gitlabFork/ISPConfig3.git - Solinfo Gitblit

Fixed: FS#3624 - SSL cert for postfix not created on OpenSuSE Linux during ...

Till Brehm

2014-08-14 b51c22aecea55a2edb0e5fa712b297465a444b28

commit \| author \| age
32d8e9	1	<?php
T	2
	3	/*
	4	Copyright (c) 2007, Till Brehm, projektfarm Gmbh
	5	All rights reserved.
	6
	7	Redistribution and use in source and binary forms, with or without modification,
	8	are permitted provided that the following conditions are met:
	9
	10	* Redistributions of source code must retain the above copyright notice,
	11	this list of conditions and the following disclaimer.
	12	* Redistributions in binary form must reproduce the above copyright notice,
	13	this list of conditions and the following disclaimer in the documentation
	14	and/or other materials provided with the distribution.
	15	* Neither the name of ISPConfig nor the names of its contributors
	16	may be used to endorse or promote products derived from this software without
	17	specific prior written permission.
	18
	19	THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
	20	ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
	21	WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
	22	IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
	23	INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
	24	BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
	25	DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
	26	OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
	27	NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
	28	EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
	29	*/
	30
	31	class installer_dist extends installer_base {
60b700	32
MC	33	public function __construct() {
	34	//** check apache modules */
	35	$mods = getapachemodules();
	36	if(in_array('authz_compat', $mods, true)) {
	37	swriteln($inst->lng(' WARNING! You are using mod_authz_compat.'));
	38	swriteln($inst->lng(' Please make sure that your apache config uses the new auth syntax:'));
	39	swriteln($inst->lng(' <Directory />'));
	40	swriteln($inst->lng(' Options None'));
	41	swriteln($inst->lng(' AllowOverride None'));
	42	swriteln($inst->lng(' Require all denied'));
	43	swriteln($inst->lng(' </Directory>'."\n"));
	44
	45	swriteln($inst->lng(' If it uses the old syntax (deny from all) ISPConfig would fail to work.'));
	46	}
	47	}
	48
526b99	49	public function configure_mailman($status = 'insert') {
T	50	global $conf;
	51
	52	$config_dir = $conf['mailman']['config_dir'].'/';
	53	$full_file_name = $config_dir.'mm_cfg.py';
	54	//* Backup exiting file
	55	if(is_file($full_file_name)) {
	56	copy($full_file_name, $config_dir.'mm_cfg.py~');
	57	}
	58
	59	// load files
615a0a	60	$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/mm_cfg.py.master', 'tpl/mm_cfg.py.master');
526b99	61	$old_file = rf($full_file_name);
T	62
	63	$old_options = array();
	64	$lines = explode("\n", $old_file);
	65	foreach ($lines as $line)
	66	{
	67	if (trim($line) != '' && substr($line, 0, 1) != '#')
	68	{
	69	@list($key, $value) = @explode("=", $line);
	70	if (!empty($value))
	71	{
	72	$key = rtrim($key);
	73	$old_options[$key] = trim($value);
	74	}
	75	}
	76	}
7fe908	77
526b99	78	if(!is_file('/var/lib/mailman/data/transport-mailman')) touch('/var/lib/mailman/data/transport-mailman');
T	79	exec('/usr/sbin/postmap /var/lib/mailman/data/transport-mailman');
	80
	81	$virtual_domains = '';
	82	if($status == 'update')
	83	{
	84	// create virtual_domains list
	85	$domainAll = $this->db->queryAllRecords("SELECT domain FROM mail_mailinglist GROUP BY domain");
	86
	87	if(is_array($domainAll)) {
7fe908	88	foreach($domainAll as $domain)
MC	89	{
	90	if ($domainAll[0]['domain'] == $domain['domain'])
	91	$virtual_domains .= "'".$domain['domain']."'";
	92	else
	93	$virtual_domains .= ", '".$domain['domain']."'";
	94	}
526b99	95	}
T	96	}
	97	else
	98	$virtual_domains = "' '";
	99
	100	$content = str_replace('{hostname}', $conf['hostname'], $content);
	101	if(!isset($old_options['DEFAULT_SERVER_LANGUAGE'])) $old_options['DEFAULT_SERVER_LANGUAGE'] = '';
	102	$content = str_replace('{default_language}', $old_options['DEFAULT_SERVER_LANGUAGE'], $content);
	103	$content = str_replace('{virtual_domains}', $virtual_domains, $content);
	104
	105	wf($full_file_name, $content);
7fe908	106
3f478f	107	//* Write virtual_to_transport.sh script
T	108	$config_dir = $conf['mailman']['config_dir'].'/';
	109	$full_file_name = $config_dir.'virtual_to_transport.sh';
7fe908	110
3f478f	111	//* Backup exiting virtual_to_transport.sh script
T	112	if(is_file($full_file_name)) {
	113	copy($full_file_name, $config_dir.'virtual_to_transport.sh~');
	114	}
7fe908	115
3f478f	116	if(is_dir('/etc/mailman')) {
615a0a	117	if(is_file($conf['ispconfig_install_dir'].'/server/conf-custom/install/mailman-virtual_to_transport.sh')) {
7fe908	118	copy($conf['ispconfig_install_dir'].'/server/conf-custom/install/mailman-virtual_to_transport.sh', $full_file_name);
MC	119	} else {
	120	copy('tpl/mailman-virtual_to_transport.sh', $full_file_name);
	121	}
	122	chgrp($full_file_name, 'mailman');
	123	chmod($full_file_name, 0750);
3f478f	124	}
7fe908	125
3f478f	126	//* Create aliasaes
T	127	exec('/usr/lib/mailman/bin/genaliases 2>/dev/null');
c71d48	128	if(is_file('/var/lib/mailman/data/virtual-mailman')) exec('postmap /var/lib/mailman/data/virtual-mailman');
526b99	129	}
7fe908	130
32d8e9	131	function configure_postfix($options = '')
7fe908	132	{
b51c22	133	global $conf,$autoinstall;
32d8e9	134	$cf = $conf['postfix'];
T	135	$config_dir = $cf['config_dir'];
7fe908	136
32d8e9	137	if(!is_dir($config_dir)){
7fe908	138	$this->error("The postfix configuration directory '$config_dir' does not exist.");
MC	139	}
	140
32d8e9	141	//* mysql-virtual_domains.cf
7fe908	142	$this->process_postfix_config('mysql-virtual_domains.cf');
32d8e9	143
T	144	//* mysql-virtual_forwardings.cf
7fe908	145	$this->process_postfix_config('mysql-virtual_forwardings.cf');
32d8e9	146
T	147	//* mysql-virtual_mailboxes.cf
7fe908	148	$this->process_postfix_config('mysql-virtual_mailboxes.cf');
32d8e9	149
T	150	//* mysql-virtual_email2email.cf
7fe908	151	$this->process_postfix_config('mysql-virtual_email2email.cf');
32d8e9	152
T	153	//* mysql-virtual_transports.cf
7fe908	154	$this->process_postfix_config('mysql-virtual_transports.cf');
32d8e9	155
T	156	//* mysql-virtual_recipient.cf
7fe908	157	$this->process_postfix_config('mysql-virtual_recipient.cf');
32d8e9	158
T	159	//* mysql-virtual_sender.cf
7fe908	160	$this->process_postfix_config('mysql-virtual_sender.cf');
32d8e9	161
T	162	//* mysql-virtual_client.cf
7fe908	163	$this->process_postfix_config('mysql-virtual_client.cf');
MC	164
32d8e9	165	//* mysql-virtual_relaydomains.cf
7fe908	166	$this->process_postfix_config('mysql-virtual_relaydomains.cf');
MC	167
429dcf	168	//* mysql-virtual_relayrecipientmaps.cf
7fe908	169	$this->process_postfix_config('mysql-virtual_relayrecipientmaps.cf');
32d8e9	170
T	171	//* Changing mode and group of the new created config files.
