gitlabFork/ISPConfig3.git - Solinfo Gitblit

Till Brehm

2014-08-14 fa029ba07e16cf79f2adc8e049c0d981ec61d18e

commit \| author \| age
32d8e9	1	<?php
T	2
	3	/*
	4	Copyright (c) 2007, Till Brehm, projektfarm Gmbh
	5	All rights reserved.
	6
	7	Redistribution and use in source and binary forms, with or without modification,
	8	are permitted provided that the following conditions are met:
	9
	10	* Redistributions of source code must retain the above copyright notice,
	11	this list of conditions and the following disclaimer.
	12	* Redistributions in binary form must reproduce the above copyright notice,
	13	this list of conditions and the following disclaimer in the documentation
	14	and/or other materials provided with the distribution.
	15	* Neither the name of ISPConfig nor the names of its contributors
	16	may be used to endorse or promote products derived from this software without
	17	specific prior written permission.
	18
	19	THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
	20	ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
	21	WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
	22	IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
	23	INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
	24	BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
	25	DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
	26	OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
	27	NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
	28	EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
	29	*/
	30
	31	class installer_dist extends installer_base {
60b700	32
MC	33	public function __construct() {
	34	//** check apache modules */
	35	$mods = getapachemodules();
	36	if(in_array('authz_compat', $mods, true)) {
	37	swriteln($inst->lng(' WARNING! You are using mod_authz_compat.'));
	38	swriteln($inst->lng(' Please make sure that your apache config uses the new auth syntax:'));
	39	swriteln($inst->lng(' <Directory />'));
	40	swriteln($inst->lng(' Options None'));
	41	swriteln($inst->lng(' AllowOverride None'));
	42	swriteln($inst->lng(' Require all denied'));
	43	swriteln($inst->lng(' </Directory>'."\n"));
	44
	45	swriteln($inst->lng(' If it uses the old syntax (deny from all) ISPConfig would fail to work.'));
	46	}
	47	}
	48
526b99	49	public function configure_mailman($status = 'insert') {
T	50	global $conf;
	51
	52	$config_dir = $conf['mailman']['config_dir'].'/';
	53	$full_file_name = $config_dir.'mm_cfg.py';
	54	//* Backup exiting file
	55	if(is_file($full_file_name)) {
	56	copy($full_file_name, $config_dir.'mm_cfg.py~');
	57	}
	58
	59	// load files
615a0a	60	$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/mm_cfg.py.master', 'tpl/mm_cfg.py.master');
526b99	61	$old_file = rf($full_file_name);
T	62
	63	$old_options = array();
	64	$lines = explode("\n", $old_file);
	65	foreach ($lines as $line)
	66	{
	67	if (trim($line) != '' && substr($line, 0, 1) != '#')
	68	{
	69	@list($key, $value) = @explode("=", $line);
	70	if (!empty($value))
	71	{
	72	$key = rtrim($key);
	73	$old_options[$key] = trim($value);
	74	}
	75	}
	76	}
7fe908	77
526b99	78	if(!is_file('/var/lib/mailman/data/transport-mailman')) touch('/var/lib/mailman/data/transport-mailman');
T	79	exec('/usr/sbin/postmap /var/lib/mailman/data/transport-mailman');
	80
	81	$virtual_domains = '';
	82	if($status == 'update')
	83	{
	84	// create virtual_domains list
	85	$domainAll = $this->db->queryAllRecords("SELECT domain FROM mail_mailinglist GROUP BY domain");
	86
	87	if(is_array($domainAll)) {
7fe908	88	foreach($domainAll as $domain)
MC	89	{
	90	if ($domainAll[0]['domain'] == $domain['domain'])
	91	$virtual_domains .= "'".$domain['domain']."'";
	92	else
	93	$virtual_domains .= ", '".$domain['domain']."'";
	94	}
526b99	95	}
T	96	}
	97	else
	98	$virtual_domains = "' '";
	99
	100	$content = str_replace('{hostname}', $conf['hostname'], $content);
	101	if(!isset($old_options['DEFAULT_SERVER_LANGUAGE'])) $old_options['DEFAULT_SERVER_LANGUAGE'] = '';
	102	$content = str_replace('{default_language}', $old_options['DEFAULT_SERVER_LANGUAGE'], $content);
	103	$content = str_replace('{virtual_domains}', $virtual_domains, $content);
	104
	105	wf($full_file_name, $content);
7fe908	106
3f478f	107	//* Write virtual_to_transport.sh script
T	108	$config_dir = $conf['mailman']['config_dir'].'/';
	109	$full_file_name = $config_dir.'virtual_to_transport.sh';
7fe908	110
3f478f	111	//* Backup exiting virtual_to_transport.sh script
T	112	if(is_file($full_file_name)) {
	113	copy($full_file_name, $config_dir.'virtual_to_transport.sh~');
	114	}
7fe908	115
3f478f	116	if(is_dir('/etc/mailman')) {
615a0a	117	if(is_file($conf['ispconfig_install_dir'].'/server/conf-custom/install/mailman-virtual_to_transport.sh')) {
7fe908	118	copy($conf['ispconfig_install_dir'].'/server/conf-custom/install/mailman-virtual_to_transport.sh', $full_file_name);
MC	119	} else {
	120	copy('tpl/mailman-virtual_to_transport.sh', $full_file_name);
	121	}
	122	chgrp($full_file_name, 'mailman');
	123	chmod($full_file_name, 0750);
3f478f	124	}
7fe908	125
3f478f	126	//* Create aliasaes
T	127	exec('/usr/lib/mailman/bin/genaliases 2>/dev/null');
c71d48	128	if(is_file('/var/lib/mailman/data/virtual-mailman')) exec('postmap /var/lib/mailman/data/virtual-mailman');
526b99	129	}
7fe908	130
32d8e9	131	function configure_postfix($options = '')
7fe908	132	{
MC	133	global $conf;
32d8e9	134	$cf = $conf['postfix'];
T	135	$config_dir = $cf['config_dir'];
7fe908	136
32d8e9	137	if(!is_dir($config_dir)){
7fe908	138	$this->error("The postfix configuration directory '$config_dir' does not exist.");
MC	139	}
	140
32d8e9	141	//* mysql-virtual_domains.cf
7fe908	142	$this->process_postfix_config('mysql-virtual_domains.cf');
32d8e9	143
T	144	//* mysql-virtual_forwardings.cf
7fe908	145	$this->process_postfix_config('mysql-virtual_forwardings.cf');
32d8e9	146
T	147	//* mysql-virtual_mailboxes.cf
7fe908	148	$this->process_postfix_config('mysql-virtual_mailboxes.cf');
32d8e9	149
T	150	//* mysql-virtual_email2email.cf
7fe908	151	$this->process_postfix_config('mysql-virtual_email2email.cf');
32d8e9	152
T	153	//* mysql-virtual_transports.cf
7fe908	154	$this->process_postfix_config('mysql-virtual_transports.cf');
32d8e9	155
T	156	//* mysql-virtual_recipient.cf
7fe908	157	$this->process_postfix_config('mysql-virtual_recipient.cf');
32d8e9	158
T	159	//* mysql-virtual_sender.cf
7fe908	160	$this->process_postfix_config('mysql-virtual_sender.cf');
32d8e9	161
T	162	//* mysql-virtual_client.cf
7fe908	163	$this->process_postfix_config('mysql-virtual_client.cf');
MC	164
32d8e9	165	//* mysql-virtual_relaydomains.cf
7fe908	166	$this->process_postfix_config('mysql-virtual_relaydomains.cf');
MC	167
429dcf	168	//* mysql-virtual_relayrecipientmaps.cf
7fe908	169	$this->process_postfix_config('mysql-virtual_relayrecipientmaps.cf');
32d8e9	170
T	171	//* Changing mode and group of the new created config files.
