public function install_ispconfig() { global $conf; $install_dir = $conf['ispconfig_install_dir']; //* Create the ISPConfig installation directory if (!@is_dir("{$install_dir}")) { $command = "mkdir {$install_dir}"; caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}"); } //* Create a ISPConfig user and group $command = 'groupadd ispconfig'; if (!is_group('ispconfig')) { caselog($command . ' &> /dev/null 2> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}"); } $command = "useradd -g ispconfig -d {$install_dir} ispconfig"; if (!is_user('ispconfig')) { caselog($command . ' &> /dev/null 2> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}"); } //* copy the ISPConfig interface part $command = "cp -rf ../interface {$install_dir}"; caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}"); //* copy the ISPConfig server part $command = "cp -rf ../server {$install_dir}"; caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}"); //* Make a backup of the security settings if (is_file('/usr/local/ispconfig/security/security_settings.ini')) { copy('/usr/local/ispconfig/security/security_settings.ini', '/usr/local/ispconfig/security/security_settings.ini~'); } //* copy the ISPConfig security part $command = 'cp -rf ../security ' . $install_dir; caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}"); //* Apply changed security_settings.ini values to new security_settings.ini file if (is_file('/usr/local/ispconfig/security/security_settings.ini~')) { $security_settings_old = ini_to_array(file_get_contents('/usr/local/ispconfig/security/security_settings.ini~')); $security_settings_new = ini_to_array(file_get_contents('/usr/local/ispconfig/security/security_settings.ini')); if (is_array($security_settings_new) && is_array($security_settings_old)) { foreach ($security_settings_new as $section => $sval) { if (is_array($sval)) { foreach ($sval as $key => $val) { if (isset($security_settings_old[$section]) && isset($security_settings_old[$section][$key])) { $security_settings_new[$section][$key] = $security_settings_old[$section][$key]; } } } } file_put_contents('/usr/local/ispconfig/security/security_settings.ini', array_to_ini($security_settings_new)); } } //* Create a symlink, so ISPConfig is accessible via web // Replaced by a separate vhost definition for port 8080 // $command = "ln -s $install_dir/interface/web/ /var/www/ispconfig"; // caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command"); //* Create the config file for ISPConfig interface $configfile = 'config.inc.php'; if (is_file($install_dir . '/interface/lib/' . $configfile)) { copy("{$install_dir}/interface/lib/{$configfile}", "{$install_dir}/interface/lib/{$configfile}~"); } $content = rfsel($conf['ispconfig_install_dir'] . '/server/conf-custom/install/' . $configfile . '.master', "tpl/{$configfile}.master"); $content = str_replace('{mysql_server_ispconfig_user}', $conf['mysql']['ispconfig_user'], $content); $content = str_replace('{mysql_server_ispconfig_password}', $conf['mysql']['ispconfig_password'], $content); $content = str_replace('{mysql_server_database}', $conf['mysql']['database'], $content); $content = str_replace('{mysql_server_host}', $conf['mysql']['host'], $content); $content = str_replace('{mysql_master_server_ispconfig_user}', $conf['mysql']['master_ispconfig_user'], $content); $content = str_replace('{mysql_master_server_ispconfig_password}', $conf['mysql']['master_ispconfig_password'], $content); $content = str_replace('{mysql_master_server_database}', $conf['mysql']['master_database'], $content); $content = str_replace('{mysql_master_server_host}', $conf['mysql']['master_host'], $content); $content = str_replace('{server_id}', $conf['server_id'], $content); $content = str_replace('{ispconfig_log_priority}', $conf['ispconfig_log_priority'], $content); $content = str_replace('{language}', $conf['language'], $content); $content = str_replace('{timezone}', $conf['timezone'], $content); $content = str_replace('{theme}', $conf['theme'], $content); $content = str_replace('{language_file_import_enabled}', $conf['language_file_import_enabled'] == true ? 'true' : 'false', $content); wf("{$install_dir}/interface/lib/{$configfile}", $content); //* Create the config file for ISPConfig server $configfile = 'config.inc.php'; if (is_file($install_dir . '/server/lib/' . $configfile)) { copy("{$install_dir}/server/lib/{$configfile}", "{$install_dir}/interface/lib/{$configfile}~"); } $content = rfsel($conf['ispconfig_install_dir'] . '/server/conf-custom/install/' . $configfile . '.master', "tpl/{$configfile}.master"); $content = str_replace('{mysql_server_ispconfig_user}', $conf['mysql']['ispconfig_user'], $content); $content = str_replace('{mysql_server_ispconfig_password}', $conf['mysql']['ispconfig_password'], $content); $content = str_replace('{mysql_server_database}', $conf['mysql']['database'], $content); $content = str_replace('{mysql_server_host}', $conf['mysql']['host'], $content); $content = str_replace('{mysql_master_server_ispconfig_user}', $conf['mysql']['master_ispconfig_user'], $content); $content = str_replace('{mysql_master_server_ispconfig_password}', $conf['mysql']['master_ispconfig_password'], $content); $content = str_replace('{mysql_master_server_database}', $conf['mysql']['master_database'], $content); $content = str_replace('{mysql_master_server_host}', $conf['mysql']['master_host'], $content); $content = str_replace('{server_id}', $conf['server_id'], $content); $content = str_replace('{ispconfig_log_priority}', $conf['ispconfig_log_priority'], $content); $content = str_replace('{language}', $conf['language'], $content); $content = str_replace('{timezone}', $conf['timezone'], $content); $content = str_replace('{theme}', $conf['theme'], $content); $content = str_replace('{language_file_import_enabled}', $conf['language_file_import_enabled'] == true ? 'true' : 'false', $content); wf("{$install_dir}/server/lib/{$configfile}", $content); //* Create the config file for remote-actions (but only, if it does not exist, because // the value is a autoinc-value and so changed by the remoteaction_core_module if (!file_exists($install_dir . '/server/lib/remote_action.inc.php')) { $content = '<?php' . "\n" . '$maxid_remote_action = 0;' . "\n" . '?>'; wf($install_dir . '/server/lib/remote_action.inc.php', $content); } //* Enable the server modules and plugins. // TODO: Implement a selector which modules and plugins shall be enabled. $dir = $install_dir . '/server/mods-available/'; if (is_dir($dir)) { if ($dh = opendir($dir)) { while (($file = readdir($dh)) !== false) { if ($file != '.' && $file != '..' && substr($file, -8, 8) == '.inc.php') { include_once $install_dir . '/server/mods-available/' . $file; $module_name = substr($file, 0, -8); $tmp = new $module_name(); if ($tmp->onInstall()) { if (!@is_link($install_dir . '/server/mods-enabled/' . $file)) { @symlink($install_dir . '/server/mods-available/' . $file, $install_dir . '/server/mods-enabled/' . $file); } if (strpos($file, '_core_module') !== false) { if (!@is_link($install_dir . '/server/mods-core/' . $file)) { @symlink($install_dir . '/server/mods-available/' . $file, $install_dir . '/server/mods-core/' . $file); } } } unset($tmp); } } closedir($dh); } } $dir = $install_dir . '/server/plugins-available/'; if (is_dir($dir)) { if ($dh = opendir($dir)) { while (($file = readdir($dh)) !== false) { if ($conf['apache']['installed'] == true && $file == 'nginx_plugin.inc.php') { continue; } if ($conf['nginx']['installed'] == true && $file == 'apache2_plugin.inc.php') { continue; } if ($file != '.' && $file != '..' && substr($file, -8, 8) == '.inc.php') { include_once $install_dir . '/server/plugins-available/' . $file; $plugin_name = substr($file, 0, -8); $tmp = new $plugin_name(); if ($tmp->onInstall()) { if (!@is_link($install_dir . '/server/plugins-enabled/' . $file)) { @symlink($install_dir . '/server/plugins-available/' . $file, $install_dir . '/server/plugins-enabled/' . $file); } if (strpos($file, '_core_plugin') !== false) { if (!@is_link($install_dir . '/server/plugins-core/' . $file)) { @symlink($install_dir . '/server/plugins-available/' . $file, $install_dir . '/server/plugins-core/' . $file); } } } unset($tmp); } } closedir($dh); } } // Update the server config $mail_server_enabled = $conf['services']['mail'] ? 1 : 0; $web_server_enabled = $conf['services']['web'] ? 1 : 0; $dns_server_enabled = $conf['services']['dns'] ? 1 : 0; $file_server_enabled = $conf['services']['file'] ? 1 : 0; $db_server_enabled = $conf['services']['db'] ? 1 : 0; $vserver_server_enabled = $conf['services']['vserver'] ? 