Пример #1
0
function ApacheAccount()
{
    $unix = new unix();
    $array = array($unix->APACHE_SRC_ACCOUNT(), $unix->APACHE_SRC_GROUP());
    echo "<articadatascgi>" . base64_encode(serialize($array)) . "</articadatascgi>";
    return;
}
Пример #2
0
function build()
{
    $unix = new unix();
    $sock = new sockets();
    $users = new usersMenus();
    $APACHE_MODULES_PATH = $users->APACHE_MODULES_PATH;
    if ($GLOBALS["OUTPUT"]) {
        echo "Configuring...: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Apache modules in \"{$APACHE_MODULES_PATH}\"\n";
    }
    $ZarafaApachePort = $sock->GET_INFO("ZarafaApachePort");
    $ZarafaApacheSSL = $sock->GET_INFO("ZarafaApacheSSL");
    $LighttpdArticaDisableSSLv2 = $sock->GET_INFO("LighttpdArticaDisableSSLv2");
    $ZarafaWebNTLM = $sock->GET_INFO("ZarafaWebNTLM");
    $ZarafaApacheServerName = $sock->GET_INFO("ZarafaApacheServerName");
    if (!is_numeric($ZarafaWebNTLM)) {
        $ZarafaWebNTLM = 0;
    }
    if (!is_numeric($LighttpdArticaDisableSSLv2)) {
        $LighttpdArticaDisableSSLv2 = 0;
    }
    if (!is_numeric($ZarafaApacheSSL)) {
        $ZarafaApacheSSL = 0;
    }
    if (!is_numeric($ZarafaApachePort)) {
        $ZarafaApachePort = 9010;
    }
    $ZarafaApachePHPFPMEnable = $sock->GET_INFO("ZarafaApachePHPFPMEnable");
    if (!is_numeric($ZarafaApachePHPFPMEnable)) {
        $ZarafaApachePHPFPMEnable = 0;
    }
    if ($ZarafaApacheServerName == null) {
        $ZarafaApacheServerName = $unix->hostname_g();
    }
    if (!is_dir('/usr/share/php/mapi')) {
        if (is_dir('/usr/local/share/php/mapi')) {
            @mkdir("/usr/share/php", 0755, true);
            shell_exec('/bin/ln -s /usr/local/share/php/mapi /usr/share/php/mapi');
        }
    }
    $username = $unix->APACHE_SRC_ACCOUNT();
    $group = $unix->APACHE_SRC_GROUP();
    if ($GLOBALS["OUTPUT"]) {
        echo "Configuring...: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} logs access: /var/log/apache-zarafa/access.log\n";
    }
    if ($GLOBALS["OUTPUT"]) {
        echo "Configuring...: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} logs error : /var/log/apache-zarafa/error.log\n";
    }
    @unlink("/var/log/apache-zarafa/access.log");
    @unlink("/var/log/apache-zarafa/error.log");
    @touch("/var/log/apache-zarafa/access.log");
    @touch("/var/log/apache-zarafa/access.log");
    @mkdir("/var/run/apache2", 0755, true);
    @mkdir("/var/run/artica-apache", 0755, true);
    @mkdir('/var/run/zarafa-web', 0755, true);
    @mkdir('/var/log/apache-zarafa', 0755, true);
    @mkdir('/var/lib/zarafa-webaccess/tmp', 0755, true);
    $unix->chown_func($username, $group, "/var/log/apache-zarafa/access.log");
    $unix->chown_func($username, $group, "/var/log/apache-zarafa/error.log");
    $unix->chown_func($username, $group, "/var/run/apache2");
    $unix->chown_func($username, $group, "/var/run/artica-apache");
    $unix->chown_func($username, $group, "/var/run/zarafa-web");
    $unix->chown_func($username, $group, "/var/log/apache-zarafa");
    $unix->chown_func($username, $group, "/var/lib/zarafa-webaccess");
    $unix->chmod_func(0777, "/var/lib/zarafa-webaccess/tmp");
    $unix->chown_func($username, $group, "/usr/share/zarafa-webaccess/plugins/*");
    if ($ZarafaApacheSSL == 1) {
        if (is_file("{$APACHE_MODULES_PATH}/mod_ssl.so")) {
            if (!is_file("/etc/ssl/certs/zarafa/apache.crt.nopass.cert")) {
                shell_exec("/usr/share/artica-postfix/bin/artica-install --zarafa-apache-certificates");
            }
            $f[] = "LoadModule ssl_module /usr/lib/apache2/modules/mod_ssl.so";
            $f[] = "SSLEngine on";
            $f[] = "SSLCertificateFile /etc/ssl/certs/zarafa/apache.crt.nopass.cert";
            $f[] = "SSLCertificateKeyFile /etc/ssl/certs/zarafa/apache-ca.key.nopass.key";
            if ($LighttpdArticaDisableSSLv2 == 1) {
                $f[] = "SSLProtocol -ALL +SSLv3 +TLSv1";
                $f[] = "SSLCipherSuite ALL:!aNULL:!ADH:!eNULL:!LOW:!EXP:RC4+RSA:+HIGH:+MEDIUM";
            }
            $f[] = "SSLRandomSeed connect builtin";
            $f[] = "SSLRandomSeed startup file:/dev/urandom  256";
            $f[] = "SSLRandomSeed connect file:/dev/urandom 256";
            $f[] = "AddType application/x-x509-ca-cert .crt";
            $f[] = "AddType application/x-pkcs7-crl    .crl";
            $f[] = "SSLPassPhraseDialog  builtin";
            $f[] = "SSLSessionCache        shmcb:/var/run/apache2/ssl_scache-zarafa(512000)";
            $f[] = "SSLSessionCacheTimeout  300";
            $f[] = "SSLVerifyClient none";
            $f[] = "ServerSignature Off";
        }
    }
    $SET_MODULES = SET_MODULES();
    $FreeWebPerformances = unserialize(base64_decode($sock->GET_INFO("ZarafaApachePerformances")));
    if (!is_numeric($FreeWebPerformances["Timeout"])) {
        $FreeWebPerformances["Timeout"] = 300;
    }
    if (!is_numeric($FreeWebPerformances["KeepAlive"])) {
        $FreeWebPerformances["KeepAlive"] = 0;
    }
    if (!is_numeric($FreeWebPerformances["MaxKeepAliveRequests"])) {
        $FreeWebPerformances["MaxKeepAliveRequests"] = 100;
    }
    if (!is_numeric($FreeWebPerformances["KeepAliveTimeout"])) {
        $FreeWebPerformances["KeepAliveTimeout"] = 15;
    }
    if (!is_numeric($FreeWebPerformances["MinSpareServers"])) {
        $FreeWebPerformances["MinSpareServers"] = 5;
    }
    if (!is_numeric($FreeWebPerformances["MaxSpareServers"])) {
        $FreeWebPerformances["MaxSpareServers"] = 10;
    }
    if (!is_numeric($FreeWebPerformances["StartServers"])) {
        $FreeWebPerformances["StartServers"] = 5;
    }
    if (!is_numeric($FreeWebPerformances["MaxClients"])) {
        $FreeWebPerformances["MaxClients"] = 50;
    }
    if (!is_numeric($FreeWebPerformances["MaxRequestsPerChild"])) {
        $FreeWebPerformances["MaxRequestsPerChild"] = 10000;
    }
    $f[] = "Timeout              {$FreeWebPerformances["Timeout"]}";
    $f[] = "KeepAlive            {$FreeWebPerformances["KeepAlive"]}";
    $f[] = "KeepAliveTimeout     {$FreeWebPerformances["KeepAliveTimeout"]}";
    $f[] = "StartServers         {$FreeWebPerformances["StartServers"]}";
    $f[] = "MaxClients           {$FreeWebPerformances["MaxClients"]}";
    $f[] = "MinSpareServers      {$FreeWebPerformances["MinSpareServers"]}";
    $f[] = "MaxSpareServers      {$FreeWebPerformances["MaxSpareServers"]}";
    $f[] = "MaxRequestsPerChild  {$FreeWebPerformances["MaxRequestsPerChild"]}";
    $f[] = "MaxKeepAliveRequests {$FreeWebPerformances["MaxKeepAliveRequests"]}";
    $f[] = "ServerLimit\t\t   {$FreeWebPerformances["MaxClients"]}";
    $f[] = "AcceptMutex \t\t  flock";
    $ZarafaApacheWebMailType = $sock->GET_INFO("ZarafaApacheWebMailType");
    //$ZarafaApacheWebMailTypeA["APP_ZARAFA"]="{APP_ZARAFA}";
    //$ZarafaApacheWebMailTypeA["APP_ZARAFA_WEBAPP"]="{APP_ZARAFA_WEBAPP}";
    if ($ZarafaApacheWebMailType == null) {
        $ZarafaApacheWebMailType = "APP_ZARAFA";
    }
    $f[] = $SET_MODULES;
    $f[] = "<IfModule !mpm_netware_module>";
    $f[] = "          <IfModule !mpm_winnt_module>";
    $f[] = "             User {$username}";
    $f[] = "             Group {$group}";
    $f[] = "          </IfModule>";
    $f[] = "</IfModule>";
    $f[] = "ServerAdmin you@example.com";
    $f[] = "ServerName {$ZarafaApacheServerName}";
    if ($ZarafaApacheWebMailType == "APP_ZARAFA_WEBAPP") {
        if (!is_dir("/usr/share/zarafa-webapp")) {
            $ZarafaApacheWebMailType = "APP_ZARAFA";
        }
    }
    if ($ZarafaApacheWebMailType == "APP_ZARAFA") {
        $DocumentRoot = "/usr/share/zarafa-webaccess";
    }
    if ($ZarafaApacheWebMailType == "APP_ZARAFA_WEBAPP") {
        $free = new freeweb();
        $free->InstallZarafaConfigWebAPP("/usr/share/zarafa-webapp");
        $DocumentRoot = "/usr/share/zarafa-webapp";
    }
    if ($GLOBALS["OUTPUT"]) {
        echo "Configuring...: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} WebMail \"{$ZarafaApacheWebMailType}\"\n";
    }
    $f[] = "ServerRoot \"{$DocumentRoot}\"";
    $f[] = "Listen {$ZarafaApachePort}";
    $f[] = "User {$username}";
    $f[] = "Group {$group}";
    $f[] = "PidFile /var/run/zarafa-web/httpd.pid";
    $f[] = "DocumentRoot \"{$DocumentRoot}\"";
    $f[] = "<Directory {$DocumentRoot}/>";
    if ($ZarafaWebNTLM == 1) {
        $ldap = new clladp();
        $f[] = "    AuthName \"Zarafa logon..\"";
        $f[] = "    AuthType Basic";
        $f[] = "    AuthLDAPURL ldap://{$ldap->ldap_host}:{$ldap->ldap_port}/dc=organizations,{$ldap->suffix}?uid";
        $f[] = "    AuthLDAPBindDN cn={$ldap->ldap_admin},{$ldap->suffix}";
        $f[] = "    AuthLDAPBindPassword {$ldap->ldap_password}";
        $f[] = "    AuthLDAPGroupAttribute memberUid";
        $f[] = "    AuthBasicProvider ldap";
        $f[] = "    AuthzLDAPAuthoritative off";
        $f[] = "    require valid-user";
    }
    if ($ZarafaApachePHPFPMEnable == 0) {
        $f[] = "    php_value magic_quotes_gpc 0";
        $f[] = "    php_value register_globals 0";
        $f[] = "    php_value magic_quotes_runtime 0";
        $f[] = "    php_value post_max_size 31M";
        $f[] = "    php_value include_path  \".:/usr/share/php:/usr/share/php5:/usr/local/share/php\"";
        $f[] = "    php_value upload_max_filesize 30M";
        $f[] = "    php_value short_open_tag 1";
        $f[] = "    php_flag log_errors on";
        $f[] = "    php_value safe_mode 0";
        $f[] = "    php_flag log_errors on";
        $f[] = "    php_value  error_log  \"/var/log/apache-zarafa/php.log\"";
    }
    $f[] = "    DirectoryIndex index.php";
    $f[] = "    Options -Indexes +FollowSymLinks";
    $f[] = "    AllowOverride Options";
    $f[] = "    Order allow,deny";
    $f[] = "    Allow from all";
    $f[] = "</Directory>";
    if ($ZarafaApachePHPFPMEnable == 1) {
        $php = $unix->LOCATE_PHP5_BIN();
        if (!$unix->is_socket("/var/run/php-fpm-zarafa.sock")) {
            if ($GLOBALS["OUTPUT"]) {
                echo "Starting......: " . date("H:i:s") . " [INIT]: /var/run/php-fpm-zarafa.sock no such socket\n";
            }
            if ($GLOBALS["OUTPUT"]) {
                echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Activate PHP5-FPM\n";
            }
            shell_exec("{$php} /usr/share/artica-postfix/exec.initslapd.php --phppfm");
            if ($GLOBALS["OUTPUT"]) {
                echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Restarting PHP5-FPM\n";
            }
            shell_exec("/etc/init.d/php5-fpm restart");
        }
        $f[] = "\tAlias /php5.fastcgi /var/run/artica-apache/php5.fastcgi";
        $f[] = "\tAddHandler php-script .php";
        $f[] = "\tFastCGIExternalServer /var/run/artica-apache/php5.fastcgi -socket /var/run/php-fpm-zarafa.sock -idle-timeout 610";
        $f[] = "\tAction php-script /php5.fastcgi virtual";
        $f[] = "\t<Directory /var/run/artica-apache>";
        $f[] = "\t\t<Files php5.fastcgi>";
        $f[] = "\t\tOrder deny,allow";
        $f[] = "\t\tAllow from all";
        $f[] = "\t\t</Files>";
        $f[] = "\t</Directory>";
    } else {
        if ($GLOBALS["OUTPUT"]) {
            echo "Configuring...: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} PHP5-FPM is disabled\n";
        }
    }
    $f[] = "<IfModule dir_module>";
    $f[] = "    DirectoryIndex index.php";
    $f[] = "</IfModule>";
    $f[] = "";
    $f[] = "";
    $f[] = "<FilesMatch \"^\\.ht\">";
    $f[] = "    Order allow,deny";
    $f[] = "    Deny from all";
    $f[] = "    Satisfy All";
    $f[] = "</FilesMatch>";
    $f[] = "<IfModule mod_php5.c>";
    $f[] = "    <FilesMatch \"\\.ph(p3?|tml)\$\">";
    $f[] = "\tSetHandler application/x-httpd-php";
    $f[] = "    </FilesMatch>";
    $f[] = "    <FilesMatch \"\\.phps\$\">";
    $f[] = "\tSetHandler application/x-httpd-php-source";
    $f[] = "    </FilesMatch>";
    $f[] = "    # To re-enable php in user directories comment the following lines";
    $f[] = "    # (from <IfModule ...> to </IfModule>.) Do NOT set it to On as it";
    $f[] = "    # prevents .htaccess files from disabling it.";
    $f[] = "    <IfModule mod_userdir.c>";
    $f[] = "        <Directory /home/*/public_html>";
    $f[] = "            php_admin_value engine Off";
    $f[] = "        </Directory>";
    $f[] = "    </IfModule>";
    $f[] = "</IfModule>";
    $f[] = "";
    $f[] = "";
    $f[] = "ErrorLog \"/var/log/apache-zarafa/error.log\"";
    $f[] = "LogLevel warn";
    $f[] = "";
    $f[] = "<IfModule log_config_module>";
    $f[] = "    LogFormat \"%h %l %u %t \\\"%r\\\" %>s %b \\\"%{Referer}i\\\" \\\"%{User-Agent}i\\\" %V\\\" combinedv";
    $f[] = "    LogFormat \"%h %l %u %t \\\"%r\\\" %>s %b\" common";
    $f[] = "";
    $f[] = "    <IfModule logio_module>";
    $f[] = "      LogFormat \"%h %l %u %t \\\"%r\\\" %>s %b \\\"%{Referer}i\\\" \\\"%{User-Agent}i\\\" %I %O\" combinedio";
    $f[] = "    </IfModule>";
    $f[] = "";
    $f[] = "    CustomLog \"/var/log/apache-zarafa/access.log\" combinedv";
    $f[] = "</IfModule>";
    $f[] = "";
    $f[] = "<IfModule alias_module>";
    $f[] = "    ScriptAlias /cgi-bin/ \"/usr/local/apache-groupware/data/cgi-bin/\"";
    $f[] = "    Alias /images /usr/share/obm2/resources";
    $f[] = "";
    $f[] = "</IfModule>";
    $f[] = "";
    $f[] = "<IfModule cgid_module>";
    $f[] = "";
    $f[] = "</IfModule>";
    $f[] = "";
    $f[] = "";
    $f[] = "<Directory \"/usr/local/apache-groupware/data/cgi-bin\">";
    $f[] = "    AllowOverride None";
    $f[] = "    Options None";
    $f[] = "    Order allow,deny";
    $f[] = "    Allow from all";
    $f[] = "</Directory>";
    $f[] = "";
    $f[] = "";
    $f[] = "DefaultType text/plain";
    $f[] = "";
    $f[] = "<IfModule mime_module>";
    $f[] = "   ";
    $f[] = "    TypesConfig /etc/mime.types";
    $f[] = "    #AddType application/x-gzip .tgz";
    $f[] = "    AddType application/x-compress .Z";
    $f[] = "    AddType application/x-gzip .gz .tgz";
    $f[] = "    AddType application/x-httpd-php .php .phtml";
    $f[] = "    #AddHandler cgi-script .cgi";
    $f[] = "    #AddHandler type-map var";
    $f[] = "    #AddType text/html .shtml";
    $f[] = "    #AddOutputFilter INCLUDES .shtml";
    $f[] = "</IfModule>";
    @file_put_contents('/etc/zarafa/httpd.conf', @implode("\n", $f) . "\n");
    if ($GLOBALS["OUTPUT"]) {
        echo "Configuring...: " . date("H:i:s") . " /etc/zarafa/httpd.conf done\n";
    }
}
function extract_tgz($uuid)
{
    $unix = new unix();
    $workingdir = "/usr/share/artica-postfix/ressources/conf/meta/hosts/uploaded/{$uuid}";
    if (is_file("{$workingdir}/status.tgz")) {
        $tar = $unix->find_program("tar");
        shell_exec("{$tar} -xf {$workingdir}/status.tgz -C {$workingdir}/");
        @unlink("{$workingdir}/status.tgz");
    }
    $unix->chown_func($unix->APACHE_SRC_ACCOUNT(), $unix->APACHE_SRC_GROUP(), "{$workingdir}/*");
    if (is_file("{$workingdir}/squid_admin_mysql.db")) {
        $q = new mysql_meta();
        if (!$q->TABLE_EXISTS("squid_admin_mysql")) {
            $q->CheckTables();
        }
        $data = trim(@file_get_contents("{$workingdir}/squid_admin_mysql.db"));
        if ($data != null) {
            $q->QUERY_SQL(@file_get_contents("{$workingdir}/squid_admin_mysql.db"));
            if (!$q->ok) {
                meta_admin_mysql(0, "Failed to import {$workingdir}/squid_admin_mysql.db", $q->mysql_error, __FILE__, __LINE__);
            } else {
                @unlink("{$workingdir}/squid_admin_mysql.db");
            }
        } else {
            @unlink("{$workingdir}/squid_admin_mysql.db");
        }
    } else {
        if ($GLOBALS["VERBOSE"]) {