	172	caselog('chmod o= '.$config_dir.'/mysql-virtual_.cf &> /dev/null',
7fe908	173	__FILE__, __LINE__, 'chmod on mysql-virtual_.cf', 'chmod on mysql-virtual_.cf failed');
MC	174	caselog('chgrp '.$cf['group'].' '.$config_dir.'/mysql-virtual_.cf &> /dev/null',
	175	__FILE__, __LINE__, 'chgrp on mysql-virtual_.cf', 'chgrp on mysql-virtual_.cf failed');
	176
1ca823	177	if(!is_dir($cf['vmail_mailbox_base'])) mkdir($cf['vmail_mailbox_base']);
7fe908	178
32d8e9	179	//* Creating virtual mail user and group
fdb514	180	if(is_group($cf['vmail_groupname'])) {
T	181	$command = 'groupmod -g '.$cf['vmail_groupid'].' '.$cf['vmail_groupname'];
	182	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
	183	} else {
	184	$command = 'groupadd -g '.$cf['vmail_groupid'].' '.$cf['vmail_groupname'];
	185	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
	186	}
7fe908	187
fdb514	188	if(is_user($cf['vmail_username'])) {
T	189	$command = 'usermod -g '.$cf['vmail_groupname'].' -u '.$cf['vmail_userid'].' -d '.$cf['vmail_mailbox_base'].' -s /bin/bash '.$cf['vmail_username'];
	190	caselog("$command &> /dev/null", __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
	191	} else {
	192	$command = 'useradd -g '.$cf['vmail_groupname'].' -u '.$cf['vmail_userid'].' '.$cf['vmail_username'].' -d '.$cf['vmail_mailbox_base'].' -m';
	193	caselog("$command &> /dev/null", __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
8f898a	194	}
7fe908	195
d2e848	196	if($cf['vmail_mailbox_base'] != '' && strlen($cf['vmail_mailbox_base']) >= 10 && $this->is_update === false) exec('chown -R '.$cf['vmail_username'].':'.$cf['vmail_groupname'].' '.$cf['vmail_mailbox_base']);
7fe908	197
b67344	198	//* These postconf commands will be executed on installation and update
7b47c0	199	$server_ini_rec = $this->db->queryOneRecord("SELECT config FROM server WHERE server_id = ".$conf['server_id']);
T	200	$server_ini_array = ini_to_array(stripslashes($server_ini_rec['config']));
	201	unset($server_ini_rec);
	202
	203	//* If there are RBL's defined, format the list and add them to smtp_recipient_restrictions to prevent removeal after an update
	204	$rbl_list = '';
	205	if (@isset($server_ini_array['mail']['realtime_blackhole_list']) && $server_ini_array['mail']['realtime_blackhole_list'] != '') {
7fe908	206	$rbl_hosts = explode(",", str_replace(" ", "", $server_ini_array['mail']['realtime_blackhole_list']));
7b47c0	207	foreach ($rbl_hosts as $key => $value) {
T	208	$rbl_list .= ", reject_rbl_client ". $value;
	209	}
	210	}
	211	unset($rbl_hosts);
	212	unset($server_ini_array);
7fe908	213
7b47c0	214	//* These postconf commands will be executed on installation and update
7fe908	215	$postconf_placeholders = array('{config_dir}' => $config_dir,
MC	216	'{vmail_mailbox_base}' => $cf['vmail_mailbox_base'],
	217	'{vmail_userid}' => $cf['vmail_userid'],
	218	'{vmail_groupid}' => $cf['vmail_groupid'],
	219	'{rbl_list}' => $rbl_list);
	220
	221	$postconf_tpl = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/opensuse_postfix.conf.master', 'tpl/opensuse_postfix.conf.master');
	222	$postconf_tpl = strtr($postconf_tpl, $postconf_placeholders);
	223	$postconf_commands = array_filter(explode("\n", $postconf_tpl)); // read and remove empty lines
	224
b67344	225	//* These postconf commands will be executed on installation only
T	226	if($this->is_update == false) {
7fe908	227	$postconf_commands = array_merge($postconf_commands, array(
MC	228	'myhostname = '.$conf['hostname'],
	229	'mydestination = '.$conf['hostname'].', localhost, localhost.localdomain',
	230	'mynetworks = 127.0.0.0/8 [::1]/128'
	231	));
b67344	232	}
7fe908	233
32d8e9	234	//* Create the header and body check files
T	235	touch($config_dir.'/header_checks');
	236	touch($config_dir.'/mime_header_checks');
	237	touch($config_dir.'/nested_header_checks');
	238	touch($config_dir.'/body_checks');
7fe908	239
3f478f	240	//* Create the mailman files
T	241	if(!is_dir('/var/lib/mailman/data')) exec('mkdir -p /var/lib/mailman/data');
	242	if(!is_file('/var/lib/mailman/data/aliases')) touch('/var/lib/mailman/data/aliases');
	243	exec('postalias /var/lib/mailman/data/aliases');
	244	if(!is_file('/var/lib/mailman/data/virtual-mailman')) touch('/var/lib/mailman/data/virtual-mailman');
	245	exec('postmap /var/lib/mailman/data/virtual-mailman');
	246	if(!is_file('/var/lib/mailman/data/transport-mailman')) touch('/var/lib/mailman/data/transport-mailman');
	247	exec('/usr/sbin/postmap /var/lib/mailman/data/transport-mailman');
7fe908	248
32d8e9	249	//* Make a backup copy of the main.cf file
T	250	copy($config_dir.'/main.cf', $config_dir.'/main.cf~');
7fe908	251
32d8e9	252	//* Executing the postconf commands
T	253	foreach($postconf_commands as $cmd) {
	254	$command = "postconf -e '$cmd'";
	255	caselog($command." &> /dev/null", __FILE__, __LINE__, 'EXECUTED: '.$command, 'Failed to execute the command '.$command);
	256	}
7fe908	257
MC	258	if(!stristr($options, 'dont-create-certs')) {
32d8e9	259	//* Create the SSL certificate
b04e82	260	if(AUTOINSTALL){
TB	261	$command = 'cd '.$config_dir.'; '
	262	."openssl req -new -subj '/C=".escapeshellcmd($autoinstall['ssl_cert_country'])."/ST=".escapeshellcmd($autoinstall['ssl_cert_state'])."/L=".escapeshellcmd($autoinstall['ssl_cert_locality'])."/O=".escapeshellcmd($autoinstall['ssl_cert_organisation'])."/OU=".escapeshellcmd($autoinstall['ssl_cert_organisation_unit'])."/CN=".escapeshellcmd($autoinstall['ssl_cert_common_name'])."' -outform PEM -out smtpd.cert -newkey rsa:4096 -nodes -keyout smtpd.key -keyform PEM -days 3650 -x509";
	263	} else {
	264	$command = 'cd '.$config_dir.'; '
	265	.'openssl req -new -outform PEM -out smtpd.cert -newkey rsa:4096 -nodes -keyout smtpd.key -keyform PEM -days 3650 -x509';
	266	}
7fe908	267
32d8e9	268	$command = 'chmod o= '.$config_dir.'/smtpd.key';
T	269	caselog($command.' &> /dev/null', __FILE__, __LINE__, 'EXECUTED: '.$command, 'Failed to execute the command '.$command);
	270	}
7fe908	271
32d8e9	272	//** We have to change the permissions of the courier authdaemon directory to make it accessible for maildrop.
T	273	$command = 'chmod 755 /var/run/authdaemon.courier-imap';
	274	caselog($command.' &> /dev/null', __FILE__, __LINE__, 'EXECUTED: '.$command, 'Failed to execute the command '.$command);
7fe908	275
32d8e9	276	//* Changing maildrop lines in posfix master.cf
T	277	if(is_file($config_dir.'/master.cf')){
7fe908	278	copy($config_dir.'/master.cf', $config_dir.'/master.cf~');
MC	279	}
32d8e9	280	if(is_file($config_dir.'/master.cf~')){
7fe908	281	exec('chmod 400 '.$config_dir.'/master.cf~');
MC	282	}
32d8e9	283	$configfile = $config_dir.'/master.cf';
T	284	$content = rf($configfile);
7fe908	285
MC	286	$content = str_replace(' flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient}',
	287	' flags=DRhu user='.$cf['vmail_username'].' argv=/usr/bin/maildrop -d ${recipient} ${extension} ${recipient} ${user} ${nexthop} ${sender}',
	288	$content);
	289
	290	$content = str_replace(' flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient}',
	291	' flags=DRhu user='.$cf['vmail_username'].' argv=/usr/bin/maildrop -d ${recipient} ${extension} ${recipient} ${user} ${nexthop} ${sender}',
	292	$content);
	293
fdb514	294	// enable tlsmanager
7fe908	295	$content = str_replace('#tlsmgr unix - - n 1000? 1 tlsmgr', 'tlsmgr unix - - n 1000? 1 tlsmgr', $content);
MC	296
32d8e9	297	wf($configfile, $content);
7fe908	298
32d8e9	299	//* Writing the Maildrop mailfilter file
T	300	$configfile = 'mailfilter';
	301	if(is_file($cf['vmail_mailbox_base'].'/.'.$configfile)){
7fe908	302	copy($cf['vmail_mailbox_base'].'/.'.$configfile, $cf['vmail_mailbox_base'].'/.'.$configfile.'~');
MC	303	}
615a0a	304	$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/'.$configfile.'.master', "tpl/$configfile.master");
32d8e9	305	$content = str_replace('{dist_postfix_vmail_mailbox_base}', $cf['vmail_mailbox_base'], $content);
T	306	wf($cf['vmail_mailbox_base'].'/.'.$configfile, $content);
7fe908	307
32d8e9	308	//* Create the directory for the custom mailfilters
T	309	$command = 'mkdir '.$cf['vmail_mailbox_base'].'/mailfilters';
	310	caselog($command." &> /dev/null", __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
7fe908	311
32d8e9	312	//* Chmod and chown the .mailfilter file
T	313	$command = 'chown -R '.$cf['vmail_username'].':'.$cf['vmail_groupname'].' '.$cf['vmail_mailbox_base'].'/.mailfilter';
	314	caselog($command." &> /dev/null", __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
7fe908	315
32d8e9	316	$command = 'chmod -R 600 '.$cf['vmail_mailbox_base'].'/.mailfilter';
T	317	caselog($command." &> /dev/null", __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
7fe908	318
32d8e9	319	}
7fe908	320
32d8e9	321	public function configure_saslauthd() {
T	322	global $conf;
7fe908	323
32d8e9	324	/*
T	325	$configfile = 'sasl_smtpd.conf';
	326	if(is_file('/etc/sasl2/smtpd.conf')) copy('/etc/sasl2/smtpd.conf','/etc/sasl2/smtpd.conf~');
	327	if(is_file('/etc/sasl2/smtpd.conf~')) exec('chmod 400 '.'/etc/sasl2/smtpd.conf~');
	328	$content = rf("tpl/".$configfile.".master");
	329	$content = str_replace('{mysql_server_ispconfig_user}',$conf['mysql']['ispconfig_user'],$content);
	330	$content = str_replace('{mysql_server_ispconfig_password}',$conf['mysql']['ispconfig_password'], $content);
	331	$content = str_replace('{mysql_server_database}',$conf['mysql']['database'],$content);
	332	$content = str_replace('{mysql_server_ip}',$conf['mysql']['ip'],$content);
	333	wf('/etc/sasl2/smtpd.conf',$content);
	334	*/
7fe908	335
32d8e9	336	// TODO: Chmod and chown on the config file
7fe908	337
MC	338
32d8e9	339	/*
T	340	// Create the spool directory
	341	exec('mkdir -p /var/spool/postfix/var/run/saslauthd');
7fe908	342
32d8e9	343	// Edit the file /etc/default/saslauthd
T	344	$configfile = $conf["saslauthd"]["config"];
	345	if(is_file($configfile)) copy($configfile,$configfile.'~');
	346	if(is_file($configfile.'~')) exec('chmod 400 '.$configfile.'~');
	347	$content = rf($configfile);
	348	$content = str_replace('START=no','START=yes',$content);
	349	$content = str_replace('OPTIONS="-c"','OPTIONS="-m /var/spool/postfix/var/run/saslauthd -r"',$content);
	350	wf($configfile,$content);
	351	*/
7fe908	352
32d8e9	353	// Edit the file /etc/init.d/saslauthd
T	354	$configfile = $conf["init_scripts"].'/'.$conf["saslauthd"]["init_script"];
	355	$content = rf($configfile);
7fe908	356	$content = str_replace('/sbin/startproc $AUTHD_BIN -a $SASLAUTHD_AUTHMECH -n $SASLAUTHD_THREADS > /dev/null 2>&1', '/sbin/startproc $AUTHD_BIN -r -a $SASLAUTHD_AUTHMECH -n $SASLAUTHD_THREADS > /dev/null 2>&1', $content);
MC	357	$content = str_replace('/sbin/startproc $AUTHD_BIN $SASLAUTHD_PARAMS -a $SASLAUTHD_AUTHMECH -n $SASLAUTHD_THREADS > /dev/null 2>&1', '/sbin/startproc $AUTHD_BIN $SASLAUTHD_PARAMS -r -a $SASLAUTHD_AUTHMECH -n $SASLAUTHD_THREADS > /dev/null 2>&1', $content);
	358
	359
	360	if(is_file($configfile)) wf($configfile, $content);
	361
	362
	363
32d8e9	364	}
7fe908	365
32d8e9	366	public function configure_pam()
7fe908	367	{
32d8e9	368	global $conf;
T	369	$pam = $conf['pam'];
	370	//* configure pam for SMTP authentication agains the ispconfig database
	371	$configfile = 'pamd_smtp';
	372	if(is_file("$pam/smtp")) copy("$pam/smtp", "$pam/smtp~");
	373	if(is_file("$pam/smtp~")) exec("chmod 400 $pam/smtp~");
	374
615a0a	375	$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/'.$configfile.'.master', "tpl/$configfile.master");
32d8e9	376	$content = str_replace('{mysql_server_ispconfig_user}', $conf['mysql']['ispconfig_user'], $content);
T	377	$content = str_replace('{mysql_server_ispconfig_password}', $conf['mysql']['ispconfig_password'], $content);
	378	$content = str_replace('{mysql_server_database}', $conf['mysql']['database'], $content);
	379	$content = str_replace('{mysql_server_ip}', $conf['mysql']['ip'], $content);
	380	wf("$pam/smtp", $content);
03bff7	381	// On some OSes smtp is world readable which allows for reading database information. Removing world readable rights should have no effect.
