shadow.expire_column = -1;

24
templates/misc/configfiles/debian_etch/libnss/etc_nss-mysql.conf Normal file
View File

@@ -0,0 +1,24 @@
conf.version = 2;
users.host = inet:<SQL_HOST>:3306;
users.database = <SQL_DB>;
users.db_user = <SQL_UNPRIVILEGED_USER>;
users.db_password = <SQL_UNPRIVILEGED_PASSWORD>;
users.table = ftp_users u;
users.where_clause =;
users.user_column = u.username;
users.password_column = u.password;
users.userid_column = u.id;
users.uid_column = u.uid;
users.gid_column = u.gid;
users.realname_column = u.username;
users.homedir_column = u.homedir;
users.shell_column = u.shell;
groups.group_info_table = ftp_groups g;
groups.where_clause = ;
groups.group_name_column = g.groupname;
groups.groupid_column = g.id;
groups.gid_column = g.gid;
groups.password_column = "x";
groups.members_table = ftp_groups ug;
groups.member_userid_column = ug.customerid;
groups.member_groupid_column = ug.id;

6
templates/misc/configfiles/debian_etch/libnss/etc_nsswitch.conf Normal file
View File

@@ -0,0 +1,6 @@
# Make sure that `passwd`, `group` and `shadow` have mysql in their lines
# You should place mysql at the end, so that it is queried after the other mechanisams
#
passwd: compat mysql
group: compat mysql
shadow: compat mysql

60
templates/misc/configfiles/debian_etch/lighttpd/etc_lighttpd.conf Normal file
View File

@@ -0,0 +1,60 @@
###############################################################################
# Default lighttpd.conf for SysCP.
###############################################################################
var.basedir = "/var/www"
var.logdir = "/var/log/lighttpd"
var.statedir = "/var/lib/lighttpd"
server.modules = (
"mod_rewrite",
"mod_redirect",
"mod_alias",
"mod_access",
"mod_auth",
"mod_fastcgi",
"mod_accesslog"
)
server.username = "www-data"
server.groupname = "www-data"
server.document-root = var.basedir
server.pid-file = "/var/run/lighttpd.pid"
accesslog.filename = var.logdir + "/access.log"
server.errorlog = var.logdir + "/error.log"
server.indexfiles = ("index.php", "index.html",
"index.htm", "default.htm")
server.name = "<SERVERNAME>"
server.port = 80
server.bind = "<SERVERIP>"
url.access-deny = ("~", ".inc")
fastcgi.server = (
".php" => (
"localhost" => (
"socket" => "/var/kunden/tmp/lighttpd-fcgi-sock-lighttpd",
"broken-scriptfilename" => "enable",
"bin-path" => "/usr/bin/php5-cgi",
"min-procs" => 1,
"max-procs" => 1,
"max-load-per-proc" => 4,
"idle-timeout" => 60,
"bin-environment" => (
"UID" => "www-data",
"GID" => "www-data",
"PHP_FCGI_CHILDREN" => "0",
"PHP_FCGI_MAX_REQUESTS" => "10000"
),
"bin-copy-environment" => ( "" )
)
)
)
#### external configuration files
## mimetype mapping
include_shell "/usr/share/lighttpd/create-mime.assign.pl"
## load enabled configuration files,
## read /etc/lighttpd/conf-available/README first
include_shell "/usr/share/lighttpd/include-conf-enabled.pl"

92
templates/misc/configfiles/debian_etch/postfix/etc_postfix_main.cf Normal file
View File

@@ -0,0 +1,92 @@
# Postfix programs paths settings
command_directory = /usr/sbin
daemon_directory = /usr/lib/postfix
program_directory = /usr/lib/postfix
sendmail_path = /usr/sbin/sendmail
## General Postfix configuration
# should be the default domain from your provider eg. "server100.provider.tld"
mydomain = <SERVERNAME>
# should be different from $mydomain eg. "mail.$mydomain"
myhostname = <SERVERNAME>
mydestination = $myhostname,
$mydomain,
localhost.$myhostname,
localhost.$mydomain,
localhost
mynetworks = 127.0.0.0/8
inet_interfaces = all
append_dot_mydomain = no
biff = no
# Postfix performance settings
default_destination_concurrency_limit = 20
local_destination_concurrency_limit = 2
# SMTPD Settings
smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
smtpd_helo_required = yes
smtpd_recipient_restrictions = permit_mynetworks,
permit_sasl_authenticated,
reject_unauth_destination,
reject_unauth_pipelining,
reject_non_fqdn_recipient
smtpd_sender_restrictions = permit_mynetworks,
permit_sasl_authenticated,
reject_unknown_hostname,
reject_unknown_recipient_domain,
reject_unknown_sender_domain
smtpd_client_restrictions = permit_mynetworks,
permit_sasl_authenticated,
reject_unknown_client
# Maximum size of Message in bytes (50MB)
message_size_limit = 52428800
## SASL Auth Settings
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain = $myhostname
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
## Dovecot Settings for deliver, SASL Auth and virtual transport
## uncomment those line to use Dovecot
#mailbox_command = /usr/lib/dovecot/deliver
#virtual_transport = dovecot
#dovecot_destination_recipient_limit = 1
# Virtual delivery settings
virtual_mailbox_base = <VIRTUAL_MAILBOX_BASE>
virtual_mailbox_maps = mysql:/etc/postfix/mysql-virtual_mailbox_maps.cf
virtual_mailbox_domains = mysql:/etc/postfix/mysql-virtual_mailbox_domains.cf
virtual_alias_maps = mysql:/etc/postfix/mysql-virtual_alias_maps.cf
virtual_uid_maps = static:<VIRTUAL_UID_MAPS>
virtual_gid_maps = static:<VIRTUAL_GID_MAPS>
# Local delivery settings
local_transport = local
alias_database = hash:/etc/aliases
alias_maps = $alias_database
# Default Mailbox size, is set to 0 which means unlimited!
mailbox_size_limit = 0
### TLS settings
###
## TLS for outgoing mails from the server to another server
#smtp_use_tls = yes
#smtp_tls_note_starttls_offer = yes
## TLS for email client
#smtpd_tls_cert_file = /etc/ssl/server/<SERVERNAME>.pem
#smtpd_tls_key_file = /etc/ssl/server/<SERVERNAME>.pem
#smtpd_tls_CAfile = /etc/ssl/cacert.class3.crt # Just an example for CACert.org
#smtpd_tls_auth_only = no
#smtpd_tls_loglevel = 1
#smtpd_tls_received_header = yes
#smtpd_tls_session_cache_timeout = 3600s
#tls_random_source = dev:/dev/urandom
debugger_command =
PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
ddd $daemon_directory/$process_name $process_id & sleep 5

4
templates/misc/configfiles/debian_etch/postfix/etc_postfix_master.cf Normal file
View File

@@ -0,0 +1,4 @@
# Add this lines to be able to use dovecot as delivery agent
# Dovecot LDA
dovecot unix - n n - - pipe
flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -d ${recipient}

8
templates/misc/configfiles/debian_etch/postfix/etc_postfix_mysql-virtual_alias_maps.cf Normal file
View File

@@ -0,0 +1,8 @@
user = <SQL_UNPRIVILEGED_USER>
password = <SQL_UNPRIVILEGED_PASSWORD>
dbname = <SQL_DB>
table = mail_virtual
select_field = destination
where_field = email
additional_conditions = and destination <> '' and destination <> ' '
hosts = <SQL_HOST>

8
templates/misc/configfiles/debian_etch/postfix/etc_postfix_mysql-virtual_mailbox_domains.cf Normal file
View File

@@ -0,0 +1,8 @@
user = <SQL_UNPRIVILEGED_USER>
password = <SQL_UNPRIVILEGED_PASSWORD>
dbname = <SQL_DB>
table = panel_domains
select_field = domain
where_field = domain
additional_conditions = and isemaildomain = '1'
hosts = <SQL_HOST>

7
templates/misc/configfiles/debian_etch/postfix/etc_postfix_mysql-virtual_mailbox_maps.cf Normal file
View File

@@ -0,0 +1,7 @@
user = <SQL_UNPRIVILEGED_USER>
password = <SQL_UNPRIVILEGED_PASSWORD>
dbname = <SQL_DB>
table = mail_users
select_field = maildir
where_field = email
hosts = <SQL_HOST>

11
templates/misc/configfiles/debian_etch/postfix/etc_postfix_sasl_smtpd.conf Normal file
View File

@@ -0,0 +1,11 @@
pwcheck_method: auxprop
auxprop_plugin: sql
allowanonymouslogin: no
allowplaintext: yes
mech_list: plain login cram-md5 digest-md5
sql_engine: mysql
sql_hostnames: <SQL_HOST>
sql_user: <SQL_UNPRIVILEGED_USER>
sql_passwd: <SQL_UNPRIVILEGED_PASSWORD>
sql_database: <SQL_DB>
sql_select: SELECT password FROM mail_users WHERE username='%u@%r' OR email='%u@%r'

7
templates/misc/configfiles/debian_etch/powerdns/etc_powerdns_pdns-syscp.conf Normal file
View File

@@ -0,0 +1,7 @@
allow-axfr-ips=<NAMESERVERS>
#local-ipv6=YOUR_IPv6_(if_any)
bind-config=/etc/bind/named.conf
bind-check-interval=180
log-dns-details=yes
local-address=<SERVERIP>,127.0.0.1

17
templates/misc/configfiles/debian_etch/powerdns/etc_powerdns_pdns.conf Normal file
View File

@@ -0,0 +1,17 @@
allow-recursion=127.0.0.1
config-dir=/etc/powerdns
daemon=yes
guardian=yes
launch=bind
lazy-recursion=yes
local-port=53
master=yes
module-dir=/usr/lib/powerdns
setgid=pdns
setuid=pdns
socket-dir=/var/run
version-string=powerdns
bind-config=/etc/bind/named.conf
bind-check-interval=300
include=/etc/powerdns/pdns_syscp.conf

34
templates/misc/configfiles/debian_etch/proftpd/etc_proftpd_modules.conf Normal file
View File

@@ -0,0 +1,34 @@
#
# This file is used to manage DSO modules and features.
#
# This is the directory where DSO modules resides
ModulePath /usr/lib/proftpd
# Allow only user root to load and unload modules, but allow everyone
# to see which modules have been loaded
ModuleControlsACLs insmod,rmmod allow user root
ModuleControlsACLs lsmod allow user *
#LoadModule mod_ctrls_admin.c
LoadModule mod_tls.c
LoadModule mod_sql.c
#LoadModule mod_ldap.c
LoadModule mod_sql_mysql.c
#LoadModule mod_sql_postgres.c
#LoadModule mod_quotatab.c
#LoadModule mod_quotatab_file.c
#LoadModule mod_quotatab_ldap.c
#LoadModule mod_quotatab_sql.c
#LoadModule mod_radius.c
LoadModule mod_wrap.c
LoadModule mod_rewrite.c
# keep this module the last one
LoadModule mod_ifsession.c
<IfModule mod_delay.c>
DelayEngine off
</IfModule>

64
templates/misc/configfiles/debian_etch/proftpd/etc_proftpd_proftpd.conf Normal file
View File

@@ -0,0 +1,64 @@
Include /etc/proftpd/modules.conf
ServerName "<SERVERNAME> FTP Server"
ServerType standalone
DeferWelcome off
MultilineRFC2228 on
DefaultServer on
ShowSymlinks on
AllowOverwrite on
TimeoutNoTransfer 600
TimeoutStalled 600
TimeoutIdle 1200
DisplayLogin welcome.msg
DisplayFirstChdir .message
ListOptions "-l"
DenyFilter \*.*/
Port 21
MaxInstances 30
UseIPv6 off
TransferLog /var/log/proftpd/xferlog
SystemLog /var/log/proftpd/proftpd.log
# make proftpd faster / do not perform ident and reverse dns lookup
UseReverseDNS off
IdentLookups off
# Set the user and group that the server normally runs at.
User nobody
Group nogroup
<Directory /*>
# Umask 022 is a good standard umask to prevent new files and dirs
# (second parm) from being group and world writable.
Umask 022 022
# Normally, we want files to be overwriteable.
AllowOverwrite on
</Directory>
DefaultRoot ~
RequireValidShell off
AuthOrder mod_sql.c
SQLAuthTypes Crypt
SQLAuthenticate users* groups*
SQLConnectInfo <SQL_DB>@<SQL_HOST> <SQL_UNPRIVILEGED_USER> <SQL_UNPRIVILEGED_PASSWORD>
SQLUserInfo ftp_users username password uid gid homedir shell
SQLGroupInfo ftp_groups groupname gid members
SQLUserWhereClause "login_enabled = 'y'"
SQLLog PASS login
SQLNamedQuery login UPDATE "last_login=now(), login_count=login_count+1 WHERE username='%u'" ftp_users
SQLLog RETR download
SQLNamedQuery download UPDATE "down_count=down_count+1, down_bytes=down_bytes+%b WHERE username='%u'" ftp_users
SQLLog STOR upload
SQLNamedQuery upload UPDATE "up_count=up_count+1, up_bytes=up_bytes+%b WHERE username='%u'" ftp_users

