public function install_ispconfig()
{
global $conf;
$install_dir = $conf['ispconfig_install_dir'];
//* Create the ISPConfig installation directory
if (!@is_dir("{$install_dir}")) {
$command = "mkdir {$install_dir}";
caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
}
//* Create a ISPConfig user and group
$command = 'groupadd ispconfig';
if (!is_group('ispconfig')) {
caselog($command . ' &> /dev/null 2> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
}
$command = "useradd -g ispconfig -d {$install_dir} ispconfig";
if (!is_user('ispconfig')) {
caselog($command . ' &> /dev/null 2> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
}
//* copy the ISPConfig interface part
$command = "cp -rf ../interface {$install_dir}";
caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
//* copy the ISPConfig server part
$command = "cp -rf ../server {$install_dir}";
caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
//* Make a backup of the security settings
if (is_file('/usr/local/ispconfig/security/security_settings.ini')) {
copy('/usr/local/ispconfig/security/security_settings.ini', '/usr/local/ispconfig/security/security_settings.ini~');
}
//* copy the ISPConfig security part
$command = 'cp -rf ../security ' . $install_dir;
caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
//* Apply changed security_settings.ini values to new security_settings.ini file
if (is_file('/usr/local/ispconfig/security/security_settings.ini~')) {
$security_settings_old = ini_to_array(file_get_contents('/usr/local/ispconfig/security/security_settings.ini~'));
$security_settings_new = ini_to_array(file_get_contents('/usr/local/ispconfig/security/security_settings.ini'));
if (is_array($security_settings_new) && is_array($security_settings_old)) {
foreach ($security_settings_new as $section => $sval) {
if (is_array($sval)) {
foreach ($sval as $key => $val) {
if (isset($security_settings_old[$section]) && isset($security_settings_old[$section][$key])) {
$security_settings_new[$section][$key] = $security_settings_old[$section][$key];
}
}
}
}
file_put_contents('/usr/local/ispconfig/security/security_settings.ini', array_to_ini($security_settings_new));
}
}
//* Create a symlink, so ISPConfig is accessible via web
// Replaced by a separate vhost definition for port 8080
// $command = "ln -s $install_dir/interface/web/ /var/www/ispconfig";
// caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
//* Create the config file for ISPConfig interface
$configfile = 'config.inc.php';
if (is_file($install_dir . '/interface/lib/' . $configfile)) {
copy("{$install_dir}/interface/lib/{$configfile}", "{$install_dir}/interface/lib/{$configfile}~");
}
$content = rfsel($conf['ispconfig_install_dir'] . '/server/conf-custom/install/' . $configfile . '.master', "tpl/{$configfile}.master");
$content = str_replace('{mysql_server_ispconfig_user}', $conf['mysql']['ispconfig_user'], $content);
$content = str_replace('{mysql_server_ispconfig_password}', $conf['mysql']['ispconfig_password'], $content);
$content = str_replace('{mysql_server_database}', $conf['mysql']['database'], $content);
$content = str_replace('{mysql_server_host}', $conf['mysql']['host'], $content);
$content = str_replace('{mysql_master_server_ispconfig_user}', $conf['mysql']['master_ispconfig_user'], $content);
$content = str_replace('{mysql_master_server_ispconfig_password}', $conf['mysql']['master_ispconfig_password'], $content);
$content = str_replace('{mysql_master_server_database}', $conf['mysql']['master_database'], $content);
$content = str_replace('{mysql_master_server_host}', $conf['mysql']['master_host'], $content);
$content = str_replace('{server_id}', $conf['server_id'], $content);
$content = str_replace('{ispconfig_log_priority}', $conf['ispconfig_log_priority'], $content);
$content = str_replace('{language}', $conf['language'], $content);
$content = str_replace('{timezone}', $conf['timezone'], $content);
$content = str_replace('{theme}', $conf['theme'], $content);
$content = str_replace('{language_file_import_enabled}', $conf['language_file_import_enabled'] == true ? 'true' : 'false', $content);
wf("{$install_dir}/interface/lib/{$configfile}", $content);
//* Create the config file for ISPConfig server
$configfile = 'config.inc.php';
if (is_file($install_dir . '/server/lib/' . $configfile)) {
copy("{$install_dir}/server/lib/{$configfile}", "{$install_dir}/interface/lib/{$configfile}~");
}
$content = rfsel($conf['ispconfig_install_dir'] . '/server/conf-custom/install/' . $configfile . '.master', "tpl/{$configfile}.master");
$content = str_replace('{mysql_server_ispconfig_user}', $conf['mysql']['ispconfig_user'], $content);
$content = str_replace('{mysql_server_ispconfig_password}', $conf['mysql']['ispconfig_password'], $content);
$content = str_replace('{mysql_server_database}', $conf['mysql']['database'], $content);
$content = str_replace('{mysql_server_host}', $conf['mysql']['host'], $content);
$content = str_replace('{mysql_master_server_ispconfig_user}', $conf['mysql']['master_ispconfig_user'], $content);
$content = str_replace('{mysql_master_server_ispconfig_password}', $conf['mysql']['master_ispconfig_password'], $content);
$content = str_replace('{mysql_master_server_database}', $conf['mysql']['master_database'], $content);
$content = str_replace('{mysql_master_server_host}', $conf['mysql']['master_host'], $content);
$content = str_replace('{server_id}', $conf['server_id'], $content);
$content = str_replace('{ispconfig_log_priority}', $conf['ispconfig_log_priority'], $content);
$content = str_replace('{language}', $conf['language'], $content);
$content = str_replace('{timezone}', $conf['timezone'], $content);
$content = str_replace('{theme}', $conf['theme'], $content);
$content = str_replace('{language_file_import_enabled}', $conf['language_file_import_enabled'] == true ? 'true' : 'false', $content);
wf("{$install_dir}/server/lib/{$configfile}", $content);
//* Create the config file for remote-actions (but only, if it does not exist, because
// the value is a autoinc-value and so changed by the remoteaction_core_module
if (!file_exists($install_dir . '/server/lib/remote_action.inc.php')) {
$content = '<?php' . "\n" . '$maxid_remote_action = 0;' . "\n" . '?>';
wf($install_dir . '/server/lib/remote_action.inc.php', $content);
}
//* Enable the server modules and plugins.
// TODO: Implement a selector which modules and plugins shall be enabled.
$dir = $install_dir . '/server/mods-available/';
if (is_dir($dir)) {
if ($dh = opendir($dir)) {
while (($file = readdir($dh)) !== false) {
if ($file != '.' && $file != '..' && substr($file, -8, 8) == '.inc.php') {
include_once $install_dir . '/server/mods-available/' . $file;
$module_name = substr($file, 0, -8);
$tmp = new $module_name();
if ($tmp->onInstall()) {
if (!@is_link($install_dir . '/server/mods-enabled/' . $file)) {
@symlink($install_dir . '/server/mods-available/' . $file, $install_dir . '/server/mods-enabled/' . $file);
}
if (strpos($file, '_core_module') !== false) {
if (!@is_link($install_dir . '/server/mods-core/' . $file)) {
@symlink($install_dir . '/server/mods-available/' . $file, $install_dir . '/server/mods-core/' . $file);
}
}
}
unset($tmp);
}
}
closedir($dh);
}
}
$dir = $install_dir . '/server/plugins-available/';
if (is_dir($dir)) {
if ($dh = opendir($dir)) {
while (($file = readdir($dh)) !== false) {
if ($conf['apache']['installed'] == true && $file == 'nginx_plugin.inc.php') {
continue;
}
if ($conf['nginx']['installed'] == true && $file == 'apache2_plugin.inc.php') {
continue;
}
if ($file != '.' && $file != '..' && substr($file, -8, 8) == '.inc.php') {
include_once $install_dir . '/server/plugins-available/' . $file;
$plugin_name = substr($file, 0, -8);
$tmp = new $plugin_name();
if ($tmp->onInstall()) {
if (!@is_link($install_dir . '/server/plugins-enabled/' . $file)) {
@symlink($install_dir . '/server/plugins-available/' . $file, $install_dir . '/server/plugins-enabled/' . $file);
}
if (strpos($file, '_core_plugin') !== false) {
if (!@is_link($install_dir . '/server/plugins-core/' . $file)) {
@symlink($install_dir . '/server/plugins-available/' . $file, $install_dir . '/server/plugins-core/' . $file);
}
}
}
unset($tmp);
}
}
closedir($dh);
}
}
// Update the server config
$mail_server_enabled = $conf['services']['mail'] ? 1 : 0;
$web_server_enabled = $conf['services']['web'] ? 1 : 0;
$dns_server_enabled = $conf['services']['dns'] ? 1 : 0;
$file_server_enabled = $conf['services']['file'] ? 1 : 0;
$db_server_enabled = $conf['services']['db'] ? 1 : 0;
$vserver_server_enabled = $conf['services']['vserver'] ? 1 : 0;
$sql = "UPDATE `server` SET mail_server = '{$mail_server_enabled}', web_server = '{$web_server_enabled}', dns_server = '{$dns_server_enabled}', file_server = '{$file_server_enabled}', db_server = '{$db_server_enabled}', vserver_server = '{$vserver_server_enabled}' WHERE server_id = " . intval($conf['server_id']);
if ($conf['mysql']['master_slave_setup'] == 'y') {
$this->dbmaster->query($sql);
$this->db->query($sql);
} else {
$this->db->query($sql);
}
// chown install dir to root and chmod 755
$command = 'chown root:root ' . $install_dir;
caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
$command = 'chmod 755 ' . $install_dir;
caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
//* Chmod the files and directories in the install dir
