gitlabFork/ISPConfig3.git - Solinfo Gitblit

Changed owner of ispconfig server files from ispconfig to root user.

Till Brehm

2014-08-13 3e0fc8674ab8d1106d324eab809b49e420481e54

commit \| author \| age
32d8e9	1	<?php
T	2
	3	/*
	4	Copyright (c) 2007, Till Brehm, projektfarm Gmbh
	5	All rights reserved.
	6
	7	Redistribution and use in source and binary forms, with or without modification,
	8	are permitted provided that the following conditions are met:
	9
	10	* Redistributions of source code must retain the above copyright notice,
	11	this list of conditions and the following disclaimer.
	12	* Redistributions in binary form must reproduce the above copyright notice,
	13	this list of conditions and the following disclaimer in the documentation
	14	and/or other materials provided with the distribution.
	15	* Neither the name of ISPConfig nor the names of its contributors
	16	may be used to endorse or promote products derived from this software without
	17	specific prior written permission.
	18
	19	THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
	20	ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
	21	WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
	22	IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
	23	INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
	24	BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
	25	DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
	26	OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
	27	NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
	28	EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
	29	*/
	30
	31	class installer_dist extends installer_base {
60b700	32
MC	33	public function __construct() {
	34	//** check apache modules */
	35	$mods = getapachemodules();
	36	if(in_array('authz_compat', $mods, true)) {
	37	swriteln($inst->lng(' WARNING! You are using mod_authz_compat.'));
	38	swriteln($inst->lng(' Please make sure that your apache config uses the new auth syntax:'));
	39	swriteln($inst->lng(' <Directory />'));
	40	swriteln($inst->lng(' Options None'));
	41	swriteln($inst->lng(' AllowOverride None'));
	42	swriteln($inst->lng(' Require all denied'));
	43	swriteln($inst->lng(' </Directory>'."\n"));
	44
	45	swriteln($inst->lng(' If it uses the old syntax (deny from all) ISPConfig would fail to work.'));
	46	}
	47	}
	48
526b99	49	public function configure_mailman($status = 'insert') {
T	50	global $conf;
	51
	52	$config_dir = $conf['mailman']['config_dir'].'/';
	53	$full_file_name = $config_dir.'mm_cfg.py';
	54	//* Backup exiting file
	55	if(is_file($full_file_name)) {
	56	copy($full_file_name, $config_dir.'mm_cfg.py~');
	57	}
	58
	59	// load files
615a0a	60	$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/mm_cfg.py.master', 'tpl/mm_cfg.py.master');
526b99	61	$old_file = rf($full_file_name);
T	62
	63	$old_options = array();
	64	$lines = explode("\n", $old_file);
	65	foreach ($lines as $line)
	66	{
	67	if (trim($line) != '' && substr($line, 0, 1) != '#')
	68	{
	69	@list($key, $value) = @explode("=", $line);
	70	if (!empty($value))
	71	{
	72	$key = rtrim($key);
	73	$old_options[$key] = trim($value);
	74	}
	75	}
	76	}
7fe908	77
526b99	78	if(!is_file('/var/lib/mailman/data/transport-mailman')) touch('/var/lib/mailman/data/transport-mailman');
T	79	exec('/usr/sbin/postmap /var/lib/mailman/data/transport-mailman');
	80
	81	$virtual_domains = '';
	82	if($status == 'update')
	83	{
	84	// create virtual_domains list
	85	$domainAll = $this->db->queryAllRecords("SELECT domain FROM mail_mailinglist GROUP BY domain");
	86
	87	if(is_array($domainAll)) {
7fe908	88	foreach($domainAll as $domain)
MC	89	{
	90	if ($domainAll[0]['domain'] == $domain['domain'])
	91	$virtual_domains .= "'".$domain['domain']."'";
	92	else
	93	$virtual_domains .= ", '".$domain['domain']."'";
	94	}
526b99	95	}
T	96	}
	97	else
	98	$virtual_domains = "' '";
	99
	100	$content = str_replace('{hostname}', $conf['hostname'], $content);
	101	if(!isset($old_options['DEFAULT_SERVER_LANGUAGE'])) $old_options['DEFAULT_SERVER_LANGUAGE'] = '';
	102	$content = str_replace('{default_language}', $old_options['DEFAULT_SERVER_LANGUAGE'], $content);
	103	$content = str_replace('{virtual_domains}', $virtual_domains, $content);
	104
	105	wf($full_file_name, $content);
7fe908	106
3f478f	107	//* Write virtual_to_transport.sh script
T	108	$config_dir = $conf['mailman']['config_dir'].'/';
	109	$full_file_name = $config_dir.'virtual_to_transport.sh';
7fe908	110
3f478f	111	//* Backup exiting virtual_to_transport.sh script
T	112	if(is_file($full_file_name)) {
	113	copy($full_file_name, $config_dir.'virtual_to_transport.sh~');
	114	}
7fe908	115
3f478f	116	if(is_dir('/etc/mailman')) {
615a0a	117	if(is_file($conf['ispconfig_install_dir'].'/server/conf-custom/install/mailman-virtual_to_transport.sh')) {
7fe908	118	copy($conf['ispconfig_install_dir'].'/server/conf-custom/install/mailman-virtual_to_transport.sh', $full_file_name);
MC	119	} else {
	120	copy('tpl/mailman-virtual_to_transport.sh', $full_file_name);
	121	}
	122	chgrp($full_file_name, 'mailman');
	123	chmod($full_file_name, 0750);
3f478f	124	}
7fe908	125
3f478f	126	//* Create aliasaes
T	127	exec('/usr/lib/mailman/bin/genaliases 2>/dev/null');
c71d48	128	if(is_file('/var/lib/mailman/data/virtual-mailman')) exec('postmap /var/lib/mailman/data/virtual-mailman');
526b99	129	}
7fe908	130
32d8e9	131	function configure_postfix($options = '')
7fe908	132	{
MC	133	global $conf;
32d8e9	134	$cf = $conf['postfix'];
T	135	$config_dir = $cf['config_dir'];
7fe908	136
32d8e9	137	if(!is_dir($config_dir)){
7fe908	138	$this->error("The postfix configuration directory '$config_dir' does not exist.");
MC	139	}
	140
32d8e9	141	//* mysql-virtual_domains.cf
7fe908	142	$this->process_postfix_config('mysql-virtual_domains.cf');
32d8e9	143
T	144	//* mysql-virtual_forwardings.cf
7fe908	145	$this->process_postfix_config('mysql-virtual_forwardings.cf');
32d8e9	146
T	147	//* mysql-virtual_mailboxes.cf
7fe908	148	$this->process_postfix_config('mysql-virtual_mailboxes.cf');
32d8e9	149
T	150	//* mysql-virtual_email2email.cf
7fe908	151	$this->process_postfix_config('mysql-virtual_email2email.cf');
32d8e9	152
T	153	//* mysql-virtual_transports.cf
7fe908	154	$this->process_postfix_config('mysql-virtual_transports.cf');
32d8e9	155
T	156	//* mysql-virtual_recipient.cf
7fe908	157	$this->process_postfix_config('mysql-virtual_recipient.cf');
32d8e9	158
T	159	//* mysql-virtual_sender.cf
7fe908	160	$this->process_postfix_config('mysql-virtual_sender.cf');
32d8e9	161
T	162	//* mysql-virtual_client.cf
7fe908	163	$this->process_postfix_config('mysql-virtual_client.cf');
MC	164
32d8e9	165	//* mysql-virtual_relaydomains.cf
7fe908	166	$this->process_postfix_config('mysql-virtual_relaydomains.cf');
MC	167
429dcf	168	//* mysql-virtual_relayrecipientmaps.cf
7fe908	169	$this->process_postfix_config('mysql-virtual_relayrecipientmaps.cf');
32d8e9	170
T	171	//* Changing mode and group of the new created config files.