5
templates/misc/configfiles/debian_etch/pure-ftpd/etc_default_pure-ftpd-common Normal file
View File

@@ -0,0 +1,5 @@
STANDALONE_OR_INETD=standalone
VIRTUALCHROOT=false
UPLOADSCRIPT=
UPLOADUID=
UPLOADGID=

1
templates/misc/configfiles/debian_etch/pure-ftpd/etc_pure-ftpd_conf_Bind Normal file
View File

@@ -0,0 +1 @@
21

1
templates/misc/configfiles/debian_etch/pure-ftpd/etc_pure-ftpd_conf_ChrootEveryone Normal file
View File

@@ -0,0 +1 @@
yes

1
templates/misc/configfiles/debian_etch/pure-ftpd/etc_pure-ftpd_conf_CustomerProof Normal file
View File

@@ -0,0 +1 @@
1

1
templates/misc/configfiles/debian_etch/pure-ftpd/etc_pure-ftpd_conf_MaxIdleTime Normal file
View File

@@ -0,0 +1 @@
15

1
templates/misc/configfiles/debian_etch/pure-ftpd/etc_pure-ftpd_conf_MinUID Normal file
View File

@@ -0,0 +1 @@
1000

1
templates/misc/configfiles/debian_etch/pure-ftpd/etc_pure-ftpd_conf_MySQLConfigFile Normal file
View File

@@ -0,0 +1 @@
/etc/pure-ftpd/db/mysql.conf

1
templates/misc/configfiles/debian_etch/pure-ftpd/etc_pure-ftpd_conf_NoAnonymous Normal file
View File

@@ -0,0 +1 @@
yes

1
templates/misc/configfiles/debian_etch/pure-ftpd/etc_pure-ftpd_conf_PAMAuthentication Normal file
View File

@@ -0,0 +1 @@
no

10
templates/misc/configfiles/debian_etch/pure-ftpd/etc_pure-ftpd_db_mysql.conf Normal file
View File

@@ -0,0 +1,10 @@
MYSQLServer <SQL_HOST>
MYSQLUser <SQL_UNPRIVILEGED_USER>
MYSQLPassword <SQL_UNPRIVILEGED_PASSWORD>
MYSQLDatabase <SQL_DB>
MYSQLCrypt any
MYSQLGetPW SELECT password FROM ftp_users WHERE username="\L" AND login_enabled="y"
MYSQLGetUID SELECT uid FROM ftp_users WHERE username="\L" AND login_enabled="y"
MYSQLGetGID SELECT gid FROM ftp_users WHERE username="\L" AND login_enabled="y"
MYSQLGetDir SELECT homedir FROM ftp_users WHERE username="\L" AND login_enabled="y"

11
templates/misc/configfiles/debian_etch/xinetd/etc_xinet.d_syscp Normal file
View File

@@ -0,0 +1,11 @@
service syscp
{
id = syscp
socket_type = dgram
protocol = tcp
wait = no
user = root
server = /usr/bin/php
server_args = -q /var/www/syscp/scripts/cron_tasks.php
only_from = 127.0.0.1
}

14
templates/misc/configfiles/debian_lenny/awstats/etc_apache_vhosts_05_awstats.conf Normal file
View File

@@ -0,0 +1,14 @@
ScriptAlias /awstats/ "/usr/lib/cgi-bin/"
ScriptAlias /awstats "/usr/lib/cgi-bin/awstats.pl"
ScriptAlias /awstats.pl "/usr/lib/cgi-bin/awstats.pl"
Alias /awstats-icon/ "/usr/share/awstats/icon/"
<Directory "/usr/lib/cgi-bin">
Options ExecCGI
AllowOverride None
<IfModule mod_access.c>
Order allow,deny
Allow from all
</IfModule>
</Directory>

9
templates/misc/configfiles/debian_lenny/awstats/etc_awstats_awstats.model.conf.syscp Normal file
View File

@@ -0,0 +1,9 @@
LogFile="{LOG_FILE}"
LogType=W
LogFormat = 1
LogSeparator=" "
SiteDomain="{SITE_DOMAIN}"
HostAliases="{HOST_ALIASES}"
# Include local configuration options identical for all virtual hosts
Include "/etc/awstats/awstats.conf.local"

9
templates/misc/configfiles/debian_lenny/awstats/etc_awstats_awstats.model_log_sql.conf.syscp Normal file
View File

@@ -0,0 +1,9 @@
LogFile="{LOG_FILE}"
LogType=W
LogFormat = "%host %virtualname %logname %time1 %methodurl %code %bytesd %refererquot %uaquot"
LogSeparator=" "
SiteDomain="{SITE_DOMAIN}"
HostAliases="{HOST_ALIASES}"
# Include local configuration options identical for all virtual hosts
Include "/etc/awstats/awstats.conf.local"

6
templates/misc/configfiles/debian_lenny/awstats/etc_cron.d_awstats Normal file
View File

@@ -0,0 +1,6 @@
#
# Set PATH, otherwise restart-scripts won't find start-stop-daemon
#
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
*/10 * * * * www-data [ -x /usr/bin/awstats_updateall.pl ] && /usr/bin/awstats_updateall.pl now -awstatsprog=/usr/lib/cgi-bin/awstats.pl -configdir=/etc/awstats -excludeconf=awstats.model.conf.syscp,awstats.conf

6
templates/misc/configfiles/debian_lenny/awstats/etc_cron.d_awstats_log_sql Normal file
View File

@@ -0,0 +1,6 @@
#
# Set PATH, otherwise restart-scripts won't find start-stop-daemon
#
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
45 0 * * * www-data [ -x /usr/bin/awstats_updateall.pl ] && /usr/bin/awstats_updateall.pl now -awstatsprog=/usr/lib/cgi-bin/awstats.pl -configdir=/etc/awstats -excludeconf=awstats.model.conf.syscp,awstats.conf

19
templates/misc/configfiles/debian_lenny/awstats/etc_lighttpd_syscp-awstats.conf Normal file
View File

@@ -0,0 +1,19 @@
#alias.url += (
# "/js/awstats_misc_tracker.js" => "/usr/share/awstats/wwwroot/js/awstats_misc_tracker.js"
#)
$HTTP["url"] =~ "^/awstats" {
alias.url += (
"/awstats/" => "<AWSTATS_PATH>",
"/awstats" => "<AWSTATS_PATH>awstats.pl",
"/awstats.pl" => "<AWSTATS_PATH>awstats.pl"
# "/awstatsicons/" => "/usr/share/awstats/wwwroot/icon/"
)
index-file.names = ( "awstatstotals.php" )
cgi.assign = (
".pl" => "/usr/bin/perl",
".cgi" => "/usr/bin/perl"
)
}

68
templates/misc/configfiles/debian_lenny/courier/etc_courier_authdaemonrc Normal file
View File

@@ -0,0 +1,68 @@
##VERSION: $Id: authdaemonrc.in,v 1.8 2001/10/07 02:16:22 mrsam Exp $
#
# Copyright 2000-2001 Double Precision, Inc. See COPYING for
# distribution information.
#
# authdaemonrc created from authdaemonrc.dist by sysconftool
#
# Do not alter lines that begin with ##, they are used when upgrading
# this configuration.
#
# This file configures authdaemond, the resident authentication daemon.
#
# Comments in this file are ignored. Although this file is intended to
# be sourced as a shell script, authdaemond parses it manually, so
# the acceptable syntax is a bit limited. Multiline variable contents,
# with the \ continuation character, are not allowed. Everything must
# fit on one line. Do not use any additional whitespace for indentation,
# or anything else.
##NAME: authmodulelist:0
#
# The authentication modules that are linked into authdaemond. The
# default list is installed. You may selectively disable modules simply
# by removing them from the following list. The available modules you
# can use are: authcustom authcram authuserdb authldap authmysql authpam
authmodulelist="authmysql"
##NAME: authmodulelistorig:1
#
# This setting is used by Courier's webadmin module, and should be left
# alone
authmodulelistorig="authcustom authcram authuserdb authldap authmysql authpam"
##NAME: daemons:0
#
# The number of daemon processes that are started. authdaemon is typically
# installed where authentication modules are relatively expensive: such
# as authldap, or authmysql, so it's better to have a number of them running.
# PLEASE NOTE: Some platforms may experience a problem if there's more than
# one daemon. Specifically, SystemV derived platforms that use TLI with
# socket emulation. I'm suspicious of TLI's ability to handle multiple
# processes accepting connections on the same filesystem domain socket.
#
# You may need to increase daemons if as your system load increases. Symptoms
# include sporadic authentication failures. If you start getting
# authentication failures, increase daemons. However, the default of 5
# SHOULD be sufficient. Bumping up daemon count is only a short-term
# solution. The permanent solution is to add more resources: RAM, faster
# disks, faster CPUs...
daemons=5
##NAME: version:0
#
# When you have multiple versions of authdaemond.* installed, authdaemond
# just picks the first one it finds. Set "version" to override that.
# For example: version=authdaemond.plain
version=""
##NAME: authdaemonvar:0
#
# authdaemonvar is here, but is not used directly by authdaemond. It's
# used by various configuration and build scripts, so don't touch it!
authdaemonvar=/var/run/courier/authdaemon

13
templates/misc/configfiles/debian_lenny/courier/etc_courier_authmysqlrc Normal file
View File

@@ -0,0 +1,13 @@
MYSQL_SERVER <SQL_HOST>
MYSQL_USERNAME <SQL_UNPRIVILEGED_USER>
MYSQL_PASSWORD <SQL_UNPRIVILEGED_PASSWORD>
MYSQL_PORT 3306
MYSQL_DATABASE <SQL_DB>
MYSQL_USER_TABLE mail_users
MYSQL_CRYPT_PWFIELD password_enc
MYSQL_UID_FIELD uid
MYSQL_GID_FIELD gid
MYSQL_LOGIN_FIELD username
MYSQL_HOME_FIELD homedir
MYSQL_MAILDIR_FIELD maildir
MYSQL_QUOTA_FIELD (quota*1024*1024)

14
templates/misc/configfiles/debian_lenny/cron/etc_cron.d_syscp Normal file
View File

@@ -0,0 +1,14 @@
#
# Set PATH, otherwise restart-scripts won't find start-stop-daemon
#
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
#
# Regular cron jobs for the syscp package
#
*/5 * * * * root /usr/bin/php5 -q /var/www/syscp/scripts/cron_tasks.php
0 0 * * * root /usr/bin/php5 -q /var/www/syscp/scripts/cron_traffic.php
30 0 * * * root /usr/bin/php5 -q /var/www/syscp/scripts/cron_ticketarchive.php
0 1 * * * root /usr/bin/php5 -q /var/www/syscp/scripts/cron_used_tickets_reset.php
*/5 * * * * root /usr/bin/php5 -q /var/www/syscp/scripts/cron_autoresponder.php
*/5 * * * * root /usr/bin/php5 -q /var/www/syscp/scripts/cron_apsinstaller.php
*/30 * * * * root /usr/bin/php5 -q /var/www/syscp/scripts/cron_apsupdater.php

3
templates/misc/configfiles/debian_lenny/dkim/dkim-filter.conf Normal file
View File

@@ -0,0 +1,3 @@
Syslog yes
Domain /etc/postfix/dkim/domains
KeyList /etc/postfix/dkim/dkim-keys.conf

5
templates/misc/configfiles/debian_lenny/dovecot/etc_dovecot_dovecot-sql.conf Normal file
View File

