Esempio n. 1
0
function apache_permissions()
{
    $unix = new unix();
    $APACHE_SRC_ACCOUNT = $unix->APACHE_SRC_ACCOUNT();
    $APACHE_SRC_GROUP = $unix->APACHE_SRC_GROUP();
    $f[] = "/var/log/apache2";
    $f[] = "/var/cache/apache2";
    $f[] = "/var/cache/apache2/mod_pagespeed";
    $f[] = "/etc/apache2/logs";
    $f[] = "/var/lib/apache2/fastcgi";
    $f[] = "/var/run/apache2";
    $f[] = "/var/www";
    while (list($index, $dir) = each($f)) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: apache2 apply permissions on `{$dir}`\n";
        if (!is_dir($dir)) {
            @mkdir($dir, 0755, true);
        }
        @chown($dir, $APACHE_SRC_ACCOUNT);
        @chgrp($dir, $APACHE_SRC_GROUP);
        $unix->chown_func($APACHE_SRC_ACCOUNT, $APACHE_SRC_GROUP, "{$dir}/*");
        $unix->chmod_func(0755, $dir);
    }
}
Esempio n. 2
0
function lighttpd_chowndir()
{
    $f = explode("\n", @file_get_contents("/etc/lighttpd/lighttpd.conf"));
    while (list($num, $line) = each($f)) {
        if (preg_match("#server\\.username.*?\"(.+?)\"#", $line, $re)) {
            $username = $re[1];
            continue;
        }
        if (preg_match("#server\\.groupname.*?\"(.+?)\"#", $line, $re)) {
            $groupname = $re[1];
            continue;
        }
        if ($groupname != null) {
            if ($username != null) {
                break;
            }
        }
    }
    if (is_file($_GET["chowndir"])) {
        @chown($_GET["chowndir"], $username);
        @chgrp($_GET["chowndir"], $groupname);
        return;
    }
    $unix = new unix();
    $unix->chown_func($username, $groupname, base64_decode($_GET["chowndir"]));
}
Esempio n. 3
0
function sessions_clean()
{
    $unix = new unix();
    $sock = new sockets();
    $TimeFile = "/etc/artica-postfix/pids/" . basename(__FILE__) . "." . __FUNCTION__ . ".time";
    $APACHE_SRC_ACCOUNT = $unix->APACHE_SRC_ACCOUNT();
    $APACHE_SRC_GROUP = $unix->APACHE_SRC_GROUP();
    $CleanPHPSessionTime = $sock->GET_INFO("CleanPHPSessionTime");
    if (!is_numeric($CleanPHPSessionTime)) {
        $CleanPHPSessionTime = 2880;
    }
    if ($unix->file_time_min($TimeFile) < 60) {
        return;
    }
    @unlink($TimeFile);
    @file_put_contents($TimeFile, time());
    if ($CleanPHPSessionTime > 5) {
        if (is_dir("/var/lib/php5")) {
            foreach (glob("/var/lib/php5/*") as $filename) {
                $unix->chown_func($APACHE_SRC_ACCOUNT, $APACHE_SRC_GROUP, $filename);
                $time = $unix->file_time_min($filename);
                if ($time > 2880) {
                    $unix->_syslog("Clean: Remove PHP Session file " . basename($filename) . " {$time}Mn", basename(__FILE__));
                    @unlink($filename);
                }
            }
        }
        if (is_dir("/var/lib/php5-zarafa")) {
            foreach (glob("/var/lib/php5-zarafa/*") as $filename) {
                $time = $unix->file_time_min($filename);
                if ($time > 2880) {
                    $unix->_syslog("Clean: Remove PHP Zarafa Session file " . basename($filename) . " {$time}Mn", basename(__FILE__));
                    @unlink($filename);
                }
            }
        }
    }
    foreach (glob("/usr/share/artica-postfix/ressources/logs/jGrowl/*") as $filename) {
        $time = $unix->file_time_min($filename);
        if ($time > 360) {
            @unlink($filename);
        }
    }
    foreach (glob("/usr/share/artica-postfix/ressources/conf/*") as $filename) {
        $time = $unix->file_time_min($filename);
        if ($time > 360) {
            @unlink($filename);
        }
    }
}
Esempio n. 4
0
function SERVICE_START($nochecks = false, $nopid = false)
{
    $unix = new unix();
    $sock = new sockets();
    $kill = $unix->find_program("kill");
    if (!$nopid) {
        $pidfile = "/etc/artica-postfix/pids/" . basename(__FILE__) . "." . __FUNCTION__ . ".pid";
        $pid = @file_get_contents($pidfile);
        if ($unix->process_exists($pid, basename(__FILE__))) {
            $time = $unix->PROCCESS_TIME_MIN($pid);
            echo "Starting......: " . date("H:i:s") . " MySQL this script is already executed PID: {$pid} since {$time}Mn\n";
            if ($time < 5) {
                if (!$GLOBALS["FORCE"]) {
                    return;
                }
            }
            unix_system_kill_force($pid);
        }
        @file_put_contents($pidfile, getmypid());
    }
    if (is_file("/etc/artica-postfix/mysql.stop")) {
        echo "Starting......: " . date("H:i:s") . " MySQL locked, exiting\n";
        return;
    }
    $PID_NUM = PID_NUM();
    if ($unix->process_exists($PID_NUM)) {
        $timemin = $unix->PROCCESS_TIME_MIN($PID_NUM);
        echo "Starting......: " . date("H:i:s") . " MySQL already running PID \"{$PID_NUM}\" since {$timemin}Mn\n";
        return;
    }
    $mysql_install_db = $unix->find_program('mysql_install_db');
    $mysqlbin = $unix->LOCATE_mysqld_bin();
    $php5 = $unix->LOCATE_PHP5_BIN();
    $nohup = $unix->find_program("nohup");
    if (!is_file($mysqlbin)) {
        echo "Starting......: " . date("H:i:s") . " MySQL is not installed, abort\n";
        return;
    }
    $EnableMysqlFeatures = $sock->GET_INFO('EnableMysqlFeatures');
    $MysqlBinAllAdresses = $sock->GET_INFO('MysqlBinAllAdresses');
    $MySQLTMPMEMSIZE = $sock->GET_INFO('MySQLTMPMEMSIZE');
    $MysqlTooManyConnections = $sock->GET_INFO("MysqlTooManyConnections");
    $MysqlRemoveidbLogs = $sock->GET_INFO("MysqlRemoveidbLogs");
    $innodb_force_recovery = $sock->GET_INFO("innodb_force_recovery");
    if (!is_numeric($innodb_force_recovery)) {
        $innodb_force_recovery = 0;
    }
    if (!is_numeric($MysqlRemoveidbLogs)) {
        $MysqlRemoveidbLogs = 0;
    }
    if (!is_numeric($MysqlBinAllAdresses)) {
        $MysqlBinAllAdresses = 0;
    }
    if (!is_numeric($MySQLTMPMEMSIZE)) {
        $MySQLTMPMEMSIZE = 0;
    }
    if (!is_numeric($MysqlTooManyConnections)) {
        $MysqlTooManyConnections = 0;
    }
    if (!is_numeric($EnableMysqlFeatures)) {
        $EnableMysqlFeatures = 1;
    }
    $MySqlTmpDir = $sock->GET_INFO('MySQLTMPDIR');
    $MySQLLOgErrorPath = $sock->GET_INFO('MySQLLOgErrorPath');
    $datadir = $unix->MYSQL_DATA_DIR();
    $EnableMysqlLog = $sock->GET_INFO("EnableMysqlLog");
    if (!is_numeric($EnableMysqlLog)) {
        $EnableMysqlLog = 0;
    }
    if ($datadir == null) {
        $datadir = '/var/lib/mysql';
    }
    if ($MySqlTmpDir == '/tmp') {
        $MySqlTmpDir = null;
    }
    if ($MySQLLOgErrorPath == null) {
        $MySQLLOgErrorPath = $datadir . '/mysqld.err';
    }
    if ($MysqlTooManyConnections == 1) {
        echo "Starting......: " . date("H:i:s") . " MySQL MysqlTooManyConnections=1, abort\n";
        return;
    }
    if (isset($GLOBALS["RECOVERY"])) {
        $innodb_force_recovery = $GLOBALS["RECOVERY"];
    }
    if (strlen($MySqlTmpDir) > 3) {
        echo "Starting......: " . date("H:i:s") . " MySQL tempdir : {$MySqlTmpDir}\n";
        shell_exec("{$php5} /usr/share/artica-postfix/exec.mysql.build.php --tmpfs");
        $MySqlTmpDir = str_replace("//", "/", $MySqlTmpDir);
        if (!is_dir($MySqlTmpDir)) {
            @mkdir($MySqlTmpDir, 0755, true);
            $unix->chown_func("mysql", "mysql", $MySqlTmpDir);
        }
        $MySqlTmpDirCMD = " --tmpdir={$MySqlTmpDir}";
    }
    if ($EnableMysqlFeatures == 0) {
        echo "Starting......: " . date("H:i:s") . " MySQL is disabled by \"EnableMysqlFeatures\"...\n";
        return;
    }
    $pid_file = "/var/run/mysqld/mysqld.pid";
    $socket = "/var/run/mysqld/mysqld.sock";
    $mysql_user = "******";
    @mkdir("/var/run/mysqld", 0755, true);
    @mkdir("/var/log/mysql", 0755, true);
    @mkdir($datadir, 0755, true);
    $dirs = $unix->dirdir("/var/lib/mysql");
    while (list($num, $directory) = each($dirs)) {
        echo "Starting......: " . date("H:i:s") . " MySQL, apply permissions on " . basename($directory) . "\n";
        $unix->chown_func("mysql", "mysql", "{$directory}/*");
    }
    $bind_address = ' --bind-address=127.0.0.1';
    $bind_address2 = "127.0.0.1";
    if ($MysqlBinAllAdresses == 1) {
        $bind_address2 = 'All (0.0.0.0)';
        $bind_address = ' --bind-address=0.0.0.0';
    }
    echo "Starting......: " . date("H:i:s") . " MySQL Pid path.......:{$pid_file}\n";
    echo "Starting......: " . date("H:i:s") . " datadir..............:{$datadir}\n";
    echo "Starting......: " . date("H:i:s") . " Log error............:{$MySQLLOgErrorPath}\n";
    echo "Starting......: " . date("H:i:s") . " socket...............:{$socket}\n";
    echo "Starting......: " . date("H:i:s") . " user.................:{$mysql_user}\n";
    echo "Starting......: " . date("H:i:s") . " LOGS ENABLED.........:{$EnableMysqlLog}\n";
    echo "Starting......: " . date("H:i:s") . " Daemon...............:{$mysqlbin}\n";
    echo "Starting......: " . date("H:i:s") . " Bind address.........:{$bind_address2}\n";
    echo "Starting......: " . date("H:i:s") . " Temp Dir.............:{$MySqlTmpDir}\n";
    echo "Starting......: " . date("H:i:s") . " innodb_force_recovery:{$innodb_force_recovery}\n";
    mysql_admin_mysql(1, "Starting MySQL service...", null, __FILE__, __LINE__);
    echo "Starting......: " . date("H:i:s") . " Settings permissions..\n";
    @mkdir("/var/run/mysqld", 0755, true);
    $unix->chown_func($mysql_user, $mysql_user, "/var/run/mysqld");
    $unix->chown_func($mysql_user, $mysql_user, "/var/log/mysql");
    $unix->chown_func($mysql_user, $mysql_user, $datadir);
    $unix->chown_func($mysql_user, $mysql_user, "{$datadir}/*");
    if ($unix->is_socket("/var/run/mysqld/mysqld.sock")) {
        @unlink("/var/run/mysqld/mysqld.sock");
    }
    if (is_file('/var/run/mysqld/mysqld.err')) {
        @unlink('/var/run/mysqld/mysqld.err');
    }
    if (is_file("/var/run/mysqld/mysqld.pid")) {
        $unix->chown_func($mysql_user, $mysql_user, "/var/run/mysqld/mysqld.pid");
    }
    if ($MysqlRemoveidbLogs == 1) {
        shell_exec('/bin/mv /var/lib/mysql/ib_logfile* /tmp/');
        $sock->SET_INFO('MysqlRemoveidbLogs', '0');
    }
    $logpathstring = " --log-error={$MySQLLOgErrorPath}";
    if ($EnableMysqlLog == 1) {
        $logpathstring = " --log=/var/log/mysql.log --log-slow-queries=/var/log/mysql-slow-queries.log --log-error={$MySQLLOgErrorPath} --log-warnings";
    }
    $toTouch[] = "/var/log/mysql-slow-queries.log";
    $toTouch[] = "/var/log/mysql.error";
    $toTouch[] = "/var/log/mysql.log";
    $toTouch[] = "/var/log/mysql.warn";
    while (list($num, $filename) = each($toTouch)) {
        if (!is_file($filename)) {
            @file_put_contents($filename, "#\n");
        }
        $unix->chown_func($mysql_user, $mysql_user, $filename);
    }
    echo "Starting......: " . date("H:i:s") . " MySQL Checking : {$datadir}/mysql/host.frm\n";
    if (!is_file("{$datadir}/mysql/host.frm")) {
        if (is_file($mysql_install_db)) {
            echo "Starting......: " . date("H:i:s") . " MySQL Installing default databases\n";
            shell_exec("{$mysql_install_db} --datadir=\"{$datadir}\"");
        }
    } else {
        echo "Starting......: " . date("H:i:s") . " MySQL Checking : {$datadir}/mysql/host.frm OK\n";
    }
    $cmd2 = array();
    $MEMORY = $unix->MEM_TOTAL_INSTALLEE();
    $AsCategoriesAppliance = intval(@file_get_contents("/etc/artica-postfix/settings/Daemons/AsCategoriesAppliance"));
    if ($AsCategoriesAppliance == 1) {
        $MEMORY = 620288;
    }
    if ($MEMORY < 624288) {
        $GetStartedValues = GetStartedValues();
        echo "Starting......: " . date("H:i:s") . " MySQL Warning memory did not respond to pre-requesites, tuning to lower memory\n";
        if ($GetStartedValues["--key-buffer-size"]) {
            $cmd2[] = "--key-buffer-size=8M";
        }
        if ($GetStartedValues["--max-allowed-packet"]) {
            $cmd2[] = "--max-allowed-packet=4M";
        }
        if ($GetStartedValues["--table-cache"]) {
            $cmd2[] = "--table-cache=4";
        }
        if ($GetStartedValues["--sort-buffer-size"]) {
            $cmd2[] = "--sort-buffer-size=64k";
        }
        if ($GetStartedValues["--read-buffer-size"]) {
            $cmd2[] = "--read-buffer-size=256k";
        }
        if ($GetStartedValues["--read-rnd-buffer-size"]) {
            $cmd2[] = "--read-rnd-buffer-size=128k";
        }
        if ($GetStartedValues["--net-buffer-length"]) {
            $cmd2[] = "--net-buffer-length=2k";
        }
        if ($GetStartedValues["--thread-stack"]) {
            $cmd2[] = "--thread-stack=192k";
        }
        if ($GetStartedValues["--thread-cache-size"]) {
            $cmd2[] = "--thread-cache-size=128";
        }
        if ($GetStartedValues["--thread-concurrency"]) {
            $cmd2[] = "--thread-concurrency=10";
        }
        if ($GetStartedValues["--default-storage-engine"]) {
            $cmd2[] = "--default-storage-engine=MyISAM";
        }
        if ($GetStartedValues["--default-tmp-storage-engine"]) {
            $cmd2[] = "--default-tmp-storage-engine=MyISAM";
        }
        if ($GetStartedValues["--tmp-table-size"]) {
            $cmd2[] = "--tmp-table-size=16M";
        }
        if ($GetStartedValues["--table-cache"]) {
            $cmd2[] = "--table-cache=64";
        }
        if ($GetStartedValues["--query-cache-limit"]) {
            $cmd2[] = "--query-cache-limit=4M";
        }
        if ($GetStartedValues["--query-cache-size"]) {
            $cmd2[] = "--query-cache-size=32M";
        }
        if ($GetStartedValues["--max-connections"]) {
            $cmd2[] = "--max-connections=50";
        }
        if (is_file("/etc/artica-postfix/WORDPRESS_APPLIANCE")) {
            $cmd2[] = "--innodb=OFF";
        }
        echo "Starting......: " . date("H:i:s") . " MySQL " . count($cmd2) . " forced option(s)\n";
    }
    if (is_file($MySQLLOgErrorPath)) {
        @unlink($MySQLLOgErrorPath);
    }
    $cmds[] = $mysqlbin;
    if ($MEMORY < 624288) {
        $cmds[] = "--no-defaults --user=mysql";
    }
    $cmds[] = "--pid-file=/var/run/mysqld/mysqld.pid";
    $cmds[] = trim($logpathstring);
    $cmds[] = trim($MySqlTmpDirCMD);
    $cmds[] = "--socket={$socket}";
    $cmds[] = "--datadir=\"{$datadir}\"";
    if (count($cmd2) == 0) {
        if ($innodb_force_recovery > 0) {
            $cmds[] = "--innodb-force-recovery={$innodb_force_recovery}";
        }
    }
    if (count($cmd2) > 0) {
        $cmds[] = @implode(" ", $cmd2);
    }
    $cmds[] = ">/dev/null 2>&1 &";
    if (is_file('/usr/sbin/aa-complain')) {
        echo "Starting......: " . date("H:i:s") . " Mysql Adding mysql in apparamor complain mode...\n";
        shell_exec("/usr/sbin/aa-complain {$mysqlbin} >/dev/null 2>&1");
    }
    $cmd = @implode(" ", $cmds);
    while (list($num, $ligne) = each($cmds)) {
        echo "Starting......: " . date("H:i:s") . " MySQL Option: {$ligne}\n";
    }
    echo "Starting......: " . date("H:i:s") . " MySQL Starting daemon, please wait\n";
    writelogs("Starting MySQL {$cmd}", __FUNCTION__, __FILE__, __LINE__);
    shell_exec($cmd);
    $count = 0;
    sleep(2);
    for ($i = 0; $i < 6; $i++) {
        $pid = PID_NUM();
        if ($unix->process_exists($pid, $mysqlbin)) {
            echo "Starting......: " . date("H:i:s") . " MySQL Checks daemon running...\n";
            break;
        }
        echo "Starting......: " . date("H:i:s") . " MySQL Checks daemon, please wait ({$i}/6)\n";
        sleep(1);
    }
    $pid = PID_NUM();
    if (!$unix->process_exists($pid)) {
        echo "Starting......: " . date("H:i:s") . " MySQL failed\n";
        echo "Starting......: " . date("H:i:s") . " {$cmd}\n";
        system_admin_events("Failed to start MySQL server", __FUNCTION__, __FILE__, __LINE__, "services");
        $php5 = $unix->LOCATE_PHP5_BIN();
        shell_exec("{$nohup} {$php5} /usr/share/artica-postfix/exec.mysql.build.php >/dev/null 2>&1 &");
    } else {
        for ($i = 0; $i < 4; $i++) {
            echo "Starting......: " . date("H:i:s") . " MySQL Checks mysqld.sock waiting {$i}/3\n";
            if ($unix->is_socket("/var/run/mysqld/mysqld.sock")) {
                break;
            }
            sleep(1);
        }
        if (!$unix->is_socket("/var/run/mysqld/mysqld.sock")) {
            mysql_admin_mysql(0, "Failed to start MySQL Server /var/run/mysqld/mysqld.sock no such socket after 4 seconds", null, __FILE__, __LINE__);
            echo "Starting......: " . date("H:i:s") . " MySQL Checks mysqld.sock failed...\n";
        }
        mysql_admin_mysql(1, "Success to start MySQL Server with new pid {$pid}", null, __FILE__, __LINE__);
        echo "Starting......: " . date("H:i:s") . " MySQL Success pid {$pid}\n";
        $q = new mysql_squid_builder();
        $q->MEMORY_TABLES_RESTORE();
    }
}
Esempio n. 5
0
function build()
{
    $unix = new unix();
    $sock = new sockets();
    $ClamavStreamMaxLength = $sock->GET_INFO("ClamavStreamMaxLength");
    $ClamavMaxRecursion = $sock->GET_INFO("ClamavMaxRecursion");
    $ClamavMaxFiles = $sock->GET_INFO("ClamavMaxFiles");
    $PhishingScanURLs = $sock->GET_INFO("PhishingScanURLs");
    $ClamavMaxScanSize = $sock->GET_INFO("ClamavMaxScanSize");
    $ClamavMaxFileSize = $sock->GET_INFO("ClamavMaxFileSize");
    $ClamavTemporaryDirectory = $sock->GET_INFO("ClamavTemporaryDirectory");
    if ($ClamavTemporaryDirectory == null) {
        $ClamavTemporaryDirectory = "/home/clamav";
    }
    if (!is_numeric($ClamavStreamMaxLength)) {
        $ClamavStreamMaxLength = 12;
    }
    if (!is_numeric($ClamavMaxRecursion)) {
        $ClamavMaxRecursion = 5;
    }
    if (!is_numeric($ClamavMaxFiles)) {
        $ClamavMaxFiles = 10000;
    }
    if (!is_numeric($PhishingScanURLs)) {
        $PhishingScanURLs = 1;
    }
    if (!is_numeric($ClamavMaxScanSize)) {
        $ClamavMaxScanSize = 15;
    }
    if (!is_numeric($ClamavMaxFileSize)) {
        $ClamavMaxFileSize = 20;
    }
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} MaxFileSize: {$ClamavMaxFileSize}M\n";
    }
    $dirs[] = "/var/clamav";
    $dirs[] = "/var/run/clamav";
    $dirs[] = "/var/lib/clamav";
    $dirs[] = "/var/log/clamav";
    $dirs[] = $ClamavTemporaryDirectory;
    while (list($i, $directory) = each($dirs)) {
        @mkdir($directory, 0755, true);
        @chmod($directory, 0755);
        @chown($directory, "clamav");
        @chgrp($directory, "clamav");
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Permissions on {$directory}\n";
        }
        $unix->chown_func("clamav", "clamav", $directory . "/*");
    }
    $PhishingScanURLs_text = "no";
    if ($PhishingScanURLs == 1) {
        $PhishingScanURLs_text = "yes";
    }
    $unix->SystemCreateUser("clamav", "clamav");
    $f[] = "LocalSocket /var/run/clamav/clamav.sock";
    $f[] = "FixStaleSocket true";
    $f[] = "User clamav";
    $f[] = "AllowSupplementaryGroups true";
    $f[] = "ScanMail true";
    $f[] = "ScanArchive true";
    $f[] = "#ArchiveLimitMemoryUsage false (depreciated)";
    $f[] = "ArchiveBlockEncrypted false";
    $f[] = "MaxDirectoryRecursion 15";
    $f[] = "FollowDirectorySymlinks false";
    $f[] = "FollowFileSymlinks false";
    $f[] = "ReadTimeout 180";
    $f[] = "MaxThreads 12";
    $f[] = "MaxConnectionQueueLength 15";
    $f[] = "StreamMaxLength {$ClamavStreamMaxLength}M";
    $f[] = "MaxFileSize {$ClamavMaxFileSize}M";
    $f[] = "MaxScanSize {$ClamavMaxFileSize}M";
    $f[] = "MaxFiles 10000";
    $f[] = "MaxRecursion {$ClamavMaxRecursion}";
    $f[] = "LogSyslog true";
    $f[] = "LogFacility LOG_LOCAL6";
    $f[] = "LogClean false";
    $f[] = "LogVerbose false";
    $f[] = "PidFile /var/run/clamav/clamd.pid";
    $f[] = "TemporaryDirectory {$ClamavTemporaryDirectory}";
    $f[] = "DatabaseDirectory /var/lib/clamav";
    $f[] = "SelfCheck 3600";
    $f[] = "Foreground false";
    $f[] = "Debug false";
    $f[] = "ScanPE true";
    $f[] = "ScanOLE2 true";
    $f[] = "ScanHTML true";
    $f[] = "DetectBrokenExecutables false";
    $f[] = "#MailFollowURLs false (depreciated)";
    $f[] = "ExitOnOOM false";
    $f[] = "LeaveTemporaryFiles false";
    $f[] = "AlgorithmicDetection true";
    $f[] = "ScanELF true";
    $f[] = "IdleTimeout 30";
    $f[] = "PhishingSignatures true";
    $f[] = "PhishingScanURLs {$PhishingScanURLs_text}";
    $f[] = "PhishingAlwaysBlockSSLMismatch false";
    $f[] = "PhishingAlwaysBlockCloak false";
    $f[] = "DetectPUA false";
    $f[] = "ScanPartialMessages false";
    $f[] = "HeuristicScanPrecedence false";
    $f[] = "StructuredDataDetection false";
    $f[] = "LogFile /var/log/clamav/clamd.log";
    $f[] = "LogTime true";
    $f[] = "LogFileUnlock false";
    $f[] = "LogFileMaxSize 0";
    $f[] = "TemporaryDirectory /var/clamav/tmp";
    @file_put_contents("/etc/clamav/clamd.conf", @implode("\n", $f));
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} /etc/clamav/clamd.conf done\n";
    }
}
Esempio n. 6
0
function start($aspid = false, $nochecksquid = false)
{
    $unix = new unix();
    $sock = new sockets();
    $Masterbin = $unix->find_program("ufdbguardd");
    if (!is_file($Masterbin)) {
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]}, ufdbguardd not installed\n";
        }
        return;
    }
    if (!$aspid) {
        $pidfile = "/etc/artica-postfix/pids/" . basename(__FILE__) . "." . __FUNCTION__ . ".pid";
        $pid = $unix->get_pid_from_file($pidfile);
        if ($unix->process_exists($pid, basename(__FILE__))) {
            $time = $unix->PROCCESS_TIME_MIN($pid);
            if ($GLOBALS["OUTPUT"]) {
                echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Already Artica task running PID {$pid} since {$time}mn\n";
            }
            return;
        }
        @file_put_contents($pidfile, getmypid());
    }
    $pid = PID_NUM();
    if ($unix->process_exists($pid)) {
        $timepid = $unix->PROCCESS_TIME_MIN($pid);
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Service already started {$pid} since {$timepid}Mn...\n";
        }
        if ($GLOBALS["MONIT"]) {
            @file_put_contents($GLOBALS["PID_PATH"], $pid);
        }
        return;
    }
    $EnableUfdbGuard = intval($sock->EnableUfdbGuard());
    $UseRemoteUfdbguardService = intval($sock->GET_INFO("UseRemoteUfdbguardService"));
    if ($UseRemoteUfdbguardService == 1) {
        $EnableUfdbGuard = 0;
    }
    $SquidUFDBUrgency = intval($sock->GET_INFO("SquidUFDBUrgency"));
    if ($SquidUFDBUrgency == 1) {
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} * * * * Your Web filtering is on Emergency mode ! * * * *\n";
        }
        stop();
        return;
    }
    if ($EnableUfdbGuard == 0) {
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} service disabled (see EnableUfdbGuard)\n";
        }
        stop();
        return;
    }
    $php5 = $unix->LOCATE_PHP5_BIN();
    $sysctl = $unix->find_program("sysctl");
    $echo = $unix->find_program("echo");
    $nohup = $unix->find_program("nohup");
    $kill = $unix->find_program("kill");
    $PossibleDirs[] = "/var/lib/ftpunivtlse1fr";
    $PossibleDirs[] = "/var/lib/ufdbartica";
    $PossibleDirs[] = "/var/lib/squidguard";
    while (list($index, $Directory) = each($PossibleDirs)) {
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} permissions on `{$Directory}`\n";
        }
        if (is_link($Directory)) {
            $Directory = readlink($Directory);
        }
        $f = explode("/", $Directory);
        while (list($index, $subdir) = each($f)) {
            if ($subdir == null) {
                continue;
            }
            $dir = $dir . "/{$subdir}";
            @chmod($dir, 0755);
        }
        @chmod("{$Directory}", 0755);
        $unix->chown_func("squid", "squid", "{$Directory}");
    }
    @mkdir(dirname($GLOBALS["PID_PATH"]), 0755, true);
    @mkdir("/var/lib/squidguard/security", 0755, true);
    $unix->chown_func("squid", "squid", dirname($GLOBALS["PID_PATH"]));
    $chmod = $unix->find_program("chmod");
    $chown = $unix->find_program("chown");
    $php = $unix->LOCATE_PHP5_BIN();
    @chmod($GLOBALS["PID_PATH"], 0755);
    $unix->chown_func("squid", "squid", "/var/lib/squidguard/security/cacerts");
    @chmod("/var/lib/squidguard/security/cacerts", 0755);
    if (!is_file("/etc/squid3/ufdbGuard.conf")) {
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} building settings\n";
        }
        shell_exec("{$php5} /usr/share/artica-postfix/exec.squidguard.php --build >/dev/null 2>&1");
    }
    $datas = unserialize(base64_decode($sock->GET_INFO("ufdbguardConfig")));
    if (!isset($datas["listen_port"])) {
        $datas["listen_port"] = 3977;
    }
    if (!isset($datas["tcpsockets"])) {
        $datas["tcpsockets"] = 1;
