gitlabFork/ISPConfig3.git - Solinfo Gitblit

Till Brehm

2014-08-14 fa029ba07e16cf79f2adc8e049c0d981ec61d18e

commit \| author \| age
20218c	1	<?php
M	2
	3	/*
	4	Copyright (c) 2007, Till Brehm, projektfarm Gmbh
	5	All rights reserved.
	6
	7	Redistribution and use in source and binary forms, with or without modification,
	8	are permitted provided that the following conditions are met:
	9
	10	* Redistributions of source code must retain the above copyright notice,
	11	this list of conditions and the following disclaimer.
	12	* Redistributions in binary form must reproduce the above copyright notice,
	13	this list of conditions and the following disclaimer in the documentation
	14	and/or other materials provided with the distribution.
	15	* Neither the name of ISPConfig nor the names of its contributors
	16	may be used to endorse or promote products derived from this software without
	17	specific prior written permission.
	18
	19	THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
	20	ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
	21	WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
	22	IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
	23	INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
	24	BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
	25	DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
	26	OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
	27	NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
	28	EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
	29	*/
	30
7fe908	31	class installer extends installer_base
cb8c86	32	{
W	33	public function configure_jailkit()
7fe908	34	{
MC	35	global $conf;
	36
cb8c86	37	if (is_dir($conf['jailkit']['config_dir']))
W	38	{
ff1d9a	39	$jkinit_content = $this->get_template_file($conf['jailkit']['jk_init'], true); //* get contents
cb8c86	40	$this->write_config_file($conf['jailkit']['config_dir'] . '/' . $conf['jailkit']['jk_init'], $jkinit_content);
7fe908	41
ff1d9a	42	$jkchroot_content = $this->get_template_file($conf['jailkit']['jk_chrootsh'], true); //* get contents
cb8c86	43	$this->write_config_file($conf['jailkit']['config_dir'] . '/' . $conf['jailkit']['jk_chrootsh'], $jkchroot_content);
W	44	}
7fe908	45
ff1d9a	46	$command = 'chown root:root /var/www';
W	47	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
7fe908	48	}
MC	49
cb8c86	50	public function configure_postfix($options = '')
7fe908	51	{
MC	52	global $conf;
	53
	54	$cf = $conf['postfix'];
cb8c86	55	$config_dir = $cf['config_dir'];
7fe908	56
cb8c86	57	if(!is_dir($config_dir)){
7fe908	58	$this->error("The postfix configuration directory '$config_dir' does not exist.");
MC	59	}
	60
	61	//* Install virtual mappings
	62	foreach (glob('tpl/mysql-virtual_*.master') as $filename) {
	63	$this->process_postfix_config( basename($filename, '.master') );
	64	}
	65
ff1d9a	66	//* Changing mode and group of the new created config files.
cb8c86	67	caselog('chmod o= '.$config_dir.'/mysql-virtual_.cf &> /dev/null',
7fe908	68	__FILE__, __LINE__, 'chmod on mysql-virtual_.cf', 'chmod on mysql-virtual_.cf failed');
MC	69	caselog('chgrp '.$cf['group'].' '.$config_dir.'/mysql-virtual_.cf &> /dev/null',
	70	__FILE__, __LINE__, 'chgrp on mysql-virtual_.cf', 'chgrp on mysql-virtual_.cf failed');
	71
ff1d9a	72	//* Creating virtual mail user and group
cb8c86	73	$command = 'groupadd -g '.$cf['vmail_groupid'].' '.$cf['vmail_groupname'];
W	74	if (!is_group($cf['vmail_groupname'])) {
	75	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
	76	}
20218c	77
cb8c86	78	$command = 'useradd -g '.$cf['vmail_groupname'].' -u '.$cf['vmail_userid'].' '.$cf['vmail_username'].' -d '.$cf['vmail_mailbox_base'].' -m';
W	79	if (!is_user($cf['vmail_username'])) {
7fe908	80	caselog("$command &> /dev/null", __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
cb8c86	81	}
20218c	82
b67344	83	//* These postconf commands will be executed on installation and update
7fe908	84	$postconf_placeholders = array('{config_dir}' => $config_dir,
MC	85	'{vmail_mailbox_base}' => $cf['vmail_mailbox_base'],
	86	'{vmail_userid}' => $cf['vmail_userid'],
	87	'{vmail_groupid}' => $cf['vmail_groupid'],
	88	'{rbl_list}' => $rbl_list);
	89
	90	$postconf_tpl = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/gentoo_postfix.conf.master', 'tpl/gentoo_postfix.conf.master');
	91	$postconf_tpl = strtr($postconf_tpl, $postconf_placeholders);
	92	$postconf_commands = array_filter(explode("\n", $postconf_tpl)); // read and remove empty lines
	93
b67344	94	//* These postconf commands will be executed on installation only
T	95	if($this->is_update == false) {
7fe908	96	$postconf_commands = array_merge($postconf_commands, array(
MC	97	'myhostname = '.$conf['hostname'],
	98	'mydestination = '.$conf['hostname'].', localhost, localhost.localdomain',
	99	'mynetworks = 127.0.0.0/8 [::1]/128'
	100	));
b67344	101	}
7fe908	102
ff1d9a	103	//* Create the header and body check files
cb8c86	104	touch($config_dir.'/header_checks');
W	105	touch($config_dir.'/mime_header_checks');
	106	touch($config_dir.'/nested_header_checks');
	107	touch($config_dir.'/body_checks');
7fe908	108
MC	109
ff1d9a	110	//* Make a backup copy of the main.cf file
cb8c86	111	copy($config_dir.'/main.cf', $config_dir.'/main.cf~');
7fe908	112
ff1d9a	113	//* Executing the postconf commands
cb8c86	114	foreach($postconf_commands as $cmd) {
W	115	$command = "postconf -e '$cmd'";
ff1d9a	116	caselog($command.' &> /dev/null', __FILE__, __LINE__, 'EXECUTED: '.$command, 'Failed to execute the command '.$command);
cb8c86	117	}
7fe908	118
ff1d9a	119	//* Create the SSL certificate
7fe908	120	if (!stristr($options, 'dont-create-certs'))
cb8c86	121	{
b04e82	122	if(AUTOINSTALL){
TB	123	$command = 'cd '.$config_dir.'; '
35846d	124	."openssl req -new -subj '/C=".escapeshellcmd($autoinstall['ssl_cert_country'])."/ST=".escapeshellcmd($autoinstall['ssl_cert_state'])."/L=".escapeshellcmd($autoinstall['ssl_cert_locality'])."/O=".escapeshellcmd($autoinstall['ssl_cert_organisation'])."/OU=".escapeshellcmd($autoinstall['ssl_cert_organisation_unit'])."/CN=".escapeshellcmd($autoinstall['ssl_cert_common_name'])."' -outform PEM -out smtpd.cert -newkey rsa:4096 -nodes -keyout smtpd.key -keyform PEM -days 3650 -x509";
b04e82	125	} else {
TB	126	$command = 'cd '.$config_dir.'; '
35846d	127	.'openssl req -new -outform PEM -out smtpd.cert -newkey rsa:4096 -nodes -keyout smtpd.key -keyform PEM -days 3650 -x509';
b04e82	128	}
7fe908	129
cb8c86	130	$command = 'chmod o= '.$config_dir.'/smtpd.key';
W	131	caselog($command.' &> /dev/null', __FILE__, __LINE__, 'EXECUTED: '.$command, 'Failed to execute the command '.$command);
	132	}
7fe908	133
ff1d9a	134	//* We have to change the permissions of the courier authdaemon directory to make it accessible for maildrop.