	172	caselog('chmod o= '.$config_dir.'/mysql-virtual_.cf &> /dev/null',
7fe908	173	__FILE__, __LINE__, 'chmod on mysql-virtual_.cf', 'chmod on mysql-virtual_.cf failed');
MC	174	caselog('chgrp '.$cf['group'].' '.$config_dir.'/mysql-virtual_.cf &> /dev/null',
	175	__FILE__, __LINE__, 'chgrp on mysql-virtual_.cf', 'chgrp on mysql-virtual_.cf failed');
	176
1ca823	177	if(!is_dir($cf['vmail_mailbox_base'])) mkdir($cf['vmail_mailbox_base']);
7fe908	178
32d8e9	179	//* Creating virtual mail user and group
fdb514	180	if(is_group($cf['vmail_groupname'])) {
T	181	$command = 'groupmod -g '.$cf['vmail_groupid'].' '.$cf['vmail_groupname'];
	182	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
	183	} else {
	184	$command = 'groupadd -g '.$cf['vmail_groupid'].' '.$cf['vmail_groupname'];
	185	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
	186	}
7fe908	187
fdb514	188	if(is_user($cf['vmail_username'])) {
T	189	$command = 'usermod -g '.$cf['vmail_groupname'].' -u '.$cf['vmail_userid'].' -d '.$cf['vmail_mailbox_base'].' -s /bin/bash '.$cf['vmail_username'];
	190	caselog("$command &> /dev/null", __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
	191	} else {
	192	$command = 'useradd -g '.$cf['vmail_groupname'].' -u '.$cf['vmail_userid'].' '.$cf['vmail_username'].' -d '.$cf['vmail_mailbox_base'].' -m';
	193	caselog("$command &> /dev/null", __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
8f898a	194	}
7fe908	195
d2e848	196	if($cf['vmail_mailbox_base'] != '' && strlen($cf['vmail_mailbox_base']) >= 10 && $this->is_update === false) exec('chown -R '.$cf['vmail_username'].':'.$cf['vmail_groupname'].' '.$cf['vmail_mailbox_base']);
7fe908	197
b67344	198	//* These postconf commands will be executed on installation and update
7b47c0	199	$server_ini_rec = $this->db->queryOneRecord("SELECT config FROM server WHERE server_id = ".$conf['server_id']);
T	200	$server_ini_array = ini_to_array(stripslashes($server_ini_rec['config']));
	201	unset($server_ini_rec);
	202
	203	//* If there are RBL's defined, format the list and add them to smtp_recipient_restrictions to prevent removeal after an update
	204	$rbl_list = '';
	205	if (@isset($server_ini_array['mail']['realtime_blackhole_list']) && $server_ini_array['mail']['realtime_blackhole_list'] != '') {
7fe908	206	$rbl_hosts = explode(",", str_replace(" ", "", $server_ini_array['mail']['realtime_blackhole_list']));
7b47c0	207	foreach ($rbl_hosts as $key => $value) {
T	208	$rbl_list .= ", reject_rbl_client ". $value;
	209	}
	210	}
	211	unset($rbl_hosts);
	212	unset($server_ini_array);
7fe908	213
7b47c0	214	//* These postconf commands will be executed on installation and update
7fe908	215	$postconf_placeholders = array('{config_dir}' => $config_dir,
MC	216	'{vmail_mailbox_base}' => $cf['vmail_mailbox_base'],
	217	'{vmail_userid}' => $cf['vmail_userid'],
	218	'{vmail_groupid}' => $cf['vmail_groupid'],
	219	'{rbl_list}' => $rbl_list);
	220
	221	$postconf_tpl = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/opensuse_postfix.conf.master', 'tpl/opensuse_postfix.conf.master');
	222	$postconf_tpl = strtr($postconf_tpl, $postconf_placeholders);
	223	$postconf_commands = array_filter(explode("\n", $postconf_tpl)); // read and remove empty lines
	224
b67344	225	//* These postconf commands will be executed on installation only
T	226	if($this->is_update == false) {
7fe908	227	$postconf_commands = array_merge($postconf_commands, array(
MC	228	'myhostname = '.$conf['hostname'],
	229	'mydestination = '.$conf['hostname'].', localhost, localhost.localdomain',
	230	'mynetworks = 127.0.0.0/8 [::1]/128'
	231	));
b67344	232	}
7fe908	233
32d8e9	234	//* Create the header and body check files
T	235	touch($config_dir.'/header_checks');
	236	touch($config_dir.'/mime_header_checks');
	237	touch($config_dir.'/nested_header_checks');
	238	touch($config_dir.'/body_checks');
7fe908	239
3f478f	240	//* Create the mailman files
T	241	if(!is_dir('/var/lib/mailman/data')) exec('mkdir -p /var/lib/mailman/data');
	242	if(!is_file('/var/lib/mailman/data/aliases')) touch('/var/lib/mailman/data/aliases');
	243	exec('postalias /var/lib/mailman/data/aliases');
	244	if(!is_file('/var/lib/mailman/data/virtual-mailman')) touch('/var/lib/mailman/data/virtual-mailman');
	245	exec('postmap /var/lib/mailman/data/virtual-mailman');
	246	if(!is_file('/var/lib/mailman/data/transport-mailman')) touch('/var/lib/mailman/data/transport-mailman');
	247	exec('/usr/sbin/postmap /var/lib/mailman/data/transport-mailman');
7fe908	248
32d8e9	249	//* Make a backup copy of the main.cf file
T	250	copy($config_dir.'/main.cf', $config_dir.'/main.cf~');
7fe908	251
32d8e9	252	//* Executing the postconf commands
T	253	foreach($postconf_commands as $cmd) {
	254	$command = "postconf -e '$cmd'";
	255	caselog($command." &> /dev/null", __FILE__, __LINE__, 'EXECUTED: '.$command, 'Failed to execute the command '.$command);
	256	}
7fe908	257
MC	258	if(!stristr($options, 'dont-create-certs')) {
32d8e9	259	//* Create the SSL certificate
b04e82	260	if(AUTOINSTALL){
TB	261	$command = 'cd '.$config_dir.'; '
	262	."openssl req -new -subj '/C=".escapeshellcmd($autoinstall['ssl_cert_country'])."/ST=".escapeshellcmd($autoinstall['ssl_cert_state'])."/L=".escapeshellcmd($autoinstall['ssl_cert_locality'])."/O=".escapeshellcmd($autoinstall['ssl_cert_organisation'])."/OU=".escapeshellcmd($autoinstall['ssl_cert_organisation_unit'])."/CN=".escapeshellcmd($autoinstall['ssl_cert_common_name'])."' -outform PEM -out smtpd.cert -newkey rsa:4096 -nodes -keyout smtpd.key -keyform PEM -days 3650 -x509";
	263	} else {
	264	$command = 'cd '.$config_dir.'; '
	265	.'openssl req -new -outform PEM -out smtpd.cert -newkey rsa:4096 -nodes -keyout smtpd.key -keyform PEM -days 3650 -x509';
	266	}
7fe908	267
32d8e9	268	$command = 'chmod o= '.$config_dir.'/smtpd.key';
T	269	caselog($command.' &> /dev/null', __FILE__, __LINE__, 'EXECUTED: '.$command, 'Failed to execute the command '.$command);
	270	}
7fe908	271
32d8e9	272	//** We have to change the permissions of the courier authdaemon directory to make it accessible for maildrop.
T	273	$command = 'chmod 755 /var/run/authdaemon.courier-imap';
	274	caselog($command.' &> /dev/null', __FILE__, __LINE__, 'EXECUTED: '.$command, 'Failed to execute the command '.$command);
7fe908	275
32d8e9	276	//* Changing maildrop lines in posfix master.cf
T	277	if(is_file($config_dir.'/master.cf')){
7fe908	278	copy($config_dir.'/master.cf', $config_dir.'/master.cf~');
MC	279	}
32d8e9	280	if(is_file($config_dir.'/master.cf~')){
7fe908	281	exec('chmod 400 '.$config_dir.'/master.cf~');
MC	282	}
32d8e9	283	$configfile = $config_dir.'/master.cf';
T	284	$content = rf($configfile);
7fe908	285
MC	286	$content = str_replace(' flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient}',
	287	' flags=DRhu user='.$cf['vmail_username'].' argv=/usr/bin/maildrop -d ${recipient} ${extension} ${recipient} ${user} ${nexthop} ${sender}',
	288	$content);
	289
	290	$content = str_replace(' flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient}',
	291	' flags=DRhu user='.$cf['vmail_username'].' argv=/usr/bin/maildrop -d ${recipient} ${extension} ${recipient} ${user} ${nexthop} ${sender}',
	292	$content);
	293
fdb514	294	// enable tlsmanager
7fe908	295	$content = str_replace('#tlsmgr unix - - n 1000? 1 tlsmgr', 'tlsmgr unix - - n 1000? 1 tlsmgr', $content);
MC	296
32d8e9	297	wf($configfile, $content);
7fe908	298
32d8e9	299	//* Writing the Maildrop mailfilter file
T	300	$configfile = 'mailfilter';
	301	if(is_file($cf['vmail_mailbox_base'].'/.'.$configfile)){
7fe908	302	copy($cf['vmail_mailbox_base'].'/.'.$configfile, $cf['vmail_mailbox_base'].'/.'.$configfile.'~');
MC	303	}
615a0a	304	$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/'.$configfile.'.master', "tpl/$configfile.master");
32d8e9	305	$content = str_replace('{dist_postfix_vmail_mailbox_base}', $cf['vmail_mailbox_base'], $content);
T	306	wf($cf['vmail_mailbox_base'].'/.'.$configfile, $content);
7fe908	307
32d8e9	308	//* Create the directory for the custom mailfilters
T	309	$command = 'mkdir '.$cf['vmail_mailbox_base'].'/mailfilters';
	310	caselog($command." &> /dev/null", __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
7fe908	311
32d8e9	312	//* Chmod and chown the .mailfilter file
T	313	$command = 'chown -R '.$cf['vmail_username'].':'.$cf['vmail_groupname'].' '.$cf['vmail_mailbox_base'].'/.mailfilter';
	314	caselog($command." &> /dev/null", __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
7fe908	315
32d8e9	316	$command = 'chmod -R 600 '.$cf['vmail_mailbox_base'].'/.mailfilter';
T	317	caselog($command." &> /dev/null", __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
7fe908	318
32d8e9	319	}
7fe908	320
32d8e9	321	public function configure_saslauthd() {
T	322	global $conf;
7fe908	323
32d8e9	324	/*
T	325	$configfile = 'sasl_smtpd.conf';
	326	if(is_file('/etc/sasl2/smtpd.conf')) copy('/etc/sasl2/smtpd.conf','/etc/sasl2/smtpd.conf~');
	327	if(is_file('/etc/sasl2/smtpd.conf~')) exec('chmod 400 '.'/etc/sasl2/smtpd.conf~');
	328	$content = rf("tpl/".$configfile.".master");
	329	$content = str_replace('{mysql_server_ispconfig_user}',$conf['mysql']['ispconfig_user'],$content);
	330	$content = str_replace('{mysql_server_ispconfig_password}',$conf['mysql']['ispconfig_password'], $content);
	331	$content = str_replace('{mysql_server_database}',$conf['mysql']['database'],$content);
	332	$content = str_replace('{mysql_server_ip}',$conf['mysql']['ip'],$content);
	333	wf('/etc/sasl2/smtpd.conf',$content);
	334	*/
7fe908	335
32d8e9	336	// TODO: Chmod and chown on the config file
7fe908	337
MC	338
32d8e9	339	/*
T	340	// Create the spool directory
	341	exec('mkdir -p /var/spool/postfix/var/run/saslauthd');
7fe908	342
32d8e9	343	// Edit the file /etc/default/saslauthd
T	344	$configfile = $conf["saslauthd"]["config"];
	345	if(is_file($configfile)) copy($configfile,$configfile.'~');
	346	if(is_file($configfile.'~')) exec('chmod 400 '.$configfile.'~');
	347	$content = rf($configfile);
	348	$content = str_replace('START=no','START=yes',$content);
	349	$content = str_replace('OPTIONS="-c"','OPTIONS="-m /var/spool/postfix/var/run/saslauthd -r"',$content);
	350	wf($configfile,$content);
	351	*/
7fe908	352
32d8e9	353	// Edit the file /etc/init.d/saslauthd
T	354	$configfile = $conf["init_scripts"].'/'.$conf["saslauthd"]["init_script"];
	355	$content = rf($configfile);
7fe908	356	$content = str_replace('/sbin/startproc $AUTHD_BIN -a $SASLAUTHD_AUTHMECH -n $SASLAUTHD_THREADS > /dev/null 2>&1', '/sbin/startproc $AUTHD_BIN -r -a $SASLAUTHD_AUTHMECH -n $SASLAUTHD_THREADS > /dev/null 2>&1', $content);
MC	357	$content = str_replace('/sbin/startproc $AUTHD_BIN $SASLAUTHD_PARAMS -a $SASLAUTHD_AUTHMECH -n $SASLAUTHD_THREADS > /dev/null 2>&1', '/sbin/startproc $AUTHD_BIN $SASLAUTHD_PARAMS -r -a $SASLAUTHD_AUTHMECH -n $SASLAUTHD_THREADS > /dev/null 2>&1', $content);
	358
	359
	360	if(is_file($configfile)) wf($configfile, $content);
	361
	362
	363
32d8e9	364	}
7fe908	365
32d8e9	366	public function configure_pam()
7fe908	367	{
32d8e9	368	global $conf;
T	369	$pam = $conf['pam'];
	370	//* configure pam for SMTP authentication agains the ispconfig database
	371	$configfile = 'pamd_smtp';
	372	if(is_file("$pam/smtp")) copy("$pam/smtp", "$pam/smtp~");
	373	if(is_file("$pam/smtp~")) exec("chmod 400 $pam/smtp~");
	374
615a0a	375	$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/'.$configfile.'.master', "tpl/$configfile.master");
32d8e9	376	$content = str_replace('{mysql_server_ispconfig_user}', $conf['mysql']['ispconfig_user'], $content);
T	377	$content = str_replace('{mysql_server_ispconfig_password}', $conf['mysql']['ispconfig_password'], $content);
	378	$content = str_replace('{mysql_server_database}', $conf['mysql']['database'], $content);
	379	$content = str_replace('{mysql_server_ip}', $conf['mysql']['ip'], $content);
	380	wf("$pam/smtp", $content);
03bff7	381	// On some OSes smtp is world readable which allows for reading database information. Removing world readable rights should have no effect.
