From 0aa4efbc0b79ba9ab8a66e8facfda8cb16b7c427 Mon Sep 17 00:00:00 2001
From: tbrehm <t.brehm@ispconfig.org>
Date: Mon, 07 May 2012 11:01:19 -0400
Subject: [PATCH] Improved mysql db library.
---
install/lib/installer_base.lib.php | 154 +++++++++++++++++++++++++++++++++++++-------------
1 files changed, 113 insertions(+), 41 deletions(-)
diff --git a/install/lib/installer_base.lib.php b/install/lib/installer_base.lib.php
index ef55210..3ee0a35 100644
--- a/install/lib/installer_base.lib.php
+++ b/install/lib/installer_base.lib.php
@@ -118,12 +118,12 @@
if(is_installed('mysql') || is_installed('mysqld')) $conf['mysql']['installed'] = true;
if(is_installed('postfix')) $conf['postfix']['installed'] = true;
if(is_installed('mailman')) $conf['mailman']['installed'] = true;
- if(is_installed('apache') || is_installed('apache2') || is_installed('httpd')) $conf['apache']['installed'] = true;
+ if(is_installed('apache') || is_installed('apache2') || is_installed('httpd') || is_installed('httpd2')) $conf['apache']['installed'] = true;
if(is_installed('getmail')) $conf['getmail']['installed'] = true;
if(is_installed('courierlogger')) $conf['courier']['installed'] = true;
if(is_installed('dovecot')) $conf['dovecot']['installed'] = true;
if(is_installed('saslauthd')) $conf['saslauthd']['installed'] = true;
- if(is_installed('amavisd-new')) $conf['amavis']['installed'] = true;
+ if(is_installed('amavisd-new') || is_installed('amavisd')) $conf['amavis']['installed'] = true;
if(is_installed('clamdscan')) $conf['clamav']['installed'] = true;
if(is_installed('pure-ftpd') || is_installed('pure-ftpd-wrapper')) $conf['pureftpd']['installed'] = true;
if(is_installed('mydns') || is_installed('mydns-ng')) $conf['mydns']['installed'] = true;
@@ -132,11 +132,12 @@
if(is_installed('named') || is_installed('bind') || is_installed('bind9')) $conf['bind']['installed'] = true;
if(is_installed('squid')) $conf['squid']['installed'] = true;
if(is_installed('nginx')) $conf['nginx']['installed'] = true;
- if(is_installed('iptables') && is_installed('ufw')) $conf['ufw']['installed'] = true;
+ // if(is_installed('iptables') && is_installed('ufw')) $conf['ufw']['installed'] = true;
if(is_installed('fail2ban-server')) $conf['fail2ban']['installed'] = true;
+ if(is_installed('vzctl')) $conf['openvz']['installed'] = true;
if(is_dir("/etc/Bastille")) $conf['bastille']['installed'] = true;
- if ($conf['services']['web'] && $conf['apache']['installed'] && is_file($conf['apache']["vhost_conf_enabled_dir"]."/000-ispconfig.vhost")) $this->ispconfig_interface_installed = true;
+ if ($conf['services']['web'] && (($conf['apache']['installed'] && is_file($conf['apache']["vhost_conf_enabled_dir"]."/000-ispconfig.vhost")) || ($conf['nginx']['installed'] && is_file($conf['nginx']["vhost_conf_enabled_dir"]."/000-ispconfig.vhost")))) $this->ispconfig_interface_installed = true;
}
/** Create the database for ISPConfig */
@@ -157,10 +158,10 @@
$this->error('Stopped: Database already contains some tables.');
} else {
if($conf['mysql']['admin_password'] == '') {
- caselog("mysql --default-character-set=".$conf['mysql']['charset']." -h '".$conf['mysql']['host']."' -u '".$conf['mysql']['admin_user']."' '".$conf['mysql']['database']."' < '".ISPC_INSTALL_ROOT."/install/sql/ispconfig3.sql' &> /dev/null",
+ caselog("mysql --default-character-set=".escapeshellarg($conf['mysql']['charset'])." -h ".escapeshellarg($conf['mysql']['host'])." -u ".escapeshellarg($conf['mysql']['admin_user'])." ".escapeshellarg($conf['mysql']['database'])." < '".ISPC_INSTALL_ROOT."/install/sql/ispconfig3.sql' &> /dev/null",
