maketank/Froxlor
2
0
Fork 0
Code Pull Requests Releases Activity

Added Ubuntu 14.04 Trusty, didn't check if the configfiles are working

Browse Source
This commit is contained in:
Lednerb
2015-01-10 23:46:37 +01:00
parent 797db9aa8b
commit e21b923194
46 changed files with 1506 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

422
lib/configfiles/trusty.inc.php Normal file
View File

@@ -0,0 +1,422 @@
<?php
/**
* This file is part of the Froxlor project.
* Copyright (c) 2003-2009 the SysCP Team (see authors).
* Copyright (c) 2010 the Froxlor Team (see authors).
*
* For the full copyright and license information, please view the COPYING
* file that was distributed with this source code. You can also view the
* COPYING file online at http://files.froxlor.org/misc/COPYING.txt
*
* @copyright (c) the authors
* @author Florian Lippert <flo@syscp.org> (2003-2009)
* @author Froxlor team <team@froxlor.org> (2010-)
* @license GPLv2 http://files.froxlor.org/misc/COPYING.txt
* @package Configfiles
*
*/
// Try to guess user/group from settings' email UID/GID
$vmail_user=posix_getpwuid(Settings::Get('system.vmail_uid'));
$vmail_group=posix_getgrgid(Settings::Get('system.vmail_gid'));
/* If one of them are not set, call it 'vmail' and suggest creating user/group
* in scripts. */
if ($vmail_user === false) {
$vmail_username="vmail";
} else {
$vmail_username=$vmail_user['name'];
}
if ($vmail_group === false) {
$vmail_groupname="vmail";
} else {
$vmail_groupname=$vmail_group['name'];
}
return array(
'ubuntu_trusty' => array(
'label' => 'Ubuntu 14.04 (Trusty)',
'services' => array(
'http' => array(
'label' => $lng['admin']['configfiles']['http'],
'daemons' => array(
'apache2' => array(
'label' => 'Apache 2',
'commands' => array(
'mkdir -p ' . Settings::Get('system.documentroot_prefix'),
'mkdir -p ' . Settings::Get('system.logfiles_directory'),
(Settings::Get('system.deactivateddocroot') != '') ? 'mkdir -p ' . Settings::Get('system.deactivateddocroot') : '',
'mkdir -p ' . Settings::Get('system.mod_fcgid_tmpdir'),
'chmod 1777 ' . Settings::Get('system.mod_fcgid_tmpdir'),
'a2dismod userdir'
),
'files' => ((int)Settings::Get('phpfpm.enabled') == 1) ?
array(
'etc_apache2_mods-enabled_fastcgi.conf' => '/etc/apache2/mods-enabled/fastcgi.conf'
)
:
null,
'restart' => array(
'service apache2 restart'
),
),
'lighttpd' => array(
'label' => 'Lighttpd Webserver',
'commands_1' => array(
'apt-get install lighttpd',
),
'files' => array(
'etc_lighttpd.conf' => '/etc/lighttpd/lighttpd.conf',
),
'commands_2' => array(
$configcommand['vhost'],
$configcommand['diroptions'],
$configcommand['v_inclighty'],
$configcommand['d_inclighty'],
'lighty-disable-mod cgi',
'lighty-disable-mod fastcgi',
'mkdir -p ' . Settings::Get('system.documentroot_prefix'),
'mkdir -p ' . Settings::Get('system.logfiles_directory'),
(Settings::Get('system.deactivateddocroot') != '') ? 'mkdir -p ' . Settings::Get('system.deactivateddocroot') : '',
'mkdir -p ' . Settings::Get('system.mod_fcgid_tmpdir'),
'chmod 1777 ' . Settings::Get('system.mod_fcgid_tmpdir')
),
'restart' => array(
'service lighttpd restart'
),
),
'nginx' => array(
'label' => 'Nginx Webserver',
'commands_1' => array(
'apt-get install nginx php5-cgi',
),
'files' => array(
'etc_nginx_nginx.conf' => '/etc/nginx/nginx.conf',
'etc_init.d_php-fcgi' => '/etc/init.d/php-fcgi'
),
'commands_2' => array(
'rm /etc/nginx/sites-enabled/default',
'mkdir -p ' . Settings::Get('system.documentroot_prefix'),
'mkdir -p ' . Settings::Get('system.logfiles_directory'),
(Settings::Get('system.deactivateddocroot') != '') ? 'mkdir -p ' . Settings::Get('system.deactivateddocroot') : '',
'mkdir -p ' . Settings::Get('system.mod_fcgid_tmpdir'),
'chmod 1777 ' . Settings::Get('system.mod_fcgid_tmpdir'),
'chmod u+x /etc/init.d/php-fcgi'
),
'restart' => array(
'service php-fcgi start',
'service nginx restart'
)
),
),
),
'dns' => array(
'label' => $lng['admin']['configfiles']['dns'],
'daemons' => array(
'bind' => array(
'label' => 'Bind9',
'commands' => array(
'apt-get install bind9',
'echo "include \"' . Settings::Get('system.bindconf_directory') . 'froxlor_bind.conf\";" >> /etc/bind/named.conf',
'touch ' . Settings::Get('system.bindconf_directory') . 'froxlor_bind.conf',
'chown root:bind ' . Settings::Get('system.bindconf_directory') . 'froxlor_bind.conf',
'chmod 0644 ' . Settings::Get('system.bindconf_directory') . 'froxlor_bind.conf'
),
'restart' => array(
'service bind9 restart'
)
),
'powerdns' => array(
'label' => 'PowerDNS',
'files' => array(
'etc_powerdns_pdns.conf' => '/etc/powerdns/pdns.conf',
'etc_powerdns_pdns-froxlor.conf' => '/etc/powerdns/pdns_froxlor.conf',
),
'restart' => array(
'service pdns restart'
)
),
)
),
'smtp' => array(
'label' => $lng['admin']['configfiles']['smtp'],
'daemons' => array(
'postfix_courier' => array(
'label' => 'Postfix/Courier',
'commands' => array(
'apt-get install postfix postfix-mysql libsasl2-2 libsasl2-modules libsasl2-modules-sql',
($vmail_group === false) ? 'groupadd -g ' . Settings::Get('system.vmail_gid') . ' ' . $vmail_groupname : '',
($vmail_user === false) ? 'useradd -u ' . Settings::Get('system.vmail_uid') . ' -g ' . $vmail_groupname . ' ' . $vmail_username : '',
'mkdir -p ' . Settings::Get('system.vmail_homedir'),
'chown -R '.$vmail_username.':'.$vmail_groupname.' ' . Settings::Get('system.vmail_homedir'),
'mkdir -p /var/spool/postfix/etc/pam.d',
'mkdir -p /var/spool/postfix/var/run/mysqld',
'touch /etc/postfix/mysql-virtual_alias_maps.cf',
'touch /etc/postfix/mysql-virtual_mailbox_domains.cf',
'touch /etc/postfix/mysql-virtual_mailbox_maps.cf',
'touch /etc/postfix/mysql-virtual_sender_permissions.cf',
'touch /etc/postfix/sasl/smtpd.conf',
'chown root:root /etc/postfix/main.cf',
'chown root:postfix /etc/postfix/mysql-virtual_alias_maps.cf',
'chown root:postfix /etc/postfix/mysql-virtual_mailbox_domains.cf',
'chown root:postfix /etc/postfix/mysql-virtual_mailbox_maps.cf',
'chown root:postfix /etc/postfix/mysql-virtual_sender_permissions.cf',
'chown root:root /etc/postfix/sasl/smtpd.conf',
'chmod 0644 /etc/postfix/main.cf',
'chmod 0640 /etc/postfix/mysql-virtual_alias_maps.cf',
'chmod 0640 /etc/postfix/mysql-virtual_mailbox_domains.cf',
'chmod 0640 /etc/postfix/mysql-virtual_mailbox_maps.cf',
'chmod 0640 /etc/postfix/mysql-virtual_sender_permissions.cf',
'chmod 0600 /etc/postfix/sasl/smtpd.conf',
),
'files' => array(
'etc_postfix_main.cf' => '/etc/postfix/main.cf',
'etc_postfix_mysql-virtual_alias_maps.cf' => '/etc/postfix/mysql-virtual_alias_maps.cf',
'etc_postfix_mysql-virtual_mailbox_domains.cf' => '/etc/postfix/mysql-virtual_mailbox_domains.cf',
'etc_postfix_mysql-virtual_mailbox_maps.cf' => '/etc/postfix/mysql-virtual_mailbox_maps.cf',
'etc_postfix_mysql-virtual_sender_permissions.cf' => '/etc/postfix/mysql-virtual_sender_permissions.cf',
'etc_postfix_sasl_smtpd.conf' => '/etc/postfix/sasl/smtpd.conf'
),
'restart' => array(
'newaliases',
'service postfix restart'
)
),
'dkim' => array(
'label' => 'DomainKey filter',
'commands_1' => array(
'apt-get install dkim-filter',
'mkdir -p /etc/postfix/dkim'
),
'files' => array(
'dkim-filter.conf' => '/etc/dkim-filter.conf'
),
'commands_2' => array(
'echo "milter_default_action = accept" >> /etc/postfix/main.cf',
'echo "milter_protocol = 2" >> /etc/postfix/main.cf',
'echo "smtpd_milters = inet:localhost:8891" >> /etc/postfix/main.cf',
'echo "non_smtpd_milters = inet:localhost:8891" >> /etc/postfix/main.cf'
),
'restart' => array(
'service dkim-filter restart',