@@ -0,0 +1,5 @@
driver = mysql
connect = host=<SQL_HOST> dbname=<SQL_DB> user=<SQL_UNPRIVILEGED_USER> password=<SQL_UNPRIVILEGED_PASSWORD>
default_pass_scheme = CRYPT
password_query = SELECT username AS user, password_enc AS password, CONCAT(homedir, maildir) AS userdb_home, uid AS userdb_uid, gid AS userdb_gid, CONCAT('maildir:storage=', (quota*1024)) as userdb_quota FROM mail_users WHERE username = '%u' OR email = '%u'
user_query = SELECT CONCAT(homedir, maildir) AS home, uid, gid, CONCAT('maildir:storage=', (quota*1024)) as quota FROM mail_users WHERE username = '%u' OR email = '%u'

72
templates/misc/configfiles/debian_lenny/dovecot/etc_dovecot_dovecot.conf Normal file
View File

@@ -0,0 +1,72 @@
base_dir = /var/run/dovecot
protocols = imap pop3 <SSLPROTOCOLS>
listen = *
mail_access_groups = vmail
mail_debug = no
## Uncomment this line to allow Plaintext Logins from foreign IP if the Connection doesn't use TLS
disable_plaintext_auth = no
### SSL Settings
### After setting this options, set disable_plaintext_auth to yes (see above)
### and add imaps pop3s to the protocols
#ssl_cert_file = /etc/ssl/server/<SERVERNAME>.pem
#ssl_key_file = /etc/ssl/server/<SERVERNAME>.key
## This is an example with CACerts class3 cert!
#ssl_ca_file = /path/to/cacert.class3.crt
#ssl_cipher_list = ALL:!LOW:!SSLv2
protocol imap {
mail_plugins = quota imap_quota
}
protocol pop3 {
# Uncomment this line if you are migrating from Courier also see Migration from Courier
pop3_uidl_format = UID%u-%v
mail_plugins = quota
}
protocol lda {
# postmaster is the one in charge of the mail system. MUST be set to a vailid address!
postmaster_address = <postmaster-address>
auth_socket_path = /var/run/dovecot/auth-master
mail_plugins = quota
sendmail_path = /usr/sbin/sendmail
}
auth default {
mechanisms = plain login
passdb sql {
args = /etc/dovecot/dovecot-sql.conf
}
userdb prefetch {
}
userdb sql {
args = /etc/dovecot/dovecot-sql.conf
}
user = vmail
socket listen {
# Postfix uses the client socket for SMTP Auth
client {
# Assuming the default Postfix $queue_directory setting
path = /var/spool/postfix/private/auth
mode = 0660
# Assuming the default Postfix user and group
user = postfix
group = postfix
}
# Note that we're setting a master socket. SMTP AUTH for Postfix and Exim uses client sockets.
master {
path = /var/run/dovecot/auth-master
mode = 0660
user = vmail
group = vmail
}
}
}
plugin {
quota = maildir
}

125
templates/misc/configfiles/debian_lenny/exim4/etc_exim4_conf.d_acl_30_exim4-config_check_rcpt.rul Normal file
View File

@@ -0,0 +1,125 @@
### acl/30_exim4-config_check_rcpt
#################################
acl_check_rcpt:
accept
hosts = :
warn
hosts = +relay_from_hosts
control = submission/sender_retain
.ifdef CHECK_RCPT_LOCAL_LOCALPARTS
deny
domains = +local_domains:+syscp_domain
local_parts = CHECK_RCPT_LOCAL_LOCALPARTS
message = restricted characters in address
.endif
.ifdef CHECK_RCPT_REMOTE_LOCALPARTS
deny
domains = !+local_domains
local_parts = CHECK_RCPT_REMOTE_LOCALPARTS
message = restricted characters in address
.endif
accept
.ifndef CHECK_RCPT_POSTMASTER
local_parts = postmaster
.else
local_parts = CHECK_RCPT_POSTMASTER
.endif
domains = +local_domains:+syscp_domain
deny
message = sender envelope address $sender_address is locally blacklisted here. If you think this is wrong, get in touch with postmaster
!acl = acl_local_deny_exceptions
senders = ${if exists{CONFDIR/local_sender_blacklist}\
{CONFDIR/local_sender_blacklist}\
{}}
deny
message = sender IP address $sender_host_address is locally blacklisted here. If you think this is wrong, get in touch with postmaster
!acl = acl_local_deny_exceptions
hosts = ${if exists{CONFDIR/local_host_blacklist}\
{CONFDIR/local_host_blacklist}\
{}}
.ifdef CHECK_RCPT_VERIFY_SENDER
deny
message = Sender verification failed
!acl = acl_local_deny_exceptions
!verify = sender
.endif
deny
!acl = acl_local_deny_exceptions
senders = ${if exists{CONFDIR/local_sender_callout}\
{CONFDIR/local_sender_callout}\
{}}
!verify = sender/callout
deny
!acl = acl_local_deny_exceptions
recipients = ${if exists{CONFDIR/local_rcpt_callout}\
{CONFDIR/local_rcpt_callout}\
{}}
!verify = recipient/callout
.ifdef CHECK_RCPT_REVERSE_DNS
warn
message = X-Host-Lookup-Failed: Reverse DNS lookup failed for $sender_host_address (${if eq{$host_lookup_failed}{1}{failed}{deferred}})
condition = ${if and{{def:sender_host_address}{!def:sender_host_name}}\
{yes}{no}}
.endif
.ifdef CHECK_RCPT_IP_DNSBLS
warn
message = X-Warning: $sender_host_address is listed at $dnslist_domain ($dnslist_value: $dnslist_text)
log_message = $sender_host_address is listed at $dnslist_domain ($dnslist_value: $dnslist_text)
dnslists = CHECK_RCPT_IP_DNSBLS
.endif
.ifdef CHECK_RCPT_DOMAIN_DNSBLS
warn
message = X-Warning: $sender_address_domain is listed at $dnslist_domain ($dnslist_value: $dnslist_text)
log_message = $sender_address_domain is listed at $dnslist_domain ($dnslist_value: $dnslist_text)
!senders = ${if exists{CONFDIR/local_domain_dnsbl_whitelist}\
{CONFDIR/local_domain_dnsbl_whitelist}\
{}}
dnslists = CHECK_RCPT_DOMAIN_DNSBLS/$sender_address_domain
.endif
.ifdef CHECK_RCPT_LOCAL_ACL_FILE
.include CHECK_RCPT_LOCAL_ACL_FILE
.endif
accept
domains = +local_domains:+syscp_domain
endpass
message = unknown user
verify = recipient
accept
domains = +relay_to_domains
endpass
.ifdef CHECK_RCPT_GIVE_UNKNOWN_USER
message = ${if eq{$acl_verify_message}{Unrouteable address}{unknown user}{$acl_verify_message}}
.else
message = unrouteable address
.endif
verify = recipient
############
# If control reaches this point, the domain is neither in +local_domains
# nor in +relay_to_domains.
############
accept
hosts = +relay_from_hosts
accept
authenticated = *
deny
message = relay not permitted

30
templates/misc/configfiles/debian_lenny/exim4/etc_exim4_conf.d_auth_30_syscp-config Normal file
View File

@@ -0,0 +1,30 @@
### auth/30_syscp-config
#################################
plain_server:
driver = plaintext
public_name = PLAIN
server_condition = "${if and { \
{!eq{$2}{}} \
{!eq{$3}{}} \
{crypteq{$3}{${lookup mysql{SYSCP_AUTH_PLAIN}{$value}fail}}} \
} {yes}{no}}"
server_set_id = $2
server_prompts = :
# .ifndef AUTH_SERVER_ALLOW_NOTLS_PASSWORDS
# server_advertise_condition = ${if eq{$tls_cipher}{}{}{*}}
# .endif
login_server:
driver = plaintext
public_name = LOGIN
server_prompts = "Username:: : Password::"
server_condition = "${if and { \
{!eq{$1}{}} \
{!eq{$2}{}} \
{crypteq{$2}{${lookup mysql{SYSCP_AUTH_LOGIN}{$value}fail}}} \
} {yes}{no}}"
server_set_id = $1
# .ifndef AUTH_SERVER_ALLOW_NOTLS_PASSWORDS
# server_advertise_condition = ${if eq{$tls_cipher}{}{}{*}}
# .endif

20
templates/misc/configfiles/debian_lenny/exim4/etc_exim4_conf.d_main_10_syscp-config_options Normal file
View File

@@ -0,0 +1,20 @@
hide mysql_servers = <SQL_HOST>/<SQL_DB>/<SQL_UNPRIVILEGED_USER>/<SQL_UNPRIVILEGED_PASSWORD>
SYSCP_LOCAL_DOMAIN = SELECT domain FROM panel_domains WHERE domain = '${quote_mysql:$domain}' AND isemaildomain = '1'
SYSCP_MAILALIAS = SELECT REPLACE(destination,' ',',') FROM mail_virtual WHERE \
(( email = '${quote_mysql:$local_part}@${quote_mysql:$domain}' ) \
OR ( email = '@${quote_mysql:$domain}' AND iscatchall > 0 )) \
AND destination <> '' AND destination <> ' ' ORDER BY iscatchall ASC LIMIT 1
SYSCP_MAILUSER = SELECT CONCAT(homedir,maildir) FROM mail_users WHERE \
email = '${quote_mysql:$local_part}@${quote_mysql:$domain}' AND postfix = 'y'
SYSCP_PARENT_DOMAIN = SELECT parent.domain FROM `panel_domains` AS parent INNER JOIN panel_domains AS alias \
ON alias.domain = '${quote_mysql:$domain}' AND parent.id = alias.aliasdomain
SYSCP_AUTH_PLAIN = SELECT password_enc FROM mail_users WHERE username = '${quote_mysql:$2}'
SYSCP_AUTH_LOGIN = SELECT password_enc FROM mail_users WHERE username = '${quote_mysql:$1}'
domainlist syscp_domain = mysql;SYSCP_LOCAL_DOMAIN

12
templates/misc/configfiles/debian_lenny/exim4/etc_exim4_conf.d_router_180_syscp-config Normal file
View File

@@ -0,0 +1,12 @@
syscp_mailalias:
debug_print = "R: syscp_mailalias for $local_part@$domain"
driver = redirect
domains = +syscp_domain
data = ${lookup mysql {SYSCP_MAILALIAS}{$value}fail}
syscp_mailuser:
debug_print = "R: syscp_mailuser for $local_part@$domain"
driver = redirect
domains = +syscp_domain
data = ${lookup mysql {SYSCP_MAILUSER}{$value}fail}
directory_transport = maildir_syscp

13
templates/misc/configfiles/debian_lenny/exim4/etc_exim4_conf.d_transport_30_syscp-config Normal file
View File

@@ -0,0 +1,13 @@
maildir_syscp:
debug_print = "T: maildir_syscp for $local_part@$domain"
driver = appendfile
create_directory
delivery_date_add
envelope_to_add
return_path_add
maildir_format
directory_mode = 0770
mode = 0660
mode_fail_narrower = false
user = 2000
group = 2000

16
templates/misc/configfiles/debian_lenny/libnss/etc_nss-mysql-root.conf Normal file
View File

@@ -0,0 +1,16 @@
conf.version = 2;
shadow.host = inet:<SQL_HOST>:3306;
shadow.database = <SQL_DB>;
shadow.db_user = <SQL_UNPRIVILEGED_USER>;
shadow.db_password = <SQL_UNPRIVILEGED_PASSWORD>;
shadow.table = ftp_users u;
shadow.where_clause = ;
shadow.userid_column = u.id;
shadow.user_column = u.username;
shadow.password_column = u.password;
shadow.lastchange_column = UNIX_TIMESTAMP()-10;
shadow.min_column = 1;
shadow.max_column = 2;
shadow.warn_column = 7;
shadow.inact_column = -1;
shadow.expire_column = -1;

24
templates/misc/configfiles/debian_lenny/libnss/etc_nss-mysql.conf Normal file
View File

@@ -0,0 +1,24 @@
conf.version = 2;
users.host = inet:<SQL_HOST>:3306;
users.database = <SQL_DB>;
users.db_user = <SQL_UNPRIVILEGED_USER>;
users.db_password = <SQL_UNPRIVILEGED_PASSWORD>;
users.table = ftp_users u;
users.where_clause =;
users.user_column = u.username;
users.password_column = u.password;
users.userid_column = u.id;
users.uid_column = u.uid;
users.gid_column = u.gid;
users.realname_column = u.username;
users.homedir_column = u.homedir;
users.shell_column = u.shell;
groups.group_info_table = ftp_groups g;
groups.where_clause = ;
groups.group_name_column = g.groupname;
groups.groupid_column = g.id;
groups.gid_column = g.gid;
groups.password_column = "x";
groups.members_table = ftp_groups ug;
groups.member_userid_column = ug.customerid;
groups.member_groupid_column = ug.id;

