function ApacheAccount()
{
$unix = new unix();
$array = array($unix->APACHE_SRC_ACCOUNT(), $unix->APACHE_SRC_GROUP());
echo "<articadatascgi>" . base64_encode(serialize($array)) . "</articadatascgi>";
return;
}
function build()
{
$unix = new unix();
$sock = new sockets();
$users = new usersMenus();
$APACHE_MODULES_PATH = $users->APACHE_MODULES_PATH;
if ($GLOBALS["OUTPUT"]) {
echo "Configuring...: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Apache modules in \"{$APACHE_MODULES_PATH}\"\n";
}
$ZarafaApachePort = $sock->GET_INFO("ZarafaApachePort");
$ZarafaApacheSSL = $sock->GET_INFO("ZarafaApacheSSL");
$LighttpdArticaDisableSSLv2 = $sock->GET_INFO("LighttpdArticaDisableSSLv2");
$ZarafaWebNTLM = $sock->GET_INFO("ZarafaWebNTLM");
$ZarafaApacheServerName = $sock->GET_INFO("ZarafaApacheServerName");
if (!is_numeric($ZarafaWebNTLM)) {
$ZarafaWebNTLM = 0;
}
if (!is_numeric($LighttpdArticaDisableSSLv2)) {
$LighttpdArticaDisableSSLv2 = 0;
}
if (!is_numeric($ZarafaApacheSSL)) {
$ZarafaApacheSSL = 0;
}
if (!is_numeric($ZarafaApachePort)) {
$ZarafaApachePort = 9010;
}
$ZarafaApachePHPFPMEnable = $sock->GET_INFO("ZarafaApachePHPFPMEnable");
if (!is_numeric($ZarafaApachePHPFPMEnable)) {
$ZarafaApachePHPFPMEnable = 0;
}
if ($ZarafaApacheServerName == null) {
$ZarafaApacheServerName = $unix->hostname_g();
}
if (!is_dir('/usr/share/php/mapi')) {
if (is_dir('/usr/local/share/php/mapi')) {
@mkdir("/usr/share/php", 0755, true);
shell_exec('/bin/ln -s /usr/local/share/php/mapi /usr/share/php/mapi');
}
}
$username = $unix->APACHE_SRC_ACCOUNT();
$group = $unix->APACHE_SRC_GROUP();
if ($GLOBALS["OUTPUT"]) {
echo "Configuring...: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} logs access: /var/log/apache-zarafa/access.log\n";
}
if ($GLOBALS["OUTPUT"]) {
echo "Configuring...: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} logs error : /var/log/apache-zarafa/error.log\n";
}
@unlink("/var/log/apache-zarafa/access.log");
@unlink("/var/log/apache-zarafa/error.log");
@touch("/var/log/apache-zarafa/access.log");
@touch("/var/log/apache-zarafa/access.log");
@mkdir("/var/run/apache2", 0755, true);
@mkdir("/var/run/artica-apache", 0755, true);
@mkdir('/var/run/zarafa-web', 0755, true);
@mkdir('/var/log/apache-zarafa', 0755, true);
@mkdir('/var/lib/zarafa-webaccess/tmp', 0755, true);
$unix->chown_func($username, $group, "/var/log/apache-zarafa/access.log");
$unix->chown_func($username, $group, "/var/log/apache-zarafa/error.log");
$unix->chown_func($username, $group, "/var/run/apache2");
$unix->chown_func($username, $group, "/var/run/artica-apache");
$unix->chown_func($username, $group, "/var/run/zarafa-web");
$unix->chown_func($username, $group, "/var/log/apache-zarafa");
$unix->chown_func($username, $group, "/var/lib/zarafa-webaccess");
$unix->chmod_func(0777, "/var/lib/zarafa-webaccess/tmp");
$unix->chown_func($username, $group, "/usr/share/zarafa-webaccess/plugins/*");
if ($ZarafaApacheSSL == 1) {
if (is_file("{$APACHE_MODULES_PATH}/mod_ssl.so")) {
if (!is_file("/etc/ssl/certs/zarafa/apache.crt.nopass.cert")) {
shell_exec("/usr/share/artica-postfix/bin/artica-install --zarafa-apache-certificates");
}
$f[] = "LoadModule ssl_module /usr/lib/apache2/modules/mod_ssl.so";
$f[] = "SSLEngine on";
$f[] = "SSLCertificateFile /etc/ssl/certs/zarafa/apache.crt.nopass.cert";
$f[] = "SSLCertificateKeyFile /etc/ssl/certs/zarafa/apache-ca.key.nopass.key";
if ($LighttpdArticaDisableSSLv2 == 1) {
$f[] = "SSLProtocol -ALL +SSLv3 +TLSv1";
$f[] = "SSLCipherSuite ALL:!aNULL:!ADH:!eNULL:!LOW:!EXP:RC4+RSA:+HIGH:+MEDIUM";
}
$f[] = "SSLRandomSeed connect builtin";
$f[] = "SSLRandomSeed startup file:/dev/urandom 256";
$f[] = "SSLRandomSeed connect file:/dev/urandom 256";
$f[] = "AddType application/x-x509-ca-cert .crt";
$f[] = "AddType application/x-pkcs7-crl .crl";
$f[] = "SSLPassPhraseDialog builtin";
$f[] = "SSLSessionCache shmcb:/var/run/apache2/ssl_scache-zarafa(512000)";
$f[] = "SSLSessionCacheTimeout 300";
$f[] = "SSLVerifyClient none";
$f[] = "ServerSignature Off";
}
}
$SET_MODULES = SET_MODULES();
$FreeWebPerformances = unserialize(base64_decode($sock->GET_INFO("ZarafaApachePerformances")));
if (!is_numeric($FreeWebPerformances["Timeout"])) {
$FreeWebPerformances["Timeout"] = 300;
}
if (!is_numeric($FreeWebPerformances["KeepAlive"])) {
$FreeWebPerformances["KeepAlive"] = 0;
}
if (!is_numeric($FreeWebPerformances["MaxKeepAliveRequests"])) {
$FreeWebPerformances["MaxKeepAliveRequests"] = 100;
}
if (!is_numeric($FreeWebPerformances["KeepAliveTimeout"])) {
$FreeWebPerformances["KeepAliveTimeout"] = 15;
}
if (!is_numeric($FreeWebPerformances["MinSpareServers"])) {
$FreeWebPerformances["MinSpareServers"] = 5;
}
if (!is_numeric($FreeWebPerformances["MaxSpareServers"])) {
$FreeWebPerformances["MaxSpareServers"] = 10;
}
if (!is_numeric($FreeWebPerformances["StartServers"])) {
$FreeWebPerformances["StartServers"] = 5;
}
if (!is_numeric($FreeWebPerformances["MaxClients"])) {
$FreeWebPerformances["MaxClients"] = 50;
}
if (!is_numeric($FreeWebPerformances["MaxRequestsPerChild"])) {
$FreeWebPerformances["MaxRequestsPerChild"] = 10000;
}
$f[] = "Timeout {$FreeWebPerformances["Timeout"]}";
$f[] = "KeepAlive {$FreeWebPerformances["KeepAlive"]}";
$f[] = "KeepAliveTimeout {$FreeWebPerformances["KeepAliveTimeout"]}";
$f[] = "StartServers {$FreeWebPerformances["StartServers"]}";
$f[] = "MaxClients {$FreeWebPerformances["MaxClients"]}";
$f[] = "MinSpareServers {$FreeWebPerformances["MinSpareServers"]}";
$f[] = "MaxSpareServers {$FreeWebPerformances["MaxSpareServers"]}";
$f[] = "MaxRequestsPerChild {$FreeWebPerformances["MaxRequestsPerChild"]}";
$f[] = "MaxKeepAliveRequests {$FreeWebPerformances["MaxKeepAliveRequests"]}";
$f[] = "ServerLimit\t\t {$FreeWebPerformances["MaxClients"]}";
$f[] = "AcceptMutex \t\t flock";
$ZarafaApacheWebMailType = $sock->GET_INFO("ZarafaApacheWebMailType");
//$ZarafaApacheWebMailTypeA["APP_ZARAFA"]="{APP_ZARAFA}";
//$ZarafaApacheWebMailTypeA["APP_ZARAFA_WEBAPP"]="{APP_ZARAFA_WEBAPP}";
if ($ZarafaApacheWebMailType == null) {
$ZarafaApacheWebMailType = "APP_ZARAFA";
}
$f[] = $SET_MODULES;
$f[] = "<IfModule !mpm_netware_module>";
$f[] = " <IfModule !mpm_winnt_module>";
$f[] = " User {$username}";
$f[] = " Group {$group}";
$f[] = " </IfModule>";
$f[] = "</IfModule>";
$f[] = "ServerAdmin you@example.com";
$f[] = "ServerName {$ZarafaApacheServerName}";
if ($ZarafaApacheWebMailType == "APP_ZARAFA_WEBAPP") {
if (!is_dir("/usr/share/zarafa-webapp")) {
$ZarafaApacheWebMailType = "APP_ZARAFA";
}
}
if ($ZarafaApacheWebMailType == "APP_ZARAFA") {
$DocumentRoot = "/usr/share/zarafa-webaccess";
}
if ($ZarafaApacheWebMailType == "APP_ZARAFA_WEBAPP") {
$free = new freeweb();
$free->InstallZarafaConfigWebAPP("/usr/share/zarafa-webapp");
$DocumentRoot = "/usr/share/zarafa-webapp";
}
if ($GLOBALS["OUTPUT"]) {
echo "Configuring...: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} WebMail \"{$ZarafaApacheWebMailType}\"\n";
}
$f[] = "ServerRoot \"{$DocumentRoot}\"";
$f[] = "Listen {$ZarafaApachePort}";
$f[] = "User {$username}";
$f[] = "Group {$group}";
$f[] = "PidFile /var/run/zarafa-web/httpd.pid";
$f[] = "DocumentRoot \"{$DocumentRoot}\"";
$f[] = "<Directory {$DocumentRoot}/>";
if ($ZarafaWebNTLM == 1) {
$ldap = new clladp();
$f[] = " AuthName \"Zarafa logon..\"";
$f[] = " AuthType Basic";
$f[] = " AuthLDAPURL ldap://{$ldap->ldap_host}:{$ldap->ldap_port}/dc=organizations,{$ldap->suffix}?uid";
$f[] = " AuthLDAPBindDN cn={$ldap->ldap_admin},{$ldap->suffix}";
$f[] = " AuthLDAPBindPassword {$ldap->ldap_password}";
$f[] = " AuthLDAPGroupAttribute memberUid";
$f[] = " AuthBasicProvider ldap";
$f[] = " AuthzLDAPAuthoritative off";
$f[] = " require valid-user";
}
if ($ZarafaApachePHPFPMEnable == 0) {
$f[] = " php_value magic_quotes_gpc 0";
$f[] = " php_value register_globals 0";
$f[] = " php_value magic_quotes_runtime 0";
$f[] = " php_value post_max_size 31M";
$f[] = " php_value include_path \".:/usr/share/php:/usr/share/php5:/usr/local/share/php\"";
$f[] = " php_value upload_max_filesize 30M";
$f[] = " php_value short_open_tag 1";
$f[] = " php_flag log_errors on";
$f[] = " php_value safe_mode 0";
$f[] = " php_flag log_errors on";
$f[] = " php_value error_log \"/var/log/apache-zarafa/php.log\"";
}
$f[] = " DirectoryIndex index.php";
$f[] = " Options -Indexes +FollowSymLinks";
$f[] = " AllowOverride Options";
$f[] = " Order allow,deny";
$f[] = " Allow from all";
$f[] = "</Directory>";
if ($ZarafaApachePHPFPMEnable == 1) {
$php = $unix->LOCATE_PHP5_BIN();
if (!$unix->is_socket("/var/run/php-fpm-zarafa.sock")) {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: /var/run/php-fpm-zarafa.sock no such socket\n";
}
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Activate PHP5-FPM\n";
}
shell_exec("{$php} /usr/share/artica-postfix/exec.initslapd.php --phppfm");
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Restarting PHP5-FPM\n";
}
shell_exec("/etc/init.d/php5-fpm restart");
}
$f[] = "\tAlias /php5.fastcgi /var/run/artica-apache/php5.fastcgi";
$f[] = "\tAddHandler php-script .php";
$f[] = "\tFastCGIExternalServer /var/run/artica-apache/php5.fastcgi -socket /var/run/php-fpm-zarafa.sock -idle-timeout 610";
$f[] = "\tAction php-script /php5.fastcgi virtual";
$f[] = "\t<Directory /var/run/artica-apache>";
$f[] = "\t\t<Files php5.fastcgi>";
$f[] = "\t\tOrder deny,allow";
$f[] = "\t\tAllow from all";
$f[] = "\t\t</Files>";
$f[] = "\t</Directory>";
} else {
if ($GLOBALS["OUTPUT"]) {
echo "Configuring...: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} PHP5-FPM is disabled\n";
}
}
$f[] = "<IfModule dir_module>";
$f[] = " DirectoryIndex index.php";
$f[] = "</IfModule>";
$f[] = "";
$f[] = "";
$f[] = "<FilesMatch \"^\\.ht\">";
$f[] = " Order allow,deny";
$f[] = " Deny from all";
$f[] = " Satisfy All";
$f[] = "</FilesMatch>";
$f[] = "<IfModule mod_php5.c>";
$f[] = " <FilesMatch \"\\.ph(p3?|tml)\$\">";
$f[] = "\tSetHandler application/x-httpd-php";
$f[] = " </FilesMatch>";
$f[] = " <FilesMatch \"\\.phps\$\">";
$f[] = "\tSetHandler application/x-httpd-php-source";
$f[] = " </FilesMatch>";
$f[] = " # To re-enable php in user directories comment the following lines";
$f[] = " # (from <IfModule ...> to </IfModule>.) Do NOT set it to On as it";
$f[] = " # prevents .htaccess files from disabling it.";
$f[] = " <IfModule mod_userdir.c>";
$f[] = " <Directory /home/*/public_html>";
$f[] = " php_admin_value engine Off";
$f[] = " </Directory>";
$f[] = " </IfModule>";
$f[] = "</IfModule>";
$f[] = "";
$f[] = "";
$f[] = "ErrorLog \"/var/log/apache-zarafa/error.log\"";
$f[] = "LogLevel warn";
$f[] = "";
$f[] = "<IfModule log_config_module>";
$f[] = " LogFormat \"%h %l %u %t \\\"%r\\\" %>s %b \\\"%{Referer}i\\\" \\\"%{User-Agent}i\\\" %V\\\" combinedv";
$f[] = " LogFormat \"%h %l %u %t \\\"%r\\\" %>s %b\" common";
$f[] = "";
$f[] = " <IfModule logio_module>";
$f[] = " LogFormat \"%h %l %u %t \\\"%r\\\" %>s %b \\\"%{Referer}i\\\" \\\"%{User-Agent}i\\\" %I %O\" combinedio";
$f[] = " </IfModule>";
$f[] = "";
$f[] = " CustomLog \"/var/log/apache-zarafa/access.log\" combinedv";
$f[] = "</IfModule>";
$f[] = "";
$f[] = "<IfModule alias_module>";
$f[] = " ScriptAlias /cgi-bin/ \"/usr/local/apache-groupware/data/cgi-bin/\"";
$f[] = " Alias /images /usr/share/obm2/resources";
$f[] = "";
$f[] = "</IfModule>";
$f[] = "";
$f[] = "<IfModule cgid_module>";
$f[] = "";
$f[] = "</IfModule>";
$f[] = "";
$f[] = "";
$f[] = "<Directory \"/usr/local/apache-groupware/data/cgi-bin\">";
$f[] = " AllowOverride None";
$f[] = " Options None";
$f[] = " Order allow,deny";
$f[] = " Allow from all";
$f[] = "</Directory>";
$f[] = "";
$f[] = "";
$f[] = "DefaultType text/plain";
$f[] = "";
$f[] = "<IfModule mime_module>";
$f[] = " ";
$f[] = " TypesConfig /etc/mime.types";
$f[] = " #AddType application/x-gzip .tgz";
$f[] = " AddType application/x-compress .Z";
$f[] = " AddType application/x-gzip .gz .tgz";
$f[] = " AddType application/x-httpd-php .php .phtml";
$f[] = " #AddHandler cgi-script .cgi";
$f[] = " #AddHandler type-map var";
$f[] = " #AddType text/html .shtml";
$f[] = " #AddOutputFilter INCLUDES .shtml";
$f[] = "</IfModule>";
@file_put_contents('/etc/zarafa/httpd.conf', @implode("\n", $f) . "\n");
if ($GLOBALS["OUTPUT"]) {
echo "Configuring...: " . date("H:i:s") . " /etc/zarafa/httpd.conf done\n";
}
}
function extract_tgz($uuid)
{
$unix = new unix();
$workingdir = "/usr/share/artica-postfix/ressources/conf/meta/hosts/uploaded/{$uuid}";
if (is_file("{$workingdir}/status.tgz")) {
$tar = $unix->find_program("tar");
shell_exec("{$tar} -xf {$workingdir}/status.tgz -C {$workingdir}/");
@unlink("{$workingdir}/status.tgz");
}
$unix->chown_func($unix->APACHE_SRC_ACCOUNT(), $unix->APACHE_SRC_GROUP(), "{$workingdir}/*");
if (is_file("{$workingdir}/squid_admin_mysql.db")) {
$q = new mysql_meta();
if (!$q->TABLE_EXISTS("squid_admin_mysql")) {
$q->CheckTables();
}
$data = trim(@file_get_contents("{$workingdir}/squid_admin_mysql.db"));
if ($data != null) {
$q->QUERY_SQL(@file_get_contents("{$workingdir}/squid_admin_mysql.db"));
if (!$q->ok) {
meta_admin_mysql(0, "Failed to import {$workingdir}/squid_admin_mysql.db", $q->mysql_error, __FILE__, __LINE__);
} else {
@unlink("{$workingdir}/squid_admin_mysql.db");
}
} else {
@unlink("{$workingdir}/squid_admin_mysql.db");
}
} else {
if ($GLOBALS["VERBOSE"]) {
echo "{$workingdir}/squid_admin_mysql.db ( no such file )\n";
}
}
if (is_file("{$workingdir}/network_hosts.db")) {
__network_hosts($uuid, "{$workingdir}/network_hosts.db");
} else {
if ($GLOBALS["VERBOSE"]) {
