/smtp or to syslog
+$rcmail_config['smtp_debug'] = false;
+
+// ----------------------------------
+// IMAP
+// ----------------------------------
+
+// the mail host chosen to perform the log-in
+// leave blank to show a textbox at login, give a list of hosts
+// to display a pulldown menu or set one host as string.
+// To use SSL/TLS connection, enter hostname with prefix ssl:// or tls://
+// Supported replacement variables:
+// %n - http hostname ($_SERVER['SERVER_NAME'])
+// %d - domain (http hostname without the first part)
+// %s - domain name after the '@' from e-mail address provided at login screen
+// For example %n = mail.domain.tld, %d = domain.tld
+$rcmail_config['default_host'] = 'localhost';
+
+// TCP port used for IMAP connections
+$rcmail_config['default_port'] = 143;
+
+// IMAP AUTH type (DIGEST-MD5, CRAM-MD5, LOGIN, PLAIN or empty to use
+// best server supported one)
+$rcmail_config['imap_auth_type'] = null;
+
+// If you know your imap's folder delimiter, you can specify it here.
+// Otherwise it will be determined automatically
+$rcmail_config['imap_delimiter'] = null;
+
+// If IMAP server doesn't support NAMESPACE extension, but you're
+// using shared folders or personal root folder is non-empty, you'll need to
+// set these options. All can be strings or arrays of strings.
+// Folders need to be ended with directory separator, e.g. "INBOX."
+// (special directory "~" is an exception to this rule)
+// These can be used also to overwrite server's namespaces
+$rcmail_config['imap_ns_personal'] = null;
+$rcmail_config['imap_ns_other'] = null;
+$rcmail_config['imap_ns_shared'] = null;
+
+// By default IMAP capabilities are readed after connection to IMAP server
+// In some cases, e.g. when using IMAP proxy, there's a need to refresh the list
+// after login. Set to True if you've got this case.
+$rcmail_config['imap_force_caps'] = false;
+
+// By default list of subscribed folders is determined using LIST-EXTENDED
+// extension if available. Some servers (dovecot 1.x) returns wrong results
+// for shared namespaces in this case. http://trac.roundcube.net/ticket/1486225
+// Enable this option to force LSUB command usage instead.
+$rcmail_config['imap_force_lsub'] = false;
+
+// Some server configurations (e.g. Courier) doesn't list folders in all namespaces
+// Enable this option to force listing of folders in all namespaces
+$rcmail_config['imap_force_ns'] = false;
+
+// IMAP connection timeout, in seconds. Default: 0 (no limit)
+$rcmail_config['imap_timeout'] = 0;
+
+// Optional IMAP authentication identifier to be used as authorization proxy
+$rcmail_config['imap_auth_cid'] = null;
+
+// Optional IMAP authentication password to be used for imap_auth_cid
+$rcmail_config['imap_auth_pw'] = null;
+
+// Type of IMAP indexes cache. Supported values: 'db', 'apc' and 'memcache'.
+$rcmail_config['imap_cache'] = null;
+
+// Enables messages cache. Only 'db' cache is supported.
+$rcmail_config['messages_cache'] = false;
+
+
+// ----------------------------------
+// SMTP
+// ----------------------------------
+
+// SMTP server host (for sending mails).
+// To use SSL/TLS connection, enter hostname with prefix ssl:// or tls://
+// If left blank, the PHP mail() function is used
+// Supported replacement variables:
+// %h - user's IMAP hostname
+// %n - http hostname ($_SERVER['SERVER_NAME'])
+// %d - domain (http hostname without the first part)
+// %z - IMAP domain (IMAP hostname without the first part)
+// For example %n = mail.domain.tld, %d = domain.tld
+$rcmail_config['smtp_server'] = '';
+
+// SMTP port (default is 25; use 587 for STARTTLS or 465 for the
+// deprecated SSL over SMTP (aka SMTPS))
+$rcmail_config['smtp_port'] = 25;
+
+// SMTP username (if required) if you use %u as the username Roundcube
+// will use the current username for login
+$rcmail_config['smtp_user'] = '';
+
+// SMTP password (if required) if you use %p as the password Roundcube
+// will use the current user's password for login
+$rcmail_config['smtp_pass'] = '';
+
+// SMTP AUTH type (DIGEST-MD5, CRAM-MD5, LOGIN, PLAIN or empty to use
+// best server supported one)
+$rcmail_config['smtp_auth_type'] = '';
+
+// Optional SMTP authentication identifier to be used as authorization proxy
+$rcmail_config['smtp_auth_cid'] = null;
+
+// Optional SMTP authentication password to be used for smtp_auth_cid
+$rcmail_config['smtp_auth_pw'] = null;
+
+// SMTP HELO host
+// Hostname to give to the remote server for SMTP 'HELO' or 'EHLO' messages
+// Leave this blank and you will get the server variable 'server_name' or
+// localhost if that isn't defined.
+$rcmail_config['smtp_helo_host'] = '';
+
+// SMTP connection timeout, in seconds. Default: 0 (no limit)
+$rcmail_config['smtp_timeout'] = 0;
+
+// ----------------------------------
+// SYSTEM
+// ----------------------------------
+include_once("/etc/roundcube/debian-db-roundcube.php");
+
+
+// THIS OPTION WILL ALLOW THE INSTALLER TO RUN AND CAN EXPOSE SENSITIVE CONFIG DATA.
+// ONLY ENABLE IT IF YOU'RE REALLY SURE WHAT YOU'RE DOING!
+$rcmail_config['enable_installer'] = false;
+
+// provide an URL where a user can get support for this Roundcube installation
+// PLEASE DO NOT LINK TO THE ROUNDCUBE.NET WEBSITE HERE!
+$rcmail_config['support_url'] = '';
+
+// replace Roundcube logo with this image
+// specify an URL relative to the document root of this Roundcube installation
+$rcmail_config['skin_logo'] = null;
+
+// automatically create a new Roundcube user when log-in the first time.
+// a new user will be created once the IMAP login succeeds.
+// set to false if only registered users can use this service
+$rcmail_config['auto_create_user'] = true;
+
+// use this folder to store log files (must be writeable for apache user)
+// This is used by the 'file' log driver.
+$rcmail_config['log_dir'] = '/var/log/roundcubemail/';
+
+// use this folder to store temp files (must be writeable for apache user)
+$rcmail_config['temp_dir'] = '/tmp';
+
+// lifetime of message cache
+// possible units: s, m, h, d, w
+$rcmail_config['message_cache_lifetime'] = '10d';
+
+// enforce connections over https
+// with this option enabled, all non-secure connections will be redirected.
+// set the port for the ssl connection as value of this option if it differs from the default 443
+$rcmail_config['force_https'] = false;
+
+// tell PHP that it should work as under secure connection
+// even if it doesn't recognize it as secure ($_SERVER['HTTPS'] is not set)
+// e.g. when you're running Roundcube behind a https proxy
+// this option is mutually exclusive to 'force_https' and only either one of them should be set to true.
+$rcmail_config['use_https'] = false;
+
+// Allow browser-autocompletion on login form.
+// 0 - disabled, 1 - username and host only, 2 - username, host, password
+$rcmail_config['login_autocomplete'] = 0;
+
+// Forces conversion of logins to lower case.
+// 0 - disabled, 1 - only domain part, 2 - domain and local part.
+// If users authentication is not case-sensitive this must be enabled.
+// After enabling it all user records need to be updated, e.g. with query:
+// UPDATE users SET username = LOWER(username);
+$rcmail_config['login_lc'] = 0;
+
+// Includes should be interpreted as PHP files
+$rcmail_config['skin_include_php'] = false;
+
+// display software version on login screen
+$rcmail_config['display_version'] = false;
+
+// Session lifetime in minutes
+// must be greater than 'keep_alive'/60
+$rcmail_config['session_lifetime'] = 10;
+
+// session domain: .example.org
+$rcmail_config['session_domain'] = '';
+
+// session name. Default: 'roundcube_sessid'
+$rcmail_config['session_name'] = null;
+
+// Backend to use for session storage. Can either be 'db' (default) or 'memcache'
+// If set to memcache, a list of servers need to be specified in 'memcache_hosts'
+// Make sure the Memcache extension (http://pecl.php.net/package/memcache) version >= 2.0.0 is installed
+$rcmail_config['session_storage'] = 'db';
+
+// Use these hosts for accessing memcached
+// Define any number of hosts in the form of hostname:port or unix:///path/to/sock.file
+$rcmail_config['memcache_hosts'] = null; // e.g. array( 'localhost:11211', '192.168.1.12:11211', 'unix:///var/tmp/memcached.sock' );
+
+// check client IP in session athorization
+$rcmail_config['ip_check'] = false;
+
+// check referer of incoming requests
+$rcmail_config['referer_check'] = false;
+
+// X-Frame-Options HTTP header value sent to prevent from Clickjacking.
+// Possible values: sameorigin|deny. Set to false in order to disable sending them
+$rcmail_config['x_frame_options'] = 'sameorigin';
+
+// this key is used to encrypt the users imap password which is stored
+// in the session record (and the client cookie if remember password is enabled).
+// please provide a string of exactly 24 chars.
+$rcmail_config['des_key'] = 'vtIOjLZo9kffJoqzpSbm5r1r';
+
+// Automatically add this domain to user names for login
+// Only for IMAP servers that require full e-mail addresses for login
+// Specify an array with 'host' => 'domain' values to support multiple hosts
+// Supported replacement variables:
+// %h - user's IMAP hostname
+// %n - http hostname ($_SERVER['SERVER_NAME'])
+// %d - domain (http hostname without the first part)
+// %z - IMAP domain (IMAP hostname without the first part)
+// For example %n = mail.domain.tld, %d = domain.tld
+$rcmail_config['username_domain'] = '';
+
+// This domain will be used to form e-mail addresses of new users
+// Specify an array with 'host' => 'domain' values to support multiple hosts
+// Supported replacement variables:
+// %h - user's IMAP hostname
+// %n - http hostname ($_SERVER['SERVER_NAME'])
+// %d - domain (http hostname without the first part)
+// %z - IMAP domain (IMAP hostname without the first part)
+// For example %n = mail.domain.tld, %d = domain.tld
+$rcmail_config['mail_domain'] = '';
+
+// Password charset.
+// Use it if your authentication backend doesn't support UTF-8.
+// Defaults to ISO-8859-1 for backward compatibility
+$rcmail_config['password_charset'] = 'ISO-8859-1';
+
+// How many seconds must pass between emails sent by a user
+$rcmail_config['sendmail_delay'] = 0;
+
+// Maximum number of recipients per message. Default: 0 (no limit)
+$rcmail_config['max_recipients'] = 0;
+
+// Maximum allowednumber of members of an address group. Default: 0 (no limit)
+// If 'max_recipients' is set this value should be less or equal
+$rcmail_config['max_group_members'] = 0;
+
+// add this user-agent to message headers when sending
+$rcmail_config['useragent'] = 'Roundcube Webmail/'.RCMAIL_VERSION;
+
+// use this name to compose page titles
+$rcmail_config['product_name'] = 'Roundcube Webmail';
+
+// try to load host-specific configuration
+// see http://trac.roundcube.net/wiki/Howto_Config for more details
+$rcmail_config['include_host_config'] = false;
+
+// path to a text file which will be added to each sent message
+// paths are relative to the Roundcube root folder
+$rcmail_config['generic_message_footer'] = '';
+
+// path to a text file which will be added to each sent HTML message
+// paths are relative to the Roundcube root folder
+$rcmail_config['generic_message_footer_html'] = '';
+
+// add a received header to outgoing mails containing the creators IP and hostname
+$rcmail_config['http_received_header'] = false;
+
+// Whether or not to encrypt the IP address and the host name
+// these could, in some circles, be considered as sensitive information;
+// however, for the administrator, these could be invaluable help
+// when tracking down issues.
+$rcmail_config['http_received_header_encrypt'] = false;
+
+// This string is used as a delimiter for message headers when sending
+// a message via mail() function. Leave empty for auto-detection
+$rcmail_config['mail_header_delimiter'] = NULL;
+
+// number of chars allowed for line when wrapping text.
+// text wrapping is done when composing/sending messages
+$rcmail_config['line_length'] = 72;
+
+// send plaintext messages as format=flowed
+$rcmail_config['send_format_flowed'] = true;
+
+// don't allow these settings to be overriden by the user
+$rcmail_config['dont_override'] = array();
+
+// Set identities access level:
+// 0 - many identities with possibility to edit all params
+// 1 - many identities with possibility to edit all params but not email address
+// 2 - one identity with possibility to edit all params
+// 3 - one identity with possibility to edit all params but not email address
+$rcmail_config['identities_level'] = 0;
+
+// Mimetypes supported by the browser.
+// attachments of these types will open in a preview window
+// either a comma-separated list or an array: 'text/plain,text/html,text/xml,image/jpeg,image/gif,image/png,application/pdf'
+$rcmail_config['client_mimetypes'] = null; # null == default
+
+// mime magic database
+$rcmail_config['mime_magic'] = null;
+
+// path to imagemagick identify binary
+$rcmail_config['im_identify_path'] = null;
+
+// path to imagemagick convert binary
+$rcmail_config['im_convert_path'] = null;
+
+// maximum size of uploaded contact photos in pixel
+$rcmail_config['contact_photo_size'] = 160;
+
+// Enable DNS checking for e-mail address validation
+$rcmail_config['email_dns_check'] = false;
+
+// ----------------------------------
+// PLUGINS
+// ----------------------------------
+
+// List of active plugins (in plugins/ directory)
+$rcmail_config['plugins'] = array('password');
+
+// ----------------------------------
+// USER INTERFACE
+// ----------------------------------
+
+// default messages sort column. Use empty value for default server's sorting,
+// or 'arrival', 'date', 'subject', 'from', 'to', 'fromto', 'size', 'cc'
+$rcmail_config['message_sort_col'] = '';
+
+// default messages sort order
+$rcmail_config['message_sort_order'] = 'DESC';
+
+// These cols are shown in the message list. Available cols are:
+// subject, from, to, fromto, cc, replyto, date, size, status, flag, attachment, 'priority'
+$rcmail_config['list_cols'] = array('subject', 'status', 'fromto', 'date', 'size', 'flag', 'attachment');
+
+// the default locale setting (leave empty for auto-detection)
+// RFC1766 formatted language name like en_US, de_DE, de_CH, fr_FR, pt_BR
+$rcmail_config['language'] = null;
+
+// use this format for date display (date or strftime format)
+$rcmail_config['date_format'] = 'Y-m-d';
+
+// give this choice of date formats to the user to select from
+$rcmail_config['date_formats'] = array('Y-m-d', 'd-m-Y', 'Y/m/d', 'm/d/Y', 'd/m/Y', 'd.m.Y', 'j.n.Y');
+
+// use this format for time display (date or strftime format)
+$rcmail_config['time_format'] = 'H:i';
+
+// give this choice of time formats to the user to select from
+$rcmail_config['time_formats'] = array('G:i', 'H:i', 'g:i a', 'h:i A');
+
+// use this format for short date display (derived from date_format and time_format)
+$rcmail_config['date_short'] = 'D H:i';
+
+// use this format for detailed date/time formatting (derived from date_format and time_format)
+$rcmail_config['date_long'] = 'Y-m-d H:i';
+
+// store draft message is this mailbox
+// leave blank if draft messages should not be stored
+// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP)
+$rcmail_config['drafts_mbox'] = 'Drafts';
+
+// store spam messages in this mailbox
+// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP)
+$rcmail_config['junk_mbox'] = 'Spam';
+
+// store sent message is this mailbox
+// leave blank if sent messages should not be stored
+// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP)
+$rcmail_config['sent_mbox'] = 'Sent';
+
+// move messages to this folder when deleting them
+// leave blank if they should be deleted directly
+// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP)
+$rcmail_config['trash_mbox'] = 'Trash';
+
+// display these folders separately in the mailbox list.
+// these folders will also be displayed with localized names
+// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP)
+$rcmail_config['default_folders'] = array('INBOX', 'Drafts', 'Sent', 'Spam', 'Trash');
+$rcmail_config['default_imap_folders'] = array('INBOX', 'Drafts', 'Sent', 'Spam', 'Trash');
+
+// automatically create the above listed default folders on first login
+$rcmail_config['create_default_folders'] = true;
+
+// protect the default folders from renames, deletes, and subscription changes
+$rcmail_config['protect_default_folders'] = true;
+
+// if in your system 0 quota means no limit set this option to true
+$rcmail_config['quota_zero_as_unlimited'] = true;
+
+// Make use of the built-in spell checker. It is based on GoogieSpell.
+// Since Google only accepts connections over https your PHP installatation
+// requires to be compiled with Open SSL support
+$rcmail_config['enable_spellcheck'] = true;
+
+// Enables spellchecker exceptions dictionary.
+// Setting it to 'shared' will make the dictionary shared by all users.
+$rcmail_config['spellcheck_dictionary'] = false;
+
+// Set the spell checking engine. 'googie' is the default. 'pspell' is also available,
+// but requires the Pspell extensions. When using Nox Spell Server, also set 'googie' here.
+$rcmail_config['spellcheck_engine'] = 'googie';
+
+// For a locally installed Nox Spell Server, please specify the URI to call it.
+// Get Nox Spell Server from http://orangoo.com/labs/?page_id=72
+// Leave empty to use the Google spell checking service, what means
+// that the message content will be sent to Google in order to check spelling
+$rcmail_config['spellcheck_uri'] = '';
+
+// These languages can be selected for spell checking.