1 : 0; $sql = "UPDATE `server` SET mail_server = '{$mail_server_enabled}', web_server = '{$web_server_enabled}', dns_server = '{$dns_server_enabled}', file_server = '{$file_server_enabled}', db_server = '{$db_server_enabled}', vserver_server = '{$vserver_server_enabled}' WHERE server_id = " . intval($conf['server_id']); if ($conf['mysql']['master_slave_setup'] == 'y') { $this->dbmaster->query($sql); $this->db->query($sql); } else { $this->db->query($sql); } // chown install dir to root and chmod 755 $command = 'chown root:root ' . $install_dir; caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}"); $command = 'chmod 755 ' . $install_dir; caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}"); //* Chmod the files and directories in the install dir $command = 'chmod -R 750 ' . $install_dir . '/*'; caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}"); //* chown the interface files to the ispconfig user and group $command = 'chown -R ispconfig:ispconfig ' . $install_dir . '/interface'; caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}"); //* chown the server files to the root user and group $command = 'chown -R root:root ' . $install_dir . '/server'; caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}"); //* chown the security files to the root user and group $command = 'chown -R root:root ' . $install_dir . '/security'; caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}"); //* chown the security directory and security_settings.ini to root:ispconfig $command = 'chown root:ispconfig ' . $install_dir . '/security/security_settings.ini'; caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}"); $command = 'chown root:ispconfig ' . $install_dir . '/security'; caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}"); $command = 'chown root:ispconfig ' . $install_dir . '/security/ids.whitelist'; caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}"); $command = 'chown root:ispconfig ' . $install_dir . '/security/ids.htmlfield'; caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}"); $command = 'chown root:ispconfig ' . $install_dir . '/security/apache_directives.blacklist'; caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}"); //* Make the global language file directory group writable exec("chmod -R 770 {$install_dir}/interface/lib/lang"); //* Make the temp directory for language file exports writable exec("chmod -R 770 {$install_dir}/interface/web/temp"); //* Make all interface language file directories group writable $handle = @opendir($install_dir . '/interface/web'); while ($file = @readdir($handle)) { if ($file != '.' && $file != '..') { if (@is_dir($install_dir . '/interface/web' . '/' . $file . '/lib/lang')) { $handle2 = opendir($install_dir . '/interface/web' . '/' . $file . '/lib/lang'); chmod($install_dir . '/interface/web' . '/' . $file . '/lib/lang', 0770); while ($lang_file = @readdir($handle2)) { if ($lang_file != '.' && $lang_file != '..') { chmod($install_dir . '/interface/web' . '/' . $file . '/lib/lang/' . $lang_file, 0770); } } } } } //* Make the APS directories group writable exec("chmod -R 770 {$install_dir}/interface/web/sites/aps_meta_packages"); exec("chmod -R 770 {$install_dir}/server/aps_packages"); //* make sure that the server config file (not the interface one) is only readable by the root user chmod($install_dir . '/server/lib/config.inc.php', 0600); chown($install_dir . '/server/lib/config.inc.php', 'root'); chgrp($install_dir . '/server/lib/config.inc.php', 'root'); //* Make sure thet the interface config file is readable by user ispconfig only chmod($install_dir . '/interface/lib/config.inc.php', 0600); chown($install_dir . '/interface/lib/config.inc.php', 'ispconfig'); chgrp($install_dir . '/interface/lib/config.inc.php', 'ispconfig'); if (@is_file("{$install_dir}/server/lib/mysql_clientdb.conf")) { exec("chmod 600 {$install_dir}/server/lib/mysql_clientdb.conf"); exec("chown root:root {$install_dir}/server/lib/mysql_clientdb.conf"); } if (is_dir($install_dir . '/interface/invoices')) { exec('chmod -R 770 ' . escapeshellarg($install_dir . '/interface/invoices')); exec('chown -R ispconfig:ispconfig ' . escapeshellarg($install_dir . '/interface/invoices')); } exec('chown -R root:root /usr/local/ispconfig/interface/ssl'); // TODO: FIXME: add the www-data user to the ispconfig group. This is just for testing // and must be fixed as this will allow the apache user to read the ispconfig files. // Later this must run as own apache server or via suexec! if ($conf['apache']['installed'] == true) { //$command = 'groupmod --add-user '.$conf['apache']['user'].' ispconfig'; $command = 'usermod -a -G ispconfig ' . $conf['apache']['user']; caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}"); if (is_group('ispapps')) { //$command = 'groupmod --add-user '.$conf['apache']['user'].' ispapps'; $command = 'usermod -a -G ispapps ' . $conf['apache']['user']; caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}"); } } if ($conf['nginx']['installed'] == true) { //$command = 'groupmod --add-user '.$conf['nginx']['user'].' ispconfig'; $command = 'usermod -a -G ispconfig ' . $conf['nginx']['user']; caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}"); if (is_group('ispapps')) { //$command = 'groupmod --add-user '.$conf['nginx']['user'].' ispapps'; $command = 'usermod -a -G ispapps ' . $conf['nginx']['user']; caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}"); } // add nobody user to www group, as the default php-fpm pool from opensuse runs as nobody $command = 'usermod -a -G www nobody'; caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}"); } //* Make the shell scripts executable $command = "chmod +x {$install_dir}/server/scripts/*.sh"; caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}"); if ($conf['apache']['installed'] == true && $this->install_ispconfig_interface == true) { //* Copy the ISPConfig vhost for the controlpanel // TODO: These are missing! should they be "vhost_dist_*_dir" ? $vhost_conf_dir = $conf['apache']['vhost_conf_dir']; $vhost_conf_enabled_dir = $conf['apache']['vhost_conf_enabled_dir']; // Dont just copy over the virtualhost template but add some custom settings $tpl = new tpl('apache_ispconfig.vhost.master'); $tpl->setVar('vhost_port', $conf['apache']['vhost_port']); // comment out the listen directive if port is 80 or 443 if ($conf['apache']['vhost_port'] == 80 or $conf['apache']['vhost_port'] == 443) { $tpl->setVar('vhost_port_listen', '#'); } else { $tpl->setVar('vhost_port_listen', ''); } if (is_file($install_dir . '/interface/ssl/ispserver.crt') && is_file($install_dir . '/interface/ssl/ispserver.key')) { $tpl->setVar('ssl_comment', ''); } else { $tpl->setVar('ssl_comment', '#'); } if (is_file($install_dir . '/interface/ssl/ispserver.crt') && is_file($install_dir . '/interface/ssl/ispserver.key') && is_file($install_dir . '/interface/ssl/ispserver.bundle')) { $tpl->setVar('ssl_bundle_comment', ''); } else { $tpl->setVar('ssl_bundle_comment', '#'); } $tpl->setVar('apache_version', getapacheversion()); $content = $tpl->grab(); $content = str_replace('/var/www/', '/srv/www/', $content); wf($vhost_conf_dir . '/ispconfig.vhost', $content); //if(!is_file('/srv/www/php-fcgi-scripts/ispconfig/.php-fcgi-starter')) { $content = rfsel($conf['ispconfig_install_dir'] . '/server/conf-custom/install/apache_ispconfig_fcgi_starter.master', 'tpl/apache_ispconfig_fcgi_starter.master'); $content = str_replace('{fastcgi_bin}', $conf['fastcgi']['fastcgi_bin'], $content); $content = str_replace('{fastcgi_phpini_path}', $conf['fastcgi']['fastcgi_phpini_path'], $content); exec('mkdir -p /srv/www/php-fcgi-scripts/ispconfig'); wf('/srv/www/php-fcgi-scripts/ispconfig/.php-fcgi-starter', $content); exec('chmod +x /srv/www/php-fcgi-scripts/ispconfig/.php-fcgi-starter'); exec('ln -s /usr/local/ispconfig/interface/web /srv/www/ispconfig'); exec('chown -R ispconfig:ispconfig /srv/www/php-fcgi-scripts/ispconfig'); //} //copy('tpl/apache_ispconfig.vhost.master', "$vhost_conf_dir/ispconfig.vhost"); //* and create the symlink if ($this->is_update == false) { if (@is_link("{$vhost_conf_enabled_dir}/ispconfig.vhost")) { unlink("{$vhost_conf_enabled_dir}/ispconfig.vhost"); } if (!@is_link("{$vhost_conf_enabled_dir}/000-ispconfig.vhost")) { exec("ln -s {$vhost_conf_dir}/ispconfig.vhost {$vhost_conf_enabled_dir}/000-ispconfig.vhost"); } } // Fix a setting in vhost master file for suse replaceLine('/usr/local/ispconfig/server/conf/vhost.conf.master', "suPHP_UserGroup", " suPHP_UserGroup <tmpl_var name='system_user'> <tmpl_var name='system_group'>", 0); } if ($conf['nginx']['installed'] == true && $this->install_ispconfig_interface == true) { //* Copy the ISPConfig vhost for the controlpanel $vhost_conf_dir = $conf['nginx']['vhost_conf_dir']; $vhost_conf_enabled_dir = $conf['nginx']['vhost_conf_enabled_dir']; // Dont just copy over the virtualhost template but add some custom settings $content = rfsel($conf['ispconfig_install_dir'] . '/server/conf-custom/install/nginx_ispconfig.vhost.master', 'tpl/nginx_ispconfig.vhost.master'); $content = str_replace('{vhost_port}', $conf['nginx']['vhost_port'], $content); if (is_file($install_dir . '/interface/ssl/ispserver.crt') && is_file($install_dir . '/interface/ssl/ispserver.key')) { $content = str_replace('{ssl_on}', ' on', $content); $content = str_replace('{ssl_comment}', '', $content); $content = str_replace('{fastcgi_ssl}', 'on', $content); } else { $content = str_replace('{ssl_on}', ' off', $content); $content = str_replace('{ssl_comment}', '#', $content); $content = str_replace('{fastcgi_ssl}', 'off', $content); } $socket_dir = escapeshellcmd($conf['nginx']['php_fpm_socket_dir']); if (substr($socket_dir, -1) != '/') { $socket_dir .= '/'; } if (!is_dir($socket_dir)) { exec('mkdir -p ' . $socket_dir); } $fpm_socket = $socket_dir . 