$command = 'chmod -R 750 ' . $install_dir . '/*';
caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
//* chown the interface files to the ispconfig user and group
$command = 'chown -R ispconfig:ispconfig ' . $install_dir . '/interface';
caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
//* chown the server files to the root user and group
$command = 'chown -R root:root ' . $install_dir . '/server';
caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
//* chown the security files to the root user and group
$command = 'chown -R root:root ' . $install_dir . '/security';
caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
//* chown the security directory and security_settings.ini to root:ispconfig
$command = 'chown root:ispconfig ' . $install_dir . '/security/security_settings.ini';
caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
$command = 'chown root:ispconfig ' . $install_dir . '/security';
caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
$command = 'chown root:ispconfig ' . $install_dir . '/security/ids.whitelist';
caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
$command = 'chown root:ispconfig ' . $install_dir . '/security/ids.htmlfield';
caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
$command = 'chown root:ispconfig ' . $install_dir . '/security/apache_directives.blacklist';
caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
//* Make the global language file directory group writable
exec("chmod -R 770 {$install_dir}/interface/lib/lang");
//* Make the temp directory for language file exports writable
exec("chmod -R 770 {$install_dir}/interface/web/temp");
//* Make all interface language file directories group writable
$handle = @opendir($install_dir . '/interface/web');
while ($file = @readdir($handle)) {
if ($file != '.' && $file != '..') {
if (@is_dir($install_dir . '/interface/web' . '/' . $file . '/lib/lang')) {
$handle2 = opendir($install_dir . '/interface/web' . '/' . $file . '/lib/lang');
chmod($install_dir . '/interface/web' . '/' . $file . '/lib/lang', 0770);
while ($lang_file = @readdir($handle2)) {
if ($lang_file != '.' && $lang_file != '..') {
chmod($install_dir . '/interface/web' . '/' . $file . '/lib/lang/' . $lang_file, 0770);
}
}
}
}
}
//* Make the APS directories group writable
exec("chmod -R 770 {$install_dir}/interface/web/sites/aps_meta_packages");
exec("chmod -R 770 {$install_dir}/server/aps_packages");
//* make sure that the server config file (not the interface one) is only readable by the root user
chmod($install_dir . '/server/lib/config.inc.php', 0600);
chown($install_dir . '/server/lib/config.inc.php', 'root');
chgrp($install_dir . '/server/lib/config.inc.php', 'root');
//* Make sure thet the interface config file is readable by user ispconfig only
chmod($install_dir . '/interface/lib/config.inc.php', 0600);
chown($install_dir . '/interface/lib/config.inc.php', 'ispconfig');
chgrp($install_dir . '/interface/lib/config.inc.php', 'ispconfig');
if (@is_file("{$install_dir}/server/lib/mysql_clientdb.conf")) {
exec("chmod 600 {$install_dir}/server/lib/mysql_clientdb.conf");
exec("chown root:root {$install_dir}/server/lib/mysql_clientdb.conf");
}
if (is_dir($install_dir . '/interface/invoices')) {
exec('chmod -R 770 ' . escapeshellarg($install_dir . '/interface/invoices'));
exec('chown -R ispconfig:ispconfig ' . escapeshellarg($install_dir . '/interface/invoices'));
}
exec('chown -R root:root /usr/local/ispconfig/interface/ssl');
// TODO: FIXME: add the www-data user to the ispconfig group. This is just for testing
// and must be fixed as this will allow the apache user to read the ispconfig files.
// Later this must run as own apache server or via suexec!
if ($conf['apache']['installed'] == true) {
//$command = 'groupmod --add-user '.$conf['apache']['user'].' ispconfig';
$command = 'usermod -a -G ispconfig ' . $conf['apache']['user'];
caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
if (is_group('ispapps')) {
//$command = 'groupmod --add-user '.$conf['apache']['user'].' ispapps';
$command = 'usermod -a -G ispapps ' . $conf['apache']['user'];
caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
}
}
if ($conf['nginx']['installed'] == true) {
//$command = 'groupmod --add-user '.$conf['nginx']['user'].' ispconfig';
$command = 'usermod -a -G ispconfig ' . $conf['nginx']['user'];
caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
if (is_group('ispapps')) {
//$command = 'groupmod --add-user '.$conf['nginx']['user'].' ispapps';
$command = 'usermod -a -G ispapps ' . $conf['nginx']['user'];
caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
}
// add nobody user to www group, as the default php-fpm pool from opensuse runs as nobody
$command = 'usermod -a -G www nobody';
caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
}
//* Make the shell scripts executable
$command = "chmod +x {$install_dir}/server/scripts/*.sh";
caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
if ($conf['apache']['installed'] == true && $this->install_ispconfig_interface == true) {
//* Copy the ISPConfig vhost for the controlpanel
// TODO: These are missing! should they be "vhost_dist_*_dir" ?
$vhost_conf_dir = $conf['apache']['vhost_conf_dir'];
$vhost_conf_enabled_dir = $conf['apache']['vhost_conf_enabled_dir'];
// Dont just copy over the virtualhost template but add some custom settings
$tpl = new tpl('apache_ispconfig.vhost.master');
$tpl->setVar('vhost_port', $conf['apache']['vhost_port']);
// comment out the listen directive if port is 80 or 443
if ($conf['apache']['vhost_port'] == 80 or $conf['apache']['vhost_port'] == 443) {
$tpl->setVar('vhost_port_listen', '#');
} else {
$tpl->setVar('vhost_port_listen', '');
}
if (is_file($install_dir . '/interface/ssl/ispserver.crt') && is_file($install_dir . '/interface/ssl/ispserver.key')) {
$tpl->setVar('ssl_comment', '');
} else {
$tpl->setVar('ssl_comment', '#');
}
if (is_file($install_dir . '/interface/ssl/ispserver.crt') && is_file($install_dir . '/interface/ssl/ispserver.key') && is_file($install_dir . '/interface/ssl/ispserver.bundle')) {
$tpl->setVar('ssl_bundle_comment', '');
} else {
$tpl->setVar('ssl_bundle_comment', '#');
}
$tpl->setVar('apache_version', getapacheversion());
$content = $tpl->grab();
$content = str_replace('/var/www/', '/srv/www/', $content);
wf($vhost_conf_dir . '/ispconfig.vhost', $content);
//if(!is_file('/srv/www/php-fcgi-scripts/ispconfig/.php-fcgi-starter')) {
$content = rfsel($conf['ispconfig_install_dir'] . '/server/conf-custom/install/apache_ispconfig_fcgi_starter.master', 'tpl/apache_ispconfig_fcgi_starter.master');
$content = str_replace('{fastcgi_bin}', $conf['fastcgi']['fastcgi_bin'], $content);
$content = str_replace('{fastcgi_phpini_path}', $conf['fastcgi']['fastcgi_phpini_path'], $content);
exec('mkdir -p /srv/www/php-fcgi-scripts/ispconfig');
wf('/srv/www/php-fcgi-scripts/ispconfig/.php-fcgi-starter', $content);
exec('chmod +x /srv/www/php-fcgi-scripts/ispconfig/.php-fcgi-starter');
exec('ln -s /usr/local/ispconfig/interface/web /srv/www/ispconfig');
exec('chown -R ispconfig:ispconfig /srv/www/php-fcgi-scripts/ispconfig');
//}
//copy('tpl/apache_ispconfig.vhost.master', "$vhost_conf_dir/ispconfig.vhost");
//* and create the symlink
if ($this->is_update == false) {
if (@is_link("{$vhost_conf_enabled_dir}/ispconfig.vhost")) {
unlink("{$vhost_conf_enabled_dir}/ispconfig.vhost");
}
if (!@is_link("{$vhost_conf_enabled_dir}/000-ispconfig.vhost")) {
exec("ln -s {$vhost_conf_dir}/ispconfig.vhost {$vhost_conf_enabled_dir}/000-ispconfig.vhost");
}
}
// Fix a setting in vhost master file for suse
replaceLine('/usr/local/ispconfig/server/conf/vhost.conf.master', "suPHP_UserGroup", " suPHP_UserGroup <tmpl_var name='system_user'> <tmpl_var name='system_group'>", 0);
}
if ($conf['nginx']['installed'] == true && $this->install_ispconfig_interface == true) {
//* Copy the ISPConfig vhost for the controlpanel
$vhost_conf_dir = $conf['nginx']['vhost_conf_dir'];
$vhost_conf_enabled_dir = $conf['nginx']['vhost_conf_enabled_dir'];
// Dont just copy over the virtualhost template but add some custom settings
$content = rfsel($conf['ispconfig_install_dir'] . '/server/conf-custom/install/nginx_ispconfig.vhost.master', 'tpl/nginx_ispconfig.vhost.master');
$content = str_replace('{vhost_port}', $conf['nginx']['vhost_port'], $content);
if (is_file($install_dir . '/interface/ssl/ispserver.crt') && is_file($install_dir . '/interface/ssl/ispserver.key')) {
$content = str_replace('{ssl_on}', ' on', $content);
$content = str_replace('{ssl_comment}', '', $content);
$content = str_replace('{fastcgi_ssl}', 'on', $content);
} else {
$content = str_replace('{ssl_on}', ' off', $content);
$content = str_replace('{ssl_comment}', '#', $content);
$content = str_replace('{fastcgi_ssl}', 'off', $content);
}
$socket_dir = escapeshellcmd($conf['nginx']['php_fpm_socket_dir']);
if (substr($socket_dir, -1) != '/') {
$socket_dir .= '/';
}
if (!is_dir($socket_dir)) {
exec('mkdir -p ' . $socket_dir);
}
$fpm_socket = $socket_dir . 'ispconfig.sock';
//$content = str_replace('{fpm_port}', $conf['nginx']['php_fpm_start_port'], $content);
$content = str_replace('{fpm_socket}', $fpm_socket, $content);
wf($vhost_conf_dir . '/ispconfig.vhost', $content);
unset($content);
// PHP-FPM
// Dont just copy over the php-fpm pool template but add some custom settings
