function ApacheAccount()
{
$unix = new unix();
$array = array($unix->APACHE_SRC_ACCOUNT(), $unix->APACHE_SRC_GROUP());
echo "<articadatascgi>" . base64_encode(serialize($array)) . "</articadatascgi>";
return;
}
function install($filename)
{
$GLOBALS["PROGRESS_FILE"] = "/usr/share/artica-postfix/ressources/logs/squid.install.progress";
$GLOBALS["LOG_FILE"] = "/usr/share/artica-postfix/ressources/logs/web/squid.install.progress.txt";
$unix = new unix();
$LINUX_CODE_NAME = $unix->LINUX_CODE_NAME();
$LINUX_DISTRIBUTION = $unix->LINUX_DISTRIBUTION();
$LINUX_VERS = $unix->LINUX_VERS();
$LINUX_ARCHITECTURE = $unix->LINUX_ARCHITECTURE();
$APACHEUSER = $unix->APACHE_SRC_ACCOUNT();
$DebianVer = "debian{$LINUX_VERS[0]}";
$TMP_DIR = $unix->TEMP_DIR();
$ORGV = @file_get_contents("/usr/share/artica-postfix/VERSION");
$PATCH_VER = null;
$tarballs_file = "/usr/share/artica-postfix/ressources/conf/upload/{$filename}";
echo "Package {$tarballs_file}\n";
$size = filesize($tarballs_file);
echo "Size....................: " . FormatBytes($size / 1024) . "\n";
build_progress("Analyze...", 10);
echo "Current system..........: {$LINUX_CODE_NAME} {$LINUX_DISTRIBUTION} {$LINUX_VERS[0]}/{$LINUX_VERS[1]} {$LINUX_ARCHITECTURE}\n";
echo "Package.................: {$filename}\n";
echo "Temp dir................: {$TMP_DIR}\n";
if (!is_file($tarballs_file)) {
echo "{$tarballs_file} no such file...\n";
build_progress("No such file...", 110);
return;
}
echo "Uncompressing {$tarballs_file}...\n";
build_progress("{extracting} {$filename}...", 20);
$chown = $unix->find_program("chown");
$chmod = $unix->find_program("chmod");
$tar = $unix->find_program("tar");
$rm = $unix->find_program("rm");
$nohup = $unix->find_program("nohup");
$php = $unix->LOCATE_PHP5_BIN();
$squid = $unix->LOCATE_SQUID_BIN();
build_progress("{extracting} {$filename}...", 50);
system("{$tar} xf {$tarballs_file} -C /");
echo "Removing {$tarballs_file}...\n";
@unlink($tarballs_file);
shell_exec("{$rm} -rf /usr/share/artica-postfix/ressources/conf/upload/*");
@unlink(dirname(__FILE__) . "/ressources/logs/squid.compilation.params");
build_progress("{restarting} Squid-cache...", 60);
system("/etc/init.d/squid restart --force");
build_progress("{reconfiguring} Squid-cache...", 65);
system("{$php} /usr/share/artica-postfix/exec.squid.php --build --force");
build_progress("{reconfiguring} {APP_UFDBGUARD}...", 70);
system("{$php} /usr/share/artica-postfix/exec.squidguard.php --build --force");
build_progress("{restarting} {APP_C_ICAP}...", 80);
system("/etc/init.d/c-icap restart");
build_progress("Refresh local versions...", 90);
system('/usr/share/artica-postfix/bin/process1 --force --verbose --' . time());
$squid_version = x_squid_version();
build_progress("{success} v.{$squid_version}...", 100);
echo "Starting......: " . date("H:i:s") . " Done you can close the screen....\n";
}
function apache_config()
{
$sock = new sockets();
$unix = new unix();
$EnablePHPFPM = 0;
$APACHE_SRC_ACCOUNT = $unix->APACHE_SRC_ACCOUNT();
$APACHE_SRC_GROUP = $unix->APACHE_SRC_GROUP();
if (preg_match("#APACHE_RUN_GROUP#", $APACHE_SRC_GROUP)) {
$APACHE_SRC_GROUP = "www-data";
}
$LogFilePath = "/var/log/artica-wifidog/access.log";
$directories[] = "/var/run/apache2";
$directories[] = "/var/run/artica-apache";
$directories[] = "/var/log/artica-wifidog";
$directories[] = "/home/artica/hotspot/sessions";
$directories[] = "/home/artica/hotspot/caches";
while (list($index, $maindir) = each($directories)) {
@mkdir($maindir, 0755, true);
@chown($maindir, $APACHE_SRC_ACCOUNT);
@chgrp($maindir, $APACHE_SRC_GROUP);
}
$ErrorLog = dirname($LogFilePath) . "/error.log";
if (!is_file($LogFilePath)) {
@touch($LogFilePath);
}
@chown($LogFilePath, $APACHE_SRC_ACCOUNT);
@chgrp($LogFilePath, $APACHE_SRC_GROUP);
if (!is_file($ErrorLog)) {
@touch($ErrorLog);
}
@chown($ErrorLog, $APACHE_SRC_ACCOUNT);
@chgrp($ErrorLog, $APACHE_SRC_GROUP);
$APACHE_MODULES_PATH = $unix->APACHE_MODULES_PATH();
$HotSpotMaxClients = intval(@file_get_contents("/etc/artica-postfix/settings/Daemons/HotSpotMaxClients"));
$HotSpotStartServers = intval(@file_get_contents("/etc/artica-postfix/settings/Daemons/HotSpotStartServers"));
$HotSpotForceDDOSDisable = intval(@file_get_contents("/etc/artica-postfix/settings/Daemons/HotSpotForceDDOSDisable"));
if ($HotSpotMaxClients == 0) {
$HotSpotMaxClients = 20;
}
if ($HotSpotStartServers == 0) {
$HotSpotStartServers = 5;
}
$EnableArticaHotSpot = $sock->GET_INFO("EnableArticaHotSpot");
$SquidHotSpotPort = $sock->GET_INFO("SquidHotSpotPort");
$ArticaHotSpotPort = $sock->GET_INFO("ArticaHotSpotPort");
$ArticaSSLHotSpotPort = $sock->GET_INFO("ArticaSSLHotSpotPort");
$ArticaSplashHotSpotPort = $sock->GET_INFO("ArticaSplashHotSpotPort");
$ArticaSplashHotSpotPortSSL = $sock->GET_INFO("ArticaSplashHotSpotPortSSL");
if (!is_numeric($ArticaHotSpotPort)) {
$ArticaHotSpotPort = 0;
}
if (!is_numeric($ArticaSplashHotSpotPort)) {
$ArticaSplashHotSpotPort = 16080;
}
if (!is_numeric($ArticaSplashHotSpotPortSSL)) {
$ArticaSplashHotSpotPortSSL = 16443;
}
$ArticaHotSpotInterface = $sock->GET_INFO("ArticaHotSpotInterface");
$HospotHTTPServerName = trim($sock->GET_INFO("HospotHTTPServerName"));
$HotSpotErrorRedirect = $sock->GET_INFO("HotSpotErrorRedirect");
if ($HotSpotErrorRedirect == null) {
$HotSpotErrorRedirect = "http://www.msftncsi.com";
}
$Params = unserialize($sock->GET_INFO("HotSpotEvasive"));
$ApacheEvasiveInstalled = intval($sock->GET_INFO("ApacheEvasiveInstalled"));
if (!is_numeric($Params["DOSEnable"])) {
$Params["DOSEnable"] = 1;
}
if (!is_numeric($Params["DOSHashTableSize"])) {
$Params["DOSHashTableSize"] = 1024;
}
if (!is_numeric($Params["DOSPageCount"])) {
$Params["DOSPageCount"] = 3;
}
if (!is_numeric($Params["DOSSiteCount"])) {
$Params["DOSSiteCount"] = 20;
}
if (!is_numeric($Params["DOSPageInterval"])) {
$Params["DOSPageInterval"] = 1;
}
if (!is_numeric($Params["DOSSiteInterval"])) {
$Params["DOSSiteInterval"] = 10;
}
if (!is_numeric($Params["DOSBlockingPeriod"])) {
$Params["DOSBlockingPeriod"] = 5;
}
$unix = new unix();
$NETWORK_ALL_INTERFACES = $unix->NETWORK_ALL_INTERFACES();
$ipaddr = $NETWORK_ALL_INTERFACES[$ArticaHotSpotInterface]["IPADDR"];
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} HotSpot run as {$ArticaHotSpotInterface} ( {$ipaddr} )\n";
}
if ($ipaddr == "0.0.0.0") {
$ipaddr = "*";
}
if ($ipaddr == null) {
$ipaddr = "*";
}
$GLOBALS["HOSTPOT_WEB_INTERFACE"] = $ipaddr;
$phpfpm = $unix->APACHE_LOCATE_PHP_FPM();
$php = $unix->LOCATE_PHP5_BIN();
$EnableArticaApachePHPFPM = $sock->GET_INFO("EnableArticaApachePHPFPM");
if (!is_numeric($EnableArticaApachePHPFPM)) {
$EnableArticaApachePHPFPM = 0;
}
if (!is_file($phpfpm)) {
$EnableArticaApachePHPFPM = 0;
}
$unix->chown_func($APACHE_SRC_ACCOUNT, $APACHE_SRC_GROUP, "/var/run/artica-apache");
$apache_LOCATE_MIME_TYPES = $unix->apache_LOCATE_MIME_TYPES();
if ($EnableArticaApachePHPFPM == 1) {
if (!is_file("{$APACHE_MODULES_PATH}/mod_fastcgi.so")) {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} mod_fastcgi.so is required to use PHP5-FPM\n";
}
$EnableArticaApachePHPFPM = 0;
}
}
if ($APACHE_SRC_ACCOUNT == null) {
$APACHE_SRC_ACCOUNT = "www-data";
$APACHE_SRC_GROUP = "www-data";
$unix->CreateUnixUser($APACHE_SRC_ACCOUNT, $APACHE_SRC_GROUP, "Apache username");
}
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Run as....: {$APACHE_SRC_ACCOUNT}:{$APACHE_SRC_GROUP}\n";
}
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} HTTP Port.: {$ArticaSplashHotSpotPort} SSL Port: {$ArticaSplashHotSpotPortSSL}\n";
}
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} PHP-FPM...: {$EnablePHPFPM}\n";
}
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} MaxClients: {$HotSpotMaxClients}\n";
}
$f[] = "Group {$APACHE_SRC_GROUP}";
$f[] = "User {$APACHE_SRC_ACCOUNT}";
$f[] = "LockFile /var/run/apache2/hotspot-artica-accept.lock";
$f[] = "PidFile /var/run/artica-apache/hotspot-apache.pid";
$f[] = "AcceptMutex flock";
$f[] = "SSLRandomSeed startup file:/dev/urandom 256";
$f[] = "SSLRandomSeed connect builtin";
$f[] = "SSLSessionCache shmcb:/var/run/apache2/ssl_scache-hotspot(512000)";
$f[] = "SSLSessionCacheTimeout 300";
$f[] = "SSLSessionCacheTimeout 300";
$f[] = "DocumentRoot /usr/share/artica-postfix";
$f[] = "DirectoryIndex hotspot.html";
$f[] = "ErrorDocument 400 /hotspot.html";
$f[] = "ErrorDocument 401 /hotspot.html";
$f[] = "ErrorDocument 403 /hotspot.html";
$f[] = "ErrorDocument 404 /hotspot.html";
$f[] = "ErrorDocument 500 /hotspot.html";
$NameVirtualHost = $ipaddr;
if ($HospotHTTPServerName != null) {
$NameVirtualHost = $HospotHTTPServerName;
}
$f[] = "NameVirtualHost {$NameVirtualHost}:{$ArticaSplashHotSpotPort}";
$f[] = "NameVirtualHost {$NameVirtualHost}:{$ArticaSplashHotSpotPortSSL}";
$f[] = "Listen {$NameVirtualHost}:{$ArticaSplashHotSpotPort}";
$f[] = "Listen {$NameVirtualHost}:{$ArticaSplashHotSpotPortSSL}";
$ddos_config = null;
if ($HotSpotForceDDOSDisable == 1) {
$Params["DOSEnable"] = 0;
}
if ($Params["DOSEnable"] == 1) {
//$ddos[]="<IfModule mod_evasive20.c>";
$ddos[] = "\tDOSHashTableSize {$Params["DOSHashTableSize"]}";
$ddos[] = "\tDOSPageCount {$Params["DOSPageCount"]}";
$ddos[] = "\tDOSSiteCount {$Params["DOSSiteCount"]}";
$ddos[] = "\tDOSPageInterval {$Params["DOSPageInterval"]}";
$ddos[] = "\tDOSSiteInterval {$Params["DOSSiteInterval"]}";
$ddos[] = "\tDOSBlockingPeriod {$Params["DOSBlockingPeriod"]}";
$ddos[] = "\tDOSLogDir \"/var/log/artica-wifidog\"";
$ddos[] = "\tDOSSystemCommand \"/bin/echo `date '+%F %T'` HOTSPOT %s >> /var/log/artica-wifidog/dos_evasive_attacks.log\"";
$ddos_config = @implode("\n", $ddos);
//$ddos[]="</IfModule>";
}
$f[] = "<VirtualHost {$NameVirtualHost}:{$ArticaSplashHotSpotPort}>";
$f[] = "\tServerName {$NameVirtualHost}";
$f[] = "\tDocumentRoot /usr/share/artica-postfix";
$f[] = "{$ddos_config}";
$f[] = "\tErrorDocument 400 /hotspot.html";
$f[] = "\tErrorDocument 401 /hotspot.html";
$f[] = "\tErrorDocument 403 /hotspot.html";
$f[] = "\tErrorDocument 404 /hotspot.html";
$f[] = "\tErrorDocument 500 /hotspot.html";
$f[] = "\tFallbackResource /hotspot.html";
$f[] = "</VirtualHost>";
$f[] = "<VirtualHost {$NameVirtualHost}:{$ArticaSplashHotSpotPortSSL}>";
$f[] = "\tServerName {$NameVirtualHost}";
$f[] = "\tDocumentRoot /usr/share/artica-postfix";
$f[] = "\tSSLEngine on";
$squid = new squidbee();
$ArticaSplashHotSpotCertificate = $sock->GET_INFO("ArticaSplashHotSpotCertificate");
$data = $squid->SaveCertificate($ArticaSplashHotSpotCertificate, false, true, false);
if ($ArticaSplashHotSpotCertificate != null) {
$apache = new apache_certificate($ArticaSplashHotSpotCertificate);
$f[] = $apache->build();
} else {
if (preg_match("#ssl_certificate\\s+(.+?);\\s+ssl_certificate_key\\s+(.+?);#is", $data, $re)) {
$cert = $re[1];
$key = $re[2];
$f[] = "\tSSLCertificateFile \"{$cert}\"";
$f[] = "\tSSLCertificateKeyFile \"{$key}\"";
}
}
$f[] = "\tSSLVerifyClient none";
$f[] = "\tServerSignature Off";
$f[] = "{$ddos_config}";
$f[] = "\tErrorDocument 400 /hotspot.html";
$f[] = "\tErrorDocument 401 /hotspot.html";
$f[] = "\tErrorDocument 403 /hotspot.html";
$f[] = "\tErrorDocument 404 /hotspot.html";
$f[] = "\tErrorDocument 500 /hotspot.html";
$f[] = "\tFallbackResource /hotspot.html";
$f[] = "</VirtualHost>";
$f[] = "AccessFileName .htaccess";
$f[] = "<Files ~ \"^\\.ht\">";
$f[] = "\tOrder allow,deny";
$f[] = "\tDeny from all";
$f[] = "\tSatisfy all";
$f[] = "</Files>";
$f[] = "DefaultType text/plain";
$f[] = "HostnameLookups Off";
$f[] = "User\t\t\t\t {$APACHE_SRC_ACCOUNT}";
$f[] = "Group\t\t\t\t {$APACHE_SRC_GROUP}";
$f[] = "Timeout 300";
$f[] = "KeepAlive Off";
$f[] = "KeepAliveTimeout 3";
if ($HotSpotStartServers >= $HotSpotMaxClients) {
$HotSpotMaxClients = $HotSpotMaxClients + $HotSpotStartServers;
}
if ($HotSpotMaxClients > 1024) {
$HotSpotMaxClients = 1024;
}
$ServerLimit = $HotSpotMaxClients + 100;
if ($ServerLimit > 2000) {
$ServerLimit = 2000;
}
$f[] = "StartServers {$HotSpotStartServers}";
$f[] = "MaxClients {$HotSpotMaxClients}";
$f[] = "ServerLimit\t\t {$ServerLimit}";
$MinSpareServers = $HotSpotStartServers + 5;
$MaxSpareServers = $MinSpareServers + 1;
$f[] = "MinSpareServers {$MinSpareServers}";
$f[] = "MaxSpareServers {$MaxSpareServers}";
$f[] = "MaxRequestsPerChild 800";
$f[] = "MaxKeepAliveRequests 100";
$f[] = "ServerName " . $unix->hostname_g();
$f[] = "<IfModule mod_ssl.c>";
$f[] = "\tSSLRandomSeed connect builtin";
$f[] = "\tSSLRandomSeed connect file:/dev/urandom 512";
$f[] = "\tAddType application/x-x509-ca-cert .crt";
$f[] = "\tAddType application/x-pkcs7-crl .crl";
$f[] = "\tSSLPassPhraseDialog builtin";
$f[] = "\tSSLSessionCache shmcb:/var/run/apache2/ssl_scache-articahtp(512000)";
$f[] = "\tSSLSessionCacheTimeout 300";
$f[] = "\tSSLSessionCacheTimeout 300";
$f[] = "\tSSLMutex sem";
$f[] = "\tSSLCipherSuite HIGH:MEDIUM:!ADH";
$f[] = "\tSSLProtocol all -SSLv2";
$f[] = "</IfModule>";
$f[] = "";
$f[] = "AddType application/x-httpd-php .php";
$f[] = "php_value error_log \"/var/log/artica-wifidog/access.log\"";
$f[] = "php_value session.save_path \"/home/artica/hotspot/sessions\"";
$f[] = "<IfModule mod_fcgid.c>";
$f[] = "\tPHP_Fix_Pathinfo_Enable 1";
$f[] = "</IfModule>";
$f[] = "<IfModule mod_php5.c>";
$f[] = " <FilesMatch \"\\.ph(p3?|tml)\$\">";
$f[] = "\tSetHandler application/x-httpd-php";
$f[] = " </FilesMatch>";
$f[] = " <FilesMatch \"\\.phps\$\">";
$f[] = "\tSetHandler application/x-httpd-php-source";
$f[] = " </FilesMatch>";
$f[] = " <IfModule mod_userdir.c>";
$f[] = " <Directory /home/*/public_html>";
$f[] = " php_admin_value engine Off";
$f[] = " </Directory>";
$f[] = " </IfModule>";
$f[] = "</IfModule>";
$f[] = "<IfModule mod_mime.c>";
$f[] = "\tTypesConfig /etc/mime.types";
$f[] = "\tAddType application/x-compress .Z";
$f[] = "\tAddType application/x-gzip .gz .tgz";
$f[] = "\tAddType application/x-bzip2 .bz2";
$f[] = "\tAddType application/x-httpd-php .php .phtml";
$f[] = "\tAddType application/x-httpd-php-source .phps";
$f[] = "\tAddLanguage ca .ca";
$f[] = "\tAddLanguage cs .cz .cs";
$f[] = "\tAddLanguage da .dk";
$f[] = "\tAddLanguage de .de";
$f[] = "\tAddLanguage el .el";
$f[] = "\tAddLanguage en .en";
$f[] = "\tAddLanguage eo .eo";
$f[] = "\tRemoveType es";
$f[] = "\tAddLanguage es .es";
$f[] = "\tAddLanguage et .et";
$f[] = "\tAddLanguage fr .fr";
$f[] = "\tAddLanguage he .he";
$f[] = "\tAddLanguage hr .hr";
$f[] = "\tAddLanguage it .it";
$f[] = "\tAddLanguage ja .ja";
$f[] = "\tAddLanguage ko .ko";
$f[] = "\tAddLanguage ltz .ltz";
$f[] = "\tAddLanguage nl .nl";
$f[] = "\tAddLanguage nn .nn";
$f[] = "\tAddLanguage no .no";
$f[] = "\tAddLanguage pl .po";
$f[] = "\tAddLanguage pt .pt";
$f[] = "\tAddLanguage pt-BR .pt-br";
$f[] = "\tAddLanguage ru .ru";
$f[] = "\tAddLanguage sv .sv";
$f[] = "\tRemoveType tr";
$f[] = "\tAddLanguage tr .tr";
$f[] = "\tAddLanguage zh-CN .zh-cn";
$f[] = "\tAddLanguage zh-TW .zh-tw";
$f[] = "\tAddCharset us-ascii .ascii .us-ascii";
$f[] = "\tAddCharset ISO-8859-1 .iso8859-1 .latin1";
$f[] = "\tAddCharset ISO-8859-2 .iso8859-2 .latin2 .cen";
$f[] = "\tAddCharset ISO-8859-3 .iso8859-3 .latin3";
$f[] = "\tAddCharset ISO-8859-4 .iso8859-4 .latin4";
$f[] = "\tAddCharset ISO-8859-5 .iso8859-5 .cyr .iso-ru";
$f[] = "\tAddCharset ISO-8859-6 .iso8859-6 .arb .arabic";
$f[] = "\tAddCharset ISO-8859-7 .iso8859-7 .grk .greek";
$f[] = "\tAddCharset ISO-8859-8 .iso8859-8 .heb .hebrew";
$f[] = "\tAddCharset ISO-8859-9 .iso8859-9 .latin5 .trk";
$f[] = "\tAddCharset ISO-8859-10 .iso8859-10 .latin6";
$f[] = "\tAddCharset ISO-8859-13 .iso8859-13";
$f[] = "\tAddCharset ISO-8859-14 .iso8859-14 .latin8";
$f[] = "\tAddCharset ISO-8859-15 .iso8859-15 .latin9";
$f[] = "\tAddCharset ISO-8859-16 .iso8859-16 .latin10";
$f[] = "\tAddCharset ISO-2022-JP .iso2022-jp .jis";
$f[] = "\tAddCharset ISO-2022-KR .iso2022-kr .kis";
$f[] = "\tAddCharset ISO-2022-CN .iso2022-cn .cis";
$f[] = "\tAddCharset Big5 .Big5 .big5 .b5";
$f[] = "\tAddCharset cn-Big5 .cn-big5";
$f[] = "\t# For russian, more than one charset is used (depends on client, mostly):";
$f[] = "\tAddCharset WINDOWS-1251 .cp-1251 .win-1251";
$f[] = "\tAddCharset CP866 .cp866";
$f[] = "\tAddCharset KOI8 .koi8";
$f[] = "\tAddCharset KOI8-E .koi8-e";
$f[] = "\tAddCharset KOI8-r .koi8-r .koi8-ru";
$f[] = "\tAddCharset KOI8-U .koi8-u";
$f[] = "\tAddCharset KOI8-ru .koi8-uk .ua";
$f[] = "\tAddCharset ISO-10646-UCS-2 .ucs2";
$f[] = "\tAddCharset ISO-10646-UCS-4 .ucs4";
$f[] = "\tAddCharset UTF-7 .utf7";
$f[] = "\tAddCharset UTF-8 .utf8";
$f[] = "\tAddCharset UTF-16 .utf16";
$f[] = "\tAddCharset UTF-16BE .utf16be";
$f[] = "\tAddCharset UTF-16LE .utf16le";
$f[] = "\tAddCharset UTF-32 .utf32";
$f[] = "\tAddCharset UTF-32BE .utf32be";
$f[] = "\tAddCharset UTF-32LE .utf32le";
$f[] = "\tAddCharset euc-cn .euc-cn";
$f[] = "\tAddCharset euc-gb .euc-gb";