    }
    $Threads = intval(@file_get_contents("/etc/artica-postfix/settings/Daemons/UfdbGuardThreads"));
    if ($Threads == 0) {
        $Threads = 64;
    }
    if ($Threads > 140) {
        $Threads = 140;
    }
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} pid path: {$GLOBALS["PID_PATH"]}\n";
    }
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Threads:{$Threads}\n";
    }
    killbyports();
    @unlink($GLOBALS["PID_PATH"]);
    shell_exec("{$php5} /usr/share/artica-postfix/exec.squidguard.php --dbmem >/dev/null");
    shell_exec("{$php5} /usr/share/artica-postfix/exec.squidguard.php --notify-start >/dev/null");
    shell_exec("{$php5} /usr/share/artica-postfix/exec.initslapd.php --ufdbguard >/dev/null");
    system("/etc/init.d/ufdb-tail start");
    if (!is_file("/etc/squid3/ufdbGuard.conf")) {
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} /etc/squid3/ufdbGuard.conf no such file !!\n";
        }
        system("{$php} /usr/share/artica-postfix/exec.squidguard.php --build --force");
    }
    @mkdir("/etc/artica-postfix/pids", 0755, true);
    shell_exec("{$chmod} 0755 /etc/squid3/ufdbGuard.conf");
    shell_exec("{$chown} squid:squid /etc/squid3");
    shell_exec("{$chown} squid:squid /etc/squid3/ufdbGuard.conf");
    @unlink("/etc/artica-postfix/pids/UfdbGuardReload.time");
    @file_put_contents("/etc/artica-postfix/pids/UfdbGuardReload.time", time());
    squid_admin_mysql(1, "Starting the Web filtering Daemon...", "This is a notification in order to inform:\n" . basename(__FILE__) . " script start the Web filtering Dameon service", __FILE__, __LINE__);
    $cmd = "{$Masterbin} -c /etc/squid3/ufdbGuard.conf -U squid -w {$Threads} -N >/dev/null 2>&1 &";
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} service\n";
    }
    system($cmd);
    for ($i = 1; $i < 5; $i++) {
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} waiting {$i}/5\n";
        }
        sleep(1);
        $pid = PID_NUM();
        if ($unix->process_exists($pid)) {
            break;
        }
    }
    @unlink("/var/log/squid/UFDB_SOCKET_ERROR");
    $pid = PID_NUM();
    if ($unix->process_exists($pid)) {
        if (IsPortListen() == 0) {
            if ($GLOBALS["OUTPUT"]) {
                echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} waiting (no listen port)\n";
            }
            continue;
        }
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Success PID {$pid}\n";
        }
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Checking configuration...\n";
        }
        if (!$nochecksquid) {
            build_progress("{checking_configuration}", 50);
            if (!ChecksConfig()) {
                build_progress("{reconfiguring} {APP_SQUID}", 70);
                squid_admin_mysql(1, "Web filtering is not linked with the proxy service [action=reconfigure]", null, __FILE__, __LINE__);
                system("{$php5} /usr/share/artica-postfix/exec.squid.php --build --force");
            }
        }
        @unlink("/var/log/squid/UFDB_SOCKET_ERROR");
        return true;
    }
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Failed\n";
    }
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} {$cmd}\n";
    }
}
Esempio n. 7
0
function start($aspid = false)
{
    $unix = new unix();
    $sock = new sockets();
    $LOGBIN = "DHCP Server";
    $binpath = $unix->DHCPD_BIN_PATH();
    if (!is_file($binpath)) {
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: {$LOGBIN}, not installed\n";
        }
        return;
    }
    if (!$aspid) {
        $pidfile = "/etc/artica-postfix/pids/" . basename(__FILE__) . "." . __FUNCTION__ . ".pid";
        $pid = $unix->get_pid_from_file($pidfile);
        if ($unix->process_exists($pid, basename(__FILE__))) {
            $time = $unix->PROCCESS_TIME_MIN($pid);
            if ($GLOBALS["OUTPUT"]) {
                echo "Starting......: " . date("H:i:s") . " [INIT]: {$LOGBIN}, [START] Already Artica task running PID {$pid} since {$time}mn\n";
            }
            return false;
        }
        @file_put_contents($pidfile, getmypid());
    }
    $pid = PID_NUM();
    if ($unix->process_exists($pid)) {
        $timepid = $unix->PROCCESS_TIME_MIN($pid);
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: {$LOGBIN} Service already started {$pid} since {$timepid}Mn...\n";
        }
        return true;
    }
    $EnableDHCPServer = $sock->GET_INFO("EnableDHCPServer");
    if (!is_numeric($EnableDHCPServer)) {
        $EnableDHCPServer = 0;
    }
    $EnableChilli = $sock->GET_INFO("EnableChilli");
    if (!is_numeric($EnableChilli)) {
        $EnableChilli = 0;
    }
    if ($EnableChilli == 1) {
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: {$LOGBIN} replaced by HotSpot feature...\n";
        }
        $EnableDHCPServer = 0;
    }
    if ($EnableDHCPServer == 0) {
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: {$LOGBIN} service disabled\n";
        }
        build_progress("{starting_service} {failed}", 110);
        return false;
    }
    build_progress("{starting_service}", 60);
    @mkdir("/var/run/dhcp3-server", 0755, true);
    @mkdir("/var/lib/dhcp3", 0755, true);
    if (!is_file("/var/lib/dhcp3/dhcpd.other")) {
        @file_put_contents("/var/lib/dhcp3/dhcpd.other", "#");
    }
    if (!is_file("/var/lib/dhcp3/dhcpd.leases")) {
        @file_put_contents("/var/lib/dhcp3/dhcpd.leases", "#");
    }
    $unix->SystemCreateUser("dhcpd", "dhcpd");
    $unix->chown_func("dhcpd", "dhcpd", "/var/run/dhcp3-server");
    $unix->chown_func("dhcpd", "dhcpd", "/var/lib/dhcp3/dhcpd.leases");
    $unix->chown_func("dhcpd", "dhcpd", "/var/lib/dhcp3/dhcpd.leases~");
    $DHCP3ListenNIC = $sock->GET_INFO('DHCP3ListenNIC');
    if ($DHCP3ListenNIC == null) {
        $DHCP3ListenNIC = "eth0";
    }
    echo "Starting......: " . date("H:i:s") . " [INIT]: {$LOGBIN} Listen {$DHCP3ListenNIC}\n";
    echo "Starting......: " . date("H:i:s") . " [INIT]: {$LOGBIN} building settings...\n";
    BuildDHCP(true);
    build_progress("{starting_service}", 75);
    $CMD[] = "{$binpath} -q -pf " . PID_PATH();
    $CMD[] = "-cf " . dhcp3Config();
    $CMD[] = "-lf /var/lib/dhcp3/dhcpd.leases";
    $cmd = @implode(" ", $CMD);
    echo "Starting......: " . date("H:i:s") . " [INIT]: {$LOGBIN} service..\n";
    if ($GLOBALS["VERBOSE"]) {
        echo "{$cmd}\n";
    }
    shell_exec($cmd);
    build_progress("{starting_service}", 80);
    for ($i = 0; $i < 6; $i++) {
        $pid = PID_NUM();
        if ($unix->process_exists($pid)) {
            break;
        }
        build_progress("{starting_service}  waiting {$i}/6", 80);
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: {$LOGBIN} service waiting {$i}/6...\n";
        }
        sleep(1);
    }
    $pid = PID_NUM();
    if ($unix->process_exists($pid)) {
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: {$LOGBIN} service Success service started pid:{$pid}...\n";
        }
        build_progress("{starting_service}  {success}", 100);
        return true;
    }
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: {$LOGBIN} service failed...\n";
    }
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: `{$cmd}`\n";
    }
    build_progress("{starting_service}  {failed}", 110);
    return false;
}
Esempio n. 8
0
function sessions_clean_parse($directory, $CleanPHPSessionTime, $APACHE_SRC_ACCOUNT = null, $APACHE_SRC_GROUP = null)
{
    $CleanPHPSessionTime = $CleanPHPSessionTime - 1;
    if (!is_dir($directory)) {
        return;
    }
    if (!($handle = opendir($directory))) {
        return;
    }
    $unix = new unix();
    while (false !== ($fileZ = readdir($handle))) {
        if ($fileZ == ".") {
            continue;
        }
        if ($fileZ == "..") {
            continue;
        }
        $filename = "{$directory}/{$fileZ}";
        if (is_dir($filename)) {
            continue;
        }
        $time = $unix->file_time_min($filename);
        if ($time > $CleanPHPSessionTime) {
            @unlink($filename);
            continue;
        }
        if ($APACHE_SRC_ACCOUNT != null) {
            $unix->chown_func($APACHE_SRC_ACCOUNT, $APACHE_SRC_GROUP, $filename);
        }
    }
}
function build()
{
    $unix = new unix();
    $DIRS[] = "/var/run/kav4proxy";
    $DIRS[] = "/etc/opt/kaspersky";
    $DIRS[] = "/tmp/Kav4proxy";
    $DIRS[] = "/var/log/kaspersky/kav4proxy";
    $DIRS[] = "/var/log/artica-postfix/ufdbguard-blocks";
    $DIRS[] = "/opt/kaspersky/kav4proxy/share/notify";
    while (list($none, $path) = each($DIRS)) {
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Permissions on {$path}\n";
        }
        @mkdir("{$path}", 0755, true);
        $unix->chown_func("kluser", "klusers", $path);
    }
    $kav = new Kav4Proxy();
    $conf = $kav->build_config();
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Building /etc/opt/kaspersky/kav4proxy.conf done\n";
    }
    @file_put_contents("/etc/opt/kaspersky/kav4proxy.conf", $conf);
    $kav->LoadTemplates();
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} " . count($kav->templates_data) . " templates\n";
    }
    while (list($templateName, $val) = each($kav->templates_data)) {
        if (is_array($val)) {
            echo "Warning {$templateName}: val is array\n";
        }
        if (strlen($val) < 100) {
            echo "Warning {$templateName}: val lenght is not supported!\n";
        }
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} building \"{$templateName}\" template\n";
        }
        @file_put_contents("/opt/kaspersky/kav4proxy/share/notify/{$templateName}", $val);
        @chmod("/opt/kaspersky/kav4proxy/share/notify/{$templateName}", 0755);
        @chown("/opt/kaspersky/kav4proxy/share/notify/{$templateName}", "kluser");
    }
}
Esempio n. 10
0
function CheckFilesAndSecurity()
{
    $unix = new unix();
    $sock = new sockets();
    $StreamCacheCache = $sock->GET_INFO("StreamCacheCache");
    if ($StreamCacheCache == null) {
        $StreamCacheCache = "/home/squid/videocache";
    }
    $StreamCacheMainCache = $sock->GET_INFO("StreamCacheMainCache");
    if ($StreamCacheMainCache == null) {
        $StreamCacheMainCache = "/home/squid/streamcache";
    }
    $f[] = "/var/log/videocache";
    $f[] = $StreamCacheCache;
    $f[] = "/etc/streamsquidcache";
    $f[] = "/var/spool/streamsquidcache";
    $f[] = $StreamCacheMainCache;
    $f[] = "/var/run/squid";
    $f[] = "/usr/share/streamsquidcache";
    while (list($num, $val) = each($f)) {
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} checking \"{$val}\"\n";
        }
        if (!is_dir($val)) {
            @mkdir($val, 0755, true);
        }
        $unix->chown_func("squid", "squid", "{$val}/*");
    }
    $MAINDIR = true;
    for ($i = 0; $i < 10; $i++) {
        $dir = "{$StreamCacheMainCache}/0{$i}";
        if (!is_dir($dir)) {
            if ($GLOBALS["OUTPUT"]) {
                echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} {$dir} no such directory\n";
            }
            $MAINDIR = false;
            break;
        }
    }
    if (!$MAINDIR) {
        $masterbin = $unix->find_program("streamsquidcache");
        shell_exec("{$masterbin} -f /etc/streamsquidcache/squid.conf -z");
    }
}
Esempio n. 11
0
function buildConfig()
{
    $unix = new unix();
    $sock = new sockets();
    $phpcgi = $unix->LIGHTTPD_PHP5_CGI_BIN_PATH();
    $chown = $unix->find_program("chown");
    $perlbin = $unix->find_program("perl");
    $nohup = $unix->find_program("nohup");
    $php = $unix->LOCATE_PHP5_BIN();
    $PHP_STANDARD_MODE = true;
    $phpfpm = $unix->find_program('php5-fpm');
    if (!is_file($phpfpm)) {
        $phpfpm = $unix->find_program('php-fpm');
    }
    @mkdir("/usr/share/artica-postfix/framework", 0755, true);
    @mkdir("/usr/share/artica-postfix/ressources/sock", 0755, true);
    $LighttpdRunAsminimal = $sock->GET_INFO("LighttpdRunAsminimal");
    $LighttpdArticaMaxProcs = $sock->GET_INFO("LighttpdArticaMaxProcs");
    $LighttpdArticaMaxChildren = $sock->GET_INFO("LighttpdArticaMaxChildren");
    $PHP_FCGI_MAX_REQUESTS = $sock->GET_INFO("PHP_FCGI_MAX_REQUESTS");
    $SessionPathInMemory = $sock->GET_INFO("SessionPathInMemory");
    if (!is_numeric($LighttpdRunAsminimal)) {
        $LighttpdRunAsminimal = 0;
    }
    if (!is_numeric($LighttpdArticaMaxProcs)) {
        $LighttpdArticaMaxProcs = 0;
    }
    if (!is_numeric($LighttpdArticaMaxChildren)) {
        $LighttpdArticaMaxChildren = 0;
    }
    if (!is_numeric($PHP_FCGI_MAX_REQUESTS)) {
        $PHP_FCGI_MAX_REQUESTS = 200;
    }
    if (!is_numeric($SessionPathInMemory)) {
        $SessionPathInMemory = 0;
    }
    $EnableArticaApachePHPFPM = $sock->GET_INFO("EnableArticaApachePHPFPM");
    if (!is_numeric($EnableArticaApachePHPFPM)) {
        $EnableArticaApachePHPFPM = 0;
    }
    if (!is_file("/opt/artica/ssl/certs/lighttpd.pem")) {
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} creating SSL certificate..\n";
        }
        exec("/usr/share/artica-postfix/bin/artica-install -lighttpd-cert 2>&1", $results);
        while (list($pid, $line) = each($results)) {
            $line = trim($line);
            if ($line == null) {
                continue;
            }
            if (preg_match("#Starting.*?lighttpd(.+)#", $line, $re)) {
                $line = $re[1];
            }
            $line = str_replace(": ", "", $line);
            if ($GLOBALS["OUTPUT"]) {
                echo "Starting......: " . date("H:i:s") . " [ARTI]: {$GLOBALS["SERVICE_NAME"]} {$line}\n";
            }
        }
    }
    $results = array();
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Creating PHP configuration..\n";
    }
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Executing artica-install --php-ini..\n";
    }
    exec("/usr/share/artica-postfix/bin/artica-install --php-ini 2>&1", $results);
    while (list($pid, $line) = each($results)) {
        $line = trim($line);
        if ($line == null) {
            continue;
        }
        if (preg_match("#Starting.*?lighttpd(.+)#", $line, $re)) {
            $line = $re[1];
        }
        $line = str_replace(": ", "", $line);
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [ARTI]: {$GLOBALS["SERVICE_NAME"]} {$line}\n";
        }
    }
    PHP_MYADMIN();
    $PHP_FCGI_CHILDREN = 3;
    $max_procs = 3;
    if ($LighttpdArticaMaxProcs > 0) {
        $max_procs = $LighttpdArticaMaxProcs;
    }
    if ($LighttpdArticaMaxChildren > 0) {
        $PHP_FCGI_CHILDREN = $LighttpdArticaMaxChildren;
    }
    if (!$unix->ISMemoryHiger1G()) {
        $PHP_FCGI_CHILDREN = 2;
        $max_procs = 1;
    }
    $MEMORY = $unix->MEM_TOTAL_INSTALLEE();
    if ($MEMORY < 624288) {
        $LighttpdRunAsminimal = 1;
    }
    if ($LighttpdRunAsminimal == 1) {
        $max_procs = 1;
        $PHP_FCGI_CHILDREN = 2;
        $PHP_FCGI_MAX_REQUESTS = 500;
    }
    $phpfpm = $unix->APACHE_LOCATE_PHP_FPM();
    $EnablePHPFPM = $sock->GET_INFO("EnablePHPFPM");
    if (!is_numeric($EnablePHPFPM)) {
        $EnablePHPFPM = 0;
    }
    if (!is_file($phpfpm)) {
        $EnablePHPFPM = 0;
    }
    if ($EnablePHPFPM == 0) {
        $EnableArticaApachePHPFPM = 0;
    }
    if ($EnableArticaApachePHPFPM == 0) {
        $EnablePHPFPM = 0;
    }
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} EnableArticaApachePHPFPM = {$EnableArticaApachePHPFPM}\n";
    }
    if ($EnablePHPFPM == 1) {
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Using PHP-FPM........: Yes\n";
        }
    } else {
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Using PHP-FPM........: No\n";
        }
    }
    $ArticaHttpsPort = 9000;
    $NoLDAPInLighttpdd = 0;
    $ArticaHttpUseSSL = 1;
    $ArticaHttpsPort = $sock->GET_INFO("ArticaHttpsPort");
    $ArticaHttpUseSSL = $sock->GET_INFO("ArticaHttpUseSSL");
    if (!is_numeric($ArticaHttpUseSSL)) {
        $ArticaHttpUseSSL = 1;
    }
    if (!is_numeric($ArticaHttpsPort)) {
        $ArticaHttpsPort = "9000";
    }
    $ArticaHttpUseSSL = $sock->GET_INFO('ArticaHttpUseSSL');
    if (!is_numeric($ArticaHttpUseSSL)) {
        $ArticaHttpUseSSL = 1;
    }
    $NoLDAPInLighttpdd = $sock->GET_INFO('NoLDAPInLighttpdd');
    if (!is_numeric($NoLDAPInLighttpdd)) {
        $NoLDAPInLighttpdd = 0;
    }
    $LighttpdUseUnixSocket = $sock->GET_INFO('LighttpdUseUnixSocket');
    if (!is_numeric($LighttpdUseUnixSocket)) {
        $LighttpdUseUnixSocket = 0;
    }
    $lighttpdPhpPort = $sock->GET_INFO('lighttpdPhpPort');
    if (!is_numeric($lighttpdPhpPort)) {
        $lighttpdPhpPort = 1808;
    }
    $DenyMiniWebFromStandardPort = $sock->GET_INFO('DenyMiniWebFromStandardPort');
    if (!is_numeric($DenyMiniWebFromStandardPort)) {
        $DenyMiniWebFromStandardPort = 0;
    }
    $LighttpdArticaDisableSSLv2 = $sock->GET_INFO('LighttpdArticaDisableSSLv2');
    if (!is_numeric($LighttpdArticaDisableSSLv2)) {
        $LighttpdArticaDisableSSLv2 = 1;
    }
    $LighttpdArticaMaxProcs = $sock->GET_INFO('LighttpdArticaMaxProcs');
    if (!is_numeric($LighttpdArticaMaxProcs)) {
        $LighttpdArticaMaxProcs = 0;
    }
    $LighttpdArticaMaxChildren = $sock->GET_INFO('LighttpdArticaMaxChildren');
    if (!is_numeric($LighttpdArticaMaxChildren)) {
        $LighttpdArticaMaxChildren = 0;
    }
    $LighttpdRunAsminimal = $sock->GET_INFO('LighttpdRunAsminimal');
    if (!is_numeric($LighttpdRunAsminimal)) {
        $LighttpdRunAsminimal = 0;
    }
    $PHP_FCGI_MAX_REQUESTS = $sock->GET_INFO('PHP_FCGI_MAX_REQUESTS');
    if (!is_numeric($PHP_FCGI_MAX_REQUESTS)) {
        $PHP_FCGI_MAX_REQUESTS = 200;
    }
    $EnableArticaApachePHPFPM = $sock->GET_INFO("EnableArticaApachePHPFPM");
    if (!is_numeric($EnableArticaApachePHPFPM)) {
        $EnableArticaApachePHPFPM = 0;
    }
    if (!is_file($phpfpm)) {
        $EnableArticaApachePHPFPM = 0;
    }
    $EnablePHPFPM = intval($sock->GET_INFO("EnablePHPFPM"));
    if (!is_numeric($EnablePHPFPM)) {
        $EnablePHPFPM = 0;
    }
    if ($EnablePHPFPM == 0) {
        $EnableArticaApachePHPFPM = 0;
    }
    if ($EnableArticaApachePHPFPM == 0) {
        $EnablePHPFPM = 0;
    }
    $PHP_STANDARD_MODE = true;
    $LighttpdArticaListenIP = $sock->GET_INFO('LighttpdArticaListenIP');
    $phpcgi_path = $unix->LIGHTTPD_PHP5_CGI_BIN_PATH();
    $LIGHTTPD_GET_USER = LIGHTTPD_GET_USER();
    $LIGHTTPD_CONF_PATH = LIGHTTPD_CONF_PATH();
    if (preg_match("#^(.+?):(.+)#", $LIGHTTPD_GET_USER, $re)) {
        $LIGHTTPD_USER = $re[1];
        $LIGHTTPD_GROUP = $re[1];
    }
    $PHP_FCGI_CHILDREN = 1;
    $max_procs = 2;
    @mkdir("/var/log/lighttpd", 0755, true);
    @mkdir("/usr/share/artica-postfix/ressources/logs", 0755, true);
    if (!is_file("/var/log/lighttpd/access.log")) {
        @touch("/var/log/lighttpd/access.log");
    }
    @chown("/var/log/lighttpd", $LIGHTTPD_USER);
    @chgrp("/var/log/lighttpd", $LIGHTTPD_GROUP);
    @chown("/var/log/lighttpd/access.log", $LIGHTTPD_USER);
    @chgrp("/var/log/lighttpd/access.log", $LIGHTTPD_GROUP);
    @chmod("/var/log/lighttpd/access.log", 0777);
    $unix->chown_func($LIGHTTPD_USER, $LIGHTTPD_GROUP, "/var/log/lighttpd/*");
    $unix->chown_func($LIGHTTPD_USER, $LIGHTTPD_GROUP, "/usr/share/artica-postfix/ressources/logs/*");
    if ($LighttpdArticaMaxProcs > 0) {
        $max_procs = $LighttpdArticaMaxProcs;
    }
    if ($LighttpdArticaMaxChildren > 0) {
        $HP_FCGI_CHILDREN = $LighttpdArticaMaxChildren;
    }
    if ($LighttpdRunAsminimal == 1) {
        $max_procs = 2;
        $PHP_FCGI_CHILDREN = 2;
    }
    $mod_auth = isModule('mod_auth');
    if (is_file('/proc/user_beancounters')) {
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} VPS mode enabled, swith to socket mode for PHP\n";
        }
        $LighttpdUseUnixSocket = 1;
    }
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} MAX Procs............: {$max_procs}\n";
    }
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Php5 processes.......: {$PHP_FCGI_CHILDREN}\n";
    }
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Max cnx/processes....: {$PHP_FCGI_MAX_REQUESTS}\n";
    }
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} php-cgi path.........: {$phpcgi_path}\n";
    }
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} chown path...........: {$chown}\n";
    }
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} php path.............: {$php}\n";
    }
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} php FPM Path.........: {$phpfpm}\n";
    }
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} php FPM Enabled......: {$EnableArticaApachePHPFPM}\n";
    }
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Perl Path............: {$perlbin}\n";
    }
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Conf Path............: {$LIGHTTPD_CONF_PATH}\n";
    }
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Pid Path.............: /var/run/lighttpd/lighttpd.pid\n";
    }
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} SSL enabled..........: {$ArticaHttpUseSSL}\n";
    }
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Disable SSLv2........: {$LighttpdArticaDisableSSLv2}\n";
    }
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Listen Port..........: {$ArticaHttpsPort}\n";
    }
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Run as...............: {$LIGHTTPD_USER} / {$LIGHTTPD_GROUP}\n";
    }
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} No LDAP in Lighttpd..: {$NoLDAPInLighttpdd}\n";
    }
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Mod auth installed...: {$mod_auth}\n";
    }
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Use Unix socket......: {$LighttpdUseUnixSocket}\n";
    }
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Sessions in Memory...: {$SessionPathInMemory}MB\n";
    }
    $MakeDirs[] = "/opt/artica/ssl/certs";
    $MakeDirs[] = "/var/lib/php/session";
    $MakeDirs[] = "/var/lighttpd/upload";
    $MakeDirs[] = "/var/run/lighttpd";
    $MakeDirs[] = "/var/log/lighttpd";
    $MakeDirs[] = "/opt/artica/share/www/jpegPhoto";
    $MakeDirs[] = dirname($LIGHTTPD_CONF_PATH);
    while (list($pid, $dir) = each($MakeDirs)) {
        if (!is_dir($dir)) {
            if ($GLOBALS["OUTPUT"]) {
                echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} creating {$dir}\n";
            }
        }
        @mkdir($dir, 0755, true);
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} permissions on {$dir}\n";
        }
        shell_exec("{$chown} {$LIGHTTPD_GET_USER} {$dir}");
    }
    $f[] = '#artica-postfix saved by artica lighttpd.conf (Artica Install binary) v3.0';
    $f[] = '';
    $f[] = 'server.modules = (';
    $f[] = '        "mod_alias",';
    $f[] = '        "mod_access",';
    $f[] = '        "mod_accesslog",';
    $f[] = '        "mod_compress",';
    $f[] = '        "mod_fastcgi",';
    $f[] = '        "mod_cgi",';
    $f[] = '	       "mod_status",';
    if ($NoLDAPInLighttpdd == 1) {
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} LDAP Mode is disabled\n";
        }
    }
    if ($mod_auth) {
        $f[] = '	       "mod_auth"';
    } else {
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} mod_auth module does not exists (should be a security issue !!!)\n";
        }
    }
    $f[] = ')';
    $f[] = '';
    $f[] = 'server.document-root        = "/usr/share/artica-postfix"';
    $f[] = 'server.username = "******"';
    $f[] = 'server.groupname = "' . $LIGHTTPD_GROUP . '"';
    $f[] = 'server.errorlog-use-syslog = "enable"';
    //$f[]='server.errorlog             = "/var/log/lighttpd/error.log"';
    $f[] = 'index-file.names            = ( "index.php","index.cgi")';
    $f[] = '';
    $f[] = 'mimetype.assign             = (';
    $f[] = '  ".pdf"          =>      "application/pdf",';
    $f[] = '  ".sig"          =>      "application/pgp-signature",';
    $f[] = '  ".spl"          =>      "application/futuresplash",';
    $f[] = '  ".class"        =>      "application/octet-stream",';
    $f[] = '  ".ps"           =>      "application/postscript",';
    $f[] = '  ".torrent"      =>      "application/x-bittorrent",';
    $f[] = '  ".dvi"          =>      "application/x-dvi",';
    $f[] = '  ".gz"           =>      "application/x-gzip",';
    $f[] = '  ".pac"          =>      "application/x-ns-proxy-autoconfig",';
    $f[] = '  ".swf"          =>      "application/x-shockwave-flash",';
    $f[] = '  ".tar.gz"       =>      "application/x-tgz",';
    $f[] = '  ".tgz"          =>      "application/x-tgz",';
    $f[] = '  ".tar"          =>      "application/x-tar",';
    $f[] = '  ".zip"          =>      "application/zip",';
    $f[] = '  ".mp3"          =>      "audio/mpeg",';
    $f[] = '  ".m3u"          =>      "audio/x-mpegurl",';
