gitlabFork/ISPConfig3.git - Solinfo Gitblit

Fixed: FS#3696 - Interface SSL keys should be owned by root - Improved post...

Till Brehm

2014-10-17 980485c46c2d0fab48410dc5aedb1a2fafa40a34

commit \| author \| age
532ae5	1	<?php
L	2
	3	/*
	4	Copyright (c) 2007-2010, Till Brehm, projektfarm Gmbh
	5	All rights reserved.
	6
	7	Redistribution and use in source and binary forms, with or without modification,
	8	are permitted provided that the following conditions are met:
	9
	10	* Redistributions of source code must retain the above copyright notice,
	11	this list of conditions and the following disclaimer.
	12	* Redistributions in binary form must reproduce the above copyright notice,
	13	this list of conditions and the following disclaimer in the documentation
	14	and/or other materials provided with the distribution.
	15	* Neither the name of ISPConfig nor the names of its contributors
	16	may be used to endorse or promote products derived from this software without
	17	specific prior written permission.
	18
	19	THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
	20	ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
	21	WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
	22	IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
	23	INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
	24	BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
	25	DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
	26	OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
	27	NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
	28	EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
	29	*/
	30
	31	class installer_base {
	32
	33	var $wb = array();
	34	var $language = 'en';
	35	var $db;
	36	public $conf;
	37	public $install_ispconfig_interface = true;
	38	public $is_update = false; // true if it is an update, falsi if it is a new install
	39
	40
	41	public function __construct() {
	42	global $conf; //TODO: maybe $conf should be passed to constructor
	43	//$this->conf = $conf;
	44	}
	45
	46	//: TODO Implement the translation function and language files for the installer.
	47	public function lng($text) {
	48	return $text;
	49	}
	50
	51	public function error($msg) {
	52	die('ERROR: '.$msg."\n");
	53	}
	54
	55	public function warning($msg) {
7fe908	56	echo 'WARNING: '.$msg."\n";
532ae5	57	}
a8ccf6	58
b04e82	59	public function simple_query($query, $answers, $default, $name = '') {
TB	60	global $autoinstall;
532ae5	61	$finished = false;
L	62	do {
b04e82	63	if($name != '' && $autoinstall[$name] != '') {
TB	64	if($autoinstall[$name] == 'default') {
	65	$input = $default;
	66	} else {
	67	$input = $autoinstall[$name];
	68	}
	69	} else {
	70	$answers_str = implode(',', $answers);
	71	swrite($this->lng($query).' ('.$answers_str.') ['.$default.']: ');
	72	$input = sread();
	73	}
532ae5	74
L	75	//* Stop the installation
	76	if($input == 'quit') {
	77	swriteln($this->lng("Installation terminated by user.\n"));
	78	die();
	79	}
	80
	81	//* Select the default
	82	if($input == '') {
	83	$answer = $default;
	84	$finished = true;
	85	}
	86
	87	//* Set answer id valid
	88	if(in_array($input, $answers)) {
	89	$answer = $input;
	90	$finished = true;
	91	}
	92
	93	} while ($finished == false);
	94	swriteln();
	95	return $answer;
	96	}
	97
b04e82	98	public function free_query($query, $default, $name = '') {
TB	99	global $autoinstall;
	100	if($name != '' && $autoinstall[$name] != '') {
	101	if($autoinstall[$name] == 'default') {
	102	$input = $default;
	103	} else {
	104	$input = $autoinstall[$name];
	105	}
	106	} else {
	107	swrite($this->lng($query).' ['.$default.']: ');
	108	$input = sread();
	109	}
532ae5	110
L	111	//* Stop the installation
	112	if($input == 'quit') {
	113	swriteln($this->lng("Installation terminated by user.\n"));
	114	die();
	115	}
	116
	117	$answer = ($input == '') ? $default : $input;
	118	swriteln();
	119	return $answer;
	120	}
	121
	122	/*
	123	// TODO: this function is not used atmo I think - pedro
	124	function request_language(){
a8ccf6	125
532ae5	126	swriteln(lng('Enter your language'));
L	127	swriteln(lng('de, en'));
a8ccf6	128
532ae5	129	}
L	130	*/
	131
	132	//** Detect installed applications
	133	public function find_installed_apps() {
	134	global $conf;
	135
	136	if(is_installed('mysql') \|\| is_installed('mysqld')) $conf['mysql']['installed'] = true;
	137	if(is_installed('postfix')) $conf['postfix']['installed'] = true;
	138	if(is_installed('mailman')) $conf['mailman']['installed'] = true;
e09a27	139	if(is_installed('apache') \|\| is_installed('apache2') \|\| is_installed('httpd') \|\| is_installed('httpd2')) $conf['apache']['installed'] = true;
532ae5	140	if(is_installed('getmail')) $conf['getmail']['installed'] = true;
1ca823	141	if(is_installed('courierlogger')) $conf['courier']['installed'] = true;
532ae5	142	if(is_installed('dovecot')) $conf['dovecot']['installed'] = true;
74d2dc	143	if(is_installed('saslauthd')) $conf['saslauthd']['installed'] = true;
ac28b5	144	if(is_installed('amavisd-new') \|\| is_installed('amavisd')) $conf['amavis']['installed'] = true;
532ae5	145	if(is_installed('clamdscan')) $conf['clamav']['installed'] = true;
L	146	if(is_installed('pure-ftpd') \|\| is_installed('pure-ftpd-wrapper')) $conf['pureftpd']['installed'] = true;
	147	if(is_installed('mydns') \|\| is_installed('mydns-ng')) $conf['mydns']['installed'] = true;
	148	if(is_installed('jk_chrootsh')) $conf['jailkit']['installed'] = true;
	149	if(is_installed('pdns_server') \|\| is_installed('pdns_control')) $conf['powerdns']['installed'] = true;
	150	if(is_installed('named') \|\| is_installed('bind') \|\| is_installed('bind9')) $conf['bind']['installed'] = true;
80e3c9	151	if(is_installed('squid')) $conf['squid']['installed'] = true;
T	152	if(is_installed('nginx')) $conf['nginx']['installed'] = true;
992797	153	// if(is_installed('iptables') && is_installed('ufw')) $conf['ufw']['installed'] = true;
5eb43f	154	if(is_installed('fail2ban-server')) $conf['fail2ban']['installed'] = true;
522ef8	155	if(is_installed('vzctl')) $conf['openvz']['installed'] = true;
80e3c9	156	if(is_dir("/etc/Bastille")) $conf['bastille']['installed'] = true;
a8ccf6	157
d7cfd7	158	if ($conf['services']['web'] && (($conf['apache']['installed'] && is_file($conf['apache']["vhost_conf_enabled_dir"]."/000-ispconfig.vhost")) \|\| ($conf['nginx']['installed'] && is_file($conf['nginx']["vhost_conf_enabled_dir"]."/000-ispconfig.vhost")))) $this->ispconfig_interface_installed = true;
532ae5	159	}
L	160
	161	/** Create the database for ISPConfig */
7fe908	162
MC	163
532ae5	164	public function configure_database() {
L	165	global $conf;
	166
	167	//** Create the database
	168	if(!$this->db->query('CREATE DATABASE IF NOT EXISTS '.$conf['mysql']['database'].' DEFAULT CHARACTER SET '.$conf['mysql']['charset'])) {
	169	$this->error('Unable to create MySQL database: '.$conf['mysql']['database'].'.');
	170	}
	171
	172	//* Set the database name in the DB library
	173	$this->db->dbName = $conf['mysql']['database'];
	174
	175	//* Load the database dump into the database, if database contains no tables
	176	$db_tables = $this->db->getTables();
	177	if(count($db_tables) > 0) {
	178	$this->error('Stopped: Database already contains some tables.');
	179	} else {
	180	if($conf['mysql']['admin_password'] == '') {
02bf99	181	caselog("mysql --default-character-set=".escapeshellarg($conf['mysql']['charset'])." -h ".escapeshellarg($conf['mysql']['host'])." -u ".escapeshellarg($conf['mysql']['admin_user'])." ".escapeshellarg($conf['mysql']['database'])." < '".ISPC_INSTALL_ROOT."/install/sql/ispconfig3.sql' &> /dev/null",
7fe908	182	__FILE__, __LINE__, 'read in ispconfig3.sql', 'could not read in ispconfig3.sql');
532ae5	183	} else {
02bf99	184	caselog("mysql --default-character-set=".escapeshellarg($conf['mysql']['charset'])." -h ".escapeshellarg($conf['mysql']['host'])." -u ".escapeshellarg($conf['mysql']['admin_user'])." -p".escapeshellarg($conf['mysql']['admin_password'])." ".escapeshellarg($conf['mysql']['database'])." < '".ISPC_INSTALL_ROOT."/install/sql/ispconfig3.sql' &> /dev/null",
7fe908	185	__FILE__, __LINE__, 'read in ispconfig3.sql', 'could not read in ispconfig3.sql');
532ae5	186	}
L	187	$db_tables = $this->db->getTables();
	188	if(count($db_tables) == 0) {
	189	$this->error('Unable to load SQL-Dump into database table.');
	190	}
	191
	192	//* Load system.ini into the sys_ini table
	193	$system_ini = $this->db->quote(rf('tpl/system.ini.master'));
	194	$this->db->query("UPDATE sys_ini SET config = '$system_ini' WHERE sysini_id = 1");
	195
	196	}
	197	}
	198
	199	//** Create the server record in the database
	200	public function add_database_server_record() {
	201
	202	global $conf;
	203
	204	if($conf['mysql']['host'] == 'localhost') {
	205	$from_host = 'localhost';
	206	} else {
	207	$from_host = $conf['hostname'];
	208	}
	209
	210	// Delete ISPConfig user in the local database, in case that it exists
	211	$this->db->query("DELETE FROM mysql.user WHERE User = '".$conf['mysql']['ispconfig_user']."' AND Host = '".$from_host."';");
	212	$this->db->query("DELETE FROM mysql.db WHERE Db = '".$conf['mysql']['database']."' AND Host = '".$from_host."';");
	213	$this->db->query('FLUSH PRIVILEGES;');
	214
	215	//* Create the ISPConfig database user in the local database
	216	$query = 'GRANT SELECT, INSERT, UPDATE, DELETE ON '.$conf['mysql']['database'].".* "
7fe908	217	."TO '".$conf['mysql']['ispconfig_user']."'@'".$from_host."' "
MC	218	."IDENTIFIED BY '".$conf['mysql']['ispconfig_password']."';";
532ae5	219	if(!$this->db->query($query)) {
L	220	$this->error('Unable to create database user: '.$conf['mysql']['ispconfig_user'].' Error: '.$this->db->errorMessage);
	221	}
	222
	223	//* Reload database privelages
	224	$this->db->query('FLUSH PRIVILEGES;');
	225
	226	//* Set the database name in the DB library
	227	$this->db->dbName = $conf['mysql']['database'];
	228
	229	$tpl_ini_array = ini_to_array(rf('tpl/server.ini.master'));
	230
	231	//* Update further distribution specific parameters for server config here
	232	//* HINT: Every line added here has to be added in update.lib.php too!!
	233	$tpl_ini_array['web']['vhost_conf_dir'] = $conf['apache']['vhost_conf_dir'];
	234	$tpl_ini_array['web']['vhost_conf_enabled_dir'] = $conf['apache']['vhost_conf_enabled_dir'];
	235	$tpl_ini_array['jailkit']['jailkit_chroot_app_programs'] = $conf['jailkit']['jailkit_chroot_app_programs'];
	236	$tpl_ini_array['fastcgi']['fastcgi_phpini_path'] = $conf['fastcgi']['fastcgi_phpini_path'];
	237	$tpl_ini_array['fastcgi']['fastcgi_starter_path'] = $conf['fastcgi']['fastcgi_starter_path'];
526b99	238	$tpl_ini_array['fastcgi']['fastcgi_bin'] = $conf['fastcgi']['fastcgi_bin'];
532ae5	239	$tpl_ini_array['server']['hostname'] = $conf['hostname'];
L	240	$tpl_ini_array['server']['ip_address'] = @gethostbyname($conf['hostname']);
	241	$tpl_ini_array['web']['website_basedir'] = $conf['web']['website_basedir'];
	242	$tpl_ini_array['web']['website_path'] = $conf['web']['website_path'];
	243	$tpl_ini_array['web']['website_symlinks'] = $conf['web']['website_symlinks'];
	244	$tpl_ini_array['cron']['crontab_dir'] = $conf['cron']['crontab_dir'];
	245	$tpl_ini_array['web']['security_level'] = 20;
	246	$tpl_ini_array['web']['user'] = $conf['apache']['user'];
	247	$tpl_ini_array['web']['group'] = $conf['apache']['group'];
	248	$tpl_ini_array['web']['php_ini_path_apache'] = $conf['apache']['php_ini_path_apache'];
	249	$tpl_ini_array['web']['php_ini_path_cgi'] = $conf['apache']['php_ini_path_cgi'];
	250	$tpl_ini_array['mail']['pop3_imap_daemon'] = ($conf['dovecot']['installed'] == true)?'dovecot':'courier';
	251	$tpl_ini_array['mail']['mail_filter_syntax'] = ($conf['dovecot']['installed'] == true)?'sieve':'maildrop';
	252	$tpl_ini_array['dns']['bind_user'] = $conf['bind']['bind_user'];
	253	$tpl_ini_array['dns']['bind_group'] = $conf['bind']['bind_group'];
	254	$tpl_ini_array['dns']['bind_zonefiles_dir'] = $conf['bind']['bind_zonefiles_dir'];
	255	$tpl_ini_array['dns']['named_conf_path'] = $conf['bind']['named_conf_path'];
	256	$tpl_ini_array['dns']['named_conf_local_path'] = $conf['bind']['named_conf_local_path'];
a8ccf6	257
dba68f	258	$tpl_ini_array['web']['nginx_vhost_conf_dir'] = $conf['nginx']['vhost_conf_dir'];
T	259	$tpl_ini_array['web']['nginx_vhost_conf_enabled_dir'] = $conf['nginx']['vhost_conf_enabled_dir'];
	260	$tpl_ini_array['web']['nginx_user'] = $conf['nginx']['user'];
	261	$tpl_ini_array['web']['nginx_group'] = $conf['nginx']['group'];
	262	$tpl_ini_array['web']['nginx_cgi_socket'] = $conf['nginx']['cgi_socket'];
	263	$tpl_ini_array['web']['php_fpm_init_script'] = $conf['nginx']['php_fpm_init_script'];
	264	$tpl_ini_array['web']['php_fpm_ini_path'] = $conf['nginx']['php_fpm_ini_path'];
	265	$tpl_ini_array['web']['php_fpm_pool_dir'] = $conf['nginx']['php_fpm_pool_dir'];
	266	$tpl_ini_array['web']['php_fpm_start_port'] = $conf['nginx']['php_fpm_start_port'];
	267	$tpl_ini_array['web']['php_fpm_socket_dir'] = $conf['nginx']['php_fpm_socket_dir'];
a8ccf6	268
80e3c9	269	if ($conf['nginx']['installed'] == true) {
4ffb51	270	$tpl_ini_array['web']['server_type'] = 'nginx';
F	271	$tpl_ini_array['global']['webserver'] = 'nginx';
80e3c9	272	}
a8ccf6	273
532ae5	274	if (array_key_exists('awstats', $conf)) {
L	275	foreach ($conf['awstats'] as $aw_sett => $aw_value) {
	276	$tpl_ini_array['web']['awstats_'.$aw_sett] = $aw_value;
	277	}
	278	}
	279
	280	$server_ini_content = array_to_ini($tpl_ini_array);
	281	$server_ini_content = mysql_real_escape_string($server_ini_content);
	282
	283	$mail_server_enabled = ($conf['services']['mail'])?1:0;
	284	$web_server_enabled = ($conf['services']['web'])?1:0;
	285	$dns_server_enabled = ($conf['services']['dns'])?1:0;
	286	$file_server_enabled = ($conf['services']['file'])?1:0;
	287	$db_server_enabled = ($conf['services']['db'])?1:0;
522ef8	288	$vserver_server_enabled = ($conf['openvz']['installed'])?1:0;
c91bdc	289	$proxy_server_enabled = (isset($conf['services']['proxy']) && $conf['services']['proxy'])?1:0;
T	290	$firewall_server_enabled = (isset($conf['services']['firewall']) && $conf['services']['firewall'])?1:0;
a8ccf6	291
532ae5	292	//** Get the database version number based on the patchfiles
L	293	$found = true;
	294	$current_db_version = 1;
	295	while($found == true) {
	296	$next_db_version = intval($current_db_version + 1);
	297	$patch_filename = realpath(dirname(__FILE__).'/../').'/sql/incremental/upd_'.str_pad($next_db_version, 4, '0', STR_PAD_LEFT).'.sql';
	298	if(is_file($patch_filename)) {
	299	$current_db_version = $next_db_version;
	300	} else {
	301	$found = false;
	302	}
	303	}
	304	$current_db_version = intval($current_db_version);
	305
	306
	307	if($conf['mysql']['master_slave_setup'] == 'y') {
	308
	309	//* Insert the server record in master DB
80e3c9	310	$sql = "INSERT INTO `server` (`sys_userid`, `sys_groupid`, `sys_perm_user`, `sys_perm_group`, `sys_perm_other`, `server_name`, `mail_server`, `web_server`, `dns_server`, `file_server`, `db_server`, `vserver_server`, `config`, `updated`, `active`, `dbversion`,`firewall_server`,`proxy_server`) VALUES (1, 1, 'riud', 'riud', 'r', '".$conf['hostname']."', '$mail_server_enabled', '$web_server_enabled', '$dns_server_enabled', '$file_server_enabled', '$db_server_enabled', '$vserver_server_enabled', '$server_ini_content', 0, 1, $current_db_version, $proxy_server_enabled, $firewall_server_enabled);";
532ae5	311	$this->dbmaster->query($sql);
L	312	$conf['server_id'] = $this->dbmaster->insertID();
	313	$conf['server_id'] = $conf['server_id'];
	314
	315	//* Insert the same record in the local DB
80e3c9	316	$sql = "INSERT INTO `server` (`server_id`, `sys_userid`, `sys_groupid`, `sys_perm_user`, `sys_perm_group`, `sys_perm_other`, `server_name`, `mail_server`, `web_server`, `dns_server`, `file_server`, `db_server`, `vserver_server`, `config`, `updated`, `active`, `dbversion`,`firewall_server`,`proxy_server`) VALUES ('".$conf['server_id']."',1, 1, 'riud', 'riud', 'r', '".$conf['hostname']."', '$mail_server_enabled', '$web_server_enabled', '$dns_server_enabled', '$file_server_enabled', '$db_server_enabled', '$vserver_server_enabled', '$server_ini_content', 0, 1, $current_db_version, $proxy_server_enabled, $firewall_server_enabled);";
532ae5	317	$this->db->query($sql);
L	318
	319	//* username for the ispconfig user
	320	$conf['mysql']['master_ispconfig_user'] = 'ispcsrv'.$conf['server_id'];
	321
	322	$this->grant_master_database_rights();
	323
	324	} else {
	325	//* Insert the server, if its not a mster / slave setup
80e3c9	326	$sql = "INSERT INTO `server` (`sys_userid`, `sys_groupid`, `sys_perm_user`, `sys_perm_group`, `sys_perm_other`, `server_name`, `mail_server`, `web_server`, `dns_server`, `file_server`, `db_server`, `vserver_server`, `config`, `updated`, `active`, `dbversion`,`firewall_server`,`proxy_server`) VALUES (1, 1, 'riud', 'riud', 'r', '".$conf['hostname']."', '$mail_server_enabled', '$web_server_enabled', '$dns_server_enabled', '$file_server_enabled', '$db_server_enabled', '$vserver_server_enabled', '$server_ini_content', 0, 1, $current_db_version, $proxy_server_enabled, $firewall_server_enabled);";
532ae5	327	$this->db->query($sql);
L	328	$conf['server_id'] = $this->db->insertID();
	329	$conf['server_id'] = $conf['server_id'];
	330	}
	331
	332
	333	}
	334
100d41	335	public function grant_master_database_rights($verbose = false) {
532ae5	336	global $conf;
L	337
	338	/*
	339	* The following code is a little bit tricky:
	340	* * If we HAVE a master-slave - Setup then the client has to grant the rights for himself
	341	* at the master.