$content = rfsel($conf['ispconfig_install_dir'] . '/server/conf-custom/install/php_fpm_pool.conf.master', 'tpl/php_fpm_pool.conf.master');
$content = str_replace('{fpm_pool}', 'ispconfig', $content);
//$content = str_replace('{fpm_port}', $conf['nginx']['php_fpm_start_port'], $content);
$content = str_replace('{fpm_socket}', $fpm_socket, $content);
$content = str_replace('{fpm_user}', 'ispconfig', $content);
$content = str_replace('{fpm_group}', 'ispconfig', $content);
wf($conf['nginx']['php_fpm_pool_dir'] . '/ispconfig.conf', $content);
//copy('tpl/nginx_ispconfig.vhost.master', $vhost_conf_dir.'/ispconfig.vhost');
//* and create the symlink
if ($this->is_update == false) {
if (@is_link($vhost_conf_enabled_dir . '/ispconfig.vhost')) {
unlink($vhost_conf_enabled_dir . '/ispconfig.vhost');
}
if (!@is_link($vhost_conf_enabled_dir . '/000-ispconfig.vhost')) {
symlink($vhost_conf_dir . '/ispconfig.vhost', $vhost_conf_enabled_dir . '/000-ispconfig.vhost');
}
}
// create symlinks from /usr/share to phpMyAdmin and SquirrelMail, if they are installed
if (!@file_exists('/usr/share/phpmyadmin') && @is_dir('/srv/www/htdocs/phpMyAdmin')) {
symlink('/srv/www/htdocs/phpMyAdmin/', '/usr/share/phpmyadmin');
}
if (!@file_exists('/usr/share/squirrelmail') && @is_dir('/srv/www/htdocs/squirrelmail')) {
symlink('/srv/www/htdocs/squirrelmail/', '/usr/share/squirrelmail');
}
}
// Make the Clamav log files readable by ISPConfig
//exec('chmod +r /var/log/clamav/clamav.log');
//exec('chmod +r /var/log/clamav/freshclam.log');
//* Install the update script
if (is_file('/usr/local/bin/ispconfig_update_from_dev.sh')) {
unlink('/usr/local/bin/ispconfig_update_from_dev.sh');
}
exec('chown root /usr/local/ispconfig/server/scripts/update_from_dev.sh');
exec('chmod 700 /usr/local/ispconfig/server/scripts/update_from_dev.sh');
exec('chown root /usr/local/ispconfig/server/scripts/update_from_tgz.sh');
exec('chmod 700 /usr/local/ispconfig/server/scripts/update_from_tgz.sh');
exec('chown root /usr/local/ispconfig/server/scripts/ispconfig_update.sh');
exec('chmod 700 /usr/local/ispconfig/server/scripts/ispconfig_update.sh');
if (!is_link('/usr/local/bin/ispconfig_update_from_dev.sh')) {
exec('ln -s /usr/local/ispconfig/server/scripts/ispconfig_update.sh /usr/local/bin/ispconfig_update_from_dev.sh');
}
if (!is_link('/usr/local/bin/ispconfig_update.sh')) {
exec('ln -s /usr/local/ispconfig/server/scripts/ispconfig_update.sh /usr/local/bin/ispconfig_update.sh');
}
//set the fast cgi starter script to executable
//exec('chmod 755 '.$install_dir.'/interface/bin/php-fcgi');
//* Make the logs readable for the ispconfig user
if (@is_file('/var/log/mail.log')) {
exec('chmod +r /var/log/mail.log');
}
if (@is_file('/var/log/mail.warn')) {
exec('chmod +r /var/log/mail.warn');
}
if (@is_file('/var/log/mail.err')) {
exec('chmod +r /var/log/mail.err');
}
if (@is_file('/var/log/messages')) {
exec('chmod +r /var/log/messages');
}
//To enable apache to read the directories
exec('chmod a+rx /usr/local/ispconfig');
exec('chmod -R 751 /usr/local/ispconfig/interface');
exec('chmod a+rx /usr/local/ispconfig/interface/web');
//* Create the ispconfig log directory
if (!is_dir($conf['ispconfig_log_dir'])) {
mkdir($conf['ispconfig_log_dir']);
}
if (!is_file($conf['ispconfig_log_dir'] . '/ispconfig.log')) {
exec('touch ' . $conf['ispconfig_log_dir'] . '/ispconfig.log');
}
if (is_user('getmail')) {
exec('mv /usr/local/ispconfig/server/scripts/run-getmail.sh /usr/local/bin/run-getmail.sh');
exec('chown getmail /usr/local/bin/run-getmail.sh');
exec('chmod 744 /usr/local/bin/run-getmail.sh');
}
if (is_dir($install_dir . '/interface/invoices')) {
exec('chmod -R 770 ' . escapeshellarg($install_dir . '/interface/invoices'));
exec('chown -R ispconfig:ispconfig ' . escapeshellarg($install_dir . '/interface/invoices'));
}
//* Create the ispconfig auth log file and set uid/gid
if (!is_file($conf['ispconfig_log_dir'] . '/auth.log')) {
touch($conf['ispconfig_log_dir'] . '/auth.log');
}
exec('chown ispconfig:ispconfig ' . $conf['ispconfig_log_dir'] . '/auth.log');
exec('chmod 660 ' . $conf['ispconfig_log_dir'] . '/auth.log');
//* Remove Domain module as its functions are available in the client module now
if (@is_dir('/usr/local/ispconfig/interface/web/domain')) {
exec('rm -rf /usr/local/ispconfig/interface/web/domain');
}
// Add symlink for patch tool
if (!is_link('/usr/local/bin/ispconfig_patch')) {
exec('ln -s /usr/local/ispconfig/server/scripts/ispconfig_patch /usr/local/bin/ispconfig_patch');
}
}
function updateDbAndIni()
{
global $inst, $conf;
//* Update $conf array with values from the server.ini that shall be preserved
$tmp = $inst->db->queryOneRecord("SELECT * FROM " . $conf["mysql"]["database"] . ".server WHERE server_id = " . $conf['server_id']);
$ini_array = ini_to_array(stripslashes($tmp['config']));
$current_db_version = isset($tmp['dbversion']) ? intval($tmp['dbversion']) : 0;
if (!is_array($ini_array) or count($ini_array) == 0) {
die('Unable to read server configuration from database.');
}
$conf['services']['mail'] = $tmp['mail_server'] == 1 ? true : false;
$conf['services']['web'] = $tmp['web_server'] == 1 ? true : false;
$conf['services']['dns'] = $tmp['dns_server'] == 1 ? true : false;
$conf['services']['file'] = $tmp['file_server'] == 1 ? true : false;
$conf['services']['db'] = $tmp['db_server'] == 1 ? true : false;
$conf['services']['vserver'] = $tmp['vserver_server'] == 1 ? true : false;
$conf['services']['proxy'] = isset($tmp['proxy_server']) && $tmp['proxy_server'] == 1 ? true : false;
$conf['services']['firewall'] = isset($tmp['firewall_server']) && $tmp['firewall_server'] == 1 ? true : false;
$conf['postfix']['vmail_mailbox_base'] = $ini_array['mail']['homedir_path'];
if (isset($ini_array['web']['server_type']) && $ini_array['web']['server_type'] != '') {
$conf['webserver']['server_type'] = $ini_array['web']['server_type'];
if ($conf['webserver']['server_type'] == 'nginx') {
$conf['apache']['installed'] = false;
} else {
$conf['nginx']['installed'] = false;
}
} else {
$conf['webserver']['server_type'] = 'apache';
$conf['nginx']['installed'] = false;
}
//* Do incremental DB updates only on installed ISPConfig versions >= 3.0.3
if (version_compare('3.0.3', ISPC_APP_VERSION, '<=')) {
swriteln($inst->lng('Starting incremental database update.'));
//* get the version of the db schema from the server table
$found = true;
while ($found == true) {
$next_db_version = intval($current_db_version + 1);
$sql_patch_filename = realpath(dirname(__FILE__) . '/../') . '/sql/incremental/upd_' . str_pad($next_db_version, 4, '0', STR_PAD_LEFT) . '.sql';
$php_patch_filename = realpath(dirname(__FILE__) . '/../') . '/patches/upd_' . str_pad($next_db_version, 4, '0', STR_PAD_LEFT) . '.php';
// comma separated list of version numbers were a update has to be done silently
$silent_update_versions = '75';
if (is_file($sql_patch_filename)) {
//* Load php patch file and instantiate object
if (is_file($php_patch_filename)) {
$php_patch_class_name = 'upd_' . str_pad($next_db_version, 4, '0', STR_PAD_LEFT);
include_once $php_patch_filename;
if (class_exists($php_patch_class_name)) {
$php_patch = new $php_patch_class_name();
} else {
swriteln($inst->lng('WARNING: PHP patch file') . ': ' . $php_patch_filename . ' ' . $inst->lng('contains errors.'));
}
}
//* Exec onBeforeSQL function
if (isset($php_patch) && is_object($php_patch)) {
$php_patch->onBeforeSQL();
swriteln($inst->lng('Executing PHP patch file') . ': ' . $php_patch_filename);
}
//* Load patch file into database
if (!empty($conf["mysql"]["admin_password"])) {
$cmd = "mysql --default-character-set=" . escapeshellarg($conf['mysql']['charset']) . " --force -h " . escapeshellarg($conf['mysql']['host']) . " -u " . escapeshellarg($conf['mysql']['admin_user']) . " -p" . escapeshellarg($conf['mysql']['admin_password']) . " " . escapeshellarg($conf['mysql']['database']) . " < " . $sql_patch_filename;
} else {
$cmd = "mysql --default-character-set=" . escapeshellarg($conf['mysql']['charset']) . " --force -h " . escapeshellarg($conf['mysql']['host']) . " -u " . escapeshellarg($conf['mysql']['admin_user']) . " " . escapeshellarg($conf['mysql']['database']) . " < " . $sql_patch_filename;
}
if (in_array($next_db_version, explode(',', $silent_update_versions))) {
$cmd .= ' > /dev/null 2> /dev/null';
}
system($cmd);
swriteln($inst->lng('Loading SQL patch file') . ': ' . $sql_patch_filename);
//* Exec onAfterSQL function
if (isset($php_patch) && is_object($php_patch)) {
$php_patch->onAfterSQL();
}
$current_db_version = $next_db_version;
if (isset($php_patch)) {
unset($php_patch);
}
} else {
$found = false;
}
}
//* update the database version in server table
$inst->db->query("UPDATE " . $conf["mysql"]["database"] . ".server SET dbversion = '" . $current_db_version . "' WHERE server_id = " . $conf['server_id']);
if ($inst->db->dbHost != $inst->dbmaster->dbHost) {
$inst->dbmaster->query("UPDATE " . $conf["mysql"]["master_database"] . ".server SET dbversion = '" . $current_db_version . "' WHERE server_id = " . $conf['server_id']);
}
//* If ISPConfig Version < 3.0.3, we will do a full db update
} else {
swriteln($inst->lng('Starting full database update.'));
//** Delete the old database
if (!$inst->db->query('DROP DATABASE IF EXISTS ' . $conf['mysql']['database'])) {