    $f[] = '  ".wma"          =>      "audio/x-ms-wma",';
    $f[] = '  ".wax"          =>      "audio/x-ms-wax",';
    $f[] = '  ".ogg"          =>      "application/ogg",';
    $f[] = '  ".wav"          =>      "audio/x-wav",';
    $f[] = '  ".gif"          =>      "image/gif",';
    $f[] = '  ".jar"          =>      "application/x-java-archive",';
    $f[] = '  ".jpg"          =>      "image/jpeg",';
    $f[] = '  ".jpeg"         =>      "image/jpeg",';
    $f[] = '  ".png"          =>      "image/png",';
    $f[] = '  ".xbm"          =>      "image/x-xbitmap",';
    $f[] = '  ".xpm"          =>      "image/x-xpixmap",';
    $f[] = '  ".xwd"          =>      "image/x-xwindowdump",';
    $f[] = '  ".css"          =>      "text/css",';
    $f[] = '  ".html"         =>      "text/html",';
    $f[] = '  ".htm"          =>      "text/html",';
    $f[] = '  ".js"           =>      "text/javascript",';
    $f[] = '  ".asc"          =>      "text/plain",';
    $f[] = '  ".c"            =>      "text/plain",';
    $f[] = '  ".cpp"          =>      "text/plain",';
    $f[] = '  ".log"          =>      "text/plain",';
    $f[] = '  ".conf"         =>      "text/plain",';
    $f[] = '  ".text"         =>      "text/plain",';
    $f[] = '  ".txt"          =>      "text/plain",';
    $f[] = '  ".dtd"          =>      "text/xml",';
    $f[] = '  ".xml"          =>      "text/xml",';
    $f[] = '  ".mpeg"         =>      "video/mpeg",';
    $f[] = '  ".mpg"          =>      "video/mpeg",';
    $f[] = '  ".mov"          =>      "video/quicktime",';
    $f[] = '  ".qt"           =>      "video/quicktime",';
    $f[] = '  ".avi"          =>      "video/x-msvideo",';
    $f[] = '  ".asf"          =>      "video/x-ms-asf",';
    $f[] = '  ".asx"          =>      "video/x-ms-asf",';
    $f[] = '  ".wmv"          =>      "video/x-ms-wmv",';
    $f[] = '  ".bz2"          =>      "application/x-bzip",';
    $f[] = '  ".tbz"          =>      "application/x-bzip-compressed-tar",';
    $f[] = '  ".tar.bz2"      =>      "application/x-bzip-compressed-tar",';
    $f[] = '  ""              =>      "application/octet-stream",';
    $f[] = ' )';
    $f[] = '';
    $f[] = '';
    $f[] = 'accesslog.filename          = "/var/log/lighttpd/access.log"';
    $f[] = 'url.access-deny             = ( "~", ".inc",".log",".ini" )';
    $f[] = '';
    $f[] = 'static-file.exclude-extensions = ( ".php", ".pl", ".fcgi" )';
    $f[] = 'server.port                 = ' . $ArticaHttpsPort;
    if ($LighttpdArticaListenIP != null) {
        $unix = new unix();
        $IPS = $unix->NETWORK_ALL_INTERFACES(true);
        if (!isset($IPS[$LighttpdArticaListenIP])) {
            if ($GLOBALS["OUTPUT"]) {
                echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} ERROR! Listen IP: {$LighttpdArticaListenIP} -> FALSE !!\n";
            }
            $LighttpdArticaListenIP = null;
        }
    }
    if (strlen($LighttpdArticaListenIP) > 3) {
        $f[] = 'server.bind                = "' . $LighttpdArticaListenIP . '"';
    }
    $f[] = 'server.pid-file             = "/var/run/lighttpd/lighttpd.pid"';
    $f[] = 'server.max-fds 		   = 2048';
    $f[] = 'server.max-connections      = 512';
    $f[] = 'server.network-backend      = "write"';
    shell_exec("{$php} /usr/share/artica-postfix/exec.lighttpd.nets.php");
    shell_exec("{$php} /usr/share/artica-postfix/exec.lighttpd.nets.php --phpmyadmin");
    if (is_file('/etc/artica-postfix/lighttpd_nets')) {
        $f[] = @file_get_contents("/etc/artica-postfix/lighttpd_nets");
    }
    $f[] = '';
    if (is_file($phpfpm)) {
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} PHP-FPM is installed\n";
        }
        if ($EnablePHPFPM == 1) {
            if ($GLOBALS["OUTPUT"]) {
                echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} PHP-FPM is enabled\n";
            }
            $PHP_STANDARD_MODE = false;
            $f[] = 'fastcgi.server = ( ".php" =>((';
            $f[] = '         "socket" => "/var/run/php-fpm.sock",';
        }
    }
    if ($PHP_STANDARD_MODE) {
        $f[] = 'fastcgi.server = ( ".php" =>((';
        $f[] = '         "bin-path" => "/usr/bin/php-cgi",';
        if ($LighttpdUseUnixSocket == 1) {
            if ($GLOBALS["OUTPUT"]) {
                echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Fast-cgi server unix socket mode\n";
            }
            $f[] = '         "socket" => "/var/run/lighttpd/php.socket" + var.PID,';
        } else {
            if ($GLOBALS["OUTPUT"]) {
                echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Fast-cgi server socket 127.0.0.1:{$lighttpdPhpPort}\n";
            }
            $f[] = '         "host" => "127.0.0.1","port" =>' . $lighttpdPhpPort . ',';
        }
    }
    $f[] = '         "min-procs" => 1,';
    $f[] = '         "max-procs" => 1,';
    $f[] = '         "idle-timeout" => 10,';
    $f[] = '         "bin-environment" => (';
    $f[] = '             "PHP_FCGI_CHILDREN" => "' . $PHP_FCGI_CHILDREN . '",';
    $f[] = '             "PHP_FCGI_MAX_REQUESTS" => "' . $PHP_FCGI_MAX_REQUESTS . '"';
    $f[] = '          ),';
    $f[] = '          "bin-copy-environment" => (';
    $f[] = '            "PATH", "SHELL", "USER"';
    $f[] = '           ),';
    $f[] = '          "broken-scriptfilename" => "enable"';
    $f[] = '        ))';
    $f[] = ')';
    if ($ArticaHttpUseSSL == 1) {
        $f[] = 'ssl.engine                 = "enable"';
        $f[] = 'ssl.pemfile                = "/opt/artica/ssl/certs/lighttpd.pem"';
    }
    if ($LighttpdArticaDisableSSLv2 == 1) {
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Disable SSLv2 and weak ssl cipher\n";
        }
        $f[] = 'ssl.use-sslv2              = "disable"';
        $f[] = 'ssl.cipher-list            = "TLSv1+HIGH !SSLv2 RC4+MEDIUM !aNULL !eNULL !3DES @STRENGTH"';
    } else {
        $f[] = 'ssl.use-sslv2              = "enable"';
        $f[] = 'ssl.cipher-list            = "TLSv1+HIGH RC4+MEDIUM !SSLv2 !3DES !aNULL @STRENGTH"';
    }
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} No LDAP In lighttpd: {$NoLDAPInLighttpdd}\n";
    }
    if ($NoLDAPInLighttpdd == 0) {
        if ($mod_auth) {
            $f[] = 'status.status-url          = "/server-status"';
            $f[] = 'status.config-url          = "/server-config"';
        }
    }
    $f[] = 'server.upload-dirs         = ( "/var/lighttpd/upload" )';
    $f[] = '	server.follow-symlink = "enable"';
    $f[] = 'alias.url +=("/monitorix"  => "/var/www/monitorix/")';
    $f[] = 'alias.url += ("/blocked_attachments"=> "/var/spool/artica-filter/bightml")';
    $f[] = 'alias.url += ("/squid-rrd"=> "/opt/artica/share/www/squid/rrd")';
    $f[] = 'alias.url += ("/artica-agent"=> "/usr/share/artica-postfix/ressources/artica-agent")';
    if ($DenyMiniWebFromStandardPort == 1) {
        $f[] = '$HTTP["url"] =~ "^/miniadm.*|/computers|/user-backup" { url.access-deny = ( "" )}';
    }
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} checking AWSTATS...\n";
    }
    $AWSTATS_www_root = AWSTATS_www_root();
    $f[] = '$HTTP["url"] =~ "^/prxy.*\\.php" { url.access-deny = ( "" )}';
    if (is_dir($AWSTATS_www_root)) {
        $f[] = 'alias.url += ( "/awstats" => "' . $AWSTATS_www_root . '" )';
    }
    if (is_file('/usr/share/poweradmin/index.php')) {
        $f[] = 'alias.url += ( "/powerdns" => "/usr/share/poweradmin" )';
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Checking PowerAdmin\n";
        }
        shell_exec("{$nohup} {$php} /usr/share/artica-postfix/exec.pdns.php --poweradmin >/dev/null 2>&1 &");
    }
    //$perlbin
    $f[] = 'alias.url += ( "/cgi-bin/" => "/usr/lib/cgi-bin/" )';
    $f[] = '';
    $f[] = 'cgi.assign= (';
    $f[] = '	".pl"  => "' . $perlbin . '",';
    $f[] = '	".php" => "/usr/bin/php-cgi",';
    $f[] = '	".py"  => "/usr/bin/python",';
    $f[] = '	".cgi"  => "' . $perlbin . '",';
    if (is_file("/usr/lib/mailman/bin/mailmanctl")) {
        $f[] = '"/admin" => "",';
        $f[] = '"/admindb" => "",';
        $f[] = '"/confirm" => "",';
        $f[] = '"/create" => "",';
        $f[] = '"/edithtml" => "",';
        $f[] = '"/listinfo" => "",';
        $f[] = '"/options" => "",';
        $f[] = '"/private" => "",';
        $f[] = '"/rmlist" => "",';
        $f[] = '"/roster" => "",';
        $f[] = '"/subscribe" => ""';
    }
    $f[] = ')';
    $f[] = '';
    if ($mod_auth) {
        $f[] = 'auth.debug = 2';
        $f[] = '$HTTP["url"] =~ "^/cgi-bin/" {';
        $f[] = 'auth.backend = "plain"';
        $f[] = 'auth.backend.plain.userfile = "/etc/lighttpd/.lighttpdpassword" ';
        $f[] = 'auth.require = ("/cgi-bin/" => (';
        $f[] = '     "method"  => "basic",';
        $f[] = '     "realm"   => "awstats Statistics",';
        $f[] = '     "require" => "valid-user"';
        $f[] = '  ))';
        $f[] = '}';
        $f[] = '';
        $f[] = '$HTTP["url"] =~ "^/server-status" {';
        $f[] = 'auth.backend = "plain"';
        $f[] = 'auth.backend.plain.userfile = "/etc/lighttpd/.lighttpdpassword" ';
        $f[] = 'auth.require = ("/server-status" => (';
        $f[] = '     "method"  => "basic",';
        $f[] = '     "realm"   => "Lighttpd config - status",';
        $f[] = '     "require" => "valid-user"';
        $f[] = '  ))';
        $f[] = '}';
        $f[] = '';
        $f[] = '$HTTP["url"] =~ "^/server-config" {';
        $f[] = 'auth.backend = "plain"';
        $f[] = 'auth.backend.plain.userfile = "/etc/lighttpd/.lighttpdpassword" ';
        $f[] = 'auth.require = ("/server-config" => (';
        $f[] = '     "method"  => "basic",';
        $f[] = '     "realm"   => "Lighttpd config - status",';
        $f[] = '     "require" => "valid-user"';
        $f[] = '  ))';
        $f[] = '}';
        $f[] = '';
        $f[] = '$HTTP["url"] =~ "^/squid/" {';
        $f[] = 'auth.backend = "plain"';
        $f[] = 'auth.debug = 2';
        $f[] = 'auth.backend.plain.userfile = "/etc/lighttpd/squid-users.passwd" ';
        $f[] = 'auth.require = ("/squid/" => (';
        $f[] = '     "method"  => "basic",';
        $f[] = '     "realm"   => "Squid Statistics",';
        $f[] = '     "require" => "valid-user"';
        $f[] = '  ))';
        $f[] = '}';
        $f[] = '';
        $f[] = '$HTTP["url"] =~ "^/cluebringer/" {';
        $f[] = 'auth.backend = "plain"';
        $f[] = 'auth.debug = 2';
        $f[] = 'auth.backend.plain.userfile = "/etc/lighttpd/cluebringer.passwd" ';
        $f[] = 'auth.require = ("/cluebringer/" => (';
        $f[] = '     "method"  => "basic",';
        $f[] = '     "realm"   => "ClueBringer (Policyd V2) administration",';
        $f[] = '     "require" => "valid-user"';
        $f[] = '  ))';
        $f[] = '}';
        $f[] = '';
    }
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} writing {$LIGHTTPD_CONF_PATH}..\n";
    }
    @file_put_contents($LIGHTTPD_CONF_PATH, @implode("\n", $f));
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} {$LIGHTTPD_CONF_PATH} done\n";
    }
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Check sessions...\n";
    }
    shell_exec("{$nohup} {$php} /usr/share/artica-postfix/exec.shm.php --SessionMem >/dev/null 2>&1 &");
    shell_exec("{$nohup} {$php} /usr/share/artica-postfix/exec.shm.php --service-up >/dev/null 2>&1 &");
}
Esempio n. 12
0
function start($aspid = false)
{
    $unix = new unix();
    $sock = new sockets();
    $Masterbin = $unix->find_program("opendkim");
    if (!is_file($Masterbin)) {
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]}, opendkim not installed\n";
        }
        return;
    }
    if (!$aspid) {
        $pidfile = "/etc/artica-postfix/pids/" . basename(__FILE__) . "." . __FUNCTION__ . ".pid";
        $pid = $unix->get_pid_from_file($pidfile);
        if ($unix->process_exists($pid, basename(__FILE__))) {
            $time = $unix->PROCCESS_TIME_MIN($pid);
            if ($GLOBALS["OUTPUT"]) {
                echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Already Artica task running PID {$pid} since {$time}mn\n";
            }
            return;
        }
        @file_put_contents($pidfile, getmypid());
    }
    $pid = PID_NUM();
    if ($unix->process_exists($pid)) {
        $timepid = $unix->PROCCESS_TIME_MIN($pid);
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Service already started {$pid} since {$timepid}Mn...\n";
        }
        return;
    }
    $EnableDKFilter = intval($sock->GET_INFO("EnableDKFilter"));
    if ($EnableDKFilter == 0) {
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} service disabled (see EnableDKFilter)\n";
        }
        stop();
        return;
    }
    $php5 = $unix->LOCATE_PHP5_BIN();
    $sysctl = $unix->find_program("sysctl");
    $echo = $unix->find_program("echo");
    $nohup = $unix->find_program("nohup");
    $kill = $unix->find_program("kill");
    $chown = $unix->find_program("chown");
    @unlink("/var/run/opendkim/opendkim.pid");
    $f[] = $Masterbin;
    $f[] = "-p //var/run/opendkim/opendkim.sock";
    $f[] = "-x /etc/opendkim.conf";
    $f[] = "-u postfix";
    $f[] = "-P {$GLOBALS["PID_FILE"]}";
    @unlink("/var/run/opendkim/opendkim.sock");
    @mkdir("/var/run/opendkim", 0755, true);
    $unix->chown_func("postfix", "postfix", "/var/run/opendkim");
    $cmd = @implode(" ", $f);
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} service\n";
    }
    shell_exec($cmd);
    for ($i = 1; $i < 5; $i++) {
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} waiting {$i}/5\n";
        }
        sleep(1);
        $pid = PID_NUM();
        if ($unix->process_exists($pid)) {
            break;
        }
    }
    $pid = PID_NUM();
    if ($unix->process_exists($pid)) {
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Success PID {$pid}\n";
        }
        $unix->chown_func("postfix", "postfix", "/var/run/opendkim/opendkim.sock");
        shell_exec("{$chown} -R postfix:postfix /etc/mail/dkim >/dev/null 2>&1");
        shell_exec("{$chown} -R postfix:postfix /etc/mail/dkim/keys >/dev/null 2>&1");
        shell_exec("{$chown} -R postfix:postfix /var/run/opendkim >/dev/null 2>&1");
    } else {
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Failed\n";
        }
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} {$cmd}\n";
        }
    }
}
Esempio n. 13
0
function apache_config()
{
    $sock = new sockets();
    $unix = new unix();
    $EnablePHPFPM = 0;
    @mkdir("/var/run/squid", 0755, true);
    @mkdir("/var/run/squid", 0755, true);
    $APACHE_SRC_ACCOUNT = "squid";
    $APACHE_SRC_GROUP = "squid";
    $APACHE_MODULES_PATH = $unix->APACHE_MODULES_PATH();
    if (!isset($GLOBALS["HyperCacheStoragePath"])) {
        $sock = new sockets();
        $GLOBALS["HyperCacheStoragePath"] = $sock->GET_INFO("HyperCacheStoragePath");
        if ($GLOBALS["HyperCacheStoragePath"] == null) {
            $GLOBALS["HyperCacheStoragePath"] = "/home/artica/proxy-cache";
        }
    }
    $SquidEnforceRules = intval($sock->GET_INFO("SquidEnforceRules"));
    $HyperCacheHTTPListenPort = $sock->GET_INFO("HyperCacheHTTPListenPort");
    $HyperCacheHTTPListenPortSSL = $sock->GET_INFO("HyperCacheHTTPListenPortSSL");
    $HyperCacheHTTPListenPortSSLEnabled = intval($sock->GET_INFO("HyperCacheHTTPListenPortSSLEnabled"));
    if (!is_numeric($HyperCacheHTTPListenPort)) {
        $HyperCacheHTTPListenPort = 8700;
    }
    if (!is_numeric($HyperCacheHTTPListenPortSSL)) {
        $HyperCacheHTTPListenPortSSL = 8900;
    }
    $HyperCacheListenAddr = $sock->GET_INFO("HyperCacheListenAddr");
    $unix = new unix();
    $NETWORK_ALL_INTERFACES = $unix->NETWORK_ALL_INTERFACES();
    unset($NETWORK_ALL_INTERFACES["lo"]);
    if ($HyperCacheListenAddr == null) {
        $HyperCacheListenAddr = $unix->NETWORK_DEFAULT_LISTEN_ADDR();
        $sock->SET_INFO("HyperCacheListenAddr", $HyperCacheListenAddr);
    }
    if ($unix->NETWORK_IS_LISTEN_ADDR_EXISTS($HyperCacheListenAddr)) {
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} {$HyperCacheListenAddr} doesn't exists...\n";
        }
        $HyperCacheListenAddr = $unix->NETWORK_DEFAULT_LISTEN_ADDR();
        $sock->SET_INFO("HyperCacheListenAddr", $HyperCacheListenAddr);
    }
    $ipaddr = $HyperCacheListenAddr;
    $phpfpm = $unix->APACHE_LOCATE_PHP_FPM();
    $php = $unix->LOCATE_PHP5_BIN();
    $EnableArticaApachePHPFPM = $sock->GET_INFO("EnableArticaApachePHPFPM");
    if (!is_numeric($EnableArticaApachePHPFPM)) {
        $EnableArticaApachePHPFPM = 0;
    }
    if (!is_file($phpfpm)) {
        $EnableArticaApachePHPFPM = 0;
    }
    $unix->chown_func($APACHE_SRC_ACCOUNT, $APACHE_SRC_GROUP, "/var/run/squid");
    $apache_LOCATE_MIME_TYPES = $unix->apache_LOCATE_MIME_TYPES();
    if ($EnableArticaApachePHPFPM == 1) {
        if (!is_file("{$APACHE_MODULES_PATH}/mod_fastcgi.so")) {
            if ($GLOBALS["OUTPUT"]) {
                echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} mod_fastcgi.so is required to use PHP5-FPM\n";
            }
            $EnableArticaApachePHPFPM = 0;
        }
    }
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Listen address: {$ipaddr}\n";
    }
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Run as {$APACHE_SRC_ACCOUNT}:{$APACHE_SRC_GROUP}\n";
    }
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} HTTP Port: {$HyperCacheHTTPListenPort} SSL Port: {$HyperCacheHTTPListenPortSSL}\n";
    }
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} PHP-FPM: {$EnablePHPFPM}\n";
    }
    $q = new mysql_squid_builder();
    $nice = EXEC_NICE();
    $sql = "SELECT * FROM artica_caches_mirror WHERE enabled=1 AND `ToDelete`=0";
    $results = $q->QUERY_SQL($sql);
    $HyperCache = new HyperCache();
    while ($ligne = mysql_fetch_assoc($results)) {
        $t = time();
        $sitename = $ligne["sitename"];
        $sitename_path = $HyperCache->HyperCacheUriToHostname($sitename);
        $workingdir = $GLOBALS["HyperCacheStoragePath"] . "/mirror/{$sitename_path}";
        if (!is_dir($workingdir)) {
            @mkdir($workingdir, 0755, true);
        }
        @chown("{$GLOBALS["HyperCacheStoragePath"]}/mirror", "squid");
        @chgrp("{$GLOBALS["HyperCacheStoragePath"]}/mirror", "squid");
        @chown("{$GLOBALS["HyperCacheStoragePath"]}/mirror/{$sitename_path}", "squid");
        @chgrp("{$GLOBALS["HyperCacheStoragePath"]}/mirror/{$sitename_path}", "squid");
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} build folder for mirrored {$sitename_path}\n";
        }
        $mirrors[] = "";
        $mirrors_aliases[] = "alias /{$sitename_path} {$workingdir}";
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: alias /{$sitename_path} {$workingdir}\n";
        }
        $mirrors[] = "";
        $mirrors[] = "\t<Directory \"{$workingdir}\">";
        $mirrors[] = "\t\tDirectorySlash On";
        $mirrors[] = "\t\tDirectoryIndex index.html index-2.html";
        $mirrors[] = "\t\tOptions All";
        $mirrors[] = "\t\tOrder deny,allow";
        $mirrors[] = "\t\tAllow from all";
        $mirrors[] = "\t</Directory>";
        $mirrors[] = "";
    }
    $mirrors_conf = @implode("\n", $mirrors);
    $mirrors_aliases_conf = @implode("\n", $mirrors_aliases);
    $f[] = "LockFile /var/run/squid/HyperCacheWebAccept.lock";
    $f[] = "PidFile /var/run/squid/HyperCacheWeb.pid";
    $f[] = "AcceptMutex flock";
    $f[] = "DocumentRoot /usr/share/artica-postfix";
    $f[] = "DirectoryIndex squidcache.php";
    $f[] = "NameVirtualHost {$ipaddr}:{$HyperCacheHTTPListenPort}";
    $f[] = $mirrors_aliases_conf;
    if ($HyperCacheHTTPListenPortSSLEnabled == 1) {
        $f[] = "SSLRandomSeed startup file:/dev/urandom  256";
        $f[] = "SSLRandomSeed connect builtin";
        $f[] = "SSLSessionCache        shmcb:/var/run/squid/HyperCacheWebSSL(512000)";
        $f[] = "SSLSessionCacheTimeout  300";
        $f[] = "SSLSessionCacheTimeout  300";
        $f[] = "NameVirtualHost {$ipaddr}:{$HyperCacheHTTPListenPortSSL}";
        $f[] = "Listen {$ipaddr}:{$HyperCacheHTTPListenPortSSL}";
    }
    $f[] = "Listen {$ipaddr}:{$HyperCacheHTTPListenPort}";
    $f[] = "<VirtualHost {$ipaddr}:{$HyperCacheHTTPListenPort}>";
    $f[] = "\tServerName {$ipaddr}";
    $f[] = "\tLoglevel debug";
    $f[] = "\tLoglevel debug";
    $f[] = "\tErrorLog /var/log/squid/HyperCache-error.log";
    $f[] = "\tLogFormat \"%h %l %u %t \\\"%r\\\" %<s %b\" common";
    $f[] = "\tCustomLog /var/log/squid/HyperCache-access.log common";
    $f[] = "\tErrorDocument 400 /squidcache.php";
    $f[] = "\tErrorDocument 401 /squidcache.php";
    $f[] = "\tErrorDocument 403 /squidcache.php";
    $f[] = "\tErrorDocument 404 /squidcache.php";
    $f[] = "\tErrorDocument 500 /squidcache.php";
    //$f[]="\tFallbackResource /squidcache.php";
    $f[] = $mirrors_aliases_conf;
    $f[] = $mirrors_conf;
    $f[] = "</VirtualHost>";
    if ($HyperCacheHTTPListenPortSSLEnabled == 1) {
        $squid = new squidbee();
        $data = $squid->SaveCertificate($ArticaSplashHotSpotCertificate, false, true, false);
        if (preg_match("#ssl_certificate\\s+(.+?);\\s+ssl_certificate_key\\s+(.+?);#is", $data, $re)) {
            $cert = $re[1];
            $key = $re[2];
        }
        $f[] = "<VirtualHost {$ipaddr}:{$HyperCacheHTTPListenPortSSL}>";
        $f[] = "\tFallbackResource /squidcache.php";
        $f[] = "\tServerName {$ipaddr}";
        $f[] = "\tDocumentRoot /usr/share/artica-postfix";
        $f[] = "\tSSLEngine on";
        $f[] = "\tSSLCertificateFile \"{$cert}\"";
        $f[] = "\tSSLCertificateKeyFile \"{$key}\"";
        $f[] = "\tSSLVerifyClient none";
        $f[] = "\tServerSignature Off";
        $f[] = $mirrors_conf;
        $f[] = "</VirtualHost>";
    }
    $f[] = "<IfModule mpm_prefork_module>";
    $f[] = "</IfModule>";
    $f[] = "<IfModule mpm_worker_module>";
    $f[] = "\tMinSpareThreads      25";
    $f[] = "\tMaxSpareThreads      75 ";
    $f[] = "\tThreadLimit          64";
    $f[] = "\tThreadsPerChild      25";
    $f[] = "</IfModule>";
    $f[] = "<IfModule mpm_event_module>";
    $f[] = "\tMinSpareThreads      25";
    $f[] = "\tMaxSpareThreads      75 ";
    $f[] = "\tThreadLimit          64";
    $f[] = "\tThreadsPerChild      25";
    $f[] = "</IfModule>";
    $f[] = "AccessFileName .htaccess";
    $f[] = "<Files ~ \"^\\.ht\">";
    $f[] = "\tOrder allow,deny";
    $f[] = "\tDeny from all";
    $f[] = "\tSatisfy all";
    $f[] = "</Files>";
    $f[] = "DefaultType text/plain";
    $f[] = "HostnameLookups Off";
    $f[] = "User\t\t\t\t   {$APACHE_SRC_ACCOUNT}";
    $f[] = "Group\t\t\t\t   {$APACHE_SRC_GROUP}";
    $f[] = "Timeout              300";
    $f[] = "KeepAlive            Off";
    $f[] = "KeepAliveTimeout     15";
    $f[] = "StartServers         1";
    $f[] = "MaxClients           50";
    $f[] = "MinSpareServers      2";
    $f[] = "MaxSpareServers      5";
    $f[] = "MaxRequestsPerChild  5000";
    $f[] = "MaxKeepAliveRequests 100";
    $f[] = "ServerName " . $unix->hostname_g();
    if ($HyperCacheHTTPListenPortSSLEnabled == 1) {
        $f[] = "<IfModule mod_ssl.c>";
        $f[] = "\tSSLRandomSeed connect builtin";
        $f[] = "\tSSLRandomSeed connect file:/dev/urandom 512";
        $f[] = "\tAddType application/x-x509-ca-cert .crt";
        $f[] = "\tAddType application/x-pkcs7-crl    .crl";
        $f[] = "\tSSLPassPhraseDialog  builtin";
        $f[] = "\tSSLSessionCache        shmcb:/var/run/squid/ssl_scache-articahtp(512000)";
        $f[] = "\tSSLSessionCacheTimeout  300";
        $f[] = "\tSSLSessionCacheTimeout  300";
        $f[] = "\tSSLMutex  sem";
        $f[] = "\tSSLCipherSuite HIGH:MEDIUM:!ADH";
        $f[] = "\tSSLProtocol all -SSLv2";
        $f[] = "</IfModule>";
        $f[] = "";
    }
    // $f[]="\tFallbackResource /squidcache.php";
    $f[] = "AddType application/x-httpd-php .php";
    $f[] = "php_value error_log \"/var/log/lighttpd/apache-hotspot-php.log\"";
    $f[] = "<IfModule mod_fcgid.c>";
    $f[] = "\tPHP_Fix_Pathinfo_Enable 1";
    $f[] = "</IfModule>";
    $f[] = "<IfModule mod_php5.c>";
    $f[] = "    <FilesMatch \"\\.ph(p3?|tml)\$\">";
    $f[] = "\tSetHandler application/x-httpd-php";
    $f[] = "    </FilesMatch>";
    $f[] = "    <FilesMatch \"\\.phps\$\">";
    $f[] = "\tSetHandler application/x-httpd-php-source";
    $f[] = "    </FilesMatch>";
    $f[] = "    <IfModule mod_userdir.c>";
    $f[] = "        <Directory /home/*/public_html>";
    $f[] = "            php_admin_value engine Off";
    $f[] = "        </Directory>";
    $f[] = "    </IfModule>";
    $f[] = "</IfModule>";
    $f[] = "<IfModule mod_mime.c>";
    $f[] = "\tTypesConfig /etc/mime.types";
    $f[] = "\tAddType application/x-compress .Z";