W	135	$command = 'chmod 755 /var/lib/courier/authdaemon/';
	136	if (is_dir('/var/lib/courier/authdaemon')) {
	137	caselog($command.' &> /dev/null', __FILE__, __LINE__, 'EXECUTED: '.$command, 'Failed to execute the command '.$command);
	138	}
7fe908	139
ff1d9a	140	//* Changing maildrop lines in posfix master.cf
cb8c86	141	$configfile = $config_dir.'/master.cf';
W	142	$content = rf($configfile);
	143
7fe908	144	$content = preg_replace('/^#?maildrop/m', 'maildrop', $content);
MC	145	$content = preg_replace('/^#?(\s+)flags=DRhu user=vmail argv=\/usr\/bin\/maildrop -d/m',
	146	'$1flags=DRhu user=vmail argv=/usr/bin/maildrop -d vmail \${extension} \${recipient} \${user} \${nexthop} \${sender}',
	147	$content);
	148
cb8c86	149	$this->write_config_file($configfile, $content);
7fe908	150
ff1d9a	151	//* Writing the Maildrop mailfilter file
615a0a	152	$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/mailfilter.master', 'tpl/mailfilter.master');
cb8c86	153	$content = str_replace('{dist_postfix_vmail_mailbox_base}', $cf['vmail_mailbox_base'], $content);
7fe908	154
cb8c86	155	$this->write_config_file($cf['vmail_mailbox_base'].'/.mailfilter', $content);
7fe908	156
ff1d9a	157	//* Create the directory for the custom mailfilters
7fe908	158	if (!is_dir($cf['vmail_mailbox_base'].'/mailfilters'))
cb8c86	159	{
W	160	$command = 'mkdir '.$cf['vmail_mailbox_base'].'/mailfilters';
ff1d9a	161	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
cb8c86	162	}
7fe908	163
ff1d9a	164	//* Chmod and chown the .mailfilter file
cb8c86	165	$command = 'chown -R '.$cf['vmail_username'].':'.$cf['vmail_groupname'].' '.$cf['vmail_mailbox_base'].'/.mailfilter';
W	166	caselog($command." &> /dev/null", __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
7fe908	167
cb8c86	168	$command = 'chmod -R 600 '.$cf['vmail_mailbox_base'].'/.mailfilter';
W	169	caselog($command." &> /dev/null", __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
7fe908	170
cb8c86	171	}
7fe908	172
MC	173	public function configure_saslauthd()
cb8c86	174	{
W	175	global $conf;
7fe908	176
ff1d9a	177	$content = $this->get_template_file('sasl_smtpd.conf', true, true); //* get contents & insert db cred
cb8c86	178	$this->write_config_file($conf['saslauthd']['config_dir'].'/smtpd.conf', $content);
7fe908	179
ff1d9a	180	//* Edit the file saslauthd config file
W	181	$content = rf($conf['saslauthd']['config_file']);
cb8c86	182	$content = preg_replace('/(?<=\n)SASLAUTHD_OPTS="\$\{SASLAUTHD_OPTS\}[^"]+"/', 'SASLAUTHD_OPTS="${SASLAUTHD_OPTS} -a pam -r -c -s 128 -t 30 -n 5"', $content);
7fe908	183
ff1d9a	184	$this->write_config_file($conf['saslauthd']['config_file'], $content);
cb8c86	185	}
7fe908	186
cb8c86	187	public function configure_courier()
7fe908	188	{
MC	189	global $conf;
	190
ff1d9a	191	//* authmysqlrc
W	192	$content = $this->get_template_file('authmysqlrc', true, true); //* get contents & insert db cred
cb8c86	193	$this->write_config_file($conf['courier']['config_dir'].'/authmysqlrc', $content);
7fe908	194
ff1d9a	195	//* authdaemonrc
cb8c86	196	$configfile = $conf['courier']['config_dir'].'/authdaemonrc';
W	197
	198	$content = rf($configfile);
	199	$content = preg_replace('/(?<=\n)authmodulelist="[^"]+"/', "authmodulelist=\"authmysql\"", $content);
	200	$this->write_config_file($configfile, $content);
7fe908	201
ff1d9a	202	//* create certificates
W	203	$command = 'mkimapdcert';
	204	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
7fe908	205
ff1d9a	206	$command = 'mkpop3dcert';
cb8c86	207	caselog($command." &> /dev/null", __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
7fe908	208	}
MC	209
	210	public function configure_dovecot()
	211	{
	212	global $conf;
	213
	214	$config_dir = $conf['dovecot']['config_dir'];
	215
	216	$configfile = $conf['postfix']['config_dir'].'/master.cf';
	217
	218	if(is_file($configfile)) {
ff1d9a	219	copy($configfile, $configfile.'~2');
W	220	}
	221	if(is_file($configfile.'~2')) {
	222	chmod($configfile.'~2', 0400);
	223	}
7fe908	224
MC	225	//* Configure master.cf and add a line for deliver
ff1d9a	226	$content = rf($configfile);
7fe908	227
MC	228	if(!stristr($content, 'dovecot/deliver')) {
013ae4	229	$deliver_content = 'dovecot unix - n n - - pipe'."\n".' flags=DROhu user=vmail:vmail argv=/usr/libexec/dovecot/deliver -f ${sender} -d ${user}@${nexthop}';
7fe908	230	af($conf['postfix']['config_dir'].'/master.cf', $deliver_content);
ff1d9a	231	}
W	232	unset($content);
	233	unset($deliver_content);
	234	unset($configfile);
7fe908	235
ff1d9a	236	//* Reconfigure postfix to use dovecot authentication
W	237	$postconf_commands = array (
7fe908	238	'dovecot_destination_recipient_limit = 1',
MC	239	'virtual_transport = dovecot',
	240	'smtpd_sasl_type = dovecot',
	241	'smtpd_sasl_path = private/auth'
ff1d9a	242	);
7fe908	243
ff1d9a	244	//* Make a backup copy of the main.cf file
7fe908	245	copy($conf['postfix']['config_dir'].'/main.cf', $conf['postfix']['config_dir'].'/main.cf~3');
MC	246
	247	//* Executing the postconf commands
	248	foreach($postconf_commands as $cmd)
ff1d9a	249	{
W	250	$command = "postconf -e '$cmd'";
	251	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
	252	}
7fe908	253
ff1d9a	254	//* copy dovecot.conf
W	255	$configfile = $config_dir.'/dovecot.conf';
	256	$content = $this->get_template_file('dovecot.conf', true);
	257	$this->write_config_file($configfile, $content);
7fe908	258
ff1d9a	259	//* dovecot-sql.conf
W	260	$configfile = $config_dir.'/dovecot-sql.conf';
	261	$content = $this->get_template_file('debian_dovecot-sql.conf', true, true);
	262	$this->write_config_file($configfile, $content);
7fe908	263	}
MC	264
cb8c86	265	public function configure_spamassassin()
7fe908	266	{
cb8c86	267	return true;
7fe908	268	}
MC	269
cb8c86	270	public function configure_getmail()
7fe908	271	{
cb8c86	272	global $conf;
7fe908	273
cb8c86	274	$config_dir = $conf['getmail']['config_dir'];
7fe908	275
cb8c86	276	if (!is_dir($config_dir)) {
ff1d9a	277	exec('mkdir -p '.escapeshellcmd($config_dir));
cb8c86	278	}
W	279
	280	$command = "useradd -d $config_dir ".$conf['getmail']['user'];
	281	if (!is_user('getmail')) {
	282	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
	283	}
7fe908	284
cb8c86	285	$command = "chown -R getmail $config_dir";
W	286	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
7fe908	287
cb8c86	288	$command = "chmod -R 700 $config_dir";
W	289	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
7fe908	290
ff1d9a	291	//* Getmail will be run from cron. In order to have access to cron the getmail user needs to be part of the cron group.