T	382	if(is_file("$pam/smtp")) exec("chmod o= $pam/smtp");
32d8e9	383	//exec("chmod 660 $pam/smtp");
T	384	//exec("chown root:root $pam/smtp");
7fe908	385
32d8e9	386	}
7fe908	387
32d8e9	388	public function configure_courier()
7fe908	389	{
32d8e9	390	global $conf;
T	391	$config_dir = $conf['courier']['config_dir'];
	392	//* authmysqlrc
	393	$configfile = 'authmysqlrc';
	394	if(is_file("$config_dir/$configfile")){
7fe908	395	copy("$config_dir/$configfile", "$config_dir/$configfile~");
MC	396	}
32d8e9	397	exec("chmod 400 $config_dir/$configfile~");
615a0a	398	$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/'.$configfile.'.master', "tpl/$configfile.master");
7fe908	399	$content = str_replace('{mysql_server_ispconfig_user}', $conf['mysql']['ispconfig_user'], $content);
MC	400	$content = str_replace('{mysql_server_ispconfig_password}', $conf['mysql']['ispconfig_password'], $content);
	401	$content = str_replace('{mysql_server_database}', $conf['mysql']['database'], $content);
	402	$content = str_replace('{mysql_server_host}', $conf['mysql']['host'], $content);
32d8e9	403	wf("$config_dir/$configfile", $content);
7fe908	404
32d8e9	405	exec("chmod 660 $config_dir/$configfile");
T	406	exec("chown root:root $config_dir/$configfile");
7fe908	407
32d8e9	408	//* authdaemonrc
T	409	$configfile = $conf['courier']['config_dir'].'/authdaemonrc';
	410	if(is_file($configfile)){
7fe908	411	copy($configfile, $configfile.'~');
MC	412	}
32d8e9	413	if(is_file($configfile.'~')){
7fe908	414	exec('chmod 400 '.$configfile.'~');
MC	415	}
32d8e9	416	$content = rf($configfile);
T	417	$content = str_replace('authmodulelist=', 'authmodulelist="authmysql"', $content);
	418	wf($configfile, $content);
	419	}
7fe908	420
fdb514	421	public function configure_dovecot()
7fe908	422	{
fdb514	423	global $conf;
7fe908	424
fdb514	425	$config_dir = $conf['dovecot']['config_dir'];
7fe908	426
fdb514	427	//* Configure master.cf and add a line for deliver
T	428	if(is_file($config_dir.'/master.cf')){
7fe908	429	copy($config_dir.'/master.cf', $config_dir.'/master.cf~2');
MC	430	}
fdb514	431	if(is_file($config_dir.'/master.cf~')){
7fe908	432	exec('chmod 400 '.$config_dir.'/master.cf~2');
MC	433	}
fdb514	434	$content = rf($conf["postfix"]["config_dir"].'/master.cf');
T	435	// Only add the content if we had not addded it before
7fe908	436	if(!stristr($content, "dovecot/deliver")) {
013ae4	437	$deliver_content = 'dovecot unix - n n - - pipe'."\n".' flags=DROhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -f ${sender} -d ${user}@${nexthop}';
7fe908	438	af($conf["postfix"]["config_dir"].'/master.cf', $deliver_content);
fdb514	439	}
T	440	unset($content);
	441	unset($deliver_content);
7fe908	442
MC	443
fdb514	444	//* Reconfigure postfix to use dovecot authentication
T	445	// Adding the amavisd commands to the postfix configuration
	446	$postconf_commands = array (
	447	'dovecot_destination_recipient_limit = 1',
	448	'virtual_transport = dovecot',
	449	'smtpd_sasl_type = dovecot',
	450	'smtpd_sasl_path = private/auth',
	451	);
7fe908	452
fdb514	453	// Make a backup copy of the main.cf file
7fe908	454	copy($conf["postfix"]["config_dir"].'/main.cf', $conf["postfix"]["config_dir"].'/main.cf~3');
MC	455
fdb514	456	// Executing the postconf commands
T	457	foreach($postconf_commands as $cmd) {
	458	$command = "postconf -e '$cmd'";
	459	caselog($command." &> /dev/null", __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
	460	}
7fe908	461
31e0d1	462	//* backup dovecot.conf
fdb514	463	$configfile = 'dovecot.conf';
T	464	if(is_file("$config_dir/$configfile")){
7fe908	465	copy("$config_dir/$configfile", "$config_dir/$configfile~");
MC	466	}
	467
31e0d1	468	//* Get the dovecot version
7fe908	469	exec('dovecot --version', $tmp);
MC	470	$parts = explode('.', trim($tmp[0]));
31e0d1	471	$dovecot_version = $parts[0];
T	472	unset($tmp);
	473	unset($parts);
7fe908	474
31e0d1	475	//* Copy dovecot configuration file
T	476	if($dovecot_version == 2) {
7fe908	477	if(is_file($conf['ispconfig_install_dir'].'/server/conf-custom/install/opensuse_dovecot2.conf.master')) {
MC	478	copy($conf['ispconfig_install_dir'].'/server/conf-custom/install/opensuse_dovecot2.conf.master', $config_dir.'/'.$configfile);
	479	} else {
	480	copy('tpl/opensuse_dovecot2.conf.master', $config_dir.'/'.$configfile);
	481	}
31e0d1	482	} else {
7fe908	483	if(is_file($conf['ispconfig_install_dir'].'/server/conf-custom/install/opensuse_dovecot.conf.master')) {
MC	484	copy($conf['ispconfig_install_dir'].'/server/conf-custom/install/opensuse_dovecot.conf.master', $config_dir.'/'.$configfile);
	485	} else {
	486	copy('tpl/opensuse_dovecot.conf.master', $config_dir.'/'.$configfile);
	487	}
31e0d1	488	}
7fe908	489
fdb514	490	//* dovecot-sql.conf
T	491	$configfile = 'dovecot-sql.conf';
	492	if(is_file("$config_dir/$configfile")){
7fe908	493	copy("$config_dir/$configfile", "$config_dir/$configfile~");
b67344	494	exec("chmod 400 $config_dir/$configfile~");
7fe908	495	}
MC	496
615a0a	497	$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/opensuse_dovecot-sql.conf.master', "tpl/opensuse_dovecot-sql.conf.master");
7fe908	498	$content = str_replace('{mysql_server_ispconfig_user}', $conf['mysql']['ispconfig_user'], $content);
MC	499	$content = str_replace('{mysql_server_ispconfig_password}', $conf['mysql']['ispconfig_password'], $content);
	500	$content = str_replace('{mysql_server_database}', $conf['mysql']['database'], $content);
	501	$content = str_replace('{mysql_server_host}', $conf['mysql']['host'], $content);
032b86	502	$content = str_replace('{server_id}', $conf['server_id'], $content);
fdb514	503	wf("$config_dir/$configfile", $content);
7fe908	504
fdb514	505	exec("chmod 600 $config_dir/$configfile");
T	506	exec("chown root:root $config_dir/$configfile");
5e7306	507
TB	508	// Dovecot shall ignore mounts in website directory
f9d95c	509	if(is_installed('doveadm')) exec("doveadm mount add '/srv/www/*' ignore > /dev/null 2> /dev/null");
fdb514	510
T	511	}
7fe908	512
32d8e9	513	public function configure_amavis() {
T	514	global $conf;
7fe908	515
32d8e9	516	// amavisd user config file
T	517	$configfile = 'opensuse_amavisd_conf';
7fe908	518	if(is_file($conf["amavis"]["config_dir"].'/amavisd.conf')) @copy($conf["amavis"]["config_dir"].'/amavisd.conf', $conf["amavis"]["config_dir"].'/amavisd.conf~');
32d8e9	519	if(is_file($conf["amavis"]["config_dir"].'/amavisd.conf~')) exec('chmod 400 '.$conf["amavis"]["config_dir"].'/amavisd.conf~');
615a0a	520	$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/'.$configfile.'.master', "tpl/".$configfile.".master");
7fe908	521	$content = str_replace('{mysql_server_ispconfig_user}', $conf['mysql']['ispconfig_user'], $content);
MC	522	$content = str_replace('{mysql_server_ispconfig_password}', $conf['mysql']['ispconfig_password'], $content);
	523	$content = str_replace('{mysql_server_database}', $conf['mysql']['database'], $content);
	524	$content = str_replace('{mysql_server_port}', $conf["mysql"]["port"], $content);
	525	$content = str_replace('{mysql_server_ip}', $conf['mysql']['ip'], $content);
	526	wf($conf["amavis"]["config_dir"].'/amavisd.conf', $content);
	527
	528
32d8e9	529	// Adding the amavisd commands to the postfix configuration
T	530	$postconf_commands = array (
	531	'content_filter = amavis:[127.0.0.1]:10024',
	532	'receive_override_options = no_address_mappings'
	533	);
7fe908	534
32d8e9	535	// Make a backup copy of the main.cf file
7fe908	536	copy($conf["postfix"]["config_dir"].'/main.cf', $conf["postfix"]["config_dir"].'/main.cf~2');
MC	537
32d8e9	538	// Executing the postconf commands
T	539	foreach($postconf_commands as $cmd) {
	540	$command = "postconf -e '$cmd'";
	541	caselog($command." &> /dev/null", __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
	542	}
7fe908	543
32d8e9	544	// Append the configuration for amavisd to the master.cf file
7fe908	545	if(is_file($conf["postfix"]["config_dir"].'/master.cf')) copy($conf["postfix"]["config_dir"].'/master.cf', $conf["postfix"]["config_dir"].'/master.cf~');
32d8e9	546	$content = rf($conf["postfix"]["config_dir"].'/master.cf');
T	547	// Only add the content if we had not addded it before
7fe908	548	if(!stristr($content, "127.0.0.1:10025")) {
32d8e9	549	unset($content);
615a0a	550	$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/master_cf_amavis.master', "tpl/master_cf_amavis.master");
7fe908	551	af($conf["postfix"]["config_dir"].'/master.cf', $content);
32d8e9	552	}
T	553	unset($content);
7fe908	554
32d8e9	555	// Add the clamav user to the vscan group
5edf40	556	//exec('groupmod --add-user clamav vscan');
TB	557	$command = 'usermod -a -G clamav vscan';
	558	caselog($command." &> /dev/null", __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
7fe908	559
MC	560
32d8e9	561	}
7fe908	562
32d8e9	563	public function configure_spamassassin()
7fe908	564	{
32d8e9	565	global $conf;
7fe908	566
32d8e9	567	//* Enable spamasasssin on debian and ubuntu
T	568	/*
	569	$configfile = '/etc/default/spamassassin';
	570	if(is_file($configfile)){
	571	copy($configfile, $configfile.'~');
	572	}
	573	$content = rf($configfile);
	574	$content = str_replace('ENABLED=0', 'ENABLED=1', $content);
	575	wf($configfile, $content);
	576	*/
	577	}
7fe908	578
32d8e9	579	public function configure_getmail()
7fe908	580	{
32d8e9	581	global $conf;
7fe908	582
32d8e9	583	$config_dir = $conf['getmail']['config_dir'];