	342	* * If we DO NOT have a master-slave - Setup then we have two possibilities
	343	* 1) it is a single server
	344	* 2) it is the MASTER of n clients
	345	*/
	346	$hosts = array();
a8ccf6	347
532ae5	348	if($conf['mysql']['master_slave_setup'] == 'y') {
L	349	/*
	350	* it is a master-slave - Setup so the slave has to grant its rights in the master
	351	* database
	352	*/
	353
	354	//* insert the ispconfig user in the remote server
	355	$from_host = $conf['hostname'];
	356	$from_ip = gethostbyname($conf['hostname']);
a8ccf6	357
532ae5	358	$hosts[$from_host]['user'] = $conf['mysql']['master_ispconfig_user'];
L	359	$hosts[$from_host]['db'] = $conf['mysql']['master_database'];
	360	$hosts[$from_host]['pwd'] = $conf['mysql']['master_ispconfig_password'];
	361
	362	$hosts[$from_ip]['user'] = $conf['mysql']['master_ispconfig_user'];
	363	$hosts[$from_ip]['db'] = $conf['mysql']['master_database'];
	364	$hosts[$from_ip]['pwd'] = $conf['mysql']['master_ispconfig_password'];
	365	} else{
	366	/*
	367	* it is NOT a master-slave - Setup so we have to find out all clients and their
	368	* host
	369	*/
	370	$query = "SELECT Host, User FROM mysql.user WHERE User like 'ispcsrv%' ORDER BY User, Host";
	371	$data = $this->dbmaster->queryAllRecords($query);
	372	if($data === false) {
	373	$this->error('Unable to get the user rights: '.$value['db'].' Error: '.$this->dbmaster->errorMessage);
	374	}
	375	foreach ($data as $item){
	376	$hosts[$item['Host']]['user'] = $item['User'];
	377	$hosts[$item['Host']]['db'] = $conf['mysql']['master_database'];
	378	$hosts[$item['Host']]['pwd'] = ''; // the user already exists, so we need no pwd!
	379	}
	380	}
a8ccf6	381
532ae5	382	if(count($hosts) > 0) {
7fe908	383	foreach($hosts as $host => $value) {
MC	384	/*
532ae5	385	* If a pwd exists, this means, we have to add the new user (and his pwd).
L	386	* if not, the user already exists and we do not need the pwd
	387	*/
7fe908	388	if ($value['pwd'] != ''){
MC	389	$query = "CREATE USER '".$value['user']."'@'".$host."' IDENTIFIED BY '" . $value['pwd'] . "'";
	390	if ($verbose){
	391	echo "\n\n" . $query ."\n";
	392	}
	393	$this->dbmaster->query($query); // ignore the error
	394	}
	395
	396	/*
	397	* Try to delete all rights of the user in case that it exists.
	398	* In Case that it will not exist, do nothing (ignore the error!)
	399	*/
	400	$query = "REVOKE ALL PRIVILEGES, GRANT OPTION FROM '".$value['user']."'@'".$host."' ";
100d41	401	if ($verbose){
V	402	echo "\n\n" . $query ."\n";
	403	}
532ae5	404	$this->dbmaster->query($query); // ignore the error
7fe908	405
MC	406	//* Create the ISPConfig database user in the remote database
	407	$query = "GRANT SELECT ON ".$value['db'].".`server` TO '".$value['user']."'@'".$host."' ";
	408	if ($verbose){
	409	echo $query ."\n";
	410	}
	411	if(!$this->dbmaster->query($query)) {
	412	$this->warning('Unable to set rights of user in master database: '.$value['db']."\n Query: ".$query."\n Error: ".$this->dbmaster->errorMessage);
	413	}
	414
	415	$query = "GRANT SELECT, INSERT ON ".$value['db'].".`sys_log` TO '".$value['user']."'@'".$host."' ";
	416	if ($verbose){
	417	echo $query ."\n";
	418	}
	419	if(!$this->dbmaster->query($query)) {
	420	$this->warning('Unable to set rights of user in master database: '.$value['db']."\n Query: ".$query."\n Error: ".$this->dbmaster->errorMessage);
	421	}
	422
	423	$query = "GRANT SELECT, UPDATE(`status`, `error`) ON ".$value['db'].".`sys_datalog` TO '".$value['user']."'@'".$host."' ";
	424	if ($verbose){
	425	echo $query ."\n";
	426	}
	427	if(!$this->dbmaster->query($query)) {
	428	$this->warning('Unable to set rights of user in master database: '.$value['db']."\n Query: ".$query."\n Error: ".$this->dbmaster->errorMessage);
	429	}
	430
	431	$query = "GRANT SELECT, UPDATE(`status`) ON ".$value['db'].".`software_update_inst` TO '".$value['user']."'@'".$host."' ";
	432	if ($verbose){
	433	echo $query ."\n";
	434	}
	435	if(!$this->dbmaster->query($query)) {
	436	$this->warning('Unable to set rights of user in master database: '.$value['db']."\n Query: ".$query."\n Error: ".$this->dbmaster->errorMessage);
	437	}
	438
	439	$query = "GRANT SELECT, UPDATE(`updated`) ON ".$value['db'].".`server` TO '".$value['user']."'@'".$host."' ";
	440	if ($verbose){
	441	echo $query ."\n";
	442	}
	443	if(!$this->dbmaster->query($query)) {
	444	$this->warning('Unable to set rights of user in master database: '.$value['db']."\n Query: ".$query."\n Error: ".$this->dbmaster->errorMessage);
	445	}
	446
	447	$query = "GRANT SELECT, UPDATE (`ssl_request`, `ssl_cert`, `ssl_action`, `ssl_key`) ON ".$value['db'].".`web_domain` TO '".$value['user']."'@'".$host."' ";
	448	if ($verbose){
	449	echo $query ."\n";
	450	}
	451	if(!$this->dbmaster->query($query)) {
	452	$this->warning('Unable to set rights of user in master database: '.$value['db']."\n Query: ".$query."\n Error: ".$this->dbmaster->errorMessage);
	453	}
	454
	455	$query = "GRANT SELECT ON ".$value['db'].".`sys_group` TO '".$value['user']."'@'".$host."' ";
	456	if ($verbose){
	457	echo $query ."\n";
	458	}
	459	if(!$this->dbmaster->query($query)) {
	460	$this->warning('Unable to set rights of user in master database: '.$value['db']."\n Query: ".$query."\n Error: ".$this->dbmaster->errorMessage);
	461	}
	462
	463	$query = "GRANT SELECT, UPDATE (`action_state`, `response`) ON ".$value['db'].".`sys_remoteaction` TO '".$value['user']."'@'".$host."' ";
	464	if ($verbose){
	465	echo $query ."\n";
	466	}
	467	if(!$this->dbmaster->query($query)) {
	468	$this->warning('Unable to set rights of user in master database: '.$value['db']."\n Query: ".$query."\n Error: ".$this->dbmaster->errorMessage);
	469	}
	470
	471	$query = "GRANT SELECT, INSERT , DELETE ON ".$value['db'].".`monitor_data` TO '".$value['user']."'@'".$host."' ";
	472	if ($verbose){
	473	echo $query ."\n";
	474	}
	475	if(!$this->dbmaster->query($query)) {
	476	$this->warning('Unable to set rights of user in master database: '.$value['db']."\n Query: ".$query."\n Error: ".$this->dbmaster->errorMessage);
	477	}
	478
	479	$query = "GRANT SELECT, INSERT, UPDATE ON ".$value['db'].".`mail_traffic` TO '".$value['user']."'@'".$host."' ";
	480	if ($verbose){
	481	echo $query ."\n";
	482	}
	483	if(!$this->dbmaster->query($query)) {
	484	$this->warning('Unable to set rights of user in master database: '.$value['db']."\n Query: ".$query."\n Error: ".$this->dbmaster->errorMessage);
	485	}
	486
	487	$query = "GRANT SELECT, INSERT, UPDATE ON ".$value['db'].".`web_traffic` TO '".$value['user']."'@'".$host."' ";
	488	if ($verbose){
	489	echo $query ."\n";
	490	}
	491	if(!$this->dbmaster->query($query)) {
	492	$this->warning('Unable to set rights of user in master database: '.$value['db']."\n Query: ".$query."\n Error: ".$this->dbmaster->errorMessage);
	493	}
	494
e92eda	495	$query = "GRANT SELECT, UPDATE, DELETE ON ".$value['db'].".`aps_instances` TO '".$value['user']."'@'".$host."' ";
TB	496	if ($verbose){
	497	echo $query ."\n";
	498	}
	499	if(!$this->dbmaster->query($query)) {
	500	$this->warning('Unable to set rights of user in master database: '.$value['db']."\n Query: ".$query."\n Error: ".$this->dbmaster->errorMessage);
	501	}
	502
	503	$query = "GRANT SELECT, DELETE ON ".$value['db'].".`aps_instances_settings` TO '".$value['user']."'@'".$host."' ";
7fe908	504	if ($verbose){
MC	505	echo $query ."\n";
	506	}
	507	if(!$this->dbmaster->query($query)) {
	508	$this->warning('Unable to set rights of user in master database: '.$value['db']."\n Query: ".$query."\n Error: ".$this->dbmaster->errorMessage);
	509	}
	510
	511	$query = "GRANT SELECT, INSERT, DELETE ON ".$value['db'].".`web_backup` TO '".$value['user']."'@'".$host."' ";
	512	if ($verbose){
	513	echo $query ."\n";
	514	}
	515	if(!$this->dbmaster->query($query)) {
	516	$this->warning('Unable to set rights of user in master database: '.$value['db']."\n Query: ".$query."\n Error: ".$this->dbmaster->errorMessage);
	517	}
	518
532ae5	519	}
L	520
	521	/*
	522	* It is all done. Relod the rights...
	523	*/
7fe908	524	$this->dbmaster->query('FLUSH PRIVILEGES;');
532ae5	525	}
L	526
	527	}
	528
	529	//** writes postfix configuration files
	530	public function process_postfix_config($configfile) {
	531	global $conf;
	532
	533	$config_dir = $conf['postfix']['config_dir'].'/';
	534	$full_file_name = $config_dir.$configfile;
	535	//* Backup exiting file
	536	if(is_file($full_file_name)) {
	537	copy($full_file_name, $config_dir.$configfile.'~');
	538	}
615a0a	539	$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/'.$configfile.'.master', 'tpl/'.$configfile.'.master');
532ae5	540	$content = str_replace('{mysql_server_ispconfig_user}', $conf['mysql']['ispconfig_user'], $content);
L	541	$content = str_replace('{mysql_server_ispconfig_password}', $conf['mysql']['ispconfig_password'], $content);
	542	$content = str_replace('{mysql_server_database}', $conf['mysql']['database'], $content);
	543	$content = str_replace('{mysql_server_ip}', $conf['mysql']['ip'], $content);
	544	$content = str_replace('{server_id}', $conf['server_id'], $content);
	545	wf($full_file_name, $content);
	546	}
	547
	548	public function configure_jailkit() {
	549	global $conf;
	550
	551	$cf = $conf['jailkit'];
	552	$config_dir = $cf['config_dir'];
	553	$jk_init = $cf['jk_init'];
	554	$jk_chrootsh = $cf['jk_chrootsh'];
	555
	556	if (is_dir($config_dir)) {
	557	if(is_file($config_dir.'/'.$jk_init)) copy($config_dir.'/'.$jk_init, $config_dir.'/'.$jk_init.'~');
	558	if(is_file($config_dir.'/'.$jk_chrootsh.'.master')) copy($config_dir.'/'.$jk_chrootsh.'.master', $config_dir.'/'.$jk_chrootsh.'~');
7fe908	559
MC	560	if(is_file($conf['ispconfig_install_dir'].'/server/conf-custom/install/'.$jk_init.'.master')) {
	561	copy($conf['ispconfig_install_dir'].'/server/conf-custom/install/'.$jk_init.'.master', $config_dir.'/'.$jk_init);
	562	} else {
	563	copy('tpl/'.$jk_init.'.master', $config_dir.'/'.$jk_init);
	564	}
	565	if(is_file($conf['ispconfig_install_dir'].'/server/conf-custom/install/'.$jk_chrootsh.'.master')) {
	566	copy($conf['ispconfig_install_dir'].'/server/conf-custom/install/'.$jk_chrootsh.'.master', $config_dir.'/'.$jk_chrootsh);
	567	} else {
	568	copy('tpl/'.$jk_chrootsh.'.master', $config_dir.'/'.$jk_chrootsh);
	569	}
532ae5	570	}
a8ccf6	571
edf806	572	//* help jailkit fo find its ini files
T	573	if(!is_link('/usr/jk_socketd.ini')) exec('ln -s /etc/jailkit/jk_socketd.ini /usr/jk_socketd.ini');
	574	if(!is_link('/usr/jk_init.ini')) exec('ln -s /etc/jailkit/jk_init.ini /usr/jk_init.ini');
532ae5	575
L	576	}
a8ccf6	577
532ae5	578	public function configure_mailman($status = 'insert') {
L	579	global $conf;
	580
	581	$config_dir = $conf['mailman']['config_dir'].'/';
	582	$full_file_name = $config_dir.'mm_cfg.py';
	583	//* Backup exiting file
	584	if(is_file($full_file_name)) {
	585	copy($full_file_name, $config_dir.'mm_cfg.py~');
	586	}
a8ccf6	587
532ae5	588	// load files
615a0a	589	$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/mm_cfg.py.master', 'tpl/mm_cfg.py.master');
532ae5	590	$old_file = rf($full_file_name);
a8ccf6	591
532ae5	592	$old_options = array();
a8ccf6	593	$lines = explode("\n", $old_file);
532ae5	594	foreach ($lines as $line)
L	595	{
8fe9ab	596	if (trim($line) != '' && substr($line, 0, 1) != '#')
532ae5	597	{
8fe9ab	598	@list($key, $value) = @explode("=", $line);
532ae5	599	if (!empty($value))
L	600	{
	601	$key = rtrim($key);
	602	$old_options[$key] = trim($value);
	603	}
	604	}
	605	}
a8ccf6	606
532ae5	607	$virtual_domains = '';
L	608	if($status == 'update')
	609	{
	610	// create virtual_domains list
	611	$domainAll = $this->db->queryAllRecords("SELECT domain FROM mail_mailinglist GROUP BY domain");
a8ccf6	612
8fe9ab	613	if(is_array($domainAll)) {
7fe908	614	foreach($domainAll as $domain)
MC	615	{
	616	if ($domainAll[0]['domain'] == $domain['domain'])
	617	$virtual_domains .= "'".$domain['domain']."'";
	618	else
	619	$virtual_domains .= ", '".$domain['domain']."'";
	620	}
8fe9ab	621	}
532ae5	622	}
L	623	else
	624	$virtual_domains = "' '";
a8ccf6	625
532ae5	626	$content = str_replace('{hostname}', $conf['hostname'], $content);
46c775	627	if(!isset($old_options['DEFAULT_SERVER_LANGUAGE'])) $old_options['DEFAULT_SERVER_LANGUAGE'] = '';
532ae5	628	$content = str_replace('{default_language}', $old_options['DEFAULT_SERVER_LANGUAGE'], $content);
L	629	$content = str_replace('{virtual_domains}', $virtual_domains, $content);
7fe908	630
532ae5	631	wf($full_file_name, $content);
7fe908	632
cc6568	633	//* Write virtual_to_transport.sh script
H	634	$config_dir = $conf['mailman']['config_dir'].'/';
	635	$full_file_name = $config_dir.'virtual_to_transport.sh';
7fe908	636
cc6568	637	//* Backup exiting virtual_to_transport.sh script
H	638	if(is_file($full_file_name)) {
	639	copy($full_file_name, $config_dir.'virtual_to_transport.sh~');
	640	}
7fe908	641
cc6568	642	if(is_dir('/etc/mailman')) {
615a0a	643	if(is_file($conf['ispconfig_install_dir'].'/server/conf-custom/install/mailman-virtual_to_transport.sh')) {
7fe908	644	copy($conf['ispconfig_install_dir'].'/server/conf-custom/install/mailman-virtual_to_transport.sh', $full_file_name);
MC	645	} else {
	646	copy('tpl/mailman-virtual_to_transport.sh', $full_file_name);
	647	}
	648	chgrp($full_file_name, 'list');
d22542	649	chmod($full_file_name, 0755);
cc6568	650	}
7fe908	651
cc6568	652	//* Create aliasaes
H	653	exec('/usr/lib/mailman/bin/genaliases 2>/dev/null');
5afa9d	654	if(is_file('/var/lib/mailman/data/virtual-mailman')) exec('postmap /var/lib/mailman/data/virtual-mailman');
7fe908	655
532ae5	656	}
L	657
	658	public function configure_postfix($options = '') {
b04e82	659	global $conf,$autoinstall;
532ae5	660	$cf = $conf['postfix'];
L	661	$config_dir = $cf['config_dir'];
	662
	663	if(!is_dir($config_dir)) {
	664	$this->error("The postfix configuration directory '$config_dir' does not exist.");
	665	}
	666
	667	//* mysql-virtual_domains.cf
	668	$this->process_postfix_config('mysql-virtual_domains.cf');
	669
	670	//* mysql-virtual_forwardings.cf
	671	$this->process_postfix_config('mysql-virtual_forwardings.cf');
	672
	673	//* mysql-virtual_mailboxes.cf
	674	$this->process_postfix_config('mysql-virtual_mailboxes.cf');
	675
	676	//* mysql-virtual_email2email.cf
	677	$this->process_postfix_config('mysql-virtual_email2email.cf');
	678
	679	//* mysql-virtual_transports.cf
	680	$this->process_postfix_config('mysql-virtual_transports.cf');
	681
	682	//* mysql-virtual_recipient.cf
	683	$this->process_postfix_config('mysql-virtual_recipient.cf');
	684
	685	//* mysql-virtual_sender.cf
	686	$this->process_postfix_config('mysql-virtual_sender.cf');
	687
	688	//* mysql-virtual_client.cf
	689	$this->process_postfix_config('mysql-virtual_client.cf');
	690
	691	//* mysql-virtual_relaydomains.cf
	692	$this->process_postfix_config('mysql-virtual_relaydomains.cf');
	693
	694	//* mysql-virtual_relayrecipientmaps.cf
	695	$this->process_postfix_config('mysql-virtual_relayrecipientmaps.cf');
	696
	697	//* Changing mode and group of the new created config files.