$f[] = "\tAddCharset euc-jp .euc-jp";
$f[] = "\tAddCharset euc-kr .euc-kr";
$f[] = "\tAddCharset EUC-TW .euc-tw";
$f[] = "\tAddCharset gb2312 .gb2312 .gb";
$f[] = "\tAddCharset iso-10646-ucs-2 .ucs-2 .iso-10646-ucs-2";
$f[] = "\tAddCharset iso-10646-ucs-4 .ucs-4 .iso-10646-ucs-4";
$f[] = "\tAddCharset shift_jis .shift_jis .sjis";
$f[] = "\tAddType text/html .shtml";
$f[] = "\tAddOutputFilter INCLUDES .shtml";
$f[] = "</IfModule>";
$f[] = "Alias /index.php /hotspot.html";
$f[] = "Alias /index.html /hotspot.html";
$f[] = "Alias /Microsoft-Server-ActiveSync /hotspot-none.html";
$f[] = "<Directory \"/usr/share/artica-postfix\">";
$f[] = "\tDirectorySlash On";
$f[] = "\tDirectoryIndex hostpot.php";
$f[] = "\t\t<Files \"hostpot.php\">";
$f[] = "\t\t\tOrder allow,deny";
$f[] = "\t\t\tallow from all";
$f[] = "\t\t</Files>";
$f[] = "\t\t<Files \"hostpot.html\">";
$f[] = "\t\t\tOrder allow,deny";
$f[] = "\t\t\tallow from all";
$f[] = "\t\t</Files>";
$f[] = "\t\t<FilesMatch \"!(hostpot)\\.(html|php)\$\">";
$f[] = "\t\t\tOrder allow,deny";
$f[] = "\t\t\tdeny from all";
$f[] = "\t\t</FilesMatch>";
$f[] = "\tErrorDocument 400 /hotspot.html";
$f[] = "\tErrorDocument 401 /hotspot.html";
$f[] = "\tErrorDocument 403 /hotspot.html";
$f[] = "\tErrorDocument 404 /hotspot.html";
$f[] = "\tErrorDocument 500 /hotspot.html";
$f[] = "\tFallbackResource /hotspot.html";
$f[] = "\tOptions -Indexes";
$f[] = "\tSSLOptions +StdEnvVars";
$f[] = "\tAllowOverride All";
$f[] = "\tOrder allow,deny";
$f[] = "\tAllow from all";
$f[] = "</Directory>";
if ($EnableArticaApachePHPFPM == 1) {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Activate PHP5-FPM\n";
}
shell_exec("{$php} /usr/share/artica-postfix/exec.initslapd.php --phppfm");
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Restarting PHP5-FPM\n";
}
shell_exec("/etc/init.d/php5-fpm restart");
$f[] = "\tAlias /php5.fastcgi /var/run/artica-apache/php5.fastcgi";
$f[] = "\tAddHandler php-script .php";
$f[] = "\tFastCGIExternalServer /var/run/artica-apache/php5.fastcgi -socket /var/run/php-fpm.sock -idle-timeout 610";
$f[] = "\tAction php-script /php5.fastcgi virtual";
$f[] = "\t<Directory /var/run/artica-apache>";
$f[] = "\t\t<Files php5.fastcgi>";
$f[] = "\t\tOrder deny,allow";
$f[] = "\t\tAllow from all";
$f[] = "\t\t</Files>";
$f[] = "\t</Directory>";
} else {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} PHP5-FPM is disabled\n";
}
}
$f[] = "Loglevel debug";
$f[] = "ErrorLog {$ErrorLog}";
$f[] = "LogFormat \"%h %l %u %t \\\"%r\\\" %<s %b\" common";
$f[] = "CustomLog {$LogFilePath} common";
if ($EnableArticaApachePHPFPM == 0) {
$array["php5_module"] = "libphp5.so";
}
$array["actions_module"] = "mod_actions.so";
$array["expires_module"] = "mod_expires.so";
$array["rewrite_module"] = "mod_rewrite.so";
$array["dir_module"] = "mod_dir.so";
$array["mime_module"] = "mod_mime.so";
$array["alias_module"] = "mod_alias.so";
$array["auth_basic_module"] = "mod_auth_basic.so";
$array["authz_host_module"] = "mod_authz_host.so";
$array["autoindex_module"] = "mod_autoindex.so";
$array["negotiation_module"] = "mod_negotiation.so";
$array["ssl_module"] = "mod_ssl.so";
$array["headers_module"] = "mod_headers.so";
$array["ldap_module"] = "mod_ldap.so";
if ($Params["DOSEnable"] == 1) {
$array["evasive20_module"] = "mod_evasive20.so";
}
if ($EnableArticaApachePHPFPM == 1) {
$array["fastcgi_module"] = "mod_fastcgi.so";
}
if (is_dir("/etc/apache2")) {
if (!is_file("/etc/apache2/mime.types")) {
if ($apache_LOCATE_MIME_TYPES != "/etc/apache2/mime.types") {
@copy($apache_LOCATE_MIME_TYPES, "/etc/apache2/mime.types");
}
}
}
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Mime types path.......: {$apache_LOCATE_MIME_TYPES}\n";
}
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Modules path..........: {$APACHE_MODULES_PATH}\n";
}
while (list($module, $lib) = each($array)) {
if (is_file("{$APACHE_MODULES_PATH}/{$lib}")) {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} include module \"{$module}\"\n";
}
$f[] = "LoadModule {$module} {$APACHE_MODULES_PATH}/{$lib}";
} else {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} skip module \"{$module}\"\n";
}
}
}
build_error_page();
@file_put_contents("/etc/artica-postfix/hotspot-httpd.conf", @implode("\n", $f) . "\n");
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} /etc/artica-postfix/hotspot-httpd.conf done\n";
}
}
function sessions_clean()
{
$unix = new unix();
$sock = new sockets();
$TimeFile = "/etc/artica-postfix/pids/" . basename(__FILE__) . "." . __FUNCTION__ . ".time";
if ($unix->file_time_min($TimeFile) < 60) {
return;
}
@unlink($TimeFile);
@file_put_contents($TimeFile, time());
$APACHE_SRC_ACCOUNT = $unix->APACHE_SRC_ACCOUNT();
$APACHE_SRC_GROUP = $unix->APACHE_SRC_GROUP();
$CleanPHPSessionTime = $sock->GET_INFO("CleanPHPSessionTime");
if (!is_numeric($CleanPHPSessionTime)) {
$CleanPHPSessionTime = 1440;
}
sessions_clean_parse("/var/lib/php5", $CleanPHPSessionTime, $APACHE_SRC_ACCOUNT, $APACHE_SRC_GROUP);
sessions_clean_parse("/var/lib/php5-zarafa", $CleanPHPSessionTime, $APACHE_SRC_ACCOUNT, $APACHE_SRC_GROUP);
sessions_clean_parse("/home/squid/error_page_sessions", $CleanPHPSessionTime, $APACHE_SRC_ACCOUNT, $APACHE_SRC_GROUP);
sessions_clean_parse("/usr/share/artica-postfix/ressources/logs/jGrowl", 360, $APACHE_SRC_ACCOUNT, $APACHE_SRC_GROUP);
sessions_clean_parse("/usr/share/artica-postfix/ressources/conf", 360, $APACHE_SRC_ACCOUNT, $APACHE_SRC_GROUP);
sessions_clean_parse("/home/squid/error_page_cache", 60);
}
function sessions_clean()
{
$unix = new unix();
$sock = new sockets();
$TimeFile = "/etc/artica-postfix/pids/" . basename(__FILE__) . "." . __FUNCTION__ . ".time";
$APACHE_SRC_ACCOUNT = $unix->APACHE_SRC_ACCOUNT();
$APACHE_SRC_GROUP = $unix->APACHE_SRC_GROUP();
$CleanPHPSessionTime = $sock->GET_INFO("CleanPHPSessionTime");
if (!is_numeric($CleanPHPSessionTime)) {
$CleanPHPSessionTime = 2880;
}
if ($unix->file_time_min($TimeFile) < 60) {
return;
}
@unlink($TimeFile);
@file_put_contents($TimeFile, time());
if ($CleanPHPSessionTime > 5) {
if (is_dir("/var/lib/php5")) {
foreach (glob("/var/lib/php5/*") as $filename) {
$unix->chown_func($APACHE_SRC_ACCOUNT, $APACHE_SRC_GROUP, $filename);
$time = $unix->file_time_min($filename);
if ($time > 2880) {
$unix->_syslog("Clean: Remove PHP Session file " . basename($filename) . " {$time}Mn", basename(__FILE__));
@unlink($filename);
}
}
}
if (is_dir("/var/lib/php5-zarafa")) {
foreach (glob("/var/lib/php5-zarafa/*") as $filename) {
$time = $unix->file_time_min($filename);
if ($time > 2880) {
$unix->_syslog("Clean: Remove PHP Zarafa Session file " . basename($filename) . " {$time}Mn", basename(__FILE__));
@unlink($filename);
}
}
}
}
foreach (glob("/usr/share/artica-postfix/ressources/logs/jGrowl/*") as $filename) {
$time = $unix->file_time_min($filename);
if ($time > 360) {
@unlink($filename);
}
}
foreach (glob("/usr/share/artica-postfix/ressources/conf/*") as $filename) {
$time = $unix->file_time_min($filename);
if ($time > 360) {
@unlink($filename);
}
}
}
function build()
{
$unix = new unix();
$sock = new sockets();
$apache = $unix->APACHE_SRC_ACCOUNT();
$apachegrp = $unix->APACHE_SRC_GROUP();
$VSFTPDPort = intval($sock->GET_INFO("VSFTPDPort"));
if ($VSFTPDPort == 0) {
$VSFTPDPort = 21;
}
$VsFTPDPassive = $sock->GET_INFO("VsFTPDPassive");
$VsFTPDFileOpenMode = $sock->GET_INFO("VsFTPDFileOpenMode");
$VsFTPDLocalUmask = $sock->GET_INFO("VsFTPDLocalUmask");
$ProFTPDRootLogin = intval($sock->GET_INFO("ProFTPDRootLogin"));
if (!is_numeric($VsFTPDPassive)) {
$VsFTPDPassive = 1;
}
if ($VsFTPDFileOpenMode == null) {
$VsFTPDFileOpenMode = "0666";
}
if ($VsFTPDLocalUmask == null) {
$VsFTPDLocalUmask = "077";
}
if ($VsFTPDFileOpenMode == null) {
$VsFTPDFileOpenMode = "0666";
}
$VsFTPDLocalMaxRate = intval($sock->GET_INFO("VsFTPDLocalMaxRate"));
$f[] = "ServerName\t\t\"FTP server {$unix->hostname_g}()\"";
$f[] = "ServerType\t\tstandalone";
$f[] = "DefaultServer\t\ton";
$f[] = "Port\t\t\t\t{$VSFTPDPort}";
$f[] = "UseIPv6\t\t\toff";
$f[] = "Umask\t\t\t\t{$VsFTPDFileOpenMode} {$VsFTPDLocalUmask}";
$f[] = "PidFile\t\t\t/var/run/proftpd.pid";
$f[] = "MaxInstances\t\t30";
$f[] = "User\t\t\t\t{$apache}";
$f[] = "Group\t\t\t\t{$apachegrp}";
if ($ProFTPDRootLogin == 1) {
$f[] = "RootLogin\ton";
} else {
$f[] = "RootLogin\toff";
}
$f[] = "RequireValidShell\toff";
$f[] = "DefaultRoot \t\t~";
$f[] = "AllowOverwrite\ton";
$f[] = "IdentLookups \toff";
$f[] = "UseReverseDNS \toff";
$f[] = "LogFormat default \"%h %l %u %t \\\"%r\\\" %s %b\"";
$f[] = "LogFormat\t\t\tauth \"%v [%P] %h %t \\\"%r\\\" %s\"";
$f[] = "LogFormat\t\t\twrite \"%h %l %u %t \\\"%r\\\" %s %b\"";
$f[] = "SystemLog \t\t/var/log/proftpd.log";
$f[] = "TransferLog \t\t/var/log/xferlog";
$f[] = "LoadModule \t\tmod_quotatab.c";
$f[] = "LoadModule \t\tmod_quotatab_sql.c";
$f[] = "";
$f[] = "LoadModule \t\tmod_sql.c";
$f[] = "LoadModule \t\tmod_sql_mysql.c";
$f[] = "";
$f[] = "LoadModule \t\tmod_ldap.c";
$f[] = "";
$f[] = "AuthOrder\t\t\tAuthOrder mod_sql.c mod_ldap.c";
$f[] = "";
if ($VsFTPDPassive == 1) {
$pasv_min_port = intval($sock->GET_INFO("VsFTPDPassiveMinPort"));
$pasv_max_port = intval($sock->GET_INFO("VsFTPDPassiveMaxPort"));
if ($pasv_min_port == 0) {
$pasv_min_port = 40000;
}
if ($pasv_max_port == 0) {
$pasv_max_port = 40200;
}
$f[] = "PassivePorts {$pasv_min_port} {$pasv_max_port}";
$VsFTPDPassiveAddr = $sock->GET_INFO("VsFTPDPassiveAddr");
if ($VsFTPDPassiveAddr != null) {
$f[] = "MasqueradeAddress {$VsFTPDPassiveAddr}";
}
}
if ($VsFTPDLocalMaxRate > 0) {
if (strpos($VsFTPDLocalMaxRate, ".") == 0) {
$VsFTPDLocalMaxRate = "{$VsFTPDLocalMaxRate}.0";
}
$f[] = "TransferRate RETR {$VsFTPDLocalMaxRate}";
$f[] = "TransferRate STOR {$VsFTPDLocalMaxRate}";
}
$f[] = "";
$f[] = "# Bar use of SITE CHMOD by default";
$f[] = "<Limit SITE_CHMOD>";
$f[] = " DenyAll";
$f[] = "</Limit>";
$f[] = "";
$f[] = "# A basic anonymous configuration, no upload directories. If you do not";
$f[] = "# want anonymous users, simply delete this entire <Anonymous> section.";
$f[] = "<Anonymous ~ftp>";
$f[] = " User\t\t\t\tftp";
$f[] = " Group\t\t\t\tftp";
$f[] = "";
$f[] = " # We want clients to be able to login with \"anonymous\" as well as \"ftp\"";
$f[] = " UserAlias\t\t\tanonymous ftp";
$f[] = "";
$f[] = " # Limit the maximum number of anonymous logins";
$f[] = " MaxClients\t\t\t10";
$f[] = "";
$f[] = " # We want 'welcome.msg' displayed at login, and '.message' displayed";
$f[] = " # in each newly chdired directory.";
$f[] = " DisplayLogin\t\t\twelcome.msg";
$f[] = " DisplayChdir\t\t\t.message";
$f[] = "";
$f[] = " # Limit WRITE everywhere in the anonymous chroot";
$f[] = " <Limit WRITE>";
$f[] = " DenyAll";
$f[] = " </Limit>";
$f[] = "</Anonymous>";
$f[] = "";
$ldap = new clladp();
$f[] = "<IfModule mod_ldap.c>";
$f[] = "\tLDAPBindDN\t\tcn={$ldap->ldap_admin},{$ldap->suffix} {$ldap->ldap_password}";
$f[] = "\tLDAPServer\t\t\"{$ldap->ldap_host}:{$ldap->ldap_port}\"";
$f[] = "\tLDAPUseTLS\t\toff";
$f[] = "\tLDAPUsers\t\t{$ldap->suffix} (uid=%u)";
$f[] = "\tLDAPGroups\t\t{$ldap->suffix}";
$f[] = "\tLDAPAuthBinds\ton";
$f[] = "#\tLDAPLog \t\t/var/log/proftpd.ldap.log";
$f[] = "</IfModule>";
$f[] = "PersistentPasswd off";
$f[] = "AuthPAM off";
$q = new mysql();
if ($q->mysql_server == null) {
$q->mysql_server = "127.0.0.1";
}
if ($q->mysql_server == "localhost") {
$q->mysql_server = "127.0.0.1";
}
if ($GLOBALS["OUTPUT"]) {
echo "Stopping......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} MySQL server:{$q->mysql_server}\n";
}
$f[] = "<IfModule mod_sql.c>";
$f[] = "\tSQLAuthTypes Plaintext";
$f[] = "\tSQLBackend mysql";
$f[] = "\tSQLConnectInfo artica_backup@{$q->mysql_server} {$q->mysql_admin} \"{$q->mysql_password}\"";
$f[] = "\tSQLUserInfo ftpuser userid passwd uid gid homedir shell";
//$f[]="\tSQLUserWhereClause \"LoginAllowed = 'true'\"";
$f[] = "\tSQLGroupInfo ftpgroup groupname gid members";
$f[] = "\tCreateHome off";
$f[] = "\tSQLLog PASS updatecount";
$f[] = "\tSQLNamedQuery updatecount UPDATE \"count=count+1, accessed=now() WHERE userid='%u'\" ftpuser";
$f[] = "\tSQLLog STOR,RETR modified";
$f[] = "\tSQLNamedQuery modified UPDATE \"modified=now() WHERE userid='%u'\" ftpuser";
$f[] = "\tQuotaEngine off";
$f[] = "\tQuotaDirectoryTally off";
$f[] = "\tQuotaDisplayUnits Mb";
$f[] = "\tQuotaShowQuotas on";
$f[] = "\tSQLMinUserUID 0";
$f[] = "\tSQLMinUserGID 0";
$f[] = "\tSQLNamedQuery get-quota-limit SELECT \"name, quota_type, par_session, limit_type, bytes_up_limit, bytes_down_limit, bytes_transfer_limit, files_up_limit, files_down_limit, files_transfer_limit FROM ftpquotalimits WHERE name = '%{0}' AND quota_type = '%{1}'\"";
$f[] = "\tSQLNamedQuery get-quota-tally SELECT \"name, quota_type, bytes_up_total, bytes_down_total, bytes_transfer_total, files_up_total, files_down_total, files_transfer_total FROM ftpquotatotal WHERE name = '%{0}' AND quota_type = '%{1}'\"";
$f[] = "\tSQLNamedQuery update-quota-tally UPDATE \"bytes_up_total = bytes_up_total + %{0}, bytes_down_total = bytes_down_total + %{1}, bytes_transfer_total = bytes_transfer_total + %{2}, files_up_total = files_up_total + %{3}, files_down_total = files_down_total + %{4}, files_transfer_total = files_transfer_total + %{5} WHERE name = '%{6}' AND quota_type = '%{7}'\" ftpquotatotal";
$f[] = "\tSQLNamedQuery insert-quota-tally INSERT \"%{0}, %{1}, %{2}, %{3}, %{4}, %{5}, %{6}, %{7}\" ftpquotatotal";
$f[] = "\tQuotaLimitTable sql:/get-quota-limit";
$f[] = "\tQuotaTallyTable sql:/get-quota-tally/update-quota-tally/insert-quota-tally";
$f[] = "#\tSQLLogFile /var/log/proftpd.mysql.log";
$f[] = "</IfModule>";
$f[] = "";
@mkdir("/etc/proftpd", 0755, true);
@unlink("/etc/proftpd/proftpd.conf");
@file_put_contents("/etc/proftpd/proftpd.conf", @implode("\n", $f));
if ($GLOBALS["OUTPUT"]) {
echo "Stopping......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} /etc/proftpd/proftpd.conf done\n";
}
}
function install($filename)
{
$GLOBALS["PROGRESS_FILE"] = "/usr/share/artica-postfix/ressources/logs/artica.install.progress";
$GLOBALS["LOG_FILE"] = "/usr/share/artica-postfix/ressources/logs/web/artica.install.progress.txt";
$unix = new unix();
$LINUX_CODE_NAME = $unix->LINUX_CODE_NAME();
$LINUX_DISTRIBUTION = $unix->LINUX_DISTRIBUTION();
$LINUX_VERS = $unix->LINUX_VERS();
$LINUX_ARCHITECTURE = $unix->LINUX_ARCHITECTURE();
$APACHEUSER = $unix->APACHE_SRC_ACCOUNT();
$DebianVer = "debian{$LINUX_VERS[0]}";
$TMP_DIR = $unix->TEMP_DIR();
$ORGV = @file_get_contents("/usr/share/artica-postfix/VERSION");
$PATCH_VER = null;
$tarballs_file = "/usr/share/artica-postfix/ressources/conf/upload/{$filename}";
echo "Package {$tarballs_file}\n";
$size = filesize($tarballs_file);
ArticaMeta_release($tarballs_file);
if (preg_match('#([0-9\\.]+)_([0-9\\.]+)-([0-9]+).tgz$#i', $filename, $r)) {
$CUR_BRANCH = @file_get_contents("/usr/share/artica-postfix/MAIN_RELEASE");
$CUR_BRANCH = trim($CUR_BRANCH);
echo "Patch....................: {$r[3]}\n";
echo "From.....................: {$r[1]}\n";
echo "To.......................: {$r[2]}\n";
echo "Current Branch..........: {$CUR_BRANCH}\n";
if ($CUR_BRANCH != $r[1]) {
echo "{$CUR_BRANCH} != {$r[1]}\n";
build_progress("{not_for_current_branch} {requested} {$r[1]}", 110);
return;
}
$PATCH_VER = $r[2] . " :";
$ASPATCH = true;
}
echo "Size....................: " . FormatBytes($size / 1024) . "\n";
echo "Current version.........: {$ORGV}\n";
build_progress("{analyze}...", 10);
echo "Current system..........: {$LINUX_CODE_NAME} {$LINUX_DISTRIBUTION} {$LINUX_VERS[0]}/{$LINUX_VERS[1]} {$LINUX_ARCHITECTURE}\n";
echo "Package.................: {$filename}\n";
echo "Temp dir................: {$TMP_DIR}\n";
echo "Apache User.............: {$APACHEUSER}\n";
if (!is_file($tarballs_file)) {
echo "{$tarballs_file} no such file...\n";
build_progress("No such file...", 110);
return;
}
echo "Uncompressing {$tarballs_file}...\n";
build_progress("{extracting} {$filename}...", 20);
$chown = $unix->find_program("chown");
$chmod = $unix->find_program("chmod");
$tar = $unix->find_program("tar");
$rm = $unix->find_program("rm");
$nohup = $unix->find_program("nohup");
$php = $unix->LOCATE_PHP5_BIN();
$squid = $unix->LOCATE_SQUID_BIN();
build_progress("{extracting} {$filename}...", 50);
system("{$tar} xpf {$tarballs_file} -C /usr/share/");
echo "Removing {$tarballs_file}...\n";
@unlink($tarballs_file);
shell_exec("{$rm} -rf /usr/share/artica-postfix/ressources/conf/upload/*");
build_progress("{apply_permissions}...", 55);
echo "{$APACHEUSER} -> /usr/share/artica-postfix\n";
shell_exec("{$chown} -R {$APACHEUSER} /usr/share/artica-postfix");
echo "0755 -> /usr/share/artica-postfix\n";
shell_exec("{$chmod} -R 0755 /usr/share/artica-postfix");
$ORGD = @file_get_contents("/usr/share/artica-postfix/VERSION");