+// Configure as a PHP style hash array: array('en'=>'English', 'de'=>'Deutsch');
+// Leave empty for default set of available language.
+$rcmail_config['spellcheck_languages'] = NULL;
+
+// Makes that words with all letters capitalized will be ignored (e.g. GOOGLE)
+$rcmail_config['spellcheck_ignore_caps'] = false;
+
+// Makes that words with numbers will be ignored (e.g. g00gle)
+$rcmail_config['spellcheck_ignore_nums'] = false;
+
+// Makes that words with symbols will be ignored (e.g. g@@gle)
+$rcmail_config['spellcheck_ignore_syms'] = false;
+
+// Use this char/string to separate recipients when composing a new message
+$rcmail_config['recipients_separator'] = ',';
+
+// don't let users set pagesize to more than this value if set
+$rcmail_config['max_pagesize'] = 200;
+
+// Minimal value of user's 'keep_alive' setting (in seconds)
+// Must be less than 'session_lifetime'
+$rcmail_config['min_keep_alive'] = 60;
+
+// Enables files upload indicator. Requires APC installed and enabled apc.rfc1867 option.
+// By default refresh time is set to 1 second. You can set this value to true
+// or any integer value indicating number of seconds.
+$rcmail_config['upload_progress'] = false;
+
+// Specifies for how many seconds the Undo button will be available
+// after object delete action. Currently used with supporting address book sources.
+// Setting it to 0, disables the feature.
+$rcmail_config['undo_timeout'] = 0;
+
+// ----------------------------------
+// ADDRESSBOOK SETTINGS
+// ----------------------------------
+
+// This indicates which type of address book to use. Possible choises:
+// 'sql' (default) and 'ldap'.
+// If set to 'ldap' then it will look at using the first writable LDAP
+// address book as the primary address book and it will not display the
+// SQL address book in the 'Address Book' view.
+$rcmail_config['address_book_type'] = 'sql';
+
+// In order to enable public ldap search, configure an array like the Verisign
+// example further below. if you would like to test, simply uncomment the example.
+// Array key must contain only safe characters, ie. a-zA-Z0-9_
+$rcmail_config['ldap_public'] = array();
+
+// If you are going to use LDAP for individual address books, you will need to
+// set 'user_specific' to true and use the variables to generate the appropriate DNs to access it.
+//
+// The recommended directory structure for LDAP is to store all the address book entries
+// under the users main entry, e.g.:
+//
+// o=root
+// ou=people
+// uid=user@domain
+// mail=contact@contactdomain
+//
+// So the base_dn would be uid=%fu,ou=people,o=root
+// The bind_dn would be the same as based_dn or some super user login.
+/*
+ * example config for Verisign directory
+ *
+$rcmail_config['ldap_public']['Verisign'] = array(
+ 'name' => 'Verisign.com',
+ // Replacement variables supported in host names:
+ // %h - user's IMAP hostname
+ // %n - http hostname ($_SERVER['SERVER_NAME'])
+ // %d - domain (http hostname without the first part)
+ // %z - IMAP domain (IMAP hostname without the first part)
+ // For example %n = mail.domain.tld, %d = domain.tld
+ 'hosts' => array('directory.verisign.com'),
+ 'port' => 389,
+ 'use_tls' => false,
+ 'ldap_version' => 3, // using LDAPv3
+ 'user_specific' => false, // If true the base_dn, bind_dn and bind_pass default to the user's IMAP login.
+ // %fu - The full username provided, assumes the username is an email
+ // address, uses the username_domain value if not an email address.
+ // %u - The username prior to the '@'.
+ // %d - The domain name after the '@'.
+ // %dc - The domain name hierarchal string e.g. "dc=test,dc=domain,dc=com"
+ // %dn - DN found by ldap search when search_filter/search_base_dn are used
+ 'base_dn' => '',
+ 'bind_dn' => '',
+ 'bind_pass' => '',
+ // It's possible to bind for an individual address book
+ // The login name is used to search for the DN to bind with
+ 'search_base_dn' => '',
+ 'search_filter' => '', // e.g. '(&(objectClass=posixAccount)(uid=%u))'
+ // DN and password to bind as before searching for bind DN, if anonymous search is not allowed
+ 'search_bind_dn' => '',
+ 'search_bind_pw' => '',
+ // Default for %dn variable if search doesn't return DN value
+ 'search_dn_default' => '',
+ // Optional authentication identifier to be used as SASL authorization proxy
+ // bind_dn need to be empty
+ 'auth_cid' => '',
+ // SASL authentication method (for proxy auth), e.g. DIGEST-MD5
+ 'auth_method' => '',
+ // Indicates if the addressbook shall be hidden from the list.
+ // With this option enabled you can still search/view contacts.
+ 'hidden' => false,
+ // Indicates if the addressbook shall not list contacts but only allows searching.
+ 'searchonly' => false,
+ // Indicates if we can write to the LDAP directory or not.
+ // If writable is true then these fields need to be populated:
+ // LDAP_Object_Classes, required_fields, LDAP_rdn
+ 'writable' => false,
+ // To create a new contact these are the object classes to specify
+ // (or any other classes you wish to use).
+ 'LDAP_Object_Classes' => array('top', 'inetOrgPerson'),
+ // The RDN field that is used for new entries, this field needs
+ // to be one of the search_fields, the base of base_dn is appended
+ // to the RDN to insert into the LDAP directory.
+ 'LDAP_rdn' => 'cn',
+ // The required fields needed to build a new contact as required by
+ // the object classes (can include additional fields not required by the object classes).
+ 'required_fields' => array('cn', 'sn', 'mail'),
+ 'search_fields' => array('mail', 'cn'), // fields to search in
+ // mapping of contact fields to directory attributes
+ // for every attribute one can specify the number of values (limit) allowed.
+ // default is 1, a wildcard * means unlimited
+ 'fieldmap' => array(
+ // Roundcube => LDAP:limit
+ 'name' => 'cn',
+ 'surname' => 'sn',
+ 'firstname' => 'givenName',
+ 'title' => 'title',
+ 'email' => 'mail:*',
+ 'phone:home' => 'homePhone',
+ 'phone:work' => 'telephoneNumber',
+ 'phone:mobile' => 'mobile',
+ 'phone:pager' => 'pager',
+ 'street' => 'street',
+ 'zipcode' => 'postalCode',
+ 'region' => 'st',
+ 'locality' => 'l',
+// if you uncomment country, you need to modify 'sub_fields' above
+// 'country' => 'c',
+ 'department' => 'departmentNumber',
+ 'notes' => 'description',
+// these currently don't work:
+// 'phone:workfax' => 'facsimileTelephoneNumber',
+// 'photo' => 'jpegPhoto',
+// 'organization' => 'o',
+// 'manager' => 'manager',
+// 'assistant' => 'secretary',
+ ),
+ // Map of contact sub-objects (attribute name => objectClass(es)), e.g. 'c' => 'country'
+ 'sub_fields' => array(),
+ 'sort' => 'cn', // The field to sort the listing by.
+ 'scope' => 'sub', // search mode: sub|base|list
+ 'filter' => '(objectClass=inetOrgPerson)', // used for basic listing (if not empty) and will be &'d with search queries. example: status=act
+ 'fuzzy_search' => true, // server allows wildcard search
+ 'vlv' => false, // Enable Virtual List View to more efficiently fetch paginated data (if server supports it)
+ 'numsub_filter' => '(objectClass=organizationalUnit)', // with VLV, we also use numSubOrdinates to query the total number of records. Set this filter to get all numSubOrdinates attributes for counting
+ 'sizelimit' => '0', // Enables you to limit the count of entries fetched. Setting this to 0 means no limit.
+ 'timelimit' => '0', // Sets the number of seconds how long is spend on the search. Setting this to 0 means no limit.
+ 'referrals' => true|false, // Sets the LDAP_OPT_REFERRALS option. Mostly used in multi-domain Active Directory setups
+
+ // definition for contact groups (uncomment if no groups are supported)
+ // for the groups base_dn, the user replacements %fu, %u, $d and %dc work as for base_dn (see above)
+ // if the groups base_dn is empty, the contact base_dn is used for the groups as well
+ // -> in this case, assure that groups and contacts are separated due to the concernig filters!
+ 'groups' => array(
+ 'base_dn' => '',
+ 'scope' => 'sub', // search mode: sub|base|list
+ 'filter' => '(objectClass=groupOfNames)',
+ 'object_classes' => array("top", "groupOfNames"),
+ 'member_attr' => 'member', // name of the member attribute, e.g. uniqueMember
+ 'name_attr' => 'cn', // attribute to be used as group name
+ ),
+);
+*/
+
+// An ordered array of the ids of the addressbooks that should be searched
+// when populating address autocomplete fields server-side. ex: array('sql','Verisign');
+$rcmail_config['autocomplete_addressbooks'] = array('sql');
+
+// The minimum number of characters required to be typed in an autocomplete field
+// before address books will be searched. Most useful for LDAP directories that
+// may need to do lengthy results building given overly-broad searches
+$rcmail_config['autocomplete_min_length'] = 1;
+
+// Number of parallel autocomplete requests.
+// If there's more than one address book, n parallel (async) requests will be created,
+// where each request will search in one address book. By default (0), all address
+// books are searched in one request.
+$rcmail_config['autocomplete_threads'] = 0;
+
+// Max. numer of entries in autocomplete popup. Default: 15.
+$rcmail_config['autocomplete_max'] = 15;
+
+// show address fields in this order
+// available placeholders: {street}, {locality}, {zipcode}, {country}, {region}
+$rcmail_config['address_template'] = '{street}
{locality} {zipcode}
{country} {region}';
+
+// Matching mode for addressbook search (including autocompletion)
+// 0 - partial (*abc*), default
+// 1 - strict (abc)
+// 2 - prefix (abc*)
+// Note: For LDAP sources fuzzy_search must be enabled to use 'partial' or 'prefix' mode
+$rcmail_config['addressbook_search_mode'] = 0;
+
+// ----------------------------------
+// USER PREFERENCES
+// ----------------------------------
+
+// Use this charset as fallback for message decoding
+//$rcmail_config['default_charset'] = 'ISO-8859-1';
+$rcmail_config['default_charset'] = 'UTF-8';
+
+// skin name: folder from skins/
+$rcmail_config['skin'] = 'larry';
+
+// show up to X items in messages list view
+$rcmail_config['mail_pagesize'] = 50;
+
+// show up to X items in contacts list view
+$rcmail_config['addressbook_pagesize'] = 50;
+
+// sort contacts by this col (preferably either one of name, firstname, surname)
+$rcmail_config['addressbook_sort_col'] = 'surname';
+
+// the way how contact names are displayed in the list
+// 0: display name
+// 1: (prefix) firstname middlename surname (suffix)
+// 2: (prefix) surname firstname middlename (suffix)
+// 3: (prefix) surname, firstname middlename (suffix)
+$rcmail_config['addressbook_name_listing'] = 0;
+
+// use this timezone to display date/time
+// valid timezone identifers are listed here: php.net/manual/en/timezones.php
+// 'auto' will use the browser's timezone settings
+$rcmail_config['timezone'] = 'auto';
+
+// prefer displaying HTML messages
+$rcmail_config['prefer_html'] = true;
+
+// display remote inline images
+// 0 - Never, always ask
+// 1 - Ask if sender is not in address book
+// 2 - Always show inline images
+$rcmail_config['show_images'] = 0;
+
+// compose html formatted messages by default
+// 0 - never, 1 - always, 2 - on reply to HTML message only
+$rcmail_config['htmleditor'] = 0;
+
+// show pretty dates as standard
+$rcmail_config['prettydate'] = true;
+
+// save compose message every 30 seconds
+$rcmail_config['draft_autosave'] = 30;
+
+// default setting if preview pane is enabled
+$rcmail_config['preview_pane'] = false;
+
+// Mark as read when viewed in preview pane (delay in seconds)
+// Set to -1 if messages in preview pane should not be marked as read
+$rcmail_config['preview_pane_mark_read'] = 0;
+
+// Clear Trash on logout
+$rcmail_config['logout_purge'] = false;
+
+// Compact INBOX on logout
+$rcmail_config['logout_expunge'] = false;
+
+// Display attached images below the message body
+$rcmail_config['inline_images'] = true;
+
+// Encoding of long/non-ascii attachment names:
+// 0 - Full RFC 2231 compatible
+// 1 - RFC 2047 for 'name' and RFC 2231 for 'filename' parameter (Thunderbird's default)
+// 2 - Full 2047 compatible
+$rcmail_config['mime_param_folding'] = 1;
+
+// Set true if deleted messages should not be displayed
+// This will make the application run slower
+$rcmail_config['skip_deleted'] = false;
+
+// Set true to Mark deleted messages as read as well as deleted
+// False means that a message's read status is not affected by marking it as deleted
+$rcmail_config['read_when_deleted'] = true;
+
+// Set to true to never delete messages immediately
+// Use 'Purge' to remove messages marked as deleted
+$rcmail_config['flag_for_deletion'] = false;
+
+// Default interval for keep-alive/check-recent requests (in seconds)
+// Must be greater than or equal to 'min_keep_alive' and less than 'session_lifetime'
+$rcmail_config['keep_alive'] = 60;
+
+// If true all folders will be checked for recent messages
+$rcmail_config['check_all_folders'] = false;
+
+// If true, after message delete/move, the next message will be displayed
+$rcmail_config['display_next'] = false;
+
+// 0 - Do not expand threads
+// 1 - Expand all threads automatically
+// 2 - Expand only threads with unread messages
+$rcmail_config['autoexpand_threads'] = 0;
+
+// When replying place cursor above original message (top posting)
+$rcmail_config['top_posting'] = false;
+
+// When replying strip original signature from message
+$rcmail_config['strip_existing_sig'] = true;
+
+// Show signature:
+// 0 - Never
+// 1 - Always
+// 2 - New messages only
+// 3 - Forwards and Replies only
+$rcmail_config['show_sig'] = 1;
+
+// When replying or forwarding place sender's signature above existing message
+$rcmail_config['sig_above'] = false;
+
+// Use MIME encoding (quoted-printable) for 8bit characters in message body
+$rcmail_config['force_7bit'] = false;
+
+// Defaults of the search field configuration.
+// The array can contain a per-folder list of header fields which should be considered when searching
+// The entry with key '*' stands for all folders which do not have a specific list set.
+// Please note that folder names should to be in sync with $rcmail_config['default_folders']
+$rcmail_config['search_mods'] = null; // Example: array('*' => array('subject'=>1, 'from'=>1), 'Sent' => array('subject'=>1, 'to'=>1));
+
+// Defaults of the addressbook search field configuration.
+$rcmail_config['addressbook_search_mods'] = null; // Example: array('name'=>1, 'firstname'=>1, 'surname'=>1, 'email'=>1, '*'=>1);
+
+// 'Delete always'
+// This setting reflects if mail should be always deleted
+// when moving to Trash fails. This is necessary in some setups
+// when user is over quota and Trash is included in the quota.
+$rcmail_config['delete_always'] = false;
+
+// Directly delete messages in Junk instead of moving to Trash
+$rcmail_config['delete_junk'] = true;
+
+// Behavior if a received message requests a message delivery notification (read receipt)
+// 0 = ask the user, 1 = send automatically, 2 = ignore (never send or ask)
+// 3 = send automatically if sender is in addressbook, otherwise ask the user
+// 4 = send automatically if sender is in addressbook, otherwise ignore
+$rcmail_config['mdn_requests'] = 0;
+
+// Return receipt checkbox default state
+$rcmail_config['mdn_default'] = 0;
+
+// Delivery Status Notification checkbox default state
+$rcmail_config['dsn_default'] = 0;
+
+// Place replies in the folder of the message being replied to
+$rcmail_config['reply_same_folder'] = false;
+
+// Sets default mode of Forward feature to "forward as attachment"
+$rcmail_config['forward_attachment'] = false;
+
+// Defines address book (internal index) to which new contacts will be added
+// By default it is the first writeable addressbook.
+// Note: Use '0' for built-in address book.
+$rcmail_config['default_addressbook'] = null;
+
+// Enables spell checking before sending a message.
+$rcmail_config['spellcheck_before_send'] = false;
+
+// Skip alternative email addresses in autocompletion (show one address per contact)
+$rcmail_config['autocomplete_single'] = false;
+
+// Default font for composed HTML message.