6
templates/misc/configfiles/debian_lenny/libnss/etc_nsswitch.conf Normal file
View File

@@ -0,0 +1,6 @@
# Make sure that `passwd`, `group` and `shadow` have mysql in their lines
# You should place mysql at the end, so that it is queried after the other mechanisams
#
passwd: compat mysql
group: compat mysql
shadow: compat mysql

60
templates/misc/configfiles/debian_lenny/lighttpd/etc_lighttpd.conf Normal file
View File

@@ -0,0 +1,60 @@
###############################################################################
# Default lighttpd.conf for SysCP.
###############################################################################
var.basedir = "/var/www"
var.logdir = "/var/log/lighttpd"
var.statedir = "/var/lib/lighttpd"
server.modules = (
"mod_rewrite",
"mod_redirect",
"mod_alias",
"mod_access",
"mod_auth",
"mod_fastcgi",
"mod_accesslog"
)
server.username = "www-data"
server.groupname = "www-data"
server.document-root = var.basedir
server.pid-file = "/var/run/lighttpd.pid"
accesslog.filename = var.logdir + "/access.log"
server.errorlog = var.logdir + "/error.log"
server.indexfiles = ("index.php", "index.html",
"index.htm", "default.htm")
server.name = "<SERVERNAME>"
server.port = 80
server.bind = "<SERVERIP>"
url.access-deny = ("~", ".inc")
fastcgi.server = (
".php" => (
"localhost" => (
"socket" => "/var/kunden/tmp/lighttpd-fcgi-sock-lighttpd",
"broken-scriptfilename" => "enable",
"bin-path" => "/usr/bin/php5-cgi",
"min-procs" => 1,
"max-procs" => 1,
"max-load-per-proc" => 4,
"idle-timeout" => 60,
"bin-environment" => (
"UID" => "www-data",
"GID" => "www-data",
"PHP_FCGI_CHILDREN" => "0",
"PHP_FCGI_MAX_REQUESTS" => "10000"
),
"bin-copy-environment" => ( "" )
)
)
)
#### external configuration files
## mimetype mapping
include_shell "/usr/share/lighttpd/create-mime.assign.pl"
## load enabled configuration files,
## read /etc/lighttpd/conf-available/README first
include_shell "/usr/share/lighttpd/include-conf-enabled.pl"

92
templates/misc/configfiles/debian_lenny/postfix/etc_postfix_main.cf Normal file
View File

@@ -0,0 +1,92 @@
# Postfix programs paths settings
command_directory = /usr/sbin
daemon_directory = /usr/lib/postfix
program_directory = /usr/lib/postfix
sendmail_path = /usr/sbin/sendmail
## General Postfix configuration
# should be the default domain from your provider eg. "server100.provider.tld"
mydomain = <SERVERNAME>
# should be different from $mydomain eg. "mail.$mydomain"
myhostname = <SERVERNAME>
mydestination = $myhostname,
$mydomain,
localhost.$myhostname,
localhost.$mydomain,
localhost
mynetworks = 127.0.0.0/8
inet_interfaces = all
append_dot_mydomain = no
biff = no
# Postfix performance settings
default_destination_concurrency_limit = 20
local_destination_concurrency_limit = 2
# SMTPD Settings
smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
smtpd_helo_required = yes
smtpd_recipient_restrictions = permit_mynetworks,
permit_sasl_authenticated,
reject_unauth_destination,
reject_unauth_pipelining,
reject_non_fqdn_recipient
smtpd_sender_restrictions = permit_mynetworks,
permit_sasl_authenticated,
reject_unknown_hostname,
reject_unknown_recipient_domain,
reject_unknown_sender_domain
smtpd_client_restrictions = permit_mynetworks,
permit_sasl_authenticated,
reject_unknown_client
# Maximum size of Message in bytes (50MB)
message_size_limit = 52428800
## SASL Auth Settings
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain = $myhostname
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
## Dovecot Settings for deliver, SASL Auth and virtual transport
## uncomment those line to use Dovecot
#mailbox_command = /usr/lib/dovecot/deliver
#virtual_transport = dovecot
#dovecot_destination_recipient_limit = 1
# Virtual delivery settings
virtual_mailbox_base = <VIRTUAL_MAILBOX_BASE>
virtual_mailbox_maps = mysql:/etc/postfix/mysql-virtual_mailbox_maps.cf
virtual_mailbox_domains = mysql:/etc/postfix/mysql-virtual_mailbox_domains.cf
virtual_alias_maps = mysql:/etc/postfix/mysql-virtual_alias_maps.cf
virtual_uid_maps = static:<VIRTUAL_UID_MAPS>
virtual_gid_maps = static:<VIRTUAL_GID_MAPS>
# Local delivery settings
local_transport = local
alias_database = hash:/etc/aliases
alias_maps = $alias_database
# Default Mailbox size, is set to 0 which means unlimited!
mailbox_size_limit = 0
### TLS settings
###
## TLS for outgoing mails from the server to another server
#smtp_use_tls = yes
#smtp_tls_note_starttls_offer = yes
## TLS for email client
#smtpd_tls_cert_file = /etc/ssl/server/<SERVERNAME>.pem
#smtpd_tls_key_file = /etc/ssl/server/<SERVERNAME>.pem
#smtpd_tls_CAfile = /etc/ssl/cacert.class3.crt # Just an example for CACert.org
#smtpd_tls_auth_only = no
#smtpd_tls_loglevel = 1
#smtpd_tls_received_header = yes
#smtpd_tls_session_cache_timeout = 3600s
#tls_random_source = dev:/dev/urandom
debugger_command =
PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
ddd $daemon_directory/$process_name $process_id & sleep 5

4
templates/misc/configfiles/debian_lenny/postfix/etc_postfix_master.cf Normal file
View File

@@ -0,0 +1,4 @@
# Add this lines to be able to use dovecot as delivery agent
# Dovecot LDA
dovecot unix - n n - - pipe
flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -d ${recipient}

8
templates/misc/configfiles/debian_lenny/postfix/etc_postfix_mysql-virtual_alias_maps.cf Normal file
View File

@@ -0,0 +1,8 @@
user = <SQL_UNPRIVILEGED_USER>
password = <SQL_UNPRIVILEGED_PASSWORD>
dbname = <SQL_DB>
table = mail_virtual
select_field = destination
where_field = email
additional_conditions = and destination <> '' and destination <> ' '
hosts = <SQL_HOST>

8
templates/misc/configfiles/debian_lenny/postfix/etc_postfix_mysql-virtual_mailbox_domains.cf Normal file
View File

@@ -0,0 +1,8 @@
user = <SQL_UNPRIVILEGED_USER>
password = <SQL_UNPRIVILEGED_PASSWORD>
dbname = <SQL_DB>
table = panel_domains
select_field = domain
where_field = domain
additional_conditions = and isemaildomain = '1'
hosts = <SQL_HOST>

7
templates/misc/configfiles/debian_lenny/postfix/etc_postfix_mysql-virtual_mailbox_maps.cf Normal file
View File

@@ -0,0 +1,7 @@
user = <SQL_UNPRIVILEGED_USER>
password = <SQL_UNPRIVILEGED_PASSWORD>
dbname = <SQL_DB>
table = mail_users
select_field = maildir
where_field = email
hosts = <SQL_HOST>

11
templates/misc/configfiles/debian_lenny/postfix/etc_postfix_sasl_smtpd.conf Normal file
View File

@@ -0,0 +1,11 @@
pwcheck_method: auxprop
auxprop_plugin: sql
allowanonymouslogin: no
allowplaintext: yes
mech_list: plain login cram-md5 digest-md5
sql_engine: mysql
sql_hostnames: <SQL_HOST>
sql_user: <SQL_UNPRIVILEGED_USER>
sql_passwd: <SQL_UNPRIVILEGED_PASSWORD>
sql_database: <SQL_DB>
sql_select: SELECT password FROM mail_users WHERE username='%u@%r' OR email='%u@%r'

7
templates/misc/configfiles/debian_lenny/powerdns/etc_powerdns_pdns-syscp.conf Normal file
View File

@@ -0,0 +1,7 @@
allow-axfr-ips=<NAMESERVERS>
#local-ipv6=YOUR_IPv6_(if_any)
bind-config=/etc/bind/named.conf
bind-check-interval=180
log-dns-details=yes
local-address=<SERVERIP>,127.0.0.1

17
templates/misc/configfiles/debian_lenny/powerdns/etc_powerdns_pdns.conf Normal file
View File

@@ -0,0 +1,17 @@
allow-recursion=127.0.0.1
config-dir=/etc/powerdns
daemon=yes
guardian=yes
launch=bind
lazy-recursion=yes
local-port=53
master=yes
module-dir=/usr/lib/powerdns
setgid=pdns
setuid=pdns
socket-dir=/var/run
version-string=powerdns
bind-config=/etc/bind/named.conf
bind-check-interval=300
include=/etc/powerdns/pdns_syscp.conf

58
templates/misc/configfiles/debian_lenny/proftpd/etc_proftpd_modules.conf Normal file
View File

@@ -0,0 +1,58 @@
#
# This file is used to manage DSO modules and features.
#
# This is the directory where DSO modules reside
ModulePath /usr/lib/proftpd
# Allow only user root to load and unload modules, but allow everyone
# to see which modules have been loaded
ModuleControlsACLs insmod,rmmod allow user root
ModuleControlsACLs lsmod allow user *
LoadModule mod_ctrls_admin.c
LoadModule mod_tls.c
# Install proftpd-mod-mysql or proftpd-mod-pgsql to use this
LoadModule mod_sql.c
# Install proftpd-mod-ldap to use this
#LoadModule mod_ldap.c
#
# 'SQLBackend mysql' or 'SQLBackend postgres' directives are required
# to have SQL authorization working. You can also comment out the
# unused module here, in alternative.
#
# Install proftpd-mod-mysql to use this
LoadModule mod_sql_mysql.c
# Install proftpd-mod-pgsql to use this
#LoadModule mod_sql_postgres.c
LoadModule mod_radius.c
LoadModule mod_quotatab.c
LoadModule mod_quotatab_file.c
# Install proftpd-mod-ldap to use this
#LoadModule mod_quotatab_ldap.c
# Install proftpd-mod-pgsql or proftpd-mod-mysql to use this
#LoadModule mod_quotatab_sql.c
LoadModule mod_quotatab_radius.c
LoadModule mod_wrap.c
LoadModule mod_rewrite.c
LoadModule mod_load.c
LoadModule mod_ban.c
LoadModule mod_wrap2.c
LoadModule mod_wrap2_file.c
# Install proftpd-mod-pgsql or proftpd-mod-mysql to use this
#LoadModule mod_wrap2_sql.c
LoadModule mod_dynmasq.c
# keep this module the last one
LoadModule mod_ifsession.c

129
templates/misc/configfiles/debian_lenny/proftpd/etc_proftpd_proftpd.conf Normal file
View File