            echo "{$workingdir}/squid_admin_mysql.db ( no such file )\n";
        }
    }
    if (is_file("{$workingdir}/network_hosts.db")) {
        __network_hosts($uuid, "{$workingdir}/network_hosts.db");
    } else {
        if ($GLOBALS["VERBOSE"]) {
            echo "{$workingdir}/network_hosts.db ( no such file )\n";
        }
    }
    global_status_ini($uuid);
}
Пример #4
0
function apache_config()
{
    $sock = new sockets();
    $unix = new unix();
    $EnablePHPFPM = 0;
    $ipaddr = null;
    @mkdir("/var/run/apache2", 0755, true);
    @mkdir("/var/run/sarg-apache", 0755, true);
    @mkdir("/var/log/apache2", 0755, true);
    @mkdir(dirname($GLOBALS["APACHE_PID_PATH"]), 0755, true);
    $APACHE_SRC_ACCOUNT = $unix->APACHE_SRC_ACCOUNT();
    $APACHE_SRC_GROUP = $unix->APACHE_SRC_GROUP();
    $APACHE_MODULES_PATH = $unix->APACHE_MODULES_PATH();
    $SargOutputDir = $sock->GET_INFO("SargOutputDir");
    if ($SargOutputDir == null) {
        $SargOutputDir = "/var/www/html/squid-reports";
    }
    $SargWebPort = intval($sock->GET_INFO("SargWebPort"));
    if ($SargWebPort == 0) {
        $SargWebPort = rand(55600, 59000);
        $sock->SET_INFO("SargWebPort", $SargWebPort);
    }
    if (is_link($SargOutputDir)) {
        $SargOutputDir = @readlink($SargOutputDir);
    }
    @mkdir($SargOutputDir, 0755, true);
    if (!is_file("{$SargOutputDir}/index.html")) {
        $php = $unix->LOCATE_PHP5_BIN();
        shell_exec("{$php} /usr/share/artica-postfix/exec.sarg.php --exec --force >/dev/null 2>&1 &");
    }
    if ($ipaddr == null) {
        $ipaddr = "*";
    }
    $phpfpm = $unix->APACHE_LOCATE_PHP_FPM();
    $php = $unix->LOCATE_PHP5_BIN();
    $EnableArticaApachePHPFPM = $sock->GET_INFO("EnableArticaApachePHPFPM");
    if (!is_numeric($EnableArticaApachePHPFPM)) {
        $EnableArticaApachePHPFPM = 0;
    }
    if (!is_file($phpfpm)) {
        $EnableArticaApachePHPFPM = 0;
    }
    $logfile = "/var/log/apache2/apache-sarg-access.log";
    $ErrorLog = "/var/log/apache2/apache-sarg-error.log";
    $unix->chown_func($APACHE_SRC_ACCOUNT, $APACHE_SRC_GROUP, "/var/run/sarg-apache");
    $apache_LOCATE_MIME_TYPES = $unix->apache_LOCATE_MIME_TYPES();
    if ($EnableArticaApachePHPFPM == 1) {
        if (!is_file("{$APACHE_MODULES_PATH}/mod_fastcgi.so")) {
            if ($GLOBALS["OUTPUT"]) {
                echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} mod_fastcgi.so is required to use PHP5-FPM\n";
            }
            $EnableArticaApachePHPFPM = 0;
        }
    }
    if ($APACHE_SRC_ACCOUNT == null) {
        $APACHE_SRC_ACCOUNT = "www-data";
        $APACHE_SRC_GROUP = "www-data";
        $unix->CreateUnixUser($APACHE_SRC_ACCOUNT, $APACHE_SRC_GROUP, "Apache username");
    }
    @unlink($ErrorLog);
    @unlink($logfile);
    if (!is_file("{$logfile}")) {
        @touch("{$logfile}");
    }
    if (!is_file("{$ErrorLog}")) {
        @touch("{$ErrorLog}");
    }
    $unix->chown_func($APACHE_SRC_ACCOUNT, $APACHE_SRC_GROUP, $ErrorLog);
    $unix->chown_func($APACHE_SRC_ACCOUNT, $APACHE_SRC_GROUP, $logfile);
    $unix->chown_func($APACHE_SRC_ACCOUNT, $APACHE_SRC_GROUP, "/var/run/sarg-apache");
    $unix->chown_func($APACHE_SRC_ACCOUNT, $APACHE_SRC_GROUP, "/var/log/apache2");
    $unix->chown_func($APACHE_SRC_ACCOUNT, $APACHE_SRC_GROUP, dirname($GLOBALS["APACHE_PID_PATH"]));
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Run as {$APACHE_SRC_ACCOUNT}:{$APACHE_SRC_GROUP}\n";
    }
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} HTTP Port: {$ArticaSplashHotSpotPort} SSL Port: {$ArticaSplashHotSpotPortSSL}\n";
    }
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} PHP-FPM: {$EnablePHPFPM}\n";
    }
    $f[] = "LockFile /var/run/apache2/sarg-artica-accept.lock";
    $f[] = "PidFile {$GLOBALS["APACHE_PID_PATH"]}";
    $f[] = "AcceptMutex flock";
    $f[] = "DocumentRoot {$SargOutputDir}";
    $f[] = "DirectoryIndex index.html";
    $f[] = "ErrorDocument 400 /index.html";
    $f[] = "ErrorDocument 401 /index.html";
    $f[] = "ErrorDocument 403 /index.html";
    $f[] = "ErrorDocument 404 /index.html";
    $f[] = "ErrorDocument 500 /index.html";
    $f[] = "NameVirtualHost {$ipaddr}:{$SargWebPort}";
    $f[] = "Listen {$ipaddr}:{$SargWebPort}";
    $f[] = "<VirtualHost {$ipaddr}:{$SargWebPort}>";
    $f[] = "\tServerName {$ipaddr}";
    $f[] = "\tDocumentRoot {$SargOutputDir}";
    $f[] = "</VirtualHost>";
    $f[] = "<IfModule mpm_prefork_module>";
    $f[] = "</IfModule>";
    $f[] = "<IfModule mpm_worker_module>";
    $f[] = "\tMinSpareThreads      25";
    $f[] = "\tMaxSpareThreads      75 ";
    $f[] = "\tThreadLimit          64";
    $f[] = "\tThreadsPerChild      25";
    $f[] = "</IfModule>";
    $f[] = "<IfModule mpm_event_module>";
    $f[] = "\tMinSpareThreads      25";
    $f[] = "\tMaxSpareThreads      75 ";
    $f[] = "\tThreadLimit          64";
    $f[] = "\tThreadsPerChild      25";
    $f[] = "</IfModule>";
    $f[] = "AccessFileName .htaccess";
    $f[] = "<Files ~ \"^\\.ht\">";
    $f[] = "\tOrder allow,deny";
    $f[] = "\tDeny from all";
    $f[] = "\tSatisfy all";
    $f[] = "</Files>";
    $f[] = "DefaultType text/plain";
    $f[] = "HostnameLookups Off";
    $f[] = "User\t\t\t\t   {$APACHE_SRC_ACCOUNT}";
    $f[] = "Group\t\t\t\t   {$APACHE_SRC_GROUP}";
    $f[] = "Timeout              300";
    $f[] = "KeepAlive            Off";
    $f[] = "KeepAliveTimeout     15";
    $f[] = "StartServers         1";
    $f[] = "MaxClients           50";
    $f[] = "MinSpareServers      2";
    $f[] = "MaxSpareServers      5";
    $f[] = "MaxRequestsPerChild  5000";
    $f[] = "MaxKeepAliveRequests 100";
    $f[] = "ServerName " . $unix->hostname_g();
    $f[] = "<IfModule mod_mime.c>";
    $f[] = "\tTypesConfig /etc/mime.types";
    $f[] = "\tAddType application/x-compress .Z";
    $f[] = "\tAddType application/x-gzip .gz .tgz";
    $f[] = "\tAddType application/x-bzip2 .bz2";
    $f[] = "\tAddType application/x-httpd-php .php .phtml";
    $f[] = "\tAddType application/x-httpd-php-source .phps";
    $f[] = "\tAddLanguage ca .ca";
    $f[] = "\tAddLanguage cs .cz .cs";
    $f[] = "\tAddLanguage da .dk";
    $f[] = "\tAddLanguage de .de";
    $f[] = "\tAddLanguage el .el";
    $f[] = "\tAddLanguage en .en";
    $f[] = "\tAddLanguage eo .eo";
    $f[] = "\tRemoveType  es";
    $f[] = "\tAddLanguage es .es";
    $f[] = "\tAddLanguage et .et";
    $f[] = "\tAddLanguage fr .fr";
    $f[] = "\tAddLanguage he .he";
    $f[] = "\tAddLanguage hr .hr";
    $f[] = "\tAddLanguage it .it";
    $f[] = "\tAddLanguage ja .ja";
    $f[] = "\tAddLanguage ko .ko";
    $f[] = "\tAddLanguage ltz .ltz";
    $f[] = "\tAddLanguage nl .nl";
    $f[] = "\tAddLanguage nn .nn";
    $f[] = "\tAddLanguage no .no";
    $f[] = "\tAddLanguage pl .po";
    $f[] = "\tAddLanguage pt .pt";
    $f[] = "\tAddLanguage pt-BR .pt-br";
    $f[] = "\tAddLanguage ru .ru";
    $f[] = "\tAddLanguage sv .sv";
    $f[] = "\tRemoveType  tr";
    $f[] = "\tAddLanguage tr .tr";
    $f[] = "\tAddLanguage zh-CN .zh-cn";
    $f[] = "\tAddLanguage zh-TW .zh-tw";
    $f[] = "\tAddCharset us-ascii    .ascii .us-ascii";
    $f[] = "\tAddCharset ISO-8859-1  .iso8859-1  .latin1";
    $f[] = "\tAddCharset ISO-8859-2  .iso8859-2  .latin2 .cen";
    $f[] = "\tAddCharset ISO-8859-3  .iso8859-3  .latin3";
    $f[] = "\tAddCharset ISO-8859-4  .iso8859-4  .latin4";
    $f[] = "\tAddCharset ISO-8859-5  .iso8859-5  .cyr .iso-ru";
    $f[] = "\tAddCharset ISO-8859-6  .iso8859-6  .arb .arabic";
    $f[] = "\tAddCharset ISO-8859-7  .iso8859-7  .grk .greek";
    $f[] = "\tAddCharset ISO-8859-8  .iso8859-8  .heb .hebrew";
    $f[] = "\tAddCharset ISO-8859-9  .iso8859-9  .latin5 .trk";
    $f[] = "\tAddCharset ISO-8859-10  .iso8859-10  .latin6";
    $f[] = "\tAddCharset ISO-8859-13  .iso8859-13";
    $f[] = "\tAddCharset ISO-8859-14  .iso8859-14  .latin8";
    $f[] = "\tAddCharset ISO-8859-15  .iso8859-15  .latin9";
    $f[] = "\tAddCharset ISO-8859-16  .iso8859-16  .latin10";
    $f[] = "\tAddCharset ISO-2022-JP .iso2022-jp .jis";
    $f[] = "\tAddCharset ISO-2022-KR .iso2022-kr .kis";
    $f[] = "\tAddCharset ISO-2022-CN .iso2022-cn .cis";
    $f[] = "\tAddCharset Big5        .Big5       .big5 .b5";
    $f[] = "\tAddCharset cn-Big5     .cn-big5";
    $f[] = "\t# For russian, more than one charset is used (depends on client, mostly):";
    $f[] = "\tAddCharset WINDOWS-1251 .cp-1251   .win-1251";
    $f[] = "\tAddCharset CP866       .cp866";
    $f[] = "\tAddCharset KOI8      .koi8";
    $f[] = "\tAddCharset KOI8-E      .koi8-e";
    $f[] = "\tAddCharset KOI8-r      .koi8-r .koi8-ru";
    $f[] = "\tAddCharset KOI8-U      .koi8-u";
    $f[] = "\tAddCharset KOI8-ru     .koi8-uk .ua";
    $f[] = "\tAddCharset ISO-10646-UCS-2 .ucs2";
    $f[] = "\tAddCharset ISO-10646-UCS-4 .ucs4";
    $f[] = "\tAddCharset UTF-7       .utf7";
    $f[] = "\tAddCharset UTF-8       .utf8";
    $f[] = "\tAddCharset UTF-16      .utf16";
    $f[] = "\tAddCharset UTF-16BE    .utf16be";
    $f[] = "\tAddCharset UTF-16LE    .utf16le";
    $f[] = "\tAddCharset UTF-32      .utf32";
    $f[] = "\tAddCharset UTF-32BE    .utf32be";
    $f[] = "\tAddCharset UTF-32LE    .utf32le";
    $f[] = "\tAddCharset euc-cn      .euc-cn";
    $f[] = "\tAddCharset euc-gb      .euc-gb";
    $f[] = "\tAddCharset euc-jp      .euc-jp";
    $f[] = "\tAddCharset euc-kr      .euc-kr";
    $f[] = "\tAddCharset EUC-TW      .euc-tw";
    $f[] = "\tAddCharset gb2312      .gb2312 .gb";
    $f[] = "\tAddCharset iso-10646-ucs-2 .ucs-2 .iso-10646-ucs-2";
    $f[] = "\tAddCharset iso-10646-ucs-4 .ucs-4 .iso-10646-ucs-4";
    $f[] = "\tAddCharset shift_jis   .shift_jis .sjis";
    $f[] = "\tAddType text/html .shtml";
    $f[] = "\tAddOutputFilter INCLUDES .shtml";
    $f[] = "</IfModule>";
    //$f[]="Alias /index.php /usr/share/artica-postfix/hotspot.php";
    //$f[]="Alias /index.html /usr/share/artica-postfix/hotspot.php";
    $f[] = "<Directory \"{$SargOutputDir}\">";
    $f[] = "\tDirectorySlash On";
    $f[] = "\tDirectoryIndex index.html";
    $f[] = "\t\t<Files \"hostpot.php\">";
    $f[] = "\t\t\tOrder allow,deny";
    $f[] = "\t\t\tallow from all";
    $f[] = "\t\t</Files>";
    $f[] = "\tErrorDocument 400 /index.html";
    $f[] = "\tErrorDocument 401 /index.html";
    $f[] = "\tErrorDocument 403 /index.html";
    $f[] = "\tErrorDocument 404 /index.html";
    $f[] = "\tErrorDocument 500 /index.html";
    $f[] = "\tOptions -Indexes";
    $f[] = "\tAllowOverride All";
    $f[] = "\tOrder allow,deny";
    $f[] = "\tAllow from all";
    $f[] = "</Directory>";
    $f[] = "Loglevel debug";
    $f[] = "ErrorLog {$ErrorLog}";
    $f[] = "LogFormat \"%h %l %u %t \\\"%r\\\" %<s %b\" common";
    $f[] = "CustomLog {$logfile} common";
    $array["actions_module"] = "mod_actions.so";
    $array["expires_module"] = "mod_expires.so";
    $array["rewrite_module"] = "mod_rewrite.so";
    $array["dir_module"] = "mod_dir.so";
    $array["mime_module"] = "mod_mime.so";
    $array["alias_module"] = "mod_alias.so";
    $array["auth_basic_module"] = "mod_auth_basic.so";
    $array["authz_host_module"] = "mod_authz_host.so";
    $array["autoindex_module"] = "mod_autoindex.so";
    $array["negotiation_module"] = "mod_negotiation.so";
    $array["headers_module"] = "mod_headers.so";
    //$array["ldap_module"]="mod_ldap.so";
    if (is_dir("/etc/apache2")) {
        if (!is_file("/etc/apache2/mime.types")) {
            if ($apache_LOCATE_MIME_TYPES != "/etc/apache2/mime.types") {
                @copy($apache_LOCATE_MIME_TYPES, "/etc/apache2/mime.types");
            }
        }
    }
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Mime types path.......: {$apache_LOCATE_MIME_TYPES}\n";
    }
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Modules path..........: {$APACHE_MODULES_PATH}\n";
    }
    while (list($module, $lib) = each($array)) {
        if (is_file("{$APACHE_MODULES_PATH}/{$lib}")) {
            if ($GLOBALS["OUTPUT"]) {
                echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} include module \"{$module}\"\n";
            }
            $f[] = "LoadModule {$module} {$APACHE_MODULES_PATH}/{$lib}";
        } else {
            if ($GLOBALS["OUTPUT"]) {
                echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} skip module \"{$module}\"\n";
            }
        }
    }
    @file_put_contents($GLOBALS["APACHE_CONFIG_PATH"], @implode("\n", $f));
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} {$GLOBALS["APACHE_CONFIG_PATH"]} done\n";
    }
}
Пример #5
0
function LoagRotateApache()
{
    $sock = new sockets();
    $unix = new unix();
    $ApacheLogRotate = $sock->GET_INFO("ApacheLogRotate");
    if (!is_numeric($ApacheLogRotate)) {
        $ApacheLogRotate = 1;
    }
    if ($ApacheLogRotate == 0) {
        return;
    }
    $gzip = $unix->find_program("gzip");
    $ligneC = unserialize(base64_decode($sock->GET_INFO("ApacheLogRotateParams")));
    if (!is_numeric($ligneC["RotateType"])) {
        $ligneC["RotateType"] = 0;
    }
    if (!is_numeric($ligneC["MaxSize"])) {
        $ligneC["MaxSize"] = 100;
    }
    if (!is_numeric($ligneC["RotateCount"])) {
        $ligneC["RotateCount"] = 5;
    }
    $php5 = $unix->LOCATE_PHP5_BIN();
    $q = new mysql();
    $sql = "SELECT servername FROM freeweb";
    $results = $q->QUERY_SQL($sql, 'artica_backup');
    if (mysql_num_rows($results) == 0) {
        return;
    }
    while ($ligne = mysql_fetch_array($results, MYSQL_ASSOC)) {
        $servername = $ligne["servername"];
        $f = array();
        $f[] = "/var/log/apache2/{$servername}/*.log {";
        $f[] = "\t{$ligneC["RotateFreq"]}";
        $f[] = "\tsu " . $unix->APACHE_SRC_ACCOUNT() . " " . $unix->APACHE_SRC_GROUP();
        $f[] = "\tmissingok";
        if ($ligneC["MaxSize"] > 0) {
            $f[] = "\tsize {$ligneC["MaxSize"]}M";
        }
        if ($ligneC["RotateCount"] > 0) {
            $f[] = "\trotate {$ligneC["RotateCount"]}";
        }
        $f[] = "\tcompress";
        $f[] = "\tsharedscripts";
        $f[] = "\tcreate 640 root";
        $f[] = "\tdateext";
        $f[] = "\tcompressext .gz";
        $f[] = "\tcompresscmd {$gzip}";
        $f[] = "\tcompressoptions -9";
        $f[] = "\textension -TASK-99999";
        $f[] = "\tpostrotate";
        $f[] = "{$php5} /usr/share/artica-postfix/exec.freeweb.php --reload";
        $f[] = "endscript";
        $f[] = "}\n";
        @file_put_contents("/etc/logrotate.d/rotate-{$servername}", @implode("\n", $f));
    }
}
Пример #6
0
function apache_config()
{
    $sock = new sockets();
    $unix = new unix();
    $EnablePHPFPM = 0;
    $APACHE_SRC_ACCOUNT = $unix->APACHE_SRC_ACCOUNT();
    $APACHE_SRC_GROUP = $unix->APACHE_SRC_GROUP();
    if (preg_match("#APACHE_RUN_GROUP#", $APACHE_SRC_GROUP)) {
        $APACHE_SRC_GROUP = "www-data";
    }
    $LogFilePath = "/var/log/artica-wifidog/access.log";
    $directories[] = "/var/run/apache2";
    $directories[] = "/var/run/artica-apache";
    $directories[] = "/var/log/artica-wifidog";
    $directories[] = "/home/artica/hotspot/sessions";
    $directories[] = "/home/artica/hotspot/caches";
    while (list($index, $maindir) = each($directories)) {
        @mkdir($maindir, 0755, true);
        @chown($maindir, $APACHE_SRC_ACCOUNT);
        @chgrp($maindir, $APACHE_SRC_GROUP);
    }
    $ErrorLog = dirname($LogFilePath) . "/error.log";
    if (!is_file($LogFilePath)) {
        @touch($LogFilePath);
    }
    @chown($LogFilePath, $APACHE_SRC_ACCOUNT);
    @chgrp($LogFilePath, $APACHE_SRC_GROUP);
    if (!is_file($ErrorLog)) {
        @touch($ErrorLog);
    }
    @chown($ErrorLog, $APACHE_SRC_ACCOUNT);
    @chgrp($ErrorLog, $APACHE_SRC_GROUP);
    $APACHE_MODULES_PATH = $unix->APACHE_MODULES_PATH();