7fe908	584
32d8e9	585	if(!is_dir($config_dir)) exec("mkdir -p ".escapeshellcmd($config_dir));
T	586
	587	$command = "useradd -d $config_dir getmail";
	588	if(!is_user('getmail')) caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
7fe908	589
32d8e9	590	$command = "chown -R getmail $config_dir";
T	591	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
7fe908	592
32d8e9	593	$command = "chmod -R 700 $config_dir";
T	594	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
	595	}
7fe908	596
MC	597
32d8e9	598	public function configure_pureftpd()
7fe908	599	{
32d8e9	600	global $conf;
7fe908	601
32d8e9	602	$config_dir = $conf['pureftpd']['config_dir'];
T	603
	604	//* configure pam for SMTP authentication agains the ispconfig database
	605	$configfile = 'db/mysql.conf';
	606	if(is_file("$config_dir/$configfile")){
7fe908	607	copy("$config_dir/$configfile", "$config_dir/$configfile~");
MC	608	}
32d8e9	609	if(is_file("$config_dir/$configfile~")){
7fe908	610	exec("chmod 400 $config_dir/$configfile~");
MC	611	}
615a0a	612	$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/pureftpd_mysql.conf.master', 'tpl/pureftpd_mysql.conf.master');
32d8e9	613	$content = str_replace('{mysql_server_ispconfig_user}', $conf["mysql"]["ispconfig_user"], $content);
T	614	$content = str_replace('{mysql_server_ispconfig_password}', $conf["mysql"]["ispconfig_password"], $content);
	615	$content = str_replace('{mysql_server_database}', $conf["mysql"]["database"], $content);
	616	$content = str_replace('{mysql_server_ip}', $conf["mysql"]["ip"], $content);
	617	$content = str_replace('{server_id}', $conf["server_id"], $content);
	618	wf("$config_dir/$configfile", $content);
	619	exec("chmod 600 $config_dir/$configfile");
	620	exec("chown root:root $config_dir/$configfile");
7fe908	621
32d8e9	622	// copy our customized copy of pureftpd.conf to the pure-ftpd config directory
615a0a	623	if(is_file($conf['ispconfig_install_dir'].'/server/conf-custom/install/opensuse_pureftpd_conf.master')) {
7fe908	624	exec("cp " . $conf['ispconfig_install_dir']."/server/conf-custom/install/opensuse_pureftpd_conf.master $config_dir/pure-ftpd.conf");
MC	625	} else {
	626	exec("cp tpl/opensuse_pureftpd_conf.master $config_dir/pure-ftpd.conf");
	627	}
	628
32d8e9	629	}
7fe908	630
32d8e9	631	public function configure_mydns()
7fe908	632	{
32d8e9	633	global $conf;
7fe908	634
32d8e9	635	// configure pam for SMTP authentication agains the ispconfig database
T	636	$configfile = 'mydns.conf';
7fe908	637	if(is_file($conf["mydns"]["config_dir"].'/'.$configfile)) copy($conf["mydns"]["config_dir"].'/'.$configfile, $conf["mydns"]["config_dir"].'/'.$configfile.'~');
32d8e9	638	if(is_file($conf["mydns"]["config_dir"].'/'.$configfile.'~')) exec('chmod 400 '.$conf["mydns"]["config_dir"].'/'.$configfile.'~');
615a0a	639	$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/'.$configfile.'.master', "tpl/".$configfile.".master");
7fe908	640	$content = str_replace('{mysql_server_ispconfig_user}', $conf['mysql']['ispconfig_user'], $content);
MC	641	$content = str_replace('{mysql_server_ispconfig_password}', $conf['mysql']['ispconfig_password'], $content);
	642	$content = str_replace('{mysql_server_database}', $conf['mysql']['database'], $content);
	643	$content = str_replace('{mysql_server_host}', $conf["mysql"]["host"], $content);
	644	$content = str_replace('{server_id}', $conf["server_id"], $content);
	645	wf($conf["mydns"]["config_dir"].'/'.$configfile, $content);
32d8e9	646	exec('chmod 600 '.$conf["mydns"]["config_dir"].'/'.$configfile);
T	647	exec('chown root:root '.$conf["mydns"]["config_dir"].'/'.$configfile);
7fe908	648
32d8e9	649	}
7fe908	650
32d8e9	651	public function configure_apache()
7fe908	652	{
32d8e9	653	global $conf;
7fe908	654
1bd269	655	if($conf['apache']['installed'] == false) return;
32d8e9	656	//* Create the logging directory for the vhost logfiles
T	657	exec('mkdir -p /var/log/ispconfig/httpd');
7fe908	658
32d8e9	659	//if(is_file('/etc/suphp.conf')) {
7fe908	660	replaceLine('/etc/suphp.conf', 'php=php', 'x-httpd-suphp="php:/srv/www/cgi-bin/php5"', 0, 0);
MC	661	replaceLine('/etc/suphp.conf', 'php="php', 'x-httpd-suphp="php:/srv/www/cgi-bin/php5"', 0, 0);
	662	replaceLine('/etc/suphp.conf', 'docroot=', 'docroot=/srv/www', 0, 0);
	663	replaceLine('/etc/suphp.conf', 'umask=0077', 'umask=0022', 0);
32d8e9	664	//}
7fe908	665
26c0fc	666	if(!file_exists('/srv/www/cgi-bin/php5') && file_exists('/srv/www/cgi-bin/php')) {
7fe908	667	symlink('/srv/www/cgi-bin/php', '/srv/www/cgi-bin/php5');
26c0fc	668	}
7fe908	669
dbe5b0	670	// Sites enabled and available dirs
32d8e9	671	exec('mkdir -p '.$conf['apache']['vhost_conf_enabled_dir']);
T	672	exec('mkdir -p '.$conf['apache']['vhost_conf_dir']);
7fe908	673
32d8e9	674	$content = rf('/etc/apache2/httpd.conf');
7fe908	675	if(!stristr($content, 'Include /etc/apache2/sites-enabled/')) {
5545f1	676	af('/etc/apache2/httpd.conf', "\n<Directory /srv/www>\n Options +FollowSymlinks\n</Directory>\n\nInclude /etc/apache2/sites-enabled/\n\n");
32d8e9	677	}
T	678	unset($content);
7fe908	679
32d8e9	680	//* Copy the ISPConfig configuration include
7fe908	681	$vhost_conf_dir = $conf['apache']['vhost_conf_dir'];
MC	682	$vhost_conf_enabled_dir = $conf['apache']['vhost_conf_enabled_dir'];
	683
ccbf14	684	$tpl = new tpl('apache_ispconfig.conf.master');
TB	685	$tpl->setVar('apache_version',getapacheversion());
	686
a2156e	687	$records = $this->db->queryAllRecords('SELECT * FROM '.$conf['mysql']['master_database'].'.server_ip WHERE server_id = '.$conf['server_id']." AND virtualhost = 'y'");
ccbf14	688	$ip_addresses = array();
TB	689
fb3a98	690	if(is_array($records) && count($records) > 0) {
32d8e9	691	foreach($records as $rec) {
a2156e	692	if($rec['ip_type'] == 'IPv6') {
T	693	$ip_address = '['.$rec['ip_address'].']';
	694	} else {
	695	$ip_address = $rec['ip_address'];
	696	}
7fe908	697	$ports = explode(',', $rec['virtualhost_port']);
a2156e	698	if(is_array($ports)) {
T	699	foreach($ports as $port) {
	700	$port = intval($port);
	701	if($port > 0 && $port < 65536 && $ip_address != '') {
ccbf14	702	$ip_addresses[] = array('ip_address' => $ip_address, 'port' => $port);
a2156e	703	}
T	704	}
	705	}
32d8e9	706	}
T	707	}
855547	708
3de838	709	if(count($ip_addresses) > 0) $tpl->setLoop('ip_adresses',$ip_addresses);
855547	710
ccbf14	711	wf($vhost_conf_dir.'/ispconfig.conf', $tpl->grab());
TB	712	unset($tpl);
7fe908	713
32d8e9	714	if(!@is_link($vhost_conf_enabled_dir."/000-ispconfig.conf")) {
T	715	exec("ln -s ".$vhost_conf_dir."/ispconfig.conf ".$vhost_conf_enabled_dir."/000-ispconfig.conf");
	716	}
7fe908	717
99d5dc	718	//* make sure that webalizer finds its config file when it is directly in /etc
T	719	if(@is_file('/etc/webalizer.conf') && !@is_dir('/etc/webalizer')) {
	720	exec('mkdir /etc/webalizer');
	721	exec('ln -s /etc/webalizer.conf /etc/webalizer/webalizer.conf');
	722	}
7fe908	723
99d5dc	724	if(is_file('/etc/webalizer/webalizer.conf')) {
T	725	// Change webalizer mode to incremental
7fe908	726	replaceLine('/etc/webalizer/webalizer.conf', '#IncrementalName', 'IncrementalName webalizer.current', 0, 0);
MC	727	replaceLine('/etc/webalizer/webalizer.conf', '#Incremental', 'Incremental yes', 0, 0);
	728	replaceLine('/etc/webalizer/webalizer.conf', '#HistoryName', 'HistoryName webalizer.hist', 0, 0);
99d5dc	729	}
7fe908	730
6b029a	731	//* add a sshusers group
T	732	$command = 'groupadd sshusers';
	733	if(!is_group('sshusers')) caselog($command.' &> /dev/null 2> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
7fe908	734
526b99	735	// create PHP-FPM pool dir
T	736	exec('mkdir -p '.$conf['nginx']['php_fpm_pool_dir']);
7fe908	737
526b99	738	$content = rf('/etc/php5/fpm/php-fpm.conf');
T	739	if(stripos($content, 'include=/etc/php5/fpm/pool.d/*.conf') === false){
7fe908	740	af('/etc/php5/fpm/php-fpm.conf', "\ninclude=/etc/php5/fpm/pool.d/*.conf");
526b99	741	}
T	742	unset($content);
	743	if(!@is_file($conf['nginx']['php_fpm_ini_path'])){
	744	if(@is_file('/etc/php5/cli/php.ini')){
	745	exec('cp -f /etc/php5/cli/php.ini '.$conf['nginx']['php_fpm_ini_path']);
	746	} elseif(@is_file('/etc/php5/fastcgi/php.ini')){
	747	exec('cp -f /etc/php5/fastcgi/php.ini '.$conf['nginx']['php_fpm_ini_path']);
	748	} elseif(@is_file('/etc/php5/apache2/php.ini')){
	749	exec('cp -f /etc/php5/apache2/php.ini '.$conf['nginx']['php_fpm_ini_path']);
	750	}
	751	}
7fe908	752
32d8e9	753	}
7fe908	754
2d86e1	755	public function configure_nginx(){
F	756	global $conf;
7fe908	757
2d86e1	758	if($conf['nginx']['installed'] == false) return;
F	759	//* Create the logging directory for the vhost logfiles
	760	if(!@is_dir($conf['ispconfig_log_dir'].'/httpd')) mkdir($conf['ispconfig_log_dir'].'/httpd', 0755, true);
7fe908	761
dbe5b0	762	// Sites enabled and available dirs
2d86e1	763	exec('mkdir -p '.$conf['nginx']['vhost_conf_enabled_dir']);
F	764	exec('mkdir -p '.$conf['nginx']['vhost_conf_dir']);
7fe908	765
dbe5b0	766	$content = rf('/etc/nginx/nginx.conf');
F	767	if(stripos($content, 'include /etc/nginx/sites-enabled/*.vhost;') === false){
	768	$content = trim($content);
7fe908	769	$content = substr($content, 0, -1)."\n include /etc/nginx/sites-enabled/*.vhost;\n}";
MC	770	wf('/etc/nginx/nginx.conf', $content);
dbe5b0	771	}
2d86e1	772	unset($content);
7fe908	773
2d86e1	774	// create PHP-FPM pool dir
F	775	exec('mkdir -p '.$conf['nginx']['php_fpm_pool_dir']);