	698	caselog('chmod o= '.$config_dir.'/mysql-virtual_.cf &> /dev/null',
7fe908	699	__FILE__, __LINE__, 'chmod on mysql-virtual_.cf', 'chmod on mysql-virtual_.cf failed');
532ae5	700	caselog('chgrp '.$cf['group'].' '.$config_dir.'/mysql-virtual_.cf &> /dev/null',
7fe908	701	__FILE__, __LINE__, 'chgrp on mysql-virtual_.cf', 'chgrp on mysql-virtual_.cf failed');
532ae5	702
L	703	//* Creating virtual mail user and group
	704	$command = 'groupadd -g '.$cf['vmail_groupid'].' '.$cf['vmail_groupname'];
	705	if(!is_group($cf['vmail_groupname'])) caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
	706
	707	$command = 'useradd -g '.$cf['vmail_groupname'].' -u '.$cf['vmail_userid'].' '.$cf['vmail_username'].' -d '.$cf['vmail_mailbox_base'].' -m';
	708	if(!is_user($cf['vmail_username'])) caselog("$command &> /dev/null", __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
a8ccf6	709
b67344	710	//* These postconf commands will be executed on installation and update
4ed035	711	$server_ini_rec = $this->db->queryOneRecord("SELECT config FROM `" . $this->db->quote($conf["mysql"]["database"]) . "`.`server` WHERE server_id = ".$conf['server_id']);
a296ae	712	$server_ini_array = ini_to_array(stripslashes($server_ini_rec['config']));
M	713	unset($server_ini_rec);
	714
	715	//* If there are RBL's defined, format the list and add them to smtp_recipient_restrictions to prevent removeal after an update
	716	$rbl_list = '';
6882ab	717	if (@isset($server_ini_array['mail']['realtime_blackhole_list']) && $server_ini_array['mail']['realtime_blackhole_list'] != '') {
7fe908	718	$rbl_hosts = explode(",", str_replace(" ", "", $server_ini_array['mail']['realtime_blackhole_list']));
a296ae	719	foreach ($rbl_hosts as $key => $value) {
M	720	$rbl_list .= ", reject_rbl_client ". $value;
	721	}
	722	}
	723	unset($rbl_hosts);
	724	unset($server_ini_array);
7fe908	725
MC	726	$postconf_placeholders = array('{config_dir}' => $config_dir,
	727	'{vmail_mailbox_base}' => $cf['vmail_mailbox_base'],
	728	'{vmail_userid}' => $cf['vmail_userid'],
	729	'{vmail_groupid}' => $cf['vmail_groupid'],
	730	'{rbl_list}' => $rbl_list);
	731
	732	$postconf_tpl = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/debian_postfix.conf.master', 'tpl/debian_postfix.conf.master');
	733	$postconf_tpl = strtr($postconf_tpl, $postconf_placeholders);
	734	$postconf_commands = array_filter(explode("\n", $postconf_tpl)); // read and remove empty lines
a8ccf6	735
b67344	736	//* These postconf commands will be executed on installation only
T	737	if($this->is_update == false) {
7fe908	738	$postconf_commands = array_merge($postconf_commands, array(
MC	739	'myhostname = '.$conf['hostname'],
	740	'mydestination = '.$conf['hostname'].', localhost, localhost.localdomain',
	741	'mynetworks = 127.0.0.0/8 [::1]/128'
	742	));
b67344	743	}
532ae5	744
L	745	//* Create the header and body check files
	746	touch($config_dir.'/header_checks');
	747	touch($config_dir.'/mime_header_checks');
	748	touch($config_dir.'/nested_header_checks');
	749	touch($config_dir.'/body_checks');
a8ccf6	750
532ae5	751	//* Create the mailman files
cc6568	752	if(!is_dir('/var/lib/mailman/data')) exec('mkdir -p /var/lib/mailman/data');
5378e9	753	if(!is_file('/var/lib/mailman/data/aliases')) touch('/var/lib/mailman/data/aliases');
T	754	exec('postalias /var/lib/mailman/data/aliases');
	755	if(!is_file('/var/lib/mailman/data/virtual-mailman')) touch('/var/lib/mailman/data/virtual-mailman');
d4d965	756	exec('postmap /var/lib/mailman/data/virtual-mailman');
cc6568	757	if(!is_file('/var/lib/mailman/data/transport-mailman')) touch('/var/lib/mailman/data/transport-mailman');
H	758	exec('/usr/sbin/postmap /var/lib/mailman/data/transport-mailman');
532ae5	759
L	760	//* Make a backup copy of the main.cf file
	761	copy($config_dir.'/main.cf', $config_dir.'/main.cf~');
	762
	763	//* Executing the postconf commands
	764	foreach($postconf_commands as $cmd) {
	765	$command = "postconf -e '$cmd'";
	766	caselog($command." &> /dev/null", __FILE__, __LINE__, 'EXECUTED: '.$command, 'Failed to execute the command '.$command);
	767	}
	768
7fe908	769	if(!stristr($options, 'dont-create-certs')) {
532ae5	770	//* Create the SSL certificate
b04e82	771	if(AUTOINSTALL){
bcd725	772	$command = 'cd '.$config_dir.'; '
b04e82	773	."openssl req -new -subj '/C=".escapeshellcmd($autoinstall['ssl_cert_country'])."/ST=".escapeshellcmd($autoinstall['ssl_cert_state'])."/L=".escapeshellcmd($autoinstall['ssl_cert_locality'])."/O=".escapeshellcmd($autoinstall['ssl_cert_organisation'])."/OU=".escapeshellcmd($autoinstall['ssl_cert_organisation_unit'])."/CN=".escapeshellcmd($autoinstall['ssl_cert_common_name'])."' -outform PEM -out smtpd.cert -newkey rsa:4096 -nodes -keyout smtpd.key -keyform PEM -days 3650 -x509";
bcd725	774	} else {
FT	775	$command = 'cd '.$config_dir.'; '
	776	.'openssl req -new -outform PEM -out smtpd.cert -newkey rsa:4096 -nodes -keyout smtpd.key -keyform PEM -days 3650 -x509';
	777	}
532ae5	778	exec($command);
L	779
	780	$command = 'chmod o= '.$config_dir.'/smtpd.key';
	781	caselog($command.' &> /dev/null', __FILE__, __LINE__, 'EXECUTED: '.$command, 'Failed to execute the command '.$command);
	782	}
	783
	784	//** We have to change the permissions of the courier authdaemon directory to make it accessible for maildrop.
	785	$command = 'chmod 755 /var/run/courier/authdaemon/';
	786	if(is_file('/var/run/courier/authdaemon/')) caselog($command.' &> /dev/null', __FILE__, __LINE__, 'EXECUTED: '.$command, 'Failed to execute the command '.$command);
	787
	788	//* Changing maildrop lines in posfix master.cf
	789	if(is_file($config_dir.'/master.cf')) {
	790	copy($config_dir.'/master.cf', $config_dir.'/master.cf~');
	791	}
	792	if(is_file($config_dir.'/master.cf~')) {
	793	chmod($config_dir.'/master.cf~', 0400);
	794	}
	795	$configfile = $config_dir.'/master.cf';
	796	$content = rf($configfile);
	797	$content = str_replace('flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient}',
7fe908	798	'flags=DRhu user='.$cf['vmail_username'].' argv=/usr/bin/maildrop -d '.$cf['vmail_username'].' ${extension} ${recipient} ${user} ${nexthop} ${sender}',
MC	799	$content);
532ae5	800	wf($configfile, $content);
L	801
	802	//* Writing the Maildrop mailfilter file
	803	$configfile = 'mailfilter';
	804	if(is_file($cf['vmail_mailbox_base'].'/.'.$configfile)) {
	805	copy($cf['vmail_mailbox_base'].'/.'.$configfile, $cf['vmail_mailbox_base'].'/.'.$configfile.'~');
	806	}
615a0a	807	$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/'.$configfile.'.master', 'tpl/'.$configfile.'.master');
532ae5	808	$content = str_replace('{dist_postfix_vmail_mailbox_base}', $cf['vmail_mailbox_base'], $content);
L	809	wf($cf['vmail_mailbox_base'].'/.'.$configfile, $content);
	810
	811	//* Create the directory for the custom mailfilters
	812	if(!is_dir($cf['vmail_mailbox_base'].'/mailfilters')) {
	813	$command = 'mkdir '.$cf['vmail_mailbox_base'].'/mailfilters';
	814	caselog($command." &> /dev/null", __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
	815	}
	816
	817	//* Chmod and chown the .mailfilter file
419eb7	818	$command = 'chown '.$cf['vmail_username'].':'.$cf['vmail_groupname'].' '.$cf['vmail_mailbox_base'].'/.mailfilter';
532ae5	819	caselog($command." &> /dev/null", __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
L	820
419eb7	821	$command = 'chmod 600 '.$cf['vmail_mailbox_base'].'/.mailfilter';
532ae5	822	caselog($command." &> /dev/null", __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
L	823
	824	}
	825
	826	public function configure_saslauthd() {
	827	global $conf;
a8ccf6	828
26c0fc	829	//* Get saslsauthd version
7fe908	830	exec('saslauthd -v 2>&1', $out);
MC	831	$parts = explode(' ', $out[0]);
26c0fc	832	$saslversion = $parts[1];
T	833	unset($parts);
	834	unset($out);
532ae5	835
26c0fc	836	if(version_compare($saslversion , '2.1.23') > 0) {
T	837	//* Configfile for saslauthd versions 2.1.24 and newer
	838	$configfile = 'sasl_smtpd2.conf';
	839	} else {
	840	//* Configfile for saslauthd versions up to 2.1.23
	841	$configfile = 'sasl_smtpd.conf';
	842	}
a8ccf6	843
7fe908	844	if(is_file($conf['postfix']['config_dir'].'/sasl/smtpd.conf')) copy($conf['postfix']['config_dir'].'/sasl/smtpd.conf', $conf['postfix']['config_dir'].'/sasl/smtpd.conf~');
532ae5	845	if(is_file($conf['postfix']['config_dir'].'/sasl/smtpd.conf~')) chmod($conf['postfix']['config_dir'].'/sasl/smtpd.conf~', 0400);
615a0a	846	$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/'.$configfile.'.master', 'tpl/'.$configfile.'.master');
7fe908	847	$content = str_replace('{mysql_server_ispconfig_user}', $conf['mysql']['ispconfig_user'], $content);
MC	848	$content = str_replace('{mysql_server_ispconfig_password}', $conf['mysql']['ispconfig_password'], $content);
	849	$content = str_replace('{mysql_server_database}', $conf['mysql']['database'], $content);
	850	$content = str_replace('{mysql_server_ip}', $conf['mysql']['ip'], $content);
	851	wf($conf['postfix']['config_dir'].'/sasl/smtpd.conf', $content);
532ae5	852
L	853	// TODO: Chmod and chown on the config file
	854
	855
	856	// Recursively create the spool directory
	857	if(!@is_dir('/var/spool/postfix/var/run/saslauthd')) mkdir('/var/spool/postfix/var/run/saslauthd', 0755, true);
	858
	859	// Edit the file /etc/default/saslauthd
	860	$configfile = $conf['saslauthd']['config'];
7fe908	861	if(is_file($configfile)) copy($configfile, $configfile.'~');
532ae5	862	if(is_file($configfile.'~')) chmod($configfile.'~', 0400);
L	863	$content = rf($configfile);
7fe908	864	$content = str_replace('START=no', 'START=yes', $content);
532ae5	865	// Debian
7fe908	866	$content = str_replace('OPTIONS="-c"', 'OPTIONS="-m /var/spool/postfix/var/run/saslauthd -r"', $content);
532ae5	867	// Ubuntu
7fe908	868	$content = str_replace('OPTIONS="-c -m /var/run/saslauthd"', 'OPTIONS="-c -m /var/spool/postfix/var/run/saslauthd -r"', $content);
MC	869	wf($configfile, $content);
532ae5	870
L	871	// Edit the file /etc/init.d/saslauthd
	872	$configfile = $conf['init_scripts'].'/'.$conf['saslauthd']['init_script'];
	873	$content = rf($configfile);
7fe908	874	$content = str_replace('PIDFILE=$RUN_DIR/saslauthd.pid', 'PIDFILE="/var/spool/postfix/var/run/${NAME}/saslauthd.pid"', $content);
MC	875	wf($configfile, $content);
532ae5	876
L	877	// add the postfix user to the sasl group (at least necessary for Ubuntu 8.04 and most likely Debian Lenny as well.
	878	exec('adduser postfix sasl');
	879
	880
	881	}
	882
	883	public function configure_pam() {
	884	global $conf;
	885	$pam = $conf['pam'];
	886	//* configure pam for SMTP authentication agains the ispconfig database
	887	$configfile = 'pamd_smtp';
	888	if(is_file($pam.'/smtp')) copy($pam.'/smtp', $pam.'/smtp~');
	889	if(is_file($pam.'/smtp~')) chmod($pam.'/smtp~', 0400);
	890
615a0a	891	$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/'.$configfile.'.master', 'tpl/'.$configfile.'.master');
532ae5	892	$content = str_replace('{mysql_server_ispconfig_user}', $conf['mysql']['ispconfig_user'], $content);
L	893	$content = str_replace('{mysql_server_ispconfig_password}', $conf['mysql']['ispconfig_password'], $content);
	894	$content = str_replace('{mysql_server_database}', $conf['mysql']['database'], $content);
	895	$content = str_replace('{mysql_server_ip}', $conf['mysql']['ip'], $content);
	896	wf($pam.'/smtp', $content);
	897	// On some OSes smtp is world readable which allows for reading database information. Removing world readable rights should have no effect.