$inst->error('Unable to drop MySQL database: ' . $conf['mysql']['database'] . '.');
}
//** Create the mysql database
$inst->configure_database();
//** empty all databases
$db_tables = $inst->db->getTables();
foreach ($db_tables as $table) {
$inst->db->query("TRUNCATE {$table}");
}
//** load old data back into database
if (!empty($conf["mysql"]["admin_password"])) {
system("mysql --default-character-set=" . escapeshellarg($conf['mysql']['charset']) . " --force -h " . escapeshellarg($conf['mysql']['host']) . " -u " . escapeshellarg($conf['mysql']['admin_user']) . " -p" . escapeshellarg($conf['mysql']['admin_password']) . " " . escapeshellarg($conf['mysql']['database']) . " < existing_db.sql");
} else {
system("mysql --default-character-set=" . escapeshellarg($conf['mysql']['charset']) . " --force -h " . escapeshellarg($conf['mysql']['host']) . " -u " . escapeshellarg($conf['mysql']['admin_user']) . " " . escapeshellarg($conf['mysql']['database']) . " < existing_db.sql");
}
//** Get the database version number based on the patchfile
$found = true;
while ($found == true) {
$next_db_version = intval($current_db_version + 1);
$patch_filename = realpath(dirname(__FILE__) . '/../') . '/sql/incremental/upd_' . str_pad($next_db_version, 4, '0', STR_PAD_LEFT) . '.sql';
if (is_file($patch_filename)) {
$current_db_version = $next_db_version;
} else {
$found = false;
}
}
//* update the database version in server table
$inst->db->query("UPDATE " . $conf["mysql"]["database"] . ".server SET dbversion = '" . $current_db_version . "' WHERE server_id = " . $conf['server_id']);
if ($inst->db->dbHost != $inst->dbmaster->dbHost) {
$inst->dbmaster->query("UPDATE " . $conf["mysql"]["master_database"] . ".server SET dbversion = '" . $current_db_version . "' WHERE server_id = " . $conf['server_id']);
}
if ($conf['powerdns']['installed']) {
swriteln($inst->lng('Starting full PowerDNS database update.'));
//** Delete the old PowerDNS database
if (!$inst->db->query('DROP DATABASE IF EXISTS ' . $conf['powerdns']['database'])) {
$inst->error('Unable to drop MySQL database: ' . $conf['powerdns']['database'] . '.');
}
//** Create the mysql database
$inst->configure_powerdns();
//** load old data back into the PowerDNS database
if (!empty($conf["mysql"]["admin_password"])) {
system("mysql --default-character-set=" . escapeshellarg($conf['mysql']['charset']) . " --force -h " . escapeshellarg($conf['mysql']['host']) . " -u " . escapeshellarg($conf['mysql']['admin_user']) . " -p" . escapeshellarg($conf['mysql']['admin_password']) . " " . escapeshellarg($conf['powerdns']['database']) . " < existing_powerdns_db.sql");
} else {
system("mysql --default-character-set=" . escapeshellarg($conf['mysql']['charset']) . " --force -h " . escapeshellarg($conf['mysql']['host']) . " -u " . escapeshellarg($conf['mysql']['admin_user']) . " " . escapeshellarg($conf['powerdns']['database']) . " < existing_powerdns_db.sql");
}
}
}
//** Update server ini
$tmp_server_rec = $inst->db->queryOneRecord("SELECT config FROM " . $conf["mysql"]["database"] . ".server WHERE server_id = " . $conf['server_id']);
$old_ini_array = ini_to_array(stripslashes($tmp_server_rec['config']));
unset($tmp_server_rec);
$tpl_ini_array = ini_to_array(rf('tpl/server.ini.master'));
//* Update further distribution specific parameters for server config here
//* HINT: Every line added here has to be added in installer_base.lib.php too!!
$tpl_ini_array['jailkit']['jailkit_chroot_app_programs'] = $conf['jailkit']['jailkit_chroot_app_programs'];
$tpl_ini_array['fastcgi']['fastcgi_phpini_path'] = $conf['fastcgi']['fastcgi_phpini_path'];
$tpl_ini_array['fastcgi']['fastcgi_starter_path'] = $conf['fastcgi']['fastcgi_starter_path'];
$tpl_ini_array['fastcgi']['fastcgi_bin'] = $conf['fastcgi']['fastcgi_bin'];
$tpl_ini_array['server']['hostname'] = $conf['hostname'];
$tpl_ini_array['server']['ip_address'] = @gethostbyname($conf['hostname']);
$tpl_ini_array['web']['website_basedir'] = $conf['web']['website_basedir'];
$tpl_ini_array['web']['website_path'] = $conf['web']['website_path'];
$tpl_ini_array['web']['website_symlinks'] = $conf['web']['website_symlinks'];
$tpl_ini_array['cron']['crontab_dir'] = $conf['cron']['crontab_dir'];
$tpl_ini_array['web']['security_level'] = 20;
$tpl_ini_array['web']['user'] = $conf['apache']['user'];
$tpl_ini_array['web']['group'] = $conf['apache']['group'];
$tpl_ini_array['web']['php_ini_path_apache'] = $conf['apache']['php_ini_path_apache'];
$tpl_ini_array['web']['php_ini_path_cgi'] = $conf['apache']['php_ini_path_cgi'];
$tpl_ini_array['mail']['pop3_imap_daemon'] = $conf['dovecot']['installed'] == true ? 'dovecot' : 'courier';
$tpl_ini_array['mail']['mail_filter_syntax'] = $conf['dovecot']['installed'] == true ? 'sieve' : 'maildrop';
$tpl_ini_array['dns']['bind_user'] = $conf['bind']['bind_user'];
$tpl_ini_array['dns']['bind_group'] = $conf['bind']['bind_group'];
$tpl_ini_array['dns']['bind_zonefiles_dir'] = $conf['bind']['bind_zonefiles_dir'];
$tpl_ini_array['dns']['named_conf_path'] = $conf['bind']['named_conf_path'];
$tpl_ini_array['dns']['named_conf_local_path'] = $conf['bind']['named_conf_local_path'];
$tpl_ini_array['web']['nginx_vhost_conf_dir'] = $conf['nginx']['vhost_conf_dir'];
$tpl_ini_array['web']['nginx_vhost_conf_enabled_dir'] = $conf['nginx']['vhost_conf_enabled_dir'];
$tpl_ini_array['web']['nginx_user'] = $conf['nginx']['user'];
$tpl_ini_array['web']['nginx_group'] = $conf['nginx']['group'];
$tpl_ini_array['web']['nginx_cgi_socket'] = $conf['nginx']['cgi_socket'];
$tpl_ini_array['web']['php_fpm_init_script'] = $conf['nginx']['php_fpm_init_script'];
$tpl_ini_array['web']['php_fpm_ini_path'] = $conf['nginx']['php_fpm_ini_path'];
$tpl_ini_array['web']['php_fpm_pool_dir'] = $conf['nginx']['php_fpm_pool_dir'];
$tpl_ini_array['web']['php_fpm_start_port'] = $conf['nginx']['php_fpm_start_port'];
$tpl_ini_array['web']['php_fpm_socket_dir'] = $conf['nginx']['php_fpm_socket_dir'];
if ($conf['nginx']['installed'] == true) {
$tpl_ini_array['web']['server_type'] = 'nginx';
$tpl_ini_array['global']['webserver'] = 'nginx';
}
//* update the new template with the old values
if (is_array($old_ini_array)) {
foreach ($old_ini_array as $tmp_section_name => $tmp_section_content) {
foreach ($tmp_section_content as $tmp_var_name => $tmp_var_content) {
$tpl_ini_array[$tmp_section_name][$tmp_var_name] = $tmp_var_content;
}
}
}
$new_ini = array_to_ini($tpl_ini_array);
$sql = "UPDATE " . $conf["mysql"]["database"] . ".server SET config = '" . mysql_real_escape_string($new_ini) . "' WHERE server_id = " . $conf['server_id'];
$inst->db->query($sql);
if ($inst->db->dbHost != $inst->dbmaster->dbHost) {
$sql = "UPDATE " . $conf["mysql"]["master_database"] . ".server SET config = '" . mysql_real_escape_string($new_ini) . "' WHERE server_id = " . $conf['server_id'];
$inst->dbmaster->query($sql);
}
unset($old_ini_array);
unset($tpl_ini_array);
unset($new_ini);
//** Update system ini
$tmp_server_rec = $inst->db->queryOneRecord("SELECT config FROM " . $conf["mysql"]["database"] . ".sys_ini WHERE sysini_id = 1");
$old_ini_array = ini_to_array(stripslashes($tmp_server_rec['config']));
unset($tmp_server_rec);
$tpl_ini_array = ini_to_array(rf('tpl/system.ini.master'));
// update the new template with the old values
if (is_array($old_ini_array)) {
foreach ($old_ini_array as $tmp_section_name => $tmp_section_content) {
foreach ($tmp_section_content as $tmp_var_name => $tmp_var_content) {
$tpl_ini_array[$tmp_section_name][$tmp_var_name] = $tmp_var_content;
}
}
}
$new_ini = array_to_ini($tpl_ini_array);
$tmp = $inst->db->queryOneRecord('SELECT count(sysini_id) as number FROM ' . $conf["mysql"]["database"] . '.sys_ini WHERE 1');
if ($tmp['number'] == 0) {
$inst->db->query("INSERT INTO " . $conf["mysql"]["database"] . ".sys_ini (sysini_id, config) VALUES (1,'" . mysql_real_escape_string($new_ini) . "')");
} else {
$inst->db->query("UPDATE " . $conf["mysql"]["database"] . ".sys_ini SET config = '" . mysql_real_escape_string($new_ini) . "' WHERE sysini_id = 1");
}
unset($old_ini_array);
unset($tpl_ini_array);
unset($new_ini);
}
public function configure_postfix($options = '')
{
global $conf;
$cf = $conf['postfix'];
$config_dir = $cf['config_dir'];
if (!is_dir($config_dir)) {
$this->error("The postfix configuration directory '{$config_dir}' does not exist.");
}
//* mysql-virtual_domains.cf
$this->process_postfix_config('mysql-virtual_domains.cf');
//* mysql-virtual_forwardings.cf
$this->process_postfix_config('mysql-virtual_forwardings.cf');
//* mysql-virtual_mailboxes.cf
$this->process_postfix_config('mysql-virtual_mailboxes.cf');
//* mysql-virtual_email2email.cf
$this->process_postfix_config('mysql-virtual_email2email.cf');
//* mysql-virtual_transports.cf
$this->process_postfix_config('mysql-virtual_transports.cf');
//* mysql-virtual_recipient.cf
$this->process_postfix_config('mysql-virtual_recipient.cf');
//* mysql-virtual_sender.cf
$this->process_postfix_config('mysql-virtual_sender.cf');
//* mysql-virtual_client.cf
$this->process_postfix_config('mysql-virtual_client.cf');
//* mysql-virtual_relaydomains.cf
$this->process_postfix_config('mysql-virtual_relaydomains.cf');
//* mysql-virtual_relayrecipientmaps.cf
$this->process_postfix_config('mysql-virtual_relayrecipientmaps.cf');
//* Changing mode and group of the new created config files.