	172	caselog('chmod o= '.$config_dir.'/mysql-virtual_.cf &> /dev/null',
7fe908	173	__FILE__, __LINE__, 'chmod on mysql-virtual_.cf', 'chmod on mysql-virtual_.cf failed');
MC	174	caselog('chgrp '.$cf['group'].' '.$config_dir.'/mysql-virtual_.cf &> /dev/null',
	175	__FILE__, __LINE__, 'chgrp on mysql-virtual_.cf', 'chgrp on mysql-virtual_.cf failed');
	176
1ca823	177	if(!is_dir($cf['vmail_mailbox_base'])) mkdir($cf['vmail_mailbox_base']);
7fe908	178
32d8e9	179	//* Creating virtual mail user and group
fdb514	180	if(is_group($cf['vmail_groupname'])) {
T	181	$command = 'groupmod -g '.$cf['vmail_groupid'].' '.$cf['vmail_groupname'];
	182	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
	183	} else {
	184	$command = 'groupadd -g '.$cf['vmail_groupid'].' '.$cf['vmail_groupname'];
	185	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
	186	}
7fe908	187
fdb514	188	if(is_user($cf['vmail_username'])) {
T	189	$command = 'usermod -g '.$cf['vmail_groupname'].' -u '.$cf['vmail_userid'].' -d '.$cf['vmail_mailbox_base'].' -s /bin/bash '.$cf['vmail_username'];
	190	caselog("$command &> /dev/null", __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
	191	} else {
	192	$command = 'useradd -g '.$cf['vmail_groupname'].' -u '.$cf['vmail_userid'].' '.$cf['vmail_username'].' -d '.$cf['vmail_mailbox_base'].' -m';
	193	caselog("$command &> /dev/null", __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
8f898a	194	}
7fe908	195
d2e848	196	if($cf['vmail_mailbox_base'] != '' && strlen($cf['vmail_mailbox_base']) >= 10 && $this->is_update === false) exec('chown -R '.$cf['vmail_username'].':'.$cf['vmail_groupname'].' '.$cf['vmail_mailbox_base']);
7fe908	197
b67344	198	//* These postconf commands will be executed on installation and update
7b47c0	199	$server_ini_rec = $this->db->queryOneRecord("SELECT config FROM server WHERE server_id = ".$conf['server_id']);
T	200	$server_ini_array = ini_to_array(stripslashes($server_ini_rec['config']));
	201	unset($server_ini_rec);
	202
	203	//* If there are RBL's defined, format the list and add them to smtp_recipient_restrictions to prevent removeal after an update
	204	$rbl_list = '';
	205	if (@isset($server_ini_array['mail']['realtime_blackhole_list']) && $server_ini_array['mail']['realtime_blackhole_list'] != '') {
7fe908	206	$rbl_hosts = explode(",", str_replace(" ", "", $server_ini_array['mail']['realtime_blackhole_list']));
7b47c0	207	foreach ($rbl_hosts as $key => $value) {
T	208	$rbl_list .= ", reject_rbl_client ". $value;
	209	}
	210	}
	211	unset($rbl_hosts);
	212	unset($server_ini_array);
7fe908	213
7b47c0	214	//* These postconf commands will be executed on installation and update
7fe908	215	$postconf_placeholders = array('{config_dir}' => $config_dir,
MC	216	'{vmail_mailbox_base}' => $cf['vmail_mailbox_base'],
	217	'{vmail_userid}' => $cf['vmail_userid'],
	218	'{vmail_groupid}' => $cf['vmail_groupid'],
	219	'{rbl_list}' => $rbl_list);
	220
	221	$postconf_tpl = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/opensuse_postfix.conf.master', 'tpl/opensuse_postfix.conf.master');
	222	$postconf_tpl = strtr($postconf_tpl, $postconf_placeholders);
	223	$postconf_commands = array_filter(explode("\n", $postconf_tpl)); // read and remove empty lines
	224
b67344	225	//* These postconf commands will be executed on installation only
T	226	if($this->is_update == false) {
7fe908	227	$postconf_commands = array_merge($postconf_commands, array(
MC	228	'myhostname = '.$conf['hostname'],
	229	'mydestination = '.$conf['hostname'].', localhost, localhost.localdomain',
	230	'mynetworks = 127.0.0.0/8 [::1]/128'
	231	));
b67344	232	}
7fe908	233
32d8e9	234	//* Create the header and body check files
T	235	touch($config_dir.'/header_checks');
	236	touch($config_dir.'/mime_header_checks');
	237	touch($config_dir.'/nested_header_checks');
	238	touch($config_dir.'/body_checks');
7fe908	239
3f478f	240	//* Create the mailman files
T	241	if(!is_dir('/var/lib/mailman/data')) exec('mkdir -p /var/lib/mailman/data');
	242	if(!is_file('/var/lib/mailman/data/aliases')) touch('/var/lib/mailman/data/aliases');
	243	exec('postalias /var/lib/mailman/data/aliases');
	244	if(!is_file('/var/lib/mailman/data/virtual-mailman')) touch('/var/lib/mailman/data/virtual-mailman');
	245	exec('postmap /var/lib/mailman/data/virtual-mailman');
	246	if(!is_file('/var/lib/mailman/data/transport-mailman')) touch('/var/lib/mailman/data/transport-mailman');
	247	exec('/usr/sbin/postmap /var/lib/mailman/data/transport-mailman');
7fe908	248
32d8e9	249	//* Make a backup copy of the main.cf file
T	250	copy($config_dir.'/main.cf', $config_dir.'/main.cf~');
7fe908	251
32d8e9	252	//* Executing the postconf commands
T	253	foreach($postconf_commands as $cmd) {
	254	$command = "postconf -e '$cmd'";
	255	caselog($command." &> /dev/null", __FILE__, __LINE__, 'EXECUTED: '.$command, 'Failed to execute the command '.$command);
	256	}
7fe908	257
MC	258	if(!stristr($options, 'dont-create-certs')) {
32d8e9	259	//* Create the SSL certificate
b04e82	260	if(AUTOINSTALL){
TB	261	$command = 'cd '.$config_dir.'; '
	262	."openssl req -new -subj '/C=".escapeshellcmd($autoinstall['ssl_cert_country'])."/ST=".escapeshellcmd($autoinstall['ssl_cert_state'])."/L=".escapeshellcmd($autoinstall['ssl_cert_locality'])."/O=".escapeshellcmd($autoinstall['ssl_cert_organisation'])."/OU=".escapeshellcmd($autoinstall['ssl_cert_organisation_unit'])."/CN=".escapeshellcmd($autoinstall['ssl_cert_common_name'])."' -outform PEM -out smtpd.cert -newkey rsa:4096 -nodes -keyout smtpd.key -keyform PEM -days 3650 -x509";
	263	} else {
	264	$command = 'cd '.$config_dir.'; '
	265	.'openssl req -new -outform PEM -out smtpd.cert -newkey rsa:4096 -nodes -keyout smtpd.key -keyform PEM -days 3650 -x509';
	266	}
b51c22	267	exec($command);
7fe908	268
32d8e9	269	$command = 'chmod o= '.$config_dir.'/smtpd.key';
T	270	caselog($command.' &> /dev/null', __FILE__, __LINE__, 'EXECUTED: '.$command, 'Failed to execute the command '.$command);
	271	}
7fe908	272
32d8e9	273	//** We have to change the permissions of the courier authdaemon directory to make it accessible for maildrop.
T	274	$command = 'chmod 755 /var/run/authdaemon.courier-imap';
	275	caselog($command.' &> /dev/null', __FILE__, __LINE__, 'EXECUTED: '.$command, 'Failed to execute the command '.$command);
7fe908	276
32d8e9	277	//* Changing maildrop lines in posfix master.cf
T	278	if(is_file($config_dir.'/master.cf')){
7fe908	279	copy($config_dir.'/master.cf', $config_dir.'/master.cf~');
MC	280	}
32d8e9	281	if(is_file($config_dir.'/master.cf~')){
7fe908	282	exec('chmod 400 '.$config_dir.'/master.cf~');
MC	283	}
32d8e9	284	$configfile = $config_dir.'/master.cf';
T	285	$content = rf($configfile);
7fe908	286
MC	287	$content = str_replace(' flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient}',
	288	' flags=DRhu user='.$cf['vmail_username'].' argv=/usr/bin/maildrop -d ${recipient} ${extension} ${recipient} ${user} ${nexthop} ${sender}',
	289	$content);
	290
	291	$content = str_replace(' flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient}',
	292	' flags=DRhu user='.$cf['vmail_username'].' argv=/usr/bin/maildrop -d ${recipient} ${extension} ${recipient} ${user} ${nexthop} ${sender}',
	293	$content);
	294
fdb514	295	// enable tlsmanager
7fe908	296	$content = str_replace('#tlsmgr unix - - n 1000? 1 tlsmgr', 'tlsmgr unix - - n 1000? 1 tlsmgr', $content);
MC	297
32d8e9	298	wf($configfile, $content);
7fe908	299
32d8e9	300	//* Writing the Maildrop mailfilter file
T	301	$configfile = 'mailfilter';
	302	if(is_file($cf['vmail_mailbox_base'].'/.'.$configfile)){
7fe908	303	copy($cf['vmail_mailbox_base'].'/.'.$configfile, $cf['vmail_mailbox_base'].'/.'.$configfile.'~');
MC	304	}
615a0a	305	$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/'.$configfile.'.master', "tpl/$configfile.master");
32d8e9	306	$content = str_replace('{dist_postfix_vmail_mailbox_base}', $cf['vmail_mailbox_base'], $content);
T	307	wf($cf['vmail_mailbox_base'].'/.'.$configfile, $content);
7fe908	308
32d8e9	309	//* Create the directory for the custom mailfilters
T	310	$command = 'mkdir '.$cf['vmail_mailbox_base'].'/mailfilters';
	311	caselog($command." &> /dev/null", __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
7fe908	312
32d8e9	313	//* Chmod and chown the .mailfilter file
T	314	$command = 'chown -R '.$cf['vmail_username'].':'.$cf['vmail_groupname'].' '.$cf['vmail_mailbox_base'].'/.mailfilter';
	315	caselog($command." &> /dev/null", __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
7fe908	316
32d8e9	317	$command = 'chmod -R 600 '.$cf['vmail_mailbox_base'].'/.mailfilter';
T	318	caselog($command." &> /dev/null", __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
7fe908	319
32d8e9	320	}
7fe908	321
32d8e9	322	public function configure_saslauthd() {
T	323	global $conf;
7fe908	324
32d8e9	325	/*
T	326	$configfile = 'sasl_smtpd.conf';
	327	if(is_file('/etc/sasl2/smtpd.conf')) copy('/etc/sasl2/smtpd.conf','/etc/sasl2/smtpd.conf~');
	328	if(is_file('/etc/sasl2/smtpd.conf~')) exec('chmod 400 '.'/etc/sasl2/smtpd.conf~');
	329	$content = rf("tpl/".$configfile.".master");
	330	$content = str_replace('{mysql_server_ispconfig_user}',$conf['mysql']['ispconfig_user'],$content);
	331	$content = str_replace('{mysql_server_ispconfig_password}',$conf['mysql']['ispconfig_password'], $content);
	332	$content = str_replace('{mysql_server_database}',$conf['mysql']['database'],$content);
	333	$content = str_replace('{mysql_server_ip}',$conf['mysql']['ip'],$content);
	334	wf('/etc/sasl2/smtpd.conf',$content);
	335	*/
7fe908	336
32d8e9	337	// TODO: Chmod and chown on the config file
7fe908	338
MC	339
32d8e9	340	/*
T	341	// Create the spool directory
	342	exec('mkdir -p /var/spool/postfix/var/run/saslauthd');
7fe908	343
32d8e9	344	// Edit the file /etc/default/saslauthd
T	345	$configfile = $conf["saslauthd"]["config"];
	346	if(is_file($configfile)) copy($configfile,$configfile.'~');
	347	if(is_file($configfile.'~')) exec('chmod 400 '.$configfile.'~');
	348	$content = rf($configfile);
	349	$content = str_replace('START=no','START=yes',$content);
	350	$content = str_replace('OPTIONS="-c"','OPTIONS="-m /var/spool/postfix/var/run/saslauthd -r"',$content);
	351	wf($configfile,$content);
	352	*/
7fe908	353
32d8e9	354	// Edit the file /etc/init.d/saslauthd
T	355	$configfile = $conf["init_scripts"].'/'.$conf["saslauthd"]["init_script"];
	356	$content = rf($configfile);
7fe908	357	$content = str_replace('/sbin/startproc $AUTHD_BIN -a $SASLAUTHD_AUTHMECH -n $SASLAUTHD_THREADS > /dev/null 2>&1', '/sbin/startproc $AUTHD_BIN -r -a $SASLAUTHD_AUTHMECH -n $SASLAUTHD_THREADS > /dev/null 2>&1', $content);
MC	358	$content = str_replace('/sbin/startproc $AUTHD_BIN $SASLAUTHD_PARAMS -a $SASLAUTHD_AUTHMECH -n $SASLAUTHD_THREADS > /dev/null 2>&1', '/sbin/startproc $AUTHD_BIN $SASLAUTHD_PARAMS -r -a $SASLAUTHD_AUTHMECH -n $SASLAUTHD_THREADS > /dev/null 2>&1', $content);
	359
	360
	361	if(is_file($configfile)) wf($configfile, $content);
	362
	363
	364
32d8e9	365	}
7fe908	366
32d8e9	367	public function configure_pam()
7fe908	368	{
32d8e9	369	global $conf;
T	370	$pam = $conf['pam'];
	371	//* configure pam for SMTP authentication agains the ispconfig database
	372	$configfile = 'pamd_smtp';
	373	if(is_file("$pam/smtp")) copy("$pam/smtp", "$pam/smtp~");
	374	if(is_file("$pam/smtp~")) exec("chmod 400 $pam/smtp~");
	375
615a0a	376	$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/'.$configfile.'.master', "tpl/$configfile.master");
32d8e9	377	$content = str_replace('{mysql_server_ispconfig_user}', $conf['mysql']['ispconfig_user'], $content);
T	378	$content = str_replace('{mysql_server_ispconfig_password}', $conf['mysql']['ispconfig_password'], $content);
	379	$content = str_replace('{mysql_server_database}', $conf['mysql']['database'], $content);
	380	$content = str_replace('{mysql_server_ip}', $conf['mysql']['ip'], $content);
	381	wf("$pam/smtp", $content);
03bff7	382	// On some OSes smtp is world readable which allows for reading database information. Removing world readable rights should have no effect.