	898	if(is_file($pam.'/smtp')) exec("chmod o= $pam/smtp");
	899	chmod($pam.'/smtp', 0660);
	900	chown($pam.'/smtp', 'daemon');
	901	chgrp($pam.'/smtp', 'daemon');
	902
	903	}
	904
	905	public function configure_courier() {
	906	global $conf;
	907	$config_dir = $conf['courier']['config_dir'];
	908	//* authmysqlrc
	909	$configfile = 'authmysqlrc';
	910	if(is_file($config_dir.'/'.$configfile)) {
	911	copy($config_dir.'/'.$configfile, $config_dir.'/'.$configfile.'~');
	912	}
	913	chmod($config_dir.'/'.$configfile.'~', 0400);
615a0a	914	$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/'.$configfile.'.master', 'tpl/'.$configfile.'.master');
7fe908	915	$content = str_replace('{mysql_server_ispconfig_user}', $conf['mysql']['ispconfig_user'], $content);
MC	916	$content = str_replace('{mysql_server_ispconfig_password}', $conf['mysql']['ispconfig_password'], $content);
	917	$content = str_replace('{mysql_server_database}', $conf['mysql']['database'], $content);
	918	$content = str_replace('{mysql_server_host}', $conf['mysql']['host'], $content);
532ae5	919	wf($config_dir.'/'.$configfile, $content);
L	920
	921	chmod($config_dir.'/'.$configfile, 0660);
	922	chown($config_dir.'/'.$configfile, 'daemon');
	923	chgrp($config_dir.'/'.$configfile, 'daemon');
	924
	925	//* authdaemonrc
	926	$configfile = $config_dir.'/authdaemonrc';
	927	if(is_file($configfile)) {
	928	copy($configfile, $configfile.'~');
	929	}
	930	if(is_file($configfile.'~')) {
	931	chmod($configfile.'~', 0400);
	932	}
	933	$content = rf($configfile);
	934	$content = str_replace('authmodulelist="authpam"', 'authmodulelist="authmysql"', $content);
	935	wf($configfile, $content);
	936	}
	937
	938	public function configure_dovecot() {
	939	global $conf;
	940
	941	$config_dir = $conf['dovecot']['config_dir'];
	942
	943	//* Configure master.cf and add a line for deliver
	944	if(is_file($conf['postfix']['config_dir'].'/master.cf')) {
	945	copy($conf['postfix']['config_dir'].'/master.cf', $conf['postfix']['config_dir'].'/master.cf~2');
	946	}
	947	if(is_file($conf['postfix']['config_dir'].'/master.cf~')) {
	948	chmod($conf['postfix']['config_dir'].'/master.cf~2', 0400);
	949	}
	950	$content = rf($conf['postfix']['config_dir'].'/master.cf');
	951	// Only add the content if we had not addded it before
7fe908	952	if(!stristr($content, 'dovecot/deliver')) {
013ae4	953	$deliver_content = 'dovecot unix - n n - - pipe'."\n".' flags=DROhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -f ${sender} -d ${user}@${nexthop}';
7fe908	954	af($conf['postfix']['config_dir'].'/master.cf', $deliver_content);
532ae5	955	}
L	956	unset($content);
	957	unset($deliver_content);
	958
	959
	960	//* Reconfigure postfix to use dovecot authentication
	961	// Adding the amavisd commands to the postfix configuration
	962	$postconf_commands = array (
7fe908	963	'dovecot_destination_recipient_limit = 1',
MC	964	'virtual_transport = dovecot',
	965	'smtpd_sasl_type = dovecot',
	966	'smtpd_sasl_path = private/auth'
532ae5	967	);
L	968
	969	// Make a backup copy of the main.cf file
7fe908	970	copy($conf['postfix']['config_dir'].'/main.cf', $conf['postfix']['config_dir'].'/main.cf~3');
532ae5	971
L	972	// Executing the postconf commands
	973	foreach($postconf_commands as $cmd) {
	974	$command = "postconf -e '$cmd'";
	975	caselog($command." &> /dev/null", __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
	976	}
	977
31e0d1	978	//* backup dovecot.conf
532ae5	979	$configfile = 'dovecot.conf';
L	980	if(is_file($config_dir.'/'.$configfile)) {
	981	copy($config_dir.'/'.$configfile, $config_dir.'/'.$configfile.'~');
	982	}
a8ccf6	983
31e0d1	984	//* Get the dovecot version
7fe908	985	exec('dovecot --version', $tmp);
MC	986	$parts = explode('.', trim($tmp[0]));
31e0d1	987	$dovecot_version = $parts[0];
T	988	unset($tmp);
	989	unset($parts);
a8ccf6	990
31e0d1	991	//* Copy dovecot configuration file
T	992	if($dovecot_version == 2) {
7fe908	993	if(is_file($conf['ispconfig_install_dir'].'/server/conf-custom/install/debian_dovecot2.conf.master')) {
MC	994	copy($conf['ispconfig_install_dir'].'/server/conf-custom/install/debian_dovecot2.conf.master', $config_dir.'/'.$configfile);
	995	} else {
	996	copy('tpl/debian_dovecot2.conf.master', $config_dir.'/'.$configfile);
	997	}
65576f	998	replaceLine($config_dir.'/'.$configfile, 'postmaster_address = postmaster@example.com', 'postmaster_address = postmaster@'.$conf['hostname'], 1, 0);
31e0d1	999	} else {
7fe908	1000	if(is_file($conf['ispconfig_install_dir'].'/server/conf-custom/install/debian_dovecot.conf.master')) {
MC	1001	copy($conf['ispconfig_install_dir'].'/server/conf-custom/install/debian_dovecot.conf.master', $config_dir.'/'.$configfile);
	1002	} else {
	1003	copy('tpl/debian_dovecot.conf.master', $config_dir.'/'.$configfile);
	1004	}
31e0d1	1005	}
532ae5	1006
L	1007	//* dovecot-sql.conf
	1008	$configfile = 'dovecot-sql.conf';
	1009	if(is_file($config_dir.'/'.$configfile)) {
	1010	copy($config_dir.'/'.$configfile, $config_dir.'/'.$configfile.'~');
	1011	}
edf806	1012	if(is_file($config_dir.'/'.$configfile.'~')) chmod($config_dir.'/'.$configfile.'~', 0400);
615a0a	1013	$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/debian_dovecot-sql.conf.master', 'tpl/debian_dovecot-sql.conf.master');
7fe908	1014	$content = str_replace('{mysql_server_ispconfig_user}', $conf['mysql']['ispconfig_user'], $content);
MC	1015	$content = str_replace('{mysql_server_ispconfig_password}', $conf['mysql']['ispconfig_password'], $content);
	1016	$content = str_replace('{mysql_server_database}', $conf['mysql']['database'], $content);
	1017	$content = str_replace('{mysql_server_host}', $conf['mysql']['host'], $content);
032b86	1018	$content = str_replace('{server_id}', $conf['server_id'], $content);
532ae5	1019	wf($config_dir.'/'.$configfile, $content);
L	1020
	1021	chmod($config_dir.'/'.$configfile, 0600);
	1022	chown($config_dir.'/'.$configfile, 'root');
	1023	chgrp($config_dir.'/'.$configfile, 'root');
5e7306	1024
TB	1025	// Dovecot shall ignore mounts in website directory
7db4cd	1026	if(is_installed('doveadm')) exec("doveadm mount add '/var/www/*' ignore > /dev/null 2> /dev/null");
532ae5	1027
L	1028	}
	1029
	1030	public function configure_amavis() {
	1031	global $conf;
	1032
	1033	// amavisd user config file
	1034	$configfile = 'amavisd_user_config';
7fe908	1035	if(is_file($conf['amavis']['config_dir'].'/conf.d/50-user')) copy($conf['amavis']['config_dir'].'/conf.d/50-user', $conf['amavis']['config_dir'].'/50-user~');
532ae5	1036	if(is_file($conf['amavis']['config_dir'].'/conf.d/50-user~')) chmod($conf['amavis']['config_dir'].'/conf.d/50-user~', 0400);
615a0a	1037	$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/'.$configfile.'.master', 'tpl/'.$configfile.'.master');
7fe908	1038	$content = str_replace('{mysql_server_ispconfig_user}', $conf['mysql']['ispconfig_user'], $content);
MC	1039	$content = str_replace('{mysql_server_ispconfig_password}', $conf['mysql']['ispconfig_password'], $content);
	1040	$content = str_replace('{mysql_server_database}', $conf['mysql']['database'], $content);
	1041	$content = str_replace('{mysql_server_port}', $conf['mysql']['port'], $content);
	1042	$content = str_replace('{mysql_server_ip}', $conf['mysql']['ip'], $content);
	1043	wf($conf['amavis']['config_dir'].'/conf.d/50-user', $content);
532ae5	1044
L	1045	// TODO: chmod and chown on the config file
	1046
	1047
	1048	// Adding the amavisd commands to the postfix configuration
864ee2	1049	// Add array for no error in foreach and maybe future options
X	1050	$postconf_commands = array ();
a8ccf6	1051
864ee2	1052	// Check for amavisd -> pure webserver with postfix for mailing without antispam
ac28b5	1053	if ($conf['amavis']['installed']) {
864ee2	1054	$postconf_commands[] = 'content_filter = amavis:[127.0.0.1]:10024';
X	1055	$postconf_commands[] = 'receive_override_options = no_address_mappings';
	1056	}
532ae5	1057
L	1058	// Make a backup copy of the main.cf file
7fe908	1059	copy($conf['postfix']['config_dir'].'/main.cf', $conf['postfix']['config_dir'].'/main.cf~2');
532ae5	1060
L	1061	// Executing the postconf commands
	1062	foreach($postconf_commands as $cmd) {
	1063	$command = "postconf -e '$cmd'";
	1064	caselog($command." &> /dev/null", __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
	1065	}
	1066
	1067	// Append the configuration for amavisd to the master.cf file
7fe908	1068	if(is_file($conf['postfix']['config_dir'].'/master.cf')) copy($conf['postfix']['config_dir'].'/master.cf', $conf['postfix']['config_dir'].'/master.cf~');
532ae5	1069	$content = rf($conf['postfix']['config_dir'].'/master.cf');
L	1070	// Only add the content if we had not addded it before
7fe908	1071	if(!stristr($content, '127.0.0.1:10025')) {
532ae5	1072	unset($content);
615a0a	1073	$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/master_cf_amavis.master', 'tpl/master_cf_amavis.master');
7fe908	1074	af($conf['postfix']['config_dir'].'/master.cf', $content);
532ae5	1075	}
L	1076	unset($content);
	1077
	1078	// Add the clamav user to the amavis group
	1079	exec('adduser clamav amavis');
	1080
	1081
	1082	}
	1083
	1084	public function configure_spamassassin() {
	1085	global $conf;
	1086
	1087	//* Enable spamasasssin on debian and ubuntu
	1088	$configfile = '/etc/default/spamassassin';
	1089	if(is_file($configfile)) {
	1090	copy($configfile, $configfile.'~');
	1091	}
	1092	$content = rf($configfile);
	1093	$content = str_replace('ENABLED=0', 'ENABLED=1', $content);
	1094	wf($configfile, $content);
	1095	}
	1096
	1097	public function configure_getmail() {
	1098	global $conf;
	1099
	1100	$config_dir = $conf['getmail']['config_dir'];
	1101
	1102	if(!@is_dir($config_dir)) mkdir(escapeshellcmd($config_dir), 0700, true);
	1103
	1104	$command = 'useradd -d '.$config_dir.' getmail';
	1105	if(!is_user('getmail')) caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
	1106
	1107	$command = "chown -R getmail $config_dir";
	1108	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
	1109
	1110	$command = "chmod -R 700 $config_dir";
	1111	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
	1112	}
	1113
	1114
	1115	public function configure_pureftpd() {
acdd7a	1116	global $conf;
532ae5	1117
L	1118	$config_dir = $conf['pureftpd']['config_dir'];
	1119
	1120	//* configure pure-ftpd for MySQL authentication against the ispconfig database
	1121	$configfile = 'db/mysql.conf';
	1122	if(is_file($config_dir.'/'.$configfile)) {
	1123	copy($config_dir.'/'.$configfile, $config_dir.'/'.$configfile.'~');
	1124	}
	1125	if(is_file($config_dir.'/'.$configfile.'~')) {
	1126	chmod($config_dir.'/'.$configfile.'~', 0400);
	1127	}
615a0a	1128	$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/pureftpd_mysql.conf.master', 'tpl/pureftpd_mysql.conf.master');
532ae5	1129	$content = str_replace('{mysql_server_ispconfig_user}', $conf['mysql']['ispconfig_user'], $content);
L	1130	$content = str_replace('{mysql_server_ispconfig_password}', $conf['mysql']['ispconfig_password'], $content);
	1131	$content = str_replace('{mysql_server_database}', $conf['mysql']['database'], $content);
	1132	$content = str_replace('{mysql_server_ip}', $conf['mysql']['ip'], $content);
	1133	$content = str_replace('{server_id}', $conf['server_id'], $content);
	1134	wf($config_dir.'/'.$configfile, $content);
	1135	chmod($config_dir.'/'.$configfile, 0600);
	1136	chown($config_dir.'/'.$configfile, 'root');
	1137	chgrp($config_dir.'/'.$configfile, 'root');
	1138	// **enable chrooting
	1139	//exec('mkdir -p '.$config_dir.'/conf/ChrootEveryone');
	1140	exec('echo "yes" > '.$config_dir.'/conf/ChrootEveryone');
	1141	exec('echo "yes" > '.$config_dir.'/conf/BrokenClientsCompatibility');
	1142	exec('echo "yes" > '.$config_dir.'/conf/DisplayDotFiles');
	1143
	1144	if(is_file('/etc/default/pure-ftpd-common')) {
7fe908	1145	replaceLine('/etc/default/pure-ftpd-common', 'STANDALONE_OR_INETD=inetd', 'STANDALONE_OR_INETD=standalone', 1, 0);
MC	1146	replaceLine('/etc/default/pure-ftpd-common', 'VIRTUALCHROOT=false', 'VIRTUALCHROOT=true', 1, 0);
532ae5	1147	}
L	1148
	1149	if(is_file('/etc/inetd.conf')) {
7fe908	1150	replaceLine('/etc/inetd.conf', '/usr/sbin/pure-ftpd-wrapper', '#ftp stream tcp nowait root /usr/sbin/tcpd /usr/sbin/pure-ftpd-wrapper', 0, 0);
acdd7a	1151	exec($this->getinitcommand('openbsd-inetd', 'restart'));
33bcd0	1152	//if(is_file($conf['init_scripts'].'/'.'openbsd-inetd')) exec($conf['init_scripts'].'/'.'openbsd-inetd restart');
532ae5	1153	}
L	1154
	1155	if(!is_file('/etc/pure-ftpd/conf/DontResolve')) exec('echo "yes" > /etc/pure-ftpd/conf/DontResolve');
	1156	}
	1157
	1158	public function configure_mydns() {
	1159	global $conf;
	1160
	1161	// configure pam for SMTP authentication agains the ispconfig database
	1162	$configfile = 'mydns.conf';
7fe908	1163	if(is_file($conf['mydns']['config_dir'].'/'.$configfile)) copy($conf['mydns']['config_dir'].'/'.$configfile, $conf['mydns']['config_dir'].'/'.$configfile.'~');
532ae5	1164	if(is_file($conf['mydns']['config_dir'].'/'.$configfile.'~')) chmod($conf['mydns']['config_dir'].'/'.$configfile.'~', 0400);
615a0a	1165	$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/'.$configfile.'.master', 'tpl/'.$configfile.'.master');
7fe908	1166	$content = str_replace('{mysql_server_ispconfig_user}', $conf['mysql']['ispconfig_user'], $content);
MC	1167	$content = str_replace('{mysql_server_ispconfig_password}', $conf['mysql']['ispconfig_password'], $content);
	1168	$content = str_replace('{mysql_server_database}', $conf['mysql']['database'], $content);
	1169	$content = str_replace('{mysql_server_host}', $conf['mysql']['host'], $content);
	1170	$content = str_replace('{server_id}', $conf['server_id'], $content);
	1171	wf($conf['mydns']['config_dir'].'/'.$configfile, $content);
532ae5	1172	chmod($conf['mydns']['config_dir'].'/'.$configfile, 0600);
L	1173	chown($conf['mydns']['config_dir'].'/'.$configfile, 'root');
	1174	chgrp($conf['mydns']['config_dir'].'/'.$configfile, 'root');
	1175
	1176	}
	1177
	1178	public function configure_powerdns() {
	1179	global $conf;
	1180
	1181	//* Create the database
	1182	if(!$this->db->query('CREATE DATABASE IF NOT EXISTS '.$conf['powerdns']['database'].' DEFAULT CHARACTER SET '.$conf['mysql']['charset'])) {
	1183	$this->error('Unable to create MySQL database: '.$conf['powerdns']['database'].'.');
	1184	}
	1185
	1186	//* Create the ISPConfig database user in the local database
	1187	$query = "GRANT ALL ON `".$conf['powerdns']['database']."` . * TO '".$conf['mysql']['ispconfig_user']."'@'localhost';";
	1188	if(!$this->db->query($query)) {
	1189	$this->error('Unable to create user for powerdns database Error: '.$this->db->errorMessage);
	1190	}
	1191
	1192	//* Reload database privelages
	1193	$this->db->query('FLUSH PRIVILEGES;');
	1194
	1195	//* load the powerdns databse dump
	1196	if($conf['mysql']['admin_password'] == '') {
	1197	caselog("mysql --default-character-set=".$conf['mysql']['charset']." -h '".$conf['mysql']['host']."' -u '".$conf['mysql']['admin_user']."' '".$conf['powerdns']['database']."' < '".ISPC_INSTALL_ROOT."/install/sql/powerdns.sql' &> /dev/null",
7fe908	1198	__FILE__, __LINE__, 'read in ispconfig3.sql', 'could not read in powerdns.sql');
532ae5	1199	} else {
L	1200	caselog("mysql --default-character-set=".$conf['mysql']['charset']." -h '".$conf['mysql']['host']."' -u '".$conf['mysql']['admin_user']."' -p'".$conf['mysql']['admin_password']."' '".$conf['powerdns']['database']."' < '".ISPC_INSTALL_ROOT."/install/sql/powerdns.sql' &> /dev/null",
7fe908	1201	__FILE__, __LINE__, 'read in ispconfig3.sql', 'could not read in powerdns.sql');
532ae5	1202	}
L	1203
	1204	//* Create the powerdns config file
	1205	$configfile = 'pdns.local';
7fe908	1206	if(is_file($conf['powerdns']['config_dir'].'/'.$configfile)) copy($conf['powerdns']['config_dir'].'/'.$configfile, $conf['powerdns']['config_dir'].'/'.$configfile.'~');
532ae5	1207	if(is_file($conf['powerdns']['config_dir'].'/'.$configfile.'~')) chmod($conf['powerdns']['config_dir'].'/'.$configfile.'~', 0400);
615a0a	1208	$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/'.$configfile.'.master', 'tpl/'.$configfile.'.master');
7fe908	1209	$content = str_replace('{mysql_server_ispconfig_user}', $conf['mysql']['ispconfig_user'], $content);
MC	1210	$content = str_replace('{mysql_server_ispconfig_password}', $conf['mysql']['ispconfig_password'], $content);
	1211	$content = str_replace('{powerdns_database}', $conf['powerdns']['database'], $content);
	1212	$content = str_replace('{mysql_server_host}', $conf['mysql']['host'], $content);
	1213	wf($conf['powerdns']['config_dir'].'/'.$configfile, $content);
532ae5	1214	chmod($conf['powerdns']['config_dir'].'/'.$configfile, 0600);
L	1215	chown($conf['powerdns']['config_dir'].'/'.$configfile, 'root');
	1216	chgrp($conf['powerdns']['config_dir'].'/'.$configfile, 'root');
	1217
	1218
	1219	}
	1220
	1221	public function configure_bind() {
	1222	global $conf;
	1223
7fe908	1224	//* Check if the zonefile directory has a slash at the end
MC	1225	$content=$conf['bind']['bind_zonefiles_dir'];
	1226	if(substr($content, -1, 1) != '/') {
	1227	$content .= '/';
532ae5	1228	}
L	1229
	1230	//* Create the slave subdirectory
7fe908	1231	$content .= 'slave';
MC	1232	if(!@is_dir($content)) mkdir($content, 0770, true);
532ae5	1233
7fe908	1234	//* Chown the slave subdirectory to $conf['bind']['bind_user']
MC	1235	chown($content, $conf['bind']['bind_user']);
	1236	chgrp($content, $conf['bind']['bind_group']);
532ae5	1237
L	1238	}