+// Supported values: Andale Mono, Arial, Arial Black, Book Antiqua, Courier New,
+// Georgia, Helvetica, Impact, Tahoma, Terminal, Times New Roman, Trebuchet MS, Verdana
+$rcmail_config['default_font'] = '';
+
+// end of config file
diff --git a/install/ubuntu/17.04/roundcube/vesta.php b/install/ubuntu/17.04/roundcube/vesta.php
new file mode 100644
index 00000000..99e1d4bc
--- /dev/null
+++ b/install/ubuntu/17.04/roundcube/vesta.php
@@ -0,0 +1,71 @@
+
+ */
+
+ function password_save($curpass, $passwd)
+ {
+ $rcmail = rcmail::get_instance();
+ $vesta_host = $rcmail->config->get('password_vesta_host');
+
+ if (empty($vesta_host))
+ {
+ $vesta_host = 'localhost';
+ }
+
+ $vesta_port = $rcmail->config->get('password_vesta_port');
+ if (empty($vesta_port))
+ {
+ $vesta_port = '8083';
+ }
+
+ $postvars = array(
+ 'email' => $_SESSION['username'],
+ 'password' => $curpass,
+ 'new' => $passwd
+ );
+
+ $postdata = http_build_query($postvars);
+
+ $send = 'POST /reset/mail/ HTTP/1.1' . PHP_EOL;
+ $send .= 'Host: ' . $vesta_host . PHP_EOL;
+ $send .= 'User-Agent: PHP Script' . PHP_EOL;
+ $send .= 'Content-length: ' . strlen($postdata) . PHP_EOL;
+ $send .= 'Content-type: application/x-www-form-urlencoded' . PHP_EOL;
+ $send .= 'Connection: close' . PHP_EOL;
+ $send .= PHP_EOL;
+ $send .= $postdata . PHP_EOL . PHP_EOL;
+
+ //$fp = fsockopen('ssl://' . $vesta_host, $vesta_port);
+ $errno = "";
+ $errstr = "";
+ $context = stream_context_create();
+ $result = stream_context_set_option($context, 'ssl', 'verify_peer', false);
+ $result = stream_context_set_option($context, 'ssl', 'verify_peer_name', false);
+ $result = stream_context_set_option($context, 'ssl', 'verify_host', false);
+ $result = stream_context_set_option($context, 'ssl', 'allow_self_signed', true);
+
+ $fp = stream_socket_client('ssl://' . $vesta_host . ':'.$vesta_port, $errno, $errstr, 60, STREAM_CLIENT_CONNECT, $context);
+ fputs($fp, $send);
+ $result = fread($fp, 2048);
+ fclose($fp);
+
+ $fp = fopen("/tmp/roundcube.log", 'w');
+ fwrite($fp, "test ok");
+ fwrite($fp, "\n");
+ fclose($fp);
+
+
+ if(strpos($result, 'ok') && !strpos($result, 'error'))
+ {
+ return PASSWORD_SUCCESS;
+ }
+ else {
+ return PASSWORD_ERROR;
+ }
+
+ }
diff --git a/install/ubuntu/17.04/sudo/admin b/install/ubuntu/17.04/sudo/admin
new file mode 100644
index 00000000..4226bdd4
--- /dev/null
+++ b/install/ubuntu/17.04/sudo/admin
@@ -0,0 +1,8 @@
+# Created by vesta installer
+Defaults env_keep="VESTA"
+Defaults:admin !syslog
+Defaults:admin !requiretty
+Defaults:root !requiretty
+
+admin ALL=(ALL) ALL
+admin ALL=NOPASSWD:/usr/local/vesta/bin/*
diff --git a/install/ubuntu/17.04/templates/dns/child-ns.tpl b/install/ubuntu/17.04/templates/dns/child-ns.tpl
new file mode 100755
index 00000000..42c046e4
--- /dev/null
+++ b/install/ubuntu/17.04/templates/dns/child-ns.tpl
@@ -0,0 +1,14 @@
+ID='1' RECORD='@' TYPE='NS' PRIORITY='' VALUE='ns1.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='2' RECORD='@' TYPE='NS' PRIORITY='' VALUE='ns2.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='3' RECORD='@' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='4' RECORD='ns1' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='5' RECORD='ns2' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='6' RECORD='www' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='7' RECORD='ftp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='8' RECORD='mail' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='9' RECORD='smtp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='10' RECORD='pop' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='11' RECORD='imap' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='12' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='mail.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='13' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"v=spf1 a mx ip4:%ip% ~all"' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='14' RECORD='_dmarc' TYPE='TXT' PRIORITY='' VALUE='"v=DMARC1; p=none"' SUSPENDED='no' TIME='%time%' DATE='%date%'
diff --git a/install/ubuntu/17.04/templates/dns/default.tpl b/install/ubuntu/17.04/templates/dns/default.tpl
new file mode 100755
index 00000000..e0a37e62
--- /dev/null
+++ b/install/ubuntu/17.04/templates/dns/default.tpl
@@ -0,0 +1,18 @@
+ID='1' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns1%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='2' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns2%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='3' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns3%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='4' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns4%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='5' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns5%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='6' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns6%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='7' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns7%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='8' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns8%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='9' RECORD='@' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='10' RECORD='www' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='11' RECORD='ftp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='12' RECORD='mail' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='13' RECORD='smtp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='14' RECORD='pop' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='15' RECORD='imap' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='16' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='mail.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='17' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"v=spf1 a mx ip4:%ip% ~all"' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='18' RECORD='_dmarc' TYPE='TXT' PRIORITY='' VALUE='"v=DMARC1; p=none"' SUSPENDED='no' TIME='%time%' DATE='%date%'
diff --git a/install/ubuntu/17.04/templates/dns/gmail.tpl b/install/ubuntu/17.04/templates/dns/gmail.tpl
new file mode 100755
index 00000000..219c9d24
--- /dev/null
+++ b/install/ubuntu/17.04/templates/dns/gmail.tpl
@@ -0,0 +1,12 @@
+ID='1' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns1%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='2' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns2%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='3' RECORD='@' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='4' RECORD='ftp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='5' RECORD='localhost' TYPE='A' PRIORITY='' VALUE='127.0.0.1' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='6' RECORD='www' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='7' RECORD='@' TYPE='MX' PRIORITY='1' VALUE='ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='8' RECORD='@' TYPE='MX' PRIORITY='5' VALUE='ALT1.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='9' RECORD='@' TYPE='MX' PRIORITY='5' VALUE='ALT2.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='10' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='ALT3.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='11' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='ALT4.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='12' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"v=spf1 a mx ip4:%ip% include:_spf.google.com ~all"' SUSPENDED='no' TIME='%time%' DATE='%date%'
diff --git a/install/ubuntu/17.04/templates/web/apache2/basedir.stpl b/install/ubuntu/17.04/templates/web/apache2/basedir.stpl
new file mode 100644
index 00000000..d978d4c4
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/apache2/basedir.stpl
@@ -0,0 +1,44 @@
+
+
+ ServerName %domain_idn%
+ %alias_string%
+ ServerAdmin %email%
+ DocumentRoot %sdocroot%
+ ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/
+ Alias /vstats/ %home%/%user%/web/%domain%/stats/
+ Alias /error/ %home%/%user%/web/%domain%/document_errors/
+ #SuexecUserGroup %user% %group%
+ CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes
+ CustomLog /var/log/%web_system%/domains/%domain%.log combined
+ ErrorLog /var/log/%web_system%/domains/%domain%.error.log
+
+ AllowOverride All
+ SSLRequireSSL
+ Options +Includes -Indexes +ExecCGI
+ php_admin_value open_basedir %docroot%:%home%/%user%/tmp
+ php_admin_value upload_tmp_dir %home%/%user%/tmp
+ php_admin_value session.save_path %home%/%user%/tmp
+ php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%"
+
+
+ AllowOverride All
+
+ SSLEngine on
+ SSLVerifyClient none
+ SSLCertificateFile %ssl_crt%
+ SSLCertificateKeyFile %ssl_key%
+ %ssl_ca_str%SSLCertificateChainFile %ssl_ca%
+
+
+ RMode config
+ RUidGid %user% %group%
+ RGroups www-data
+
+
+ AssignUserID %user% %group%
+
+
+ IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf*
+
+
+
diff --git a/install/ubuntu/17.04/templates/web/apache2/basedir.tpl b/install/ubuntu/17.04/templates/web/apache2/basedir.tpl
new file mode 100644
index 00000000..96c94a1b
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/apache2/basedir.tpl
@@ -0,0 +1,38 @@
+
+
+ ServerName %domain_idn%
+ %alias_string%
+ ServerAdmin %email%
+ DocumentRoot %docroot%
+ ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/
+ Alias /vstats/ %home%/%user%/web/%domain%/stats/
+ Alias /error/ %home%/%user%/web/%domain%/document_errors/
+ #SuexecUserGroup %user% %group%
+ CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes
+ CustomLog /var/log/%web_system%/domains/%domain%.log combined
+ ErrorLog /var/log/%web_system%/domains/%domain%.error.log
+
+ AllowOverride All
+ Options +Includes -Indexes +ExecCGI
+ php_admin_value open_basedir %docroot%:%home%/%user%/tmp
+ php_admin_value upload_tmp_dir %home%/%user%/tmp
+ php_admin_value session.save_path %home%/%user%/tmp
+ php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%"
+
+
+ AllowOverride All
+
+
+
+ RMode config
+ RUidGid %user% %group%
+ RGroups www-data
+
+
+ AssignUserID %user% %group%
+
+
+ IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf*
+
+
+
diff --git a/install/ubuntu/17.04/templates/web/apache2/default.stpl b/install/ubuntu/17.04/templates/web/apache2/default.stpl
new file mode 100644
index 00000000..ec34c279
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/apache2/default.stpl
@@ -0,0 +1,43 @@
+
+
+ ServerName %domain_idn%
+ %alias_string%
+ ServerAdmin %email%
+ DocumentRoot %sdocroot%
+ ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/
+ Alias /vstats/ %home%/%user%/web/%domain%/stats/
+ Alias /error/ %home%/%user%/web/%domain%/document_errors/
+ #SuexecUserGroup %user% %group%
+ CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes
+ CustomLog /var/log/%web_system%/domains/%domain%.log combined
+ ErrorLog /var/log/%web_system%/domains/%domain%.error.log
+
+ AllowOverride All
+ SSLRequireSSL
+ Options +Includes -Indexes +ExecCGI
+ php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp
+ php_admin_value upload_tmp_dir %home%/%user%/tmp
+ php_admin_value session.save_path %home%/%user%/tmp
+
+
+ AllowOverride All
+
+ SSLEngine on
+ SSLVerifyClient none
+ SSLCertificateFile %ssl_crt%
+ SSLCertificateKeyFile %ssl_key%
+ %ssl_ca_str%SSLCertificateChainFile %ssl_ca%
+
+
+ RMode config
+ RUidGid %user% %group%
+ RGroups www-data
+
+
+ AssignUserID %user% %group%
+
+
+ IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf*
+
+
+
diff --git a/install/ubuntu/17.04/templates/web/apache2/default.tpl b/install/ubuntu/17.04/templates/web/apache2/default.tpl
new file mode 100644
index 00000000..3a227015
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/apache2/default.tpl
@@ -0,0 +1,37 @@
+
+
+ ServerName %domain_idn%
+ %alias_string%
+ ServerAdmin %email%
+ DocumentRoot %docroot%
+ ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/
+ Alias /vstats/ %home%/%user%/web/%domain%/stats/
+ Alias /error/ %home%/%user%/web/%domain%/document_errors/
+ #SuexecUserGroup %user% %group%
+ CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes
+ CustomLog /var/log/%web_system%/domains/%domain%.log combined
+ ErrorLog /var/log/%web_system%/domains/%domain%.error.log
+
+ AllowOverride All
+ Options +Includes -Indexes +ExecCGI
+ php_admin_value open_basedir %docroot%:%home%/%user%/tmp
+ php_admin_value upload_tmp_dir %home%/%user%/tmp
+ php_admin_value session.save_path %home%/%user%/tmp
+
+
+ AllowOverride All
+
+
+
+ RMode config
+ RUidGid %user% %group%
+ RGroups www-data
+
+
+ AssignUserID %user% %group%
+
+
+ IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf*
+
+
+
diff --git a/install/ubuntu/17.04/templates/web/apache2/hosting.stpl b/install/ubuntu/17.04/templates/web/apache2/hosting.stpl
new file mode 100644
index 00000000..8892072b
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/apache2/hosting.stpl
@@ -0,0 +1,49 @@
+
+
+ ServerName %domain_idn%
+ %alias_string%
+ ServerAdmin %email%
+ DocumentRoot %sdocroot%
+ ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/
+ Alias /vstats/ %home%/%user%/web/%domain%/stats/
+ Alias /error/ %home%/%user%/web/%domain%/document_errors/
+ #SuexecUserGroup %user% %group%
+ CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes
+ CustomLog /var/log/%web_system%/domains/%domain%.log combined
+ ErrorLog /var/log/%web_system%/domains/%domain%.error.log
+
+ AllowOverride All
+ SSLRequireSSL
+ Options +Includes -Indexes +ExecCGI
+ php_admin_value upload_max_filesize 10M
+ php_admin_value max_execution_time 20
+ php_admin_value post_max_size 8M
+ php_admin_value memory_limit 32M
+ php_admin_flag mysql.allow_persistent off
+ php_admin_flag safe_mode off
+ php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%"
+ php_admin_value open_basedir %docroot%:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube
+ php_admin_value upload_tmp_dir %home%/%user%/tmp
+ php_admin_value session.save_path %home%/%user%/tmp
+
+
+ AllowOverride All
+
+ SSLEngine on
+ SSLVerifyClient none
+ SSLCertificateFile %ssl_crt%
+ SSLCertificateKeyFile %ssl_key%
+ %ssl_ca_str%SSLCertificateChainFile %ssl_ca%
+
+ RMode config
+ RUidGid %user% %group%
+ RGroups www-data
+
+
+ AssignUserID %user% %group%
+
+
+ IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf*
+
+
+
diff --git a/install/ubuntu/17.04/templates/web/apache2/hosting.tpl b/install/ubuntu/17.04/templates/web/apache2/hosting.tpl
new file mode 100644
index 00000000..1eb26910
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/apache2/hosting.tpl
@@ -0,0 +1,43 @@
+
+
+ ServerName %domain_idn%
+ %alias_string%
+ ServerAdmin %email%
+ DocumentRoot %docroot%
+ ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/
+ Alias /vstats/ %home%/%user%/web/%domain%/stats/
+ Alias /error/ %home%/%user%/web/%domain%/document_errors/
+ #SuexecUserGroup %user% %group%
+ CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes
+ CustomLog /var/log/%web_system%/domains/%domain%.log combined
+ ErrorLog /var/log/%web_system%/domains/%domain%.error.log
+
+ AllowOverride All
+ Options +Includes -Indexes +ExecCGI
+ php_admin_value upload_max_filesize 10M
+ php_admin_value max_execution_time 20
+ php_admin_value post_max_size 8M
+ php_admin_value memory_limit 32M
+ php_admin_flag mysql.allow_persistent off
+ php_admin_flag safe_mode off
+ php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%"
+ php_admin_value open_basedir %docroot%:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube
+ php_admin_value upload_tmp_dir %home%/%user%/tmp
+ php_admin_value session.save_path %home%/%user%/tmp
+
+
+ AllowOverride All
+
+
+ RMode config
+ RUidGid %user% %group%
+ RGroups www-data
+
+
+ AssignUserID %user% %group%
+
+
+ IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf*
+
+
+
diff --git a/install/ubuntu/17.04/templates/web/apache2/phpcgi.sh b/install/ubuntu/17.04/templates/web/apache2/phpcgi.sh
new file mode 100755
index 00000000..6565e103
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/apache2/phpcgi.sh
@@ -0,0 +1,16 @@
+#!/bin/bash
+# Adding php wrapper
+user="$1"
+domain="$2"
+ip="$3"
+home_dir="$4"
+docroot="$5"
+
+wrapper_script='#!/usr/bin/php-cgi -cphp5-cgi.ini'
+wrapper_file="$home_dir/$user/web/$domain/cgi-bin/php"
+
+echo "$wrapper_script" > $wrapper_file
+chown $user:$user $wrapper_file
+chmod -f 751 $wrapper_file
+
+exit 0
diff --git a/install/ubuntu/17.04/templates/web/apache2/phpcgi.stpl b/install/ubuntu/17.04/templates/web/apache2/phpcgi.stpl
new file mode 100644
index 00000000..731355bc