@@ -0,0 +1,129 @@
#
# /etc/proftpd/proftpd.conf -- This is a basic ProFTPD configuration file.
# To really apply changes reload proftpd after modifications.
#
# Includes DSO modules
Include /etc/proftpd/modules.conf
# Set off to disable IPv6 support which is annoying on IPv4 only boxes.
UseIPv6 on
# If set on you can experience a longer connection delay in many cases.
IdentLookups off
ServerName "<SERVERNAME> FTP Server"
ServerType standalone
DeferWelcome off
MultilineRFC2228 on
DefaultServer on
ShowSymlinks on
TimeoutNoTransfer 600
TimeoutStalled 600
TimeoutIdle 1200
DisplayLogin welcome.msg
DisplayChdir .message true
ListOptions "-l"
DenyFilter \*.*/
# Use this to jail all users in their homes
# DefaultRoot ~
# Users require a valid shell listed in /etc/shells to login.
# Use this directive to release that constrain.
# RequireValidShell off
# Port 21 is the standard FTP port.
Port 21
# In some cases you have to specify passive ports range to by-pass
# firewall limitations. Ephemeral ports can be used for that, but
# feel free to use a more narrow range.
# PassivePorts 49152 65534
# If your host was NATted, this option is useful in order to
# allow passive tranfers to work. You have to use your public
# address and opening the passive ports used on your firewall as well.
# MasqueradeAddress 1.2.3.4
# This is useful for masquerading address with dynamic IPs:
# refresh any configured MasqueradeAddress directives every 8 hours
<IfModule mod_dynmasq.c>
# DynMasqRefresh 28800
</IfModule>
# To prevent DoS attacks, set the maximum number of child processes
# to 30. If you need to allow more than 30 concurrent connections
# at once, simply increase this value. Note that this ONLY works
# in standalone mode, in inetd mode you should use an inetd server
# that allows you to limit maximum number of processes per service
# (such as xinetd)
MaxInstances 30
# Set the user and group that the server normally runs at.
User proftpd
Group nogroup
# Umask 022 is a good standard umask to prevent new files and dirs
# (second parm) from being group and world writable.
Umask 022 022
# Normally, we want files to be overwriteable.
AllowOverwrite on
# Uncomment this if you are using NIS or LDAP via NSS to retrieve passwords:
# PersistentPasswd off
# This is required to use both PAM-based authentication and local passwords
# AuthOrder mod_auth_pam.c* mod_auth_unix.c
# Be warned: use of this directive impacts CPU average load!
# Uncomment this if you like to see progress and transfer rate with ftpwho
# in downloads. That is not needed for uploads rates.
#
# UseSendFile off
TransferLog /var/log/proftpd/xferlog
SystemLog /var/log/proftpd/proftpd.log
<IfModule mod_quotatab.c>
QuotaEngine off
</IfModule>
<IfModule mod_ratio.c>
Ratios off
</IfModule>
# Delay engine reduces impact of the so-called Timing Attack described in
# http://security.lss.hr/index.php?page=details&ID=LSS-2004-10-02
# It is on by default.
<IfModule mod_delay.c>
DelayEngine off
</IfModule>
<IfModule mod_ctrls.c>
ControlsEngine off
ControlsMaxClients 2
ControlsLog /var/log/proftpd/controls.log
ControlsInterval 5
ControlsSocket /var/run/proftpd/proftpd.sock
</IfModule>
<IfModule mod_ctrls_admin.c>
AdminControlsEngine off
</IfModule>
#
# Alternative authentication frameworks
#
#Include /etc/proftpd/ldap.conf
Include /etc/proftpd/sql.conf
#
# This is used for FTPS connections
#
#Include /etc/proftpd/tls.conf

25
templates/misc/configfiles/debian_lenny/proftpd/etc_proftpd_sql.conf Normal file
View File

@@ -0,0 +1,25 @@
<IfModule mod_sql.c>
DefaultRoot ~
RequireValidShell off
AuthOrder mod_sql.c
SQLBackend mysql
SQLEngine on
SQLAuthenticate on
SQLAuthTypes Crypt
SQLAuthenticate users* groups*
SQLConnectInfo <SQL_DB>@<SQL_HOST> <SQL_UNPRIVILEGED_USER> <SQL_UNPRIVILEGED_PASSWORD>
SQLUserInfo ftp_users username password uid gid homedir shell
SQLGroupInfo ftp_groups groupname gid members
SQLUserWhereClause "login_enabled = 'y'"
SQLLog PASS login
SQLNamedQuery login UPDATE "last_login=now(), login_count=login_count+1 WHERE username='%u'" ftp_users
SQLLog RETR download
SQLNamedQuery download UPDATE "down_count=down_count+1, down_bytes=down_bytes+%b WHERE username='%u'" ftp_users
SQLLog STOR upload
SQLNamedQuery upload UPDATE "up_count=up_count+1, up_bytes=up_bytes+%b WHERE username='%u'" ftp_users
</IfModule>

5
templates/misc/configfiles/debian_lenny/pure-ftpd/etc_default_pure-ftpd-common Normal file
View File

@@ -0,0 +1,5 @@
STANDALONE_OR_INETD=standalone
VIRTUALCHROOT=false
UPLOADSCRIPT=
UPLOADUID=
UPLOADGID=

1
templates/misc/configfiles/debian_lenny/pure-ftpd/etc_pure-ftpd_conf_Bind Normal file
View File

@@ -0,0 +1 @@
21

1
templates/misc/configfiles/debian_lenny/pure-ftpd/etc_pure-ftpd_conf_ChrootEveryone Normal file
View File

@@ -0,0 +1 @@
yes

1
templates/misc/configfiles/debian_lenny/pure-ftpd/etc_pure-ftpd_conf_CustomerProof Normal file
View File

@@ -0,0 +1 @@
1

1
templates/misc/configfiles/debian_lenny/pure-ftpd/etc_pure-ftpd_conf_MaxIdleTime Normal file
View File

@@ -0,0 +1 @@
15

1
templates/misc/configfiles/debian_lenny/pure-ftpd/etc_pure-ftpd_conf_MinUID Normal file
View File

@@ -0,0 +1 @@
1000

1
templates/misc/configfiles/debian_lenny/pure-ftpd/etc_pure-ftpd_conf_MySQLConfigFile Normal file
View File

@@ -0,0 +1 @@
/etc/pure-ftpd/db/mysql.conf

1
templates/misc/configfiles/debian_lenny/pure-ftpd/etc_pure-ftpd_conf_NoAnonymous Normal file
View File

@@ -0,0 +1 @@
yes

1
templates/misc/configfiles/debian_lenny/pure-ftpd/etc_pure-ftpd_conf_PAMAuthentication Normal file
View File

@@ -0,0 +1 @@
no

10
templates/misc/configfiles/debian_lenny/pure-ftpd/etc_pure-ftpd_db_mysql.conf Normal file
View File

@@ -0,0 +1,10 @@
MYSQLServer <SQL_HOST>
MYSQLUser <SQL_UNPRIVILEGED_USER>
MYSQLPassword <SQL_UNPRIVILEGED_PASSWORD>
MYSQLDatabase <SQL_DB>
MYSQLCrypt any
MYSQLGetPW SELECT password FROM ftp_users WHERE username="\L" AND login_enabled="y"
MYSQLGetUID SELECT uid FROM ftp_users WHERE username="\L" AND login_enabled="y"
MYSQLGetGID SELECT gid FROM ftp_users WHERE username="\L" AND login_enabled="y"
MYSQLGetDir SELECT homedir FROM ftp_users WHERE username="\L" AND login_enabled="y"

11
templates/misc/configfiles/debian_lenny/xinetd/etc_xinet.d_syscp Normal file
View File

@@ -0,0 +1,11 @@
service syscp
{
id = syscp
socket_type = dgram
protocol = tcp
wait = no
user = root
server = /usr/bin/php
server_args = -q /var/www/syscp/scripts/cron_tasks.php
only_from = 127.0.0.1
}

14
templates/misc/configfiles/gentoo/awstats/etc_apache_vhosts_05_awstats.conf Normal file
View File

@@ -0,0 +1,14 @@
ScriptAlias /awstats/ "/usr/lib/cgi-bin/"
ScriptAlias /awstats "/usr/lib/cgi-bin/awstats.pl"
ScriptAlias /awstats.pl "/usr/lib/cgi-bin/awstats.pl"
Alias /awstats-icon/ "/usr/share/awstats/icon/"
<Directory "/usr/lib/cgi-bin">
Options ExecCGI
AllowOverride None
<IfModule mod_access.c>
Order allow,deny
Allow from all
</IfModule>
</Directory>

9
templates/misc/configfiles/gentoo/awstats/etc_awstats_awstats.model.conf.syscp Normal file
View File

@@ -0,0 +1,9 @@
LogFile="{LOG_FILE}"
LogType=W
LogFormat = 1
LogSeparator=" "
SiteDomain="{SITE_DOMAIN}"
HostAliases="{HOST_ALIASES}"
# Include local configuration options identical for all virtual hosts
Include "/etc/awstats/awstats.conf.local"

9
templates/misc/configfiles/gentoo/awstats/etc_awstats_awstats.model_log_sql.conf.syscp Normal file
View File

@@ -0,0 +1,9 @@
LogFile="{LOG_FILE}"
LogType=W
LogFormat = "%host %virtualname %logname %time1 %methodurl %code %bytesd %refererquot %uaquot"
LogSeparator=" "
SiteDomain="{SITE_DOMAIN}"
HostAliases="{HOST_ALIASES}"
# Include local configuration options identical for all virtual hosts
Include "/etc/awstats/awstats.conf.local"

6
templates/misc/configfiles/gentoo/awstats/etc_cron.d_awstats Normal file
View File

@@ -0,0 +1,6 @@
#
# Set PATH, otherwise restart-scripts won't find start-stop-daemon
#
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
*/10 * * * * apache [ -x /usr/bin/awstats_updateall.pl ] && /usr/bin/awstats_updateall.pl now -awstatsprog=/usr/lib/cgi-bin/awstats.pl -configdir=/etc/awstats -excludeconf=awstats.model.conf.syscp,awstats.conf

6
templates/misc/configfiles/gentoo/awstats/etc_cron.d_awstats_log_sql Normal file
View File

@@ -0,0 +1,6 @@
#
# Set PATH, otherwise restart-scripts won't find start-stop-daemon
#
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
45 0 * * * apache [ -x /usr/bin/awstats_updateall.pl ] && /usr/bin/awstats_updateall.pl now -awstatsprog=/usr/lib/cgi-bin/awstats.pl -configdir=/etc/awstats -excludeconf=awstats.model.conf.syscp,awstats.conf

19
templates/misc/configfiles/gentoo/awstats/etc_lighttpd_syscp-awstats.conf Normal file
View File

@@ -0,0 +1,19 @@
#alias.url += (
# "/js/awstats_misc_tracker.js" => "/usr/share/awstats/wwwroot/js/awstats_misc_tracker.js"
#)
$HTTP["url"] =~ "^/awstats" {
alias.url += (
"/awstats/" => "<AWSTATS_PATH>",
"/awstats" => "<AWSTATS_PATH>awstats.pl",
"/awstats.pl" => "<AWSTATS_PATH>awstats.pl"
# "/awstatsicons/" => "/usr/share/awstats/wwwroot/icon/"
)
index-file.names = ( "awstatstotals.php" )
cgi.assign = (
".pl" => "/usr/bin/perl",
".cgi" => "/usr/bin/perl"
)
}

21
templates/misc/configfiles/gentoo/bind/etc_bind_default.zone Normal file
View File

@@ -0,0 +1,21 @@
$TTL 1W
@ IN SOA ns root (
2004060501 ; serial
8H ; refresh
2H ; retry
1W ; expiry
11h) ; minimum
IN NS ns
IN MX 10 mail
IN A <SERVERIP>
IN MX 10 mail
* IN A <SERVERIP>
IN MX 10 mail
ns IN A <SERVERIP>
mail IN A <SERVERIP>
IN MX 10 mail

376
templates/misc/configfiles/gentoo/courier/etc_courier-imap_imapd Normal file
View File