caselog('chmod o= ' . $config_dir . '/mysql-virtual_*.cf* &> /dev/null', __FILE__, __LINE__, 'chmod on mysql-virtual_*.cf*', 'chmod on mysql-virtual_*.cf* failed');
caselog('chgrp ' . $cf['group'] . ' ' . $config_dir . '/mysql-virtual_*.cf* &> /dev/null', __FILE__, __LINE__, 'chgrp on mysql-virtual_*.cf*', 'chgrp on mysql-virtual_*.cf* failed');
//* Creating virtual mail user and group
$command = 'groupadd -g ' . $cf['vmail_groupid'] . ' ' . $cf['vmail_groupname'];
if (!is_group($cf['vmail_groupname'])) {
caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
}
$command = 'useradd -g ' . $cf['vmail_groupname'] . ' -u ' . $cf['vmail_userid'] . ' ' . $cf['vmail_username'] . ' -d ' . $cf['vmail_mailbox_base'] . ' -m';
if (!is_user($cf['vmail_username'])) {
caselog("{$command} &> /dev/null", __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
}
$server_ini_rec = $this->db->queryOneRecord("SELECT config FROM server WHERE server_id = " . $conf['server_id']);
$server_ini_array = ini_to_array(stripslashes($server_ini_rec['config']));
unset($server_ini_rec);
//* If there are RBL's defined, format the list and add them to smtp_recipient_restrictions to prevent removeal after an update
$rbl_list = '';
if ($server_ini_array['mail']['realtime_blackhole_list'] != '') {
$rbl_hosts = explode(",", str_replace(" ", "", $server_ini_array['mail']['realtime_blackhole_list']));
foreach ($rbl_hosts as $key => $value) {
$rbl_list .= ", reject_rbl_client " . $value;
}
}
unset($rbl_hosts);
unset($server_ini_array);
$postconf_commands = array('myhostname = ' . $conf['hostname'], 'mydestination = ' . $conf['hostname'] . ', localhost, localhost.localdomain', 'mynetworks = 127.0.0.0/8 [::1]/128', 'alias_maps = hash:/etc/aliases, hash:/var/lib/mailman/data/aliases', 'alias_database = hash:/etc/aliases, hash:/var/lib/mailman/data/aliases', 'virtual_alias_domains =', 'virtual_alias_maps = proxy:mysql:' . $config_dir . '/mysql-virtual_forwardings.cf, proxy:mysql:' . $config_dir . '/mysql-virtual_email2email.cf, hash:/var/lib/mailman/data/virtual-mailman', 'virtual_mailbox_domains = proxy:mysql:' . $config_dir . '/mysql-virtual_domains.cf', 'virtual_mailbox_maps = proxy:mysql:' . $config_dir . '/mysql-virtual_mailboxes.cf', 'virtual_mailbox_base = ' . $cf['vmail_mailbox_base'], 'virtual_uid_maps = static:' . $cf['vmail_userid'], 'virtual_gid_maps = static:' . $cf['vmail_groupid'], 'smtpd_sasl_auth_enable = yes', 'broken_sasl_auth_clients = yes', 'smtpd_sasl_authenticated_header = yes', 'smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, check_recipient_access mysql:' . $config_dir . '/mysql-virtual_recipient.cf, reject_unauth_destination' . $rbl_list, 'smtpd_use_tls = yes', 'smtpd_tls_security_level = may', 'smtpd_tls_cert_file = ' . $config_dir . '/smtpd.cert', 'smtpd_tls_key_file = ' . $config_dir . '/smtpd.key', 'transport_maps = proxy:mysql:' . $config_dir . '/mysql-virtual_transports.cf', 'relay_domains = mysql:' . $config_dir . '/mysql-virtual_relaydomains.cf', 'relay_recipient_maps = mysql:' . $config_dir . '/mysql-virtual_relayrecipientmaps.cf', 'proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $virtual_mailbox_limit_maps', 'smtpd_sender_restrictions = check_sender_access mysql:' . $config_dir . '/mysql-virtual_sender.cf', 'smtpd_client_restrictions = check_client_access mysql:' . $config_dir . '/mysql-virtual_client.cf', 'smtpd_client_message_rate_limit = 100', 'maildrop_destination_concurrency_limit = 1', 'maildrop_destination_recipient_limit = 1', 'virtual_transport = maildrop', 'header_checks = regexp:' . $config_dir . '/header_checks', 'mime_header_checks = regexp:' . $config_dir . '/mime_header_checks', 'nested_header_checks = regexp:' . $config_dir . '/nested_header_checks', 'body_checks = regexp:' . $config_dir . '/body_checks', 'owner_request_special = no');
//* Create the header and body check files
touch($config_dir . '/header_checks');
touch($config_dir . '/mime_header_checks');
touch($config_dir . '/nested_header_checks');
touch($config_dir . '/body_checks');
//* Create the mailman files
exec('mkdir -p /var/lib/mailman/data');
if (!is_file('/var/lib/mailman/data/aliases')) {
touch('/var/lib/mailman/data/aliases');
}
exec('postalias /var/lib/mailman/data/aliases');
if (!is_file('/var/lib/mailman/data/virtual-mailman')) {
touch('/var/lib/mailman/data/virtual-mailman');
}
exec('postmap /var/lib/mailman/data/virtual-mailman');
//* Make a backup copy of the main.cf file
copy($config_dir . '/main.cf', $config_dir . '/main.cf~');
//* Executing the postconf commands
foreach ($postconf_commands as $cmd) {
$command = "postconf -e '{$cmd}'";
caselog($command . " &> /dev/null", __FILE__, __LINE__, 'EXECUTED: ' . $command, 'Failed to execute the command ' . $command);
}
if (!stristr($options, 'dont-create-certs')) {
//* Create the SSL certificate
$command = 'cd ' . $config_dir . '; ' . 'openssl req -new -outform PEM -out smtpd.cert -newkey rsa:2048 -nodes -keyout smtpd.key -keyform PEM -days 3650 -x509';
exec($command);
$command = 'chmod o= ' . $config_dir . '/smtpd.key';
caselog($command . ' &> /dev/null', __FILE__, __LINE__, 'EXECUTED: ' . $command, 'Failed to execute the command ' . $command);
}
//** We have to change the permissions of the courier authdaemon directory to make it accessible for maildrop.