    $HotSpotMaxClients = intval(@file_get_contents("/etc/artica-postfix/settings/Daemons/HotSpotMaxClients"));
    $HotSpotStartServers = intval(@file_get_contents("/etc/artica-postfix/settings/Daemons/HotSpotStartServers"));
    $HotSpotForceDDOSDisable = intval(@file_get_contents("/etc/artica-postfix/settings/Daemons/HotSpotForceDDOSDisable"));
    if ($HotSpotMaxClients == 0) {
        $HotSpotMaxClients = 20;
    }
    if ($HotSpotStartServers == 0) {
        $HotSpotStartServers = 5;
    }
    $EnableArticaHotSpot = $sock->GET_INFO("EnableArticaHotSpot");
    $SquidHotSpotPort = $sock->GET_INFO("SquidHotSpotPort");
    $ArticaHotSpotPort = $sock->GET_INFO("ArticaHotSpotPort");
    $ArticaSSLHotSpotPort = $sock->GET_INFO("ArticaSSLHotSpotPort");
    $ArticaSplashHotSpotPort = $sock->GET_INFO("ArticaSplashHotSpotPort");
    $ArticaSplashHotSpotPortSSL = $sock->GET_INFO("ArticaSplashHotSpotPortSSL");
    if (!is_numeric($ArticaHotSpotPort)) {
        $ArticaHotSpotPort = 0;
    }
    if (!is_numeric($ArticaSplashHotSpotPort)) {
        $ArticaSplashHotSpotPort = 16080;
    }
    if (!is_numeric($ArticaSplashHotSpotPortSSL)) {
        $ArticaSplashHotSpotPortSSL = 16443;
    }
    $ArticaHotSpotInterface = $sock->GET_INFO("ArticaHotSpotInterface");
    $HospotHTTPServerName = trim($sock->GET_INFO("HospotHTTPServerName"));
    $HotSpotErrorRedirect = $sock->GET_INFO("HotSpotErrorRedirect");
    if ($HotSpotErrorRedirect == null) {
        $HotSpotErrorRedirect = "http://www.msftncsi.com";
    }
    $Params = unserialize($sock->GET_INFO("HotSpotEvasive"));
    $ApacheEvasiveInstalled = intval($sock->GET_INFO("ApacheEvasiveInstalled"));
    if (!is_numeric($Params["DOSEnable"])) {
        $Params["DOSEnable"] = 1;
    }
    if (!is_numeric($Params["DOSHashTableSize"])) {
        $Params["DOSHashTableSize"] = 1024;
    }
    if (!is_numeric($Params["DOSPageCount"])) {
        $Params["DOSPageCount"] = 3;
    }
    if (!is_numeric($Params["DOSSiteCount"])) {
        $Params["DOSSiteCount"] = 20;
    }
    if (!is_numeric($Params["DOSPageInterval"])) {
        $Params["DOSPageInterval"] = 1;
    }
    if (!is_numeric($Params["DOSSiteInterval"])) {
        $Params["DOSSiteInterval"] = 10;
    }
    if (!is_numeric($Params["DOSBlockingPeriod"])) {
        $Params["DOSBlockingPeriod"] = 5;
    }
    $unix = new unix();
    $NETWORK_ALL_INTERFACES = $unix->NETWORK_ALL_INTERFACES();
    $ipaddr = $NETWORK_ALL_INTERFACES[$ArticaHotSpotInterface]["IPADDR"];
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} HotSpot run as {$ArticaHotSpotInterface} ( {$ipaddr} )\n";
    }
    if ($ipaddr == "0.0.0.0") {
        $ipaddr = "*";
    }
    if ($ipaddr == null) {
        $ipaddr = "*";
    }
    $GLOBALS["HOSTPOT_WEB_INTERFACE"] = $ipaddr;
    $phpfpm = $unix->APACHE_LOCATE_PHP_FPM();
    $php = $unix->LOCATE_PHP5_BIN();
    $EnableArticaApachePHPFPM = $sock->GET_INFO("EnableArticaApachePHPFPM");
    if (!is_numeric($EnableArticaApachePHPFPM)) {
        $EnableArticaApachePHPFPM = 0;
    }
    if (!is_file($phpfpm)) {
        $EnableArticaApachePHPFPM = 0;
    }
    $unix->chown_func($APACHE_SRC_ACCOUNT, $APACHE_SRC_GROUP, "/var/run/artica-apache");
    $apache_LOCATE_MIME_TYPES = $unix->apache_LOCATE_MIME_TYPES();
    if ($EnableArticaApachePHPFPM == 1) {
        if (!is_file("{$APACHE_MODULES_PATH}/mod_fastcgi.so")) {
            if ($GLOBALS["OUTPUT"]) {
                echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} mod_fastcgi.so is required to use PHP5-FPM\n";
            }
            $EnableArticaApachePHPFPM = 0;
        }
    }
    if ($APACHE_SRC_ACCOUNT == null) {
        $APACHE_SRC_ACCOUNT = "www-data";
        $APACHE_SRC_GROUP = "www-data";
        $unix->CreateUnixUser($APACHE_SRC_ACCOUNT, $APACHE_SRC_GROUP, "Apache username");
    }
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Run as....: {$APACHE_SRC_ACCOUNT}:{$APACHE_SRC_GROUP}\n";
    }
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} HTTP Port.: {$ArticaSplashHotSpotPort} SSL Port: {$ArticaSplashHotSpotPortSSL}\n";
    }
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} PHP-FPM...: {$EnablePHPFPM}\n";
    }
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} MaxClients: {$HotSpotMaxClients}\n";
    }
    $f[] = "Group {$APACHE_SRC_GROUP}";
    $f[] = "User {$APACHE_SRC_ACCOUNT}";
    $f[] = "LockFile /var/run/apache2/hotspot-artica-accept.lock";
    $f[] = "PidFile /var/run/artica-apache/hotspot-apache.pid";
    $f[] = "AcceptMutex flock";
    $f[] = "SSLRandomSeed startup file:/dev/urandom  256";
    $f[] = "SSLRandomSeed connect builtin";
    $f[] = "SSLSessionCache        shmcb:/var/run/apache2/ssl_scache-hotspot(512000)";
    $f[] = "SSLSessionCacheTimeout  300";
    $f[] = "SSLSessionCacheTimeout  300";
    $f[] = "DocumentRoot /usr/share/artica-postfix";
    $f[] = "DirectoryIndex hotspot.html";
    $f[] = "ErrorDocument 400 /hotspot.html";
    $f[] = "ErrorDocument 401 /hotspot.html";
    $f[] = "ErrorDocument 403 /hotspot.html";
    $f[] = "ErrorDocument 404 /hotspot.html";
    $f[] = "ErrorDocument 500 /hotspot.html";
    $NameVirtualHost = $ipaddr;
    if ($HospotHTTPServerName != null) {
        $NameVirtualHost = $HospotHTTPServerName;
    }
    $f[] = "NameVirtualHost {$NameVirtualHost}:{$ArticaSplashHotSpotPort}";
    $f[] = "NameVirtualHost {$NameVirtualHost}:{$ArticaSplashHotSpotPortSSL}";
    $f[] = "Listen {$NameVirtualHost}:{$ArticaSplashHotSpotPort}";
    $f[] = "Listen {$NameVirtualHost}:{$ArticaSplashHotSpotPortSSL}";
    $ddos_config = null;
    if ($HotSpotForceDDOSDisable == 1) {
        $Params["DOSEnable"] = 0;
    }
    if ($Params["DOSEnable"] == 1) {
        //$ddos[]="<IfModule mod_evasive20.c>";
        $ddos[] = "\tDOSHashTableSize {$Params["DOSHashTableSize"]}";
        $ddos[] = "\tDOSPageCount {$Params["DOSPageCount"]}";
        $ddos[] = "\tDOSSiteCount {$Params["DOSSiteCount"]}";
        $ddos[] = "\tDOSPageInterval {$Params["DOSPageInterval"]}";
        $ddos[] = "\tDOSSiteInterval {$Params["DOSSiteInterval"]}";
        $ddos[] = "\tDOSBlockingPeriod {$Params["DOSBlockingPeriod"]}";
        $ddos[] = "\tDOSLogDir  \"/var/log/artica-wifidog\"";
        $ddos[] = "\tDOSSystemCommand \"/bin/echo `date '+%F %T'` HOTSPOT  %s >> /var/log/artica-wifidog/dos_evasive_attacks.log\"";
        $ddos_config = @implode("\n", $ddos);
        //$ddos[]="</IfModule>";
    }
    $f[] = "<VirtualHost {$NameVirtualHost}:{$ArticaSplashHotSpotPort}>";
    $f[] = "\tServerName {$NameVirtualHost}";
    $f[] = "\tDocumentRoot /usr/share/artica-postfix";
    $f[] = "{$ddos_config}";
    $f[] = "\tErrorDocument 400 /hotspot.html";
    $f[] = "\tErrorDocument 401 /hotspot.html";
    $f[] = "\tErrorDocument 403 /hotspot.html";
    $f[] = "\tErrorDocument 404 /hotspot.html";
    $f[] = "\tErrorDocument 500 /hotspot.html";
    $f[] = "\tFallbackResource /hotspot.html";
    $f[] = "</VirtualHost>";
    $f[] = "<VirtualHost {$NameVirtualHost}:{$ArticaSplashHotSpotPortSSL}>";
    $f[] = "\tServerName {$NameVirtualHost}";
    $f[] = "\tDocumentRoot /usr/share/artica-postfix";
    $f[] = "\tSSLEngine on";
    $squid = new squidbee();
    $ArticaSplashHotSpotCertificate = $sock->GET_INFO("ArticaSplashHotSpotCertificate");
    $data = $squid->SaveCertificate($ArticaSplashHotSpotCertificate, false, true, false);
    if ($ArticaSplashHotSpotCertificate != null) {
        $apache = new apache_certificate($ArticaSplashHotSpotCertificate);
        $f[] = $apache->build();
    } else {
        if (preg_match("#ssl_certificate\\s+(.+?);\\s+ssl_certificate_key\\s+(.+?);#is", $data, $re)) {
            $cert = $re[1];
            $key = $re[2];
            $f[] = "\tSSLCertificateFile \"{$cert}\"";
            $f[] = "\tSSLCertificateKeyFile \"{$key}\"";
        }
    }
    $f[] = "\tSSLVerifyClient none";
    $f[] = "\tServerSignature Off";
    $f[] = "{$ddos_config}";
    $f[] = "\tErrorDocument 400 /hotspot.html";
    $f[] = "\tErrorDocument 401 /hotspot.html";
    $f[] = "\tErrorDocument 403 /hotspot.html";
    $f[] = "\tErrorDocument 404 /hotspot.html";
    $f[] = "\tErrorDocument 500 /hotspot.html";
    $f[] = "\tFallbackResource /hotspot.html";
    $f[] = "</VirtualHost>";
    $f[] = "AccessFileName .htaccess";
    $f[] = "<Files ~ \"^\\.ht\">";
    $f[] = "\tOrder allow,deny";
    $f[] = "\tDeny from all";
    $f[] = "\tSatisfy all";
    $f[] = "</Files>";
    $f[] = "DefaultType text/plain";
    $f[] = "HostnameLookups Off";
    $f[] = "User\t\t\t\t   {$APACHE_SRC_ACCOUNT}";
    $f[] = "Group\t\t\t\t   {$APACHE_SRC_GROUP}";
    $f[] = "Timeout              300";
    $f[] = "KeepAlive            Off";
    $f[] = "KeepAliveTimeout     3";
    if ($HotSpotStartServers >= $HotSpotMaxClients) {
        $HotSpotMaxClients = $HotSpotMaxClients + $HotSpotStartServers;
    }
    if ($HotSpotMaxClients > 1024) {
        $HotSpotMaxClients = 1024;
    }
    $ServerLimit = $HotSpotMaxClients + 100;
    if ($ServerLimit > 2000) {
        $ServerLimit = 2000;
    }
    $f[] = "StartServers         {$HotSpotStartServers}";
    $f[] = "MaxClients           {$HotSpotMaxClients}";
    $f[] = "ServerLimit\t\t   {$ServerLimit}";
    $MinSpareServers = $HotSpotStartServers + 5;
    $MaxSpareServers = $MinSpareServers + 1;
    $f[] = "MinSpareServers      {$MinSpareServers}";
    $f[] = "MaxSpareServers      {$MaxSpareServers}";
    $f[] = "MaxRequestsPerChild  800";
    $f[] = "MaxKeepAliveRequests 100";
    $f[] = "ServerName " . $unix->hostname_g();
    $f[] = "<IfModule mod_ssl.c>";
    $f[] = "\tSSLRandomSeed connect builtin";
    $f[] = "\tSSLRandomSeed connect file:/dev/urandom 512";
    $f[] = "\tAddType application/x-x509-ca-cert .crt";
    $f[] = "\tAddType application/x-pkcs7-crl    .crl";
    $f[] = "\tSSLPassPhraseDialog  builtin";
    $f[] = "\tSSLSessionCache        shmcb:/var/run/apache2/ssl_scache-articahtp(512000)";
    $f[] = "\tSSLSessionCacheTimeout  300";
    $f[] = "\tSSLSessionCacheTimeout  300";
    $f[] = "\tSSLMutex  sem";
    $f[] = "\tSSLCipherSuite HIGH:MEDIUM:!ADH";
    $f[] = "\tSSLProtocol all -SSLv2";
    $f[] = "</IfModule>";
    $f[] = "";
    $f[] = "AddType application/x-httpd-php .php";
    $f[] = "php_value error_log \"/var/log/artica-wifidog/access.log\"";
    $f[] = "php_value session.save_path \"/home/artica/hotspot/sessions\"";
    $f[] = "<IfModule mod_fcgid.c>";
    $f[] = "\tPHP_Fix_Pathinfo_Enable 1";
    $f[] = "</IfModule>";
    $f[] = "<IfModule mod_php5.c>";
    $f[] = "    <FilesMatch \"\\.ph(p3?|tml)\$\">";
    $f[] = "\tSetHandler application/x-httpd-php";
    $f[] = "    </FilesMatch>";
    $f[] = "    <FilesMatch \"\\.phps\$\">";
    $f[] = "\tSetHandler application/x-httpd-php-source";
    $f[] = "    </FilesMatch>";
    $f[] = "    <IfModule mod_userdir.c>";
    $f[] = "        <Directory /home/*/public_html>";
    $f[] = "            php_admin_value engine Off";
    $f[] = "        </Directory>";
    $f[] = "    </IfModule>";
    $f[] = "</IfModule>";
    $f[] = "<IfModule mod_mime.c>";
    $f[] = "\tTypesConfig /etc/mime.types";
    $f[] = "\tAddType application/x-compress .Z";
    $f[] = "\tAddType application/x-gzip .gz .tgz";
    $f[] = "\tAddType application/x-bzip2 .bz2";
    $f[] = "\tAddType application/x-httpd-php .php .phtml";
    $f[] = "\tAddType application/x-httpd-php-source .phps";
    $f[] = "\tAddLanguage ca .ca";
    $f[] = "\tAddLanguage cs .cz .cs";
    $f[] = "\tAddLanguage da .dk";
    $f[] = "\tAddLanguage de .de";
    $f[] = "\tAddLanguage el .el";
    $f[] = "\tAddLanguage en .en";
    $f[] = "\tAddLanguage eo .eo";
    $f[] = "\tRemoveType  es";
    $f[] = "\tAddLanguage es .es";
    $f[] = "\tAddLanguage et .et";
    $f[] = "\tAddLanguage fr .fr";
    $f[] = "\tAddLanguage he .he";
    $f[] = "\tAddLanguage hr .hr";
    $f[] = "\tAddLanguage it .it";
    $f[] = "\tAddLanguage ja .ja";
    $f[] = "\tAddLanguage ko .ko";
    $f[] = "\tAddLanguage ltz .ltz";
    $f[] = "\tAddLanguage nl .nl";
    $f[] = "\tAddLanguage nn .nn";
    $f[] = "\tAddLanguage no .no";
    $f[] = "\tAddLanguage pl .po";
    $f[] = "\tAddLanguage pt .pt";
    $f[] = "\tAddLanguage pt-BR .pt-br";
    $f[] = "\tAddLanguage ru .ru";
    $f[] = "\tAddLanguage sv .sv";
    $f[] = "\tRemoveType  tr";
    $f[] = "\tAddLanguage tr .tr";
    $f[] = "\tAddLanguage zh-CN .zh-cn";
    $f[] = "\tAddLanguage zh-TW .zh-tw";
    $f[] = "\tAddCharset us-ascii    .ascii .us-ascii";
    $f[] = "\tAddCharset ISO-8859-1  .iso8859-1  .latin1";
    $f[] = "\tAddCharset ISO-8859-2  .iso8859-2  .latin2 .cen";
    $f[] = "\tAddCharset ISO-8859-3  .iso8859-3  .latin3";
    $f[] = "\tAddCharset ISO-8859-4  .iso8859-4  .latin4";
    $f[] = "\tAddCharset ISO-8859-5  .iso8859-5  .cyr .iso-ru";
    $f[] = "\tAddCharset ISO-8859-6  .iso8859-6  .arb .arabic";
    $f[] = "\tAddCharset ISO-8859-7  .iso8859-7  .grk .greek";
    $f[] = "\tAddCharset ISO-8859-8  .iso8859-8  .heb .hebrew";
    $f[] = "\tAddCharset ISO-8859-9  .iso8859-9  .latin5 .trk";
    $f[] = "\tAddCharset ISO-8859-10  .iso8859-10  .latin6";
    $f[] = "\tAddCharset ISO-8859-13  .iso8859-13";
    $f[] = "\tAddCharset ISO-8859-14  .iso8859-14  .latin8";
    $f[] = "\tAddCharset ISO-8859-15  .iso8859-15  .latin9";
    $f[] = "\tAddCharset ISO-8859-16  .iso8859-16  .latin10";
    $f[] = "\tAddCharset ISO-2022-JP .iso2022-jp .jis";
    $f[] = "\tAddCharset ISO-2022-KR .iso2022-kr .kis";
    $f[] = "\tAddCharset ISO-2022-CN .iso2022-cn .cis";
    $f[] = "\tAddCharset Big5        .Big5       .big5 .b5";
    $f[] = "\tAddCharset cn-Big5     .cn-big5";
    $f[] = "\t# For russian, more than one charset is used (depends on client, mostly):";
    $f[] = "\tAddCharset WINDOWS-1251 .cp-1251   .win-1251";
    $f[] = "\tAddCharset CP866       .cp866";
    $f[] = "\tAddCharset KOI8      .koi8";
    $f[] = "\tAddCharset KOI8-E      .koi8-e";
    $f[] = "\tAddCharset KOI8-r      .koi8-r .koi8-ru";
    $f[] = "\tAddCharset KOI8-U      .koi8-u";
    $f[] = "\tAddCharset KOI8-ru     .koi8-uk .ua";
    $f[] = "\tAddCharset ISO-10646-UCS-2 .ucs2";
    $f[] = "\tAddCharset ISO-10646-UCS-4 .ucs4";
    $f[] = "\tAddCharset UTF-7       .utf7";
    $f[] = "\tAddCharset UTF-8       .utf8";
    $f[] = "\tAddCharset UTF-16      .utf16";
    $f[] = "\tAddCharset UTF-16BE    .utf16be";
    $f[] = "\tAddCharset UTF-16LE    .utf16le";
    $f[] = "\tAddCharset UTF-32      .utf32";
    $f[] = "\tAddCharset UTF-32BE    .utf32be";
    $f[] = "\tAddCharset UTF-32LE    .utf32le";
    $f[] = "\tAddCharset euc-cn      .euc-cn";
    $f[] = "\tAddCharset euc-gb      .euc-gb";
    $f[] = "\tAddCharset euc-jp      .euc-jp";
    $f[] = "\tAddCharset euc-kr      .euc-kr";
    $f[] = "\tAddCharset EUC-TW      .euc-tw";
    $f[] = "\tAddCharset gb2312      .gb2312 .gb";
    $f[] = "\tAddCharset iso-10646-ucs-2 .ucs-2 .iso-10646-ucs-2";
    $f[] = "\tAddCharset iso-10646-ucs-4 .ucs-4 .iso-10646-ucs-4";
    $f[] = "\tAddCharset shift_jis   .shift_jis .sjis";
    $f[] = "\tAddType text/html .shtml";
    $f[] = "\tAddOutputFilter INCLUDES .shtml";
    $f[] = "</IfModule>";
    $f[] = "Alias /index.php /hotspot.html";
    $f[] = "Alias /index.html /hotspot.html";
    $f[] = "Alias /Microsoft-Server-ActiveSync /hotspot-none.html";
    $f[] = "<Directory \"/usr/share/artica-postfix\">";
    $f[] = "\tDirectorySlash On";
    $f[] = "\tDirectoryIndex hostpot.php";
    $f[] = "\t\t<Files \"hostpot.php\">";
    $f[] = "\t\t\tOrder allow,deny";
    $f[] = "\t\t\tallow from all";
    $f[] = "\t\t</Files>";
    $f[] = "\t\t<Files \"hostpot.html\">";
    $f[] = "\t\t\tOrder allow,deny";
    $f[] = "\t\t\tallow from all";
    $f[] = "\t\t</Files>";
    $f[] = "\t\t<FilesMatch \"!(hostpot)\\.(html|php)\$\">";
    $f[] = "\t\t\tOrder allow,deny";