    $f[] = "\tAddType application/x-gzip .gz .tgz";
    $f[] = "\tAddType application/x-bzip2 .bz2";
    $f[] = "\tAddType application/x-httpd-php .php .phtml";
    $f[] = "\tAddType application/x-httpd-php-source .phps";
    $f[] = "\tAddLanguage ca .ca";
    $f[] = "\tAddLanguage cs .cz .cs";
    $f[] = "\tAddLanguage da .dk";
    $f[] = "\tAddLanguage de .de";
    $f[] = "\tAddLanguage el .el";
    $f[] = "\tAddLanguage en .en";
    $f[] = "\tAddLanguage eo .eo";
    $f[] = "\tRemoveType  es";
    $f[] = "\tAddLanguage es .es";
    $f[] = "\tAddLanguage et .et";
    $f[] = "\tAddLanguage fr .fr";
    $f[] = "\tAddLanguage he .he";
    $f[] = "\tAddLanguage hr .hr";
    $f[] = "\tAddLanguage it .it";
    $f[] = "\tAddLanguage ja .ja";
    $f[] = "\tAddLanguage ko .ko";
    $f[] = "\tAddLanguage ltz .ltz";
    $f[] = "\tAddLanguage nl .nl";
    $f[] = "\tAddLanguage nn .nn";
    $f[] = "\tAddLanguage no .no";
    $f[] = "\tAddLanguage pl .po";
    $f[] = "\tAddLanguage pt .pt";
    $f[] = "\tAddLanguage pt-BR .pt-br";
    $f[] = "\tAddLanguage ru .ru";
    $f[] = "\tAddLanguage sv .sv";
    $f[] = "\tRemoveType  tr";
    $f[] = "\tAddLanguage tr .tr";
    $f[] = "\tAddLanguage zh-CN .zh-cn";
    $f[] = "\tAddLanguage zh-TW .zh-tw";
    $f[] = "\tAddCharset us-ascii    .ascii .us-ascii";
    $f[] = "\tAddCharset ISO-8859-1  .iso8859-1  .latin1";
    $f[] = "\tAddCharset ISO-8859-2  .iso8859-2  .latin2 .cen";
    $f[] = "\tAddCharset ISO-8859-3  .iso8859-3  .latin3";
    $f[] = "\tAddCharset ISO-8859-4  .iso8859-4  .latin4";
    $f[] = "\tAddCharset ISO-8859-5  .iso8859-5  .cyr .iso-ru";
    $f[] = "\tAddCharset ISO-8859-6  .iso8859-6  .arb .arabic";
    $f[] = "\tAddCharset ISO-8859-7  .iso8859-7  .grk .greek";
    $f[] = "\tAddCharset ISO-8859-8  .iso8859-8  .heb .hebrew";
    $f[] = "\tAddCharset ISO-8859-9  .iso8859-9  .latin5 .trk";
    $f[] = "\tAddCharset ISO-8859-10  .iso8859-10  .latin6";
    $f[] = "\tAddCharset ISO-8859-13  .iso8859-13";
    $f[] = "\tAddCharset ISO-8859-14  .iso8859-14  .latin8";
    $f[] = "\tAddCharset ISO-8859-15  .iso8859-15  .latin9";
    $f[] = "\tAddCharset ISO-8859-16  .iso8859-16  .latin10";
    $f[] = "\tAddCharset ISO-2022-JP .iso2022-jp .jis";
    $f[] = "\tAddCharset ISO-2022-KR .iso2022-kr .kis";
    $f[] = "\tAddCharset ISO-2022-CN .iso2022-cn .cis";
    $f[] = "\tAddCharset Big5        .Big5       .big5 .b5";
    $f[] = "\tAddCharset cn-Big5     .cn-big5";
    $f[] = "\t# For russian, more than one charset is used (depends on client, mostly):";
    $f[] = "\tAddCharset WINDOWS-1251 .cp-1251   .win-1251";
    $f[] = "\tAddCharset CP866       .cp866";
    $f[] = "\tAddCharset KOI8      .koi8";
    $f[] = "\tAddCharset KOI8-E      .koi8-e";
    $f[] = "\tAddCharset KOI8-r      .koi8-r .koi8-ru";
    $f[] = "\tAddCharset KOI8-U      .koi8-u";
    $f[] = "\tAddCharset KOI8-ru     .koi8-uk .ua";
    $f[] = "\tAddCharset ISO-10646-UCS-2 .ucs2";
    $f[] = "\tAddCharset ISO-10646-UCS-4 .ucs4";
    $f[] = "\tAddCharset UTF-7       .utf7";
    $f[] = "\tAddCharset UTF-8       .utf8";
    $f[] = "\tAddCharset UTF-16      .utf16";
    $f[] = "\tAddCharset UTF-16BE    .utf16be";
    $f[] = "\tAddCharset UTF-16LE    .utf16le";
    $f[] = "\tAddCharset UTF-32      .utf32";
    $f[] = "\tAddCharset UTF-32BE    .utf32be";
    $f[] = "\tAddCharset UTF-32LE    .utf32le";
    $f[] = "\tAddCharset euc-cn      .euc-cn";
    $f[] = "\tAddCharset euc-gb      .euc-gb";
    $f[] = "\tAddCharset euc-jp      .euc-jp";
    $f[] = "\tAddCharset euc-kr      .euc-kr";
    $f[] = "\tAddCharset EUC-TW      .euc-tw";
    $f[] = "\tAddCharset gb2312      .gb2312 .gb";
    $f[] = "\tAddCharset iso-10646-ucs-2 .ucs-2 .iso-10646-ucs-2";
    $f[] = "\tAddCharset iso-10646-ucs-4 .ucs-4 .iso-10646-ucs-4";
    $f[] = "\tAddCharset shift_jis   .shift_jis .sjis";
    $f[] = "\tAddType text/html .shtml";
    $f[] = "\tAddOutputFilter INCLUDES .shtml";
    $f[] = "</IfModule>";
    $f[] = $mirrors_conf;
    $f[] = "<Directory \"/usr/share/artica-postfix\">";
    $f[] = "FallbackResource /squidcache.php";
    $f[] = "\tDirectorySlash On";
    $f[] = "\tDirectoryIndex squidcache.php";
    $f[] = "\t\t<Files \"squidcache.php\">";
    $f[] = "\t\t\tOrder allow,deny";
    $f[] = "\t\t\tallow from all";
    $f[] = "\t\t</Files>";
    /*	$f[]="\tErrorDocument 400 /hotspot.php";
    	$f[]="\tErrorDocument 401 /hotspot.php";
    	$f[]="\tErrorDocument 403 /hotspot.php";
    	$f[]="\tErrorDocument 404 /hotspot.php";
    	$f[]="\tErrorDocument 500 /hotspot.php";
    */
    $f[] = "\tOptions -Indexes";
    $f[] = ParseArticaDirectory();
    @chmod("/usr/share/artica-postfix/squidcache.php", 0755);
    @chown("/usr/share/artica-postfix/squidcache.php", "squid");
    if ($HyperCacheHTTPListenPortSSLEnabled == 1) {
        $f[] = "\tSSLOptions +StdEnvVars";
    }
    $f[] = "\tAllowOverride All";
    $f[] = "\tOrder allow,deny";
    $f[] = "\tAllow from all";
    $f[] = "</Directory>";
    if ($EnableArticaApachePHPFPM == 1) {
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Activate PHP5-FPM\n";
        }
        shell_exec("{$php} /usr/share/artica-postfix/exec.initslapd.php --phppfm");
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Restarting PHP5-FPM\n";
        }
        shell_exec("/etc/init.d/php5-fpm restart");
        $f[] = "\tAlias /php5.fastcgi /var/run/squid/php5.fastcgi";
        $f[] = "\tAddHandler php-script .php";
        $f[] = "\tFastCGIExternalServer /var/run/squid/php5.fastcgi -socket /var/run/php-fpm.sock -idle-timeout 610";
        $f[] = "\tAction php-script /php5.fastcgi virtual";
        $f[] = "\t<Directory /var/run/squid>";
        $f[] = "\t\t<Files php5.fastcgi>";
        $f[] = "\t\tOrder deny,allow";
        $f[] = "\t\tAllow from all";
        $f[] = "\t\t</Files>";
        $f[] = "\t</Directory>";
    } else {
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} PHP5-FPM is disabled\n";
        }
    }
    if ($EnableArticaApachePHPFPM == 0) {
        $array["php5_module"] = "libphp5.so";
    }
    $array["dumpio_module"] = "mod_dumpio.so";
    $array["actions_module"] = "mod_actions.so";
    $array["expires_module"] = "mod_expires.so";
    $array["rewrite_module"] = "mod_rewrite.so";
    $array["dir_module"] = "mod_dir.so";
    $array["mime_module"] = "mod_mime.so";
    $array["alias_module"] = "mod_alias.so";
    $array["auth_basic_module"] = "mod_auth_basic.so";
    $array["authz_host_module"] = "mod_authz_host.so";
    $array["autoindex_module"] = "mod_autoindex.so";
    $array["negotiation_module"] = "mod_negotiation.so";
    if ($HyperCacheHTTPListenPortSSLEnabled == 1) {
        $array["ssl_module"] = "mod_ssl.so";
    }
    $array["headers_module"] = "mod_headers.so";
    //$array["ldap_module"]="mod_ldap.so";
    if ($EnableArticaApachePHPFPM == 1) {
        $array["fastcgi_module"] = "mod_fastcgi.so";
    }
    if (is_dir("/etc/apache2")) {
        if (!is_file("/etc/apache2/mime.types")) {
            if ($apache_LOCATE_MIME_TYPES != "/etc/apache2/mime.types") {
                @copy($apache_LOCATE_MIME_TYPES, "/etc/apache2/mime.types");
            }
        }
    }
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Mime types path.......: {$apache_LOCATE_MIME_TYPES}\n";
    }
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Modules path..........: {$APACHE_MODULES_PATH}\n";
    }
    while (list($module, $lib) = each($array)) {
        if (is_file("{$APACHE_MODULES_PATH}/{$lib}")) {
            if ($GLOBALS["OUTPUT"]) {
                echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} include module \"{$module}\"\n";
            }
            $f[] = "LoadModule {$module} {$APACHE_MODULES_PATH}/{$lib}";
        } else {
            if ($GLOBALS["OUTPUT"]) {
                echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} skip module \"{$module}\"\n";
            }
        }
    }
    @file_put_contents("/etc/artica-postfix/HyperCacheHTTPD.conf", @implode("\n", $f));
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} /etc/artica-postfix/HyperCacheHTTPD.conf done\n";
    }
}
Esempio n. 14
0
function copytocache()
{
    $unix = new unix();
    $path = $_GET["copytocache"];
    if (!is_file($path)) {
        echo "<articadatascgi>No such file</articadatascgi>";
        writelogs("{$path} -> No such file");
        return;
    }
    $basename = basename($path);
    writelogs("COPY {$path} -> /usr/share/artica-postfix/ressources/logs/{$basename}");
    if (is_file("/usr/share/artica-postfix/ressources/logs/{$basename}")) {
        @unlink("/usr/share/artica-postfix/ressources/logs/{$basename}");
    }
    if (!copy($path, "/usr/share/artica-postfix/ressources/logs/{$basename}")) {
        echo "<articadatascgi>Copy failed</articadatascgi>";
        return;
    }
    $APACHE = $unix->APACHE_SRC_ACCOUNT();
    $APACHE_GROUP = $unix->APACHE_SRC_GROUP();
    $unix->chown_func($APACHE, $APACHE_GROUP, "/usr/share/artica-postfix/ressources/logs/{$basename}");
    $unix->chmod_func(0755, "/usr/share/artica-postfix/ressources/logs/{$basename}");
}
Esempio n. 15
0
function build()
{
    $unix = new unix();
    $sock = new sockets();
    $users = new usersMenus();
    $APACHE_MODULES_PATH = $users->APACHE_MODULES_PATH;
    if ($GLOBALS["OUTPUT"]) {
        echo "Configuring...: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Apache modules in \"{$APACHE_MODULES_PATH}\"\n";
    }
    $ZarafaApachePort = $sock->GET_INFO("ZarafaApachePort");
    $ZarafaApacheSSL = $sock->GET_INFO("ZarafaApacheSSL");
    $LighttpdArticaDisableSSLv2 = $sock->GET_INFO("LighttpdArticaDisableSSLv2");
    $ZarafaWebNTLM = $sock->GET_INFO("ZarafaWebNTLM");
    $ZarafaApacheServerName = $sock->GET_INFO("ZarafaApacheServerName");
    if (!is_numeric($ZarafaWebNTLM)) {
        $ZarafaWebNTLM = 0;
    }
    if (!is_numeric($LighttpdArticaDisableSSLv2)) {
        $LighttpdArticaDisableSSLv2 = 0;
    }
    if (!is_numeric($ZarafaApacheSSL)) {
        $ZarafaApacheSSL = 0;
    }
    if (!is_numeric($ZarafaApachePort)) {
        $ZarafaApachePort = 9010;
    }
    $ZarafaApachePHPFPMEnable = $sock->GET_INFO("ZarafaApachePHPFPMEnable");
    if (!is_numeric($ZarafaApachePHPFPMEnable)) {
        $ZarafaApachePHPFPMEnable = 0;
    }
    if ($ZarafaApacheServerName == null) {
        $ZarafaApacheServerName = $unix->hostname_g();
    }
    if (!is_dir('/usr/share/php/mapi')) {
        if (is_dir('/usr/local/share/php/mapi')) {
            @mkdir("/usr/share/php", 0755, true);
            shell_exec('/bin/ln -s /usr/local/share/php/mapi /usr/share/php/mapi');
        }
    }
    $username = $unix->APACHE_SRC_ACCOUNT();
    $group = $unix->APACHE_SRC_GROUP();
    if ($GLOBALS["OUTPUT"]) {
        echo "Configuring...: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} logs access: /var/log/apache-zarafa/access.log\n";
    }
    if ($GLOBALS["OUTPUT"]) {
        echo "Configuring...: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} logs error : /var/log/apache-zarafa/error.log\n";
    }
    @unlink("/var/log/apache-zarafa/access.log");
    @unlink("/var/log/apache-zarafa/error.log");
    @touch("/var/log/apache-zarafa/access.log");
    @touch("/var/log/apache-zarafa/access.log");
    @mkdir("/var/run/apache2", 0755, true);
    @mkdir("/var/run/artica-apache", 0755, true);
    @mkdir('/var/run/zarafa-web', 0755, true);
    @mkdir('/var/log/apache-zarafa', 0755, true);
    @mkdir('/var/lib/zarafa-webaccess/tmp', 0755, true);
    $unix->chown_func($username, $group, "/var/log/apache-zarafa/access.log");
    $unix->chown_func($username, $group, "/var/log/apache-zarafa/error.log");
    $unix->chown_func($username, $group, "/var/run/apache2");
    $unix->chown_func($username, $group, "/var/run/artica-apache");
    $unix->chown_func($username, $group, "/var/run/zarafa-web");
    $unix->chown_func($username, $group, "/var/log/apache-zarafa");
    $unix->chown_func($username, $group, "/var/lib/zarafa-webaccess");
    $unix->chmod_func(0777, "/var/lib/zarafa-webaccess/tmp");
    $unix->chown_func($username, $group, "/usr/share/zarafa-webaccess/plugins/*");
    if ($ZarafaApacheSSL == 1) {
        if (is_file("{$APACHE_MODULES_PATH}/mod_ssl.so")) {
            if (!is_file("/etc/ssl/certs/zarafa/apache.crt.nopass.cert")) {
                shell_exec("/usr/share/artica-postfix/bin/artica-install --zarafa-apache-certificates");
            }
            $f[] = "LoadModule ssl_module /usr/lib/apache2/modules/mod_ssl.so";
            $f[] = "SSLEngine on";
            $f[] = "SSLCertificateFile /etc/ssl/certs/zarafa/apache.crt.nopass.cert";
            $f[] = "SSLCertificateKeyFile /etc/ssl/certs/zarafa/apache-ca.key.nopass.key";
            if ($LighttpdArticaDisableSSLv2 == 1) {
                $f[] = "SSLProtocol -ALL +SSLv3 +TLSv1";
                $f[] = "SSLCipherSuite ALL:!aNULL:!ADH:!eNULL:!LOW:!EXP:RC4+RSA:+HIGH:+MEDIUM";
            }
            $f[] = "SSLRandomSeed connect builtin";
            $f[] = "SSLRandomSeed startup file:/dev/urandom  256";
            $f[] = "SSLRandomSeed connect file:/dev/urandom 256";
            $f[] = "AddType application/x-x509-ca-cert .crt";
            $f[] = "AddType application/x-pkcs7-crl    .crl";
            $f[] = "SSLPassPhraseDialog  builtin";
            $f[] = "SSLSessionCache        shmcb:/var/run/apache2/ssl_scache-zarafa(512000)";
            $f[] = "SSLSessionCacheTimeout  300";
            $f[] = "SSLVerifyClient none";
            $f[] = "ServerSignature Off";
        }
    }
    $SET_MODULES = SET_MODULES();
    $FreeWebPerformances = unserialize(base64_decode($sock->GET_INFO("ZarafaApachePerformances")));
    if (!is_numeric($FreeWebPerformances["Timeout"])) {
        $FreeWebPerformances["Timeout"] = 300;
    }
    if (!is_numeric($FreeWebPerformances["KeepAlive"])) {
        $FreeWebPerformances["KeepAlive"] = 0;
    }
    if (!is_numeric($FreeWebPerformances["MaxKeepAliveRequests"])) {
        $FreeWebPerformances["MaxKeepAliveRequests"] = 100;
    }
    if (!is_numeric($FreeWebPerformances["KeepAliveTimeout"])) {
        $FreeWebPerformances["KeepAliveTimeout"] = 15;
    }
    if (!is_numeric($FreeWebPerformances["MinSpareServers"])) {
        $FreeWebPerformances["MinSpareServers"] = 5;
    }
    if (!is_numeric($FreeWebPerformances["MaxSpareServers"])) {
        $FreeWebPerformances["MaxSpareServers"] = 10;
    }
    if (!is_numeric($FreeWebPerformances["StartServers"])) {
        $FreeWebPerformances["StartServers"] = 5;
    }
    if (!is_numeric($FreeWebPerformances["MaxClients"])) {
        $FreeWebPerformances["MaxClients"] = 50;
    }
    if (!is_numeric($FreeWebPerformances["MaxRequestsPerChild"])) {
        $FreeWebPerformances["MaxRequestsPerChild"] = 10000;
    }
    $f[] = "Timeout              {$FreeWebPerformances["Timeout"]}";
    $f[] = "KeepAlive            {$FreeWebPerformances["KeepAlive"]}";
    $f[] = "KeepAliveTimeout     {$FreeWebPerformances["KeepAliveTimeout"]}";
    $f[] = "StartServers         {$FreeWebPerformances["StartServers"]}";
    $f[] = "MaxClients           {$FreeWebPerformances["MaxClients"]}";
    $f[] = "MinSpareServers      {$FreeWebPerformances["MinSpareServers"]}";
    $f[] = "MaxSpareServers      {$FreeWebPerformances["MaxSpareServers"]}";
    $f[] = "MaxRequestsPerChild  {$FreeWebPerformances["MaxRequestsPerChild"]}";
    $f[] = "MaxKeepAliveRequests {$FreeWebPerformances["MaxKeepAliveRequests"]}";
    $f[] = "ServerLimit\t\t   {$FreeWebPerformances["MaxClients"]}";
    $f[] = "AcceptMutex \t\t  flock";
    $ZarafaApacheWebMailType = $sock->GET_INFO("ZarafaApacheWebMailType");
    //$ZarafaApacheWebMailTypeA["APP_ZARAFA"]="{APP_ZARAFA}";
    //$ZarafaApacheWebMailTypeA["APP_ZARAFA_WEBAPP"]="{APP_ZARAFA_WEBAPP}";
    if ($ZarafaApacheWebMailType == null) {
        $ZarafaApacheWebMailType = "APP_ZARAFA";
    }
    $f[] = $SET_MODULES;
    $f[] = "<IfModule !mpm_netware_module>";
    $f[] = "          <IfModule !mpm_winnt_module>";
    $f[] = "             User {$username}";
    $f[] = "             Group {$group}";
    $f[] = "          </IfModule>";
    $f[] = "</IfModule>";
    $f[] = "ServerAdmin you@example.com";
    $f[] = "ServerName {$ZarafaApacheServerName}";
    if ($ZarafaApacheWebMailType == "APP_ZARAFA_WEBAPP") {
        if (!is_dir("/usr/share/zarafa-webapp")) {
            $ZarafaApacheWebMailType = "APP_ZARAFA";
        }
    }
    if ($ZarafaApacheWebMailType == "APP_ZARAFA") {
        $DocumentRoot = "/usr/share/zarafa-webaccess";
    }
    if ($ZarafaApacheWebMailType == "APP_ZARAFA_WEBAPP") {
        $free = new freeweb();
        $free->InstallZarafaConfigWebAPP("/usr/share/zarafa-webapp");
        $DocumentRoot = "/usr/share/zarafa-webapp";
    }
    if ($GLOBALS["OUTPUT"]) {
        echo "Configuring...: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} WebMail \"{$ZarafaApacheWebMailType}\"\n";
    }
    $f[] = "ServerRoot \"{$DocumentRoot}\"";
    $f[] = "Listen {$ZarafaApachePort}";
    $f[] = "User {$username}";
    $f[] = "Group {$group}";
    $f[] = "PidFile /var/run/zarafa-web/httpd.pid";
    $f[] = "DocumentRoot \"{$DocumentRoot}\"";
    $f[] = "<Directory {$DocumentRoot}/>";
    if ($ZarafaWebNTLM == 1) {
        $ldap = new clladp();
        $f[] = "    AuthName \"Zarafa logon..\"";
        $f[] = "    AuthType Basic";
        $f[] = "    AuthLDAPURL ldap://{$ldap->ldap_host}:{$ldap->ldap_port}/dc=organizations,{$ldap->suffix}?uid";
        $f[] = "    AuthLDAPBindDN cn={$ldap->ldap_admin},{$ldap->suffix}";
        $f[] = "    AuthLDAPBindPassword {$ldap->ldap_password}";
        $f[] = "    AuthLDAPGroupAttribute memberUid";
        $f[] = "    AuthBasicProvider ldap";
        $f[] = "    AuthzLDAPAuthoritative off";
        $f[] = "    require valid-user";
    }
    if ($ZarafaApachePHPFPMEnable == 0) {
        $f[] = "    php_value magic_quotes_gpc 0";
        $f[] = "    php_value register_globals 0";
        $f[] = "    php_value magic_quotes_runtime 0";
        $f[] = "    php_value post_max_size 31M";
        $f[] = "    php_value include_path  \".:/usr/share/php:/usr/share/php5:/usr/local/share/php\"";
        $f[] = "    php_value upload_max_filesize 30M";
        $f[] = "    php_value short_open_tag 1";
        $f[] = "    php_flag log_errors on";
        $f[] = "    php_value safe_mode 0";
        $f[] = "    php_flag log_errors on";
        $f[] = "    php_value  error_log  \"/var/log/apache-zarafa/php.log\"";
    }
    $f[] = "    DirectoryIndex index.php";
    $f[] = "    Options -Indexes +FollowSymLinks";
    $f[] = "    AllowOverride Options";
    $f[] = "    Order allow,deny";
    $f[] = "    Allow from all";
    $f[] = "</Directory>";
    if ($ZarafaApachePHPFPMEnable == 1) {
        $php = $unix->LOCATE_PHP5_BIN();
        if (!$unix->is_socket("/var/run/php-fpm-zarafa.sock")) {
            if ($GLOBALS["OUTPUT"]) {
                echo "Starting......: " . date("H:i:s") . " [INIT]: /var/run/php-fpm-zarafa.sock no such socket\n";
            }
            if ($GLOBALS["OUTPUT"]) {
                echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Activate PHP5-FPM\n";
            }
            shell_exec("{$php} /usr/share/artica-postfix/exec.initslapd.php --phppfm");
            if ($GLOBALS["OUTPUT"]) {
                echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Restarting PHP5-FPM\n";
            }
            shell_exec("/etc/init.d/php5-fpm restart");
        }
        $f[] = "\tAlias /php5.fastcgi /var/run/artica-apache/php5.fastcgi";
        $f[] = "\tAddHandler php-script .php";
        $f[] = "\tFastCGIExternalServer /var/run/artica-apache/php5.fastcgi -socket /var/run/php-fpm-zarafa.sock -idle-timeout 610";
        $f[] = "\tAction php-script /php5.fastcgi virtual";
        $f[] = "\t<Directory /var/run/artica-apache>";
        $f[] = "\t\t<Files php5.fastcgi>";
        $f[] = "\t\tOrder deny,allow";
        $f[] = "\t\tAllow from all";
        $f[] = "\t\t</Files>";
        $f[] = "\t</Directory>";
    } else {
        if ($GLOBALS["OUTPUT"]) {
            echo "Configuring...: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} PHP5-FPM is disabled\n";
        }
    }
    $f[] = "<IfModule dir_module>";
    $f[] = "    DirectoryIndex index.php";
    $f[] = "</IfModule>";
    $f[] = "";
    $f[] = "";
    $f[] = "<FilesMatch \"^\\.ht\">";
    $f[] = "    Order allow,deny";
    $f[] = "    Deny from all";
    $f[] = "    Satisfy All";
    $f[] = "</FilesMatch>";
    $f[] = "<IfModule mod_php5.c>";
    $f[] = "    <FilesMatch \"\\.ph(p3?|tml)\$\">";
    $f[] = "\tSetHandler application/x-httpd-php";
    $f[] = "    </FilesMatch>";
    $f[] = "    <FilesMatch \"\\.phps\$\">";
    $f[] = "\tSetHandler application/x-httpd-php-source";
    $f[] = "    </FilesMatch>";
    $f[] = "    # To re-enable php in user directories comment the following lines";
    $f[] = "    # (from <IfModule ...> to </IfModule>.) Do NOT set it to On as it";
    $f[] = "    # prevents .htaccess files from disabling it.";
    $f[] = "    <IfModule mod_userdir.c>";
    $f[] = "        <Directory /home/*/public_html>";
    $f[] = "            php_admin_value engine Off";
    $f[] = "        </Directory>";
    $f[] = "    </IfModule>";
    $f[] = "</IfModule>";
    $f[] = "";
    $f[] = "";
    $f[] = "ErrorLog \"/var/log/apache-zarafa/error.log\"";
    $f[] = "LogLevel warn";
    $f[] = "";
    $f[] = "<IfModule log_config_module>";
    $f[] = "    LogFormat \"%h %l %u %t \\\"%r\\\" %>s %b \\\"%{Referer}i\\\" \\\"%{User-Agent}i\\\" %V\\\" combinedv";
    $f[] = "    LogFormat \"%h %l %u %t \\\"%r\\\" %>s %b\" common";
    $f[] = "";
    $f[] = "    <IfModule logio_module>";
    $f[] = "      LogFormat \"%h %l %u %t \\\"%r\\\" %>s %b \\\"%{Referer}i\\\" \\\"%{User-Agent}i\\\" %I %O\" combinedio";
    $f[] = "    </IfModule>";
    $f[] = "";
    $f[] = "    CustomLog \"/var/log/apache-zarafa/access.log\" combinedv";
    $f[] = "</IfModule>";
    $f[] = "";
    $f[] = "<IfModule alias_module>";
    $f[] = "    ScriptAlias /cgi-bin/ \"/usr/local/apache-groupware/data/cgi-bin/\"";
    $f[] = "    Alias /images /usr/share/obm2/resources";
    $f[] = "";
    $f[] = "</IfModule>";
    $f[] = "";
    $f[] = "<IfModule cgid_module>";
    $f[] = "";
    $f[] = "</IfModule>";
    $f[] = "";
    $f[] = "";
    $f[] = "<Directory \"/usr/local/apache-groupware/data/cgi-bin\">";
    $f[] = "    AllowOverride None";
    $f[] = "    Options None";
    $f[] = "    Order allow,deny";
    $f[] = "    Allow from all";
    $f[] = "</Directory>";
    $f[] = "";
    $f[] = "";
    $f[] = "DefaultType text/plain";
    $f[] = "";
    $f[] = "<IfModule mime_module>";
    $f[] = "   ";
    $f[] = "    TypesConfig /etc/mime.types";
    $f[] = "    #AddType application/x-gzip .tgz";
    $f[] = "    AddType application/x-compress .Z";
    $f[] = "    AddType application/x-gzip .gz .tgz";
    $f[] = "    AddType application/x-httpd-php .php .phtml";
    $f[] = "    #AddHandler cgi-script .cgi";
    $f[] = "    #AddHandler type-map var";
    $f[] = "    #AddType text/html .shtml";
    $f[] = "    #AddOutputFilter INCLUDES .shtml";
    $f[] = "</IfModule>";
    @file_put_contents('/etc/zarafa/httpd.conf', @implode("\n", $f) . "\n");
    if ($GLOBALS["OUTPUT"]) {
        echo "Configuring...: " . date("H:i:s") . " /etc/zarafa/httpd.conf done\n";
    }
}
Esempio n. 16
0
function start_prepare()
{
    if ($GLOBALS["CRASHED"]) {
        return;
    }
    buil_init_squid_cache_log();
    initd_squid();
    $reconfigure = false;
    $unix = new unix();
    $sock = new sockets();
    $NtpdateAD = $sock->GET_INFO("NtpdateAD");
    $php = $unix->LOCATE_PHP5_BIN();
    $nohup = $unix->find_program("nohup");
    if (!is_file("/etc/squid3/malwares.acl")) {
        @file_put_contents("/etc/squid3/malwares.acl", "\n");
    }
    if (!is_file("/etc/squid3/squid-block.acl")) {
        @file_put_contents("/etc/squid3/squid-block.acl", "\n");
    }
    $EXPLODED = explode("\n", @file_get_contents("/etc/squid3/squid.conf"));
    while (list($index, $val) = each($EXPLODED)) {
        if (preg_match("#INSERT YOUR OWN RULE#", $val)) {
            if ($GLOBALS["OUTPUT"]) {
                echo "Preparing.....: " . date("H:i:s") . " squid must be reconfigured...\n";
            }
            $reconfigure = true;
        }
    }
    if ($reconfigure) {
        if ($GLOBALS["OUTPUT"]) {
            if ($GLOBALS["OUTPUT"]) {
                echo "Starting......: " . date("H:i:s") . " Rebuild configuration\n";
            }
            system("{$php} /usr/share/artica-postfix/exec.squid.php --build --withoutloading");
        } else {
            if ($GLOBALS["OUTPUT"]) {
                echo "Starting......: " . date("H:i:s") . " Rebuild configuration\n";
            }