'ispconfig.sock'; //$content = str_replace('{fpm_port}', $conf['nginx']['php_fpm_start_port'], $content); $content = str_replace('{fpm_socket}', $fpm_socket, $content); wf($vhost_conf_dir . '/ispconfig.vhost', $content); unset($content); // PHP-FPM // Dont just copy over the php-fpm pool template but add some custom settings $content = rfsel($conf['ispconfig_install_dir'] . '/server/conf-custom/install/php_fpm_pool.conf.master', 'tpl/php_fpm_pool.conf.master'); $content = str_replace('{fpm_pool}', 'ispconfig', $content); //$content = str_replace('{fpm_port}', $conf['nginx']['php_fpm_start_port'], $content); $content = str_replace('{fpm_socket}', $fpm_socket, $content); $content = str_replace('{fpm_user}', 'ispconfig', $content); $content = str_replace('{fpm_group}', 'ispconfig', $content); wf($conf['nginx']['php_fpm_pool_dir'] . '/ispconfig.conf', $content); //copy('tpl/nginx_ispconfig.vhost.master', $vhost_conf_dir.'/ispconfig.vhost'); //* and create the symlink if ($this->is_update == false) { if (@is_link($vhost_conf_enabled_dir . '/ispconfig.vhost')) { unlink($vhost_conf_enabled_dir . '/ispconfig.vhost'); } if (!@is_link($vhost_conf_enabled_dir . '/000-ispconfig.vhost')) { symlink($vhost_conf_dir . '/ispconfig.vhost', $vhost_conf_enabled_dir . '/000-ispconfig.vhost'); } } // create symlinks from /usr/share to phpMyAdmin and SquirrelMail, if they are installed if (!@file_exists('/usr/share/phpmyadmin') && @is_dir('/srv/www/htdocs/phpMyAdmin')) { symlink('/srv/www/htdocs/phpMyAdmin/', '/usr/share/phpmyadmin'); } if (!@file_exists('/usr/share/squirrelmail') && @is_dir('/srv/www/htdocs/squirrelmail')) { symlink('/srv/www/htdocs/squirrelmail/', '/usr/share/squirrelmail'); } } // Make the Clamav log files readable by ISPConfig //exec('chmod +r /var/log/clamav/clamav.log'); //exec('chmod +r /var/log/clamav/freshclam.log'); //* Install the update script if (is_file('/usr/local/bin/ispconfig_update_from_dev.sh')) { unlink('/usr/local/bin/ispconfig_update_from_dev.sh'); } exec('chown root /usr/local/ispconfig/server/scripts/update_from_dev.sh'); exec('chmod 700 /usr/local/ispconfig/server/scripts/update_from_dev.sh'); exec('chown root /usr/local/ispconfig/server/scripts/update_from_tgz.sh'); exec('chmod 700 /usr/local/ispconfig/server/scripts/update_from_tgz.sh'); exec('chown root /usr/local/ispconfig/server/scripts/ispconfig_update.sh'); exec('chmod 700 /usr/local/ispconfig/server/scripts/ispconfig_update.sh'); if (!is_link('/usr/local/bin/ispconfig_update_from_dev.sh')) { exec('ln -s /usr/local/ispconfig/server/scripts/ispconfig_update.sh /usr/local/bin/ispconfig_update_from_dev.sh'); } if (!is_link('/usr/local/bin/ispconfig_update.sh')) { exec('ln -s /usr/local/ispconfig/server/scripts/ispconfig_update.sh /usr/local/bin/ispconfig_update.sh'); } //set the fast cgi starter script to executable //exec('chmod 755 '.$install_dir.'/interface/bin/php-fcgi'); //* Make the logs readable for the ispconfig user if (@is_file('/var/log/mail.log')) { exec('chmod +r /var/log/mail.log'); } if (@is_file('/var/log/mail.warn')) { exec('chmod +r /var/log/mail.warn'); } if (@is_file('/var/log/mail.err')) { exec('chmod +r /var/log/mail.err'); } if (@is_file('/var/log/messages')) { exec('chmod +r /var/log/messages'); } //To enable apache to read the directories exec('chmod a+rx /usr/local/ispconfig'); exec('chmod -R 751 /usr/local/ispconfig/interface'); exec('chmod a+rx /usr/local/ispconfig/interface/web'); //* Create the ispconfig log directory if (!is_dir($conf['ispconfig_log_dir'])) { mkdir($conf['ispconfig_log_dir']); } if (!is_file($conf['ispconfig_log_dir'] . '/ispconfig.log')) { exec('touch ' . $conf['ispconfig_log_dir'] . '/ispconfig.log'); } if (is_user('getmail')) { exec('mv /usr/local/ispconfig/server/scripts/run-getmail.sh /usr/local/bin/run-getmail.sh'); exec('chown getmail /usr/local/bin/run-getmail.sh'); exec('chmod 744 /usr/local/bin/run-getmail.sh'); } if (is_dir($install_dir . '/interface/invoices')) { exec('chmod -R 770 ' . escapeshellarg($install_dir . '/interface/invoices')); exec('chown -R ispconfig:ispconfig ' . escapeshellarg($install_dir . '/interface/invoices')); } //* Create the ispconfig auth log file and set uid/gid if (!is_file($conf['ispconfig_log_dir'] . '/auth.log')) { touch($conf['ispconfig_log_dir'] . '/auth.log'); } exec('chown ispconfig:ispconfig ' . $conf['ispconfig_log_dir'] . '/auth.log'); exec('chmod 660 ' . $conf['ispconfig_log_dir'] . '/auth.log'); //* Remove Domain module as its functions are available in the client module now if (@is_dir('/usr/local/ispconfig/interface/web/domain')) { exec('rm -rf /usr/local/ispconfig/interface/web/domain'); } // Add symlink for patch tool if (!is_link('/usr/local/bin/ispconfig_patch')) { exec('ln -s /usr/local/ispconfig/server/scripts/ispconfig_patch /usr/local/bin/ispconfig_patch'); } }
function updateDbAndIni() { global $inst, $conf; //* Update $conf array with values from the server.ini that shall be preserved $tmp = $inst->db->queryOneRecord("SELECT * FROM " . $conf["mysql"]["database"] . ".server WHERE server_id = " . $conf['server_id']); $ini_array = ini_to_array(stripslashes($tmp['config'])); $current_db_version = isset($tmp['dbversion']) ? intval($tmp['dbversion']) : 0; if (!is_array($ini_array) or count($ini_array) == 0) { die('Unable to read server configuration from database.'); } $conf['services']['mail'] = $tmp['mail_server'] == 1 ? true : false; $conf['services']['web'] = $tmp['web_server'] == 1 ? true : false; $conf['services']['dns'] = $tmp['dns_server'] == 1 ? true : false; $conf['services']['file'] = $tmp['file_server'] == 1 ? true : false; $conf['services']['db'] = $tmp['db_server'] == 1 ? true : false; $conf['services']['vserver'] = $tmp['vserver_server'] == 1 ? true : false; $conf['services']['proxy'] = isset($tmp['proxy_server']) && $tmp['proxy_server'] == 1 ? true : false; $conf['services']['firewall'] = isset($tmp['firewall_server']) && $tmp['firewall_server'] == 1 ? true : false; $conf['postfix']['vmail_mailbox_base'] = $ini_array['mail']['homedir_path']; if (isset($ini_array['web']['server_type']) && $ini_array['web']['server_type'] != '') { $conf['webserver']['server_type'] = $ini_array['web']['server_type']; if ($conf['webserver']['server_type'] == 'nginx') { $conf['apache']['installed'] = false; } else { $conf['nginx']['installed'] = false; } } else { $conf['webserver']['server_type'] = 'apache'; $conf['nginx']['installed'] = false; } //* Do incremental DB updates only on installed ISPConfig versions >= 3.0.3 if (version_compare('3.0.3', ISPC_APP_VERSION, '<=')) { swriteln($inst->lng('Starting incremental database update.')); //* get the version of the db schema from the server table $found = true; while ($found == true) { $next_db_version = intval($current_db_version + 1); $sql_patch_filename = realpath(dirname(__FILE__) . '/../') . '/sql/incremental/upd_' . str_pad($next_db_version, 4, '0', STR_PAD_LEFT) . '.sql'; $php_patch_filename = realpath(dirname(__FILE__) . '/../') . '/patches/upd_' . str_pad($next_db_version, 4, '0', STR_PAD_LEFT) . '.php'; // comma separated list of version numbers were a update has to be done silently $silent_update_versions = '75'; if (is_file($sql_patch_filename)) { //* Load php patch file and instantiate object if (is_file($php_patch_filename)) { $php_patch_class_name = 'upd_' . str_pad($next_db_version, 4, '0', STR_PAD_LEFT); include_once $php_patch_filename; if (class_exists($php_patch_class_name)) { $php_patch = new $php_patch_class_name(); } else { swriteln($inst->lng('WARNING: PHP patch file') . ': ' . $php_patch_filename . ' ' . $inst->lng('contains errors.')); } } //* Exec onBeforeSQL function if (isset($php_patch) && is_object($php_patch)) { $php_patch->onBeforeSQL(); swriteln($inst->lng('Executing PHP patch file') . ': ' . $php_patch_filename); } //* Load patch file into database if (!empty($conf["mysql"]["admin_password"])) { $cmd = "mysql --default-character-set=" . escapeshellarg($conf['mysql']['charset']) . " --force -h " . escapeshellarg($conf['mysql']['host']) . " -u " . escapeshellarg($conf['mysql']['admin_user']) . " -p" . escapeshellarg($conf['mysql']['admin_password']) . " " . escapeshellarg($conf['mysql']['database']) . " < " . $sql_patch_filename; } else { $cmd = "mysql --default-character-set=" . escapeshellarg($conf['mysql']['charset']) . " --force -h " . escapeshellarg($conf['mysql']['host']) . " -u " . escapeshellarg($conf['mysql']['admin_user']) . " " . escapeshellarg($conf['mysql']['database']) . " < " . $sql_patch_filename; } if (in_array($next_db_version, explode(',', $silent_update_versions))) { $cmd .= ' > /dev/null 2> /dev/null'; } system($cmd); swriteln($inst->lng('Loading SQL patch file') . ': ' . $sql_patch_filename); //* Exec onAfterSQL function if (isset($php_patch) && is_object($php_patch)) { $php_patch->onAfterSQL(); } $current_db_version = $next_db_version; if (isset($php_patch)) { unset($php_patch); } } else { $found = false; } } //* update the database version in server table $inst->db->query("UPDATE " . $conf["mysql"]["database"] . ".server SET dbversion = '" . $current_db_version . "' WHERE server_id = " . $conf['server_id']); if ($inst->db->dbHost != $inst->dbmaster->dbHost) { $inst->dbmaster->query("UPDATE " . $conf["mysql"]["master_database"] . ".server SET dbversion = '" . $current_db_version . "' WHERE server_id = " . $conf['server_id']); } //* If ISPConfig Version < 3.0.3, we will do a full db update } else { swriteln($inst->lng('Starting full database update.')); //** Delete the old database if (!