    $f[] = "\t\t\tdeny from all";
    $f[] = "\t\t</FilesMatch>";
    $f[] = "\tErrorDocument 400 /hotspot.html";
    $f[] = "\tErrorDocument 401 /hotspot.html";
    $f[] = "\tErrorDocument 403 /hotspot.html";
    $f[] = "\tErrorDocument 404 /hotspot.html";
    $f[] = "\tErrorDocument 500 /hotspot.html";
    $f[] = "\tFallbackResource /hotspot.html";
    $f[] = "\tOptions -Indexes";
    $f[] = "\tSSLOptions +StdEnvVars";
    $f[] = "\tAllowOverride All";
    $f[] = "\tOrder allow,deny";
    $f[] = "\tAllow from all";
    $f[] = "</Directory>";
    if ($EnableArticaApachePHPFPM == 1) {
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Activate PHP5-FPM\n";
        }
        shell_exec("{$php} /usr/share/artica-postfix/exec.initslapd.php --phppfm");
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Restarting PHP5-FPM\n";
        }
        shell_exec("/etc/init.d/php5-fpm restart");
        $f[] = "\tAlias /php5.fastcgi /var/run/artica-apache/php5.fastcgi";
        $f[] = "\tAddHandler php-script .php";
        $f[] = "\tFastCGIExternalServer /var/run/artica-apache/php5.fastcgi -socket /var/run/php-fpm.sock -idle-timeout 610";
        $f[] = "\tAction php-script /php5.fastcgi virtual";
        $f[] = "\t<Directory /var/run/artica-apache>";
        $f[] = "\t\t<Files php5.fastcgi>";
        $f[] = "\t\tOrder deny,allow";
        $f[] = "\t\tAllow from all";
        $f[] = "\t\t</Files>";
        $f[] = "\t</Directory>";
    } else {
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} PHP5-FPM is disabled\n";
        }
    }
    $f[] = "Loglevel debug";
    $f[] = "ErrorLog {$ErrorLog}";
    $f[] = "LogFormat \"%h %l %u %t \\\"%r\\\" %<s %b\" common";
    $f[] = "CustomLog {$LogFilePath} common";
    if ($EnableArticaApachePHPFPM == 0) {
        $array["php5_module"] = "libphp5.so";
    }
    $array["actions_module"] = "mod_actions.so";
    $array["expires_module"] = "mod_expires.so";
    $array["rewrite_module"] = "mod_rewrite.so";
    $array["dir_module"] = "mod_dir.so";
    $array["mime_module"] = "mod_mime.so";
    $array["alias_module"] = "mod_alias.so";
    $array["auth_basic_module"] = "mod_auth_basic.so";
    $array["authz_host_module"] = "mod_authz_host.so";
    $array["autoindex_module"] = "mod_autoindex.so";
    $array["negotiation_module"] = "mod_negotiation.so";
    $array["ssl_module"] = "mod_ssl.so";
    $array["headers_module"] = "mod_headers.so";
    $array["ldap_module"] = "mod_ldap.so";
    if ($Params["DOSEnable"] == 1) {
        $array["evasive20_module"] = "mod_evasive20.so";
    }
    if ($EnableArticaApachePHPFPM == 1) {
        $array["fastcgi_module"] = "mod_fastcgi.so";
    }
    if (is_dir("/etc/apache2")) {
        if (!is_file("/etc/apache2/mime.types")) {
            if ($apache_LOCATE_MIME_TYPES != "/etc/apache2/mime.types") {
                @copy($apache_LOCATE_MIME_TYPES, "/etc/apache2/mime.types");
            }
        }
    }
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Mime types path.......: {$apache_LOCATE_MIME_TYPES}\n";
    }
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Modules path..........: {$APACHE_MODULES_PATH}\n";
    }
    while (list($module, $lib) = each($array)) {
        if (is_file("{$APACHE_MODULES_PATH}/{$lib}")) {
            if ($GLOBALS["OUTPUT"]) {
                echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} include module \"{$module}\"\n";
            }
            $f[] = "LoadModule {$module} {$APACHE_MODULES_PATH}/{$lib}";
        } else {
            if ($GLOBALS["OUTPUT"]) {
                echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} skip module \"{$module}\"\n";
            }
        }
    }
    build_error_page();
    @file_put_contents("/etc/artica-postfix/hotspot-httpd.conf", @implode("\n", $f) . "\n");
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} /etc/artica-postfix/hotspot-httpd.conf done\n";
    }
}
Пример #7
0
function apache_firewall()
{
    $q = new mysql();
    $unix = new unix();
    $APACHE_SRC_ACCOUNT = $unix->APACHE_SRC_ACCOUNT();
    $APACHE_SRC_GROUP = $unix->APACHE_SRC_GROUP();
    if ($q->COUNT_ROWS("iptables_webint", "artica_backup") == 0) {
        return null;
    }
    $f[] = "Order Allow,Deny";
    $ipClass = new IP();
    $c = 0;
    $results = $q->QUERY_SQL("SELECT * FROM iptables_webint", "artica_backup");
    while ($ligne = mysql_fetch_assoc($results)) {
        $pattern = $ligne["pattern"];
        if (!$ipClass->isIPAddressOrRange($pattern)) {
            continue;
        }
        $f[] = "\tAllow from {$pattern}";
        $c++;
    }
    if (count($c) > 0) {
        $f[] = "\tAllow from 127.0.0.1";
        return @implode("\n", $f);
    }
}
Пример #8
0
function sessions_clean()
{
    $unix = new unix();
    $sock = new sockets();
    $TimeFile = "/etc/artica-postfix/pids/" . basename(__FILE__) . "." . __FUNCTION__ . ".time";
    $APACHE_SRC_ACCOUNT = $unix->APACHE_SRC_ACCOUNT();
    $APACHE_SRC_GROUP = $unix->APACHE_SRC_GROUP();
    $CleanPHPSessionTime = $sock->GET_INFO("CleanPHPSessionTime");
    if (!is_numeric($CleanPHPSessionTime)) {
        $CleanPHPSessionTime = 2880;
    }
    if ($unix->file_time_min($TimeFile) < 60) {
        return;
    }
    @unlink($TimeFile);
    @file_put_contents($TimeFile, time());
    if ($CleanPHPSessionTime > 5) {
        if (is_dir("/var/lib/php5")) {
            foreach (glob("/var/lib/php5/*") as $filename) {
                $unix->chown_func($APACHE_SRC_ACCOUNT, $APACHE_SRC_GROUP, $filename);
                $time = $unix->file_time_min($filename);
                if ($time > 2880) {
                    $unix->_syslog("Clean: Remove PHP Session file " . basename($filename) . " {$time}Mn", basename(__FILE__));
                    @unlink($filename);
                }
            }
        }
        if (is_dir("/var/lib/php5-zarafa")) {
            foreach (glob("/var/lib/php5-zarafa/*") as $filename) {
                $time = $unix->file_time_min($filename);
                if ($time > 2880) {
                    $unix->_syslog("Clean: Remove PHP Zarafa Session file " . basename($filename) . " {$time}Mn", basename(__FILE__));
                    @unlink($filename);
                }
            }
        }
    }
    foreach (glob("/usr/share/artica-postfix/ressources/logs/jGrowl/*") as $filename) {
        $time = $unix->file_time_min($filename);
        if ($time > 360) {
            @unlink($filename);
        }
    }
    foreach (glob("/usr/share/artica-postfix/ressources/conf/*") as $filename) {
        $time = $unix->file_time_min($filename);
        if ($time > 360) {
            @unlink($filename);
        }
    }
}
Пример #9
0
function link_csv()
{
    $aclid = $_GET["link-csv"];
    $path = "/var/log/squid/access_acl_{$aclid}.csv";
    $dest = "/usr/share/artica-postfix/ressources/logs/web/access_acl_{$aclid}.csv";
    $unix = new unix();
    $cp = $unix->find_program("cp");
    @unlink($dest);
    $apache = $unix->APACHE_SRC_ACCOUNT();
    $cmd = "{$cp} -f {$path} {$dest}";
    writelogs_framework("{$cmd}", __FUNCTION__, __FILE__, __LINE__);
    shell_exec($cmd);
    @chmod($path, 0777);
    @chown($dest, $apache);
    chgrp($dest, $unix->APACHE_SRC_GROUP());
}
Пример #10
0
function copytocache()
{
    $unix = new unix();
    $path = $_GET["copytocache"];
    if (!is_file($path)) {
        echo "<articadatascgi>No such file</articadatascgi>";
        writelogs("{$path} -> No such file");
        return;
    }
    $basename = basename($path);
    writelogs("COPY {$path} -> /usr/share/artica-postfix/ressources/logs/{$basename}");
    if (is_file("/usr/share/artica-postfix/ressources/logs/{$basename}")) {
        @unlink("/usr/share/artica-postfix/ressources/logs/{$basename}");
    }
    if (!copy($path, "/usr/share/artica-postfix/ressources/logs/{$basename}")) {
        echo "<articadatascgi>Copy failed</articadatascgi>";
        return;
    }
    $APACHE = $unix->APACHE_SRC_ACCOUNT();
    $APACHE_GROUP = $unix->APACHE_SRC_GROUP();
    $unix->chown_func($APACHE, $APACHE_GROUP, "/usr/share/artica-postfix/ressources/logs/{$basename}");
    $unix->chmod_func(0755, "/usr/share/artica-postfix/ressources/logs/{$basename}");
}
Пример #11
0
function install_PIWIK($servername)
{
    $sources = "/usr/share/piwik";
    $unix = new unix();
    $cp = $unix->find_program("cp");
    $freeweb = new freeweb($servername);
    if (!is_dir($sources)) {
        writelogs("[{$servername}] {$sources} no such directory", __FUNCTION__, __FILE__, __LINE__);
        return;
    }
    if (!is_dir($freeweb->WORKING_DIRECTORY)) {
        writelogs("[{$servername}] {$freeweb->WORKING_DIRECTORY} no such directory", __FUNCTION__, __FILE__, __LINE__);
        return;
    }
    include_once dirname(__FILE__) . "/ressources/class.piwik.inc";
    $piwik = new piwik();
    if ($piwik->checkWebsite($freeweb->WORKING_DIRECTORY)) {
        return;
    }
    writelogs("[{$servername}] copy sources...", __FUNCTION__, __FILE__, __LINE__);
    shell_exec("{$cp} -rf {$sources}/* {$freeweb->WORKING_DIRECTORY}/");
    @unlink("{$freeweb->WORKING_DIRECTORY}/config/config.ini.php");
    @mkdir('/usr/share/piwik/tmp/assets', 0777, true);
    @mkdir('/usr/share/piwik/tmp/templates_c', 0777, true);
    @mkdir('/usr/share/piwik/tmp/cache', 0777, true);
    @mkdir('/usr/share/piwik/tmp/assets', 0777, true);
    shell_exec('/bin/chmod 0777 /usr/share/piwik/tmp');
    shell_exec('/bin/chmod 0777 /usr/share/piwik/tmp/templates_c/');
    shell_exec('/bin/chmod 0777 /usr/share/piwik/tmp/cache/');
    shell_exec('/bin/chmod 0777 /usr/share/piwik/tmp/assets/');
    shell_exec('/bin/chmod a+w /usr/share/piwik/config');
    $apacheusername = $unix->APACHE_SRC_ACCOUNT();
    $apachegroup = $unix->APACHE_SRC_GROUP();
    $freeweb->chown($freeweb->WORKING_DIRECTORY);
}
Пример #12
0
function execute_mysql($OnlyID = 0)
{
    $GLOBALS["INDEXED"] = 0;
    $GLOBALS["SKIPPED"] = 0;
    $GLOBALS["DIRS"] = array();
    $unix = new unix();
    $httrack = $unix->find_program("httrack");
    if (!is_file($httrack)) {
        apache_admin_mysql(0, "httrack no such binary", null, __FILE__, __LINE__, "webcopy");
        return;
    }
    $pidfile = "/etc/artica-postfix/pids/" . basename(__FILE__) . "." . __FUNCTION__ . ".pid";
    $pid = $unix->get_pid_from_file($pidfile);
    if ($unix->process_exists($pid, basename(__FILE__))) {
        apache_admin_mysql(1, "Already instance executed", null, __FILE__, __LINE__, "webcopy");
        return;
    }
    $ini = new Bs_IniHandler();
    $sock = new sockets();
    $datas = $sock->GET_INFO("ArticaProxySettings");
    if (trim($datas) != null) {
        $ini->loadString($datas);
        if (!isset($ini->_params["PROXY"]["ArticaProxyServerEnabled"])) {
            $ini->_params["PROXY"]["ArticaProxyServerEnabled"] = "no";
        }
        $ArticaProxyServerEnabled = $ini->_params["PROXY"]["ArticaProxyServerEnabled"];
        $ArticaProxyServerName = $ini->_params["PROXY"]["ArticaProxyServerName"];
        $ArticaProxyServerPort = $ini->_params["PROXY"]["ArticaProxyServerPort"];
        $ArticaProxyServerUsername = trim($ini->_params["PROXY"]["ArticaProxyServerUsername"]);
        $ArticaProxyServerUserPassword = $ini->_params["PROXY"]["ArticaProxyServerUserPassword"];
        if ($ArticaProxyServerEnabled == 1) {
            $ArticaProxyServerEnabled = "yes";
        }
    }
    $PPRoxy = null;
    $userPP = null;
    if ($ArticaProxyServerEnabled == "yes") {
        if ($ArticaProxyServerUsername != null) {
            $userPP = "{$ArticaProxyServerUsername}:{$ArticaProxyServerUserPassword}@";
        }
        $PPRoxy = " --proxy {$userPP}@{$ArticaProxyServerName}:{$ArticaProxyServerPort}";
    } else {
        $squidbin = $unix->LOCATE_SQUID_BIN();
        if (is_file($squidbin)) {
            $SQUIDEnable = $sock->GET_INFO("SQUIDEnable");
            if (!is_numeric($SQUIDEnable)) {
                $SQUIDEnable = 1;
            }
            $SquidMgrListenPort = intval($sock->GET_INFO("SquidMgrListenPort"));
            $PPRoxy = " --proxy 127.0.0.1:{$SquidMgrListenPort}";
        }
    }
    $getmypid = getmypid();
    @file_put_contents($pidfile, $getmypid);
    $php = $unix->LOCATE_PHP5_BIN();
    $APACHE_USERNAME = $unix->APACHE_SRC_ACCOUNT();
    $APACHE_SRC_GROUP = $unix->APACHE_SRC_GROUP();
    $q = new mysql();
    $nice = EXEC_NICE();
    $sql = "SELECT * FROM httrack_sites WHERE enabled=1";
    $results = $q->QUERY_SQL($sql, "artica_backup");
    if (!$q->ok) {
        apache_admin_mysql(0, "Fatal: {$q->mysql_error}", null, __FILE__, __LINE__, "webcopy");
        return;
    }
    $t1 = time();
    $count = 0;
    if ($OnlyID > 0) {
        $ligne2 = mysql_fetch_array($q->QUERY_SQL("SELECT sitename FROM httrack_sites WHERE ID={$OnlyID}", "artica_backup"));
        $log_exp = " only for [{$ligne2["sitename"]}] ";
    }
    apache_admin_mysql(2, "Starting executing WebCopy task {$log_exp} pid:{$getmypid}", null, __FILE__, __LINE__, "webcopy");
    $dirsizeG = 0;
    while ($ligne = mysql_fetch_assoc($results)) {
        if ($OnlyID > 0) {
            if ($ligne["ID"] != $OnlyID) {
                continue;
            }
        }
        $t = time();
        $count++;
        $workingdir = $ligne["workingdir"];
        $sitename = $ligne["sitename"];
        $minrate = $ligne["minrate"];
        $maxfilesize = $ligne["maxfilesize"];
        $maxsitesize = $ligne["maxsitesize"];
        $size = $ligne["size"];
        $sizeKB = $size / 1024;
        $sizeMB = round($sizeKB / 1024, 2);
        $maxworkingdir = intval($ligne["maxworkingdir"]);
        if ($maxworkingdir == 0) {
            $maxworkingdir = 20;
        }
        $maxsitesizeMB = $maxsitesize / 1000;
        if ($maxsitesizeMB > $maxworkingdir) {
            $maxsitesize = $maxworkingdir * 1000;
        }
        if ($sizeMB > $maxworkingdir) {
            apache_admin_mysql(1, "Skip downloading content of {$sitename} Directory: {$sizeMB}MB reach limit of {$maxworkingdir}MB", null, __FILE__, __LINE__, "webcopy");
            continue;
        }
        if ($GLOBALS["VERBOSE"]) {
            echo "Dir: Current size:{$sizeMB}\n";
            echo "Dir: Max size:{$maxworkingdir}\n";
        }
        $ResteMB = $maxworkingdir - $sizeMB;
        $ResteKB = $ResteMB * 1000;
        if ($maxsitesize > $ResteKB) {
            $maxsitesize = $ResteKB;
        }
        echo "Dir: Max Downloads:{$maxsitesize} KB\n";
        $maxfilesize = $maxfilesize * 1000;
        $maxsitesize = $maxsitesize * 1000;
        $minrate = $minrate * 1000;
        $update = null;
        $resultsCMD = array();
        echo "Dir: Max Downloads:{$maxsitesize} Bytes\n";
        if (!is_dir($workingdir)) {
            @mkdir($workingdir, 0755, true);
        }
        if (is_file("{$workingdir}/hts-cache")) {
            $update = " --update";
        }
        apache_admin_mysql(2, "Starting downloading content of {$sitename}/{$minrate}/" . FormatBytes($maxsitesize / 1000), null, __FILE__, __LINE__, "webcopy");
        $cmdline = "{$httrack} \"{$sitename}\" --quiet{$update}{$PPRoxy} --max-files={$maxfilesize} --max-size={$maxsitesize} --max-rate={$minrate} -O \"{$workingdir}\" 2>&1";
        if ($GLOBALS["VERBOSE"]) {
            echo "{$cmdline}\n";
        }
        exec($cmdline, $resultsCMD);
        if ($GLOBALS["VERBOSE"]) {
            echo @implode("\n", $resultsCMD);
        }
        $dirsize = $unix->DIRSIZE_BYTES($workingdir);
        $dirsizeG = $dirsizeG + $dirsize;
        $took = $unix->distanceOfTimeInWords($t, time(), true);
        $dirsizeText = round($dirsize / 1024 / 1000, 2);
        if ($GLOBALS["VERBOSE"]) {
            echo "Dir: Current size:{$sizeMB}\n";
            echo "Dir: New size....:{$dirsizeText}MB\n";