cb8c86	292	$command = "gpasswd -a getmail " . $conf['cron']['group'];
W	293	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
	294	}
7fe908	295
MC	296	public function configure_amavis()
	297	{
cb8c86	298	global $conf;
7fe908	299
ff1d9a	300	//* Amavisd-new user config file
cb8c86	301	$conf_file = 'amavisd-ispconfig.conf';
W	302	$conf_path = dirname($conf['amavis']['config_file']) . '/' . $conf_file;
7fe908	303
ff1d9a	304	$content = $this->get_template_file($conf_file, true, true); //* get contents & insert db cred
cb8c86	305	$this->write_config_file($conf_path, $content);
7fe908	306
ff1d9a	307	//* Activate config directory in default file
cb8c86	308	$amavis_conf = rf($conf['amavis']['config_file']);
7fe908	309	if (stripos($amavis_conf, $conf_path) === false)
cb8c86	310	{
ff1d9a	311	$amavis_conf = preg_replace('/^(1;.*)$/m', "include_config_files('$conf_path');\n$1", $amavis_conf);
cb8c86	312	$this->write_config_file($conf['amavis']['config_file'], $amavis_conf);
W	313	}
7fe908	314
ff1d9a	315	//* Adding the amavisd commands to the postfix configuration
cb8c86	316	$postconf_commands = array (
W	317	'content_filter = amavis:[127.0.0.1]:10024',
	318	'receive_override_options = no_address_mappings'
	319	);
7fe908	320
MC	321	foreach($postconf_commands as $cmd) {
cb8c86	322	$command = "postconf -e '$cmd'";
ff1d9a	323	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
cb8c86	324	}
7fe908	325
ff1d9a	326	//* Append the configuration for amavisd to the master.cf file
W	327	$content = rf($conf['postfix']['config_dir'].'/master.cf');
7fe908	328
MC	329	if(!stristr($content, '127.0.0.1:10025')) //* Only add the content if we had not addded it before
	330	{
cb8c86	331	unset($content);
ff1d9a	332	$content = $this->get_template_file('master_cf_amavis', true);
W	333	af($conf['postfix']['config_dir'].'/master.cf', $content);
cb8c86	334	}
W	335	unset($content);
7fe908	336
ff1d9a	337	//* Add the clamav user to the amavis group
cb8c86	338	exec('usermod -a -G amavis clamav');
7fe908	339	}
MC	340
	341	public function configure_pureftpd()
	342	{
cb8c86	343	global $conf;
7fe908	344
cb8c86	345	//* configure pure-ftpd for MySQL authentication against the ispconfig database
ff1d9a	346	$content = $this->get_template_file('pureftpd_mysql.conf', true, true); //* get contents & insert db cred
W	347	$content = str_replace('{server_id}', $conf['server_id'], $content);
7fe908	348
cb8c86	349	$this->write_config_file($conf['pureftpd']['mysql_config_file'], $content, 600, 'root', 'root');
7fe908	350
ff1d9a	351	//* enable pure-ftpd and server settings
cb8c86	352	$content = rf($conf["pureftpd"]["config_file"]);
7fe908	353
cb8c86	354	$content = preg_replace('/#?IS_CONFIGURED="(?:yes\|no)"/', 'IS_CONFIGURED="yes"', $content);
W	355	$content = str_replace('AUTH="-l unix"', 'AUTH="-l mysql:'.$conf['pureftpd']['mysql_config_file'].'"', $content);
7fe908	356
ff1d9a	357	//* Logging defaults to syslog's ftp facility. Override this behaviour for better compatibility with debian/ubuntu
W	358	//* and specify the format.
cb8c86	359	$logdir = '/var/log/pure-ftpd';
W	360	if (!is_dir($logdir)) {
	361	mkdir($logdir, 0755, true);
	362	}
7fe908	363
ff1d9a	364	/**
cb8c86	365	* @link http://download.pureftpd.org/pub/pure-ftpd/doc/README
W	366	* -b brokenclientscompatibility
	367	* -A chrooteveryone
	368	* -E noanonymous
	369	* -O altlog <format>:<log file>
	370	* -Z customerproof (Add safe guards against common customer mistakes ie. like chmod 0 on their own files)
7fe908	371	* -D displaydotfiles
ff1d9a	372	* -H dontresolve
cb8c86	373	*/
7fe908	374
MC	375
ff1d9a	376	$content = preg_replace('/MISC_OTHER="[^"]+"/', 'MISC_OTHER="-b -A -E -Z -D -H -O clf:'.$logdir.'/transfer.log"', $content);
7fe908	377
ff1d9a	378	$this->write_config_file($conf['pureftpd']['config_file'], $content);
7fe908	379	}
MC	380
	381	public function configure_powerdns()
cb8c86	382	{
W	383	global $conf;
7fe908	384
cb8c86	385	//* Create the database
W	386	if(!$this->db->query('CREATE DATABASE IF NOT EXISTS '.$conf['powerdns']['database'].' DEFAULT CHARACTER SET '.$conf['mysql']['charset'])) {
	387	$this->error('Unable to create MySQL database: '.$conf['powerdns']['database'].'.');
	388	}
7fe908	389
cb8c86	390	//* Create the ISPConfig database user in the local database
7fe908	391	$query = 'GRANT ALL ON `'.$conf['powerdns']['database'].'` . * TO \''.$conf['mysql']['ispconfig_user'].'\'@\'localhost\';';
cb8c86	392	if(!$this->db->query($query)) {
W	393	$this->error('Unable to create user for powerdns database Error: '.$this->db->errorMessage);
	394	}
7fe908	395
cb8c86	396	//* Reload database privelages
W	397	$this->db->query('FLUSH PRIVILEGES;');
7fe908	398
cb8c86	399	//* load the powerdns databse dump
W	400	if($conf['mysql']['admin_password'] == '') {
7fe908	401	caselog("mysql --default-character-set=".$conf['mysql']['charset']." -h '".$conf['mysql']['host']."' -u '".$conf['mysql']['admin_user']."' '".$conf['powerdns']['database']."' < '".ISPC_INSTALL_ROOT."/install/sql/powerdns.sql' &> /dev/null",
MC	402	__FILE__, __LINE__, 'read in ispconfig3.sql', 'could not read in powerdns.sql');
cb8c86	403	} else {
7fe908	404	caselog("mysql --default-character-set=".$conf['mysql']['charset']." -h '".$conf['mysql']['host']."' -u '".$conf['mysql']['admin_user']."' -p'".$conf['mysql']['admin_password']."' '".$conf['powerdns']['database']."' < '".ISPC_INSTALL_ROOT."/install/sql/powerdns.sql' &> /dev/null",
MC	405	__FILE__, __LINE__, 'read in ispconfig3.sql', 'could not read in powerdns.sql');
cb8c86	406	}
7fe908	407
cb8c86	408	//* Create the powerdns config file
ff1d9a	409	$content = $this->get_template_file('pdns.local', true, true); //* get contents & insert db cred
cb8c86	410	$content = str_replace('{powerdns_database}', $conf['powerdns']['database'], $content);
7fe908	411
cb8c86	412	$this->write_config_file($conf["powerdns"]["config_dir"].'/'.$conf["powerdns"]["config_file"], $content, 600, 'root', 'root');
W	413
ff1d9a	414	//* Create symlink to init script to start the correct config file
cb8c86	415	if( !is_link($conf['init_scripts'].'/'.$conf['powerdns']['init_script']) ) {
W	416	symlink($conf['init_scripts'].'/pdns', $conf['init_scripts'].'/'.$conf['powerdns']['init_script']);
	417	}
	418	}
7fe908	419
d090db	420	public function configure_bind() {
W	421	global $conf;
	422
7fe908	423	//* Check if the zonefile directory has a slash at the end
MC	424	$content=$conf['bind']['bind_zonefiles_dir'];
	425	if(substr($content, -1, 1) != '/') {
	426	$content .= '/';
d090db	427	}
7fe908	428
d090db	429	//* New default format of named.conf uses views. Check which version the system is using and include our zones file.