echo "Old version.............: {$ORGV}\n";
if ($ASPATCH) {
$patched = " (patched)";
}
echo "Current version.........: {$ORGD}{$patched}\n";
sleep(2);
if ($ORGV == $ORGD) {
build_progress("{operation_failed} Same version {$PATCH_VER}{$filename}...", 110);
return;
}
build_progress("{restarting} Artica...", 60);
$unix->THREAD_COMMAND_SET("{$php} /usr/share/artica-postfix/exec.web-community-filter.php --register");
build_progress("{restarting} Artica...", 65);
build_progress("{building_init_scripts}...", 70);
system("{$php} /usr/share/artica-postfix/exec.initslapd.php");
build_progress("{updating_network}...", 75);
system("{$php} /usr/share/artica-postfix/exec.virtuals-ip.php");
system("{$php} /usr/share/artica-postfix/exec.monit.php --build");
echo "Starting......: " . date("H:i:s") . " Purge and clean....\n";
build_progress("{restarting} Artica...", 80);
if (is_file("/etc/init.d/nginx")) {
shell_exec("{$nohup} /etc/init.d/nginx reload >/dev/null 2>&1 &");
}
build_progress("{restarting} Artica...", 81);
shell_exec("{$nohup} /etc/init.d/auth-tail restart");
build_progress("{restarting} Artica...", 82);
shell_exec("{$nohup} /etc/init.d/artica-framework");
build_progress("{restarting} Artica...", 83);
shell_exec("{$nohup} /usr/share/artica-postfix/bin/process1 --force --verbose " . time() . "");
build_progress("{restarting} Artica...", 84);
shell_exec("{$nohup} /usr/share/artica-postfix/bin/artica-make --empty-cache >/dev/null 2>&1 &");
build_progress("{restarting} Artica...", 85);
shell_exec("{$nohup} /etc/init.d/monit restart >/dev/null 2>&1 &");
build_progress("{restarting} Artica...", 86);
shell_exec("{$nohup} /etc/init.d/artica-status restart --force >/dev/null 2>&1 &");
build_progress("{restarting} Artica...", 87);
shell_exec("{$nohup} {$php} /usr/share/artica-postfix/exec.squid.php --build-schedules >/dev/null 2>&1 &");
build_progress("{restarting} Artica...", 88);
shell_exec("{$nohup} {$php} /usr/share/artica-postfix/exec.schedules.php --defaults >/dev/null 2>&1 &");
build_progress("{restarting} Artica...", 90);
build_progress("{restarting} Artica...", 100);
echo "Starting......: " . date("H:i:s") . " Done you can close the screen....\n";
}
function build()
{
$unix = new unix();
$sock = new sockets();
$users = new usersMenus();
$APACHE_MODULES_PATH = $users->APACHE_MODULES_PATH;
if ($GLOBALS["OUTPUT"]) {
echo "Configuring...: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Apache modules in \"{$APACHE_MODULES_PATH}\"\n";
}
$ZarafaApachePort = $sock->GET_INFO("ZarafaApachePort");
$ZarafaApacheSSL = $sock->GET_INFO("ZarafaApacheSSL");
$LighttpdArticaDisableSSLv2 = $sock->GET_INFO("LighttpdArticaDisableSSLv2");
$ZarafaWebNTLM = $sock->GET_INFO("ZarafaWebNTLM");
$ZarafaApacheServerName = $sock->GET_INFO("ZarafaApacheServerName");
if (!is_numeric($ZarafaWebNTLM)) {
$ZarafaWebNTLM = 0;
}
if (!is_numeric($LighttpdArticaDisableSSLv2)) {
$LighttpdArticaDisableSSLv2 = 0;
}
if (!is_numeric($ZarafaApacheSSL)) {
$ZarafaApacheSSL = 0;
}
if (!is_numeric($ZarafaApachePort)) {
$ZarafaApachePort = 9010;
}
$ZarafaApachePHPFPMEnable = $sock->GET_INFO("ZarafaApachePHPFPMEnable");
if (!is_numeric($ZarafaApachePHPFPMEnable)) {
$ZarafaApachePHPFPMEnable = 0;
}
if ($ZarafaApacheServerName == null) {
$ZarafaApacheServerName = $unix->hostname_g();
}
if (!is_dir('/usr/share/php/mapi')) {
if (is_dir('/usr/local/share/php/mapi')) {
@mkdir("/usr/share/php", 0755, true);
shell_exec('/bin/ln -s /usr/local/share/php/mapi /usr/share/php/mapi');
}
}
$username = $unix->APACHE_SRC_ACCOUNT();
$group = $unix->APACHE_SRC_GROUP();
if ($GLOBALS["OUTPUT"]) {
echo "Configuring...: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} logs access: /var/log/apache-zarafa/access.log\n";
}
if ($GLOBALS["OUTPUT"]) {
echo "Configuring...: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} logs error : /var/log/apache-zarafa/error.log\n";
}
@unlink("/var/log/apache-zarafa/access.log");
@unlink("/var/log/apache-zarafa/error.log");
@touch("/var/log/apache-zarafa/access.log");
@touch("/var/log/apache-zarafa/access.log");
@mkdir("/var/run/apache2", 0755, true);
@mkdir("/var/run/artica-apache", 0755, true);
@mkdir('/var/run/zarafa-web', 0755, true);
@mkdir('/var/log/apache-zarafa', 0755, true);
@mkdir('/var/lib/zarafa-webaccess/tmp', 0755, true);
$unix->chown_func($username, $group, "/var/log/apache-zarafa/access.log");
$unix->chown_func($username, $group, "/var/log/apache-zarafa/error.log");
$unix->chown_func($username, $group, "/var/run/apache2");
$unix->chown_func($username, $group, "/var/run/artica-apache");
$unix->chown_func($username, $group, "/var/run/zarafa-web");
$unix->chown_func($username, $group, "/var/log/apache-zarafa");
$unix->chown_func($username, $group, "/var/lib/zarafa-webaccess");
$unix->chmod_func(0777, "/var/lib/zarafa-webaccess/tmp");
$unix->chown_func($username, $group, "/usr/share/zarafa-webaccess/plugins/*");
if ($ZarafaApacheSSL == 1) {
if (is_file("{$APACHE_MODULES_PATH}/mod_ssl.so")) {
if (!is_file("/etc/ssl/certs/zarafa/apache.crt.nopass.cert")) {
shell_exec("/usr/share/artica-postfix/bin/artica-install --zarafa-apache-certificates");
}
$f[] = "LoadModule ssl_module /usr/lib/apache2/modules/mod_ssl.so";
$f[] = "SSLEngine on";
$f[] = "SSLCertificateFile /etc/ssl/certs/zarafa/apache.crt.nopass.cert";
$f[] = "SSLCertificateKeyFile /etc/ssl/certs/zarafa/apache-ca.key.nopass.key";
if ($LighttpdArticaDisableSSLv2 == 1) {
$f[] = "SSLProtocol -ALL +SSLv3 +TLSv1";
$f[] = "SSLCipherSuite ALL:!aNULL:!ADH:!eNULL:!LOW:!EXP:RC4+RSA:+HIGH:+MEDIUM";
}
$f[] = "SSLRandomSeed connect builtin";
$f[] = "SSLRandomSeed startup file:/dev/urandom 256";
$f[] = "SSLRandomSeed connect file:/dev/urandom 256";
$f[] = "AddType application/x-x509-ca-cert .crt";
$f[] = "AddType application/x-pkcs7-crl .crl";
$f[] = "SSLPassPhraseDialog builtin";
$f[] = "SSLSessionCache shmcb:/var/run/apache2/ssl_scache-zarafa(512000)";
$f[] = "SSLSessionCacheTimeout 300";
$f[] = "SSLVerifyClient none";
$f[] = "ServerSignature Off";
}
}
$SET_MODULES = SET_MODULES();
$FreeWebPerformances = unserialize(base64_decode($sock->GET_INFO("ZarafaApachePerformances")));
if (!is_numeric($FreeWebPerformances["Timeout"])) {
$FreeWebPerformances["Timeout"] = 300;
}
if (!is_numeric($FreeWebPerformances["KeepAlive"])) {
$FreeWebPerformances["KeepAlive"] = 0;
}
if (!is_numeric($FreeWebPerformances["MaxKeepAliveRequests"])) {
$FreeWebPerformances["MaxKeepAliveRequests"] = 100;
}
if (!is_numeric($FreeWebPerformances["KeepAliveTimeout"])) {
$FreeWebPerformances["KeepAliveTimeout"] = 15;
}
if (!is_numeric($FreeWebPerformances["MinSpareServers"])) {
$FreeWebPerformances["MinSpareServers"] = 5;
}
if (!is_numeric($FreeWebPerformances["MaxSpareServers"])) {
$FreeWebPerformances["MaxSpareServers"] = 10;
}
if (!is_numeric($FreeWebPerformances["StartServers"])) {
$FreeWebPerformances["StartServers"] = 5;
}
if (!is_numeric($FreeWebPerformances["MaxClients"])) {
$FreeWebPerformances["MaxClients"] = 50;
}
if (!is_numeric($FreeWebPerformances["MaxRequestsPerChild"])) {
$FreeWebPerformances["MaxRequestsPerChild"] = 10000;
}
$f[] = "Timeout {$FreeWebPerformances["Timeout"]}";
$f[] = "KeepAlive {$FreeWebPerformances["KeepAlive"]}";
$f[] = "KeepAliveTimeout {$FreeWebPerformances["KeepAliveTimeout"]}";
$f[] = "StartServers {$FreeWebPerformances["StartServers"]}";
$f[] = "MaxClients {$FreeWebPerformances["MaxClients"]}";
$f[] = "MinSpareServers {$FreeWebPerformances["MinSpareServers"]}";
$f[] = "MaxSpareServers {$FreeWebPerformances["MaxSpareServers"]}";
$f[] = "MaxRequestsPerChild {$FreeWebPerformances["MaxRequestsPerChild"]}";
$f[] = "MaxKeepAliveRequests {$FreeWebPerformances["MaxKeepAliveRequests"]}";
$f[] = "ServerLimit\t\t {$FreeWebPerformances["MaxClients"]}";
$f[] = "AcceptMutex \t\t flock";
$ZarafaApacheWebMailType = $sock->GET_INFO("ZarafaApacheWebMailType");
//$ZarafaApacheWebMailTypeA["APP_ZARAFA"]="{APP_ZARAFA}";
//$ZarafaApacheWebMailTypeA["APP_ZARAFA_WEBAPP"]="{APP_ZARAFA_WEBAPP}";
if ($ZarafaApacheWebMailType == null) {
$ZarafaApacheWebMailType = "APP_ZARAFA";
}
$f[] = $SET_MODULES;
$f[] = "<IfModule !mpm_netware_module>";
$f[] = " <IfModule !mpm_winnt_module>";
$f[] = " User {$username}";
$f[] = " Group {$group}";
$f[] = " </IfModule>";
$f[] = "</IfModule>";
$f[] = "ServerAdmin you@example.com";
$f[] = "ServerName {$ZarafaApacheServerName}";
if ($ZarafaApacheWebMailType == "APP_ZARAFA_WEBAPP") {
if (!is_dir("/usr/share/zarafa-webapp")) {
$ZarafaApacheWebMailType = "APP_ZARAFA";
}
}
if ($ZarafaApacheWebMailType == "APP_ZARAFA") {
$DocumentRoot = "/usr/share/zarafa-webaccess";
}
if ($ZarafaApacheWebMailType == "APP_ZARAFA_WEBAPP") {
$free = new freeweb();
$free->InstallZarafaConfigWebAPP("/usr/share/zarafa-webapp");
$DocumentRoot = "/usr/share/zarafa-webapp";
}
if ($GLOBALS["OUTPUT"]) {
echo "Configuring...: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} WebMail \"{$ZarafaApacheWebMailType}\"\n";
}
$f[] = "ServerRoot \"{$DocumentRoot}\"";
$f[] = "Listen {$ZarafaApachePort}";
$f[] = "User {$username}";
$f[] = "Group {$group}";
$f[] = "PidFile /var/run/zarafa-web/httpd.pid";
$f[] = "DocumentRoot \"{$DocumentRoot}\"";
$f[] = "<Directory {$DocumentRoot}/>";
if ($ZarafaWebNTLM == 1) {
$ldap = new clladp();
$f[] = " AuthName \"Zarafa logon..\"";
$f[] = " AuthType Basic";
$f[] = " AuthLDAPURL ldap://{$ldap->ldap_host}:{$ldap->ldap_port}/dc=organizations,{$ldap->suffix}?uid";
$f[] = " AuthLDAPBindDN cn={$ldap->ldap_admin},{$ldap->suffix}";
$f[] = " AuthLDAPBindPassword {$ldap->ldap_password}";
$f[] = " AuthLDAPGroupAttribute memberUid";
$f[] = " AuthBasicProvider ldap";
$f[] = " AuthzLDAPAuthoritative off";
$f[] = " require valid-user";
}
if ($ZarafaApachePHPFPMEnable == 0) {
$f[] = " php_value magic_quotes_gpc 0";
$f[] = " php_value register_globals 0";
$f[] = " php_value magic_quotes_runtime 0";
$f[] = " php_value post_max_size 31M";
$f[] = " php_value include_path \".:/usr/share/php:/usr/share/php5:/usr/local/share/php\"";
$f[] = " php_value upload_max_filesize 30M";
$f[] = " php_value short_open_tag 1";
$f[] = " php_flag log_errors on";
$f[] = " php_value safe_mode 0";
$f[] = " php_flag log_errors on";
$f[] = " php_value error_log \"/var/log/apache-zarafa/php.log\"";
}
$f[] = " DirectoryIndex index.php";
$f[] = " Options -Indexes +FollowSymLinks";
$f[] = " AllowOverride Options";
$f[] = " Order allow,deny";
$f[] = " Allow from all";
$f[] = "</Directory>";
if ($ZarafaApachePHPFPMEnable == 1) {
$php = $unix->LOCATE_PHP5_BIN();
if (!$unix->is_socket("/var/run/php-fpm-zarafa.sock")) {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: /var/run/php-fpm-zarafa.sock no such socket\n";
}
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Activate PHP5-FPM\n";
}
shell_exec("{$php} /usr/share/artica-postfix/exec.initslapd.php --phppfm");
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Restarting PHP5-FPM\n";
}
shell_exec("/etc/init.d/php5-fpm restart");
}
$f[] = "\tAlias /php5.fastcgi /var/run/artica-apache/php5.fastcgi";
$f[] = "\tAddHandler php-script .php";
$f[] = "\tFastCGIExternalServer /var/run/artica-apache/php5.fastcgi -socket /var/run/php-fpm-zarafa.sock -idle-timeout 610";
$f[] = "\tAction php-script /php5.fastcgi virtual";
$f[] = "\t<Directory /var/run/artica-apache>";
$f[] = "\t\t<Files php5.fastcgi>";
$f[] = "\t\tOrder deny,allow";
$f[] = "\t\tAllow from all";
$f[] = "\t\t</Files>";
$f[] = "\t</Directory>";
} else {
if ($GLOBALS["OUTPUT"]) {
echo "Configuring...: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} PHP5-FPM is disabled\n";
}
}
$f[] = "<IfModule dir_module>";
$f[] = " DirectoryIndex index.php";
$f[] = "</IfModule>";
$f[] = "";
$f[] = "";
$f[] = "<FilesMatch \"^\\.ht\">";
$f[] = " Order allow,deny";
$f[] = " Deny from all";
$f[] = " Satisfy All";
$f[] = "</FilesMatch>";
$f[] = "<IfModule mod_php5.c>";
$f[] = " <FilesMatch \"\\.ph(p3?|tml)\$\">";
$f[] = "\tSetHandler application/x-httpd-php";
$f[] = " </FilesMatch>";
$f[] = " <FilesMatch \"\\.phps\$\">";
$f[] = "\tSetHandler application/x-httpd-php-source";
$f[] = " </FilesMatch>";
$f[] = " # To re-enable php in user directories comment the following lines";
$f[] = " # (from <IfModule ...> to </IfModule>.) Do NOT set it to On as it";
$f[] = " # prevents .htaccess files from disabling it.";
$f[] = " <IfModule mod_userdir.c>";
$f[] = " <Directory /home/*/public_html>";
$f[] = " php_admin_value engine Off";
$f[] = " </Directory>";
$f[] = " </IfModule>";
$f[] = "</IfModule>";
$f[] = "";
$f[] = "";
$f[] = "ErrorLog \"/var/log/apache-zarafa/error.log\"";
$f[] = "LogLevel warn";
$f[] = "";
$f[] = "<IfModule log_config_module>";
$f[] = " LogFormat \"%h %l %u %t \\\"%r\\\" %>s %b \\\"%{Referer}i\\\" \\\"%{User-Agent}i\\\" %V\\\" combinedv";
$f[] = " LogFormat \"%h %l %u %t \\\"%r\\\" %>s %b\" common";
$f[] = "";
$f[] = " <IfModule logio_module>";
$f[] = " LogFormat \"%h %l %u %t \\\"%r\\\" %>s %b \\\"%{Referer}i\\\" \\\"%{User-Agent}i\\\" %I %O\" combinedio";
$f[] = " </IfModule>";
$f[] = "";
$f[] = " CustomLog \"/var/log/apache-zarafa/access.log\" combinedv";
$f[] = "</IfModule>";
$f[] = "";
$f[] = "<IfModule alias_module>";
$f[] = " ScriptAlias /cgi-bin/ \"/usr/local/apache-groupware/data/cgi-bin/\"";
$f[] = " Alias /images /usr/share/obm2/resources";
$f[] = "";
$f[] = "</IfModule>";
$f[] = "";
$f[] = "<IfModule cgid_module>";
$f[] = "";
$f[] = "</IfModule>";
$f[] = "";
$f[] = "";
$f[] = "<Directory \"/usr/local/apache-groupware/data/cgi-bin\">";
$f[] = " AllowOverride None";
$f[] = " Options None";
$f[] = " Order allow,deny";
$f[] = " Allow from all";
$f[] = "</Directory>";
$f[] = "";
$f[] = "";
$f[] = "DefaultType text/plain";
$f[] = "";
$f[] = "<IfModule mime_module>";
$f[] = " ";
$f[] = " TypesConfig /etc/mime.types";
$f[] = " #AddType application/x-gzip .tgz";
$f[] = " AddType application/x-compress .Z";
$f[] = " AddType application/x-gzip .gz .tgz";
$f[] = " AddType application/x-httpd-php .php .phtml";
$f[] = " #AddHandler cgi-script .cgi";
$f[] = " #AddHandler type-map var";
$f[] = " #AddType text/html .shtml";
$f[] = " #AddOutputFilter INCLUDES .shtml";
$f[] = "</IfModule>";
@file_put_contents('/etc/zarafa/httpd.conf', @implode("\n", $f) . "\n");
if ($GLOBALS["OUTPUT"]) {
echo "Configuring...: " . date("H:i:s") . " /etc/zarafa/httpd.conf done\n";
}
}
function squid_conf_copy()
{
if (is_file("/usr/share/artica-postfix/ressources/logs/web/squid.conf")) {
@unlink("/usr/share/artica-postfix/ressources/logs/web/squid.conf");
}
@copy("/etc/squid3/squid.conf", "/usr/share/artica-postfix/ressources/logs/web/squid.conf");
@chmod("/usr/share/artica-postfix/ressources/logs/web/squid.conf", 0755);
$unix = new unix();
@chown("/usr/share/artica-postfix/ressources/logs/web/squid.conf", $unix->APACHE_SRC_ACCOUNT());
}
function install_PIWIK($servername)
{
$sources = "/usr/share/piwik";
$unix = new unix();
$cp = $unix->find_program("cp");
$freeweb = new freeweb($servername);
if (!is_dir($sources)) {
writelogs("[{$servername}] {$sources} no such directory", __FUNCTION__, __FILE__, __LINE__);
return;
}
if (!is_dir($freeweb->WORKING_DIRECTORY)) {
writelogs("[{$servername}] {$freeweb->WORKING_DIRECTORY} no such directory", __FUNCTION__, __FILE__, __LINE__);
return;
}
include_once dirname(__FILE__) . "/ressources/class.piwik.inc";
$piwik = new piwik();
if ($piwik->checkWebsite($freeweb->WORKING_DIRECTORY)) {
return;
}
writelogs("[{$servername}] copy sources...", __FUNCTION__, __FILE__, __LINE__);
shell_exec("{$cp} -rf {$sources}/* {$freeweb->WORKING_DIRECTORY}/");
@unlink("{$freeweb->WORKING_DIRECTORY}/config/config.ini.php");
@mkdir('/usr/share/piwik/tmp/assets', 0777, true);
@mkdir('/usr/share/piwik/tmp/templates_c', 0777, true);
@mkdir('/usr/share/piwik/tmp/cache', 0777, true);
@mkdir('/usr/share/piwik/tmp/assets', 0777, true);
shell_exec('/bin/chmod 0777 /usr/share/piwik/tmp');
shell_exec('/bin/chmod 0777 /usr/share/piwik/tmp/templates_c/');
shell_exec('/bin/chmod 0777 /usr/share/piwik/tmp/cache/');
shell_exec('/bin/chmod 0777 /usr/share/piwik/tmp/assets/');
shell_exec('/bin/chmod a+w /usr/share/piwik/config');
$apacheusername = $unix->APACHE_SRC_ACCOUNT();
$apachegroup = $unix->APACHE_SRC_GROUP();
$freeweb->chown($freeweb->WORKING_DIRECTORY);
}
function execute_mysql($OnlyID = 0)
{
$GLOBALS["INDEXED"] = 0;
$GLOBALS["SKIPPED"] = 0;
$GLOBALS["DIRS"] = array();
$unix = new unix();
$httrack = $unix->find_program("httrack");
if (!is_file($httrack)) {
apache_admin_mysql(0, "httrack no such binary", null, __FILE__, __LINE__, "webcopy");
return;
}
$pidfile = "/etc/artica-postfix/pids/" . basename(__FILE__) . "." . __FUNCTION__ . ".pid";
$pid = $unix->get_pid_from_file($pidfile);
if ($unix->process_exists($pid, basename(__FILE__))) {
apache_admin_mysql(1, "Already instance executed", null, __FILE__, __LINE__, "webcopy");
return;
}
$ini = new Bs_IniHandler();