T	383	if(is_file("$pam/smtp")) exec("chmod o= $pam/smtp");
32d8e9	384	//exec("chmod 660 $pam/smtp");
T	385	//exec("chown root:root $pam/smtp");
7fe908	386
32d8e9	387	}
7fe908	388
32d8e9	389	public function configure_courier()
7fe908	390	{
32d8e9	391	global $conf;
T	392	$config_dir = $conf['courier']['config_dir'];
	393	//* authmysqlrc
	394	$configfile = 'authmysqlrc';
	395	if(is_file("$config_dir/$configfile")){
7fe908	396	copy("$config_dir/$configfile", "$config_dir/$configfile~");
MC	397	}
32d8e9	398	exec("chmod 400 $config_dir/$configfile~");
615a0a	399	$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/'.$configfile.'.master', "tpl/$configfile.master");
7fe908	400	$content = str_replace('{mysql_server_ispconfig_user}', $conf['mysql']['ispconfig_user'], $content);
MC	401	$content = str_replace('{mysql_server_ispconfig_password}', $conf['mysql']['ispconfig_password'], $content);
	402	$content = str_replace('{mysql_server_database}', $conf['mysql']['database'], $content);
	403	$content = str_replace('{mysql_server_host}', $conf['mysql']['host'], $content);
32d8e9	404	wf("$config_dir/$configfile", $content);
7fe908	405
32d8e9	406	exec("chmod 660 $config_dir/$configfile");
T	407	exec("chown root:root $config_dir/$configfile");
7fe908	408
32d8e9	409	//* authdaemonrc
T	410	$configfile = $conf['courier']['config_dir'].'/authdaemonrc';
	411	if(is_file($configfile)){
7fe908	412	copy($configfile, $configfile.'~');
MC	413	}
32d8e9	414	if(is_file($configfile.'~')){
7fe908	415	exec('chmod 400 '.$configfile.'~');
MC	416	}
32d8e9	417	$content = rf($configfile);
T	418	$content = str_replace('authmodulelist=', 'authmodulelist="authmysql"', $content);
	419	wf($configfile, $content);
	420	}
7fe908	421
fdb514	422	public function configure_dovecot()
7fe908	423	{
fdb514	424	global $conf;
7fe908	425
fdb514	426	$config_dir = $conf['dovecot']['config_dir'];
7fe908	427
fdb514	428	//* Configure master.cf and add a line for deliver
T	429	if(is_file($config_dir.'/master.cf')){
7fe908	430	copy($config_dir.'/master.cf', $config_dir.'/master.cf~2');
MC	431	}
fdb514	432	if(is_file($config_dir.'/master.cf~')){
7fe908	433	exec('chmod 400 '.$config_dir.'/master.cf~2');
MC	434	}
fdb514	435	$content = rf($conf["postfix"]["config_dir"].'/master.cf');
T	436	// Only add the content if we had not addded it before
7fe908	437	if(!stristr($content, "dovecot/deliver")) {
013ae4	438	$deliver_content = 'dovecot unix - n n - - pipe'."\n".' flags=DROhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -f ${sender} -d ${user}@${nexthop}';
7fe908	439	af($conf["postfix"]["config_dir"].'/master.cf', $deliver_content);
fdb514	440	}
T	441	unset($content);
	442	unset($deliver_content);
7fe908	443
MC	444
fdb514	445	//* Reconfigure postfix to use dovecot authentication
T	446	// Adding the amavisd commands to the postfix configuration
	447	$postconf_commands = array (
	448	'dovecot_destination_recipient_limit = 1',
	449	'virtual_transport = dovecot',
	450	'smtpd_sasl_type = dovecot',
	451	'smtpd_sasl_path = private/auth',
	452	);
7fe908	453
fdb514	454	// Make a backup copy of the main.cf file
7fe908	455	copy($conf["postfix"]["config_dir"].'/main.cf', $conf["postfix"]["config_dir"].'/main.cf~3');
MC	456
fdb514	457	// Executing the postconf commands
T	458	foreach($postconf_commands as $cmd) {
	459	$command = "postconf -e '$cmd'";
	460	caselog($command." &> /dev/null", __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
	461	}
7fe908	462
31e0d1	463	//* backup dovecot.conf
fdb514	464	$configfile = 'dovecot.conf';
T	465	if(is_file("$config_dir/$configfile")){
7fe908	466	copy("$config_dir/$configfile", "$config_dir/$configfile~");
MC	467	}
	468
31e0d1	469	//* Get the dovecot version
7fe908	470	exec('dovecot --version', $tmp);
MC	471	$parts = explode('.', trim($tmp[0]));
31e0d1	472	$dovecot_version = $parts[0];
T	473	unset($tmp);
	474	unset($parts);
7fe908	475
31e0d1	476	//* Copy dovecot configuration file
T	477	if($dovecot_version == 2) {
7fe908	478	if(is_file($conf['ispconfig_install_dir'].'/server/conf-custom/install/opensuse_dovecot2.conf.master')) {
MC	479	copy($conf['ispconfig_install_dir'].'/server/conf-custom/install/opensuse_dovecot2.conf.master', $config_dir.'/'.$configfile);
	480	} else {
	481	copy('tpl/opensuse_dovecot2.conf.master', $config_dir.'/'.$configfile);
	482	}
31e0d1	483	} else {
7fe908	484	if(is_file($conf['ispconfig_install_dir'].'/server/conf-custom/install/opensuse_dovecot.conf.master')) {
MC	485	copy($conf['ispconfig_install_dir'].'/server/conf-custom/install/opensuse_dovecot.conf.master', $config_dir.'/'.$configfile);
	486	} else {
	487	copy('tpl/opensuse_dovecot.conf.master', $config_dir.'/'.$configfile);
	488	}
31e0d1	489	}
7fe908	490
fdb514	491	//* dovecot-sql.conf
T	492	$configfile = 'dovecot-sql.conf';
	493	if(is_file("$config_dir/$configfile")){
7fe908	494	copy("$config_dir/$configfile", "$config_dir/$configfile~");
b67344	495	exec("chmod 400 $config_dir/$configfile~");
7fe908	496	}
MC	497
615a0a	498	$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/opensuse_dovecot-sql.conf.master', "tpl/opensuse_dovecot-sql.conf.master");
7fe908	499	$content = str_replace('{mysql_server_ispconfig_user}', $conf['mysql']['ispconfig_user'], $content);
MC	500	$content = str_replace('{mysql_server_ispconfig_password}', $conf['mysql']['ispconfig_password'], $content);
	501	$content = str_replace('{mysql_server_database}', $conf['mysql']['database'], $content);
	502	$content = str_replace('{mysql_server_host}', $conf['mysql']['host'], $content);
032b86	503	$content = str_replace('{server_id}', $conf['server_id'], $content);
fdb514	504	wf("$config_dir/$configfile", $content);
7fe908	505
fdb514	506	exec("chmod 600 $config_dir/$configfile");
T	507	exec("chown root:root $config_dir/$configfile");
5e7306	508
TB	509	// Dovecot shall ignore mounts in website directory
f9d95c	510	if(is_installed('doveadm')) exec("doveadm mount add '/srv/www/*' ignore > /dev/null 2> /dev/null");
fdb514	511
T	512	}
7fe908	513
32d8e9	514	public function configure_amavis() {
T	515	global $conf;
7fe908	516
32d8e9	517	// amavisd user config file
T	518	$configfile = 'opensuse_amavisd_conf';
7fe908	519	if(is_file($conf["amavis"]["config_dir"].'/amavisd.conf')) @copy($conf["amavis"]["config_dir"].'/amavisd.conf', $conf["amavis"]["config_dir"].'/amavisd.conf~');
32d8e9	520	if(is_file($conf["amavis"]["config_dir"].'/amavisd.conf~')) exec('chmod 400 '.$conf["amavis"]["config_dir"].'/amavisd.conf~');
615a0a	521	$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/'.$configfile.'.master', "tpl/".$configfile.".master");
7fe908	522	$content = str_replace('{mysql_server_ispconfig_user}', $conf['mysql']['ispconfig_user'], $content);
MC	523	$content = str_replace('{mysql_server_ispconfig_password}', $conf['mysql']['ispconfig_password'], $content);
	524	$content = str_replace('{mysql_server_database}', $conf['mysql']['database'], $content);
	525	$content = str_replace('{mysql_server_port}', $conf["mysql"]["port"], $content);
	526	$content = str_replace('{mysql_server_ip}', $conf['mysql']['ip'], $content);
	527	wf($conf["amavis"]["config_dir"].'/amavisd.conf', $content);
	528
	529
32d8e9	530	// Adding the amavisd commands to the postfix configuration
T	531	$postconf_commands = array (
	532	'content_filter = amavis:[127.0.0.1]:10024',
	533	'receive_override_options = no_address_mappings'
	534	);
7fe908	535
32d8e9	536	// Make a backup copy of the main.cf file
7fe908	537	copy($conf["postfix"]["config_dir"].'/main.cf', $conf["postfix"]["config_dir"].'/main.cf~2');
MC	538
32d8e9	539	// Executing the postconf commands
T	540	foreach($postconf_commands as $cmd) {
	541	$command = "postconf -e '$cmd'";
	542	caselog($command." &> /dev/null", __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
	543	}
7fe908	544
32d8e9	545	// Append the configuration for amavisd to the master.cf file
7fe908	546	if(is_file($conf["postfix"]["config_dir"].'/master.cf')) copy($conf["postfix"]["config_dir"].'/master.cf', $conf["postfix"]["config_dir"].'/master.cf~');
32d8e9	547	$content = rf($conf["postfix"]["config_dir"].'/master.cf');
T	548	// Only add the content if we had not addded it before
7fe908	549	if(!stristr($content, "127.0.0.1:10025")) {
32d8e9	550	unset($content);
615a0a	551	$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/master_cf_amavis.master', "tpl/master_cf_amavis.master");
7fe908	552	af($conf["postfix"]["config_dir"].'/master.cf', $content);
32d8e9	553	}
T	554	unset($content);
7fe908	555
32d8e9	556	// Add the clamav user to the vscan group
5edf40	557	//exec('groupmod --add-user clamav vscan');
TB	558	$command = 'usermod -a -G clamav vscan';
	559	caselog($command." &> /dev/null", __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
7fe908	560
MC	561
32d8e9	562	}
7fe908	563
32d8e9	564	public function configure_spamassassin()
7fe908	565	{
32d8e9	566	global $conf;
7fe908	567
32d8e9	568	//* Enable spamasasssin on debian and ubuntu
T	569	/*
	570	$configfile = '/etc/default/spamassassin';
	571	if(is_file($configfile)){
	572	copy($configfile, $configfile.'~');
	573	}
	574	$content = rf($configfile);
	575	$content = str_replace('ENABLED=0', 'ENABLED=1', $content);
	576	wf($configfile, $content);
	577	*/
	578	}
7fe908	579
32d8e9	580	public function configure_getmail()
7fe908	581	{
32d8e9	582	global $conf;
7fe908	583
32d8e9	584	$config_dir = $conf['getmail']['config_dir'];