'service postfix restart'
)
),
'postfix_dovecot' => array(
'label' => 'Postfix/Dovecot',
'commands' => array(
'apt-get install postfix postfix-mysql',
($vmail_group === false) ? 'groupadd -g ' . Settings::Get('system.vmail_gid') . ' ' . $vmail_groupname : '',
($vmail_user === false) ? 'useradd -u ' . Settings::Get('system.vmail_uid') . ' -g ' . $vmail_groupname . ' ' . $vmail_username : '',
'mkdir -p ' . Settings::Get('system.vmail_homedir'),
'chown -R '.$vmail_username.':'.$vmail_groupname.' ' . Settings::Get('system.vmail_homedir'),
'mkdir -p /var/spool/postfix/etc/pam.d',
'mkdir -p /var/spool/postfix/var/run/mysqld',
'touch /etc/postfix/mysql-virtual_alias_maps.cf',
'touch /etc/postfix/mysql-virtual_mailbox_domains.cf',
'touch /etc/postfix/mysql-virtual_mailbox_maps.cf',
'touch /etc/postfix/mysql-virtual_sender_permissions.cf',
'chown root:root /etc/postfix/main.cf',
'chown root:root /etc/postfix/master.cf',
'chown root:postfix /etc/postfix/mysql-virtual_alias_maps.cf',
'chown root:postfix /etc/postfix/mysql-virtual_mailbox_domains.cf',
'chown root:postfix /etc/postfix/mysql-virtual_mailbox_maps.cf',
'chown root:postfix /etc/postfix/mysql-virtual_sender_permissions.cf',
'chmod 0644 /etc/postfix/main.cf',
'chmod 0644 /etc/postfix/master.cf',
'chmod 0640 /etc/postfix/mysql-virtual_alias_maps.cf',
'chmod 0640 /etc/postfix/mysql-virtual_mailbox_domains.cf',
'chmod 0640 /etc/postfix/mysql-virtual_mailbox_maps.cf',
'chmod 0640 /etc/postfix/mysql-virtual_sender_permissions.cf'
),
'files' => array(
'etc_postfix_main.cf' => '/etc/postfix/main.cf',
'etc_postfix_master.cf' => '/etc/postfix/master.cf',
'etc_postfix_mysql-virtual_alias_maps.cf' => '/etc/postfix/mysql-virtual_alias_maps.cf',
'etc_postfix_mysql-virtual_mailbox_domains.cf' => '/etc/postfix/mysql-virtual_mailbox_domains.cf',
'etc_postfix_mysql-virtual_mailbox_maps.cf' => '/etc/postfix/mysql-virtual_mailbox_maps.cf',
'etc_postfix_mysql-virtual_sender_permissions.cf' => '/etc/postfix/mysql-virtual_sender_permissions.cf'
),
'restart' => array(
'newaliases',
'service postfix restart'
)
),
'postfix_mxaccess' => array(
'label' => 'Postfix MX-Access (anti spam)',
'files' => array(
'etc_postfix_mx_access' => '/etc/postfix/mx_access',
'etc_postfix_main.cf' => '/etc/postfix/main.cf'
),
'commands_1' => array(
'postmap /etc/postfix/mx_access'
),
'restart' => array(
'service postfix restart'
)
),
'exim4' => array(
'label' => 'Exim4',
'commands_1' => array(
'dpkg-reconfigure exim4-config',
'# choose "no configuration at this time" and "splitted configuration files" in the dialog'
),
'files' => array(
'etc_exim4_conf.d_acl_30_exim4-config_check_rcpt.rul' => '/etc/exim4/conf.d/acl/30_exim4-config_check_rcpt.rul',
'etc_exim4_conf.d_auth_30_froxlor-config' => '/etc/exim4/conf.d/auth/30_froxlor-config',
'etc_exim4_conf.d_main_10_froxlor-config_options' => '/etc/exim4/conf.d/main/10_froxlor-config_options',
'etc_exim4_conf.d_router_180_froxlor-config' => '/etc/exim4/conf.d/router/180_froxlor-config',
'etc_exim4_conf.d_transport_30_froxlor-config' => '/etc/exim4/conf.d/transport/30_froxlor-config'
),
'commands_2' => array(
'chmod o-rx /var/lib/exim4',
'chmod o-rx /etc/exim4/conf.d/main/10_froxlor-config_options'
),
'restart' => array(
'service exim4 restart'
)
)
)
),
'mail' => array(
'label' => $lng['admin']['configfiles']['mail'],
'daemons' => array(
'courier' => array(
'label' => 'Courier',
'commands' => array(
'apt-get install courier-pop courier-imap courier-authlib-mysql'
),
'files' => array(
'etc_courier_authdaemonrc' => '/etc/courier/authdaemonrc',
'etc_courier_authmysqlrc' => '/etc/courier/authmysqlrc'
),
'restart' => array(
'/etc/init.d/courier-authdaemon restart',
'/etc/init.d/courier-pop restart'
)
),
'dovecot' => array(
'label' => 'Dovecot',
'commands_1' => array(
'apt-get install dovecot-imapd dovecot-pop3d dovecot-postfix dovecot-mysql mail-stack-delivery'
),
'files' => array(
'etc_dovecot_conf.d_01_mail_stack_delivery.conf' => '/etc/dovecot/conf.d/01-mail-stack-delivery.conf',
'etc_dovecot_conf.d_10_auth.conf' => '/etc/dovecot/conf.d/10-auth.conf',
'etc_dovecot_conf.d_auth-sql.conf.ext' => '/etc/dovecot/conf.d/auth-sql.conf.ext',
'etc_dovecot_dovecot-sql.conf.ext' => '/etc/dovecot/dovecot-sql.conf.ext'
),
'commands_2' => array(
'chmod 0640 /etc/dovecot/dovecot-sql.conf.ext'
),
'restart' => array(
'service dovecot restart'
)
)
)
),
'ftp' => array(
'label' => $lng['admin']['configfiles']['ftp'],
'daemons' => array(
'proftpd' => array(
'label' => 'ProFTPd',
'commands' => array(
'apt-get install proftpd-basic proftpd-mod-mysql'
),
'files' => array(
'etc_proftpd_sql.conf' => '/etc/proftpd/sql.conf',
'etc_proftpd_modules.conf' => '/etc/proftpd/modules.conf',
'etc_proftpd_proftpd.conf' => '/etc/proftpd/proftpd.conf'
),
'restart' => array(
'/etc/init.d/proftpd restart'
)
),
'pure-ftpd' => array(
'label' => 'Pure FTPd',
'commands_1' => array(
'apt-get install pure-ftpd-common pure-ftpd-mysql'
),
'files' => array(
'etc_pure-ftpd_conf_MinUID' => '/etc/pure-ftpd/conf/MinUID',
'etc_pure-ftpd_conf_MySQLConfigFile' => '/etc/pure-ftpd/conf/MySQLConfigFile',
'etc_pure-ftpd_conf_NoAnonymous' => '/etc/pure-ftpd/conf/NoAnonymous',
'etc_pure-ftpd_conf_MaxIdleTime' => '/etc/pure-ftpd/conf/MaxIdleTime',
'etc_pure-ftpd_conf_ChrootEveryone' => '/etc/pure-ftpd/conf/ChrootEveryone',
'etc_pure-ftpd_conf_PAMAuthentication' => '/etc/pure-ftpd/conf/PAMAuthentication',
'etc_pure-ftpd_db_mysql.conf' => '/etc/pure-ftpd/db/mysql.conf',
'etc_pure-ftpd_conf_CustomerProof' => '/etc/pure-ftpd/conf/CustomerProof',
'etc_pure-ftpd_conf_Bind' => '/etc/pure-ftpd/conf/Bind',
'etc_default_pure-ftpd-common' => '/etc/default/pure-ftpd-common'
),
'commands_2' => array(
'chmod 0640 /etc/pure-ftpd/db/mysql.conf'
),
'restart' => array(
'service pure-ftpd-mysql restart'
)
),
)
),
'etc' => array(
'label' => $lng['admin']['configfiles']['etc'],
'daemons' => array(
'cron' => array(
'label' => 'Crond (cronscript)',
'files' => array(
'etc_cron.d_froxlor' => '/etc/cron.d/froxlor'
),
'restart' => array(
Settings::Get('system.crondreload')
)
),
'awstats' => array(
'label' => 'Awstats',
'commands' => array(
'apt-get install awstats',
'cp /usr/share/awstats/tools/awstats_buildstaticpages.pl '.makeCorrectDir(Settings::Get('system.awstats_path')),
'mv '.makeCorrectFile(Settings::Get('system.awstats_conf').'/awstats.conf').' '.makeCorrectFile(Settings::Get('system.awstats_conf').'/awstats.model.conf'),
'sed -i.bak \'s/^DirData/# DirData/\' '.makeCorrectFile(Settings::Get('system.awstats_conf').'/awstats.model.conf'),
'# Please make sure you deactivate awstats own cronjob as Froxlor handles that itself',
'rm /etc/cron.d/awstats'
),
),
'libnss' => array(
'label' => 'libnss-bg (system login with mysql)',
'commands' => array(
'apt-get install libnss-mysql-bg nscd',
'chmod 600 /etc/libnss-mysql.cfg /etc/libnss-mysql-root.cfg'
),
'files' => array(
'etc_libnss-mysql.cfg' => '/etc/libnss-mysql.cfg',
'etc_libnss-mysql-root.cfg' => '/etc/libnss-mysql-root.cfg',
'etc_nsswitch.conf' => '/etc/nsswitch.conf',
),
'restart' => array(
'service nscd restart'
)
),
'logrotate' => array(
'label' => 'Logrotate',
'commands_1' => array(
'apt-get install logrotate',
'touch /etc/logrotate.d/froxlor',
'chmod 644 /etc/logrotate.d/froxlor'
),
'files' => array(
'etc_logrotated_froxlor' => '/etc/logrotate.d/froxlor'
),
'commands_2' => array(
'# apt automatically adds a daily cronjob for logrotate',
'# you do not have to do anything else :)'
)
)
)
)
)
)
);
?>