$command = 'chmod 755 /var/run/courier/authdaemon/';
if (is_file('/var/run/courier/authdaemon/')) {
caselog($command . ' &> /dev/null', __FILE__, __LINE__, 'EXECUTED: ' . $command, 'Failed to execute the command ' . $command);
}
//* Changing maildrop lines in posfix master.cf
if (is_file($config_dir . '/master.cf')) {
copy($config_dir . '/master.cf', $config_dir . '/master.cf~');
}
if (is_file($config_dir . '/master.cf~')) {
chmod($config_dir . '/master.cf~', 0400);
}
$configfile = $config_dir . '/master.cf';
$content = rf($configfile);
$content = str_replace('flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient}', 'flags=DRhu user='******'vmail_username'] . ' argv=/usr/bin/maildrop -d ' . $cf['vmail_username'] . ' ${extension} ${recipient} ${user} ${nexthop} ${sender}', $content);
wf($configfile, $content);
//* Writing the Maildrop mailfilter file
$configfile = 'mailfilter';
if (is_file($cf['vmail_mailbox_base'] . '/.' . $configfile)) {
copy($cf['vmail_mailbox_base'] . '/.' . $configfile, $cf['vmail_mailbox_base'] . '/.' . $configfile . '~');
}
$content = rf('tpl/' . $configfile . '.master');
$content = str_replace('{dist_postfix_vmail_mailbox_base}', $cf['vmail_mailbox_base'], $content);
wf($cf['vmail_mailbox_base'] . '/.' . $configfile, $content);
//* Create the directory for the custom mailfilters
if (!is_dir($cf['vmail_mailbox_base'] . '/mailfilters')) {
$command = 'mkdir ' . $cf['vmail_mailbox_base'] . '/mailfilters';
caselog($command . " &> /dev/null", __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
}
//* Chmod and chown the .mailfilter file
$command = 'chown ' . $cf['vmail_username'] . ':' . $cf['vmail_groupname'] . ' ' . $cf['vmail_mailbox_base'] . '/.mailfilter';
caselog($command . " &> /dev/null", __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
$command = 'chmod 600 ' . $cf['vmail_mailbox_base'] . '/.mailfilter';
caselog($command . " &> /dev/null", __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
}
$conf_old = $conf;
unset($conf);
if ($dist['id'] == '') {
die('Linux distribution or version not recognized.');
}
//** Include the autoinstaller configuration (for non-interactive setups)
error_reporting(E_ALL ^ E_NOTICE);
//** Get commandline options
$cmd_opt = getopt('', array('autoinstall::'));
//** Load autoinstall file
if (isset($cmd_opt['autoinstall']) && is_file($cmd_opt['autoinstall'])) {
$path_parts = pathinfo($cmd_opt['autoinstall']);
if ($path_parts['extension'] == 'php') {
include_once $cmd_opt['autoinstall'];
} elseif ($path_parts['extension'] == 'ini') {
$tmp = ini_to_array(file_get_contents('autoinstall.ini'));
$autoinstall = $tmp['install'] + $tmp['ssl_cert'] + $tmp['expert'] + $tmp['update'];
unset($tmp);
}
unset($path_parts);
define('AUTOINSTALL', true);
} else {
$autoinstall = array();
define('AUTOINSTALL', false);
}
//** Include the distribution-specific installer class library and configuration
if (is_file('dist/lib/' . $dist['baseid'] . '.lib.php')) {
include_once 'dist/lib/' . $dist['baseid'] . '.lib.php';
}
include_once 'dist/lib/' . $dist['id'] . '.lib.php';
include_once 'dist/conf/' . $dist['id'] . '.conf.php';
public function install_ispconfig()
{
global $conf;
$install_dir = $conf['ispconfig_install_dir'];
//* Create the ISPConfig installation directory
if (!@is_dir($install_dir)) {
$command = "mkdir {$install_dir}";
caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
}
//* Create a ISPConfig user and group
$command = 'groupadd ispconfig';
if (!is_group('ispconfig')) {
caselog($command . ' &> /dev/null 2> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
}
$command = 'useradd -g ispconfig -d ' . $install_dir . ' ispconfig';
if (!is_user('ispconfig')) {
caselog($command . ' &> /dev/null 2> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
}
//* copy the ISPConfig interface part
$command = 'cp -rf ../interface ' . $install_dir;
caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
//* copy the ISPConfig server part
$command = 'cp -rf ../server ' . $install_dir;
caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
//* Make a backup of the security settings
if (is_file('/usr/local/ispconfig/security/security_settings.ini')) {
copy('/usr/local/ispconfig/security/security_settings.ini', '/usr/local/ispconfig/security/security_settings.ini~');
}
//* copy the ISPConfig security part
$command = 'cp -rf ../security ' . $install_dir;
caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
//* Apply changed security_settings.ini values to new security_settings.ini file
if (is_file('/usr/local/ispconfig/security/security_settings.ini~')) {
$security_settings_old = ini_to_array(file_get_contents('/usr/local/ispconfig/security/security_settings.ini~'));
$security_settings_new = ini_to_array(file_get_contents('/usr/local/ispconfig/security/security_settings.ini'));
if (is_array($security_settings_new) && is_array($security_settings_old)) {
foreach ($security_settings_new as $section => $sval) {
if (is_array($sval)) {
foreach ($sval as $key => $val) {
if (isset($security_settings_old[$section]) && isset($security_settings_old[$section][$key])) {
$security_settings_new[$section][$key] = $security_settings_old[$section][$key];
}
}
}
}
file_put_contents('/usr/local/ispconfig/security/security_settings.ini', array_to_ini($security_settings_new));
}
}
//* Create a symlink, so ISPConfig is accessible via web
// Replaced by a separate vhost definition for port 8080
// $command = "ln -s $install_dir/interface/web/ /home/www/ispconfig";
// caselog($command.' &> /dev/null', __FILE__, __LINE__, "EXECUTED: $command", "Failed to execute the command $command");
//* Create the config file for ISPConfig interface
$configfile = 'config.inc.php';
if (is_file($install_dir . '/interface/lib/' . $configfile)) {
copy($install_dir . '/interface/lib/' . $configfile, $install_dir . '/interface/lib/' . $configfile . '~');
}
$content = rfsel($conf['ispconfig_install_dir'] . '/server/conf-custom/install/' . $configfile . '.master', 'tpl/' . $configfile . '.master');
$content = str_replace('{mysql_server_ispconfig_user}', $conf['mysql']['ispconfig_user'], $content);
$content = str_replace('{mysql_server_ispconfig_password}', $conf['mysql']['ispconfig_password'], $content);
$content = str_replace('{mysql_server_database}', $conf['mysql']['database'], $content);
$content = str_replace('{mysql_server_host}', $conf['mysql']['host'], $content);
$content = str_replace('{mysql_master_server_ispconfig_user}', $conf['mysql']['master_ispconfig_user'], $content);
$content = str_replace('{mysql_master_server_ispconfig_password}', $conf['mysql']['master_ispconfig_password'], $content);
$content = str_replace('{mysql_master_server_database}', $conf['mysql']['master_database'], $content);
$content = str_replace('{mysql_master_server_host}', $conf['mysql']['master_host'], $content);
$content = str_replace('{server_id}', $conf['server_id'], $content);
$content = str_replace('{ispconfig_log_priority}', $conf['ispconfig_log_priority'], $content);
$content = str_replace('{language}', $conf['language'], $content);
$content = str_replace('{timezone}', $conf['timezone'], $content);
$content = str_replace('{theme}', $conf['theme'], $content);
$content = str_replace('{language_file_import_enabled}', $conf['language_file_import_enabled'] == true ? 'true' : 'false', $content);
wf($install_dir . '/interface/lib/' . $configfile, $content);
//* Create the config file for ISPConfig server
$configfile = 'config.inc.php';
if (is_file($install_dir . '/server/lib/' . $configfile)) {
copy($install_dir . '/server/lib/' . $configfile, $install_dir . '/interface/lib/' . $configfile . '~');
}
$content = rfsel($conf['ispconfig_install_dir'] . '/server/conf-custom/install/' . $configfile . '.master', 'tpl/' . $configfile . '.master');
$content = str_replace('{mysql_server_ispconfig_user}', $conf['mysql']['ispconfig_user'], $content);
$content = str_replace('{mysql_server_ispconfig_password}', $conf['mysql']['ispconfig_password'], $content);
$content = str_replace('{mysql_server_database}', $conf['mysql']['database'], $content);
$content = str_replace('{mysql_server_host}', $conf['mysql']['host'], $content);
$content = str_replace('{mysql_master_server_ispconfig_user}', $conf['mysql']['master_ispconfig_user'], $content);
$content = str_replace('{mysql_master_server_ispconfig_password}', $conf['mysql']['master_ispconfig_password'], $content);
$content = str_replace('{mysql_master_server_database}', $conf['mysql']['master_database'], $content);
$content = str_replace('{mysql_master_server_host}', $conf['mysql']['master_host'], $content);
$content = str_replace('{server_id}', $conf['server_id'], $content);
$content = str_replace('{ispconfig_log_priority}', $conf['ispconfig_log_priority'], $content);
$content = str_replace('{language}', $conf['language'], $content);
$content = str_replace('{timezone}', $conf['timezone'], $content);
$content = str_replace('{theme}', $conf['theme'], $content);
$content = str_replace('{language_file_import_enabled}', $conf['language_file_import_enabled'] == true ? 'true' : 'false', $content);
wf($install_dir . '/server/lib/' . $configfile, $content);
//* Create the config file for remote-actions (but only, if it does not exist, because
// the value is a autoinc-value and so changed by the remoteaction_core_module
if (!file_exists($install_dir . '/server/lib/remote_action.inc.php')) {
$content = '<?php' . "\n" . '$maxid_remote_action = 0;' . "\n" . '?>';
wf($install_dir . '/server/lib/remote_action.inc.php', $content);
}
//* Enable the server modules and plugins.
// TODO: Implement a selector which modules and plugins shall be enabled.