	1239
	1240
	1241
	1242	public function configure_apache() {
	1243	global $conf;
	1244
4ffb51	1245	if($conf['apache']['installed'] == false) return;
532ae5	1246	//* Create the logging directory for the vhost logfiles
L	1247	if(!@is_dir($conf['ispconfig_log_dir'].'/httpd')) mkdir($conf['ispconfig_log_dir'].'/httpd', 0755, true);
	1248
	1249	if(is_file('/etc/suphp/suphp.conf')) {
7fe908	1250	replaceLine('/etc/suphp/suphp.conf', 'php=php:/usr/bin', 'x-httpd-suphp="php:/usr/bin/php-cgi"', 0);
532ae5	1251	//replaceLine('/etc/suphp/suphp.conf','docroot=','docroot=/var/clients',0);
7fe908	1252	replaceLine('/etc/suphp/suphp.conf', 'umask=0077', 'umask=0022', 0);
532ae5	1253	}
L	1254
	1255	if(is_file('/etc/apache2/sites-enabled/000-default')) {
7fe908	1256	replaceLine('/etc/apache2/sites-available/000-default', 'NameVirtualHost ', 'NameVirtualHost :80', 1, 0);
MC	1257	replaceLine('/etc/apache2/sites-available/000-default', '<VirtualHost >', '<VirtualHost :80>', 1, 0);
532ae5	1258	}
L	1259
	1260	if(is_file('/etc/apache2/ports.conf')) {
	1261	// add a line "Listen 443" to ports conf if line does not exist
7fe908	1262	replaceLine('/etc/apache2/ports.conf', 'Listen 443', 'Listen 443', 1);
14001d	1263
TB	1264	// Comment out the namevirtualhost lines, as they were added by ispconfig in ispconfig.conf file again
	1265	replaceLine('/etc/apache2/ports.conf', 'NameVirtualHost :80', '# NameVirtualHost :80', 1);
	1266	replaceLine('/etc/apache2/ports.conf', 'NameVirtualHost :443', '# NameVirtualHost :443', 1);
532ae5	1267	}
L	1268
8eca28	1269	if(is_file('/etc/apache2/apache.conf')) {
MC	1270	if(hasLine('/etc/apache2/apache.conf', 'Include sites-enabled/', 1) == false) {
39e5f0	1271	if(hasLine('/etc/apache2/apache.conf', 'IncludeOptional sites-enabled/*.conf', 1) == false && hasLine('/etc/apache2/apache.conf', 'IncludeOptional sites-enabled/', 1) == false) {
8eca28	1272	replaceLine('/etc/apache2/apache.conf', 'Include sites-enabled/', 'Include sites-enabled/', 1, 1);
MC	1273	} elseif(hasLine('/etc/apache2/apache.conf', 'IncludeOptional sites-enabled/*.vhost', 1) == false) {
39e5f0	1274	replaceLine('/etc/apache2/apache.conf', 'IncludeOptional sites-enabled/*.vhost', 'IncludeOptional sites-enabled/', 1, 1);
TB	1275	}
	1276	}
	1277	}
	1278
	1279	if(is_file('/etc/apache2/apache2.conf')) {
	1280	if(hasLine('/etc/apache2/apache2.conf', 'Include sites-enabled/', 1) == false && hasLine('/etc/apache2/apache2.conf', 'IncludeOptional sites-enabled/', 1) == false) {
d10d15	1281	if(hasLine('/etc/apache2/apache2.conf', 'Include sites-enabled/*.conf', 1) == true) {
TB	1282	replaceLine('/etc/apache2/apache2.conf', 'Include sites-enabled/*.conf', 'Include sites-enabled/', 1, 1);
39e5f0	1283	} elseif(hasLine('/etc/apache2/apache2.conf', 'IncludeOptional sites-enabled/*.conf', 1) == true) {
TB	1284	replaceLine('/etc/apache2/apache2.conf', 'IncludeOptional sites-enabled/*.conf', 'IncludeOptional sites-enabled/', 1, 1);
8eca28	1285	}
MC	1286	}
	1287	}
532ae5	1288
L	1289	//* Copy the ISPConfig configuration include
	1290	$vhost_conf_dir = $conf['apache']['vhost_conf_dir'];
	1291	$vhost_conf_enabled_dir = $conf['apache']['vhost_conf_enabled_dir'];
	1292
ccbf14	1293	$tpl = new tpl('apache_ispconfig.conf.master');
TB	1294	$tpl->setVar('apache_version',getapacheversion());
	1295
532ae5	1296	$records = $this->db->queryAllRecords('SELECT * FROM '.$conf['mysql']['master_database'].'.server_ip WHERE server_id = '.$conf['server_id']." AND virtualhost = 'y'");
ccbf14	1297	$ip_addresses = array();
TB	1298
532ae5	1299	if(is_array($records) && count($records) > 0) {
L	1300	foreach($records as $rec) {
a2156e	1301	if($rec['ip_type'] == 'IPv6') {
T	1302	$ip_address = '['.$rec['ip_address'].']';
	1303	} else {
	1304	$ip_address = $rec['ip_address'];
	1305	}
7fe908	1306	$ports = explode(',', $rec['virtualhost_port']);
a2156e	1307	if(is_array($ports)) {
T	1308	foreach($ports as $port) {
	1309	$port = intval($port);
	1310	if($port > 0 && $port < 65536 && $ip_address != '') {
ccbf14	1311	$ip_addresses[] = array('ip_address' => $ip_address, 'port' => $port);
a2156e	1312	}
T	1313	}
	1314	}
532ae5	1315	}
L	1316	}
855547	1317
3de838	1318	if(count($ip_addresses) > 0) $tpl->setLoop('ip_adresses',$ip_addresses);
855547	1319
ccbf14	1320	wf($vhost_conf_dir.'/ispconfig.conf', $tpl->grab());
TB	1321	unset($tpl);
532ae5	1322
L	1323	if(!@is_link($vhost_conf_enabled_dir.'/000-ispconfig.conf')) {
7fe908	1324	symlink($vhost_conf_dir.'/ispconfig.conf', $vhost_conf_enabled_dir.'/000-ispconfig.conf');
532ae5	1325	}
L	1326
	1327	//* make sure that webalizer finds its config file when it is directly in /etc
	1328	if(@is_file('/etc/webalizer.conf') && !@is_dir('/etc/webalizer')) {
	1329	mkdir('/etc/webalizer');
7fe908	1330	symlink('/etc/webalizer.conf', '/etc/webalizer/webalizer.conf');
532ae5	1331	}
L	1332
	1333	if(is_file('/etc/webalizer/webalizer.conf')) {
	1334	// Change webalizer mode to incremental
7fe908	1335	replaceLine('/etc/webalizer/webalizer.conf', '#IncrementalName', 'IncrementalName webalizer.current', 0, 0);
MC	1336	replaceLine('/etc/webalizer/webalizer.conf', '#Incremental', 'Incremental yes', 0, 0);
	1337	replaceLine('/etc/webalizer/webalizer.conf', '#HistoryName', 'HistoryName webalizer.hist', 0, 0);
532ae5	1338	}
a8ccf6	1339
532ae5	1340	// Check the awsatst script
L	1341	if(!is_dir('/usr/share/awstats/tools')) exec('mkdir -p /usr/share/awstats/tools');
7fe908	1342	if(!file_exists('/usr/share/awstats/tools/awstats_buildstaticpages.pl') && file_exists('/usr/share/doc/awstats/examples/awstats_buildstaticpages.pl')) symlink('/usr/share/doc/awstats/examples/awstats_buildstaticpages.pl', '/usr/share/awstats/tools/awstats_buildstaticpages.pl');
MC	1343	if(file_exists('/etc/awstats/awstats.conf.local')) replaceLine('/etc/awstats/awstats.conf.local', 'LogFormat=4', 'LogFormat=1', 0, 1);
a8ccf6	1344
532ae5	1345	//* add a sshusers group
L	1346	$command = 'groupadd sshusers';
	1347	if(!is_group('sshusers')) caselog($command.' &> /dev/null 2> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
	1348
	1349	}
a8ccf6	1350
4ffb51	1351	public function configure_nginx(){
80e3c9	1352	global $conf;
a8ccf6	1353
4ffb51	1354	if($conf['nginx']['installed'] == false) return;
F	1355	//* Create the logging directory for the vhost logfiles
	1356	if(!@is_dir($conf['ispconfig_log_dir'].'/httpd')) mkdir($conf['ispconfig_log_dir'].'/httpd', 0755, true);
	1357
	1358	//* make sure that webalizer finds its config file when it is directly in /etc
	1359	if(@is_file('/etc/webalizer.conf') && !@is_dir('/etc/webalizer')) {
	1360	mkdir('/etc/webalizer');
7fe908	1361	symlink('/etc/webalizer.conf', '/etc/webalizer/webalizer.conf');
4ffb51	1362	}
F	1363
	1364	if(is_file('/etc/webalizer/webalizer.conf')) {
	1365	// Change webalizer mode to incremental
7fe908	1366	replaceLine('/etc/webalizer/webalizer.conf', '#IncrementalName', 'IncrementalName webalizer.current', 0, 0);
MC	1367	replaceLine('/etc/webalizer/webalizer.conf', '#Incremental', 'Incremental yes', 0, 0);
	1368	replaceLine('/etc/webalizer/webalizer.conf', '#HistoryName', 'HistoryName webalizer.hist', 0, 0);
4ffb51	1369	}
a8ccf6	1370
4ffb51	1371	// Check the awsatst script
F	1372	if(!is_dir('/usr/share/awstats/tools')) exec('mkdir -p /usr/share/awstats/tools');
7fe908	1373	if(!file_exists('/usr/share/awstats/tools/awstats_buildstaticpages.pl') && file_exists('/usr/share/doc/awstats/examples/awstats_buildstaticpages.pl')) symlink('/usr/share/doc/awstats/examples/awstats_buildstaticpages.pl', '/usr/share/awstats/tools/awstats_buildstaticpages.pl');
MC	1374	if(file_exists('/etc/awstats/awstats.conf.local')) replaceLine('/etc/awstats/awstats.conf.local', 'LogFormat=4', 'LogFormat=1', 0, 1);
a8ccf6	1375
4ffb51	1376	//* add a sshusers group
F	1377	$command = 'groupadd sshusers';
	1378	if(!is_group('sshusers')) caselog($command.' &> /dev/null 2> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
a8ccf6	1379
4ffb51	1380	/*
80e3c9	1381	$row = $this->db->queryOneRecord("SELECT server_name FROM server WHERE server_id = ".$conf["server_id"]."");
T	1382	$ip_address = gethostbyname($row["server_name"]);
	1383	$server_name = $row["server_name"];
	1384
	1385	//setup proxy.conf
	1386	$configfile = 'proxy.conf';
	1387	if(is_file($conf["nginx"]["config_dir"].'/'.$configfile)) copy($conf["nginx"]["config_dir"].'/'.$configfile,$conf["nginx"]["config_dir"].'/'.$configfile.'~');
	1388	if(is_file($conf["nginx"]["config_dir"].'/'.$configfile.'~')) exec('chmod 400 '.$conf["nginx"]["config_dir"].'/'.$configfile.'~');
	1389	$content = rf("tpl/nginx_".$configfile.".master");
	1390	wf($conf["nginx"]["config_dir"].'/'.$configfile,$content);
	1391	exec('chmod 600 '.$conf["nginx"]["config_dir"].'/'.$configfile);
	1392	exec('chown root:root '.$conf["nginx"]["config_dir"].'/'.$configfile);
	1393
	1394	//setup conf.d/cache.conf
	1395	$configfile = 'cache.conf';
	1396	if(is_file($conf["nginx"]["config_dir"].'/conf.d/'.$configfile)) copy($conf["nginx"]["config_dir"].'/conf.d/'.$configfile,$conf["nginx"]["config_dir"].'/conf.d/'.$configfile.'~');
	1397	if(is_file($conf["nginx"]["config_dir"].'/conf.d/'.$configfile.'~')) exec('chmod 400 '.$conf["nginx"]["config_dir"].'/conf.d/'.$configfile.'~');
	1398	$content = rf("tpl/nginx_".$configfile.".master");
	1399	wf($conf["nginx"]["config_dir"].'/conf.d/'.$configfile,$content);
	1400	exec('chmod 600 '.$conf["nginx"]["config_dir"].'/conf.d/'.$configfile);
	1401	exec('chown root:root '.$conf["nginx"]["config_dir"].'/conf.d/'.$configfile);
	1402
	1403	//setup cache directories
	1404	mkdir('/var/cache/nginx/cache');
	1405	exec('chown www-data:www-data /var/cache/nginx/cache');
	1406	mkdir('/var/cache/nginx/temp');
	1407	exec('chown www-data:www-data /var/cache/nginx/temp');
4ffb51	1408	*/
80e3c9	1409	}
a8ccf6	1410
d083f2	1411	public function configure_fail2ban() {
7fe908	1412	// To Do
MC	1413	}
a8ccf6	1414
80e3c9	1415	public function configure_squid()
T	1416	{
	1417	global $conf;
	1418	$row = $this->db->queryOneRecord("SELECT server_name FROM server WHERE server_id = ".$conf["server_id"]."");
	1419	$ip_address = gethostbyname($row["server_name"]);
	1420	$server_name = $row["server_name"];
a8ccf6	1421
80e3c9	1422	$configfile = 'squid.conf';
7fe908	1423	if(is_file($conf["squid"]["config_dir"].'/'.$configfile)) copy($conf["squid"]["config_dir"].'/'.$configfile, $conf["squid"]["config_dir"].'/'.$configfile.'~');
80e3c9	1424	if(is_file($conf["squid"]["config_dir"].'/'.$configfile.'~')) exec('chmod 400 '.$conf["squid"]["config_dir"].'/'.$configfile.'~');
615a0a	1425	$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/'.$configfile.'.master', "tpl/".$configfile.".master");
7fe908	1426	$content = str_replace('{server_name}', $server_name, $content);
MC	1427	$content = str_replace('{ip_address}', $ip_address, $content);
	1428	$content = str_replace('{config_dir}', $conf['squid']['config_dir'], $content);
	1429	wf($conf["squid"]["config_dir"].'/'.$configfile, $content);
80e3c9	1430	exec('chmod 600 '.$conf["squid"]["config_dir"].'/'.$configfile);
T	1431	exec('chown root:root '.$conf["squid"]["config_dir"].'/'.$configfile);
	1432	}
a8ccf6	1433
992797	1434	/*
80e3c9	1435	public function configure_ufw_firewall()
T	1436	{
	1437	$configfile = 'ufw.conf';
	1438	if(is_file('/etc/ufw/ufw.conf')) copy('/etc/ufw/ufw.conf','/etc/ufw/ufw.conf~');
	1439	$content = rf("tpl/".$configfile.".master");
	1440	wf('/etc/ufw/ufw.conf',$content);
	1441	exec('chmod 600 /etc/ufw/ufw.conf');
a8ccf6	1442	exec('chown root:root /etc/ufw/ufw.conf');
80e3c9	1443	}
992797	1444	*/
532ae5	1445
992797	1446	public function configure_firewall() {
532ae5	1447	global $conf;
L	1448
	1449	$dist_init_scripts = $conf['init_scripts'];
	1450
	1451	if(is_dir('/etc/Bastille.backup')) caselog('rm -rf /etc/Bastille.backup', __FILE__, __LINE__);
	1452	if(is_dir('/etc/Bastille')) caselog('mv -f /etc/Bastille /etc/Bastille.backup', __FILE__, __LINE__);
	1453	@mkdir('/etc/Bastille', 0700);
	1454	if(is_dir('/etc/Bastille.backup/firewall.d')) caselog('cp -pfr /etc/Bastille.backup/firewall.d /etc/Bastille/', __FILE__, __LINE__);
615a0a	1455	if(is_file($conf['ispconfig_install_dir'].'/server/conf-custom/install/bastille-firewall.cfg.master')) {
7fe908	1456	caselog('cp -f ' . $conf['ispconfig_install_dir'].'/server/conf-custom/install/bastille-firewall.cfg.master /etc/Bastille/bastille-firewall.cfg', __FILE__, __LINE__);
MC	1457	} else {
	1458	caselog('cp -f tpl/bastille-firewall.cfg.master /etc/Bastille/bastille-firewall.cfg', __FILE__, __LINE__);
	1459	}
532ae5	1460	caselog('chmod 644 /etc/Bastille/bastille-firewall.cfg', __FILE__, __LINE__);
L	1461	$content = rf('/etc/Bastille/bastille-firewall.cfg');
	1462	$content = str_replace('{DNS_SERVERS}', '', $content);
	1463
	1464	$tcp_public_services = '';
	1465	$udp_public_services = '';
	1466
	1467	$row = $this->db->queryOneRecord('SELECT * FROM '.$conf["mysql"]["database"].'.firewall WHERE server_id = '.intval($conf['server_id']));
	1468
	1469	if(trim($row['tcp_port']) != '' \|\| trim($row['udp_port']) != '') {
7fe908	1470	$tcp_public_services = trim(str_replace(',', ' ', $row['tcp_port']));
MC	1471	$udp_public_services = trim(str_replace(',', ' ', $row['udp_port']));
532ae5	1472	} else {
L	1473	$tcp_public_services = '21 22 25 53 80 110 143 443 3306 8080 10000';
	1474	$udp_public_services = '53';
	1475	}
	1476
	1477	if(!stristr($tcp_public_services, $conf['apache']['vhost_port'])) {
	1478	$tcp_public_services .= ' '.intval($conf['apache']['vhost_port']);
	1479	if($row['tcp_port'] != '') $this->db->query("UPDATE firewall SET tcp_port = tcp_port + ',".intval($conf['apache']['vhost_port'])."' WHERE server_id = ".intval($conf['server_id']));
	1480	}
	1481
	1482	$content = str_replace('{TCP_PUBLIC_SERVICES}', $tcp_public_services, $content);
	1483	$content = str_replace('{UDP_PUBLIC_SERVICES}', $udp_public_services, $content);
	1484
	1485	wf('/etc/Bastille/bastille-firewall.cfg', $content);
	1486
	1487	if(is_file($dist_init_scripts.'/bastille-firewall')) caselog('mv -f '.$dist_init_scripts.'/bastille-firewall '.$dist_init_scripts.'/bastille-firewall.backup', __FILE__, __LINE__);
	1488	caselog('cp -f apps/bastille-firewall '.$dist_init_scripts, __FILE__, __LINE__);
	1489	caselog('chmod 700 '.$dist_init_scripts.'/bastille-firewall', __FILE__, __LINE__);
	1490
	1491	if(is_file('/sbin/bastille-ipchains')) caselog('mv -f /sbin/bastille-ipchains /sbin/bastille-ipchains.backup', __FILE__, __LINE__);
	1492	caselog('cp -f apps/bastille-ipchains /sbin', __FILE__, __LINE__);
	1493	caselog('chmod 700 /sbin/bastille-ipchains', __FILE__, __LINE__);
	1494
	1495	if(is_file('/sbin/bastille-netfilter')) caselog('mv -f /sbin/bastille-netfilter /sbin/bastille-netfilter.backup', __FILE__, __LINE__);
	1496	caselog('cp -f apps/bastille-netfilter /sbin', __FILE__, __LINE__);
	1497	caselog('chmod 700 /sbin/bastille-netfilter', __FILE__, __LINE__);
	1498
	1499	if(!@is_dir('/var/lock/subsys')) caselog('mkdir /var/lock/subsys', __FILE__, __LINE__);
	1500
	1501	exec('which ipchains &> /dev/null', $ipchains_location, $ret_val);
	1502	if(!is_file('/sbin/ipchains') && !is_link('/sbin/ipchains') && $ret_val == 0) phpcaselog(@symlink(shell_exec('which ipchains'), '/sbin/ipchains'), 'create symlink', __FILE__, __LINE__);
	1503	unset($ipchains_location);
	1504	exec('which iptables &> /dev/null', $iptables_location, $ret_val);
	1505	if(!is_file('/sbin/iptables') && !is_link('/sbin/iptables') && $ret_val == 0) phpcaselog(@symlink(trim(shell_exec('which iptables')), '/sbin/iptables'), 'create symlink', __FILE__, __LINE__);
	1506	unset($iptables_location);
	1507
	1508	}
	1509
	1510	public function configure_vlogger() {
	1511	global $conf;
	1512
	1513	//** Configure vlogger to use traffic logging to mysql (master) db
	1514	$configfile = 'vlogger-dbi.conf';
7fe908	1515	if(is_file($conf['vlogger']['config_dir'].'/'.$configfile)) copy($conf['vlogger']['config_dir'].'/'.$configfile, $conf['vlogger']['config_dir'].'/'.$configfile.'~');
532ae5	1516	if(is_file($conf['vlogger']['config_dir'].'/'.$configfile.'~')) chmod($conf['vlogger']['config_dir'].'/'.$configfile.'~', 0400);
615a0a	1517	$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/'.$configfile.'.master', 'tpl/'.$configfile.'.master');
532ae5	1518	if($conf['mysql']['master_slave_setup'] == 'y') {
7fe908	1519	$content = str_replace('{mysql_server_ispconfig_user}', $conf['mysql']['master_ispconfig_user'], $content);
MC	1520	$content = str_replace('{mysql_server_ispconfig_password}', $conf['mysql']['master_ispconfig_password'], $content);
	1521	$content = str_replace('{mysql_server_database}', $conf['mysql']['master_database'], $content);
	1522	$content = str_replace('{mysql_server_ip}', $conf['mysql']['master_host'], $content);
532ae5	1523	} else {
7fe908	1524	$content = str_replace('{mysql_server_ispconfig_user}', $conf['mysql']['ispconfig_user'], $content);
MC	1525	$content = str_replace('{mysql_server_ispconfig_password}', $conf['mysql']['ispconfig_password'], $content);
	1526	$content = str_replace('{mysql_server_database}', $conf['mysql']['database'], $content);
	1527	$content = str_replace('{mysql_server_ip}', $conf['mysql']['ip'], $content);
532ae5	1528	}
7fe908	1529	wf($conf['vlogger']['config_dir'].'/'.$configfile, $content);
532ae5	1530	chmod($conf['vlogger']['config_dir'].'/'.$configfile, 0600);
L	1531	chown($conf['vlogger']['config_dir'].'/'.$configfile, 'root');
	1532	chgrp($conf['vlogger']['config_dir'].'/'.$configfile, 'root');
	1533
	1534	}
	1535