$inst->db->query('DROP DATABASE IF EXISTS ' . $conf['mysql']['database'])) { $inst->error('Unable to drop MySQL database: ' . $conf['mysql']['database'] . '.'); } //** Create the mysql database $inst->configure_database(); //** empty all databases $db_tables = $inst->db->getTables(); foreach ($db_tables as $table) { $inst->db->query("TRUNCATE {$table}"); } //** load old data back into database if (!empty($conf["mysql"]["admin_password"])) { system("mysql --default-character-set=" . escapeshellarg($conf['mysql']['charset']) . " --force -h " . escapeshellarg($conf['mysql']['host']) . " -u " . escapeshellarg($conf['mysql']['admin_user']) . " -p" . escapeshellarg($conf['mysql']['admin_password']) . " " . escapeshellarg($conf['mysql']['database']) . " < existing_db.sql"); } else { system("mysql --default-character-set=" . escapeshellarg($conf['mysql']['charset']) . " --force -h " . escapeshellarg($conf['mysql']['host']) . " -u " . escapeshellarg($conf['mysql']['admin_user']) . " " . escapeshellarg($conf['mysql']['database']) . " < existing_db.sql"); } //** Get the database version number based on the patchfile $found = true; while ($found == true) { $next_db_version = intval($current_db_version + 1); $patch_filename = realpath(dirname(__FILE__) . '/../') . '/sql/incremental/upd_' . str_pad($next_db_version, 4, '0', STR_PAD_LEFT) . '.sql'; if (is_file($patch_filename)) { $current_db_version = $next_db_version; } else { $found = false; } } //* update the database version in server table $inst->db->query("UPDATE " . $conf["mysql"]["database"] . ".server SET dbversion = '" . $current_db_version . "' WHERE server_id = " . $conf['server_id']); if ($inst->db->dbHost != $inst->dbmaster->dbHost) { $inst->dbmaster->query("UPDATE " . $conf["mysql"]["master_database"] . ".server SET dbversion = '" . $current_db_version . "' WHERE server_id = " . $conf['server_id']); } if ($conf['powerdns']['installed']) { swriteln($inst->lng('Starting full PowerDNS database update.')); //** Delete the old PowerDNS database if (!$inst->db->query('DROP DATABASE IF EXISTS ' . $conf['powerdns']['database'])) { $inst->error('Unable to drop MySQL database: ' . $conf['powerdns']['database'] . '.'); } //** Create the mysql database $inst->configure_powerdns(); //** load old data back into the PowerDNS database if (!empty($conf["mysql"]["admin_password"])) { system("mysql --default-character-set=" . escapeshellarg($conf['mysql']['charset']) . " --force -h " . escapeshellarg($conf['mysql']['host']) . " -u " . escapeshellarg($conf['mysql']['admin_user']) . " -p" . escapeshellarg($conf['mysql']['admin_password']) . " " . escapeshellarg($conf['powerdns']['database']) . " < existing_powerdns_db.sql"); } else { system("mysql --default-character-set=" . escapeshellarg($conf['mysql']['charset']) . " --force -h " . escapeshellarg($conf['mysql']['host']) . " -u " . escapeshellarg($conf['mysql']['admin_user']) . " " . escapeshellarg($conf['powerdns']['database']) . " < existing_powerdns_db.sql"); } } } //** Update server ini $tmp_server_rec = $inst->db->queryOneRecord("SELECT config FROM " . $conf["mysql"]["database"] . ".server WHERE server_id = " . $conf['server_id']); $old_ini_array = ini_to_array(stripslashes($tmp_server_rec['config'])); unset($tmp_server_rec); $tpl_ini_array = ini_to_array(rf('tpl/server.ini.master')); //* Update further distribution specific parameters for server config here //* HINT: Every line added here has to be added in installer_base.lib.php too!! $tpl_ini_array['jailkit']['jailkit_chroot_app_programs'] = $conf['jailkit']['jailkit_chroot_app_programs']; $tpl_ini_array['fastcgi']['fastcgi_phpini_path'] = $conf['fastcgi']['fastcgi_phpini_path']; $tpl_ini_array['fastcgi']['fastcgi_starter_path'] = $conf['fastcgi']['fastcgi_starter_path']; $tpl_ini_array['fastcgi']['fastcgi_bin'] = $conf['fastcgi']['fastcgi_bin']; $tpl_ini_array['server']['hostname'] = $conf['hostname']; $tpl_ini_array['server']['ip_address'] = @gethostbyname($conf['hostname']); $tpl_ini_array['web']['website_basedir'] = $conf['web']['website_basedir']; $tpl_ini_array['web']['website_path'] = $conf['web']['website_path']; $tpl_ini_array['web']['website_symlinks'] = $conf['web']['website_symlinks']; $tpl_ini_array['cron']['crontab_dir'] = $conf['cron']['crontab_dir']; $tpl_ini_array['web']['security_level'] = 20; $tpl_ini_array['web']['user'] = $conf['apache']['user']; $tpl_ini_array['web']['group'] = $conf['apache']['group']; $tpl_ini_array['web']['php_ini_path_apache'] = $conf['apache']['php_ini_path_apache']; $tpl_ini_array['web']['php_ini_path_cgi'] = $conf['apache']['php_ini_path_cgi']; $tpl_ini_array['mail']['pop3_imap_daemon'] = $conf['dovecot']['installed'] == true ? 'dovecot' : 'courier'; $tpl_ini_array['mail']['mail_filter_syntax'] = $conf['dovecot']['installed'] == true ? 'sieve' : 'maildrop'; $tpl_ini_array['dns']['bind_user'] = $conf['bind']['bind_user']; $tpl_ini_array['dns']['bind_group'] = $conf['bind']['bind_group']; $tpl_ini_array['dns']['bind_zonefiles_dir'] = $conf['bind']['bind_zonefiles_dir']; $tpl_ini_array['dns']['named_conf_path'] = $conf['bind']['named_conf_path']; $tpl_ini_array['dns']['named_conf_local_path'] = $conf['bind']['named_conf_local_path']; $tpl_ini_array['web']['nginx_vhost_conf_dir'] = $conf['nginx']['vhost_conf_dir']; $tpl_ini_array['web']['nginx_vhost_conf_enabled_dir'] = $conf['nginx']['vhost_conf_enabled_dir']; $tpl_ini_array['web']['nginx_user'] = $conf['nginx']['user']; $tpl_ini_array['web']['nginx_group'] = $conf['nginx']['group']; $tpl_ini_array['web']['nginx_cgi_socket'] = $conf['nginx']['cgi_socket']; $tpl_ini_array['web']['php_fpm_init_script'] = $conf['nginx']['php_fpm_init_script']; $tpl_ini_array['web']['php_fpm_ini_path'] = $conf['nginx']['php_fpm_ini_path']; $tpl_ini_array['web']['php_fpm_pool_dir'] = $conf['nginx']['php_fpm_pool_dir']; $tpl_ini_array['web']['php_fpm_start_port'] = $conf['nginx']['php_fpm_start_port']; $tpl_ini_array['web']['php_fpm_socket_dir'] = $conf['nginx']['php_fpm_socket_dir']; if ($conf['nginx']['installed'] == true) { $tpl_ini_array['web']['server_type'] = 'nginx'; $tpl_ini_array['global']['webserver'] = 'nginx'; } //* update the new template with the old values if (is_array($old_ini_array)) { foreach ($old_ini_array as $tmp_section_name => $tmp_section_content) { foreach ($tmp_section_content as $tmp_var_name => $tmp_var_content) { $tpl_ini_array[$tmp_section_name][$tmp_var_name] = $tmp_var_content; } } } $new_ini = array_to_ini($tpl_ini_array); $sql = "UPDATE " . $conf["mysql"]["database"] . ".server SET config = '" . mysql_real_escape_string($new_ini) . "' WHERE server_id = " . $conf['server_id']; $inst->db->query($sql); if ($inst->db->dbHost != $inst->dbmaster->dbHost) { $sql = "UPDATE " . $conf["mysql"]["master_database"] . ".server SET config = '" . mysql_real_escape_string($new_ini) . "' WHERE server_id = " . $conf['server_id']; $inst->dbmaster->query($sql); } unset($old_ini_array); unset($tpl_ini_array); unset($new_ini); //** Update system ini $tmp_server_rec = $inst->db->queryOneRecord("SELECT config FROM " . $conf["mysql"]["database"] . ".sys_ini WHERE sysini_id = 1"); $old_ini_array = ini_to_array(stripslashes($tmp_server_rec['config'])); unset($tmp_server_rec); $tpl_ini_array = ini_to_array(rf('tpl/system.ini.master')); // update the new template with the old values if (is_array($old_ini_array)) { foreach ($old_ini_array as $tmp_section_name => $tmp_section_content) { foreach ($tmp_section_content as $tmp_var_name => $tmp_var_content) { $tpl_ini_array[$tmp_section_name][$tmp_var_name] = $tmp_var_content; } } } $new_ini = array_to_ini($tpl_ini_array); $tmp = $inst->db->queryOneRecord('SELECT count(sysini_id) as number FROM ' . $conf["mysql"]["database"] . '.sys_ini WHERE 1'); if ($tmp['number'] == 0) { $inst->db->query("INSERT INTO " . $conf["mysql"]["database"] . ".sys_ini (sysini_id, config) VALUES (1,'" . mysql_real_escape_string($new_ini) . "')"); } else { $inst->db->query("UPDATE " . $conf["mysql"]["database"] . ".sys_ini SET config = '" . mysql_real_escape_string($new_ini) . "' WHERE sysini_id = 1"); } unset($old_ini_array); unset($tpl_ini_array); unset($new_ini); }