        }
        apache_admin_mysql(2, "{$sitename} scrapped took {$took} size={$dirsizeText} MB", @implode("\n", $resultsCMD), __FILE__, __LINE__, "webcopy");
        $q->QUERY_SQL("UPDATE httrack_sites SET size='{$dirsize}' WHERE ID={$ligne["ID"]}", "artica_backup");
    }
    $took = $unix->distanceOfTimeInWords($t1, time(), true);
    @chmod($workingdir, 0755);
    @chmod(dirname($workingdir), 0755);
    $chown = $unix->find_program("chown");
    shell_exec("{$chown} -R {$APACHE_USERNAME}:{$APACHE_SRC_GROUP} {$workingdir}");
    @file_put_contents("/etc/artica-postfix/settings/Daemons/HTTRackSize", $dirsizeG);
    if ($count > 0) {
        apache_admin_mysql(2, "{$count} web sites scrapped took {$took}", null, __FILE__, __LINE__, "webcopy");
    }
    system("{$php} /usr/share/artica-postfix/exec.syslog-engine.php --apache");
}
Пример #13
0
function coova_web()
{
    $ldap = new clladp();
    $sock = new sockets();
    $ChilliConf = unserialize(base64_decode($sock->GET_INFO("ChilliConf")));
    if (!isset($ChilliConf["HS_UAMFREEWEB"])) {
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: FreeWeb Login page is not set...\n";
        }
    }
    $f[] = "<?";
    $f[] = "\t\$msecret  = '{$ldap->ldap_password}';            //Change this to be the same as your chilli's configuration";
    $f[] = "\t\$username   = \$_POST['username'];";
    $f[] = "\t\$password   = \$_POST['password'];";
    $f[] = "\t\$challenge  = \$_POST['challenge'];";
    $f[] = "\t\$redir\t    = \$_POST['userurl'];";
    $f[] = "\t\$server_ip  = \$_POST['uamip'];";
    $f[] = "\t\$port       = \$_POST['uamport'];";
    $f[] = "";
    $f[] = "    //--Add a remember me cookie---";
    $f[] = "    if( array_key_exists('remember',\$_POST)){";
    $f[] = "        \$Year = (2592000*12) + time();";
    $f[] = "        setcookie(\"hs[username]\",   \$username, \$Year);";
    $f[] = "        setcookie('hs[password]',        \$password, \$Year);";
    $f[] = "    }";
    $f[] = "";
    $f[] = "    //--There is a bug that keeps the logout in a loop if userurl is http%3a%2f%2f1.0.0.0 ---/";
    $f[] = "    //--We need to remove this and replace it with something we want";
    $f[] = "    if (preg_match(\"/1\\.0\\.0\\.0/i\", \$redir)) {";
    $f[] = "";
    $f[] = "        \$default_site = 'google.com';";
    $f[] = "        \$pattern = \"/1\\.0\\.0\\.0/i\";";
    $f[] = "        \$redir = preg_replace(\$pattern, \$default_site, \$redir);";
    $f[] = "    }";
    $f[] = "";
    $f[] = "\t\$enc_pwd    = return_new_pwd(\$password,\$challenge,\$uamsecret);";
    $f[] = "\t//\$dir\t\t= '/json/logon';";
    $f[] = "\t\$dir\t\t= '/logon';";
    $f[] = "    \$target     = \"http://\$server_ip\".':'.\$port.\$dir.\"?username=\$username&password=\$enc_pwd&userurl=\$redir\";";
    $f[] = "   // print(\$target);";
    $f[] = "";
    $f[] = "\theader(\"Location: \$target\");";
    $f[] = "";
    $f[] = "\t//Function to do the encryption thing of the password";
    $f[] = "\tfunction return_new_pwd(\$pwd,\$challenge,\$uamsecret){";
    $f[] = "\t        \$hex_chal   = pack('H32', \$challenge);                  //Hex the challenge";
    $f[] = "\t        \$newchal    = pack('H*', md5(\$hex_chal.\$uamsecret));    //Add it to with \$uamsecret (shared between chilli an this script)";
    $f[] = "\t        \$response   = md5(\"\" . \$pwd . \$newchal);              //md5 the lot";
    $f[] = "\t        \$newpwd     = pack('a32', \$pwd);                //pack again";
    $f[] = "\t        \$password   = implode ('', unpack('H32', (\$newpwd ^ \$newchal))); //unpack again";
    $f[] = "\t        return \$password;";
    $f[] = "    \t}";
    $f[] = "";
    $f[] = "?>";
    $unix = new unix();
    $cp = $unix->find_program("cp");
    @mkdir("/var/www/coova_json", 0755, true);
    if (!is_file("/var/www/coova_json/login.php")) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} Installing Coova JSON...\n";
        shell_exec("{$cp} -rf /var/www/c2/yfi_cake/setup/coova_json/* /var/www/coova_json/");
    }
    @file_put_contents("/var/www/coova_json/login.php", @implode("\n", $f));
    @chmod("var/www/coova_json/login.php", 0755);
    $unix->chown_func($unix->APACHE_SRC_ACCOUNT(), $unix->APACHE_SRC_GROUP(), "/var/www/coova_json/*");
    echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} `coova_json/login.php` done\n";
    $f = explode("\n", @file_get_contents("/var/www/coova_json/js/custom.js"));
    while (list($key, $line) = each($f)) {
        if (preg_match("#\\s+p_url_use:.*?'#", $line)) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: Chilli: L.{$key} FreeWeb: {$ChilliConf["HS_UAMFREEWEB"]}\n";
            $f[$key] = "\tp_url_use:  'http://{$ChilliConf["HS_UAMFREEWEB"]}/c2/yfi_cake/third_parties/json_usage_check?key=12345&username='******'s usage";
            continue;
        }
        if (preg_match("#\\s+p_url_uam:.*?'#", $line)) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: Chilli: L.{$key} FreeWeb: {$ChilliConf["HS_UAMFREEWEB"]}\n";
            $f[$key] = "\tp_url_uam:  'http://{$ChilliConf["HS_UAMFREEWEB"]}/mobile/uam.php?challenge=',    //This us the web service which will return a uam encrypted hash using the challenge, password and UAM shared secret";
            continue;
        }
        if (preg_match("#\\s+p_url_voucher_name:.*?'#", $line)) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: Chilli: L.{$key} FreeWeb: {$ChilliConf["HS_UAMFREEWEB"]}\n";
            $f[$key] = "\tp_url_voucher_name: 'http://{$ChilliConf["HS_UAMFREEWEB"]}/c2/yfi_cake/third_parties/json_voucher_name?key=12345&password='******'{$ldap->ldap_password}';";
            continue;
        }
    }
    @file_put_contents("/var/www/coova_json/uam.php", @implode("\n", $f));
    echo "Starting......: " . date("H:i:s") . " [INIT]: Chilli: `/uam.php` done\n";
    DefaultSplash($ChilliConf);
}
Пример #14
0
function build()
{
    $unix = new unix();
    $sock = new sockets();
    $apache = $unix->APACHE_SRC_ACCOUNT();
    $apachegrp = $unix->APACHE_SRC_GROUP();
    $VSFTPDPort = intval($sock->GET_INFO("VSFTPDPort"));
    if ($VSFTPDPort == 0) {
        $VSFTPDPort = 21;
    }
    $VsFTPDPassive = $sock->GET_INFO("VsFTPDPassive");
    $VsFTPDFileOpenMode = $sock->GET_INFO("VsFTPDFileOpenMode");
    $VsFTPDLocalUmask = $sock->GET_INFO("VsFTPDLocalUmask");
    $ProFTPDRootLogin = intval($sock->GET_INFO("ProFTPDRootLogin"));
    if (!is_numeric($VsFTPDPassive)) {
        $VsFTPDPassive = 1;
    }
    if ($VsFTPDFileOpenMode == null) {
        $VsFTPDFileOpenMode = "0666";
    }
    if ($VsFTPDLocalUmask == null) {
        $VsFTPDLocalUmask = "077";
    }
    if ($VsFTPDFileOpenMode == null) {
        $VsFTPDFileOpenMode = "0666";
    }
    $VsFTPDLocalMaxRate = intval($sock->GET_INFO("VsFTPDLocalMaxRate"));
    $f[] = "ServerName\t\t\"FTP server {$unix->hostname_g}()\"";
    $f[] = "ServerType\t\tstandalone";
    $f[] = "DefaultServer\t\ton";
    $f[] = "Port\t\t\t\t{$VSFTPDPort}";
    $f[] = "UseIPv6\t\t\toff";
    $f[] = "Umask\t\t\t\t{$VsFTPDFileOpenMode} {$VsFTPDLocalUmask}";
    $f[] = "PidFile\t\t\t/var/run/proftpd.pid";
    $f[] = "MaxInstances\t\t30";
    $f[] = "User\t\t\t\t{$apache}";
    $f[] = "Group\t\t\t\t{$apachegrp}";
    if ($ProFTPDRootLogin == 1) {
        $f[] = "RootLogin\ton";
    } else {
        $f[] = "RootLogin\toff";
    }
    $f[] = "RequireValidShell\toff";
    $f[] = "DefaultRoot \t\t~";
    $f[] = "AllowOverwrite\ton";
    $f[] = "IdentLookups     \toff";
    $f[] = "UseReverseDNS    \toff";
    $f[] = "LogFormat         default \"%h %l %u %t \\\"%r\\\" %s %b\"";
    $f[] = "LogFormat\t\t\tauth    \"%v [%P] %h %t \\\"%r\\\" %s\"";
    $f[] = "LogFormat\t\t\twrite   \"%h %l %u %t \\\"%r\\\" %s %b\"";
    $f[] = "SystemLog \t\t/var/log/proftpd.log";
    $f[] = "TransferLog \t\t/var/log/xferlog";
    $f[] = "LoadModule \t\tmod_quotatab.c";
    $f[] = "LoadModule \t\tmod_quotatab_sql.c";
    $f[] = "";
    $f[] = "LoadModule \t\tmod_sql.c";
    $f[] = "LoadModule \t\tmod_sql_mysql.c";
    $f[] = "";
    $f[] = "LoadModule \t\tmod_ldap.c";
    $f[] = "";
    $f[] = "AuthOrder\t\t\tAuthOrder mod_sql.c mod_ldap.c";
    $f[] = "";
    if ($VsFTPDPassive == 1) {
        $pasv_min_port = intval($sock->GET_INFO("VsFTPDPassiveMinPort"));
        $pasv_max_port = intval($sock->GET_INFO("VsFTPDPassiveMaxPort"));
        if ($pasv_min_port == 0) {
            $pasv_min_port = 40000;
        }
        if ($pasv_max_port == 0) {
            $pasv_max_port = 40200;
        }
        $f[] = "PassivePorts {$pasv_min_port} {$pasv_max_port}";
        $VsFTPDPassiveAddr = $sock->GET_INFO("VsFTPDPassiveAddr");
        if ($VsFTPDPassiveAddr != null) {
            $f[] = "MasqueradeAddress {$VsFTPDPassiveAddr}";
        }
    }
    if ($VsFTPDLocalMaxRate > 0) {
        if (strpos($VsFTPDLocalMaxRate, ".") == 0) {
            $VsFTPDLocalMaxRate = "{$VsFTPDLocalMaxRate}.0";
        }
        $f[] = "TransferRate RETR {$VsFTPDLocalMaxRate}";
        $f[] = "TransferRate STOR {$VsFTPDLocalMaxRate}";
    }
    $f[] = "";
    $f[] = "# Bar use of SITE CHMOD by default";
    $f[] = "<Limit SITE_CHMOD>";
    $f[] = "  DenyAll";
    $f[] = "</Limit>";
    $f[] = "";
    $f[] = "# A basic anonymous configuration, no upload directories.  If you do not";
    $f[] = "# want anonymous users, simply delete this entire <Anonymous> section.";
    $f[] = "<Anonymous ~ftp>";
    $f[] = "  User\t\t\t\tftp";
    $f[] = "  Group\t\t\t\tftp";
    $f[] = "";
    $f[] = "  # We want clients to be able to login with \"anonymous\" as well as \"ftp\"";
    $f[] = "  UserAlias\t\t\tanonymous ftp";
    $f[] = "";
    $f[] = "  # Limit the maximum number of anonymous logins";
    $f[] = "  MaxClients\t\t\t10";
    $f[] = "";
    $f[] = "  # We want 'welcome.msg' displayed at login, and '.message' displayed";
    $f[] = "  # in each newly chdired directory.";
    $f[] = "  DisplayLogin\t\t\twelcome.msg";
    $f[] = "  DisplayChdir\t\t\t.message";
    $f[] = "";
    $f[] = "  # Limit WRITE everywhere in the anonymous chroot";
    $f[] = "  <Limit WRITE>";
    $f[] = "    DenyAll";
    $f[] = "  </Limit>";
    $f[] = "</Anonymous>";
    $f[] = "";
    $ldap = new clladp();
    $f[] = "<IfModule mod_ldap.c>";
    $f[] = "\tLDAPBindDN\t\tcn={$ldap->ldap_admin},{$ldap->suffix} {$ldap->ldap_password}";
    $f[] = "\tLDAPServer\t\t\"{$ldap->ldap_host}:{$ldap->ldap_port}\"";
    $f[] = "\tLDAPUseTLS\t\toff";
    $f[] = "\tLDAPUsers\t\t{$ldap->suffix} (uid=%u)";
    $f[] = "\tLDAPGroups\t\t{$ldap->suffix}";
    $f[] = "\tLDAPAuthBinds\ton";
    $f[] = "#\tLDAPLog \t\t/var/log/proftpd.ldap.log";
    $f[] = "</IfModule>";
    $f[] = "PersistentPasswd    off";
    $f[] = "AuthPAM             off";
    $q = new mysql();
    if ($q->mysql_server == null) {
        $q->mysql_server = "127.0.0.1";
    }
    if ($q->mysql_server == "localhost") {
        $q->mysql_server = "127.0.0.1";
    }
    if ($GLOBALS["OUTPUT"]) {
        echo "Stopping......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} MySQL server:{$q->mysql_server}\n";
    }
    $f[] = "<IfModule mod_sql.c>";
    $f[] = "\tSQLAuthTypes Plaintext";
    $f[] = "\tSQLBackend            mysql";
    $f[] = "\tSQLConnectInfo artica_backup@{$q->mysql_server}  {$q->mysql_admin} \"{$q->mysql_password}\"";
    $f[] = "\tSQLUserInfo ftpuser userid passwd uid gid homedir shell";
    //$f[]="\tSQLUserWhereClause \"LoginAllowed = 'true'\"";
    $f[] = "\tSQLGroupInfo ftpgroup groupname gid members";
    $f[] = "\tCreateHome off";
    $f[] = "\tSQLLog PASS updatecount";
    $f[] = "\tSQLNamedQuery updatecount UPDATE \"count=count+1, accessed=now() WHERE userid='%u'\" ftpuser";
    $f[] = "\tSQLLog STOR,RETR modified";
    $f[] = "\tSQLNamedQuery modified UPDATE \"modified=now() WHERE userid='%u'\" ftpuser";
    $f[] = "\tQuotaEngine off";
    $f[] = "\tQuotaDirectoryTally off";
    $f[] = "\tQuotaDisplayUnits Mb";
    $f[] = "\tQuotaShowQuotas on";
    $f[] = "\tSQLMinUserUID 0";
    $f[] = "\tSQLMinUserGID 0";
    $f[] = "\tSQLNamedQuery get-quota-limit SELECT \"name, quota_type, par_session, limit_type, bytes_up_limit, bytes_down_limit, bytes_transfer_limit, files_up_limit, files_down_limit, files_transfer_limit FROM ftpquotalimits WHERE name = '%{0}' AND quota_type = '%{1}'\"";
    $f[] = "\tSQLNamedQuery get-quota-tally SELECT \"name, quota_type, bytes_up_total, bytes_down_total, bytes_transfer_total, files_up_total, files_down_total, files_transfer_total FROM ftpquotatotal WHERE name = '%{0}' AND quota_type = '%{1}'\"";
    $f[] = "\tSQLNamedQuery update-quota-tally UPDATE \"bytes_up_total = bytes_up_total + %{0}, bytes_down_total = bytes_down_total + %{1}, bytes_transfer_total = bytes_transfer_total + %{2}, files_up_total = files_up_total + %{3}, files_down_total = files_down_total + %{4}, files_transfer_total = files_transfer_total + %{5} WHERE name = '%{6}' AND quota_type = '%{7}'\" ftpquotatotal";
    $f[] = "\tSQLNamedQuery insert-quota-tally INSERT \"%{0}, %{1}, %{2}, %{3}, %{4}, %{5}, %{6}, %{7}\" ftpquotatotal";
    $f[] = "\tQuotaLimitTable sql:/get-quota-limit";
    $f[] = "\tQuotaTallyTable sql:/get-quota-tally/update-quota-tally/insert-quota-tally";
    $f[] = "#\tSQLLogFile /var/log/proftpd.mysql.log";
    $f[] = "</IfModule>";
    $f[] = "";
    @mkdir("/etc/proftpd", 0755, true);
    @unlink("/etc/proftpd/proftpd.conf");
    @file_put_contents("/etc/proftpd/proftpd.conf", @implode("\n", $f));
    if ($GLOBALS["OUTPUT"]) {
        echo "Stopping......: " . date("H:i:s") . " [INIT]: {$GLOBALS["TITLENAME"]} /etc/proftpd/proftpd.conf done\n";
    }
}
Пример #15
0
function apache_config()
{
    $sock = new sockets();
    $unix = new unix();
    $EnablePHPFPM = 0;
    @mkdir("/var/run/apache2", 0755, true);
    @mkdir("/var/run/artica-apache", 0755, true);
    @mkdir("/var/log/lighttpd", 0755, true);
    $APACHE_SRC_ACCOUNT = $unix->APACHE_SRC_ACCOUNT();
    $APACHE_SRC_GROUP = $unix->APACHE_SRC_GROUP();
    $APACHE_MODULES_PATH = $unix->APACHE_MODULES_PATH();
    $pydio_installed = false;
    if (is_file(" /etc/php5/cli/conf.d/ming.ini")) {
        @unlink(" /etc/php5/cli/conf.d/ming.ini");
    }
    @unlink("/var/log/lighttpd/apache-error.log");
    @touch("/var/log/lighttpd/apache-error.log");
    @chmod("/var/log/lighttpd/apache-error.log", 0755);
    $unix->chown_func($APACHE_SRC_ACCOUNT, $APACHE_SRC_GROUP, "/var/log/lighttpd/*");
    $unix->chown_func($APACHE_SRC_ACCOUNT, $APACHE_SRC_GROUP, "/usr/share/artica-postfix/ressources/logs/*");
    if (is_dir("/usr/share/artica-postfix/pydio")) {
        $pydio_installed = true;
    }
    $ArticaHttpsPort = 9000;
    $NoLDAPInLighttpdd = 0;
    $ArticaHttpUseSSL = 1;
    $ArticaHttpsPort = $sock->GET_INFO("ArticaHttpsPort");
    $ArticaHttpUseSSL = $sock->GET_INFO("ArticaHttpUseSSL");
    if (!is_numeric($ArticaHttpUseSSL)) {
        $ArticaHttpUseSSL = 1;
    }
    if (!is_numeric($ArticaHttpsPort)) {
        $ArticaHttpsPort = "9000";
    }
    $LighttpdArticaListenIP = $sock->GET_INFO("LighttpdArticaListenIP");
    $phpfpm = $unix->APACHE_LOCATE_PHP_FPM();
    $php = $unix->LOCATE_PHP5_BIN();
    $EnableArticaApachePHPFPM = $sock->GET_INFO("EnableArticaApachePHPFPM");
    if (!is_numeric($EnableArticaApachePHPFPM)) {
        $EnableArticaApachePHPFPM = 0;
    }
    if (!is_file($phpfpm)) {
        $EnableArticaApachePHPFPM = 0;
    }
    $EnablePHPFPM = intval($sock->GET_INFO("EnablePHPFPM"));
    if (!is_numeric($EnablePHPFPM)) {
        $EnablePHPFPM = 0;
    }
    if ($EnablePHPFPM == 0) {
        $EnableArticaApachePHPFPM = 0;
    }
    $unix->chown_func($APACHE_SRC_ACCOUNT, $APACHE_SRC_GROUP, "/var/run/artica-apache");
    $apache_LOCATE_MIME_TYPES = $unix->apache_LOCATE_MIME_TYPES();