echo "{$workingdir}/network_hosts.db ( no such file )\n";
}
}
global_status_ini($uuid);
}
function apache_config()
{
$sock = new sockets();
$unix = new unix();
$EnablePHPFPM = 0;
$ipaddr = null;
@mkdir("/var/run/apache2", 0755, true);
@mkdir("/var/run/sarg-apache", 0755, true);
@mkdir("/var/log/apache2", 0755, true);
@mkdir(dirname($GLOBALS["APACHE_PID_PATH"]), 0755, true);
$APACHE_SRC_ACCOUNT = $unix->APACHE_SRC_ACCOUNT();
$APACHE_SRC_GROUP = $unix->APACHE_SRC_GROUP();
$APACHE_MODULES_PATH = $unix->APACHE_MODULES_PATH();
$SargOutputDir = $sock->GET_INFO("SargOutputDir");
if ($SargOutputDir == null) {
$SargOutputDir = "/var/www/html/squid-reports";
}
$SargWebPort = intval($sock->GET_INFO("SargWebPort"));
if ($SargWebPort == 0) {
$SargWebPort = rand(55600, 59000);
$sock->SET_INFO("SargWebPort", $SargWebPort);
}
if (is_link($SargOutputDir)) {
$SargOutputDir = @readlink($SargOutputDir);
}
@mkdir($SargOutputDir, 0755, true);
if (!is_file("{$SargOutputDir}/index.html")) {
$php = $unix->LOCATE_PHP5_BIN();
shell_exec("{$php} /usr/share/artica-postfix/exec.sarg.php --exec --force >/dev/null 2>&1 &");
}
if ($ipaddr == null) {
$ipaddr = "*";
}
$phpfpm = $unix->APACHE_LOCATE_PHP_FPM();
$php = $unix->LOCATE_PHP5_BIN();
$EnableArticaApachePHPFPM = $sock->GET_INFO("EnableArticaApachePHPFPM");
if (!is_numeric($EnableArticaApachePHPFPM)) {
$EnableArticaApachePHPFPM = 0;
}
if (!is_file($phpfpm)) {
$EnableArticaApachePHPFPM = 0;
}
$logfile = "/var/log/apache2/apache-sarg-access.log";
$ErrorLog = "/var/log/apache2/apache-sarg-error.log";
$unix->chown_func($APACHE_SRC_ACCOUNT, $APACHE_SRC_GROUP, "/var/run/sarg-apache");
$apache_LOCATE_MIME_TYPES = $unix->apache_LOCATE_MIME_TYPES();
if ($EnableArticaApachePHPFPM == 1) {
if (!is_file("{$APACHE_MODULES_PATH}/mod_fastcgi.so")) {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} mod_fastcgi.so is required to use PHP5-FPM\n";
}
$EnableArticaApachePHPFPM = 0;
}
}
if ($APACHE_SRC_ACCOUNT == null) {
$APACHE_SRC_ACCOUNT = "www-data";
$APACHE_SRC_GROUP = "www-data";
$unix->CreateUnixUser($APACHE_SRC_ACCOUNT, $APACHE_SRC_GROUP, "Apache username");
}
@unlink($ErrorLog);
@unlink($logfile);
if (!is_file("{$logfile}")) {
@touch("{$logfile}");
}
if (!is_file("{$ErrorLog}")) {
@touch("{$ErrorLog}");
}
$unix->chown_func($APACHE_SRC_ACCOUNT, $APACHE_SRC_GROUP, $ErrorLog);
$unix->chown_func($APACHE_SRC_ACCOUNT, $APACHE_SRC_GROUP, $logfile);
$unix->chown_func($APACHE_SRC_ACCOUNT, $APACHE_SRC_GROUP, "/var/run/sarg-apache");
$unix->chown_func($APACHE_SRC_ACCOUNT, $APACHE_SRC_GROUP, "/var/log/apache2");
$unix->chown_func($APACHE_SRC_ACCOUNT, $APACHE_SRC_GROUP, dirname($GLOBALS["APACHE_PID_PATH"]));
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Run as {$APACHE_SRC_ACCOUNT}:{$APACHE_SRC_GROUP}\n";
}
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} HTTP Port: {$ArticaSplashHotSpotPort} SSL Port: {$ArticaSplashHotSpotPortSSL}\n";
}
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} PHP-FPM: {$EnablePHPFPM}\n";
}
$f[] = "LockFile /var/run/apache2/sarg-artica-accept.lock";
$f[] = "PidFile {$GLOBALS["APACHE_PID_PATH"]}";
$f[] = "AcceptMutex flock";
$f[] = "DocumentRoot {$SargOutputDir}";
$f[] = "DirectoryIndex index.html";
$f[] = "ErrorDocument 400 /index.html";
$f[] = "ErrorDocument 401 /index.html";
$f[] = "ErrorDocument 403 /index.html";
$f[] = "ErrorDocument 404 /index.html";
$f[] = "ErrorDocument 500 /index.html";
$f[] = "NameVirtualHost {$ipaddr}:{$SargWebPort}";
$f[] = "Listen {$ipaddr}:{$SargWebPort}";
$f[] = "<VirtualHost {$ipaddr}:{$SargWebPort}>";
$f[] = "\tServerName {$ipaddr}";
$f[] = "\tDocumentRoot {$SargOutputDir}";
$f[] = "</VirtualHost>";
$f[] = "<IfModule mpm_prefork_module>";
$f[] = "</IfModule>";
$f[] = "<IfModule mpm_worker_module>";
$f[] = "\tMinSpareThreads 25";
$f[] = "\tMaxSpareThreads 75 ";
$f[] = "\tThreadLimit 64";
$f[] = "\tThreadsPerChild 25";
$f[] = "</IfModule>";
$f[] = "<IfModule mpm_event_module>";
$f[] = "\tMinSpareThreads 25";
$f[] = "\tMaxSpareThreads 75 ";
$f[] = "\tThreadLimit 64";
$f[] = "\tThreadsPerChild 25";
$f[] = "</IfModule>";
$f[] = "AccessFileName .htaccess";
$f[] = "<Files ~ \"^\\.ht\">";
$f[] = "\tOrder allow,deny";
$f[] = "\tDeny from all";
$f[] = "\tSatisfy all";
$f[] = "</Files>";
$f[] = "DefaultType text/plain";
$f[] = "HostnameLookups Off";
$f[] = "User\t\t\t\t {$APACHE_SRC_ACCOUNT}";
$f[] = "Group\t\t\t\t {$APACHE_SRC_GROUP}";
$f[] = "Timeout 300";
$f[] = "KeepAlive Off";
$f[] = "KeepAliveTimeout 15";
$f[] = "StartServers 1";
$f[] = "MaxClients 50";
$f[] = "MinSpareServers 2";
$f[] = "MaxSpareServers 5";
$f[] = "MaxRequestsPerChild 5000";
$f[] = "MaxKeepAliveRequests 100";
$f[] = "ServerName " . $unix->hostname_g();
$f[] = "<IfModule mod_mime.c>";
$f[] = "\tTypesConfig /etc/mime.types";
$f[] = "\tAddType application/x-compress .Z";
$f[] = "\tAddType application/x-gzip .gz .tgz";
$f[] = "\tAddType application/x-bzip2 .bz2";
$f[] = "\tAddType application/x-httpd-php .php .phtml";
$f[] = "\tAddType application/x-httpd-php-source .phps";
$f[] = "\tAddLanguage ca .ca";
$f[] = "\tAddLanguage cs .cz .cs";
$f[] = "\tAddLanguage da .dk";
$f[] = "\tAddLanguage de .de";
$f[] = "\tAddLanguage el .el";
$f[] = "\tAddLanguage en .en";
$f[] = "\tAddLanguage eo .eo";
$f[] = "\tRemoveType es";
$f[] = "\tAddLanguage es .es";
$f[] = "\tAddLanguage et .et";
$f[] = "\tAddLanguage fr .fr";
$f[] = "\tAddLanguage he .he";
$f[] = "\tAddLanguage hr .hr";
$f[] = "\tAddLanguage it .it";
$f[] = "\tAddLanguage ja .ja";
$f[] = "\tAddLanguage ko .ko";
$f[] = "\tAddLanguage ltz .ltz";
$f[] = "\tAddLanguage nl .nl";
$f[] = "\tAddLanguage nn .nn";
$f[] = "\tAddLanguage no .no";
$f[] = "\tAddLanguage pl .po";
$f[] = "\tAddLanguage pt .pt";
$f[] = "\tAddLanguage pt-BR .pt-br";
$f[] = "\tAddLanguage ru .ru";
$f[] = "\tAddLanguage sv .sv";
$f[] = "\tRemoveType tr";
$f[] = "\tAddLanguage tr .tr";
$f[] = "\tAddLanguage zh-CN .zh-cn";
$f[] = "\tAddLanguage zh-TW .zh-tw";
$f[] = "\tAddCharset us-ascii .ascii .us-ascii";
$f[] = "\tAddCharset ISO-8859-1 .iso8859-1 .latin1";
$f[] = "\tAddCharset ISO-8859-2 .iso8859-2 .latin2 .cen";
$f[] = "\tAddCharset ISO-8859-3 .iso8859-3 .latin3";
$f[] = "\tAddCharset ISO-8859-4 .iso8859-4 .latin4";
$f[] = "\tAddCharset ISO-8859-5 .iso8859-5 .cyr .iso-ru";
$f[] = "\tAddCharset ISO-8859-6 .iso8859-6 .arb .arabic";
$f[] = "\tAddCharset ISO-8859-7 .iso8859-7 .grk .greek";
$f[] = "\tAddCharset ISO-8859-8 .iso8859-8 .heb .hebrew";
$f[] = "\tAddCharset ISO-8859-9 .iso8859-9 .latin5 .trk";
$f[] = "\tAddCharset ISO-8859-10 .iso8859-10 .latin6";
$f[] = "\tAddCharset ISO-8859-13 .iso8859-13";
$f[] = "\tAddCharset ISO-8859-14 .iso8859-14 .latin8";
$f[] = "\tAddCharset ISO-8859-15 .iso8859-15 .latin9";
$f[] = "\tAddCharset ISO-8859-16 .iso8859-16 .latin10";
$f[] = "\tAddCharset ISO-2022-JP .iso2022-jp .jis";
$f[] = "\tAddCharset ISO-2022-KR .iso2022-kr .kis";
$f[] = "\tAddCharset ISO-2022-CN .iso2022-cn .cis";
$f[] = "\tAddCharset Big5 .Big5 .big5 .b5";
$f[] = "\tAddCharset cn-Big5 .cn-big5";
$f[] = "\t# For russian, more than one charset is used (depends on client, mostly):";
$f[] = "\tAddCharset WINDOWS-1251 .cp-1251 .win-1251";
$f[] = "\tAddCharset CP866 .cp866";
$f[] = "\tAddCharset KOI8 .koi8";
$f[] = "\tAddCharset KOI8-E .koi8-e";
$f[] = "\tAddCharset KOI8-r .koi8-r .koi8-ru";
$f[] = "\tAddCharset KOI8-U .koi8-u";
$f[] = "\tAddCharset KOI8-ru .koi8-uk .ua";
$f[] = "\tAddCharset ISO-10646-UCS-2 .ucs2";
$f[] = "\tAddCharset ISO-10646-UCS-4 .ucs4";
$f[] = "\tAddCharset UTF-7 .utf7";
$f[] = "\tAddCharset UTF-8 .utf8";
$f[] = "\tAddCharset UTF-16 .utf16";
$f[] = "\tAddCharset UTF-16BE .utf16be";
$f[] = "\tAddCharset UTF-16LE .utf16le";
$f[] = "\tAddCharset UTF-32 .utf32";
$f[] = "\tAddCharset UTF-32BE .utf32be";
$f[] = "\tAddCharset UTF-32LE .utf32le";
$f[] = "\tAddCharset euc-cn .euc-cn";
$f[] = "\tAddCharset euc-gb .euc-gb";
$f[] = "\tAddCharset euc-jp .euc-jp";
$f[] = "\tAddCharset euc-kr .euc-kr";
$f[] = "\tAddCharset EUC-TW .euc-tw";
$f[] = "\tAddCharset gb2312 .gb2312 .gb";
$f[] = "\tAddCharset iso-10646-ucs-2 .ucs-2 .iso-10646-ucs-2";
$f[] = "\tAddCharset iso-10646-ucs-4 .ucs-4 .iso-10646-ucs-4";
$f[] = "\tAddCharset shift_jis .shift_jis .sjis";
$f[] = "\tAddType text/html .shtml";
$f[] = "\tAddOutputFilter INCLUDES .shtml";
$f[] = "</IfModule>";
//$f[]="Alias /index.php /usr/share/artica-postfix/hotspot.php";
//$f[]="Alias /index.html /usr/share/artica-postfix/hotspot.php";
$f[] = "<Directory \"{$SargOutputDir}\">";
$f[] = "\tDirectorySlash On";
$f[] = "\tDirectoryIndex index.html";
$f[] = "\t\t<Files \"hostpot.php\">";
$f[] = "\t\t\tOrder allow,deny";
$f[] = "\t\t\tallow from all";
$f[] = "\t\t</Files>";
$f[] = "\tErrorDocument 400 /index.html";
$f[] = "\tErrorDocument 401 /index.html";
$f[] = "\tErrorDocument 403 /index.html";
$f[] = "\tErrorDocument 404 /index.html";
$f[] = "\tErrorDocument 500 /index.html";
$f[] = "\tOptions -Indexes";
$f[] = "\tAllowOverride All";
$f[] = "\tOrder allow,deny";
$f[] = "\tAllow from all";
$f[] = "</Directory>";
$f[] = "Loglevel debug";
$f[] = "ErrorLog {$ErrorLog}";
$f[] = "LogFormat \"%h %l %u %t \\\"%r\\\" %<s %b\" common";
$f[] = "CustomLog {$logfile} common";
$array["actions_module"] = "mod_actions.so";
$array["expires_module"] = "mod_expires.so";
$array["rewrite_module"] = "mod_rewrite.so";
$array["dir_module"] = "mod_dir.so";
$array["mime_module"] = "mod_mime.so";
$array["alias_module"] = "mod_alias.so";
$array["auth_basic_module"] = "mod_auth_basic.so";
$array["authz_host_module"] = "mod_authz_host.so";
$array["autoindex_module"] = "mod_autoindex.so";
$array["negotiation_module"] = "mod_negotiation.so";
$array["headers_module"] = "mod_headers.so";
//$array["ldap_module"]="mod_ldap.so";
if (is_dir("/etc/apache2")) {
if (!is_file("/etc/apache2/mime.types")) {
if ($apache_LOCATE_MIME_TYPES != "/etc/apache2/mime.types") {
@copy($apache_LOCATE_MIME_TYPES, "/etc/apache2/mime.types");
}
}
}
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Mime types path.......: {$apache_LOCATE_MIME_TYPES}\n";
}
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Modules path..........: {$APACHE_MODULES_PATH}\n";
}
while (list($module, $lib) = each($array)) {
if (is_file("{$APACHE_MODULES_PATH}/{$lib}")) {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} include module \"{$module}\"\n";
}
$f[] = "LoadModule {$module} {$APACHE_MODULES_PATH}/{$lib}";
} else {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} skip module \"{$module}\"\n";
}
}
}
@file_put_contents($GLOBALS["APACHE_CONFIG_PATH"], @implode("\n", $f));
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} {$GLOBALS["APACHE_CONFIG_PATH"]} done\n";
}
}
function LoagRotateApache()
{
$sock = new sockets();
$unix = new unix();
$ApacheLogRotate = $sock->GET_INFO("ApacheLogRotate");
if (!is_numeric($ApacheLogRotate)) {
$ApacheLogRotate = 1;
}
if ($ApacheLogRotate == 0) {
return;
}
$gzip = $unix->find_program("gzip");
$ligneC = unserialize(base64_decode($sock->GET_INFO("ApacheLogRotateParams")));
if (!is_numeric($ligneC["RotateType"])) {
$ligneC["RotateType"] = 0;
}
if (!is_numeric($ligneC["MaxSize"])) {
$ligneC["MaxSize"] = 100;
}
if (!is_numeric($ligneC["RotateCount"])) {
$ligneC["RotateCount"] = 5;
}
$php5 = $unix->LOCATE_PHP5_BIN();
$q = new mysql();
$sql = "SELECT servername FROM freeweb";
$results = $q->QUERY_SQL($sql, 'artica_backup');
if (mysql_num_rows($results) == 0) {
return;
}
while ($ligne = mysql_fetch_array($results, MYSQL_ASSOC)) {
$servername = $ligne["servername"];
$f = array();
$f[] = "/var/log/apache2/{$servername}/*.log {";
$f[] = "\t{$ligneC["RotateFreq"]}";
$f[] = "\tsu " . $unix->APACHE_SRC_ACCOUNT() . " " . $unix->APACHE_SRC_GROUP();
$f[] = "\tmissingok";
if ($ligneC["MaxSize"] > 0) {
$f[] = "\tsize {$ligneC["MaxSize"]}M";
}
if ($ligneC["RotateCount"] > 0) {
$f[] = "\trotate {$ligneC["RotateCount"]}";
}
$f[] = "\tcompress";
$f[] = "\tsharedscripts";
$f[] = "\tcreate 640 root";
$f[] = "\tdateext";
$f[] = "\tcompressext .gz";
$f[] = "\tcompresscmd {$gzip}";
$f[] = "\tcompressoptions -9";
$f[] = "\textension -TASK-99999";
$f[] = "\tpostrotate";
$f[] = "{$php5} /usr/share/artica-postfix/exec.freeweb.php --reload";
$f[] = "endscript";
$f[] = "}\n";
@file_put_contents("/etc/logrotate.d/rotate-{$servername}", @implode("\n", $f));
}
}
function apache_config()
{
$sock = new sockets();
$unix = new unix();
$EnablePHPFPM = 0;
$APACHE_SRC_ACCOUNT = $unix->APACHE_SRC_ACCOUNT();
$APACHE_SRC_GROUP = $unix->APACHE_SRC_GROUP();
if (preg_match("#APACHE_RUN_GROUP#", $APACHE_SRC_GROUP)) {
$APACHE_SRC_GROUP = "www-data";
}
$LogFilePath = "/var/log/artica-wifidog/access.log";
$directories[] = "/var/run/apache2";
$directories[] = "/var/run/artica-apache";
$directories[] = "/var/log/artica-wifidog";
$directories[] = "/home/artica/hotspot/sessions";
$directories[] = "/home/artica/hotspot/caches";
while (list($index, $maindir) = each($directories)) {
@mkdir($maindir, 0755, true);
@chown($maindir, $APACHE_SRC_ACCOUNT);
@chgrp($maindir, $APACHE_SRC_GROUP);
}
$ErrorLog = dirname($LogFilePath) . "/error.log";
if (!is_file($LogFilePath)) {
@touch($LogFilePath);
}
@chown($LogFilePath, $APACHE_SRC_ACCOUNT);
@chgrp($LogFilePath, $APACHE_SRC_GROUP);
if (!is_file($ErrorLog)) {
@touch($ErrorLog);
}
@chown($ErrorLog, $APACHE_SRC_ACCOUNT);
@chgrp($ErrorLog, $APACHE_SRC_GROUP);
$APACHE_MODULES_PATH = $unix->APACHE_MODULES_PATH();
$HotSpotMaxClients = intval(@file_get_contents("/etc/artica-postfix/settings/Daemons/HotSpotMaxClients"));
$HotSpotStartServers = intval(@file_get_contents("/etc/artica-postfix/settings/Daemons/HotSpotStartServers"));