7fe908	585
32d8e9	586	if(!is_dir($config_dir)) exec("mkdir -p ".escapeshellcmd($config_dir));
T	587
	588	$command = "useradd -d $config_dir getmail";
	589	if(!is_user('getmail')) caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
7fe908	590
32d8e9	591	$command = "chown -R getmail $config_dir";
T	592	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
7fe908	593
32d8e9	594	$command = "chmod -R 700 $config_dir";
T	595	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
	596	}
7fe908	597
MC	598
32d8e9	599	public function configure_pureftpd()
7fe908	600	{
32d8e9	601	global $conf;
7fe908	602
32d8e9	603	$config_dir = $conf['pureftpd']['config_dir'];
T	604
	605	//* configure pam for SMTP authentication agains the ispconfig database
	606	$configfile = 'db/mysql.conf';
	607	if(is_file("$config_dir/$configfile")){
7fe908	608	copy("$config_dir/$configfile", "$config_dir/$configfile~");
MC	609	}
32d8e9	610	if(is_file("$config_dir/$configfile~")){
7fe908	611	exec("chmod 400 $config_dir/$configfile~");
MC	612	}
615a0a	613	$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/pureftpd_mysql.conf.master', 'tpl/pureftpd_mysql.conf.master');
32d8e9	614	$content = str_replace('{mysql_server_ispconfig_user}', $conf["mysql"]["ispconfig_user"], $content);
T	615	$content = str_replace('{mysql_server_ispconfig_password}', $conf["mysql"]["ispconfig_password"], $content);
	616	$content = str_replace('{mysql_server_database}', $conf["mysql"]["database"], $content);
	617	$content = str_replace('{mysql_server_ip}', $conf["mysql"]["ip"], $content);
	618	$content = str_replace('{server_id}', $conf["server_id"], $content);
	619	wf("$config_dir/$configfile", $content);
	620	exec("chmod 600 $config_dir/$configfile");
	621	exec("chown root:root $config_dir/$configfile");
7fe908	622
32d8e9	623	// copy our customized copy of pureftpd.conf to the pure-ftpd config directory
615a0a	624	if(is_file($conf['ispconfig_install_dir'].'/server/conf-custom/install/opensuse_pureftpd_conf.master')) {
7fe908	625	exec("cp " . $conf['ispconfig_install_dir']."/server/conf-custom/install/opensuse_pureftpd_conf.master $config_dir/pure-ftpd.conf");
MC	626	} else {
	627	exec("cp tpl/opensuse_pureftpd_conf.master $config_dir/pure-ftpd.conf");
	628	}
	629
32d8e9	630	}
7fe908	631
32d8e9	632	public function configure_mydns()
7fe908	633	{
32d8e9	634	global $conf;
7fe908	635
32d8e9	636	// configure pam for SMTP authentication agains the ispconfig database
T	637	$configfile = 'mydns.conf';
7fe908	638	if(is_file($conf["mydns"]["config_dir"].'/'.$configfile)) copy($conf["mydns"]["config_dir"].'/'.$configfile, $conf["mydns"]["config_dir"].'/'.$configfile.'~');
32d8e9	639	if(is_file($conf["mydns"]["config_dir"].'/'.$configfile.'~')) exec('chmod 400 '.$conf["mydns"]["config_dir"].'/'.$configfile.'~');
615a0a	640	$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/'.$configfile.'.master', "tpl/".$configfile.".master");
7fe908	641	$content = str_replace('{mysql_server_ispconfig_user}', $conf['mysql']['ispconfig_user'], $content);
MC	642	$content = str_replace('{mysql_server_ispconfig_password}', $conf['mysql']['ispconfig_password'], $content);
	643	$content = str_replace('{mysql_server_database}', $conf['mysql']['database'], $content);
	644	$content = str_replace('{mysql_server_host}', $conf["mysql"]["host"], $content);
	645	$content = str_replace('{server_id}', $conf["server_id"], $content);
	646	wf($conf["mydns"]["config_dir"].'/'.$configfile, $content);
32d8e9	647	exec('chmod 600 '.$conf["mydns"]["config_dir"].'/'.$configfile);
T	648	exec('chown root:root '.$conf["mydns"]["config_dir"].'/'.$configfile);
7fe908	649
32d8e9	650	}
7fe908	651
32d8e9	652	public function configure_apache()
7fe908	653	{
32d8e9	654	global $conf;
7fe908	655
1bd269	656	if($conf['apache']['installed'] == false) return;
32d8e9	657	//* Create the logging directory for the vhost logfiles
T	658	exec('mkdir -p /var/log/ispconfig/httpd');
7fe908	659
32d8e9	660	//if(is_file('/etc/suphp.conf')) {
7fe908	661	replaceLine('/etc/suphp.conf', 'php=php', 'x-httpd-suphp="php:/srv/www/cgi-bin/php5"', 0, 0);
MC	662	replaceLine('/etc/suphp.conf', 'php="php', 'x-httpd-suphp="php:/srv/www/cgi-bin/php5"', 0, 0);
	663	replaceLine('/etc/suphp.conf', 'docroot=', 'docroot=/srv/www', 0, 0);
	664	replaceLine('/etc/suphp.conf', 'umask=0077', 'umask=0022', 0);
32d8e9	665	//}
7fe908	666
26c0fc	667	if(!file_exists('/srv/www/cgi-bin/php5') && file_exists('/srv/www/cgi-bin/php')) {
7fe908	668	symlink('/srv/www/cgi-bin/php', '/srv/www/cgi-bin/php5');
26c0fc	669	}
7fe908	670
dbe5b0	671	// Sites enabled and available dirs
32d8e9	672	exec('mkdir -p '.$conf['apache']['vhost_conf_enabled_dir']);
T	673	exec('mkdir -p '.$conf['apache']['vhost_conf_dir']);
7fe908	674
32d8e9	675	$content = rf('/etc/apache2/httpd.conf');
7fe908	676	if(!stristr($content, 'Include /etc/apache2/sites-enabled/')) {
5545f1	677	af('/etc/apache2/httpd.conf', "\n<Directory /srv/www>\n Options +FollowSymlinks\n</Directory>\n\nInclude /etc/apache2/sites-enabled/\n\n");
32d8e9	678	}
T	679	unset($content);
7fe908	680
32d8e9	681	//* Copy the ISPConfig configuration include
7fe908	682	$vhost_conf_dir = $conf['apache']['vhost_conf_dir'];
MC	683	$vhost_conf_enabled_dir = $conf['apache']['vhost_conf_enabled_dir'];
	684
ccbf14	685	$tpl = new tpl('apache_ispconfig.conf.master');
TB	686	$tpl->setVar('apache_version',getapacheversion());
	687
a2156e	688	$records = $this->db->queryAllRecords('SELECT * FROM '.$conf['mysql']['master_database'].'.server_ip WHERE server_id = '.$conf['server_id']." AND virtualhost = 'y'");
ccbf14	689	$ip_addresses = array();
TB	690
fb3a98	691	if(is_array($records) && count($records) > 0) {
32d8e9	692	foreach($records as $rec) {
a2156e	693	if($rec['ip_type'] == 'IPv6') {
T	694	$ip_address = '['.$rec['ip_address'].']';
	695	} else {
	696	$ip_address = $rec['ip_address'];
	697	}
7fe908	698	$ports = explode(',', $rec['virtualhost_port']);
a2156e	699	if(is_array($ports)) {
T	700	foreach($ports as $port) {
	701	$port = intval($port);
	702	if($port > 0 && $port < 65536 && $ip_address != '') {
ccbf14	703	$ip_addresses[] = array('ip_address' => $ip_address, 'port' => $port);
a2156e	704	}
T	705	}
	706	}
32d8e9	707	}
T	708	}
855547	709
3de838	710	if(count($ip_addresses) > 0) $tpl->setLoop('ip_adresses',$ip_addresses);
855547	711
ccbf14	712	wf($vhost_conf_dir.'/ispconfig.conf', $tpl->grab());
TB	713	unset($tpl);
7fe908	714
32d8e9	715	if(!@is_link($vhost_conf_enabled_dir."/000-ispconfig.conf")) {
T	716	exec("ln -s ".$vhost_conf_dir."/ispconfig.conf ".$vhost_conf_enabled_dir."/000-ispconfig.conf");
	717	}
7fe908	718
99d5dc	719	//* make sure that webalizer finds its config file when it is directly in /etc
T	720	if(@is_file('/etc/webalizer.conf') && !@is_dir('/etc/webalizer')) {
	721	exec('mkdir /etc/webalizer');
	722	exec('ln -s /etc/webalizer.conf /etc/webalizer/webalizer.conf');
	723	}
7fe908	724
99d5dc	725	if(is_file('/etc/webalizer/webalizer.conf')) {
T	726	// Change webalizer mode to incremental
7fe908	727	replaceLine('/etc/webalizer/webalizer.conf', '#IncrementalName', 'IncrementalName webalizer.current', 0, 0);
MC	728	replaceLine('/etc/webalizer/webalizer.conf', '#Incremental', 'Incremental yes', 0, 0);
	729	replaceLine('/etc/webalizer/webalizer.conf', '#HistoryName', 'HistoryName webalizer.hist', 0, 0);
99d5dc	730	}
7fe908	731
6b029a	732	//* add a sshusers group
T	733	$command = 'groupadd sshusers';
	734	if(!is_group('sshusers')) caselog($command.' &> /dev/null 2> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
7fe908	735
526b99	736	// create PHP-FPM pool dir
T	737	exec('mkdir -p '.$conf['nginx']['php_fpm_pool_dir']);
7fe908	738
526b99	739	$content = rf('/etc/php5/fpm/php-fpm.conf');
T	740	if(stripos($content, 'include=/etc/php5/fpm/pool.d/*.conf') === false){
7fe908	741	af('/etc/php5/fpm/php-fpm.conf', "\ninclude=/etc/php5/fpm/pool.d/*.conf");
526b99	742	}
T	743	unset($content);
	744	if(!@is_file($conf['nginx']['php_fpm_ini_path'])){
	745	if(@is_file('/etc/php5/cli/php.ini')){
	746	exec('cp -f /etc/php5/cli/php.ini '.$conf['nginx']['php_fpm_ini_path']);
	747	} elseif(@is_file('/etc/php5/fastcgi/php.ini')){
	748	exec('cp -f /etc/php5/fastcgi/php.ini '.$conf['nginx']['php_fpm_ini_path']);
	749	} elseif(@is_file('/etc/php5/apache2/php.ini')){
	750	exec('cp -f /etc/php5/apache2/php.ini '.$conf['nginx']['php_fpm_ini_path']);
	751	}
	752	}
7fe908	753
32d8e9	754	}
7fe908	755
2d86e1	756	public function configure_nginx(){
F	757	global $conf;
7fe908	758
2d86e1	759	if($conf['nginx']['installed'] == false) return;
F	760	//* Create the logging directory for the vhost logfiles
	761	if(!@is_dir($conf['ispconfig_log_dir'].'/httpd')) mkdir($conf['ispconfig_log_dir'].'/httpd', 0755, true);
7fe908	762
dbe5b0	763	// Sites enabled and available dirs
2d86e1	764	exec('mkdir -p '.$conf['nginx']['vhost_conf_enabled_dir']);
F	765	exec('mkdir -p '.$conf['nginx']['vhost_conf_dir']);
7fe908	766
dbe5b0	767	$content = rf('/etc/nginx/nginx.conf');
F	768	if(stripos($content, 'include /etc/nginx/sites-enabled/*.vhost;') === false){
	769	$content = trim($content);
7fe908	770	$content = substr($content, 0, -1)."\n include /etc/nginx/sites-enabled/*.vhost;\n}";
MC	771	wf('/etc/nginx/nginx.conf', $content);
dbe5b0	772	}
2d86e1	773	unset($content);
7fe908	774
2d86e1	775	// create PHP-FPM pool dir
F	776	exec('mkdir -p '.$conf['nginx']['php_fpm_pool_dir']);