            exec("{$php} /usr/share/artica-postfix/exec.squid.php --build --withoutloading 2>&1", $GLOBALS["LOGS"]);
        }
    }
    if ($NtpdateAD == 1) {
        shell_exec("{$nohup} {$php} /usr/share/artica-postfix/exec.kerbauth.php --ntpdate >/dev/null 2>&1 &");
    }
    $unix->CreateUnixUser("squid", "squid");
    if (!is_file("/etc/squid3/squid.conf")) {
        if ($GLOBALS["OUTPUT"]) {
            echo "Preparing.....: " . date("H:i:s") . " Warning /etc/squid3/squid.conf no such file\n";
        }
        if ($GLOBALS["OUTPUT"]) {
            echo "Preparing.....: " . date("H:i:s") . " Ask to build it and die\n";
        }
        shell_exec("{$php} /usr/share/artica-postfix/exec.squid.php --build --force --withoutloading");
        die;
    }
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " initd-squid\n";
    }
    shell_exec("{$php} /usr/share/artica-postfix/exec.initd-squid.php >/dev/null 2>&1");
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " Watchdog config\n";
    }
    shell_exec("{$php} /usr/share/artica-postfix/exec.squid.php --watchdog-config >/dev/null 2>&1");
    exec("{$php} /usr/share/artica-postfix/exec.squid.transparent.php", $GLOBALS["LOGS"]);
    if (!is_file("/etc/init.d/tproxy start")) {
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " Building transparent method\n";
        }
        exec("{$php} /usr/share/artica-postfix/exec.squid.transparent.php", $GLOBALS["LOGS"]);
    } else {
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " Starting transparent method\n";
        }
        exec("/etc/init.d/tproxy start", $GLOBALS["LOGS"]);
    }
    $directories_squid[] = "/var/squid";
    $directories_squid[] = "/var/squid/cache";
    $directories_squid[] = "/usr/share/squid3/icons";
    $directories_squid[] = "/var/log/squid";
    $directories_squid[] = "/etc/squid3";
    $directories_squid[] = "/var/lib/squidguard";
    $directories_squid[] = "/var/run/squid";
    $directories_squid[] = "/lib/squid3";
    $directories_chmod[] = "/var/logs";
    $directories_chmod[] = "/var/log";
    $directories_chmod[] = "/var";
    $directories_chmod_owned[] = "/home/squid";
    $filesOblig[] = "/etc/squid3/url_rewrite_program.deny.db";
    $filesOblig[] = "/var/run/squid/squid.pid";
    while (list($num, $directory) = each($directories_squid)) {
        if ($GLOBALS["OUTPUT"]) {
            echo "Preparing.....: " . date("H:i:s") . " {$directory}\n";
        }
        if (!is_dir($directory)) {
            @mkdir($directory, 0755, true);
        }
        @chmod($directory, 0755);
        $unix->chmod_func(0755, "{$directory}/*");
        $unix->chown_func("squid", "squid", "{$directory}/*");
    }
    while (list($num, $directory) = each($directories_chmod)) {
        if ($GLOBALS["OUTPUT"]) {
            echo "Preparing.....: " . date("H:i:s") . " {$directory}\n";
        }
        if (!is_dir($directory)) {
            @mkdir($directory, 0755, true);
        }
        @chmod($directory, 0755);
    }
    while (list($num, $directory) = each($directories_chmod)) {
        if ($GLOBALS["OUTPUT"]) {
            echo "Preparing.....: " . date("H:i:s") . " {$directory}\n";
        }
        if (!is_dir($directory)) {
            @mkdir($directory, 0755, true);
        }
        $unix->chmod_func(0755, "{$directory}");
        $unix->chown_func("squid", "squid", "{$directory}");
    }
    while (list($num, $filepath) = each($filesOblig)) {
        if ($GLOBALS["OUTPUT"]) {
            echo "Preparing.....: " . date("H:i:s") . " {$filepath}\n";
        }
        if (!is_file($filepath)) {
            @touch("{$filepath}");
        }
        @chmod($filepath, 0755);
        @chown($filepath, "squid");
        @chgrp($filepath, "squid");
    }
    $articafiles[] = "exec.logfile_daemon.php";
    $articafiles[] = "external_acl_squid_ldap.php";
    $articafiles[] = "external_acl_dynamic.php";
    $articafiles[] = "external_acl_quota.php";
    $articafiles[] = "external_acl_basic_auth.php";
    $articafiles[] = "external_acl_squid.php";
    while (list($num, $filename) = each($articafiles)) {
        $filepath = "/usr/share/artica-postfix/{$filename}";
        if ($GLOBALS["OUTPUT"]) {
            echo "Preparing.....: " . date("H:i:s") . " {$filepath}\n";
        }
        @chmod($filepath, 0755);
        @chown($filepath, "squid");
        @chgrp($filepath, "squid");
    }
    $squid_locate_pinger = $unix->squid_locate_pinger();
    $setcap = $unix->find_program("setcap");
    if (is_file($squid_locate_pinger)) {
        @chmod($squid_locate_pinger, 0755);
        @chown($squid_locate_pinger, "squid");
        @chgrp($squid_locate_pinger, "squid");
        if (is_file("{$setcap}")) {
            shell_exec("{$setcap} cap_net_raw=pe {$squid_locate_pinger}");
        } else {
            if ($GLOBALS["OUTPUT"]) {
                echo "Preparing.....: " . date("H:i:s") . " WARNING! setcap, no such binary!!\n";
            }
            $unix->DEBIAN_INSTALL_PACKAGE("libcap2-bin");
        }
    }
}
function CheckArticaFolderSecurity($username, $groupname)
{
    $unix = new unix();
    $artica_path = "/usr/share/artica-postfix";
    $GLOBALS["LogFileDeamonLogDir"] = @file_get_contents("/etc/artica-postfix/settings/Daemons/LogFileDeamonLogDir");
    if ($GLOBALS["LogFileDeamonLogDir"] == null) {
        $GLOBALS["LogFileDeamonLogDir"] = "/home/artica/squid/realtime-events";
    }
    if (is_file("/usr/local/ArticaStats/bin/postgres")) {
        $GLOBALS["LogFileDeamonLogDir"] = @file_get_contents("/etc/artica-postfix/settings/Daemons/LogFileDeamonLogPostGresDir");
        if ($GLOBALS["LogFileDeamonLogDir"] == null) {
            $GLOBALS["LogFileDeamonLogDir"] = "/home/artica/squid-postgres/realtime-events";
        }
    }
    $fSquidDirs[] = "/var/log/squid/squid_admin_mysql";
    $fSquidDirs[] = "/usr/share/squid3";
    $fSquidDirs[] = $GLOBALS["LogFileDeamonLogDir"];
    while (list($num, $directory) = each($fSquidDirs)) {
        if (!is_dir($directory)) {
            @mkdir($directory, 0755, true);
        }
        @chown($directory, "squid");
        @chgrp($directory, "squid");
    }
    $squidfiles = $unix->SquidPHPFiles();
    $files = $unix->DirFiles($artica_path);
    while (list($filename, $line) = each($files)) {
        if (is_numeric($filename)) {
            @unlink("{$artica_path}/{$filename}");
            continue;
        }
        if (isset($squidfiles[$filename])) {
            @chmod("{$artica_path}/{$filename}", 0755);
            @chgrp("{$artica_path}/{$filename}", "squid");
            @chown("{$artica_path}/{$filename}", "squid");
            continue;
        }
        $unix->chown_func($username, $groupname, "{$artica_path}/{$filename}");
        $unix->chmod_func(0755, "{$artica_path}/{$filename}");
    }
    $unix->chmod_func(0755, "/var/log/squid/access.log");
    $unix->chmod_func(0777, "/var/log/squid/QUOTADB.db");
}
function parse_tables_primaires($nopid = false)
{
    $unix = new unix();
    $unix->chown_func("squid", "squid", "/var/log/squid/mysql-rttime");
    $TimePID = "/etc/artica-postfix/pids/" . basename(__FILE__) . ".pid";
    $TimeExec = "/etc/artica-postfix/pids/" . basename(__FILE__) . ".time";
    if (!$nopid) {
        $pid = @file_get_contents($TimePID);
        if ($unix->process_exists($pid)) {
            $timePid = $unix->PROCCESS_TIME_MIN($pid);
            if ($timePid > 5) {
                $kill = $unix->find_program("kill");
                unix_system_kill_force($pid);
            } else {
                if ($GLOBALS["VERBOSE"]) {
                    echo "Already running PID {$pid} since {$timePid}mn";
                }
                die;
            }
        }
        @file_put_contents($TimePID, getmypid());
    }
    if (!($handle = opendir("/var/log/squid/mysql-rttime"))) {
        return;
    }
    $q = new mysql_squid_builder();
    $q->TablePrimaireHour(date("YmdH"));
    $countDeFiles = 0;
    while (false !== ($filename = readdir($handle))) {
        if ($filename == ".") {
            continue;
        }
        if ($filename == "..") {
            continue;
        }
        $filepath = "/var/log/squid/mysql-rttime/{$filename}";
        events("parse_tables_primaires():: Scanning {$filepath}");
        if (!preg_match("#^squidhour_([0-9]+)\\.#", $filename, $re)) {
            events("parse_tables_primaires():: Failed {$filepath} -> not match #^squidhour_([0-9]+)\\.");
            @unlink($filepath);
            continue;
        }
        $xtime = $re[1];
        $q->TablePrimaireHour($xtime);
        $content = unserialize(@file_get_contents($filepath));
        $contentSize = filesize($filepath) / 1024;
        $ArraySize = count($content);
        events("parse_tables_primaires():: squidhour_{$xtime} Inserting " . count($content) . " element(s)");
        if (count($content) == 0) {
            ToSyslog("parse_tables_primaires():: squidhour_{$xtime}: {$filepath} no row has been written");
            @unlink($filepath);
            continue;
        }
        $sql = "INSERT IGNORE INTO `squidhour_{$xtime}`  (`sitename`,`uri`,`TYPE`,`REASON`,`CLIENT`,`hostname`,`zDate`,`zMD5`,`uid`,`QuerySize`,`cached`,`MAC`,`category`) \n\t\tVALUES " . @implode(",", $content);
        $q->QUERY_SQL($sql);
        if (!$q->ok) {
            if ($GLOBALS["VERBOSE"]) {
                echo "\n\n ********************************************************************* \n\n{$q->mysql_error}\n*********************************************************************\n\n";
            }
            events("parse_tables_primaires(): Fatal: MySQL error:");
            if (preg_match("#Table 'squidlogs\\.(.+?)' doesn't exist#", $q->mysql_error, $re)) {
                if ($GLOBALS["VERBOSE"]) {
                    echo "Creating table: {$re[1]}\n";
                    $q->TablePrimaireHour(null, false, $re[1]);
                    $q->QUERY_SQL($sql);
                }
            }
        }
        if (!$q->ok) {
            events("parse_tables_primaires(): Fatal: MySQL error:");
            events("{$sql}");
            continue;
        }
        if ($GLOBALS["VERBOSE"]) {
            echo $filepath . " ({$contentSize} KB) done with {$ArraySize} elements...\n";
        }
        @unlink($filepath);
        $countDeFiles++;
    }
    if ($GLOBALS["VERBOSE"]) {
        echo "{$countDeFiles} Files parsed done\n";
    }
    parse_tables_cache_primaires();
}
function CoherenceOffiels()
{
    if (!ifMustBeExecuted()) {
        WriteMyLogs("No make sense to execute this script...", __FUNCTION__, __FILE__, __LINE__);
        if ($GLOBALS["VERBOSE"]) {
            echo "No make sense to execute this script...\n";
        }
        die;
    }
    $workdir = "/var/lib/ftpunivtlse1fr";
    $unix = new unix();
    $BASE_URI = "ftp://ftp.univ-tlse1.fr/pub/reseau/cache/squidguard_contrib";
    $q = new mysql_squid_builder();
    $table = $q->TLSE_CONVERTION(true);
    $ARRAYSUM_REMOTE = GET_MD5S_REMOTE();
    while (list($database, $articacat) = each($table)) {
        $directory = str_replace("/", "_", $articacat);
        $targetdir = $workdir . "/{$database}";
        if ($GLOBALS["VERBOSE"]) {
            echo __FUNCTION__ . ":: Checking {$targetdir}/domains\n";
        }
        if (!is_file("{$targetdir}/domains")) {
            ufdbguard_admin_events("{$database} is not in disk... download it..", __FUNCTION__, __FILE__, __LINE__, "Toulouse DB");
            update_remote_file($BASE_URI, "{$database}.tar.gz", $ARRAYSUM_REMOTE["{$database}.tar.gz"]);
        }
    }
    reset($table);
    while (list($database, $articacat) = each($table)) {
        $directory = str_replace("/", "_", $articacat);
        $targetdir = $workdir . "/{$directory}";
        $sourcedir = $workdir . "/{$database}";
        @chmod($sourcedir, 0755);
        $unix->chown_func("squid", "squid", $sourcedir);
        if (!is_dir($targetdir)) {
            if ($GLOBALS["VERBOSE"]) {
                echo __FUNCTION__ . ":: Checking {$targetdir} no such directory make symbolic to {$sourcedir}\n";
            }
            shell_exec("ln -sf {$sourcedir} {$targetdir}");
        }
    }
    if (count($GLOBALS["squid_admin_mysql"])) {
        squid_admin_mysql(2, count($GLOBALS["squid_admin_mysql"]) . " Toulouse Databases updated", @implode("\n", $GLOBALS["squid_admin_mysql"]));
        unset($GLOBALS["squid_admin_mysql"]);
    }
}
Esempio n. 20
0
function apache_config()
{
    $sock = new sockets();
    $unix = new unix();
    $EnablePHPFPM = 0;
    $APACHE_SRC_ACCOUNT = $unix->APACHE_SRC_ACCOUNT();
    $APACHE_SRC_GROUP = $unix->APACHE_SRC_GROUP();
    if (preg_match("#APACHE_RUN_GROUP#", $APACHE_SRC_GROUP)) {
        $APACHE_SRC_GROUP = "www-data";
    }
    $LogFilePath = "/var/log/artica-wifidog/access.log";
    $directories[] = "/var/run/apache2";
    $directories[] = "/var/run/artica-apache";
    $directories[] = "/var/log/artica-wifidog";
    $directories[] = "/home/artica/hotspot/sessions";
    $directories[] = "/home/artica/hotspot/caches";
    while (list($index, $maindir) = each($directories)) {
        @mkdir($maindir, 0755, true);
        @chown($maindir, $APACHE_SRC_ACCOUNT);
        @chgrp($maindir, $APACHE_SRC_GROUP);
    }
    $ErrorLog = dirname($LogFilePath) . "/error.log";
    if (!is_file($LogFilePath)) {
        @touch($LogFilePath);
    }
    @chown($LogFilePath, $APACHE_SRC_ACCOUNT);
    @chgrp($LogFilePath, $APACHE_SRC_GROUP);
    if (!is_file($ErrorLog)) {
        @touch($ErrorLog);
    }
    @chown($ErrorLog, $APACHE_SRC_ACCOUNT);
    @chgrp($ErrorLog, $APACHE_SRC_GROUP);
    $APACHE_MODULES_PATH = $unix->APACHE_MODULES_PATH();
    $HotSpotMaxClients = intval(@file_get_contents("/etc/artica-postfix/settings/Daemons/HotSpotMaxClients"));
    $HotSpotStartServers = intval(@file_get_contents("/etc/artica-postfix/settings/Daemons/HotSpotStartServers"));
    $HotSpotForceDDOSDisable = intval(@file_get_contents("/etc/artica-postfix/settings/Daemons/HotSpotForceDDOSDisable"));
    if ($HotSpotMaxClients == 0) {
        $HotSpotMaxClients = 20;
    }
    if ($HotSpotStartServers == 0) {
        $HotSpotStartServers = 5;
    }
    $EnableArticaHotSpot = $sock->GET_INFO("EnableArticaHotSpot");
    $SquidHotSpotPort = $sock->GET_INFO("SquidHotSpotPort");
    $ArticaHotSpotPort = $sock->GET_INFO("ArticaHotSpotPort");
    $ArticaSSLHotSpotPort = $sock->GET_INFO("ArticaSSLHotSpotPort");
    $ArticaSplashHotSpotPort = $sock->GET_INFO("ArticaSplashHotSpotPort");
    $ArticaSplashHotSpotPortSSL = $sock->GET_INFO("ArticaSplashHotSpotPortSSL");
    if (!is_numeric($ArticaHotSpotPort)) {
        $ArticaHotSpotPort = 0;
    }
    if (!is_numeric($ArticaSplashHotSpotPort)) {
        $ArticaSplashHotSpotPort = 16080;
    }
    if (!is_numeric($ArticaSplashHotSpotPortSSL)) {
        $ArticaSplashHotSpotPortSSL = 16443;
    }
    $ArticaHotSpotInterface = $sock->GET_INFO("ArticaHotSpotInterface");
    $HospotHTTPServerName = trim($sock->GET_INFO("HospotHTTPServerName"));
    $HotSpotErrorRedirect = $sock->GET_INFO("HotSpotErrorRedirect");
    if ($HotSpotErrorRedirect == null) {
        $HotSpotErrorRedirect = "http://www.msftncsi.com";
    }
    $Params = unserialize($sock->GET_INFO("HotSpotEvasive"));
    $ApacheEvasiveInstalled = intval($sock->GET_INFO("ApacheEvasiveInstalled"));
    if (!is_numeric($Params["DOSEnable"])) {
        $Params["DOSEnable"] = 1;
    }
    if (!is_numeric($Params["DOSHashTableSize"])) {
        $Params["DOSHashTableSize"] = 1024;
    }
    if (!is_numeric($Params["DOSPageCount"])) {
        $Params["DOSPageCount"] = 3;
    }
    if (!is_numeric($Params["DOSSiteCount"])) {
        $Params["DOSSiteCount"] = 20;
    }
    if (!is_numeric($Params["DOSPageInterval"])) {
        $Params["DOSPageInterval"] = 1;
    }
    if (!is_numeric($Params["DOSSiteInterval"])) {
        $Params["DOSSiteInterval"] = 10;
    }
    if (!is_numeric($Params["DOSBlockingPeriod"])) {
        $Params["DOSBlockingPeriod"] = 5;
    }
    $unix = new unix();
    $NETWORK_ALL_INTERFACES = $unix->NETWORK_ALL_INTERFACES();
    $ipaddr = $NETWORK_ALL_INTERFACES[$ArticaHotSpotInterface]["IPADDR"];
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} HotSpot run as {$ArticaHotSpotInterface} ( {$ipaddr} )\n";
    }
    if ($ipaddr == "0.0.0.0") {
        $ipaddr = "*";
    }
    if ($ipaddr == null) {
        $ipaddr = "*";
    }
    $GLOBALS["HOSTPOT_WEB_INTERFACE"] = $ipaddr;
    $phpfpm = $unix->APACHE_LOCATE_PHP_FPM();
    $php = $unix->LOCATE_PHP5_BIN();
    $EnableArticaApachePHPFPM = $sock->GET_INFO("EnableArticaApachePHPFPM");
    if (!is_numeric($EnableArticaApachePHPFPM)) {
        $EnableArticaApachePHPFPM = 0;
    }
    if (!is_file($phpfpm)) {
        $EnableArticaApachePHPFPM = 0;
    }
    $unix->chown_func($APACHE_SRC_ACCOUNT, $APACHE_SRC_GROUP, "/var/run/artica-apache");
    $apache_LOCATE_MIME_TYPES = $unix->apache_LOCATE_MIME_TYPES();
    if ($EnableArticaApachePHPFPM == 1) {
        if (!is_file("{$APACHE_MODULES_PATH}/mod_fastcgi.so")) {
            if ($GLOBALS["OUTPUT"]) {
                echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} mod_fastcgi.so is required to use PHP5-FPM\n";
            }
            $EnableArticaApachePHPFPM = 0;
        }
    }
    if ($APACHE_SRC_ACCOUNT == null) {
        $APACHE_SRC_ACCOUNT = "www-data";
        $APACHE_SRC_GROUP = "www-data";
        $unix->CreateUnixUser($APACHE_SRC_ACCOUNT, $APACHE_SRC_GROUP, "Apache username");
    }
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Run as....: {$APACHE_SRC_ACCOUNT}:{$APACHE_SRC_GROUP}\n";
    }
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} HTTP Port.: {$ArticaSplashHotSpotPort} SSL Port: {$ArticaSplashHotSpotPortSSL}\n";
    }
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} PHP-FPM...: {$EnablePHPFPM}\n";
    }
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} MaxClients: {$HotSpotMaxClients}\n";
    }
    $f[] = "Group {$APACHE_SRC_GROUP}";
    $f[] = "User {$APACHE_SRC_ACCOUNT}";
    $f[] = "LockFile /var/run/apache2/hotspot-artica-accept.lock";
    $f[] = "PidFile /var/run/artica-apache/hotspot-apache.pid";
    $f[] = "AcceptMutex flock";
    $f[] = "SSLRandomSeed startup file:/dev/urandom  256";
    $f[] = "SSLRandomSeed connect builtin";
    $f[] = "SSLSessionCache        shmcb:/var/run/apache2/ssl_scache-hotspot(512000)";
    $f[] = "SSLSessionCacheTimeout  300";
    $f[] = "SSLSessionCacheTimeout  300";
    $f[] = "DocumentRoot /usr/share/artica-postfix";
    $f[] = "DirectoryIndex hotspot.html";
    $f[] = "ErrorDocument 400 /hotspot.html";
    $f[] = "ErrorDocument 401 /hotspot.html";
    $f[] = "ErrorDocument 403 /hotspot.html";
    $f[] = "ErrorDocument 404 /hotspot.html";
    $f[] = "ErrorDocument 500 /hotspot.html";
    $NameVirtualHost = $ipaddr;
    if ($HospotHTTPServerName != null) {
        $NameVirtualHost = $HospotHTTPServerName;
    }
    $f[] = "NameVirtualHost {$NameVirtualHost}:{$ArticaSplashHotSpotPort}";
    $f[] = "NameVirtualHost {$NameVirtualHost}:{$ArticaSplashHotSpotPortSSL}";
    $f[] = "Listen {$NameVirtualHost}:{$ArticaSplashHotSpotPort}";
    $f[] = "Listen {$NameVirtualHost}:{$ArticaSplashHotSpotPortSSL}";
    $ddos_config = null;
    if ($HotSpotForceDDOSDisable == 1) {
        $Params["DOSEnable"] = 0;
    }
    if ($Params["DOSEnable"] == 1) {
        //$ddos[]="<IfModule mod_evasive20.c>";
        $ddos[] = "\tDOSHashTableSize {$Params["DOSHashTableSize"]}";
        $ddos[] = "\tDOSPageCount {$Params["DOSPageCount"]}";
        $ddos[] = "\tDOSSiteCount {$Params["DOSSiteCount"]}";
        $ddos[] = "\tDOSPageInterval {$Params["DOSPageInterval"]}";
        $ddos[] = "\tDOSSiteInterval {$Params["DOSSiteInterval"]}";
        $ddos[] = "\tDOSBlockingPeriod {$Params["DOSBlockingPeriod"]}";
        $ddos[] = "\tDOSLogDir  \"/var/log/artica-wifidog\"";
        $ddos[] = "\tDOSSystemCommand \"/bin/echo `date '+%F %T'` HOTSPOT  %s >> /var/log/artica-wifidog/dos_evasive_attacks.log\"";
        $ddos_config = @implode("\n", $ddos);
        //$ddos[]="</IfModule>";
    }
    $f[] = "<VirtualHost {$NameVirtualHost}:{$ArticaSplashHotSpotPort}>";
    $f[] = "\tServerName {$NameVirtualHost}";
    $f[] = "\tDocumentRoot /usr/share/artica-postfix";
    $f[] = "{$ddos_config}";
    $f[] = "\tErrorDocument 400 /hotspot.html";
    $f[] = "\tErrorDocument 401 /hotspot.html";
    $f[] = "\tErrorDocument 403 /hotspot.html";
    $f[] = "\tErrorDocument 404 /hotspot.html";
    $f[] = "\tErrorDocument 500 /hotspot.html";
    $f[] = "\tFallbackResource /hotspot.html";
    $f[] = "</VirtualHost>";
    $f[] = "<VirtualHost {$NameVirtualHost}:{$ArticaSplashHotSpotPortSSL}>";
    $f[] = "\tServerName {$NameVirtualHost}";
    $f[] = "\tDocumentRoot /usr/share/artica-postfix";
    $f[] = "\tSSLEngine on";
    $squid = new squidbee();
    $ArticaSplashHotSpotCertificate = $sock->GET_INFO("ArticaSplashHotSpotCertificate");
    $data = $squid->SaveCertificate($ArticaSplashHotSpotCertificate, false, true, false);
    if ($ArticaSplashHotSpotCertificate != null) {
        $apache = new apache_certificate($ArticaSplashHotSpotCertificate);
        $f[] = $apache->build();
    } else {
        if (preg_match("#ssl_certificate\\s+(.+?);\\s+ssl_certificate_key\\s+(.+?);#is", $data, $re)) {
            $cert = $re[1];
            $key = $re[2];
            $f[] = "\tSSLCertificateFile \"{$cert}\"";
            $f[] = "\tSSLCertificateKeyFile \"{$key}\"";
        }
    }
    $f[] = "\tSSLVerifyClient none";
    $f[] = "\tServerSignature Off";
    $f[] = "{$ddos_config}";
    $f[] = "\tErrorDocument 400 /hotspot.html";
    $f[] = "\tErrorDocument 401 /hotspot.html";
    $f[] = "\tErrorDocument 403 /hotspot.html";
    $f[] = "\tErrorDocument 404 /hotspot.html";
    $f[] = "\tErrorDocument 500 /hotspot.html";
    $f[] = "\tFallbackResource /hotspot.html";
    $f[] = "</VirtualHost>";
    $f[] = "AccessFileName .htaccess";
    $f[] = "<Files ~ \"^\\.ht\">";
    $f[] = "\tOrder allow,deny";
    $f[] = "\tDeny from all";
    $f[] = "\tSatisfy all";
    $f[] = "</Files>";
    $f[] = "DefaultType text/plain";
    $f[] = "HostnameLookups Off";
    $f[] = "User\t\t\t\t   {$APACHE_SRC_ACCOUNT}";
    $f[] = "Group\t\t\t\t   {$APACHE_SRC_GROUP}";
    $f[] = "Timeout              300";
    $f[] = "KeepAlive            Off";
    $f[] = "KeepAliveTimeout     3";
    if ($HotSpotStartServers >= $HotSpotMaxClients) {
        $HotSpotMaxClients = $HotSpotMaxClients + $HotSpotStartServers;
    }
    if ($HotSpotMaxClients > 1024) {
        $HotSpotMaxClients = 1024;
    }
    $ServerLimit = $HotSpotMaxClients + 100;
    if ($ServerLimit > 2000) {
        $ServerLimit = 2000;
    }
    $f[] = "StartServers         {$HotSpotStartServers}";
    $f[] = "MaxClients           {$HotSpotMaxClients}";
    $f[] = "ServerLimit\t\t   {$ServerLimit}";
    $MinSpareServers = $HotSpotStartServers + 5;
    $MaxSpareServers = $MinSpareServers + 1;
    $f[] = "MinSpareServers      {$MinSpareServers}";
    $f[] = "MaxSpareServers      {$MaxSpareServers}";
    $f[] = "MaxRequestsPerChild  800";
    $f[] = "MaxKeepAliveRequests 100";
    $f[] = "ServerName " . $unix->hostname_g();
    $f[] = "<IfModule mod_ssl.c>";
    $f[] = "\tSSLRandomSeed connect builtin";
    $f[] = "\tSSLRandomSeed connect file:/dev/urandom 512";
    $f[] = "\tAddType application/x-x509-ca-cert .crt";
    $f[] = "\tAddType application/x-pkcs7-crl    .crl";
    $f[] = "\tSSLPassPhraseDialog  builtin";
    $f[] = "\tSSLSessionCache        shmcb:/var/run/apache2/ssl_scache-articahtp(512000)";
    $f[] = "\tSSLSessionCacheTimeout  300";
    $f[] = "\tSSLSessionCacheTimeout  300";
    $f[] = "\tSSLMutex  sem";
    $f[] = "\tSSLCipherSuite HIGH:MEDIUM:!ADH";
    $f[] = "\tSSLProtocol all -SSLv2";
    $f[] = "</IfModule>";
    $f[] = "";
    $f[] = "AddType application/x-httpd-php .php";
    $f[] = "php_value error_log \"/var/log/artica-wifidog/access.log\"";
    $f[] = "php_value session.save_path \"/home/artica/hotspot/sessions\"";
    $f[] = "<IfModule mod_fcgid.c>";
    $f[] = "\tPHP_Fix_Pathinfo_Enable 1";
    $f[] = "</IfModule>";
    $f[] = "<IfModule mod_php5.c>";
    $f[] = "    <FilesMatch \"\\.ph(p3?|tml)\$\">";
    $f[] = "\tSetHandler application/x-httpd-php";
    $f[] = "    </FilesMatch>";
    $f[] = "    <FilesMatch \"\\.phps\$\">";
    $f[] = "\tSetHandler application/x-httpd-php-source";
    $f[] = "    </FilesMatch>";
    $f[] = "    <IfModule mod_userdir.c>";
    $f[] = "        <Directory /home/*/public_html>";
    $f[] = "            php_admin_value engine Off";
    $f[] = "        </Directory>";
    $f[] = "    </IfModule>";
    $f[] = "</IfModule>";
    $f[] = "<IfModule mod_mime.c>";
    $f[] = "\tTypesConfig /etc/mime.types";
    $f[] = "\tAddType application/x-compress .Z";