$dir = $install_dir . '/server/mods-available/';
if (is_dir($dir)) {
if ($dh = opendir($dir)) {
while (($file = readdir($dh)) !== false) {
if ($file != '.' && $file != '..' && substr($file, -8, 8) == '.inc.php') {
include_once $install_dir . '/server/mods-available/' . $file;
$module_name = substr($file, 0, -8);
$tmp = new $module_name();
if ($tmp->onInstall()) {
if (!@is_link($install_dir . '/server/mods-enabled/' . $file)) {
@symlink($install_dir . '/server/mods-available/' . $file, $install_dir . '/server/mods-enabled/' . $file);
// @symlink($install_dir.'/server/mods-available/'.$file, '../mods-enabled/'.$file);
}
if (strpos($file, '_core_module') !== false) {
if (!@is_link($install_dir . '/server/mods-core/' . $file)) {
@symlink($install_dir . '/server/mods-available/' . $file, $install_dir . '/server/mods-core/' . $file);
// @symlink($install_dir.'/server/mods-available/'.$file, '../mods-core/'.$file);
}
}
}
unset($tmp);
}
}
closedir($dh);
}
}
$dir = $install_dir . '/server/plugins-available/';
if (is_dir($dir)) {
if ($dh = opendir($dir)) {
while (($file = readdir($dh)) !== false) {
if ($conf['apache']['installed'] == true && $file == 'nginx_plugin.inc.php') {
continue;
}
if ($conf['nginx']['installed'] == true && $file == 'apache2_plugin.inc.php') {
continue;
}
if ($file != '.' && $file != '..' && substr($file, -8, 8) == '.inc.php') {
include_once $install_dir . '/server/plugins-available/' . $file;
$plugin_name = substr($file, 0, -8);
$tmp = new $plugin_name();
if (method_exists($tmp, 'onInstall') && $tmp->onInstall()) {
if (!@is_link($install_dir . '/server/plugins-enabled/' . $file)) {
@symlink($install_dir . '/server/plugins-available/' . $file, $install_dir . '/server/plugins-enabled/' . $file);
//@symlink($install_dir.'/server/plugins-available/'.$file, '../plugins-enabled/'.$file);
}
if (strpos($file, '_core_plugin') !== false) {
if (!@is_link($install_dir . '/server/plugins-core/' . $file)) {
@symlink($install_dir . '/server/plugins-available/' . $file, $install_dir . '/server/plugins-core/' . $file);
//@symlink($install_dir.'/server/plugins-available/'.$file, '../plugins-core/'.$file);
}
}
}
unset($tmp);
}
}
closedir($dh);
}
}
// Update the server config
$mail_server_enabled = $conf['services']['mail'] ? 1 : 0;
$web_server_enabled = $conf['services']['web'] ? 1 : 0;
$dns_server_enabled = $conf['services']['dns'] ? 1 : 0;
$file_server_enabled = $conf['services']['file'] ? 1 : 0;
$db_server_enabled = $conf['services']['db'] ? 1 : 0;
$vserver_server_enabled = $conf['openvz']['installed'] ? 1 : 0;
$proxy_server_enabled = $conf['services']['proxy'] ? 1 : 0;
$firewall_server_enabled = $conf['services']['firewall'] ? 1 : 0;
$sql = "UPDATE `server` SET mail_server = '{$mail_server_enabled}', web_server = '{$web_server_enabled}', dns_server = '{$dns_server_enabled}', file_server = '{$file_server_enabled}', db_server = '{$db_server_enabled}', vserver_server = '{$vserver_server_enabled}', proxy_server = '{$proxy_server_enabled}', firewall_server = '{$firewall_server_enabled}' WHERE server_id = " . intval($conf['server_id']);
if ($conf['mysql']['master_slave_setup'] == 'y') {
$this->dbmaster->query($sql);
$this->db->query($sql);
} else {
$this->db->query($sql);
}
// chown install dir to root and chmod 755
$command = 'chown root:root ' . $install_dir;
caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
$command = 'chmod 755 ' . $install_dir;
caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
//* Chmod the files and directories in the install dir
$command = 'chmod -R 750 ' . $install_dir . '/*';
caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
//* chown the interface files to the ispconfig user and group
$command = 'chown -R ispconfig:ispconfig ' . $install_dir . '/interface';
caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
//* chown the server files to the root user and group
$command = 'chown -R root:root ' . $install_dir . '/server';
caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
//* chown the security files to the root user and group
$command = 'chown -R root:root ' . $install_dir . '/security';
caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
//* chown the security directory and security_settings.ini to root:ispconfig
$command = 'chown root:ispconfig ' . $install_dir . '/security/security_settings.ini';
caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
$command = 'chown root:ispconfig ' . $install_dir . '/security';
caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
$command = 'chown root:ispconfig ' . $install_dir . '/security/ids.whitelist';
caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
$command = 'chown root:ispconfig ' . $install_dir . '/security/ids.htmlfield';
caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
$command = 'chown root:ispconfig ' . $install_dir . '/security/apache_directives.blacklist';
caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
//* Make the global language file directory group writable
exec("chmod -R 770 {$install_dir}/interface/lib/lang");
//* Make the temp directory for language file exports writable
if (is_dir($install_dir . '/interface/web/temp')) {
exec("chmod -R 770 {$install_dir}/interface/web/temp");
}
//* Make all interface language file directories group writable
$handle = @opendir($install_dir . '/interface/web');
while ($file = @readdir($handle)) {
if ($file != '.' && $file != '..') {
if (@is_dir($install_dir . '/interface/web' . '/' . $file . '/lib/lang')) {
$handle2 = opendir($install_dir . '/interface/web' . '/' . $file . '/lib/lang');
chmod($install_dir . '/interface/web' . '/' . $file . '/lib/lang', 0770);
while ($lang_file = @readdir($handle2)) {
if ($lang_file != '.' && $lang_file != '..') {
chmod($install_dir . '/interface/web' . '/' . $file . '/lib/lang/' . $lang_file, 0770);
}
}
}
}
}
//* Make the APS directories group writable
exec("chmod -R 770 {$install_dir}/interface/web/sites/aps_meta_packages");
exec("chmod -R 770 {$install_dir}/server/aps_packages");
//* make sure that the server config file (not the interface one) is only readable by the root user
chmod($install_dir . '/server/lib/config.inc.php', 0600);
chown($install_dir . '/server/lib/config.inc.php', 'root');
chgrp($install_dir . '/server/lib/config.inc.php', 'root');
//* Make sure thet the interface config file is readable by user ispconfig only
chmod($install_dir . '/interface/lib/config.inc.php', 0600);
chown($install_dir . '/interface/lib/config.inc.php', 'ispconfig');
chgrp($install_dir . '/interface/lib/config.inc.php', 'ispconfig');
chmod($install_dir . '/server/lib/remote_action.inc.php', 0600);
chown($install_dir . '/server/lib/remote_action.inc.php', 'root');
chgrp($install_dir . '/server/lib/remote_action.inc.php', 'root');
if (@is_file($install_dir . '/server/lib/mysql_clientdb.conf')) {
chmod($install_dir . '/server/lib/mysql_clientdb.conf', 0600);
chown($install_dir . '/server/lib/mysql_clientdb.conf', 'root');
chgrp($install_dir . '/server/lib/mysql_clientdb.conf', 'root');
}
if (is_dir($install_dir . '/interface/invoices')) {
exec('chmod -R 770 ' . escapeshellarg($install_dir . '/interface/invoices'));
exec('chown -R ispconfig:ispconfig ' . escapeshellarg($install_dir . '/interface/invoices'));
}
exec('chown -R root:root /usr/local/ispconfig/interface/ssl');
// TODO: FIXME: add the www-data user to the ispconfig group. This is just for testing
// and must be fixed as this will allow the apache user to read the ispconfig files.
// Later this must run as own apache server or via suexec!