W	430	$named_conf = rf($conf['bind']['named_conf_path']);
7fe908	431	if (stripos($named_conf, 'include "'.$conf['bind']['named_conf_local_path'].'";') === false)
d090db	432	{
W	433	preg_match_all("/(?<=\n)view \"(?:public\|internal)\" in \{.*\n\};/Us", $named_conf, $views);
	434	if (count($views[0]) == 2) {
	435	foreach ($views[0] as $view) {
	436	$named_conf = str_replace($view, substr($view, 0, -2)."include \"{$conf['bind']['named_conf_local_path']}\";\n};", $named_conf);
	437	}
7fe908	438
d090db	439	wf($conf['bind']['named_conf_path'], $named_conf);
W	440	}
	441	else {
	442	af($conf['bind']['named_conf_path'], 'include "'.$conf['bind']['named_conf_local_path'].'";');
	443	}
	444	}
	445	}
7fe908	446
cb8c86	447	public function configure_apache()
7fe908	448	{
cb8c86	449	global $conf;
7fe908	450
91324a	451	if($conf['apache']['installed'] == false) return;
ff1d9a	452	//* Create the logging directory for the vhost logfiles
W	453	if (!is_dir($conf['ispconfig_log_dir'].'/httpd')) {
	454	mkdir($conf['ispconfig_log_dir'].'/httpd', 0755, true);
cb8c86	455	}
7fe908	456
MC	457	if (is_file($conf['suphp']['config_file']))
cb8c86	458	{
W	459	$content = rf($conf['suphp']['config_file']);
7fe908	460
ff1d9a	461	if (!preg_match('\|^x-httpd-suphp=php:/usr/bin/php-cgi$\|m', $content))
W	462	{
7fe908	463	$content = preg_replace('/;Handler for php-scripts/', ";Handler for php-scripts\nx-httpd-suphp=php:/usr/bin/php-cgi", $content);
MC	464	$content = preg_replace('/;?umask=\d+/', 'umask=0022', $content);
ff1d9a	465	}
7fe908	466
cb8c86	467	$this->write_config_file($conf['suphp']['config_file'], $content);
W	468	}
7fe908	469
ff1d9a	470	//* Enable ISPConfig default vhost settings
cb8c86	471	$default_vhost_path = $conf['apache']['vhost_conf_dir'].'/'.$conf['apache']['vhost_default'];
7fe908	472	if (is_file($default_vhost_path))
cb8c86	473	{
W	474	$content = rf($default_vhost_path);
7fe908	475
cb8c86	476	$content = preg_replace('/^#?\sNameVirtualHost.$/m', 'NameVirtualHost *:80', $content);
W	477	$content = preg_replace('/<VirtualHost[^>]+>/', '<VirtualHost *:80>', $content);
7fe908	478
cb8c86	479	$this->write_config_file($default_vhost_path, $content);
W	480	}
7fe908	481
ff1d9a	482	//* Generate default ssl certificates
cb8c86	483	if (!is_dir($conf['apache']['ssl_dir'])) {
W	484	mkdir($conf['apache']['ssl_dir']);
	485	}
7fe908	486
MC	487	if ($conf['services']['mail'] == true)
cb8c86	488	{
W	489	copy($conf['postfix']['config_dir']."/smtpd.key", $conf['apache']['ssl_dir']."/server.key");
	490	copy($conf['postfix']['config_dir']."/smtpd.cert", $conf['apache']['ssl_dir']."/server.crt");
	491	}
	492	else
	493	{
	494	if (!is_file($conf['apache']['ssl_dir'] . '/server.crt')) {
	495	exec("openssl req -new -outform PEM -out {$conf['apache']['ssl_dir']}/server.crt -newkey rsa:2048 -nodes -keyout {$conf['apache']['ssl_dir']}/server.key -keyform PEM -days 365 -x509");
	496	}
	497	}
7fe908	498
MC	499
	500
ff1d9a	501	//* Copy the ISPConfig configuration include
ccbf14	502	/*
cb8c86	503	$content = $this->get_template_file('apache_ispconfig.conf', true);
7fe908	504
cb8c86	505	$records = $this->db->queryAllRecords("SELECT * FROM server_ip WHERE server_id = ".$conf["server_id"]." AND virtualhost = 'y'");
7fe908	506	if(is_array($records) && count($records) > 0)
cb8c86	507	{
W	508	foreach($records as $rec) {
	509	$content .= "NameVirtualHost ".$rec["ip_address"].":80\n";
	510	$content .= "NameVirtualHost ".$rec["ip_address"].":443\n";
	511	}
	512	}
7fe908	513
cb8c86	514	$this->write_config_file($conf['apache']['vhost_conf_dir'].'/000-ispconfig.conf', $content);
ccbf14	515	*/
TB	516
	517	$tpl = new tpl('apache_ispconfig.conf.master');
	518	$tpl->setVar('apache_version',getapacheversion());
	519
	520	$records = $this->db->queryAllRecords('SELECT * FROM '.$conf['mysql']['master_database'].'.server_ip WHERE server_id = '.$conf['server_id']." AND virtualhost = 'y'");
	521	$ip_addresses = array();
	522
	523	if(is_array($records) && count($records) > 0) {
	524	foreach($records as $rec) {
	525	if($rec['ip_type'] == 'IPv6') {
	526	$ip_address = '['.$rec['ip_address'].']';
	527	} else {
	528	$ip_address = $rec['ip_address'];
	529	}
	530	$ports = explode(',', $rec['virtualhost_port']);
	531	if(is_array($ports)) {
	532	foreach($ports as $port) {
	533	$port = intval($port);
	534	if($port > 0 && $port < 65536 && $ip_address != '') {
	535	$ip_addresses[] = array('ip_address' => $ip_address, 'port' => $port);
	536	}
	537	}
	538	}
	539	}
	540	}
855547	541
3de838	542	if(count($ip_addresses) > 0) $tpl->setLoop('ip_adresses',$ip_addresses);
ccbf14	543
TB	544	wf($conf['apache']['vhost_conf_dir'].'/000-ispconfig.conf', $tpl->grab());
	545	unset($tpl);
7fe908	546
ff1d9a	547	//* Gentoo by default does not include .vhost files. Add include line to config file.
cb8c86	548	$content = rf($conf['apache']['config_file']);
W	549	if ( strpos($content, 'Include /etc/apache2/vhosts.d/*.vhost') === false ) {
7fe908	550	$content = preg_replace('\|(Include /etc/apache2/vhosts.d/\.conf)\|', "$1\nInclude /etc/apache2/vhosts.d/.vhost", $content);
cb8c86	551	}
7fe908	552
cb8c86	553	$this->write_config_file($conf['apache']['config_file'], $content);
7fe908	554
ff1d9a	555	//* make sure that webalizer finds its config file when it is directly in /etc
7fe908	556	if(is_file('/etc/webalizer.conf') && !is_dir('/etc/webalizer'))
cb8c86	557	{
W	558	mkdir('/etc/webalizer', 0755);
	559	symlink('/etc/webalizer.conf', '/etc/webalizer/webalizer.conf');
	560	}
7fe908	561
MC	562	if(is_file('/etc/webalizer/webalizer.conf')) //* Change webalizer mode to incremental
	563	{
	564	replaceLine('/etc/webalizer/webalizer.conf', '#IncrementalName', 'IncrementalName webalizer.current', 0, 0);
	565	replaceLine('/etc/webalizer/webalizer.conf', '#Incremental', 'Incremental yes', 0, 0);
	566	replaceLine('/etc/webalizer/webalizer.conf', '#HistoryName', 'HistoryName webalizer.hist', 0, 0);
cb8c86	567	}
7fe908	568
ff1d9a	569	//* add a sshusers group
7fe908	570	if (!is_group('sshusers'))
cb8c86	571	{
W	572	$command = 'groupadd sshusers';
	573	caselog($command.' &> /dev/null 2> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
	574	}
7fe908	575	}
MC	576
	577	public function configure_apps_vhost()
cb8c86	578	{
W	579	global $conf;
7fe908	580
cb8c86	581	//* Create the ispconfig apps vhost user and group
165152	582	if($conf['apache']['installed'] == true){
91324a	583	$apps_vhost_user = escapeshellcmd($conf['web']['apps_vhost_user']);
F	584	$apps_vhost_group = escapeshellcmd($conf['web']['apps_vhost_group']);
	585	$install_dir = escapeshellcmd($conf['web']['website_basedir'].'/apps');
7fe908	586
91324a	587	$command = 'groupadd '.$apps_vhost_user;
F	588	if ( !is_group($apps_vhost_group) ) {
	589	caselog($command.' &> /dev/null 2> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