function header_config() { global $cfg, $error_feedbacks, $info_feedbacks, $params, $detail_config; $cfg_password = isset($_POST['cfg_password']) ? $_POST['cfg_password'] : $cfg['cfg_password']; $cfg_root = isset($_POST['cfg_root']) ? $_POST['cfg_root'] : $cfg['cfg_root']; $db_hostname = isset($_POST['db_hostname']) ? $_POST['db_hostname'] : $cfg['db_hostname']; $db_name = isset($_POST['db_name']) ? $_POST['db_name'] : $cfg['db_name']; $db_username = isset($_POST['db_username']) ? $_POST['db_username'] : $cfg['db_username']; $db_password = isset($_POST['db_password']) ? $_POST['db_password'] : $cfg['db_password']; $db_type = 'mysql'; $db_prefix = ''; // Process the form if (isset($_POST['write']) || isset($_POST['download']) || isset($_POST['view'])) { $cfg_path = $cfg_root . '/config.inc.php'; $tpl_path = $cfg_root . '/config.inc.tpl.php'; $values = array('cfg_password' => $cfg_password, 'cfg_root' => $cfg_root, 'db_hostname' => $db_hostname, 'db_name' => $db_name, 'db_username' => $db_username, 'db_password' => $db_password, 'db_type' => $db_type, 'db_prefix' => $db_prefix); if (isset($_POST['write']) && (!file_exists($cfg_path) || is_writable($cfg_path)) && ($fp = @fopen($cfg_path, "wt")) != FALSE) { fwrite($fp, array_to_ini($values)); fclose($fp); // Once we write the config file successfully. Try to use it. $_SESSION['logged'] = 0; header('Location: ' . $_SERVER['PHP_SELF']); return; } else { $error_feedbacks[] = 'Could not write to config.inc.php. Please check access permission or download it and write it manually'; } if (isset($_POST['download'])) { header('Content-Type: text/plain'); header('Expires: ' . gmdate('D, d M Y H:i:s') . ' GMT'); header('Content-Disposition: attachment; filename="config.inc.php"'); header('Cache-Control: must-revalidate, post-check=0, pre-check=0'); header('Pragma: public, no-cache'); header('Content-Transfer-Encoding: binary'); echo array_to_ini($values); exit; } if (isset($_POST['view'])) { header('Content-Type: text/plain'); header('Expires: ' . gmdate('D, d M Y H:i:s') . ' GMT'); header('Cache-Control: must-revalidate, post-check=0, pre-check=0'); header('Pragma: public, no-cache'); header('Content-Transfer-Encoding: binary'); echo array_to_ini($values); exit; } } if (isset($_POST['save'])) { $param_names = array('cfg_relative_url', 'cfg_absolute_url', 'cfg_language', 'cfg_title', 'cfg_webmaster_email', 'cfg_tmpdir', 'cfg_max_users', 'cfg_refresh_rate', 'cfg_user_quota', 'cfg_mailer', 'cfg_smtp_port', 'cfg_smtp_server', 'cfg_max_attachment_size', 'cfg_file_storage'); foreach ($param_names as $name) { if (isset($_POST[$name])) { $params->params[$name] = $_POST[$name]; } } $params->update(); $params->reload(); } // Okay, you are authenticated print_head(); ?> <h1><center>Base Configuration</center></h1> <form action="<?php echo $_SERVER['PHP_SELF']; ?> " method="post"> <table border="0" width="100%"> <tr><td>Config password</td><td><input type="text" name="cfg_password" value="<?php echo $cfg_password; ?> "/></td></tr> <tr><td>Root path</td><td><input type="text" name="cfg_root" value="<?php echo $cfg_root; ?> "/></td></tr> <tr><td>Database hostname</td><td><input type="text" name="db_hostname" value="<?php echo $db_hostname; ?> "/></td></tr> <tr><td>Database name</td><td><input type="text" name="db_name" value="<?php echo $db_name; ?> "/></td></tr> <tr><td>Database username</td><td><input type="text" name="db_username" value="<?php echo $db_username; ?> "/></td></tr> <tr><td>Database password</td><td><input type="text" name="db_password" value="<?php echo $db_password; ?> "/></td></tr> <tr><td colspan="2"><center> <input type="submit" name="write" value="Write"/> <input type="submit" name="download" value="Download"/> <input type="submit" name="view" value="View"/></center></td></tr> </table> <?php if ($detail_config) { ?> <h1><center>Detail Configuration</center></h1> <input type="hidden" name="detail_config" value="<?php echo $detail_config; ?> "/> <table border="0" width="100%"> <tr><td>Relative URL</td><td><input type="text" name="cfg_relative_url" value="<?php echo $params->params['cfg_relative_url']; ?> "/></td></tr> <tr><td>Absolute URL</td><td><input type="text" name="cfg_absolute_url" value="<?php echo $params->params['cfg_absolute_url']; ?> "/></td></tr> <tr><td>Document location</td><td><input type="text" name="cfg_file_storage" value="<?php echo $params->params['cfg_file_storage']; ?> "/></td></tr> <tr><td>Default language</td><td><input type="text" name="cfg_language" value="<?php echo $params->params['cfg_language']; ?> "/></td></tr> <tr><td>Title</td><td><input type="text" name="cfg_title" value="<?php echo $params->params['cfg_title']; ?> "/></td></tr> <tr><td>Webmaster email</td><td><input type="text" name="cfg_webmaster_email" value="<?php echo $params->params['cfg_webmaster_email']; ?> "/></td></tr> <tr><td>Temporary directory</td><td><input type="text" name="cfg_tmpdir" value="<?php echo $params->params['cfg_tmpdir']; ?> "/></td></tr> <tr><td>Max users</td><td><input type="text" name="cfg_max_users" value="<?php echo $params->params['cfg_max_users']; ?> "/></td></tr> <tr><td>Refresh rate</td><td><input type="text" name="cfg_refresh_rate" value="<?php echo $params->params['cfg_refresh_rate']; ?> "/></td></tr> <!-- tr><td>Enable DAV</td><td><input type="text" name="cfg_dav_switch" value="<?php echo $params->params['cfg_dav_switch']; ?> "/></td></tr --> <tr><td>User quota</td><td><input type="text" name="cfg_user_quota" value="<?php echo $params->params['cfg_user_quota']; ?> "/></td></tr> <tr><td>Mailer type</td><td><input type="text" name="cfg_mailer" value="<?php echo $params->params['cfg_mailer']; ?> "/></td></tr> <tr><td>Mail server</td><td><input type="text" name="cfg_smtp_server" value="<?php echo $params->params['cfg_smtp_server']; ?> "/></td></tr> <tr><td>Mail server port</td><td><input type="text" name="cfg_smtp_port" value="<?php echo $params->params['cfg_smtp_port']; ?> "/></td></tr> <tr><td>Max attachment size</td><td><input type="text" name="cfg_max_attachment_size" value="<?php echo $params->params['cfg_max_attachment_size']; ?> "/></td></tr> <tr><td colspan="2"><center> <input type="submit" name="save" value="Save"/></center></td></tr> </table> <?php } ?> </form> <?php print_foot(); }
public function add_database_server_record() { global $conf; if ($conf['mysql']['host'] == 'localhost') { $from_host = 'localhost'; } else { $from_host = $conf['hostname']; } // Delete ISPConfig user in the local database, in case that it exists $this->db->query("DELETE FROM mysql.user WHERE User = '******'mysql']['ispconfig_user'] . "' AND Host = '" . $from_host . "';"); $this->db->query("DELETE FROM mysql.db WHERE Db = '" . $conf['mysql']['database'] . "' AND Host = '" . $from_host . "';"); $this->db->query('FLUSH PRIVILEGES;'); //* Create the ISPConfig database user in the local database $query = 'GRANT SELECT, INSERT, UPDATE, DELETE ON ' . $conf['mysql']['database'] . ".* " . "TO '" . $conf['mysql']['ispconfig_user'] . "'@'" . $from_host . "' " . "IDENTIFIED BY '" . $conf['mysql']['ispconfig_password'] . "';"; if (!$this->db->query($query)) { $this->error('Unable to create database user: '******'mysql']['ispconfig_user'] . ' Error: ' . $this->db->errorMessage); } //* Reload database privelages $this->db->query('FLUSH PRIVILEGES;'); //* Set the database name in the DB library $this->db->dbName = $conf['mysql']['database']; $tpl_ini_array = ini_to_array(rf('tpl/server.ini.master')); //* Update further distribution specific parameters for server config here //* HINT: Every line added here has to be added in update.lib.php too!! $tpl_ini_array['web']['vhost_conf_dir'] = $conf['apache']['vhost_conf_dir']; $tpl_ini_array['web']['vhost_conf_enabled_dir'] = $conf['apache']['vhost_conf_enabled_dir']; $tpl_ini_array['jailkit']['jailkit_chroot_app_programs'] = $conf['jailkit']['jailkit_chroot_app_programs']; $tpl_ini_array['fastcgi']['fastcgi_phpini_path'] = $conf['fastcgi']['fastcgi_phpini_path']; $tpl_ini_array['fastcgi']['fastcgi_starter_path'] = $conf['fastcgi']['fastcgi_starter_path']; $tpl_ini_array['server']['hostname'] = $conf['hostname']; $tpl_ini_array['server']['ip_address'] = @gethostbyname($conf['hostname']); $tpl_ini_array['web']['website_basedir'] = $conf['web']['website_basedir']; $tpl_ini_array['web']['website_path'] = $conf['web']['website_path']; $tpl_ini_array['web']['website_symlinks'] = $conf['web']['website_symlinks']; $tpl_ini_array['cron']['crontab_dir'] = $conf['cron']['crontab_dir']; $tpl_ini_array['web']['security_level'] = 20; $tpl_ini_array['web']['user'] = $conf['apache']['user']; $tpl_ini_array['web']['group'] = $conf['apache']['group']; $tpl_ini_array['web']['php_ini_path_apache'] = $conf['apache']['php_ini_path_apache']; $tpl_ini_array['web']['php_ini_path_cgi'] = $conf['apache']['php_ini_path_cgi']; $tpl_ini_array['mail']['pop3_imap_daemon'] = $conf['dovecot']['installed'] == true ? 'dovecot' : 'courier'; $tpl_ini_array['mail']['mail_filter_syntax'] = $conf['dovecot']['installed'] == true ? 'sieve' : 'maildrop'; $tpl_ini_array['dns']['bind_user'] = $conf['bind']['bind_user']; $tpl_ini_array['dns']['bind_group'] = $conf['bind']['bind_group']; $tpl_ini_array['dns']['bind_zonefiles_dir'] = $conf['bind']['bind_zonefiles_dir']; $tpl_ini_array['dns']['named_conf_path'] = $conf['bind']['named_conf_path']; $tpl_ini_array['dns']['named_conf_local_path'] = $conf['bind']['named_conf_local_path']; $tpl_ini_array['web']['nginx_vhost_conf_dir'] = $conf['nginx']['vhost_conf_dir']; $tpl_ini_array['web']['nginx_vhost_conf_enabled_dir'] = $conf['nginx']['vhost_conf_enabled_dir']; $tpl_ini_array['web']['nginx_user'] = $conf['nginx']['user']; $tpl_ini_array['web']['nginx_group'] = $conf['nginx']['group']; $tpl_ini_array['web']['nginx_cgi_socket'] = $conf['nginx']['cgi_socket']; $tpl_ini_array['web']['php_fpm_init_script'] = $conf['nginx']['php_fpm_init_script']; $tpl_ini_array['web']['php_fpm_ini_path'] = $conf['nginx']['php_fpm_ini_path']; $tpl_ini_array['web']['php_fpm_pool_dir'] = $conf['nginx']['php_fpm_pool_dir']; $tpl_ini_array['web']['php_fpm_start_port'] = $conf['nginx']['php_fpm_start_port']; $tpl_ini_array['web']['php_fpm_socket_dir'] = $conf['nginx']['php_fpm_socket_dir']; if ($conf['nginx']['installed'] == true) { $tpl_ini_array['web']['server_type'] = 'nginx'; $tpl_ini_array['global']['webserver'] = 'nginx'; } if (array_key_exists('awstats', $conf)) { foreach ($conf['awstats'] as $aw_sett => $aw_value) { $tpl_ini_array['web']['awstats_' . $aw_sett] = $aw_value; } } $server_ini_content = array_to_ini($tpl_ini_array); $server_ini_content = mysql_real_escape_string($server_ini_content); $mail_server_enabled = $conf['services']['mail'] ? 