7fe908	777
2d86e1	778	$content = rf('/etc/php5/fpm/php-fpm.conf');
F	779	if(stripos($content, 'include=/etc/php5/fpm/pool.d/*.conf') === false){
7fe908	780	af('/etc/php5/fpm/php-fpm.conf', "\ninclude=/etc/php5/fpm/pool.d/*.conf");
2d86e1	781	}
F	782	unset($content);
59feb7	783	if(!@is_file($conf['nginx']['php_fpm_ini_path'])){
F	784	if(@is_file('/etc/php5/cli/php.ini')){
	785	exec('cp -f /etc/php5/cli/php.ini '.$conf['nginx']['php_fpm_ini_path']);
	786	} elseif(@is_file('/etc/php5/fastcgi/php.ini')){
	787	exec('cp -f /etc/php5/fastcgi/php.ini '.$conf['nginx']['php_fpm_ini_path']);
	788	} elseif(@is_file('/etc/php5/apache2/php.ini')){
	789	exec('cp -f /etc/php5/apache2/php.ini '.$conf['nginx']['php_fpm_ini_path']);
	790	}
	791	}
2d86e1	792
F	793	//* make sure that webalizer finds its config file when it is directly in /etc
	794	if(@is_file('/etc/webalizer.conf') && !@is_dir('/etc/webalizer')) {
	795	mkdir('/etc/webalizer');
7fe908	796	symlink('/etc/webalizer.conf', '/etc/webalizer/webalizer.conf');
2d86e1	797	}
F	798
	799	if(is_file('/etc/webalizer/webalizer.conf')) {
	800	// Change webalizer mode to incremental
7fe908	801	replaceLine('/etc/webalizer/webalizer.conf', '#IncrementalName', 'IncrementalName webalizer.current', 0, 0);
MC	802	replaceLine('/etc/webalizer/webalizer.conf', '#Incremental', 'Incremental yes', 0, 0);
	803	replaceLine('/etc/webalizer/webalizer.conf', '#HistoryName', 'HistoryName webalizer.hist', 0, 0);
2d86e1	804	}
7fe908	805
2d86e1	806	// Check the awsatst script
F	807	if(!is_dir('/usr/share/awstats/tools')) exec('mkdir -p /usr/share/awstats/tools');
7fe908	808	if(!file_exists('/usr/share/awstats/tools/awstats_buildstaticpages.pl') && file_exists('/usr/share/doc/awstats/examples/awstats_buildstaticpages.pl')) symlink('/usr/share/doc/awstats/examples/awstats_buildstaticpages.pl', '/usr/share/awstats/tools/awstats_buildstaticpages.pl');
MC	809	if(file_exists('/etc/awstats/awstats.conf.local')) replaceLine('/etc/awstats/awstats.conf.local', 'LogFormat=4', 'LogFormat=1', 0, 1);
	810
2d86e1	811	//* add a sshusers group
F	812	$command = 'groupadd sshusers';
	813	if(!is_group('sshusers')) caselog($command.' &> /dev/null 2> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
	814	}
7fe908	815
32d8e9	816	public function configure_firewall()
T	817	{
	818	global $conf;
7fe908	819
32d8e9	820	$dist_init_scripts = $conf['init_scripts'];
7fe908	821
32d8e9	822	if(is_dir("/etc/Bastille.backup")) caselog("rm -rf /etc/Bastille.backup", __FILE__, __LINE__);
T	823	if(is_dir("/etc/Bastille")) caselog("mv -f /etc/Bastille /etc/Bastille.backup", __FILE__, __LINE__);
7fe908	824	@mkdir("/etc/Bastille", octdec($directory_mode));
MC	825	if(is_dir("/etc/Bastille.backup/firewall.d")) caselog("cp -pfr /etc/Bastille.backup/firewall.d /etc/Bastille/", __FILE__, __LINE__);
	826	if(is_file($conf['ispconfig_install_dir'].'/server/conf-custom/install/bastille-firewall.cfg.master')) {
	827	caselog("cp -f " . $conf['ispconfig_install_dir']."/server/conf-custom/install/bastille-firewall.cfg.master /etc/Bastille/bastille-firewall.cfg", __FILE__, __LINE__);
	828	} else {
	829	caselog("cp -f tpl/bastille-firewall.cfg.master /etc/Bastille/bastille-firewall.cfg", __FILE__, __LINE__);
	830	}
	831	caselog("chmod 644 /etc/Bastille/bastille-firewall.cfg", __FILE__, __LINE__);
	832	$content = rf("/etc/Bastille/bastille-firewall.cfg");
	833	$content = str_replace("{DNS_SERVERS}", "", $content);
32d8e9	834
7fe908	835	$tcp_public_services = '';
MC	836	$udp_public_services = '';
	837
fb3a98	838	$row = $this->db->queryOneRecord('SELECT * FROM '.$conf["mysql"]["database"].'.firewall WHERE server_id = '.intval($conf['server_id']));
7fe908	839
MC	840	if(trim($row["tcp_port"]) != '' \|\| trim($row["udp_port"]) != ''){
	841	$tcp_public_services = trim(str_replace(',', ' ', $row["tcp_port"]));
	842	$udp_public_services = trim(str_replace(',', ' ', $row["udp_port"]));
	843	} else {
	844	$tcp_public_services = '21 22 25 53 80 110 443 3306 8080 10000';
	845	$udp_public_services = '53';
	846	}
	847
32d8e9	848	if(!stristr($tcp_public_services, $conf['apache']['vhost_port'])) {
T	849	$tcp_public_services .= ' '.intval($conf['apache']['vhost_port']);
	850	if($row["tcp_port"] != '') $this->db->query("UPDATE firewall SET tcp_port = tcp_port + ',".intval($conf['apache']['vhost_port'])."' WHERE server_id = ".intval($conf['server_id']));
	851	}
	852
7fe908	853	$content = str_replace("{TCP_PUBLIC_SERVICES}", $tcp_public_services, $content);
MC	854	$content = str_replace("{UDP_PUBLIC_SERVICES}", $udp_public_services, $content);
32d8e9	855
7fe908	856	wf("/etc/Bastille/bastille-firewall.cfg", $content);
32d8e9	857
7fe908	858	if(is_file($dist_init_scripts."/bastille-firewall")) caselog("mv -f $dist_init_scripts/bastille-firewall $dist_init_scripts/bastille-firewall.backup", __FILE__, __LINE__);
MC	859	caselog("cp -f apps/bastille-firewall $dist_init_scripts", __FILE__, __LINE__);
	860	caselog("chmod 700 $dist_init_scripts/bastille-firewall", __FILE__, __LINE__);
32d8e9	861
7fe908	862	if(is_file("/sbin/bastille-ipchains")) caselog("mv -f /sbin/bastille-ipchains /sbin/bastille-ipchains.backup", __FILE__, __LINE__);
MC	863	caselog("cp -f apps/bastille-ipchains /sbin", __FILE__, __LINE__);
	864	caselog("chmod 700 /sbin/bastille-ipchains", __FILE__, __LINE__);
	865
	866	if(is_file("/sbin/bastille-netfilter")) caselog("mv -f /sbin/bastille-netfilter /sbin/bastille-netfilter.backup", __FILE__, __LINE__);
	867	caselog("cp -f apps/bastille-netfilter /sbin", __FILE__, __LINE__);
	868	caselog("chmod 700 /sbin/bastille-netfilter", __FILE__, __LINE__);
	869
32d8e9	870	if(!@is_dir('/var/lock/subsys')) caselog("mkdir /var/lock/subsys", __FILE__, __LINE__);
T	871
7fe908	872	exec("which ipchains &> /dev/null", $ipchains_location, $ret_val);
MC	873	if(!is_file("/sbin/ipchains") && !is_link("/sbin/ipchains") && $ret_val == 0) phpcaselog(@symlink(shell_exec("which ipchains"), "/sbin/ipchains"), 'create symlink', __FILE__, __LINE__);
	874	unset($ipchains_location);
	875	exec("which iptables &> /dev/null", $iptables_location, $ret_val);
	876	if(!is_file("/sbin/iptables") && !is_link("/sbin/iptables") && $ret_val == 0) phpcaselog(@symlink(trim(shell_exec("which iptables")), "/sbin/iptables"), 'create symlink', __FILE__, __LINE__);
	877	unset($iptables_location);
32d8e9	878
T	879	}
4ae2a0	880
32d8e9	881	public function install_ispconfig()
7fe908	882	{
32d8e9	883	global $conf;
7fe908	884
32d8e9	885	$install_dir = $conf['ispconfig_install_dir'];
T	886
	887	//* Create the ISPConfig installation directory
	888	if(!@is_dir("$install_dir")) {
	889	$command = "mkdir $install_dir";
	890	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
	891	}
7fe908	892
32d8e9	893	//* Create a ISPConfig user and group
T	894	$command = 'groupadd ispconfig';
	895	if(!is_group('ispconfig')) caselog($command.' &> /dev/null 2> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
7fe908	896
32d8e9	897	$command = "useradd -g ispconfig -d $install_dir ispconfig";
T	898	if(!is_user('ispconfig')) caselog($command.' &> /dev/null 2> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
7fe908	899
32d8e9	900	//* copy the ISPConfig interface part
T	901	$command = "cp -rf ../interface $install_dir";
	902	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
7fe908	903
32d8e9	904	//* copy the ISPConfig server part
T	905	$command = "cp -rf ../server $install_dir";
	906	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
7fe908	907
32d8e9	908	//* Create a symlink, so ISPConfig is accessible via web
T	909	// Replaced by a separate vhost definition for port 8080
	910	// $command = "ln -s $install_dir/interface/web/ /var/www/ispconfig";
	911	// caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
7fe908	912
32d8e9	913	//* Create the config file for ISPConfig interface
T	914	$configfile = 'config.inc.php';
	915	if(is_file($install_dir.'/interface/lib/'.$configfile)){
7fe908	916	copy("$install_dir/interface/lib/$configfile", "$install_dir/interface/lib/$configfile~");
MC	917	}
615a0a	918	$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/'.$configfile.'.master', "tpl/$configfile.master");
32d8e9	919	$content = str_replace('{mysql_server_ispconfig_user}', $conf['mysql']['ispconfig_user'], $content);
T	920	$content = str_replace('{mysql_server_ispconfig_password}', $conf['mysql']['ispconfig_password'], $content);
	921	$content = str_replace('{mysql_server_database}', $conf['mysql']['database'], $content);
	922	$content = str_replace('{mysql_server_host}', $conf['mysql']['host'], $content);
7fe908	923
32d8e9	924	$content = str_replace('{mysql_master_server_ispconfig_user}', $conf['mysql']['master_ispconfig_user'], $content);
T	925	$content = str_replace('{mysql_master_server_ispconfig_password}', $conf['mysql']['master_ispconfig_password'], $content);
	926	$content = str_replace('{mysql_master_server_database}', $conf['mysql']['master_database'], $content);
	927	$content = str_replace('{mysql_master_server_host}', $conf['mysql']['master_host'], $content);
7fe908	928
32d8e9	929	$content = str_replace('{server_id}', $conf['server_id'], $content);
T	930	$content = str_replace('{ispconfig_log_priority}', $conf['ispconfig_log_priority'], $content);
5898e6	931	$content = str_replace('{language}', $conf['language'], $content);
8cf78b	932	$content = str_replace('{timezone}', $conf['timezone'], $content);