	590	}
7fe908	591
91324a	592	$command = "useradd -g '$apps_vhost_group' -d $install_dir $apps_vhost_group";
F	593	if ( !is_user($apps_vhost_user) ) {
	594	caselog($command.' &> /dev/null 2> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
	595	}
7fe908	596
91324a	597	$command = 'adduser '.$conf['apache']['user'].' '.$apps_vhost_group;
F	598	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
7fe908	599
99b55b	600	if(!@is_dir($install_dir)){
91324a	601	mkdir($install_dir, 0755, true);
99b55b	602	} else {
F	603	chmod($install_dir, 0755);
91324a	604	}
F	605	chown($install_dir, $apps_vhost_user);
	606	chgrp($install_dir, $apps_vhost_group);
7fe908	607
91324a	608	//* Copy the apps vhost file
F	609	$vhost_conf_dir = $conf['apache']['vhost_conf_dir'];
	610	$vhost_conf_enabled_dir = $conf['apache']['vhost_conf_enabled_dir'];
	611	$apps_vhost_servername = ($conf['web']['apps_vhost_servername'] == '') ? '' : 'ServerName '.$conf['web']['apps_vhost_servername'];
7fe908	612
91324a	613	//* Dont just copy over the virtualhost template but add some custom settings
F	614	$content = $this->get_template_file('apache_apps.vhost', true);
7fe908	615
91324a	616	$content = str_replace('{apps_vhost_ip}', $conf['web']['apps_vhost_ip'], $content);
F	617	$content = str_replace('{apps_vhost_port}', $conf['web']['apps_vhost_port'], $content);
	618	$content = str_replace('{apps_vhost_dir}', $conf['web']['website_basedir'].'/apps', $content);
	619	$content = str_replace('{website_basedir}', $conf['web']['website_basedir'], $content);
	620	$content = str_replace('{apps_vhost_servername}', $apps_vhost_servername, $content);
7fe908	621
91324a	622	//* comment out the listen directive if port is 80 or 443
F	623	if($conf['web']['apps_vhost_ip'] == 80 or $conf['web']['apps_vhost_ip'] == 443) {
	624	$content = str_replace('{vhost_port_listen}', '#', $content);
	625	} else {
	626	$content = str_replace('{vhost_port_listen}', '', $content);
	627	}
7fe908	628
91324a	629	$this->write_config_file("$vhost_conf_dir/apps.vhost", $content);
7fe908	630
MC	631	//if ( !is_file($conf['web']['website_basedir'].'/php-fcgi-scripts/apps/.php-fcgi-starter') )
cc6568	632	//{
7fe908	633	$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/apache_apps_fcgi_starter.master', 'tpl/apache_apps_fcgi_starter.master');
MC	634	$content = str_replace('{fastcgi_bin}', $conf['fastcgi']['fastcgi_bin'], $content);
	635	$content = str_replace('{fastcgi_phpini_path}', $conf['fastcgi']['fastcgi_phpini_path'], $content);
	636	mkdir($conf['web']['website_basedir'].'/php-fcgi-scripts/apps', 0755, true);
	637	//copy('tpl/apache_apps_fcgi_starter.master',$conf['web']['website_basedir'].'/php-fcgi-scripts/apps/.php-fcgi-starter');
	638	wf($conf['web']['website_basedir'].'/php-fcgi-scripts/apps/.php-fcgi-starter', $content);
	639	exec('chmod +x '.$conf['web']['website_basedir'].'/php-fcgi-scripts/apps/.php-fcgi-starter');
	640	exec('chown -R ispapps:ispapps '.$conf['web']['website_basedir'].'/php-fcgi-scripts/apps');
	641
cc6568	642	//}
91324a	643	}
165152	644	if($conf['nginx']['installed'] == true){
91324a	645	$apps_vhost_user = escapeshellcmd($conf['web']['apps_vhost_user']);
F	646	$apps_vhost_group = escapeshellcmd($conf['web']['apps_vhost_group']);
	647	$install_dir = escapeshellcmd($conf['web']['website_basedir'].'/apps');
	648
	649	$command = 'groupadd '.$apps_vhost_user;
	650	if(!is_group($apps_vhost_group)) caselog($command.' &> /dev/null 2> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
	651
	652	$command = 'useradd -g '.$apps_vhost_group.' -d '.$install_dir.' '.$apps_vhost_group;
	653	if(!is_user($apps_vhost_user)) caselog($command.' &> /dev/null 2> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
	654
	655
	656	$command = 'adduser '.$conf['nginx']['user'].' '.$apps_vhost_group;
	657	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
	658
6e2d48	659	if(!@is_dir($install_dir)){
F	660	mkdir($install_dir, 0755, true);
	661	} else {
	662	chmod($install_dir, 0755);
	663	}
91324a	664	chown($install_dir, $apps_vhost_user);
F	665	chgrp($install_dir, $apps_vhost_group);
	666
	667	//* Copy the apps vhost file
	668	$vhost_conf_dir = $conf['nginx']['vhost_conf_dir'];
	669	$vhost_conf_enabled_dir = $conf['nginx']['vhost_conf_enabled_dir'];
	670	$apps_vhost_servername = ($conf['web']['apps_vhost_servername'] == '')?'_':$conf['web']['apps_vhost_servername'];
	671
	672	// Dont just copy over the virtualhost template but add some custom settings
615a0a	673	$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/nginx_apps.vhost.master', 'tpl/nginx_apps.vhost.master');
7fe908	674
91324a	675	if($conf['web']['apps_vhost_ip'] == '_default_'){
F	676	$apps_vhost_ip = '';
	677	} else {
	678	$apps_vhost_ip = $conf['web']['apps_vhost_ip'].':';
	679	}
7fe908	680
ca0b77	681	$socket_dir = escapeshellcmd($conf['nginx']['php_fpm_socket_dir']);
7fe908	682	if(substr($socket_dir, -1) != '/') $socket_dir .= '/';
ca0b77	683	if(!is_dir($socket_dir)) exec('mkdir -p '.$socket_dir);
F	684	$fpm_socket = $socket_dir.'apps.sock';
8ab3cd	685	$cgi_socket = escapeshellcmd($conf['nginx']['cgi_socket']);
91324a	686
F	687	$content = str_replace('{apps_vhost_ip}', $apps_vhost_ip, $content);
	688	$content = str_replace('{apps_vhost_port}', $conf['web']['apps_vhost_port'], $content);
	689	$content = str_replace('{apps_vhost_dir}', $conf['web']['website_basedir'].'/apps', $content);
	690	$content = str_replace('{apps_vhost_servername}', $apps_vhost_servername, $content);
ca0b77	691	//$content = str_replace('{fpm_port}', ($conf['nginx']['php_fpm_start_port']+1), $content);
F	692	$content = str_replace('{fpm_socket}', $fpm_socket, $content);
8ab3cd	693	$content = str_replace('{cgi_socket}', $cgi_socket, $content);
91324a	694
F	695	wf($vhost_conf_dir.'/apps.vhost', $content);
7fe908	696
91324a	697	// PHP-FPM
F	698	// Dont just copy over the php-fpm pool template but add some custom settings
615a0a	699	$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/apps_php_fpm_pool.conf.master', 'tpl/apps_php_fpm_pool.conf.master');
91324a	700	$content = str_replace('{fpm_pool}', 'apps', $content);
ca0b77	701	//$content = str_replace('{fpm_port}', ($conf['nginx']['php_fpm_start_port']+1), $content);
F	702	$content = str_replace('{fpm_socket}', $fpm_socket, $content);
91324a	703	$content = str_replace('{fpm_user}', $apps_vhost_user, $content);
F	704	$content = str_replace('{fpm_group}', $apps_vhost_group, $content);
	705	wf($conf['nginx']['php_fpm_pool_dir'].'/apps.conf', $content);
	706
	707	//copy('tpl/nginx_ispconfig.vhost.master', "$vhost_conf_dir/ispconfig.vhost");
	708	//* and create the symlink
7e1cfb	709	if(@is_link($vhost_conf_enabled_dir.'/apps.vhost')) unlink($vhost_conf_enabled_dir.'/apps.vhost');