__FILE__, __LINE__, 'read in ispconfig3.sql', 'could not read in ispconfig3.sql');
} else {
- caselog("mysql --default-character-set=".$conf['mysql']['charset']." -h '".$conf['mysql']['host']."' -u '".$conf['mysql']['admin_user']."' -p'".$conf['mysql']['admin_password']."' '".$conf['mysql']['database']."' < '".ISPC_INSTALL_ROOT."/install/sql/ispconfig3.sql' &> /dev/null",
+ caselog("mysql --default-character-set=".escapeshellarg($conf['mysql']['charset'])." -h ".escapeshellarg($conf['mysql']['host'])." -u ".escapeshellarg($conf['mysql']['admin_user'])." -p".escapeshellarg($conf['mysql']['admin_password'])." ".escapeshellarg($conf['mysql']['database'])." < '".ISPC_INSTALL_ROOT."/install/sql/ispconfig3.sql' &> /dev/null",
__FILE__, __LINE__, 'read in ispconfig3.sql', 'could not read in ispconfig3.sql');
}
$db_tables = $this->db->getTables();
@@ -263,9 +264,9 @@
$dns_server_enabled = ($conf['services']['dns'])?1:0;
$file_server_enabled = ($conf['services']['file'])?1:0;
$db_server_enabled = ($conf['services']['db'])?1:0;
- $vserver_server_enabled = ($conf['services']['vserver'])?1:0;
- $proxy_server_enabled = ($conf['services']['proxy'])?1:0;
- $firewall_server_enabled = ($conf['services']['firewall'])?1:0;
+ $vserver_server_enabled = ($conf['openvz']['installed'])?1:0;
+ $proxy_server_enabled = (isset($conf['services']['proxy']) && $conf['services']['proxy'])?1:0;
+ $firewall_server_enabled = (isset($conf['services']['firewall']) && $conf['services']['firewall'])?1:0;
//** Get the database version number based on the patchfiles
$found = true;
@@ -513,6 +514,10 @@
copy('tpl/'.$jk_init.'.master', $config_dir.'/'.$jk_init);
copy('tpl/'.$jk_chrootsh.'.master', $config_dir.'/'.$jk_chrootsh);
}
+
+ //* help jailkit fo find its ini files
+ if(!is_link('/usr/jk_socketd.ini')) exec('ln -s /etc/jailkit/jk_socketd.ini /usr/jk_socketd.ini');
+ if(!is_link('/usr/jk_init.ini')) exec('ln -s /etc/jailkit/jk_init.ini /usr/jk_init.ini');
}
@@ -623,11 +628,9 @@
$command = 'useradd -g '.$cf['vmail_groupname'].' -u '.$cf['vmail_userid'].' '.$cf['vmail_username'].' -d '.$cf['vmail_mailbox_base'].' -m';
if(!is_user($cf['vmail_username'])) caselog("$command &> /dev/null", __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
-
+
+ //* These postconf commands will be executed on installation and update
$postconf_commands = array (
- 'myhostname = '.$conf['hostname'],
- 'mydestination = '.$conf['hostname'].', localhost, localhost.localdomain',
- 'mynetworks = 127.0.0.0/8 [::1]/128',
'alias_maps = hash:/etc/aliases, hash:/var/lib/mailman/data/aliases',
'alias_database = hash:/etc/aliases, hash:/var/lib/mailman/data/aliases',
'virtual_alias_domains =',
@@ -661,6 +664,15 @@
'body_checks = regexp:'.$config_dir.'/body_checks',
'owner_request_special = no'
);
+
+ //* These postconf commands will be executed on installation only
+ if($this->is_update == false) {
+ $postconf_commands = array_merge($postconf_commands,array(
+ 'myhostname = '.$conf['hostname'],
+ 'mydestination = '.$conf['hostname'].', localhost, localhost.localdomain',
+ 'mynetworks = 127.0.0.0/8 [::1]/128'
+ ));
+ }
//* Create the header and body check files
touch($config_dir.'/header_checks');
@@ -670,9 +682,9 @@
//* Create the mailman files
exec('mkdir -p /var/lib/mailman/data');
- touch('/var/lib/mailman/data/aliases');
- exec('postmap /var/lib/mailman/data/aliases');
- touch('/var/lib/mailman/data/virtual-mailman');
+ if(!is_file('/var/lib/mailman/data/aliases')) touch('/var/lib/mailman/data/aliases');
+ exec('postalias /var/lib/mailman/data/aliases');