41eaa8	933	$content = str_replace('{theme}', $conf['theme'], $content);
992797	934	$content = str_replace('{language_file_import_enabled}', ($conf['language_file_import_enabled'] == true)?'true':'false', $content);
7fe908	935
MC	936	wf("$install_dir/interface/lib/$configfile", $content);
	937
	938	//* Create the config file for ISPConfig server
	939	$configfile = 'config.inc.php';
	940	if(is_file($install_dir.'/server/lib/'.$configfile)){
	941	copy("$install_dir/server/lib/$configfile", "$install_dir/interface/lib/$configfile~");
	942	}
	943	$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/'.$configfile.'.master', "tpl/$configfile.master");
	944	$content = str_replace('{mysql_server_ispconfig_user}', $conf['mysql']['ispconfig_user'], $content);
	945	$content = str_replace('{mysql_server_ispconfig_password}', $conf['mysql']['ispconfig_password'], $content);
	946	$content = str_replace('{mysql_server_database}', $conf['mysql']['database'], $content);
	947	$content = str_replace('{mysql_server_host}', $conf['mysql']['host'], $content);
	948
	949	$content = str_replace('{mysql_master_server_ispconfig_user}', $conf['mysql']['master_ispconfig_user'], $content);
	950	$content = str_replace('{mysql_master_server_ispconfig_password}', $conf['mysql']['master_ispconfig_password'], $content);
	951	$content = str_replace('{mysql_master_server_database}', $conf['mysql']['master_database'], $content);
	952	$content = str_replace('{mysql_master_server_host}', $conf['mysql']['master_host'], $content);
	953
	954	$content = str_replace('{server_id}', $conf['server_id'], $content);
	955	$content = str_replace('{ispconfig_log_priority}', $conf['ispconfig_log_priority'], $content);
	956	$content = str_replace('{language}', $conf['language'], $content);
	957	$content = str_replace('{timezone}', $conf['timezone'], $content);
	958	$content = str_replace('{theme}', $conf['theme'], $content);
	959	$content = str_replace('{language_file_import_enabled}', ($conf['language_file_import_enabled'] == true)?'true':'false', $content);
	960
32d8e9	961	wf("$install_dir/server/lib/$configfile", $content);
7fe908	962
fb3a98	963	//* Create the config file for remote-actions (but only, if it does not exist, because
T	964	// the value is a autoinc-value and so changed by the remoteaction_core_module
	965	if (!file_exists($install_dir.'/server/lib/remote_action.inc.php')) {
	966	$content = '<?php' . "\n" . '$maxid_remote_action = 0;' . "\n" . '?>';
	967	wf($install_dir.'/server/lib/remote_action.inc.php', $content);
	968	}
7fe908	969
32d8e9	970	//* Enable the server modules and plugins.
T	971	// TODO: Implement a selector which modules and plugins shall be enabled.
	972	$dir = $install_dir.'/server/mods-available/';
	973	if (is_dir($dir)) {
	974	if ($dh = opendir($dir)) {
	975	while (($file = readdir($dh)) !== false) {
7fe908	976	if($file != '.' && $file != '..' && substr($file, -8, 8) == '.inc.php') {
MC	977	include_once $install_dir.'/server/mods-available/'.$file;
	978	$module_name = substr($file, 0, -8);
32d8e9	979	$tmp = new $module_name;
T	980	if($tmp->onInstall()) {
	981	if(!@is_link($install_dir.'/server/mods-enabled/'.$file)) @symlink($install_dir.'/server/mods-available/'.$file, $install_dir.'/server/mods-enabled/'.$file);
	982	if (strpos($file, '_core_module') !== false) {
	983	if(!@is_link($install_dir.'/server/mods-core/'.$file)) @symlink($install_dir.'/server/mods-available/'.$file, $install_dir.'/server/mods-core/'.$file);
	984	}
	985	}
	986	unset($tmp);
	987	}
	988	}
	989	closedir($dh);
	990	}
	991	}
7fe908	992
32d8e9	993	$dir = $install_dir.'/server/plugins-available/';
T	994	if (is_dir($dir)) {
	995	if ($dh = opendir($dir)) {
	996	while (($file = readdir($dh)) !== false) {
1bd269	997	if($conf['apache']['installed'] == true && $file == 'nginx_plugin.inc.php') continue;
F	998	if($conf['nginx']['installed'] == true && $file == 'apache2_plugin.inc.php') continue;
7fe908	999	if($file != '.' && $file != '..' && substr($file, -8, 8) == '.inc.php') {
MC	1000	include_once $install_dir.'/server/plugins-available/'.$file;
	1001	$plugin_name = substr($file, 0, -8);
32d8e9	1002	$tmp = new $plugin_name;
T	1003	if($tmp->onInstall()) {
	1004	if(!@is_link($install_dir.'/server/plugins-enabled/'.$file)) @symlink($install_dir.'/server/plugins-available/'.$file, $install_dir.'/server/plugins-enabled/'.$file);
	1005	if (strpos($file, '_core_plugin') !== false) {
	1006	if(!@is_link($install_dir.'/server/plugins-core/'.$file)) @symlink($install_dir.'/server/plugins-available/'.$file, $install_dir.'/server/plugins-core/'.$file);
	1007	}
	1008	}
	1009	unset($tmp);
	1010	}
	1011	}
	1012	closedir($dh);
	1013	}
	1014	}
7fe908	1015
32d8e9	1016	// Update the server config
T	1017	$mail_server_enabled = ($conf['services']['mail'])?1:0;
	1018	$web_server_enabled = ($conf['services']['web'])?1:0;
	1019	$dns_server_enabled = ($conf['services']['dns'])?1:0;
	1020	$file_server_enabled = ($conf['services']['file'])?1:0;
	1021	$db_server_enabled = ($conf['services']['db'])?1:0;
	1022	$vserver_server_enabled = ($conf['services']['vserver'])?1:0;
	1023	$sql = "UPDATE `server` SET mail_server = '$mail_server_enabled', web_server = '$web_server_enabled', dns_server = '$dns_server_enabled', file_server = '$file_server_enabled', db_server = '$db_server_enabled', vserver_server = '$vserver_server_enabled' WHERE server_id = ".intval($conf['server_id']);
7fe908	1024
32d8e9	1025	if($conf['mysql']['master_slave_setup'] == 'y') {
T	1026	$this->dbmaster->query($sql);
	1027	$this->db->query($sql);
	1028	} else {
	1029	$this->db->query($sql);
	1030	}
7fe908	1031
3e0fc8	1032	// chown install dir to root and chmod 755
TB	1033	$command = 'chown root:root '.$install_dir;
	1034	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
	1035	$command = 'chmod 755 '.$install_dir;
32d8e9	1036	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
T	1037
fa029b	1038	//* Chmod the files and directories in the install dir
3e0fc8	1039	$command = 'chmod -R 750 '.$install_dir.'/*';
TB	1040	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
	1041
	1042	//* chown the interface files to the ispconfig user and group
	1043	$command = 'chown -R ispconfig:ispconfig '.$install_dir.'/interface';
	1044	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
	1045
	1046	//* chown the server files to the root user and group
	1047	$command = 'chown -R root:root '.$install_dir.'/server';
32d8e9	1048	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
fa029b	1049
TB	1050	//* chown the security files to the root user and group
	1051	$command = 'chown -R root:root '.$install_dir.'/security';
	1052	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
	1053
	1054	//* chown the security directory and security_settings.ini to root:ispconfig
	1055	$command = 'chown root:ispconfig '.$install_dir.'/security/security_settings.ini';
	1056	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
	1057	$command = 'chown root:ispconfig '.$install_dir.'/security';
	1058	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
7fe908	1059
32d8e9	1060	//* Make the global language file directory group writable
T	1061	exec("chmod -R 770 $install_dir/interface/lib/lang");
7fe908	1062
32d8e9	1063	//* Make the temp directory for language file exports writable
T	1064	exec("chmod -R 770 $install_dir/interface/web/temp");
7fe908	1065
32d8e9	1066	//* Make all interface language file directories group writable
T	1067	$handle = @opendir($install_dir.'/interface/web');
7fe908	1068	while ($file = @readdir($handle)) {
MC	1069	if ($file != '.' && $file != '..') {
	1070	if(@is_dir($install_dir.'/interface/web'.'/'.$file.'/lib/lang')) {
32d8e9	1071	$handle2 = opendir($install_dir.'/interface/web'.'/'.$file.'/lib/lang');
7fe908	1072	chmod($install_dir.'/interface/web'.'/'.$file.'/lib/lang', 0770);
MC	1073	while ($lang_file = @readdir($handle2)) {
32d8e9	1074	if ($lang_file != '.' && $lang_file != '..') {
7fe908	1075	chmod($install_dir.'/interface/web'.'/'.$file.'/lib/lang/'.$lang_file, 0770);
32d8e9	1076	}
T	1077	}
	1078	}
	1079	}
	1080	}
7fe908	1081
477d4e	1082	//* Make the APS directories group writable
T	1083	exec("chmod -R 770 $install_dir/interface/web/sites/aps_meta_packages");
	1084	exec("chmod -R 770 $install_dir/server/aps_packages");
7fe908	1085
32d8e9	1086	//* make sure that the server config file (not the interface one) is only readable by the root user
bfcdef	1087	chmod($install_dir.'/server/lib/config.inc.php', 0600);
T	1088	chown($install_dir.'/server/lib/config.inc.php', 'root');
	1089	chgrp($install_dir.'/server/lib/config.inc.php', 'root');
7fe908	1090
bfcdef	1091	//* Make sure thet the interface config file is readable by user ispconfig only
T	1092	chmod($install_dir.'/interface/lib/config.inc.php', 0600);
	1093	chown($install_dir.'/interface/lib/config.inc.php', 'ispconfig');
	1094	chgrp($install_dir.'/interface/lib/config.inc.php', 'ispconfig');
7fe908	1095
32d8e9	1096	if(@is_file("$install_dir/server/lib/mysql_clientdb.conf")) {
T	1097	exec("chmod 600 $install_dir/server/lib/mysql_clientdb.conf");
	1098	exec("chown root:root $install_dir/server/lib/mysql_clientdb.conf");
	1099	}
7fe908	1100
32d8e9	1101	// TODO: FIXME: add the www-data user to the ispconfig group. This is just for testing
T	1102	// and must be fixed as this will allow the apache user to read the ispconfig files.