10
templates/misc/configfiles/ubuntu_trusty/apache2/etc_apache2_mods-enabled_fastcgi.conf Normal file
View File

@@ -0,0 +1,10 @@
<IfModule mod_fastcgi.c>
FastCgiIpcDir <FPM_IPCDIR>
<Location "/fastcgiphp">
Order Deny,Allow
Deny from All
# Prevent accessing this path directly
Allow from env=REDIRECT_STATUS
</Location>
</IfModule>

68
templates/misc/configfiles/ubuntu_trusty/courier/etc_courier_authdaemonrc Normal file
View File

@@ -0,0 +1,68 @@
##VERSION: $Id: authdaemonrc.in,v 1.8 2001/10/07 02:16:22 mrsam Exp $
#
# Copyright 2000-2001 Double Precision, Inc. See COPYING for
# distribution information.
#
# authdaemonrc created from authdaemonrc.dist by sysconftool
#
# Do not alter lines that begin with ##, they are used when upgrading
# this configuration.
#
# This file configures authdaemond, the resident authentication daemon.
#
# Comments in this file are ignored. Although this file is intended to
# be sourced as a shell script, authdaemond parses it manually, so
# the acceptable syntax is a bit limited. Multiline variable contents,
# with the \ continuation character, are not allowed. Everything must
# fit on one line. Do not use any additional whitespace for indentation,
# or anything else.
##NAME: authmodulelist:0
#
# The authentication modules that are linked into authdaemond. The
# default list is installed. You may selectively disable modules simply
# by removing them from the following list. The available modules you
# can use are: authcustom authcram authuserdb authldap authmysql authpam
authmodulelist="authmysql"
##NAME: authmodulelistorig:1
#
# This setting is used by Courier's webadmin module, and should be left
# alone
authmodulelistorig="authcustom authcram authuserdb authldap authmysql authpam"
##NAME: daemons:0
#
# The number of daemon processes that are started. authdaemon is typically
# installed where authentication modules are relatively expensive: such
# as authldap, or authmysql, so it's better to have a number of them running.
# PLEASE NOTE: Some platforms may experience a problem if there's more than
# one daemon. Specifically, SystemV derived platforms that use TLI with
# socket emulation. I'm suspicious of TLI's ability to handle multiple
# processes accepting connections on the same filesystem domain socket.
#
# You may need to increase daemons if as your system load increases. Symptoms
# include sporadic authentication failures. If you start getting
# authentication failures, increase daemons. However, the default of 5
# SHOULD be sufficient. Bumping up daemon count is only a short-term
# solution. The permanent solution is to add more resources: RAM, faster
# disks, faster CPUs...
daemons=5
##NAME: version:0
#
# When you have multiple versions of authdaemond.* installed, authdaemond
# just picks the first one it finds. Set "version" to override that.
# For example: version=authdaemond.plain
version=""
##NAME: authdaemonvar:0
#
# authdaemonvar is here, but is not used directly by authdaemond. It's
# used by various configuration and build scripts, so don't touch it!
authdaemonvar=/var/run/courier/authdaemon

14
templates/misc/configfiles/ubuntu_trusty/courier/etc_courier_authmysqlrc Normal file
View File

@@ -0,0 +1,14 @@
MYSQL_SERVER <SQL_HOST>
MYSQL_USERNAME <SQL_UNPRIVILEGED_USER>
MYSQL_PASSWORD <SQL_UNPRIVILEGED_PASSWORD>
MYSQL_PORT 3306
MYSQL_DATABASE <SQL_DB>
MYSQL_USER_TABLE mail_users
MYSQL_CRYPT_PWFIELD password_enc
MYSQL_UID_FIELD uid
MYSQL_GID_FIELD gid
MYSQL_LOGIN_FIELD username
MYSQL_HOME_FIELD homedir
MYSQL_MAILDIR_FIELD maildir
MYSQL_QUOTA_FIELD (quota*1024*1024)
MYSQL_AUXOPTIONS_FIELD CONCAT("allowimap=",imap,",allowpop3=",pop3)

10
templates/misc/configfiles/ubuntu_trusty/cron/etc_cron.d_froxlor Normal file
View File

@@ -0,0 +1,10 @@
#
# Set PATH, otherwise restart-scripts won't find start-stop-daemon
#
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
#
# Regular cron jobs for the froxlor package
#
# Please check that all following paths are correct
#
*/5 * * * * root /usr/bin/nice -n 5 /usr/bin/php5 -q <BASE_PATH>scripts/froxlor_master_cronjob.php

70
templates/misc/configfiles/ubuntu_trusty/dovecot/etc_dovecot_conf.d_01_mail_stack_delivery.conf Normal file
View File