$HotSpotForceDDOSDisable = intval(@file_get_contents("/etc/artica-postfix/settings/Daemons/HotSpotForceDDOSDisable"));
if ($HotSpotMaxClients == 0) {
$HotSpotMaxClients = 20;
}
if ($HotSpotStartServers == 0) {
$HotSpotStartServers = 5;
}
$EnableArticaHotSpot = $sock->GET_INFO("EnableArticaHotSpot");
$SquidHotSpotPort = $sock->GET_INFO("SquidHotSpotPort");
$ArticaHotSpotPort = $sock->GET_INFO("ArticaHotSpotPort");
$ArticaSSLHotSpotPort = $sock->GET_INFO("ArticaSSLHotSpotPort");
$ArticaSplashHotSpotPort = $sock->GET_INFO("ArticaSplashHotSpotPort");
$ArticaSplashHotSpotPortSSL = $sock->GET_INFO("ArticaSplashHotSpotPortSSL");
if (!is_numeric($ArticaHotSpotPort)) {
$ArticaHotSpotPort = 0;
}
if (!is_numeric($ArticaSplashHotSpotPort)) {
$ArticaSplashHotSpotPort = 16080;
}
if (!is_numeric($ArticaSplashHotSpotPortSSL)) {
$ArticaSplashHotSpotPortSSL = 16443;
}
$ArticaHotSpotInterface = $sock->GET_INFO("ArticaHotSpotInterface");
$HospotHTTPServerName = trim($sock->GET_INFO("HospotHTTPServerName"));
$HotSpotErrorRedirect = $sock->GET_INFO("HotSpotErrorRedirect");
if ($HotSpotErrorRedirect == null) {
$HotSpotErrorRedirect = "http://www.msftncsi.com";
}
$Params = unserialize($sock->GET_INFO("HotSpotEvasive"));
$ApacheEvasiveInstalled = intval($sock->GET_INFO("ApacheEvasiveInstalled"));
if (!is_numeric($Params["DOSEnable"])) {
$Params["DOSEnable"] = 1;
}
if (!is_numeric($Params["DOSHashTableSize"])) {
$Params["DOSHashTableSize"] = 1024;
}
if (!is_numeric($Params["DOSPageCount"])) {
$Params["DOSPageCount"] = 3;
}
if (!is_numeric($Params["DOSSiteCount"])) {
$Params["DOSSiteCount"] = 20;
}
if (!is_numeric($Params["DOSPageInterval"])) {
$Params["DOSPageInterval"] = 1;
}
if (!is_numeric($Params["DOSSiteInterval"])) {
$Params["DOSSiteInterval"] = 10;
}
if (!is_numeric($Params["DOSBlockingPeriod"])) {
$Params["DOSBlockingPeriod"] = 5;
}
$unix = new unix();
$NETWORK_ALL_INTERFACES = $unix->NETWORK_ALL_INTERFACES();
$ipaddr = $NETWORK_ALL_INTERFACES[$ArticaHotSpotInterface]["IPADDR"];
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} HotSpot run as {$ArticaHotSpotInterface} ( {$ipaddr} )\n";
}
if ($ipaddr == "0.0.0.0") {
$ipaddr = "*";
}
if ($ipaddr == null) {
$ipaddr = "*";
}
$GLOBALS["HOSTPOT_WEB_INTERFACE"] = $ipaddr;
$phpfpm = $unix->APACHE_LOCATE_PHP_FPM();
$php = $unix->LOCATE_PHP5_BIN();
$EnableArticaApachePHPFPM = $sock->GET_INFO("EnableArticaApachePHPFPM");
if (!is_numeric($EnableArticaApachePHPFPM)) {
$EnableArticaApachePHPFPM = 0;
}
if (!is_file($phpfpm)) {
$EnableArticaApachePHPFPM = 0;
}
$unix->chown_func($APACHE_SRC_ACCOUNT, $APACHE_SRC_GROUP, "/var/run/artica-apache");
$apache_LOCATE_MIME_TYPES = $unix->apache_LOCATE_MIME_TYPES();
if ($EnableArticaApachePHPFPM == 1) {
if (!is_file("{$APACHE_MODULES_PATH}/mod_fastcgi.so")) {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} mod_fastcgi.so is required to use PHP5-FPM\n";
}
$EnableArticaApachePHPFPM = 0;
}
}
if ($APACHE_SRC_ACCOUNT == null) {
$APACHE_SRC_ACCOUNT = "www-data";
$APACHE_SRC_GROUP = "www-data";
$unix->CreateUnixUser($APACHE_SRC_ACCOUNT, $APACHE_SRC_GROUP, "Apache username");
}
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Run as....: {$APACHE_SRC_ACCOUNT}:{$APACHE_SRC_GROUP}\n";
}
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} HTTP Port.: {$ArticaSplashHotSpotPort} SSL Port: {$ArticaSplashHotSpotPortSSL}\n";
}
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} PHP-FPM...: {$EnablePHPFPM}\n";
}
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} MaxClients: {$HotSpotMaxClients}\n";
}
$f[] = "Group {$APACHE_SRC_GROUP}";
$f[] = "User {$APACHE_SRC_ACCOUNT}";
$f[] = "LockFile /var/run/apache2/hotspot-artica-accept.lock";
$f[] = "PidFile /var/run/artica-apache/hotspot-apache.pid";
$f[] = "AcceptMutex flock";
$f[] = "SSLRandomSeed startup file:/dev/urandom 256";
$f[] = "SSLRandomSeed connect builtin";
$f[] = "SSLSessionCache shmcb:/var/run/apache2/ssl_scache-hotspot(512000)";
$f[] = "SSLSessionCacheTimeout 300";
$f[] = "SSLSessionCacheTimeout 300";
$f[] = "DocumentRoot /usr/share/artica-postfix";
$f[] = "DirectoryIndex hotspot.html";
$f[] = "ErrorDocument 400 /hotspot.html";
$f[] = "ErrorDocument 401 /hotspot.html";
$f[] = "ErrorDocument 403 /hotspot.html";
$f[] = "ErrorDocument 404 /hotspot.html";
$f[] = "ErrorDocument 500 /hotspot.html";
$NameVirtualHost = $ipaddr;
if ($HospotHTTPServerName != null) {
$NameVirtualHost = $HospotHTTPServerName;
}
$f[] = "NameVirtualHost {$NameVirtualHost}:{$ArticaSplashHotSpotPort}";
$f[] = "NameVirtualHost {$NameVirtualHost}:{$ArticaSplashHotSpotPortSSL}";
$f[] = "Listen {$NameVirtualHost}:{$ArticaSplashHotSpotPort}";
$f[] = "Listen {$NameVirtualHost}:{$ArticaSplashHotSpotPortSSL}";
$ddos_config = null;
if ($HotSpotForceDDOSDisable == 1) {
$Params["DOSEnable"] = 0;
}
if ($Params["DOSEnable"] == 1) {
//$ddos[]="<IfModule mod_evasive20.c>";
$ddos[] = "\tDOSHashTableSize {$Params["DOSHashTableSize"]}";
$ddos[] = "\tDOSPageCount {$Params["DOSPageCount"]}";
$ddos[] = "\tDOSSiteCount {$Params["DOSSiteCount"]}";
$ddos[] = "\tDOSPageInterval {$Params["DOSPageInterval"]}";
$ddos[] = "\tDOSSiteInterval {$Params["DOSSiteInterval"]}";
$ddos[] = "\tDOSBlockingPeriod {$Params["DOSBlockingPeriod"]}";
$ddos[] = "\tDOSLogDir \"/var/log/artica-wifidog\"";
$ddos[] = "\tDOSSystemCommand \"/bin/echo `date '+%F %T'` HOTSPOT %s >> /var/log/artica-wifidog/dos_evasive_attacks.log\"";
$ddos_config = @implode("\n", $ddos);
//$ddos[]="</IfModule>";
}
$f[] = "<VirtualHost {$NameVirtualHost}:{$ArticaSplashHotSpotPort}>";
$f[] = "\tServerName {$NameVirtualHost}";
$f[] = "\tDocumentRoot /usr/share/artica-postfix";
$f[] = "{$ddos_config}";
$f[] = "\tErrorDocument 400 /hotspot.html";
$f[] = "\tErrorDocument 401 /hotspot.html";
$f[] = "\tErrorDocument 403 /hotspot.html";
$f[] = "\tErrorDocument 404 /hotspot.html";
$f[] = "\tErrorDocument 500 /hotspot.html";
$f[] = "\tFallbackResource /hotspot.html";
$f[] = "</VirtualHost>";
$f[] = "<VirtualHost {$NameVirtualHost}:{$ArticaSplashHotSpotPortSSL}>";
$f[] = "\tServerName {$NameVirtualHost}";
$f[] = "\tDocumentRoot /usr/share/artica-postfix";
$f[] = "\tSSLEngine on";
$squid = new squidbee();
$ArticaSplashHotSpotCertificate = $sock->GET_INFO("ArticaSplashHotSpotCertificate");
$data = $squid->SaveCertificate($ArticaSplashHotSpotCertificate, false, true, false);
if ($ArticaSplashHotSpotCertificate != null) {
$apache = new apache_certificate($ArticaSplashHotSpotCertificate);
$f[] = $apache->build();
} else {
if (preg_match("#ssl_certificate\\s+(.+?);\\s+ssl_certificate_key\\s+(.+?);#is", $data, $re)) {
$cert = $re[1];
$key = $re[2];
$f[] = "\tSSLCertificateFile \"{$cert}\"";
$f[] = "\tSSLCertificateKeyFile \"{$key}\"";
}
}
$f[] = "\tSSLVerifyClient none";
$f[] = "\tServerSignature Off";
$f[] = "{$ddos_config}";
$f[] = "\tErrorDocument 400 /hotspot.html";
$f[] = "\tErrorDocument 401 /hotspot.html";
$f[] = "\tErrorDocument 403 /hotspot.html";
$f[] = "\tErrorDocument 404 /hotspot.html";
$f[] = "\tErrorDocument 500 /hotspot.html";
$f[] = "\tFallbackResource /hotspot.html";
$f[] = "</VirtualHost>";
$f[] = "AccessFileName .htaccess";
$f[] = "<Files ~ \"^\\.ht\">";
$f[] = "\tOrder allow,deny";
$f[] = "\tDeny from all";
$f[] = "\tSatisfy all";
$f[] = "</Files>";
$f[] = "DefaultType text/plain";
$f[] = "HostnameLookups Off";
$f[] = "User\t\t\t\t {$APACHE_SRC_ACCOUNT}";
$f[] = "Group\t\t\t\t {$APACHE_SRC_GROUP}";
$f[] = "Timeout 300";
$f[] = "KeepAlive Off";
$f[] = "KeepAliveTimeout 3";
if ($HotSpotStartServers >= $HotSpotMaxClients) {
$HotSpotMaxClients = $HotSpotMaxClients + $HotSpotStartServers;
}
if ($HotSpotMaxClients > 1024) {
$HotSpotMaxClients = 1024;
}
$ServerLimit = $HotSpotMaxClients + 100;
if ($ServerLimit > 2000) {
$ServerLimit = 2000;
}
$f[] = "StartServers {$HotSpotStartServers}";
$f[] = "MaxClients {$HotSpotMaxClients}";
$f[] = "ServerLimit\t\t {$ServerLimit}";
$MinSpareServers = $HotSpotStartServers + 5;
$MaxSpareServers = $MinSpareServers + 1;
$f[] = "MinSpareServers {$MinSpareServers}";
$f[] = "MaxSpareServers {$MaxSpareServers}";
$f[] = "MaxRequestsPerChild 800";
$f[] = "MaxKeepAliveRequests 100";
$f[] = "ServerName " . $unix->hostname_g();
$f[] = "<IfModule mod_ssl.c>";
$f[] = "\tSSLRandomSeed connect builtin";
$f[] = "\tSSLRandomSeed connect file:/dev/urandom 512";
$f[] = "\tAddType application/x-x509-ca-cert .crt";
$f[] = "\tAddType application/x-pkcs7-crl .crl";
$f[] = "\tSSLPassPhraseDialog builtin";
$f[] = "\tSSLSessionCache shmcb:/var/run/apache2/ssl_scache-articahtp(512000)";
$f[] = "\tSSLSessionCacheTimeout 300";
$f[] = "\tSSLSessionCacheTimeout 300";
$f[] = "\tSSLMutex sem";
$f[] = "\tSSLCipherSuite HIGH:MEDIUM:!ADH";
$f[] = "\tSSLProtocol all -SSLv2";
$f[] = "</IfModule>";
$f[] = "";
$f[] = "AddType application/x-httpd-php .php";
$f[] = "php_value error_log \"/var/log/artica-wifidog/access.log\"";
$f[] = "php_value session.save_path \"/home/artica/hotspot/sessions\"";
$f[] = "<IfModule mod_fcgid.c>";
$f[] = "\tPHP_Fix_Pathinfo_Enable 1";
$f[] = "</IfModule>";
$f[] = "<IfModule mod_php5.c>";
$f[] = " <FilesMatch \"\\.ph(p3?|tml)\$\">";
$f[] = "\tSetHandler application/x-httpd-php";
$f[] = " </FilesMatch>";
$f[] = " <FilesMatch \"\\.phps\$\">";
$f[] = "\tSetHandler application/x-httpd-php-source";
$f[] = " </FilesMatch>";
$f[] = " <IfModule mod_userdir.c>";
$f[] = " <Directory /home/*/public_html>";
$f[] = " php_admin_value engine Off";
$f[] = " </Directory>";
$f[] = " </IfModule>";
$f[] = "</IfModule>";
$f[] = "<IfModule mod_mime.c>";
$f[] = "\tTypesConfig /etc/mime.types";
$f[] = "\tAddType application/x-compress .Z";
$f[] = "\tAddType application/x-gzip .gz .tgz";
$f[] = "\tAddType application/x-bzip2 .bz2";
$f[] = "\tAddType application/x-httpd-php .php .phtml";
$f[] = "\tAddType application/x-httpd-php-source .phps";
$f[] = "\tAddLanguage ca .ca";
$f[] = "\tAddLanguage cs .cz .cs";
$f[] = "\tAddLanguage da .dk";
$f[] = "\tAddLanguage de .de";
$f[] = "\tAddLanguage el .el";
$f[] = "\tAddLanguage en .en";
$f[] = "\tAddLanguage eo .eo";
$f[] = "\tRemoveType es";
$f[] = "\tAddLanguage es .es";
$f[] = "\tAddLanguage et .et";
$f[] = "\tAddLanguage fr .fr";
$f[] = "\tAddLanguage he .he";
$f[] = "\tAddLanguage hr .hr";
$f[] = "\tAddLanguage it .it";
$f[] = "\tAddLanguage ja .ja";
$f[] = "\tAddLanguage ko .ko";
$f[] = "\tAddLanguage ltz .ltz";
$f[] = "\tAddLanguage nl .nl";
$f[] = "\tAddLanguage nn .nn";
$f[] = "\tAddLanguage no .no";
$f[] = "\tAddLanguage pl .po";
$f[] = "\tAddLanguage pt .pt";
$f[] = "\tAddLanguage pt-BR .pt-br";
$f[] = "\tAddLanguage ru .ru";
$f[] = "\tAddLanguage sv .sv";
$f[] = "\tRemoveType tr";
$f[] = "\tAddLanguage tr .tr";
$f[] = "\tAddLanguage zh-CN .zh-cn";
$f[] = "\tAddLanguage zh-TW .zh-tw";
$f[] = "\tAddCharset us-ascii .ascii .us-ascii";
$f[] = "\tAddCharset ISO-8859-1 .iso8859-1 .latin1";
$f[] = "\tAddCharset ISO-8859-2 .iso8859-2 .latin2 .cen";
$f[] = "\tAddCharset ISO-8859-3 .iso8859-3 .latin3";
$f[] = "\tAddCharset ISO-8859-4 .iso8859-4 .latin4";
$f[] = "\tAddCharset ISO-8859-5 .iso8859-5 .cyr .iso-ru";
$f[] = "\tAddCharset ISO-8859-6 .iso8859-6 .arb .arabic";
$f[] = "\tAddCharset ISO-8859-7 .iso8859-7 .grk .greek";
$f[] = "\tAddCharset ISO-8859-8 .iso8859-8 .heb .hebrew";
$f[] = "\tAddCharset ISO-8859-9 .iso8859-9 .latin5 .trk";
$f[] = "\tAddCharset ISO-8859-10 .iso8859-10 .latin6";
$f[] = "\tAddCharset ISO-8859-13 .iso8859-13";
$f[] = "\tAddCharset ISO-8859-14 .iso8859-14 .latin8";
$f[] = "\tAddCharset ISO-8859-15 .iso8859-15 .latin9";
$f[] = "\tAddCharset ISO-8859-16 .iso8859-16 .latin10";
$f[] = "\tAddCharset ISO-2022-JP .iso2022-jp .jis";
$f[] = "\tAddCharset ISO-2022-KR .iso2022-kr .kis";
$f[] = "\tAddCharset ISO-2022-CN .iso2022-cn .cis";
$f[] = "\tAddCharset Big5 .Big5 .big5 .b5";
$f[] = "\tAddCharset cn-Big5 .cn-big5";
$f[] = "\t# For russian, more than one charset is used (depends on client, mostly):";
$f[] = "\tAddCharset WINDOWS-1251 .cp-1251 .win-1251";
$f[] = "\tAddCharset CP866 .cp866";
$f[] = "\tAddCharset KOI8 .koi8";
$f[] = "\tAddCharset KOI8-E .koi8-e";
$f[] = "\tAddCharset KOI8-r .koi8-r .koi8-ru";
$f[] = "\tAddCharset KOI8-U .koi8-u";
$f[] = "\tAddCharset KOI8-ru .koi8-uk .ua";
$f[] = "\tAddCharset ISO-10646-UCS-2 .ucs2";
$f[] = "\tAddCharset ISO-10646-UCS-4 .ucs4";
$f[] = "\tAddCharset UTF-7 .utf7";
$f[] = "\tAddCharset UTF-8 .utf8";
$f[] = "\tAddCharset UTF-16 .utf16";
$f[] = "\tAddCharset UTF-16BE .utf16be";
$f[] = "\tAddCharset UTF-16LE .utf16le";
$f[] = "\tAddCharset UTF-32 .utf32";
$f[] = "\tAddCharset UTF-32BE .utf32be";
$f[] = "\tAddCharset UTF-32LE .utf32le";
$f[] = "\tAddCharset euc-cn .euc-cn";
$f[] = "\tAddCharset euc-gb .euc-gb";
$f[] = "\tAddCharset euc-jp .euc-jp";
$f[] = "\tAddCharset euc-kr .euc-kr";
$f[] = "\tAddCharset EUC-TW .euc-tw";
$f[] = "\tAddCharset gb2312 .gb2312 .gb";
$f[] = "\tAddCharset iso-10646-ucs-2 .ucs-2 .iso-10646-ucs-2";
$f[] = "\tAddCharset iso-10646-ucs-4 .ucs-4 .iso-10646-ucs-4";
$f[] = "\tAddCharset shift_jis .shift_jis .sjis";
$f[] = "\tAddType text/html .shtml";
$f[] = "\tAddOutputFilter INCLUDES .shtml";
$f[] = "</IfModule>";
$f[] = "Alias /index.php /hotspot.html";
$f[] = "Alias /index.html /hotspot.html";
$f[] = "Alias /Microsoft-Server-ActiveSync /hotspot-none.html";
$f[] = "<Directory \"/usr/share/artica-postfix\">";
$f[] = "\tDirectorySlash On";
$f[] = "\tDirectoryIndex hostpot.php";
$f[] = "\t\t<Files \"hostpot.php\">";
$f[] = "\t\t\tOrder allow,deny";
$f[] = "\t\t\tallow from all";
$f[] = "\t\t</Files>";
$f[] = "\t\t<Files \"hostpot.html\">";