1 : 0; $web_server_enabled = $conf['services']['web'] ? 1 : 0; $dns_server_enabled = $conf['services']['dns'] ? 1 : 0; $file_server_enabled = $conf['services']['file'] ? 1 : 0; $db_server_enabled = $conf['services']['db'] ? 1 : 0; $vserver_server_enabled = $conf['openvz']['installed'] ? 1 : 0; $proxy_server_enabled = isset($conf['services']['proxy']) && $conf['services']['proxy'] ? 1 : 0; $firewall_server_enabled = isset($conf['services']['firewall']) && $conf['services']['firewall'] ? 1 : 0; //** Get the database version number based on the patchfiles $found = true; $current_db_version = 1; while ($found == true) { $next_db_version = intval($current_db_version + 1); $patch_filename = realpath(dirname(__FILE__) . '/../') . '/sql/incremental/upd_' . str_pad($next_db_version, 4, '0', STR_PAD_LEFT) . '.sql'; if (is_file($patch_filename)) { $current_db_version = $next_db_version; } else { $found = false; } } $current_db_version = intval($current_db_version); if ($conf['mysql']['master_slave_setup'] == 'y') { //* Insert the server record in master DB $sql = "INSERT INTO `server` (`sys_userid`, `sys_groupid`, `sys_perm_user`, `sys_perm_group`, `sys_perm_other`, `server_name`, `mail_server`, `web_server`, `dns_server`, `file_server`, `db_server`, `vserver_server`, `config`, `updated`, `active`, `dbversion`,`firewall_server`,`proxy_server`) VALUES (1, 1, 'riud', 'riud', 'r', '" . $conf['hostname'] . "', '{$mail_server_enabled}', '{$web_server_enabled}', '{$dns_server_enabled}', '{$file_server_enabled}', '{$db_server_enabled}', '{$vserver_server_enabled}', '{$server_ini_content}', 0, 1, {$current_db_version}, {$proxy_server_enabled}, {$firewall_server_enabled});"; $this->dbmaster->query($sql); $conf['server_id'] = $this->dbmaster->insertID(); $conf['server_id'] = $conf['server_id']; //* Insert the same record in the local DB $sql = "INSERT INTO `server` (`server_id`, `sys_userid`, `sys_groupid`, `sys_perm_user`, `sys_perm_group`, `sys_perm_other`, `server_name`, `mail_server`, `web_server`, `dns_server`, `file_server`, `db_server`, `vserver_server`, `config`, `updated`, `active`, `dbversion`,`firewall_server`,`proxy_server`) VALUES ('" . $conf['server_id'] . "',1, 1, 'riud', 'riud', 'r', '" . $conf['hostname'] . "', '{$mail_server_enabled}', '{$web_server_enabled}', '{$dns_server_enabled}', '{$file_server_enabled}', '{$db_server_enabled}', '{$vserver_server_enabled}', '{$server_ini_content}', 0, 1, {$current_db_version}, {$proxy_server_enabled}, {$firewall_server_enabled});"; $this->db->query($sql); //* username for the ispconfig user $conf['mysql']['master_ispconfig_user'] = '******' . $conf['server_id']; $this->grant_master_database_rights(); } else { //* Insert the server, if its not a mster / slave setup $sql = "INSERT INTO `server` (`sys_userid`, `sys_groupid`, `sys_perm_user`, `sys_perm_group`, `sys_perm_other`, `server_name`, `mail_server`, `web_server`, `dns_server`, `file_server`, `db_server`, `vserver_server`, `config`, `updated`, `active`, `dbversion`,`firewall_server`,`proxy_server`) VALUES (1, 1, 'riud', 'riud', 'r', '" . $conf['hostname'] . "', '{$mail_server_enabled}', '{$web_server_enabled}', '{$dns_server_enabled}', '{$file_server_enabled}', '{$db_server_enabled}', '{$vserver_server_enabled}', '{$server_ini_content}', 0, 1, {$current_db_version}, {$proxy_server_enabled}, {$firewall_server_enabled});"; $this->db->query($sql); $conf['server_id'] = $this->db->insertID(); $conf['server_id'] = $conf['server_id']; } }
public function install_ispconfig() { global $conf; $install_dir = $conf['ispconfig_install_dir']; //* Create the ISPConfig installation directory if (!@is_dir($install_dir)) { $command = "mkdir {$install_dir}"; caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}"); } //* Create a ISPConfig user and group $command = 'groupadd ispconfig'; if (!is_group('ispconfig')) { caselog($command . ' &> /dev/null 2> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}"); } $command = 'useradd -g ispconfig -d ' . $install_dir . ' ispconfig'; if (!is_user('ispconfig')) { caselog($command . ' &> /dev/null 2> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}"); } //* copy the ISPConfig interface part $command = 'cp -rf ../interface ' . $install_dir; caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}"); //* copy the ISPConfig server part $command = 'cp -rf ../server ' . $install_dir; caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}"); //* Make a backup of the security settings if (is_file('/usr/local/ispconfig/security/security_settings.ini')) { copy('/usr/local/ispconfig/security/security_settings.ini', '/usr/local/ispconfig/security/security_settings.ini~'); } //* copy the ISPConfig security part $command = 'cp -rf ../security ' . $install_dir; caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}"); //* Apply changed security_settings.ini values to new security_settings.ini file if (is_file('/usr/local/ispconfig/security/security_settings.ini~')) { $security_settings_old = ini_to_array(file_get_contents('/usr/local/ispconfig/security/security_settings.ini~')); $security_settings_new = ini_to_array(file_get_contents('/usr/local/ispconfig/security/security_settings.ini')); if (is_array($security_settings_new) && is_array($security_settings_old)) { foreach ($security_settings_new as $section => $sval) { if (is_array($sval)) { foreach ($sval as $key => $val) { if (isset($security_settings_old[$section]) && isset($security_settings_old[$section][$key])) { $security_settings_new[$section][$key] = $security_settings_old[$section][$key]; } } } } file_put_contents('/usr/local/ispconfig/security/security_settings.ini', array_to_ini($security_settings_new)); } } //* Create a symlink, so ISPConfig is accessible via web // Replaced by a separate vhost definition for port 8080 // $command = "ln -s $install_dir/interface/web/ /home/www/ispconfig"; // caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command"); //* Create the config file for ISPConfig interface $configfile = 'config.inc.php'; if (is_file($install_dir . '/interface/lib/' . $configfile)) { copy($install_dir . '/interface/lib/' . $configfile, $install_dir . '/interface/lib/' . $configfile . '~'); } $content = rfsel($conf['ispconfig_install_dir'] . '/server/conf-custom/install/' . $configfile . '.master', 'tpl/' . $configfile . '.master'); $content = str_replace('{mysql_server_ispconfig_user}', $conf['mysql']['ispconfig_user'], $content); $content = str_replace('{mysql_server_ispconfig_password}', $conf['mysql']['ispconfig_password'], $content); $content = str_replace('{mysql_server_database}', $conf['mysql']['database'], $content); $content = str_replace('{mysql_server_host}', $conf['mysql']['host'], $content); $content = str_replace('{mysql_master_server_ispconfig_user}', $conf['mysql']['master_ispconfig_user'], $content); $content = str_replace('{mysql_master_server_ispconfig_password}', $conf['mysql']['master_ispconfig_password'], $content); $content = str_replace('{mysql_master_server_database}', $conf['mysql']['master_database'], $content); $content = str_replace('{mysql_master_server_host}', $conf['mysql']['master_host'], $content); $content = str_replace('{server_id}', $conf['server_id'], $content); $content = str_replace('{ispconfig_log_priority}', $conf['ispconfig_log_priority'], $content); $content = str_replace('{language}', $conf['language'], $content); $content = str_replace('{timezone}', $conf['timezone'], $content); $content = str_replace('{theme}', $conf['theme'], $content); $content = str_replace('{language_file_import_enabled}', $conf['language_file_import_enabled'] == true ? 'true' : 'false', $content); wf($install_dir . '/interface/lib/' . $configfile, $content); //* Create the config file for ISPConfig server $configfile = 'config.inc.php'; if (is_file($install_dir . '/server/lib/' . $configfile)) { copy($install_dir . '/server/lib/' . $configfile, $install_dir . '/interface/lib/' . $configfile . '~'); } $content = rfsel($conf['ispconfig_install_dir'] . '/server/conf-custom/install/' . $configfile . '.master', 'tpl/' . $configfile . '.master'); $content = str_replace('{mysql_server_ispconfig_user}', $conf['mysql']['ispconfig_user'], $content); $content = str_replace('{mysql_server_ispconfig_password}', $conf['mysql']['ispconfig_password'], $content); $content = str_replace('{mysql_server_database}', $conf['mysql']['database'], $content); $content = str_replace('{mysql_server_host}', $conf['mysql']['host'], $content); $content = str_replace('{mysql_master_server_ispconfig_user}', $conf['mysql']['master_ispconfig_user'], $content); $content = str_replace('{mysql_master_server_ispconfig_password}', $conf['mysql']['master_ispconfig_password'], $content); $content = str_replace('{mysql_master_server_database}', $conf['mysql']['master_database'], $content); $content = str_replace('{mysql_master_server_host}', $conf['mysql']['master_host'], $content); $content = str_replace('{server_id}', $conf['server_id'], $content); $content = str_replace('{ispconfig_log_priority}', $conf['ispconfig_log_priority'], $content); $content = str_replace('{language}', $conf['language'], $content); $content = str_replace('{timezone}', $conf['timezone'], $content); $content = str_replace('{theme}', $conf['theme'], $content); $content = str_replace('{language_file_import_enabled}', $conf['language_file_import_enabled'] == true ? 