    $f[] = "\tAddType application/x-gzip .gz .tgz";
    $f[] = "\tAddType application/x-bzip2 .bz2";
    $f[] = "\tAddType application/x-httpd-php .php .phtml";
    $f[] = "\tAddType application/x-httpd-php-source .phps";
    $f[] = "\tAddLanguage ca .ca";
    $f[] = "\tAddLanguage cs .cz .cs";
    $f[] = "\tAddLanguage da .dk";
    $f[] = "\tAddLanguage de .de";
    $f[] = "\tAddLanguage el .el";
    $f[] = "\tAddLanguage en .en";
    $f[] = "\tAddLanguage eo .eo";
    $f[] = "\tRemoveType  es";
    $f[] = "\tAddLanguage es .es";
    $f[] = "\tAddLanguage et .et";
    $f[] = "\tAddLanguage fr .fr";
    $f[] = "\tAddLanguage he .he";
    $f[] = "\tAddLanguage hr .hr";
    $f[] = "\tAddLanguage it .it";
    $f[] = "\tAddLanguage ja .ja";
    $f[] = "\tAddLanguage ko .ko";
    $f[] = "\tAddLanguage ltz .ltz";
    $f[] = "\tAddLanguage nl .nl";
    $f[] = "\tAddLanguage nn .nn";
    $f[] = "\tAddLanguage no .no";
    $f[] = "\tAddLanguage pl .po";
    $f[] = "\tAddLanguage pt .pt";
    $f[] = "\tAddLanguage pt-BR .pt-br";
    $f[] = "\tAddLanguage ru .ru";
    $f[] = "\tAddLanguage sv .sv";
    $f[] = "\tRemoveType  tr";
    $f[] = "\tAddLanguage tr .tr";
    $f[] = "\tAddLanguage zh-CN .zh-cn";
    $f[] = "\tAddLanguage zh-TW .zh-tw";
    $f[] = "\tAddCharset us-ascii    .ascii .us-ascii";
    $f[] = "\tAddCharset ISO-8859-1  .iso8859-1  .latin1";
    $f[] = "\tAddCharset ISO-8859-2  .iso8859-2  .latin2 .cen";
    $f[] = "\tAddCharset ISO-8859-3  .iso8859-3  .latin3";
    $f[] = "\tAddCharset ISO-8859-4  .iso8859-4  .latin4";
    $f[] = "\tAddCharset ISO-8859-5  .iso8859-5  .cyr .iso-ru";
    $f[] = "\tAddCharset ISO-8859-6  .iso8859-6  .arb .arabic";
    $f[] = "\tAddCharset ISO-8859-7  .iso8859-7  .grk .greek";
    $f[] = "\tAddCharset ISO-8859-8  .iso8859-8  .heb .hebrew";
    $f[] = "\tAddCharset ISO-8859-9  .iso8859-9  .latin5 .trk";
    $f[] = "\tAddCharset ISO-8859-10  .iso8859-10  .latin6";
    $f[] = "\tAddCharset ISO-8859-13  .iso8859-13";
    $f[] = "\tAddCharset ISO-8859-14  .iso8859-14  .latin8";
    $f[] = "\tAddCharset ISO-8859-15  .iso8859-15  .latin9";
    $f[] = "\tAddCharset ISO-8859-16  .iso8859-16  .latin10";
    $f[] = "\tAddCharset ISO-2022-JP .iso2022-jp .jis";
    $f[] = "\tAddCharset ISO-2022-KR .iso2022-kr .kis";
    $f[] = "\tAddCharset ISO-2022-CN .iso2022-cn .cis";
    $f[] = "\tAddCharset Big5        .Big5       .big5 .b5";
    $f[] = "\tAddCharset cn-Big5     .cn-big5";
    $f[] = "\t# For russian, more than one charset is used (depends on client, mostly):";
    $f[] = "\tAddCharset WINDOWS-1251 .cp-1251   .win-1251";
    $f[] = "\tAddCharset CP866       .cp866";
    $f[] = "\tAddCharset KOI8      .koi8";
    $f[] = "\tAddCharset KOI8-E      .koi8-e";
    $f[] = "\tAddCharset KOI8-r      .koi8-r .koi8-ru";
    $f[] = "\tAddCharset KOI8-U      .koi8-u";
    $f[] = "\tAddCharset KOI8-ru     .koi8-uk .ua";
    $f[] = "\tAddCharset ISO-10646-UCS-2 .ucs2";
    $f[] = "\tAddCharset ISO-10646-UCS-4 .ucs4";
    $f[] = "\tAddCharset UTF-7       .utf7";
    $f[] = "\tAddCharset UTF-8       .utf8";
    $f[] = "\tAddCharset UTF-16      .utf16";
    $f[] = "\tAddCharset UTF-16BE    .utf16be";
    $f[] = "\tAddCharset UTF-16LE    .utf16le";
    $f[] = "\tAddCharset UTF-32      .utf32";
    $f[] = "\tAddCharset UTF-32BE    .utf32be";
    $f[] = "\tAddCharset UTF-32LE    .utf32le";
    $f[] = "\tAddCharset euc-cn      .euc-cn";
    $f[] = "\tAddCharset euc-gb      .euc-gb";
    $f[] = "\tAddCharset euc-jp      .euc-jp";
    $f[] = "\tAddCharset euc-kr      .euc-kr";
    $f[] = "\tAddCharset EUC-TW      .euc-tw";
    $f[] = "\tAddCharset gb2312      .gb2312 .gb";
    $f[] = "\tAddCharset iso-10646-ucs-2 .ucs-2 .iso-10646-ucs-2";
    $f[] = "\tAddCharset iso-10646-ucs-4 .ucs-4 .iso-10646-ucs-4";
    $f[] = "\tAddCharset shift_jis   .shift_jis .sjis";
    $f[] = "\tAddType text/html .shtml";
    $f[] = "\tAddOutputFilter INCLUDES .shtml";
    $f[] = "</IfModule>";
    $f[] = "Alias /index.php /hotspot.html";
    $f[] = "Alias /index.html /hotspot.html";
    $f[] = "Alias /Microsoft-Server-ActiveSync /hotspot-none.html";
    $f[] = "<Directory \"/usr/share/artica-postfix\">";
    $f[] = "\tDirectorySlash On";
    $f[] = "\tDirectoryIndex hostpot.php";
    $f[] = "\t\t<Files \"hostpot.php\">";
    $f[] = "\t\t\tOrder allow,deny";
    $f[] = "\t\t\tallow from all";
    $f[] = "\t\t</Files>";
    $f[] = "\t\t<Files \"hostpot.html\">";
    $f[] = "\t\t\tOrder allow,deny";
    $f[] = "\t\t\tallow from all";
    $f[] = "\t\t</Files>";
    $f[] = "\t\t<FilesMatch \"!(hostpot)\\.(html|php)\$\">";
    $f[] = "\t\t\tOrder allow,deny";
    $f[] = "\t\t\tdeny from all";
    $f[] = "\t\t</FilesMatch>";
    $f[] = "\tErrorDocument 400 /hotspot.html";
    $f[] = "\tErrorDocument 401 /hotspot.html";
    $f[] = "\tErrorDocument 403 /hotspot.html";
    $f[] = "\tErrorDocument 404 /hotspot.html";
    $f[] = "\tErrorDocument 500 /hotspot.html";
    $f[] = "\tFallbackResource /hotspot.html";
    $f[] = "\tOptions -Indexes";
    $f[] = "\tSSLOptions +StdEnvVars";
    $f[] = "\tAllowOverride All";
    $f[] = "\tOrder allow,deny";
    $f[] = "\tAllow from all";
    $f[] = "</Directory>";
    if ($EnableArticaApachePHPFPM == 1) {
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Activate PHP5-FPM\n";
        }
        shell_exec("{$php} /usr/share/artica-postfix/exec.initslapd.php --phppfm");
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Restarting PHP5-FPM\n";
        }
        shell_exec("/etc/init.d/php5-fpm restart");
        $f[] = "\tAlias /php5.fastcgi /var/run/artica-apache/php5.fastcgi";
        $f[] = "\tAddHandler php-script .php";
        $f[] = "\tFastCGIExternalServer /var/run/artica-apache/php5.fastcgi -socket /var/run/php-fpm.sock -idle-timeout 610";
        $f[] = "\tAction php-script /php5.fastcgi virtual";
        $f[] = "\t<Directory /var/run/artica-apache>";
        $f[] = "\t\t<Files php5.fastcgi>";
        $f[] = "\t\tOrder deny,allow";
        $f[] = "\t\tAllow from all";
        $f[] = "\t\t</Files>";
        $f[] = "\t</Directory>";
    } else {
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} PHP5-FPM is disabled\n";
        }
    }
    $f[] = "Loglevel debug";
    $f[] = "ErrorLog {$ErrorLog}";
    $f[] = "LogFormat \"%h %l %u %t \\\"%r\\\" %<s %b\" common";
    $f[] = "CustomLog {$LogFilePath} common";
    if ($EnableArticaApachePHPFPM == 0) {
        $array["php5_module"] = "libphp5.so";
    }
    $array["actions_module"] = "mod_actions.so";
    $array["expires_module"] = "mod_expires.so";
    $array["rewrite_module"] = "mod_rewrite.so";
    $array["dir_module"] = "mod_dir.so";
    $array["mime_module"] = "mod_mime.so";
    $array["alias_module"] = "mod_alias.so";
    $array["auth_basic_module"] = "mod_auth_basic.so";
    $array["authz_host_module"] = "mod_authz_host.so";
    $array["autoindex_module"] = "mod_autoindex.so";
    $array["negotiation_module"] = "mod_negotiation.so";
    $array["ssl_module"] = "mod_ssl.so";
    $array["headers_module"] = "mod_headers.so";
    $array["ldap_module"] = "mod_ldap.so";
    if ($Params["DOSEnable"] == 1) {
        $array["evasive20_module"] = "mod_evasive20.so";
    }
    if ($EnableArticaApachePHPFPM == 1) {
        $array["fastcgi_module"] = "mod_fastcgi.so";
    }
    if (is_dir("/etc/apache2")) {
        if (!is_file("/etc/apache2/mime.types")) {
            if ($apache_LOCATE_MIME_TYPES != "/etc/apache2/mime.types") {
                @copy($apache_LOCATE_MIME_TYPES, "/etc/apache2/mime.types");
            }
        }
    }
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Mime types path.......: {$apache_LOCATE_MIME_TYPES}\n";
    }
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Modules path..........: {$APACHE_MODULES_PATH}\n";
    }
    while (list($module, $lib) = each($array)) {
        if (is_file("{$APACHE_MODULES_PATH}/{$lib}")) {
            if ($GLOBALS["OUTPUT"]) {
                echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} include module \"{$module}\"\n";
            }
            $f[] = "LoadModule {$module} {$APACHE_MODULES_PATH}/{$lib}";
        } else {
            if ($GLOBALS["OUTPUT"]) {
                echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} skip module \"{$module}\"\n";
            }
        }
    }
    build_error_page();
    @file_put_contents("/etc/artica-postfix/hotspot-httpd.conf", @implode("\n", $f) . "\n");
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} /etc/artica-postfix/hotspot-httpd.conf done\n";
    }
}
Esempio n. 21
0
function build()
{
    $unix = new unix();
    $sock = new sockets();
    $ClamavStreamMaxLength = $sock->GET_INFO("ClamavStreamMaxLength");
    $ClamavMaxRecursion = $sock->GET_INFO("ClamavMaxRecursion");
    $ClamavMaxFiles = $sock->GET_INFO("ClamavMaxFiles");
    $PhishingScanURLs = $sock->GET_INFO("PhishingScanURLs");
    $ClamavMaxScanSize = $sock->GET_INFO("ClamavMaxScanSize");
    $ClamavMaxFileSize = $sock->GET_INFO("ClamavMaxFileSize");
    $ClamavTemporaryDirectory = $sock->GET_INFO("ClamavTemporaryDirectory");
    if ($ClamavTemporaryDirectory == null) {
        $ClamavTemporaryDirectory = "/home/clamav";
    }
    if (!is_numeric($ClamavStreamMaxLength)) {
        $ClamavStreamMaxLength = 12;
    }
    if (!is_numeric($ClamavMaxRecursion)) {
        $ClamavMaxRecursion = 5;
    }
    if (!is_numeric($ClamavMaxFiles)) {
        $ClamavMaxFiles = 10000;
    }
    if (!is_numeric($PhishingScanURLs)) {
        $PhishingScanURLs = 1;
    }
    if (!is_numeric($ClamavMaxScanSize)) {
        $ClamavMaxScanSize = 15;
    }
    if (!is_numeric($ClamavMaxFileSize)) {
        $ClamavMaxFileSize = 20;
    }
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} MaxFileSize: {$ClamavMaxFileSize}M\n";
    }
    $ClamUser = $unix->ClamUser();
    $ClamavTemporaryDirectory2 = dirname($ClamavTemporaryDirectory);
    $dirs[] = "/var/clamav";
    $dirs[] = "/var/run/clamav";
    $dirs[] = "/var/lib/clamav";
    $dirs[] = "/var/log/clamav";
    $dirs[] = $ClamavTemporaryDirectory;
    $dirs[] = "/var/spool/postfix/var/run/clamav";
    while (list($i, $directory) = each($dirs)) {
        @mkdir($directory, 0755, true);
        @chmod($directory, 0755);
        @chown($directory, $ClamUser);
        @chgrp($directory, $ClamUser);
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Permissions on {$directory}\n";
        }
        $unix->chown_func($ClamUser, $ClamUser, $directory . "/*");
    }
    $f[] = "MilterSocket /var/spool/postfix/var/run/clamav/clamav-milter.ctl";
    $f[] = "MilterSocketGroup postfix";
    $f[] = "MilterSocketMode 777";
    $f[] = "FixStaleSocket yes";
    $f[] = "User postfix";
    $f[] = "AllowSupplementaryGroups yes";
    $f[] = "ReadTimeout 300";
    $f[] = "Foreground yes";
    $f[] = "PidFile /var/spool/postfix/var/run/clamav/clamav-milter.pid";
    $f[] = "TemporaryDirectory {$ClamavTemporaryDirectory}";
    $f[] = "ClamdSocket unix:/var/run/clamav/clamav.sock";
    $f[] = "";
    $f[] = "#LocalNet local";
    $f[] = "#LocalNet 192.168.0.0/24";
    $f[] = "#LocalNet 1111:2222:3333::/48";
    $f[] = "#Whitelist /etc/whitelisted_addresses";
    $f[] = "#SkipAuthenticated ^(tom|dick|henry)\$";
    $f[] = "MaxFileSize {$ClamavMaxFileSize}M";
    $f[] = "";
    $f[] = "";
    $f[] = "##";
    $f[] = "## Actions";
    $f[] = "##";
    $f[] = "";
    $f[] = "# The following group of options controls the delievery process under";
    $f[] = "# different circumstances.";
    $f[] = "# The following actions are available:";
    $f[] = "# - Accept";
    $f[] = "#   The message is accepted for delievery";
    $f[] = "# - Reject";
    $f[] = "#   Immediately refuse delievery (a 5xx error is returned to the peer)";
    $f[] = "# - Defer";
    $f[] = "#   Return a temporary failure message (4xx) to the peer";
    $f[] = "# - Blackhole (not available for OnFail)";
    $f[] = "#   Like Accept but the message is sent to oblivion";
    $f[] = "# - Quarantine (not available for OnFail)";
    $f[] = "#   Like Accept but message is quarantined instead of being delivered";
    $f[] = "#";
    $f[] = "# NOTE: In Sendmail the quarantine queue can be examined via mailq -qQ";
    $f[] = "# For Postfix this causes the message to be placed on hold";
    $f[] = "# ";
    $f[] = "# Action to be performed on clean messages (mostly useful for testing)";
    $f[] = "# Default: Accept";
    $f[] = "OnClean Accept";
    $f[] = "OnInfected Reject";
    $f[] = "OnFail Accept";
    $f[] = "RejectMsg rejected %v";
    $f[] = "AddHeader Add";
    $f[] = "#ReportHostname my.mail.server.name";
    $f[] = "#VirusAction /usr/local/bin/my_infected_message_handler";
    $f[] = "LogSyslog yes";
    $f[] = "LogFacility LOG_MAIL";
    $f[] = "LogVerbose no";
    $f[] = "#LogRotate yes";
    $f[] = "#LogInfected Basic";
    $f[] = "#LogClean Basic";
    $f[] = "#SupportMultipleRecipients yes";
    $f[] = "";
    @file_put_contents("/etc/clamav/clamav-milter.conf", @implode("\n", $f));
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} /etc/clamav/clamav-milter.conf done\n";
    }
    $main = new main_cf();
    $postfix_hash = $main->BuildMilters(true);
    $postconf = $unix->find_program("postconf");
    while (list($key, $value) = each($postfix_hash)) {
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} adding Postfix parameter: {$key} for {$value}\n";
        }
        shell_exec("{$postconf} -e \"{$key}={$value}\"");
    }
}
function extract_tgz($uuid)
{
    $unix = new unix();
    $workingdir = "/usr/share/artica-postfix/ressources/conf/meta/hosts/uploaded/{$uuid}";
    if (is_file("{$workingdir}/status.tgz")) {
        $tar = $unix->find_program("tar");
        shell_exec("{$tar} -xf {$workingdir}/status.tgz -C {$workingdir}/");
        @unlink("{$workingdir}/status.tgz");
    }
    $unix->chown_func($unix->APACHE_SRC_ACCOUNT(), $unix->APACHE_SRC_GROUP(), "{$workingdir}/*");
    if (is_file("{$workingdir}/squid_admin_mysql.db")) {
        $q = new mysql_meta();
        if (!$q->TABLE_EXISTS("squid_admin_mysql")) {
            $q->CheckTables();
        }
        $data = trim(@file_get_contents("{$workingdir}/squid_admin_mysql.db"));
        if ($data != null) {
            $q->QUERY_SQL(@file_get_contents("{$workingdir}/squid_admin_mysql.db"));
            if (!$q->ok) {
                meta_admin_mysql(0, "Failed to import {$workingdir}/squid_admin_mysql.db", $q->mysql_error, __FILE__, __LINE__);
            } else {
                @unlink("{$workingdir}/squid_admin_mysql.db");
            }
        } else {
            @unlink("{$workingdir}/squid_admin_mysql.db");
        }
    } else {
        if ($GLOBALS["VERBOSE"]) {
            echo "{$workingdir}/squid_admin_mysql.db ( no such file )\n";
        }
    }
    if (is_file("{$workingdir}/network_hosts.db")) {
        __network_hosts($uuid, "{$workingdir}/network_hosts.db");
    } else {
        if ($GLOBALS["VERBOSE"]) {
            echo "{$workingdir}/network_hosts.db ( no such file )\n";
        }
    }
    global_status_ini($uuid);
}
Esempio n. 23
0
function execute_hourly()
{
    $unix = new unix();
    $pidFile = "/etc/artica-postfix/pids/" . basename(__FILE__) . "." . __FUNCTION__ . ".pid";
    $pid = @file_get_contents($pidFile);
    if ($unix->process_exists($pid, basename(__FILE__))) {
        sargevents("execute_hourly(): {$pid} already running");
        if ($GLOBALS["VERBOSE"]) {
            echo " {$pid} already running\n";
        }
        die;
    }
    @file_put_contents($pidFile, getmypid());
    $pidTime = "/etc/artica-postfix/pids/" . basename(__FILE__) . "." . __FUNCTION__ . ".time";
    if ($GLOBALS["VERBOSE"]) {
        echo "Time: {$pidTime}";
    }
    $pidTimeEx = $unix->file_time_min($pidTime);
    if ($GLOBALS["VERBOSE"]) {
        echo " {$pidTimeEx} mn";
    }
    if (!$GLOBALS["FORCE"]) {
        if ($pidTimeEx < 60) {
            sargevents("{$pidTime} = {$pidTimeEx}Mn require 60mn");
            return;
        }
    }
    @unlink($pidTime);
    @file_put_contents($pidTime, time());
    sarg_admin_events("Executing hourly task...", __FUNCTION__, __FILE__, __LINE__);
    $t = time();
    buildconf();
    $unix = new unix();
    $t = time();
    $TODAY = date("d/m/Y");
    $sock = new sockets();
    $date = new DateTime();
    $date->sub(new DateInterval('P1D'));
    $YESTERDAY = $date->format("d/m/Y");
    $LASTHOUR = date("H", time() - 3600);
    $HOUR = date("H", time());
    $nice = $unix->EXEC_NICE();
    $sarg_bin = $unix->find_program("sarg");
    $results[] = "Today: {$TODAY}";
    $results[] = "Last Hour: {$LASTHOUR}";
    $results[] = "Current Hour: {$LASTHOUR}";
    $SargOutputDir = $sock->GET_INFO("SargOutputDir");
    if ($SargOutputDir == null) {
        $SargOutputDir = "/var/www/html/squid-reports";
    }
    $lighttpd_user = $unix->APACHE_SRC_ACCOUNT();
    $results[] = "Output directory: {$SargOutputDir}\n";
    $results[] = "Web service user: {$lighttpd_user}\n";
    $results[] = "Sarg binary: {$sarg_bin}";
    $results[] = "Nice command: {$nice}";
    @mkdir("{$SargOutputDir}/daily", 0755, true);
    $unix->chown_func($lighttpd_user, $lighttpd_user, "{$SargOutputDir}/*");
    @mkdir("{$SargOutputDir}/hourly", 0755);
    $squid = new squidbee();
    if ($squid->is_auth()) {
        $usersauth = true;
    }
    if ($usersauth) {
        events("User authentification enabled");
        $u = " -i ";
    } else {
        events("User authentification disabled");
    }
    $cmds[] = "{$nice}{$sarg_bin} {$u}-f /etc/squid3/sarg.conf";
    $cmds[] = "-l /var/log/squid/access.log -o \"{$SargOutputDir}/hourly\" -z -d {$TODAY}-{$TODAY}";
    $cmds[] = "-t \"{$LASTHOUR}:00-{$HOUR}:00\"";
    buildconf();
    $cmline = @implode(" ", $cmds);
    sargevents("execute_hourly(): {$cmline}");
    exec("{$cmline} 2>&1", $results);
    $took = $unix->distanceOfTimeInWords($t, time());
    sargevents("Hourly {$LASTHOUR}:00-{$HOUR}:00 report generated took: {$took}");
    sarg_admin_events("Hourly {$LASTHOUR}:00-{$HOUR}:00 report generated took: {$took}\n" . @implode("\n", $results), __FUNCTION__, __FILE__, __LINE__, "sarg");
    build_index_page();
    $unix->chown_func($lighttpd_user, $lighttpd_user, "{$SargOutputDir}/*");
}
Esempio n. 24
0
function CheckFilesAndSecurity()
{
    $unix = new unix();
    $f[] = "/etc/ziproxy";
    while (list($num, $val) = each($f)) {
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} checking \"{$val}\"\n";
        }
        if (!is_dir($val)) {
            @mkdir($val, 0755, true);
        }
        $unix->chown_func("squid", "squid", "{$val}/*");
    }
}
Esempio n. 25
0
function MultiplesInstances_start($hostname, $ou)
{
    $hostname = trim($hostname);
    if ($hostname == null) {
        if ($GLOBALS["VERBOSE"]) {
            echo "{$GLOBALS["deflog_start"]} milter-greylist (" . __FUNCTION__ . ") return -> hostname is null\n";
        }
        return;
    }
    $unix = new unix();
    echo "{$GLOBALS["deflog_start"]} milter-greylist hostname:{$hostname} OU:({$ou}) line: " . __LINE__ . "\n";
    $main = new maincf_multi($hostname, $ou);
    $array_filters = unserialize(base64_decode($main->GET_BIGDATA("PluginsEnabled")));
    if ($array_filters["APP_MILTERGREYLIST"] == 0) {
        $enabled = false;
    }
    $pid = MultiplesInstancesPID($hostname);
    if ($unix->process_exists($pid)) {
        echo "{$GLOBALS["deflog_start"]} milter-greylist {$hostname} already running PID {$pid}\n";
        return;
    }
    echo "{$GLOBALS["deflog_start"]} milter-greylist hostname \"{$hostname}\" line: " . __LINE__ . "\n";
    $bin_path = $unix->find_program("milter-greylist");
    @mkdir("/var/spool/postfix/var/run/milter-greylist/{$hostname}", 0755, true);
    @mkdir("/var/milter-greylist/{$hostname}", 666, true);
    if (!is_file("/var/milter-greylist/{$hostname}/greylist.db")) {
        @file_put_contents("/var/milter-greylist/{$hostname}/greylist.db", " ");
    }
    shell_exec("/bin/chmod 644 /var/milter-greylist/{$hostname}/greylist.db");
    if (!is_file("/etc/milter-greylist/{$hostname}/greylist.conf")) {
        echo "{$GLOBALS["deflog_start"]} milter-greylist {$hostname} /etc/milter-greylist/{$hostname}/greylist.conf does not exists\n";
        MultiplesInstances($hostname, $ou);
        return;
    }
    $cmdline = "{$bin_path} -P /var/spool/postfix/var/run/milter-greylist/{$hostname}/greylist.pid";
    $cmdline = $cmdline . " -p /var/spool/postfix/var/run/milter-greylist/{$hostname}/greylist.sock";
    $cmdline = $cmdline . " -d /var/milter-greylist/{$hostname}/greylist.db";
    $cmdline = $cmdline . " -f /etc/milter-greylist/{$hostname}/greylist.conf";
    if ($GLOBALS["VERBOSE"]) {
        echo "{$GLOBALS["deflog_start"]} milter-greylist {$cmdline}\n";
    }
    system($cmdline);
    for ($i = 0; $i < 20; $i++) {
        $pid = MultiplesInstancesPID($hostname);
        if ($unix->process_exists($pid)) {
            echo "{$GLOBALS["deflog_start"]} milter-greylist {$hostname} started PID {$pid}\n";
            break;
        }
        sleep(1);
    }
    $pid = MultiplesInstancesPID($hostname);
    if ($unix->process_exists($pid)) {
        $main->ConfigureMilters();
    }
    for ($i = 0; $i < 10; $i++) {
        if (is_file("/var/spool/postfix/var/run/milter-greylist/{$hostname}/greylist.sock")) {
            break;
        }
        echo "{$GLOBALS["deflog_start"]} milter-greylist waiting greylist.sock ({$i}/10)\n";
        sleep(1);
    }
    @chown("/var/spool/postfix/var/run/milter-greylist", "postfix");
    @chgrp("/var/spool/postfix/var/run/milter-greylist", "postfix");
    @chown("/var/spool/postfix/var/run/milter-greylist/{$hostname}/greylist.sock", "postfix");
    @chmod("/var/spool/postfix/var/run/milter-greylist/{$hostname}/greylist.sock", 0777);
    @chmod("/var/spool/postfix/var/run/milter-greylist", 0755);
    $unix->chown_func("postfix", "postfix", "/var/spool/postfix/var/run/milter-greylist/*");
    $unix->chown_func("postfix", "postfix", "/var/spool/postfix/var/run/milter-greylist/{$hostname}");
    $unix->chown_func("postfix", "postfix", "/var/spool/postfix/var/run/milter-greylist/{$hostname}/greylist.sock");
}
Esempio n. 26
0
function build()
{
    $unix = new unix();
    @mkdir("/var/run/lighttpd", 0755, true);
    @mkdir("/var/log/lighttpd", 0755, true);
    $username = $unix->LIGHTTPD_USER();
    $sock = new sockets();
    $phpcgi = $unix->LIGHTTPD_PHP5_CGI_BIN_PATH();
    $chown = $unix->find_program("chown");
    $perlbin = $unix->find_program("perl");
    $nohup = $unix->find_program("nohup");
    $php = $unix->LOCATE_PHP5_BIN();
    $PHP_STANDARD_MODE = true;
    $SquidGuardApachePort = intval($sock->GET_INFO("SquidGuardApachePort"));
    $SquidGuardApacheSSLPort = intval($sock->GET_INFO("SquidGuardApacheSSLPort"));
    if ($SquidGuardApachePort == 0) {
        $SquidGuardApachePort = 9020;
    }
    if ($SquidGuardApacheSSLPort == 0) {
        $SquidGuardApacheSSLPort = 9025;
    }
    $SquidGuardWebSSLCertificate = $sock->GET_INFO("SquidGuardWebSSLCertificate");
    @mkdir("/home/squid/error_page_sessions", 0755, true);
    @mkdir("/home/squid/error_page_cache", 0755, true);
    if ($username == null) {
        $username = "******";
        $unix->CreateUnixUser($username, $username, "lighttpd username");
    }
    if (preg_match("#^(.+?):(.+)#", $username, $re)) {
        $username = $re[1];
        $username = $re[1];
    }
    $SquidGuardStorageDir = $sock->GET_INFO("SquidGuardStorageDir");
    @unlink("/var/log/lighttpd/squidguard-lighttpd-error.log");
    @unlink("/var/log/lighttpd/squidguard-lighttpd.log");
    if (!is_file("/var/log/lighttpd/squidguard-lighttpd.log")) {
        @file_put_contents("/var/log/lighttpd/squidguard-lighttpd.log", "#");
    }
    if (!is_file("/var/log/lighttpd/squidguard-lighttpd-error.log")) {
        @file_put_contents("/var/log/artica-postfix/lighttpd-error.log", "#");
    }
    $unix->chown_func($username, $username, "/var/log/lighttpd/squidguard-lighttpd.log");
    $unix->chown_func($username, $username, "/var/log/lighttpd/squidguard-lighttpd-error.log");
    $unix->chown_func($username, $username, "/home/squid/error_page_sessions");
    $unix->chown_func($username, $username, "/home/squid/error_page_cache");
    $unix->chown_func($username, $username, "/usr/share/artica-postfix/bin/install/squid/adzap/zaps/*");
    @chmod("/var/log/lighttpd/squidguard-lighttpd-error.log", 0777);
    @chmod("/var/log/lighttpd/squidguard-lighttpd.log", 0777);
    if ($SquidGuardStorageDir == null) {
        $SquidGuardStorageDir = "/home/artica/cache";
    }
    @mkdir($SquidGuardStorageDir, 0755, true);
    $unix->chown_func($username, $username, $SquidGuardStorageDir);
    $LighttpdUseUnixSocket = $sock->GET_INFO('LighttpdUseUnixSocket');