$f[] = "\t\t\tOrder allow,deny";
$f[] = "\t\t\tallow from all";
$f[] = "\t\t</Files>";
$f[] = "\t\t<FilesMatch \"!(hostpot)\\.(html|php)\$\">";
$f[] = "\t\t\tOrder allow,deny";
$f[] = "\t\t\tdeny from all";
$f[] = "\t\t</FilesMatch>";
$f[] = "\tErrorDocument 400 /hotspot.html";
$f[] = "\tErrorDocument 401 /hotspot.html";
$f[] = "\tErrorDocument 403 /hotspot.html";
$f[] = "\tErrorDocument 404 /hotspot.html";
$f[] = "\tErrorDocument 500 /hotspot.html";
$f[] = "\tFallbackResource /hotspot.html";
$f[] = "\tOptions -Indexes";
$f[] = "\tSSLOptions +StdEnvVars";
$f[] = "\tAllowOverride All";
$f[] = "\tOrder allow,deny";
$f[] = "\tAllow from all";
$f[] = "</Directory>";
if ($EnableArticaApachePHPFPM == 1) {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Activate PHP5-FPM\n";
}
shell_exec("{$php} /usr/share/artica-postfix/exec.initslapd.php --phppfm");
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Restarting PHP5-FPM\n";
}
shell_exec("/etc/init.d/php5-fpm restart");
$f[] = "\tAlias /php5.fastcgi /var/run/artica-apache/php5.fastcgi";
$f[] = "\tAddHandler php-script .php";
$f[] = "\tFastCGIExternalServer /var/run/artica-apache/php5.fastcgi -socket /var/run/php-fpm.sock -idle-timeout 610";
$f[] = "\tAction php-script /php5.fastcgi virtual";
$f[] = "\t<Directory /var/run/artica-apache>";
$f[] = "\t\t<Files php5.fastcgi>";
$f[] = "\t\tOrder deny,allow";
$f[] = "\t\tAllow from all";
$f[] = "\t\t</Files>";
$f[] = "\t</Directory>";
} else {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} PHP5-FPM is disabled\n";
}
}
$f[] = "Loglevel debug";
$f[] = "ErrorLog {$ErrorLog}";
$f[] = "LogFormat \"%h %l %u %t \\\"%r\\\" %<s %b\" common";
$f[] = "CustomLog {$LogFilePath} common";
if ($EnableArticaApachePHPFPM == 0) {
$array["php5_module"] = "libphp5.so";
}
$array["actions_module"] = "mod_actions.so";
$array["expires_module"] = "mod_expires.so";
$array["rewrite_module"] = "mod_rewrite.so";
$array["dir_module"] = "mod_dir.so";
$array["mime_module"] = "mod_mime.so";
$array["alias_module"] = "mod_alias.so";
$array["auth_basic_module"] = "mod_auth_basic.so";
$array["authz_host_module"] = "mod_authz_host.so";
$array["autoindex_module"] = "mod_autoindex.so";
$array["negotiation_module"] = "mod_negotiation.so";
$array["ssl_module"] = "mod_ssl.so";
$array["headers_module"] = "mod_headers.so";
$array["ldap_module"] = "mod_ldap.so";
if ($Params["DOSEnable"] == 1) {
$array["evasive20_module"] = "mod_evasive20.so";
}
if ($EnableArticaApachePHPFPM == 1) {
$array["fastcgi_module"] = "mod_fastcgi.so";
}
if (is_dir("/etc/apache2")) {
if (!is_file("/etc/apache2/mime.types")) {
if ($apache_LOCATE_MIME_TYPES != "/etc/apache2/mime.types") {
@copy($apache_LOCATE_MIME_TYPES, "/etc/apache2/mime.types");
}
}
}
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Mime types path.......: {$apache_LOCATE_MIME_TYPES}\n";
}
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Modules path..........: {$APACHE_MODULES_PATH}\n";
}
while (list($module, $lib) = each($array)) {
if (is_file("{$APACHE_MODULES_PATH}/{$lib}")) {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} include module \"{$module}\"\n";
}
$f[] = "LoadModule {$module} {$APACHE_MODULES_PATH}/{$lib}";
} else {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} skip module \"{$module}\"\n";
}
}
}
build_error_page();
@file_put_contents("/etc/artica-postfix/hotspot-httpd.conf", @implode("\n", $f) . "\n");
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} /etc/artica-postfix/hotspot-httpd.conf done\n";
}
}
function apache_firewall()
{
$q = new mysql();
$unix = new unix();
$APACHE_SRC_ACCOUNT = $unix->APACHE_SRC_ACCOUNT();
$APACHE_SRC_GROUP = $unix->APACHE_SRC_GROUP();
if ($q->COUNT_ROWS("iptables_webint", "artica_backup") == 0) {
return null;
}
$f[] = "Order Allow,Deny";
$ipClass = new IP();
$c = 0;
$results = $q->QUERY_SQL("SELECT * FROM iptables_webint", "artica_backup");
while ($ligne = mysql_fetch_assoc($results)) {
$pattern = $ligne["pattern"];
if (!$ipClass->isIPAddressOrRange($pattern)) {
continue;
}
$f[] = "\tAllow from {$pattern}";
$c++;
}
if (count($c) > 0) {
$f[] = "\tAllow from 127.0.0.1";
return @implode("\n", $f);
}
}
function sessions_clean()
{
$unix = new unix();
$sock = new sockets();
$TimeFile = "/etc/artica-postfix/pids/" . basename(__FILE__) . "." . __FUNCTION__ . ".time";
$APACHE_SRC_ACCOUNT = $unix->APACHE_SRC_ACCOUNT();
$APACHE_SRC_GROUP = $unix->APACHE_SRC_GROUP();
$CleanPHPSessionTime = $sock->GET_INFO("CleanPHPSessionTime");
if (!is_numeric($CleanPHPSessionTime)) {
$CleanPHPSessionTime = 2880;
}
if ($unix->file_time_min($TimeFile) < 60) {
return;
}
@unlink($TimeFile);
@file_put_contents($TimeFile, time());
if ($CleanPHPSessionTime > 5) {
if (is_dir("/var/lib/php5")) {
foreach (glob("/var/lib/php5/*") as $filename) {
$unix->chown_func($APACHE_SRC_ACCOUNT, $APACHE_SRC_GROUP, $filename);
$time = $unix->file_time_min($filename);
if ($time > 2880) {
$unix->_syslog("Clean: Remove PHP Session file " . basename($filename) . " {$time}Mn", basename(__FILE__));
@unlink($filename);
}
}
}
if (is_dir("/var/lib/php5-zarafa")) {
foreach (glob("/var/lib/php5-zarafa/*") as $filename) {
$time = $unix->file_time_min($filename);
if ($time > 2880) {
$unix->_syslog("Clean: Remove PHP Zarafa Session file " . basename($filename) . " {$time}Mn", basename(__FILE__));
@unlink($filename);
}
}
}
}
foreach (glob("/usr/share/artica-postfix/ressources/logs/jGrowl/*") as $filename) {
$time = $unix->file_time_min($filename);
if ($time > 360) {
@unlink($filename);
}
}
foreach (glob("/usr/share/artica-postfix/ressources/conf/*") as $filename) {
$time = $unix->file_time_min($filename);
if ($time > 360) {
@unlink($filename);
}
}
}
function link_csv()
{
$aclid = $_GET["link-csv"];
$path = "/var/log/squid/access_acl_{$aclid}.csv";
$dest = "/usr/share/artica-postfix/ressources/logs/web/access_acl_{$aclid}.csv";
$unix = new unix();
$cp = $unix->find_program("cp");
@unlink($dest);
$apache = $unix->APACHE_SRC_ACCOUNT();
$cmd = "{$cp} -f {$path} {$dest}";
writelogs_framework("{$cmd}", __FUNCTION__, __FILE__, __LINE__);
shell_exec($cmd);
@chmod($path, 0777);
@chown($dest, $apache);
chgrp($dest, $unix->APACHE_SRC_GROUP());
}
function copytocache()
{
$unix = new unix();
$path = $_GET["copytocache"];
if (!is_file($path)) {
echo "<articadatascgi>No such file</articadatascgi>";
writelogs("{$path} -> No such file");
return;
}
$basename = basename($path);
writelogs("COPY {$path} -> /usr/share/artica-postfix/ressources/logs/{$basename}");
if (is_file("/usr/share/artica-postfix/ressources/logs/{$basename}")) {
@unlink("/usr/share/artica-postfix/ressources/logs/{$basename}");
}
if (!copy($path, "/usr/share/artica-postfix/ressources/logs/{$basename}")) {
echo "<articadatascgi>Copy failed</articadatascgi>";
return;
}
$APACHE = $unix->APACHE_SRC_ACCOUNT();
$APACHE_GROUP = $unix->APACHE_SRC_GROUP();
$unix->chown_func($APACHE, $APACHE_GROUP, "/usr/share/artica-postfix/ressources/logs/{$basename}");
$unix->chmod_func(0755, "/usr/share/artica-postfix/ressources/logs/{$basename}");
}
function install_PIWIK($servername)
{
$sources = "/usr/share/piwik";
$unix = new unix();
$cp = $unix->find_program("cp");
$freeweb = new freeweb($servername);
if (!is_dir($sources)) {
writelogs("[{$servername}] {$sources} no such directory", __FUNCTION__, __FILE__, __LINE__);
return;
}
if (!is_dir($freeweb->WORKING_DIRECTORY)) {
writelogs("[{$servername}] {$freeweb->WORKING_DIRECTORY} no such directory", __FUNCTION__, __FILE__, __LINE__);
return;
}
include_once dirname(__FILE__) . "/ressources/class.piwik.inc";
$piwik = new piwik();
if ($piwik->checkWebsite($freeweb->WORKING_DIRECTORY)) {
return;
}
writelogs("[{$servername}] copy sources...", __FUNCTION__, __FILE__, __LINE__);
shell_exec("{$cp} -rf {$sources}/* {$freeweb->WORKING_DIRECTORY}/");
@unlink("{$freeweb->WORKING_DIRECTORY}/config/config.ini.php");
@mkdir('/usr/share/piwik/tmp/assets', 0777, true);
@mkdir('/usr/share/piwik/tmp/templates_c', 0777, true);
@mkdir('/usr/share/piwik/tmp/cache', 0777, true);
@mkdir('/usr/share/piwik/tmp/assets', 0777, true);
shell_exec('/bin/chmod 0777 /usr/share/piwik/tmp');
shell_exec('/bin/chmod 0777 /usr/share/piwik/tmp/templates_c/');
shell_exec('/bin/chmod 0777 /usr/share/piwik/tmp/cache/');
shell_exec('/bin/chmod 0777 /usr/share/piwik/tmp/assets/');
shell_exec('/bin/chmod a+w /usr/share/piwik/config');
$apacheusername = $unix->APACHE_SRC_ACCOUNT();
$apachegroup = $unix->APACHE_SRC_GROUP();
$freeweb->chown($freeweb->WORKING_DIRECTORY);
}
function execute_mysql($OnlyID = 0)
{
$GLOBALS["INDEXED"] = 0;
$GLOBALS["SKIPPED"] = 0;
$GLOBALS["DIRS"] = array();
$unix = new unix();
$httrack = $unix->find_program("httrack");
if (!is_file($httrack)) {
apache_admin_mysql(0, "httrack no such binary", null, __FILE__, __LINE__, "webcopy");
return;
}
$pidfile = "/etc/artica-postfix/pids/" . basename(__FILE__) . "." . __FUNCTION__ . ".pid";
$pid = $unix->get_pid_from_file($pidfile);
if ($unix->process_exists($pid, basename(__FILE__))) {
apache_admin_mysql(1, "Already instance executed", null, __FILE__, __LINE__, "webcopy");
return;
}
$ini = new Bs_IniHandler();
$sock = new sockets();
$datas = $sock->GET_INFO("ArticaProxySettings");
if (trim($datas) != null) {
$ini->loadString($datas);
if (!isset($ini->_params["PROXY"]["ArticaProxyServerEnabled"])) {
$ini->_params["PROXY"]["ArticaProxyServerEnabled"] = "no";
}
$ArticaProxyServerEnabled = $ini->_params["PROXY"]["ArticaProxyServerEnabled"];
$ArticaProxyServerName = $ini->_params["PROXY"]["ArticaProxyServerName"];
$ArticaProxyServerPort = $ini->_params["PROXY"]["ArticaProxyServerPort"];
$ArticaProxyServerUsername = trim($ini->_params["PROXY"]["ArticaProxyServerUsername"]);
$ArticaProxyServerUserPassword = $ini->_params["PROXY"]["ArticaProxyServerUserPassword"];
if ($ArticaProxyServerEnabled == 1) {
$ArticaProxyServerEnabled = "yes";
}
}
$PPRoxy = null;
$userPP = null;
if ($ArticaProxyServerEnabled == "yes") {
if ($ArticaProxyServerUsername != null) {
$userPP = "{$ArticaProxyServerUsername}:{$ArticaProxyServerUserPassword}@";
}
$PPRoxy = " --proxy {$userPP}@{$ArticaProxyServerName}:{$ArticaProxyServerPort}";
} else {
$squidbin = $unix->LOCATE_SQUID_BIN();
if (is_file($squidbin)) {
$SQUIDEnable = $sock->GET_INFO("SQUIDEnable");
if (!is_numeric($SQUIDEnable)) {
$SQUIDEnable = 1;
}
$SquidMgrListenPort = intval($sock->GET_INFO("SquidMgrListenPort"));
$PPRoxy = " --proxy 127.0.0.1:{$SquidMgrListenPort}";
}
}
$getmypid = getmypid();
@file_put_contents($pidfile, $getmypid);
$php = $unix->LOCATE_PHP5_BIN();
$APACHE_USERNAME = $unix->APACHE_SRC_ACCOUNT();
$APACHE_SRC_GROUP = $unix->APACHE_SRC_GROUP();
$q = new mysql();
$nice = EXEC_NICE();
$sql = "SELECT * FROM httrack_sites WHERE enabled=1";
$results = $q->QUERY_SQL($sql, "artica_backup");
if (!$q->ok) {
apache_admin_mysql(0, "Fatal: {$q->mysql_error}", null, __FILE__, __LINE__, "webcopy");
return;
}
$t1 = time();
$count = 0;
if ($OnlyID > 0) {
$ligne2 = mysql_fetch_array($q->QUERY_SQL("SELECT sitename FROM httrack_sites WHERE ID={$OnlyID}", "artica_backup"));
$log_exp = " only for [{$ligne2["sitename"]}] ";
}
apache_admin_mysql(2, "Starting executing WebCopy task {$log_exp} pid:{$getmypid}", null, __FILE__, __LINE__, "webcopy");
$dirsizeG = 0;
while ($ligne = mysql_fetch_assoc($results)) {
if ($OnlyID > 0) {
if ($ligne["ID"] != $OnlyID) {
continue;
}
}
$t = time();
$count++;
$workingdir = $ligne["workingdir"];
$sitename = $ligne["sitename"];
$minrate = $ligne["minrate"];
$maxfilesize = $ligne["maxfilesize"];
$maxsitesize = $ligne["maxsitesize"];
$size = $ligne["size"];
$sizeKB = $size / 1024;
$sizeMB = round($sizeKB / 1024, 2);
$maxworkingdir = intval($ligne["maxworkingdir"]);
if ($maxworkingdir == 0) {
$maxworkingdir = 20;
}
$maxsitesizeMB = $maxsitesize / 1000;
if ($maxsitesizeMB > $maxworkingdir) {
$maxsitesize = $maxworkingdir * 1000;
}
if ($sizeMB > $maxworkingdir) {
apache_admin_mysql(1, "Skip downloading content of {$sitename} Directory: {$sizeMB}MB reach limit of {$maxworkingdir}MB", null, __FILE__, __LINE__, "webcopy");
continue;
}
if ($GLOBALS["VERBOSE"]) {
echo "Dir: Current size:{$sizeMB}\n";
echo "Dir: Max size:{$maxworkingdir}\n";
}
$ResteMB = $maxworkingdir - $sizeMB;
$ResteKB = $ResteMB * 1000;
if ($maxsitesize > $ResteKB) {
$maxsitesize = $ResteKB;
}
echo "Dir: Max Downloads:{$maxsitesize} KB\n";
$maxfilesize = $maxfilesize * 1000;
$maxsitesize = $maxsitesize * 1000;
$minrate = $minrate * 1000;
$update = null;
$resultsCMD = array();
echo "Dir: Max Downloads:{$maxsitesize} Bytes\n";
if (!is_dir($workingdir)) {
@mkdir($workingdir, 0755, true);
}
if (is_file("{$workingdir}/hts-cache")) {
$update = " --update";
}
apache_admin_mysql(2, "Starting downloading content of {$sitename}/{$minrate}/" . FormatBytes($maxsitesize / 1000), null, __FILE__, __LINE__, "webcopy");
$cmdline = "{$httrack} \"{$sitename}\" --quiet{$update}{$PPRoxy} --max-files={$maxfilesize} --max-size={$maxsitesize} --max-rate={$minrate} -O \"{$workingdir}\" 2>&1";
if ($GLOBALS["VERBOSE"]) {
echo "{$cmdline}\n";
}
exec($cmdline, $resultsCMD);
if ($GLOBALS["VERBOSE"]) {
echo @implode("\n", $resultsCMD);
}
$dirsize = $unix->DIRSIZE_BYTES($workingdir);
$dirsizeG = $dirsizeG + $dirsize;
$took = $unix->distanceOfTimeInWords($t, time(), true);
$dirsizeText = round($dirsize / 1024 / 1000, 2);
if ($GLOBALS["VERBOSE"]) {
echo "Dir: Current size:{$sizeMB}\n";
echo "Dir: New size....:{$dirsizeText}MB\n";
}
apache_admin_mysql(2, "{$sitename} scrapped took {$took} size={$dirsizeText} MB", @implode("\n", $resultsCMD), __FILE__, __LINE__, "webcopy");