T	382	if(is_file("$pam/smtp")) exec("chmod o= $pam/smtp");
32d8e9	383	//exec("chmod 660 $pam/smtp");
T	384	//exec("chown root:root $pam/smtp");
7fe908	385
32d8e9	386	}
7fe908	387
32d8e9	388	public function configure_courier()
7fe908	389	{
32d8e9	390	global $conf;
T	391	$config_dir = $conf['courier']['config_dir'];
	392	//* authmysqlrc
	393	$configfile = 'authmysqlrc';
	394	if(is_file("$config_dir/$configfile")){
7fe908	395	copy("$config_dir/$configfile", "$config_dir/$configfile~");
MC	396	}
32d8e9	397	exec("chmod 400 $config_dir/$configfile~");
615a0a	398	$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/'.$configfile.'.master', "tpl/$configfile.master");
7fe908	399	$content = str_replace('{mysql_server_ispconfig_user}', $conf['mysql']['ispconfig_user'], $content);
MC	400	$content = str_replace('{mysql_server_ispconfig_password}', $conf['mysql']['ispconfig_password'], $content);
	401	$content = str_replace('{mysql_server_database}', $conf['mysql']['database'], $content);
	402	$content = str_replace('{mysql_server_host}', $conf['mysql']['host'], $content);
32d8e9	403	wf("$config_dir/$configfile", $content);
7fe908	404
32d8e9	405	exec("chmod 660 $config_dir/$configfile");
T	406	exec("chown root:root $config_dir/$configfile");
7fe908	407
32d8e9	408	//* authdaemonrc
T	409	$configfile = $conf['courier']['config_dir'].'/authdaemonrc';
	410	if(is_file($configfile)){
7fe908	411	copy($configfile, $configfile.'~');
MC	412	}
32d8e9	413	if(is_file($configfile.'~')){
7fe908	414	exec('chmod 400 '.$configfile.'~');
MC	415	}
32d8e9	416	$content = rf($configfile);
T	417	$content = str_replace('authmodulelist=', 'authmodulelist="authmysql"', $content);
	418	wf($configfile, $content);
	419	}
7fe908	420
fdb514	421	public function configure_dovecot()
7fe908	422	{
fdb514	423	global $conf;
7fe908	424
fdb514	425	$config_dir = $conf['dovecot']['config_dir'];
7fe908	426
fdb514	427	//* Configure master.cf and add a line for deliver
T	428	if(is_file($config_dir.'/master.cf')){
7fe908	429	copy($config_dir.'/master.cf', $config_dir.'/master.cf~2');
MC	430	}
fdb514	431	if(is_file($config_dir.'/master.cf~')){
7fe908	432	exec('chmod 400 '.$config_dir.'/master.cf~2');
MC	433	}
fdb514	434	$content = rf($conf["postfix"]["config_dir"].'/master.cf');
T	435	// Only add the content if we had not addded it before
7fe908	436	if(!stristr($content, "dovecot/deliver")) {
013ae4	437	$deliver_content = 'dovecot unix - n n - - pipe'."\n".' flags=DROhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -f ${sender} -d ${user}@${nexthop}';
7fe908	438	af($conf["postfix"]["config_dir"].'/master.cf', $deliver_content);
fdb514	439	}
T	440	unset($content);
	441	unset($deliver_content);
7fe908	442
MC	443
fdb514	444	//* Reconfigure postfix to use dovecot authentication
T	445	// Adding the amavisd commands to the postfix configuration
	446	$postconf_commands = array (
	447	'dovecot_destination_recipient_limit = 1',
	448	'virtual_transport = dovecot',
	449	'smtpd_sasl_type = dovecot',
	450	'smtpd_sasl_path = private/auth',
	451	);
7fe908	452
fdb514	453	// Make a backup copy of the main.cf file
7fe908	454	copy($conf["postfix"]["config_dir"].'/main.cf', $conf["postfix"]["config_dir"].'/main.cf~3');
MC	455
fdb514	456	// Executing the postconf commands
T	457	foreach($postconf_commands as $cmd) {
	458	$command = "postconf -e '$cmd'";
	459	caselog($command." &> /dev/null", __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
	460	}
7fe908	461
31e0d1	462	//* backup dovecot.conf
fdb514	463	$configfile = 'dovecot.conf';
T	464	if(is_file("$config_dir/$configfile")){
7fe908	465	copy("$config_dir/$configfile", "$config_dir/$configfile~");
MC	466	}
	467
31e0d1	468	//* Get the dovecot version
7fe908	469	exec('dovecot --version', $tmp);
MC	470	$parts = explode('.', trim($tmp[0]));
31e0d1	471	$dovecot_version = $parts[0];
T	472	unset($tmp);
	473	unset($parts);
7fe908	474
31e0d1	475	//* Copy dovecot configuration file
T	476	if($dovecot_version == 2) {
7fe908	477	if(is_file($conf['ispconfig_install_dir'].'/server/conf-custom/install/opensuse_dovecot2.conf.master')) {
MC	478	copy($conf['ispconfig_install_dir'].'/server/conf-custom/install/opensuse_dovecot2.conf.master', $config_dir.'/'.$configfile);
	479	} else {
	480	copy('tpl/opensuse_dovecot2.conf.master', $config_dir.'/'.$configfile);
	481	}
31e0d1	482	} else {
7fe908	483	if(is_file($conf['ispconfig_install_dir'].'/server/conf-custom/install/opensuse_dovecot.conf.master')) {
MC	484	copy($conf['ispconfig_install_dir'].'/server/conf-custom/install/opensuse_dovecot.conf.master', $config_dir.'/'.$configfile);
	485	} else {
	486	copy('tpl/opensuse_dovecot.conf.master', $config_dir.'/'.$configfile);
	487	}
31e0d1	488	}
7fe908	489
fdb514	490	//* dovecot-sql.conf
T	491	$configfile = 'dovecot-sql.conf';
	492	if(is_file("$config_dir/$configfile")){
7fe908	493	copy("$config_dir/$configfile", "$config_dir/$configfile~");
b67344	494	exec("chmod 400 $config_dir/$configfile~");
7fe908	495	}
MC	496
615a0a	497	$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/opensuse_dovecot-sql.conf.master', "tpl/opensuse_dovecot-sql.conf.master");
7fe908	498	$content = str_replace('{mysql_server_ispconfig_user}', $conf['mysql']['ispconfig_user'], $content);
MC	499	$content = str_replace('{mysql_server_ispconfig_password}', $conf['mysql']['ispconfig_password'], $content);
	500	$content = str_replace('{mysql_server_database}', $conf['mysql']['database'], $content);
	501	$content = str_replace('{mysql_server_host}', $conf['mysql']['host'], $content);
032b86	502	$content = str_replace('{server_id}', $conf['server_id'], $content);
fdb514	503	wf("$config_dir/$configfile", $content);
7fe908	504
fdb514	505	exec("chmod 600 $config_dir/$configfile");
T	506	exec("chown root:root $config_dir/$configfile");
5e7306	507
TB	508	// Dovecot shall ignore mounts in website directory
f9d95c	509	if(is_installed('doveadm')) exec("doveadm mount add '/srv/www/*' ignore > /dev/null 2> /dev/null");
fdb514	510
T	511	}
7fe908	512
32d8e9	513	public function configure_amavis() {
T	514	global $conf;
7fe908	515
32d8e9	516	// amavisd user config file
T	517	$configfile = 'opensuse_amavisd_conf';
7fe908	518	if(is_file($conf["amavis"]["config_dir"].'/amavisd.conf')) @copy($conf["amavis"]["config_dir"].'/amavisd.conf', $conf["amavis"]["config_dir"].'/amavisd.conf~');
32d8e9	519	if(is_file($conf["amavis"]["config_dir"].'/amavisd.conf~')) exec('chmod 400 '.$conf["amavis"]["config_dir"].'/amavisd.conf~');
615a0a	520	$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/'.$configfile.'.master', "tpl/".$configfile.".master");
7fe908	521	$content = str_replace('{mysql_server_ispconfig_user}', $conf['mysql']['ispconfig_user'], $content);
MC	522	$content = str_replace('{mysql_server_ispconfig_password}', $conf['mysql']['ispconfig_password'], $content);
	523	$content = str_replace('{mysql_server_database}', $conf['mysql']['database'], $content);
	524	$content = str_replace('{mysql_server_port}', $conf["mysql"]["port"], $content);
	525	$content = str_replace('{mysql_server_ip}', $conf['mysql']['ip'], $content);
	526	wf($conf["amavis"]["config_dir"].'/amavisd.conf', $content);
	527
	528
32d8e9	529	// Adding the amavisd commands to the postfix configuration
T	530	$postconf_commands = array (
	531	'content_filter = amavis:[127.0.0.1]:10024',
	532	'receive_override_options = no_address_mappings'
	533	);
7fe908	534
32d8e9	535	// Make a backup copy of the main.cf file
7fe908	536	copy($conf["postfix"]["config_dir"].'/main.cf', $conf["postfix"]["config_dir"].'/main.cf~2');
MC	537
32d8e9	538	// Executing the postconf commands
T	539	foreach($postconf_commands as $cmd) {
	540	$command = "postconf -e '$cmd'";
	541	caselog($command." &> /dev/null", __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
	542	}
7fe908	543
32d8e9	544	// Append the configuration for amavisd to the master.cf file
7fe908	545	if(is_file($conf["postfix"]["config_dir"].'/master.cf')) copy($conf["postfix"]["config_dir"].'/master.cf', $conf["postfix"]["config_dir"].'/master.cf~');
32d8e9	546	$content = rf($conf["postfix"]["config_dir"].'/master.cf');
T	547	// Only add the content if we had not addded it before
7fe908	548	if(!stristr($content, "127.0.0.1:10025")) {
32d8e9	549	unset($content);
615a0a	550	$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/master_cf_amavis.master', "tpl/master_cf_amavis.master");
7fe908	551	af($conf["postfix"]["config_dir"].'/master.cf', $content);
32d8e9	552	}
T	553	unset($content);
7fe908	554
32d8e9	555	// Add the clamav user to the vscan group
5edf40	556	//exec('groupmod --add-user clamav vscan');
TB	557	$command = 'usermod -a -G clamav vscan';
	558	caselog($command." &> /dev/null", __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
7fe908	559
MC	560
32d8e9	561	}
7fe908	562
32d8e9	563	public function configure_spamassassin()
7fe908	564	{
32d8e9	565	global $conf;
7fe908	566
32d8e9	567	//* Enable spamasasssin on debian and ubuntu
T	568	/*
	569	$configfile = '/etc/default/spamassassin';
	570	if(is_file($configfile)){
	571	copy($configfile, $configfile.'~');
	572	}
	573	$content = rf($configfile);
	574	$content = str_replace('ENABLED=0', 'ENABLED=1', $content);
	575	wf($configfile, $content);
	576	*/
	577	}
7fe908	578