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/apache2/phpcgi.stpl
@@ -0,0 +1,38 @@
+
+
+ ServerName %domain_idn%
+ %alias_string%
+ ServerAdmin %email%
+ DocumentRoot %sdocroot%
+ ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/
+ Alias /vstats/ %home%/%user%/web/%domain%/stats/
+ Alias /error/ %home%/%user%/web/%domain%/document_errors/
+ SuexecUserGroup %user% %group%
+ CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes
+ CustomLog /var/log/%web_system%/domains/%domain%.log combined
+ ErrorLog /var/log/%web_system%/domains/%domain%.error.log
+
+ SSLRequireSSL
+ AllowOverride All
+ Options +Includes -Indexes +ExecCGI
+ php_admin_value open_basedir %docroot%:%home%/%user%/tmp
+ php_admin_value upload_tmp_dir %home%/%user%/tmp
+ php_admin_value session.save_path %home%/%user%/tmp
+ Action phpcgi-script /cgi-bin/php
+
+ SetHandler phpcgi-script
+
+
+
+ AllowOverride All
+
+ SSLEngine on
+ SSLVerifyClient none
+ SSLCertificateFile %ssl_crt%
+ SSLCertificateKeyFile %ssl_key%
+ %ssl_ca_str%SSLCertificateChainFile %ssl_ca%
+
+ IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf*
+
+
+
diff --git a/install/ubuntu/17.04/templates/web/apache2/phpcgi.tpl b/install/ubuntu/17.04/templates/web/apache2/phpcgi.tpl
new file mode 100644
index 00000000..c6796d29
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/apache2/phpcgi.tpl
@@ -0,0 +1,31 @@
+
+
+ ServerName %domain_idn%
+ %alias_string%
+ ServerAdmin %email%
+ DocumentRoot %docroot%
+ ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/
+ Alias /vstats/ %home%/%user%/web/%domain%/stats/
+ Alias /error/ %home%/%user%/web/%domain%/document_errors/
+ SuexecUserGroup %user% %group%
+ CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes
+ CustomLog /var/log/%web_system%/domains/%domain%.log combined
+ ErrorLog /var/log/%web_system%/domains/%domain%.error.log
+
+ AllowOverride All
+ Options +Includes -Indexes +ExecCGI
+ php_admin_value open_basedir %docroot%:%home%/%user%/tmp
+ php_admin_value upload_tmp_dir %home%/%user%/tmp
+ php_admin_value session.save_path %home%/%user%/tmp
+ Action phpcgi-script /cgi-bin/php
+
+ SetHandler phpcgi-script
+
+
+
+ AllowOverride All
+
+ IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf*
+
+
+
diff --git a/install/ubuntu/17.04/templates/web/apache2/phpfcgid.sh b/install/ubuntu/17.04/templates/web/apache2/phpfcgid.sh
new file mode 100755
index 00000000..e8058249
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/apache2/phpfcgid.sh
@@ -0,0 +1,22 @@
+#!/bin/bash
+# Adding php wrapper
+user="$1"
+domain="$2"
+ip="$3"
+home_dir="$4"
+docroot="$5"
+
+wrapper_script="#!/bin/sh
+PHPRC=/usr/local/lib
+export PHPRC
+export PHP_FCGI_MAX_REQUESTS=1000
+export PHP_FCGI_CHILDREN=20
+exec /usr/bin/php-cgi
+"
+wrapper_file="$home_dir/$user/web/$domain/cgi-bin/fcgi-starter"
+
+echo "$wrapper_script" > $wrapper_file
+chown $user:$user $wrapper_file
+chmod -f 751 $wrapper_file
+
+exit 0
diff --git a/install/ubuntu/17.04/templates/web/apache2/phpfcgid.stpl b/install/ubuntu/17.04/templates/web/apache2/phpfcgid.stpl
new file mode 100644
index 00000000..156c8a91
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/apache2/phpfcgid.stpl
@@ -0,0 +1,39 @@
+
+
+ ServerName %domain_idn%
+ %alias_string%
+ ServerAdmin %email%
+ DocumentRoot %sdocroot%
+ ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/
+ Alias /vstats/ %home%/%user%/web/%domain%/stats/
+ Alias /error/ %home%/%user%/web/%domain%/document_errors/
+ SuexecUserGroup %user% %group%
+ CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes
+ CustomLog /var/log/%web_system%/domains/%domain%.log combined
+ ErrorLog /var/log/%web_system%/domains/%domain%.error.log
+
+ SSLRequireSSL
+ AllowOverride All
+ Options +Includes -Indexes +ExecCGI
+ php_admin_value open_basedir %docroot%:%home%/%user%/tmp
+ php_admin_value upload_tmp_dir %home%/%user%/tmp
+ php_admin_value session.save_path %home%/%user%/tmp
+
+ SetHandler fcgid-script
+
+ FCGIWrapper %home%/%user%/web/%domain%/cgi-bin/fcgi-starter .php
+
+
+ AllowOverride All
+
+ php_admin_value open_basedir none
+ SSLEngine on
+ SSLVerifyClient none
+ SSLCertificateFile %ssl_crt%
+ SSLCertificateKeyFile %ssl_key%
+ %ssl_ca_str%SSLCertificateChainFile %ssl_ca%
+
+ IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf*
+
+
+
diff --git a/install/ubuntu/17.04/templates/web/apache2/phpfcgid.tpl b/install/ubuntu/17.04/templates/web/apache2/phpfcgid.tpl
new file mode 100644
index 00000000..a4c01269
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/apache2/phpfcgid.tpl
@@ -0,0 +1,31 @@
+
+
+ ServerName %domain_idn%
+ %alias_string%
+ ServerAdmin %email%
+ DocumentRoot %docroot%
+ ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/
+ Alias /vstats/ %home%/%user%/web/%domain%/stats/
+ Alias /error/ %home%/%user%/web/%domain%/document_errors/
+ SuexecUserGroup %user% %group%
+ CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes
+ CustomLog /var/log/%web_system%/domains/%domain%.log combined
+ ErrorLog /var/log/%web_system%/domains/%domain%.error.log
+
+ AllowOverride All
+ Options +Includes -Indexes +ExecCGI
+ php_admin_value open_basedir %docroot%:%home%/%user%/tmp
+ php_admin_value upload_tmp_dir %home%/%user%/tmp
+ php_admin_value session.save_path %home%/%user%/tmp
+
+ SetHandler fcgid-script
+
+ FCGIWrapper %home%/%user%/web/%domain%/cgi-bin/fcgi-starter .php
+
+
+ AllowOverride All
+
+ IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf*
+
+
+
diff --git a/install/ubuntu/17.04/templates/web/awstats/awstats.tpl b/install/ubuntu/17.04/templates/web/awstats/awstats.tpl
new file mode 100755
index 00000000..9a92e0fd
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/awstats/awstats.tpl
@@ -0,0 +1,133 @@
+LogFile="/var/log/%web_system%/domains/%domain%.log"
+LogType=W
+LogFormat=1
+LogSeparator=" "
+SiteDomain="%domain_idn%"
+HostAliases="%alias_idn%"
+DirData="%home%/%user%/web/%domain%/stats"
+DirCgi="/vstats"
+DirIcons="/vstats/icon"
+AllowToUpdateStatsFromBrowser=0
+AllowFullYearView=2
+EnableLockForUpdate=1
+DNSStaticCacheFile="dnscache.txt"
+DNSLastUpdateCacheFile="dnscachelastupdate.txt"
+SkipDNSLookupFor=""
+AllowAccessFromWebToAuthenticatedUsersOnly=0
+AllowAccessFromWebToFollowingAuthenticatedUsers=""
+AllowAccessFromWebToFollowingIPAddresses=""
+CreateDirDataIfNotExists=0
+BuildHistoryFormat=text
+BuildReportFormat=html
+SaveDatabaseFilesWithPermissionsForEveryone=0
+PurgeLogFile=0
+ArchiveLogRecords=0
+KeepBackupOfHistoricFiles=1
+DefaultFile="index.php index.html"
+SkipHosts="127.0.0.1
+SkipUserAgents=""
+SkipFiles=""
+SkipReferrersBlackList=""
+OnlyHosts=""
+OnlyUserAgents=""
+OnlyUsers=""
+OnlyFiles=""
+NotPageList="css js class gif jpg jpeg png bmp ico rss xml swf"
+ValidHTTPCodes="200 304"
+ValidSMTPCodes="1 250"
+AuthenticatedUsersNotCaseSensitive=0
+URLNotCaseSensitive=0
+URLWithAnchor=0
+URLQuerySeparators="?;"
+URLWithQuery=0
+URLWithQueryWithOnlyFollowingParameters=""
+URLWithQueryWithoutFollowingParameters=""
+URLReferrerWithQuery=0
+WarningMessages=1
+ErrorMessages=""
+DebugMessages=0
+NbOfLinesForCorruptedLog=50
+WrapperScript=""
+DecodeUA=0
+MiscTrackerUrl="/js/awstats_misc_tracker.js"
+UseFramesWhenCGI=1
+DetailedReportsOnNewWindows=1
+Expires=3600
+MaxRowsInHTMLOutput=1000
+Lang="auto"
+DirLang="./lang"
+ShowMenu=1
+ShowSummary=UVPHB
+ShowMonthStats=UVPHB
+ShowDaysOfMonthStats=VPHB
+ShowDaysOfWeekStats=PHB
+ShowHoursStats=PHB
+ShowDomainsStats=PHB
+ShowHostsStats=PHBL
+ShowAuthenticatedUsers=0
+ShowRobotsStats=HBL
+ShowWormsStats=0
+ShowEMailSenders=0
+ShowEMailReceivers=0
+ShowSessionsStats=1
+ShowPagesStats=PBEX
+ShowFileTypesStats=HB
+ShowFileSizesStats=0
+ShowDownloadsStats=HB
+ShowOSStats=1
+ShowBrowsersStats=1
+ShowScreenSizeStats=0
+ShowOriginStats=PH
+ShowKeyphrasesStats=1
+ShowKeywordsStats=1
+ShowMiscStats=a
+ShowHTTPErrorsStats=1
+ShowSMTPErrorsStats=0
+ShowClusterStats=0
+AddDataArrayMonthStats=1
+AddDataArrayShowDaysOfMonthStats=1
+AddDataArrayShowDaysOfWeekStats=1
+AddDataArrayShowHoursStats=1
+IncludeInternalLinksInOriginSection=0
+MaxNbOfDomain = 10
+MinHitDomain = 1
+MaxNbOfHostsShown = 10
+MinHitHost = 1
+MaxNbOfLoginShown = 10
+MinHitLogin = 1
+MaxNbOfRobotShown = 10
+MinHitRobot = 1
+MaxNbOfDownloadsShown = 10
+MinHitDownloads = 1
+MaxNbOfPageShown = 10
+MinHitFile = 1
+MaxNbOfOsShown = 10
+MinHitOs = 1
+MaxNbOfBrowsersShown = 10
+MinHitBrowser = 1
+MaxNbOfScreenSizesShown = 5
+MinHitScreenSize = 1
+MaxNbOfWindowSizesShown = 5
+MinHitWindowSize = 1
+MaxNbOfRefererShown = 10
+MinHitRefer = 1
+MaxNbOfKeyphrasesShown = 10
+MinHitKeyphrase = 1
+MaxNbOfKeywordsShown = 10
+MinHitKeyword = 1
+MaxNbOfEMailsShown = 20
+MinHitEMail = 1
+FirstDayOfWeek=0
+ShowFlagLinks=""
+ShowLinksOnUrl=1
+UseHTTPSLinkForUrl=""
+MaxLengthOfShownURL=64
+HTMLHeadSection=""
+HTMLEndSection=""
+MetaRobot=0
+Logo="awstats_logo6.png"
+LogoLink="http://awstats.sourceforge.net"
+BarWidth = 260
+BarHeight = 90
+StyleSheet=""
+ExtraTrackedRowsLimit=500
diff --git a/install/ubuntu/17.04/templates/web/awstats/index.tpl b/install/ubuntu/17.04/templates/web/awstats/index.tpl
new file mode 100755
index 00000000..9df9bb5c
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/awstats/index.tpl
@@ -0,0 +1,10 @@
+
+
+
+ Awstats log analyzer
+
+
+
diff --git a/install/ubuntu/17.04/templates/web/awstats/nav.tpl b/install/ubuntu/17.04/templates/web/awstats/nav.tpl
new file mode 100755
index 00000000..f29bed68
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/awstats/nav.tpl
@@ -0,0 +1,23 @@
+
+
+ Awstats navigation
+
+
+
+
+
+  |
+
+ |
+
+
+
+
diff --git a/install/ubuntu/17.04/templates/web/nginx/caching.sh b/install/ubuntu/17.04/templates/web/nginx/caching.sh
new file mode 100755
index 00000000..09d8efe7
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/nginx/caching.sh
@@ -0,0 +1,19 @@
+#!/bin/bash
+
+user=$1
+domain=$2
+ip=$3
+home=$4
+docroot=$5
+
+str="proxy_cache_path /var/cache/nginx/$domain levels=2"
+str="$str keys_zone=$domain:10m inactive=60m max_size=512m;"
+conf='/etc/nginx/conf.d/01_caching_pool.conf'
+if [ -e "$conf" ]; then
+ if [ -z "$(grep "=${domain}:" $conf)" ]; then
+ echo "$str" >> $conf
+ fi
+else
+ echo "$str" >> $conf
+fi
+
diff --git a/install/ubuntu/17.04/templates/web/nginx/caching.stpl b/install/ubuntu/17.04/templates/web/nginx/caching.stpl
new file mode 100755
index 00000000..5e0e4064
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/nginx/caching.stpl
@@ -0,0 +1,44 @@
+server {
+ listen %ip%:%proxy_ssl_port%;
+ server_name %domain_idn% %alias_idn%;
+ ssl on;
+ ssl_certificate %ssl_pem%;
+ ssl_certificate_key %ssl_key%;
+ error_log /var/log/%web_system%/domains/%domain%.error.log error;
+
+ location / {
+ proxy_pass https://%ip%:%web_ssl_port%;
+
+ proxy_cache cache;
+ proxy_cache_valid 15m;
+ proxy_cache_valid 404 1m;
+ proxy_no_cache $no_cache;
+ proxy_cache_bypass $no_cache;
+ proxy_cache_bypass $cookie_session $http_x_update;
+
+ location ~* ^.+\.(%proxy_extentions%)$ {
+ proxy_cache off;
+ root %sdocroot%;
+ access_log /var/log/%web_system%/domains/%domain%.log combined;
+ access_log /var/log/%web_system%/domains/%domain%.bytes bytes;
+ expires max;
+ try_files $uri @fallback;
+ }
+ }
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location @fallback {
+ proxy_pass https://%ip%:%web_ssl_port%;
+ }
+
+ location ~ /\.ht {return 404;}
+ location ~ /\.svn/ {return 404;}
+ location ~ /\.git/ {return 404;}
+ location ~ /\.hg/ {return 404;}
+ location ~ /\.bzr/ {return 404;}
+
+ include %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.04/templates/web/nginx/caching.tpl b/install/ubuntu/17.04/templates/web/nginx/caching.tpl
new file mode 100755
index 00000000..36761b65
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/nginx/caching.tpl
@@ -0,0 +1,41 @@
+server {
+ listen %ip%:%proxy_port%;
+ server_name %domain_idn% %alias_idn%;
+ error_log /var/log/%web_system%/domains/%domain%.error.log error;
+
+ location / {
+ proxy_pass http://%ip%:%web_port%;
+
+ proxy_cache cache;
+ proxy_cache_valid 15m;
+ proxy_cache_valid 404 1m;
+ proxy_no_cache $no_cache;
+ proxy_cache_bypass $no_cache;
+ proxy_cache_bypass $cookie_session $http_x_update;
+
+ location ~* ^.+\.(%proxy_extentions%)$ {
+ proxy_cache off;
+ root %docroot%;
+ access_log /var/log/%web_system%/domains/%domain%.log combined;
+ access_log /var/log/%web_system%/domains/%domain%.bytes bytes;
+ expires max;
+ try_files $uri @fallback;
+ }
+ }
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location @fallback {
+ proxy_pass http://%ip%:%web_port%;
+ }
+
+ location ~ /\.ht {return 404;}
+ location ~ /\.svn/ {return 404;}
+ location ~ /\.git/ {return 404;}
+ location ~ /\.hg/ {return 404;}
+ location ~ /\.bzr/ {return 404;}
+
+ include %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.04/templates/web/nginx/default.stpl b/install/ubuntu/17.04/templates/web/nginx/default.stpl
new file mode 100755
index 00000000..fa538060
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/nginx/default.stpl
@@ -0,0 +1,36 @@
+server {
+ listen %ip%:%proxy_ssl_port%;
+ server_name %domain_idn% %alias_idn%;
+ ssl on;
+ ssl_certificate %ssl_pem%;
+ ssl_certificate_key %ssl_key%;
+ error_log /var/log/%web_system%/domains/%domain%.error.log error;
+
+ location / {
+ proxy_pass https://%ip%:%web_ssl_port%;
+ location ~* ^.+\.(%proxy_extentions%)$ {
+ root %sdocroot%;
+ access_log /var/log/%web_system%/domains/%domain%.log combined;
+ access_log /var/log/%web_system%/domains/%domain%.bytes bytes;
+ expires max;
+ try_files $uri @fallback;
+ }
+ }
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location @fallback {
+ proxy_pass https://%ip%:%web_ssl_port%;
+ }
+
+ location ~ /\.ht {return 404;}
+ location ~ /\.svn/ {return 404;}
+ location ~ /\.git/ {return 404;}
+ location ~ /\.hg/ {return 404;}
+ location ~ /\.bzr/ {return 404;}
+
+ include %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
+
diff --git a/install/ubuntu/17.04/templates/web/nginx/default.tpl b/install/ubuntu/17.04/templates/web/nginx/default.tpl
new file mode 100755
index 00000000..4d5c774b
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/nginx/default.tpl
@@ -0,0 +1,33 @@
+server {
+ listen %ip%:%proxy_port%;
+ server_name %domain_idn% %alias_idn%;
+ error_log /var/log/%web_system%/domains/%domain%.error.log error;
+
+ location / {
+ proxy_pass http://%ip%:%web_port%;
+ location ~* ^.+\.(%proxy_extentions%)$ {
+ root %docroot%;
+ access_log /var/log/%web_system%/domains/%domain%.log combined;
+ access_log /var/log/%web_system%/domains/%domain%.bytes bytes;
+ expires max;
+ try_files $uri @fallback;
+ }
+ }
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location @fallback {
+ proxy_pass http://%ip%:%web_port%;
+ }
+
+ location ~ /\.ht {return 404;}
+ location ~ /\.svn/ {return 404;}
+ location ~ /\.git/ {return 404;}
+ location ~ /\.hg/ {return 404;}
+ location ~ /\.bzr/ {return 404;}
+
+ include %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
+
diff --git a/install/ubuntu/17.04/templates/web/nginx/hosting.sh b/install/ubuntu/17.04/templates/web/nginx/hosting.sh
new file mode 100755
index 00000000..eeed37ef
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/nginx/hosting.sh
@@ -0,0 +1,11 @@
+#!/bin/bash
+# Changing public_html permission
+user="$1"
+domain="$2"
+ip="$3"
+home_dir="$4"
+docroot="$5"
+
+chmod 755 $docroot
+
+exit 0
diff --git a/install/ubuntu/17.04/templates/web/nginx/hosting.stpl b/install/ubuntu/17.04/templates/web/nginx/hosting.stpl
new file mode 100755
index 00000000..d778d633
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/nginx/hosting.stpl
@@ -0,0 +1,38 @@
+server {
+ listen %ip%:%proxy_ssl_port%;
+ server_name %domain_idn% %alias_idn%;
+ ssl on;
+ ssl_certificate %ssl_pem%;
+ ssl_certificate_key %ssl_key%;
+ error_log /var/log/%web_system%/domains/%domain%.error.log error;
+
+ location / {
+ proxy_pass https://%ip%:%web_ssl_port%;
+ location ~* ^.+\.(%proxy_extentions%)$ {
+ root %sdocroot%;
+ access_log /var/log/%web_system%/domains/%domain%.log combined;
+ access_log /var/log/%web_system%/domains/%domain%.bytes bytes;
+ expires max;
+ try_files $uri @fallback;
+ }
+ }
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location @fallback {
+ proxy_pass https://%ip%:%web_ssl_port%;
+ }
+
+ location ~ /\.ht {return 404;}
+ location ~ /\.svn/ {return 404;}
+ location ~ /\.git/ {return 404;}
+ location ~ /\.hg/ {return 404;}
+ location ~ /\.bzr/ {return 404;}
+
+ disable_symlinks if_not_owner from=%docroot%;
+
+ include %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
+
diff --git a/install/ubuntu/17.04/templates/web/nginx/hosting.tpl b/install/ubuntu/17.04/templates/web/nginx/hosting.tpl