F	710	if(!@is_link($vhost_conf_enabled_dir.'/000-apps.vhost')) {
7fe908	711	symlink($vhost_conf_dir.'/apps.vhost', $vhost_conf_enabled_dir.'/000-apps.vhost');
91324a	712	}
7fe908	713
cb8c86	714	}
W	715	}
7fe908	716
MC	717	public function install_ispconfig()
	718	{
cb8c86	719	global $conf;
7fe908	720
cb8c86	721	$install_dir = $conf['ispconfig_install_dir'];
7fe908	722
MC	723	//* Create the ISPConfig installation directory
	724	if(!is_dir($install_dir))
cb8c86	725	{
W	726	$command = "mkdir $install_dir";
	727	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
	728	}
7fe908	729
ff1d9a	730	//* Create a ISPConfig user and group
7fe908	731	if (!is_group('ispconfig'))
cb8c86	732	{
W	733	$command = 'groupadd ispconfig';
	734	caselog($command.' &> /dev/null 2> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
	735	}
7fe908	736
MC	737	if (!is_user('ispconfig'))
cb8c86	738	{
W	739	$command = "useradd -g ispconfig -d $install_dir ispconfig";
	740	caselog($command.' &> /dev/null 2> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
	741	}
7fe908	742
ff1d9a	743	//* copy the ISPConfig interface part
cb8c86	744	$command = "cp -rf ../interface $install_dir";
W	745	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
7fe908	746
ff1d9a	747	//* copy the ISPConfig server part
cb8c86	748	$command = "cp -rf ../server $install_dir";
W	749	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
7fe908	750
MC	751
ff1d9a	752	//* Create the config file for ISPConfig interface
cb8c86	753	$configfile = 'config.inc.php';
ff1d9a	754	$content = $this->get_template_file($configfile, true, true); //* get contents & insert db cred
7fe908	755
cb8c86	756	$content = str_replace('{mysql_master_server_ispconfig_user}', $conf['mysql']['master_ispconfig_user'], $content);
W	757	$content = str_replace('{mysql_master_server_ispconfig_password}', $conf['mysql']['master_ispconfig_password'], $content);
	758	$content = str_replace('{mysql_master_server_database}', $conf['mysql']['master_database'], $content);
	759	$content = str_replace('{mysql_master_server_host}', $conf['mysql']['master_host'], $content);
7fe908	760
cb8c86	761	$content = str_replace('{server_id}', $conf['server_id'], $content);
W	762	$content = str_replace('{ispconfig_log_priority}', $conf['ispconfig_log_priority'], $content);
	763	$content = str_replace('{language}', $conf['language'], $content);
8cf78b	764	$content = str_replace('{timezone}', $conf['timezone'], $content);
41eaa8	765	$content = str_replace('{theme}', $conf['theme'], $content);
992797	766	$content = str_replace('{language_file_import_enabled}', ($conf['language_file_import_enabled'] == true)?'true':'false', $content);
7fe908	767
cb8c86	768	$this->write_config_file("$install_dir/interface/lib/$configfile", $content);
7fe908	769
ff1d9a	770	//* Create the config file for ISPConfig server
cb8c86	771	$this->write_config_file("$install_dir/server/lib/$configfile", $content);
7fe908	772
fb3a98	773	//* Create the config file for remote-actions (but only, if it does not exist, because
T	774	// the value is a autoinc-value and so changed by the remoteaction_core_module
ff1d9a	775	if (!file_exists($install_dir.'/server/lib/remote_action.inc.php')) {
W	776	$content = '<?php' . "\n" . '$maxid_remote_action = 0;' . "\n" . '?>';
fb3a98	777	wf($install_dir.'/server/lib/remote_action.inc.php', $content);
ff1d9a	778	}
7fe908	779
MC	780	// Enable the server modules and plugins.
cb8c86	781	// TODO: Implement a selector which modules and plugins shall be enabled.
W	782	$dir = $install_dir.'/server/mods-available/';
	783	if (is_dir($dir)) {
	784	if ($dh = opendir($dir)) {
	785	while (($file = readdir($dh)) !== false) {
7fe908	786	if($file != '.' && $file != '..' && substr($file, -8, 8) == '.inc.php') {
MC	787	include_once $install_dir.'/server/mods-available/'.$file;
	788	$module_name = substr($file, 0, -8);
cb8c86	789	$tmp = new $module_name;
W	790	if($tmp->onInstall()) {
ff1d9a	791	if(!@is_link($install_dir.'/server/mods-enabled/'.$file)) {
W	792	@symlink($install_dir.'/server/mods-available/'.$file, $install_dir.'/server/mods-enabled/'.$file);
	793	// @symlink($install_dir.'/server/mods-available/'.$file, '../mods-enabled/'.$file);
	794	}
cb8c86	795	if (strpos($file, '_core_module') !== false) {
ff1d9a	796	if(!@is_link($install_dir.'/server/mods-core/'.$file)) {
W	797	@symlink($install_dir.'/server/mods-available/'.$file, $install_dir.'/server/mods-core/'.$file);
	798	// @symlink($install_dir.'/server/mods-available/'.$file, '../mods-core/'.$file);
	799	}
cb8c86	800	}
W	801	}
	802	unset($tmp);
	803	}
	804	}
	805	closedir($dh);
	806	}
	807	}
ff1d9a	808
cb8c86	809	$dir = $install_dir.'/server/plugins-available/';
W	810	if (is_dir($dir)) {
	811	if ($dh = opendir($dir)) {
	812	while (($file = readdir($dh)) !== false) {
91324a	813	if($conf['apache']['installed'] == true && $file == 'nginx_plugin.inc.php') continue;
F	814	if($conf['nginx']['installed'] == true && $file == 'apache2_plugin.inc.php') continue;
7fe908	815	if($file != '.' && $file != '..' && substr($file, -8, 8) == '.inc.php') {
MC	816	include_once $install_dir.'/server/plugins-available/'.$file;
	817	$plugin_name = substr($file, 0, -8);
cb8c86	818	$tmp = new $plugin_name;
7fe908	819	if(method_exists($tmp, 'onInstall') && $tmp->onInstall()) {
ff1d9a	820	if(!@is_link($install_dir.'/server/plugins-enabled/'.$file)) {
W	821	@symlink($install_dir.'/server/plugins-available/'.$file, $install_dir.'/server/plugins-enabled/'.$file);
	822	}
cb8c86	823	if (strpos($file, '_core_plugin') !== false) {
ff1d9a	824	if(!@is_link($install_dir.'/server/plugins-core/'.$file)) {
W	825	@symlink($install_dir.'/server/plugins-available/'.$file, $install_dir.'/server/plugins-core/'.$file);
	826	}
cb8c86	827	}
W	828	}
	829	unset($tmp);
	830	}
	831	}
	832	closedir($dh);
	833	}
	834	}
7fe908	835
ff1d9a	836	//* Update the server config
cb8c86	837	$mail_server_enabled = ($conf['services']['mail'])?1:0;
W	838	$web_server_enabled = ($conf['services']['web'])?1:0;
	839	$dns_server_enabled = ($conf['services']['dns'])?1:0;
	840	$file_server_enabled = ($conf['services']['file'])?1:0;
	841	$db_server_enabled = ($conf['services']['db'])?1:0;
	842	$vserver_server_enabled = ($conf['services']['vserver'])?1:0;
7fe908	843
MC	844	$sql = "UPDATE `server` SET mail_server = '$mail_server_enabled', web_server = '$web_server_enabled', dns_server = '$dns_server_enabled', file_server = '$file_server_enabled', db_server = '$db_server_enabled', vserver_server = '$vserver_server_enabled' WHERE server_id = ".intval($conf['server_id']);
	845
cb8c86	846	if($conf['mysql']['master_slave_setup'] == 'y') {
W	847	$this->dbmaster->query($sql);
	848	$this->db->query($sql);
	849	} else {
	850	$this->db->query($sql);
	851	}
7fe908	852
3e0fc8	853	// chown install dir to root and chmod 755