$sock = new sockets();
$datas = $sock->GET_INFO("ArticaProxySettings");
if (trim($datas) != null) {
$ini->loadString($datas);
if (!isset($ini->_params["PROXY"]["ArticaProxyServerEnabled"])) {
$ini->_params["PROXY"]["ArticaProxyServerEnabled"] = "no";
}
$ArticaProxyServerEnabled = $ini->_params["PROXY"]["ArticaProxyServerEnabled"];
$ArticaProxyServerName = $ini->_params["PROXY"]["ArticaProxyServerName"];
$ArticaProxyServerPort = $ini->_params["PROXY"]["ArticaProxyServerPort"];
$ArticaProxyServerUsername = trim($ini->_params["PROXY"]["ArticaProxyServerUsername"]);
$ArticaProxyServerUserPassword = $ini->_params["PROXY"]["ArticaProxyServerUserPassword"];
if ($ArticaProxyServerEnabled == 1) {
$ArticaProxyServerEnabled = "yes";
}
}
$PPRoxy = null;
$userPP = null;
if ($ArticaProxyServerEnabled == "yes") {
if ($ArticaProxyServerUsername != null) {
$userPP = "{$ArticaProxyServerUsername}:{$ArticaProxyServerUserPassword}@";
}
$PPRoxy = " --proxy {$userPP}@{$ArticaProxyServerName}:{$ArticaProxyServerPort}";
} else {
$squidbin = $unix->LOCATE_SQUID_BIN();
if (is_file($squidbin)) {
$SQUIDEnable = $sock->GET_INFO("SQUIDEnable");
if (!is_numeric($SQUIDEnable)) {
$SQUIDEnable = 1;
}
$SquidMgrListenPort = intval($sock->GET_INFO("SquidMgrListenPort"));
$PPRoxy = " --proxy 127.0.0.1:{$SquidMgrListenPort}";
}
}
$getmypid = getmypid();
@file_put_contents($pidfile, $getmypid);
$php = $unix->LOCATE_PHP5_BIN();
$APACHE_USERNAME = $unix->APACHE_SRC_ACCOUNT();
$APACHE_SRC_GROUP = $unix->APACHE_SRC_GROUP();
$q = new mysql();
$nice = EXEC_NICE();
$sql = "SELECT * FROM httrack_sites WHERE enabled=1";
$results = $q->QUERY_SQL($sql, "artica_backup");
if (!$q->ok) {
apache_admin_mysql(0, "Fatal: {$q->mysql_error}", null, __FILE__, __LINE__, "webcopy");
return;
}
$t1 = time();
$count = 0;
if ($OnlyID > 0) {
$ligne2 = mysql_fetch_array($q->QUERY_SQL("SELECT sitename FROM httrack_sites WHERE ID={$OnlyID}", "artica_backup"));
$log_exp = " only for [{$ligne2["sitename"]}] ";
}
apache_admin_mysql(2, "Starting executing WebCopy task {$log_exp} pid:{$getmypid}", null, __FILE__, __LINE__, "webcopy");
$dirsizeG = 0;
while ($ligne = mysql_fetch_assoc($results)) {
if ($OnlyID > 0) {
if ($ligne["ID"] != $OnlyID) {
continue;
}
}
$t = time();
$count++;
$workingdir = $ligne["workingdir"];
$sitename = $ligne["sitename"];
$minrate = $ligne["minrate"];
$maxfilesize = $ligne["maxfilesize"];
$maxsitesize = $ligne["maxsitesize"];
$size = $ligne["size"];
$sizeKB = $size / 1024;
$sizeMB = round($sizeKB / 1024, 2);
$maxworkingdir = intval($ligne["maxworkingdir"]);
if ($maxworkingdir == 0) {
$maxworkingdir = 20;
}
$maxsitesizeMB = $maxsitesize / 1000;
if ($maxsitesizeMB > $maxworkingdir) {
$maxsitesize = $maxworkingdir * 1000;
}
if ($sizeMB > $maxworkingdir) {
apache_admin_mysql(1, "Skip downloading content of {$sitename} Directory: {$sizeMB}MB reach limit of {$maxworkingdir}MB", null, __FILE__, __LINE__, "webcopy");
continue;
}
if ($GLOBALS["VERBOSE"]) {
echo "Dir: Current size:{$sizeMB}\n";
echo "Dir: Max size:{$maxworkingdir}\n";
}
$ResteMB = $maxworkingdir - $sizeMB;
$ResteKB = $ResteMB * 1000;
if ($maxsitesize > $ResteKB) {
$maxsitesize = $ResteKB;
}
echo "Dir: Max Downloads:{$maxsitesize} KB\n";
$maxfilesize = $maxfilesize * 1000;
$maxsitesize = $maxsitesize * 1000;
$minrate = $minrate * 1000;
$update = null;
$resultsCMD = array();
echo "Dir: Max Downloads:{$maxsitesize} Bytes\n";
if (!is_dir($workingdir)) {
@mkdir($workingdir, 0755, true);
}
if (is_file("{$workingdir}/hts-cache")) {
$update = " --update";
}
apache_admin_mysql(2, "Starting downloading content of {$sitename}/{$minrate}/" . FormatBytes($maxsitesize / 1000), null, __FILE__, __LINE__, "webcopy");
$cmdline = "{$httrack} \"{$sitename}\" --quiet{$update}{$PPRoxy} --max-files={$maxfilesize} --max-size={$maxsitesize} --max-rate={$minrate} -O \"{$workingdir}\" 2>&1";
if ($GLOBALS["VERBOSE"]) {
echo "{$cmdline}\n";
}
exec($cmdline, $resultsCMD);
if ($GLOBALS["VERBOSE"]) {
echo @implode("\n", $resultsCMD);
}
$dirsize = $unix->DIRSIZE_BYTES($workingdir);
$dirsizeG = $dirsizeG + $dirsize;
$took = $unix->distanceOfTimeInWords($t, time(), true);
$dirsizeText = round($dirsize / 1024 / 1000, 2);
if ($GLOBALS["VERBOSE"]) {
echo "Dir: Current size:{$sizeMB}\n";
echo "Dir: New size....:{$dirsizeText}MB\n";
}
apache_admin_mysql(2, "{$sitename} scrapped took {$took} size={$dirsizeText} MB", @implode("\n", $resultsCMD), __FILE__, __LINE__, "webcopy");
$q->QUERY_SQL("UPDATE httrack_sites SET size='{$dirsize}' WHERE ID={$ligne["ID"]}", "artica_backup");
}
$took = $unix->distanceOfTimeInWords($t1, time(), true);
@chmod($workingdir, 0755);
@chmod(dirname($workingdir), 0755);
$chown = $unix->find_program("chown");
shell_exec("{$chown} -R {$APACHE_USERNAME}:{$APACHE_SRC_GROUP} {$workingdir}");
@file_put_contents("/etc/artica-postfix/settings/Daemons/HTTRackSize", $dirsizeG);
if ($count > 0) {
apache_admin_mysql(2, "{$count} web sites scrapped took {$took}", null, __FILE__, __LINE__, "webcopy");
}
system("{$php} /usr/share/artica-postfix/exec.syslog-engine.php --apache");
}
function coova_web()
{
$ldap = new clladp();
$sock = new sockets();
$ChilliConf = unserialize(base64_decode($sock->GET_INFO("ChilliConf")));
if (!isset($ChilliConf["HS_UAMFREEWEB"])) {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: FreeWeb Login page is not set...\n";
}
}
$f[] = "<?";
$f[] = "\t\$msecret = '{$ldap->ldap_password}'; //Change this to be the same as your chilli's configuration";
$f[] = "\t\$username = \$_POST['username'];";
$f[] = "\t\$password = \$_POST['password'];";
$f[] = "\t\$challenge = \$_POST['challenge'];";
$f[] = "\t\$redir\t = \$_POST['userurl'];";
$f[] = "\t\$server_ip = \$_POST['uamip'];";
$f[] = "\t\$port = \$_POST['uamport'];";
$f[] = "";
$f[] = " //--Add a remember me cookie---";
$f[] = " if( array_key_exists('remember',\$_POST)){";
$f[] = " \$Year = (2592000*12) + time();";
$f[] = " setcookie(\"hs[username]\", \$username, \$Year);";
$f[] = " setcookie('hs[password]', \$password, \$Year);";
$f[] = " }";
$f[] = "";
$f[] = " //--There is a bug that keeps the logout in a loop if userurl is http%3a%2f%2f1.0.0.0 ---/";
$f[] = " //--We need to remove this and replace it with something we want";
$f[] = " if (preg_match(\"/1\\.0\\.0\\.0/i\", \$redir)) {";
$f[] = "";
$f[] = " \$default_site = 'google.com';";
$f[] = " \$pattern = \"/1\\.0\\.0\\.0/i\";";
$f[] = " \$redir = preg_replace(\$pattern, \$default_site, \$redir);";
$f[] = " }";
$f[] = "";
$f[] = "\t\$enc_pwd = return_new_pwd(\$password,\$challenge,\$uamsecret);";
$f[] = "\t//\$dir\t\t= '/json/logon';";
$f[] = "\t\$dir\t\t= '/logon';";
$f[] = " \$target = \"http://\$server_ip\".':'.\$port.\$dir.\"?username=\$username&password=\$enc_pwd&userurl=\$redir\";";
$f[] = " // print(\$target);";
$f[] = "";
$f[] = "\theader(\"Location: \$target\");";
$f[] = "";
$f[] = "\t//Function to do the encryption thing of the password";
$f[] = "\tfunction return_new_pwd(\$pwd,\$challenge,\$uamsecret){";
$f[] = "\t \$hex_chal = pack('H32', \$challenge); //Hex the challenge";
$f[] = "\t \$newchal = pack('H*', md5(\$hex_chal.\$uamsecret)); //Add it to with \$uamsecret (shared between chilli an this script)";
$f[] = "\t \$response = md5(\"\" . \$pwd . \$newchal); //md5 the lot";
$f[] = "\t \$newpwd = pack('a32', \$pwd); //pack again";
$f[] = "\t \$password = implode ('', unpack('H32', (\$newpwd ^ \$newchal))); //unpack again";
$f[] = "\t return \$password;";
$f[] = " \t}";
$f[] = "";
$f[] = "?>";
$unix = new unix();
$cp = $unix->find_program("cp");
@mkdir("/var/www/coova_json", 0755, true);
if (!is_file("/var/www/coova_json/login.php")) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Installing Coova JSON...\n";
shell_exec("{$cp} -rf /var/www/c2/yfi_cake/setup/coova_json/* /var/www/coova_json/");
}
@file_put_contents("/var/www/coova_json/login.php", @implode("\n", $f));
@chmod("var/www/coova_json/login.php", 0755);
$unix->chown_func($unix->APACHE_SRC_ACCOUNT(), $unix->APACHE_SRC_GROUP(), "/var/www/coova_json/*");
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} `coova_json/login.php` done\n";
$f = explode("\n", @file_get_contents("/var/www/coova_json/js/custom.js"));
while (list($key, $line) = each($f)) {
if (preg_match("#\\s+p_url_use:.*?'#", $line)) {
echo "Starting......: " . date("H:i:s") . " [INIT]: Chilli: L.{$key} FreeWeb: {$ChilliConf["HS_UAMFREEWEB"]}\n";
$f[$key] = "\tp_url_use: 'http://{$ChilliConf["HS_UAMFREEWEB"]}/c2/yfi_cake/third_parties/json_usage_check?key=12345&username='******'s usage";
continue;
}
if (preg_match("#\\s+p_url_uam:.*?'#", $line)) {
echo "Starting......: " . date("H:i:s") . " [INIT]: Chilli: L.{$key} FreeWeb: {$ChilliConf["HS_UAMFREEWEB"]}\n";
$f[$key] = "\tp_url_uam: 'http://{$ChilliConf["HS_UAMFREEWEB"]}/mobile/uam.php?challenge=', //This us the web service which will return a uam encrypted hash using the challenge, password and UAM shared secret";
continue;
}
if (preg_match("#\\s+p_url_voucher_name:.*?'#", $line)) {
echo "Starting......: " . date("H:i:s") . " [INIT]: Chilli: L.{$key} FreeWeb: {$ChilliConf["HS_UAMFREEWEB"]}\n";
$f[$key] = "\tp_url_voucher_name: 'http://{$ChilliConf["HS_UAMFREEWEB"]}/c2/yfi_cake/third_parties/json_voucher_name?key=12345&password='******'{$ldap->ldap_password}';";
continue;
}
}
@file_put_contents("/var/www/coova_json/uam.php", @implode("\n", $f));
echo "Starting......: " . date("H:i:s") . " [INIT]: Chilli: `/uam.php` done\n";
DefaultSplash($ChilliConf);
}
if (posix_getuid() != 0) {
die("Cannot be used in web server mode\n\n");
}
include_once dirname(__FILE__) . '/ressources/class.users.menus.inc';
include_once dirname(__FILE__) . '/ressources/class.mysql.inc';
include_once dirname(__FILE__) . '/ressources/class.user.inc';
include_once dirname(__FILE__) . '/ressources/class.ini.inc';
include_once dirname(__FILE__) . '/ressources/class.ldap.inc';
include_once dirname(__FILE__) . '/framework/class.unix.inc';
if (is_array($argv)) {
if (preg_match("#--verbose#", implode(" ", $argv))) {
$GLOBALS["VERBOSE"] = true;
}
}
$unix = new unix();
$apache_usr = $unix->APACHE_SRC_ACCOUNT();
$pure_pw = $unix->find_program("pure-pw");
if (strlen($pure_pw) < 4) {
echo "Starting......: pure-ftpd pure-pw no such file\n";
die;
}
if (!is_file("/etc/pure-ftpd/conf/Umask")) {
@file_put_contents("/etc/pure-ftpd/conf/Umask", "173 072");
}
$ldap = new clladp();
if ($ldap->ldapFailed) {
echo "Starting......: pure-ftpd ldap failed\n";
die;
}
$attr = array();
$pattern = "(&(objectClass=PureFTPdUser)(FTPStatus=TRUE))";
function LoagRotateApache()
{
$sock = new sockets();
$unix = new unix();
$ApacheLogRotate = $sock->GET_INFO("ApacheLogRotate");
if (!is_numeric($ApacheLogRotate)) {
$ApacheLogRotate = 1;
}
if ($ApacheLogRotate == 0) {
return;
}
$gzip = $unix->find_program("gzip");
$ligneC = unserialize(base64_decode($sock->GET_INFO("ApacheLogRotateParams")));
if (!is_numeric($ligneC["RotateType"])) {
$ligneC["RotateType"] = 0;
}
if (!is_numeric($ligneC["MaxSize"])) {
$ligneC["MaxSize"] = 100;
}
if (!is_numeric($ligneC["RotateCount"])) {
$ligneC["RotateCount"] = 5;
}
$php5 = $unix->LOCATE_PHP5_BIN();
$q = new mysql();
$sql = "SELECT servername FROM freeweb";
$results = $q->QUERY_SQL($sql, 'artica_backup');
if (mysql_num_rows($results) == 0) {
return;
}
while ($ligne = mysql_fetch_array($results, MYSQL_ASSOC)) {
$servername = $ligne["servername"];
$f = array();
$f[] = "/var/log/apache2/{$servername}/*.log {";
$f[] = "\t{$ligneC["RotateFreq"]}";
$f[] = "\tsu " . $unix->APACHE_SRC_ACCOUNT() . " " . $unix->APACHE_SRC_GROUP();
$f[] = "\tmissingok";
if ($ligneC["MaxSize"] > 0) {
$f[] = "\tsize {$ligneC["MaxSize"]}M";
}
if ($ligneC["RotateCount"] > 0) {
$f[] = "\trotate {$ligneC["RotateCount"]}";
}
$f[] = "\tcompress";
$f[] = "\tsharedscripts";
$f[] = "\tcreate 640 root";
$f[] = "\tdateext";
$f[] = "\tcompressext .gz";
$f[] = "\tcompresscmd {$gzip}";
$f[] = "\tcompressoptions -9";
$f[] = "\textension -TASK-99999";
$f[] = "\tpostrotate";
$f[] = "{$php5} /usr/share/artica-postfix/exec.freeweb.php --reload";
$f[] = "endscript";
$f[] = "}\n";
@file_put_contents("/etc/logrotate.d/rotate-{$servername}", @implode("\n", $f));
}
}
function start()
{
$unix = new unix();
$sock = new sockets();
$EnableArticaMirror = intval($sock->GET_INFO("EnableArticaMirror"));
if ($EnableArticaMirror == 0) {
die;
}
$pidfile = "/etc/artica-postfix/pids/" . basename(__FILE__) . "." . __FUNCTION__ . ".pid";
$cachetime = "/etc/artica-postfix/pids/" . basename(__FILE__) . "." . __FUNCTION__ . ".time";
if ($GLOBALS["VERBOSE"]) {
echo "Time: {$cachetime}\n";
}
$pid = @file_get_contents($pidfile);
if ($unix->process_exists($pid)) {
WriteMyLogs("Already executed PID:{$pid}, die()", __FUNCTION__, __FILE__, __LINE__);
die;
}
@file_put_contents($pidfile, getmypid());
$cachetimeEx = $unix->file_time_min($cachetime);
if (!$GLOBALS["FORCE"]) {
if ($cachetimeEx < 25) {
return;
}
}
@unlink($cachetime);
@file_put_contents($cachetime, time());
$APACHE_USER = $unix->APACHE_SRC_ACCOUNT();
$MyRepo = "/home/www.artica.fr/web/tmpf/auto.update.ini";
$MIRROR = "http://articatech.net";
$REMOTE_URI = "{$MIRROR}/auto.update.php";
$OFFICIAL_DEST = "/home/www.artica.fr/web/download";
$NIGHTLY_DEST = "/home/www.artica.fr/web/nightbuilds";
$TEMP_DIR = $unix->TEMP_DIR();
$MyRepo = "/home/www.artica.fr/web/tmpf/auto.update.ini";
if (!is_file($MyRepo)) {
if ($GLOBALS["VERBOSE"]) {
echo "{$MyRepo} no such file\n";
}
}
$ini = new Bs_IniHandler($MyRepo);
$LOCAL_OFFICIAL = $ini->_params["NEXT"]["artica"];
$LOCAL_NIGHTLY = $ini->_params["NEXT"]["artica-nightly"];
$tmpfile = $unix->FILE_TEMP();
$curl = new ccurl($REMOTE_URI);
if (!$curl->GetFile($tmpfile)) {
return;
}
$ini = new Bs_IniHandler($tmpfile);
$REMOTE_OFFICIAL = $ini->_params["NEXT"]["artica"];
$REMOTE_NIGHTLY = $ini->_params["NEXT"]["artica-nightly"];
@unlink($tmpfile);
echo "Official {$LOCAL_OFFICIAL}/{$REMOTE_OFFICIAL}\n";
echo "Nightly {$LOCAL_NIGHTLY}/{$REMOTE_NIGHTLY}\n";
if ($LOCAL_OFFICIAL != $REMOTE_OFFICIAL) {
$uri = "{$MIRROR}/download/artica-{$REMOTE_OFFICIAL}.tgz";
$ArticaFileTemp = "{$TEMP_DIR}/{$REMOTE_OFFICIAL}.tgz";
echo "Downloading {$uri}\n";
$curl1 = new ccurl($uri);
if (!$curl1->GetFile($ArticaFileTemp)) {
echo "Failed\n";
return;
}
@copy($ArticaFileTemp, "{$OFFICIAL_DEST}/artica-{$REMOTE_OFFICIAL}.tgz");
@chown("{$OFFICIAL_DEST}/artica-{$REMOTE_OFFICIAL}.tgz", "{$APACHE_USER}");
@unlink($ArticaFileTemp);
@unlink($MyRepo);
}
if ($LOCAL_NIGHTLY != $REMOTE_NIGHTLY) {
$uri = "{$MIRROR}/nightbuilds/artica-{$REMOTE_NIGHTLY}.tgz";
$ArticaFileTemp = "{$TEMP_DIR}/{$REMOTE_NIGHTLY}.tgz";
echo "*******************************************\n";
echo "Downloading {$uri} to {$ArticaFileTemp}\n";
echo "Local: {$NIGHTLY_DEST}/{$REMOTE_NIGHTLY}.tgz\n";
echo "*******************************************\n\n";
$curl2 = new ccurl($uri);
if (!$curl2->GetFile($ArticaFileTemp)) {
echo "Failed\n";
return;
}
@copy($ArticaFileTemp, "{$NIGHTLY_DEST}/artica-{$REMOTE_NIGHTLY}.tgz");
@chown("{$NIGHTLY_DEST}/artica-{$REMOTE_NIGHTLY}.tgz", "{$APACHE_USER}");
@unlink($ArticaFileTemp);
@unlink($MyRepo);
}
}
function extract_tgz($uuid)
{
$unix = new unix();
$workingdir = "/usr/share/artica-postfix/ressources/conf/meta/hosts/uploaded/{$uuid}";
if (is_file("{$workingdir}/status.tgz")) {
$tar = $unix->find_program("tar");
shell_exec("{$tar} -xf {$workingdir}/status.tgz -C {$workingdir}/");
@unlink("{$workingdir}/status.tgz");
}
$unix->chown_func($unix->APACHE_SRC_ACCOUNT(), $unix->APACHE_SRC_GROUP(), "{$workingdir}/*");
if (is_file("{$workingdir}/squid_admin_mysql.db")) {
$q = new mysql_meta();
if (!$q->TABLE_EXISTS("squid_admin_mysql")) {
$q->CheckTables();
}
$data = trim(@file_get_contents("{$workingdir}/squid_admin_mysql.db"));
if ($data != null) {
$q->QUERY_SQL(@file_get_contents("{$workingdir}/squid_admin_mysql.db"));
if (!$q->ok) {
meta_admin_mysql(0, "Failed to import {$workingdir}/squid_admin_mysql.db", $q->mysql_error, __FILE__, __LINE__);
} else {
@unlink("{$workingdir}/squid_admin_mysql.db");
}
} else {
@unlink("{$workingdir}/squid_admin_mysql.db");
}
} else {
if ($GLOBALS["VERBOSE"]) {
echo "{$workingdir}/squid_admin_mysql.db ( no such file )\n";
}
}
if (is_file("{$workingdir}/network_hosts.db")) {
__network_hosts($uuid, "{$workingdir}/network_hosts.db");
} else {
if ($GLOBALS["VERBOSE"]) {
echo "{$workingdir}/network_hosts.db ( no such file )\n";
}
}
global_status_ini($uuid);
}
function apache_config()
{
$sock = new sockets();
$unix = new unix();
$EnablePHPFPM = 0;
$ipaddr = null;
@mkdir("/var/run/apache2", 0755, true);
@mkdir("/var/run/sarg-apache", 0755, true);
@mkdir("/var/log/apache2", 0755, true);
@mkdir(dirname($GLOBALS["APACHE_PID_PATH"]), 0755, true);
$APACHE_SRC_ACCOUNT = $unix->APACHE_SRC_ACCOUNT();
$APACHE_SRC_GROUP = $unix->APACHE_SRC_GROUP();
$APACHE_MODULES_PATH = $unix->APACHE_MODULES_PATH();