+ if(!is_file('/var/lib/mailman/data/virtual-mailman')) touch('/var/lib/mailman/data/virtual-mailman');
exec('postmap /var/lib/mailman/data/virtual-mailman');
//* Make a backup copy of the main.cf file
@@ -875,19 +887,32 @@
caselog($command." &> /dev/null", __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
}
- //* copy dovecot.conf
+ //* backup dovecot.conf
$configfile = 'dovecot.conf';
if(is_file($config_dir.'/'.$configfile)) {
copy($config_dir.'/'.$configfile, $config_dir.'/'.$configfile.'~');
}
- copy('tpl/debian_dovecot.conf.master',$config_dir.'/'.$configfile);
+
+ //* Get the dovecot version
+ exec('dovecot --version',$tmp);
+ $parts = explode('.',trim($tmp[0]));
+ $dovecot_version = $parts[0];
+ unset($tmp);
+ unset($parts);
+
+ //* Copy dovecot configuration file
+ if($dovecot_version == 2) {
+ copy('tpl/debian_dovecot2.conf.master',$config_dir.'/'.$configfile);
+ } else {
+ copy('tpl/debian_dovecot.conf.master',$config_dir.'/'.$configfile);
+ }
//* dovecot-sql.conf
$configfile = 'dovecot-sql.conf';
if(is_file($config_dir.'/'.$configfile)) {
copy($config_dir.'/'.$configfile, $config_dir.'/'.$configfile.'~');
}
- chmod($config_dir.'/'.$configfile.'~', 0400);
+ if(is_file($config_dir.'/'.$configfile.'~')) chmod($config_dir.'/'.$configfile.'~', 0400);
$content = rf('tpl/debian_dovecot-sql.conf.master');
$content = str_replace('{mysql_server_ispconfig_user}',$conf['mysql']['ispconfig_user'],$content);
$content = str_replace('{mysql_server_ispconfig_password}',$conf['mysql']['ispconfig_password'], $content);
@@ -924,12 +949,7 @@
$postconf_commands = array ();
// Check for amavisd -> pure webserver with postfix for mailing without antispam
- // Check for different names
- system('which amavisd-new', $retval); // Debian, Ubuntu, ?
- if ($retval !== 0){
- system('which amavisd', $retval); // CentOS
- }
- if ($retval === 0) {
+ if ($conf['amavis']['installed']) {
$postconf_commands[] = 'content_filter = amavis:[127.0.0.1]:10024';
$postconf_commands[] = 'receive_override_options = no_address_mappings';
}
@@ -1260,6 +1280,10 @@
*/
}
+ public function configure_fail2ban() {
+ // To Do
+ }
+
public function configure_squid()
{
global $conf;
@@ -1279,6 +1303,7 @@
exec('chown root:root '.$conf["squid"]["config_dir"].'/'.$configfile);
}
+ /*
public function configure_ufw_firewall()
{
$configfile = 'ufw.conf';
@@ -1288,6 +1313,7 @@
exec('chmod 600 /etc/ufw/ufw.conf');
exec('chown root:root /etc/ufw/ufw.conf');
}
+ */
public function configure_firewall() {
global $conf;
@@ -1394,7 +1420,11 @@
$command = 'adduser '.$conf['apache']['user'].' '.$apps_vhost_group;
caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
- if(!@is_dir($install_dir)) mkdir($install_dir, 0755, true);
+ if(!@is_dir($install_dir)){
+ mkdir($install_dir, 0755, true);
+ } else {
+ chmod($install_dir, 0755);
+ }
chown($install_dir, $apps_vhost_user);
chgrp($install_dir, $apps_vhost_group);
@@ -1453,7 +1483,11 @@
$command = 'adduser '.$conf['nginx']['user'].' '.$apps_vhost_group;
caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
- if(!@is_dir($install_dir)) mkdir($install_dir, 0755, true);
+ if(!@is_dir($install_dir)){
+ mkdir($install_dir, 0755, true);
+ } else {
+ chmod($install_dir, 0755);
+ }
chown($install_dir, $apps_vhost_user);
chgrp($install_dir, $apps_vhost_group);
@@ -1470,20 +1504,29 @@
} else {
$apps_vhost_ip = $conf['web']['apps_vhost_ip'].':';
}
+
+ $socket_dir = escapeshellcmd($conf['nginx']['php_fpm_socket_dir']);
+ if(substr($socket_dir,-1) != '/') $socket_dir .= '/';
+ if(!is_dir($socket_dir)) exec('mkdir -p '.$socket_dir);
+ $fpm_socket = $socket_dir.'apps.sock';