@@ -0,0 +1,376 @@
##VERSION: $Id: imapd.dist.in,v 1.32 2004/11/25 04:57:04 mrsam Exp $
#
# imapd created from imapd.dist by sysconftool
#
# Do not alter lines that begin with ##, they are used when upgrading
# this configuration.
#
# Copyright 1998 - 2004 Double Precision, Inc. See COPYING for
# distribution information.
#
# This configuration file sets various options for the Courier-IMAP server
# when used with the couriertcpd server.
# A lot of the stuff here is documented in the manual page for couriertcpd.
#
# NOTE - do not use \ to split long variable contents on multiple lines.
# This will break the default imapd.rc script, which parses this file.
#
##NAME: ADDRESS:0
#
# Address to listen on, can be set to a single IP address.
#
# ADDRESS=127.0.0.1
ADDRESS=0
##NAME: PORT:1
#
# Port numbers that connections are accepted on. The default is 143,
# the standard IMAP port.
#
# Multiple port numbers can be separated by commas. When multiple port
# numbers are used it is possible to select a specific IP address for a
# given port as "ip.port". For example, "127.0.0.1.900,192.68.0.1.900"
# accepts connections on port 900 on IP addresses 127.0.0.1 and 192.68.0.1
# The previous ADDRESS setting is a default for ports that do not have
# a specified IP address.
PORT=143
##NAME: AUTHSERVICE:0
#
# It's possible to authenticate using a different 'service' parameter
# depending on the connection's port. This only works with authentication
# modules that use the 'service' parameter, such as PAM. Example:
#
# AUTHSERVICE143=imap
# AUTHSERVICE993=imaps
##NAME: MAXDAEMONS:0
#
# Maximum number of IMAP servers started
#
MAXDAEMONS=50
##NAME: MAXPERIP:0
#
# Maximum number of connections to accept from the same IP address
MAXPERIP=10
##NAME: PIDFILE:0
#
# File where couriertcpd will save its process ID
#
PIDFILE=/var/run/imapd.pid
##NAME: TCPDOPTS:0
#
# Miscellaneous couriertcpd options that shouldn't be changed.
#
TCPDOPTS="-nodnslookup -noidentlookup"
##NAME: IMAP_CAPABILITY:1
#
# IMAP_CAPABILITY specifies what most of the response should be to the
# CAPABILITY command.
#
# If you have properly configured Courier to use CRAM-MD5 or CRAM-SHA1
# authentication (see INSTALL), set IMAP_CAPABILITY as follows:
#
# IMAP_CAPABILITY="IMAP4rev1 UIDPLUS CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT QUOTA AUTH=CRAM-MD5 AUTH=CRAM-SHA1 IDLE"
#
IMAP_CAPABILITY="IMAP4rev1 UIDPLUS CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT QUOTA IDLE"
##NAME: KEYWORDS_CAPABILITY:0
#
# IMAP_KEYWORDS=1 enables custom IMAP keywords. Set this option to 0 to
# disable custom keywords.
IMAP_KEYWORDS=1
##NAME: SMAP1_CAPABILITY:0
#
# EXPERIMENTAL
#
# To enable the experimental "Simple Mail Access Protocol" extensions,
# uncomment the following setting.
#
# SMAP_CAPABILITY=SMAP1
##NAME: IMAP_CAPABILITY_ORIG:1
#
# For use by webadmin
IMAP_CAPABILITY_ORIG="IMAP4rev1 UIDPLUS CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT QUOTA AUTH=CRAM-MD5 AUTH=CRAM-SHA1 IDLE"
##NAME: IMAP_PROXY:0
#
# Enable proxying. See README.proxy
IMAP_PROXY=0
##NAME: IMAP_PROXY_FOREIGN:0
#
# Proxying to non-Courier servers. Re-sends the CAPABILITY command after
# logging in to the remote server. May not work with all IMAP clients.
IMAP_PROXY_FOREIGN=0
##NAME: IMAP_IDLE_TIMEOUT:0
#
# This setting controls how often
# the server polls for changes to the folder, in IDLE mode (in seconds).
IMAP_IDLE_TIMEOUT=60
##NAME: IMAP_CAPABILITY_TLS:0
#
# The following setting will advertise SASL PLAIN authentication after
# STARTTLS is established. If you want to allow SASL PLAIN authentication
# with or without TLS then just comment this out, and add AUTH=PLAIN to
# IMAP_CAPABILITY
IMAP_CAPABILITY_TLS="$IMAP_CAPABILITY AUTH=PLAIN"
##NAME: IMAP_TLS_ORIG:0
#
# For use by webadmin
IMAP_CAPABILITY_TLS_ORIG="$IMAP_CAPABILITY_ORIG AUTH=PLAIN"
##NAME: IMAP_DISABLETHREADSORT:0
#
# Set IMAP_DISABLETHREADSORT to disable the THREAD and SORT commands -
# server side sorting and threading.
#
# Those capabilities will still be advertised, but the server will reject
# them. Set this option if you want to disable all the extra load from
# server-side threading and sorting. Not advertising those capabilities
# will simply result in the clients reading the entire folder, and sorting
# it on the client side. That will still put some load on the server.
# advertising these capabilities, but rejecting the commands, will stop this
# silliness.
#
IMAP_DISABLETHREADSORT=0
##NAME: IMAP_CHECK_ALL_FOLDERS:0
#
# Set IMAP_CHECK_ALL_FOLDERS to 1 if you want the server to check for new
# mail in every folder. Not all IMAP clients use the IMAP's new mail
# indicator, but some do. Normally new mail is checked only in INBOX,
# because it is a comparatively time consuming operation, and it would be
# a complete waste of time unless mail filters are used to deliver
# mail directly to folders.
#
# When IMAP clients are used which support new mail indication, and when
# mail filters are used to sort incoming mail into folders, setting
# IMAP_CHECK_ALL_FOLDERS to 1 will allow IMAP clients to announce new
# mail in folders. Note that this will result in slightly more load on the
# server.
#
IMAP_CHECK_ALL_FOLDERS=0
##NAME: IMAP_OBSOLETE_CLIENT:0
#
# Set IMAP_OBSOLETE_CLIENT if your IMAP client expects \\NoInferiors to mean
# what \\HasNoChildren really means.
IMAP_OBSOLETE_CLIENT=0
##NAME: IMAP_UMASK:0
#
# IMAP_UMASK sets the umask of the server process. The value of IMAP_UMASK is
# simply passed to the "umask" command. The default value is 022.
#
# This feature is mostly useful for shared folders, where the file permissions
# of the messages may be important.
IMAP_UMASK=027
##NAME: IMAP_ULIMITD:0
#
# IMAP_ULIMITD sets the maximum size of the data segment of the server
# process. The value of IMAP_ULIMITD is simply passed to the "ulimit -d"
# command (or ulimit -v). The argument to ulimi sets the upper limit on the
# size of the data segment of the server process, in kilobytes. The default
# value of 65536 sets a very generous limit of 64 megabytes, which should
# be more than plenty for anyone.
#
# This feature is used as an additional safety check that should stop
# any potential denial-of-service attacks that exploit any kind of
# a memory leak to exhaust all the available memory on the server.
# It is theoretically possible that obscenely huge folders will also
# result in the server running out of memory when doing server-side
# sorting (by my calculations you have to have at least 100,000 messages
# in a single folder, for that to happen).
IMAP_ULIMITD=65536
##NAME: IMAP_USELOCKS:0
#
# Setting IMAP_USELOCKS to 1 will use dot-locking to support concurrent
# multiple access to the same folder. This incurs slight additional
# overhead. Concurrent multiple access will still work without this setting,
# however occasionally a minor race condition may result in an IMAP client
# downloading the same message twice, or a keyword update will fail.
#
# IMAP_USELOCKS=1 is strongly recommended when shared folders are used.
IMAP_USELOCKS=1
##NAME: IMAP_SHAREDINDEXFILE:0
#
# The index of all accessible folders. Do not change this setting unless
# you know what you're doing. See README.sharedfolders for additional
# information.
IMAP_SHAREDINDEXFILE=/etc/courier-imap/shared/index
##NAME: IMAP_ENHANCEDIDLE:0
#
# If Courier was compiled with the File Alteration Monitor, setting
# IMAP_ENHANCEDIDLE to 1 enables enhanced IDLE mode, where multiple
# clients may open the same folder concurrently, and receive updates to
# folder contents in realtime. See the imapd(8) man page for additional
# information.
#
# IMPORTANT: IMAP_USELOCKS *MUST* also be set to 1, and IDLE must be included
# in the IMAP_CAPABILITY list.
#
IMAP_ENHANCEDIDLE=0
##NAME: IMAP_TRASHFOLDERNAME:0
#
# The name of the magic trash Folder. For MSOE compatibility,
# you can set IMAP_TRASHFOLDERNAME="Deleted Items".
#
# IMPORTANT: If you change this, you must also change IMAP_EMPTYTRASH
IMAP_TRASHFOLDERNAME=Trash
##NAME: IMAP_EMPTYTRASH:0
#
# The following setting is optional, and causes messages from the given
# folder to be automatically deleted after the given number of days.
# IMAP_EMPTYTRASH is a comma-separated list of folder:days. The default
# setting, below, purges 7 day old messages from the Trash folder.
# Another useful setting would be:
#
# IMAP_EMPTYTRASH=Trash:7,Sent:30
#
# This would also delete messages from the Sent folder (presumably copies
# of sent mail) after 30 days. This is a global setting that is applied to
# every mail account, and is probably useful in a controlled, corporate
# environment.
#
# Important: the purging is controlled by CTIME, not MTIME (the file time
# as shown by ls). It is perfectly ordinary to see stuff in Trash that's
# a year old. That's the file modification time, MTIME, that's displayed.
# This is generally when the message was originally delivered to this
# mailbox. Purging is controlled by a different timestamp, CTIME, which is
# changed when the file is moved to the Trash folder (and at other times too).
#
# You might want to disable this setting in certain situations - it results
# in a stat() of every file in each folder, at login and logout.
#
IMAP_EMPTYTRASH=Trash:7
##NAME: IMAP_MOVE_EXPUNGE_TO_TRASH:0
#
# Set IMAP_MOVE_EXPUNGE_TO_TRASH to move expunged messages to Trash. This
# effectively allows an undo of message deletion by fishing the deleted
# mail from trash. Trash can be manually expunged as usually, and mail
# will get automatically expunged from Trash according to IMAP_EMPTYTRASH.
#
# NOTE: shared folders are still expunged as usual. Shared folders are
# not affected.
#
IMAP_MOVE_EXPUNGE_TO_TRASH=0
##NAME: OUTBOX:0
#
# The next set of options deal with the "Outbox" enhancement.
# Uncomment the following setting to create a special folder, named
# INBOX.Outbox
#
# OUTBOX=.Outbox
##NAME: SENDMAIL:0
#
# If OUTBOX is defined, mail can be sent via the IMAP connection by copying
# a message to the INBOX.Outbox folder. For all practical matters,
# INBOX.Outbox looks and behaves just like any other IMAP folder. If this
# folder doesn't exist it must be created by the IMAP mail client, just
# like any other IMAP folder. The kicker: any message copied or moved to
# this folder is will be E-mailed by the Courier-IMAP server, by running
# the SENDMAIL program. Therefore, messages copied or moved to this
# folder must be well-formed RFC-2822 messages, with the recipient list
# specified in the To:, Cc:, and Bcc: headers. Courier-IMAP relies on
# SENDMAIL to read the recipient list from these headers (and delete the Bcc:
# header) by running the command "$SENDMAIL -oi -t -f $SENDER", with the
# message piped on standard input. $SENDER will be the return address
# of the message, which is set by the authentication module.
#
# DO NOT MODIFY SENDMAIL, below, unless you know what you're doing.
#
SENDMAIL=/usr/sbin/sendmail
##NAME: HEADERFROM:0
#
# For administrative and oversight purposes, the return address, $SENDER
# will also be saved in the X-IMAP-Sender mail header. This header gets
# added to the sent E-mail (but it doesn't get saved in the copy of the
# message that's saved in the folder)
#
# WARNING - By enabling OUTBOX above, *every* IMAP mail client will receive
# the magic OUTBOX treatment. Therefore advance LARTing is in order for
# _all_ of your lusers, until every one of them is aware of this. Otherwise if
# OUTBOX is left at its default setting - a folder name that might be used
# accidentally - some people may be in for a rude surprise. You can redefine
# the name of the magic folder by changing OUTBOX, above. You should do that
# and pick a less-obvious name. Perhaps brand it with your organizational
# name ( OUTBOX=.WidgetsAndSonsOutbox )
HEADERFROM=X-IMAP-Sender
##NAME: IMAPDSTART:0
#
# IMAPDSTART is not used directly. Rather, this is a convenient flag to
# be read by your system startup script in /etc/rc.d, like this:
#
# . /etc/courier-imap/imapd
#
# case x$IMAPDSTART in
# x[yY]*)
# /usr/lib/courier-imap/imapd.rc start
# ;;
# esac
#
# The default setting is going to be NO, so you'll have to manually flip
# it to yes.
IMAPDSTART=YES
##NAME: MAILDIRPATH:0
#
# MAILDIRPATH - directory name of the maildir directory.
#
MAILDIRPATH=Maildir
#Hardwire a value for ${MAILDIR}
MAILDIR=.maildir
MAILDIRPATH=.maildir
#Put any program for ${PRERUN} here
PRERUN=

199
templates/misc/configfiles/gentoo/courier/etc_courier-imap_imapd-ssl Normal file
View File