7fe908	776
2d86e1	777	$content = rf('/etc/php5/fpm/php-fpm.conf');
F	778	if(stripos($content, 'include=/etc/php5/fpm/pool.d/*.conf') === false){
7fe908	779	af('/etc/php5/fpm/php-fpm.conf', "\ninclude=/etc/php5/fpm/pool.d/*.conf");
2d86e1	780	}
F	781	unset($content);
59feb7	782	if(!@is_file($conf['nginx']['php_fpm_ini_path'])){
F	783	if(@is_file('/etc/php5/cli/php.ini')){
	784	exec('cp -f /etc/php5/cli/php.ini '.$conf['nginx']['php_fpm_ini_path']);
	785	} elseif(@is_file('/etc/php5/fastcgi/php.ini')){
	786	exec('cp -f /etc/php5/fastcgi/php.ini '.$conf['nginx']['php_fpm_ini_path']);
	787	} elseif(@is_file('/etc/php5/apache2/php.ini')){
	788	exec('cp -f /etc/php5/apache2/php.ini '.$conf['nginx']['php_fpm_ini_path']);
	789	}
	790	}
2d86e1	791
F	792	//* make sure that webalizer finds its config file when it is directly in /etc
	793	if(@is_file('/etc/webalizer.conf') && !@is_dir('/etc/webalizer')) {
	794	mkdir('/etc/webalizer');
7fe908	795	symlink('/etc/webalizer.conf', '/etc/webalizer/webalizer.conf');
2d86e1	796	}
F	797
	798	if(is_file('/etc/webalizer/webalizer.conf')) {
	799	// Change webalizer mode to incremental
7fe908	800	replaceLine('/etc/webalizer/webalizer.conf', '#IncrementalName', 'IncrementalName webalizer.current', 0, 0);
MC	801	replaceLine('/etc/webalizer/webalizer.conf', '#Incremental', 'Incremental yes', 0, 0);
	802	replaceLine('/etc/webalizer/webalizer.conf', '#HistoryName', 'HistoryName webalizer.hist', 0, 0);
2d86e1	803	}
7fe908	804
2d86e1	805	// Check the awsatst script
F	806	if(!is_dir('/usr/share/awstats/tools')) exec('mkdir -p /usr/share/awstats/tools');
7fe908	807	if(!file_exists('/usr/share/awstats/tools/awstats_buildstaticpages.pl') && file_exists('/usr/share/doc/awstats/examples/awstats_buildstaticpages.pl')) symlink('/usr/share/doc/awstats/examples/awstats_buildstaticpages.pl', '/usr/share/awstats/tools/awstats_buildstaticpages.pl');
MC	808	if(file_exists('/etc/awstats/awstats.conf.local')) replaceLine('/etc/awstats/awstats.conf.local', 'LogFormat=4', 'LogFormat=1', 0, 1);
	809
2d86e1	810	//* add a sshusers group
F	811	$command = 'groupadd sshusers';
	812	if(!is_group('sshusers')) caselog($command.' &> /dev/null 2> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
	813	}
7fe908	814
32d8e9	815	public function configure_firewall()
T	816	{
	817	global $conf;
7fe908	818
32d8e9	819	$dist_init_scripts = $conf['init_scripts'];
7fe908	820
32d8e9	821	if(is_dir("/etc/Bastille.backup")) caselog("rm -rf /etc/Bastille.backup", __FILE__, __LINE__);
T	822	if(is_dir("/etc/Bastille")) caselog("mv -f /etc/Bastille /etc/Bastille.backup", __FILE__, __LINE__);
7fe908	823	@mkdir("/etc/Bastille", octdec($directory_mode));
MC	824	if(is_dir("/etc/Bastille.backup/firewall.d")) caselog("cp -pfr /etc/Bastille.backup/firewall.d /etc/Bastille/", __FILE__, __LINE__);
	825	if(is_file($conf['ispconfig_install_dir'].'/server/conf-custom/install/bastille-firewall.cfg.master')) {
	826	caselog("cp -f " . $conf['ispconfig_install_dir']."/server/conf-custom/install/bastille-firewall.cfg.master /etc/Bastille/bastille-firewall.cfg", __FILE__, __LINE__);
	827	} else {
	828	caselog("cp -f tpl/bastille-firewall.cfg.master /etc/Bastille/bastille-firewall.cfg", __FILE__, __LINE__);
	829	}
	830	caselog("chmod 644 /etc/Bastille/bastille-firewall.cfg", __FILE__, __LINE__);
	831	$content = rf("/etc/Bastille/bastille-firewall.cfg");
	832	$content = str_replace("{DNS_SERVERS}", "", $content);
32d8e9	833
7fe908	834	$tcp_public_services = '';
MC	835	$udp_public_services = '';
	836
fb3a98	837	$row = $this->db->queryOneRecord('SELECT * FROM '.$conf["mysql"]["database"].'.firewall WHERE server_id = '.intval($conf['server_id']));
7fe908	838
MC	839	if(trim($row["tcp_port"]) != '' \|\| trim($row["udp_port"]) != ''){
	840	$tcp_public_services = trim(str_replace(',', ' ', $row["tcp_port"]));
	841	$udp_public_services = trim(str_replace(',', ' ', $row["udp_port"]));
	842	} else {
	843	$tcp_public_services = '21 22 25 53 80 110 443 3306 8080 10000';
	844	$udp_public_services = '53';
	845	}
	846
32d8e9	847	if(!stristr($tcp_public_services, $conf['apache']['vhost_port'])) {
T	848	$tcp_public_services .= ' '.intval($conf['apache']['vhost_port']);
	849	if($row["tcp_port"] != '') $this->db->query("UPDATE firewall SET tcp_port = tcp_port + ',".intval($conf['apache']['vhost_port'])."' WHERE server_id = ".intval($conf['server_id']));
	850	}
	851
7fe908	852	$content = str_replace("{TCP_PUBLIC_SERVICES}", $tcp_public_services, $content);
MC	853	$content = str_replace("{UDP_PUBLIC_SERVICES}", $udp_public_services, $content);
32d8e9	854
7fe908	855	wf("/etc/Bastille/bastille-firewall.cfg", $content);
32d8e9	856
7fe908	857	if(is_file($dist_init_scripts."/bastille-firewall")) caselog("mv -f $dist_init_scripts/bastille-firewall $dist_init_scripts/bastille-firewall.backup", __FILE__, __LINE__);
MC	858	caselog("cp -f apps/bastille-firewall $dist_init_scripts", __FILE__, __LINE__);
	859	caselog("chmod 700 $dist_init_scripts/bastille-firewall", __FILE__, __LINE__);
32d8e9	860
7fe908	861	if(is_file("/sbin/bastille-ipchains")) caselog("mv -f /sbin/bastille-ipchains /sbin/bastille-ipchains.backup", __FILE__, __LINE__);
MC	862	caselog("cp -f apps/bastille-ipchains /sbin", __FILE__, __LINE__);
	863	caselog("chmod 700 /sbin/bastille-ipchains", __FILE__, __LINE__);
	864
	865	if(is_file("/sbin/bastille-netfilter")) caselog("mv -f /sbin/bastille-netfilter /sbin/bastille-netfilter.backup", __FILE__, __LINE__);
	866	caselog("cp -f apps/bastille-netfilter /sbin", __FILE__, __LINE__);
	867	caselog("chmod 700 /sbin/bastille-netfilter", __FILE__, __LINE__);
	868
32d8e9	869	if(!@is_dir('/var/lock/subsys')) caselog("mkdir /var/lock/subsys", __FILE__, __LINE__);
T	870
7fe908	871	exec("which ipchains &> /dev/null", $ipchains_location, $ret_val);
MC	872	if(!is_file("/sbin/ipchains") && !is_link("/sbin/ipchains") && $ret_val == 0) phpcaselog(@symlink(shell_exec("which ipchains"), "/sbin/ipchains"), 'create symlink', __FILE__, __LINE__);
	873	unset($ipchains_location);
	874	exec("which iptables &> /dev/null", $iptables_location, $ret_val);
	875	if(!is_file("/sbin/iptables") && !is_link("/sbin/iptables") && $ret_val == 0) phpcaselog(@symlink(trim(shell_exec("which iptables")), "/sbin/iptables"), 'create symlink', __FILE__, __LINE__);
	876	unset($iptables_location);
32d8e9	877
T	878	}
4ae2a0	879
32d8e9	880	public function install_ispconfig()
7fe908	881	{
32d8e9	882	global $conf;
7fe908	883
32d8e9	884	$install_dir = $conf['ispconfig_install_dir'];
T	885
	886	//* Create the ISPConfig installation directory
	887	if(!@is_dir("$install_dir")) {
	888	$command = "mkdir $install_dir";
	889	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
	890	}
7fe908	891
32d8e9	892	//* Create a ISPConfig user and group
T	893	$command = 'groupadd ispconfig';
	894	if(!is_group('ispconfig')) caselog($command.' &> /dev/null 2> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
7fe908	895
32d8e9	896	$command = "useradd -g ispconfig -d $install_dir ispconfig";
T	897	if(!is_user('ispconfig')) caselog($command.' &> /dev/null 2> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
7fe908	898
32d8e9	899	//* copy the ISPConfig interface part
T	900	$command = "cp -rf ../interface $install_dir";
	901	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
7fe908	902
32d8e9	903	//* copy the ISPConfig server part
T	904	$command = "cp -rf ../server $install_dir";
	905	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
7fe908	906
32d8e9	907	//* Create a symlink, so ISPConfig is accessible via web
T	908	// Replaced by a separate vhost definition for port 8080
	909	// $command = "ln -s $install_dir/interface/web/ /var/www/ispconfig";
	910	// caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
7fe908	911
32d8e9	912	//* Create the config file for ISPConfig interface
T	913	$configfile = 'config.inc.php';
	914	if(is_file($install_dir.'/interface/lib/'.$configfile)){
7fe908	915	copy("$install_dir/interface/lib/$configfile", "$install_dir/interface/lib/$configfile~");
MC	916	}
615a0a	917	$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/'.$configfile.'.master', "tpl/$configfile.master");
32d8e9	918	$content = str_replace('{mysql_server_ispconfig_user}', $conf['mysql']['ispconfig_user'], $content);
T	919	$content = str_replace('{mysql_server_ispconfig_password}', $conf['mysql']['ispconfig_password'], $content);
	920	$content = str_replace('{mysql_server_database}', $conf['mysql']['database'], $content);
	921	$content = str_replace('{mysql_server_host}', $conf['mysql']['host'], $content);
7fe908	922
32d8e9	923	$content = str_replace('{mysql_master_server_ispconfig_user}', $conf['mysql']['master_ispconfig_user'], $content);
T	924	$content = str_replace('{mysql_master_server_ispconfig_password}', $conf['mysql']['master_ispconfig_password'], $content);
	925	$content = str_replace('{mysql_master_server_database}', $conf['mysql']['master_database'], $content);
	926	$content = str_replace('{mysql_master_server_host}', $conf['mysql']['master_host'], $content);
7fe908	927
32d8e9	928	$content = str_replace('{server_id}', $conf['server_id'], $content);
T	929	$content = str_replace('{ispconfig_log_priority}', $conf['ispconfig_log_priority'], $content);
5898e6	930	$content = str_replace('{language}', $conf['language'], $content);
8cf78b	931	$content = str_replace('{timezone}', $conf['timezone'], $content);