new file mode 100755
index 00000000..15961c95
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/nginx/hosting.tpl
@@ -0,0 +1,35 @@
+server {
+ listen %ip%:%proxy_port%;
+ server_name %domain_idn% %alias_idn%;
+ error_log /var/log/%web_system%/domains/%domain%.error.log error;
+
+ location / {
+ proxy_pass http://%ip%:%web_port%;
+ location ~* ^.+\.(%proxy_extentions%)$ {
+ root %docroot%;
+ access_log /var/log/%web_system%/domains/%domain%.log combined;
+ access_log /var/log/%web_system%/domains/%domain%.bytes bytes;
+ expires max;
+ try_files $uri @fallback;
+ }
+ }
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location @fallback {
+ proxy_pass http://%ip%:%web_port%;
+ }
+
+ location ~ /\.ht {return 404;}
+ location ~ /\.svn/ {return 404;}
+ location ~ /\.git/ {return 404;}
+ location ~ /\.hg/ {return 404;}
+ location ~ /\.bzr/ {return 404;}
+
+ disable_symlinks if_not_owner from=%docroot%;
+
+ include %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
+
diff --git a/install/ubuntu/17.04/templates/web/nginx/http2.stpl b/install/ubuntu/17.04/templates/web/nginx/http2.stpl
new file mode 100644
index 00000000..76dd2f8e
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/nginx/http2.stpl
@@ -0,0 +1,36 @@
+server {
+ listen %ip%:%proxy_ssl_port% http2;
+ server_name %domain_idn% %alias_idn%;
+ ssl on;
+ ssl_certificate %ssl_pem%;
+ ssl_certificate_key %ssl_key%;
+ error_log /var/log/httpd/domains/%domain%.error.log error;
+
+ location / {
+ proxy_pass https://%ip%:%web_ssl_port%;
+ location ~* ^.+\.(%proxy_extentions%)$ {
+ root %sdocroot%;
+ access_log /var/log/httpd/domains/%domain%.log combined;
+ access_log /var/log/httpd/domains/%domain%.bytes bytes;
+ expires max;
+ try_files $uri @fallback;
+ }
+ }
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location @fallback {
+ proxy_pass https://%ip%:%web_ssl_port%;
+ }
+
+ location ~ /\.ht {return 404;}
+ location ~ /\.svn/ {return 404;}
+ location ~ /\.git/ {return 404;}
+ location ~ /\.hg/ {return 404;}
+ location ~ /\.bzr/ {return 404;}
+
+ include %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
+
diff --git a/install/ubuntu/17.04/templates/web/nginx/http2.tpl b/install/ubuntu/17.04/templates/web/nginx/http2.tpl
new file mode 100644
index 00000000..c1fec114
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/nginx/http2.tpl
@@ -0,0 +1,33 @@
+server {
+ listen %ip%:%proxy_port%;
+ server_name %domain_idn% %alias_idn%;
+ error_log /var/log/httpd/domains/%domain%.error.log error;
+
+ location / {
+ proxy_pass http://%ip%:%web_port%;
+ location ~* ^.+\.(%proxy_extentions%)$ {
+ root %docroot%;
+ access_log /var/log/httpd/domains/%domain%.log combined;
+ access_log /var/log/httpd/domains/%domain%.bytes bytes;
+ expires max;
+ try_files $uri @fallback;
+ }
+ }
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location @fallback {
+ proxy_pass http://%ip%:%web_port%;
+ }
+
+ location ~ /\.ht {return 404;}
+ location ~ /\.svn/ {return 404;}
+ location ~ /\.git/ {return 404;}
+ location ~ /\.hg/ {return 404;}
+ location ~ /\.bzr/ {return 404;}
+
+ include %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
+
diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/cms_made_simple.stpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/cms_made_simple.stpl
new file mode 100644
index 00000000..d85bcce3
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/cms_made_simple.stpl
@@ -0,0 +1,56 @@
+server {
+ listen %ip%:%web_ssl_port%;
+ server_name %domain_idn% %alias_idn%;
+ root %sdocroot%;
+ index index.php index.html index.htm;
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+
+ ssl on;
+ ssl_certificate %ssl_pem%;
+ ssl_certificate_key %ssl_key%;
+
+ location / {
+ try_files $uri $uri/ /index.php?page=$request_uri;
+
+ location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+ expires max;
+ }
+
+ location ~ [^/]\.php(/|$) {
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ if (!-f $document_root$fastcgi_script_name) {
+ return 404;
+ }
+ fastcgi_pass %backend_lsnr%;
+ fastcgi_index index.php;
+ include /etc/nginx/fastcgi_params;
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ }
+ }
+
+ error_page 403 /error/404.html;
+ error_page 404 /error/404.html;
+ error_page 500 502 503 504 /error/50x.html;
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location ~* "/\.(htaccess|htpasswd)$" {
+ deny all;
+ return 404;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/conf/web/%domain%.auth*;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/cms_made_simple.tpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/cms_made_simple.tpl
new file mode 100644
index 00000000..f9e90393
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/cms_made_simple.tpl
@@ -0,0 +1,52 @@
+server {
+ listen %ip%:%web_port%;
+ server_name %domain_idn% %alias_idn%;
+ root %docroot%;
+ index index.php index.html index.htm;
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+
+ location / {
+ try_files $uri $uri/ /index.php?page=$request_uri;
+
+ location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+ expires max;
+ }
+
+ location ~ [^/]\.php(/|$) {
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ if (!-f $document_root$fastcgi_script_name) {
+ return 404;
+ }
+ fastcgi_pass %backend_lsnr%;
+ fastcgi_index index.php;
+ include /etc/nginx/fastcgi_params;
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ }
+ }
+
+ error_page 403 /error/404.html;
+ error_page 404 /error/404.html;
+ error_page 500 502 503 504 /error/50x.html;
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location ~* "/\.(htaccess|htpasswd)$" {
+ deny all;
+ return 404;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/conf/web/%domain%.auth*;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/codeigniter2.stpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/codeigniter2.stpl
new file mode 100644
index 00000000..9c24c3ea
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/codeigniter2.stpl
@@ -0,0 +1,61 @@
+server {
+ listen %ip%:%web_ssl_port%;
+ server_name %domain_idn% %alias_idn%;
+ root %sdocroot%;
+ index index.php index.html index.htm;
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+
+ ssl on;
+ ssl_certificate %ssl_pem%;
+ ssl_certificate_key %ssl_key%;
+
+ location / {
+ try_files $uri $uri/ /index.php;
+
+ location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+ expires max;
+ }
+
+ location = /index.php {
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ if (!-f $document_root$fastcgi_script_name) {
+ return 404;
+ }
+
+ fastcgi_pass %backend_lsnr%;
+ fastcgi_index index.php;
+ fastcgi_param SCRIPT_FILENAME /var/www/html/ci$fastcgi_script_name;
+ include /etc/nginx/fastcgi_params;
+ }
+ }
+
+ location ~ \.php$ {
+ return 444;
+ }
+
+ error_page 403 /error/404.html;
+ error_page 404 /error/404.html;
+ error_page 500 502 503 504 /error/50x.html;
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location ~* "/\.(htaccess|htpasswd)$" {
+ deny all;
+ return 404;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/conf/web/%domain%.auth*;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/codeigniter2.tpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/codeigniter2.tpl
new file mode 100644
index 00000000..d2422be2
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/codeigniter2.tpl
@@ -0,0 +1,57 @@
+server {
+ listen %ip%:%web_port%;
+ server_name %domain_idn% %alias_idn%;
+ root %docroot%;
+ index index.php index.html index.htm;
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+
+ location / {
+ try_files $uri $uri/ /index.php;
+
+ location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+ expires max;
+ }
+
+ location = /index.php {
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ if (!-f $document_root$fastcgi_script_name) {
+ return 404;
+ }
+
+ fastcgi_pass %backend_lsnr%;
+ fastcgi_index index.php;
+ fastcgi_param SCRIPT_FILENAME /var/www/html/ci$fastcgi_script_name;
+ include /etc/nginx/fastcgi_params;
+ }
+ }
+
+ location ~ \.php$ {
+ return 444;
+ }
+
+ error_page 403 /error/404.html;
+ error_page 404 /error/404.html;
+ error_page 500 502 503 504 /error/50x.html;
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location ~* "/\.(htaccess|htpasswd)$" {
+ deny all;
+ return 404;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/conf/web/%domain%.auth*;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/codeigniter3.stpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/codeigniter3.stpl
new file mode 100644
index 00000000..d7186314
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/codeigniter3.stpl
@@ -0,0 +1,56 @@
+server {
+ listen %ip%:%web_ssl_port%;
+ server_name %domain_idn% %alias_idn%;
+ root %sdocroot%;
+ index index.php index.html index.htm;
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+
+ ssl on;
+ ssl_certificate %ssl_pem%;
+ ssl_certificate_key %ssl_key%;
+
+ location / {
+ try_files $uri $uri/ /index.php;
+
+ location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+ expires max;
+ }
+
+ location ~ [^/]\.php(/|$) {
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ if (!-f $document_root$fastcgi_script_name) {
+ return 404;
+ }
+
+ fastcgi_pass %backend_lsnr%;
+ fastcgi_index index.php;
+ include /etc/nginx/fastcgi_params;
+ }
+ }
+
+ error_page 403 /error/404.html;
+ error_page 404 /error/404.html;
+ error_page 500 502 503 504 /error/50x.html;
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location ~* "/\.(htaccess|htpasswd)$" {
+ deny all;
+ return 404;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/conf/web/%domain%.auth*;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/codeigniter3.tpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/codeigniter3.tpl
new file mode 100644
index 00000000..54f81b99
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/codeigniter3.tpl
@@ -0,0 +1,52 @@
+server {
+ listen %ip%:%web_port%;
+ server_name %domain_idn% %alias_idn%;
+ root %docroot%;
+ index index.php index.html index.htm;
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+
+ location / {
+ try_files $uri $uri/ /index.php;
+
+ location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+ expires max;
+ }
+
+ location ~ [^/]\.php(/|$) {
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ if (!-f $document_root$fastcgi_script_name) {
+ return 404;
+ }
+
+ fastcgi_pass %backend_lsnr%;
+ fastcgi_index index.php;
+ include /etc/nginx/fastcgi_params;
+ }
+ }
+
+ error_page 403 /error/404.html;
+ error_page 404 /error/404.html;
+ error_page 500 502 503 504 /error/50x.html;
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location ~* "/\.(htaccess|htpasswd)$" {
+ deny all;
+ return 404;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/conf/web/%domain%.auth*;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/datalife_engine.stpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/datalife_engine.stpl
new file mode 100644
index 00000000..4f0b9ec7
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/datalife_engine.stpl
@@ -0,0 +1,127 @@
+server {
+ listen %ip%:%web_ssl_port%;
+ server_name %domain_idn% %alias_idn%;
+ root %sdocroot%;
+ index index.php index.html index.htm;
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+
+ ssl on;
+ ssl_certificate %ssl_pem%;
+ ssl_certificate_key %ssl_key%;
+
+ location / {
+ rewrite "^/page/([0-9]+)(/?)$" /index.php?cstart=$1 last;
+
+ rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&cstart=$5&news_name=$6&seourl=$6 last;
+ rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last;
+ rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/print:page,([0-9]+),(.*).html(/?)+$" /engine/print.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last;
+ rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_name=$4&seourl=$4 last;
+
+ rewrite "^/([^.]+)/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$4&news_page=$2&cstart=$3&seourl=$5&seocat=$1 last;
+ rewrite "^/([^.]+)/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$2&seourl=$4&seocat=$1 last;
+ rewrite "^/([^.]+)/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$2&newsid=$3&seourl=$4&seocat=$1 last;
+ rewrite "^/([^.]+)/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&seourl=$3&seocat=$1 last;
+
+ rewrite "^/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$1&cstart=$2&seourl=$4 last;
+ rewrite "^/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&news_page=$1&seourl=$3 last;
+ rewrite "^/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$1&newsid=$2&seourl=$3 last;
+ rewrite "^/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$1&seourl=$2 last;
+
+ rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2&day=$3 last;
+ rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&day=$3&cstart=$4 last;
+
+ rewrite "^/([0-9]{4})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2 last;
+ rewrite "^/([0-9]{4})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&cstart=$3 last;
+
+ rewrite "^/([0-9]{4})(/?)+$" /index.php?year=$1 last;
+ rewrite "^/([0-9]{4})/page/([0-9]+)(/?)+$" /index.php?year=$1&cstart=$2 last;
+
+ rewrite "^/tags/([^/]*)(/?)+$" /index.php?do=tags&tag=$1 last;
+ rewrite "^/tags/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=tags&tag=$1&cstart=$2 last;
+
+ rewrite "^/xfsearch/([^/]*)(/?)+$" /index.php?do=xfsearch&xf=$1 last;
+ rewrite "^/xfsearch/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=xfsearch&xf=$1&cstart=$2 last;
+
+ rewrite "^/user/([^/]*)/rss.xml$" /engine/rss.php?subaction=allnews&user=$1 last;
+ rewrite "^/user/([^/]*)(/?)+$" /index.php?subaction=userinfo&user=$1 last;
+ rewrite "^/user/([^/]*)/page/([0-9]+)(/?)+$" /index.php?subaction=userinfo&user=$1&cstart=$2 last;
+ rewrite "^/user/([^/]*)/news(/?)+$" /index.php?subaction=allnews&user=$1 last;
+ rewrite "^/user/([^/]*)/news/page/([0-9]+)(/?)+$" /index.php?subaction=allnews&user=$1&cstart=$2 last;
+ rewrite "^/user/([^/]*)/news/rss.xml(/?)+$" /engine/rss.php?subaction=allnews&user=$1 last;
+
+ rewrite "^/lastnews(/?)+$" /index.php?do=lastnews last;
+ rewrite "^/lastnews/page/([0-9]+)(/?)+$" /index.php?do=lastnews&cstart=$1 last;
+
+ rewrite "^/catalog/([^/]*)/rss.xml$" /engine/rss.php?catalog=$1 last;
+ rewrite "^/catalog/([^/]*)(/?)+$" /index.php?catalog=$1 last;
+ rewrite "^/catalog/([^/]*)/page/([0-9]+)(/?)+$" /index.php?catalog=$1&cstart=$2 last;
+
+ rewrite "^/newposts(/?)+$" /index.php?subaction=newposts last;
+ rewrite "^/newposts/page/([0-9]+)(/?)+$" /index.php?subaction=newposts&cstart=$1 last;
+
+ rewrite "^/favorites(/?)+$" /index.php?do=favorites last;
+ rewrite "^/favorites/page/([0-9]+)(/?)+$" /index.php?do=favorites&cstart=$1 last;
+
+ rewrite "^/rules.html$" /index.php?do=rules last;
+ rewrite "^/statistics.html$" /index.php?do=stats last;
+ rewrite "^/addnews.html$" /index.php?do=addnews last;
+ rewrite "^/rss.xml$" /engine/rss.php last;
+ rewrite "^/sitemap.xml$" /uploads/sitemap.xml last;
+
+ if (!-d $request_filename) {
+ rewrite "^/([^.]+)/page/([0-9]+)(/?)+$" /index.php?do=cat&category=$1&cstart=$2 last;
+ rewrite "^/([^.]+)/?$" /index.php?do=cat&category=$1 last;
+ }
+
+ if (!-f $request_filename) {
+ rewrite "^/([^.]+)/rss.xml$" /engine/rss.php?do=cat&category=$1 last;
+ rewrite "^/page,([0-9]+),([^/]+).html$" /index.php?do=static&page=$2&news_page=$1 last;
+ rewrite "^/print:([^/]+).html$" /engine/print.php?do=static&page=$1 last;
+ }
+
+ if (!-f $request_filename) {
+ rewrite "^/([^/]+).html$" /index.php?do=static&page=$1 last;
+ }
+
+ location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+ expires max;
+ }
+
+ location ~ [^/]\.php(/|$) {
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ if (!-f $document_root$fastcgi_script_name) {
+ return 404;
+ }
+
+ fastcgi_pass %backend_lsnr%;
+ fastcgi_index index.php;
+ include /etc/nginx/fastcgi_params;
+ }
+ }
+
+ error_page 403 /error/404.html;
+ error_page 404 /error/404.html;
+ error_page 500 502 503 504 /error/50x.html;
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location ~* "/\.(htaccess|htpasswd)$" {
+ deny all;
+ return 404;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/conf/web/%domain%.auth*;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/datalife_engine.tpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/datalife_engine.tpl
new file mode 100644
index 00000000..3ea45347
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/datalife_engine.tpl
@@ -0,0 +1,123 @@
+server {
+ listen %ip%:%web_port%;
+ server_name %domain_idn% %alias_idn%;
+ root %docroot%;