+ $cgi_socket = escapeshellcmd($conf['nginx']['cgi_socket']);
$content = str_replace('{apps_vhost_ip}', $apps_vhost_ip, $content);
$content = str_replace('{apps_vhost_port}', $conf['web']['apps_vhost_port'], $content);
$content = str_replace('{apps_vhost_dir}', $conf['web']['website_basedir'].'/apps', $content);
$content = str_replace('{apps_vhost_servername}', $apps_vhost_servername, $content);
- $content = str_replace('{fpm_port}', ($conf['nginx']['php_fpm_start_port']+1), $content);
+ //$content = str_replace('{fpm_port}', ($conf['nginx']['php_fpm_start_port']+1), $content);
+ $content = str_replace('{fpm_socket}', $fpm_socket, $content);
+ $content = str_replace('{cgi_socket}', $cgi_socket, $content);
wf($vhost_conf_dir.'/apps.vhost', $content);
// PHP-FPM
// Dont just copy over the php-fpm pool template but add some custom settings
- $content = rf('tpl/php_fpm_pool.conf.master');
+ $content = rf('tpl/apps_php_fpm_pool.conf.master');
$content = str_replace('{fpm_pool}', 'apps', $content);
- $content = str_replace('{fpm_port}', ($conf['nginx']['php_fpm_start_port']+1), $content);
+ //$content = str_replace('{fpm_port}', ($conf['nginx']['php_fpm_start_port']+1), $content);
+ $content = str_replace('{fpm_socket}', $fpm_socket, $content);
$content = str_replace('{fpm_user}', $apps_vhost_user, $content);
$content = str_replace('{fpm_group}', $apps_vhost_group, $content);
wf($conf['nginx']['php_fpm_pool_dir'].'/apps.conf', $content);
@@ -1570,6 +1613,7 @@
$content = str_replace('{server_id}', $conf['server_id'], $content);
$content = str_replace('{ispconfig_log_priority}', $conf['ispconfig_log_priority'], $content);
$content = str_replace('{language}', $conf['language'], $content);
+ $content = str_replace('{timezone}', $conf['timezone'], $content);
wf($install_dir.'/interface/lib/'.$configfile, $content);
@@ -1592,6 +1636,7 @@
$content = str_replace('{server_id}', $conf['server_id'], $content);
$content = str_replace('{ispconfig_log_priority}', $conf['ispconfig_log_priority'], $content);
$content = str_replace('{language}', $conf['language'], $content);
+ $content = str_replace('{timezone}', $conf['timezone'], $content);
wf($install_dir.'/server/lib/'.$configfile, $content);
@@ -1666,13 +1711,9 @@
$dns_server_enabled = ($conf['services']['dns'])?1:0;
$file_server_enabled = ($conf['services']['file'])?1:0;
$db_server_enabled = ($conf['services']['db'])?1:0;
- $vserver_server_enabled = ($conf['services']['vserver'])?1:0;
+ $vserver_server_enabled = ($conf['openvz']['installed'])?1:0;
$proxy_server_enabled = ($conf['services']['proxy'])?1:0;
$firewall_server_enabled = ($conf['services']['firewall'])?1:0;
-
-
-
-
$sql = "UPDATE `server` SET mail_server = '$mail_server_enabled', web_server = '$web_server_enabled', dns_server = '$dns_server_enabled', file_server = '$file_server_enabled', db_server = '$db_server_enabled', vserver_server = '$vserver_server_enabled', proxy_server = '$proxy_server_enabled', firewall_server = '$firewall_server_enabled' WHERE server_id = ".intval($conf['server_id']);
@@ -1728,12 +1769,31 @@
chown($install_dir.'/server/lib/mysql_clientdb.conf', 'root');
chgrp($install_dir.'/server/lib/mysql_clientdb.conf', 'root');
}
+
+ if(is_dir($install_dir.'/interface/invoices')) {
+ exec('chmod -R 770 '.escapeshellarg($install_dir.'/interface/invoices'));
+ exec('chown -R ispconfig:ispconfig '.escapeshellarg($install_dir.'/interface/invoices'));
+ }
// TODO: FIXME: add the www-data user to the ispconfig group. This is just for testing
// and must be fixed as this will allow the apache user to read the ispconfig files.