32d8e9	579	public function configure_getmail()
7fe908	580	{
32d8e9	581	global $conf;
7fe908	582
32d8e9	583	$config_dir = $conf['getmail']['config_dir'];
7fe908	584
32d8e9	585	if(!is_dir($config_dir)) exec("mkdir -p ".escapeshellcmd($config_dir));
T	586
	587	$command = "useradd -d $config_dir getmail";
	588	if(!is_user('getmail')) caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
7fe908	589
32d8e9	590	$command = "chown -R getmail $config_dir";
T	591	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
7fe908	592
32d8e9	593	$command = "chmod -R 700 $config_dir";
T	594	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
	595	}
7fe908	596
MC	597
32d8e9	598	public function configure_pureftpd()
7fe908	599	{
32d8e9	600	global $conf;
7fe908	601
32d8e9	602	$config_dir = $conf['pureftpd']['config_dir'];
T	603
	604	//* configure pam for SMTP authentication agains the ispconfig database
	605	$configfile = 'db/mysql.conf';
	606	if(is_file("$config_dir/$configfile")){
7fe908	607	copy("$config_dir/$configfile", "$config_dir/$configfile~");
MC	608	}
32d8e9	609	if(is_file("$config_dir/$configfile~")){
7fe908	610	exec("chmod 400 $config_dir/$configfile~");
MC	611	}
615a0a	612	$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/pureftpd_mysql.conf.master', 'tpl/pureftpd_mysql.conf.master');
32d8e9	613	$content = str_replace('{mysql_server_ispconfig_user}', $conf["mysql"]["ispconfig_user"], $content);
T	614	$content = str_replace('{mysql_server_ispconfig_password}', $conf["mysql"]["ispconfig_password"], $content);
	615	$content = str_replace('{mysql_server_database}', $conf["mysql"]["database"], $content);
	616	$content = str_replace('{mysql_server_ip}', $conf["mysql"]["ip"], $content);
	617	$content = str_replace('{server_id}', $conf["server_id"], $content);
	618	wf("$config_dir/$configfile", $content);
	619	exec("chmod 600 $config_dir/$configfile");
	620	exec("chown root:root $config_dir/$configfile");
7fe908	621
32d8e9	622	// copy our customized copy of pureftpd.conf to the pure-ftpd config directory
615a0a	623	if(is_file($conf['ispconfig_install_dir'].'/server/conf-custom/install/opensuse_pureftpd_conf.master')) {
7fe908	624	exec("cp " . $conf['ispconfig_install_dir']."/server/conf-custom/install/opensuse_pureftpd_conf.master $config_dir/pure-ftpd.conf");
MC	625	} else {
	626	exec("cp tpl/opensuse_pureftpd_conf.master $config_dir/pure-ftpd.conf");
	627	}
	628
32d8e9	629	}
7fe908	630
32d8e9	631	public function configure_mydns()
7fe908	632	{
32d8e9	633	global $conf;
7fe908	634
32d8e9	635	// configure pam for SMTP authentication agains the ispconfig database
T	636	$configfile = 'mydns.conf';
7fe908	637	if(is_file($conf["mydns"]["config_dir"].'/'.$configfile)) copy($conf["mydns"]["config_dir"].'/'.$configfile, $conf["mydns"]["config_dir"].'/'.$configfile.'~');
32d8e9	638	if(is_file($conf["mydns"]["config_dir"].'/'.$configfile.'~')) exec('chmod 400 '.$conf["mydns"]["config_dir"].'/'.$configfile.'~');
615a0a	639	$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/'.$configfile.'.master', "tpl/".$configfile.".master");
7fe908	640	$content = str_replace('{mysql_server_ispconfig_user}', $conf['mysql']['ispconfig_user'], $content);
MC	641	$content = str_replace('{mysql_server_ispconfig_password}', $conf['mysql']['ispconfig_password'], $content);
	642	$content = str_replace('{mysql_server_database}', $conf['mysql']['database'], $content);
	643	$content = str_replace('{mysql_server_host}', $conf["mysql"]["host"], $content);
	644	$content = str_replace('{server_id}', $conf["server_id"], $content);
	645	wf($conf["mydns"]["config_dir"].'/'.$configfile, $content);
32d8e9	646	exec('chmod 600 '.$conf["mydns"]["config_dir"].'/'.$configfile);
T	647	exec('chown root:root '.$conf["mydns"]["config_dir"].'/'.$configfile);
7fe908	648
32d8e9	649	}
7fe908	650
32d8e9	651	public function configure_apache()
7fe908	652	{
32d8e9	653	global $conf;
7fe908	654
1bd269	655	if($conf['apache']['installed'] == false) return;
32d8e9	656	//* Create the logging directory for the vhost logfiles
T	657	exec('mkdir -p /var/log/ispconfig/httpd');
7fe908	658
32d8e9	659	//if(is_file('/etc/suphp.conf')) {
7fe908	660	replaceLine('/etc/suphp.conf', 'php=php', 'x-httpd-suphp="php:/srv/www/cgi-bin/php5"', 0, 0);
MC	661	replaceLine('/etc/suphp.conf', 'php="php', 'x-httpd-suphp="php:/srv/www/cgi-bin/php5"', 0, 0);
	662	replaceLine('/etc/suphp.conf', 'docroot=', 'docroot=/srv/www', 0, 0);
	663	replaceLine('/etc/suphp.conf', 'umask=0077', 'umask=0022', 0);
32d8e9	664	//}
7fe908	665
26c0fc	666	if(!file_exists('/srv/www/cgi-bin/php5') && file_exists('/srv/www/cgi-bin/php')) {
7fe908	667	symlink('/srv/www/cgi-bin/php', '/srv/www/cgi-bin/php5');
26c0fc	668	}
7fe908	669
dbe5b0	670	// Sites enabled and available dirs
32d8e9	671	exec('mkdir -p '.$conf['apache']['vhost_conf_enabled_dir']);
T	672	exec('mkdir -p '.$conf['apache']['vhost_conf_dir']);
7fe908	673
32d8e9	674	$content = rf('/etc/apache2/httpd.conf');
7fe908	675	if(!stristr($content, 'Include /etc/apache2/sites-enabled/')) {
5545f1	676	af('/etc/apache2/httpd.conf', "\n<Directory /srv/www>\n Options +FollowSymlinks\n</Directory>\n\nInclude /etc/apache2/sites-enabled/\n\n");
32d8e9	677	}
T	678	unset($content);
7fe908	679
32d8e9	680	//* Copy the ISPConfig configuration include
7fe908	681	$vhost_conf_dir = $conf['apache']['vhost_conf_dir'];
MC	682	$vhost_conf_enabled_dir = $conf['apache']['vhost_conf_enabled_dir'];
	683
ccbf14	684	$tpl = new tpl('apache_ispconfig.conf.master');
TB	685	$tpl->setVar('apache_version',getapacheversion());
	686
a2156e	687	$records = $this->db->queryAllRecords('SELECT * FROM '.$conf['mysql']['master_database'].'.server_ip WHERE server_id = '.$conf['server_id']." AND virtualhost = 'y'");
ccbf14	688	$ip_addresses = array();
TB	689
fb3a98	690	if(is_array($records) && count($records) > 0) {
32d8e9	691	foreach($records as $rec) {
a2156e	692	if($rec['ip_type'] == 'IPv6') {
T	693	$ip_address = '['.$rec['ip_address'].']';
	694	} else {
	695	$ip_address = $rec['ip_address'];
	696	}
7fe908	697	$ports = explode(',', $rec['virtualhost_port']);
a2156e	698	if(is_array($ports)) {
T	699	foreach($ports as $port) {
	700	$port = intval($port);
	701	if($port > 0 && $port < 65536 && $ip_address != '') {
ccbf14	702	$ip_addresses[] = array('ip_address' => $ip_address, 'port' => $port);
a2156e	703	}
T	704	}
	705	}
32d8e9	706	}
T	707	}
855547	708
3de838	709	if(count($ip_addresses) > 0) $tpl->setLoop('ip_adresses',$ip_addresses);
855547	710
ccbf14	711	wf($vhost_conf_dir.'/ispconfig.conf', $tpl->grab());
TB	712	unset($tpl);
7fe908	713
32d8e9	714	if(!@is_link($vhost_conf_enabled_dir."/000-ispconfig.conf")) {
T	715	exec("ln -s ".$vhost_conf_dir."/ispconfig.conf ".$vhost_conf_enabled_dir."/000-ispconfig.conf");
	716	}
7fe908	717
99d5dc	718	//* make sure that webalizer finds its config file when it is directly in /etc
T	719	if(@is_file('/etc/webalizer.conf') && !@is_dir('/etc/webalizer')) {
	720	exec('mkdir /etc/webalizer');
	721	exec('ln -s /etc/webalizer.conf /etc/webalizer/webalizer.conf');
	722	}
7fe908	723
99d5dc	724	if(is_file('/etc/webalizer/webalizer.conf')) {
T	725	// Change webalizer mode to incremental
7fe908	726	replaceLine('/etc/webalizer/webalizer.conf', '#IncrementalName', 'IncrementalName webalizer.current', 0, 0);
MC	727	replaceLine('/etc/webalizer/webalizer.conf', '#Incremental', 'Incremental yes', 0, 0);
	728	replaceLine('/etc/webalizer/webalizer.conf', '#HistoryName', 'HistoryName webalizer.hist', 0, 0);
99d5dc	729	}
7fe908	730
6b029a	731	//* add a sshusers group
T	732	$command = 'groupadd sshusers';
	733	if(!is_group('sshusers')) caselog($command.' &> /dev/null 2> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
7fe908	734
526b99	735	// create PHP-FPM pool dir
T	736	exec('mkdir -p '.$conf['nginx']['php_fpm_pool_dir']);
7fe908	737
526b99	738	$content = rf('/etc/php5/fpm/php-fpm.conf');
T	739	if(stripos($content, 'include=/etc/php5/fpm/pool.d/*.conf') === false){
7fe908	740	af('/etc/php5/fpm/php-fpm.conf', "\ninclude=/etc/php5/fpm/pool.d/*.conf");
526b99	741	}
T	742	unset($content);
	743	if(!@is_file($conf['nginx']['php_fpm_ini_path'])){
	744	if(@is_file('/etc/php5/cli/php.ini')){
	745	exec('cp -f /etc/php5/cli/php.ini '.$conf['nginx']['php_fpm_ini_path']);
	746	} elseif(@is_file('/etc/php5/fastcgi/php.ini')){
	747	exec('cp -f /etc/php5/fastcgi/php.ini '.$conf['nginx']['php_fpm_ini_path']);
	748	} elseif(@is_file('/etc/php5/apache2/php.ini')){
	749	exec('cp -f /etc/php5/apache2/php.ini '.$conf['nginx']['php_fpm_ini_path']);
	750	}
	751	}
7fe908	752
32d8e9	753	}
7fe908	754
2d86e1	755	public function configure_nginx(){
F	756	global $conf;
7fe908	757
2d86e1	758	if($conf['nginx']['installed'] == false) return;
F	759	//* Create the logging directory for the vhost logfiles
	760	if(!@is_dir($conf['ispconfig_log_dir'].'/httpd')) mkdir($conf['ispconfig_log_dir'].'/httpd', 0755, true);
7fe908	761
dbe5b0	762	// Sites enabled and available dirs
2d86e1	763	exec('mkdir -p '.$conf['nginx']['vhost_conf_enabled_dir']);
F	764	exec('mkdir -p '.$conf['nginx']['vhost_conf_dir']);
7fe908	765
dbe5b0	766	$content = rf('/etc/nginx/nginx.conf');
F	767	if(stripos($content, 'include /etc/nginx/sites-enabled/*.vhost;') === false){
	768	$content = trim($content);