+ index index.php index.html index.htm;
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+
+ location / {
+ rewrite "^/page/([0-9]+)(/?)$" /index.php?cstart=$1 last;
+
+ rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&cstart=$5&news_name=$6&seourl=$6 last;
+ rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last;
+ rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/print:page,([0-9]+),(.*).html(/?)+$" /engine/print.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last;
+ rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_name=$4&seourl=$4 last;
+
+ rewrite "^/([^.]+)/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$4&news_page=$2&cstart=$3&seourl=$5&seocat=$1 last;
+ rewrite "^/([^.]+)/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$2&seourl=$4&seocat=$1 last;
+ rewrite "^/([^.]+)/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$2&newsid=$3&seourl=$4&seocat=$1 last;
+ rewrite "^/([^.]+)/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&seourl=$3&seocat=$1 last;
+
+ rewrite "^/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$1&cstart=$2&seourl=$4 last;
+ rewrite "^/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&news_page=$1&seourl=$3 last;
+ rewrite "^/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$1&newsid=$2&seourl=$3 last;
+ rewrite "^/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$1&seourl=$2 last;
+
+ rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2&day=$3 last;
+ rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&day=$3&cstart=$4 last;
+
+ rewrite "^/([0-9]{4})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2 last;
+ rewrite "^/([0-9]{4})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&cstart=$3 last;
+
+ rewrite "^/([0-9]{4})(/?)+$" /index.php?year=$1 last;
+ rewrite "^/([0-9]{4})/page/([0-9]+)(/?)+$" /index.php?year=$1&cstart=$2 last;
+
+ rewrite "^/tags/([^/]*)(/?)+$" /index.php?do=tags&tag=$1 last;
+ rewrite "^/tags/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=tags&tag=$1&cstart=$2 last;
+
+ rewrite "^/xfsearch/([^/]*)(/?)+$" /index.php?do=xfsearch&xf=$1 last;
+ rewrite "^/xfsearch/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=xfsearch&xf=$1&cstart=$2 last;
+
+ rewrite "^/user/([^/]*)/rss.xml$" /engine/rss.php?subaction=allnews&user=$1 last;
+ rewrite "^/user/([^/]*)(/?)+$" /index.php?subaction=userinfo&user=$1 last;
+ rewrite "^/user/([^/]*)/page/([0-9]+)(/?)+$" /index.php?subaction=userinfo&user=$1&cstart=$2 last;
+ rewrite "^/user/([^/]*)/news(/?)+$" /index.php?subaction=allnews&user=$1 last;
+ rewrite "^/user/([^/]*)/news/page/([0-9]+)(/?)+$" /index.php?subaction=allnews&user=$1&cstart=$2 last;
+ rewrite "^/user/([^/]*)/news/rss.xml(/?)+$" /engine/rss.php?subaction=allnews&user=$1 last;
+
+ rewrite "^/lastnews(/?)+$" /index.php?do=lastnews last;
+ rewrite "^/lastnews/page/([0-9]+)(/?)+$" /index.php?do=lastnews&cstart=$1 last;
+
+ rewrite "^/catalog/([^/]*)/rss.xml$" /engine/rss.php?catalog=$1 last;
+ rewrite "^/catalog/([^/]*)(/?)+$" /index.php?catalog=$1 last;
+ rewrite "^/catalog/([^/]*)/page/([0-9]+)(/?)+$" /index.php?catalog=$1&cstart=$2 last;
+
+ rewrite "^/newposts(/?)+$" /index.php?subaction=newposts last;
+ rewrite "^/newposts/page/([0-9]+)(/?)+$" /index.php?subaction=newposts&cstart=$1 last;
+
+ rewrite "^/favorites(/?)+$" /index.php?do=favorites last;
+ rewrite "^/favorites/page/([0-9]+)(/?)+$" /index.php?do=favorites&cstart=$1 last;
+
+ rewrite "^/rules.html$" /index.php?do=rules last;
+ rewrite "^/statistics.html$" /index.php?do=stats last;
+ rewrite "^/addnews.html$" /index.php?do=addnews last;
+ rewrite "^/rss.xml$" /engine/rss.php last;
+ rewrite "^/sitemap.xml$" /uploads/sitemap.xml last;
+
+ if (!-d $request_filename) {
+ rewrite "^/([^.]+)/page/([0-9]+)(/?)+$" /index.php?do=cat&category=$1&cstart=$2 last;
+ rewrite "^/([^.]+)/?$" /index.php?do=cat&category=$1 last;
+ }
+
+ if (!-f $request_filename) {
+ rewrite "^/([^.]+)/rss.xml$" /engine/rss.php?do=cat&category=$1 last;
+ rewrite "^/page,([0-9]+),([^/]+).html$" /index.php?do=static&page=$2&news_page=$1 last;
+ rewrite "^/print:([^/]+).html$" /engine/print.php?do=static&page=$1 last;
+ }
+
+ if (!-f $request_filename) {
+ rewrite "^/([^/]+).html$" /index.php?do=static&page=$1 last;
+ }
+
+ location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+ expires max;
+ }
+
+ location ~ [^/]\.php(/|$) {
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ if (!-f $document_root$fastcgi_script_name) {
+ return 404;
+ }
+
+ fastcgi_pass %backend_lsnr%;
+ fastcgi_index index.php;
+ include /etc/nginx/fastcgi_params;
+ }
+ }
+
+ error_page 403 /error/404.html;
+ error_page 404 /error/404.html;
+ error_page 500 502 503 504 /error/50x.html;
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location ~* "/\.(htaccess|htpasswd)$" {
+ deny all;
+ return 404;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/conf/web/%domain%.auth*;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/default.stpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/default.stpl
new file mode 100644
index 00000000..5cb55311
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/default.stpl
@@ -0,0 +1,55 @@
+server {
+ listen %ip%:%web_ssl_port%;
+ server_name %domain_idn% %alias_idn%;
+ root %sdocroot%;
+ index index.php index.html index.htm;
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+
+ ssl on;
+ ssl_certificate %ssl_pem%;
+ ssl_certificate_key %ssl_key%;
+
+ location / {
+
+ location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+ expires max;
+ }
+
+ location ~ [^/]\.php(/|$) {
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ if (!-f $document_root$fastcgi_script_name) {
+ return 404;
+ }
+
+ fastcgi_pass %backend_lsnr%;
+ fastcgi_index index.php;
+ include /etc/nginx/fastcgi_params;
+ }
+ }
+
+ error_page 403 /error/404.html;
+ error_page 404 /error/404.html;
+ error_page 500 502 503 504 /error/50x.html;
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location ~* "/\.(htaccess|htpasswd)$" {
+ deny all;
+ return 404;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/conf/web/%domain%.auth*;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/default.tpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/default.tpl
new file mode 100644
index 00000000..a8909efb
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/default.tpl
@@ -0,0 +1,51 @@
+server {
+ listen %ip%:%web_port%;
+ server_name %domain_idn% %alias_idn%;
+ root %docroot%;
+ index index.php index.html index.htm;
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+
+ location / {
+
+ location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+ expires max;
+ }
+
+ location ~ [^/]\.php(/|$) {
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ if (!-f $document_root$fastcgi_script_name) {
+ return 404;
+ }
+
+ fastcgi_pass %backend_lsnr%;
+ fastcgi_index index.php;
+ include /etc/nginx/fastcgi_params;
+ }
+ }
+
+ error_page 403 /error/404.html;
+ error_page 404 /error/404.html;
+ error_page 500 502 503 504 /error/50x.html;
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location ~* "/\.(htaccess|htpasswd)$" {
+ deny all;
+ return 404;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/conf/web/%domain%.auth*;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/dokuwiki.stpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/dokuwiki.stpl
new file mode 100644
index 00000000..f85032ba
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/dokuwiki.stpl
@@ -0,0 +1,72 @@
+server {
+ listen %ip%:%web_ssl_port%;
+ server_name %domain_idn% %alias_idn%;
+ root %sdocroot%;
+ index index.php index.html index.htm;
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+
+ ssl on;
+ ssl_certificate %ssl_pem%;
+ ssl_certificate_key %ssl_key%;
+
+ location / {
+ index doku.php;
+ try_files $uri $uri/ @dokuwiki;
+
+ location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+ expires max;
+ }
+
+ location ~ [^/]\.php(/|$) {
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ if (!-f $document_root$fastcgi_script_name) {
+ return 404;
+ }
+
+ fastcgi_pass %backend_lsnr%;
+ fastcgi_index index.php;
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ include /etc/nginx/fastcgi_params;
+ }
+ }
+
+ location ~ ^/lib.*\.(gif|png|ico|jpg)$ {
+ expires 30d;
+ }
+
+ location ^~ /conf/ { return 403; }
+ location ^~ /data/ { return 403; }
+
+ location @dokuwiki {
+ rewrite ^/_media/(.*) /lib/exe/fetch.php?media=$1 last;
+ rewrite ^/_detail/(.*) /lib/exe/detail.php?media=$1 last;
+ rewrite ^/_export/([^/]+)/(.*) /doku.php?do=export_$1&id=$2 last;
+ rewrite ^/(.*) /doku.php?id=$1 last;
+ }
+
+ error_page 403 /error/404.html;
+ error_page 404 /error/404.html;
+ error_page 500 502 503 504 /error/50x.html;
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location ~* "/\.(htaccess|htpasswd)$" {
+ deny all;
+ return 404;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/conf/web/%domain%.auth*;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/dokuwiki.tpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/dokuwiki.tpl
new file mode 100644
index 00000000..0a9a75ed
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/dokuwiki.tpl
@@ -0,0 +1,67 @@
+server {
+ listen %ip%:%web_port%;
+ server_name %domain_idn% %alias_idn%;
+ root %docroot%;
+ index index.php index.html index.htm;
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+
+ location / {
+ index doku.php;
+ try_files $uri $uri/ @dokuwiki;
+
+ location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+ expires max;
+ }
+
+ location ~ [^/]\.php(/|$) {
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ if (!-f $document_root$fastcgi_script_name) {
+ return 404;
+ }
+
+ fastcgi_pass %backend_lsnr%;
+ fastcgi_index index.php;
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ include /etc/nginx/fastcgi_params;
+ }
+ }
+
+ location ~ ^/lib.*\.(gif|png|ico|jpg)$ {
+ expires 30d;
+ }
+
+ location ^~ /conf/ { return 403; }
+ location ^~ /data/ { return 403; }
+ location @dokuwiki {
+ rewrite ^/_media/(.*) /lib/exe/fetch.php?media=$1 last;
+ rewrite ^/_detail/(.*) /lib/exe/detail.php?media=$1 last;
+ rewrite ^/_export/([^/]+)/(.*) /doku.php?do=export_$1&id=$2 last;
+ rewrite ^/(.*) /doku.php?id=$1 last;
+ }
+
+ error_page 403 /error/404.html;
+ error_page 404 /error/404.html;
+ error_page 500 502 503 504 /error/50x.html;
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location ~* "/\.(htaccess|htpasswd)$" {
+ deny all;
+ return 404;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/conf/web/%domain%.auth*;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal6.stpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal6.stpl
new file mode 100644
index 00000000..91a70936
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal6.stpl
@@ -0,0 +1,101 @@
+server {
+ listen %ip%:%web_ssl_port%;
+ server_name %domain_idn% %alias_idn%;
+ root %sdocroot%;
+ index index.php index.html index.htm;
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+
+ ssl on;
+ ssl_certificate %ssl_pem%;
+ ssl_certificate_key %ssl_key%;
+
+ location = /favicon.ico {
+ log_not_found off;
+ access_log off;
+ }
+
+ location = /robots.txt {
+ allow all;
+ log_not_found off;
+ access_log off;
+ }
+
+ location ~* \.(txt|log)$ {
+ allow 192.168.0.0/16;
+ deny all;
+ }
+
+ location ~ \..*/.*\.php$ {
+ return 403;
+ }
+
+ # No no for private
+ location ~ ^/sites/.*/private/ {
+ return 403;
+ }
+
+ # Block access to "hidden" files and directories whose names begin with a
+ # period. This includes directories used by version control systems such
+ # as Subversion or Git to store control files.
+ location ~ (^|/)\. {
+ return 403;
+ }
+
+ location / {
+ try_files $uri @rewrite;
+
+ location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+ expires max;
+ }
+
+ location ~ [^/]\.php(/|$) {
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ if (!-f $document_root$fastcgi_script_name) {
+ return 404;
+ }
+
+ fastcgi_pass %backend_lsnr%;
+ fastcgi_index index.php;
+ fastcgi_param SCRIPT_FILENAME $request_filename;
+ fastcgi_intercept_errors on;
+ include /etc/nginx/fastcgi_params;
+ }
+ }
+
+ location @rewrite {
+ # For Drupal 6 and bwlow:
+ # Some modules enforce no slash (/) at the end of the URL
+ # Else this rewrite block wouldn't be needed (GlobalRedirect)
+ rewrite ^/(.*)$ /index.php?q=$1;
+ }
+
+ location ~ ^/sites/.*/files/styles/ {
+ try_files $uri @rewrite;
+ }
+
+ error_page 403 /error/404.html;
+ error_page 404 /error/404.html;
+ error_page 500 502 503 504 /error/50x.html;
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location ~* "/\.(htaccess|htpasswd)$" {
+ deny all;
+ return 404;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/conf/web/%domain%.auth*;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal6.tpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal6.tpl
new file mode 100644
index 00000000..ac32dcd9
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal6.tpl
@@ -0,0 +1,98 @@
+server {
+ listen %ip%:%web_port%;
+ server_name %domain_idn% %alias_idn%;
+ root %docroot%;
+ index index.php index.html index.htm;
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+
+ location = /favicon.ico {
+ log_not_found off;
+ access_log off;
+ }
+
+ location = /robots.txt {
+ allow all;
+ log_not_found off;
+ access_log off;
+ }
+
+ # Very rarely should these ever be accessed outside of your lan
+ location ~* \.(txt|log)$ {
+ allow 192.168.0.0/16;
+ deny all;
+ }
+
+ location ~ \..*/.*\.php$ {
+ return 403;
+ }
+
+ # No no for private
+ location ~ ^/sites/.*/private/ {
+ return 403;
+ }
+
+ # Block access to "hidden" files and directories whose names begin with a
+ # period. This includes directories used by version control systems such
+ # as Subversion or Git to store control files.
+ location ~ (^|/)\. {
+ return 403;
+ }
+
+ location / {
+ try_files $uri @rewrite;
+
+ location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+ expires max;
+ }
+
+ location ~ [^/]\.php(/|$) {
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ if (!-f $document_root$fastcgi_script_name) {
+ return 404;
+ }
+
+ fastcgi_pass %backend_lsnr%;
+ fastcgi_index index.php;
+ fastcgi_param SCRIPT_FILENAME $request_filename;
+ fastcgi_intercept_errors on;
+ include /etc/nginx/fastcgi_params;
+ }
+ }
+
+ location @rewrite {
+ # For Drupal 6 and bwlow:
+ # Some modules enforce no slash (/) at the end of the URL
+ # Else this rewrite block wouldn't be needed (GlobalRedirect)
+ rewrite ^/(.*)$ /index.php?q=$1;
+ }
+
+ location ~ ^/sites/.*/files/styles/ {
+ try_files $uri @rewrite;
+ }
+
+ error_page 403 /error/404.html;
+ error_page 404 /error/404.html;
+ error_page 500 502 503 504 /error/50x.html;
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location ~* "/\.(htaccess|htpasswd)$" {
+ deny all;
+ return 404;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/conf/web/%domain%.auth*;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal7.stpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal7.stpl
new file mode 100644
index 00000000..3b9dabf5
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal7.stpl
@@ -0,0 +1,101 @@
+server {
+ listen %ip%:%web_ssl_port%;
+ server_name %domain_idn% %alias_idn%;
+ root %sdocroot%;
+ index index.php index.html index.htm;
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+
+ ssl on;
+ ssl_certificate %ssl_pem%;
+ ssl_certificate_key %ssl_key%;
+
+ location = /favicon.ico {
+ log_not_found off;
+ access_log off;
+ }
+
+ location = /robots.txt {
+ allow all;
+ log_not_found off;
+ access_log off;
+ }
+
+ location ~* \.(txt|log)$ {
+ allow 192.168.0.0/16;
+ deny all;
+ }
+
+ location ~ \..*/.*\.php$ {
+ return 403;
+ }
+
+ # No no for private
+ location ~ ^/sites/.*/private/ {
+ return 403;
+ }
+
+ # Block access to "hidden" files and directories whose names begin with a
+ # period. This includes directories used by version control systems such
+ # as Subversion or Git to store control files.
+ location ~ (^|/)\. {
+ return 403;
+ }
+
+ location / {
+ try_files $uri @rewrite;
+
+ location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+ expires max;
+ }
+
+ location ~ [^/]\.php(/|$) {
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ if (!-f $document_root$fastcgi_script_name) {
+ return 404;
+ }
+
+ fastcgi_pass %backend_lsnr%;
+ fastcgi_index index.php;
+ fastcgi_param SCRIPT_FILENAME $request_filename;
+ fastcgi_intercept_errors on;
+ include /etc/nginx/fastcgi_params;
+ }
+ }
+
+ location @rewrite {
+ # You have 2 options here
+ # For D7 and above:
+ # Clean URLs are handled in drupal_environment_initialize().