@@ -0,0 +1,70 @@
# Some general options
protocols = imap pop3 sieve
disable_plaintext_auth = no
ssl = yes
ssl_cert = </etc/ssl/certs/ssl-mail.pem
ssl_key = </etc/ssl/private/ssl-mail.key
ssl_cipher_list = ALL:!LOW:!SSLv2:ALL:!aNULL:!ADH:!eNULL:!EXP:RC4+RSA:+HIGH:+MEDIUM
mail_location = maildir:~/Maildir
auth_username_chars = abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@
# IMAP configuration
protocol imap {
mail_plugins = quota imap_quota
mail_max_userip_connections = 10
imap_client_workarounds = delay-newmail
# IMAP logout format string:
# %i - total number of bytes read from client
# %o - total number of bytes sent to client
imap_logout_format = in=%i out=%o
}
# POP3 configuration
protocol pop3 {
mail_max_userip_connections = 10
pop3_client_workarounds = outlook-no-nuls oe-ns-eoh
pop3_uidl_format = UID%u-%v
mail_plugins = quota
# POP3 logout format string:
# %i - total number of bytes read from client
# %o - total number of bytes sent to client
# %t - number of TOP commands
# %p - number of bytes sent to client as a result of TOP command
# %r - number of RETR commands
# %b - number of bytes sent to client as a result of RETR command
# %d - number of deleted messages
# %m - number of messages (before deletion)
# %s - mailbox size in bytes (before deletion)
# %u - old/new UIDL hash. may help finding out if UIDLs changed unexpectedly
pop3_logout_format = in=%i out=%o top=%t/%p retr=%r/%b del=%d/%m size=%s
}
# LDA configuration
protocol lda {
postmaster_address = postmaster@<SERVERNAME>
mail_plugins = sieve quota
quota_full_tempfail = yes
deliver_log_format = msgid=%m: %$
rejection_reason = Your message to <%t> was automatically rejected:%n%r
}
# Plugins configuration
plugin {
sieve=~/.dovecot.sieve
sieve_dir=~/sieve
quota = maildir
}
# Authentication configuration
auth_mechanisms = plain login
service auth {
# Postfix smtp-auth
unix_listener /var/spool/postfix/private/dovecot-auth {
mode = 0660
user = postfix
group = postfix
}
}

127
templates/misc/configfiles/ubuntu_trusty/dovecot/etc_dovecot_conf.d_10_auth.conf Normal file
View File

@@ -0,0 +1,127 @@
##
## Authentication processes
##
# Disable LOGIN command and all other plaintext authentications unless
# SSL/TLS is used (LOGINDISABLED capability). Note that if the remote IP
# matches the local IP (ie. you're connecting from the same computer), the
# connection is considered secure and plaintext authentication is allowed.
#disable_plaintext_auth = yes
# Authentication cache size (e.g. 10M). 0 means it's disabled. Note that
# bsdauth, PAM and vpopmail require cache_key to be set for caching to be used.
#auth_cache_size = 0
# Time to live for cached data. After TTL expires the cached record is no
# longer used, *except* if the main database lookup returns internal failure.
# We also try to handle password changes automatically: If user's previous
# authentication was successful, but this one wasn't, the cache isn't used.
# For now this works only with plaintext authentication.
#auth_cache_ttl = 1 hour
# TTL for negative hits (user not found, password mismatch).
# 0 disables caching them completely.
#auth_cache_negative_ttl = 1 hour
# Space separated list of realms for SASL authentication mechanisms that need
# them. You can leave it empty if you don't want to support multiple realms.
# Many clients simply use the first one listed here, so keep the default realm
# first.
#auth_realms =
# Default realm/domain to use if none was specified. This is used for both
# SASL realms and appending @domain to username in plaintext logins.
#auth_default_realm =
# List of allowed characters in username. If the user-given username contains
# a character not listed in here, the login automatically fails. This is just
# an extra check to make sure user can't exploit any potential quote escaping
# vulnerabilities with SQL/LDAP databases. If you want to allow all characters,
# set this value to empty.
#auth_username_chars = abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@
# Username character translations before it's looked up from databases. The
# value contains series of from -> to characters. For example "#@/@" means
# that '#' and '/' characters are translated to '@'.
#auth_username_translation =
# Username formatting before it's looked up from databases. You can use
# the standard variables here, eg. %Lu would lowercase the username, %n would
# drop away the domain if it was given, or "%n-AT-%d" would change the '@' into
# "-AT-". This translation is done after auth_username_translation changes.
#auth_username_format =
# If you want to allow master users to log in by specifying the master
# username within the normal username string (ie. not using SASL mechanism's
# support for it), you can specify the separator character here. The format
# is then <username><separator><master username>. UW-IMAP uses "*" as the
# separator, so that could be a good choice.
#auth_master_user_separator =
# Username to use for users logging in with ANONYMOUS SASL mechanism
#auth_anonymous_username = anonymous
# Maximum number of dovecot-auth worker processes. They're used to execute
# blocking passdb and userdb queries (eg. MySQL and PAM). They're
# automatically created and destroyed as needed.
#auth_worker_max_count = 30
# Host name to use in GSSAPI principal names. The default is to use the
# name returned by gethostname(). Use "$ALL" (with quotes) to allow all keytab
# entries.
#auth_gssapi_hostname =
# Kerberos keytab to use for the GSSAPI mechanism. Will use the system
# default (usually /etc/krb5.keytab) if not specified. You may need to change
# the auth service to run as root to be able to read this file.
#auth_krb5_keytab =
# Do NTLM and GSS-SPNEGO authentication using Samba's winbind daemon and
# ntlm_auth helper. <doc/wiki/Authentication/Mechanisms/Winbind.txt>
#auth_use_winbind = no
# Path for Samba's ntlm_auth helper binary.
#auth_winbind_helper_path = /usr/bin/ntlm_auth
# Time to delay before replying to failed authentications.
#auth_failure_delay = 2 secs
# Require a valid SSL client certificate or the authentication fails.
#auth_ssl_require_client_cert = no
# Take the username from client's SSL certificate, using
# X509_NAME_get_text_by_NID() which returns the subject's DN's
# CommonName.
#auth_ssl_username_from_cert = no
# Space separated list of wanted authentication mechanisms:
# plain login digest-md5 cram-md5 ntlm rpa apop anonymous gssapi otp skey
# gss-spnego
# NOTE: See also disable_plaintext_auth setting.
auth_mechanisms = plain login
##
## Password and user databases
##
#
# Password database is used to verify user's password (and nothing more).
# You can have multiple passdbs and userdbs. This is useful if you want to
# allow both system users (/etc/passwd) and virtual users to login without
# duplicating the system users into virtual database.
#
# <doc/wiki/PasswordDatabase.txt>
#
# User database specifies where mails are located and what user/group IDs
# own them. For single-UID configuration use "static" userdb.
#
# <doc/wiki/UserDatabase.txt>
#!include auth-deny.conf.ext
#!include auth-master.conf.ext
#!include auth-system.conf.ext
!include auth-sql.conf.ext
#!include auth-ldap.conf.ext
#!include auth-passwdfile.conf.ext
#!include auth-checkpassword.conf.ext
#!include auth-vpopmail.conf.ext
#!include auth-static.conf.ext

8
templates/misc/configfiles/ubuntu_trusty/dovecot/etc_dovecot_conf.d_auth-sql.conf.ext Normal file
View File

@@ -0,0 +1,8 @@
passdb {
driver = sql
args = /etc/dovecot/dovecot-sql.conf.ext
}
userdb {
driver = sql
args = /etc/dovecot/dovecot-sql.conf.ext
}

6
templates/misc/configfiles/ubuntu_trusty/dovecot/etc_dovecot_dovecot-sql.conf.ext Normal file
View File

@@ -0,0 +1,6 @@
driver = mysql
connect = host=<SQL_HOST> dbname=<SQL_DB> user=<SQL_UNPRIVILEGED_USER> password=<SQL_UNPRIVILEGED_PASSWORD>
default_pass_scheme = CRYPT
password_query = SELECT username AS user, password_enc AS password, CONCAT(homedir, maildir) AS userdb_home, uid AS userdb_uid, gid AS userdb_gid, CONCAT('maildir:', homedir, maildir) AS userdb_mail, CONCAT('maildir:storage=', (quota*1024)) as userdb_quota FROM mail_users WHERE (username = '%u' OR email = '%u') AND ((imap = 1 AND '%Ls' = 'imap') OR (pop3 = 1 AND '%Ls' = 'pop3') OR '%Ls' = 'smtp' OR '%Ls' = 'sieve')
user_query = SELECT CONCAT(homedir, maildir) AS home, CONCAT('maildir:', homedir, maildir) AS mail, uid, gid, CONCAT('maildir:storage=', (quota*1024)) as quota FROM mail_users WHERE (username = '%u' OR email = '%u')
iterate_query = SELECT username AS user FROM mail_users WHERE (imap = 1 OR pop3 = 1)

2
templates/misc/configfiles/ubuntu_trusty/libnss/etc_libnss-mysql-root.cfg Normal file
View File

@@ -0,0 +1,2 @@
username <SQL_UNPRIVILEGED_USER>
password <SQL_UNPRIVILEGED_PASSWORD>