$q->QUERY_SQL("UPDATE httrack_sites SET size='{$dirsize}' WHERE ID={$ligne["ID"]}", "artica_backup");
}
$took = $unix->distanceOfTimeInWords($t1, time(), true);
@chmod($workingdir, 0755);
@chmod(dirname($workingdir), 0755);
$chown = $unix->find_program("chown");
shell_exec("{$chown} -R {$APACHE_USERNAME}:{$APACHE_SRC_GROUP} {$workingdir}");
@file_put_contents("/etc/artica-postfix/settings/Daemons/HTTRackSize", $dirsizeG);
if ($count > 0) {
apache_admin_mysql(2, "{$count} web sites scrapped took {$took}", null, __FILE__, __LINE__, "webcopy");
}
system("{$php} /usr/share/artica-postfix/exec.syslog-engine.php --apache");
}
function coova_web()
{
$ldap = new clladp();
$sock = new sockets();
$ChilliConf = unserialize(base64_decode($sock->GET_INFO("ChilliConf")));
if (!isset($ChilliConf["HS_UAMFREEWEB"])) {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: FreeWeb Login page is not set...\n";
}
}
$f[] = "<?";
$f[] = "\t\$msecret = '{$ldap->ldap_password}'; //Change this to be the same as your chilli's configuration";
$f[] = "\t\$username = \$_POST['username'];";
$f[] = "\t\$password = \$_POST['password'];";
$f[] = "\t\$challenge = \$_POST['challenge'];";
$f[] = "\t\$redir\t = \$_POST['userurl'];";
$f[] = "\t\$server_ip = \$_POST['uamip'];";
$f[] = "\t\$port = \$_POST['uamport'];";
$f[] = "";
$f[] = " //--Add a remember me cookie---";
$f[] = " if( array_key_exists('remember',\$_POST)){";
$f[] = " \$Year = (2592000*12) + time();";
$f[] = " setcookie(\"hs[username]\", \$username, \$Year);";
$f[] = " setcookie('hs[password]', \$password, \$Year);";
$f[] = " }";
$f[] = "";
$f[] = " //--There is a bug that keeps the logout in a loop if userurl is http%3a%2f%2f1.0.0.0 ---/";
$f[] = " //--We need to remove this and replace it with something we want";
$f[] = " if (preg_match(\"/1\\.0\\.0\\.0/i\", \$redir)) {";
$f[] = "";
$f[] = " \$default_site = 'google.com';";
$f[] = " \$pattern = \"/1\\.0\\.0\\.0/i\";";
$f[] = " \$redir = preg_replace(\$pattern, \$default_site, \$redir);";
$f[] = " }";
$f[] = "";
$f[] = "\t\$enc_pwd = return_new_pwd(\$password,\$challenge,\$uamsecret);";
$f[] = "\t//\$dir\t\t= '/json/logon';";
$f[] = "\t\$dir\t\t= '/logon';";
$f[] = " \$target = \"http://\$server_ip\".':'.\$port.\$dir.\"?username=\$username&password=\$enc_pwd&userurl=\$redir\";";
$f[] = " // print(\$target);";
$f[] = "";
$f[] = "\theader(\"Location: \$target\");";
$f[] = "";
$f[] = "\t//Function to do the encryption thing of the password";
$f[] = "\tfunction return_new_pwd(\$pwd,\$challenge,\$uamsecret){";
$f[] = "\t \$hex_chal = pack('H32', \$challenge); //Hex the challenge";
$f[] = "\t \$newchal = pack('H*', md5(\$hex_chal.\$uamsecret)); //Add it to with \$uamsecret (shared between chilli an this script)";
$f[] = "\t \$response = md5(\"\" . \$pwd . \$newchal); //md5 the lot";
$f[] = "\t \$newpwd = pack('a32', \$pwd); //pack again";
$f[] = "\t \$password = implode ('', unpack('H32', (\$newpwd ^ \$newchal))); //unpack again";
$f[] = "\t return \$password;";
$f[] = " \t}";
$f[] = "";
$f[] = "?>";
$unix = new unix();
$cp = $unix->find_program("cp");
@mkdir("/var/www/coova_json", 0755, true);
if (!is_file("/var/www/coova_json/login.php")) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Installing Coova JSON...\n";
shell_exec("{$cp} -rf /var/www/c2/yfi_cake/setup/coova_json/* /var/www/coova_json/");
}
@file_put_contents("/var/www/coova_json/login.php", @implode("\n", $f));
@chmod("var/www/coova_json/login.php", 0755);
$unix->chown_func($unix->APACHE_SRC_ACCOUNT(), $unix->APACHE_SRC_GROUP(), "/var/www/coova_json/*");
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} `coova_json/login.php` done\n";
$f = explode("\n", @file_get_contents("/var/www/coova_json/js/custom.js"));
while (list($key, $line) = each($f)) {
if (preg_match("#\\s+p_url_use:.*?'#", $line)) {
echo "Starting......: " . date("H:i:s") . " [INIT]: Chilli: L.{$key} FreeWeb: {$ChilliConf["HS_UAMFREEWEB"]}\n";
$f[$key] = "\tp_url_use: 'http://{$ChilliConf["HS_UAMFREEWEB"]}/c2/yfi_cake/third_parties/json_usage_check?key=12345&username='******'s usage";
continue;
}
if (preg_match("#\\s+p_url_uam:.*?'#", $line)) {
echo "Starting......: " . date("H:i:s") . " [INIT]: Chilli: L.{$key} FreeWeb: {$ChilliConf["HS_UAMFREEWEB"]}\n";
$f[$key] = "\tp_url_uam: 'http://{$ChilliConf["HS_UAMFREEWEB"]}/mobile/uam.php?challenge=', //This us the web service which will return a uam encrypted hash using the challenge, password and UAM shared secret";
continue;
}
if (preg_match("#\\s+p_url_voucher_name:.*?'#", $line)) {
echo "Starting......: " . date("H:i:s") . " [INIT]: Chilli: L.{$key} FreeWeb: {$ChilliConf["HS_UAMFREEWEB"]}\n";
$f[$key] = "\tp_url_voucher_name: 'http://{$ChilliConf["HS_UAMFREEWEB"]}/c2/yfi_cake/third_parties/json_voucher_name?key=12345&password='******'{$ldap->ldap_password}';";
continue;
}
}
@file_put_contents("/var/www/coova_json/uam.php", @implode("\n", $f));
echo "Starting......: " . date("H:i:s") . " [INIT]: Chilli: `/uam.php` done\n";
DefaultSplash($ChilliConf);
}
function build()
{
$unix = new unix();
$sock = new sockets();
$apache = $unix->APACHE_SRC_ACCOUNT();
$apachegrp = $unix->APACHE_SRC_GROUP();
$VSFTPDPort = intval($sock->GET_INFO("VSFTPDPort"));
if ($VSFTPDPort == 0) {
$VSFTPDPort = 21;
}
$VsFTPDPassive = $sock->GET_INFO("VsFTPDPassive");
$VsFTPDFileOpenMode = $sock->GET_INFO("VsFTPDFileOpenMode");
$VsFTPDLocalUmask = $sock->GET_INFO("VsFTPDLocalUmask");
$ProFTPDRootLogin = intval($sock->GET_INFO("ProFTPDRootLogin"));
if (!is_numeric($VsFTPDPassive)) {
$VsFTPDPassive = 1;
}
if ($VsFTPDFileOpenMode == null) {
$VsFTPDFileOpenMode = "0666";
}
if ($VsFTPDLocalUmask == null) {
$VsFTPDLocalUmask = "077";
}
if ($VsFTPDFileOpenMode == null) {
$VsFTPDFileOpenMode = "0666";
}
$VsFTPDLocalMaxRate = intval($sock->GET_INFO("VsFTPDLocalMaxRate"));
$f[] = "ServerName\t\t\"FTP server {$unix->hostname_g}()\"";
$f[] = "ServerType\t\tstandalone";
$f[] = "DefaultServer\t\ton";
$f[] = "Port\t\t\t\t{$VSFTPDPort}";
$f[] = "UseIPv6\t\t\toff";
$f[] = "Umask\t\t\t\t{$VsFTPDFileOpenMode} {$VsFTPDLocalUmask}";
$f[] = "PidFile\t\t\t/var/run/proftpd.pid";
$f[] = "MaxInstances\t\t30";
$f[] = "User\t\t\t\t{$apache}";
$f[] = "Group\t\t\t\t{$apachegrp}";
if ($ProFTPDRootLogin == 1) {
$f[] = "RootLogin\ton";
} else {
$f[] = "RootLogin\toff";
}
$f[] = "RequireValidShell\toff";
$f[] = "DefaultRoot \t\t~";
$f[] = "AllowOverwrite\ton";
$f[] = "IdentLookups \toff";
$f[] = "UseReverseDNS \toff";
$f[] = "LogFormat default \"%h %l %u %t \\\"%r\\\" %s %b\"";
$f[] = "LogFormat\t\t\tauth \"%v [%P] %h %t \\\"%r\\\" %s\"";
$f[] = "LogFormat\t\t\twrite \"%h %l %u %t \\\"%r\\\" %s %b\"";
$f[] = "SystemLog \t\t/var/log/proftpd.log";
$f[] = "TransferLog \t\t/var/log/xferlog";
$f[] = "LoadModule \t\tmod_quotatab.c";
$f[] = "LoadModule \t\tmod_quotatab_sql.c";
$f[] = "";
$f[] = "LoadModule \t\tmod_sql.c";
$f[] = "LoadModule \t\tmod_sql_mysql.c";
$f[] = "";
$f[] = "LoadModule \t\tmod_ldap.c";
$f[] = "";
$f[] = "AuthOrder\t\t\tAuthOrder mod_sql.c mod_ldap.c";
$f[] = "";
if ($VsFTPDPassive == 1) {
$pasv_min_port = intval($sock->GET_INFO("VsFTPDPassiveMinPort"));
$pasv_max_port = intval($sock->GET_INFO("VsFTPDPassiveMaxPort"));
if ($pasv_min_port == 0) {
$pasv_min_port = 40000;
}
if ($pasv_max_port == 0) {
$pasv_max_port = 40200;
}
$f[] = "PassivePorts {$pasv_min_port} {$pasv_max_port}";
$VsFTPDPassiveAddr = $sock->GET_INFO("VsFTPDPassiveAddr");
if ($VsFTPDPassiveAddr != null) {
$f[] = "MasqueradeAddress {$VsFTPDPassiveAddr}";
}
}
if ($VsFTPDLocalMaxRate > 0) {
if (strpos($VsFTPDLocalMaxRate, ".") == 0) {
$VsFTPDLocalMaxRate = "{$VsFTPDLocalMaxRate}.0";
}
$f[] = "TransferRate RETR {$VsFTPDLocalMaxRate}";
$f[] = "TransferRate STOR {$VsFTPDLocalMaxRate}";
}
$f[] = "";
$f[] = "# Bar use of SITE CHMOD by default";
$f[] = "<Limit SITE_CHMOD>";
$f[] = " DenyAll";
$f[] = "</Limit>";
$f[] = "";
$f[] = "# A basic anonymous configuration, no upload directories. If you do not";
$f[] = "# want anonymous users, simply delete this entire <Anonymous> section.";
$f[] = "<Anonymous ~ftp>";
$f[] = " User\t\t\t\tftp";
$f[] = " Group\t\t\t\tftp";
$f[] = "";
$f[] = " # We want clients to be able to login with \"anonymous\" as well as \"ftp\"";
$f[] = " UserAlias\t\t\tanonymous ftp";
$f[] = "";
$f[] = " # Limit the maximum number of anonymous logins";
$f[] = " MaxClients\t\t\t10";
$f[] = "";
$f[] = " # We want 'welcome.msg' displayed at login, and '.message' displayed";
$f[] = " # in each newly chdired directory.";
$f[] = " DisplayLogin\t\t\twelcome.msg";
$f[] = " DisplayChdir\t\t\t.message";
$f[] = "";
$f[] = " # Limit WRITE everywhere in the anonymous chroot";
$f[] = " <Limit WRITE>";
$f[] = " DenyAll";
$f[] = " </Limit>";
$f[] = "</Anonymous>";
$f[] = "";
$ldap = new clladp();
$f[] = "<IfModule mod_ldap.c>";
$f[] = "\tLDAPBindDN\t\tcn={$ldap->ldap_admin},{$ldap->suffix} {$ldap->ldap_password}";
$f[] = "\tLDAPServer\t\t\"{$ldap->ldap_host}:{$ldap->ldap_port}\"";
$f[] = "\tLDAPUseTLS\t\toff";
$f[] = "\tLDAPUsers\t\t{$ldap->suffix} (uid=%u)";
$f[] = "\tLDAPGroups\t\t{$ldap->suffix}";
$f[] = "\tLDAPAuthBinds\ton";
$f[] = "#\tLDAPLog \t\t/var/log/proftpd.ldap.log";
$f[] = "</IfModule>";
$f[] = "PersistentPasswd off";
$f[] = "AuthPAM off";
$q = new mysql();
if ($q->mysql_server == null) {
$q->mysql_server = "127.0.0.1";
}
if ($q->mysql_server == "localhost") {
$q->mysql_server = "127.0.0.1";
}
if ($GLOBALS["OUTPUT"]) {
echo "Stopping......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} MySQL server:{$q->mysql_server}\n";
}
$f[] = "<IfModule mod_sql.c>";
$f[] = "\tSQLAuthTypes Plaintext";
$f[] = "\tSQLBackend mysql";
$f[] = "\tSQLConnectInfo artica_backup@{$q->mysql_server} {$q->mysql_admin} \"{$q->mysql_password}\"";
$f[] = "\tSQLUserInfo ftpuser userid passwd uid gid homedir shell";
//$f[]="\tSQLUserWhereClause \"LoginAllowed = 'true'\"";
$f[] = "\tSQLGroupInfo ftpgroup groupname gid members";
$f[] = "\tCreateHome off";
$f[] = "\tSQLLog PASS updatecount";
$f[] = "\tSQLNamedQuery updatecount UPDATE \"count=count+1, accessed=now() WHERE userid='%u'\" ftpuser";
$f[] = "\tSQLLog STOR,RETR modified";
$f[] = "\tSQLNamedQuery modified UPDATE \"modified=now() WHERE userid='%u'\" ftpuser";
$f[] = "\tQuotaEngine off";
$f[] = "\tQuotaDirectoryTally off";
$f[] = "\tQuotaDisplayUnits Mb";
$f[] = "\tQuotaShowQuotas on";
$f[] = "\tSQLMinUserUID 0";
$f[] = "\tSQLMinUserGID 0";
$f[] = "\tSQLNamedQuery get-quota-limit SELECT \"name, quota_type, par_session, limit_type, bytes_up_limit, bytes_down_limit, bytes_transfer_limit, files_up_limit, files_down_limit, files_transfer_limit FROM ftpquotalimits WHERE name = '%{0}' AND quota_type = '%{1}'\"";
$f[] = "\tSQLNamedQuery get-quota-tally SELECT \"name, quota_type, bytes_up_total, bytes_down_total, bytes_transfer_total, files_up_total, files_down_total, files_transfer_total FROM ftpquotatotal WHERE name = '%{0}' AND quota_type = '%{1}'\"";
$f[] = "\tSQLNamedQuery update-quota-tally UPDATE \"bytes_up_total = bytes_up_total + %{0}, bytes_down_total = bytes_down_total + %{1}, bytes_transfer_total = bytes_transfer_total + %{2}, files_up_total = files_up_total + %{3}, files_down_total = files_down_total + %{4}, files_transfer_total = files_transfer_total + %{5} WHERE name = '%{6}' AND quota_type = '%{7}'\" ftpquotatotal";
$f[] = "\tSQLNamedQuery insert-quota-tally INSERT \"%{0}, %{1}, %{2}, %{3}, %{4}, %{5}, %{6}, %{7}\" ftpquotatotal";
$f[] = "\tQuotaLimitTable sql:/get-quota-limit";
$f[] = "\tQuotaTallyTable sql:/get-quota-tally/update-quota-tally/insert-quota-tally";
$f[] = "#\tSQLLogFile /var/log/proftpd.mysql.log";
$f[] = "</IfModule>";
$f[] = "";
@mkdir("/etc/proftpd", 0755, true);
@unlink("/etc/proftpd/proftpd.conf");
@file_put_contents("/etc/proftpd/proftpd.conf", @implode("\n", $f));
if ($GLOBALS["OUTPUT"]) {
echo "Stopping......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} /etc/proftpd/proftpd.conf done\n";
}
}
function apache_config()
{
$sock = new sockets();
$unix = new unix();
$EnablePHPFPM = 0;
@mkdir("/var/run/apache2", 0755, true);
@mkdir("/var/run/artica-apache", 0755, true);
@mkdir("/var/log/lighttpd", 0755, true);
$APACHE_SRC_ACCOUNT = $unix->APACHE_SRC_ACCOUNT();
$APACHE_SRC_GROUP = $unix->APACHE_SRC_GROUP();
$APACHE_MODULES_PATH = $unix->APACHE_MODULES_PATH();
$pydio_installed = false;
if (is_file(" /etc/php5/cli/conf.d/ming.ini")) {
@unlink(" /etc/php5/cli/conf.d/ming.ini");
}
@unlink("/var/log/lighttpd/apache-error.log");
@touch("/var/log/lighttpd/apache-error.log");
@chmod("/var/log/lighttpd/apache-error.log", 0755);
$unix->chown_func($APACHE_SRC_ACCOUNT, $APACHE_SRC_GROUP, "/var/log/lighttpd/*");
$unix->chown_func($APACHE_SRC_ACCOUNT, $APACHE_SRC_GROUP, "/usr/share/artica-postfix/ressources/logs/*");
if (is_dir("/usr/share/artica-postfix/pydio")) {
$pydio_installed = true;
}
$ArticaHttpsPort = 9000;
$NoLDAPInLighttpdd = 0;
$ArticaHttpUseSSL = 1;
$ArticaHttpsPort = $sock->GET_INFO("ArticaHttpsPort");
$ArticaHttpUseSSL = $sock->GET_INFO("ArticaHttpUseSSL");
if (!is_numeric($ArticaHttpUseSSL)) {
$ArticaHttpUseSSL = 1;
}
if (!is_numeric($ArticaHttpsPort)) {
$ArticaHttpsPort = "9000";
}
$LighttpdArticaListenIP = $sock->GET_INFO("LighttpdArticaListenIP");
$phpfpm = $unix->APACHE_LOCATE_PHP_FPM();
$php = $unix->LOCATE_PHP5_BIN();
$EnableArticaApachePHPFPM = $sock->GET_INFO("EnableArticaApachePHPFPM");
if (!is_numeric($EnableArticaApachePHPFPM)) {
$EnableArticaApachePHPFPM = 0;
}
if (!is_file($phpfpm)) {
$EnableArticaApachePHPFPM = 0;