7fe908	769	$content = substr($content, 0, -1)."\n include /etc/nginx/sites-enabled/*.vhost;\n}";
MC	770	wf('/etc/nginx/nginx.conf', $content);
dbe5b0	771	}
2d86e1	772	unset($content);
7fe908	773
2d86e1	774	// create PHP-FPM pool dir
F	775	exec('mkdir -p '.$conf['nginx']['php_fpm_pool_dir']);
7fe908	776
2d86e1	777	$content = rf('/etc/php5/fpm/php-fpm.conf');
F	778	if(stripos($content, 'include=/etc/php5/fpm/pool.d/*.conf') === false){
7fe908	779	af('/etc/php5/fpm/php-fpm.conf', "\ninclude=/etc/php5/fpm/pool.d/*.conf");
2d86e1	780	}
F	781	unset($content);
59feb7	782	if(!@is_file($conf['nginx']['php_fpm_ini_path'])){
F	783	if(@is_file('/etc/php5/cli/php.ini')){
	784	exec('cp -f /etc/php5/cli/php.ini '.$conf['nginx']['php_fpm_ini_path']);
	785	} elseif(@is_file('/etc/php5/fastcgi/php.ini')){
	786	exec('cp -f /etc/php5/fastcgi/php.ini '.$conf['nginx']['php_fpm_ini_path']);
	787	} elseif(@is_file('/etc/php5/apache2/php.ini')){
	788	exec('cp -f /etc/php5/apache2/php.ini '.$conf['nginx']['php_fpm_ini_path']);
	789	}
	790	}
2d86e1	791
F	792	//* make sure that webalizer finds its config file when it is directly in /etc
	793	if(@is_file('/etc/webalizer.conf') && !@is_dir('/etc/webalizer')) {
	794	mkdir('/etc/webalizer');
7fe908	795	symlink('/etc/webalizer.conf', '/etc/webalizer/webalizer.conf');
2d86e1	796	}
F	797
	798	if(is_file('/etc/webalizer/webalizer.conf')) {
	799	// Change webalizer mode to incremental
7fe908	800	replaceLine('/etc/webalizer/webalizer.conf', '#IncrementalName', 'IncrementalName webalizer.current', 0, 0);
MC	801	replaceLine('/etc/webalizer/webalizer.conf', '#Incremental', 'Incremental yes', 0, 0);
	802	replaceLine('/etc/webalizer/webalizer.conf', '#HistoryName', 'HistoryName webalizer.hist', 0, 0);
2d86e1	803	}
7fe908	804
2d86e1	805	// Check the awsatst script
F	806	if(!is_dir('/usr/share/awstats/tools')) exec('mkdir -p /usr/share/awstats/tools');
7fe908	807	if(!file_exists('/usr/share/awstats/tools/awstats_buildstaticpages.pl') && file_exists('/usr/share/doc/awstats/examples/awstats_buildstaticpages.pl')) symlink('/usr/share/doc/awstats/examples/awstats_buildstaticpages.pl', '/usr/share/awstats/tools/awstats_buildstaticpages.pl');
MC	808	if(file_exists('/etc/awstats/awstats.conf.local')) replaceLine('/etc/awstats/awstats.conf.local', 'LogFormat=4', 'LogFormat=1', 0, 1);
	809
2d86e1	810	//* add a sshusers group
F	811	$command = 'groupadd sshusers';
	812	if(!is_group('sshusers')) caselog($command.' &> /dev/null 2> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
	813	}
7fe908	814
32d8e9	815	public function configure_firewall()
T	816	{
	817	global $conf;
7fe908	818
32d8e9	819	$dist_init_scripts = $conf['init_scripts'];
7fe908	820
32d8e9	821	if(is_dir("/etc/Bastille.backup")) caselog("rm -rf /etc/Bastille.backup", __FILE__, __LINE__);
T	822	if(is_dir("/etc/Bastille")) caselog("mv -f /etc/Bastille /etc/Bastille.backup", __FILE__, __LINE__);
7fe908	823	@mkdir("/etc/Bastille", octdec($directory_mode));
MC	824	if(is_dir("/etc/Bastille.backup/firewall.d")) caselog("cp -pfr /etc/Bastille.backup/firewall.d /etc/Bastille/", __FILE__, __LINE__);
	825	if(is_file($conf['ispconfig_install_dir'].'/server/conf-custom/install/bastille-firewall.cfg.master')) {
	826	caselog("cp -f " . $conf['ispconfig_install_dir']."/server/conf-custom/install/bastille-firewall.cfg.master /etc/Bastille/bastille-firewall.cfg", __FILE__, __LINE__);
	827	} else {
	828	caselog("cp -f tpl/bastille-firewall.cfg.master /etc/Bastille/bastille-firewall.cfg", __FILE__, __LINE__);
	829	}
	830	caselog("chmod 644 /etc/Bastille/bastille-firewall.cfg", __FILE__, __LINE__);
	831	$content = rf("/etc/Bastille/bastille-firewall.cfg");
	832	$content = str_replace("{DNS_SERVERS}", "", $content);
32d8e9	833
7fe908	834	$tcp_public_services = '';
MC	835	$udp_public_services = '';
	836
fb3a98	837	$row = $this->db->queryOneRecord('SELECT * FROM '.$conf["mysql"]["database"].'.firewall WHERE server_id = '.intval($conf['server_id']));
7fe908	838
MC	839	if(trim($row["tcp_port"]) != '' \|\| trim($row["udp_port"]) != ''){
	840	$tcp_public_services = trim(str_replace(',', ' ', $row["tcp_port"]));
	841	$udp_public_services = trim(str_replace(',', ' ', $row["udp_port"]));
	842	} else {
	843	$tcp_public_services = '21 22 25 53 80 110 443 3306 8080 10000';
	844	$udp_public_services = '53';
	845	}
	846
32d8e9	847	if(!stristr($tcp_public_services, $conf['apache']['vhost_port'])) {
T	848	$tcp_public_services .= ' '.intval($conf['apache']['vhost_port']);
	849	if($row["tcp_port"] != '') $this->db->query("UPDATE firewall SET tcp_port = tcp_port + ',".intval($conf['apache']['vhost_port'])."' WHERE server_id = ".intval($conf['server_id']));
	850	}
	851
7fe908	852	$content = str_replace("{TCP_PUBLIC_SERVICES}", $tcp_public_services, $content);
MC	853	$content = str_replace("{UDP_PUBLIC_SERVICES}", $udp_public_services, $content);
32d8e9	854
7fe908	855	wf("/etc/Bastille/bastille-firewall.cfg", $content);
32d8e9	856
7fe908	857	if(is_file($dist_init_scripts."/bastille-firewall")) caselog("mv -f $dist_init_scripts/bastille-firewall $dist_init_scripts/bastille-firewall.backup", __FILE__, __LINE__);
MC	858	caselog("cp -f apps/bastille-firewall $dist_init_scripts", __FILE__, __LINE__);
	859	caselog("chmod 700 $dist_init_scripts/bastille-firewall", __FILE__, __LINE__);
32d8e9	860
7fe908	861	if(is_file("/sbin/bastille-ipchains")) caselog("mv -f /sbin/bastille-ipchains /sbin/bastille-ipchains.backup", __FILE__, __LINE__);
MC	862	caselog("cp -f apps/bastille-ipchains /sbin", __FILE__, __LINE__);
	863	caselog("chmod 700 /sbin/bastille-ipchains", __FILE__, __LINE__);
	864
	865	if(is_file("/sbin/bastille-netfilter")) caselog("mv -f /sbin/bastille-netfilter /sbin/bastille-netfilter.backup", __FILE__, __LINE__);
	866	caselog("cp -f apps/bastille-netfilter /sbin", __FILE__, __LINE__);
	867	caselog("chmod 700 /sbin/bastille-netfilter", __FILE__, __LINE__);
	868
32d8e9	869	if(!@is_dir('/var/lock/subsys')) caselog("mkdir /var/lock/subsys", __FILE__, __LINE__);
T	870
7fe908	871	exec("which ipchains &> /dev/null", $ipchains_location, $ret_val);
MC	872	if(!is_file("/sbin/ipchains") && !is_link("/sbin/ipchains") && $ret_val == 0) phpcaselog(@symlink(shell_exec("which ipchains"), "/sbin/ipchains"), 'create symlink', __FILE__, __LINE__);
	873	unset($ipchains_location);
	874	exec("which iptables &> /dev/null", $iptables_location, $ret_val);
	875	if(!is_file("/sbin/iptables") && !is_link("/sbin/iptables") && $ret_val == 0) phpcaselog(@symlink(trim(shell_exec("which iptables")), "/sbin/iptables"), 'create symlink', __FILE__, __LINE__);
	876	unset($iptables_location);
32d8e9	877
T	878	}
4ae2a0	879
32d8e9	880	public function install_ispconfig()
7fe908	881	{
32d8e9	882	global $conf;
7fe908	883
32d8e9	884	$install_dir = $conf['ispconfig_install_dir'];
T	885
	886	//* Create the ISPConfig installation directory
	887	if(!@is_dir("$install_dir")) {
	888	$command = "mkdir $install_dir";
	889	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
	890	}
7fe908	891
32d8e9	892	//* Create a ISPConfig user and group
T	893	$command = 'groupadd ispconfig';
	894	if(!is_group('ispconfig')) caselog($command.' &> /dev/null 2> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
7fe908	895
32d8e9	896	$command = "useradd -g ispconfig -d $install_dir ispconfig";
T	897	if(!is_user('ispconfig')) caselog($command.' &> /dev/null 2> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
7fe908	898
32d8e9	899	//* copy the ISPConfig interface part
T	900	$command = "cp -rf ../interface $install_dir";
	901	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
7fe908	902
32d8e9	903	//* copy the ISPConfig server part
T	904	$command = "cp -rf ../server $install_dir";
	905	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
7fe908	906
32d8e9	907	//* Create a symlink, so ISPConfig is accessible via web
T	908	// Replaced by a separate vhost definition for port 8080
	909	// $command = "ln -s $install_dir/interface/web/ /var/www/ispconfig";
	910	// caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
7fe908	911
32d8e9	912	//* Create the config file for ISPConfig interface
T	913	$configfile = 'config.inc.php';
	914	if(is_file($install_dir.'/interface/lib/'.$configfile)){
7fe908	915	copy("$install_dir/interface/lib/$configfile", "$install_dir/interface/lib/$configfile~");
MC	916	}
615a0a	917	$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/'.$configfile.'.master', "tpl/$configfile.master");
32d8e9	918	$content = str_replace('{mysql_server_ispconfig_user}', $conf['mysql']['ispconfig_user'], $content);
T	919	$content = str_replace('{mysql_server_ispconfig_password}', $conf['mysql']['ispconfig_password'], $content);
	920	$content = str_replace('{mysql_server_database}', $conf['mysql']['database'], $content);
	921	$content = str_replace('{mysql_server_host}', $conf['mysql']['host'], $content);
7fe908	922
32d8e9	923	$content = str_replace('{mysql_master_server_ispconfig_user}', $conf['mysql']['master_ispconfig_user'], $content);
T	924	$content = str_replace('{mysql_master_server_ispconfig_password}', $conf['mysql']['master_ispconfig_password'], $content);
	925	$content = str_replace('{mysql_master_server_database}', $conf['mysql']['master_database'], $content);