41
templates/misc/configfiles/ubuntu_trusty/libnss/etc_libnss-mysql.cfg Normal file
View File

@@ -0,0 +1,41 @@
getpwnam SELECT username,'x',uid,gid,'MySQL User',homedir,shell \
FROM ftp_users \
WHERE username='%1$s' \
AND login_enabled = 'Y' \
LIMIT 1
getpwuid SELECT username,'x',uid,gid,'MySQL User',homedir,shell \
FROM ftp_users \
WHERE uid='%1$u' \
AND login_enabled = 'Y' \
LIMIT 1
getspnam SELECT username,password,FLOOR(UNIX_TIMESTAMP()/86400-1),'1','99999','7','-1','-1','0' \
FROM ftp_users \
WHERE username='%1$s' \
AND login_enabled = 'Y' \
LIMIT 1
getpwent SELECT username,'x',uid,gid,'MySQL User',homedir,shell \
FROM ftp_users
getspent SELECT username,password,FLOOR(UNIX_TIMESTAMP()/86400-1),'1','99999','7','-1','-1','0' \
FROM ftp_users
getgrnam SELECT groupname,'x',gid \
FROM ftp_groups \
WHERE groupname='%1$s' \
LIMIT 1
getgrgid SELECT groupname,'x',gid \
FROM ftp_groups \
WHERE gid='%1$u' \
LIMIT 1
getgrent SELECT groupname,'x',gid \
FROM ftp_groups
memsbygid SELECT members \
FROM ftp_groups \
WHERE gid='%1$u'
gidsbymem SELECT CONCAT_WS(',', gid) as gid \
FROM ftp_groups \
WHERE FIND_IN_SET('%1$s', members)
host <SQL_HOST>
database <SQL_DB>
username <SQL_UNPRIVILEGED_USER>
password <SQL_UNPRIVILEGED_PASSWORD>
socket /var/run/mysqld/mysqld.sock

20
templates/misc/configfiles/ubuntu_trusty/libnss/etc_nsswitch.conf Normal file
View File

@@ -0,0 +1,20 @@
# Make sure that `passwd`, `group` and `shadow` have mysql in their lines
# You should place mysql at the end, so that it is queried after the other mechanisams
#
passwd: compat mysql
group: compat mysql
shadow: compat mysql
hosts: files dns
networks: files dns
services: db files
protocols: db files
rpc: db files
ethers: db files
netmasks: files
netgroup: files
bootparams: files
automount: files
aliases: files

57
templates/misc/configfiles/ubuntu_trusty/lighttpd/etc_lighttpd.conf Normal file
View File

@@ -0,0 +1,57 @@
###############################################################################
# Default lighttpd.conf for Froxlor.
###############################################################################
var.basedir = "/var/www"
var.logdir = "/var/log/lighttpd"
var.statedir = "/var/lib/lighttpd"
server.modules = (
"mod_rewrite",
"mod_redirect",
"mod_alias",
"mod_access",
"mod_auth",
"mod_fastcgi",
"mod_cgi",
"mod_accesslog"
)
server.username = "www-data"
server.groupname = "www-data"
server.document-root = var.basedir
server.pid-file = "/var/run/lighttpd.pid"
accesslog.filename = var.logdir + "/access.log"
server.errorlog = var.logdir + "/error.log"
server.indexfiles = ("index.php", "index.html",
"index.htm", "default.htm")
server.name = "<SERVERNAME>"
server.port = 80
server.bind = "<SERVERIP>"
url.access-deny = ("~", ".inc")
fastcgi.server = (
".php" => (
"localhost" => (
"socket" => "/tmp/lighttpd-fcgi-sock-lighttpd",
"broken-scriptfilename" => "enable",
"bin-path" => "/usr/bin/php5-cgi",
"min-procs" => 1,
"max-procs" => 1,
"max-load-per-proc" => 4,
"idle-timeout" => 60,
"bin-environment" => (
"UID" => "www-data",
"GID" => "www-data",
"PHP_FCGI_CHILDREN" => "0",
"PHP_FCGI_MAX_REQUESTS" => "10000"
),
"bin-copy-environment" => ( "" )
)
)
)
#### external configuration files
## mimetype mapping
include_shell "/usr/share/lighttpd/create-mime.assign.pl"

16
templates/misc/configfiles/ubuntu_trusty/logrotate/etc_logrotated_froxlor Normal file
View File

@@ -0,0 +1,16 @@
#
# Froxlor logrotate snipet
#
<CUSTOMER_LOGS>*.log {
missingok
weekly
rotate 4
compress
delaycompress
notifempty
create
sharedscripts
postrotate
<WEBSERVER_RELOAD_CMD> > /dev/null 2>&1 || true
endscript
}

41
templates/misc/configfiles/ubuntu_trusty/nginx/etc_init.d_php-fcgi Normal file
View File

@@ -0,0 +1,41 @@
#!/bin/bash
BIND="127.0.0.1:8888"
USER="www-data"
PHP_FCGI_CHILDREN="15"
PHP_FCGI_MAX_REQUESTS="1000"
PHP_CGI="/usr/bin/php-cgi"
PHP_CGI_NAME="$(basename ${PHP_CGI})"
PHP_CGI_ARGS="- USER=${USER} PATH=/usr/bin PHP_FCGI_CHILDREN=${PHP_FCGI_CHILDREN} PHP_FCGI_MAX_REQUESTS=${PHP_FCGI_MAX_REQUESTS} ${PHP_CGI} -b ${BIND}"
RETVAL="0"
start() {
echo -n "Starting PHP FastCGI: "
start-stop-daemon --quiet --start --background --chuid "$USER" --exec /usr/bin/env -- $PHP_CGI_ARGS
RETVAL="$?"
echo "${PHP_CGI_NAME}."
}
stop() {
echo -n "Stopping PHP FastCGI: "
killall -q -w -u ${USER} ${PHP_CGI}
RETVAL="$?"
echo "${PHP_CGI_NAME}."
}
case "$1" in
start)
start
;;
stop)
stop
;;
restart)
stop
start
;;
*)
echo "Usage: php-fastcgi {start|stop|restart}"
exit 1
;;
esac
exit "$RETVAL"

15
templates/misc/configfiles/ubuntu_trusty/nginx/etc_nginx_fastcgi.conf Normal file
View File

@@ -0,0 +1,15 @@
fastcgi_param GATEWAY_INTERFACE CGI/1.1;
fastcgi_param SERVER_SOFTWARE nginx;
fastcgi_param QUERY_STRING $query_string;
fastcgi_param REQUEST_METHOD $request_method;
fastcgi_param CONTENT_TYPE $content_type;
fastcgi_param CONTENT_LENGTH $content_length;
fastcgi_param REQUEST_URI $request_uri;
fastcgi_param DOCUMENT_URI $document_uri;
fastcgi_param DOCUMENT_ROOT $document_root;
fastcgi_param SERVER_PROTOCOL $server_protocol;
fastcgi_param REMOTE_ADDR $remote_addr;
fastcgi_param REMOTE_PORT $remote_port;
fastcgi_param SERVER_ADDR $server_addr;
fastcgi_param SERVER_PORT $server_port;
fastcgi_param SERVER_NAME $server_name;

26
templates/misc/configfiles/ubuntu_trusty/nginx/etc_nginx_nginx.conf Normal file
View File

@@ -0,0 +1,26 @@
user www-data;
worker_processes 4;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
access_log /var/log/nginx/access.log;
sendfile on;
tcp_nodelay on;
keepalive_timeout 65;
gzip on;
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
}

85
templates/misc/configfiles/ubuntu_trusty/postfix_courier/etc_postfix_main.cf Normal file
View File