@@ -0,0 +1,199 @@
##VERSION: $Id: imapd-ssl.dist.in,v 1.11 2004/10/21 00:45:35 mrsam Exp $
#
# imapd-ssl created from imapd-ssl.dist by sysconftool
#
# Do not alter lines that begin with ##, they are used when upgrading
# this configuration.
#
# Copyright 2000 - 2004 Double Precision, Inc. See COPYING for
# distribution information.
#
# This configuration file sets various options for the Courier-IMAP server
# when used to handle SSL IMAP connections.
#
# SSL and non-SSL connections are handled by a dedicated instance of the
# couriertcpd daemon. If you are accepting both SSL and non-SSL IMAP
# connections, you will start two instances of couriertcpd, one on the
# IMAP port 143, and another one on the IMAP-SSL port 993.
#
# Download OpenSSL from http://www.openssl.org/
#
##NAME: SSLPORT:1
#
# Options in the imapd-ssl configuration file AUGMENT the options in the
# imapd configuration file. First the imapd configuration file is read,
# then the imapd-ssl configuration file, so we do not have to redefine
# anything.
#
# However, some things do have to be redefined. The port number is
# specified by SSLPORT, instead of PORT. The default port is port 993.
#
# Multiple port numbers can be separated by commas. When multiple port
# numbers are used it is possibly to select a specific IP address for a
# given port as "ip.port". For example, "127.0.0.1.900,192.68.0.1.900"
# accepts connections on port 900 on IP addresses 127.0.0.1 and 192.68.0.1
# The SSLADDRESS setting is a default for ports that do not have
# a specified IP address.
SSLPORT=993
##NAME: SSLADDRESS:0
#
# Address to listen on, can be set to a single IP address.
#
# SSLADDRESS=127.0.0.1
SSLADDRESS=0
##NAME: SSLPIDFILE:0
#
# That's the SSL IMAP port we'll listen on.
# Feel free to redefine MAXDAEMONS, TCPDOPTS, and MAXPERIP.
SSLPIDFILE=/var/run/imapd-ssl.pid
##NAME: IMAPDSSLSTART:0
#
# Different pid files, so that both instances of couriertcpd can coexist
# happily.
#
# You can also redefine IMAP_CAPABILITY, although I can't
# think of why you'd want to do that.
#
#
# Ok, the following settings are new to imapd-ssl:
#
# Whether or not to start IMAP over SSL on simap port:
IMAPDSSLSTART=YES
##NAME: IMAPDSTARTTLS:0
#
# Whether or not to implement IMAP STARTTLS extension instead:
IMAPDSTARTTLS=YES
##NAME: IMAP_TLS_REQUIRED:1
#
# Set IMAP_TLS_REQUIRED to 1 if you REQUIRE STARTTLS for everyone.
# (this option advertises the LOGINDISABLED IMAP capability, until STARTTLS
# is issued).
IMAP_TLS_REQUIRED=0
#########################################################################
#
# The following variables configure IMAP over SSL. If OpenSSL is available
# during configuration, the couriertls helper gets compiled, and upon
# installation a dummy TLS_CERTFILE gets generated. courieresmtpd will
# automatically advertise the ESMTP STARTTLS extension if both TLS_CERTFILE
# and COURIERTLS exist.
#
# WARNING: Peer certificate verification has NOT yet been tested. Proceed
# at your own risk. Only the basic SSL/TLS functionality is known to be
# working. Keep this in mind as you play with the following variables.
#
##NAME: COURIERTLS:0
#
COURIERTLS=/usr/sbin/couriertls
##NAME: TLS_PROTOCOL:0
#
# TLS_PROTOCOL sets the protocol version. The possible versions are:
#
# SSL2 - SSLv2
# SSL3 - SSLv3
# TLS1 - TLS1
TLS_PROTOCOL=SSL3
##NAME: TLS_STARTTLS_PROTOCOL:0
#
# TLS_STARTTLS_PROTOCOL is used instead of TLS_PROTOCOL for the IMAP STARTTLS
# extension, as opposed to IMAP over SSL on port 993.
#
TLS_STARTTLS_PROTOCOL=TLS1
##NAME: TLS_CIPHER_LIST:0
#
# TLS_CIPHER_LIST optionally sets the list of ciphers to be used by the
# OpenSSL library. In most situations you can leave TLS_CIPHER_LIST
# undefined
#
# TLS_CIPHER_LIST="ALL:!ADH:RC4+RSA:+SSLv2:@STRENGTH"
##NAME: TLS_TIMEOUT:0
# TLS_TIMEOUT is currently not implemented, and reserved for future use.
# This is supposed to be an inactivity timeout, but its not yet implemented.
#
##NAME: TLS_DHCERTFILE:0
#
# TLS_DHCERTFILE - PEM file that stores our Diffie-Hellman cipher pair.
# When OpenSSL is compiled to use Diffie-Hellman ciphers instead of RSA
# you must generate a DH pair that will be used. In most situations the
# DH pair is to be treated as confidential, and the file specified by
# TLS_DHCERTFILE must not be world-readable.
#
# TLS_DHCERTFILE=
##NAME: TLS_CERTFILE:0
#
# TLS_CERTFILE - certificate to use. TLS_CERTFILE is required for SSL/TLS
# servers, and is optional for SSL/TLS clients. TLS_CERTFILE is usually
# treated as confidential, and must not be world-readable.
#
TLS_CERTFILE=/etc/ssl/server/<SERVERNAME>.pem
##NAME: TLS_TRUSTCERTS:0
#
# TLS_TRUSTCERTS=pathname - load trusted certificates from pathname.
# pathname can be a file or a directory. If a file, the file should
# contain a list of trusted certificates, in PEM format. If a
# directory, the directory should contain the trusted certificates,
# in PEM format, one per file and hashed using OpenSSL's c_rehash
# script. TLS_TRUSTCERTS is used by SSL/TLS clients (by specifying
# the -domain option) and by SSL/TLS servers (TLS_VERIFYPEER is set
# to PEER or REQUIREPEER).
#
#
# TLS_TRUSTCERTS=
##NAME: TLS_VERIFYPEER:0
#
# TLS_VERIFYPEER - how to verify client certificates. The possible values of
# this setting are:
#
# NONE - do not verify anything
#
# PEER - verify the client certificate, if one's presented
#
# REQUIREPEER - require a client certificate, fail if one's not presented
#
#
TLS_VERIFYPEER=NONE
##NAME: TLS_CACHE:0
#
# A TLS/SSL session cache may slightly improve response for IMAP clients
# that open multiple SSL sessions to the server. TLS_CACHEFILE will be
# automatically created, TLS_CACHESIZE bytes long, and used as a cache
# buffer.
#
# This is an experimental feature and should be disabled if it causes
# problems with SSL clients. Disable SSL caching by commenting out the
# following settings:
TLS_CACHEFILE=/var/lib/courier-imap/couriersslcache
TLS_CACHESIZE=524288
##NAME: MAILDIRPATH:0
#
# MAILDIRPATH - directory name of the maildir directory.
#
MAILDIRPATH=Maildir
#Hardwire a value for ${MAILDIR}
MAILDIRPATH=.maildir

127
templates/misc/configfiles/gentoo/courier/etc_courier-imap_pop3d Normal file
View File

@@ -0,0 +1,127 @@
##VERSION: $Id: pop3d.dist.in,v 1.11 2004/10/30 15:39:38 mrsam Exp $
#
# pop3d created from pop3d.dist by sysconftool
#
# Do not alter lines that begin with ##, they are used when upgrading
# this configuration.
#
# Copyright 1998 - 2004 Double Precision, Inc. See COPYING for
# distribution information.
#
# Courier POP3 daemon configuration
#
##NAME: PIDFILE:0
#
PIDFILE=/var/run/pop3d.pid
##NAME: MAXDAEMONS:0
#
# Maximum number of POP3 servers started
#
MAXDAEMONS=50
##NAME: MAXPERIP:4
#
# Maximum number of connections to accept from the same IP address
MAXPERIP=5
##NAME: POP3AUTH:1
#
# To advertise the SASL capability, per RFC 2449, uncomment the POP3AUTH
# variable:
#
# POP3AUTH="LOGIN"
#
# If you have configured the CRAM-MD5 or CRAM-SHA1, set POP3AUTH to something
# like this:
#
# POP3AUTH="LOGIN CRAM-MD5 CRAM-SHA1"
POP3AUTH=""
##NAME: POP3AUTH_ORIG:0
#
# For use by webadmin
POP3AUTH_ORIG="LOGIN CRAM-MD5 CRAM-SHA1"
##NAME: POP3AUTH_TLS:1
#
# To also advertise SASL PLAIN if SSL is enabled, uncomment the
# POP3AUTH_TLS environment variable:
#
# POP3AUTH_TLS="LOGIN PLAIN"
POP3AUTH_TLS=""
##NAME: POP3AUTH_TLS_ORIG:0
#
# For use by webadmin
POP3AUTH_TLS_ORIG="LOGIN PLAIN"
##NAME: POP3_PROXY:0
#
# Enable proxying. See README.proxy
POP3_PROXY=0
##NAME: PORT:1
#
# Port to listen on for connections. The default is port 110.
#
# Multiple port numbers can be separated by commas. When multiple port
# numbers are used it is possibly to select a specific IP address for a
# given port as "ip.port". For example, "127.0.0.1.900,192.68.0.1.900"
# accepts connections on port 900 on IP addresses 127.0.0.1 and 192.68.0.1
# The ADDRESS setting is a default for ports that do not have a specified
# IP address.
PORT=110
##NAME: ADDRESS:0
#
# IP address to listen on. 0 means all IP addresses.
ADDRESS=0
##NAME: TCPDOPTS:0
#
# Other couriertcpd(1) options. The following defaults should be fine.
#
TCPDOPTS="-nodnslookup -noidentlookup"
##NAME: POP3DSTART:0
#
# POP3DSTART is not referenced anywhere in the standard Courier programs
# or scripts. Rather, this is a convenient flag to be read by your system
# startup script in /etc/rc.d, like this:
#
# . /etc/courier-imap/pop3d
# case x$POP3DSTART in
# x[yY]*)
# /usr/lib/courier-imap/pop3d.rc start
# ;;
# esac
#
# The default setting is going to be NO, until Courier is shipped by default
# with enough platforms so that people get annoyed with having to flip it to
# YES every time.
POP3DSTART=YES
##NAME: MAILDIRPATH:0
#
# MAILDIRPATH - directory name of the maildir directory.
#
MAILDIRPATH=Maildir
#Hardwire a value for ${MAILDIR}
MAILDIR=.maildir
MAILDIRPATH=.maildir
#Put any program for ${PRERUN} here
PRERUN=

186
templates/misc/configfiles/gentoo/courier/etc_courier-imap_pop3d-ssl Normal file
View File