	926	$content = str_replace('{mysql_master_server_host}', $conf['mysql']['master_host'], $content);
7fe908	927
32d8e9	928	$content = str_replace('{server_id}', $conf['server_id'], $content);
T	929	$content = str_replace('{ispconfig_log_priority}', $conf['ispconfig_log_priority'], $content);
5898e6	930	$content = str_replace('{language}', $conf['language'], $content);
8cf78b	931	$content = str_replace('{timezone}', $conf['timezone'], $content);
41eaa8	932	$content = str_replace('{theme}', $conf['theme'], $content);
992797	933	$content = str_replace('{language_file_import_enabled}', ($conf['language_file_import_enabled'] == true)?'true':'false', $content);
7fe908	934
MC	935	wf("$install_dir/interface/lib/$configfile", $content);
	936
	937	//* Create the config file for ISPConfig server
	938	$configfile = 'config.inc.php';
	939	if(is_file($install_dir.'/server/lib/'.$configfile)){
	940	copy("$install_dir/server/lib/$configfile", "$install_dir/interface/lib/$configfile~");
	941	}
	942	$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/'.$configfile.'.master', "tpl/$configfile.master");
	943	$content = str_replace('{mysql_server_ispconfig_user}', $conf['mysql']['ispconfig_user'], $content);
	944	$content = str_replace('{mysql_server_ispconfig_password}', $conf['mysql']['ispconfig_password'], $content);
	945	$content = str_replace('{mysql_server_database}', $conf['mysql']['database'], $content);
	946	$content = str_replace('{mysql_server_host}', $conf['mysql']['host'], $content);
	947
	948	$content = str_replace('{mysql_master_server_ispconfig_user}', $conf['mysql']['master_ispconfig_user'], $content);
	949	$content = str_replace('{mysql_master_server_ispconfig_password}', $conf['mysql']['master_ispconfig_password'], $content);
	950	$content = str_replace('{mysql_master_server_database}', $conf['mysql']['master_database'], $content);
	951	$content = str_replace('{mysql_master_server_host}', $conf['mysql']['master_host'], $content);
	952
	953	$content = str_replace('{server_id}', $conf['server_id'], $content);
	954	$content = str_replace('{ispconfig_log_priority}', $conf['ispconfig_log_priority'], $content);
	955	$content = str_replace('{language}', $conf['language'], $content);
	956	$content = str_replace('{timezone}', $conf['timezone'], $content);
	957	$content = str_replace('{theme}', $conf['theme'], $content);
	958	$content = str_replace('{language_file_import_enabled}', ($conf['language_file_import_enabled'] == true)?'true':'false', $content);
	959
32d8e9	960	wf("$install_dir/server/lib/$configfile", $content);
7fe908	961
fb3a98	962	//* Create the config file for remote-actions (but only, if it does not exist, because
T	963	// the value is a autoinc-value and so changed by the remoteaction_core_module
	964	if (!file_exists($install_dir.'/server/lib/remote_action.inc.php')) {
	965	$content = '<?php' . "\n" . '$maxid_remote_action = 0;' . "\n" . '?>';
	966	wf($install_dir.'/server/lib/remote_action.inc.php', $content);
	967	}
7fe908	968
32d8e9	969	//* Enable the server modules and plugins.
T	970	// TODO: Implement a selector which modules and plugins shall be enabled.
	971	$dir = $install_dir.'/server/mods-available/';
	972	if (is_dir($dir)) {
	973	if ($dh = opendir($dir)) {
	974	while (($file = readdir($dh)) !== false) {
7fe908	975	if($file != '.' && $file != '..' && substr($file, -8, 8) == '.inc.php') {
MC	976	include_once $install_dir.'/server/mods-available/'.$file;
	977	$module_name = substr($file, 0, -8);
32d8e9	978	$tmp = new $module_name;
T	979	if($tmp->onInstall()) {
	980	if(!@is_link($install_dir.'/server/mods-enabled/'.$file)) @symlink($install_dir.'/server/mods-available/'.$file, $install_dir.'/server/mods-enabled/'.$file);
	981	if (strpos($file, '_core_module') !== false) {
	982	if(!@is_link($install_dir.'/server/mods-core/'.$file)) @symlink($install_dir.'/server/mods-available/'.$file, $install_dir.'/server/mods-core/'.$file);
	983	}
	984	}
	985	unset($tmp);
	986	}
	987	}
	988	closedir($dh);
	989	}
	990	}
7fe908	991
32d8e9	992	$dir = $install_dir.'/server/plugins-available/';
T	993	if (is_dir($dir)) {
	994	if ($dh = opendir($dir)) {
	995	while (($file = readdir($dh)) !== false) {
1bd269	996	if($conf['apache']['installed'] == true && $file == 'nginx_plugin.inc.php') continue;
F	997	if($conf['nginx']['installed'] == true && $file == 'apache2_plugin.inc.php') continue;
7fe908	998	if($file != '.' && $file != '..' && substr($file, -8, 8) == '.inc.php') {
MC	999	include_once $install_dir.'/server/plugins-available/'.$file;
	1000	$plugin_name = substr($file, 0, -8);
32d8e9	1001	$tmp = new $plugin_name;
T	1002	if($tmp->onInstall()) {
	1003	if(!@is_link($install_dir.'/server/plugins-enabled/'.$file)) @symlink($install_dir.'/server/plugins-available/'.$file, $install_dir.'/server/plugins-enabled/'.$file);
	1004	if (strpos($file, '_core_plugin') !== false) {
	1005	if(!@is_link($install_dir.'/server/plugins-core/'.$file)) @symlink($install_dir.'/server/plugins-available/'.$file, $install_dir.'/server/plugins-core/'.$file);
	1006	}
	1007	}
	1008	unset($tmp);
	1009	}
	1010	}
	1011	closedir($dh);
	1012	}
	1013	}
7fe908	1014
32d8e9	1015	// Update the server config
T	1016	$mail_server_enabled = ($conf['services']['mail'])?1:0;
	1017	$web_server_enabled = ($conf['services']['web'])?1:0;
	1018	$dns_server_enabled = ($conf['services']['dns'])?1:0;
	1019	$file_server_enabled = ($conf['services']['file'])?1:0;
	1020	$db_server_enabled = ($conf['services']['db'])?1:0;
	1021	$vserver_server_enabled = ($conf['services']['vserver'])?1:0;
	1022	$sql = "UPDATE `server` SET mail_server = '$mail_server_enabled', web_server = '$web_server_enabled', dns_server = '$dns_server_enabled', file_server = '$file_server_enabled', db_server = '$db_server_enabled', vserver_server = '$vserver_server_enabled' WHERE server_id = ".intval($conf['server_id']);
7fe908	1023
32d8e9	1024	if($conf['mysql']['master_slave_setup'] == 'y') {
T	1025	$this->dbmaster->query($sql);
	1026	$this->db->query($sql);
	1027	} else {
	1028	$this->db->query($sql);
	1029	}
7fe908	1030
3e0fc8	1031	// chown install dir to root and chmod 755
TB	1032	$command = 'chown root:root '.$install_dir;
	1033	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
	1034	$command = 'chmod 755 '.$install_dir;
32d8e9	1035	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
T	1036
3e0fc8	1037	//* Chmod the files and directoreies in the install dir
TB	1038	$command = 'chmod -R 750 '.$install_dir.'/*';
	1039	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
	1040
	1041	//* chown the interface files to the ispconfig user and group
	1042	$command = 'chown -R ispconfig:ispconfig '.$install_dir.'/interface';
	1043	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
	1044
	1045	//* chown the server files to the root user and group
	1046	$command = 'chown -R root:root '.$install_dir.'/server';
32d8e9	1047	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
7fe908	1048
32d8e9	1049	//* Make the global language file directory group writable
T	1050	exec("chmod -R 770 $install_dir/interface/lib/lang");
7fe908	1051
32d8e9	1052	//* Make the temp directory for language file exports writable
T	1053	exec("chmod -R 770 $install_dir/interface/web/temp");
7fe908	1054
32d8e9	1055	//* Make all interface language file directories group writable
T	1056	$handle = @opendir($install_dir.'/interface/web');
7fe908	1057	while ($file = @readdir($handle)) {
MC	1058	if ($file != '.' && $file != '..') {
	1059	if(@is_dir($install_dir.'/interface/web'.'/'.$file.'/lib/lang')) {
32d8e9	1060	$handle2 = opendir($install_dir.'/interface/web'.'/'.$file.'/lib/lang');
7fe908	1061	chmod($install_dir.'/interface/web'.'/'.$file.'/lib/lang', 0770);
MC	1062	while ($lang_file = @readdir($handle2)) {
32d8e9	1063	if ($lang_file != '.' && $lang_file != '..') {
7fe908	1064	chmod($install_dir.'/interface/web'.'/'.$file.'/lib/lang/'.$lang_file, 0770);
32d8e9	1065	}
T	1066	}
	1067	}
	1068	}
	1069	}
7fe908	1070
477d4e	1071	//* Make the APS directories group writable
T	1072	exec("chmod -R 770 $install_dir/interface/web/sites/aps_meta_packages");
	1073	exec("chmod -R 770 $install_dir/server/aps_packages");
7fe908	1074
32d8e9	1075	//* make sure that the server config file (not the interface one) is only readable by the root user
bfcdef	1076	chmod($install_dir.'/server/lib/config.inc.php', 0600);
T	1077	chown($install_dir.'/server/lib/config.inc.php', 'root');
	1078	chgrp($install_dir.'/server/lib/config.inc.php', 'root');
7fe908	1079
bfcdef	1080	//* Make sure thet the interface config file is readable by user ispconfig only
T	1081	chmod($install_dir.'/interface/lib/config.inc.php', 0600);
	1082	chown($install_dir.'/interface/lib/config.inc.php', 'ispconfig');
	1083	chgrp($install_dir.'/interface/lib/config.inc.php', 'ispconfig');
7fe908	1084
32d8e9	1085	if(@is_file("$install_dir/server/lib/mysql_clientdb.conf")) {
T	1086	exec("chmod 600 $install_dir/server/lib/mysql_clientdb.conf");
	1087	exec("chown root:root $install_dir/server/lib/mysql_clientdb.conf");
	1088	}
7fe908	1089
32d8e9	1090	// TODO: FIXME: add the www-data user to the ispconfig group. This is just for testing
T	1091	// and must be fixed as this will allow the apache user to read the ispconfig files.