'true' : 'false', $content); wf($install_dir . '/server/lib/' . $configfile, $content); //* Create the config file for remote-actions (but only, if it does not exist, because // the value is a autoinc-value and so changed by the remoteaction_core_module if (!file_exists($install_dir . '/server/lib/remote_action.inc.php')) { $content = '<?php' . "\n" . '$maxid_remote_action = 0;' . "\n" . '?>'; wf($install_dir . '/server/lib/remote_action.inc.php', $content); } //* Enable the server modules and plugins. // TODO: Implement a selector which modules and plugins shall be enabled. $dir = $install_dir . '/server/mods-available/'; if (is_dir($dir)) { if ($dh = opendir($dir)) { while (($file = readdir($dh)) !== false) { if ($file != '.' && $file != '..' && substr($file, -8, 8) == '.inc.php') { include_once $install_dir . '/server/mods-available/' . $file; $module_name = substr($file, 0, -8); $tmp = new $module_name(); if ($tmp->onInstall()) { if (!@is_link($install_dir . '/server/mods-enabled/' . $file)) { @symlink($install_dir . '/server/mods-available/' . $file, $install_dir . '/server/mods-enabled/' . $file); // @symlink($install_dir.'/server/mods-available/'.$file, '../mods-enabled/'.$file); } if (strpos($file, '_core_module') !== false) { if (!@is_link($install_dir . '/server/mods-core/' . $file)) { @symlink($install_dir . '/server/mods-available/' . $file, $install_dir . '/server/mods-core/' . $file); // @symlink($install_dir.'/server/mods-available/'.$file, '../mods-core/'.$file); } } } unset($tmp); } } closedir($dh); } } $dir = $install_dir . '/server/plugins-available/'; if (is_dir($dir)) { if ($dh = opendir($dir)) { while (($file = readdir($dh)) !== false) { if ($conf['apache']['installed'] == true && $file == 'nginx_plugin.inc.php') { continue; } if ($conf['nginx']['installed'] == true && $file == 'apache2_plugin.inc.php') { continue; } if ($file != '.' && $file != '..' && substr($file, -8, 8) == '.inc.php') { include_once $install_dir . '/server/plugins-available/' . $file; $plugin_name = substr($file, 0, -8); $tmp = new $plugin_name(); if (method_exists($tmp, 'onInstall') && $tmp->onInstall()) { if (!@is_link($install_dir . '/server/plugins-enabled/' . $file)) { @symlink($install_dir . '/server/plugins-available/' . $file, $install_dir . '/server/plugins-enabled/' . $file); //@symlink($install_dir.'/server/plugins-available/'.$file, '../plugins-enabled/'.$file); } if (strpos($file, '_core_plugin') !== false) { if (!@is_link($install_dir . '/server/plugins-core/' . $file)) { @symlink($install_dir . '/server/plugins-available/' . $file, $install_dir . '/server/plugins-core/' . $file); //@symlink($install_dir.'/server/plugins-available/'.$file, '../plugins-core/'.$file); } } } unset($tmp); } } closedir($dh); } } // Update the server config $mail_server_enabled = $conf['services']['mail'] ? 1 : 0; $web_server_enabled = $conf['services']['web'] ? 1 : 0; $dns_server_enabled = $conf['services']['dns'] ? 1 : 0; $file_server_enabled = $conf['services']['file'] ? 1 : 0; $db_server_enabled = $conf['services']['db'] ? 1 : 0; $vserver_server_enabled = $conf['openvz']['installed'] ? 1 : 0; $proxy_server_enabled = $conf['services']['proxy'] ? 1 : 0; $firewall_server_enabled = $conf['services']['firewall'] ? 1 : 0; $sql = "UPDATE `server` SET mail_server = '{$mail_server_enabled}', web_server = '{$web_server_enabled}', dns_server = '{$dns_server_enabled}', file_server = '{$file_server_enabled}', db_server = '{$db_server_enabled}', vserver_server = '{$vserver_server_enabled}', proxy_server = '{$proxy_server_enabled}', firewall_server = '{$firewall_server_enabled}' WHERE server_id = " . intval($conf['server_id']); if ($conf['mysql']['master_slave_setup'] == 'y') { $this->dbmaster->query($sql); $this->db->query($sql); } else { $this->db->query($sql); } // chown install dir to root and chmod 755 $command = 'chown root:root ' . $install_dir; caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}"); $command = 'chmod 755 ' . $install_dir; caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}"); //* Chmod the files and directories in the install dir $command = 'chmod -R 750 ' . $install_dir . '/*'; caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}"); //* chown the interface files to the ispconfig user and group $command = 'chown -R ispconfig:ispconfig ' . $install_dir . '/interface'; caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}"); //* chown the server files to the root user and group $command = 'chown -R root:root ' . $install_dir . '/server'; caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}"); //* chown the security files to the root user and group $command = 'chown -R root:root ' . $install_dir . '/security'; caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}"); //* chown the security directory and security_settings.ini to root:ispconfig $command = 'chown root:ispconfig ' . $install_dir . '/security/security_settings.ini'; caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}"); $command = 'chown root:ispconfig ' . $install_dir . '/security'; caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}"); $command = 'chown root:ispconfig ' . $install_dir . '/security/ids.whitelist'; caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}"); $command = 'chown root:ispconfig ' . $install_dir . '/security/ids.htmlfield'; caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}"); $command = 'chown root:ispconfig ' . $install_dir . '/security/apache_directives.blacklist'; caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}"); //* Make the global language file directory group writable exec("chmod -R 770 {$install_dir}/interface/lib/lang"); //* Make the temp directory for language file exports writable if (is_dir($install_dir . '/interface/web/temp')) { exec("chmod -R 770 {$install_dir}/interface/web/temp"); } //* Make all interface language file directories group writable $handle = @opendir($install_dir . '/interface/web'); while ($file = @readdir($handle)) { if ($file != '.' && $file != '..') { if (@is_dir($install_dir . '/interface/web' . '/' . $file . '/lib/lang')) { $handle2 = opendir($install_dir . '/interface/web' . '/' . $file . '/lib/lang'); chmod($install_dir . '/interface/web' . '/' . $file . '/lib/lang', 0770); while ($lang_file = @readdir($handle2)) { if ($lang_file != '.' && $lang_file != '..') { chmod($install_dir . '/interface/web' . '/' . $file . '/lib/lang/' . $lang_file, 0770); } } } } } //* Make the APS directories group writable exec("chmod -R 770 {$install_dir}/interface/web/sites/aps_meta_packages"); exec("chmod -R 770 {$install_dir}/server/aps_packages"); //* make sure that the server config file (not the interface one) is only readable by the root user chmod($install_dir . '/server/lib/config.inc.php', 0600); chown($install_dir . '/server/lib/config.inc.php', 'root'); chgrp($install_dir . '/server/lib/config.inc.php', 'root'); //* Make sure thet the interface config file is readable by user ispconfig only chmod($install_dir . '/interface/lib/config.inc.php', 0600); chown($install_dir . '/interface/lib/config.inc.php', 'ispconfig'); chgrp($install_dir . '/interface/lib/config.inc.php', 'ispconfig'); chmod($install_dir . '/server/lib/remote_action.inc.php', 0600); chown($install_dir . '/server/lib/remote_action.inc.php', 'root'); chgrp($install_dir . '/server/lib/remote_action.inc.php', 'root'); if (@is_file($install_dir . '/server/lib/mysql_clientdb.conf')) { chmod($install_dir . '/server/lib/mysql_clientdb.conf', 0600); chown($install_dir . '/server/lib/mysql_clientdb.conf', 'root'); chgrp($install_dir . '/server/lib/mysql_clientdb.conf', 'root'); } if (is_dir($install_dir . '/interface/invoices')) { exec('chmod -R 770 ' . escapeshellarg($install_dir . '/interface/invoices')); exec('chown -R ispconfig:ispconfig ' . escapeshellarg($install_dir . '/interface/invoices')); } exec('chown -R root:root /usr/local/ispconfig/interface/ssl'); // TODO: FIXME: add the www-data user to the ispconfig group. This is just for testing // and must be fixed as this will allow the apache user to read the ispconfig files. // Later this must run as own apache server or via suexec! if ($conf['apache']['installed'] == true) { $command = 'adduser ' . $conf['apache']['user'] . ' ispconfig'; caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}"); if (is_group('ispapps')) { $command = 'adduser ' . $conf['apache']['user'] . ' ispapps'; caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}"); } } if ($conf['nginx']['installed'] == true) { $command = 'adduser ' . $conf['nginx']['user'] . ' ispconfig'; caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}"); if (is_group('ispapps')) { $command = 'adduser ' . $conf['nginx']['user'] . ' ispapps'; caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}"); } } //* Make the shell scripts executable $command = "chmod +x {$install_dir}/server/scripts/*.sh"; caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}"); if ($conf['apache']['installed'] == true && $this->install_ispconfig_interface == true) { //* Copy the ISPConfig vhost for the controlpanel $vhost_conf_dir = $conf['apache']['vhost_conf_dir']; $vhost_conf_enabled_dir = $conf['apache']['vhost_conf_enabled_dir']; // Dont just copy over the virtualhost template but add some custom settings $tpl = new tpl('apache_ispconfig.vhost.master'); $tpl->setVar('vhost_port', $conf['apache']['vhost_port']); // comment out the listen directive if port is 80 or 8443 if ($conf['apache']['vhost_port'] == 80 or $conf['apache']['vhost_port'] == 8443) { $tpl->setVar('vhost_port_listen', '#'); } else { $tpl->setVar('vhost_port_listen', ''); } if (is_file($install_dir . '/interface/ssl/ispserver.crt') && is_file($install_dir . '/interface/ssl/ispserver.key')) { $tpl->setVar('ssl_comment', ''); } else { $tpl->setVar('ssl_comment', '#'); } if (is_file($install_dir . '/interface/ssl/ispserver.crt') && is_file($install_dir . '/interface/ssl/ispserver.key') && is_file($install_dir . '/interface/ssl/ispserver.bundle')) { $tpl->setVar('ssl_bundle_comment', ''); } else { $tpl->setVar('ssl_bundle_comment', '#'); } $tpl->setVar('apache_version', getapacheversion()); wf($vhost_conf_dir . '/ispconfig.vhost', $tpl->grab()); //* and create the symlink if ($this->is_update == false) { if (@is_link($vhost_conf_enabled_dir . '/ispconfig.vhost')) { unlink($vhost_conf_enabled_dir . '/ispconfig.vhost'); } if (!@is_link($vhost_conf_enabled_dir . '/000-ispconfig.vhost')) { symlink($vhost_conf_dir . '/ispconfig.vhost', $vhost_conf_enabled_dir . '/000-ispconfig.vhost'); } } //if(!is_file('/home/www/php-fcgi-scripts/ispconfig/.php-fcgi-starter')) { $content = rfsel($conf['ispconfig_install_dir'] . '/server/conf-custom/install/apache_ispconfig_fcgi_starter.master', 'tpl/apache_ispconfig_fcgi_starter.master'); $content = str_replace('{fastcgi_bin}', $conf['fastcgi']['fastcgi_bin'], $content); $content = str_replace('{fastcgi_phpini_path}', $conf['fastcgi']['fastcgi_phpini_path'], $content); @mkdir('/home/www/php-fcgi-scripts/ispconfig', 0755, true); wf('/home/www/php-fcgi-scripts/ispconfig/.php-fcgi-starter', $content); exec('chmod +x /home/www/php-fcgi-scripts/ispconfig/.php-fcgi-starter'); @symlink($install_dir . '/interface/web', '/home/www/ispconfig'); exec('chown -R ispconfig:ispconfig /home/www/php-fcgi-scripts/ispconfig'); //} } if ($conf['nginx']['installed'] == true && $this->install_ispconfig_interface == true) { //* Copy the ISPConfig vhost for the controlpanel $vhost_conf_dir = $conf['nginx']['vhost_conf_dir']; $vhost_conf_enabled_dir = $conf['nginx']['vhost_conf_enabled_dir']; // Dont just copy over the virtualhost template but add some custom settings $content = rfsel($conf['ispconfig_install_dir'] . '/server/conf-custom/install/nginx_ispconfig.vhost.master', 'tpl/nginx_ispconfig.vhost.master'); $content = str_replace('{vhost_port}', $conf['nginx']['vhost_port'], $content); if (is_file($install_dir . '/interface/ssl/ispserver.crt') && is_file($install_dir . '/interface/ssl/ispserver.key')) { $content = str_replace('{ssl_on}', 'on', $content); $content = str_replace('{ssl_comment}', '', $content); $content = str_replace('{fastcgi_ssl}', 'on', $content); } else { $content = str_replace('{ssl_on}', 'off', $content); $content = str_replace('{ssl_comment}', '#', $content); $content = str_replace('{fastcgi_ssl}', 'off', $content); } $socket_dir = escapeshellcmd($conf['nginx']['php_fpm_socket_dir']); if (substr($socket_dir, -1) != '/') { $socket_dir .= '/'; } if (!is_dir($socket_dir)) { exec('mkdir -p ' . $socket_dir); } $fpm_socket = $socket_dir . 'ispconfig.sock'; //$content = str_replace('{fpm_port}', $conf['nginx']['php_fpm_start_port'], $content); $content = str_replace('{fpm_socket}', $fpm_socket, $content); wf($vhost_conf_dir . '/ispconfig.vhost', $content); unset($content); // PHP-FPM // Dont just copy over the php-fpm pool template but add some custom settings $content = rfsel($conf['ispconfig_install_dir'] . '/server/conf-custom/install/php_fpm_pool.conf.master', 'tpl/php_fpm_pool.conf.master'); $content = str_replace('{fpm_pool}', 'ispconfig', $content); //$content = str_replace('{fpm_port}', $conf['nginx']['php_fpm_start_port'], $content); $content = str_replace('{fpm_socket}', $fpm_socket, $content); $content = str_replace('{fpm_user}', 'ispconfig', $content); $content = str_replace('{fpm_group}', 'ispconfig', $content); wf($conf['nginx']['php_fpm_pool_dir'] . '/ispconfig.conf', $content); //copy('tpl/nginx_ispconfig.vhost.master', $vhost_conf_dir.'/ispconfig.vhost'); //* and create the symlink if ($this->is_update == false) { if (@is_link($vhost_conf_enabled_dir . '/ispconfig.vhost')) { unlink($vhost_conf_enabled_dir . '/ispconfig.vhost'); } if (!@is_link($vhost_conf_enabled_dir . '/000-ispconfig.vhost')) { symlink($vhost_conf_dir . '/ispconfig.vhost', $vhost_conf_enabled_dir . '/000-ispconfig.vhost'); } } } //* Install the update script if (is_file('/usr/local/bin/ispconfig_update_from_dev.sh')) { unlink('/usr/local/bin/ispconfig_update_from_dev.sh'); } chown($install_dir . '/server/scripts/update_from_dev.sh', 'root'); chmod($install_dir . '/server/scripts/update_from_dev.sh', 0700); chown($install_dir . '/server/scripts/update_from_tgz.sh', 'root'); chmod($install_dir . '/server/scripts/update_from_tgz.sh', 0700); chown($install_dir . '/server/scripts/ispconfig_update.sh', 'root'); chmod($install_dir . '/server/scripts/ispconfig_update.sh', 0700); if (!is_link('/usr/local/bin/ispconfig_update_from_dev.sh')) { symlink($install_dir . '/server/scripts/ispconfig_update.sh', '/usr/local/bin/ispconfig_update_from_dev.sh'); } if (!is_link('/usr/local/bin/ispconfig_update.sh')) { symlink($install_dir . '/server/scripts/ispconfig_update.sh', '/usr/local/bin/ispconfig_update.sh'); } //* Make the logs readable for the ispconfig user if (@is_file('/var/log/mail.log')) { exec('chmod +r /var/log/mail.log'); } if (@is_file('/var/log/mail.warn')) { exec('chmod +r /var/log/mail.warn'); } if (@is_file('/var/log/mail.err')) { exec('chmod +r /var/log/mail.err'); } if (@is_file('/var/log/messages')) { exec('chmod +r /var/log/messages'); } if (@is_file('/var/log/clamav/clamav.log')) { exec('chmod +r /var/log/clamav/clamav.log'); } if (@is_file('/var/log/clamav/freshclam.log')) { exec('chmod +r /var/log/clamav/freshclam.log'); } //* Create the ispconfig log file and directory if (!is_file($conf['ispconfig_log_dir'] . '/ispconfig.log')) { if (!is_dir($conf['ispconfig_log_dir'])) { mkdir($conf['ispconfig_log_dir'], 0755); } touch($conf['ispconfig_log_dir'] . '/ispconfig.log'); } //* Create the ispconfig auth log file and set uid/gid if (!is_file($conf['ispconfig_log_dir'] . '/auth.log')) { touch($conf['ispconfig_log_dir'] . '/auth.log'); } exec('chown ispconfig:ispconfig ' . $conf['ispconfig_log_dir'] . '/auth.log'); exec('chmod 660 ' . $conf['ispconfig_log_dir'] . '/auth.log'); if (is_user('getmail')) { rename($install_dir . '/server/scripts/run-getmail.sh', '/usr/local/bin/run-getmail.sh'); if (is_user('getmail')) { chown('/usr/local/bin/run-getmail.sh', 'getmail'); } chmod('/usr/local/bin/run-getmail.sh', 0744); } //* Add Log-Rotation if (is_dir('/etc/logrotate.d')) { @unlink('/etc/logrotate.d/logispc3'); // ignore, if the file is not there /* We rotate these logs in cron_daily.php $fh = fopen('/etc/logrotate.d/logispc3', 'w'); fwrite($fh, "$conf['ispconfig_log_dir']/ispconfig.log { \n" . " weekly \n" . " missingok \n" . " rotate 4 \n" . " compress \n" . " delaycompress \n" . "} \n" . "$conf['ispconfig_log_dir']/cron.log { \n" . " weekly \n" . " missingok \n" . " rotate 4 \n" . " compress \n" . " delaycompress \n" . "}"); fclose($fh); */ } //* Remove Domain module as its functions are available in the client module now if (@is_dir('/usr/local/ispconfig/interface/web/domain')) { exec('rm -rf /usr/local/ispconfig/interface/web/domain'); } //* Disable rkhunter run and update in debian cronjob as ispconfig is running and updating rkhunter if (is_file('/etc/default/rkhunter')) { replaceLine('/etc/default/rkhunter', 'CRON_DAILY_RUN="yes"', 'CRON_DAILY_RUN="no"', 1, 0); replaceLine('/etc/default/rkhunter', 'CRON_DB_UPDATE="yes"', 'CRON_DB_UPDATE="no"', 1, 0); } // Add symlink for patch tool if (!is_link('/usr/local/bin/ispconfig_patch')) { exec('ln -s /usr/local/ispconfig/server/scripts/ispconfig_patch /usr/local/bin/ispconfig_patch'); } // Change mode of a few files from amavisd if (is_file($conf['amavis']['config_dir'] . '/conf.d/50-user')) { chmod($conf['amavis']['config_dir'] . '/conf.d/50-user', 0640); } if (is_file($conf['amavis']['config_dir'] . '/50-user~')) { chmod($conf['amavis']['config_dir'] . '/50-user~', 0400); } if (is_file($conf['amavis']['config_dir'] . '/amavisd.conf')) { chmod($conf['amavis']['config_dir'] . '/amavisd.conf', 0640); } if (is_file($conf['amavis']['config_dir'] . '/amavisd.conf~')) { chmod($conf['amavis']['config_dir'] . '/amavisd.conf~', 0400); } }