	1103	// Later this must run as own apache server or via suexec!
63b369	1104	if($conf['apache']['installed'] == true){
5edf40	1105	//$command = 'groupmod --add-user '.$conf['apache']['user'].' ispconfig';
TB	1106	$command = 'usermod -a -G ispconfig '.$conf['apache']['user'];
63b369	1107	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
272aec	1108	if(is_group('ispapps')){
5edf40	1109	//$command = 'groupmod --add-user '.$conf['apache']['user'].' ispapps';
TB	1110	$command = 'usermod -a -G ispapps '.$conf['apache']['user'];
272aec	1111	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
F	1112	}
63b369	1113	}
F	1114	if($conf['nginx']['installed'] == true){
5edf40	1115	//$command = 'groupmod --add-user '.$conf['nginx']['user'].' ispconfig';
TB	1116	$command = 'usermod -a -G ispconfig '.$conf['nginx']['user'];
63b369	1117	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
272aec	1118	if(is_group('ispapps')){
5edf40	1119	//$command = 'groupmod --add-user '.$conf['nginx']['user'].' ispapps';
TB	1120	$command = 'usermod -a -G ispapps '.$conf['nginx']['user'];
272aec	1121	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
F	1122	}
5c93f0	1123	// add nobody user to www group, as the default php-fpm pool from opensuse runs as nobody
TB	1124	$command = 'usermod -a -G www nobody';
	1125	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
63b369	1126	}
7fe908	1127
32d8e9	1128	//* Make the shell scripts executable
T	1129	$command = "chmod +x $install_dir/server/scripts/*.sh";
	1130	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
7fe908	1131
MC	1132
7e1cfb	1133	if($conf['apache']['installed'] == true && $this->install_ispconfig_interface == true){
1bd269	1134	//* Copy the ISPConfig vhost for the controlpanel
F	1135	// TODO: These are missing! should they be "vhost_dist_*_dir" ?
	1136	$vhost_conf_dir = $conf['apache']['vhost_conf_dir'];
	1137	$vhost_conf_enabled_dir = $conf['apache']['vhost_conf_enabled_dir'];
7fe908	1138
MC	1139
1bd269	1140	// Dont just copy over the virtualhost template but add some custom settings
ccbf14	1141	$tpl = new tpl('apache_ispconfig.vhost.master');
TB	1142	$tpl->setVar('vhost_port',$conf['apache']['vhost_port']);
7fe908	1143
1bd269	1144	// comment out the listen directive if port is 80 or 443
F	1145	if($conf['apache']['vhost_port'] == 80 or $conf['apache']['vhost_port'] == 443) {
ccbf14	1146	$tpl->setVar('vhost_port_listen','#');
1bd269	1147	} else {
ccbf14	1148	$tpl->setVar('vhost_port_listen','');
1bd269	1149	}
7fe908	1150
ccbf14	1151	if(is_file($install_dir.'/interface/ssl/ispserver.crt') && is_file($install_dir.'/interface/ssl/ispserver.key')) {
TB	1152	$tpl->setVar('ssl_comment','');
1bd269	1153	} else {
ccbf14	1154	$tpl->setVar('ssl_comment','#');
1bd269	1155	}
10b4c8	1156	if(is_file($install_dir.'/interface/ssl/ispserver.crt') && is_file($install_dir.'/interface/ssl/ispserver.key') && is_file($install_dir.'/interface/ssl/ispserver.bundle')) {
ccbf14	1157	$tpl->setVar('ssl_bundle_comment','');
10b4c8	1158	} else {
ccbf14	1159	$tpl->setVar('ssl_bundle_comment','#');
10b4c8	1160	}
ccbf14	1161
TB	1162	$tpl->setVar('apache_version',getapacheversion());
7fe908	1163
fbc02f	1164	$content = $tpl->grab();
TB	1165	$content = str_replace('/var/www/', '/srv/www/', $content);
	1166	wf($vhost_conf_dir.'/ispconfig.vhost', $content);
7fe908	1167
cc6568	1168	//if(!is_file('/srv/www/php-fcgi-scripts/ispconfig/.php-fcgi-starter')) {
7fe908	1169	$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/apache_ispconfig_fcgi_starter.master', 'tpl/apache_ispconfig_fcgi_starter.master');
MC	1170	$content = str_replace('{fastcgi_bin}', $conf['fastcgi']['fastcgi_bin'], $content);
	1171	$content = str_replace('{fastcgi_phpini_path}', $conf['fastcgi']['fastcgi_phpini_path'], $content);
	1172	exec('mkdir -p /srv/www/php-fcgi-scripts/ispconfig');
	1173	wf('/srv/www/php-fcgi-scripts/ispconfig/.php-fcgi-starter', $content);
	1174	exec('chmod +x /srv/www/php-fcgi-scripts/ispconfig/.php-fcgi-starter');
	1175	exec('ln -s /usr/local/ispconfig/interface/web /srv/www/ispconfig');
	1176	exec('chown -R ispconfig:ispconfig /srv/www/php-fcgi-scripts/ispconfig');
	1177
cc6568	1178	//}
7fe908	1179
1bd269	1180	//copy('tpl/apache_ispconfig.vhost.master', "$vhost_conf_dir/ispconfig.vhost");
F	1181	//* and create the symlink
7e1cfb	1182	if($this->is_update == false) {
1bd269	1183	if(@is_link("$vhost_conf_enabled_dir/ispconfig.vhost")) unlink("$vhost_conf_enabled_dir/ispconfig.vhost");
F	1184	if(!@is_link("$vhost_conf_enabled_dir/000-ispconfig.vhost")) {
	1185	exec("ln -s $vhost_conf_dir/ispconfig.vhost $vhost_conf_enabled_dir/000-ispconfig.vhost");
	1186	}
7fe908	1187
1bd269	1188	}
7fe908	1189
1bd269	1190	// Fix a setting in vhost master file for suse
7fe908	1191	replaceLine('/usr/local/ispconfig/server/conf/vhost.conf.master', "suPHP_UserGroup", " suPHP_UserGroup <tmpl_var name='system_user'> <tmpl_var name='system_group'>", 0);
1bd269	1192	}
F	1193
7e1cfb	1194	if($conf['nginx']['installed'] == true && $this->install_ispconfig_interface == true){
1bd269	1195	//* Copy the ISPConfig vhost for the controlpanel
F	1196	$vhost_conf_dir = $conf['nginx']['vhost_conf_dir'];
	1197	$vhost_conf_enabled_dir = $conf['nginx']['vhost_conf_enabled_dir'];
	1198
	1199	// Dont just copy over the virtualhost template but add some custom settings
615a0a	1200	$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/nginx_ispconfig.vhost.master', 'tpl/nginx_ispconfig.vhost.master');
1bd269	1201	$content = str_replace('{vhost_port}', $conf['nginx']['vhost_port'], $content);
7fe908	1202
1bd269	1203	if(is_file($install_dir.'/interface/ssl/ispserver.crt') && is_file($install_dir.'/interface/ssl/ispserver.key')) {
10b4c8	1204	$content = str_replace('{ssl_on}', ' on', $content);
1bd269	1205	$content = str_replace('{ssl_comment}', '', $content);
F	1206	$content = str_replace('{fastcgi_ssl}', 'on', $content);
	1207	} else {
10b4c8	1208	$content = str_replace('{ssl_on}', ' off', $content);
1bd269	1209	$content = str_replace('{ssl_comment}', '#', $content);
F	1210	$content = str_replace('{fastcgi_ssl}', 'off', $content);
32d8e9	1211	}
7fe908	1212
ca0b77	1213	$socket_dir = escapeshellcmd($conf['nginx']['php_fpm_socket_dir']);
7fe908	1214	if(substr($socket_dir, -1) != '/') $socket_dir .= '/';
ca0b77	1215	if(!is_dir($socket_dir)) exec('mkdir -p '.$socket_dir);
F	1216	$fpm_socket = $socket_dir.'ispconfig.sock';
7fe908	1217
ca0b77	1218	//$content = str_replace('{fpm_port}', $conf['nginx']['php_fpm_start_port'], $content);
F	1219	$content = str_replace('{fpm_socket}', $fpm_socket, $content);
1bd269	1220
F	1221	wf($vhost_conf_dir.'/ispconfig.vhost', $content);
7fe908	1222
1bd269	1223	unset($content);
7fe908	1224
1bd269	1225	// PHP-FPM
F	1226	// Dont just copy over the php-fpm pool template but add some custom settings
615a0a	1227	$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/php_fpm_pool.conf.master', 'tpl/php_fpm_pool.conf.master');
1bd269	1228	$content = str_replace('{fpm_pool}', 'ispconfig', $content);
ca0b77	1229	//$content = str_replace('{fpm_port}', $conf['nginx']['php_fpm_start_port'], $content);
F	1230	$content = str_replace('{fpm_socket}', $fpm_socket, $content);
1bd269	1231	$content = str_replace('{fpm_user}', 'ispconfig', $content);
F	1232	$content = str_replace('{fpm_group}', 'ispconfig', $content);
	1233	wf($conf['nginx']['php_fpm_pool_dir'].'/ispconfig.conf', $content);
	1234
	1235	//copy('tpl/nginx_ispconfig.vhost.master', $vhost_conf_dir.'/ispconfig.vhost');
	1236	//* and create the symlink
7e1cfb	1237	if($this->is_update == false) {
1bd269	1238	if(@is_link($vhost_conf_enabled_dir.'/ispconfig.vhost')) unlink($vhost_conf_enabled_dir.'/ispconfig.vhost');
F	1239	if(!@is_link($vhost_conf_enabled_dir.'/000-ispconfig.vhost')) {