    if (!is_numeric($LighttpdUseUnixSocket)) {
        $LighttpdUseUnixSocket = 0;
    }
    $lighttpdPhpPort = $sock->GET_INFO('lighttpdPhpPort');
    if (!is_numeric($lighttpdPhpPort)) {
        $lighttpdPhpPort = 1808;
    }
    $LighttpdArticaMaxProcs = $sock->GET_INFO('LighttpdArticaMaxProcs');
    if (!is_numeric($LighttpdArticaMaxProcs)) {
        $LighttpdArticaMaxProcs = 0;
    }
    $LighttpdArticaMaxChildren = $sock->GET_INFO('LighttpdArticaMaxChildren');
    if (!is_numeric($LighttpdArticaMaxChildren)) {
        $LighttpdArticaMaxChildren = 0;
    }
    $LighttpdRunAsminimal = $sock->GET_INFO('LighttpdRunAsminimal');
    if (!is_numeric($LighttpdRunAsminimal)) {
        $LighttpdRunAsminimal = 0;
    }
    $PHP_FCGI_MAX_REQUESTS = $sock->GET_INFO('PHP_FCGI_MAX_REQUESTS');
    if (!is_numeric($PHP_FCGI_MAX_REQUESTS)) {
        $PHP_FCGI_MAX_REQUESTS = 200;
    }
    $EnablePHPFPM = $sock->GET_INFO('EnablePHPFPM');
    if (!is_numeric($EnablePHPFPM)) {
        $EnablePHPFPM = 0;
    }
    $EnableArticaApachePHPFPM = $sock->GET_INFO("EnableArticaApachePHPFPM");
    if (!is_numeric($EnableArticaApachePHPFPM)) {
        $EnableArticaApachePHPFPM = 0;
    }
    if ($EnableArticaApachePHPFPM == 0) {
        $EnablePHPFPM = 0;
    }
    $PHP_STANDARD_MODE = true;
    $phpcgi_path = $unix->LIGHTTPD_PHP5_CGI_BIN_PATH();
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Run as: {$username}\n";
    }
    $PHP_FCGI_CHILDREN = 1;
    $max_procs = 2;
    if ($LighttpdArticaMaxProcs > 0) {
        $max_procs = $LighttpdArticaMaxProcs;
    }
    if ($LighttpdArticaMaxChildren > 0) {
        $HP_FCGI_CHILDREN = $LighttpdArticaMaxChildren;
    }
    if ($LighttpdRunAsminimal == 1) {
        $max_procs = 2;
        $PHP_FCGI_CHILDREN = 2;
    }
    $f[] = "#artica-postfix saved by artica lighttpd.conf";
    $f[] = "";
    $f[] = "server.modules = (";
    $f[] = "        \"mod_alias\",";
    $f[] = "        \"mod_access\",";
    $f[] = "        \"mod_accesslog\",";
    $f[] = "        \"mod_compress\",";
    $f[] = "        \"mod_fastcgi\",";
    $f[] = "        \"mod_cgi\",";
    $f[] = "\t       \"mod_status\"";
    $f[] = ")";
    $f[] = "";
    $f[] = "server.document-root        = \"/usr/share/artica-postfix\"";
    $f[] = "server.username = \"{$username}\"";
    $f[] = "server.groupname = \"{$username}\"";
    $f[] = "server.errorlog             = \"/var/log/lighttpd/squidguard-lighttpd-error.log\"";
    $f[] = "index-file.names            = ( \"exec.squidguard.php\")";
    $f[] = "";
    $f[] = "mimetype.assign             = (";
    $f[] = "  \".pdf\"          =>      \"application/pdf\",";
    $f[] = "  \".sig\"          =>      \"application/pgp-signature\",";
    $f[] = "  \".spl\"          =>      \"application/futuresplash\",";
    $f[] = "  \".class\"        =>      \"application/octet-stream\",";
    $f[] = "  \".ps\"           =>      \"application/postscript\",";
    $f[] = "  \".torrent\"      =>      \"application/x-bittorrent\",";
    $f[] = "  \".dvi\"          =>      \"application/x-dvi\",";
    $f[] = "  \".gz\"           =>      \"application/x-gzip\",";
    $f[] = "  \".pac\"          =>      \"application/x-ns-proxy-autoconfig\",";
    $f[] = "  \".swf\"          =>      \"application/x-shockwave-flash\",";
    $f[] = "  \".tar.gz\"       =>      \"application/x-tgz\",";
    $f[] = "  \".tgz\"          =>      \"application/x-tgz\",";
    $f[] = "  \".tar\"          =>      \"application/x-tar\",";
    $f[] = "  \".zip\"          =>      \"application/zip\",";
    $f[] = "  \".mp3\"          =>      \"audio/mpeg\",";
    $f[] = "  \".m3u\"          =>      \"audio/x-mpegurl\",";
    $f[] = "  \".wma\"          =>      \"audio/x-ms-wma\",";
    $f[] = "  \".wax\"          =>      \"audio/x-ms-wax\",";
    $f[] = "  \".ogg\"          =>      \"application/ogg\",";
    $f[] = "  \".wav\"          =>      \"audio/x-wav\",";
    $f[] = "  \".gif\"          =>      \"image/gif\",";
    $f[] = "  \".jar\"          =>      \"application/x-java-archive\",";
    $f[] = "  \".jpg\"          =>      \"image/jpeg\",";
    $f[] = "  \".jpeg\"         =>      \"image/jpeg\",";
    $f[] = "  \".png\"          =>      \"image/png\",";
    $f[] = "  \".xbm\"          =>      \"image/x-xbitmap\",";
    $f[] = "  \".xpm\"          =>      \"image/x-xpixmap\",";
    $f[] = "  \".xwd\"          =>      \"image/x-xwindowdump\",";
    $f[] = "  \".css\"          =>      \"text/css\",";
    $f[] = "  \".html\"         =>      \"text/html\",";
    $f[] = "  \".htm\"          =>      \"text/html\",";
    $f[] = "  \".js\"           =>      \"text/javascript\",";
    $f[] = "  \".asc\"          =>      \"text/plain\",";
    $f[] = "  \".c\"            =>      \"text/plain\",";
    $f[] = "  \".cpp\"          =>      \"text/plain\",";
    $f[] = "  \".log\"          =>      \"text/plain\",";
    $f[] = "  \".conf\"         =>      \"text/plain\",";
    $f[] = "  \".text\"         =>      \"text/plain\",";
    $f[] = "  \".txt\"          =>      \"text/plain\",";
    $f[] = "  \".dtd\"          =>      \"text/xml\",";
    $f[] = "  \".xml\"          =>      \"text/xml\",";
    $f[] = "  \".mpeg\"         =>      \"video/mpeg\",";
    $f[] = "  \".mpg\"          =>      \"video/mpeg\",";
    $f[] = "  \".mov\"          =>      \"video/quicktime\",";
    $f[] = "  \".qt\"           =>      \"video/quicktime\",";
    $f[] = "  \".avi\"          =>      \"video/x-msvideo\",";
    $f[] = "  \".asf\"          =>      \"video/x-ms-asf\",";
    $f[] = "  \".asx\"          =>      \"video/x-ms-asf\",";
    $f[] = "  \".wmv\"          =>      \"video/x-ms-wmv\",";
    $f[] = "  \".bz2\"          =>      \"application/x-bzip\",";
    $f[] = "  \".tbz\"          =>      \"application/x-bzip-compressed-tar\",";
    $f[] = "  \".tar.bz2\"      =>      \"application/x-bzip-compressed-tar\",";
    $f[] = "  \"\"              =>      \"application/octet-stream\",";
    $f[] = " )";
    $f[] = "";
    $f[] = "";
    $f[] = "accesslog.filename          = \"/var/log/lighttpd/squidguard-lighttpd.log\"";
    $f[] = "url.access-deny             = ( \"~\", \".inc\",\".log\",\".ini\",\"ressources\",\"computers\",\"user-backup\",\"logon.php\",\"index.php\")";
    $f[] = "";
    $f[] = "static-file.exclude-extensions = ( \".php\", \".pl\", \".fcgi\" )";
    $f[] = "server.port                 = {$SquidGuardApachePort}";
    $f[] = "#server.bind                = \"127.0.0.1\"";
    $f[] = "server.error-handler-404   = \"/exec.squidguard.php\"";
    $f[] = "#server.error-handler-404   = \"/error-handler.php\"";
    $f[] = "server.pid-file             = \"/var/run/lighttpd/squidguard-lighttpd.pid\"";
    $f[] = "server.max-fds \t\t   = 2048";
    $f[] = "server.network-backend      = \"write\"";
    $f[] = "server.follow-symlink = \"enable\"";
    $f[] = "";
    $f[] = '';
    $f[] = "\$SERVER[\"socket\"]== \":{$SquidGuardApacheSSLPort}\" {";
    $f[] = "\tssl.engine                 = \"enable\"";
    $cert = new lighttpd_certificate($SquidGuardWebSSLCertificate);
    $f[] = $cert->build();
    $f[] = "ssl.cipher-list=\"ALL:!aNULL:!ADH:!eNULL:!LOW:!EXP:RC4+RSA:+HIGH:+MEDIUM:+SSLv3\"";
    $f[] = "}";
    if (!is_file("/opt/artica/ssl/certs/lighttpd.pem")) {
        @chmod("/usr/share/artica-postfix/bin/artica-install", 0755);
        shell_exec("/usr/share/artica-postfix/bin/artica-install -lighttpd-cert");
    }
    //
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Listen on: {$SquidGuardApachePort}\n";
    }
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Listen on: {$SquidGuardApacheSSLPort} SSL\n";
    }
    $phpfpm = $unix->find_program('php5-fpm');
    if (!is_file($phpfpm)) {
        $phpfpm = $unix->find_program('php-fpm');
    }
    if (is_file($phpfpm)) {
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} PHP-FPM is installed\n";
        }
        if ($EnablePHPFPM == 1) {
            if ($GLOBALS["OUTPUT"]) {
                echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} PHP-FPM is enabled\n";
            }
            $PHP_STANDARD_MODE = false;
            $f[] = 'fastcgi.server = ( ".php" =>((';
            $f[] = '         "socket" => "/var/run/php-fpm.sock",';
        }
    }
    if ($PHP_STANDARD_MODE) {
        $f[] = 'fastcgi.server = ( ".php" =>((';
        $f[] = '         "bin-path" => "/usr/bin/php-cgi",';
        if ($LighttpdUseUnixSocket == 1) {
            if ($GLOBALS["OUTPUT"]) {
                echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Fast-cgi server unix socket mode\n";
            }
            $f[] = '         "socket" => "/var/run/lighttpd/php.socket" + var.PID,';
        } else {
            if ($GLOBALS["OUTPUT"]) {
                echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Fast-cgi server socket 127.0.0.1:{$lighttpdPhpPort}\n";
            }
            $f[] = '         "host" => "127.0.0.1","port" =>' . $lighttpdPhpPort . ',';
        }
    }
    $f[] = '         "max-procs" => ' . $max_procs . ',';
    $f[] = '         "idle-timeout" => 10,';
    $f[] = '         "bin-environment" => (';
    $f[] = '             "PHP_FCGI_CHILDREN" => "' . $PHP_FCGI_CHILDREN . '",';
    $f[] = '             "PHP_FCGI_MAX_REQUESTS" => "' . $PHP_FCGI_MAX_REQUESTS . '"';
    $f[] = '          ),';
    $f[] = '          "bin-copy-environment" => (';
    $f[] = '            "PATH", "SHELL", "USER"';
    $f[] = '           ),';
    $f[] = '          "broken-scriptfilename" => "enable"';
    $f[] = '        ))';
    $f[] = ')';
    $f[] = "alias.url += ( \"/css/\" => \"/usr/share/artica-postfix/css/\" )";
    $f[] = "alias.url += ( \"/img/\" => \"/usr/share/artica-postfix/img/\" )";
    $f[] = "alias.url += ( \"/js/\" => \"/usr/share/artica-postfix/js/\" )";
    $f[] = "alias.url += ( \"/zaps/\" => \"/usr/share/artica-postfix/bin/install/squid/adzap/zaps/\" )";
    $f[] = "";
    $f[] = "cgi.assign= (";
    $f[] = "\t\".pl\"  => \"/usr/bin/perl\",";
    $f[] = "\t\".php\" => \"/usr/bin/php-cgi\",";
    $f[] = "\t\".py\"  => \"/usr/bin/python\",";
    $f[] = "\t\".cgi\"  => \"/usr/bin/perl\",";
    $f[] = ")";
    @file_put_contents("/etc/artica-postfix/squidguard-lighttpd.conf", @implode("\n", $f));
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} squidguard-lighttpd.conf done.\n";
    }
}
Esempio n. 27
0
function start($aspid = false)
{
    $unix = new unix();
    $sock = new sockets();
    $Masterbin = $unix->find_program("freshclam");
    if (!is_file($Masterbin)) {
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]}, clamd not installed\n";
        }
        return;
    }
    if (!$aspid) {
        $pidfile = "/etc/artica-postfix/pids/" . basename(__FILE__) . "." . __FUNCTION__ . ".pid";
        $pid = $unix->get_pid_from_file($pidfile);
        if ($unix->process_exists($pid, basename(__FILE__))) {
            $time = $unix->PROCCESS_TIME_MIN($pid);
            if ($GLOBALS["OUTPUT"]) {
                echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Already Artica task running PID {$pid} since {$time}mn\n";
            }
            return;
        }
        @file_put_contents($pidfile, getmypid());
    }
    $pid = PID_NUM();
    if ($unix->process_exists($pid)) {
        $timepid = $unix->PROCCESS_TIME_MIN($pid);
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Service already started {$pid} since {$timepid}Mn...\n";
        }
        return;
    }
    $EnableFreshClam = $sock->GET_INFO("EnableFreshClam");
    if (!is_numeric($EnableFreshClam)) {
        $EnableFreshClam = 0;
    }
    if ($EnableFreshClam == 0) {
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} service disabled (see EnableFreshClam/EnableClamavDaemon)\n";
        }
        build_progress(110, "{starting} {APP_FRESHCLAM} {disabled}");
        return;
    }
    $php5 = $unix->LOCATE_PHP5_BIN();
    $nohup = $unix->find_program("nohup");
    $aa_complain = $unix->find_program('aa-complain');
    if (is_file($aa_complain)) {
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} add {$Masterbin} Profile to AppArmor..\n";
        }
        shell_exec("{$aa_complain} {$Masterbin} >/dev/null 2>&1");
    }
    $ClamUser = $unix->ClamUser();
    @chmod("/usr/share/artica-postfix/ressources/logs/web", 0777);
    @mkdir("/var/clamav", 0755, true);
    @mkdir("/var/run/clamav", 0755, true);
    @mkdir("/var/lib/clamav", 0755, true);
    @mkdir("/var/log/clamav", 0755, true);
    $unix->chown_func("{$ClamUser}", "{$ClamUser}", "/var/clamav");
    $unix->chown_func("{$ClamUser}", "{$ClamUser}", "/var/run/clamav");
    $unix->chown_func("{$ClamUser}", "{$ClamUser}", "/var/lib/clamav");
    $unix->chown_func("{$ClamUser}", "{$ClamUser}", "/var/log/clamav");
    if (is_file("/var/log/clamav/freshclam.log")) {
        $unix->chown_func("{$ClamUser}", "{$ClamUser}", "/var/log/clamav/freshclam.log");
    }
    build_progress(71, "{starting} {APP_FRESHCLAM}");
    build();
    build_progress(72, "{starting} {APP_FRESHCLAM}");
    $cmd = "{$nohup} {$Masterbin} --daemon  --config-file=/etc/clamav/freshclam.conf --pid=/var/run/clamav/freshclam.pid --user={$ClamUser} --log=/var/log/clamav/freshclam.log --on-update-execute=/usr/share/artica-postfix/exec.freshclam.updated.php >/dev/null 2>&1 &";
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} service\n";
    }
    shell_exec($cmd);
    for ($i = 1; $i < 5; $i++) {
        build_progress(72 + $i, "{starting} {APP_FRESHCLAM}");
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} waiting {$i}/5\n";
        }
        sleep(1);
        $pid = PID_NUM();
        if ($unix->process_exists($pid)) {
            break;
        }
    }
    build_progress(80, "{starting} {APP_FRESHCLAM}");
    $pid = PID_NUM();
    if ($unix->process_exists($pid)) {
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Success PID {$pid}\n";
        }
        return true;
    } else {
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Failed\n";
        }
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} {$cmd}\n";
        }
        build_progress(110, "{starting} {APP_FRESHCLAM} {failed}");
        return false;
    }
    $pid = PID_NUM();
    if (!$unix->process_exists($pid)) {
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Failed..\n";
        }
        build_progress(110, "{starting} {APP_FRESHCLAM} {failed}");
    }
}
Esempio n. 28
0
function apache_config()
{
    $sock = new sockets();
    $unix = new unix();
    $EnablePHPFPM = 0;
    $ipaddr = null;
    @mkdir("/var/run/apache2", 0755, true);
    @mkdir("/var/run/sarg-apache", 0755, true);
    @mkdir("/var/log/apache2", 0755, true);
    @mkdir(dirname($GLOBALS["APACHE_PID_PATH"]), 0755, true);
    $APACHE_SRC_ACCOUNT = $unix->APACHE_SRC_ACCOUNT();
    $APACHE_SRC_GROUP = $unix->APACHE_SRC_GROUP();
    $APACHE_MODULES_PATH = $unix->APACHE_MODULES_PATH();
    $SargOutputDir = $sock->GET_INFO("SargOutputDir");
    if ($SargOutputDir == null) {
        $SargOutputDir = "/var/www/html/squid-reports";
    }
    $SargWebPort = intval($sock->GET_INFO("SargWebPort"));
    if ($SargWebPort == 0) {
        $SargWebPort = rand(55600, 59000);
        $sock->SET_INFO("SargWebPort", $SargWebPort);
    }
    if (is_link($SargOutputDir)) {
        $SargOutputDir = @readlink($SargOutputDir);
    }
    @mkdir($SargOutputDir, 0755, true);
    if (!is_file("{$SargOutputDir}/index.html")) {
        $php = $unix->LOCATE_PHP5_BIN();
        shell_exec("{$php} /usr/share/artica-postfix/exec.sarg.php --exec --force >/dev/null 2>&1 &");
    }
    if ($ipaddr == null) {
        $ipaddr = "*";
    }
    $phpfpm = $unix->APACHE_LOCATE_PHP_FPM();
    $php = $unix->LOCATE_PHP5_BIN();
    $EnableArticaApachePHPFPM = $sock->GET_INFO("EnableArticaApachePHPFPM");
    if (!is_numeric($EnableArticaApachePHPFPM)) {
        $EnableArticaApachePHPFPM = 0;
    }
    if (!is_file($phpfpm)) {
        $EnableArticaApachePHPFPM = 0;
    }
    $logfile = "/var/log/apache2/apache-sarg-access.log";
    $ErrorLog = "/var/log/apache2/apache-sarg-error.log";
    $unix->chown_func($APACHE_SRC_ACCOUNT, $APACHE_SRC_GROUP, "/var/run/sarg-apache");
    $apache_LOCATE_MIME_TYPES = $unix->apache_LOCATE_MIME_TYPES();
    if ($EnableArticaApachePHPFPM == 1) {
        if (!is_file("{$APACHE_MODULES_PATH}/mod_fastcgi.so")) {
            if ($GLOBALS["OUTPUT"]) {
                echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} mod_fastcgi.so is required to use PHP5-FPM\n";
            }
            $EnableArticaApachePHPFPM = 0;
        }
    }
    if ($APACHE_SRC_ACCOUNT == null) {
        $APACHE_SRC_ACCOUNT = "www-data";
        $APACHE_SRC_GROUP = "www-data";
        $unix->CreateUnixUser($APACHE_SRC_ACCOUNT, $APACHE_SRC_GROUP, "Apache username");
    }
    @unlink($ErrorLog);
    @unlink($logfile);
    if (!is_file("{$logfile}")) {
        @touch("{$logfile}");
    }
    if (!is_file("{$ErrorLog}")) {
        @touch("{$ErrorLog}");
    }
    $unix->chown_func($APACHE_SRC_ACCOUNT, $APACHE_SRC_GROUP, $ErrorLog);
    $unix->chown_func($APACHE_SRC_ACCOUNT, $APACHE_SRC_GROUP, $logfile);
    $unix->chown_func($APACHE_SRC_ACCOUNT, $APACHE_SRC_GROUP, "/var/run/sarg-apache");
    $unix->chown_func($APACHE_SRC_ACCOUNT, $APACHE_SRC_GROUP, "/var/log/apache2");
    $unix->chown_func($APACHE_SRC_ACCOUNT, $APACHE_SRC_GROUP, dirname($GLOBALS["APACHE_PID_PATH"]));
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Run as {$APACHE_SRC_ACCOUNT}:{$APACHE_SRC_GROUP}\n";
    }
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} HTTP Port: {$ArticaSplashHotSpotPort} SSL Port: {$ArticaSplashHotSpotPortSSL}\n";
    }
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} PHP-FPM: {$EnablePHPFPM}\n";
    }
    $f[] = "LockFile /var/run/apache2/sarg-artica-accept.lock";
    $f[] = "PidFile {$GLOBALS["APACHE_PID_PATH"]}";
    $f[] = "AcceptMutex flock";
    $f[] = "DocumentRoot {$SargOutputDir}";
    $f[] = "DirectoryIndex index.html";
    $f[] = "ErrorDocument 400 /index.html";
    $f[] = "ErrorDocument 401 /index.html";
    $f[] = "ErrorDocument 403 /index.html";
    $f[] = "ErrorDocument 404 /index.html";
    $f[] = "ErrorDocument 500 /index.html";
    $f[] = "NameVirtualHost {$ipaddr}:{$SargWebPort}";
    $f[] = "Listen {$ipaddr}:{$SargWebPort}";
    $f[] = "<VirtualHost {$ipaddr}:{$SargWebPort}>";
    $f[] = "\tServerName {$ipaddr}";
    $f[] = "\tDocumentRoot {$SargOutputDir}";
    $f[] = "</VirtualHost>";
    $f[] = "<IfModule mpm_prefork_module>";
    $f[] = "</IfModule>";
    $f[] = "<IfModule mpm_worker_module>";
    $f[] = "\tMinSpareThreads      25";
    $f[] = "\tMaxSpareThreads      75 ";
    $f[] = "\tThreadLimit          64";
    $f[] = "\tThreadsPerChild      25";
    $f[] = "</IfModule>";
    $f[] = "<IfModule mpm_event_module>";
    $f[] = "\tMinSpareThreads      25";
    $f[] = "\tMaxSpareThreads      75 ";
    $f[] = "\tThreadLimit          64";
    $f[] = "\tThreadsPerChild      25";
    $f[] = "</IfModule>";
    $f[] = "AccessFileName .htaccess";
    $f[] = "<Files ~ \"^\\.ht\">";
    $f[] = "\tOrder allow,deny";
    $f[] = "\tDeny from all";
    $f[] = "\tSatisfy all";
    $f[] = "</Files>";
    $f[] = "DefaultType text/plain";
    $f[] = "HostnameLookups Off";
    $f[] = "User\t\t\t\t   {$APACHE_SRC_ACCOUNT}";
    $f[] = "Group\t\t\t\t   {$APACHE_SRC_GROUP}";
    $f[] = "Timeout              300";
    $f[] = "KeepAlive            Off";
    $f[] = "KeepAliveTimeout     15";
    $f[] = "StartServers         1";
    $f[] = "MaxClients           50";
    $f[] = "MinSpareServers      2";
    $f[] = "MaxSpareServers      5";
    $f[] = "MaxRequestsPerChild  5000";
    $f[] = "MaxKeepAliveRequests 100";
    $f[] = "ServerName " . $unix->hostname_g();
    $f[] = "<IfModule mod_mime.c>";
    $f[] = "\tTypesConfig /etc/mime.types";
    $f[] = "\tAddType application/x-compress .Z";
    $f[] = "\tAddType application/x-gzip .gz .tgz";
    $f[] = "\tAddType application/x-bzip2 .bz2";
    $f[] = "\tAddType application/x-httpd-php .php .phtml";
    $f[] = "\tAddType application/x-httpd-php-source .phps";
    $f[] = "\tAddLanguage ca .ca";
    $f[] = "\tAddLanguage cs .cz .cs";
    $f[] = "\tAddLanguage da .dk";
    $f[] = "\tAddLanguage de .de";
    $f[] = "\tAddLanguage el .el";
    $f[] = "\tAddLanguage en .en";
    $f[] = "\tAddLanguage eo .eo";
    $f[] = "\tRemoveType  es";
    $f[] = "\tAddLanguage es .es";
    $f[] = "\tAddLanguage et .et";
    $f[] = "\tAddLanguage fr .fr";
    $f[] = "\tAddLanguage he .he";
    $f[] = "\tAddLanguage hr .hr";
    $f[] = "\tAddLanguage it .it";
    $f[] = "\tAddLanguage ja .ja";
    $f[] = "\tAddLanguage ko .ko";
    $f[] = "\tAddLanguage ltz .ltz";
    $f[] = "\tAddLanguage nl .nl";
    $f[] = "\tAddLanguage nn .nn";
    $f[] = "\tAddLanguage no .no";
    $f[] = "\tAddLanguage pl .po";
    $f[] = "\tAddLanguage pt .pt";
    $f[] = "\tAddLanguage pt-BR .pt-br";
    $f[] = "\tAddLanguage ru .ru";
    $f[] = "\tAddLanguage sv .sv";
    $f[] = "\tRemoveType  tr";
    $f[] = "\tAddLanguage tr .tr";
    $f[] = "\tAddLanguage zh-CN .zh-cn";
    $f[] = "\tAddLanguage zh-TW .zh-tw";
    $f[] = "\tAddCharset us-ascii    .ascii .us-ascii";
    $f[] = "\tAddCharset ISO-8859-1  .iso8859-1  .latin1";
    $f[] = "\tAddCharset ISO-8859-2  .iso8859-2  .latin2 .cen";
    $f[] = "\tAddCharset ISO-8859-3  .iso8859-3  .latin3";
    $f[] = "\tAddCharset ISO-8859-4  .iso8859-4  .latin4";
    $f[] = "\tAddCharset ISO-8859-5  .iso8859-5  .cyr .iso-ru";
    $f[] = "\tAddCharset ISO-8859-6  .iso8859-6  .arb .arabic";
    $f[] = "\tAddCharset ISO-8859-7  .iso8859-7  .grk .greek";
    $f[] = "\tAddCharset ISO-8859-8  .iso8859-8  .heb .hebrew";
    $f[] = "\tAddCharset ISO-8859-9  .iso8859-9  .latin5 .trk";
    $f[] = "\tAddCharset ISO-8859-10  .iso8859-10  .latin6";
    $f[] = "\tAddCharset ISO-8859-13  .iso8859-13";
    $f[] = "\tAddCharset ISO-8859-14  .iso8859-14  .latin8";
    $f[] = "\tAddCharset ISO-8859-15  .iso8859-15  .latin9";
    $f[] = "\tAddCharset ISO-8859-16  .iso8859-16  .latin10";
    $f[] = "\tAddCharset ISO-2022-JP .iso2022-jp .jis";
    $f[] = "\tAddCharset ISO-2022-KR .iso2022-kr .kis";
    $f[] = "\tAddCharset ISO-2022-CN .iso2022-cn .cis";
    $f[] = "\tAddCharset Big5        .Big5       .big5 .b5";
    $f[] = "\tAddCharset cn-Big5     .cn-big5";
    $f[] = "\t# For russian, more than one charset is used (depends on client, mostly):";
    $f[] = "\tAddCharset WINDOWS-1251 .cp-1251   .win-1251";
    $f[] = "\tAddCharset CP866       .cp866";
    $f[] = "\tAddCharset KOI8      .koi8";
    $f[] = "\tAddCharset KOI8-E      .koi8-e";
    $f[] = "\tAddCharset KOI8-r      .koi8-r .koi8-ru";
    $f[] = "\tAddCharset KOI8-U      .koi8-u";
    $f[] = "\tAddCharset KOI8-ru     .koi8-uk .ua";
    $f[] = "\tAddCharset ISO-10646-UCS-2 .ucs2";
    $f[] = "\tAddCharset ISO-10646-UCS-4 .ucs4";
    $f[] = "\tAddCharset UTF-7       .utf7";
    $f[] = "\tAddCharset UTF-8       .utf8";
    $f[] = "\tAddCharset UTF-16      .utf16";
    $f[] = "\tAddCharset UTF-16BE    .utf16be";
    $f[] = "\tAddCharset UTF-16LE    .utf16le";
    $f[] = "\tAddCharset UTF-32      .utf32";
    $f[] = "\tAddCharset UTF-32BE    .utf32be";
    $f[] = "\tAddCharset UTF-32LE    .utf32le";
    $f[] = "\tAddCharset euc-cn      .euc-cn";
    $f[] = "\tAddCharset euc-gb      .euc-gb";
    $f[] = "\tAddCharset euc-jp      .euc-jp";
    $f[] = "\tAddCharset euc-kr      .euc-kr";
    $f[] = "\tAddCharset EUC-TW      .euc-tw";
    $f[] = "\tAddCharset gb2312      .gb2312 .gb";
    $f[] = "\tAddCharset iso-10646-ucs-2 .ucs-2 .iso-10646-ucs-2";
    $f[] = "\tAddCharset iso-10646-ucs-4 .ucs-4 .iso-10646-ucs-4";
    $f[] = "\tAddCharset shift_jis   .shift_jis .sjis";
    $f[] = "\tAddType text/html .shtml";
    $f[] = "\tAddOutputFilter INCLUDES .shtml";
    $f[] = "</IfModule>";
    //$f[]="Alias /index.php /usr/share/artica-postfix/hotspot.php";
    //$f[]="Alias /index.html /usr/share/artica-postfix/hotspot.php";
    $f[] = "<Directory \"{$SargOutputDir}\">";
    $f[] = "\tDirectorySlash On";
    $f[] = "\tDirectoryIndex index.html";
    $f[] = "\t\t<Files \"hostpot.php\">";
    $f[] = "\t\t\tOrder allow,deny";
    $f[] = "\t\t\tallow from all";
    $f[] = "\t\t</Files>";
    $f[] = "\tErrorDocument 400 /index.html";
    $f[] = "\tErrorDocument 401 /index.html";
    $f[] = "\tErrorDocument 403 /index.html";
    $f[] = "\tErrorDocument 404 /index.html";
    $f[] = "\tErrorDocument 500 /index.html";
    $f[] = "\tOptions -Indexes";
    $f[] = "\tAllowOverride All";
    $f[] = "\tOrder allow,deny";
    $f[] = "\tAllow from all";
    $f[] = "</Directory>";
    $f[] = "Loglevel debug";
    $f[] = "ErrorLog {$ErrorLog}";
    $f[] = "LogFormat \"%h %l %u %t \\\"%r\\\" %<s %b\" common";
    $f[] = "CustomLog {$logfile} common";
    $array["actions_module"] = "mod_actions.so";