    if ($EnableArticaApachePHPFPM == 1) {
        if (!is_file("{$APACHE_MODULES_PATH}/mod_fastcgi.so")) {
            if ($GLOBALS["OUTPUT"]) {
                echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} mod_fastcgi.so is required to use PHP5-FPM\n";
            }
            $EnableArticaApachePHPFPM = 0;
        }
    }
    if ($APACHE_SRC_ACCOUNT == null) {
        $APACHE_SRC_ACCOUNT = "www-data";
        $APACHE_SRC_GROUP = "www-data";
        $unix->CreateUnixUser($APACHE_SRC_ACCOUNT, $APACHE_SRC_GROUP, "Apache username");
    }
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Run as {$APACHE_SRC_ACCOUNT}:{$APACHE_SRC_GROUP}\n";
    }
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} PHP-FPM: {$EnablePHPFPM}\n";
    }
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} PHP-FPM Enabled: {$EnableArticaApachePHPFPM}\n";
    }
    $f[] = "LockFile /var/run/apache2/artica-accept.lock";
    $f[] = "PidFile /var/run/artica-apache/apache.pid";
    $f[] = "DocumentRoot /usr/share/artica-postfix";
    $open_basedir[] = "/usr/share/artica-postfix";
    $open_basedir[] = "/etc/artica-postfix";
    $open_basedir[] = "/etc/artica-postfix/settings";
    $open_basedir[] = "/var/log";
    $open_basedir[] = "/var/run/mysqld";
    $open_basedir[] = "/usr/share/php";
    $open_basedir[] = "/usr/share/php5";
    $open_basedir[] = "/var/lib/php5";
    $open_basedir[] = "/var/lighttpd/upload";
    $open_basedir[] = "/usr/share/artica-postfix/ressources";
    $open_basedir[] = "/usr/share/artica-postfix/framework";
    $open_basedir[] = "/etc/ssl/certs/mysql-client-download";
    $open_basedir[] = "/var/run";
    $open_basedir[] = "/bin";
    $open_basedir[] = "/tmp";
    $open_basedir[] = "/usr/sbin";
    $open_basedir[] = "/home";
    //$f[]="php_value open_basedir \"".@implode(":", $open_basedir)."\"";
    //$f[]="php_value output_buffering Off";
    //$f[]="php_flag magic_quotes_gpc Off";
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Listen Port: {$ArticaHttpsPort}\n";
    }
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Listen IP: {$LighttpdArticaListenIP}\n";
    }
    if ($LighttpdArticaListenIP != null) {
        $unix = new unix();
        $IPS = $unix->NETWORK_ALL_INTERFACES(true);
        if (!isset($IPS[$LighttpdArticaListenIP])) {
            if ($GLOBALS["OUTPUT"]) {
                echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} ERROR! Listen IP: {$LighttpdArticaListenIP} -> FALSE !!\n";
            }
            $LighttpdArticaListenIP = null;
        }
    }
    if ($LighttpdArticaListenIP == null) {
        $LighttpdArticaListenIP = "*";
    }
    if ($LighttpdArticaListenIP != null) {
        $ArticaHttpsPort = "{$LighttpdArticaListenIP}:{$ArticaHttpsPort}";
    }
    $f[] = "Listen {$ArticaHttpsPort}";
    $MaxClients = 20;
    $f[] = "<IfModule mpm_prefork_module>";
    $f[] = "\tStartServers 1";
    $f[] = "\tMinSpareServers 2";
    $f[] = "\tMaxSpareServers 3";
    $f[] = "\tMaxClients {$MaxClients}";
    $f[] = "\tServerLimit {$MaxClients}";
    $f[] = "\tMaxRequestsPerChild 100";
    $f[] = "</IfModule>";
    $f[] = "<IfModule mpm_worker_module>";
    $f[] = "\tMinSpareThreads      25";
    $f[] = "\tMaxSpareThreads      75 ";
    $f[] = "\tThreadLimit          64";
    $f[] = "\tThreadsPerChild      25";
    $f[] = "</IfModule>";
    $f[] = "<IfModule mpm_event_module>";
    $f[] = "\tMinSpareThreads      25";
    $f[] = "\tMaxSpareThreads      75 ";
    $f[] = "\tThreadLimit          64";
    $f[] = "\tThreadsPerChild      25";
    $f[] = "</IfModule>";
    $f[] = "AccessFileName .htaccess";
    $f[] = "<Files ~ \"^\\.ht\">";
    //$f[]="\tOrder allow,deny";
    //$f[]="\tDeny from all";
    //$f[]="\tSatisfy all";
    $f[] = "</Files>";
    $f[] = "DefaultType text/plain";
    $f[] = "HostnameLookups Off";
    $f[] = "User\t\t\t\t   {$APACHE_SRC_ACCOUNT}";
    $f[] = "Group\t\t\t\t   {$APACHE_SRC_GROUP}";
    $f[] = "Timeout              300";
    $f[] = "KeepAlive            Off";
    $f[] = "KeepAliveTimeout     15";
    $f[] = "StartServers         1";
    $f[] = "MaxClients           {$MaxClients}";
    $f[] = "MinSpareServers      2";
    $f[] = "MaxSpareServers      3";
    $f[] = "MaxRequestsPerChild  100";
    $f[] = "MaxKeepAliveRequests 100";
    $ServerName = $unix->hostname_g();
    if ($ServerName == null) {
        $ServerName = "localhost.localdomain";
    }
    $f[] = "ServerName {$ServerName}";
    if ($ArticaHttpUseSSL == 1) {
        $mknod = $unix->find_program("mknod");
        shell_exec("{$mknod} /dev/random c 1 9 >/dev/null 2>&1");
        $f[] = "<IfModule mod_ssl.c>";
        $f[] = "\tListen {$ArticaHttpsPort}";
        $f[] = "\tSSLRandomSeed connect builtin";
        $f[] = "\tSSLRandomSeed connect file:/dev/urandom 256";
        $f[] = "\tAddType application/x-x509-ca-cert .crt";
        $f[] = "\tAddType application/x-pkcs7-crl    .crl";
        $f[] = "\tSSLPassPhraseDialog  builtin";
        $f[] = "\tSSLSessionCache        shmcb:/var/run/apache2/ssl_scache-artica(512000)";
        $f[] = "\tSSLSessionCacheTimeout  300";
        $f[] = "\tSSLSessionCacheTimeout  300";
        $f[] = "\tSSLCipherSuite HIGH:MEDIUM:!ADH";
        $f[] = "\tSSLProtocol all -SSLv2";
        $f[] = "</IfModule>";
        $f[] = "";
        $f[] = "<IfModule mod_gnutls.c>";
        $f[] = "\tListen {$ArticaHttpsPort}";
        $f[] = "</IfModule>";
    }
    if (!is_file("/etc/ssl/certs/apache/server.crt")) {
        shell_exec("/usr/share/artica-postfix/bin/artica-install --apache-ssl-cert");
    }
    if ($ArticaHttpUseSSL == 1) {
        $f[] = "SSLEngine on";
        $f[] = "AcceptMutex flock";
        $f[] = "SSLCertificateFile \"/etc/ssl/certs/apache/server.crt\"";
        $f[] = "SSLCertificateKeyFile \"/etc/ssl/certs/apache/server.key\"";
        $f[] = "SSLVerifyClient none";
        $f[] = "ServerSignature Off";
        $f[] = "SSLRandomSeed startup file:/dev/urandom  256";
        $f[] = "SSLRandomSeed connect builtin";
    }
    $f[] = "AddType application/x-httpd-php .php";
    if ($EnableArticaApachePHPFPM == 0) {
        $f[] = "php_value error_log \"/var/log/php.log\"";
    }
    @chown("/var/log/php.log", $APACHE_SRC_ACCOUNT);
    $f[] = "<IfModule mod_fcgid.c>";
    $f[] = "\tPHP_Fix_Pathinfo_Enable 1";
    $f[] = "</IfModule>";
    $f[] = "<IfModule mod_php5.c>";
    $f[] = "    <FilesMatch \"\\.ph(p3?|tml)\$\">";
    $f[] = "\tSetHandler application/x-httpd-php";
    $f[] = "    </FilesMatch>";
    $f[] = "    <FilesMatch \"\\.phps\$\">";
    $f[] = "\tSetHandler application/x-httpd-php-source";
    $f[] = "    </FilesMatch>";
    $f[] = "    <IfModule mod_userdir.c>";
    $f[] = "        <Directory /home/*/public_html>";
    $f[] = "            php_admin_value engine Off";
    $f[] = "        </Directory>";
    $f[] = "    </IfModule>";
    $f[] = "</IfModule>";
    $f[] = "<IfModule mod_mime.c>";
    $f[] = "\tTypesConfig /etc/mime.types";
    $f[] = "\tAddType application/x-compress .Z";
    $f[] = "\tAddType application/x-gzip .gz .tgz";
    $f[] = "\tAddType application/x-bzip2 .bz2";
    $f[] = "\tAddType application/x-httpd-php .php .phtml";
    $f[] = "\tAddType application/x-httpd-php-source .phps";
    $f[] = "\tAddType application/octet-stream .acl";
    $f[] = "\tAddLanguage ca .ca";
    $f[] = "\tAddLanguage cs .cz .cs";
    $f[] = "\tAddLanguage da .dk";
    $f[] = "\tAddLanguage de .de";
    $f[] = "\tAddLanguage el .el";
    $f[] = "\tAddLanguage en .en";
    $f[] = "\tAddLanguage eo .eo";
    $f[] = "\tRemoveType  es";
    $f[] = "\tAddLanguage es .es";
    $f[] = "\tAddLanguage et .et";
    $f[] = "\tAddLanguage fr .fr";
    $f[] = "\tAddLanguage he .he";
    $f[] = "\tAddLanguage hr .hr";
    $f[] = "\tAddLanguage it .it";
    $f[] = "\tAddLanguage ja .ja";
    $f[] = "\tAddLanguage ko .ko";
    $f[] = "\tAddLanguage ltz .ltz";
    $f[] = "\tAddLanguage nl .nl";
    $f[] = "\tAddLanguage nn .nn";
    $f[] = "\tAddLanguage no .no";
    $f[] = "\tAddLanguage pl .po";
    $f[] = "\tAddLanguage pt .pt";
    $f[] = "\tAddLanguage pt-BR .pt-br";
    $f[] = "\tAddLanguage ru .ru";
    $f[] = "\tAddLanguage sv .sv";
    $f[] = "\tRemoveType  tr";
    $f[] = "\tAddLanguage tr .tr";
    $f[] = "\tAddLanguage zh-CN .zh-cn";
    $f[] = "\tAddLanguage zh-TW .zh-tw";
    $f[] = "\tAddCharset us-ascii    .ascii .us-ascii";
    $f[] = "\tAddCharset ISO-8859-1  .iso8859-1  .latin1";
    $f[] = "\tAddCharset ISO-8859-2  .iso8859-2  .latin2 .cen";
    $f[] = "\tAddCharset ISO-8859-3  .iso8859-3  .latin3";
    $f[] = "\tAddCharset ISO-8859-4  .iso8859-4  .latin4";
    $f[] = "\tAddCharset ISO-8859-5  .iso8859-5  .cyr .iso-ru";
    $f[] = "\tAddCharset ISO-8859-6  .iso8859-6  .arb .arabic";
    $f[] = "\tAddCharset ISO-8859-7  .iso8859-7  .grk .greek";
    $f[] = "\tAddCharset ISO-8859-8  .iso8859-8  .heb .hebrew";
    $f[] = "\tAddCharset ISO-8859-9  .iso8859-9  .latin5 .trk";
    $f[] = "\tAddCharset ISO-8859-10  .iso8859-10  .latin6";
    $f[] = "\tAddCharset ISO-8859-13  .iso8859-13";
    $f[] = "\tAddCharset ISO-8859-14  .iso8859-14  .latin8";
    $f[] = "\tAddCharset ISO-8859-15  .iso8859-15  .latin9";
    $f[] = "\tAddCharset ISO-8859-16  .iso8859-16  .latin10";
    $f[] = "\tAddCharset ISO-2022-JP .iso2022-jp .jis";
    $f[] = "\tAddCharset ISO-2022-KR .iso2022-kr .kis";
    $f[] = "\tAddCharset ISO-2022-CN .iso2022-cn .cis";
    $f[] = "\tAddCharset Big5        .Big5       .big5 .b5";
    $f[] = "\tAddCharset cn-Big5     .cn-big5";
    $f[] = "\t# For russian, more than one charset is used (depends on client, mostly):";
    $f[] = "\tAddCharset WINDOWS-1251 .cp-1251   .win-1251";
    $f[] = "\tAddCharset CP866       .cp866";
    $f[] = "\tAddCharset KOI8      .koi8";
    $f[] = "\tAddCharset KOI8-E      .koi8-e";
    $f[] = "\tAddCharset KOI8-r      .koi8-r .koi8-ru";
    $f[] = "\tAddCharset KOI8-U      .koi8-u";
    $f[] = "\tAddCharset KOI8-ru     .koi8-uk .ua";
    $f[] = "\tAddCharset ISO-10646-UCS-2 .ucs2";
    $f[] = "\tAddCharset ISO-10646-UCS-4 .ucs4";
    $f[] = "\tAddCharset UTF-7       .utf7";
    $f[] = "\tAddCharset UTF-8       .utf8";
    $f[] = "\tAddCharset UTF-16      .utf16";
    $f[] = "\tAddCharset UTF-16BE    .utf16be";
    $f[] = "\tAddCharset UTF-16LE    .utf16le";
    $f[] = "\tAddCharset UTF-32      .utf32";
    $f[] = "\tAddCharset UTF-32BE    .utf32be";
    $f[] = "\tAddCharset UTF-32LE    .utf32le";
    $f[] = "\tAddCharset euc-cn      .euc-cn";
    $f[] = "\tAddCharset euc-gb      .euc-gb";
    $f[] = "\tAddCharset euc-jp      .euc-jp";
    $f[] = "\tAddCharset euc-kr      .euc-kr";
    $f[] = "\tAddCharset EUC-TW      .euc-tw";
    $f[] = "\tAddCharset gb2312      .gb2312 .gb";
    $f[] = "\tAddCharset iso-10646-ucs-2 .ucs-2 .iso-10646-ucs-2";
    $f[] = "\tAddCharset iso-10646-ucs-4 .ucs-4 .iso-10646-ucs-4";
    $f[] = "\tAddCharset shift_jis   .shift_jis .sjis";
    $f[] = "\tAddType text/html .shtml";
    $f[] = "\tAddOutputFilter INCLUDES .shtml";
    $f[] = "</IfModule>";
    $f[] = apache_nagios_config();
    $f[] = apache_phpldapadmin();
    $squid = $unix->LOCATE_SQUID_BIN();
    if (is_file($squid)) {
        $f[] = "Alias /proxy /usr/share/artica-postfix/squid.access.log.php";
        $f[] = "Alias /parent /usr/share/artica-postfix/squid.access.log.php";
        $f[] = "Alias /webfilter /usr/share/artica-postfix/squid.access.webfilter.log.php";
        $f[] = "Alias /meta-updates /home/artica-meta";
        $f[] = "Alias /categories /usr/share/artica-postfix/public.categories.personnal.php";
    }
    $f[] = "<Directory \"/home/artica-meta\">";
    $f[] = "\tOptions Indexes FollowSymLinks";
    $f[] = "</Directory>";
    $f[] = "<Directory \"/usr/share/artica-postfix\">";
    $f[] = "\tDirectoryIndex logon.php";
    $f[] = "\tSSLOptions +StdEnvVars";
    $f[] = "\tOptions Indexes FollowSymLinks";
    $f[] = "\tAllowOverride None";
    //$f[]="\tOrder allow,deny";
    //$f[]="\tAllow from all";
    $f[] = "</Directory>";
    if (is_file($unix->LOCATE_SQUID_BIN())) {
        $ArticaProxyStatisticsBackupFolder = $sock->GET_INFO("ArticaProxyStatisticsBackupFolder");
        if ($ArticaProxyStatisticsBackupFolder == null) {
            $ArticaProxyStatisticsBackupFolder = "/home/artica/squid/backup-statistics";
        }
        $ArticaProxyStatisticsOpenWeb = intval($sock->GET_INFO("ArticaProxyStatisticsOpenWeb"));
        if ($ArticaProxyStatisticsOpenWeb == 1) {
            $f[] = "Alias /backup-stats  \"{$ArticaProxyStatisticsBackupFolder}\"";
            $f[] = "<Directory \"{$ArticaProxyStatisticsBackupFolder}\">";
            $f[] = "\tSSLOptions +StdEnvVars";
            $f[] = "\tOptions Indexes FollowSymLinks";
            $f[] = "\tAllowOverride All";
            //$f[]="\tOrder allow,deny";
            //$f[]="\tAllow from all";
            $f[] = "</Directory>";
        }
    }
    if ($pydio_installed) {
        $directories[] = "/home/pydio/plugins/auth.serial";
        $directories[] = "/home/pydio/plugins/conf.serial";
        $directories[] = "/home/pydio/plugins";
        $directories[] = "/home/pydio/cache";
        $directories[] = "/home/pydio/files";
        $directories[] = "/home/pydio/logs";
        $directories[] = "/home/pydio/personal";
        $directories[] = "/home/pydio/public";
        $directories[] = "/home/pydio/tmp";
        while (list($index, $dir) = each($directories)) {
            if ($GLOBALS["OUTPUT"]) {
                echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} permissions on {$dir}\n";
            }
            @mkdir($dir, 0755, true);
            $unix->chown_func($APACHE_SRC_ACCOUNT, $APACHE_SRC_GROUP, $dir);
        }
        $unix->chown_func($APACHE_SRC_ACCOUNT, $APACHE_SRC_GROUP, "/home/pydio/cache");
        $unix->chown_func($APACHE_SRC_ACCOUNT, $APACHE_SRC_GROUP, "/home/pydio/plugins");
        $f[] = "Alias /explorer  \"/usr/share/artica-postfix/pyio\"";
        $f[] = "<Directory \"/usr/share/artica-postfix/pyio\">";
        $f[] = "\tDirectoryIndex index.php";
        $f[] = "\tSSLOptions +StdEnvVars";
        $f[] = "\tOptions Indexes FollowSymLinks";
        $f[] = "\tAllowOverride All";
        //$f[]="\tOrder allow,deny";
        //$f[]="\tAllow from all";
        $f[] = "</Directory>";
    }
    if ($EnableArticaApachePHPFPM == 1) {
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Activate PHP5-FPM\n";
        }
        shell_exec("{$php} /usr/share/artica-postfix/exec.initslapd.php --phppfm");
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Restarting PHP5-FPM\n";
        }
        shell_exec("/etc/init.d/php5-fpm restart");
        $f[] = "\tAlias /php5.fastcgi /var/run/artica-apache/php5.fastcgi";
        $f[] = "\tAddHandler php-script .php";
        $f[] = "\tFastCGIExternalServer /var/run/artica-apache/php5.fastcgi -socket /var/run/php-fpm.sock -idle-timeout 610";
        $f[] = "\tAction php-script /php5.fastcgi virtual";
        $f[] = "\t<Directory /var/run/artica-apache>";
        $f[] = "\t\t<Files php5.fastcgi>";
        //$f[]="\t\tOrder deny,allow";
        //$f[]="\t\tAllow from all";
        $f[] = "\t\t</Files>";
        $f[] = "\t</Directory>";
    } else {
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} PHP5-FPM is disabled\n";
        }
    }
    $f[] = "Loglevel info";
    $f[] = "ErrorLog /var/log/lighttpd/apache-error.log";
    $f[] = "LogFormat \"%h %l %u %t \\\"%r\\\" %<s %b\" common";
    $f[] = "CustomLog /var/log/lighttpd/apache-access.log common";
    if ($EnableArticaApachePHPFPM == 0) {
        $array["php5_module"] = "libphp5.so";
    }
    $array["actions_module"] = "mod_actions.so";
    $array["expires_module"] = "mod_expires.so";
    $array["rewrite_module"] = "mod_rewrite.so";