7fe908	1240	symlink($vhost_conf_dir.'/ispconfig.vhost', $vhost_conf_enabled_dir.'/000-ispconfig.vhost');
1bd269	1241	}
F	1242	}
7fe908	1243
9aec3d	1244	// create symlinks from /usr/share to phpMyAdmin and SquirrelMail, if they are installed
7fe908	1245	if(!@file_exists('/usr/share/phpmyadmin') && @is_dir('/srv/www/htdocs/phpMyAdmin')) symlink('/srv/www/htdocs/phpMyAdmin/', '/usr/share/phpmyadmin');
MC	1246	if(!@file_exists('/usr/share/squirrelmail') && @is_dir('/srv/www/htdocs/squirrelmail')) symlink('/srv/www/htdocs/squirrelmail/', '/usr/share/squirrelmail');
32d8e9	1247	}
7fe908	1248
MC	1249
32d8e9	1250	// Make the Clamav log files readable by ISPConfig
T	1251	//exec('chmod +r /var/log/clamav/clamav.log');
	1252	//exec('chmod +r /var/log/clamav/freshclam.log');
7fe908	1253
32d8e9	1254	//* Install the update script
b34f99	1255	if(is_file('/usr/local/bin/ispconfig_update_from_dev.sh')) unlink('/usr/local/bin/ispconfig_update_from_dev.sh');
MC	1256	exec('chown root /usr/local/ispconfig/server/scripts/update_from_dev.sh');
	1257	exec('chmod 700 /usr/local/ispconfig/server/scripts/update_from_dev.sh');
32d8e9	1258	exec('chown root /usr/local/ispconfig/server/scripts/update_from_tgz.sh');
T	1259	exec('chmod 700 /usr/local/ispconfig/server/scripts/update_from_tgz.sh');
	1260	exec('chown root /usr/local/ispconfig/server/scripts/ispconfig_update.sh');
	1261	exec('chmod 700 /usr/local/ispconfig/server/scripts/ispconfig_update.sh');
b34f99	1262	if(!is_link('/usr/local/bin/ispconfig_update_from_dev.sh')) exec('ln -s /usr/local/ispconfig/server/scripts/ispconfig_update.sh /usr/local/bin/ispconfig_update_from_dev.sh');
32d8e9	1263	if(!is_link('/usr/local/bin/ispconfig_update.sh')) exec('ln -s /usr/local/ispconfig/server/scripts/ispconfig_update.sh /usr/local/bin/ispconfig_update.sh');
7fe908	1264
32d8e9	1265	//set the fast cgi starter script to executable
T	1266	//exec('chmod 755 '.$install_dir.'/interface/bin/php-fcgi');
7fe908	1267
32d8e9	1268	//* Make the logs readable for the ispconfig user
T	1269	if(@is_file('/var/log/mail.log')) exec('chmod +r /var/log/mail.log');
	1270	if(@is_file('/var/log/mail.warn')) exec('chmod +r /var/log/mail.warn');
	1271	if(@is_file('/var/log/mail.err')) exec('chmod +r /var/log/mail.err');
	1272	if(@is_file('/var/log/messages')) exec('chmod +r /var/log/messages');
7fe908	1273
32d8e9	1274	//To enable apache to read the directories
T	1275	exec('chmod a+rx /usr/local/ispconfig');
	1276	exec('chmod -R 751 /usr/local/ispconfig/interface');
	1277	exec('chmod a+rx /usr/local/ispconfig/interface/web');
7fe908	1278
32d8e9	1279	//* Create the ispconfig log directory
e38d14	1280	if(!is_dir($conf['ispconfig_log_dir'])) mkdir($conf['ispconfig_log_dir']);
J	1281	if(!is_file($conf['ispconfig_log_dir'].'/ispconfig.log')) exec('touch '.$conf['ispconfig_log_dir'].'/ispconfig.log');
7fe908	1282
0c5b42	1283	if(is_user('getmail')) {
T	1284	exec('mv /usr/local/ispconfig/server/scripts/run-getmail.sh /usr/local/bin/run-getmail.sh');
	1285	exec('chown getmail /usr/local/bin/run-getmail.sh');
	1286	exec('chmod 744 /usr/local/bin/run-getmail.sh');
	1287	}
7fe908	1288
8cf78b	1289	if(is_dir($install_dir.'/interface/invoices')) {
e94a9f	1290	exec('chmod -R 770 '.escapeshellarg($install_dir.'/interface/invoices'));
T	1291	exec('chown -R ispconfig:ispconfig '.escapeshellarg($install_dir.'/interface/invoices'));
edf806	1292	}
7fe908	1293
0799f8	1294	//* Create the ispconfig auth log file and set uid/gid
T	1295	if(!is_file($conf['ispconfig_log_dir'].'/auth.log')) {
	1296	touch($conf['ispconfig_log_dir'].'/auth.log');
	1297	}
	1298	exec('chown ispconfig:ispconfig '. $conf['ispconfig_log_dir'].'/auth.log');
	1299	exec('chmod 660 '. $conf['ispconfig_log_dir'].'/auth.log');
7fe908	1300
d71bae	1301	//* Remove Domain module as its functions are available in the client module now
T	1302	if(@is_dir('/usr/local/ispconfig/interface/web/domain')) exec('rm -rf /usr/local/ispconfig/interface/web/domain');
021aec	1303
TB	1304	// Add symlink for patch tool
	1305	if(!is_link('/usr/local/bin/ispconfig_patch')) exec('ln -s /usr/local/ispconfig/server/scripts/ispconfig_patch /usr/local/bin/ispconfig_patch');
7fe908	1306
MC	1307
32d8e9	1308	}
7fe908	1309
32d8e9	1310	public function configure_dbserver()
T	1311	{
	1312	global $conf;
7fe908	1313
32d8e9	1314	//* If this server shall act as database server for client DB's, we configure this here
T	1315	$install_dir = $conf['ispconfig_install_dir'];
7fe908	1316
MC	1317	// Create a file with the database login details which
32d8e9	1318	// are used to create the client databases.
7fe908	1319
32d8e9	1320	if(!is_dir("$install_dir/server/lib")) {
T	1321	$command = "mkdir $install_dir/server/lib";
	1322	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
	1323	}
7fe908	1324
615a0a	1325	$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/mysql_clientdb.conf.master', "tpl/mysql_clientdb.conf.master");
7fe908	1326	$content = str_replace('{hostname}', $conf['mysql']['host'], $content);
MC	1327	$content = str_replace('{username}', $conf['mysql']['admin_user'], $content);
	1328	$content = str_replace('{password}', $conf['mysql']['admin_password'], $content);
	1329	wf("$install_dir/server/lib/mysql_clientdb.conf", $content);
32d8e9	1330	exec('chmod 600 '."$install_dir/server/lib/mysql_clientdb.conf");
T	1331	exec('chown root:root '."$install_dir/server/lib/mysql_clientdb.conf");
7fe908	1332
32d8e9	1333	}
7fe908	1334
32d8e9	1335	public function install_crontab()
7fe908	1336	{
32d8e9	1337	global $conf;
7fe908	1338
32d8e9	1339	//* Root Crontab
T	1340	exec('crontab -u root -l > crontab.txt');
	1341	$existing_root_cron_jobs = file('crontab.txt');
7fe908	1342
32d8e9	1343	// remove existing ispconfig cronjobs, in case the syntax has changed
T	1344	foreach($existing_root_cron_jobs as $key => $val) {
7fe908	1345	if(stristr($val, '/usr/local/ispconfig')) unset($existing_root_cron_jobs[$key]);
32d8e9	1346	}
7fe908	1347
32d8e9	1348	$root_cron_jobs = array(
T	1349	'* * * * * /usr/local/ispconfig/server/server.sh &> /dev/null',
	1350	'30 00 * * * /usr/local/ispconfig/server/cron_daily.sh &> /dev/null'
	1351	);
7fe908	1352
b6a10a	1353	if ($conf['nginx']['installed'] == true) {
F	1354	$root_cron_jobs[] = "0 0 * * * /usr/local/ispconfig/server/scripts/create_daily_nginx_access_logs.sh &> /dev/null";
	1355	}
7fe908	1356
32d8e9	1357	foreach($root_cron_jobs as $cron_job) {
T	1358	if(!in_array($cron_job."\n", $existing_root_cron_jobs)) {
	1359	$existing_root_cron_jobs[] = $cron_job."\n";
	1360	}
	1361	}
	1362	file_put_contents('crontab.txt', $existing_root_cron_jobs);
	1363	exec('crontab -u root crontab.txt &> /dev/null');
	1364	unlink('crontab.txt');
7fe908	1365
32d8e9	1366	//* Getmail crontab
T	1367	if(is_user('getmail')) {
7fe908	1368	$cf = $conf['getmail'];
32d8e9	1369	exec('crontab -u getmail -l > crontab.txt');
T	1370	$existing_cron_jobs = file('crontab.txt');
7fe908	1371
32d8e9	1372	$cron_jobs = array(
7fe908	1373	'/5 * * * /usr/local/bin/run-getmail.sh > /dev/null 2>> /dev/null'
MC	1374	);
	1375
32d8e9	1376	// remove existing ispconfig cronjobs, in case the syntax has changed
T	1377	foreach($existing_cron_jobs as $key => $val) {
7fe908	1378	if(stristr($val, 'getmail')) unset($existing_cron_jobs[$key]);
32d8e9	1379	}
7fe908	1380
32d8e9	1381	foreach($cron_jobs as $cron_job) {
T	1382	if(!in_array($cron_job."\n", $existing_cron_jobs)) {
	1383	$existing_cron_jobs[] = $cron_job."\n";
	1384	}
	1385	}
	1386	file_put_contents('crontab.txt', $existing_cron_jobs);
	1387	exec('crontab -u getmail crontab.txt &> /dev/null');
	1388	unlink('crontab.txt');
	1389	}
7fe908	1390
32d8e9	1391	exec('touch /var/log/ispconfig/cron.log');
cc6568	1392	exec('chmod 660 /var/log/ispconfig/cron.log');
32d8e9	1393	}
T	1394
	1395	}
	1396
e38d14	1397	?>