41eaa8	932	$content = str_replace('{theme}', $conf['theme'], $content);
992797	933	$content = str_replace('{language_file_import_enabled}', ($conf['language_file_import_enabled'] == true)?'true':'false', $content);
7fe908	934
MC	935	wf("$install_dir/interface/lib/$configfile", $content);
	936
	937	//* Create the config file for ISPConfig server
	938	$configfile = 'config.inc.php';
	939	if(is_file($install_dir.'/server/lib/'.$configfile)){
	940	copy("$install_dir/server/lib/$configfile", "$install_dir/interface/lib/$configfile~");
	941	}
	942	$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/'.$configfile.'.master', "tpl/$configfile.master");
	943	$content = str_replace('{mysql_server_ispconfig_user}', $conf['mysql']['ispconfig_user'], $content);
	944	$content = str_replace('{mysql_server_ispconfig_password}', $conf['mysql']['ispconfig_password'], $content);
	945	$content = str_replace('{mysql_server_database}', $conf['mysql']['database'], $content);
	946	$content = str_replace('{mysql_server_host}', $conf['mysql']['host'], $content);
	947
	948	$content = str_replace('{mysql_master_server_ispconfig_user}', $conf['mysql']['master_ispconfig_user'], $content);
	949	$content = str_replace('{mysql_master_server_ispconfig_password}', $conf['mysql']['master_ispconfig_password'], $content);
	950	$content = str_replace('{mysql_master_server_database}', $conf['mysql']['master_database'], $content);
	951	$content = str_replace('{mysql_master_server_host}', $conf['mysql']['master_host'], $content);
	952
	953	$content = str_replace('{server_id}', $conf['server_id'], $content);
	954	$content = str_replace('{ispconfig_log_priority}', $conf['ispconfig_log_priority'], $content);
	955	$content = str_replace('{language}', $conf['language'], $content);
	956	$content = str_replace('{timezone}', $conf['timezone'], $content);
	957	$content = str_replace('{theme}', $conf['theme'], $content);
	958	$content = str_replace('{language_file_import_enabled}', ($conf['language_file_import_enabled'] == true)?'true':'false', $content);
	959
32d8e9	960	wf("$install_dir/server/lib/$configfile", $content);
7fe908	961
fb3a98	962	//* Create the config file for remote-actions (but only, if it does not exist, because
T	963	// the value is a autoinc-value and so changed by the remoteaction_core_module
	964	if (!file_exists($install_dir.'/server/lib/remote_action.inc.php')) {
	965	$content = '<?php' . "\n" . '$maxid_remote_action = 0;' . "\n" . '?>';
	966	wf($install_dir.'/server/lib/remote_action.inc.php', $content);
	967	}
7fe908	968
32d8e9	969	//* Enable the server modules and plugins.
T	970	// TODO: Implement a selector which modules and plugins shall be enabled.
	971	$dir = $install_dir.'/server/mods-available/';
	972	if (is_dir($dir)) {
	973	if ($dh = opendir($dir)) {
	974	while (($file = readdir($dh)) !== false) {
7fe908	975	if($file != '.' && $file != '..' && substr($file, -8, 8) == '.inc.php') {
MC	976	include_once $install_dir.'/server/mods-available/'.$file;
	977	$module_name = substr($file, 0, -8);
32d8e9	978	$tmp = new $module_name;
T	979	if($tmp->onInstall()) {
	980	if(!@is_link($install_dir.'/server/mods-enabled/'.$file)) @symlink($install_dir.'/server/mods-available/'.$file, $install_dir.'/server/mods-enabled/'.$file);
	981	if (strpos($file, '_core_module') !== false) {
	982	if(!@is_link($install_dir.'/server/mods-core/'.$file)) @symlink($install_dir.'/server/mods-available/'.$file, $install_dir.'/server/mods-core/'.$file);
	983	}
	984	}
	985	unset($tmp);
	986	}
	987	}
	988	closedir($dh);
	989	}
	990	}
7fe908	991
32d8e9	992	$dir = $install_dir.'/server/plugins-available/';
T	993	if (is_dir($dir)) {
	994	if ($dh = opendir($dir)) {
	995	while (($file = readdir($dh)) !== false) {
1bd269	996	if($conf['apache']['installed'] == true && $file == 'nginx_plugin.inc.php') continue;
F	997	if($conf['nginx']['installed'] == true && $file == 'apache2_plugin.inc.php') continue;
7fe908	998	if($file != '.' && $file != '..' && substr($file, -8, 8) == '.inc.php') {
MC	999	include_once $install_dir.'/server/plugins-available/'.$file;
	1000	$plugin_name = substr($file, 0, -8);
32d8e9	1001	$tmp = new $plugin_name;
T	1002	if($tmp->onInstall()) {
	1003	if(!@is_link($install_dir.'/server/plugins-enabled/'.$file)) @symlink($install_dir.'/server/plugins-available/'.$file, $install_dir.'/server/plugins-enabled/'.$file);
	1004	if (strpos($file, '_core_plugin') !== false) {
	1005	if(!@is_link($install_dir.'/server/plugins-core/'.$file)) @symlink($install_dir.'/server/plugins-available/'.$file, $install_dir.'/server/plugins-core/'.$file);
	1006	}
	1007	}
	1008	unset($tmp);
	1009	}
	1010	}
	1011	closedir($dh);
	1012	}
	1013	}
7fe908	1014
32d8e9	1015	// Update the server config
T	1016	$mail_server_enabled = ($conf['services']['mail'])?1:0;
	1017	$web_server_enabled = ($conf['services']['web'])?1:0;
	1018	$dns_server_enabled = ($conf['services']['dns'])?1:0;
	1019	$file_server_enabled = ($conf['services']['file'])?1:0;
	1020	$db_server_enabled = ($conf['services']['db'])?1:0;
	1021	$vserver_server_enabled = ($conf['services']['vserver'])?1:0;
	1022	$sql = "UPDATE `server` SET mail_server = '$mail_server_enabled', web_server = '$web_server_enabled', dns_server = '$dns_server_enabled', file_server = '$file_server_enabled', db_server = '$db_server_enabled', vserver_server = '$vserver_server_enabled' WHERE server_id = ".intval($conf['server_id']);
7fe908	1023
32d8e9	1024	if($conf['mysql']['master_slave_setup'] == 'y') {
T	1025	$this->dbmaster->query($sql);
	1026	$this->db->query($sql);
	1027	} else {
	1028	$this->db->query($sql);
	1029	}
7fe908	1030
3e0fc8	1031	// chown install dir to root and chmod 755
TB	1032	$command = 'chown root:root '.$install_dir;
	1033	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
	1034	$command = 'chmod 755 '.$install_dir;
32d8e9	1035	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
T	1036
fa029b	1037	//* Chmod the files and directories in the install dir
3e0fc8	1038	$command = 'chmod -R 750 '.$install_dir.'/*';
TB	1039	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
	1040
	1041	//* chown the interface files to the ispconfig user and group
	1042	$command = 'chown -R ispconfig:ispconfig '.$install_dir.'/interface';
	1043	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
	1044
	1045	//* chown the server files to the root user and group
	1046	$command = 'chown -R root:root '.$install_dir.'/server';
32d8e9	1047	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
fa029b	1048
TB	1049	//* chown the security files to the root user and group
	1050	$command = 'chown -R root:root '.$install_dir.'/security';
	1051	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
	1052
	1053	//* chown the security directory and security_settings.ini to root:ispconfig
	1054	$command = 'chown root:ispconfig '.$install_dir.'/security/security_settings.ini';
	1055	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
	1056	$command = 'chown root:ispconfig '.$install_dir.'/security';
	1057	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
7fe908	1058
32d8e9	1059	//* Make the global language file directory group writable
T	1060	exec("chmod -R 770 $install_dir/interface/lib/lang");
7fe908	1061
32d8e9	1062	//* Make the temp directory for language file exports writable
T	1063	exec("chmod -R 770 $install_dir/interface/web/temp");
7fe908	1064
32d8e9	1065	//* Make all interface language file directories group writable
T	1066	$handle = @opendir($install_dir.'/interface/web');
7fe908	1067	while ($file = @readdir($handle)) {
MC	1068	if ($file != '.' && $file != '..') {
	1069	if(@is_dir($install_dir.'/interface/web'.'/'.$file.'/lib/lang')) {
32d8e9	1070	$handle2 = opendir($install_dir.'/interface/web'.'/'.$file.'/lib/lang');
7fe908	1071	chmod($install_dir.'/interface/web'.'/'.$file.'/lib/lang', 0770);
MC	1072	while ($lang_file = @readdir($handle2)) {
32d8e9	1073	if ($lang_file != '.' && $lang_file != '..') {
7fe908	1074	chmod($install_dir.'/interface/web'.'/'.$file.'/lib/lang/'.$lang_file, 0770);
32d8e9	1075	}
T	1076	}
	1077	}
	1078	}
	1079	}
7fe908	1080
477d4e	1081	//* Make the APS directories group writable
T	1082	exec("chmod -R 770 $install_dir/interface/web/sites/aps_meta_packages");
	1083	exec("chmod -R 770 $install_dir/server/aps_packages");
7fe908	1084
32d8e9	1085	//* make sure that the server config file (not the interface one) is only readable by the root user
bfcdef	1086	chmod($install_dir.'/server/lib/config.inc.php', 0600);
T	1087	chown($install_dir.'/server/lib/config.inc.php', 'root');
	1088	chgrp($install_dir.'/server/lib/config.inc.php', 'root');
7fe908	1089
bfcdef	1090	//* Make sure thet the interface config file is readable by user ispconfig only
T	1091	chmod($install_dir.'/interface/lib/config.inc.php', 0600);
	1092	chown($install_dir.'/interface/lib/config.inc.php', 'ispconfig');
	1093	chgrp($install_dir.'/interface/lib/config.inc.php', 'ispconfig');
7fe908	1094
32d8e9	1095	if(@is_file("$install_dir/server/lib/mysql_clientdb.conf")) {
T	1096	exec("chmod 600 $install_dir/server/lib/mysql_clientdb.conf");
	1097	exec("chown root:root $install_dir/server/lib/mysql_clientdb.conf");
	1098	}
7fe908	1099
32d8e9	1100	// TODO: FIXME: add the www-data user to the ispconfig group. This is just for testing
T	1101	// and must be fixed as this will allow the apache user to read the ispconfig files.