$SargOutputDir = $sock->GET_INFO("SargOutputDir");
if ($SargOutputDir == null) {
$SargOutputDir = "/var/www/html/squid-reports";
}
$SargWebPort = intval($sock->GET_INFO("SargWebPort"));
if ($SargWebPort == 0) {
$SargWebPort = rand(55600, 59000);
$sock->SET_INFO("SargWebPort", $SargWebPort);
}
if (is_link($SargOutputDir)) {
$SargOutputDir = @readlink($SargOutputDir);
}
@mkdir($SargOutputDir, 0755, true);
if (!is_file("{$SargOutputDir}/index.html")) {
$php = $unix->LOCATE_PHP5_BIN();
shell_exec("{$php} /usr/share/artica-postfix/exec.sarg.php --exec --force >/dev/null 2>&1 &");
}
if ($ipaddr == null) {
$ipaddr = "*";
}
$phpfpm = $unix->APACHE_LOCATE_PHP_FPM();
$php = $unix->LOCATE_PHP5_BIN();
$EnableArticaApachePHPFPM = $sock->GET_INFO("EnableArticaApachePHPFPM");
if (!is_numeric($EnableArticaApachePHPFPM)) {
$EnableArticaApachePHPFPM = 0;
}
if (!is_file($phpfpm)) {
$EnableArticaApachePHPFPM = 0;
}
$logfile = "/var/log/apache2/apache-sarg-access.log";
$ErrorLog = "/var/log/apache2/apache-sarg-error.log";
$unix->chown_func($APACHE_SRC_ACCOUNT, $APACHE_SRC_GROUP, "/var/run/sarg-apache");
$apache_LOCATE_MIME_TYPES = $unix->apache_LOCATE_MIME_TYPES();
if ($EnableArticaApachePHPFPM == 1) {
if (!is_file("{$APACHE_MODULES_PATH}/mod_fastcgi.so")) {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} mod_fastcgi.so is required to use PHP5-FPM\n";
}
$EnableArticaApachePHPFPM = 0;
}
}
if ($APACHE_SRC_ACCOUNT == null) {
$APACHE_SRC_ACCOUNT = "www-data";
$APACHE_SRC_GROUP = "www-data";
$unix->CreateUnixUser($APACHE_SRC_ACCOUNT, $APACHE_SRC_GROUP, "Apache username");
}
@unlink($ErrorLog);
@unlink($logfile);
if (!is_file("{$logfile}")) {
@touch("{$logfile}");
}
if (!is_file("{$ErrorLog}")) {
@touch("{$ErrorLog}");
}
$unix->chown_func($APACHE_SRC_ACCOUNT, $APACHE_SRC_GROUP, $ErrorLog);
$unix->chown_func($APACHE_SRC_ACCOUNT, $APACHE_SRC_GROUP, $logfile);
$unix->chown_func($APACHE_SRC_ACCOUNT, $APACHE_SRC_GROUP, "/var/run/sarg-apache");
$unix->chown_func($APACHE_SRC_ACCOUNT, $APACHE_SRC_GROUP, "/var/log/apache2");
$unix->chown_func($APACHE_SRC_ACCOUNT, $APACHE_SRC_GROUP, dirname($GLOBALS["APACHE_PID_PATH"]));
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Run as {$APACHE_SRC_ACCOUNT}:{$APACHE_SRC_GROUP}\n";
}
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} HTTP Port: {$ArticaSplashHotSpotPort} SSL Port: {$ArticaSplashHotSpotPortSSL}\n";
}
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} PHP-FPM: {$EnablePHPFPM}\n";
}
$f[] = "LockFile /var/run/apache2/sarg-artica-accept.lock";
$f[] = "PidFile {$GLOBALS["APACHE_PID_PATH"]}";
$f[] = "AcceptMutex flock";
$f[] = "DocumentRoot {$SargOutputDir}";
$f[] = "DirectoryIndex index.html";
$f[] = "ErrorDocument 400 /index.html";
$f[] = "ErrorDocument 401 /index.html";
$f[] = "ErrorDocument 403 /index.html";
$f[] = "ErrorDocument 404 /index.html";
$f[] = "ErrorDocument 500 /index.html";
$f[] = "NameVirtualHost {$ipaddr}:{$SargWebPort}";
$f[] = "Listen {$ipaddr}:{$SargWebPort}";
$f[] = "<VirtualHost {$ipaddr}:{$SargWebPort}>";
$f[] = "\tServerName {$ipaddr}";
$f[] = "\tDocumentRoot {$SargOutputDir}";
$f[] = "</VirtualHost>";
$f[] = "<IfModule mpm_prefork_module>";
$f[] = "</IfModule>";
$f[] = "<IfModule mpm_worker_module>";
$f[] = "\tMinSpareThreads 25";
$f[] = "\tMaxSpareThreads 75 ";
$f[] = "\tThreadLimit 64";
$f[] = "\tThreadsPerChild 25";
$f[] = "</IfModule>";
$f[] = "<IfModule mpm_event_module>";
$f[] = "\tMinSpareThreads 25";
$f[] = "\tMaxSpareThreads 75 ";
$f[] = "\tThreadLimit 64";
$f[] = "\tThreadsPerChild 25";
$f[] = "</IfModule>";
$f[] = "AccessFileName .htaccess";
$f[] = "<Files ~ \"^\\.ht\">";
$f[] = "\tOrder allow,deny";
$f[] = "\tDeny from all";
$f[] = "\tSatisfy all";
$f[] = "</Files>";
$f[] = "DefaultType text/plain";
$f[] = "HostnameLookups Off";
$f[] = "User\t\t\t\t {$APACHE_SRC_ACCOUNT}";
$f[] = "Group\t\t\t\t {$APACHE_SRC_GROUP}";
$f[] = "Timeout 300";
$f[] = "KeepAlive Off";
$f[] = "KeepAliveTimeout 15";
$f[] = "StartServers 1";
$f[] = "MaxClients 50";
$f[] = "MinSpareServers 2";
$f[] = "MaxSpareServers 5";
$f[] = "MaxRequestsPerChild 5000";
$f[] = "MaxKeepAliveRequests 100";
$f[] = "ServerName " . $unix->hostname_g();
$f[] = "<IfModule mod_mime.c>";
$f[] = "\tTypesConfig /etc/mime.types";
$f[] = "\tAddType application/x-compress .Z";
$f[] = "\tAddType application/x-gzip .gz .tgz";
$f[] = "\tAddType application/x-bzip2 .bz2";
$f[] = "\tAddType application/x-httpd-php .php .phtml";
$f[] = "\tAddType application/x-httpd-php-source .phps";
$f[] = "\tAddLanguage ca .ca";
$f[] = "\tAddLanguage cs .cz .cs";
$f[] = "\tAddLanguage da .dk";
$f[] = "\tAddLanguage de .de";
$f[] = "\tAddLanguage el .el";
$f[] = "\tAddLanguage en .en";
$f[] = "\tAddLanguage eo .eo";
$f[] = "\tRemoveType es";
$f[] = "\tAddLanguage es .es";
$f[] = "\tAddLanguage et .et";
$f[] = "\tAddLanguage fr .fr";
$f[] = "\tAddLanguage he .he";
$f[] = "\tAddLanguage hr .hr";
$f[] = "\tAddLanguage it .it";
$f[] = "\tAddLanguage ja .ja";
$f[] = "\tAddLanguage ko .ko";
$f[] = "\tAddLanguage ltz .ltz";
$f[] = "\tAddLanguage nl .nl";
$f[] = "\tAddLanguage nn .nn";
$f[] = "\tAddLanguage no .no";
$f[] = "\tAddLanguage pl .po";
$f[] = "\tAddLanguage pt .pt";
$f[] = "\tAddLanguage pt-BR .pt-br";
$f[] = "\tAddLanguage ru .ru";
$f[] = "\tAddLanguage sv .sv";
$f[] = "\tRemoveType tr";
$f[] = "\tAddLanguage tr .tr";
$f[] = "\tAddLanguage zh-CN .zh-cn";
$f[] = "\tAddLanguage zh-TW .zh-tw";
$f[] = "\tAddCharset us-ascii .ascii .us-ascii";
$f[] = "\tAddCharset ISO-8859-1 .iso8859-1 .latin1";
$f[] = "\tAddCharset ISO-8859-2 .iso8859-2 .latin2 .cen";
$f[] = "\tAddCharset ISO-8859-3 .iso8859-3 .latin3";
$f[] = "\tAddCharset ISO-8859-4 .iso8859-4 .latin4";
$f[] = "\tAddCharset ISO-8859-5 .iso8859-5 .cyr .iso-ru";
$f[] = "\tAddCharset ISO-8859-6 .iso8859-6 .arb .arabic";
$f[] = "\tAddCharset ISO-8859-7 .iso8859-7 .grk .greek";
$f[] = "\tAddCharset ISO-8859-8 .iso8859-8 .heb .hebrew";
$f[] = "\tAddCharset ISO-8859-9 .iso8859-9 .latin5 .trk";
$f[] = "\tAddCharset ISO-8859-10 .iso8859-10 .latin6";
$f[] = "\tAddCharset ISO-8859-13 .iso8859-13";
$f[] = "\tAddCharset ISO-8859-14 .iso8859-14 .latin8";
$f[] = "\tAddCharset ISO-8859-15 .iso8859-15 .latin9";
$f[] = "\tAddCharset ISO-8859-16 .iso8859-16 .latin10";
$f[] = "\tAddCharset ISO-2022-JP .iso2022-jp .jis";
$f[] = "\tAddCharset ISO-2022-KR .iso2022-kr .kis";
$f[] = "\tAddCharset ISO-2022-CN .iso2022-cn .cis";
$f[] = "\tAddCharset Big5 .Big5 .big5 .b5";
$f[] = "\tAddCharset cn-Big5 .cn-big5";
$f[] = "\t# For russian, more than one charset is used (depends on client, mostly):";
$f[] = "\tAddCharset WINDOWS-1251 .cp-1251 .win-1251";
$f[] = "\tAddCharset CP866 .cp866";
$f[] = "\tAddCharset KOI8 .koi8";
$f[] = "\tAddCharset KOI8-E .koi8-e";
$f[] = "\tAddCharset KOI8-r .koi8-r .koi8-ru";
$f[] = "\tAddCharset KOI8-U .koi8-u";
$f[] = "\tAddCharset KOI8-ru .koi8-uk .ua";
$f[] = "\tAddCharset ISO-10646-UCS-2 .ucs2";
$f[] = "\tAddCharset ISO-10646-UCS-4 .ucs4";
$f[] = "\tAddCharset UTF-7 .utf7";
$f[] = "\tAddCharset UTF-8 .utf8";
$f[] = "\tAddCharset UTF-16 .utf16";
$f[] = "\tAddCharset UTF-16BE .utf16be";
$f[] = "\tAddCharset UTF-16LE .utf16le";
$f[] = "\tAddCharset UTF-32 .utf32";
$f[] = "\tAddCharset UTF-32BE .utf32be";
$f[] = "\tAddCharset UTF-32LE .utf32le";
$f[] = "\tAddCharset euc-cn .euc-cn";
$f[] = "\tAddCharset euc-gb .euc-gb";
$f[] = "\tAddCharset euc-jp .euc-jp";
$f[] = "\tAddCharset euc-kr .euc-kr";
$f[] = "\tAddCharset EUC-TW .euc-tw";
$f[] = "\tAddCharset gb2312 .gb2312 .gb";
$f[] = "\tAddCharset iso-10646-ucs-2 .ucs-2 .iso-10646-ucs-2";
$f[] = "\tAddCharset iso-10646-ucs-4 .ucs-4 .iso-10646-ucs-4";
$f[] = "\tAddCharset shift_jis .shift_jis .sjis";
$f[] = "\tAddType text/html .shtml";
$f[] = "\tAddOutputFilter INCLUDES .shtml";
$f[] = "</IfModule>";
//$f[]="Alias /index.php /usr/share/artica-postfix/hotspot.php";
//$f[]="Alias /index.html /usr/share/artica-postfix/hotspot.php";
$f[] = "<Directory \"{$SargOutputDir}\">";
$f[] = "\tDirectorySlash On";
$f[] = "\tDirectoryIndex index.html";
$f[] = "\t\t<Files \"hostpot.php\">";
$f[] = "\t\t\tOrder allow,deny";
$f[] = "\t\t\tallow from all";
$f[] = "\t\t</Files>";
$f[] = "\tErrorDocument 400 /index.html";
$f[] = "\tErrorDocument 401 /index.html";
$f[] = "\tErrorDocument 403 /index.html";
$f[] = "\tErrorDocument 404 /index.html";
$f[] = "\tErrorDocument 500 /index.html";
$f[] = "\tOptions -Indexes";
$f[] = "\tAllowOverride All";
$f[] = "\tOrder allow,deny";
$f[] = "\tAllow from all";
$f[] = "</Directory>";
$f[] = "Loglevel debug";
$f[] = "ErrorLog {$ErrorLog}";
$f[] = "LogFormat \"%h %l %u %t \\\"%r\\\" %<s %b\" common";
$f[] = "CustomLog {$logfile} common";
$array["actions_module"] = "mod_actions.so";
$array["expires_module"] = "mod_expires.so";
$array["rewrite_module"] = "mod_rewrite.so";
$array["dir_module"] = "mod_dir.so";
$array["mime_module"] = "mod_mime.so";
$array["alias_module"] = "mod_alias.so";
$array["auth_basic_module"] = "mod_auth_basic.so";
$array["authz_host_module"] = "mod_authz_host.so";
$array["autoindex_module"] = "mod_autoindex.so";
$array["negotiation_module"] = "mod_negotiation.so";
$array["headers_module"] = "mod_headers.so";
//$array["ldap_module"]="mod_ldap.so";
if (is_dir("/etc/apache2")) {
if (!is_file("/etc/apache2/mime.types")) {
if ($apache_LOCATE_MIME_TYPES != "/etc/apache2/mime.types") {
@copy($apache_LOCATE_MIME_TYPES, "/etc/apache2/mime.types");
}
}
}
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Mime types path.......: {$apache_LOCATE_MIME_TYPES}\n";
}
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Modules path..........: {$APACHE_MODULES_PATH}\n";
}
while (list($module, $lib) = each($array)) {
if (is_file("{$APACHE_MODULES_PATH}/{$lib}")) {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} include module \"{$module}\"\n";
}
$f[] = "LoadModule {$module} {$APACHE_MODULES_PATH}/{$lib}";
} else {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} skip module \"{$module}\"\n";
}
}
}
@file_put_contents($GLOBALS["APACHE_CONFIG_PATH"], @implode("\n", $f));
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} {$GLOBALS["APACHE_CONFIG_PATH"]} done\n";
}
}
function copytocache()
{
$unix = new unix();
$path = $_GET["copytocache"];
if (!is_file($path)) {
echo "<articadatascgi>No such file</articadatascgi>";
writelogs("{$path} -> No such file");
return;
}
$basename = basename($path);
writelogs("COPY {$path} -> /usr/share/artica-postfix/ressources/logs/{$basename}");
if (is_file("/usr/share/artica-postfix/ressources/logs/{$basename}")) {
@unlink("/usr/share/artica-postfix/ressources/logs/{$basename}");
}
if (!copy($path, "/usr/share/artica-postfix/ressources/logs/{$basename}")) {
echo "<articadatascgi>Copy failed</articadatascgi>";
return;
}
$APACHE = $unix->APACHE_SRC_ACCOUNT();
$APACHE_GROUP = $unix->APACHE_SRC_GROUP();
$unix->chown_func($APACHE, $APACHE_GROUP, "/usr/share/artica-postfix/ressources/logs/{$basename}");
$unix->chmod_func(0755, "/usr/share/artica-postfix/ressources/logs/{$basename}");
}
function apache_firewall()
{
$q = new mysql();
$unix = new unix();
$APACHE_SRC_ACCOUNT = $unix->APACHE_SRC_ACCOUNT();
$APACHE_SRC_GROUP = $unix->APACHE_SRC_GROUP();
if ($q->COUNT_ROWS("iptables_webint", "artica_backup") == 0) {
return null;
}
$f[] = "Order Allow,Deny";
$ipClass = new IP();
$c = 0;
$results = $q->QUERY_SQL("SELECT * FROM iptables_webint", "artica_backup");
while ($ligne = mysql_fetch_assoc($results)) {
$pattern = $ligne["pattern"];
if (!$ipClass->isIPAddressOrRange($pattern)) {
continue;
}
$f[] = "\tAllow from {$pattern}";
$c++;
}
if (count($c) > 0) {
$f[] = "\tAllow from 127.0.0.1";
return @implode("\n", $f);
}
}
function CheckFailedStart(){
$unix=new unix();
$sock=new sockets();
$apache2ctl=$unix->find_program("apache2ctl");
if(!is_file($apache2ctl)){$apache2ctl=$unix->find_program("apachectl");}
if(!is_file($apache2ctl)){echo "Starting......: Apache apache2ctl no such file\n";}
exec("$apache2ctl -k start 2>&1",$results);
while (list ($index, $line) = each ($results)){
if(preg_match("#Cannot load .+?mod_qos\.so#", $line)){
echo "Starting......: Apache error on qos module, disable it..\n";
echo "Starting......: Apache error \"$line\"\n";
$sock->SET_INFO("FreeWebsDisableMOdQOS",1);
CheckHttpdConf();
$unix->send_email_events("FreeWebs: QOS is disabled, cannot be loaded on your server","Apache claim $line,using this module is disabled","system");
shell_exec("/etc/init.d/artica-postfix start apachesrc --no-repair");
return;
}
if(preg_match("#Could not open configuration file (.+?)sites-enabled#",$line,$re)){
echo "Starting......: Apache error {$re[1]}/sites-enabled\n";
echo "Starting......: Apache error \"$line\"\n";
$apacheusername=$unix->APACHE_SRC_ACCOUNT();
echo "Starting......: Apache creating directory {$re[1]}/sites-enabled\n";
@mkdir("{$re[1]}/sites-enabled");
echo "Starting......: Apache checking permissions on {$re[1]}/sites-enabled with user $apacheusername\n";
@chown("{$re[1]}/sites-enabled",$apacheusername);
@chmod("{$re[1]}/sites-enabled",755);
shell_exec("/etc/init.d/artica-postfix start apachesrc --no-repair");
return;
}
echo "Starting......: Apache $line\n";
}
}
function execute()
{
$nice = EXEC_NICE();
if (is_file(dirname(__FILE__) . "/exec.sarg.gilou.php")) {
events("Executing exec.sarg.gilou.php instead...");
shell_exec($nice . LOCATE_PHP5_BIN2() . " " . dirname(__FILE__) . "/exec.sarg.gilou.php --exec");
return;
}
$sock = new sockets();
$SargOutputDir = $sock->GET_INFO("SargOutputDir");
if ($SargOutputDir == null) {
$SargOutputDir = "/var/www/html/squid-reports";
}
$nice = EXEC_NICE();
$unix = new unix();
$today = date("d/m/Y");
$sarg_bin = $unix->find_program("sarg");
if (!is_file($sarg_bin)) {
sarg_admin_events("Fatal, unable to locate sarg binary, aborting...", __FUNCTION__, __FILE__, __LINE__, "sarg");
return;
}
events("Building settings..");
buildconf();
$usersauth = false;
$squid = new squidbee();
if ($squid->LDAP_AUTH == 1) {
$usersauth = true;
}
if ($squid->LDAP_EXTERNAL_AUTH == 1) {
$usersauth = true;
}
if (!is_file("/etc/squid/exclude_codes")) {
@file_put_contents("/etc/squid/exclude_codes", "\nNONE/400\n");
}
@mkdir("{$SargOutputDir}", 0755, true);
$u = " -i ";
$cmd = "{$nice}{$sarg_bin} -d {$today}-{$today} {$u}-f /etc/squid3/sarg.conf -l /var/log/squid/access.log -o \"{$SargOutputDir}\" -x -z 2>&1";
$t1 = time();
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]}, {$cmd}\n";
sargevents("execute(): {$cmd}");
exec($cmd, $results);
while (list($index, $line) = each($results)) {
if (preg_match("#SARG: No records found#", $line)) {
events("No records found");
$subject_add = "(No records found)";
}
if (preg_match("#SARG:\\s+.+?mixed records format#", $line)) {
send_email_events("SARG: Error, squid was reloaded", "It seems that there is a mixed log file format detected in squid\n\t\t\tThis reason is Artica change squid log format from orginial to http access mode.\n\t\t\tIn this case, the log will be moved and squid will be reloaded \n\t\t\tin order to build a full log file with only one log format.\n\t\t\t\n" . @implode("\n", $results), "proxy");
shell_exec(LOCATE_PHP5_BIN2() . " " . dirname(__FILE__) . "/exec.squid.php --reconfigure");
shell_exec($unix->LOCATE_SQUID_BIN() . " -k rotate");
shell_exec("/etc/init.d/auth-tail restart >/dev/null 2>&1");
shell_exec("/etc/init.d/cache-tail restart >/dev/null 2>&1");
return;
}
if (preg_match("#SARG:\\s+.+?enregistrements de plusieurs formats#", $line)) {
send_email_events("SARG: Error, squid was reloaded", "It seems that there is a mixed log file format detected in squid\n\t\t\tThis reason is Artica change squid log format from orginial to http access mode.\n\t\t\tIn this case, the log will be moved and squid will be reloaded \n\t\t\tin order to build a full log file with only one log format.\n\t\t\t\n" . @implode("\n", $results), "proxy");
shell_exec(LOCATE_PHP5_BIN2() . " " . dirname(__FILE__) . "/exec.squid.php --reconfigure");
shell_exec($unix->LOCATE_SQUID_BIN() . " -k rotate");
shell_exec("/etc/init.d/auth-tail restart >/dev/null 2>&1");
shell_exec("/etc/init.d/cache-tail restart >/dev/null 2>&1");
return;
}
if (preg_match("#SARG.+?Unknown input log file format#", $line)) {
send_email_events("SARG: \"Unknown input log file format\", squid was reloaded", "It seems that there is a input log file format log file format detected in squid\n\t\t\tThis reason is Artica change squid log format from orginial to log_fqn on, this will be disabled\n\t\t\tIn this case, the log will be moved and squid will be reloaded \n\t\t\tin order to build a full log file with only one log format.\n\t\t\t\n" . @implode("\n", $results), "proxy");
shell_exec(LOCATE_PHP5_BIN2() . " " . dirname(__FILE__) . "/exec.squid.php --reconfigure");
shell_exec($unix->LOCATE_SQUID_BIN() . " -k rotate");