@@ -0,0 +1,85 @@
## General Postfix configuration
# should be the default domain from your provider eg. "server100.provider.tld"
mydomain = <SERVERNAME>
# should be different from $mydomain eg. "mail.$mydomain"
myhostname = mail.$mydomain
mydestination = $myhostname,
$mydomain,
localhost.$myhostname,
localhost.$mydomain,
localhost
mynetworks = 127.0.0.0/8
inet_interfaces = all
append_dot_mydomain = no
biff = no
# Postfix performance settings
default_destination_concurrency_limit = 20
local_destination_concurrency_limit = 2
# SMTPD Settings
smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
smtpd_helo_required = yes
smtpd_recipient_restrictions = permit_mynetworks,
permit_sasl_authenticated,
reject_unauth_destination,
reject_unauth_pipelining,
reject_non_fqdn_recipient
smtpd_sender_restrictions = permit_mynetworks,
reject_sender_login_mismatch,
permit_sasl_authenticated,
reject_unknown_helo_hostname,
reject_unknown_recipient_domain,
reject_unknown_sender_domain
smtpd_client_restrictions = permit_mynetworks,
permit_sasl_authenticated,
reject_unknown_client_hostname
# Postfix 2.10 requires this option. Postfix < 2.10 ignores this.
# The option is intentionally left empty.
smtpd_relay_restrictions =
# Maximum size of Message in bytes (50MB)
message_size_limit = 52428800
## SASL Auth Settings
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain = $myhostname
broken_sasl_auth_clients = yes
# Virtual delivery settings
virtual_mailbox_base = <VIRTUAL_MAILBOX_BASE>
virtual_mailbox_maps = mysql:/etc/postfix/mysql-virtual_mailbox_maps.cf
virtual_mailbox_domains = mysql:/etc/postfix/mysql-virtual_mailbox_domains.cf
virtual_alias_maps = mysql:/etc/postfix/mysql-virtual_alias_maps.cf
smtpd_sender_login_maps = mysql:/etc/postfix/mysql-virtual_sender_permissions.cf
virtual_uid_maps = static:<VIRTUAL_UID_MAPS>
virtual_gid_maps = static:<VIRTUAL_GID_MAPS>
# Local delivery settings
local_transport = local
alias_maps = $alias_database
# Default Mailbox size, is set to 0 which means unlimited!
mailbox_size_limit = 0
virtual_mailbox_limit = 0
### TLS settings
###
## TLS for outgoing mails from the server to another server
#smtp_tls_security_level = may
#smtp_tls_note_starttls_offer = yes
## TLS for email client
#smtpd_tls_security_level = may
#smtpd_tls_cert_file = /etc/ssl/server/<SERVERNAME>.pem
#smtpd_tls_key_file = $smtpd_tls_cert_file
#smtpd_tls_CAfile = /etc/ssl/certs/ca-certificates.crt
#smtpd_tls_loglevel = 1
#smtpd_tls_received_header = yes
debugger_command =
PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
ddd $daemon_directory/$process_name $process_id & sleep 5

8
templates/misc/configfiles/ubuntu_trusty/postfix_courier/etc_postfix_mysql-virtual_alias_maps.cf Normal file
View File

@@ -0,0 +1,8 @@
user = <SQL_UNPRIVILEGED_USER>
password = <SQL_UNPRIVILEGED_PASSWORD>
dbname = <SQL_DB>
table = mail_virtual
select_field = destination
where_field = email
additional_conditions = and TRIM(destination) <> ''
hosts = <SQL_HOST>

8
templates/misc/configfiles/ubuntu_trusty/postfix_courier/etc_postfix_mysql-virtual_mailbox_domains.cf Normal file
View File

@@ -0,0 +1,8 @@
user = <SQL_UNPRIVILEGED_USER>
password = <SQL_UNPRIVILEGED_PASSWORD>
dbname = <SQL_DB>
table = panel_domains
select_field = domain
where_field = domain
additional_conditions = and isemaildomain = '1'
hosts = <SQL_HOST>

7
templates/misc/configfiles/ubuntu_trusty/postfix_courier/etc_postfix_mysql-virtual_mailbox_maps.cf Normal file
View File

@@ -0,0 +1,7 @@
user = <SQL_UNPRIVILEGED_USER>
password = <SQL_UNPRIVILEGED_PASSWORD>
dbname = <SQL_DB>
table = mail_users
select_field = maildir
where_field = email
hosts = <SQL_HOST>

5
templates/misc/configfiles/ubuntu_trusty/postfix_courier/etc_postfix_mysql-virtual_sender_permissions.cf Normal file
View File

@@ -0,0 +1,5 @@
user = <SQL_UNPRIVILEGED_USER>
password = <SQL_UNPRIVILEGED_PASSWORD>
dbname = <SQL_DB>
query = select distinct username from mail_users where email in ((select mail_virtual.email_full from mail_virtual where mail_virtual.email = '%s' union select mail_virtual.destination from mail_virtual where mail_virtual.email = '%s'));
hosts = <SQL_HOST>

11
templates/misc/configfiles/ubuntu_trusty/postfix_courier/etc_postfix_sasl_smtpd.conf Normal file
View File

@@ -0,0 +1,11 @@
pwcheck_method: auxprop
auxprop_plugin: sql
allowanonymouslogin: no
allowplaintext: yes
mech_list: plain login cram-md5 digest-md5
sql_engine: mysql
sql_hostnames: <SQL_HOST>
sql_user: <SQL_UNPRIVILEGED_USER>
sql_passwd: <SQL_UNPRIVILEGED_PASSWORD>
sql_database: <SQL_DB>
sql_select: SELECT password FROM mail_users WHERE username='%u@%r' OR email='%u@%r'

89
templates/misc/configfiles/ubuntu_trusty/postfix_dovecot/etc_postfix_main.cf Normal file
View File

@@ -0,0 +1,89 @@
## General Postfix configuration
# should be the default domain from your provider eg. "server100.provider.tld"
mydomain = <SERVERNAME>
# should be different from $mydomain eg. "mail.$mydomain"
myhostname = mail.$mydomain
mydestination = $myhostname,
$mydomain,
localhost.$myhostname,
localhost.$mydomain,
localhost
mynetworks = 127.0.0.0/8
inet_interfaces = all
append_dot_mydomain = no
biff = no
# Postfix performance settings
default_destination_concurrency_limit = 20
local_destination_concurrency_limit = 2
# SMTPD Settings
smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
smtpd_helo_required = yes
smtpd_recipient_restrictions = permit_mynetworks,
permit_sasl_authenticated,
reject_unauth_destination,
reject_unauth_pipelining,
reject_non_fqdn_recipient
smtpd_sender_restrictions = permit_mynetworks,
reject_sender_login_mismatch,
permit_sasl_authenticated,
reject_unknown_helo_hostname,
reject_unknown_recipient_domain,
reject_unknown_sender_domain
smtpd_client_restrictions = permit_mynetworks,
permit_sasl_authenticated,
reject_unknown_client_hostname
# Postfix 2.10 requires this option. Postfix < 2.10 ignores this.
# The option is intentionally left empty.
smtpd_relay_restrictions =
# Maximum size of Message in bytes (50MB)
message_size_limit = 52428800
## SASL Auth Settings
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain = $myhostname
broken_sasl_auth_clients = yes
## Dovecot Settings for deliver, SASL Auth and virtual transport
smtpd_sasl_type = dovecot
dovecot_destination_recipient_limit = 1
smtpd_sasl_path = private/dovecot-auth
# Virtual delivery settings
virtual_mailbox_base = <VIRTUAL_MAILBOX_BASE>
virtual_mailbox_maps = mysql:/etc/postfix/mysql-virtual_mailbox_maps.cf
virtual_mailbox_domains = mysql:/etc/postfix/mysql-virtual_mailbox_domains.cf
virtual_alias_maps = mysql:/etc/postfix/mysql-virtual_alias_maps.cf
smtpd_sender_login_maps = mysql:/etc/postfix/mysql-virtual_sender_permissions.cf
virtual_uid_maps = static:<VIRTUAL_UID_MAPS>
virtual_gid_maps = static:<VIRTUAL_GID_MAPS>
# Local delivery settings
local_transport = local
alias_maps = $alias_database
# Default Mailbox size, is set to 0 which means unlimited!
mailbox_size_limit = 0
virtual_mailbox_limit = 0
### TLS settings
###
## TLS for outgoing mails from the server to another server
#smtp_tls_security_level = may
#smtp_tls_note_starttls_offer = yes
## TLS for email client
#smtpd_tls_security_level = may
#smtpd_tls_cert_file = /etc/ssl/server/<SERVERNAME>.pem
#smtpd_tls_key_file = $smtpd_tls_cert_file
#smtpd_tls_CAfile = /etc/ssl/certs/ca-certificates.crt
#smtpd_tls_loglevel = 1
#smtpd_tls_received_header = yes
debugger_command =
PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
ddd $daemon_directory/$process_name $process_id & sleep 5

4
templates/misc/configfiles/ubuntu_trusty/postfix_dovecot/etc_postfix_master.cf Normal file
View File