	1536	public function configure_apps_vhost() {
	1537	global $conf;
	1538
	1539	//* Create the ispconfig apps vhost user and group
165152	1540	if($conf['apache']['installed'] == true){
4ffb51	1541	$apps_vhost_user = escapeshellcmd($conf['web']['apps_vhost_user']);
F	1542	$apps_vhost_group = escapeshellcmd($conf['web']['apps_vhost_group']);
	1543	$install_dir = escapeshellcmd($conf['web']['website_basedir'].'/apps');
532ae5	1544
4ffb51	1545	$command = 'groupadd '.$apps_vhost_user;
F	1546	if(!is_group($apps_vhost_group)) caselog($command.' &> /dev/null 2> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
532ae5	1547
4ffb51	1548	$command = 'useradd -g '.$apps_vhost_group.' -d '.$install_dir.' '.$apps_vhost_group;
F	1549	if(!is_user($apps_vhost_user)) caselog($command.' &> /dev/null 2> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
532ae5	1550
L	1551
5edf40	1552	//$command = 'adduser '.$conf['apache']['user'].' '.$apps_vhost_group;
TB	1553	$command = 'usermod -a -G '.$apps_vhost_group.' '.$conf['apache']['user'];
4ffb51	1554	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
532ae5	1555
99b55b	1556	if(!@is_dir($install_dir)){
F	1557	mkdir($install_dir, 0755, true);
	1558	} else {
	1559	chmod($install_dir, 0755);
	1560	}
4ffb51	1561	chown($install_dir, $apps_vhost_user);
F	1562	chgrp($install_dir, $apps_vhost_group);
532ae5	1563
4ffb51	1564	//* Copy the apps vhost file
F	1565	$vhost_conf_dir = $conf['apache']['vhost_conf_dir'];
	1566	$vhost_conf_enabled_dir = $conf['apache']['vhost_conf_enabled_dir'];
	1567	$apps_vhost_servername = ($conf['web']['apps_vhost_servername'] == '')?'':'ServerName '.$conf['web']['apps_vhost_servername'];
d0356f	1568
TB	1569	//* Get the apps vhost port
	1570	if($this->is_update == true) {
	1571	$conf['web']['apps_vhost_port'] = get_apps_vhost_port_number();
	1572	}
532ae5	1573
4ffb51	1574	// Dont just copy over the virtualhost template but add some custom settings
ccbf14	1575	$tpl = new tpl('apache_apps.vhost.master');
TB	1576	$tpl->setVar('apps_vhost_ip',$conf['web']['apps_vhost_ip']);
	1577	$tpl->setVar('apps_vhost_port',$conf['web']['apps_vhost_port']);
	1578	$tpl->setVar('apps_vhost_dir',$conf['web']['website_basedir'].'/apps');
	1579	$tpl->setVar('apps_vhost_basedir',$conf['web']['website_basedir']);
	1580	$tpl->setVar('apps_vhost_servername',$apps_vhost_servername);
	1581	$tpl->setVar('apache_version',getapacheversion());
532ae5	1582
L	1583
4ffb51	1584	// comment out the listen directive if port is 80 or 443
F	1585	if($conf['web']['apps_vhost_ip'] == 80 or $conf['web']['apps_vhost_ip'] == 443) {
ccbf14	1586	$tpl->setVar('vhost_port_listen','#');
4ffb51	1587	} else {
ccbf14	1588	$tpl->setVar('vhost_port_listen','');
4ffb51	1589	}
532ae5	1590
ccbf14	1591	wf($vhost_conf_dir.'/apps.vhost', $tpl->grab());
TB	1592	unset($tpl);
532ae5	1593
4ffb51	1594	//copy('tpl/apache_ispconfig.vhost.master', "$vhost_conf_dir/ispconfig.vhost");
F	1595	//* and create the symlink
7e1cfb	1596	if(@is_link($vhost_conf_enabled_dir.'/apps.vhost')) unlink($vhost_conf_enabled_dir.'/apps.vhost');
F	1597	if(!@is_link($vhost_conf_enabled_dir.'/000-apps.vhost')) {
7fe908	1598	symlink($vhost_conf_dir.'/apps.vhost', $vhost_conf_enabled_dir.'/000-apps.vhost');
4ffb51	1599	}
a8ccf6	1600
4ffb51	1601	if(!is_file($conf['web']['website_basedir'].'/php-fcgi-scripts/apps/.php-fcgi-starter')) {
615a0a	1602	$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/apache_apps_fcgi_starter.master', 'tpl/apache_apps_fcgi_starter.master');
526b99	1603	$content = str_replace('{fastcgi_bin}', $conf['fastcgi']['fastcgi_bin'], $content);
T	1604	$content = str_replace('{fastcgi_phpini_path}', $conf['fastcgi']['fastcgi_phpini_path'], $content);
4ffb51	1605	mkdir($conf['web']['website_basedir'].'/php-fcgi-scripts/apps', 0755, true);
526b99	1606	//copy('tpl/apache_apps_fcgi_starter.master',$conf['web']['website_basedir'].'/php-fcgi-scripts/apps/.php-fcgi-starter');
T	1607	wf($conf['web']['website_basedir'].'/php-fcgi-scripts/apps/.php-fcgi-starter', $content);
4ffb51	1608	exec('chmod +x '.$conf['web']['website_basedir'].'/php-fcgi-scripts/apps/.php-fcgi-starter');
F	1609	exec('chown -R ispapps:ispapps '.$conf['web']['website_basedir'].'/php-fcgi-scripts/apps');
	1610
7fe908	1611	}
532ae5	1612	}
165152	1613	if($conf['nginx']['installed'] == true){
4ffb51	1614	$apps_vhost_user = escapeshellcmd($conf['web']['apps_vhost_user']);
F	1615	$apps_vhost_group = escapeshellcmd($conf['web']['apps_vhost_group']);
	1616	$install_dir = escapeshellcmd($conf['web']['website_basedir'].'/apps');
532ae5	1617
4ffb51	1618	$command = 'groupadd '.$apps_vhost_user;
F	1619	if(!is_group($apps_vhost_group)) caselog($command.' &> /dev/null 2> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
	1620
	1621	$command = 'useradd -g '.$apps_vhost_group.' -d '.$install_dir.' '.$apps_vhost_group;
	1622	if(!is_user($apps_vhost_user)) caselog($command.' &> /dev/null 2> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
	1623
	1624
11f2ad	1625	//$command = 'adduser '.$conf['nginx']['user'].' '.$apps_vhost_group;
TB	1626	$command = 'usermod -a -G '.$apps_vhost_group.' '.$conf['nginx']['user'];
4ffb51	1627	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
F	1628
6e2d48	1629	if(!@is_dir($install_dir)){
F	1630	mkdir($install_dir, 0755, true);
	1631	} else {
	1632	chmod($install_dir, 0755);
	1633	}
4ffb51	1634	chown($install_dir, $apps_vhost_user);
F	1635	chgrp($install_dir, $apps_vhost_group);
	1636
	1637	//* Copy the apps vhost file
	1638	$vhost_conf_dir = $conf['nginx']['vhost_conf_dir'];
	1639	$vhost_conf_enabled_dir = $conf['nginx']['vhost_conf_enabled_dir'];
	1640	$apps_vhost_servername = ($conf['web']['apps_vhost_servername'] == '')?'_':$conf['web']['apps_vhost_servername'];
	1641
	1642	// Dont just copy over the virtualhost template but add some custom settings
615a0a	1643	$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/nginx_apps.vhost.master', 'tpl/nginx_apps.vhost.master');
a8ccf6	1644
4ffb51	1645	if($conf['web']['apps_vhost_ip'] == '_default_'){
F	1646	$apps_vhost_ip = '';
	1647	} else {
	1648	$apps_vhost_ip = $conf['web']['apps_vhost_ip'].':';
	1649	}
a8ccf6	1650
ca0b77	1651	$socket_dir = escapeshellcmd($conf['nginx']['php_fpm_socket_dir']);
7fe908	1652	if(substr($socket_dir, -1) != '/') $socket_dir .= '/';
ca0b77	1653	if(!is_dir($socket_dir)) exec('mkdir -p '.$socket_dir);
F	1654	$fpm_socket = $socket_dir.'apps.sock';
8ab3cd	1655	$cgi_socket = escapeshellcmd($conf['nginx']['cgi_socket']);
4ffb51	1656
F	1657	$content = str_replace('{apps_vhost_ip}', $apps_vhost_ip, $content);
	1658	$content = str_replace('{apps_vhost_port}', $conf['web']['apps_vhost_port'], $content);
	1659	$content = str_replace('{apps_vhost_dir}', $conf['web']['website_basedir'].'/apps', $content);
	1660	$content = str_replace('{apps_vhost_servername}', $apps_vhost_servername, $content);
ca0b77	1661	//$content = str_replace('{fpm_port}', ($conf['nginx']['php_fpm_start_port']+1), $content);
F	1662	$content = str_replace('{fpm_socket}', $fpm_socket, $content);
8ab3cd	1663	$content = str_replace('{cgi_socket}', $cgi_socket, $content);
7fe908	1664
183c47	1665	if(file_exists('/var/run/php5-fpm.sock')){
F	1666	$use_tcp = '#';
	1667	$use_socket = '';
	1668	} else {
	1669	$use_tcp = '';
	1670	$use_socket = '#';
	1671	}
	1672	$content = str_replace('{use_tcp}', $use_tcp, $content);
	1673	$content = str_replace('{use_socket}', $use_socket, $content);
4ffb51	1674
F	1675	wf($vhost_conf_dir.'/apps.vhost', $content);
a8ccf6	1676
fbb24a	1677	// PHP-FPM
F	1678	// Dont just copy over the php-fpm pool template but add some custom settings
615a0a	1679	$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/apps_php_fpm_pool.conf.master', 'tpl/apps_php_fpm_pool.conf.master');
fbb24a	1680	$content = str_replace('{fpm_pool}', 'apps', $content);
ca0b77	1681	//$content = str_replace('{fpm_port}', ($conf['nginx']['php_fpm_start_port']+1), $content);
F	1682	$content = str_replace('{fpm_socket}', $fpm_socket, $content);
fbb24a	1683	$content = str_replace('{fpm_user}', $apps_vhost_user, $content);
F	1684	$content = str_replace('{fpm_group}', $apps_vhost_group, $content);
	1685	wf($conf['nginx']['php_fpm_pool_dir'].'/apps.conf', $content);
4ffb51	1686
F	1687	//copy('tpl/nginx_ispconfig.vhost.master', "$vhost_conf_dir/ispconfig.vhost");
	1688	//* and create the symlink
7e1cfb	1689	if(@is_link($vhost_conf_enabled_dir.'/apps.vhost')) unlink($vhost_conf_enabled_dir.'/apps.vhost');
F	1690	if(!@is_link($vhost_conf_enabled_dir.'/000-apps.vhost')) {
7fe908	1691	symlink($vhost_conf_dir.'/apps.vhost', $vhost_conf_enabled_dir.'/000-apps.vhost');
4ffb51	1692	}
a8ccf6	1693
532ae5	1694	}
L	1695	}
a8ccf6	1696
532ae5	1697	public function make_ispconfig_ssl_cert() {
b04e82	1698	global $conf,$autoinstall;
532ae5	1699
L	1700	$install_dir = $conf['ispconfig_install_dir'];
a8ccf6	1701
532ae5	1702	$ssl_crt_file = $install_dir.'/interface/ssl/ispserver.crt';
L	1703	$ssl_csr_file = $install_dir.'/interface/ssl/ispserver.csr';
	1704	$ssl_key_file = $install_dir.'/interface/ssl/ispserver.key';
a8ccf6	1705
532ae5	1706	if(!@is_dir($install_dir.'/interface/ssl')) mkdir($install_dir.'/interface/ssl', 0755, true);
a8ccf6	1707
7fe908	1708	$ssl_pw = substr(md5(mt_rand()), 0, 6);
532ae5	1709	exec("openssl genrsa -des3 -passout pass:$ssl_pw -out $ssl_key_file 4096");
b04e82	1710	if(AUTOINSTALL){
TB	1711	exec("openssl req -new -passin pass:$ssl_pw -passout pass:$ssl_pw -subj '/C=".escapeshellcmd($autoinstall['ssl_cert_country'])."/ST=".escapeshellcmd($autoinstall['ssl_cert_state'])."/L=".escapeshellcmd($autoinstall['ssl_cert_locality'])."/O=".escapeshellcmd($autoinstall['ssl_cert_organisation'])."/OU=".escapeshellcmd($autoinstall['ssl_cert_organisation_unit'])."/CN=".escapeshellcmd($autoinstall['ssl_cert_common_name'])."' -key $ssl_key_file -out $ssl_csr_file");
bcd725	1712	} else {
FT	1713	exec("openssl req -new -passin pass:$ssl_pw -passout pass:$ssl_pw -key $ssl_key_file -out $ssl_csr_file");
	1714	}
532ae5	1715	exec("openssl req -x509 -passin pass:$ssl_pw -passout pass:$ssl_pw -key $ssl_key_file -in $ssl_csr_file -out $ssl_crt_file -days 3650");
L	1716	exec("openssl rsa -passin pass:$ssl_pw -in $ssl_key_file -out $ssl_key_file.insecure");
7fe908	1717	rename($ssl_key_file, $ssl_key_file.'.secure');
MC	1718	rename($ssl_key_file.'.insecure', $ssl_key_file);
980485	1719
TB	1720	exec('chown -R root:root /usr/local/ispconfig/interface/ssl');
a8ccf6	1721
532ae5	1722	}
L	1723
	1724	public function install_ispconfig() {
	1725	global $conf;
	1726
	1727	$install_dir = $conf['ispconfig_install_dir'];
	1728
	1729	//* Create the ISPConfig installation directory
	1730	if(!@is_dir($install_dir)) {
	1731	$command = "mkdir $install_dir";
	1732	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
	1733	}
	1734
	1735	//* Create a ISPConfig user and group
	1736	$command = 'groupadd ispconfig';
	1737	if(!is_group('ispconfig')) caselog($command.' &> /dev/null 2> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
	1738
	1739	$command = 'useradd -g ispconfig -d '.$install_dir.' ispconfig';
	1740	if(!is_user('ispconfig')) caselog($command.' &> /dev/null 2> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
	1741
	1742	//* copy the ISPConfig interface part
	1743	$command = 'cp -rf ../interface '.$install_dir;
	1744	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
	1745
	1746	//* copy the ISPConfig server part
	1747	$command = 'cp -rf ../server '.$install_dir;
	1748	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
a13af2	1749
fb6c56	1750	//* Make a backup of the security settings
TB	1751	if(is_file('/usr/local/ispconfig/security/security_settings.ini')) copy('/usr/local/ispconfig/security/security_settings.ini','/usr/local/ispconfig/security/security_settings.ini~');
	1752
a13af2	1753	//* copy the ISPConfig security part
TB	1754	$command = 'cp -rf ../security '.$install_dir;
	1755	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
fb6c56	1756
TB	1757	//* Apply changed security_settings.ini values to new security_settings.ini file
	1758	if(is_file('/usr/local/ispconfig/security/security_settings.ini~')) {
	1759	$security_settings_old = ini_to_array(file_get_contents('/usr/local/ispconfig/security/security_settings.ini~'));
	1760	$security_settings_new = ini_to_array(file_get_contents('/usr/local/ispconfig/security/security_settings.ini'));
	1761	if(is_array($security_settings_new) && is_array($security_settings_old)) {
	1762	foreach($security_settings_new as $section => $sval) {
	1763	if(is_array($sval)) {
	1764	foreach($sval as $key => $val) {
	1765	if(isset($security_settings_old[$section]) && isset($security_settings_old[$section][$key])) {
	1766	$security_settings_new[$section][$key] = $security_settings_old[$section][$key];
	1767	}
	1768	}
	1769	}
	1770	}
	1771	file_put_contents('/usr/local/ispconfig/security/security_settings.ini',array_to_ini($security_settings_new));
	1772	}
	1773	}
532ae5	1774
L	1775	//* Create a symlink, so ISPConfig is accessible via web
	1776	// Replaced by a separate vhost definition for port 8080
	1777	// $command = "ln -s $install_dir/interface/web/ /var/www/ispconfig";
	1778	// caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
	1779
	1780	//* Create the config file for ISPConfig interface
	1781	$configfile = 'config.inc.php';
	1782	if(is_file($install_dir.'/interface/lib/'.$configfile)) {
	1783	copy($install_dir.'/interface/lib/'.$configfile, $install_dir.'/interface/lib/'.$configfile.'~');
	1784	}
615a0a	1785	$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/'.$configfile.'.master', 'tpl/'.$configfile.'.master');
532ae5	1786	$content = str_replace('{mysql_server_ispconfig_user}', $conf['mysql']['ispconfig_user'], $content);
7fe908	1787	$content = str_replace('{mysql_server_ispconfig_password}', $conf['mysql']['ispconfig_password'], $content);
532ae5	1788	$content = str_replace('{mysql_server_database}', $conf['mysql']['database'], $content);
L	1789	$content = str_replace('{mysql_server_host}', $conf['mysql']['host'], $content);
	1790
	1791	$content = str_replace('{mysql_master_server_ispconfig_user}', $conf['mysql']['master_ispconfig_user'], $content);
	1792	$content = str_replace('{mysql_master_server_ispconfig_password}', $conf['mysql']['master_ispconfig_password'], $content);
	1793	$content = str_replace('{mysql_master_server_database}', $conf['mysql']['master_database'], $content);
	1794	$content = str_replace('{mysql_master_server_host}', $conf['mysql']['master_host'], $content);
	1795
	1796	$content = str_replace('{server_id}', $conf['server_id'], $content);
	1797	$content = str_replace('{ispconfig_log_priority}', $conf['ispconfig_log_priority'], $content);
b63764	1798	$content = str_replace('{language}', $conf['language'], $content);
8cf78b	1799	$content = str_replace('{timezone}', $conf['timezone'], $content);
f598b0	1800	$content = str_replace('{theme}', $conf['theme'], $content);
992797	1801	$content = str_replace('{language_file_import_enabled}', ($conf['language_file_import_enabled'] == true)?'true':'false', $content);
b63764	1802
532ae5	1803	wf($install_dir.'/interface/lib/'.$configfile, $content);
L	1804
	1805	//* Create the config file for ISPConfig server
	1806	$configfile = 'config.inc.php';
	1807	if(is_file($install_dir.'/server/lib/'.$configfile)) {
	1808	copy($install_dir.'/server/lib/'.$configfile, $install_dir.'/interface/lib/'.$configfile.'~');
	1809	}
615a0a	1810	$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/'.$configfile.'.master', 'tpl/'.$configfile.'.master');
532ae5	1811	$content = str_replace('{mysql_server_ispconfig_user}', $conf['mysql']['ispconfig_user'], $content);
L	1812	$content = str_replace('{mysql_server_ispconfig_password}', $conf['mysql']['ispconfig_password'], $content);
	1813	$content = str_replace('{mysql_server_database}', $conf['mysql']['database'], $content);
	1814	$content = str_replace('{mysql_server_host}', $conf['mysql']['host'], $content);
	1815
	1816	$content = str_replace('{mysql_master_server_ispconfig_user}', $conf['mysql']['master_ispconfig_user'], $content);
	1817	$content = str_replace('{mysql_master_server_ispconfig_password}', $conf['mysql']['master_ispconfig_password'], $content);
	1818	$content = str_replace('{mysql_master_server_database}', $conf['mysql']['master_database'], $content);
	1819	$content = str_replace('{mysql_master_server_host}', $conf['mysql']['master_host'], $content);
	1820
	1821	$content = str_replace('{server_id}', $conf['server_id'], $content);
	1822	$content = str_replace('{ispconfig_log_priority}', $conf['ispconfig_log_priority'], $content);
	1823	$content = str_replace('{language}', $conf['language'], $content);
8cf78b	1824	$content = str_replace('{timezone}', $conf['timezone'], $content);
f598b0	1825	$content = str_replace('{theme}', $conf['theme'], $content);
992797	1826	$content = str_replace('{language_file_import_enabled}', ($conf['language_file_import_enabled'] == true)?'true':'false', $content);
532ae5	1827
L	1828	wf($install_dir.'/server/lib/'.$configfile, $content);
	1829
	1830	//* Create the config file for remote-actions (but only, if it does not exist, because
	1831	// the value is a autoinc-value and so changed by the remoteaction_core_module
	1832	if (!file_exists($install_dir.'/server/lib/remote_action.inc.php')) {
	1833	$content = '<?php' . "\n" . '$maxid_remote_action = 0;' . "\n" . '?>';
	1834	wf($install_dir.'/server/lib/remote_action.inc.php', $content);
	1835	}
	1836
	1837	//* Enable the server modules and plugins.