shell_exec("/etc/init.d/auth-tail restart >/dev/null 2>&1");
shell_exec("/etc/init.d/cache-tail restart >/dev/null 2>&1");
return;
}
}
$NICE = EXEC_NICE();
$unix = new unix();
$lighttpd_user = $unix->APACHE_SRC_ACCOUNT();
$php = $unix->LOCATE_PHP5_BIN();
$nohup = $unix->find_program("nohup");
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]}, lighttpd user: {$lighttpd_user}\n";
$chown = $unix->find_program("chown");
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]},{$chown} -R {$lighttpd_user}:{$lighttpd_user} {$SargOutputDir}/*\n";
exec("{$chown} -R {$lighttpd_user}:{$lighttpd_user} {$SargOutputDir}/* >/dev/null 2>&1", $results2);
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]},\n" . @implode("\n" . $results2) . "\n";
shell_exec("{$nohup} {$php} " . __FILE__ . " --backup >/dev/null 2>&1 &");
$t2 = time();
$distanceOfTimeInWords = distanceOfTimeInWords($t1, $t2);
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]}, {$distanceOfTimeInWords}\n";
events("Statistics generated ({$distanceOfTimeInWords})");
if ($GLOBALS["VERBOSE"]) {
echo "SARG: Statistics generated ({$distanceOfTimeInWords})\n\n";
echo @implode("\n", $results) . "\n";
}
status(true);
sarg_admin_events("SARG: Statistics generated ({$distanceOfTimeInWords}) {$subject_add}", "Command line:\n-----------\n{$cmd}\n" . @implode("\n", $results), __FUNCTION__, __FILE__, __LINE__, "sarg");
}
function apache_config()
{
$sock = new sockets();
$unix = new unix();
$EnablePHPFPM = 0;
@mkdir("/var/run/apache2", 0755, true);
@mkdir("/var/run/artica-apache", 0755, true);
@mkdir("/var/log/lighttpd", 0755, true);
$APACHE_SRC_ACCOUNT = $unix->APACHE_SRC_ACCOUNT();
$APACHE_SRC_GROUP = $unix->APACHE_SRC_GROUP();
$APACHE_MODULES_PATH = $unix->APACHE_MODULES_PATH();
$pydio_installed = false;
if (is_file(" /etc/php5/cli/conf.d/ming.ini")) {
@unlink(" /etc/php5/cli/conf.d/ming.ini");
}
@unlink("/var/log/lighttpd/apache-error.log");
@touch("/var/log/lighttpd/apache-error.log");
@chmod("/var/log/lighttpd/apache-error.log", 0755);
$unix->chown_func($APACHE_SRC_ACCOUNT, $APACHE_SRC_GROUP, "/var/log/lighttpd/*");
$unix->chown_func($APACHE_SRC_ACCOUNT, $APACHE_SRC_GROUP, "/usr/share/artica-postfix/ressources/logs/*");
if (is_dir("/usr/share/artica-postfix/pydio")) {
$pydio_installed = true;
}
$ArticaHttpsPort = 9000;
$NoLDAPInLighttpdd = 0;
$ArticaHttpUseSSL = 1;
$ArticaHttpsPort = $sock->GET_INFO("ArticaHttpsPort");
$ArticaHttpUseSSL = $sock->GET_INFO("ArticaHttpUseSSL");
if (!is_numeric($ArticaHttpUseSSL)) {
$ArticaHttpUseSSL = 1;
}
if (!is_numeric($ArticaHttpsPort)) {
$ArticaHttpsPort = "9000";
}
$LighttpdArticaListenIP = $sock->GET_INFO("LighttpdArticaListenIP");
$phpfpm = $unix->APACHE_LOCATE_PHP_FPM();
$php = $unix->LOCATE_PHP5_BIN();
$EnableArticaApachePHPFPM = $sock->GET_INFO("EnableArticaApachePHPFPM");
if (!is_numeric($EnableArticaApachePHPFPM)) {
$EnableArticaApachePHPFPM = 0;
}
if (!is_file($phpfpm)) {
$EnableArticaApachePHPFPM = 0;
}
$EnablePHPFPM = intval($sock->GET_INFO("EnablePHPFPM"));
if (!is_numeric($EnablePHPFPM)) {
$EnablePHPFPM = 0;
}
if ($EnablePHPFPM == 0) {
$EnableArticaApachePHPFPM = 0;
}
$unix->chown_func($APACHE_SRC_ACCOUNT, $APACHE_SRC_GROUP, "/var/run/artica-apache");
$apache_LOCATE_MIME_TYPES = $unix->apache_LOCATE_MIME_TYPES();
if ($EnableArticaApachePHPFPM == 1) {
if (!is_file("{$APACHE_MODULES_PATH}/mod_fastcgi.so")) {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} mod_fastcgi.so is required to use PHP5-FPM\n";
}
$EnableArticaApachePHPFPM = 0;
}
}
if ($APACHE_SRC_ACCOUNT == null) {
$APACHE_SRC_ACCOUNT = "www-data";
$APACHE_SRC_GROUP = "www-data";
$unix->CreateUnixUser($APACHE_SRC_ACCOUNT, $APACHE_SRC_GROUP, "Apache username");
}
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Run as {$APACHE_SRC_ACCOUNT}:{$APACHE_SRC_GROUP}\n";
}
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} PHP-FPM: {$EnablePHPFPM}\n";
}
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} PHP-FPM Enabled: {$EnableArticaApachePHPFPM}\n";
}
$f[] = "LockFile /var/run/apache2/artica-accept.lock";
$f[] = "PidFile /var/run/artica-apache/apache.pid";
$f[] = "DocumentRoot /usr/share/artica-postfix";
$open_basedir[] = "/usr/share/artica-postfix";
$open_basedir[] = "/etc/artica-postfix";
$open_basedir[] = "/etc/artica-postfix/settings";
$open_basedir[] = "/var/log";
$open_basedir[] = "/var/run/mysqld";
$open_basedir[] = "/usr/share/php";
$open_basedir[] = "/usr/share/php5";
$open_basedir[] = "/var/lib/php5";
$open_basedir[] = "/var/lighttpd/upload";
$open_basedir[] = "/usr/share/artica-postfix/ressources";
$open_basedir[] = "/usr/share/artica-postfix/framework";
$open_basedir[] = "/etc/ssl/certs/mysql-client-download";
$open_basedir[] = "/var/run";
$open_basedir[] = "/bin";
$open_basedir[] = "/tmp";
$open_basedir[] = "/usr/sbin";
$open_basedir[] = "/home";
//$f[]="php_value open_basedir \"".@implode(":", $open_basedir)."\"";
//$f[]="php_value output_buffering Off";
//$f[]="php_flag magic_quotes_gpc Off";
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Listen Port: {$ArticaHttpsPort}\n";
}
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Listen IP: {$LighttpdArticaListenIP}\n";
}
if ($LighttpdArticaListenIP != null) {
$unix = new unix();
$IPS = $unix->NETWORK_ALL_INTERFACES(true);
if (!isset($IPS[$LighttpdArticaListenIP])) {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} ERROR! Listen IP: {$LighttpdArticaListenIP} -> FALSE !!\n";
}
$LighttpdArticaListenIP = null;
}
}
if ($LighttpdArticaListenIP == null) {
$LighttpdArticaListenIP = "*";
}
if ($LighttpdArticaListenIP != null) {
$ArticaHttpsPort = "{$LighttpdArticaListenIP}:{$ArticaHttpsPort}";
}
$f[] = "Listen {$ArticaHttpsPort}";
$MaxClients = 20;
$f[] = "<IfModule mpm_prefork_module>";
$f[] = "\tStartServers 1";
$f[] = "\tMinSpareServers 2";
$f[] = "\tMaxSpareServers 3";
$f[] = "\tMaxClients {$MaxClients}";
$f[] = "\tServerLimit {$MaxClients}";
$f[] = "\tMaxRequestsPerChild 100";
$f[] = "</IfModule>";
$f[] = "<IfModule mpm_worker_module>";
$f[] = "\tMinSpareThreads 25";
$f[] = "\tMaxSpareThreads 75 ";
$f[] = "\tThreadLimit 64";
$f[] = "\tThreadsPerChild 25";
$f[] = "</IfModule>";
$f[] = "<IfModule mpm_event_module>";
$f[] = "\tMinSpareThreads 25";
$f[] = "\tMaxSpareThreads 75 ";
$f[] = "\tThreadLimit 64";
$f[] = "\tThreadsPerChild 25";
$f[] = "</IfModule>";
$f[] = "AccessFileName .htaccess";
$f[] = "<Files ~ \"^\\.ht\">";
//$f[]="\tOrder allow,deny";
//$f[]="\tDeny from all";
//$f[]="\tSatisfy all";
$f[] = "</Files>";
$f[] = "DefaultType text/plain";
$f[] = "HostnameLookups Off";
$f[] = "User\t\t\t\t {$APACHE_SRC_ACCOUNT}";
$f[] = "Group\t\t\t\t {$APACHE_SRC_GROUP}";
$f[] = "Timeout 300";
$f[] = "KeepAlive Off";
$f[] = "KeepAliveTimeout 15";
$f[] = "StartServers 1";
$f[] = "MaxClients {$MaxClients}";
$f[] = "MinSpareServers 2";
$f[] = "MaxSpareServers 3";
$f[] = "MaxRequestsPerChild 100";
$f[] = "MaxKeepAliveRequests 100";
$ServerName = $unix->hostname_g();
if ($ServerName == null) {
$ServerName = "localhost.localdomain";
}
$f[] = "ServerName {$ServerName}";
if ($ArticaHttpUseSSL == 1) {
$mknod = $unix->find_program("mknod");
shell_exec("{$mknod} /dev/random c 1 9 >/dev/null 2>&1");
$f[] = "<IfModule mod_ssl.c>";
$f[] = "\tListen {$ArticaHttpsPort}";
$f[] = "\tSSLRandomSeed connect builtin";
$f[] = "\tSSLRandomSeed connect file:/dev/urandom 256";
$f[] = "\tAddType application/x-x509-ca-cert .crt";
$f[] = "\tAddType application/x-pkcs7-crl .crl";
$f[] = "\tSSLPassPhraseDialog builtin";
$f[] = "\tSSLSessionCache shmcb:/var/run/apache2/ssl_scache-artica(512000)";
$f[] = "\tSSLSessionCacheTimeout 300";
$f[] = "\tSSLSessionCacheTimeout 300";
$f[] = "\tSSLCipherSuite HIGH:MEDIUM:!ADH";
$f[] = "\tSSLProtocol all -SSLv2";
$f[] = "</IfModule>";
$f[] = "";
$f[] = "<IfModule mod_gnutls.c>";
$f[] = "\tListen {$ArticaHttpsPort}";
$f[] = "</IfModule>";
}
if (!is_file("/etc/ssl/certs/apache/server.crt")) {
shell_exec("/usr/share/artica-postfix/bin/artica-install --apache-ssl-cert");
}
if ($ArticaHttpUseSSL == 1) {
$f[] = "SSLEngine on";
$f[] = "AcceptMutex flock";
$f[] = "SSLCertificateFile \"/etc/ssl/certs/apache/server.crt\"";
$f[] = "SSLCertificateKeyFile \"/etc/ssl/certs/apache/server.key\"";
$f[] = "SSLVerifyClient none";
$f[] = "ServerSignature Off";
$f[] = "SSLRandomSeed startup file:/dev/urandom 256";
$f[] = "SSLRandomSeed connect builtin";
}
$f[] = "AddType application/x-httpd-php .php";
if ($EnableArticaApachePHPFPM == 0) {
$f[] = "php_value error_log \"/var/log/php.log\"";
}
@chown("/var/log/php.log", $APACHE_SRC_ACCOUNT);
$f[] = "<IfModule mod_fcgid.c>";
$f[] = "\tPHP_Fix_Pathinfo_Enable 1";
$f[] = "</IfModule>";
$f[] = "<IfModule mod_php5.c>";
$f[] = " <FilesMatch \"\\.ph(p3?|tml)\$\">";
$f[] = "\tSetHandler application/x-httpd-php";
$f[] = " </FilesMatch>";
$f[] = " <FilesMatch \"\\.phps\$\">";
$f[] = "\tSetHandler application/x-httpd-php-source";
$f[] = " </FilesMatch>";
$f[] = " <IfModule mod_userdir.c>";
$f[] = " <Directory /home/*/public_html>";
$f[] = " php_admin_value engine Off";
$f[] = " </Directory>";
$f[] = " </IfModule>";
$f[] = "</IfModule>";
$f[] = "<IfModule mod_mime.c>";
$f[] = "\tTypesConfig /etc/mime.types";
$f[] = "\tAddType application/x-compress .Z";
$f[] = "\tAddType application/x-gzip .gz .tgz";
$f[] = "\tAddType application/x-bzip2 .bz2";
$f[] = "\tAddType application/x-httpd-php .php .phtml";
$f[] = "\tAddType application/x-httpd-php-source .phps";
$f[] = "\tAddType application/octet-stream .acl";
$f[] = "\tAddLanguage ca .ca";
$f[] = "\tAddLanguage cs .cz .cs";
$f[] = "\tAddLanguage da .dk";
$f[] = "\tAddLanguage de .de";
$f[] = "\tAddLanguage el .el";
$f[] = "\tAddLanguage en .en";
$f[] = "\tAddLanguage eo .eo";
$f[] = "\tRemoveType es";
$f[] = "\tAddLanguage es .es";
$f[] = "\tAddLanguage et .et";
$f[] = "\tAddLanguage fr .fr";
$f[] = "\tAddLanguage he .he";
$f[] = "\tAddLanguage hr .hr";
$f[] = "\tAddLanguage it .it";
$f[] = "\tAddLanguage ja .ja";
$f[] = "\tAddLanguage ko .ko";
$f[] = "\tAddLanguage ltz .ltz";
$f[] = "\tAddLanguage nl .nl";
$f[] = "\tAddLanguage nn .nn";
$f[] = "\tAddLanguage no .no";
$f[] = "\tAddLanguage pl .po";
$f[] = "\tAddLanguage pt .pt";
$f[] = "\tAddLanguage pt-BR .pt-br";
$f[] = "\tAddLanguage ru .ru";
$f[] = "\tAddLanguage sv .sv";
$f[] = "\tRemoveType tr";
$f[] = "\tAddLanguage tr .tr";
$f[] = "\tAddLanguage zh-CN .zh-cn";
$f[] = "\tAddLanguage zh-TW .zh-tw";
$f[] = "\tAddCharset us-ascii .ascii .us-ascii";
$f[] = "\tAddCharset ISO-8859-1 .iso8859-1 .latin1";
$f[] = "\tAddCharset ISO-8859-2 .iso8859-2 .latin2 .cen";
$f[] = "\tAddCharset ISO-8859-3 .iso8859-3 .latin3";
$f[] = "\tAddCharset ISO-8859-4 .iso8859-4 .latin4";
$f[] = "\tAddCharset ISO-8859-5 .iso8859-5 .cyr .iso-ru";
$f[] = "\tAddCharset ISO-8859-6 .iso8859-6 .arb .arabic";
$f[] = "\tAddCharset ISO-8859-7 .iso8859-7 .grk .greek";
$f[] = "\tAddCharset ISO-8859-8 .iso8859-8 .heb .hebrew";
$f[] = "\tAddCharset ISO-8859-9 .iso8859-9 .latin5 .trk";
$f[] = "\tAddCharset ISO-8859-10 .iso8859-10 .latin6";
$f[] = "\tAddCharset ISO-8859-13 .iso8859-13";
$f[] = "\tAddCharset ISO-8859-14 .iso8859-14 .latin8";
$f[] = "\tAddCharset ISO-8859-15 .iso8859-15 .latin9";
$f[] = "\tAddCharset ISO-8859-16 .iso8859-16 .latin10";
$f[] = "\tAddCharset ISO-2022-JP .iso2022-jp .jis";
$f[] = "\tAddCharset ISO-2022-KR .iso2022-kr .kis";
$f[] = "\tAddCharset ISO-2022-CN .iso2022-cn .cis";
$f[] = "\tAddCharset Big5 .Big5 .big5 .b5";
$f[] = "\tAddCharset cn-Big5 .cn-big5";
$f[] = "\t# For russian, more than one charset is used (depends on client, mostly):";
$f[] = "\tAddCharset WINDOWS-1251 .cp-1251 .win-1251";
$f[] = "\tAddCharset CP866 .cp866";
$f[] = "\tAddCharset KOI8 .koi8";
$f[] = "\tAddCharset KOI8-E .koi8-e";
$f[] = "\tAddCharset KOI8-r .koi8-r .koi8-ru";
$f[] = "\tAddCharset KOI8-U .koi8-u";
$f[] = "\tAddCharset KOI8-ru .koi8-uk .ua";
$f[] = "\tAddCharset ISO-10646-UCS-2 .ucs2";
$f[] = "\tAddCharset ISO-10646-UCS-4 .ucs4";
$f[] = "\tAddCharset UTF-7 .utf7";
$f[] = "\tAddCharset UTF-8 .utf8";
$f[] = "\tAddCharset UTF-16 .utf16";
$f[] = "\tAddCharset UTF-16BE .utf16be";
$f[] = "\tAddCharset UTF-16LE .utf16le";
$f[] = "\tAddCharset UTF-32 .utf32";
$f[] = "\tAddCharset UTF-32BE .utf32be";
$f[] = "\tAddCharset UTF-32LE .utf32le";
$f[] = "\tAddCharset euc-cn .euc-cn";
$f[] = "\tAddCharset euc-gb .euc-gb";
$f[] = "\tAddCharset euc-jp .euc-jp";
$f[] = "\tAddCharset euc-kr .euc-kr";
$f[] = "\tAddCharset EUC-TW .euc-tw";
$f[] = "\tAddCharset gb2312 .gb2312 .gb";
$f[] = "\tAddCharset iso-10646-ucs-2 .ucs-2 .iso-10646-ucs-2";
$f[] = "\tAddCharset iso-10646-ucs-4 .ucs-4 .iso-10646-ucs-4";
$f[] = "\tAddCharset shift_jis .shift_jis .sjis";
$f[] = "\tAddType text/html .shtml";
$f[] = "\tAddOutputFilter INCLUDES .shtml";
$f[] = "</IfModule>";
$f[] = apache_nagios_config();
$f[] = apache_phpldapadmin();
$squid = $unix->LOCATE_SQUID_BIN();
if (is_file($squid)) {
$f[] = "Alias /proxy /usr/share/artica-postfix/squid.access.log.php";
$f[] = "Alias /parent /usr/share/artica-postfix/squid.access.log.php";
$f[] = "Alias /webfilter /usr/share/artica-postfix/squid.access.webfilter.log.php";
$f[] = "Alias /meta-updates /home/artica-meta";
$f[] = "Alias /categories /usr/share/artica-postfix/public.categories.personnal.php";
}
$f[] = "<Directory \"/home/artica-meta\">";
$f[] = "\tOptions Indexes FollowSymLinks";
$f[] = "</Directory>";
$f[] = "<Directory \"/usr/share/artica-postfix\">";
$f[] = "\tDirectoryIndex logon.php";
$f[] = "\tSSLOptions +StdEnvVars";
$f[] = "\tOptions Indexes FollowSymLinks";
$f[] = "\tAllowOverride None";
//$f[]="\tOrder allow,deny";
//$f[]="\tAllow from all";
$f[] = "</Directory>";
if (is_file($unix->LOCATE_SQUID_BIN())) {
$ArticaProxyStatisticsBackupFolder = $sock->GET_INFO("ArticaProxyStatisticsBackupFolder");
if ($ArticaProxyStatisticsBackupFolder == null) {
$ArticaProxyStatisticsBackupFolder = "/home/artica/squid/backup-statistics";
}
$ArticaProxyStatisticsOpenWeb = intval($sock->GET_INFO("ArticaProxyStatisticsOpenWeb"));
if ($ArticaProxyStatisticsOpenWeb == 1) {
$f[] = "Alias /backup-stats \"{$ArticaProxyStatisticsBackupFolder}\"";
$f[] = "<Directory \"{$ArticaProxyStatisticsBackupFolder}\">";
$f[] = "\tSSLOptions +StdEnvVars";
$f[] = "\tOptions Indexes FollowSymLinks";
$f[] = "\tAllowOverride All";
//$f[]="\tOrder allow,deny";
//$f[]="\tAllow from all";
$f[] = "</Directory>";
}
}
if ($pydio_installed) {
$directories[] = "/home/pydio/plugins/auth.serial";
$directories[] = "/home/pydio/plugins/conf.serial";
$directories[] = "/home/pydio/plugins";
$directories[] = "/home/pydio/cache";
$directories[] = "/home/pydio/files";
$directories[] = "/home/pydio/logs";
$directories[] = "/home/pydio/personal";
$directories[] = "/home/pydio/public";
$directories[] = "/home/pydio/tmp";
while (list($index, $dir) = each($directories)) {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} permissions on {$dir}\n";
}
@mkdir($dir, 0755, true);
$unix->chown_func($APACHE_SRC_ACCOUNT, $APACHE_SRC_GROUP, $dir);
}
$unix->chown_func($APACHE_SRC_ACCOUNT, $APACHE_SRC_GROUP, "/home/pydio/cache");
$unix->chown_func($APACHE_SRC_ACCOUNT, $APACHE_SRC_GROUP, "/home/pydio/plugins");
$f[] = "Alias /explorer \"/usr/share/artica-postfix/pyio\"";
$f[] = "<Directory \"/usr/share/artica-postfix/pyio\">";
$f[] = "\tDirectoryIndex index.php";
$f[] = "\tSSLOptions +StdEnvVars";
$f[] = "\tOptions Indexes FollowSymLinks";
$f[] = "\tAllowOverride All";
//$f[]="\tOrder allow,deny";
//$f[]="\tAllow from all";
$f[] = "</Directory>";
}
if ($EnableArticaApachePHPFPM == 1) {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Activate PHP5-FPM\n";
}
shell_exec("{$php} /usr/share/artica-postfix/exec.initslapd.php --phppfm");
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Restarting PHP5-FPM\n";
}
shell_exec("/etc/init.d/php5-fpm restart");
$f[] = "\tAlias /php5.fastcgi /var/run/artica-apache/php5.fastcgi";
$f[] = "\tAddHandler php-script .php";
$f[] = "\tFastCGIExternalServer /var/run/artica-apache/php5.fastcgi -socket /var/run/php-fpm.sock -idle-timeout 610";
$f[] = "\tAction php-script /php5.fastcgi virtual";
$f[] = "\t<Directory /var/run/artica-apache>";
$f[] = "\t\t<Files php5.fastcgi>";
//$f[]="\t\tOrder deny,allow";
//$f[]="\t\tAllow from all";
$f[] = "\t\t</Files>";
$f[] = "\t</Directory>";
} else {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} PHP5-FPM is disabled\n";
}
}
$f[] = "Loglevel info";
$f[] = "ErrorLog /var/log/lighttpd/apache-error.log";
$f[] = "LogFormat \"%h %l %u %t \\\"%r\\\" %<s %b\" common";
$f[] = "CustomLog /var/log/lighttpd/apache-access.log common";
if ($EnableArticaApachePHPFPM == 0) {
$array["php5_module"] = "libphp5.so";
}
$array["actions_module"] = "mod_actions.so";
$array["expires_module"] = "mod_expires.so";
$array["rewrite_module"] = "mod_rewrite.so";
$array["dir_module"] = "mod_dir.so";