}
$EnablePHPFPM = intval($sock->GET_INFO("EnablePHPFPM"));
if (!is_numeric($EnablePHPFPM)) {
$EnablePHPFPM = 0;
}
if ($EnablePHPFPM == 0) {
$EnableArticaApachePHPFPM = 0;
}
$unix->chown_func($APACHE_SRC_ACCOUNT, $APACHE_SRC_GROUP, "/var/run/artica-apache");
$apache_LOCATE_MIME_TYPES = $unix->apache_LOCATE_MIME_TYPES();
if ($EnableArticaApachePHPFPM == 1) {
if (!is_file("{$APACHE_MODULES_PATH}/mod_fastcgi.so")) {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} mod_fastcgi.so is required to use PHP5-FPM\n";
}
$EnableArticaApachePHPFPM = 0;
}
}
if ($APACHE_SRC_ACCOUNT == null) {
$APACHE_SRC_ACCOUNT = "www-data";
$APACHE_SRC_GROUP = "www-data";
$unix->CreateUnixUser($APACHE_SRC_ACCOUNT, $APACHE_SRC_GROUP, "Apache username");
}
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Run as {$APACHE_SRC_ACCOUNT}:{$APACHE_SRC_GROUP}\n";
}
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} PHP-FPM: {$EnablePHPFPM}\n";
}
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} PHP-FPM Enabled: {$EnableArticaApachePHPFPM}\n";
}
$f[] = "LockFile /var/run/apache2/artica-accept.lock";
$f[] = "PidFile /var/run/artica-apache/apache.pid";
$f[] = "DocumentRoot /usr/share/artica-postfix";
$open_basedir[] = "/usr/share/artica-postfix";
$open_basedir[] = "/etc/artica-postfix";
$open_basedir[] = "/etc/artica-postfix/settings";
$open_basedir[] = "/var/log";
$open_basedir[] = "/var/run/mysqld";
$open_basedir[] = "/usr/share/php";
$open_basedir[] = "/usr/share/php5";
$open_basedir[] = "/var/lib/php5";
$open_basedir[] = "/var/lighttpd/upload";
$open_basedir[] = "/usr/share/artica-postfix/ressources";
$open_basedir[] = "/usr/share/artica-postfix/framework";
$open_basedir[] = "/etc/ssl/certs/mysql-client-download";
$open_basedir[] = "/var/run";
$open_basedir[] = "/bin";
$open_basedir[] = "/tmp";
$open_basedir[] = "/usr/sbin";
$open_basedir[] = "/home";
//$f[]="php_value open_basedir \"".@implode(":", $open_basedir)."\"";
//$f[]="php_value output_buffering Off";
//$f[]="php_flag magic_quotes_gpc Off";
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Listen Port: {$ArticaHttpsPort}\n";
}
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Listen IP: {$LighttpdArticaListenIP}\n";
}
if ($LighttpdArticaListenIP != null) {
$unix = new unix();
$IPS = $unix->NETWORK_ALL_INTERFACES(true);
if (!isset($IPS[$LighttpdArticaListenIP])) {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} ERROR! Listen IP: {$LighttpdArticaListenIP} -> FALSE !!\n";
}
$LighttpdArticaListenIP = null;
}
}
if ($LighttpdArticaListenIP == null) {
$LighttpdArticaListenIP = "*";
}
if ($LighttpdArticaListenIP != null) {
$ArticaHttpsPort = "{$LighttpdArticaListenIP}:{$ArticaHttpsPort}";
}
$f[] = "Listen {$ArticaHttpsPort}";
$MaxClients = 20;
$f[] = "<IfModule mpm_prefork_module>";
$f[] = "\tStartServers 1";
$f[] = "\tMinSpareServers 2";
$f[] = "\tMaxSpareServers 3";
$f[] = "\tMaxClients {$MaxClients}";
$f[] = "\tServerLimit {$MaxClients}";
$f[] = "\tMaxRequestsPerChild 100";
$f[] = "</IfModule>";
$f[] = "<IfModule mpm_worker_module>";
$f[] = "\tMinSpareThreads 25";
$f[] = "\tMaxSpareThreads 75 ";
$f[] = "\tThreadLimit 64";
$f[] = "\tThreadsPerChild 25";
$f[] = "</IfModule>";
$f[] = "<IfModule mpm_event_module>";
$f[] = "\tMinSpareThreads 25";
$f[] = "\tMaxSpareThreads 75 ";
$f[] = "\tThreadLimit 64";
$f[] = "\tThreadsPerChild 25";
$f[] = "</IfModule>";
$f[] = "AccessFileName .htaccess";
$f[] = "<Files ~ \"^\\.ht\">";
//$f[]="\tOrder allow,deny";
//$f[]="\tDeny from all";
//$f[]="\tSatisfy all";
$f[] = "</Files>";
$f[] = "DefaultType text/plain";
$f[] = "HostnameLookups Off";
$f[] = "User\t\t\t\t {$APACHE_SRC_ACCOUNT}";
$f[] = "Group\t\t\t\t {$APACHE_SRC_GROUP}";
$f[] = "Timeout 300";
$f[] = "KeepAlive Off";
$f[] = "KeepAliveTimeout 15";
$f[] = "StartServers 1";
$f[] = "MaxClients {$MaxClients}";
$f[] = "MinSpareServers 2";
$f[] = "MaxSpareServers 3";
$f[] = "MaxRequestsPerChild 100";
$f[] = "MaxKeepAliveRequests 100";
$ServerName = $unix->hostname_g();
if ($ServerName == null) {
$ServerName = "localhost.localdomain";
}
$f[] = "ServerName {$ServerName}";
if ($ArticaHttpUseSSL == 1) {
$mknod = $unix->find_program("mknod");
shell_exec("{$mknod} /dev/random c 1 9 >/dev/null 2>&1");
$f[] = "<IfModule mod_ssl.c>";
$f[] = "\tListen {$ArticaHttpsPort}";
$f[] = "\tSSLRandomSeed connect builtin";
$f[] = "\tSSLRandomSeed connect file:/dev/urandom 256";
$f[] = "\tAddType application/x-x509-ca-cert .crt";
$f[] = "\tAddType application/x-pkcs7-crl .crl";
$f[] = "\tSSLPassPhraseDialog builtin";
$f[] = "\tSSLSessionCache shmcb:/var/run/apache2/ssl_scache-artica(512000)";
$f[] = "\tSSLSessionCacheTimeout 300";
$f[] = "\tSSLSessionCacheTimeout 300";
$f[] = "\tSSLCipherSuite HIGH:MEDIUM:!ADH";
$f[] = "\tSSLProtocol all -SSLv2";
$f[] = "</IfModule>";
$f[] = "";
$f[] = "<IfModule mod_gnutls.c>";
$f[] = "\tListen {$ArticaHttpsPort}";
$f[] = "</IfModule>";
}
if (!is_file("/etc/ssl/certs/apache/server.crt")) {
shell_exec("/usr/share/artica-postfix/bin/artica-install --apache-ssl-cert");
}
if ($ArticaHttpUseSSL == 1) {
$f[] = "SSLEngine on";
$f[] = "AcceptMutex flock";
$f[] = "SSLCertificateFile \"/etc/ssl/certs/apache/server.crt\"";
$f[] = "SSLCertificateKeyFile \"/etc/ssl/certs/apache/server.key\"";
$f[] = "SSLVerifyClient none";
$f[] = "ServerSignature Off";
$f[] = "SSLRandomSeed startup file:/dev/urandom 256";
$f[] = "SSLRandomSeed connect builtin";
}
$f[] = "AddType application/x-httpd-php .php";
if ($EnableArticaApachePHPFPM == 0) {
$f[] = "php_value error_log \"/var/log/php.log\"";
}
@chown("/var/log/php.log", $APACHE_SRC_ACCOUNT);
$f[] = "<IfModule mod_fcgid.c>";
$f[] = "\tPHP_Fix_Pathinfo_Enable 1";
$f[] = "</IfModule>";
$f[] = "<IfModule mod_php5.c>";
$f[] = " <FilesMatch \"\\.ph(p3?|tml)\$\">";
$f[] = "\tSetHandler application/x-httpd-php";
$f[] = " </FilesMatch>";
$f[] = " <FilesMatch \"\\.phps\$\">";
$f[] = "\tSetHandler application/x-httpd-php-source";
$f[] = " </FilesMatch>";
$f[] = " <IfModule mod_userdir.c>";
$f[] = " <Directory /home/*/public_html>";
$f[] = " php_admin_value engine Off";
$f[] = " </Directory>";
$f[] = " </IfModule>";
$f[] = "</IfModule>";
$f[] = "<IfModule mod_mime.c>";
$f[] = "\tTypesConfig /etc/mime.types";
$f[] = "\tAddType application/x-compress .Z";
$f[] = "\tAddType application/x-gzip .gz .tgz";
$f[] = "\tAddType application/x-bzip2 .bz2";
$f[] = "\tAddType application/x-httpd-php .php .phtml";
$f[] = "\tAddType application/x-httpd-php-source .phps";
$f[] = "\tAddType application/octet-stream .acl";
$f[] = "\tAddLanguage ca .ca";
$f[] = "\tAddLanguage cs .cz .cs";
$f[] = "\tAddLanguage da .dk";
$f[] = "\tAddLanguage de .de";
$f[] = "\tAddLanguage el .el";
$f[] = "\tAddLanguage en .en";
$f[] = "\tAddLanguage eo .eo";
$f[] = "\tRemoveType es";
$f[] = "\tAddLanguage es .es";
$f[] = "\tAddLanguage et .et";
$f[] = "\tAddLanguage fr .fr";
$f[] = "\tAddLanguage he .he";
$f[] = "\tAddLanguage hr .hr";
$f[] = "\tAddLanguage it .it";
$f[] = "\tAddLanguage ja .ja";
$f[] = "\tAddLanguage ko .ko";
$f[] = "\tAddLanguage ltz .ltz";
$f[] = "\tAddLanguage nl .nl";
$f[] = "\tAddLanguage nn .nn";
$f[] = "\tAddLanguage no .no";
$f[] = "\tAddLanguage pl .po";
$f[] = "\tAddLanguage pt .pt";
$f[] = "\tAddLanguage pt-BR .pt-br";
$f[] = "\tAddLanguage ru .ru";
$f[] = "\tAddLanguage sv .sv";
$f[] = "\tRemoveType tr";
$f[] = "\tAddLanguage tr .tr";
$f[] = "\tAddLanguage zh-CN .zh-cn";
$f[] = "\tAddLanguage zh-TW .zh-tw";
$f[] = "\tAddCharset us-ascii .ascii .us-ascii";
$f[] = "\tAddCharset ISO-8859-1 .iso8859-1 .latin1";
$f[] = "\tAddCharset ISO-8859-2 .iso8859-2 .latin2 .cen";
$f[] = "\tAddCharset ISO-8859-3 .iso8859-3 .latin3";
$f[] = "\tAddCharset ISO-8859-4 .iso8859-4 .latin4";
$f[] = "\tAddCharset ISO-8859-5 .iso8859-5 .cyr .iso-ru";
$f[] = "\tAddCharset ISO-8859-6 .iso8859-6 .arb .arabic";
$f[] = "\tAddCharset ISO-8859-7 .iso8859-7 .grk .greek";
$f[] = "\tAddCharset ISO-8859-8 .iso8859-8 .heb .hebrew";
$f[] = "\tAddCharset ISO-8859-9 .iso8859-9 .latin5 .trk";
$f[] = "\tAddCharset ISO-8859-10 .iso8859-10 .latin6";
$f[] = "\tAddCharset ISO-8859-13 .iso8859-13";
$f[] = "\tAddCharset ISO-8859-14 .iso8859-14 .latin8";
$f[] = "\tAddCharset ISO-8859-15 .iso8859-15 .latin9";
$f[] = "\tAddCharset ISO-8859-16 .iso8859-16 .latin10";
$f[] = "\tAddCharset ISO-2022-JP .iso2022-jp .jis";
$f[] = "\tAddCharset ISO-2022-KR .iso2022-kr .kis";
$f[] = "\tAddCharset ISO-2022-CN .iso2022-cn .cis";
$f[] = "\tAddCharset Big5 .Big5 .big5 .b5";
$f[] = "\tAddCharset cn-Big5 .cn-big5";
$f[] = "\t# For russian, more than one charset is used (depends on client, mostly):";
$f[] = "\tAddCharset WINDOWS-1251 .cp-1251 .win-1251";
$f[] = "\tAddCharset CP866 .cp866";
$f[] = "\tAddCharset KOI8 .koi8";
$f[] = "\tAddCharset KOI8-E .koi8-e";
$f[] = "\tAddCharset KOI8-r .koi8-r .koi8-ru";
$f[] = "\tAddCharset KOI8-U .koi8-u";
$f[] = "\tAddCharset KOI8-ru .koi8-uk .ua";
$f[] = "\tAddCharset ISO-10646-UCS-2 .ucs2";
$f[] = "\tAddCharset ISO-10646-UCS-4 .ucs4";
$f[] = "\tAddCharset UTF-7 .utf7";
$f[] = "\tAddCharset UTF-8 .utf8";
$f[] = "\tAddCharset UTF-16 .utf16";
$f[] = "\tAddCharset UTF-16BE .utf16be";
$f[] = "\tAddCharset UTF-16LE .utf16le";
$f[] = "\tAddCharset UTF-32 .utf32";
$f[] = "\tAddCharset UTF-32BE .utf32be";
$f[] = "\tAddCharset UTF-32LE .utf32le";
$f[] = "\tAddCharset euc-cn .euc-cn";
$f[] = "\tAddCharset euc-gb .euc-gb";
$f[] = "\tAddCharset euc-jp .euc-jp";
$f[] = "\tAddCharset euc-kr .euc-kr";
$f[] = "\tAddCharset EUC-TW .euc-tw";
$f[] = "\tAddCharset gb2312 .gb2312 .gb";
$f[] = "\tAddCharset iso-10646-ucs-2 .ucs-2 .iso-10646-ucs-2";
$f[] = "\tAddCharset iso-10646-ucs-4 .ucs-4 .iso-10646-ucs-4";
$f[] = "\tAddCharset shift_jis .shift_jis .sjis";
$f[] = "\tAddType text/html .shtml";
$f[] = "\tAddOutputFilter INCLUDES .shtml";
$f[] = "</IfModule>";
$f[] = apache_nagios_config();
$f[] = apache_phpldapadmin();
$squid = $unix->LOCATE_SQUID_BIN();
if (is_file($squid)) {
$f[] = "Alias /proxy /usr/share/artica-postfix/squid.access.log.php";
$f[] = "Alias /parent /usr/share/artica-postfix/squid.access.log.php";
$f[] = "Alias /webfilter /usr/share/artica-postfix/squid.access.webfilter.log.php";
$f[] = "Alias /meta-updates /home/artica-meta";
$f[] = "Alias /categories /usr/share/artica-postfix/public.categories.personnal.php";
}
$f[] = "<Directory \"/home/artica-meta\">";
$f[] = "\tOptions Indexes FollowSymLinks";
$f[] = "</Directory>";
$f[] = "<Directory \"/usr/share/artica-postfix\">";
$f[] = "\tDirectoryIndex logon.php";
$f[] = "\tSSLOptions +StdEnvVars";
$f[] = "\tOptions Indexes FollowSymLinks";
$f[] = "\tAllowOverride None";
//$f[]="\tOrder allow,deny";
//$f[]="\tAllow from all";
$f[] = "</Directory>";
if (is_file($unix->LOCATE_SQUID_BIN())) {
$ArticaProxyStatisticsBackupFolder = $sock->GET_INFO("ArticaProxyStatisticsBackupFolder");
if ($ArticaProxyStatisticsBackupFolder == null) {
$ArticaProxyStatisticsBackupFolder = "/home/artica/squid/backup-statistics";
}
$ArticaProxyStatisticsOpenWeb = intval($sock->GET_INFO("ArticaProxyStatisticsOpenWeb"));
if ($ArticaProxyStatisticsOpenWeb == 1) {
$f[] = "Alias /backup-stats \"{$ArticaProxyStatisticsBackupFolder}\"";
$f[] = "<Directory \"{$ArticaProxyStatisticsBackupFolder}\">";
$f[] = "\tSSLOptions +StdEnvVars";
$f[] = "\tOptions Indexes FollowSymLinks";
$f[] = "\tAllowOverride All";
//$f[]="\tOrder allow,deny";
//$f[]="\tAllow from all";
$f[] = "</Directory>";
}
}
if ($pydio_installed) {
$directories[] = "/home/pydio/plugins/auth.serial";
$directories[] = "/home/pydio/plugins/conf.serial";
$directories[] = "/home/pydio/plugins";
$directories[] = "/home/pydio/cache";
$directories[] = "/home/pydio/files";
$directories[] = "/home/pydio/logs";
$directories[] = "/home/pydio/personal";
$directories[] = "/home/pydio/public";
$directories[] = "/home/pydio/tmp";
while (list($index, $dir) = each($directories)) {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} permissions on {$dir}\n";
}
@mkdir($dir, 0755, true);
$unix->chown_func($APACHE_SRC_ACCOUNT, $APACHE_SRC_GROUP, $dir);
}
$unix->chown_func($APACHE_SRC_ACCOUNT, $APACHE_SRC_GROUP, "/home/pydio/cache");
$unix->chown_func($APACHE_SRC_ACCOUNT, $APACHE_SRC_GROUP, "/home/pydio/plugins");
$f[] = "Alias /explorer \"/usr/share/artica-postfix/pyio\"";
$f[] = "<Directory \"/usr/share/artica-postfix/pyio\">";
$f[] = "\tDirectoryIndex index.php";
$f[] = "\tSSLOptions +StdEnvVars";
$f[] = "\tOptions Indexes FollowSymLinks";
$f[] = "\tAllowOverride All";
//$f[]="\tOrder allow,deny";
//$f[]="\tAllow from all";
$f[] = "</Directory>";
}
if ($EnableArticaApachePHPFPM == 1) {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Activate PHP5-FPM\n";
}
shell_exec("{$php} /usr/share/artica-postfix/exec.initslapd.php --phppfm");
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Restarting PHP5-FPM\n";
}
shell_exec("/etc/init.d/php5-fpm restart");
$f[] = "\tAlias /php5.fastcgi /var/run/artica-apache/php5.fastcgi";
$f[] = "\tAddHandler php-script .php";
$f[] = "\tFastCGIExternalServer /var/run/artica-apache/php5.fastcgi -socket /var/run/php-fpm.sock -idle-timeout 610";
$f[] = "\tAction php-script /php5.fastcgi virtual";
$f[] = "\t<Directory /var/run/artica-apache>";
$f[] = "\t\t<Files php5.fastcgi>";
//$f[]="\t\tOrder deny,allow";
//$f[]="\t\tAllow from all";
$f[] = "\t\t</Files>";
$f[] = "\t</Directory>";
} else {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} PHP5-FPM is disabled\n";
}
}
$f[] = "Loglevel info";
$f[] = "ErrorLog /var/log/lighttpd/apache-error.log";
$f[] = "LogFormat \"%h %l %u %t \\\"%r\\\" %<s %b\" common";