@@ -0,0 +1,186 @@
##VERSION: $Id: pop3d-ssl.dist.in,v 1.12 2004/10/21 00:45:35 mrsam Exp $
#
# pop3d-ssl created from pop3d-ssl.dist by sysconftool
#
# Do not alter lines that begin with ##, they are used when upgrading
# this configuration.
#
# Copyright 2000-2004 Double Precision, Inc. See COPYING for
# distribution information.
#
# This configuration file sets various options for the Courier-IMAP server
# when used to handle SSL POP3 connections.
#
# SSL and non-SSL connections are handled by a dedicated instance of the
# couriertcpd daemon. If you are accepting both SSL and non-SSL POP3
# connections, you will start two instances of couriertcpd, one on the
# POP3 port 110, and another one on the POP3-SSL port 995.
#
# Download OpenSSL from http://www.openssl.org/
#
##NAME: SSLPORT:0
#
# Options in the pop3d-ssl configuration file AUGMENT the options in the
# pop3d configuration file. First the pop3d configuration file is read,
# then the pop3d-ssl configuration file, so we do not have to redefine
# anything.
#
# However, some things do have to be redefined. The port number is
# specified by SSLPORT, instead of PORT. The default port is port 995.
#
# Multiple port numbers can be separated by commas. When multiple port
# numbers are used it is possibly to select a specific IP address for a
# given port as "ip.port". For example, "127.0.0.1.900,192.68.0.1.900"
# accepts connections on port 900 on IP addresses 127.0.0.1 and 192.68.0.1
# The SSLADDRESS setting is a default for ports that do not have
# a specified IP address.
SSLPORT=995
##NAME: SSLADDRESS:0
#
# Address to listen on, can be set to a single IP address.
#
# SSLADDRESS=127.0.0.1
SSLADDRESS=0
##NAME: SSLPIDFILE:0
#
#
#
SSLPIDFILE=/var/run/pop3d-ssl.pid
##NAME: POP3DSSLSTART:0
#
# Whether or not to start POP3 over SSL on spop3 port:
POP3DSSLSTART=YES
##NAME: POP3_STARTTLS:0
#
# Whether or not to implement the POP3 STLS extension:
POP3_STARTTLS=YES
##NAME: POP3_TLS_REQUIRED:1
#
# Set POP3_TLS_REQUIRED to 1 if you REQUIRE STARTTLS for everyone.
# (this option advertises the LOGINDISABLED POP3 capability, until STARTTLS
# is issued).
POP3_TLS_REQUIRED=0
##NAME: COURIERTLS:0
#
# The following variables configure POP3 over SSL. If OpenSSL is available
# during configuration, the couriertls helper gets compiled, and upon
# installation a dummy TLS_CERTFILE gets generated. courieresmtpd will
# automatically advertise the ESMTP STARTTLS extension if both TLS_CERTFILE
# and COURIERTLS exist.
#
# WARNING: Peer certificate verification has NOT yet been tested. Proceed
# at your own risk. Only the basic SSL/TLS functionality is known to be
# working. Keep this in mind as you play with the following variables.
COURIERTLS=/usr/sbin/couriertls
##NAME: TLS_PROTOCOL:0
#
# TLS_PROTOCOL sets the protocol version. The possible versions are:
#
# SSL2 - SSLv2
# SSL3 - SSLv3
# TLS1 - TLS1
TLS_PROTOCOL=SSL3
##NAME: TLS_STARTTLS_PROTOCOL:0
#
# TLS_STARTTLS_PROTOCOL is used instead of TLS_PROTOCOL for the POP3 STARTTLS
# extension, as opposed to POP3 over SSL on port 995.
#
TLS_STARTTLS_PROTOCOL=TLS1
##NAME: TLS_CIPHER_LIST:0
#
# TLS_CIPHER_LIST optionally sets the list of ciphers to be used by the
# OpenSSL library. In most situations you can leave TLS_CIPHER_LIST
# undefined
#
# TLS_CIPHER_LIST="ALL:!ADH:RC4+RSA:+SSLv2:@STRENGTH"
##NAME: TLS_TIMEOUT:0
# TLS_TIMEOUT is currently not implemented, and reserved for future use.
# This is supposed to be an inactivity timeout, but its not yet implemented.
#
##NAME: TLS_DHCERTFILE:0
#
# TLS_DHCERTFILE - PEM file that stores our Diffie-Hellman cipher pair.
# When OpenSSL is compiled to use Diffie-Hellman ciphers instead of RSA
# you must generate a DH pair that will be used. In most situations the
# DH pair is to be treated as confidential, and the file specified by
# TLS_DHCERTFILE must not be world-readable.
#
# TLS_DHCERTFILE=
##NAME: TLS_CERTFILE:0
#
# TLS_CERTFILE - certificate to use. TLS_CERTFILE is required for SSL/TLS
# servers, and is optional for SSL/TLS clients. TLS_CERTFILE is usually
# treated as confidential, and must not be world-readable.
#
TLS_CERTFILE=/etc/ssl/server/<SERVERNAME>.pem
##NAME: TLS_TRUSTCERTS:0
#
# TLS_TRUSTCERTS=pathname - load trusted certificates from pathname.
# pathname can be a file or a directory. If a file, the file should
# contain a list of trusted certificates, in PEM format. If a
# directory, the directory should contain the trusted certificates,
# in PEM format, one per file and hashed using OpenSSL's c_rehash
# script. TLS_TRUSTCERTS is used by SSL/TLS clients (by specifying
# the -domain option) and by SSL/TLS servers (TLS_VERIFYPEER is set
# to PEER or REQUIREPEER).
#
#
# TLS_TRUSTCERTS=
##NAME: TLS_VERIFYPEER:0
#
# TLS_VERIFYPEER - how to verify client certificates. The possible values of
# this setting are:
#
# NONE - do not verify anything
#
# PEER - verify the client certificate, if one's presented
#
# REQUIREPEER - require a client certificate, fail if one's not presented
#
#
TLS_VERIFYPEER=NONE
##NAME: TLS_CACHE:0
#
# A TLS/SSL session cache may slightly improve response for long-running
# POP3 clients. TLS_CACHEFILE will be automatically created, TLS_CACHESIZE
# bytes long, and used as a cache buffer.
#
# This is an experimental feature and should be disabled if it causes
# problems with SSL clients. Disable SSL caching by commenting out the
# following settings:
TLS_CACHEFILE=/var/lib/courier-imap/couriersslcache
TLS_CACHESIZE=524288
##NAME: MAILDIRPATH:0
#
# MAILDIRPATH - directory name of the maildir directory.
#
MAILDIRPATH=Maildir
#Hardwire a value for ${MAILDIR}
MAILDIRPATH=.maildir

93
templates/misc/configfiles/gentoo/courier/etc_courier_authlib_authdaemonrc Normal file
View File

@@ -0,0 +1,93 @@
##VERSION: $Id: authdaemonrc.in,v 1.12 2005/07/05 12:25:08 mrsam Exp $
#
# Copyright 2000-2005 Double Precision, Inc. See COPYING for
# distribution information.
#
# authdaemonrc created from authdaemonrc.dist by sysconftool
#
# Do not alter lines that begin with ##, they are used when upgrading
# this configuration.
#
# This file configures authdaemond, the resident authentication daemon.
#
# Comments in this file are ignored. Although this file is intended to
# be sourced as a shell script, authdaemond parses it manually, so
# the acceptable syntax is a bit limited. Multiline variable contents,
# with the \ continuation character, are not allowed. Everything must
# fit on one line. Do not use any additional whitespace for indentation,
# or anything else.
##NAME: authmodulelist:2
#
# The authentication modules that are linked into authdaemond. The
# default list is installed. You may selectively disable modules simply
# by removing them from the following list. The available modules you
# can use are: authuserdb authpam authshadow authmysql authcustom authpipe
authmodulelist="authmysql"
##NAME: authmodulelistorig:3
#
# This setting is used by Courier's webadmin module, and should be left
# alone
authmodulelistorig="authuserdb authpam authshadow authmysql authcustom authpipe"
##NAME: daemons:0
#
# The number of daemon processes that are started. authdaemon is typically
# installed where authentication modules are relatively expensive: such
# as authldap, or authmysql, so it's better to have a number of them running.
# PLEASE NOTE: Some platforms may experience a problem if there's more than
# one daemon. Specifically, SystemV derived platforms that use TLI with
# socket emulation. I'm suspicious of TLI's ability to handle multiple
# processes accepting connections on the same filesystem domain socket.
#
# You may need to increase daemons if as your system load increases. Symptoms
# include sporadic authentication failures. If you start getting
# authentication failures, increase daemons. However, the default of 5
# SHOULD be sufficient. Bumping up daemon count is only a short-term
# solution. The permanent solution is to add more resources: RAM, faster
# disks, faster CPUs...
daemons=5
##NAME: authdaemonvar:2
#
# authdaemonvar is here, but is not used directly by authdaemond. It's
# used by various configuration and build scripts, so don't touch it!
authdaemonvar=/var/lib/courier/authdaemon
##NAME: DEBUG_LOGIN:0
#
# Dump additional diagnostics to syslog
#
# DEBUG_LOGIN=0 - turn off debugging
# DEBUG_LOGIN=1 - turn on debugging
# DEBUG_LOGIN=2 - turn on debugging + log passwords too
#
# ** YES ** - DEBUG_LOGIN=2 places passwords into syslog.
#
# Note that most information is sent to syslog at level 'debug', so
# you may need to modify your /etc/syslog.conf to be able to see it.
DEBUG_LOGIN=0
##NAME: DEFAULTOPTIONS:0
#
# A comma-separated list of option=value pairs. Each option is applied
# to an account if the account does not have its own specific value for
# that option. So for example, you can set
# DEFAULTOPTIONS="disablewebmail=1,disableimap=1"
# and then enable webmail and/or imap on individual accounts by setting
# disablewebmail=0 and/or disableimap=0 on the account.
DEFAULTOPTIONS=""
##NAME: LOGGEROPTS:0
#
# courierlogger(1) options, e.g. to set syslog facility
#
LOGGEROPTS=""

13
templates/misc/configfiles/gentoo/courier/etc_courier_authlib_authmysqlrc Normal file
View File

@@ -0,0 +1,13 @@
MYSQL_SERVER <SQL_HOST>
MYSQL_USERNAME <SQL_UNPRIVILEGED_USER>
MYSQL_PASSWORD <SQL_UNPRIVILEGED_PASSWORD>
MYSQL_PORT 0
MYSQL_DATABASE <SQL_DB>
MYSQL_USER_TABLE mail_users
MYSQL_CRYPT_PWFIELD password_enc
MYSQL_UID_FIELD <VIRTUAL_UID_MAPS>
MYSQL_GID_FIELD <VIRTUAL_GID_MAPS>
MYSQL_LOGIN_FIELD username
MYSQL_HOME_FIELD "<VIRTUAL_MAILBOX_BASE>"
MYSQL_MAILDIR_FIELD maildir
MYSQL_QUOTA_FIELD (quota*1024*1024)

16
templates/misc/configfiles/gentoo/cron/etc_cron.d_syscp Normal file
View File

@@ -0,0 +1,16 @@
#
# Set PATH, otherwise restart-scripts won't find start-stop-daemon
#
PATH=/sbin:/bin:/usr/sbin:/usr/bin
#
# Regular cron jobs for the syscp package
#
# Please check that all following paths are correct
#
*/5 * * * * root /usr/lib/php5/bin/php -q -c /etc/php/syscp-cronjob/php.ini /var/www/syscp/scripts/cron_tasks.php
0 0 * * * root /usr/lib/php5/bin/php -q -c /etc/php/syscp-cronjob/php.ini /var/www/syscp/scripts/cron_traffic.php
30 0 * * * root /usr/lib/php5/bin/php -q -c /etc/php/syscp-cronjob/php.ini /var/www/syscp/scripts/cron_ticketarchive.php
0 1 * * * root /usr/lib/php5/bin/php -q -c /etc/php/syscp-cronjob/php.ini /var/www/syscp/scripts/cron_used_tickets_reset.php
*/5 * * * * root /usr/lib/php5/bin/php -q -c /etc/php/syscp-cronjob/php.ini /var/www/syscp/scripts/cron_autoresponder.php
*/5 * * * * root /usr/lib/php5/bin/php -q -c /etc/php/syscp-cronjob/php.ini /var/www/syscp/scripts/cron_apsinstaller.php
*/30 * * * * root /usr/lib/php5/bin/php -q -c /etc/php/syscp-cronjob/php.ini /var/www/syscp/scripts/cron_apsupdater.php

61
templates/misc/configfiles/gentoo/cron/etc_php_syscp-cronjob_php.ini Normal file
View File

@@ -0,0 +1,61 @@
short_open_tag = On
asp_tags = Off
precision = 14
output_buffering = Off
allow_call_time_pass_reference = Off
safe_mode = Off
safe_mode_gid = Off
safe_mode_include_dir = "/usr/share/php/:/usr/share/php4/:/usr/share/php5/"
safe_mode_allowed_env_vars = PHP_
safe_mode_protected_env_vars = LD_LIBRARY_PATH
open_basedir =
disable_functions =
disable_classes =
expose_php = Off
max_execution_time = 180
max_input_time = 120
memory_limit = 32M
post_max_size = 32M
error_reporting = E_ALL & ~E_NOTICE
display_errors = On
display_startup_errors = Off
log_errors = Off
log_errors_max_len = 1024
ignore_repeated_errors = Off
ignore_repeated_source = Off
report_memleaks = On
track_errors = Off
html_errors = Off
variables_order = "GPCS"
register_globals = Off
register_argc_argv = Off
gpc_order = "GPC"
magic_quotes_gpc = Off
magic_quotes_runtime = Off
magic_quotes_sybase = Off
include_path = ".:/usr/share/php/:/usr/share/php4/:/usr/share/php5/"
enable_dl = Off
file_uploads = On
upload_tmp_dir = "/tmp/"
upload_max_filesize = 32M
allow_url_fopen = On
session.save_handler = files
session.save_path = "/tmp/"
session.use_cookies = 1
session.name = PHPSESSID
session.auto_start = 0
session.cookie_lifetime = 0
session.cookie_path = /
session.cookie_domain =
session.serialize_handler = php
session.gc_probability = 1
session.gc_divisor = 1000
session.gc_maxlifetime = 1440
session.bug_compat_42 = 0
session.bug_compat_warn = 1
session.referer_check =
session.entropy_length = 16
session.entropy_file = /dev/urandom
session.cache_limiter = nocache
session.cache_expire = 180
session.use_trans_sid = 0

Some files were not shown because too many files have changed in this diff Show More