$array["mime_module"] = "mod_mime.so";
$array["alias_module"] = "mod_alias.so";
$array["auth_basic_module"] = "mod_auth_basic.so";
$array["authn_file_module"] = "mod_authn_file.so";
//$array["authz_host_module"]="mod_authz_host.so";
$array["autoindex_module"] = "mod_autoindex.so";
$array["negotiation_module"] = "mod_negotiation.so";
$array["ssl_module"] = "mod_ssl.so";
$array["headers_module"] = "mod_headers.so";
$array["ldap_module"] = "mod_ldap.so";
if ($EnableArticaApachePHPFPM == 1) {
$array["fastcgi_module"] = "mod_fastcgi.so";
}
if (is_dir("/etc/apache2")) {
if (!is_file("/etc/apache2/mime.types")) {
if ($apache_LOCATE_MIME_TYPES != "/etc/apache2/mime.types") {
@copy($apache_LOCATE_MIME_TYPES, "/etc/apache2/mime.types");
}
}
}
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Mime types path.......: {$apache_LOCATE_MIME_TYPES}\n";
}
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Modules path..........: {$APACHE_MODULES_PATH}\n";
}
while (list($module, $lib) = each($array)) {
if (is_file("{$APACHE_MODULES_PATH}/{$lib}")) {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} include module \"{$module}\"\n";
}
$f[] = "LoadModule {$module} {$APACHE_MODULES_PATH}/{$lib}";
} else {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} skip module \"{$module}\"\n";
}
}
}
$f[] = apache_phpmyadmin();
@file_put_contents("/etc/artica-postfix/httpd.conf", @implode("\n", $f));
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} /etc/artica-postfix/httpd.conf done\n";
}
}
function chown_medir()
{
$dir = base64_decode($_GET["chown-medir"]);
$unix = new unix();
$APACHE = $unix->APACHE_SRC_ACCOUNT();
$APACHE_GROUP = $unix->APACHE_SRC_GROUP();
@mkdir("/etc/artica-postfix/settings/Daemons", 0755, true);
@mkdir("/usr/share/artica-postfix/ressources/logs", 0755, true);
$f[] = "/etc/artica-postfix/settings/Daemons";
$f[] = "/usr/share/artica-postfix/ressources/logs";
if ($dir != null) {
$f[] = $dir;
}
while (list($key, $directory) = each($f)) {
writelogs_framework("Permissions on `{$directory}` for {$APACHE}:{$APACHE_GROUP}", __FUNCTION__, __FILE__, __LINE__);
@mkdir($directory, 0755, true);
$unix->chown_func($APACHE, null, $directory);
$unix->chown_func($APACHE, null, "{$directory}/*");
$unix->chmod_func(0755, "{$directory}");
$unix->chmod_func(0755, "{$directory}/*");
}
if ($dir == null) {
return;
}
@chown($dir, $APACHE);
@chgrp($dir, $APACHE_GROUP);
}
function vsftpd_conf()
{
@unlink("/var/log/exim4/paniclog");
$unix = new unix();
$hostname = $unix->hostname_g();
$sock = new sockets();
$VSFTPDPort = intval($sock->GET_INFO("VSFTPDPort"));
$VsFTPDPassive = $sock->GET_INFO("VsFTPDPassive");
$VsFTPDPassiveAddr = $sock->GET_INFO("VsFTPDPassiveAddr");
if ($VSFTPDPort == 0) {
$VSFTPDPort = 21;
}
if (!is_numeric($VsFTPDPassive)) {
$VsFTPDPassive = 1;
}
$VsFTPDFileOpenMode = $sock->GET_INFO("VsFTPDFileOpenMode");
$VsFTPDLocalUmask = $sock->GET_INFO("VsFTPDLocalUmask");
if ($VsFTPDFileOpenMode == null) {
$VsFTPDFileOpenMode = "0666";
}
if ($VsFTPDLocalUmask == null) {
$VsFTPDLocalUmask = "077";
}
$VsFTPDLocalMaxRate = intval($sock->GET_INFO("VsFTPDLocalMaxRate"));
@mkdir("/var/empty");
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Listen on {$VSFTPDPort}\n";
}
$f[] = "#";
$f[] = "# The default compiled in settings are fairly paranoid. This sample file";
$f[] = "# loosens things up a bit, to make the ftp daemon more usable.";
$f[] = "# Please see vsftpd.conf.5 for all compiled in defaults.";
$f[] = "#";
$f[] = "";
$f[] = "# Pour que vsFTPd soit lancé en tant que démon (IPv4).";
$f[] = "listen=YES";
$f[] = "";
$f[] = "# Ou en Ipv6.";
$f[] = "#listen_ipv6=YES";
$f[] = "";
$f[] = "# Adresse d'écoute, sinon toutes les interfaces sont écoutées.";
$f[] = "#listen_address=123.45.67.6";
$f[] = "";
$f[] = "# Port d'écoute.";
$f[] = "listen_port={$VSFTPDPort}";
$f[] = "tcp_wrappers=NO";
$f[] = "connect_from_port_20=NO";
$f[] = "";
$f[] = "# Utilisateur pour les opérations sans privilèges.";
$f[] = "nopriv_user=nobody";
$f[] = "";
$f[] = "# Ne pas activer cette option pour des raisons de sécurité.";
$f[] = "#async_abor_enable=YES";
$f[] = "";
$f[] = "# Ne pas activer ces options pour des raisons de sécurité.";
$f[] = "#ascii_upload_enable=YES";
$f[] = "#ascii_download_enable=YES";
$f[] = "";
$f[] = "# Active le mode FTP passif.";
if ($VsFTPDPassive == 1) {
$pasv_min_port = intval($sock->GET_INFO("VsFTPDPassiveMinPort"));
$pasv_max_port = intval($sock->GET_INFO("VsFTPDPassiveMaxPort"));
if ($pasv_min_port == 0) {
$pasv_min_port = 40000;
}
if ($pasv_max_port == 0) {
$pasv_max_port = 40200;
}
$f[] = "pasv_enable=YES";
//$f[]="port_enable=YES";
//$f[]="ftp_data_port=$pasv_min_port";
$f[] = "pasv_min_port={$pasv_min_port}";
$f[] = "pasv_max_port={$pasv_max_port}";
if ($VsFTPDPassiveAddr != null) {
$f[] = "pasv_address={$VsFTPDPassiveAddr}";
}
} else {
$f[] = "pasv_enable=NO";
}
$f[] = "";
$f[] = "# Combien de clients peuvent être connectés au maximum.";
$f[] = "max_clients=200";
$f[] = "";
$f[] = "# Le nombre maximum de clients connectés depuis la même adresse IP source.";
$f[] = "max_per_ip=4";
$f[] = "";
$f[] = "# Désactive le listage récursif des répertoires par la commande 'ls -R's,";
$f[] = "# afin d'éviter trop d'appels sur le système de fichier.";
$f[] = "# Certain clients FTP comme 'ncftp' ou 'mirror' réclame l'option '-R'";
$f[] = "# pour fonctionner.";
$f[] = "ls_recurse_enable=YES";
$f[] = "";
$f[] = "# Force l'affichage des données cachées, commençant par un '.'";
$f[] = "force_dot_files=YES";
$f[] = "";
$f[] = "# Commandes autorisées. Voir la liste des commandes.";
$f[] = "#cmds_allowed=PASV,RETR,QUIT";
$f[] = "";
$f[] = "# Données refusées.";
$f[] = "#deny_file={*.mp3,*.mov,.private}";
$f[] = "";
$f[] = "# Données qui seront cachées.";
$f[] = "#hide_file={*.mp3,.hidden,hide*,h?}";
$f[] = "hide_file={Maildir,.spamassassin}";
$f[] = "";
$f[] = "# Bannière affichée au login des clients.";
$f[] = "ftpd_banner=Welcome {$hostname} FTP service.";
$f[] = "";
$f[] = "# Supprime l'affichage de message pour certain répertoire.";
$f[] = "dirmessage_enable=NO";
$f[] = "";
$f[] = "# Autorise les connexions FTP anonymes.";
$f[] = "anonymous_enable=NO";
$f[] = "";
$f[] = "# Refuse les connexions SSL pour les clients anonymes.";
$f[] = "allow_anon_ssl=NO";
$f[] = "";
$f[] = "# Ne demande pas de mot de passe aux clients anonymes.";
$f[] = "no_anon_password=YES";
$f[] = "";
$f[] = "# Vous pouvez lister les adresses mail à refuser pour les clients";
$f[] = "# anonymes. Utile pour combattre certaines attaques DoS.";
$f[] = "#deny_email_enable=YES";
$f[] = "#banned_email_file=/etc/vsftpd.banned_emails";
$f[] = "";
$f[] = "# Indique dans quel répertoire seront dirigés les clients anonymes.";
$f[] = "anon_root=/home/ftp";
$f[] = "";
$f[] = "# Tous les paramètres commençant par 'anon_ ', concernent les connexions";
$f[] = "# anonymes. Si vous souhaitez autoriser l'upload et d'autres opérations";
$f[] = "# d'écriture, vous devez activer l'option write_enable.";
$f[] = "#";
$f[] = "# Refuser l'upload.";
$f[] = "anon_upload_enable=NO";
$f[] = "";
$f[] = "# Refuse la création de répertoire.";
$f[] = "anon_mkdir_write_enable=NO";
$f[] = "";
$f[] = "# Refuse les opérations d'écriture.";
$f[] = "anon_other_write_enable=NO";
$f[] = "";
$f[] = "# Pour que les clients anonymes voient uniquement les données";
$f[] = "# lisibles par tout le monde.";
$f[] = "anon_world_readable_only=YES";
$f[] = "";
$f[] = "# Pour limiter le taux de transfert (montant/descendant) des clients";
$f[] = "# anonymes en Octets par seconde.";
$f[] = "anon_max_rate=260";
$f[] = "";
$f[] = "# Autorise les utilisateurs 'locaux' à se connecter (authentifiés via PAM)";
$f[] = "local_enable=YES";
$f[] = "session_support=YES";
$f[] = "pam_service_name=vsftpd";
$f[] = "";
$f[] = "# Active le module SSL.";
$f[] = "ssl_enable=NO";
$f[] = "";
$f[] = "# Emplacement du certificat RSA à utiliser pour les connections SSL.";
$f[] = "rsa_cert_file=/etc/vsftpd-ssl/vsftpd.pem";
$f[] = "";
$f[] = "# Autorise les protocoles suivants :";
$f[] = "ssl_tlsv1=YES";
$f[] = "ssl_sslv3=YES";
$f[] = "";
$f[] = "# Refuse le protocole suivant :";
$f[] = "ssl_sslv2=NO";
$f[] = "";
$f[] = "# Force les transactions d'authentification non anonymes via SSL.";
$f[] = "force_local_logins_ssl=YES";
$f[] = "";
$f[] = "# Force le transfert des données via SSL.";
$f[] = "force_local_data_ssl=YES";
$f[] = "";
$f[] = "# Pour refuser certain utilisateurs d'après une liste contenue dans un fichier.";
$f[] = "#userlist_enable=YES";
$f[] = "#userlist_deny=YES";
$f[] = "#userlist_file=/etc/vsftpd.user_list";
$f[] = "";
$f[] = "# Pour restreindre les utilisateurs locaux dans leur home directories.";
$f[] = "chroot_local_user=YES";
$f[] = "secure_chroot_dir=/var/empty";
$f[] = "allow_writeable_chroot=YES";
$f[] = "passwd_chroot_enable=YES";
$f[] = "chown_uploads=YES";
$f[] = "hide_ids=NO";
$f[] = "local_umask={$VsFTPDLocalUmask}";
$f[] = "ftp_username="******"nopriv_user="******"";
$f[] = "# Vous pouvez spécifier une liste d'utilisateurs à chrooter si vous";
$f[] = "# n'activez pas le paramètre 'chroot_local_user'.";
$f[] = "# Par contre, si vous l'activez, cette liste contiendra les utilisateurs";
$f[] = "# à ne pas chrooter.";
$f[] = "#chroot_list_enable=YES";
$f[] = "#chroot_list_file=/etc/vsftpd.chroot_list";
$f[] = "write_enable=YES";
$f[] = "chmod_enable=NO";
$f[] = "";
$f[] = "# Pour limiter le taux de transfert (montant/descendant) des utilisateurs";
$f[] = "# locaux en Octets par seconde.";
if ($VsFTPDLocalMaxRate > 0) {
$f[] = "local_max_rate=" . $VsFTPDLocalMaxRate * 1000;
} else {
$f[] = "local_max_rate=0";
}
$f[] = "";
$f[] = "# Active les logs pour les transferts montant/descendant.";
$f[] = "xferlog_enable=YES";
$f[] = "log_ftp_protocol=YES";
$f[] = "#xferlog_std_format=YES";
$f[] = "xferlog_file=/var/log/vsftpd.log";
$f[] = "syslog_enable=NO";
$f[] = "use_localtime=YES";
$f[] = "";
$f[] = "# Timeout d'une session.";
$f[] = "idle_session_timeout=600";
$f[] = "data_connection_timeout=120";
$f[] = "";
$nohup = $unix->find_program("nohup");
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} /etc/vsftpd.conf done\n";
}
@file_put_contents("/etc/vsftpd.conf", @implode("\n", $f));
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} set nsswitch..\n";
}
shell_exec("{$nohup} /usr/share/artica-postfix/bin/artica-install --nsswitch >/dev/null 2>&1");
}
function build($OnlySingle = false)
{
if (isset($GLOBALS[__FILE__ . __FUNCTION__])) {
return;
}
$GLOBALS[__FILE__ . __FUNCTION__] = true;
$unix = new unix();
$php5 = $unix->LOCATE_PHP5_BIN();
shell_exec("/etc/init.d/mysql start");
build_progress("{building_main_settings}", 10);
if ($unix->SQUID_GET_LISTEN_PORT() == 80) {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: Squid listen 80, ports conflicts, change it\n";
}
shell_exec("{$php5} /usr/share/artica-postfix/exec.squid.php --build --force");
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: Restarting Squid-cache..\n";
}
shell_exec("/etc/init.d/squid restart --script=" . basename(__FILE__));
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: done...\n";
}
}
if ($unix->SQUID_GET_LISTEN_SSL_PORT() == 443) {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: Squid listen 443, ports conflicts, change it\n";
}
shell_exec("{$php5} /usr/share/artica-postfix/exec.squid.php --build --force");
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: Restarting Squid-cache..\n";
}
shell_exec("/etc/init.d/squid restart --script=" . basename(__FILE__));
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: done...\n";
}
}
$reconfigured = false;
if ($unix->APACHE_GET_LISTEN_PORT() == 80) {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: Apache listen 80, ports conflicts, change it\n";
}
shell_exec("{$php5} /usr/share/artica-postfix/exec.freeweb.php --build --force");
shell_exec("{$php5} /usr/share/artica-postfix/exec.freeweb.php --stop --force");
shell_exec("{$php5} /usr/share/artica-postfix/exec.freeweb.php --start --force");
$reconfigured = true;
}
if (!$reconfigured) {
if ($unix->APACHE_GET_LISTEN_PORT() == 443) {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: Apache listen 443, ports conflicts, change it\n";
}
shell_exec("{$php5} /usr/share/artica-postfix/exec.freeweb.php --build --force");
}
}
$APACHE_USER = $unix->APACHE_SRC_ACCOUNT();
$APACHE_SRC_GROUP = $unix->APACHE_SRC_GROUP();
$NginxProxyStorePath = "/home/nginx";
@mkdir("/etc/nginx/sites-enabled", 0755, true);
@mkdir("/etc/nginx/local-sites", 0755, true);
@mkdir("/etc/nginx/local-sslsites", 0755, true);
@mkdir($NginxProxyStorePath, 0755, true);
@mkdir($NginxProxyStorePath . "/tmp", 0755, true);
@mkdir($NginxProxyStorePath . "/disk", 0755, true);
@mkdir("/var/lib/nginx/fastcgi", 0755, true);
@mkdir("/home/nginx/tmp", 0755, true);
$Tempdir = $unix->TEMP_DIR() . "/nginx";
@mkdir($Tempdir, 0755, true);
$unix->chown_func($APACHE_USER, $APACHE_SRC_GROUP, $NginxProxyStorePath);
$unix->chown_func($APACHE_USER, $APACHE_SRC_GROUP, "/etc/nginx/sites-enabled");
$unix->chown_func($APACHE_USER, $APACHE_SRC_GROUP, $NginxProxyStorePath . "/tmp");
$unix->chown_func($APACHE_USER, $APACHE_SRC_GROUP, $NginxProxyStorePath . "/disk");
$unix->chown_func($APACHE_USER, $APACHE_SRC_GROUP, "/var/lib/nginx/fastcgi");
$unix->chown_func($APACHE_USER, $APACHE_SRC_GROUP, $Tempdir);
nginx_ulimit();
$workers = $unix->CPU_NUMBER();
build_progress("Building configuration", 15);
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: Running {$APACHE_USER}:{$APACHE_SRC_GROUP}..\n";
}
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: Running {$workers} worker(s)..\n";
}
if (is_file("/etc/nginx/sites-enabled/default")) {
@unlink("/etc/nginx/sites-enabled/default");
}
if (is_link("/etc/nginx/sites-enabled/default")) {
@unlink("/etc/nginx/sites-enabled/default");
}
if (is_link("/etc/nginx/conf.d/example_ssl.conf")) {
@unlink("/etc/nginx/conf.d/example_ssl.conf");
}
$limit = 4096 * $workers;
if ($limit > 65535) {
$limit = 65535;
}
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: Nginx, Running limit of {$limit} open files\n";
}
$L = explode("\n", @file_get_contents("/etc/security/limits.conf"));
$FOUNDL = false;
$T = array();
while (list($index, $line) = each($L)) {
$line = trim($line);
if (trim($line) == null) {
continue;
}
if (substr($line, 0, 1) == "#") {
continue;
}
if (preg_match("#^{$APACHE_USER}#", $line)) {
continue;
}
$T[] = $line;
}
if (!$FOUNDL) {
$T[] = "{$APACHE_USER} soft nofile {$limit}";
$T[] = "{$APACHE_USER} hard nofile {$limit}";
}
@file_put_contents("/etc/security/limits.conf", @implode("\n", $T) . "\n");
$L = array();
$T = array();
$MEMORY = $unix->MEM_TOTAL_INSTALLEE();
$server_names_hash_bucket_size = 128;
$worker_connections = 8192;
if ($MEMORY < 624288) {
$server_names_hash_bucket_size = 64;
$worker_connections = 1024;
$workers = 4;
}
$mail_protocols = mail_protocols();
//
$f[] = "# Builded on " . date("Y-m-d H:i:s");
$f[] = "user {$APACHE_USER};";
$f[] = "worker_processes {$workers};";
$nginx_version = nginx_version();
preg_match("#^([0-9])+\\.([0-9]+)\\.#", $nginx_version, $re);
$re[1] = intval($re[1]);
$re[2] = intval($re[2]);
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: Nginx, Major {$re[1]} Minor:{$re[2]}\n";
}
$syslog = false;
$f[] = "worker_rlimit_nofile 16384;";
$f[] = "timer_resolution 1ms;";
$f[] = "";
if ($re[1] > 0) {
if ($re[2] > 6) {
$f[] = "error_log syslog:server=127.0.0.1,facility=daemon info;";
$syslog = true;
}
}
$syslog = false;
if (!$syslog) {
$f[] = "error_log /var/log/nginx/error.log warn;";
}
$f[] = "pid /var/run/nginx.pid;";
$f[] = "";
$f[] = "";
$f[] = "events {";
$f[] = " worker_connections {$worker_connections};";
$f[] = " multi_accept on;";
$f[] = " use epoll;";
$f[] = "\t accept_mutex_delay 1ms;";
$f[] = "}";
$upstream = new nginx_upstream();
$upstreams_servers = $upstream->build();
$f[] = "";
$f[] = "";
$f[] = "http {";
$f[] = "\tinclude /etc/nginx/mime.types;";
$f[] = "\tlog_format awc_log";
$f[] = "\t\t'[\$server_name] \$remote_addr - \$remote_user [\$time_local] \$request '";
$f[] = "\t\t'\"\$status\" \$body_bytes_sent \"\$http_referer\" '";
$f[] = "\t\t'\"\$http_user_agent\" \"\$http_x_forwarded_for\" [\$upstream_cache_status]';";
$f[] = "";
$f[] = "\tlimit_conn_zone \$binary_remote_addr zone=LimitCnx:10m;";
$q = new mysql_squid_builder();
$results = $q->QUERY_SQL("SELECT LimitReqs,servername FROM reverse_www WHERE LimitReqs > 0");
while ($ligne = mysql_fetch_array($results, MYSQL_ASSOC)) {
$servername = $ligne["servername"];
$ZoneName = str_replace(".", "", $servername);
$ZoneName = str_replace("-", "", $servername);
$ZoneName = str_replace("_", "", $servername);
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: Nginx, limit {$servername}/{$servername} {$ligne["LimitReqs"]}r/s\n";
}