$f[] = "CustomLog /var/log/lighttpd/apache-access.log common";
if ($EnableArticaApachePHPFPM == 0) {
$array["php5_module"] = "libphp5.so";
}
$array["actions_module"] = "mod_actions.so";
$array["expires_module"] = "mod_expires.so";
$array["rewrite_module"] = "mod_rewrite.so";
$array["dir_module"] = "mod_dir.so";
$array["mime_module"] = "mod_mime.so";
$array["alias_module"] = "mod_alias.so";
$array["auth_basic_module"] = "mod_auth_basic.so";
$array["authn_file_module"] = "mod_authn_file.so";
//$array["authz_host_module"]="mod_authz_host.so";
$array["autoindex_module"] = "mod_autoindex.so";
$array["negotiation_module"] = "mod_negotiation.so";
$array["ssl_module"] = "mod_ssl.so";
$array["headers_module"] = "mod_headers.so";
$array["ldap_module"] = "mod_ldap.so";
if ($EnableArticaApachePHPFPM == 1) {
$array["fastcgi_module"] = "mod_fastcgi.so";
}
if (is_dir("/etc/apache2")) {
if (!is_file("/etc/apache2/mime.types")) {
if ($apache_LOCATE_MIME_TYPES != "/etc/apache2/mime.types") {
@copy($apache_LOCATE_MIME_TYPES, "/etc/apache2/mime.types");
}
}
}
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Mime types path.......: {$apache_LOCATE_MIME_TYPES}\n";
}
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Modules path..........: {$APACHE_MODULES_PATH}\n";
}
while (list($module, $lib) = each($array)) {
if (is_file("{$APACHE_MODULES_PATH}/{$lib}")) {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} include module \"{$module}\"\n";
}
$f[] = "LoadModule {$module} {$APACHE_MODULES_PATH}/{$lib}";
} else {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} skip module \"{$module}\"\n";
}
}
}
$f[] = apache_phpmyadmin();
@file_put_contents("/etc/artica-postfix/httpd.conf", @implode("\n", $f));
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} /etc/artica-postfix/httpd.conf done\n";
}
}
function chown_medir()
{
$dir = base64_decode($_GET["chown-medir"]);
$unix = new unix();
$APACHE = $unix->APACHE_SRC_ACCOUNT();
$APACHE_GROUP = $unix->APACHE_SRC_GROUP();
@mkdir("/etc/artica-postfix/settings/Daemons", 0755, true);
@mkdir("/usr/share/artica-postfix/ressources/logs", 0755, true);
$f[] = "/etc/artica-postfix/settings/Daemons";
$f[] = "/usr/share/artica-postfix/ressources/logs";
if ($dir != null) {
$f[] = $dir;
}
while (list($key, $directory) = each($f)) {
writelogs_framework("Permissions on `{$directory}` for {$APACHE}:{$APACHE_GROUP}", __FUNCTION__, __FILE__, __LINE__);
@mkdir($directory, 0755, true);
$unix->chown_func($APACHE, null, $directory);
$unix->chown_func($APACHE, null, "{$directory}/*");
$unix->chmod_func(0755, "{$directory}");
$unix->chmod_func(0755, "{$directory}/*");
}
if ($dir == null) {
return;
}
@chown($dir, $APACHE);
@chgrp($dir, $APACHE_GROUP);
}
function sessions_clean()
{
$unix = new unix();
$sock = new sockets();
$TimeFile = "/etc/artica-postfix/pids/" . basename(__FILE__) . "." . __FUNCTION__ . ".time";
if ($unix->file_time_min($TimeFile) < 60) {
return;
}
@unlink($TimeFile);
@file_put_contents($TimeFile, time());
$APACHE_SRC_ACCOUNT = $unix->APACHE_SRC_ACCOUNT();
$APACHE_SRC_GROUP = $unix->APACHE_SRC_GROUP();
$CleanPHPSessionTime = $sock->GET_INFO("CleanPHPSessionTime");
if (!is_numeric($CleanPHPSessionTime)) {
$CleanPHPSessionTime = 1440;
}
sessions_clean_parse("/var/lib/php5", $CleanPHPSessionTime, $APACHE_SRC_ACCOUNT, $APACHE_SRC_GROUP);
sessions_clean_parse("/var/lib/php5-zarafa", $CleanPHPSessionTime, $APACHE_SRC_ACCOUNT, $APACHE_SRC_GROUP);
sessions_clean_parse("/home/squid/error_page_sessions", $CleanPHPSessionTime, $APACHE_SRC_ACCOUNT, $APACHE_SRC_GROUP);
sessions_clean_parse("/usr/share/artica-postfix/ressources/logs/jGrowl", 360, $APACHE_SRC_ACCOUNT, $APACHE_SRC_GROUP);
sessions_clean_parse("/usr/share/artica-postfix/ressources/conf", 360, $APACHE_SRC_ACCOUNT, $APACHE_SRC_GROUP);
sessions_clean_parse("/home/squid/error_page_cache", 60);
}
function build($OnlySingle = false)
{
if (isset($GLOBALS[__FILE__ . __FUNCTION__])) {
return;
}
$GLOBALS[__FILE__ . __FUNCTION__] = true;
$unix = new unix();
$php5 = $unix->LOCATE_PHP5_BIN();
shell_exec("/etc/init.d/mysql start");
build_progress("{building_main_settings}", 10);
if ($unix->SQUID_GET_LISTEN_PORT() == 80) {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: Squid listen 80, ports conflicts, change it\n";
}
shell_exec("{$php5} /usr/share/artica-postfix/exec.squid.php --build --force");
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: Restarting Squid-cache..\n";
}
shell_exec("/etc/init.d/squid restart --script=" . basename(__FILE__));
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: done...\n";
}
}
if ($unix->SQUID_GET_LISTEN_SSL_PORT() == 443) {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: Squid listen 443, ports conflicts, change it\n";
}
shell_exec("{$php5} /usr/share/artica-postfix/exec.squid.php --build --force");
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: Restarting Squid-cache..\n";
}
shell_exec("/etc/init.d/squid restart --script=" . basename(__FILE__));
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: done...\n";
}
}
$reconfigured = false;
if ($unix->APACHE_GET_LISTEN_PORT() == 80) {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: Apache listen 80, ports conflicts, change it\n";
}
shell_exec("{$php5} /usr/share/artica-postfix/exec.freeweb.php --build --force");
shell_exec("{$php5} /usr/share/artica-postfix/exec.freeweb.php --stop --force");
shell_exec("{$php5} /usr/share/artica-postfix/exec.freeweb.php --start --force");
$reconfigured = true;
}
if (!$reconfigured) {
if ($unix->APACHE_GET_LISTEN_PORT() == 443) {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: Apache listen 443, ports conflicts, change it\n";
}
shell_exec("{$php5} /usr/share/artica-postfix/exec.freeweb.php --build --force");
}
}
$APACHE_USER = $unix->APACHE_SRC_ACCOUNT();
$APACHE_SRC_GROUP = $unix->APACHE_SRC_GROUP();
$NginxProxyStorePath = "/home/nginx";
@mkdir("/etc/nginx/sites-enabled", 0755, true);
@mkdir("/etc/nginx/local-sites", 0755, true);
@mkdir("/etc/nginx/local-sslsites", 0755, true);
@mkdir($NginxProxyStorePath, 0755, true);
@mkdir($NginxProxyStorePath . "/tmp", 0755, true);
@mkdir($NginxProxyStorePath . "/disk", 0755, true);
@mkdir("/var/lib/nginx/fastcgi", 0755, true);
@mkdir("/home/nginx/tmp", 0755, true);
$Tempdir = $unix->TEMP_DIR() . "/nginx";
@mkdir($Tempdir, 0755, true);
$unix->chown_func($APACHE_USER, $APACHE_SRC_GROUP, $NginxProxyStorePath);
$unix->chown_func($APACHE_USER, $APACHE_SRC_GROUP, "/etc/nginx/sites-enabled");
$unix->chown_func($APACHE_USER, $APACHE_SRC_GROUP, $NginxProxyStorePath . "/tmp");
$unix->chown_func($APACHE_USER, $APACHE_SRC_GROUP, $NginxProxyStorePath . "/disk");
$unix->chown_func($APACHE_USER, $APACHE_SRC_GROUP, "/var/lib/nginx/fastcgi");
$unix->chown_func($APACHE_USER, $APACHE_SRC_GROUP, $Tempdir);
nginx_ulimit();
$workers = $unix->CPU_NUMBER();
build_progress("Building configuration", 15);
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: Running {$APACHE_USER}:{$APACHE_SRC_GROUP}..\n";
}
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: Running {$workers} worker(s)..\n";
}
if (is_file("/etc/nginx/sites-enabled/default")) {
@unlink("/etc/nginx/sites-enabled/default");
}
if (is_link("/etc/nginx/sites-enabled/default")) {
@unlink("/etc/nginx/sites-enabled/default");
}
if (is_link("/etc/nginx/conf.d/example_ssl.conf")) {
@unlink("/etc/nginx/conf.d/example_ssl.conf");
}
$limit = 4096 * $workers;
if ($limit > 65535) {
$limit = 65535;
}
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: Nginx, Running limit of {$limit} open files\n";
}
$L = explode("\n", @file_get_contents("/etc/security/limits.conf"));
$FOUNDL = false;
$T = array();
while (list($index, $line) = each($L)) {
$line = trim($line);
if (trim($line) == null) {
continue;
}
if (substr($line, 0, 1) == "#") {
continue;
}
if (preg_match("#^{$APACHE_USER}#", $line)) {
continue;
}
$T[] = $line;
}
if (!$FOUNDL) {
$T[] = "{$APACHE_USER} soft nofile {$limit}";
$T[] = "{$APACHE_USER} hard nofile {$limit}";
}
@file_put_contents("/etc/security/limits.conf", @implode("\n", $T) . "\n");
$L = array();
$T = array();
$MEMORY = $unix->MEM_TOTAL_INSTALLEE();
$server_names_hash_bucket_size = 128;
$worker_connections = 8192;
if ($MEMORY < 624288) {
$server_names_hash_bucket_size = 64;
$worker_connections = 1024;
$workers = 4;
}
$mail_protocols = mail_protocols();
//
$f[] = "# Builded on " . date("Y-m-d H:i:s");
$f[] = "user {$APACHE_USER};";
$f[] = "worker_processes {$workers};";
$nginx_version = nginx_version();
preg_match("#^([0-9])+\\.([0-9]+)\\.#", $nginx_version, $re);
$re[1] = intval($re[1]);
$re[2] = intval($re[2]);
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: Nginx, Major {$re[1]} Minor:{$re[2]}\n";
}
$syslog = false;
$f[] = "worker_rlimit_nofile 16384;";
$f[] = "timer_resolution 1ms;";
$f[] = "";
if ($re[1] > 0) {
if ($re[2] > 6) {
$f[] = "error_log syslog:server=127.0.0.1,facility=daemon info;";
$syslog = true;
}
}
$syslog = false;
if (!$syslog) {
$f[] = "error_log /var/log/nginx/error.log warn;";
}
$f[] = "pid /var/run/nginx.pid;";
$f[] = "";
$f[] = "";
$f[] = "events {";
$f[] = " worker_connections {$worker_connections};";
$f[] = " multi_accept on;";
$f[] = " use epoll;";
$f[] = "\t accept_mutex_delay 1ms;";
$f[] = "}";
$upstream = new nginx_upstream();
$upstreams_servers = $upstream->build();
$f[] = "";
$f[] = "";
$f[] = "http {";
$f[] = "\tinclude /etc/nginx/mime.types;";
$f[] = "\tlog_format awc_log";
$f[] = "\t\t'[\$server_name] \$remote_addr - \$remote_user [\$time_local] \$request '";
$f[] = "\t\t'\"\$status\" \$body_bytes_sent \"\$http_referer\" '";
$f[] = "\t\t'\"\$http_user_agent\" \"\$http_x_forwarded_for\" [\$upstream_cache_status]';";
$f[] = "";
$f[] = "\tlimit_conn_zone \$binary_remote_addr zone=LimitCnx:10m;";
$q = new mysql_squid_builder();
$results = $q->QUERY_SQL("SELECT LimitReqs,servername FROM reverse_www WHERE LimitReqs > 0");
while ($ligne = mysql_fetch_array($results, MYSQL_ASSOC)) {
$servername = $ligne["servername"];
$ZoneName = str_replace(".", "", $servername);
$ZoneName = str_replace("-", "", $servername);
$ZoneName = str_replace("_", "", $servername);
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: Nginx, limit {$servername}/{$servername} {$ligne["LimitReqs"]}r/s\n";
}
$f[] = "\tlimit_req_zone \$binary_remote_addr zone={$ZoneName}:10m rate={$ligne["LimitReqs"]}r/s;";
}
$nginxClass = new nginx();
if ($nginxClass->IsSubstitutions()) {
//$f[]="\tsubs_filter_types text/html text/css text/xml;";
}
@mkdir($Tempdir, 0775, true);
@mkdir("/home/nginx/tmp", 0755, true);
$f[] = "\tlimit_conn_log_level info;";
$f[] = "\tclient_body_temp_path {$Tempdir} 1 2;";
$f[] = "\tclient_header_timeout 5s;";
$f[] = "\tclient_body_timeout 5s;";
$f[] = "\tsend_timeout 10m;";
$f[] = "\tconnection_pool_size 128k;";
$f[] = "\tclient_header_buffer_size 16k;";
$f[] = "\tlarge_client_header_buffers 1024 128k;";
$f[] = "\trequest_pool_size 128k;";
$f[] = "\tkeepalive_requests 1000;";
$f[] = "\tkeepalive_timeout 10;";
$f[] = "\tclient_max_body_size 10g;";
$f[] = "\tclient_body_buffer_size 1m;";
$f[] = "\tclient_body_in_single_buffer on;";
$f[] = "\topen_file_cache max=10000 inactive=300s;";
$f[] = "\treset_timedout_connection on;";
$f[] = "\ttypes_hash_max_size 8192;";
$f[] = "\tserver_names_hash_bucket_size 128;";
$f[] = "\tserver_names_hash_max_size 512;";
$f[] = "\tvariables_hash_max_size 512;";
$f[] = "\tvariables_hash_bucket_size 128;";
$f[] = "\tfastcgi_buffers 8 16k;";
$f[] = "\tfastcgi_buffer_size 32k;";
$f[] = "\tfastcgi_connect_timeout 300;";
$f[] = "\tfastcgi_send_timeout 300;";
$f[] = "\tfastcgi_read_timeout 300;";
$f[] = "map \$scheme \$server_https {";
$f[] = "default off;";
$f[] = "https on;";
$f[] = "}\t";
$f[] = "\tgzip on;";
$f[] = "\tgzip_disable msie6;";
$f[] = "\tgzip_static on;";
$f[] = "\tgzip_min_length 1100;";
$f[] = "\tgzip_buffers 16 8k;";
$f[] = "\tgzip_comp_level 9;";
$f[] = "\tgzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript;";
$f[] = "\tgzip_vary on;";
$f[] = "\tgzip_proxied any;";
$f[] = "\toutput_buffers 1000 128k;";
$f[] = "\tpostpone_output 1460;";
$f[] = "\tsendfile on;";
$f[] = "\tsendfile_max_chunk 256k;";
$f[] = "\ttcp_nopush on;";
$f[] = "\ttcp_nodelay on;";
$f[] = "\tserver_tokens off;";
$dns = new resolv_conf();
$sock = new sockets();
if ($sock->dnsmasq_enabled()) {
$resolver[] = "127.0.0.1";
}
if ($dns->MainArray["DNS1"] != null) {
$resolver[] = $dns->MainArray["DNS1"];
}
if ($dns->MainArray["DNS2"] != null) {
$resolver[] = $dns->MainArray["DNS2"];
}
if ($dns->MainArray["DNS3"] != null) {
$resolver[] = $dns->MainArray["DNS3"];
}
$f[] = "\tresolver " . @implode(" ", $resolver) . ";";
$f[] = "\tignore_invalid_headers on;";
$f[] = "\tindex index.html;";
$f[] = "\tadd_header X-CDN \"Served by myself\";";
$q = new mysql_squid_builder();
$sql = "SELECT * FROM nginx_caches ORDER BY directory";
$results = $q->QUERY_SQL($sql);
while ($ligne = mysql_fetch_array($results, MYSQL_ASSOC)) {
$directory = $ligne["directory"];
@mkdir($directory, 0755, true);
$unix->chown_func("www-data", "www-data", $directory);
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: Nginx, cache `{$directory}`\n";
}
$f[] = "\tproxy_cache_path {$directory} levels={$ligne["levels"]} keys_zone={$ligne["keys_zone"]}:{$ligne["keys_zone_size"]}m max_size={$ligne["max_size"]}G inactive={$ligne["inactive"]} loader_files={$ligne["loader_files"]} loader_sleep={$ligne["loader_sleep"]} loader_threshold={$ligne["loader_threshold"]};";
}
$f[] = "\tproxy_temp_path {$NginxProxyStorePath}/tmp/ 1 2;";