@@ -0,0 +1,4 @@
# Add these lines to be able to use dovecot as delivery agent
# Dovecot LDA
dovecot unix - n n - - pipe
flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -c /etc/dovecot/dovecot.conf -d ${recipient}

8
templates/misc/configfiles/ubuntu_trusty/postfix_dovecot/etc_postfix_mysql-virtual_alias_maps.cf Normal file
View File

@@ -0,0 +1,8 @@
user = <SQL_UNPRIVILEGED_USER>
password = <SQL_UNPRIVILEGED_PASSWORD>
dbname = <SQL_DB>
table = mail_virtual
select_field = destination
where_field = email
additional_conditions = and TRIM(destination) <> ''
hosts = <SQL_HOST>

8
templates/misc/configfiles/ubuntu_trusty/postfix_dovecot/etc_postfix_mysql-virtual_mailbox_domains.cf Normal file
View File

@@ -0,0 +1,8 @@
user = <SQL_UNPRIVILEGED_USER>
password = <SQL_UNPRIVILEGED_PASSWORD>
dbname = <SQL_DB>
table = panel_domains
select_field = domain
where_field = domain
additional_conditions = and isemaildomain = '1'
hosts = <SQL_HOST>

7
templates/misc/configfiles/ubuntu_trusty/postfix_dovecot/etc_postfix_mysql-virtual_mailbox_maps.cf Normal file
View File

@@ -0,0 +1,7 @@
user = <SQL_UNPRIVILEGED_USER>
password = <SQL_UNPRIVILEGED_PASSWORD>
dbname = <SQL_DB>
table = mail_users
select_field = maildir
where_field = email
hosts = <SQL_HOST>

5
templates/misc/configfiles/ubuntu_trusty/postfix_dovecot/etc_postfix_mysql-virtual_sender_permissions.cf Normal file
View File

@@ -0,0 +1,5 @@
user = <SQL_UNPRIVILEGED_USER>
password = <SQL_UNPRIVILEGED_PASSWORD>
dbname = <SQL_DB>
query = select distinct username from mail_users where email in ((select mail_virtual.email_full from mail_virtual where mail_virtual.email = '%s' union select mail_virtual.destination from mail_virtual where mail_virtual.email = '%s'));
hosts = <SQL_HOST>

25
templates/misc/configfiles/ubuntu_trusty/postfix_mxaccess/etc_postfix_main.cf Normal file
View File

@@ -0,0 +1,25 @@
#
# ATTENTION - this is not the full postfix-main.cf file
#
# it only provides additional configuration-entries!
#
#
# look for the follow statement
#
smtpd_recipient_restrictions = permit_mynetworks,
permit_sasl_authenticated,
reject_unauth_destination,
reject_unauth_pipelining,
reject_non_fqdn_recipient
#
# and extend it with the following line
# so it looks like this
#
smtpd_recipient_restrictions = permit_mynetworks,
permit_sasl_authenticated,
reject_unauth_destination,
reject_unauth_pipelining,
reject_non_fqdn_recipient,
check_recipient_mx_access cidr:/etc/postfix/mx_access

9
templates/misc/configfiles/ubuntu_trusty/postfix_mxaccess/etc_postfix_mx_access Normal file
View File

@@ -0,0 +1,9 @@
0.0.0.0/8 REJECT Domain MX in broadcast network
10.0.0.0/8 REJECT Domain MX in RFC 1918 private network
169.254.0.0/16 REJECT Domain MX in link local network
172.16.0.0/12 REJECT Domain MX in RFC 1918 private network
192.0.2.0/24 REJECT Domain MX in TEST-NET network
192.168.0.0/16 REJECT Domain MX in RFC 1918 private network
224.0.0.0/4 REJECT Domain MX in class D multicast network
240.0.0.0/5 REJECT Domain MX in class E reserved network
248.0.0.0/5 REJECT Domain MX in reserved network

7
templates/misc/configfiles/ubuntu_trusty/powerdns/etc_powerdns_pdns-froxlor.conf Normal file
View File

@@ -0,0 +1,7 @@
allow-axfr-ips=<NAMESERVERS>
#local-ipv6=YOUR_IPv6_(if_any)
bind-config=<BIND_CONFIG_PATH>named.conf
bind-check-interval=180
log-dns-details=yes
local-address=<SERVERIP>,127.0.0.1

17
templates/misc/configfiles/ubuntu_trusty/powerdns/etc_powerdns_pdns.conf Normal file
View File

@@ -0,0 +1,17 @@
allow-recursion=127.0.0.1
config-dir=/etc/powerdns
daemon=yes
guardian=yes
launch=bind
lazy-recursion=yes
local-port=53
master=yes
module-dir=/usr/lib/powerdns
setgid=pdns
setuid=pdns
socket-dir=/var/run
version-string=powerdns
bind-config=<BIND_CONFIG_PATH>named.conf
bind-check-interval=300
include=/etc/powerdns/pdns_froxlor.conf

58
templates/misc/configfiles/ubuntu_trusty/proftpd/etc_proftpd_modules.conf Normal file
View File

@@ -0,0 +1,58 @@
#
# This file is used to manage DSO modules and features.
#
# This is the directory where DSO modules reside
ModulePath /usr/lib/proftpd
# Allow only user root to load and unload modules, but allow everyone
# to see which modules have been loaded
ModuleControlsACLs insmod,rmmod allow user root
ModuleControlsACLs lsmod allow user *
LoadModule mod_ctrls_admin.c
LoadModule mod_tls.c
# Install proftpd-mod-mysql or proftpd-mod-pgsql to use this
LoadModule mod_sql.c
# Install proftpd-mod-ldap to use this
#LoadModule mod_ldap.c
#
# 'SQLBackend mysql' or 'SQLBackend postgres' directives are required
# to have SQL authorization working. You can also comment out the
# unused module here, in alternative.
#
# Install proftpd-mod-mysql to use this
LoadModule mod_sql_mysql.c
# Install proftpd-mod-pgsql to use this
#LoadModule mod_sql_postgres.c
#LoadModule mod_radius.c
LoadModule mod_quotatab.c
LoadModule mod_quotatab_file.c
# Install proftpd-mod-ldap to use this
#LoadModule mod_quotatab_ldap.c
# Install proftpd-mod-pgsql or proftpd-mod-mysql to use this
LoadModule mod_quotatab_sql.c
LoadModule mod_quotatab_radius.c
LoadModule mod_wrap.c
LoadModule mod_rewrite.c
LoadModule mod_load.c
LoadModule mod_ban.c
LoadModule mod_wrap2.c
LoadModule mod_wrap2_file.c
# Install proftpd-mod-pgsql or proftpd-mod-mysql to use this
#LoadModule mod_wrap2_sql.c
LoadModule mod_dynmasq.c
# keep this module the last one
LoadModule mod_ifsession.c

131
templates/misc/configfiles/ubuntu_trusty/proftpd/etc_proftpd_proftpd.conf Normal file
View File