$f[] = "\tlimit_req_zone \$binary_remote_addr zone={$ZoneName}:10m rate={$ligne["LimitReqs"]}r/s;";
}
$nginxClass = new nginx();
if ($nginxClass->IsSubstitutions()) {
//$f[]="\tsubs_filter_types text/html text/css text/xml;";
}
@mkdir($Tempdir, 0775, true);
@mkdir("/home/nginx/tmp", 0755, true);
$f[] = "\tlimit_conn_log_level info;";
$f[] = "\tclient_body_temp_path {$Tempdir} 1 2;";
$f[] = "\tclient_header_timeout 5s;";
$f[] = "\tclient_body_timeout 5s;";
$f[] = "\tsend_timeout 10m;";
$f[] = "\tconnection_pool_size 128k;";
$f[] = "\tclient_header_buffer_size 16k;";
$f[] = "\tlarge_client_header_buffers 1024 128k;";
$f[] = "\trequest_pool_size 128k;";
$f[] = "\tkeepalive_requests 1000;";
$f[] = "\tkeepalive_timeout 10;";
$f[] = "\tclient_max_body_size 10g;";
$f[] = "\tclient_body_buffer_size 1m;";
$f[] = "\tclient_body_in_single_buffer on;";
$f[] = "\topen_file_cache max=10000 inactive=300s;";
$f[] = "\treset_timedout_connection on;";
$f[] = "\ttypes_hash_max_size 8192;";
$f[] = "\tserver_names_hash_bucket_size 128;";
$f[] = "\tserver_names_hash_max_size 512;";
$f[] = "\tvariables_hash_max_size 512;";
$f[] = "\tvariables_hash_bucket_size 128;";
$f[] = "\tfastcgi_buffers 8 16k;";
$f[] = "\tfastcgi_buffer_size 32k;";
$f[] = "\tfastcgi_connect_timeout 300;";
$f[] = "\tfastcgi_send_timeout 300;";
$f[] = "\tfastcgi_read_timeout 300;";
$f[] = "map \$scheme \$server_https {";
$f[] = "default off;";
$f[] = "https on;";
$f[] = "}\t";
$f[] = "\tgzip on;";
$f[] = "\tgzip_disable msie6;";
$f[] = "\tgzip_static on;";
$f[] = "\tgzip_min_length 1100;";
$f[] = "\tgzip_buffers 16 8k;";
$f[] = "\tgzip_comp_level 9;";
$f[] = "\tgzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript;";
$f[] = "\tgzip_vary on;";
$f[] = "\tgzip_proxied any;";
$f[] = "\toutput_buffers 1000 128k;";
$f[] = "\tpostpone_output 1460;";
$f[] = "\tsendfile on;";
$f[] = "\tsendfile_max_chunk 256k;";
$f[] = "\ttcp_nopush on;";
$f[] = "\ttcp_nodelay on;";
$f[] = "\tserver_tokens off;";
$dns = new resolv_conf();
$sock = new sockets();
if ($sock->dnsmasq_enabled()) {
$resolver[] = "127.0.0.1";
}
if ($dns->MainArray["DNS1"] != null) {
$resolver[] = $dns->MainArray["DNS1"];
}
if ($dns->MainArray["DNS2"] != null) {
$resolver[] = $dns->MainArray["DNS2"];
}
if ($dns->MainArray["DNS3"] != null) {
$resolver[] = $dns->MainArray["DNS3"];
}
$f[] = "\tresolver " . @implode(" ", $resolver) . ";";
$f[] = "\tignore_invalid_headers on;";
$f[] = "\tindex index.html;";
$f[] = "\tadd_header X-CDN \"Served by myself\";";
$q = new mysql_squid_builder();
$sql = "SELECT * FROM nginx_caches ORDER BY directory";
$results = $q->QUERY_SQL($sql);
while ($ligne = mysql_fetch_array($results, MYSQL_ASSOC)) {
$directory = $ligne["directory"];
@mkdir($directory, 0755, true);
$unix->chown_func("www-data", "www-data", $directory);
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: Nginx, cache `{$directory}`\n";
}
$f[] = "\tproxy_cache_path {$directory} levels={$ligne["levels"]} keys_zone={$ligne["keys_zone"]}:{$ligne["keys_zone_size"]}m max_size={$ligne["max_size"]}G inactive={$ligne["inactive"]} loader_files={$ligne["loader_files"]} loader_sleep={$ligne["loader_sleep"]} loader_threshold={$ligne["loader_threshold"]};";
}
$f[] = "\tproxy_temp_path {$NginxProxyStorePath}/tmp/ 1 2;";
$f[] = "\tproxy_cache_valid 404 10m;";
$f[] = "\tproxy_cache_valid 400 501 502 503 504 1m;";
$f[] = "\tproxy_cache_valid any 4320m;";
$f[] = "\tproxy_cache_use_stale updating invalid_header error timeout http_404 http_500 http_502 http_503 http_504;";
$f[] = "\tproxy_next_upstream error timeout invalid_header http_404 http_500 http_502 http_503 http_504;";
$f[] = "\tproxy_redirect off;";
$f[] = "\tproxy_set_header Host \$http_host;";
$f[] = "\tproxy_set_header Server Apache;";
$f[] = "\tproxy_set_header Connection Close;";
$f[] = "\tproxy_pass_header Set-Cookie;";
$f[] = "\tproxy_pass_header User-Agent;";
$f[] = "\tproxy_set_header X-Accel-Buffering on;";
$f[] = "\tproxy_hide_header X-CDN;";
$f[] = "\tproxy_hide_header X-Server;";
$f[] = "\tproxy_intercept_errors off;";
$f[] = "\tproxy_ignore_client_abort on;";
$f[] = "\tproxy_connect_timeout 60s;";
$f[] = "\tproxy_send_timeout 60s;";
$f[] = "\tproxy_read_timeout 150s;";
$f[] = "\tproxy_buffer_size 64k;";
$f[] = "\tproxy_buffers 16384 128k;";
$f[] = "\tproxy_busy_buffers_size 256k;";
$f[] = "\tproxy_temp_file_write_size 128k;";
$f[] = "\tproxy_headers_hash_bucket_size 128;";
$f[] = "\tproxy_cache_min_uses 0;";
$f[] = "";
$f[] = "{$upstreams_servers}";
$f[] = "\tinclude /etc/nginx/sites-enabled/*.conf;";
$f[] = "\tinclude /etc/nginx/local-sites/*.conf;";
$f[] = "\tinclude /etc/nginx/conf.d/*.conf;";
$f[] = "\t}";
$f[] = $mail_protocols;
$f[] = "";
@copy("/etc/nginx/nginx.conf", "/etc/nginx/nginx.bak");
@file_put_contents("/etc/nginx/nginx.conf", @implode("\n", $f));
if (!$OnlySingle) {
if ($GLOBALS["VERBOSE"]) {
echo __FUNCTION__ . "." . __LINE__ . ": OK...\n";
}
build_progress("Building default configuration", 10);
build_default(true);
build_localhosts();
if ($GLOBALS["VERBOSE"]) {
echo __FUNCTION__ . "." . __LINE__ . ": OK...\n";
}
} else {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: Nginx, Only single defined\n";
}
}
if ($GLOBALS["RECONFIGURE"]) {
$pid = PID_NUM();
if (is_numeric($pid)) {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: Nginx, reload pid {$pid}\n";
}
$kill = $unix->find_program("kill");
unix_system_HUP($pid);
} else {
start(true);
}
}
build_progress("Building configuration done", 10);
}
function buildConfig($aspid = false)
{
$unix = new unix();
if ($aspid) {
$pidfile = "/etc/artica-postfix/pids/" . basename(__FILE__) . "." . __FUNCTION__ . ".pid";
$pid = $unix->get_pid_from_file($pidfile);
if ($unix->process_exists($pid, basename(__FILE__))) {
$time = $unix->PROCCESS_TIME_MIN($pid);
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: PHP-FPM: Already Artica task running PID {$pid} since {$time}mn\n";
}
return;
}
@file_put_contents($pidfile, getmypid());
}
$sock = new sockets();
$phpfpm = $unix->APACHE_LOCATE_PHP_FPM();
if (!is_file($phpfpm)) {
return;
}
$APACHE_USER = $unix->APACHE_SRC_ACCOUNT();
$APACHE_GROUP = $unix->APACHE_SRC_GROUP();
$VERSION = GetVersion();
$AsRoot = false;
$tr = explode(".", $VERSION);
$MAJOR = $tr[0];
$MINOR = $tr[1];
$REV = $tr[2];
$process_priority = false;
$syslog_facility = true;
$process_max = true;
if ($MAJOR > 4) {
if ($MINOR > 2) {
if ($REV > 20) {
$process_priority = true;
}
}
}
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: PHP-FPM: Parse Parameters\n";
}
$ParseParams = ParseParams();
$AsRoot = true;
if (isset($ParseParams["allow-to-run-as-root"])) {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: PHP-FPM: Allow run as root TRUE\n";
}
$AsRoot = true;
} else {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: PHP-FPM: Allow run as root is disabled\n";
}
}
$PHPFPMNoSyslog = trim(@file_get_contents("/etc/artica-postfix/settings/Daemons/PHPFPMNoSyslog"));
$PHPFPMNoProcessMax = trim(@file_get_contents("/etc/artica-postfix/settings/Daemons/PHPFPMNoProcessMax"));
if (!is_numeric($PHPFPMNoSyslog)) {
$PHPFPMNoSyslog = 0;
}
if (!is_numeric($PHPFPMNoProcessMax)) {
$PHPFPMNoProcessMax = 0;
}
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: PHP-FPM: PHPFPMNoSyslog:{$PHPFPMNoSyslog}\n";
}
if ($PHPFPMNoSyslog == 1) {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: PHP-FPM: Disabling process.priority token\n";
}
$syslog_facility = false;
}
if ($PHPFPMNoProcessMax == 1) {
$process_max = false;
}
$ProcessNice = $unix->GET_PERFS('ProcessNice');
if (!is_numeric($ProcessNice)) {
$ProcessNice = 19;
}
if ($ProcessNice > 19) {
$ProcessNice = 19;
}
if ($ProcessNice < 1) {
$ProcessNice = 19;
}
$EnableArticaApachePHPFPM = intval($sock->GET_INFO("EnableArticaApachePHPFPM"));
$EnablePHPFPMFreeWeb = intval($sock->GET_INFO("EnablePHPFPMFreeWeb"));
$EnablePHPFPMFrameWork = $sock->GET_INFO("EnablePHPFPMFrameWork");
$EnableFreeWeb = $sock->GET_INFO("EnableFreeWeb");
if (!is_numeric($EnablePHPFPMFrameWork)) {
$EnablePHPFPMFrameWork = 0;
}
if (!is_numeric($EnableArticaApachePHPFPM)) {
$EnableArticaApachePHPFPM = 0;
}
if (!is_numeric($EnablePHPFPMFreeWeb)) {
$EnablePHPFPMFreeWeb = 0;
}
if (!is_numeric($EnableFreeWeb)) {
$EnableFreeWeb = 0;
}
if ($EnableFreeWeb == 0) {
$EnablePHPFPMFreeWeb = 0;
}
if (is_file("/etc/artica-postfix/WORDPRESS_APPLIANCE")) {
$EnablePHPFPMFreeWeb = 1;
}
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: PHP-FPM: will run as {$APACHE_USER}:{$APACHE_GROUP}\n";
}
$f[] = ";Writing by Artica," . date("Y-m-d H:i:s") . " file will be erased, change the " . __FILE__ . " code instead...";
@unlink("/etc/php5/fpm/pool.d/www.conf");
@unlink("/etc/php5/fpm/pool.d/apache2.conf");
@unlink("/etc/php5/fpm/pool.d/zarafa.conf");
@unlink("/etc/php5/fpm/pool.d/framework.conf");
@unlink("/etc/php5/fpm/pool.d/nginx-authenticator.conf");
if ($EnableArticaApachePHPFPM == 1) {
$f[] = "[www]";
$f[] = "user = {$APACHE_USER}";
$f[] = "group = {$APACHE_GROUP}";
$f[] = "listen = /var/run/php-fpm.sock";
$f[] = "listen.mode = 0777";
$f[] = ";listen.allowed_clients = 127.0.0.1";
if ($process_priority) {
$f[] = "process.priority = {$ProcessNice}";
}
$f[] = "pm = dynamic";
//$f[]="log_level = debug";
$f[] = "pm.max_children = 20";
$f[] = "pm.start_servers = 2";
$f[] = "pm.min_spare_servers = 1";
$f[] = "pm.max_spare_servers = 5";
$f[] = ";pm.process_idle_timeout = 10s;";
$f[] = "pm.max_requests = 80";
$f[] = "pm.status_path = /fpm.status.php";
$f[] = "ping.path = /fpm.ping";
$f[] = ";ping.response = pong";
$f[] = "chdir = /";
$f[] = "";
@mkdir("/etc/php5/fpm/pool.d", 0755, true);
@file_put_contents("/etc/php5/fpm/pool.d/www.conf", @implode("\n", $f));
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: PHP-FPM: /etc/php5/fpm/pool.d/www.conf done\n";
}
}
$f = array();
if ($EnablePHPFPMFreeWeb == 1) {
$f[] = "[apache2]";
$f[] = "user = {$APACHE_USER}";
$f[] = "group = {$APACHE_GROUP}";
$f[] = "listen = /var/run/php-fpm-apache2.sock";
$f[] = "listen.mode = 0777";
$f[] = ";listen.allowed_clients = 127.0.0.1";
if ($process_priority) {
$f[] = "process.priority = {$ProcessNice}";
}
$f[] = "pm = dynamic";
$f[] = "pm.max_children = 50";
$f[] = "pm.start_servers = 2";
$f[] = "pm.min_spare_servers = 1";
$f[] = "pm.max_spare_servers = 5";
$f[] = ";pm.process_idle_timeout = 10s;";
$f[] = "pm.max_requests = 60";
$f[] = "pm.status_path = /fpm.status.php";
$f[] = "request_terminate_timeout = 605";
$f[] = "ping.path = /php-fpm-ping";
$f[] = ";ping.response = pong";
$f[] = "chdir = /";
$f[] = "";
@file_put_contents("/etc/php5/fpm/pool.d/apache2.conf", @implode("\n", $f));
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: PHP-FPM: /etc/php5/fpm/pool.d/apache2.conf done\n";
}
}
$zarafabin = $unix->find_program("zarafa-server");
if (is_file($zarafabin)) {
$FreeWebPerformances = unserialize(base64_decode($sock->GET_INFO("ZarafaApachePerformances")));
if (!is_numeric($FreeWebPerformances["post_max_size"])) {
$FreeWebPerformances["post_max_size"] = 50;
}
if (!is_numeric($FreeWebPerformances["upload_max_filesize"])) {
$FreeWebPerformances["upload_max_filesize"] = 50;
}
if (!is_numeric($FreeWebPerformances["PhpStartServers"])) {
$FreeWebPerformances["PhpStartServers"] = 20;
}
if (!is_numeric($FreeWebPerformances["PhpMinSpareServers"])) {
$FreeWebPerformances["PhpMinSpareServers"] = 5;
}
if (!is_numeric($FreeWebPerformances["PhpMaxSpareServers"])) {
$FreeWebPerformances["PhpMaxSpareServers"] = 25;
}
if (!is_numeric($FreeWebPerformances["PhpMaxClients"])) {
$FreeWebPerformances["PhpMaxClients"] = 128;
}
$f = array();
$f[] = "[zarafa]";
$f[] = "user = {$APACHE_USER}";
$f[] = "group = {$APACHE_GROUP}";
$f[] = "listen = /var/run/php-fpm-zarafa.sock";
$f[] = "listen.mode = 0777";
$f[] = ";listen.allowed_clients = 127.0.0.1";
if ($process_priority) {
$f[] = "process.priority = {$ProcessNice}";
}
$f[] = "pm = dynamic";
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: PHP-FPM: Zarafa max_children.....: {$FreeWebPerformances["PhpMaxClients"]}\n";
}
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: PHP-FPM: Zarafa start_servers....: {$FreeWebPerformances["PhpStartServers"]}\n";
}
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: PHP-FPM: Zarafa min_spare_servers: {$FreeWebPerformances["PhpMinSpareServers"]}\n";
}
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: PHP-FPM: Zarafa max_spare_servers: {$FreeWebPerformances["PhpMaxSpareServers"]}\n";
}
@mkdir("/var/lib/php5-zarafa", 0755, true);
$unix->chown_func($APACHE_USER, $APACHE_GROUP, "/var/lib/php5-zarafa");
$f[] = "pm.max_children = {$FreeWebPerformances["PhpMaxClients"]}";
$f[] = "pm.start_servers = {$FreeWebPerformances["PhpStartServers"]}";
$f[] = "pm.min_spare_servers = {$FreeWebPerformances["PhpMinSpareServers"]}";
$f[] = "pm.max_spare_servers = {$FreeWebPerformances["PhpMaxSpareServers"]}";
$f[] = ";pm.process_idle_timeout = 10s;";
$f[] = "pm.max_requests = 60";
$f[] = "pm.status_path = /fpm.status.php";
$f[] = "request_terminate_timeout = 605";
$f[] = "ping.path = /php-fpm-ping";
$f[] = ";ping.response = pong";
$f[] = "chdir = /";
$f[] = "php_value[include_path]=\".:/usr/share/php:/usr/share/php5:/usr/local/share/php:/usr/share/php5/PEAR:/usr/share/pear:/tmp\"";
$f[] = "php_value[magic_quotes_gpc] = 0";
$f[] = "php_value[short_open_tag] = 0";
$f[] = "php_value[magic_quotes_runtime] = 0";
$f[] = "php_value[safe_mode] = 0";
$f[] = "php_value[register_globals] = 0";
$f[] = "php_value[max_input_time] = 300";
$f[] = "php_value[register_globals] = 0";
$f[] = "php_value[post_max_size] = {$FreeWebPerformances["post_max_size"]}M";
$f[] = "php_value[upload_max_filesize] = {$FreeWebPerformances["upload_max_filesize"]}M";
$f[] = "php_value[session.save_path] = /var/lib/php5-zarafa";
$f[] = "";
@file_put_contents("/etc/php5/fpm/pool.d/zarafa.conf", @implode("\n", $f));
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: PHP-FPM: Zarafa /etc/php5/fpm/pool.d/zarafa.conf done\n";
}
}
$f = array();
if ($EnablePHPFPMFrameWork == 1) {
if ($AsRoot) {
$f[] = "[framework]";
$f[] = "user = root";
$f[] = "group = root";
$f[] = "listen = /var/run/php-fpm-framework.sock";
$f[] = "listen.mode = 0777";
$f[] = ";listen.allowed_clients = 127.0.0.1";
if ($process_priority) {
$f[] = "process.priority = {$ProcessNice}";
}
$f[] = "pm = dynamic";
$f[] = "pm.max_children = 50";
$f[] = "pm.start_servers = 2";
$f[] = "pm.min_spare_servers = 1";
$f[] = "pm.max_spare_servers = 5";
$f[] = ";pm.process_idle_timeout = 10s;";
$f[] = "pm.max_requests = 60";
$f[] = "pm.status_path = /fpm.status.php";
$f[] = "request_terminate_timeout = 605";
$f[] = "ping.path = /php-fpm-ping";
$f[] = ";ping.response = pong";
$f[] = "chdir = /";
$f[] = "";
@file_put_contents("/etc/php5/fpm/pool.d/framework.conf", @implode("\n", $f));
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: PHP-FPM: /etc/php5/fpm/pool.d/framework.conf done\n";
}
} else {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: PHP-FPM: As root is FALSE for framework..\n";
}
}
}
$f = array();
$f[] = ";Writing by Artica," . date("Y-m-d H:i:s") . " file will be erased, change the " . __FILE__ . " code instead...";
$f[] = "[global]";
$f[] = "pid = /var/run/php5-fpm.pid";
$f[] = "error_log = /var/log/php.log";
if ($syslog_facility) {
$f[] = "syslog.facility = daemon";
}
if ($syslog_facility) {
$f[] = "syslog.ident = php-fpm";
}
$f[] = "log_level = ERROR";
$f[] = ";emergency_restart_threshold = 0";
$f[] = ";emergency_restart_interval = 0";
$f[] = ";process_control_timeout = 0";
if ($process_max) {
$f[] = "process.max = 128";
}
if ($process_priority) {
$f[] = "process.priority = {$ProcessNice}";
}
$f[] = "daemonize = yes";
$f[] = ";rlimit_files = 1024";
$f[] = ";rlimit_core = 0";
$f[] = "include=/etc/php5/fpm/pool.d/*.conf\n";
@file_put_contents("/etc/php5/fpm/php-fpm.conf", @implode("\n", $f));
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: PHP-FPM: /etc/php5/fpm/php-fpm.conf done\n";
}
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: PHP-FPM: Check settings\n";
}
$sock = new sockets();
exec("{$phpfpm} -t -y /etc/php5/fpm/php-fpm.conf 2>&1", $results);
while (list($index, $line) = each($results)) {
if (trim($line) == null) {
continue;
}
if (strpos($line, "unknown entry 'syslog.facility'") > 0) {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: PHP-FPM: syslog not supported..\n";
}
@file_put_contents("/etc/artica-postfix/settings/Daemons/PHPFPMNoSyslog", 1);
buildConfig();
return;
}
if (strpos($line, "unknown entry 'process.max'") > 0) {
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: PHP-FPM: process.max not supported..\n";
}
@file_put_contents("/etc/artica-postfix/settings/Daemons/PHPFPMNoProcessMax", 1);
buildConfig();
return;
}
if ($GLOBALS["OUTPUT"]) {
echo "Starting......: " . date("H:i:s") . " [INIT]: PHP-FPM: {$line}\n";
}
}
}