	1102	// Later this must run as own apache server or via suexec!
63b369	1103	if($conf['apache']['installed'] == true){
5edf40	1104	//$command = 'groupmod --add-user '.$conf['apache']['user'].' ispconfig';
TB	1105	$command = 'usermod -a -G ispconfig '.$conf['apache']['user'];
63b369	1106	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
272aec	1107	if(is_group('ispapps')){
5edf40	1108	//$command = 'groupmod --add-user '.$conf['apache']['user'].' ispapps';
TB	1109	$command = 'usermod -a -G ispapps '.$conf['apache']['user'];
272aec	1110	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
F	1111	}
63b369	1112	}
F	1113	if($conf['nginx']['installed'] == true){
5edf40	1114	//$command = 'groupmod --add-user '.$conf['nginx']['user'].' ispconfig';
TB	1115	$command = 'usermod -a -G ispconfig '.$conf['nginx']['user'];
63b369	1116	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
272aec	1117	if(is_group('ispapps')){
5edf40	1118	//$command = 'groupmod --add-user '.$conf['nginx']['user'].' ispapps';
TB	1119	$command = 'usermod -a -G ispapps '.$conf['nginx']['user'];
272aec	1120	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
F	1121	}
5c93f0	1122	// add nobody user to www group, as the default php-fpm pool from opensuse runs as nobody
TB	1123	$command = 'usermod -a -G www nobody';
	1124	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
63b369	1125	}
7fe908	1126
32d8e9	1127	//* Make the shell scripts executable
T	1128	$command = "chmod +x $install_dir/server/scripts/*.sh";
	1129	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
7fe908	1130
MC	1131
7e1cfb	1132	if($conf['apache']['installed'] == true && $this->install_ispconfig_interface == true){
1bd269	1133	//* Copy the ISPConfig vhost for the controlpanel
F	1134	// TODO: These are missing! should they be "vhost_dist_*_dir" ?
	1135	$vhost_conf_dir = $conf['apache']['vhost_conf_dir'];
	1136	$vhost_conf_enabled_dir = $conf['apache']['vhost_conf_enabled_dir'];
7fe908	1137
MC	1138
1bd269	1139	// Dont just copy over the virtualhost template but add some custom settings
ccbf14	1140	$tpl = new tpl('apache_ispconfig.vhost.master');
TB	1141	$tpl->setVar('vhost_port',$conf['apache']['vhost_port']);
7fe908	1142
1bd269	1143	// comment out the listen directive if port is 80 or 443
F	1144	if($conf['apache']['vhost_port'] == 80 or $conf['apache']['vhost_port'] == 443) {
ccbf14	1145	$tpl->setVar('vhost_port_listen','#');
1bd269	1146	} else {
ccbf14	1147	$tpl->setVar('vhost_port_listen','');
1bd269	1148	}
7fe908	1149
ccbf14	1150	if(is_file($install_dir.'/interface/ssl/ispserver.crt') && is_file($install_dir.'/interface/ssl/ispserver.key')) {
TB	1151	$tpl->setVar('ssl_comment','');
1bd269	1152	} else {
ccbf14	1153	$tpl->setVar('ssl_comment','#');
1bd269	1154	}
10b4c8	1155	if(is_file($install_dir.'/interface/ssl/ispserver.crt') && is_file($install_dir.'/interface/ssl/ispserver.key') && is_file($install_dir.'/interface/ssl/ispserver.bundle')) {
ccbf14	1156	$tpl->setVar('ssl_bundle_comment','');
10b4c8	1157	} else {
ccbf14	1158	$tpl->setVar('ssl_bundle_comment','#');
10b4c8	1159	}
ccbf14	1160
TB	1161	$tpl->setVar('apache_version',getapacheversion());
7fe908	1162
fbc02f	1163	$content = $tpl->grab();
TB	1164	$content = str_replace('/var/www/', '/srv/www/', $content);
	1165	wf($vhost_conf_dir.'/ispconfig.vhost', $content);
7fe908	1166
cc6568	1167	//if(!is_file('/srv/www/php-fcgi-scripts/ispconfig/.php-fcgi-starter')) {
7fe908	1168	$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/apache_ispconfig_fcgi_starter.master', 'tpl/apache_ispconfig_fcgi_starter.master');
MC	1169	$content = str_replace('{fastcgi_bin}', $conf['fastcgi']['fastcgi_bin'], $content);
	1170	$content = str_replace('{fastcgi_phpini_path}', $conf['fastcgi']['fastcgi_phpini_path'], $content);
	1171	exec('mkdir -p /srv/www/php-fcgi-scripts/ispconfig');
	1172	wf('/srv/www/php-fcgi-scripts/ispconfig/.php-fcgi-starter', $content);
	1173	exec('chmod +x /srv/www/php-fcgi-scripts/ispconfig/.php-fcgi-starter');
	1174	exec('ln -s /usr/local/ispconfig/interface/web /srv/www/ispconfig');
	1175	exec('chown -R ispconfig:ispconfig /srv/www/php-fcgi-scripts/ispconfig');
	1176
cc6568	1177	//}
7fe908	1178
1bd269	1179	//copy('tpl/apache_ispconfig.vhost.master', "$vhost_conf_dir/ispconfig.vhost");
F	1180	//* and create the symlink
7e1cfb	1181	if($this->is_update == false) {
1bd269	1182	if(@is_link("$vhost_conf_enabled_dir/ispconfig.vhost")) unlink("$vhost_conf_enabled_dir/ispconfig.vhost");
F	1183	if(!@is_link("$vhost_conf_enabled_dir/000-ispconfig.vhost")) {
	1184	exec("ln -s $vhost_conf_dir/ispconfig.vhost $vhost_conf_enabled_dir/000-ispconfig.vhost");
	1185	}
7fe908	1186
1bd269	1187	}
7fe908	1188
1bd269	1189	// Fix a setting in vhost master file for suse
7fe908	1190	replaceLine('/usr/local/ispconfig/server/conf/vhost.conf.master', "suPHP_UserGroup", " suPHP_UserGroup <tmpl_var name='system_user'> <tmpl_var name='system_group'>", 0);
1bd269	1191	}
F	1192
7e1cfb	1193	if($conf['nginx']['installed'] == true && $this->install_ispconfig_interface == true){
1bd269	1194	//* Copy the ISPConfig vhost for the controlpanel
F	1195	$vhost_conf_dir = $conf['nginx']['vhost_conf_dir'];
	1196	$vhost_conf_enabled_dir = $conf['nginx']['vhost_conf_enabled_dir'];
	1197
	1198	// Dont just copy over the virtualhost template but add some custom settings
615a0a	1199	$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/nginx_ispconfig.vhost.master', 'tpl/nginx_ispconfig.vhost.master');
1bd269	1200	$content = str_replace('{vhost_port}', $conf['nginx']['vhost_port'], $content);
7fe908	1201
1bd269	1202	if(is_file($install_dir.'/interface/ssl/ispserver.crt') && is_file($install_dir.'/interface/ssl/ispserver.key')) {
10b4c8	1203	$content = str_replace('{ssl_on}', ' on', $content);
1bd269	1204	$content = str_replace('{ssl_comment}', '', $content);
F	1205	$content = str_replace('{fastcgi_ssl}', 'on', $content);
	1206	} else {
10b4c8	1207	$content = str_replace('{ssl_on}', ' off', $content);
1bd269	1208	$content = str_replace('{ssl_comment}', '#', $content);
F	1209	$content = str_replace('{fastcgi_ssl}', 'off', $content);
32d8e9	1210	}
7fe908	1211
ca0b77	1212	$socket_dir = escapeshellcmd($conf['nginx']['php_fpm_socket_dir']);
7fe908	1213	if(substr($socket_dir, -1) != '/') $socket_dir .= '/';
ca0b77	1214	if(!is_dir($socket_dir)) exec('mkdir -p '.$socket_dir);
F	1215	$fpm_socket = $socket_dir.'ispconfig.sock';
7fe908	1216
ca0b77	1217	//$content = str_replace('{fpm_port}', $conf['nginx']['php_fpm_start_port'], $content);
F	1218	$content = str_replace('{fpm_socket}', $fpm_socket, $content);
1bd269	1219
F	1220	wf($vhost_conf_dir.'/ispconfig.vhost', $content);
7fe908	1221
1bd269	1222	unset($content);
7fe908	1223
1bd269	1224	// PHP-FPM
F	1225	// Dont just copy over the php-fpm pool template but add some custom settings
615a0a	1226	$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/php_fpm_pool.conf.master', 'tpl/php_fpm_pool.conf.master');
1bd269	1227	$content = str_replace('{fpm_pool}', 'ispconfig', $content);
ca0b77	1228	//$content = str_replace('{fpm_port}', $conf['nginx']['php_fpm_start_port'], $content);
F	1229	$content = str_replace('{fpm_socket}', $fpm_socket, $content);
1bd269	1230	$content = str_replace('{fpm_user}', 'ispconfig', $content);
F	1231	$content = str_replace('{fpm_group}', 'ispconfig', $content);
	1232	wf($conf['nginx']['php_fpm_pool_dir'].'/ispconfig.conf', $content);
	1233
	1234	//copy('tpl/nginx_ispconfig.vhost.master', $vhost_conf_dir.'/ispconfig.vhost');
	1235	//* and create the symlink
7e1cfb	1236	if($this->is_update == false) {
1bd269	1237	if(@is_link($vhost_conf_enabled_dir.'/ispconfig.vhost')) unlink($vhost_conf_enabled_dir.'/ispconfig.vhost');
F	1238	if(!@is_link($vhost_conf_enabled_dir.'/000-ispconfig.vhost')) {