if ($conf['apache']['installed'] == true) {
$command = 'adduser ' . $conf['apache']['user'] . ' ispconfig';
caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
if (is_group('ispapps')) {
$command = 'adduser ' . $conf['apache']['user'] . ' ispapps';
caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
}
}
if ($conf['nginx']['installed'] == true) {
$command = 'adduser ' . $conf['nginx']['user'] . ' ispconfig';
caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
if (is_group('ispapps')) {
$command = 'adduser ' . $conf['nginx']['user'] . ' ispapps';
caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
}
}
//* Make the shell scripts executable
$command = "chmod +x {$install_dir}/server/scripts/*.sh";
caselog($command . ' &> /dev/null', __FILE__, __LINE__, "EXECUTED: {$command}", "Failed to execute the command {$command}");
if ($conf['apache']['installed'] == true && $this->install_ispconfig_interface == true) {
//* Copy the ISPConfig vhost for the controlpanel
$vhost_conf_dir = $conf['apache']['vhost_conf_dir'];
$vhost_conf_enabled_dir = $conf['apache']['vhost_conf_enabled_dir'];
// Dont just copy over the virtualhost template but add some custom settings
$tpl = new tpl('apache_ispconfig.vhost.master');
$tpl->setVar('vhost_port', $conf['apache']['vhost_port']);
// comment out the listen directive if port is 80 or 8443
if ($conf['apache']['vhost_port'] == 80 or $conf['apache']['vhost_port'] == 8443) {
$tpl->setVar('vhost_port_listen', '#');
} else {
$tpl->setVar('vhost_port_listen', '');
}
if (is_file($install_dir . '/interface/ssl/ispserver.crt') && is_file($install_dir . '/interface/ssl/ispserver.key')) {
$tpl->setVar('ssl_comment', '');
} else {
$tpl->setVar('ssl_comment', '#');
}
if (is_file($install_dir . '/interface/ssl/ispserver.crt') && is_file($install_dir . '/interface/ssl/ispserver.key') && is_file($install_dir . '/interface/ssl/ispserver.bundle')) {
$tpl->setVar('ssl_bundle_comment', '');
} else {
$tpl->setVar('ssl_bundle_comment', '#');
}
$tpl->setVar('apache_version', getapacheversion());
wf($vhost_conf_dir . '/ispconfig.vhost', $tpl->grab());
//* and create the symlink
if ($this->is_update == false) {
if (@is_link($vhost_conf_enabled_dir . '/ispconfig.vhost')) {
unlink($vhost_conf_enabled_dir . '/ispconfig.vhost');
}
if (!@is_link($vhost_conf_enabled_dir . '/000-ispconfig.vhost')) {
symlink($vhost_conf_dir . '/ispconfig.vhost', $vhost_conf_enabled_dir . '/000-ispconfig.vhost');
}
}
//if(!is_file('/home/www/php-fcgi-scripts/ispconfig/.php-fcgi-starter')) {
$content = rfsel($conf['ispconfig_install_dir'] . '/server/conf-custom/install/apache_ispconfig_fcgi_starter.master', 'tpl/apache_ispconfig_fcgi_starter.master');
$content = str_replace('{fastcgi_bin}', $conf['fastcgi']['fastcgi_bin'], $content);
$content = str_replace('{fastcgi_phpini_path}', $conf['fastcgi']['fastcgi_phpini_path'], $content);
@mkdir('/home/www/php-fcgi-scripts/ispconfig', 0755, true);
wf('/home/www/php-fcgi-scripts/ispconfig/.php-fcgi-starter', $content);
exec('chmod +x /home/www/php-fcgi-scripts/ispconfig/.php-fcgi-starter');
@symlink($install_dir . '/interface/web', '/home/www/ispconfig');
exec('chown -R ispconfig:ispconfig /home/www/php-fcgi-scripts/ispconfig');
//}
}
if ($conf['nginx']['installed'] == true && $this->install_ispconfig_interface == true) {
//* Copy the ISPConfig vhost for the controlpanel
$vhost_conf_dir = $conf['nginx']['vhost_conf_dir'];
$vhost_conf_enabled_dir = $conf['nginx']['vhost_conf_enabled_dir'];
// Dont just copy over the virtualhost template but add some custom settings
$content = rfsel($conf['ispconfig_install_dir'] . '/server/conf-custom/install/nginx_ispconfig.vhost.master', 'tpl/nginx_ispconfig.vhost.master');
$content = str_replace('{vhost_port}', $conf['nginx']['vhost_port'], $content);
if (is_file($install_dir . '/interface/ssl/ispserver.crt') && is_file($install_dir . '/interface/ssl/ispserver.key')) {
$content = str_replace('{ssl_on}', 'on', $content);
$content = str_replace('{ssl_comment}', '', $content);
$content = str_replace('{fastcgi_ssl}', 'on', $content);
} else {
$content = str_replace('{ssl_on}', 'off', $content);
$content = str_replace('{ssl_comment}', '#', $content);
$content = str_replace('{fastcgi_ssl}', 'off', $content);
}
$socket_dir = escapeshellcmd($conf['nginx']['php_fpm_socket_dir']);
if (substr($socket_dir, -1) != '/') {
$socket_dir .= '/';
}
if (!is_dir($socket_dir)) {
exec('mkdir -p ' . $socket_dir);
}
$fpm_socket = $socket_dir . 'ispconfig.sock';
//$content = str_replace('{fpm_port}', $conf['nginx']['php_fpm_start_port'], $content);
$content = str_replace('{fpm_socket}', $fpm_socket, $content);
wf($vhost_conf_dir . '/ispconfig.vhost', $content);
unset($content);
// PHP-FPM
// Dont just copy over the php-fpm pool template but add some custom settings
$content = rfsel($conf['ispconfig_install_dir'] . '/server/conf-custom/install/php_fpm_pool.conf.master', 'tpl/php_fpm_pool.conf.master');
$content = str_replace('{fpm_pool}', 'ispconfig', $content);
//$content = str_replace('{fpm_port}', $conf['nginx']['php_fpm_start_port'], $content);
$content = str_replace('{fpm_socket}', $fpm_socket, $content);
$content = str_replace('{fpm_user}', 'ispconfig', $content);
$content = str_replace('{fpm_group}', 'ispconfig', $content);
wf($conf['nginx']['php_fpm_pool_dir'] . '/ispconfig.conf', $content);
//copy('tpl/nginx_ispconfig.vhost.master', $vhost_conf_dir.'/ispconfig.vhost');
//* and create the symlink
if ($this->is_update == false) {
if (@is_link($vhost_conf_enabled_dir . '/ispconfig.vhost')) {
unlink($vhost_conf_enabled_dir . '/ispconfig.vhost');
}
if (!@is_link($vhost_conf_enabled_dir . '/000-ispconfig.vhost')) {
symlink($vhost_conf_dir . '/ispconfig.vhost', $vhost_conf_enabled_dir . '/000-ispconfig.vhost');
}
}
}
//* Install the update script
if (is_file('/usr/local/bin/ispconfig_update_from_dev.sh')) {
unlink('/usr/local/bin/ispconfig_update_from_dev.sh');
}
chown($install_dir . '/server/scripts/update_from_dev.sh', 'root');
chmod($install_dir . '/server/scripts/update_from_dev.sh', 0700);
chown($install_dir . '/server/scripts/update_from_tgz.sh', 'root');
chmod($install_dir . '/server/scripts/update_from_tgz.sh', 0700);
chown($install_dir . '/server/scripts/ispconfig_update.sh', 'root');
chmod($install_dir . '/server/scripts/ispconfig_update.sh', 0700);
if (!is_link('/usr/local/bin/ispconfig_update_from_dev.sh')) {
symlink($install_dir . '/server/scripts/ispconfig_update.sh', '/usr/local/bin/ispconfig_update_from_dev.sh');
}
if (!is_link('/usr/local/bin/ispconfig_update.sh')) {
symlink($install_dir . '/server/scripts/ispconfig_update.sh', '/usr/local/bin/ispconfig_update.sh');
}
//* Make the logs readable for the ispconfig user
if (@is_file('/var/log/mail.log')) {
exec('chmod +r /var/log/mail.log');
}
if (@is_file('/var/log/mail.warn')) {
exec('chmod +r /var/log/mail.warn');
}
if (@is_file('/var/log/mail.err')) {
exec('chmod +r /var/log/mail.err');
}
if (@is_file('/var/log/messages')) {
exec('chmod +r /var/log/messages');
}
if (@is_file('/var/log/clamav/clamav.log')) {
exec('chmod +r /var/log/clamav/clamav.log');
}
if (@is_file('/var/log/clamav/freshclam.log')) {
exec('chmod +r /var/log/clamav/freshclam.log');
}
//* Create the ispconfig log file and directory
if (!is_file($conf['ispconfig_log_dir'] . '/ispconfig.log')) {
if (!is_dir($conf['ispconfig_log_dir'])) {
mkdir($conf['ispconfig_log_dir'], 0755);
}
touch($conf['ispconfig_log_dir'] . '/ispconfig.log');
}
//* Create the ispconfig auth log file and set uid/gid
if (!is_file($conf['ispconfig_log_dir'] . '/auth.log')) {
touch($conf['ispconfig_log_dir'] . '/auth.log');
}
exec('chown ispconfig:ispconfig ' . $conf['ispconfig_log_dir'] . '/auth.log');
exec('chmod 660 ' . $conf['ispconfig_log_dir'] . '/auth.log');
if (is_user('getmail')) {
rename($install_dir . '/server/scripts/run-getmail.sh', '/usr/local/bin/run-getmail.sh');
if (is_user('getmail')) {
chown('/usr/local/bin/run-getmail.sh', 'getmail');
}
chmod('/usr/local/bin/run-getmail.sh', 0744);
}
//* Add Log-Rotation
if (is_dir('/etc/logrotate.d')) {
@unlink('/etc/logrotate.d/logispc3');
// ignore, if the file is not there
/* We rotate these logs in cron_daily.php
$fh = fopen('/etc/logrotate.d/logispc3', 'w');
fwrite($fh,
"$conf['ispconfig_log_dir']/ispconfig.log { \n" .
" weekly \n" .
" missingok \n" .
" rotate 4 \n" .
" compress \n" .
" delaycompress \n" .
"} \n" .
"$conf['ispconfig_log_dir']/cron.log { \n" .
" weekly \n" .
" missingok \n" .
" rotate 4 \n" .
" compress \n" .
" delaycompress \n" .
"}");
fclose($fh);
*/
}
//* Remove Domain module as its functions are available in the client module now
if (@is_dir('/usr/local/ispconfig/interface/web/domain')) {
exec('rm -rf /usr/local/ispconfig/interface/web/domain');
}
//* Disable rkhunter run and update in debian cronjob as ispconfig is running and updating rkhunter
if (is_file('/etc/default/rkhunter')) {
replaceLine('/etc/default/rkhunter', 'CRON_DAILY_RUN="yes"', 'CRON_DAILY_RUN="no"', 1, 0);
replaceLine('/etc/default/rkhunter', 'CRON_DB_UPDATE="yes"', 'CRON_DB_UPDATE="no"', 1, 0);
}
// Add symlink for patch tool
if (!is_link('/usr/local/bin/ispconfig_patch')) {
exec('ln -s /usr/local/ispconfig/server/scripts/ispconfig_patch /usr/local/bin/ispconfig_patch');
}
// Change mode of a few files from amavisd
if (is_file($conf['amavis']['config_dir'] . '/conf.d/50-user')) {
chmod($conf['amavis']['config_dir'] . '/conf.d/50-user', 0640);
}
if (is_file($conf['amavis']['config_dir'] . '/50-user~')) {
chmod($conf['amavis']['config_dir'] . '/50-user~', 0400);
}
if (is_file($conf['amavis']['config_dir'] . '/amavisd.conf')) {
chmod($conf['amavis']['config_dir'] . '/amavisd.conf', 0640);
}
if (is_file($conf['amavis']['config_dir'] . '/amavisd.conf~')) {
chmod($conf['amavis']['config_dir'] . '/amavisd.conf~', 0400);
}
}