	1092	// Later this must run as own apache server or via suexec!
63b369	1093	if($conf['apache']['installed'] == true){
5edf40	1094	//$command = 'groupmod --add-user '.$conf['apache']['user'].' ispconfig';
TB	1095	$command = 'usermod -a -G ispconfig '.$conf['apache']['user'];
63b369	1096	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
272aec	1097	if(is_group('ispapps')){
5edf40	1098	//$command = 'groupmod --add-user '.$conf['apache']['user'].' ispapps';
TB	1099	$command = 'usermod -a -G ispapps '.$conf['apache']['user'];
272aec	1100	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
F	1101	}
63b369	1102	}
F	1103	if($conf['nginx']['installed'] == true){
5edf40	1104	//$command = 'groupmod --add-user '.$conf['nginx']['user'].' ispconfig';
TB	1105	$command = 'usermod -a -G ispconfig '.$conf['nginx']['user'];
63b369	1106	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
272aec	1107	if(is_group('ispapps')){
5edf40	1108	//$command = 'groupmod --add-user '.$conf['nginx']['user'].' ispapps';
TB	1109	$command = 'usermod -a -G ispapps '.$conf['nginx']['user'];
272aec	1110	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
F	1111	}
5c93f0	1112	// add nobody user to www group, as the default php-fpm pool from opensuse runs as nobody
TB	1113	$command = 'usermod -a -G www nobody';
	1114	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
63b369	1115	}
7fe908	1116
32d8e9	1117	//* Make the shell scripts executable
T	1118	$command = "chmod +x $install_dir/server/scripts/*.sh";
	1119	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
7fe908	1120
MC	1121
7e1cfb	1122	if($conf['apache']['installed'] == true && $this->install_ispconfig_interface == true){
1bd269	1123	//* Copy the ISPConfig vhost for the controlpanel
F	1124	// TODO: These are missing! should they be "vhost_dist_*_dir" ?
	1125	$vhost_conf_dir = $conf['apache']['vhost_conf_dir'];
	1126	$vhost_conf_enabled_dir = $conf['apache']['vhost_conf_enabled_dir'];
7fe908	1127
MC	1128
1bd269	1129	// Dont just copy over the virtualhost template but add some custom settings
ccbf14	1130	$tpl = new tpl('apache_ispconfig.vhost.master');
TB	1131	$tpl->setVar('vhost_port',$conf['apache']['vhost_port']);
7fe908	1132
1bd269	1133	// comment out the listen directive if port is 80 or 443
F	1134	if($conf['apache']['vhost_port'] == 80 or $conf['apache']['vhost_port'] == 443) {
ccbf14	1135	$tpl->setVar('vhost_port_listen','#');
1bd269	1136	} else {
ccbf14	1137	$tpl->setVar('vhost_port_listen','');
1bd269	1138	}
7fe908	1139
ccbf14	1140	if(is_file($install_dir.'/interface/ssl/ispserver.crt') && is_file($install_dir.'/interface/ssl/ispserver.key')) {
TB	1141	$tpl->setVar('ssl_comment','');
1bd269	1142	} else {
ccbf14	1143	$tpl->setVar('ssl_comment','#');
1bd269	1144	}
10b4c8	1145	if(is_file($install_dir.'/interface/ssl/ispserver.crt') && is_file($install_dir.'/interface/ssl/ispserver.key') && is_file($install_dir.'/interface/ssl/ispserver.bundle')) {
ccbf14	1146	$tpl->setVar('ssl_bundle_comment','');
10b4c8	1147	} else {
ccbf14	1148	$tpl->setVar('ssl_bundle_comment','#');
10b4c8	1149	}
ccbf14	1150
TB	1151	$tpl->setVar('apache_version',getapacheversion());
7fe908	1152
fbc02f	1153	$content = $tpl->grab();
TB	1154	$content = str_replace('/var/www/', '/srv/www/', $content);
	1155	wf($vhost_conf_dir.'/ispconfig.vhost', $content);
7fe908	1156
cc6568	1157	//if(!is_file('/srv/www/php-fcgi-scripts/ispconfig/.php-fcgi-starter')) {
7fe908	1158	$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/apache_ispconfig_fcgi_starter.master', 'tpl/apache_ispconfig_fcgi_starter.master');
MC	1159	$content = str_replace('{fastcgi_bin}', $conf['fastcgi']['fastcgi_bin'], $content);
	1160	$content = str_replace('{fastcgi_phpini_path}', $conf['fastcgi']['fastcgi_phpini_path'], $content);
	1161	exec('mkdir -p /srv/www/php-fcgi-scripts/ispconfig');
	1162	wf('/srv/www/php-fcgi-scripts/ispconfig/.php-fcgi-starter', $content);
	1163	exec('chmod +x /srv/www/php-fcgi-scripts/ispconfig/.php-fcgi-starter');
	1164	exec('ln -s /usr/local/ispconfig/interface/web /srv/www/ispconfig');
	1165	exec('chown -R ispconfig:ispconfig /srv/www/php-fcgi-scripts/ispconfig');
	1166
cc6568	1167	//}
7fe908	1168
1bd269	1169	//copy('tpl/apache_ispconfig.vhost.master', "$vhost_conf_dir/ispconfig.vhost");
F	1170	//* and create the symlink
7e1cfb	1171	if($this->is_update == false) {
1bd269	1172	if(@is_link("$vhost_conf_enabled_dir/ispconfig.vhost")) unlink("$vhost_conf_enabled_dir/ispconfig.vhost");
F	1173	if(!@is_link("$vhost_conf_enabled_dir/000-ispconfig.vhost")) {
	1174	exec("ln -s $vhost_conf_dir/ispconfig.vhost $vhost_conf_enabled_dir/000-ispconfig.vhost");
	1175	}
7fe908	1176
1bd269	1177	}
7fe908	1178
1bd269	1179	// Fix a setting in vhost master file for suse
7fe908	1180	replaceLine('/usr/local/ispconfig/server/conf/vhost.conf.master', "suPHP_UserGroup", " suPHP_UserGroup <tmpl_var name='system_user'> <tmpl_var name='system_group'>", 0);
1bd269	1181	}
F	1182
7e1cfb	1183	if($conf['nginx']['installed'] == true && $this->install_ispconfig_interface == true){
1bd269	1184	//* Copy the ISPConfig vhost for the controlpanel
F	1185	$vhost_conf_dir = $conf['nginx']['vhost_conf_dir'];
	1186	$vhost_conf_enabled_dir = $conf['nginx']['vhost_conf_enabled_dir'];
	1187
	1188	// Dont just copy over the virtualhost template but add some custom settings
615a0a	1189	$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/nginx_ispconfig.vhost.master', 'tpl/nginx_ispconfig.vhost.master');
1bd269	1190	$content = str_replace('{vhost_port}', $conf['nginx']['vhost_port'], $content);
7fe908	1191
1bd269	1192	if(is_file($install_dir.'/interface/ssl/ispserver.crt') && is_file($install_dir.'/interface/ssl/ispserver.key')) {
10b4c8	1193	$content = str_replace('{ssl_on}', ' on', $content);
1bd269	1194	$content = str_replace('{ssl_comment}', '', $content);
F	1195	$content = str_replace('{fastcgi_ssl}', 'on', $content);
	1196	} else {
10b4c8	1197	$content = str_replace('{ssl_on}', ' off', $content);
1bd269	1198	$content = str_replace('{ssl_comment}', '#', $content);
F	1199	$content = str_replace('{fastcgi_ssl}', 'off', $content);
32d8e9	1200	}
7fe908	1201
ca0b77	1202	$socket_dir = escapeshellcmd($conf['nginx']['php_fpm_socket_dir']);
7fe908	1203	if(substr($socket_dir, -1) != '/') $socket_dir .= '/';
ca0b77	1204	if(!is_dir($socket_dir)) exec('mkdir -p '.$socket_dir);
F	1205	$fpm_socket = $socket_dir.'ispconfig.sock';
7fe908	1206
ca0b77	1207	//$content = str_replace('{fpm_port}', $conf['nginx']['php_fpm_start_port'], $content);
F	1208	$content = str_replace('{fpm_socket}', $fpm_socket, $content);
1bd269	1209
F	1210	wf($vhost_conf_dir.'/ispconfig.vhost', $content);
7fe908	1211
1bd269	1212	unset($content);
7fe908	1213
1bd269	1214	// PHP-FPM
F	1215	// Dont just copy over the php-fpm pool template but add some custom settings
615a0a	1216	$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/php_fpm_pool.conf.master', 'tpl/php_fpm_pool.conf.master');
1bd269	1217	$content = str_replace('{fpm_pool}', 'ispconfig', $content);
ca0b77	1218	//$content = str_replace('{fpm_port}', $conf['nginx']['php_fpm_start_port'], $content);
F	1219	$content = str_replace('{fpm_socket}', $fpm_socket, $content);
1bd269	1220	$content = str_replace('{fpm_user}', 'ispconfig', $content);
F	1221	$content = str_replace('{fpm_group}', 'ispconfig', $content);
	1222	wf($conf['nginx']['php_fpm_pool_dir'].'/ispconfig.conf', $content);
	1223
	1224	//copy('tpl/nginx_ispconfig.vhost.master', $vhost_conf_dir.'/ispconfig.vhost');
	1225	//* and create the symlink
7e1cfb	1226	if($this->is_update == false) {
1bd269	1227	if(@is_link($vhost_conf_enabled_dir.'/ispconfig.vhost')) unlink($vhost_conf_enabled_dir.'/ispconfig.vhost');
F	1228	if(!@is_link($vhost_conf_enabled_dir.'/000-ispconfig.vhost')) {