    $array["expires_module"] = "mod_expires.so";
    $array["rewrite_module"] = "mod_rewrite.so";
    $array["dir_module"] = "mod_dir.so";
    $array["mime_module"] = "mod_mime.so";
    $array["alias_module"] = "mod_alias.so";
    $array["auth_basic_module"] = "mod_auth_basic.so";
    $array["authz_host_module"] = "mod_authz_host.so";
    $array["autoindex_module"] = "mod_autoindex.so";
    $array["negotiation_module"] = "mod_negotiation.so";
    $array["headers_module"] = "mod_headers.so";
    //$array["ldap_module"]="mod_ldap.so";
    if (is_dir("/etc/apache2")) {
        if (!is_file("/etc/apache2/mime.types")) {
            if ($apache_LOCATE_MIME_TYPES != "/etc/apache2/mime.types") {
                @copy($apache_LOCATE_MIME_TYPES, "/etc/apache2/mime.types");
            }
        }
    }
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Mime types path.......: {$apache_LOCATE_MIME_TYPES}\n";
    }
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Modules path..........: {$APACHE_MODULES_PATH}\n";
    }
    while (list($module, $lib) = each($array)) {
        if (is_file("{$APACHE_MODULES_PATH}/{$lib}")) {
            if ($GLOBALS["OUTPUT"]) {
                echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} include module \"{$module}\"\n";
            }
            $f[] = "LoadModule {$module} {$APACHE_MODULES_PATH}/{$lib}";
        } else {
            if ($GLOBALS["OUTPUT"]) {
                echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} skip module \"{$module}\"\n";
            }
        }
    }
    @file_put_contents($GLOBALS["APACHE_CONFIG_PATH"], @implode("\n", $f));
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} {$GLOBALS["APACHE_CONFIG_PATH"]} done\n";
    }
}
Esempio n. 29
0
function build($OnlySingle = false)
{
    if (isset($GLOBALS[__FILE__ . __FUNCTION__])) {
        return;
    }
    $GLOBALS[__FILE__ . __FUNCTION__] = true;
    $unix = new unix();
    $php5 = $unix->LOCATE_PHP5_BIN();
    shell_exec("/etc/init.d/mysql start");
    build_progress("{building_main_settings}", 10);
    if ($unix->SQUID_GET_LISTEN_PORT() == 80) {
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: Squid listen 80, ports conflicts, change it\n";
        }
        shell_exec("{$php5} /usr/share/artica-postfix/exec.squid.php --build --force");
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: Restarting Squid-cache..\n";
        }
        shell_exec("/etc/init.d/squid restart --script=" . basename(__FILE__));
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: done...\n";
        }
    }
    if ($unix->SQUID_GET_LISTEN_SSL_PORT() == 443) {
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: Squid listen 443, ports conflicts, change it\n";
        }
        shell_exec("{$php5} /usr/share/artica-postfix/exec.squid.php --build --force");
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: Restarting Squid-cache..\n";
        }
        shell_exec("/etc/init.d/squid restart --script=" . basename(__FILE__));
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: done...\n";
        }
    }
    $reconfigured = false;
    if ($unix->APACHE_GET_LISTEN_PORT() == 80) {
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: Apache listen 80, ports conflicts, change it\n";
        }
        shell_exec("{$php5} /usr/share/artica-postfix/exec.freeweb.php --build --force");
        shell_exec("{$php5} /usr/share/artica-postfix/exec.freeweb.php --stop --force");
        shell_exec("{$php5} /usr/share/artica-postfix/exec.freeweb.php --start --force");
        $reconfigured = true;
    }
    if (!$reconfigured) {
        if ($unix->APACHE_GET_LISTEN_PORT() == 443) {
            if ($GLOBALS["OUTPUT"]) {
                echo "Starting......: " . date("H:i:s") . " [INIT]: Apache listen 443, ports conflicts, change it\n";
            }
            shell_exec("{$php5} /usr/share/artica-postfix/exec.freeweb.php --build --force");
        }
    }
    $APACHE_USER = $unix->APACHE_SRC_ACCOUNT();
    $APACHE_SRC_GROUP = $unix->APACHE_SRC_GROUP();
    $NginxProxyStorePath = "/home/nginx";
    @mkdir("/etc/nginx/sites-enabled", 0755, true);
    @mkdir("/etc/nginx/local-sites", 0755, true);
    @mkdir("/etc/nginx/local-sslsites", 0755, true);
    @mkdir($NginxProxyStorePath, 0755, true);
    @mkdir($NginxProxyStorePath . "/tmp", 0755, true);
    @mkdir($NginxProxyStorePath . "/disk", 0755, true);
    @mkdir("/var/lib/nginx/fastcgi", 0755, true);
    @mkdir("/home/nginx/tmp", 0755, true);
    $Tempdir = $unix->TEMP_DIR() . "/nginx";
    @mkdir($Tempdir, 0755, true);
    $unix->chown_func($APACHE_USER, $APACHE_SRC_GROUP, $NginxProxyStorePath);
    $unix->chown_func($APACHE_USER, $APACHE_SRC_GROUP, "/etc/nginx/sites-enabled");
    $unix->chown_func($APACHE_USER, $APACHE_SRC_GROUP, $NginxProxyStorePath . "/tmp");
    $unix->chown_func($APACHE_USER, $APACHE_SRC_GROUP, $NginxProxyStorePath . "/disk");
    $unix->chown_func($APACHE_USER, $APACHE_SRC_GROUP, "/var/lib/nginx/fastcgi");
    $unix->chown_func($APACHE_USER, $APACHE_SRC_GROUP, $Tempdir);
    nginx_ulimit();
    $workers = $unix->CPU_NUMBER();
    build_progress("Building configuration", 15);
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: Running {$APACHE_USER}:{$APACHE_SRC_GROUP}..\n";
    }
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: Running {$workers} worker(s)..\n";
    }
    if (is_file("/etc/nginx/sites-enabled/default")) {
        @unlink("/etc/nginx/sites-enabled/default");
    }
    if (is_link("/etc/nginx/sites-enabled/default")) {
        @unlink("/etc/nginx/sites-enabled/default");
    }
    if (is_link("/etc/nginx/conf.d/example_ssl.conf")) {
        @unlink("/etc/nginx/conf.d/example_ssl.conf");
    }
    $limit = 4096 * $workers;
    if ($limit > 65535) {
        $limit = 65535;
    }
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: Nginx, Running limit of {$limit} open files\n";
    }
    $L = explode("\n", @file_get_contents("/etc/security/limits.conf"));
    $FOUNDL = false;
    $T = array();
    while (list($index, $line) = each($L)) {
        $line = trim($line);
        if (trim($line) == null) {
            continue;
        }
        if (substr($line, 0, 1) == "#") {
            continue;
        }
        if (preg_match("#^{$APACHE_USER}#", $line)) {
            continue;
        }
        $T[] = $line;
    }
    if (!$FOUNDL) {
        $T[] = "{$APACHE_USER}       soft    nofile   {$limit}";
        $T[] = "{$APACHE_USER}       hard    nofile   {$limit}";
    }
    @file_put_contents("/etc/security/limits.conf", @implode("\n", $T) . "\n");
    $L = array();
    $T = array();
    $MEMORY = $unix->MEM_TOTAL_INSTALLEE();
    $server_names_hash_bucket_size = 128;
    $worker_connections = 8192;
    if ($MEMORY < 624288) {
        $server_names_hash_bucket_size = 64;
        $worker_connections = 1024;
        $workers = 4;
    }
    $mail_protocols = mail_protocols();
    //
    $f[] = "# Builded on " . date("Y-m-d H:i:s");
    $f[] = "user   {$APACHE_USER};";
    $f[] = "worker_processes  {$workers};";
    $nginx_version = nginx_version();
    preg_match("#^([0-9])+\\.([0-9]+)\\.#", $nginx_version, $re);
    $re[1] = intval($re[1]);
    $re[2] = intval($re[2]);
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: Nginx, Major {$re[1]} Minor:{$re[2]}\n";
    }
    $syslog = false;
    $f[] = "worker_rlimit_nofile 16384;";
    $f[] = "timer_resolution 1ms;";
    $f[] = "";
    if ($re[1] > 0) {
        if ($re[2] > 6) {
            $f[] = "error_log syslog:server=127.0.0.1,facility=daemon info;";
            $syslog = true;
        }
    }
    $syslog = false;
    if (!$syslog) {
        $f[] = "error_log  /var/log/nginx/error.log warn;";
    }
    $f[] = "pid        /var/run/nginx.pid;";
    $f[] = "";
    $f[] = "";
    $f[] = "events {";
    $f[] = "    worker_connections  {$worker_connections};";
    $f[] = "    multi_accept  on;";
    $f[] = "    use epoll;";
    $f[] = "\t  accept_mutex_delay 1ms;";
    $f[] = "}";
    $upstream = new nginx_upstream();
    $upstreams_servers = $upstream->build();
    $f[] = "";
    $f[] = "";
    $f[] = "http {";
    $f[] = "\tinclude /etc/nginx/mime.types;";
    $f[] = "\tlog_format  awc_log";
    $f[] = "\t\t'[\$server_name] \$remote_addr - \$remote_user [\$time_local] \$request '";
    $f[] = "\t\t'\"\$status\" \$body_bytes_sent \"\$http_referer\" '";
    $f[] = "\t\t'\"\$http_user_agent\" \"\$http_x_forwarded_for\" [\$upstream_cache_status]';";
    $f[] = "";
    $f[] = "\tlimit_conn_zone \$binary_remote_addr zone=LimitCnx:10m;";
    $q = new mysql_squid_builder();
    $results = $q->QUERY_SQL("SELECT LimitReqs,servername FROM reverse_www WHERE LimitReqs > 0");
    while ($ligne = mysql_fetch_array($results, MYSQL_ASSOC)) {
        $servername = $ligne["servername"];
        $ZoneName = str_replace(".", "", $servername);
        $ZoneName = str_replace("-", "", $servername);
        $ZoneName = str_replace("_", "", $servername);
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: Nginx, limit {$servername}/{$servername} {$ligne["LimitReqs"]}r/s\n";
        }
        $f[] = "\tlimit_req_zone  \$binary_remote_addr  zone={$ZoneName}:10m   rate={$ligne["LimitReqs"]}r/s;";
    }
    $nginxClass = new nginx();
    if ($nginxClass->IsSubstitutions()) {
        //$f[]="\tsubs_filter_types text/html text/css text/xml;";
    }
    @mkdir($Tempdir, 0775, true);
    @mkdir("/home/nginx/tmp", 0755, true);
    $f[] = "\tlimit_conn_log_level info;";
    $f[] = "\tclient_body_temp_path {$Tempdir} 1 2;";
    $f[] = "\tclient_header_timeout 5s;";
    $f[] = "\tclient_body_timeout 5s;";
    $f[] = "\tsend_timeout 10m;";
    $f[] = "\tconnection_pool_size 128k;";
    $f[] = "\tclient_header_buffer_size 16k;";
    $f[] = "\tlarge_client_header_buffers 1024 128k;";
    $f[] = "\trequest_pool_size 128k;";
    $f[] = "\tkeepalive_requests 1000;";
    $f[] = "\tkeepalive_timeout 10;";
    $f[] = "\tclient_max_body_size 10g;";
    $f[] = "\tclient_body_buffer_size 1m;";
    $f[] = "\tclient_body_in_single_buffer on;";
    $f[] = "\topen_file_cache max=10000 inactive=300s;";
    $f[] = "\treset_timedout_connection on;";
    $f[] = "\ttypes_hash_max_size 8192;";
    $f[] = "\tserver_names_hash_bucket_size 128;";
    $f[] = "\tserver_names_hash_max_size 512;";
    $f[] = "\tvariables_hash_max_size 512;";
    $f[] = "\tvariables_hash_bucket_size 128;";
    $f[] = "\tfastcgi_buffers 8 16k;";
    $f[] = "\tfastcgi_buffer_size 32k;";
    $f[] = "\tfastcgi_connect_timeout 300;";
    $f[] = "\tfastcgi_send_timeout 300;";
    $f[] = "\tfastcgi_read_timeout 300;";
    $f[] = "map \$scheme \$server_https {";
    $f[] = "default off;";
    $f[] = "https on;";
    $f[] = "}\t";
    $f[] = "\tgzip on;";
    $f[] = "\tgzip_disable msie6;";
    $f[] = "\tgzip_static on;";
    $f[] = "\tgzip_min_length 1100;";
    $f[] = "\tgzip_buffers 16 8k;";
    $f[] = "\tgzip_comp_level 9;";
    $f[] = "\tgzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript;";
    $f[] = "\tgzip_vary on;";
    $f[] = "\tgzip_proxied any;";
    $f[] = "\toutput_buffers 1000 128k;";
    $f[] = "\tpostpone_output 1460;";
    $f[] = "\tsendfile on;";
    $f[] = "\tsendfile_max_chunk 256k;";
    $f[] = "\ttcp_nopush on;";
    $f[] = "\ttcp_nodelay on;";
    $f[] = "\tserver_tokens off;";
    $dns = new resolv_conf();
    $sock = new sockets();
    if ($sock->dnsmasq_enabled()) {
        $resolver[] = "127.0.0.1";
    }
    if ($dns->MainArray["DNS1"] != null) {
        $resolver[] = $dns->MainArray["DNS1"];
    }
    if ($dns->MainArray["DNS2"] != null) {
        $resolver[] = $dns->MainArray["DNS2"];
    }
    if ($dns->MainArray["DNS3"] != null) {
        $resolver[] = $dns->MainArray["DNS3"];
    }
    $f[] = "\tresolver " . @implode(" ", $resolver) . ";";
    $f[] = "\tignore_invalid_headers on;";
    $f[] = "\tindex index.html;";
    $f[] = "\tadd_header X-CDN \"Served by myself\";";
    $q = new mysql_squid_builder();
    $sql = "SELECT * FROM nginx_caches  ORDER BY directory";
    $results = $q->QUERY_SQL($sql);
    while ($ligne = mysql_fetch_array($results, MYSQL_ASSOC)) {
        $directory = $ligne["directory"];
        @mkdir($directory, 0755, true);
        $unix->chown_func("www-data", "www-data", $directory);
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: Nginx, cache `{$directory}`\n";
        }
        $f[] = "\tproxy_cache_path {$directory} levels={$ligne["levels"]} keys_zone={$ligne["keys_zone"]}:{$ligne["keys_zone_size"]}m max_size={$ligne["max_size"]}G  inactive={$ligne["inactive"]} loader_files={$ligne["loader_files"]} loader_sleep={$ligne["loader_sleep"]} loader_threshold={$ligne["loader_threshold"]};";
    }
    $f[] = "\tproxy_temp_path {$NginxProxyStorePath}/tmp/ 1 2;";
    $f[] = "\tproxy_cache_valid 404 10m;";
    $f[] = "\tproxy_cache_valid 400 501 502 503 504 1m;";
    $f[] = "\tproxy_cache_valid any 4320m;";
    $f[] = "\tproxy_cache_use_stale updating invalid_header error timeout http_404 http_500 http_502 http_503 http_504;";
    $f[] = "\tproxy_next_upstream error timeout invalid_header http_404 http_500 http_502 http_503 http_504;";
    $f[] = "\tproxy_redirect off;";
    $f[] = "\tproxy_set_header Host \$http_host;";
    $f[] = "\tproxy_set_header Server Apache;";
    $f[] = "\tproxy_set_header Connection Close;";
    $f[] = "\tproxy_pass_header Set-Cookie;";
    $f[] = "\tproxy_pass_header User-Agent;";
    $f[] = "\tproxy_set_header X-Accel-Buffering on;";
    $f[] = "\tproxy_hide_header X-CDN;";
    $f[] = "\tproxy_hide_header X-Server;";
    $f[] = "\tproxy_intercept_errors off;";
    $f[] = "\tproxy_ignore_client_abort on;";
    $f[] = "\tproxy_connect_timeout 60s;";
    $f[] = "\tproxy_send_timeout 60s;";
    $f[] = "\tproxy_read_timeout 150s;";
    $f[] = "\tproxy_buffer_size 64k;";
    $f[] = "\tproxy_buffers 16384 128k;";
    $f[] = "\tproxy_busy_buffers_size 256k;";
    $f[] = "\tproxy_temp_file_write_size 128k;";
    $f[] = "\tproxy_headers_hash_bucket_size 128;";
    $f[] = "\tproxy_cache_min_uses 0;";
    $f[] = "";
    $f[] = "{$upstreams_servers}";
    $f[] = "\tinclude /etc/nginx/sites-enabled/*.conf;";
    $f[] = "\tinclude /etc/nginx/local-sites/*.conf;";
    $f[] = "\tinclude /etc/nginx/conf.d/*.conf;";
    $f[] = "\t}";
    $f[] = $mail_protocols;
    $f[] = "";
    @copy("/etc/nginx/nginx.conf", "/etc/nginx/nginx.bak");
    @file_put_contents("/etc/nginx/nginx.conf", @implode("\n", $f));
    if (!$OnlySingle) {
        if ($GLOBALS["VERBOSE"]) {
            echo __FUNCTION__ . "." . __LINE__ . ": OK...\n";
        }
        build_progress("Building default configuration", 10);
        build_default(true);
        build_localhosts();
        if ($GLOBALS["VERBOSE"]) {
            echo __FUNCTION__ . "." . __LINE__ . ": OK...\n";
        }
    } else {
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: Nginx, Only single defined\n";
        }
    }
    if ($GLOBALS["RECONFIGURE"]) {
        $pid = PID_NUM();
        if (is_numeric($pid)) {
            if ($GLOBALS["OUTPUT"]) {
                echo "Starting......: " . date("H:i:s") . " [INIT]: Nginx, reload pid {$pid}\n";
            }
            $kill = $unix->find_program("kill");
            unix_system_HUP($pid);
        } else {
            start(true);
        }
    }
    build_progress("Building configuration done", 10);
}
Esempio n. 30
0
function TemplatesInMysql($aspid = false)
{
    $unix = new unix();
    $pidpath = "/etc/artica-postfix/pids/" . basename(__FILE__) . "." . __FUNCTION__ . ".pid";
    $pidtime = "/etc/artica-postfix/pids/" . basename(__FILE__) . "." . __FUNCTION__ . ".time";
    if (!$aspid) {
        $pid = $unix->get_pid_from_file($pidpath);
        if ($unix->process_exists($pid)) {
            return;
        }
    }
    @file_put_contents($pidpath, getmypid());
    EventsWatchdog("writing /etc/artica-postfix/SQUID_TEMPLATE_DONE");
    @file_put_contents("/etc/artica-postfix/SQUID_TEMPLATE_DONE", time());
    @file_put_contents("/etc/artica-postfix/SQUID_TEMPLATE_DONEv2", time());
    $sock = new sockets();
    $SquidTemplateSimple = $sock->GET_INFO("SquidTemplateSimple");
    if (!is_numeric($SquidTemplateSimple)) {
        $SquidTemplateSimple = 1;
    }
    if ($SquidTemplateSimple == 1) {
        $unix = new unix();
        $php = $unix->LOCATE_PHP5_BIN();
        $nohup = $unix->find_program("nohup");
        $by = "--FUNC-" . __FUNCTION__ . "-L-" . __LINE__;
        shell_exec("{$nohup} {$php} /usr/share/artica-postfix/exec.squid.templates.php {$by} >/dev/null 2>&1 &");
        return;
    }
    $TimeExec = $unix->file_time_min($pidtime);
    if (!$GLOBALS["FORCE"]) {
        if ($TimeExec < 240) {
            return;
        }
    }
    $users = new usersMenus();
    $sock = new sockets();
    $EnableRemoteStatisticsAppliance = $sock->GET_INFO("EnableRemoteStatisticsAppliance");
    $EnableWebProxyStatsAppliance = $sock->GET_INFO("EnableWebProxyStatsAppliance");
    if (!is_numeric($EnableWebProxyStatsAppliance)) {
        $EnableWebProxyStatsAppliance = 0;
    }
    if (!is_numeric($EnableRemoteStatisticsAppliance)) {
        $EnableRemoteStatisticsAppliance = 0;
    }
    $UnlockWebStats = $sock->GET_INFO("UnlockWebStats");
    if (!is_numeric($UnlockWebStats)) {
        $UnlockWebStats = 0;
    }
    if ($UnlockWebStats == 1) {
        $EnableRemoteStatisticsAppliance = 0;
    }
    if ($EnableRemoteStatisticsAppliance == 1) {
        if (!$users->CORP_LICENSE) {
            if (!is_file("/etc/artica-postfix/SQUID_TEMPLATE_DONE")) {
                DefaultTemplatesInArtica();
                return;
            }
        }
        EventsWatchdog("Using the Web statistics appliance to get template files");
        if ($GLOBALS["VERBOSE"]) {
            echo "Use the Web statistics appliance to get template files...\n";
        }
        TemplatesInMysql_remote();
        return;
    }
    @mkdir("/etc/artica-postfix", 0755, true);
    $base = "/usr/share/squid-langpack";
    @mkdir($base, 0755, true);
    if (!is_dir("{$base}/templates")) {
        @mkdir("{$base}/templates", 0755, true);
    }
    $headerTemp = @file_get_contents(dirname(__FILE__) . "/ressources/databases/squid.default.header.db");
    $q = new mysql_squid_builder();
    if (!$q->BD_CONNECT(true)) {
        squid_admin_mysql(2, "Error, unable to connect to MySQL", __FILE__, __LINE__);
        if (!$users->CORP_LICENSE) {
            DefaultTemplatesInArtica();
        }
        return;
    }
    $sql = "CREATE TABLE IF NOT EXISTS `squidtpls` (\n\t\t\t  `zmd5` CHAR(32)  NOT NULL,\n\t\t\t  `template_name` varchar(128)  NOT NULL,\n\t\t\t  `template_body` LONGTEXT  NOT NULL,\n\t\t\t  `template_header` LONGTEXT  NOT NULL,\n\t\t\t  `template_title` varchar(255)  NOT NULL,\n\t\t\t  `template_time` TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,\n\t\t\t  `template_link` smallint(1) NOT NULL,\n\t\t\t  `template_uri` varchar(255)  NOT NULL,\n\t\t\t  `lang` varchar(5)  NOT NULL,\n\t\t\t  PRIMARY KEY (`zmd5`),\n\t\t\t  KEY `template_name` (`template_name`,`lang`),\n\t\t\t  KEY `template_title` (`template_title`),\n\t\t\t  KEY `template_time` (`template_time`),\n\t\t\t  KEY `template_link` (`template_link`),\n\t\t\t  FULLTEXT KEY `template_body` (`template_body`)\n\t\t\t)  ENGINE = MYISAM;";
    $q->QUERY_SQL($sql);
    if ($q->COUNT_ROWS("squidtpls") == 0) {
        if (!is_file("/etc/artica-postfix/SQUID_TEMPLATE_DONE")) {
            squid_admin_mysql(2, "Ask to build default templates squidtpls=0", null, __FILE__, __LINE__);
            DefaultTemplatesInArtica();
        }
    }
    if (!$users->CORP_LICENSE) {
        if (!is_file("/etc/artica-postfix/SQUID_TEMPLATE_DONE")) {
            squid_admin_mysql(2, "Ask to build default templates - no license -", null, __FILE__, __LINE__);
            DefaultTemplatesInArtica();
            return;
        }
    }
    $sql = "SELECT * FROM squidtpls";
    $results = $q->QUERY_SQL($sql);
    if (!$q->ok) {
        squid_admin_mysql(1, "MySQL Error on templates", $q->mysql_error, __FILE__, __LINE__);
        ufdbguard_admin_events("Fatal,{$q->mysql_error}", __FUNCTION__, __FILE__, __LINE__, "proxy");
        return;
    }
    $c = 0;
    while ($ligne = mysql_fetch_assoc($results)) {
        $ligne["template_header"] = stripslashes($ligne["template_header"]);
        $ligne["template_title"] = stripslashes($ligne["template_title"]);
        $ligne["template_body"] = stripslashes($ligne["template_body"]);
        $template_name = $ligne["template_name"];
        if ($ligne["template_link"] == 1) {
            continue;
        }
        $header = trim($ligne["template_header"]);
        if ($header == null) {
            $header = $headerTemp;
        }
        if ($GLOBALS["VERBOSE"]) {
            echo "Template: `{$template_name}`: {$ligne["template_title"]}\n";
        }
        if (!preg_match("#^ERR_.+#", $ligne["template_name"])) {
            $ligne["template_name"] = "ERR_" . $ligne["template_name"];
        }
        $filename2 = null;
        $ligne["template_body"] = utf8_encode($ligne["template_body"]);
        $ligne["template_title"] = utf8_encode($ligne["template_title"]);
        $filename = "{$base}/{$ligne["lang"]}/{$ligne["template_name"]}";
        if ($ligne["lang"] == "en") {
            $filename2 = "/usr/share/squid-langpack/templates/{$ligne["template_name"]}";
        }
        $newheader = str_replace("{TITLE}", $ligne["template_title"], $header);
        $templateDatas = "{$newheader}{$ligne["template_body"]}</body></html>";
        if ($GLOBALS["VERBOSE"]) {
            echo "Template: `{$template_name}`: Path `{$filename}`\n";
        }
        if ($ligne["emptytpl"] == 1) {
            $templateDatas = "<html><head></head><body></body></html>";
        }
        if ($GLOBALS["VERBOSE"]) {
            echo "Template: `{$template_name}`: {$ligne["lang"]}\n";
        }
        if (is_numeric($ligne["lang"])) {
            $ligne["lang"] = "en";
        }
        @mkdir(dirname($filename), 0755, true);
        @file_put_contents($filename, $templateDatas);
        if ($filename2 != null) {
            @file_put_contents($filename2, $templateDatas);
            $unix->chown_func("squid", "squid", "{$filename2}");
        }
        @file_put_contents("{$base}/{$ligne["lang"]}/{$ligne["template_name"]}", $templateDatas);
        $unix->chown_func("squid", "squid", "{$base}/{$ligne["lang"]}/{$ligne["template_name"]}");
        $unix->chown_func("squid", "squid", "{$filename}");
        $c++;
        if ($ligne["lang"] == "en") {
            if ($GLOBALS["VERBOSE"]) {
                echo "Writing {$base}/{$ligne["template_name"]}\n";
            }
            @file_put_contents("{$base}/{$ligne["template_name"]}", $templateDatas);
            $unix->chown_func("squid:squid", null, "{$base}/templates/{$ligne["template_name"]}");
        } else {
            if (!IfTemplateExistsinEn($template_name)) {
                @mkdir("{$base}/en", 0755, true);
                @file_put_contents("{$base}/en/{$ligne["template_name"]}", $templateDatas);
                $unix->chown_func("squid:squid", null, "{$base}/en/{$ligne["template_name"]}");
            }
        }
    }
    $sql = "SELECT * FROM squidtpls WHERE emptytpl=1";
    $results = $q->QUERY_SQL($sql);
    while ($ligne = mysql_fetch_assoc($results)) {
        if (is_numeric($ligne["lang"])) {
            $ligne["lang"] = "en";
        }
        if (!preg_match("#^ERR_.+#", $ligne["template_name"])) {
            $ligne["template_name"] = "ERR_" . $ligne["template_name"];
        }
        $filename = "{$base}/{$ligne["lang"]}/{$ligne["template_name"]}";
        $templateDatas = "<html><head></head><body></body></html>";
        @mkdir(dirname($filename), 0755, true);
        @file_put_contents($filename, $templateDatas);
        @file_put_contents("{$base}/{$ligne["lang"]}/{$ligne["template_name"]}", $templateDatas);
        $unix->chown_func("squid", "squid", "{$base}/{$ligne["lang"]}/{$ligne["template_name"]}");
        $unix->chown_func("squid", "squid", "{$filename}");
    }
    $unix = new unix();
    $tar = $unix->find_program("tar");
    $unix->chown_func("squid", "squid", "{$base}/*");
    chdir($base);
    shell_exec("{$tar} -czf " . dirname(__FILE__) . "/ressources/databases/squid-lang-pack.tgz *");
    if ($EnableWebProxyStatsAppliance == 1) {
        if ($GLOBALS["VERBOSE"]) {
            echo "-> notify_remote_proxys()\n";
        }
        notify_remote_proxys("SQUID_LANG_PACK");
        if ($GLOBALS["VERBOSE"]) {
            echo "This is a statistics appliance, aborting next step\n";
        }
        return;
    }
    squid_admin_mysql(2, "{$c} web pages templates saved", "no information", __FILE__, __LINE__);
    Reload_Squid();
}