+ rewrite ^ /index.php;
+ }
+
+ location ~ ^/sites/.*/files/styles/ {
+ try_files $uri @rewrite;
+ }
+
+ error_page 403 /error/404.html;
+ error_page 404 /error/404.html;
+ error_page 500 502 503 504 /error/50x.html;
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location ~* "/\.(htaccess|htpasswd)$" {
+ deny all;
+ return 404;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/conf/web/%domain%.auth*;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal7.tpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal7.tpl
new file mode 100644
index 00000000..1b979475
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal7.tpl
@@ -0,0 +1,98 @@
+server {
+ listen %ip%:%web_port%;
+ server_name %domain_idn% %alias_idn%;
+ root %docroot%;
+ index index.php index.html index.htm;
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+
+ location = /favicon.ico {
+ log_not_found off;
+ access_log off;
+ }
+
+ location = /robots.txt {
+ allow all;
+ log_not_found off;
+ access_log off;
+ }
+
+ # Very rarely should these ever be accessed outside of your lan
+ location ~* \.(txt|log)$ {
+ allow 192.168.0.0/16;
+ deny all;
+ }
+
+ location ~ \..*/.*\.php$ {
+ return 403;
+ }
+
+ # No no for private
+ location ~ ^/sites/.*/private/ {
+ return 403;
+ }
+
+ # Block access to "hidden" files and directories whose names begin with a
+ # period. This includes directories used by version control systems such
+ # as Subversion or Git to store control files.
+ location ~ (^|/)\. {
+ return 403;
+ }
+
+ location / {
+ try_files $uri @rewrite;
+
+ location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+ expires max;
+ }
+
+ location ~ [^/]\.php(/|$) {
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ if (!-f $document_root$fastcgi_script_name) {
+ return 404;
+ }
+
+ fastcgi_pass %backend_lsnr%;
+ fastcgi_index index.php;
+ fastcgi_param SCRIPT_FILENAME $request_filename;
+ fastcgi_intercept_errors on;
+ include /etc/nginx/fastcgi_params;
+ }
+ }
+
+ location @rewrite {
+ # You have 2 options here
+ # For D7 and above:
+ # Clean URLs are handled in drupal_environment_initialize().
+ rewrite ^ /index.php;
+ }
+
+ location ~ ^/sites/.*/files/styles/ {
+ try_files $uri @rewrite;
+ }
+
+ error_page 403 /error/404.html;
+ error_page 404 /error/404.html;
+ error_page 500 502 503 504 /error/50x.html;
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location ~* "/\.(htaccess|htpasswd)$" {
+ deny all;
+ return 404;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/conf/web/%domain%.auth*;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal8.stpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal8.stpl
new file mode 100644
index 00000000..50d85b68
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal8.stpl
@@ -0,0 +1,102 @@
+server {
+ listen %ip%:%web_ssl_port%;
+ server_name %domain_idn% %alias_idn%;
+ root %sdocroot%;
+ index index.php index.html index.htm;
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+
+ ssl on;
+ ssl_certificate %ssl_pem%;
+ ssl_certificate_key %ssl_key%;
+
+ location = /favicon.ico {
+ log_not_found off;
+ access_log off;
+ }
+
+ location = /robots.txt {
+ allow all;
+ log_not_found off;
+ access_log off;
+ }
+
+ location ~* \.(txt|log)$ {
+ allow 192.168.0.0/16;
+ deny all;
+ }
+
+ location ~ \..*/.*\.php$ {
+ return 403;
+ }
+
+ # No no for private
+ location ~ ^/sites/.*/private/ {
+ return 403;
+ }
+
+ # Block access to "hidden" files and directories whose names begin with a
+ # period. This includes directories used by version control systems such
+ # as Subversion or Git to store control files.
+ location ~ (^|/)\. {
+ return 403;
+ }
+
+ location / {
+ try_files $uri @rewrite;
+
+ location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+ expires max;
+ }
+
+ location ~ [^/]\.php(/|$)|^/update.php {
+ fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ if (!-f $document_root$fastcgi_script_name) {
+ return 404;
+ }
+
+ fastcgi_pass %backend_lsnr%;
+ fastcgi_index index.php;
+ fastcgi_param SCRIPT_FILENAME $request_filename;
+ fastcgi_intercept_errors on;
+ include /etc/nginx/fastcgi_params;
+ }
+ }
+
+ location @rewrite {
+ # You have 2 options here
+ # For D7 and above:
+ # Clean URLs are handled in drupal_environment_initialize().
+ rewrite ^ /index.php;
+ }
+
+ location ~ ^/sites/.*/files/styles/ {
+ try_files $uri @rewrite;
+ }
+
+ error_page 403 /error/404.html;
+ error_page 404 /error/404.html;
+ error_page 500 502 503 504 /error/50x.html;
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location ~* "/\.(htaccess|htpasswd)$" {
+ deny all;
+ return 404;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/conf/web/%domain%.auth*;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal8.tpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal8.tpl
new file mode 100644
index 00000000..71b538bf
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal8.tpl
@@ -0,0 +1,99 @@
+server {
+ listen %ip%:%web_port%;
+ server_name %domain_idn% %alias_idn%;
+ root %docroot%;
+ index index.php index.html index.htm;
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+
+ location = /favicon.ico {
+ log_not_found off;
+ access_log off;
+ }
+
+ location = /robots.txt {
+ allow all;
+ log_not_found off;
+ access_log off;
+ }
+
+ # Very rarely should these ever be accessed outside of your lan
+ location ~* \.(txt|log)$ {
+ allow 192.168.0.0/16;
+ deny all;
+ }
+
+ location ~ \..*/.*\.php$ {
+ return 403;
+ }
+
+ # No no for private
+ location ~ ^/sites/.*/private/ {
+ return 403;
+ }
+
+ # Block access to "hidden" files and directories whose names begin with a
+ # period. This includes directories used by version control systems such
+ # as Subversion or Git to store control files.
+ location ~ (^|/)\. {
+ return 403;
+ }
+
+ location / {
+ try_files $uri @rewrite;
+
+ location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+ expires max;
+ }
+
+ location ~ [^/]\.php(/|$)|^/update.php {
+ fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ if (!-f $document_root$fastcgi_script_name) {
+ return 404;
+ }
+
+ fastcgi_pass %backend_lsnr%;
+ fastcgi_index index.php;
+ fastcgi_param SCRIPT_FILENAME $request_filename;
+ fastcgi_intercept_errors on;
+ include /etc/nginx/fastcgi_params;
+ }
+ }
+
+ location @rewrite {
+ # You have 2 options here
+ # For D7 and above:
+ # Clean URLs are handled in drupal_environment_initialize().
+ rewrite ^ /index.php;
+ }
+
+ location ~ ^/sites/.*/files/styles/ {
+ try_files $uri @rewrite;
+ }
+
+ error_page 403 /error/404.html;
+ error_page 404 /error/404.html;
+ error_page 500 502 503 504 /error/50x.html;
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location ~* "/\.(htaccess|htpasswd)$" {
+ deny all;
+ return 404;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/conf/web/%domain%.auth*;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/joomla.stpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/joomla.stpl
new file mode 100644
index 00000000..704405f3
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/joomla.stpl
@@ -0,0 +1,63 @@
+server {
+ listen %ip%:%web_ssl_port%;
+ server_name %domain_idn% %alias_idn%;
+ root %sdocroot%;
+ index index.php index.html index.htm;
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+
+ ssl on;
+ ssl_certificate %ssl_pem%;
+ ssl_certificate_key %ssl_key%;
+
+ location / {
+ try_files $uri $uri/ /index.php?$args;
+
+ location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+ expires max;
+ }
+
+ # deny running scripts inside writable directories
+ location ~* /(images|cache|media|logs|tmp)/.*\.(php|pl|py|jsp|asp|sh|cgi)$ {
+ return 403;
+ error_page 403 /403_error.html;
+ }
+
+ location ~ [^/]\.php(/|$) {
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ if (!-f $document_root$fastcgi_script_name) {
+ return 404;
+ }
+
+ fastcgi_pass %backend_lsnr%;
+ fastcgi_index index.php;
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ include /etc/nginx/fastcgi_params;
+ }
+ }
+
+ error_page 403 /error/404.html;
+ error_page 404 /error/404.html;
+ error_page 500 502 503 504 /error/50x.html;
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location ~* "/\.(htaccess|htpasswd)$" {
+ deny all;
+ return 404;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/conf/web/%domain%.auth*;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/joomla.tpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/joomla.tpl
new file mode 100644
index 00000000..91b7a8f1
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/joomla.tpl
@@ -0,0 +1,59 @@
+server {
+ listen %ip%:%web_port%;
+ server_name %domain_idn% %alias_idn%;
+ root %docroot%;
+ index index.php index.html index.htm;
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+
+ location / {
+ try_files $uri $uri/ /index.php?$args;
+
+ location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+ expires max;
+ }
+
+ # deny running scripts inside writable directories
+ location ~* /(images|cache|media|logs|tmp)/.*\.(php|pl|py|jsp|asp|sh|cgi)$ {
+ return 403;
+ error_page 403 /403_error.html;
+ }
+
+ location ~ [^/]\.php(/|$) {
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ if (!-f $document_root$fastcgi_script_name) {
+ return 404;
+ }
+
+ fastcgi_pass %backend_lsnr%;
+ fastcgi_index index.php;
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ include /etc/nginx/fastcgi_params;
+ }
+ }
+
+ error_page 403 /error/404.html;
+ error_page 404 /error/404.html;
+ error_page 500 502 503 504 /error/50x.html;
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location ~* "/\.(htaccess|htpasswd)$" {
+ deny all;
+ return 404;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/conf/web/%domain%.auth*;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/laravel.stpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/laravel.stpl
new file mode 100644
index 00000000..477f6f01
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/laravel.stpl
@@ -0,0 +1,56 @@
+server {
+ listen %ip%:%web_ssl_port%;
+ server_name %domain_idn% %alias_idn%;
+ root %sdocroot%/public;
+ index index.php index.html index.htm;
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+
+
+ ssl on;
+ ssl_certificate %ssl_pem%;
+ ssl_certificate_key %ssl_key%;
+
+ location / {
+ try_files $uri $uri/ /index.php?$query_string;
+ location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+ expires max;
+ }
+
+ location ~ [^/]\.php(/|$) {
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ if (!-f $document_root$fastcgi_script_name) {
+ return 404;
+ }
+
+ fastcgi_pass %backend_lsnr%;
+ fastcgi_index index.php;
+ include /etc/nginx/fastcgi_params;
+ }
+ }
+
+ error_page 403 /error/404.html;
+ error_page 404 /error/404.html;
+ error_page 500 502 503 504 /error/50x.html;
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location ~* "/\.(htaccess|htpasswd)$" {
+ deny all;
+ return 404;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/conf/web/%domain%.auth*;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/laravel.tpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/laravel.tpl
new file mode 100644
index 00000000..d14b0173
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/laravel.tpl
@@ -0,0 +1,50 @@
+server {
+ listen %ip%:%web_port%;
+ server_name %domain_idn% %alias_idn%;
+ root %docroot%/public;
+ index index.php index.html index.htm;
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+ location / {
+ try_files $uri $uri/ /index.php?$query_string;
+ location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+ expires max;
+ }
+
+ location ~ [^/]\.php(/|$) {
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ if (!-f $document_root$fastcgi_script_name) {
+ return 404;
+ }
+
+ fastcgi_pass %backend_lsnr%;
+ fastcgi_index index.php;
+ include /etc/nginx/fastcgi_params;
+ }
+ }
+
+ error_page 403 /error/404.html;
+ error_page 404 /error/404.html;
+ error_page 500 502 503 504 /error/50x.html;
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location ~* "/\.(htaccess|htpasswd)$" {
+ deny all;
+ return 404;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/conf/web/%domain%.auth*;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/magento.stpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/magento.stpl
new file mode 100644
index 00000000..fdab43aa
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/magento.stpl
@@ -0,0 +1,198 @@
+server {
+ listen %ip%:%web_ssl_port%;
+ server_name %domain_idn% %alias_idn%;
+
+ root %sdocroot%/pub;
+ index index.php;
+ autoindex off;
+ charset UTF-8;
+ error_page 404 403 = /errors/404.php;
+ add_header "X-UA-Compatible" "IE=Edge";
+
+ ssl on;
+ ssl_certificate %ssl_pem%;
+ ssl_certificate_key %ssl_key%;
+
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+
+ # PHP entry point for setup application
+ location ~* ^/setup($|/) {
+ root %sdocroot%;
+
+ location ~ ^/setup/index.php {
+ fastcgi_pass %backend_lsnr%;
+ fastcgi_index index.php;
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ include /etc/nginx/fastcgi_params;
+ }
+
+ location ~ ^/setup/(?!pub/). {
+ deny all;
+ }
+
+ location ~ ^/setup/pub/ {
+ add_header X-Frame-Options "SAMEORIGIN";
+ }
+ }
+
+ # PHP entry point for update application
+ location ~* ^/update($|/) {
+ root %sdocroot%;
+
+ location ~ ^/update/index.php {
+ fastcgi_split_path_info ^(/update/index.php)(/.+)$;
+ fastcgi_pass %backend_lsnr%;
+ fastcgi_index index.php;
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ fastcgi_param PATH_INFO $fastcgi_path_info;
+ include /etc/nginx/fastcgi_params;
+ }
+
+ # Deny everything but index.php
+ location ~ ^/update/(?!pub/). {
+ deny all;
+ }
+
+ location ~ ^/update/pub/ {
+ add_header X-Frame-Options "SAMEORIGIN";
+ }
+ }
+
+ location / {
+ try_files $uri $uri/ /index.php?$args;
+ }
+
+ location /pub/ {
+ location ~ ^/pub/media/(downloadable|customer|import|theme_customization/.*\.xml) {
+ deny all;
+ }
+
+ alias %sdocroot%/pub/;
+ add_header X-Frame-Options "SAMEORIGIN";
+ }
+
+ location /static/ {
+ # Uncomment the following line in production mode
+ # expires max;
+
+ # Remove signature of the static files that is used to overcome the browser cache
+ location ~ ^/static/version {
+ rewrite ^/static/(version\d*/)?(.*)$ /static/$2 last;
+ }
+
+ location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ {
+ add_header Cache-Control "public";
+ add_header X-Frame-Options "SAMEORIGIN";
+ expires +1y;
+
+ if (!-f $request_filename) {
+ rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last;
+ }
+ }
+
+ location ~* \.(zip|gz|gzip|bz2|csv|xml)$ {
+ add_header Cache-Control "no-store";
+ add_header X-Frame-Options "SAMEORIGIN";
+ expires off;
+
+ if (!-f $request_filename) {
+ rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last;
+ }
+ }
+
+ if (!-f $request_filename) {
+ rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last;
+ }
+
+ add_header X-Frame-Options "SAMEORIGIN";
+ }
+
+ location /media/ {
+ try_files $uri $uri/ /get.php?$args;
+
+ location ~ ^/media/theme_customization/.*\.xml {
+ deny all;
+ }
+
+ location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ {
+ add_header Cache-Control "public";
+ add_header X-Frame-Options "SAMEORIGIN";
+ expires +1y;
+ try_files $uri $uri/ /get.php?$args;
+ }
+
+ location ~* \.(zip|gz|gzip|bz2|csv|xml)$ {
+ add_header Cache-Control "no-store";
+ add_header X-Frame-Options "SAMEORIGIN";
+ expires off;
+ try_files $uri $uri/ /get.php?$args;
+ }
+
+ add_header X-Frame-Options "SAMEORIGIN";
+ }
+
+ location /media/customer/ {
+ deny all;
+ }
+
+ location /media/downloadable/ {
+ deny all;
+ }
+
+ location /media/import/ {
+ deny all;
+ }
+
+ # PHP entry point for main application
+ location ~ (index|get|static|report|404|503)\.php$ {
+ try_files $uri =404;
+
+ fastcgi_pass %backend_lsnr%;
+ fastcgi_buffers 1024 4k;
+ fastcgi_read_timeout 600s;
+ fastcgi_connect_timeout 600s;
+
+ fastcgi_index index.php;
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ include /etc/nginx/fastcgi_params;
+ }
+
+ gzip on;
+ gzip_disable "msie6";
+
+ gzip_comp_level 6;
+ gzip_min_length 1100;
+ gzip_buffers 16 8k;
+ gzip_proxied any;
+ gzip_types
+ text/plain
+ text/css
+ text/js
+ text/xml
+ text/javascript
+ application/javascript
+ application/x-javascript
+ application/json
+ application/xml
+ application/xml+rss
+ image/svg+xml;
+ gzip_vary on;
+
+ # Banned locations (only reached if the earlier PHP entry point regexes don't match)
+ location ~* (\.php$|\.htaccess$|\.git) {
+ deny all;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/conf/web/%domain%.auth*;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/magento.tpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/magento.tpl
new file mode 100644
index 00000000..3f292fff
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/magento.tpl
@@ -0,0 +1,194 @@
+server {
+ listen %ip%:%web_port%;
+ server_name %domain_idn% %alias_idn%;
+
+ root %docroot%/pub;
+ index index.php;
+ autoindex off;
+ charset UTF-8;
+ error_page 404 403 = /errors/404.php;
+ add_header "X-UA-Compatible" "IE=Edge";
+
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+
+ # PHP entry point for setup application