// Later this must run as own apache server or via suexec!
- $command = 'adduser www-data ispconfig';
- caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
+ if($conf['apache']['installed'] == true){
+ $command = 'adduser '.$conf['apache']['user'].' ispconfig';
+ caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
+ if(is_group('ispapps')){
+ $command = 'adduser '.$conf['apache']['user'].' ispapps';
+ caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
+ }
+ }
+ if($conf['nginx']['installed'] == true){
+ $command = 'adduser '.$conf['nginx']['user'].' ispconfig';
+ caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
+ if(is_group('ispapps')){
+ $command = 'adduser '.$conf['nginx']['user'].' ispapps';
+ caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
+ }
+ }
//* Make the shell scripts executable
$command = "chmod +x $install_dir/server/scripts/*.sh";
@@ -1800,8 +1860,14 @@
$content = str_replace('{fastcgi_ssl}', 'off', $content);
}
- $content = str_replace('{fpm_port}', $conf['nginx']['php_fpm_start_port'], $content);
-
+ $socket_dir = escapeshellcmd($conf['nginx']['php_fpm_socket_dir']);
+ if(substr($socket_dir,-1) != '/') $socket_dir .= '/';
+ if(!is_dir($socket_dir)) exec('mkdir -p '.$socket_dir);
+ $fpm_socket = $socket_dir.'ispconfig.sock';
+
+ //$content = str_replace('{fpm_port}', $conf['nginx']['php_fpm_start_port'], $content);
+ $content = str_replace('{fpm_socket}', $fpm_socket, $content);
+
wf($vhost_conf_dir.'/ispconfig.vhost', $content);
unset($content);
@@ -1810,7 +1876,8 @@
// Dont just copy over the php-fpm pool template but add some custom settings
$content = rf('tpl/php_fpm_pool.conf.master');
$content = str_replace('{fpm_pool}', 'ispconfig', $content);
- $content = str_replace('{fpm_port}', $conf['nginx']['php_fpm_start_port'], $content);
+ //$content = str_replace('{fpm_port}', $conf['nginx']['php_fpm_start_port'], $content);
+ $content = str_replace('{fpm_socket}', $fpm_socket, $content);
$content = str_replace('{fpm_user}', 'ispconfig', $content);
$content = str_replace('{fpm_group}', 'ispconfig', $content);
wf($conf['nginx']['php_fpm_pool_dir'].'/ispconfig.conf', $content);
@@ -1901,7 +1968,7 @@
wf($install_dir.'/server/lib/mysql_clientdb.conf',$content);
chmod($install_dir.'/server/lib/mysql_clientdb.conf', 0600);
chown($install_dir.'/server/lib/mysql_clientdb.conf', 'root');
- chgrp($install_dir.'/server/lib/mysql_clientdb.conf', 'root');
+ chgrp($install_dir.'/server/lib/mysql_clientdb.conf', 'root');
}
@@ -1923,6 +1990,11 @@
"* * * * * ".$install_dir."/server/server.sh > /dev/null 2>> ".$conf['ispconfig_log_dir']."/cron.log",
"30 00 * * * ".$install_dir."/server/cron_daily.sh > /dev/null 2>> ".$conf['ispconfig_log_dir']."/cron.log"
);
+
+ if ($conf['nginx']['installed'] == true) {
+ $root_cron_jobs[] = "0 0 * * * ".$install_dir."/server/scripts/create_daily_nginx_access_logs.sh &> /dev/null";
+ }
+
foreach($root_cron_jobs as $cron_job) {
if(!in_array($cron_job."\n", $existing_root_cron_jobs)) {
$existing_root_cron_jobs[] = $cron_job."\n";
--
Gitblit v1.9.1