7fe908	1229	symlink($vhost_conf_dir.'/ispconfig.vhost', $vhost_conf_enabled_dir.'/000-ispconfig.vhost');
1bd269	1230	}
F	1231	}
7fe908	1232
9aec3d	1233	// create symlinks from /usr/share to phpMyAdmin and SquirrelMail, if they are installed
7fe908	1234	if(!@file_exists('/usr/share/phpmyadmin') && @is_dir('/srv/www/htdocs/phpMyAdmin')) symlink('/srv/www/htdocs/phpMyAdmin/', '/usr/share/phpmyadmin');
MC	1235	if(!@file_exists('/usr/share/squirrelmail') && @is_dir('/srv/www/htdocs/squirrelmail')) symlink('/srv/www/htdocs/squirrelmail/', '/usr/share/squirrelmail');
32d8e9	1236	}
7fe908	1237
MC	1238
32d8e9	1239	// Make the Clamav log files readable by ISPConfig
T	1240	//exec('chmod +r /var/log/clamav/clamav.log');
	1241	//exec('chmod +r /var/log/clamav/freshclam.log');
7fe908	1242
32d8e9	1243	//* Install the update script
b34f99	1244	if(is_file('/usr/local/bin/ispconfig_update_from_dev.sh')) unlink('/usr/local/bin/ispconfig_update_from_dev.sh');
MC	1245	exec('chown root /usr/local/ispconfig/server/scripts/update_from_dev.sh');
	1246	exec('chmod 700 /usr/local/ispconfig/server/scripts/update_from_dev.sh');
32d8e9	1247	exec('chown root /usr/local/ispconfig/server/scripts/update_from_tgz.sh');
T	1248	exec('chmod 700 /usr/local/ispconfig/server/scripts/update_from_tgz.sh');
	1249	exec('chown root /usr/local/ispconfig/server/scripts/ispconfig_update.sh');
	1250	exec('chmod 700 /usr/local/ispconfig/server/scripts/ispconfig_update.sh');
b34f99	1251	if(!is_link('/usr/local/bin/ispconfig_update_from_dev.sh')) exec('ln -s /usr/local/ispconfig/server/scripts/ispconfig_update.sh /usr/local/bin/ispconfig_update_from_dev.sh');
32d8e9	1252	if(!is_link('/usr/local/bin/ispconfig_update.sh')) exec('ln -s /usr/local/ispconfig/server/scripts/ispconfig_update.sh /usr/local/bin/ispconfig_update.sh');
7fe908	1253
32d8e9	1254	//set the fast cgi starter script to executable
T	1255	//exec('chmod 755 '.$install_dir.'/interface/bin/php-fcgi');
7fe908	1256
32d8e9	1257	//* Make the logs readable for the ispconfig user
T	1258	if(@is_file('/var/log/mail.log')) exec('chmod +r /var/log/mail.log');
	1259	if(@is_file('/var/log/mail.warn')) exec('chmod +r /var/log/mail.warn');
	1260	if(@is_file('/var/log/mail.err')) exec('chmod +r /var/log/mail.err');
	1261	if(@is_file('/var/log/messages')) exec('chmod +r /var/log/messages');
7fe908	1262
32d8e9	1263	//To enable apache to read the directories
T	1264	exec('chmod a+rx /usr/local/ispconfig');
	1265	exec('chmod -R 751 /usr/local/ispconfig/interface');
	1266	exec('chmod a+rx /usr/local/ispconfig/interface/web');
7fe908	1267
32d8e9	1268	//* Create the ispconfig log directory
e38d14	1269	if(!is_dir($conf['ispconfig_log_dir'])) mkdir($conf['ispconfig_log_dir']);
J	1270	if(!is_file($conf['ispconfig_log_dir'].'/ispconfig.log')) exec('touch '.$conf['ispconfig_log_dir'].'/ispconfig.log');
7fe908	1271
0c5b42	1272	if(is_user('getmail')) {
T	1273	exec('mv /usr/local/ispconfig/server/scripts/run-getmail.sh /usr/local/bin/run-getmail.sh');
	1274	exec('chown getmail /usr/local/bin/run-getmail.sh');
	1275	exec('chmod 744 /usr/local/bin/run-getmail.sh');
	1276	}
7fe908	1277
8cf78b	1278	if(is_dir($install_dir.'/interface/invoices')) {
e94a9f	1279	exec('chmod -R 770 '.escapeshellarg($install_dir.'/interface/invoices'));
T	1280	exec('chown -R ispconfig:ispconfig '.escapeshellarg($install_dir.'/interface/invoices'));
edf806	1281	}
7fe908	1282
0799f8	1283	//* Create the ispconfig auth log file and set uid/gid
T	1284	if(!is_file($conf['ispconfig_log_dir'].'/auth.log')) {
	1285	touch($conf['ispconfig_log_dir'].'/auth.log');
	1286	}
	1287	exec('chown ispconfig:ispconfig '. $conf['ispconfig_log_dir'].'/auth.log');
	1288	exec('chmod 660 '. $conf['ispconfig_log_dir'].'/auth.log');
7fe908	1289
d71bae	1290	//* Remove Domain module as its functions are available in the client module now
T	1291	if(@is_dir('/usr/local/ispconfig/interface/web/domain')) exec('rm -rf /usr/local/ispconfig/interface/web/domain');
021aec	1292
TB	1293	// Add symlink for patch tool
	1294	if(!is_link('/usr/local/bin/ispconfig_patch')) exec('ln -s /usr/local/ispconfig/server/scripts/ispconfig_patch /usr/local/bin/ispconfig_patch');
7fe908	1295
MC	1296
32d8e9	1297	}
7fe908	1298
32d8e9	1299	public function configure_dbserver()
T	1300	{
	1301	global $conf;
7fe908	1302
32d8e9	1303	//* If this server shall act as database server for client DB's, we configure this here
T	1304	$install_dir = $conf['ispconfig_install_dir'];
7fe908	1305
MC	1306	// Create a file with the database login details which
32d8e9	1307	// are used to create the client databases.
7fe908	1308
32d8e9	1309	if(!is_dir("$install_dir/server/lib")) {
T	1310	$command = "mkdir $install_dir/server/lib";
	1311	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
	1312	}
7fe908	1313
615a0a	1314	$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/mysql_clientdb.conf.master', "tpl/mysql_clientdb.conf.master");
7fe908	1315	$content = str_replace('{hostname}', $conf['mysql']['host'], $content);
MC	1316	$content = str_replace('{username}', $conf['mysql']['admin_user'], $content);
	1317	$content = str_replace('{password}', $conf['mysql']['admin_password'], $content);
	1318	wf("$install_dir/server/lib/mysql_clientdb.conf", $content);
32d8e9	1319	exec('chmod 600 '."$install_dir/server/lib/mysql_clientdb.conf");
T	1320	exec('chown root:root '."$install_dir/server/lib/mysql_clientdb.conf");
7fe908	1321
32d8e9	1322	}
7fe908	1323
32d8e9	1324	public function install_crontab()
7fe908	1325	{
32d8e9	1326	global $conf;
7fe908	1327
32d8e9	1328	//* Root Crontab
T	1329	exec('crontab -u root -l > crontab.txt');
	1330	$existing_root_cron_jobs = file('crontab.txt');
7fe908	1331
32d8e9	1332	// remove existing ispconfig cronjobs, in case the syntax has changed
T	1333	foreach($existing_root_cron_jobs as $key => $val) {
7fe908	1334	if(stristr($val, '/usr/local/ispconfig')) unset($existing_root_cron_jobs[$key]);
32d8e9	1335	}
7fe908	1336
32d8e9	1337	$root_cron_jobs = array(
T	1338	'* * * * * /usr/local/ispconfig/server/server.sh &> /dev/null',
	1339	'30 00 * * * /usr/local/ispconfig/server/cron_daily.sh &> /dev/null'
	1340	);
7fe908	1341
b6a10a	1342	if ($conf['nginx']['installed'] == true) {
F	1343	$root_cron_jobs[] = "0 0 * * * /usr/local/ispconfig/server/scripts/create_daily_nginx_access_logs.sh &> /dev/null";
	1344	}
7fe908	1345
32d8e9	1346	foreach($root_cron_jobs as $cron_job) {
T	1347	if(!in_array($cron_job."\n", $existing_root_cron_jobs)) {
	1348	$existing_root_cron_jobs[] = $cron_job."\n";
	1349	}
	1350	}
	1351	file_put_contents('crontab.txt', $existing_root_cron_jobs);
	1352	exec('crontab -u root crontab.txt &> /dev/null');
	1353	unlink('crontab.txt');
7fe908	1354
32d8e9	1355	//* Getmail crontab
T	1356	if(is_user('getmail')) {
7fe908	1357	$cf = $conf['getmail'];
32d8e9	1358	exec('crontab -u getmail -l > crontab.txt');
T	1359	$existing_cron_jobs = file('crontab.txt');
7fe908	1360
32d8e9	1361	$cron_jobs = array(
7fe908	1362	'/5 * * * /usr/local/bin/run-getmail.sh > /dev/null 2>> /dev/null'
MC	1363	);
	1364
32d8e9	1365	// remove existing ispconfig cronjobs, in case the syntax has changed
T	1366	foreach($existing_cron_jobs as $key => $val) {
7fe908	1367	if(stristr($val, 'getmail')) unset($existing_cron_jobs[$key]);
32d8e9	1368	}
7fe908	1369
32d8e9	1370	foreach($cron_jobs as $cron_job) {
T	1371	if(!in_array($cron_job."\n", $existing_cron_jobs)) {
	1372	$existing_cron_jobs[] = $cron_job."\n";
	1373	}
	1374	}
	1375	file_put_contents('crontab.txt', $existing_cron_jobs);
	1376	exec('crontab -u getmail crontab.txt &> /dev/null');
	1377	unlink('crontab.txt');
	1378	}
7fe908	1379
32d8e9	1380	exec('touch /var/log/ispconfig/cron.log');
cc6568	1381	exec('chmod 660 /var/log/ispconfig/cron.log');
32d8e9	1382	}
T	1383
	1384	}
	1385
e38d14	1386	?>