    $array["dir_module"] = "mod_dir.so";
    $array["mime_module"] = "mod_mime.so";
    $array["alias_module"] = "mod_alias.so";
    $array["auth_basic_module"] = "mod_auth_basic.so";
    $array["authn_file_module"] = "mod_authn_file.so";
    //$array["authz_host_module"]="mod_authz_host.so";
    $array["autoindex_module"] = "mod_autoindex.so";
    $array["negotiation_module"] = "mod_negotiation.so";
    $array["ssl_module"] = "mod_ssl.so";
    $array["headers_module"] = "mod_headers.so";
    $array["ldap_module"] = "mod_ldap.so";
    if ($EnableArticaApachePHPFPM == 1) {
        $array["fastcgi_module"] = "mod_fastcgi.so";
    }
    if (is_dir("/etc/apache2")) {
        if (!is_file("/etc/apache2/mime.types")) {
            if ($apache_LOCATE_MIME_TYPES != "/etc/apache2/mime.types") {
                @copy($apache_LOCATE_MIME_TYPES, "/etc/apache2/mime.types");
            }
        }
    }
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Mime types path.......: {$apache_LOCATE_MIME_TYPES}\n";
    }
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} Modules path..........: {$APACHE_MODULES_PATH}\n";
    }
    while (list($module, $lib) = each($array)) {
        if (is_file("{$APACHE_MODULES_PATH}/{$lib}")) {
            if ($GLOBALS["OUTPUT"]) {
                echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} include module \"{$module}\"\n";
            }
            $f[] = "LoadModule {$module} {$APACHE_MODULES_PATH}/{$lib}";
        } else {
            if ($GLOBALS["OUTPUT"]) {
                echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} skip module \"{$module}\"\n";
            }
        }
    }
    $f[] = apache_phpmyadmin();
    @file_put_contents("/etc/artica-postfix/httpd.conf", @implode("\n", $f));
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: {$GLOBALS["SERVICE_NAME"]} /etc/artica-postfix/httpd.conf done\n";
    }
}
Пример #16
0
function chown_medir()
{
    $dir = base64_decode($_GET["chown-medir"]);
    $unix = new unix();
    $APACHE = $unix->APACHE_SRC_ACCOUNT();
    $APACHE_GROUP = $unix->APACHE_SRC_GROUP();
    @mkdir("/etc/artica-postfix/settings/Daemons", 0755, true);
    @mkdir("/usr/share/artica-postfix/ressources/logs", 0755, true);
    $f[] = "/etc/artica-postfix/settings/Daemons";
    $f[] = "/usr/share/artica-postfix/ressources/logs";
    if ($dir != null) {
        $f[] = $dir;
    }
    while (list($key, $directory) = each($f)) {
        writelogs_framework("Permissions on `{$directory}` for {$APACHE}:{$APACHE_GROUP}", __FUNCTION__, __FILE__, __LINE__);
        @mkdir($directory, 0755, true);
        $unix->chown_func($APACHE, null, $directory);
        $unix->chown_func($APACHE, null, "{$directory}/*");
        $unix->chmod_func(0755, "{$directory}");
        $unix->chmod_func(0755, "{$directory}/*");
    }
    if ($dir == null) {
        return;
    }
    @chown($dir, $APACHE);
    @chgrp($dir, $APACHE_GROUP);
}
Пример #17
0
function sessions_clean()
{
    $unix = new unix();
    $sock = new sockets();
    $TimeFile = "/etc/artica-postfix/pids/" . basename(__FILE__) . "." . __FUNCTION__ . ".time";
    if ($unix->file_time_min($TimeFile) < 60) {
        return;
    }
    @unlink($TimeFile);
    @file_put_contents($TimeFile, time());
    $APACHE_SRC_ACCOUNT = $unix->APACHE_SRC_ACCOUNT();
    $APACHE_SRC_GROUP = $unix->APACHE_SRC_GROUP();
    $CleanPHPSessionTime = $sock->GET_INFO("CleanPHPSessionTime");
    if (!is_numeric($CleanPHPSessionTime)) {
        $CleanPHPSessionTime = 1440;
    }
    sessions_clean_parse("/var/lib/php5", $CleanPHPSessionTime, $APACHE_SRC_ACCOUNT, $APACHE_SRC_GROUP);
    sessions_clean_parse("/var/lib/php5-zarafa", $CleanPHPSessionTime, $APACHE_SRC_ACCOUNT, $APACHE_SRC_GROUP);
    sessions_clean_parse("/home/squid/error_page_sessions", $CleanPHPSessionTime, $APACHE_SRC_ACCOUNT, $APACHE_SRC_GROUP);
    sessions_clean_parse("/usr/share/artica-postfix/ressources/logs/jGrowl", 360, $APACHE_SRC_ACCOUNT, $APACHE_SRC_GROUP);
    sessions_clean_parse("/usr/share/artica-postfix/ressources/conf", 360, $APACHE_SRC_ACCOUNT, $APACHE_SRC_GROUP);
    sessions_clean_parse("/home/squid/error_page_cache", 60);
}
Пример #18
0
function build($OnlySingle = false)
{
    if (isset($GLOBALS[__FILE__ . __FUNCTION__])) {
        return;
    }
    $GLOBALS[__FILE__ . __FUNCTION__] = true;
    $unix = new unix();
    $php5 = $unix->LOCATE_PHP5_BIN();
    shell_exec("/etc/init.d/mysql start");
    build_progress("{building_main_settings}", 10);
    if ($unix->SQUID_GET_LISTEN_PORT() == 80) {
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: Squid listen 80, ports conflicts, change it\n";
        }
        shell_exec("{$php5} /usr/share/artica-postfix/exec.squid.php --build --force");
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: Restarting Squid-cache..\n";
        }
        shell_exec("/etc/init.d/squid restart --script=" . basename(__FILE__));
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: done...\n";
        }
    }
    if ($unix->SQUID_GET_LISTEN_SSL_PORT() == 443) {
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: Squid listen 443, ports conflicts, change it\n";
        }
        shell_exec("{$php5} /usr/share/artica-postfix/exec.squid.php --build --force");
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: Restarting Squid-cache..\n";
        }
        shell_exec("/etc/init.d/squid restart --script=" . basename(__FILE__));
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: done...\n";
        }
    }
    $reconfigured = false;
    if ($unix->APACHE_GET_LISTEN_PORT() == 80) {
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: Apache listen 80, ports conflicts, change it\n";
        }
        shell_exec("{$php5} /usr/share/artica-postfix/exec.freeweb.php --build --force");
        shell_exec("{$php5} /usr/share/artica-postfix/exec.freeweb.php --stop --force");
        shell_exec("{$php5} /usr/share/artica-postfix/exec.freeweb.php --start --force");
        $reconfigured = true;
    }
    if (!$reconfigured) {
        if ($unix->APACHE_GET_LISTEN_PORT() == 443) {
            if ($GLOBALS["OUTPUT"]) {
                echo "Starting......: " . date("H:i:s") . " [INIT]: Apache listen 443, ports conflicts, change it\n";
            }
            shell_exec("{$php5} /usr/share/artica-postfix/exec.freeweb.php --build --force");
        }
    }
    $APACHE_USER = $unix->APACHE_SRC_ACCOUNT();
    $APACHE_SRC_GROUP = $unix->APACHE_SRC_GROUP();
    $NginxProxyStorePath = "/home/nginx";
    @mkdir("/etc/nginx/sites-enabled", 0755, true);
    @mkdir("/etc/nginx/local-sites", 0755, true);
    @mkdir("/etc/nginx/local-sslsites", 0755, true);
    @mkdir($NginxProxyStorePath, 0755, true);
    @mkdir($NginxProxyStorePath . "/tmp", 0755, true);
    @mkdir($NginxProxyStorePath . "/disk", 0755, true);
    @mkdir("/var/lib/nginx/fastcgi", 0755, true);
    @mkdir("/home/nginx/tmp", 0755, true);
    $Tempdir = $unix->TEMP_DIR() . "/nginx";
    @mkdir($Tempdir, 0755, true);
    $unix->chown_func($APACHE_USER, $APACHE_SRC_GROUP, $NginxProxyStorePath);
    $unix->chown_func($APACHE_USER, $APACHE_SRC_GROUP, "/etc/nginx/sites-enabled");
    $unix->chown_func($APACHE_USER, $APACHE_SRC_GROUP, $NginxProxyStorePath . "/tmp");
    $unix->chown_func($APACHE_USER, $APACHE_SRC_GROUP, $NginxProxyStorePath . "/disk");
    $unix->chown_func($APACHE_USER, $APACHE_SRC_GROUP, "/var/lib/nginx/fastcgi");
    $unix->chown_func($APACHE_USER, $APACHE_SRC_GROUP, $Tempdir);
    nginx_ulimit();
    $workers = $unix->CPU_NUMBER();
    build_progress("Building configuration", 15);
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: Running {$APACHE_USER}:{$APACHE_SRC_GROUP}..\n";
    }
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: Running {$workers} worker(s)..\n";
    }
    if (is_file("/etc/nginx/sites-enabled/default")) {
        @unlink("/etc/nginx/sites-enabled/default");
    }
    if (is_link("/etc/nginx/sites-enabled/default")) {
        @unlink("/etc/nginx/sites-enabled/default");
    }
    if (is_link("/etc/nginx/conf.d/example_ssl.conf")) {
        @unlink("/etc/nginx/conf.d/example_ssl.conf");
    }
    $limit = 4096 * $workers;
    if ($limit > 65535) {
        $limit = 65535;
    }
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: Nginx, Running limit of {$limit} open files\n";
    }
    $L = explode("\n", @file_get_contents("/etc/security/limits.conf"));
    $FOUNDL = false;
    $T = array();
    while (list($index, $line) = each($L)) {
        $line = trim($line);
        if (trim($line) == null) {
            continue;
        }
        if (substr($line, 0, 1) == "#") {
            continue;
        }
        if (preg_match("#^{$APACHE_USER}#", $line)) {
            continue;
        }
        $T[] = $line;
    }
    if (!$FOUNDL) {
        $T[] = "{$APACHE_USER}       soft    nofile   {$limit}";
        $T[] = "{$APACHE_USER}       hard    nofile   {$limit}";
    }
    @file_put_contents("/etc/security/limits.conf", @implode("\n", $T) . "\n");
    $L = array();
    $T = array();
    $MEMORY = $unix->MEM_TOTAL_INSTALLEE();
    $server_names_hash_bucket_size = 128;
    $worker_connections = 8192;
    if ($MEMORY < 624288) {
        $server_names_hash_bucket_size = 64;
        $worker_connections = 1024;
        $workers = 4;
    }
    $mail_protocols = mail_protocols();
    //
    $f[] = "# Builded on " . date("Y-m-d H:i:s");
    $f[] = "user   {$APACHE_USER};";
    $f[] = "worker_processes  {$workers};";
    $nginx_version = nginx_version();
    preg_match("#^([0-9])+\\.([0-9]+)\\.#", $nginx_version, $re);
    $re[1] = intval($re[1]);
    $re[2] = intval($re[2]);
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: Nginx, Major {$re[1]} Minor:{$re[2]}\n";
    }
    $syslog = false;
    $f[] = "worker_rlimit_nofile 16384;";
    $f[] = "timer_resolution 1ms;";
    $f[] = "";
    if ($re[1] > 0) {
        if ($re[2] > 6) {
            $f[] = "error_log syslog:server=127.0.0.1,facility=daemon info;";
            $syslog = true;
        }
    }
    $syslog = false;
    if (!$syslog) {
        $f[] = "error_log  /var/log/nginx/error.log warn;";
    }
    $f[] = "pid        /var/run/nginx.pid;";
    $f[] = "";
    $f[] = "";
    $f[] = "events {";
    $f[] = "    worker_connections  {$worker_connections};";
    $f[] = "    multi_accept  on;";
    $f[] = "    use epoll;";
    $f[] = "\t  accept_mutex_delay 1ms;";
    $f[] = "}";
    $upstream = new nginx_upstream();
    $upstreams_servers = $upstream->build();
    $f[] = "";
    $f[] = "";
    $f[] = "http {";
    $f[] = "\tinclude /etc/nginx/mime.types;";
    $f[] = "\tlog_format  awc_log";
    $f[] = "\t\t'[\$server_name] \$remote_addr - \$remote_user [\$time_local] \$request '";
    $f[] = "\t\t'\"\$status\" \$body_bytes_sent \"\$http_referer\" '";
    $f[] = "\t\t'\"\$http_user_agent\" \"\$http_x_forwarded_for\" [\$upstream_cache_status]';";
    $f[] = "";
    $f[] = "\tlimit_conn_zone \$binary_remote_addr zone=LimitCnx:10m;";
    $q = new mysql_squid_builder();
    $results = $q->QUERY_SQL("SELECT LimitReqs,servername FROM reverse_www WHERE LimitReqs > 0");
    while ($ligne = mysql_fetch_array($results, MYSQL_ASSOC)) {
        $servername = $ligne["servername"];
        $ZoneName = str_replace(".", "", $servername);
        $ZoneName = str_replace("-", "", $servername);
        $ZoneName = str_replace("_", "", $servername);
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: Nginx, limit {$servername}/{$servername} {$ligne["LimitReqs"]}r/s\n";
        }
        $f[] = "\tlimit_req_zone  \$binary_remote_addr  zone={$ZoneName}:10m   rate={$ligne["LimitReqs"]}r/s;";
    }
    $nginxClass = new nginx();
    if ($nginxClass->IsSubstitutions()) {
        //$f[]="\tsubs_filter_types text/html text/css text/xml;";
    }
    @mkdir($Tempdir, 0775, true);
    @mkdir("/home/nginx/tmp", 0755, true);
    $f[] = "\tlimit_conn_log_level info;";
    $f[] = "\tclient_body_temp_path {$Tempdir} 1 2;";
    $f[] = "\tclient_header_timeout 5s;";
    $f[] = "\tclient_body_timeout 5s;";
    $f[] = "\tsend_timeout 10m;";
    $f[] = "\tconnection_pool_size 128k;";
    $f[] = "\tclient_header_buffer_size 16k;";
    $f[] = "\tlarge_client_header_buffers 1024 128k;";
    $f[] = "\trequest_pool_size 128k;";
    $f[] = "\tkeepalive_requests 1000;";
    $f[] = "\tkeepalive_timeout 10;";
    $f[] = "\tclient_max_body_size 10g;";
    $f[] = "\tclient_body_buffer_size 1m;";
    $f[] = "\tclient_body_in_single_buffer on;";
    $f[] = "\topen_file_cache max=10000 inactive=300s;";
    $f[] = "\treset_timedout_connection on;";
    $f[] = "\ttypes_hash_max_size 8192;";
    $f[] = "\tserver_names_hash_bucket_size 128;";
    $f[] = "\tserver_names_hash_max_size 512;";
    $f[] = "\tvariables_hash_max_size 512;";
    $f[] = "\tvariables_hash_bucket_size 128;";
    $f[] = "\tfastcgi_buffers 8 16k;";
    $f[] = "\tfastcgi_buffer_size 32k;";
    $f[] = "\tfastcgi_connect_timeout 300;";
    $f[] = "\tfastcgi_send_timeout 300;";
    $f[] = "\tfastcgi_read_timeout 300;";
    $f[] = "map \$scheme \$server_https {";
    $f[] = "default off;";
    $f[] = "https on;";
    $f[] = "}\t";
    $f[] = "\tgzip on;";
    $f[] = "\tgzip_disable msie6;";
    $f[] = "\tgzip_static on;";
    $f[] = "\tgzip_min_length 1100;";
    $f[] = "\tgzip_buffers 16 8k;";
    $f[] = "\tgzip_comp_level 9;";
    $f[] = "\tgzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript;";
    $f[] = "\tgzip_vary on;";
    $f[] = "\tgzip_proxied any;";
    $f[] = "\toutput_buffers 1000 128k;";
    $f[] = "\tpostpone_output 1460;";
    $f[] = "\tsendfile on;";
    $f[] = "\tsendfile_max_chunk 256k;";
    $f[] = "\ttcp_nopush on;";
    $f[] = "\ttcp_nodelay on;";
    $f[] = "\tserver_tokens off;";
    $dns = new resolv_conf();
    $sock = new sockets();
    if ($sock->dnsmasq_enabled()) {
        $resolver[] = "127.0.0.1";
    }
    if ($dns->MainArray["DNS1"] != null) {
        $resolver[] = $dns->MainArray["DNS1"];
    }
    if ($dns->MainArray["DNS2"] != null) {
        $resolver[] = $dns->MainArray["DNS2"];
    }
    if ($dns->MainArray["DNS3"] != null) {
        $resolver[] = $dns->MainArray["DNS3"];
    }
    $f[] = "\tresolver " . @implode(" ", $resolver) . ";";
    $f[] = "\tignore_invalid_headers on;";
    $f[] = "\tindex index.html;";
    $f[] = "\tadd_header X-CDN \"Served by myself\";";
    $q = new mysql_squid_builder();
    $sql = "SELECT * FROM nginx_caches  ORDER BY directory";
    $results = $q->QUERY_SQL($sql);
    while ($ligne = mysql_fetch_array($results, MYSQL_ASSOC)) {
        $directory = $ligne["directory"];
        @mkdir($directory, 0755, true);
        $unix->chown_func("www-data", "www-data", $directory);
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: Nginx, cache `{$directory}`\n";
        }
        $f[] = "\tproxy_cache_path {$directory} levels={$ligne["levels"]} keys_zone={$ligne["keys_zone"]}:{$ligne["keys_zone_size"]}m max_size={$ligne["max_size"]}G  inactive={$ligne["inactive"]} loader_files={$ligne["loader_files"]} loader_sleep={$ligne["loader_sleep"]} loader_threshold={$ligne["loader_threshold"]};";
    }
    $f[] = "\tproxy_temp_path {$NginxProxyStorePath}/tmp/ 1 2;";
    $f[] = "\tproxy_cache_valid 404 10m;";
    $f[] = "\tproxy_cache_valid 400 501 502 503 504 1m;";
    $f[] = "\tproxy_cache_valid any 4320m;";
    $f[] = "\tproxy_cache_use_stale updating invalid_header error timeout http_404 http_500 http_502 http_503 http_504;";
    $f[] = "\tproxy_next_upstream error timeout invalid_header http_404 http_500 http_502 http_503 http_504;";
    $f[] = "\tproxy_redirect off;";
    $f[] = "\tproxy_set_header Host \$http_host;";
    $f[] = "\tproxy_set_header Server Apache;";
    $f[] = "\tproxy_set_header Connection Close;";
    $f[] = "\tproxy_pass_header Set-Cookie;";