TB	854	$command = 'chown root:root '.$install_dir;
	855	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
	856	$command = 'chmod 755 '.$install_dir;
cb8c86	857	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
W	858
fa029b	859	//* Chmod the files and directories in the install dir
3e0fc8	860	$command = 'chmod -R 750 '.$install_dir.'/*';
TB	861	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
	862
	863	//* chown the interface files to the ispconfig user and group
	864	$command = 'chown -R ispconfig:ispconfig '.$install_dir.'/interface';
	865	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
	866
	867	//* chown the server files to the root user and group
	868	$command = 'chown -R root:root '.$install_dir.'/server';
cb8c86	869	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
fa029b	870
TB	871	//* chown the security files to the root user and group
	872	$command = 'chown -R root:root '.$install_dir.'/security';
	873	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
	874
	875	//* chown the security directory and security_settings.ini to root:ispconfig
	876	$command = 'chown root:ispconfig '.$install_dir.'/security/security_settings.ini';
	877	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
	878	$command = 'chown root:ispconfig '.$install_dir.'/security';
	879	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
7fe908	880
ff1d9a	881	//* Make the global language file directory group writable
cb8c86	882	exec("chmod -R 770 $install_dir/interface/lib/lang");
7fe908	883
ff1d9a	884	//* Make the temp directory for language file exports writable
W	885	if(is_dir($install_dir.'/interface/web/temp')) {
	886	exec("chmod -R 770 $install_dir/interface/web/temp");
	887	}
7fe908	888
MC	889	//* Make all interface language file directories group writable
cb8c86	890	$handle = @opendir($install_dir.'/interface/web');
7fe908	891	while ($file = @readdir($handle)) {
MC	892	if ($file != '.' && $file != '..') {
	893	if(@is_dir($install_dir.'/interface/web'.'/'.$file.'/lib/lang')) {
cb8c86	894	$handle2 = opendir($install_dir.'/interface/web'.'/'.$file.'/lib/lang');
7fe908	895	chmod($install_dir.'/interface/web'.'/'.$file.'/lib/lang', 0770);
MC	896	while ($lang_file = @readdir($handle2)) {
cb8c86	897	if ($lang_file != '.' && $lang_file != '..') {
7fe908	898	chmod($install_dir.'/interface/web'.'/'.$file.'/lib/lang/'.$lang_file, 0770);
cb8c86	899	}
W	900	}
	901	}
	902	}
	903	}
7fe908	904
477d4e	905	//* Make the APS directories group writable
T	906	exec("chmod -R 770 $install_dir/interface/web/sites/aps_meta_packages");
	907	exec("chmod -R 770 $install_dir/server/aps_packages");
7fe908	908
MC	909	//* make sure that the server config file (not the interface one) is only readable by the root user
bfcdef	910	chmod($install_dir.'/server/lib/config.inc.php', 0600);
T	911	chown($install_dir.'/server/lib/config.inc.php', 'root');
	912	chgrp($install_dir.'/server/lib/config.inc.php', 'root');
7fe908	913
bfcdef	914	//* Make sure thet the interface config file is readable by user ispconfig only
T	915	chmod($install_dir.'/interface/lib/config.inc.php', 0600);
	916	chown($install_dir.'/interface/lib/config.inc.php', 'ispconfig');
	917	chgrp($install_dir.'/interface/lib/config.inc.php', 'ispconfig');
ff1d9a	918
W	919	chmod($install_dir.'/server/lib/remote_action.inc.php', 0600);
	920	chown($install_dir.'/server/lib/remote_action.inc.php', 'root');
	921	chgrp($install_dir.'/server/lib/remote_action.inc.php', 'root');
	922
	923	if(@is_file($install_dir.'/server/lib/mysql_clientdb.conf')) {
	924	chmod($install_dir.'/server/lib/mysql_clientdb.conf', 0600);
	925	chown($install_dir.'/server/lib/mysql_clientdb.conf', 'root');
	926	chgrp($install_dir.'/server/lib/mysql_clientdb.conf', 'root');
cb8c86	927	}
7fe908	928
8cf78b	929	if(is_dir($install_dir.'/interface/invoices')) {
e94a9f	930	exec('chmod -R 770 '.escapeshellarg($install_dir.'/interface/invoices'));
T	931	exec('chown -R ispconfig:ispconfig '.escapeshellarg($install_dir.'/interface/invoices'));
edf806	932	}
7fe908	933
cb8c86	934	// TODO: FIXME: add the www-data user to the ispconfig group. This is just for testing
W	935	// and must be fixed as this will allow the apache user to read the ispconfig files.
	936	// Later this must run as own apache server or via suexec!
63b369	937	if($conf['apache']['installed'] == true){
F	938	$command = 'usermod -a -G ispconfig '.$conf['apache']['user'];
	939	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
272aec	940	if(is_group('ispapps')){
F	941	$command = 'usermod -a -G ispapps '.$conf['apache']['user'];
	942	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
	943	}
63b369	944	}
F	945	if($conf['nginx']['installed'] == true){
	946	$command = 'usermod -a -G ispconfig '.$conf['nginx']['user'];
	947	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
272aec	948	if(is_group('ispapps')){
F	949	$command = 'usermod -a -G ispapps '.$conf['nginx']['user'];
	950	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
	951	}
63b369	952	}
7fe908	953
ff1d9a	954	//* Make the shell scripts executable
cb8c86	955	$command = "chmod +x $install_dir/server/scripts/*.sh";
W	956	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
7fe908	957
7e1cfb	958	if($conf['apache']['installed'] == true && $this->install_ispconfig_interface == true){
91324a	959	//* Copy the ISPConfig vhost for the controlpanel
F	960	$content = $this->get_template_file("apache_ispconfig.vhost", true);
	961	$content = str_replace('{vhost_port}', $conf['apache']['vhost_port'], $content);
7fe908	962
91324a	963	//* comment out the listen directive if port is 80 or 443
F	964	if ($conf['apache']['vhost_port'] == 80 or $conf['apache']['vhost_port'] == 443) {
	965	$content = str_replace('{vhost_port_listen}', '#', $content);
	966	} else {
	967	$content = str_replace('{vhost_port_listen}', '', $content);
	968	}
7fe908	969
91324a	970	if(is_file($install_dir.'/interface/ssl/ispserver.crt') && is_file($install_dir.'/interface/ssl/ispserver.key')) {
F	971	$content = str_replace('{ssl_comment}', '', $content);
	972	} else {
	973	$content = str_replace('{ssl_comment}', '#', $content);
	974	}
10b4c8	975	if(is_file($install_dir.'/interface/ssl/ispserver.crt') && is_file($install_dir.'/interface/ssl/ispserver.key') && is_file($install_dir.'/interface/ssl/ispserver.bundle')) {
T	976	$content = str_replace('{ssl_bundle_comment}', '', $content);
	977	} else {
	978	$content = str_replace('{ssl_bundle_comment}', '#', $content);
	979	}
7fe908	980
91324a	981	$vhost_path = $conf['apache']['vhost_conf_dir'].'/ispconfig.vhost';
F	982	$this->write_config_file($vhost_path, $content);
7fe908	983
526b99	984	if(!is_file('/var/www/php-fcgi-scripts/ispconfig/.php-fcgi-starter')) {