	1838	// TODO: Implement a selector which modules and plugins shall be enabled.
	1839	$dir = $install_dir.'/server/mods-available/';
	1840	if (is_dir($dir)) {
	1841	if ($dh = opendir($dir)) {
	1842	while (($file = readdir($dh)) !== false) {
7fe908	1843	if($file != '.' && $file != '..' && substr($file, -8, 8) == '.inc.php') {
MC	1844	include_once $install_dir.'/server/mods-available/'.$file;
	1845	$module_name = substr($file, 0, -8);
532ae5	1846	$tmp = new $module_name;
L	1847	if($tmp->onInstall()) {
	1848	if(!@is_link($install_dir.'/server/mods-enabled/'.$file)) {
	1849	@symlink($install_dir.'/server/mods-available/'.$file, $install_dir.'/server/mods-enabled/'.$file);
	1850	// @symlink($install_dir.'/server/mods-available/'.$file, '../mods-enabled/'.$file);
	1851	}
	1852	if (strpos($file, '_core_module') !== false) {
	1853	if(!@is_link($install_dir.'/server/mods-core/'.$file)) {
	1854	@symlink($install_dir.'/server/mods-available/'.$file, $install_dir.'/server/mods-core/'.$file);
	1855	// @symlink($install_dir.'/server/mods-available/'.$file, '../mods-core/'.$file);
	1856	}
	1857	}
	1858	}
	1859	unset($tmp);
	1860	}
	1861	}
	1862	closedir($dh);
	1863	}
	1864	}
	1865
	1866	$dir = $install_dir.'/server/plugins-available/';
	1867	if (is_dir($dir)) {
	1868	if ($dh = opendir($dir)) {
	1869	while (($file = readdir($dh)) !== false) {
4ffb51	1870	if($conf['apache']['installed'] == true && $file == 'nginx_plugin.inc.php') continue;
F	1871	if($conf['nginx']['installed'] == true && $file == 'apache2_plugin.inc.php') continue;
7fe908	1872	if($file != '.' && $file != '..' && substr($file, -8, 8) == '.inc.php') {
MC	1873	include_once $install_dir.'/server/plugins-available/'.$file;
	1874	$plugin_name = substr($file, 0, -8);
532ae5	1875	$tmp = new $plugin_name;
7fe908	1876	if(method_exists($tmp, 'onInstall') && $tmp->onInstall()) {
532ae5	1877	if(!@is_link($install_dir.'/server/plugins-enabled/'.$file)) {
L	1878	@symlink($install_dir.'/server/plugins-available/'.$file, $install_dir.'/server/plugins-enabled/'.$file);
	1879	//@symlink($install_dir.'/server/plugins-available/'.$file, '../plugins-enabled/'.$file);
	1880	}
	1881	if (strpos($file, '_core_plugin') !== false) {
	1882	if(!@is_link($install_dir.'/server/plugins-core/'.$file)) {
	1883	@symlink($install_dir.'/server/plugins-available/'.$file, $install_dir.'/server/plugins-core/'.$file);
	1884	//@symlink($install_dir.'/server/plugins-available/'.$file, '../plugins-core/'.$file);
	1885	}
	1886	}
	1887	}
	1888	unset($tmp);
	1889	}
	1890	}
	1891	closedir($dh);
	1892	}
	1893	}
	1894
	1895	// Update the server config
	1896	$mail_server_enabled = ($conf['services']['mail'])?1:0;
	1897	$web_server_enabled = ($conf['services']['web'])?1:0;
	1898	$dns_server_enabled = ($conf['services']['dns'])?1:0;
	1899	$file_server_enabled = ($conf['services']['file'])?1:0;
	1900	$db_server_enabled = ($conf['services']['db'])?1:0;
8cf955	1901	$vserver_server_enabled = ($conf['openvz']['installed'])?1:0;
80e3c9	1902	$proxy_server_enabled = ($conf['services']['proxy'])?1:0;
T	1903	$firewall_server_enabled = ($conf['services']['firewall'])?1:0;
532ae5	1904
80e3c9	1905	$sql = "UPDATE `server` SET mail_server = '$mail_server_enabled', web_server = '$web_server_enabled', dns_server = '$dns_server_enabled', file_server = '$file_server_enabled', db_server = '$db_server_enabled', vserver_server = '$vserver_server_enabled', proxy_server = '$proxy_server_enabled', firewall_server = '$firewall_server_enabled' WHERE server_id = ".intval($conf['server_id']);
532ae5	1906
L	1907	if($conf['mysql']['master_slave_setup'] == 'y') {
	1908	$this->dbmaster->query($sql);
	1909	$this->db->query($sql);
	1910	} else {
	1911	$this->db->query($sql);
	1912	}
	1913
	1914
3e0fc8	1915	// chown install dir to root and chmod 755
TB	1916	$command = 'chown root:root '.$install_dir;
	1917	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
	1918	$command = 'chmod 755 '.$install_dir;
532ae5	1919	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
L	1920
fa029b	1921	//* Chmod the files and directories in the install dir
3e0fc8	1922	$command = 'chmod -R 750 '.$install_dir.'/*';
TB	1923	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
	1924
	1925	//* chown the interface files to the ispconfig user and group
	1926	$command = 'chown -R ispconfig:ispconfig '.$install_dir.'/interface';
	1927	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
	1928
	1929	//* chown the server files to the root user and group
	1930	$command = 'chown -R root:root '.$install_dir.'/server';
532ae5	1931	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
fa029b	1932
TB	1933	//* chown the security files to the root user and group
	1934	$command = 'chown -R root:root '.$install_dir.'/security';
	1935	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
	1936
	1937	//* chown the security directory and security_settings.ini to root:ispconfig
	1938	$command = 'chown root:ispconfig '.$install_dir.'/security/security_settings.ini';
	1939	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
	1940	$command = 'chown root:ispconfig '.$install_dir.'/security';
	1941	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
cb1221	1942	$command = 'chown root:ispconfig '.$install_dir.'/security/ids.whitelist';
TB	1943	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
	1944	$command = 'chown root:ispconfig '.$install_dir.'/security/ids.htmlfield';
	1945	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
	1946	$command = 'chown root:ispconfig '.$install_dir.'/security/apache_directives.blacklist';
	1947	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
532ae5	1948
L	1949	//* Make the global language file directory group writable
	1950	exec("chmod -R 770 $install_dir/interface/lib/lang");
	1951
	1952	//* Make the temp directory for language file exports writable
	1953	if(is_dir($install_dir.'/interface/web/temp')) exec("chmod -R 770 $install_dir/interface/web/temp");
	1954
	1955	//* Make all interface language file directories group writable
	1956	$handle = @opendir($install_dir.'/interface/web');
7fe908	1957	while ($file = @readdir($handle)) {
532ae5	1958	if ($file != '.' && $file != '..') {
L	1959	if(@is_dir($install_dir.'/interface/web'.'/'.$file.'/lib/lang')) {
	1960	$handle2 = opendir($install_dir.'/interface/web'.'/'.$file.'/lib/lang');
7fe908	1961	chmod($install_dir.'/interface/web'.'/'.$file.'/lib/lang', 0770);
MC	1962	while ($lang_file = @readdir($handle2)) {
532ae5	1963	if ($lang_file != '.' && $lang_file != '..') {
7fe908	1964	chmod($install_dir.'/interface/web'.'/'.$file.'/lib/lang/'.$lang_file, 0770);
532ae5	1965	}
L	1966	}
	1967	}
	1968	}
	1969	}
a8ccf6	1970
477d4e	1971	//* Make the APS directories group writable
T	1972	exec("chmod -R 770 $install_dir/interface/web/sites/aps_meta_packages");
	1973	exec("chmod -R 770 $install_dir/server/aps_packages");
532ae5	1974
L	1975	//* make sure that the server config file (not the interface one) is only readable by the root user
bfcdef	1976	chmod($install_dir.'/server/lib/config.inc.php', 0600);
T	1977	chown($install_dir.'/server/lib/config.inc.php', 'root');
	1978	chgrp($install_dir.'/server/lib/config.inc.php', 'root');
7fe908	1979
bfcdef	1980	//* Make sure thet the interface config file is readable by user ispconfig only
T	1981	chmod($install_dir.'/interface/lib/config.inc.php', 0600);
	1982	chown($install_dir.'/interface/lib/config.inc.php', 'ispconfig');
	1983	chgrp($install_dir.'/interface/lib/config.inc.php', 'ispconfig');
532ae5	1984
L	1985	chmod($install_dir.'/server/lib/remote_action.inc.php', 0600);
	1986	chown($install_dir.'/server/lib/remote_action.inc.php', 'root');
	1987	chgrp($install_dir.'/server/lib/remote_action.inc.php', 'root');
	1988
	1989	if(@is_file($install_dir.'/server/lib/mysql_clientdb.conf')) {
	1990	chmod($install_dir.'/server/lib/mysql_clientdb.conf', 0600);
	1991	chown($install_dir.'/server/lib/mysql_clientdb.conf', 'root');
	1992	chgrp($install_dir.'/server/lib/mysql_clientdb.conf', 'root');
	1993	}
a8ccf6	1994
8cf78b	1995	if(is_dir($install_dir.'/interface/invoices')) {
e94a9f	1996	exec('chmod -R 770 '.escapeshellarg($install_dir.'/interface/invoices'));
T	1997	exec('chown -R ispconfig:ispconfig '.escapeshellarg($install_dir.'/interface/invoices'));
edf806	1998	}
980485	1999
TB	2000	exec('chown -R root:root /usr/local/ispconfig/interface/ssl');
532ae5	2001
L	2002	// TODO: FIXME: add the www-data user to the ispconfig group. This is just for testing
	2003	// and must be fixed as this will allow the apache user to read the ispconfig files.
	2004	// Later this must run as own apache server or via suexec!
63b369	2005	if($conf['apache']['installed'] == true){
F	2006	$command = 'adduser '.$conf['apache']['user'].' ispconfig';
	2007	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
272aec	2008	if(is_group('ispapps')){
F	2009	$command = 'adduser '.$conf['apache']['user'].' ispapps';
	2010	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
	2011	}
63b369	2012	}
F	2013	if($conf['nginx']['installed'] == true){
	2014	$command = 'adduser '.$conf['nginx']['user'].' ispconfig';
	2015	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
272aec	2016	if(is_group('ispapps')){
F	2017	$command = 'adduser '.$conf['nginx']['user'].' ispapps';
	2018	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
	2019	}
63b369	2020	}
532ae5	2021
L	2022	//* Make the shell scripts executable
	2023	$command = "chmod +x $install_dir/server/scripts/*.sh";
	2024	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
	2025
7e1cfb	2026	if($conf['apache']['installed'] == true && $this->install_ispconfig_interface == true){
4ffb51	2027	//* Copy the ISPConfig vhost for the controlpanel
F	2028	$vhost_conf_dir = $conf['apache']['vhost_conf_dir'];
	2029	$vhost_conf_enabled_dir = $conf['apache']['vhost_conf_enabled_dir'];
532ae5	2030
4ffb51	2031	// Dont just copy over the virtualhost template but add some custom settings
ccbf14	2032	$tpl = new tpl('apache_ispconfig.vhost.master');
TB	2033	$tpl->setVar('vhost_port',$conf['apache']['vhost_port']);
532ae5	2034
4ffb51	2035	// comment out the listen directive if port is 80 or 443
F	2036	if($conf['apache']['vhost_port'] == 80 or $conf['apache']['vhost_port'] == 443) {
ccbf14	2037	$tpl->setVar('vhost_port_listen','#');
4ffb51	2038	} else {
ccbf14	2039	$tpl->setVar('vhost_port_listen','');
4ffb51	2040	}
a8ccf6	2041
4ffb51	2042	if(is_file($install_dir.'/interface/ssl/ispserver.crt') && is_file($install_dir.'/interface/ssl/ispserver.key')) {
ccbf14	2043	$tpl->setVar('ssl_comment','');
4ffb51	2044	} else {
ccbf14	2045	$tpl->setVar('ssl_comment','#');
4ffb51	2046	}
10b4c8	2047	if(is_file($install_dir.'/interface/ssl/ispserver.crt') && is_file($install_dir.'/interface/ssl/ispserver.key') && is_file($install_dir.'/interface/ssl/ispserver.bundle')) {
ccbf14	2048	$tpl->setVar('ssl_bundle_comment','');
10b4c8	2049	} else {
ccbf14	2050	$tpl->setVar('ssl_bundle_comment','#');
10b4c8	2051	}
ccbf14	2052
TB	2053	$tpl->setVar('apache_version',getapacheversion());
532ae5	2054
ccbf14	2055	wf($vhost_conf_dir.'/ispconfig.vhost', $tpl->grab());
532ae5	2056
4ffb51	2057	//* and create the symlink
7e1cfb	2058	if($this->is_update == false) {
4ffb51	2059	if(@is_link($vhost_conf_enabled_dir.'/ispconfig.vhost')) unlink($vhost_conf_enabled_dir.'/ispconfig.vhost');
F	2060	if(!@is_link($vhost_conf_enabled_dir.'/000-ispconfig.vhost')) {
7fe908	2061	symlink($vhost_conf_dir.'/ispconfig.vhost', $vhost_conf_enabled_dir.'/000-ispconfig.vhost');
4ffb51	2062	}
F	2063	}
cc6568	2064	//if(!is_file('/var/www/php-fcgi-scripts/ispconfig/.php-fcgi-starter')) {
7fe908	2065	$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/apache_ispconfig_fcgi_starter.master', 'tpl/apache_ispconfig_fcgi_starter.master');
MC	2066	$content = str_replace('{fastcgi_bin}', $conf['fastcgi']['fastcgi_bin'], $content);
	2067	$content = str_replace('{fastcgi_phpini_path}', $conf['fastcgi']['fastcgi_phpini_path'], $content);
	2068	@mkdir('/var/www/php-fcgi-scripts/ispconfig', 0755, true);
	2069	wf('/var/www/php-fcgi-scripts/ispconfig/.php-fcgi-starter', $content);
	2070	exec('chmod +x /var/www/php-fcgi-scripts/ispconfig/.php-fcgi-starter');
	2071	@symlink($install_dir.'/interface/web', '/var/www/ispconfig');
	2072	exec('chown -R ispconfig:ispconfig /var/www/php-fcgi-scripts/ispconfig');
cc6568	2073	//}
532ae5	2074	}
a8ccf6	2075
7e1cfb	2076	if($conf['nginx']['installed'] == true && $this->install_ispconfig_interface == true){
4ffb51	2077	//* Copy the ISPConfig vhost for the controlpanel
F	2078	$vhost_conf_dir = $conf['nginx']['vhost_conf_dir'];
	2079	$vhost_conf_enabled_dir = $conf['nginx']['vhost_conf_enabled_dir'];
532ae5	2080
4ffb51	2081	// Dont just copy over the virtualhost template but add some custom settings
615a0a	2082	$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/nginx_ispconfig.vhost.master', 'tpl/nginx_ispconfig.vhost.master');
4ffb51	2083	$content = str_replace('{vhost_port}', $conf['nginx']['vhost_port'], $content);
a8ccf6	2084
4ffb51	2085	if(is_file($install_dir.'/interface/ssl/ispserver.crt') && is_file($install_dir.'/interface/ssl/ispserver.key')) {
f9b8d0	2086	$content = str_replace('{ssl_on}', 'on', $content);
4ffb51	2087	$content = str_replace('{ssl_comment}', '', $content);
F	2088	$content = str_replace('{fastcgi_ssl}', 'on', $content);
	2089	} else {
f9b8d0	2090	$content = str_replace('{ssl_on}', 'off', $content);
4ffb51	2091	$content = str_replace('{ssl_comment}', '#', $content);
F	2092	$content = str_replace('{fastcgi_ssl}', 'off', $content);
	2093	}
a8ccf6	2094
ca0b77	2095	$socket_dir = escapeshellcmd($conf['nginx']['php_fpm_socket_dir']);
7fe908	2096	if(substr($socket_dir, -1) != '/') $socket_dir .= '/';
ca0b77	2097	if(!is_dir($socket_dir)) exec('mkdir -p '.$socket_dir);
F	2098	$fpm_socket = $socket_dir.'ispconfig.sock';
a8ccf6	2099
ca0b77	2100	//$content = str_replace('{fpm_port}', $conf['nginx']['php_fpm_start_port'], $content);
F	2101	$content = str_replace('{fpm_socket}', $fpm_socket, $content);
a8ccf6	2102
4ffb51	2103	wf($vhost_conf_dir.'/ispconfig.vhost', $content);
a8ccf6	2104
4ffb51	2105	unset($content);
a8ccf6	2106
4ffb51	2107	// PHP-FPM
F	2108	// Dont just copy over the php-fpm pool template but add some custom settings
615a0a	2109	$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/php_fpm_pool.conf.master', 'tpl/php_fpm_pool.conf.master');
4ffb51	2110	$content = str_replace('{fpm_pool}', 'ispconfig', $content);
ca0b77	2111	//$content = str_replace('{fpm_port}', $conf['nginx']['php_fpm_start_port'], $content);