@@ -0,0 +1,131 @@
#
# /etc/proftpd/proftpd.conf -- This is a basic ProFTPD configuration file.
# To really apply changes reload proftpd after modifications.
#
# Includes DSO modules
Include /etc/proftpd/modules.conf
# Set off to disable IPv6 support which is annoying on IPv4 only boxes.
UseIPv6 on
ServerName "<SERVERNAME> FTP Server"
ServerType standalone
DeferWelcome off
MultilineRFC2228 on
DefaultServer on
ShowSymlinks on
TimeoutNoTransfer 600
TimeoutStalled 600
TimeoutIdle 1200
DisplayLogin welcome.msg
DisplayChdir .message true
ListOptions "-l"
DenyFilter \*.*/
# Use this to jail all users in their homes
# DefaultRoot ~
# Users require a valid shell listed in /etc/shells to login.
# Use this directive to release that constrain.
# RequireValidShell off
# Port 21 is the standard FTP port.
Port 21
# In some cases you have to specify passive ports range to by-pass
# firewall limitations. Ephemeral ports can be used for that, but
# feel free to use a more narrow range.
# PassivePorts 49152 65534
# If your host was NATted, this option is useful in order to
# allow passive tranfers to work. You have to use your public
# address and opening the passive ports used on your firewall as well.
# MasqueradeAddress 1.2.3.4
# This is useful for masquerading address with dynamic IPs:
# refresh any configured MasqueradeAddress directives every 8 hours
<IfModule mod_dynmasq.c>
# DynMasqRefresh 28800
</IfModule>
# To prevent DoS attacks, set the maximum number of child processes
# to 30. If you need to allow more than 30 concurrent connections
# at once, simply increase this value. Note that this ONLY works
# in standalone mode, in inetd mode you should use an inetd server
# that allows you to limit maximum number of processes per service
# (such as xinetd)
MaxInstances 30
# Set the user and group that the server normally runs at.
User proftpd
Group nogroup
# Umask 022 is a good standard umask to prevent new files and dirs
# (second parm) from being group and world writable.
Umask 022 022
# Normally, we want files to be overwriteable.
AllowOverwrite on
# Uncomment this if you are using NIS or LDAP via NSS to retrieve passwords:
# PersistentPasswd off
# This is required to use both PAM-based authentication and local passwords
# AuthOrder mod_auth_pam.c* mod_auth_unix.c
# Be warned: use of this directive impacts CPU average load!
# Uncomment this if you like to see progress and transfer rate with ftpwho
# in downloads. That is not needed for uploads rates.
#
# UseSendFile off
TransferLog /var/log/proftpd/xferlog
SystemLog /var/log/proftpd/proftpd.log
# Allow up- and downloads to be continued
AllowRetrieveRestart On
AllowStoreRestart On
<IfModule mod_quotatab.c>
QuotaEngine on
</IfModule>
<IfModule mod_ratio.c>
Ratios off
</IfModule>
# Delay engine reduces impact of the so-called Timing Attack described in
# http://security.lss.hr/index.php?page=details&ID=LSS-2004-10-02
# It is on by default.
<IfModule mod_delay.c>
DelayEngine off
</IfModule>
<IfModule mod_ctrls.c>
ControlsEngine off
ControlsMaxClients 2
ControlsLog /var/log/proftpd/controls.log
ControlsInterval 5
ControlsSocket /var/run/proftpd/proftpd.sock
</IfModule>
<IfModule mod_ctrls_admin.c>
AdminControlsEngine off
</IfModule>
#
# Alternative authentication frameworks
#
#Include /etc/proftpd/ldap.conf
Include /etc/proftpd/sql.conf
#
# This is used for FTPS connections
#
#Include /etc/proftpd/tls.conf

37
templates/misc/configfiles/ubuntu_trusty/proftpd/etc_proftpd_sql.conf Normal file
View File

@@ -0,0 +1,37 @@
<IfModule mod_sql.c>
DefaultRoot ~
RequireValidShell off
AuthOrder mod_sql.c
SQLBackend mysql
SQLEngine on
SQLAuthenticate on
SQLAuthTypes Crypt
SQLAuthenticate users* groups*
SQLConnectInfo <SQL_DB>@<SQL_HOST> <SQL_UNPRIVILEGED_USER> <SQL_UNPRIVILEGED_PASSWORD>
SQLUserInfo ftp_users username password uid gid homedir shell
SQLGroupInfo ftp_groups groupname gid members
SQLUserWhereClause "login_enabled = 'y'"
SQLLog PASS login
SQLNamedQuery login UPDATE "last_login=now(), login_count=login_count+1 WHERE username='%u'" ftp_users
SQLLog RETR download
SQLNamedQuery download UPDATE "down_count=down_count+1, down_bytes=down_bytes+%b WHERE username='%u'" ftp_users
SQLLog STOR upload
SQLNamedQuery upload UPDATE "up_count=up_count+1, up_bytes=up_bytes+%b WHERE username='%u'" ftp_users
QuotaEngine on
QuotaShowQuotas on
QuotaDisplayUnits Mb
QuotaLock /var/lock/ftpd.quotatab.lock
QuotaLimitTable sql:/get-quota-limit
QuotaTallyTable sql:/get-quota-tally/update-quota-tally/insert-quota-tally
SQLNamedQuery get-quota-limit SELECT "ftp_users.username AS name, ftp_quotalimits.quota_type, ftp_quotalimits.per_session, ftp_quotalimits.limit_type, panel_customers.diskspace*1024 AS bytes_in_avail, ftp_quotalimits.bytes_out_avail, ftp_quotalimits.bytes_xfer_avail, ftp_quotalimits.files_in_avail, ftp_quotalimits.files_out_avail, ftp_quotalimits.files_xfer_avail FROM ftp_users, ftp_quotalimits, panel_customers WHERE ftp_users.username = '%{0}' AND panel_customers.loginname = SUBSTRING_INDEX('%{0}', 'ftp', 1) AND quota_type ='%{1}'"
SQLNamedQuery get-quota-tally SELECT "name, quota_type, bytes_in_used,bytes_out_used, bytes_xfer_used, files_in_used, files_out_used,files_xfer_used FROM ftp_quotatallies WHERE name = '%{0}' AND quota_type = '%{1}'"
SQLNamedQuery update-quota-tally UPDATE "bytes_in_used = bytes_in_used + %{0}, bytes_out_used = bytes_out_used + %{1}, bytes_xfer_used = bytes_xfer_used + %{2}, files_in_used = files_in_used + %{3}, files_out_used= files_out_used + %{4}, files_xfer_used = files_xfer_used + %{5} WHERE name= '%{6}' AND quota_type = '%{7}'" ftp_quotatallies
SQLNamedQuery insert-quota-tally INSERT "%{0}, %{1}, %{2}, %{3}, %{4},%{5}, %{6}, %{7}" ftp_quotatallies
</IfModule>

5
templates/misc/configfiles/ubuntu_trusty/pure-ftpd/etc_default_pure-ftpd-common Normal file
View File

@@ -0,0 +1,5 @@
STANDALONE_OR_INETD=standalone
VIRTUALCHROOT=false
UPLOADSCRIPT=
UPLOADUID=
UPLOADGID=

1
templates/misc/configfiles/ubuntu_trusty/pure-ftpd/etc_pure-ftpd_conf_Bind Normal file
View File

@@ -0,0 +1 @@
21

1
templates/misc/configfiles/ubuntu_trusty/pure-ftpd/etc_pure-ftpd_conf_ChrootEveryone Normal file
View File

@@ -0,0 +1 @@
yes

1
templates/misc/configfiles/ubuntu_trusty/pure-ftpd/etc_pure-ftpd_conf_CustomerProof Normal file
View File

@@ -0,0 +1 @@
1

1
templates/misc/configfiles/ubuntu_trusty/pure-ftpd/etc_pure-ftpd_conf_MaxIdleTime Normal file
View File

@@ -0,0 +1 @@
15

1
templates/misc/configfiles/ubuntu_trusty/pure-ftpd/etc_pure-ftpd_conf_MinUID Normal file
View File

@@ -0,0 +1 @@
1000

1
templates/misc/configfiles/ubuntu_trusty/pure-ftpd/etc_pure-ftpd_conf_MySQLConfigFile Normal file
View File

@@ -0,0 +1 @@
/etc/pure-ftpd/db/mysql.conf

1
templates/misc/configfiles/ubuntu_trusty/pure-ftpd/etc_pure-ftpd_conf_NoAnonymous Normal file
View File

@@ -0,0 +1 @@
yes

1
templates/misc/configfiles/ubuntu_trusty/pure-ftpd/etc_pure-ftpd_conf_PAMAuthentication Normal file
View File

@@ -0,0 +1 @@
no

11
templates/misc/configfiles/ubuntu_trusty/pure-ftpd/etc_pure-ftpd_db_mysql.conf Normal file
View File

@@ -0,0 +1,11 @@
MYSQLServer <SQL_HOST>
MYSQLUser <SQL_UNPRIVILEGED_USER>
MYSQLPassword <SQL_UNPRIVILEGED_PASSWORD>
MYSQLDatabase <SQL_DB>
MYSQLCrypt any
MYSQLGetPW SELECT password FROM ftp_users WHERE username="\L" AND login_enabled="y"
MYSQLGetUID SELECT uid FROM ftp_users WHERE username="\L" AND login_enabled="y"
MYSQLGetGID SELECT gid FROM ftp_users WHERE username="\L" AND login_enabled="y"
MYSQLGetDir SELECT homedir FROM ftp_users WHERE username="\L" AND login_enabled="y"
MySQLGetQTASZ SELECT panel_customers.diskspace/1024 AS QuotaSize FROM panel_customers, ftp_users WHERE username = "\L" AND panel_customers.loginname = SUBSTRING_INDEX('\L', 'ftp', 1)