615a0a	985	$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/apache_ispconfig_fcgi_starter.master', 'tpl/apache_ispconfig_fcgi_starter.master');
526b99	986	$content = str_replace('{fastcgi_bin}', $conf['fastcgi']['fastcgi_bin'], $content);
T	987	$content = str_replace('{fastcgi_phpini_path}', $conf['fastcgi']['fastcgi_phpini_path'], $content);
cc6568	988	@mkdir('/var/www/php-fcgi-scripts/ispconfig', 0755, true);
526b99	989	wf('/var/www/php-fcgi-scripts/ispconfig/.php-fcgi-starter', $content);
91324a	990	exec('chmod +x /var/www/php-fcgi-scripts/ispconfig/.php-fcgi-starter');
F	991	chmod('/var/www/php-fcgi-scripts/ispconfig/.php-fcgi-starter', 0755);
7fe908	992	@symlink($install_dir.'/interface/web', '/var/www/ispconfig');
91324a	993	exec('chown -R ispconfig:ispconfig /var/www/php-fcgi-scripts/ispconfig');
F	994	}
cb8c86	995	}
91324a	996
7e1cfb	997	if($conf['nginx']['installed'] == true && $this->install_ispconfig_interface == true){
91324a	998	//* Copy the ISPConfig vhost for the controlpanel
F	999	$vhost_conf_dir = $conf['nginx']['vhost_conf_dir'];
	1000	$vhost_conf_enabled_dir = $conf['nginx']['vhost_conf_enabled_dir'];
	1001
	1002	// Dont just copy over the virtualhost template but add some custom settings
615a0a	1003	$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/nginx_ispconfig.vhost.master', 'tpl/nginx_ispconfig.vhost.master');
91324a	1004	$content = str_replace('{vhost_port}', $conf['nginx']['vhost_port'], $content);
7fe908	1005
91324a	1006	if(is_file($install_dir.'/interface/ssl/ispserver.crt') && is_file($install_dir.'/interface/ssl/ispserver.key')) {
10b4c8	1007	$content = str_replace('{ssl_on}', ' on', $content);
91324a	1008	$content = str_replace('{ssl_comment}', '', $content);
F	1009	$content = str_replace('{fastcgi_ssl}', 'on', $content);
	1010	} else {
10b4c8	1011	$content = str_replace('{ssl_on}', ' off', $content);
91324a	1012	$content = str_replace('{ssl_comment}', '#', $content);
F	1013	$content = str_replace('{fastcgi_ssl}', 'off', $content);
	1014	}
7fe908	1015
ca0b77	1016	$socket_dir = escapeshellcmd($conf['nginx']['php_fpm_socket_dir']);
7fe908	1017	if(substr($socket_dir, -1) != '/') $socket_dir .= '/';
ca0b77	1018	if(!is_dir($socket_dir)) exec('mkdir -p '.$socket_dir);
F	1019	$fpm_socket = $socket_dir.'ispconfig.sock';
7fe908	1020
ca0b77	1021	//$content = str_replace('{fpm_port}', $conf['nginx']['php_fpm_start_port'], $content);
F	1022	$content = str_replace('{fpm_socket}', $fpm_socket, $content);
91324a	1023
F	1024	wf($vhost_conf_dir.'/ispconfig.vhost', $content);
7fe908	1025
91324a	1026	unset($content);
7fe908	1027
91324a	1028	// PHP-FPM
F	1029	// Dont just copy over the php-fpm pool template but add some custom settings
615a0a	1030	$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/php_fpm_pool.conf.master', 'tpl/php_fpm_pool.conf.master');
91324a	1031	$content = str_replace('{fpm_pool}', 'ispconfig', $content);
ca0b77	1032	//$content = str_replace('{fpm_port}', $conf['nginx']['php_fpm_start_port'], $content);
F	1033	$content = str_replace('{fpm_socket}', $fpm_socket, $content);
91324a	1034	$content = str_replace('{fpm_user}', 'ispconfig', $content);
F	1035	$content = str_replace('{fpm_group}', 'ispconfig', $content);
	1036	wf($conf['nginx']['php_fpm_pool_dir'].'/ispconfig.conf', $content);
	1037
	1038	//copy('tpl/nginx_ispconfig.vhost.master', $vhost_conf_dir.'/ispconfig.vhost');
	1039	//* and create the symlink
7e1cfb	1040	if($this->is_update == false) {
91324a	1041	if(@is_link($vhost_conf_enabled_dir.'/ispconfig.vhost')) unlink($vhost_conf_enabled_dir.'/ispconfig.vhost');
F	1042	if(!@is_link($vhost_conf_enabled_dir.'/000-ispconfig.vhost')) {
7fe908	1043	symlink($vhost_conf_dir.'/ispconfig.vhost', $vhost_conf_enabled_dir.'/000-ispconfig.vhost');
91324a	1044	}
F	1045	}
cb8c86	1046	}
7fe908	1047
ff1d9a	1048	//* Install the update script
b34f99	1049	if (is_file('/usr/local/bin/ispconfig_update_from_dev.sh')) {
MC	1050	unlink('/usr/local/bin/ispconfig_update_from_dev.sh');
cb8c86	1051	}
7fe908	1052
b34f99	1053	chown($install_dir.'/server/scripts/update_from_dev.sh', 'root');
MC	1054	chmod($install_dir.'/server/scripts/update_from_dev.sh', 0700);
ff1d9a	1055	chown($install_dir.'/server/scripts/update_from_tgz.sh', 'root');
W	1056	chmod($install_dir.'/server/scripts/update_from_tgz.sh', 0700);
	1057	chown($install_dir.'/server/scripts/ispconfig_update.sh', 'root');
	1058	chmod($install_dir.'/server/scripts/ispconfig_update.sh', 0700);
7fe908	1059
b34f99	1060	if (!is_link('/usr/local/bin/ispconfig_update_from_dev.sh')) {
MC	1061	symlink($install_dir.'/server/scripts/ispconfig_update.sh', '/usr/local/bin/ispconfig_update_from_dev.sh');
cb8c86	1062	}
7fe908	1063
cb8c86	1064	if (!is_link('/usr/local/bin/ispconfig_update.sh')) {
ff1d9a	1065	symlink($install_dir.'/server/scripts/ispconfig_update.sh', '/usr/local/bin/ispconfig_update.sh');
cb8c86	1066	}
7fe908	1067
ff1d9a	1068	//* Make the logs readable for the ispconfig user
cb8c86	1069	if (is_file('/var/log/maillog')) {
W	1070	exec('chmod +r /var/log/maillog');
	1071	}
	1072	if (is_file('/var/log/messages')) {
	1073	exec('chmod +r /var/log/messages');
	1074	}
	1075	if (is_file('/var/log/clamav/clamav.log')) {
	1076	exec('chmod +r /var/log/clamav/clamav.log');
	1077	}
	1078	if (is_file('/var/log/clamav/freshclam.log')) {
	1079	exec('chmod +r /var/log/clamav/freshclam.log');
	1080	}
7fe908	1081
ff1d9a	1082	//* Create the ispconfig log directory
e38d14	1083	if (!is_dir($conf['ispconfig_log_dir'])) {
J	1084	mkdir($conf['ispconfig_log_dir']);
cb8c86	1085	}
e38d14	1086	if (!is_file($conf['ispconfig_log_dir'].'/ispconfig.log')) {
ff1d9a	1087	touch($conf['ispconfig_log_dir'].'/ispconfig.log');
cb8c86	1088	}
7fe908	1089
0799f8	1090	//* Create the ispconfig auth log file and set uid/gid
T	1091	if(!is_file($conf['ispconfig_log_dir'].'/auth.log')) {
	1092	touch($conf['ispconfig_log_dir'].'/auth.log');
	1093	}
	1094	exec('chown ispconfig:ispconfig '. $conf['ispconfig_log_dir'].'/auth.log');
	1095	exec('chmod 660 '. $conf['ispconfig_log_dir'].'/auth.log');
7fe908	1096
ff1d9a	1097	rename($install_dir.'/server/scripts/run-getmail.sh', '/usr/local/bin/run-getmail.sh');
7fe908	1098
ff1d9a	1099	if (is_user('getmail')) {
W	1100	chown('/usr/local/bin/run-getmail.sh', 'getmail');
	1101	}
	1102	chmod('/usr/local/bin/run-getmail.sh', 0744);
7fe908	1103
d71bae	1104	//* Remove Domain module as its functions are available in the client module now
T	1105	if(@is_dir('/usr/local/ispconfig/interface/web/domain')) exec('rm -rf /usr/local/ispconfig/interface/web/domain');
021aec	1106
TB	1107	// Add symlink for patch tool
	1108	if(!is_link('/usr/local/bin/ispconfig_patch')) exec('ln -s /usr/local/ispconfig/server/scripts/ispconfig_patch /usr/local/bin/ispconfig_patch');
7fe908	1109
MC	1110	}
	1111
20218c	1112	}
M	1113
e38d14	1114	?>