F	2112	$content = str_replace('{fpm_socket}', $fpm_socket, $content);
4ffb51	2113	$content = str_replace('{fpm_user}', 'ispconfig', $content);
F	2114	$content = str_replace('{fpm_group}', 'ispconfig', $content);
	2115	wf($conf['nginx']['php_fpm_pool_dir'].'/ispconfig.conf', $content);
	2116
	2117	//copy('tpl/nginx_ispconfig.vhost.master', $vhost_conf_dir.'/ispconfig.vhost');
	2118	//* and create the symlink
7e1cfb	2119	if($this->is_update == false) {
4ffb51	2120	if(@is_link($vhost_conf_enabled_dir.'/ispconfig.vhost')) unlink($vhost_conf_enabled_dir.'/ispconfig.vhost');
F	2121	if(!@is_link($vhost_conf_enabled_dir.'/000-ispconfig.vhost')) {
7fe908	2122	symlink($vhost_conf_dir.'/ispconfig.vhost', $vhost_conf_enabled_dir.'/000-ispconfig.vhost');
4ffb51	2123	}
F	2124	}
532ae5	2125	}
L	2126
	2127	//* Install the update script
b34f99	2128	if(is_file('/usr/local/bin/ispconfig_update_from_dev.sh')) unlink('/usr/local/bin/ispconfig_update_from_dev.sh');
MC	2129	chown($install_dir.'/server/scripts/update_from_dev.sh', 'root');
	2130	chmod($install_dir.'/server/scripts/update_from_dev.sh', 0700);
532ae5	2131	chown($install_dir.'/server/scripts/update_from_tgz.sh', 'root');
L	2132	chmod($install_dir.'/server/scripts/update_from_tgz.sh', 0700);
	2133	chown($install_dir.'/server/scripts/ispconfig_update.sh', 'root');
	2134	chmod($install_dir.'/server/scripts/ispconfig_update.sh', 0700);
b34f99	2135	if(!is_link('/usr/local/bin/ispconfig_update_from_dev.sh')) symlink($install_dir.'/server/scripts/ispconfig_update.sh', '/usr/local/bin/ispconfig_update_from_dev.sh');
7fe908	2136	if(!is_link('/usr/local/bin/ispconfig_update.sh')) symlink($install_dir.'/server/scripts/ispconfig_update.sh', '/usr/local/bin/ispconfig_update.sh');
532ae5	2137
L	2138	//* Make the logs readable for the ispconfig user
	2139	if(@is_file('/var/log/mail.log')) exec('chmod +r /var/log/mail.log');
	2140	if(@is_file('/var/log/mail.warn')) exec('chmod +r /var/log/mail.warn');
	2141	if(@is_file('/var/log/mail.err')) exec('chmod +r /var/log/mail.err');
	2142	if(@is_file('/var/log/messages')) exec('chmod +r /var/log/messages');
	2143	if(@is_file('/var/log/clamav/clamav.log')) exec('chmod +r /var/log/clamav/clamav.log');
	2144	if(@is_file('/var/log/clamav/freshclam.log')) exec('chmod +r /var/log/clamav/freshclam.log');
	2145
	2146	//* Create the ispconfig log file and directory
	2147	if(!is_file($conf['ispconfig_log_dir'].'/ispconfig.log')) {
	2148	if(!is_dir($conf['ispconfig_log_dir'])) mkdir($conf['ispconfig_log_dir'], 0755);
	2149	touch($conf['ispconfig_log_dir'].'/ispconfig.log');
	2150	}
a8ccf6	2151
99c89b	2152	//* Create the ispconfig auth log file and set uid/gid
a8ccf6	2153	if(!is_file($conf['ispconfig_log_dir'].'/auth.log')) {
99c89b	2154	touch($conf['ispconfig_log_dir'].'/auth.log');
a8ccf6	2155	}
0799f8	2156	exec('chown ispconfig:ispconfig '. $conf['ispconfig_log_dir'].'/auth.log');
T	2157	exec('chmod 660 '. $conf['ispconfig_log_dir'].'/auth.log');
a8ccf6	2158
0c5b42	2159	if(is_user('getmail')) {
7fe908	2160	rename($install_dir.'/server/scripts/run-getmail.sh', '/usr/local/bin/run-getmail.sh');
0c5b42	2161	if(is_user('getmail')) chown('/usr/local/bin/run-getmail.sh', 'getmail');
T	2162	chmod('/usr/local/bin/run-getmail.sh', 0744);
	2163	}
532ae5	2164
L	2165	//* Add Log-Rotation
	2166	if (is_dir('/etc/logrotate.d')) {
	2167	@unlink('/etc/logrotate.d/logispc3'); // ignore, if the file is not there
	2168	/* We rotate these logs in cron_daily.php
	2169	$fh = fopen('/etc/logrotate.d/logispc3', 'w');
	2170	fwrite($fh,
	2171	"$conf['ispconfig_log_dir']/ispconfig.log { \n" .
	2172	" weekly \n" .
	2173	" missingok \n" .
	2174	" rotate 4 \n" .
	2175	" compress \n" .
	2176	" delaycompress \n" .
	2177	"} \n" .
	2178	"$conf['ispconfig_log_dir']/cron.log { \n" .
	2179	" weekly \n" .
	2180	" missingok \n" .
	2181	" rotate 4 \n" .
	2182	" compress \n" .
	2183	" delaycompress \n" .
	2184	"}");
	2185	fclose($fh);
	2186	*/
	2187	}
7fe908	2188
d71bae	2189	//* Remove Domain module as its functions are available in the client module now
T	2190	if(@is_dir('/usr/local/ispconfig/interface/web/domain')) exec('rm -rf /usr/local/ispconfig/interface/web/domain');
f30628	2191
TB	2192	//* Disable rkhunter run and update in debian cronjob as ispconfig is running and updating rkhunter
	2193	if(is_file('/etc/default/rkhunter')) {
	2194	replaceLine('/etc/default/rkhunter', 'CRON_DAILY_RUN="yes"', 'CRON_DAILY_RUN="no"', 1, 0);
	2195	replaceLine('/etc/default/rkhunter', 'CRON_DB_UPDATE="yes"', 'CRON_DB_UPDATE="no"', 1, 0);
	2196	}
	2197
021aec	2198	// Add symlink for patch tool
TB	2199	if(!is_link('/usr/local/bin/ispconfig_patch')) exec('ln -s /usr/local/ispconfig/server/scripts/ispconfig_patch /usr/local/bin/ispconfig_patch');
5b3f25	2200
532ae5	2201	}
L	2202
	2203	public function configure_dbserver() {
	2204	global $conf;
	2205
	2206	//* If this server shall act as database server for client DB's, we configure this here
	2207	$install_dir = $conf['ispconfig_install_dir'];
	2208
	2209	// Create a file with the database login details which
	2210	// are used to create the client databases.
	2211
	2212	if(!is_dir($install_dir.'/server/lib')) {
	2213	$command = "mkdir $install_dir/server/lib";
	2214	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
	2215	}
	2216
615a0a	2217	$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/mysql_clientdb.conf.master', 'tpl/mysql_clientdb.conf.master');
7fe908	2218	$content = str_replace('{hostname}', $conf['mysql']['host'], $content);
MC	2219	$content = str_replace('{username}', $conf['mysql']['admin_user'], $content);
	2220	$content = str_replace('{password}', $conf['mysql']['admin_password'], $content);
	2221	wf($install_dir.'/server/lib/mysql_clientdb.conf', $content);
532ae5	2222	chmod($install_dir.'/server/lib/mysql_clientdb.conf', 0600);
L	2223	chown($install_dir.'/server/lib/mysql_clientdb.conf', 'root');
a8ccf6	2224	chgrp($install_dir.'/server/lib/mysql_clientdb.conf', 'root');
532ae5	2225
L	2226	}
	2227
	2228	public function install_crontab() {
	2229	global $conf;
	2230
	2231	$install_dir = $conf['ispconfig_install_dir'];
	2232
	2233	//* Root Crontab
	2234	exec('crontab -u root -l > crontab.txt');
	2235	$existing_root_cron_jobs = file('crontab.txt');
	2236
	2237	// remove existing ispconfig cronjobs, in case the syntax has changed
	2238	foreach($existing_root_cron_jobs as $key => $val) {
7fe908	2239	if(stristr($val, $install_dir)) unset($existing_root_cron_jobs[$key]);
532ae5	2240	}
L	2241
	2242	$root_cron_jobs = array(
7fe908	2243	"* * * * * ".$install_dir."/server/server.sh 2>&1 > /dev/null \| while read line; do echo `/bin/date` \"\$line\" >> ".$conf['ispconfig_log_dir']."/cron.log; done",
MC	2244	"30 00 * * * ".$install_dir."/server/cron_daily.sh 2>&1 > /dev/null \| while read line; do echo `/bin/date` \"\$line\" >> ".$conf['ispconfig_log_dir']."/cron.log; done"
532ae5	2245	);
a8ccf6	2246
b6a10a	2247	if ($conf['nginx']['installed'] == true) {
F	2248	$root_cron_jobs[] = "0 0 * * * ".$install_dir."/server/scripts/create_daily_nginx_access_logs.sh &> /dev/null";
	2249	}
a8ccf6	2250
532ae5	2251	foreach($root_cron_jobs as $cron_job) {
L	2252	if(!in_array($cron_job."\n", $existing_root_cron_jobs)) {
	2253	$existing_root_cron_jobs[] = $cron_job."\n";
	2254	}
	2255	}
	2256	file_put_contents('crontab.txt', $existing_root_cron_jobs);
	2257	exec('crontab -u root crontab.txt &> /dev/null');
	2258	unlink('crontab.txt');
	2259
	2260	//* Getmail crontab
	2261	if(is_user('getmail')) {
	2262	$cf = $conf['getmail'];
	2263	exec('crontab -u getmail -l > crontab.txt');
	2264	$existing_cron_jobs = file('crontab.txt');
	2265
	2266	$cron_jobs = array(
7fe908	2267	'/5 * * * /usr/local/bin/run-getmail.sh > /dev/null 2>> /dev/null'
532ae5	2268	);
L	2269
	2270	// remove existing ispconfig cronjobs, in case the syntax has changed
	2271	foreach($existing_cron_jobs as $key => $val) {
7fe908	2272	if(stristr($val, 'getmail')) unset($existing_cron_jobs[$key]);
532ae5	2273	}
L	2274
	2275	foreach($cron_jobs as $cron_job) {
	2276	if(!in_array($cron_job."\n", $existing_cron_jobs)) {
	2277	$existing_cron_jobs[] = $cron_job."\n";
	2278	}
	2279	}
	2280	file_put_contents('crontab.txt', $existing_cron_jobs);
	2281	exec('crontab -u getmail crontab.txt &> /dev/null');
	2282	unlink('crontab.txt');
	2283	}
	2284
	2285	touch($conf['ispconfig_log_dir'].'/cron.log');
cc6568	2286	chmod($conf['ispconfig_log_dir'].'/cron.log', 0660);
532ae5	2287
L	2288	}
5b3f25	2289
TB	2290	// This function is called at the end of the update process and contains code to clean up parts of old ISPCONfig releases
	2291	public function cleanup_ispconfig() {
	2292	global $app,$conf;
	2293
	2294	// Remove directories recursively
	2295	if(is_dir('/usr/local/ispconfig/interface/web/designer')) exec('rm -rf /usr/local/ispconfig/interface/web/designer');
4c3fcd	2296	if(is_dir('/usr/local/ispconfig/interface/web/themes/default-304')) exec('rm -rf /usr/local/ispconfig/interface/web/themes/default-304');
5b3f25	2297
TB	2298	// Remove files
	2299	if(is_file('/usr/local/ispconfig/interface/lib/classes/db_firebird.inc.php')) unlink('/usr/local/ispconfig/interface/lib/classes/db_firebird.inc.php');
	2300	if(is_file('/usr/local/ispconfig/interface/lib/classes/form.inc.php')) unlink('/usr/local/ispconfig/interface/lib/classes/form.inc.php');
	2301
	2302
	2303
	2304	}
7fe908	2305
33bcd0	2306	public function getinitcommand($servicename, $action, $init_script_directory = ''){
FT	2307	global $conf;
	2308	// systemd
6061d5	2309	if(is_executable('/bin/systemd') \|\| is_executable('/usr/bin/systemctl')){
33bcd0	2310	return 'systemctl '.$action.' '.$servicename.'.service';
FT	2311	}
	2312	// upstart
	2313	if(is_executable('/sbin/initctl')){
	2314	exec('/sbin/initctl version 2>/dev/null \| /bin/grep -q upstart', $retval['output'], $retval['retval']);
	2315	if(intval($retval['retval']) == 0) return 'service '.$servicename.' '.$action;
	2316	}
	2317	// sysvinit
	2318	if($init_script_directory == '') $init_script_directory = $conf['init_scripts'];
	2319	if(substr($init_script_directory, -1) === '/') $init_script_directory = substr($init_script_directory, 0, -1);
	2320	return $init_script_directory.'/'.$servicename.' '.$action;
	2321	}
532ae5	2322
L	2323	/**
	2324	* Helper function - get the path to a template file based on
	2325	* the local part of the filename. Checks first for the existence
	2326	* of a distribution specific file and if not found looks in the
	2327	* base template folder. Optionally the behaviour can be changed
	2328	* by setting the 2nd parameter which will fetch the contents
	2329	* of the template file and return it instead of the path. The 3rd
	2330	* parameter further extends this behaviour by filtering the contents
	2331	* by inserting the ispconfig database credentials using the {} placeholders.
	2332	*
	2333	* @param string $tLocal local part of filename
	2334	* @param bool $tRf
	2335	* @param bool $tDBCred
	2336	* @return string Relative path to the chosen template file
	2337	*/
	2338	protected function get_template_file($tLocal, $tRf=false, $tDBCred=false) {
	2339	global $conf, $dist;
	2340
	2341	$final_path = '';
7fe908	2342	$dist_template = $conf['ispconfig_install_dir'] . '/server/conf-custom/install/' . $tLocal . '.master';
MC	2343	if (file_exists($dist_template)) {
532ae5	2344	$final_path = $dist_template;
L	2345	} else {
7fe908	2346	$dist_template = 'dist/tpl/'.strtolower($dist['name'])."/$tLocal.master";
MC	2347	if (file_exists($dist_template)) {
	2348	$final_path = $dist_template;
	2349	} else {
	2350	$final_path = "tpl/$tLocal.master";
	2351	}
	2352	}
532ae5	2353
L	2354	if (!$tRf) {
	2355	return $final_path;
	2356	} else {
	2357	return (!$tDBCred) ? rf($final_path) : $this->insert_db_credentials(rf($final_path));
	2358	}
	2359	}
	2360
	2361	/**
	2362	* Helper function - writes the contents to a config file
	2363	* and performs a backup if the file exist. Additionally
	2364	* if the file exists the new file will be given the
	2365	* same rights and ownership as the original. Optionally the
	2366	* rights and/or ownership can be overriden by appending umask,
	2367	* user and group to the parameters. Providing only uid and gid
	2368	* values will result in only a chown.
	2369	*
	2370	* @param $tConf
	2371	* @param $tContents
	2372	* @return bool
	2373	*/
	2374	protected function write_config_file($tConf, $tContents) {
	2375	// Backup config file before writing new contents and stat file
	2376	if ( is_file($tConf) ) {
	2377	$stat = exec('stat -c \'%a %U %G\' '.escapeshellarg($tConf), $output, $res);
	2378	if ($res == 0) { // stat successfull
8cddcd	2379	list($access, $user, $group) = explode(" ", $stat);
532ae5	2380	}
L	2381
	2382	if ( copy($tConf, $tConf.'~') ) {
	2383	chmod($tConf.'~', 0400);
	2384	}
	2385	}
	2386
	2387	wf($tConf, $tContents); // write file
	2388
	2389	if (func_num_args() >= 4) // override rights and/or ownership
7fe908	2390	{
532ae5	2391	$args = func_get_args();
L	2392	$output = array_slice($args, 2);
	2393
	2394	switch (sizeof($output)) {
7fe908	2395	case 3:
MC	2396	$umask = array_shift($output);
	2397	if (is_numeric($umask) && preg_match('/^0?[0-7]{3}$/', $umask)) {
	2398	$access = $umask;
	2399	}
	2400	case 2:
	2401	if (is_user($output[0]) && is_group($output[1])) {
	2402	list($user, $group) = $output;
	2403	}
	2404	break;
532ae5	2405	}
L	2406	}
	2407
	2408	if (!empty($user) && !empty($group)) {
	2409	chown($tConf, $user);
	2410	chgrp($tConf, $group);
	2411	}
	2412
	2413	if (!empty($access)) {
	2414	exec("chmod $access $tConf");
	2415	}
	2416	}
	2417
	2418	/**
	2419	* Helper function - filter the contents of a config
	2420	* file by inserting the common ispconfig database
	2421	* credentials.
	2422	*
	2423	* @param $tContents
	2424	* @return string
	2425	*/
	2426	protected function insert_db_credentials($tContents) {
	2427	global $conf;
	2428
	2429	$tContents = str_replace('{mysql_server_ispconfig_user}', $conf["mysql"]["ispconfig_user"], $tContents);
	2430	$tContents = str_replace('{mysql_server_ispconfig_password}', $conf["mysql"]["ispconfig_password"], $tContents);
	2431	$tContents = str_replace('{mysql_server_database}', $conf["mysql"]["database"], $tContents);
	2432	$tContents = str_replace('{mysql_server_ip}', $conf["mysql"]["ip"], $tContents);
7fe908	2433	$tContents = str_replace('{mysql_server_host}', $conf['mysql']['host'], $tContents);
MC	2434	$tContents = str_replace('{mysql_server_port}', $conf["mysql"]["port"], $tContents);
532ae5	2435
L	2436	return $tContents;
	2437	}
7fe908	2438
532ae5	2439	}
L	2440
e514ae	2441	?>