    $f[] = "\tproxy_pass_header User-Agent;";
    $f[] = "\tproxy_set_header X-Accel-Buffering on;";
    $f[] = "\tproxy_hide_header X-CDN;";
    $f[] = "\tproxy_hide_header X-Server;";
    $f[] = "\tproxy_intercept_errors off;";
    $f[] = "\tproxy_ignore_client_abort on;";
    $f[] = "\tproxy_connect_timeout 60s;";
    $f[] = "\tproxy_send_timeout 60s;";
    $f[] = "\tproxy_read_timeout 150s;";
    $f[] = "\tproxy_buffer_size 64k;";
    $f[] = "\tproxy_buffers 16384 128k;";
    $f[] = "\tproxy_busy_buffers_size 256k;";
    $f[] = "\tproxy_temp_file_write_size 128k;";
    $f[] = "\tproxy_headers_hash_bucket_size 128;";
    $f[] = "\tproxy_cache_min_uses 0;";
    $f[] = "";
    $f[] = "{$upstreams_servers}";
    $f[] = "\tinclude /etc/nginx/sites-enabled/*.conf;";
    $f[] = "\tinclude /etc/nginx/local-sites/*.conf;";
    $f[] = "\tinclude /etc/nginx/conf.d/*.conf;";
    $f[] = "\t}";
    $f[] = $mail_protocols;
    $f[] = "";
    @copy("/etc/nginx/nginx.conf", "/etc/nginx/nginx.bak");
    @file_put_contents("/etc/nginx/nginx.conf", @implode("\n", $f));
    if (!$OnlySingle) {
        if ($GLOBALS["VERBOSE"]) {
            echo __FUNCTION__ . "." . __LINE__ . ": OK...\n";
        }
        build_progress("Building default configuration", 10);
        build_default(true);
        build_localhosts();
        if ($GLOBALS["VERBOSE"]) {
            echo __FUNCTION__ . "." . __LINE__ . ": OK...\n";
        }
    } else {
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: Nginx, Only single defined\n";
        }
    }
    if ($GLOBALS["RECONFIGURE"]) {
        $pid = PID_NUM();
        if (is_numeric($pid)) {
            if ($GLOBALS["OUTPUT"]) {
                echo "Starting......: " . date("H:i:s") . " [INIT]: Nginx, reload pid {$pid}\n";
            }
            $kill = $unix->find_program("kill");
            unix_system_HUP($pid);
        } else {
            start(true);
        }
    }
    build_progress("Building configuration done", 10);
}
Пример #19
0
function buildConfig($aspid = false)
{
    $unix = new unix();
    if ($aspid) {
        $pidfile = "/etc/artica-postfix/pids/" . basename(__FILE__) . "." . __FUNCTION__ . ".pid";
        $pid = $unix->get_pid_from_file($pidfile);
        if ($unix->process_exists($pid, basename(__FILE__))) {
            $time = $unix->PROCCESS_TIME_MIN($pid);
            if ($GLOBALS["OUTPUT"]) {
                echo "Starting......: " . date("H:i:s") . " [INIT]: PHP-FPM: Already Artica task running PID {$pid} since {$time}mn\n";
            }
            return;
        }
        @file_put_contents($pidfile, getmypid());
    }
    $sock = new sockets();
    $phpfpm = $unix->APACHE_LOCATE_PHP_FPM();
    if (!is_file($phpfpm)) {
        return;
    }
    $APACHE_USER = $unix->APACHE_SRC_ACCOUNT();
    $APACHE_GROUP = $unix->APACHE_SRC_GROUP();
    $VERSION = GetVersion();
    $AsRoot = false;
    $tr = explode(".", $VERSION);
    $MAJOR = $tr[0];
    $MINOR = $tr[1];
    $REV = $tr[2];
    $process_priority = false;
    $syslog_facility = true;
    $process_max = true;
    if ($MAJOR > 4) {
        if ($MINOR > 2) {
            if ($REV > 20) {
                $process_priority = true;
            }
        }
    }
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: PHP-FPM: Parse Parameters\n";
    }
    $ParseParams = ParseParams();
    $AsRoot = true;
    if (isset($ParseParams["allow-to-run-as-root"])) {
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: PHP-FPM: Allow run as root TRUE\n";
        }
        $AsRoot = true;
    } else {
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: PHP-FPM: Allow run as root is disabled\n";
        }
    }
    $PHPFPMNoSyslog = trim(@file_get_contents("/etc/artica-postfix/settings/Daemons/PHPFPMNoSyslog"));
    $PHPFPMNoProcessMax = trim(@file_get_contents("/etc/artica-postfix/settings/Daemons/PHPFPMNoProcessMax"));
    if (!is_numeric($PHPFPMNoSyslog)) {
        $PHPFPMNoSyslog = 0;
    }
    if (!is_numeric($PHPFPMNoProcessMax)) {
        $PHPFPMNoProcessMax = 0;
    }
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: PHP-FPM: PHPFPMNoSyslog:{$PHPFPMNoSyslog}\n";
    }
    if ($PHPFPMNoSyslog == 1) {
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: PHP-FPM: Disabling process.priority token\n";
        }
        $syslog_facility = false;
    }
    if ($PHPFPMNoProcessMax == 1) {
        $process_max = false;
    }
    $ProcessNice = $unix->GET_PERFS('ProcessNice');
    if (!is_numeric($ProcessNice)) {
        $ProcessNice = 19;
    }
    if ($ProcessNice > 19) {
        $ProcessNice = 19;
    }
    if ($ProcessNice < 1) {
        $ProcessNice = 19;
    }
    $EnableArticaApachePHPFPM = intval($sock->GET_INFO("EnableArticaApachePHPFPM"));
    $EnablePHPFPMFreeWeb = intval($sock->GET_INFO("EnablePHPFPMFreeWeb"));
    $EnablePHPFPMFrameWork = $sock->GET_INFO("EnablePHPFPMFrameWork");
    $EnableFreeWeb = $sock->GET_INFO("EnableFreeWeb");
    if (!is_numeric($EnablePHPFPMFrameWork)) {
        $EnablePHPFPMFrameWork = 0;
    }
    if (!is_numeric($EnableArticaApachePHPFPM)) {
        $EnableArticaApachePHPFPM = 0;
    }
    if (!is_numeric($EnablePHPFPMFreeWeb)) {
        $EnablePHPFPMFreeWeb = 0;
    }
    if (!is_numeric($EnableFreeWeb)) {
        $EnableFreeWeb = 0;
    }
    if ($EnableFreeWeb == 0) {
        $EnablePHPFPMFreeWeb = 0;
    }
    if (is_file("/etc/artica-postfix/WORDPRESS_APPLIANCE")) {
        $EnablePHPFPMFreeWeb = 1;
    }
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: PHP-FPM: will run as {$APACHE_USER}:{$APACHE_GROUP}\n";
    }
    $f[] = ";Writing by Artica," . date("Y-m-d H:i:s") . " file will be erased, change the " . __FILE__ . " code instead...";
    @unlink("/etc/php5/fpm/pool.d/www.conf");
    @unlink("/etc/php5/fpm/pool.d/apache2.conf");
    @unlink("/etc/php5/fpm/pool.d/zarafa.conf");
    @unlink("/etc/php5/fpm/pool.d/framework.conf");
    @unlink("/etc/php5/fpm/pool.d/nginx-authenticator.conf");
    if ($EnableArticaApachePHPFPM == 1) {
        $f[] = "[www]";
        $f[] = "user = {$APACHE_USER}";
        $f[] = "group = {$APACHE_GROUP}";
        $f[] = "listen = /var/run/php-fpm.sock";
        $f[] = "listen.mode = 0777";
        $f[] = ";listen.allowed_clients = 127.0.0.1";
        if ($process_priority) {
            $f[] = "process.priority = {$ProcessNice}";
        }
        $f[] = "pm = dynamic";
        //$f[]="log_level = debug";
        $f[] = "pm.max_children = 20";
        $f[] = "pm.start_servers = 2";
        $f[] = "pm.min_spare_servers = 1";
        $f[] = "pm.max_spare_servers = 5";
        $f[] = ";pm.process_idle_timeout = 10s;";
        $f[] = "pm.max_requests = 80";
        $f[] = "pm.status_path = /fpm.status.php";
        $f[] = "ping.path = /fpm.ping";
        $f[] = ";ping.response = pong";
        $f[] = "chdir = /";
        $f[] = "";
        @mkdir("/etc/php5/fpm/pool.d", 0755, true);
        @file_put_contents("/etc/php5/fpm/pool.d/www.conf", @implode("\n", $f));
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: PHP-FPM: /etc/php5/fpm/pool.d/www.conf done\n";
        }
    }
    $f = array();
    if ($EnablePHPFPMFreeWeb == 1) {
        $f[] = "[apache2]";
        $f[] = "user = {$APACHE_USER}";
        $f[] = "group = {$APACHE_GROUP}";
        $f[] = "listen = /var/run/php-fpm-apache2.sock";
        $f[] = "listen.mode = 0777";
        $f[] = ";listen.allowed_clients = 127.0.0.1";
        if ($process_priority) {
            $f[] = "process.priority = {$ProcessNice}";
        }
        $f[] = "pm = dynamic";
        $f[] = "pm.max_children = 50";
        $f[] = "pm.start_servers = 2";
        $f[] = "pm.min_spare_servers = 1";
        $f[] = "pm.max_spare_servers = 5";
        $f[] = ";pm.process_idle_timeout = 10s;";
        $f[] = "pm.max_requests = 60";
        $f[] = "pm.status_path = /fpm.status.php";
        $f[] = "request_terminate_timeout = 605";
        $f[] = "ping.path = /php-fpm-ping";
        $f[] = ";ping.response = pong";
        $f[] = "chdir = /";
        $f[] = "";
        @file_put_contents("/etc/php5/fpm/pool.d/apache2.conf", @implode("\n", $f));
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: PHP-FPM: /etc/php5/fpm/pool.d/apache2.conf done\n";
        }
    }
    $zarafabin = $unix->find_program("zarafa-server");
    if (is_file($zarafabin)) {
        $FreeWebPerformances = unserialize(base64_decode($sock->GET_INFO("ZarafaApachePerformances")));
        if (!is_numeric($FreeWebPerformances["post_max_size"])) {
            $FreeWebPerformances["post_max_size"] = 50;
        }
        if (!is_numeric($FreeWebPerformances["upload_max_filesize"])) {
            $FreeWebPerformances["upload_max_filesize"] = 50;
        }
        if (!is_numeric($FreeWebPerformances["PhpStartServers"])) {
            $FreeWebPerformances["PhpStartServers"] = 20;
        }
        if (!is_numeric($FreeWebPerformances["PhpMinSpareServers"])) {
            $FreeWebPerformances["PhpMinSpareServers"] = 5;
        }
        if (!is_numeric($FreeWebPerformances["PhpMaxSpareServers"])) {
            $FreeWebPerformances["PhpMaxSpareServers"] = 25;
        }
        if (!is_numeric($FreeWebPerformances["PhpMaxClients"])) {
            $FreeWebPerformances["PhpMaxClients"] = 128;
        }
        $f = array();
        $f[] = "[zarafa]";
        $f[] = "user = {$APACHE_USER}";
        $f[] = "group = {$APACHE_GROUP}";
        $f[] = "listen = /var/run/php-fpm-zarafa.sock";
        $f[] = "listen.mode = 0777";
        $f[] = ";listen.allowed_clients = 127.0.0.1";
        if ($process_priority) {
            $f[] = "process.priority = {$ProcessNice}";
        }
        $f[] = "pm = dynamic";
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: PHP-FPM: Zarafa max_children.....: {$FreeWebPerformances["PhpMaxClients"]}\n";
        }
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: PHP-FPM: Zarafa start_servers....: {$FreeWebPerformances["PhpStartServers"]}\n";
        }
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: PHP-FPM: Zarafa min_spare_servers: {$FreeWebPerformances["PhpMinSpareServers"]}\n";
        }
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: PHP-FPM: Zarafa max_spare_servers: {$FreeWebPerformances["PhpMaxSpareServers"]}\n";
        }
        @mkdir("/var/lib/php5-zarafa", 0755, true);
        $unix->chown_func($APACHE_USER, $APACHE_GROUP, "/var/lib/php5-zarafa");
        $f[] = "pm.max_children = {$FreeWebPerformances["PhpMaxClients"]}";
        $f[] = "pm.start_servers = {$FreeWebPerformances["PhpStartServers"]}";
        $f[] = "pm.min_spare_servers = {$FreeWebPerformances["PhpMinSpareServers"]}";
        $f[] = "pm.max_spare_servers = {$FreeWebPerformances["PhpMaxSpareServers"]}";
        $f[] = ";pm.process_idle_timeout = 10s;";
        $f[] = "pm.max_requests = 60";
        $f[] = "pm.status_path = /fpm.status.php";
        $f[] = "request_terminate_timeout = 605";
        $f[] = "ping.path = /php-fpm-ping";
        $f[] = ";ping.response = pong";
        $f[] = "chdir = /";
        $f[] = "php_value[include_path]=\".:/usr/share/php:/usr/share/php5:/usr/local/share/php:/usr/share/php5/PEAR:/usr/share/pear:/tmp\"";
        $f[] = "php_value[magic_quotes_gpc] = 0";
        $f[] = "php_value[short_open_tag] = 0";
        $f[] = "php_value[magic_quotes_runtime] = 0";
        $f[] = "php_value[safe_mode] = 0";
        $f[] = "php_value[register_globals] = 0";
        $f[] = "php_value[max_input_time] = 300";
        $f[] = "php_value[register_globals] = 0";
        $f[] = "php_value[post_max_size] = {$FreeWebPerformances["post_max_size"]}M";
        $f[] = "php_value[upload_max_filesize] = {$FreeWebPerformances["upload_max_filesize"]}M";
        $f[] = "php_value[session.save_path] = /var/lib/php5-zarafa";
        $f[] = "";
        @file_put_contents("/etc/php5/fpm/pool.d/zarafa.conf", @implode("\n", $f));
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: PHP-FPM: Zarafa /etc/php5/fpm/pool.d/zarafa.conf done\n";
        }
    }
    $f = array();
    if ($EnablePHPFPMFrameWork == 1) {
        if ($AsRoot) {
            $f[] = "[framework]";
            $f[] = "user = root";
            $f[] = "group = root";
            $f[] = "listen = /var/run/php-fpm-framework.sock";
            $f[] = "listen.mode = 0777";
            $f[] = ";listen.allowed_clients = 127.0.0.1";
            if ($process_priority) {
                $f[] = "process.priority = {$ProcessNice}";
            }
            $f[] = "pm = dynamic";
            $f[] = "pm.max_children = 50";
            $f[] = "pm.start_servers = 2";
            $f[] = "pm.min_spare_servers = 1";
            $f[] = "pm.max_spare_servers = 5";
            $f[] = ";pm.process_idle_timeout = 10s;";
            $f[] = "pm.max_requests = 60";
            $f[] = "pm.status_path = /fpm.status.php";
            $f[] = "request_terminate_timeout = 605";
            $f[] = "ping.path = /php-fpm-ping";
            $f[] = ";ping.response = pong";
            $f[] = "chdir = /";
            $f[] = "";
            @file_put_contents("/etc/php5/fpm/pool.d/framework.conf", @implode("\n", $f));
            if ($GLOBALS["OUTPUT"]) {
                echo "Starting......: " . date("H:i:s") . " [INIT]: PHP-FPM: /etc/php5/fpm/pool.d/framework.conf done\n";
            }
        } else {
            if ($GLOBALS["OUTPUT"]) {
                echo "Starting......: " . date("H:i:s") . " [INIT]: PHP-FPM: As root is FALSE for framework..\n";
            }
        }
    }
    $f = array();
    $f[] = ";Writing by Artica," . date("Y-m-d H:i:s") . " file will be erased, change the " . __FILE__ . " code instead...";
    $f[] = "[global]";
    $f[] = "pid = /var/run/php5-fpm.pid";
    $f[] = "error_log = /var/log/php.log";
    if ($syslog_facility) {
        $f[] = "syslog.facility = daemon";
    }
    if ($syslog_facility) {
        $f[] = "syslog.ident = php-fpm";
    }
    $f[] = "log_level = ERROR";
    $f[] = ";emergency_restart_threshold = 0";
    $f[] = ";emergency_restart_interval = 0";
    $f[] = ";process_control_timeout = 0";
    if ($process_max) {
        $f[] = "process.max = 128";
    }
    if ($process_priority) {
        $f[] = "process.priority = {$ProcessNice}";
    }
    $f[] = "daemonize = yes";
    $f[] = ";rlimit_files = 1024";
    $f[] = ";rlimit_core = 0";
    $f[] = "include=/etc/php5/fpm/pool.d/*.conf\n";
    @file_put_contents("/etc/php5/fpm/php-fpm.conf", @implode("\n", $f));
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: PHP-FPM: /etc/php5/fpm/php-fpm.conf done\n";
    }
    if ($GLOBALS["OUTPUT"]) {
        echo "Starting......: " . date("H:i:s") . " [INIT]: PHP-FPM: Check settings\n";
    }
    $sock = new sockets();
    exec("{$phpfpm} -t -y /etc/php5/fpm/php-fpm.conf 2>&1", $results);
    while (list($index, $line) = each($results)) {
        if (trim($line) == null) {
            continue;
        }
        if (strpos($line, "unknown entry 'syslog.facility'") > 0) {
            if ($GLOBALS["OUTPUT"]) {
                echo "Starting......: " . date("H:i:s") . " [INIT]: PHP-FPM: syslog not supported..\n";
            }
            @file_put_contents("/etc/artica-postfix/settings/Daemons/PHPFPMNoSyslog", 1);
            buildConfig();
            return;
        }
        if (strpos($line, "unknown entry 'process.max'") > 0) {
            if ($GLOBALS["OUTPUT"]) {
                echo "Starting......: " . date("H:i:s") . " [INIT]: PHP-FPM: process.max not supported..\n";
            }
            @file_put_contents("/etc/artica-postfix/settings/Daemons/PHPFPMNoProcessMax", 1);
            buildConfig();
            return;
        }
        if ($GLOBALS["OUTPUT"]) {
            echo "Starting......: " . date("H:i:s") . " [INIT]: PHP-FPM: {$line}\n";
        }
    }
}