7fe908	1239	symlink($vhost_conf_dir.'/ispconfig.vhost', $vhost_conf_enabled_dir.'/000-ispconfig.vhost');
1bd269	1240	}
F	1241	}
7fe908	1242
9aec3d	1243	// create symlinks from /usr/share to phpMyAdmin and SquirrelMail, if they are installed
7fe908	1244	if(!@file_exists('/usr/share/phpmyadmin') && @is_dir('/srv/www/htdocs/phpMyAdmin')) symlink('/srv/www/htdocs/phpMyAdmin/', '/usr/share/phpmyadmin');
MC	1245	if(!@file_exists('/usr/share/squirrelmail') && @is_dir('/srv/www/htdocs/squirrelmail')) symlink('/srv/www/htdocs/squirrelmail/', '/usr/share/squirrelmail');
32d8e9	1246	}
7fe908	1247
MC	1248
32d8e9	1249	// Make the Clamav log files readable by ISPConfig
T	1250	//exec('chmod +r /var/log/clamav/clamav.log');
	1251	//exec('chmod +r /var/log/clamav/freshclam.log');
7fe908	1252
32d8e9	1253	//* Install the update script
b34f99	1254	if(is_file('/usr/local/bin/ispconfig_update_from_dev.sh')) unlink('/usr/local/bin/ispconfig_update_from_dev.sh');
MC	1255	exec('chown root /usr/local/ispconfig/server/scripts/update_from_dev.sh');
	1256	exec('chmod 700 /usr/local/ispconfig/server/scripts/update_from_dev.sh');
32d8e9	1257	exec('chown root /usr/local/ispconfig/server/scripts/update_from_tgz.sh');
T	1258	exec('chmod 700 /usr/local/ispconfig/server/scripts/update_from_tgz.sh');
	1259	exec('chown root /usr/local/ispconfig/server/scripts/ispconfig_update.sh');
	1260	exec('chmod 700 /usr/local/ispconfig/server/scripts/ispconfig_update.sh');
b34f99	1261	if(!is_link('/usr/local/bin/ispconfig_update_from_dev.sh')) exec('ln -s /usr/local/ispconfig/server/scripts/ispconfig_update.sh /usr/local/bin/ispconfig_update_from_dev.sh');
32d8e9	1262	if(!is_link('/usr/local/bin/ispconfig_update.sh')) exec('ln -s /usr/local/ispconfig/server/scripts/ispconfig_update.sh /usr/local/bin/ispconfig_update.sh');
7fe908	1263
32d8e9	1264	//set the fast cgi starter script to executable
T	1265	//exec('chmod 755 '.$install_dir.'/interface/bin/php-fcgi');
7fe908	1266
32d8e9	1267	//* Make the logs readable for the ispconfig user
T	1268	if(@is_file('/var/log/mail.log')) exec('chmod +r /var/log/mail.log');
	1269	if(@is_file('/var/log/mail.warn')) exec('chmod +r /var/log/mail.warn');
	1270	if(@is_file('/var/log/mail.err')) exec('chmod +r /var/log/mail.err');
	1271	if(@is_file('/var/log/messages')) exec('chmod +r /var/log/messages');
7fe908	1272
32d8e9	1273	//To enable apache to read the directories
T	1274	exec('chmod a+rx /usr/local/ispconfig');
	1275	exec('chmod -R 751 /usr/local/ispconfig/interface');
	1276	exec('chmod a+rx /usr/local/ispconfig/interface/web');
7fe908	1277
32d8e9	1278	//* Create the ispconfig log directory
e38d14	1279	if(!is_dir($conf['ispconfig_log_dir'])) mkdir($conf['ispconfig_log_dir']);
J	1280	if(!is_file($conf['ispconfig_log_dir'].'/ispconfig.log')) exec('touch '.$conf['ispconfig_log_dir'].'/ispconfig.log');
7fe908	1281
0c5b42	1282	if(is_user('getmail')) {
T	1283	exec('mv /usr/local/ispconfig/server/scripts/run-getmail.sh /usr/local/bin/run-getmail.sh');
	1284	exec('chown getmail /usr/local/bin/run-getmail.sh');
	1285	exec('chmod 744 /usr/local/bin/run-getmail.sh');
	1286	}
7fe908	1287
8cf78b	1288	if(is_dir($install_dir.'/interface/invoices')) {
e94a9f	1289	exec('chmod -R 770 '.escapeshellarg($install_dir.'/interface/invoices'));
T	1290	exec('chown -R ispconfig:ispconfig '.escapeshellarg($install_dir.'/interface/invoices'));
edf806	1291	}
7fe908	1292
0799f8	1293	//* Create the ispconfig auth log file and set uid/gid
T	1294	if(!is_file($conf['ispconfig_log_dir'].'/auth.log')) {
	1295	touch($conf['ispconfig_log_dir'].'/auth.log');
	1296	}
	1297	exec('chown ispconfig:ispconfig '. $conf['ispconfig_log_dir'].'/auth.log');
	1298	exec('chmod 660 '. $conf['ispconfig_log_dir'].'/auth.log');
7fe908	1299
d71bae	1300	//* Remove Domain module as its functions are available in the client module now
T	1301	if(@is_dir('/usr/local/ispconfig/interface/web/domain')) exec('rm -rf /usr/local/ispconfig/interface/web/domain');
021aec	1302
TB	1303	// Add symlink for patch tool
	1304	if(!is_link('/usr/local/bin/ispconfig_patch')) exec('ln -s /usr/local/ispconfig/server/scripts/ispconfig_patch /usr/local/bin/ispconfig_patch');
7fe908	1305
MC	1306
32d8e9	1307	}
7fe908	1308
32d8e9	1309	public function configure_dbserver()
T	1310	{
	1311	global $conf;
7fe908	1312
32d8e9	1313	//* If this server shall act as database server for client DB's, we configure this here
T	1314	$install_dir = $conf['ispconfig_install_dir'];
7fe908	1315
MC	1316	// Create a file with the database login details which
32d8e9	1317	// are used to create the client databases.
7fe908	1318
32d8e9	1319	if(!is_dir("$install_dir/server/lib")) {
T	1320	$command = "mkdir $install_dir/server/lib";
	1321	caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
	1322	}
7fe908	1323
615a0a	1324	$content = rfsel($conf['ispconfig_install_dir'].'/server/conf-custom/install/mysql_clientdb.conf.master', "tpl/mysql_clientdb.conf.master");
7fe908	1325	$content = str_replace('{hostname}', $conf['mysql']['host'], $content);
MC	1326	$content = str_replace('{username}', $conf['mysql']['admin_user'], $content);
	1327	$content = str_replace('{password}', $conf['mysql']['admin_password'], $content);
	1328	wf("$install_dir/server/lib/mysql_clientdb.conf", $content);
32d8e9	1329	exec('chmod 600 '."$install_dir/server/lib/mysql_clientdb.conf");
T	1330	exec('chown root:root '."$install_dir/server/lib/mysql_clientdb.conf");
7fe908	1331
32d8e9	1332	}
7fe908	1333
32d8e9	1334	public function install_crontab()
7fe908	1335	{
32d8e9	1336	global $conf;
7fe908	1337
32d8e9	1338	//* Root Crontab
T	1339	exec('crontab -u root -l > crontab.txt');
	1340	$existing_root_cron_jobs = file('crontab.txt');
7fe908	1341
32d8e9	1342	// remove existing ispconfig cronjobs, in case the syntax has changed
T	1343	foreach($existing_root_cron_jobs as $key => $val) {
7fe908	1344	if(stristr($val, '/usr/local/ispconfig')) unset($existing_root_cron_jobs[$key]);
32d8e9	1345	}
7fe908	1346
32d8e9	1347	$root_cron_jobs = array(
T	1348	'* * * * * /usr/local/ispconfig/server/server.sh &> /dev/null',
	1349	'30 00 * * * /usr/local/ispconfig/server/cron_daily.sh &> /dev/null'
	1350	);
7fe908	1351
b6a10a	1352	if ($conf['nginx']['installed'] == true) {
F	1353	$root_cron_jobs[] = "0 0 * * * /usr/local/ispconfig/server/scripts/create_daily_nginx_access_logs.sh &> /dev/null";
	1354	}
7fe908	1355
32d8e9	1356	foreach($root_cron_jobs as $cron_job) {
T	1357	if(!in_array($cron_job."\n", $existing_root_cron_jobs)) {
	1358	$existing_root_cron_jobs[] = $cron_job."\n";
	1359	}
	1360	}
	1361	file_put_contents('crontab.txt', $existing_root_cron_jobs);
	1362	exec('crontab -u root crontab.txt &> /dev/null');
	1363	unlink('crontab.txt');
7fe908	1364
32d8e9	1365	//* Getmail crontab
T	1366	if(is_user('getmail')) {
7fe908	1367	$cf = $conf['getmail'];
32d8e9	1368	exec('crontab -u getmail -l > crontab.txt');
T	1369	$existing_cron_jobs = file('crontab.txt');
7fe908	1370
32d8e9	1371	$cron_jobs = array(
7fe908	1372	'/5 * * * /usr/local/bin/run-getmail.sh > /dev/null 2>> /dev/null'
MC	1373	);
	1374
32d8e9	1375	// remove existing ispconfig cronjobs, in case the syntax has changed
T	1376	foreach($existing_cron_jobs as $key => $val) {
7fe908	1377	if(stristr($val, 'getmail')) unset($existing_cron_jobs[$key]);
32d8e9	1378	}
7fe908	1379
32d8e9	1380	foreach($cron_jobs as $cron_job) {
T	1381	if(!in_array($cron_job."\n", $existing_cron_jobs)) {
	1382	$existing_cron_jobs[] = $cron_job."\n";
	1383	}
	1384	}
	1385	file_put_contents('crontab.txt', $existing_cron_jobs);
	1386	exec('crontab -u getmail crontab.txt &> /dev/null');
	1387	unlink('crontab.txt');
	1388	}
7fe908	1389
32d8e9	1390	exec('touch /var/log/ispconfig/cron.log');
cc6568	1391	exec('chmod 660 /var/log/ispconfig/cron.log');
32d8e9	1392	}
T	1393
	1394	}
	1395
e38d14	1396	?>