$f[] = "\tproxy_cache_valid 404 10m;";
$f[] = "\tproxy_cache_valid 400 501 502 503 504 1m;";
$f[] = "\tproxy_cache_valid any 4320m;";
$f[] = "\tproxy_cache_use_stale updating invalid_header error timeout http_404 http_500 http_502 http_503 http_504;";
$f[] = "\tproxy_next_upstream error timeout invalid_header http_404 http_500 http_502 http_503 http_504;";
$f[] = "\tproxy_redirect off;";
$f[] = "\tproxy_set_header Host \$http_host;";
$f[] = "\tproxy_set_header Server Apache;";
$f[] = "\tproxy_set_header Connection Close;";
$f[] = "\tproxy_pass_header Set-Cookie;";
$f[] = "\tproxy_pass_header User-Agent;";
$f[] = "\tproxy_set_header X-Accel-Buffering on;";
$f[] = "\tproxy_hide_header X-CDN;";
$f[] = "\tproxy_hide_header X-Server;";
$f[] = "\tproxy_intercept_errors off;";
$f[] = "\tproxy_ignore_client_abort on;";
$f[] = "\tproxy_connect_timeout 60s;";
$f[] = "\tproxy_send_timeout 60s;";
$f[] = "\tproxy_read_timeout 150s;";
$f[] = "\tproxy_buffer_size 64k;";
$f[] = "\tproxy_buffers 16384 128k;";
$f[] = "\tproxy_busy_buffers_size 256k;";
$f[] = "\tproxy_temp_file_write_size 128k;";
$f[] = "\tproxy_headers_hash_bucket_size 128;";
$f[] = "\tproxy_cache_min_uses 0;";
$f[] = "";
$f[] = "{$upstreams_servers}";
$f[] = "\tinclude /etc/nginx/sites-enabled/*.conf;";
$f[] = "\tinclude /etc/nginx/local-sites/*.conf;";
$f[] = "\tinclude /etc/nginx/conf.d/*.conf;";
$f[] = "\t}";
$f[] = $mail_protocols;
$f[] = "";
@copy("/etc/nginx/nginx.conf", "/etc/nginx/nginx.bak");
@file_put_contents("/etc/nginx/nginx.conf", @implode("\n", $f));
if (!$OnlySingle) {
if ($GLOBALS["VERBOSE"]) {
echo __FUNCTION__ . "." . __LINE__ . ": OK...\n";
}
build_progress("Building default configuration", 10);
build_default(true);
build_localhosts();
if ($GLOBALS["VERBOSE"]) {
echo __FUNCTION__ . "." . __LINE__ . ": OK...\n";
}
} else {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: Nginx, Only single defined\n";
}
}
if ($GLOBALS["RECONFIGURE"]) {
$pid = PID_NUM();
if (is_numeric($pid)) {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: Nginx, reload pid {$pid}\n";
}
$kill = $unix->find_program("kill");
unix_system_HUP($pid);
} else {
start(true);
}
}
build_progress("Building configuration done", 10);
}
function buildConfig($aspid = false)
{
$unix = new unix();
if ($aspid) {
$pidfile = "/etc/artica-postfix/pids/" . basename(__FILE__) . "." . __FUNCTION__ . ".pid";
$pid = $unix->get_pid_from_file($pidfile);
if ($unix->process_exists($pid, basename(__FILE__))) {
$time = $unix->PROCCESS_TIME_MIN($pid);
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: PHP-FPM: Already Artica task running PID {$pid} since {$time}mn\n";
}
return;
}
@file_put_contents($pidfile, getmypid());
}
$sock = new sockets();
$phpfpm = $unix->APACHE_LOCATE_PHP_FPM();
if (!is_file($phpfpm)) {
return;
}
$APACHE_USER = $unix->APACHE_SRC_ACCOUNT();
$APACHE_GROUP = $unix->APACHE_SRC_GROUP();
$VERSION = GetVersion();
$AsRoot = false;
$tr = explode(".", $VERSION);
$MAJOR = $tr[0];
$MINOR = $tr[1];
$REV = $tr[2];
$process_priority = false;
$syslog_facility = true;
$process_max = true;
if ($MAJOR > 4) {
if ($MINOR > 2) {
if ($REV > 20) {
$process_priority = true;
}
}
}
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: PHP-FPM: Parse Parameters\n";
}
$ParseParams = ParseParams();
$AsRoot = true;
if (isset($ParseParams["allow-to-run-as-root"])) {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: PHP-FPM: Allow run as root TRUE\n";
}
$AsRoot = true;
} else {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: PHP-FPM: Allow run as root is disabled\n";
}
}
$PHPFPMNoSyslog = trim(@file_get_contents("/etc/artica-postfix/settings/Daemons/PHPFPMNoSyslog"));
$PHPFPMNoProcessMax = trim(@file_get_contents("/etc/artica-postfix/settings/Daemons/PHPFPMNoProcessMax"));
if (!is_numeric($PHPFPMNoSyslog)) {
$PHPFPMNoSyslog = 0;
}
if (!is_numeric($PHPFPMNoProcessMax)) {
$PHPFPMNoProcessMax = 0;
}
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: PHP-FPM: PHPFPMNoSyslog:{$PHPFPMNoSyslog}\n";
}
if ($PHPFPMNoSyslog == 1) {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: PHP-FPM: Disabling process.priority token\n";
}
$syslog_facility = false;
}
if ($PHPFPMNoProcessMax == 1) {
$process_max = false;
}
$ProcessNice = $unix->GET_PERFS('ProcessNice');
if (!is_numeric($ProcessNice)) {
$ProcessNice = 19;
}
if ($ProcessNice > 19) {
$ProcessNice = 19;
}
if ($ProcessNice < 1) {
$ProcessNice = 19;
}
$EnableArticaApachePHPFPM = intval($sock->GET_INFO("EnableArticaApachePHPFPM"));
$EnablePHPFPMFreeWeb = intval($sock->GET_INFO("EnablePHPFPMFreeWeb"));
$EnablePHPFPMFrameWork = $sock->GET_INFO("EnablePHPFPMFrameWork");
$EnableFreeWeb = $sock->GET_INFO("EnableFreeWeb");
if (!is_numeric($EnablePHPFPMFrameWork)) {
$EnablePHPFPMFrameWork = 0;
}
if (!is_numeric($EnableArticaApachePHPFPM)) {
$EnableArticaApachePHPFPM = 0;
}
if (!is_numeric($EnablePHPFPMFreeWeb)) {
$EnablePHPFPMFreeWeb = 0;
}
if (!is_numeric($EnableFreeWeb)) {
$EnableFreeWeb = 0;
}
if ($EnableFreeWeb == 0) {
$EnablePHPFPMFreeWeb = 0;
}
if (is_file("/etc/artica-postfix/WORDPRESS_APPLIANCE")) {
$EnablePHPFPMFreeWeb = 1;
}
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: PHP-FPM: will run as {$APACHE_USER}:{$APACHE_GROUP}\n";
}
$f[] = ";Writing by Artica," . date("Y-m-d H:i:s") . " file will be erased, change the " . __FILE__ . " code instead...";
@unlink("/etc/php5/fpm/pool.d/www.conf");
@unlink("/etc/php5/fpm/pool.d/apache2.conf");
@unlink("/etc/php5/fpm/pool.d/zarafa.conf");
@unlink("/etc/php5/fpm/pool.d/framework.conf");
@unlink("/etc/php5/fpm/pool.d/nginx-authenticator.conf");
if ($EnableArticaApachePHPFPM == 1) {
$f[] = "[www]";
$f[] = "user = {$APACHE_USER}";
$f[] = "group = {$APACHE_GROUP}";
$f[] = "listen = /var/run/php-fpm.sock";
$f[] = "listen.mode = 0777";
$f[] = ";listen.allowed_clients = 127.0.0.1";
if ($process_priority) {
$f[] = "process.priority = {$ProcessNice}";
}
$f[] = "pm = dynamic";
//$f[]="log_level = debug";
$f[] = "pm.max_children = 20";
$f[] = "pm.start_servers = 2";
$f[] = "pm.min_spare_servers = 1";
$f[] = "pm.max_spare_servers = 5";
$f[] = ";pm.process_idle_timeout = 10s;";
$f[] = "pm.max_requests = 80";
$f[] = "pm.status_path = /fpm.status.php";
$f[] = "ping.path = /fpm.ping";
$f[] = ";ping.response = pong";
$f[] = "chdir = /";
$f[] = "";
@mkdir("/etc/php5/fpm/pool.d", 0755, true);
@file_put_contents("/etc/php5/fpm/pool.d/www.conf", @implode("\n", $f));
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: PHP-FPM: /etc/php5/fpm/pool.d/www.conf done\n";
}
}
$f = array();
if ($EnablePHPFPMFreeWeb == 1) {
$f[] = "[apache2]";
$f[] = "user = {$APACHE_USER}";
$f[] = "group = {$APACHE_GROUP}";
$f[] = "listen = /var/run/php-fpm-apache2.sock";
$f[] = "listen.mode = 0777";
$f[] = ";listen.allowed_clients = 127.0.0.1";
if ($process_priority) {
$f[] = "process.priority = {$ProcessNice}";
}
$f[] = "pm = dynamic";
$f[] = "pm.max_children = 50";
$f[] = "pm.start_servers = 2";
$f[] = "pm.min_spare_servers = 1";
$f[] = "pm.max_spare_servers = 5";
$f[] = ";pm.process_idle_timeout = 10s;";
$f[] = "pm.max_requests = 60";
$f[] = "pm.status_path = /fpm.status.php";
$f[] = "request_terminate_timeout = 605";
$f[] = "ping.path = /php-fpm-ping";
$f[] = ";ping.response = pong";
$f[] = "chdir = /";
$f[] = "";
@file_put_contents("/etc/php5/fpm/pool.d/apache2.conf", @implode("\n", $f));
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: PHP-FPM: /etc/php5/fpm/pool.d/apache2.conf done\n";
}
}
$zarafabin = $unix->find_program("zarafa-server");
if (is_file($zarafabin)) {
$FreeWebPerformances = unserialize(base64_decode($sock->GET_INFO("ZarafaApachePerformances")));
if (!is_numeric($FreeWebPerformances["post_max_size"])) {
$FreeWebPerformances["post_max_size"] = 50;
}
if (!is_numeric($FreeWebPerformances["upload_max_filesize"])) {
$FreeWebPerformances["upload_max_filesize"] = 50;
}
if (!is_numeric($FreeWebPerformances["PhpStartServers"])) {
$FreeWebPerformances["PhpStartServers"] = 20;
}
if (!is_numeric($FreeWebPerformances["PhpMinSpareServers"])) {
$FreeWebPerformances["PhpMinSpareServers"] = 5;
}
if (!is_numeric($FreeWebPerformances["PhpMaxSpareServers"])) {
$FreeWebPerformances["PhpMaxSpareServers"] = 25;
}
if (!is_numeric($FreeWebPerformances["PhpMaxClients"])) {
$FreeWebPerformances["PhpMaxClients"] = 128;
}
$f = array();
$f[] = "[zarafa]";
$f[] = "user = {$APACHE_USER}";
$f[] = "group = {$APACHE_GROUP}";
$f[] = "listen = /var/run/php-fpm-zarafa.sock";
$f[] = "listen.mode = 0777";
$f[] = ";listen.allowed_clients = 127.0.0.1";
if ($process_priority) {
$f[] = "process.priority = {$ProcessNice}";
}
$f[] = "pm = dynamic";
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: PHP-FPM: Zarafa max_children.....: {$FreeWebPerformances["PhpMaxClients"]}\n";
}
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: PHP-FPM: Zarafa start_servers....: {$FreeWebPerformances["PhpStartServers"]}\n";
}
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: PHP-FPM: Zarafa min_spare_servers: {$FreeWebPerformances["PhpMinSpareServers"]}\n";
}
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: PHP-FPM: Zarafa max_spare_servers: {$FreeWebPerformances["PhpMaxSpareServers"]}\n";
}
@mkdir("/var/lib/php5-zarafa", 0755, true);
$unix->chown_func($APACHE_USER, $APACHE_GROUP, "/var/lib/php5-zarafa");
$f[] = "pm.max_children = {$FreeWebPerformances["PhpMaxClients"]}";
$f[] = "pm.start_servers = {$FreeWebPerformances["PhpStartServers"]}";
$f[] = "pm.min_spare_servers = {$FreeWebPerformances["PhpMinSpareServers"]}";
$f[] = "pm.max_spare_servers = {$FreeWebPerformances["PhpMaxSpareServers"]}";
$f[] = ";pm.process_idle_timeout = 10s;";
$f[] = "pm.max_requests = 60";
$f[] = "pm.status_path = /fpm.status.php";
$f[] = "request_terminate_timeout = 605";
$f[] = "ping.path = /php-fpm-ping";
$f[] = ";ping.response = pong";
$f[] = "chdir = /";
$f[] = "php_value[include_path]=\".:/usr/share/php:/usr/share/php5:/usr/local/share/php:/usr/share/php5/PEAR:/usr/share/pear:/tmp\"";
$f[] = "php_value[magic_quotes_gpc] = 0";
$f[] = "php_value[short_open_tag] = 0";
$f[] = "php_value[magic_quotes_runtime] = 0";
$f[] = "php_value[safe_mode] = 0";
$f[] = "php_value[register_globals] = 0";
$f[] = "php_value[max_input_time] = 300";
$f[] = "php_value[register_globals] = 0";
$f[] = "php_value[post_max_size] = {$FreeWebPerformances["post_max_size"]}M";
$f[] = "php_value[upload_max_filesize] = {$FreeWebPerformances["upload_max_filesize"]}M";
$f[] = "php_value[session.save_path] = /var/lib/php5-zarafa";
$f[] = "";
@file_put_contents("/etc/php5/fpm/pool.d/zarafa.conf", @implode("\n", $f));
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: PHP-FPM: Zarafa /etc/php5/fpm/pool.d/zarafa.conf done\n";
}
}
$f = array();
if ($EnablePHPFPMFrameWork == 1) {
if ($AsRoot) {
$f[] = "[framework]";
$f[] = "user = root";
$f[] = "group = root";
$f[] = "listen = /var/run/php-fpm-framework.sock";
$f[] = "listen.mode = 0777";
$f[] = ";listen.allowed_clients = 127.0.0.1";
if ($process_priority) {
$f[] = "process.priority = {$ProcessNice}";
}
$f[] = "pm = dynamic";
$f[] = "pm.max_children = 50";
$f[] = "pm.start_servers = 2";
$f[] = "pm.min_spare_servers = 1";
$f[] = "pm.max_spare_servers = 5";
$f[] = ";pm.process_idle_timeout = 10s;";
$f[] = "pm.max_requests = 60";
$f[] = "pm.status_path = /fpm.status.php";
$f[] = "request_terminate_timeout = 605";
$f[] = "ping.path = /php-fpm-ping";
$f[] = ";ping.response = pong";
$f[] = "chdir = /";
$f[] = "";
@file_put_contents("/etc/php5/fpm/pool.d/framework.conf", @implode("\n", $f));
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: PHP-FPM: /etc/php5/fpm/pool.d/framework.conf done\n";
}
} else {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: PHP-FPM: As root is FALSE for framework..\n";
}
}
}
$f = array();
$f[] = ";Writing by Artica," . date("Y-m-d H:i:s") . " file will be erased, change the " . __FILE__ . " code instead...";
$f[] = "[global]";
$f[] = "pid = /var/run/php5-fpm.pid";
$f[] = "error_log = /var/log/php.log";
if ($syslog_facility) {
$f[] = "syslog.facility = daemon";
}
if ($syslog_facility) {
$f[] = "syslog.ident = php-fpm";
}
$f[] = "log_level = ERROR";
$f[] = ";emergency_restart_threshold = 0";
$f[] = ";emergency_restart_interval = 0";
$f[] = ";process_control_timeout = 0";
if ($process_max) {
$f[] = "process.max = 128";
}
if ($process_priority) {
$f[] = "process.priority = {$ProcessNice}";
}
$f[] = "daemonize = yes";
$f[] = ";rlimit_files = 1024";
$f[] = ";rlimit_core = 0";
$f[] = "include=/etc/php5/fpm/pool.d/*.conf\n";
@file_put_contents("/etc/php5/fpm/php-fpm.conf", @implode("\n", $f));
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: PHP-FPM: /etc/php5/fpm/php-fpm.conf done\n";
}
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: PHP-FPM: Check settings\n";
}
$sock = new sockets();
exec("{$phpfpm} -t -y /etc/php5/fpm/php-fpm.conf 2>&1", $results);
while (list($index, $line) = each($results)) {
if (trim($line) == null) {
continue;
}
if (strpos($line, "unknown entry 'syslog.facility'") > 0) {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: PHP-FPM: syslog not supported..\n";
}
@file_put_contents("/etc/artica-postfix/settings/Daemons/PHPFPMNoSyslog", 1);
buildConfig();
return;
}
if (strpos($line, "unknown entry 'process.max'") > 0) {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: PHP-FPM: process.max not supported..\n";
}
@file_put_contents("/etc/artica-postfix/settings/Daemons/PHPFPMNoProcessMax", 1);
buildConfig();
return;
}
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: PHP-FPM: {$line}\n";
}
}
}