+ location ~* ^/setup($|/) {
+ root %docroot%;
+
+ location ~ ^/setup/index.php {
+ fastcgi_pass %backend_lsnr%;
+ fastcgi_index index.php;
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ include /etc/nginx/fastcgi_params;
+ }
+
+ location ~ ^/setup/(?!pub/). {
+ deny all;
+ }
+
+ location ~ ^/setup/pub/ {
+ add_header X-Frame-Options "SAMEORIGIN";
+ }
+ }
+
+ # PHP entry point for update application
+ location ~* ^/update($|/) {
+ root %docroot%;
+
+ location ~ ^/update/index.php {
+ fastcgi_split_path_info ^(/update/index.php)(/.+)$;
+ fastcgi_pass %backend_lsnr%;
+ fastcgi_index index.php;
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ fastcgi_param PATH_INFO $fastcgi_path_info;
+ include /etc/nginx/fastcgi_params;
+ }
+
+ # Deny everything but index.php
+ location ~ ^/update/(?!pub/). {
+ deny all;
+ }
+
+ location ~ ^/update/pub/ {
+ add_header X-Frame-Options "SAMEORIGIN";
+ }
+ }
+
+ location / {
+ try_files $uri $uri/ /index.php?$args;
+ }
+
+ location /pub/ {
+ location ~ ^/pub/media/(downloadable|customer|import|theme_customization/.*\.xml) {
+ deny all;
+ }
+
+ alias %docroot%/pub/;
+ add_header X-Frame-Options "SAMEORIGIN";
+ }
+
+ location /static/ {
+ # Uncomment the following line in production mode
+ # expires max;
+
+ # Remove signature of the static files that is used to overcome the browser cache
+ location ~ ^/static/version {
+ rewrite ^/static/(version\d*/)?(.*)$ /static/$2 last;
+ }
+
+ location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ {
+ add_header Cache-Control "public";
+ add_header X-Frame-Options "SAMEORIGIN";
+ expires +1y;
+
+ if (!-f $request_filename) {
+ rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last;
+ }
+ }
+
+ location ~* \.(zip|gz|gzip|bz2|csv|xml)$ {
+ add_header Cache-Control "no-store";
+ add_header X-Frame-Options "SAMEORIGIN";
+ expires off;
+
+ if (!-f $request_filename) {
+ rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last;
+ }
+ }
+
+ if (!-f $request_filename) {
+ rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last;
+ }
+
+ add_header X-Frame-Options "SAMEORIGIN";
+ }
+
+ location /media/ {
+ try_files $uri $uri/ /get.php?$args;
+
+ location ~ ^/media/theme_customization/.*\.xml {
+ deny all;
+ }
+
+ location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ {
+ add_header Cache-Control "public";
+ add_header X-Frame-Options "SAMEORIGIN";
+ expires +1y;
+ try_files $uri $uri/ /get.php?$args;
+ }
+
+ location ~* \.(zip|gz|gzip|bz2|csv|xml)$ {
+ add_header Cache-Control "no-store";
+ add_header X-Frame-Options "SAMEORIGIN";
+ expires off;
+ try_files $uri $uri/ /get.php?$args;
+ }
+
+ add_header X-Frame-Options "SAMEORIGIN";
+ }
+
+ location /media/customer/ {
+ deny all;
+ }
+
+ location /media/downloadable/ {
+ deny all;
+ }
+
+ location /media/import/ {
+ deny all;
+ }
+
+ # PHP entry point for main application
+ location ~ (index|get|static|report|404|503)\.php$ {
+ try_files $uri =404;
+
+ fastcgi_pass %backend_lsnr%;
+ fastcgi_buffers 1024 4k;
+ fastcgi_read_timeout 600s;
+ fastcgi_connect_timeout 600s;
+
+ fastcgi_index index.php;
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ include /etc/nginx/fastcgi_params;
+ }
+
+ gzip on;
+ gzip_disable "msie6";
+
+ gzip_comp_level 6;
+ gzip_min_length 1100;
+ gzip_buffers 16 8k;
+ gzip_proxied any;
+ gzip_types
+ text/plain
+ text/css
+ text/js
+ text/xml
+ text/javascript
+ application/javascript
+ application/x-javascript
+ application/json
+ application/xml
+ application/xml+rss
+ image/svg+xml;
+ gzip_vary on;
+
+ # Banned locations (only reached if the earlier PHP entry point regexes don't match)
+ location ~* (\.php$|\.htaccess$|\.git) {
+ deny all;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/conf/web/%domain%.auth*;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/modx.stpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/modx.stpl
new file mode 100644
index 00000000..f410ab77
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/modx.stpl
@@ -0,0 +1,69 @@
+server {
+ listen %ip%:%web_ssl_port%;
+ server_name %domain_idn% %alias_idn%;
+ root %sdocroot%;
+ index index.php index.html index.htm;
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+
+ ssl on;
+ ssl_certificate %ssl_pem%;
+ ssl_certificate_key %ssl_key%;
+# if you need to rewrite www to non-www uncomment bellow
+# if ($host != '%domain%' ) {
+# rewrite ^/(.*)$ https://%domain%/$1 permanent;
+# }
+ location = /favicon.ico {
+ log_not_found off;
+ access_log off;
+ }
+
+ location = /robots.txt {
+ allow all;
+ log_not_found off;
+ access_log off;
+ }
+
+ location / {
+ try_files $uri $uri/ @rewrite;
+ location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+ expires max;
+ }
+ }
+ location @rewrite {
+ rewrite ^/(.*)$ /index.php?q=$1;
+ }
+
+ location ~ \.php$ {
+ try_files $uri =404;
+ fastcgi_pass %backend_lsnr%;
+ fastcgi_index index.php;
+ fastcgi_param SCRIPT_FILENAME $request_filename;
+ include /etc/nginx/fastcgi_params;
+ }
+
+ error_page 403 /error/404.html;
+ error_page 404 /error/404.html;
+ error_page 500 502 503 504 /error/50x.html;
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location ~* "/\.(htaccess|htpasswd)$" {
+ deny all;
+ return 404;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/conf/web/%domain%.auth*;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/modx.tpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/modx.tpl
new file mode 100644
index 00000000..342d3ecf
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/modx.tpl
@@ -0,0 +1,65 @@
+server {
+ listen %ip%:%web_port%;
+ server_name %domain_idn% %alias_idn%;
+ root %docroot%;
+ index index.php index.html index.htm;
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+# if you need to rewrite www to non-www uncomment bellow
+# if ($host != '%domain%' ) {
+# rewrite ^/(.*)$ http://%domain%/$1 permanent;
+# }
+ location = /favicon.ico {
+ log_not_found off;
+ access_log off;
+ }
+
+ location = /robots.txt {
+ allow all;
+ log_not_found off;
+ access_log off;
+ }
+
+ location / {
+ try_files $uri $uri/ @rewrite;
+ location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+ expires max;
+ }
+ }
+ location @rewrite {
+ rewrite ^/(.*)$ /index.php?q=$1;
+ }
+
+ location ~ \.php$ {
+ try_files $uri =404;
+ fastcgi_pass %backend_lsnr%;
+ fastcgi_index index.php;
+ fastcgi_param SCRIPT_FILENAME $request_filename;
+ include /etc/nginx/fastcgi_params;
+ }
+
+ error_page 403 /error/404.html;
+ error_page 404 /error/404.html;
+ error_page 500 502 503 504 /error/50x.html;
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location ~* "/\.(htaccess|htpasswd)$" {
+ deny all;
+ return 404;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/conf/web/%domain%.auth*;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/moodle.stpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/moodle.stpl
new file mode 100644
index 00000000..f15a68c5
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/moodle.stpl
@@ -0,0 +1,90 @@
+server {
+ listen %ip%:%web_ssl_port%;
+ server_name %domain_idn% %alias_idn%;
+ root %sdocroot%;
+ index index.php index.html index.htm;
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+
+ ssl on;
+ ssl_certificate %ssl_pem%;
+ ssl_certificate_key %ssl_key%;
+
+ rewrite ^/(.*\.php)(/)(.*)$ /$1?file=/$3 last;
+
+ location = /favicon.ico {
+ log_not_found off;
+ access_log off;
+ }
+
+ location = /robots.txt {
+ allow all;
+ log_not_found off;
+ access_log off;
+ }
+
+ location ~* \.(txt|log)$ {
+ allow 192.168.0.0/16;
+ deny all;
+ }
+
+ location ~ \..*/.*\.php$ {
+ return 403;
+ }
+
+ # No no for private
+ location ~ ^/sites/.*/private/ {
+ return 403;
+ }
+
+ # Block access to "hidden" files and directories whose names begin with a
+ # period. This includes directories used by version control systems such
+ # as Subversion or Git to store control files.
+ location ~ (^|/)\. {
+ return 403;
+ }
+
+ location / {
+ location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+ expires max;
+ }
+
+ location ~ [^/]\.php(/|$) {
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ if (!-f $document_root$fastcgi_script_name) {
+ return 404;
+ }
+
+ fastcgi_pass %backend_lsnr%;
+ fastcgi_index index.php;
+ fastcgi_param SCRIPT_FILENAME $request_filename;
+ fastcgi_intercept_errors on;
+ include /etc/nginx/fastcgi_params;
+ }
+ }
+
+ error_page 403 /error/404.html;
+ error_page 404 /error/404.html;
+ error_page 500 502 503 504 /error/50x.html;
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location ~* "/\.(htaccess|htpasswd)$" {
+ deny all;
+ return 404;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/conf/web/%domain%.auth*;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/moodle.tpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/moodle.tpl
new file mode 100644
index 00000000..c20ba648
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/moodle.tpl
@@ -0,0 +1,87 @@
+server {
+ listen %ip%:%web_port%;
+ server_name %domain_idn% %alias_idn%;
+ root %docroot%;
+ index index.php index.html index.htm;
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+
+ rewrite ^/(.*\.php)(/)(.*)$ /$1?file=/$3 last;
+
+ location = /favicon.ico {
+ log_not_found off;
+ access_log off;
+ }
+
+ location = /robots.txt {
+ allow all;
+ log_not_found off;
+ access_log off;
+ }
+
+ # Very rarely should these ever be accessed outside of your lan
+ location ~* \.(txt|log)$ {
+ allow 192.168.0.0/16;
+ deny all;
+ }
+
+ location ~ \..*/.*\.php$ {
+ return 403;
+ }
+
+ # No no for private
+ location ~ ^/sites/.*/private/ {
+ return 403;
+ }
+
+ # Block access to "hidden" files and directories whose names begin with a
+ # period. This includes directories used by version control systems such
+ # as Subversion or Git to store control files.
+ location ~ (^|/)\. {
+ return 403;
+ }
+
+ location / {
+ location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+ expires max;
+ }
+
+ location ~ [^/]\.php(/|$) {
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ if (!-f $document_root$fastcgi_script_name) {
+ return 404;
+ }
+
+ fastcgi_pass %backend_lsnr%;
+ fastcgi_index index.php;
+ fastcgi_param SCRIPT_FILENAME $request_filename;
+ fastcgi_intercept_errors on;
+ include /etc/nginx/fastcgi_params;
+ }
+ }
+
+ error_page 403 /error/404.html;
+ error_page 404 /error/404.html;
+ error_page 500 502 503 504 /error/50x.html;
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location ~* "/\.(htaccess|htpasswd)$" {
+ deny all;
+ return 404;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/conf/web/%domain%.auth*;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/no-php.stpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/no-php.stpl
new file mode 100644
index 00000000..bc8b53a3
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/no-php.stpl
@@ -0,0 +1,47 @@
+server {
+ listen %ip%:%web_ssl_port%;
+ server_name %domain_idn% %alias_idn%;
+ root %sdocroot%;
+ index index.php index.html index.htm;
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+
+ ssl on;
+ ssl_certificate %ssl_pem%;
+ ssl_certificate_key %ssl_key%;
+
+ types {
+ text/html html htm shtml php php5;
+ }
+
+ location / {
+ location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+ expires max;
+ }
+ }
+
+ error_page 403 /error/404.html;
+ error_page 404 /error/404.html;
+ error_page 500 502 503 504 /error/50x.html;
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location ~* "/\.(htaccess|htpasswd)$" {
+ deny all;
+ return 404;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/conf/web/%domain%.auth*;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/no-php.tpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/no-php.tpl
new file mode 100644
index 00000000..7ff8aa1d
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/no-php.tpl
@@ -0,0 +1,43 @@
+server {
+ listen %ip%:%web_port%;
+ server_name %domain_idn% %alias_idn%;
+ root %docroot%;
+ index index.php index.html index.htm;
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+
+ types {
+ text/html html htm shtml php php5;
+ }
+
+ location / {
+ location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+ expires max;
+ }
+ }
+
+ error_page 403 /error/404.html;
+ error_page 404 /error/404.html;
+ error_page 500 502 503 504 /error/50x.html;
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location ~* "/\.(htaccess|htpasswd)$" {
+ deny all;
+ return 404;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/conf/web/%domain%.auth*;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/odoo.stpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/odoo.stpl
new file mode 100644
index 00000000..d6697d7a
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/odoo.stpl
@@ -0,0 +1,70 @@
+server {
+ listen %ip%:%web_ssl_port%;
+ server_name %domain_idn% %alias_idn%;
+ root %sdocroot%;
+ index index.php index.html index.htm;
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+
+ ssl on;
+ ssl_certificate %ssl_pem%;
+ ssl_certificate_key %ssl_key%;
+
+ proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504;
+ proxy_redirect off;
+
+ proxy_set_header X-Forwarded-Host $host;
+ proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+ proxy_set_header X-Forwarded-Proto $scheme;
+ proxy_set_header X-Real-IP $remote_addr;
+
+ proxy_connect_timeout 720;
+ proxy_send_timeout 720;
+ proxy_read_timeout 720;
+ send_timeout 720;
+
+ # Allow "Well-Known URIs" as per RFC 5785
+ location ~* ^/.well-known/ {
+ allow all;
+ }
+
+ location / {
+ proxy_pass http://127.0.0.1:8069;
+ }
+
+ location /longpolling {
+ proxy_pass http://127.0.0.1:8072;
+ }
+
+ location ~* /web/static/ {
+ proxy_cache_valid 200 60m;
+ proxy_buffering on;
+ expires 864000;
+ proxy_pass http://127.0.0.1:8069;
+ }
+
+ error_page 403 /error/404.html;
+ error_page 404 /error/404.html;
+ error_page 500 502 503 504 /error/50x.html;
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location ~* "/\.(htaccess|htpasswd)$" {
+ deny all;
+ return 404;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/conf/web/%domain%.auth*;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/odoo.tpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/odoo.tpl
new file mode 100644
index 00000000..b1240aae
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/odoo.tpl
@@ -0,0 +1,66 @@
+server {
+ listen %ip%:%web_port%;
+ server_name %domain_idn% %alias_idn%;
+ root %docroot%;
+ index index.php index.html index.htm;
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+
+ proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504;
+ proxy_redirect off;
+
+ proxy_set_header X-Forwarded-Host $host;
+ proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+ proxy_set_header X-Forwarded-Proto $scheme;
+ proxy_set_header X-Real-IP $remote_addr;
+
+ proxy_connect_timeout 720;
+ proxy_send_timeout 720;
+ proxy_read_timeout 720;
+ send_timeout 720;
+
+ # Allow "Well-Known URIs" as per RFC 5785
+ location ~* ^/.well-known/ {
+ allow all;
+ }
+
+ location / {
+ proxy_pass http://127.0.0.1:8069;
+ }
+
+ location /longpolling {
+ proxy_pass http://127.0.0.1:8072;
+ }
+
+ location ~* /web/static/ {
+ proxy_cache_valid 200 60m;
+ proxy_buffering on;
+ expires 864000;
+ proxy_pass http://127.0.0.1:8069;
+ }
+
+ error_page 403 /error/404.html;
+ error_page 404 /error/404.html;
+ error_page 500 502 503 504 /error/50x.html;
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location ~* "/\.(htaccess|htpasswd)$" {
+ deny all;
+ return 404;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/conf/web/%domain%.auth*;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/opencart.stpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/opencart.stpl
new file mode 100644
index 00000000..908b9aeb
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/opencart.stpl
@@ -0,0 +1,59 @@
+server {
+ listen %ip%:%web_ssl_port%;
+ server_name %domain_idn% %alias_idn%;
+ root %sdocroot%;
+ index index.php index.html index.htm;
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+
+ ssl on;
+ ssl_certificate %ssl_pem%;
+ ssl_certificate_key %ssl_key%;
+
+ location / {
+ try_files $uri $uri/ @opencart;
+ location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+ expires max;
+ }
+
+ location ~ [^/]\.php(/|$) {
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ if (!-f $document_root$fastcgi_script_name) {
+ return 404;
+ }
+
+ fastcgi_pass %backend_lsnr%;
+ fastcgi_index index.php;
+ include /etc/nginx/fastcgi_params;
+ }
+ }
+
+ location @opencart {
+ rewrite ^/(.+)$ /index.php?_route_=$1 last;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/conf/web/%domain%.auth*;
+ }
+
+ error_page 403 /error/404.html;
+ error_page 404 /error/404.html;
+ error_page 500 502 503 504 /error/50x.html;
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location ~* "/\.(htaccess|htpasswd)$" {
+ deny all;
+ return 404;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/opencart.tpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/opencart.tpl
new file mode 100644
index 00000000..d0a9060b
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/opencart.tpl
@@ -0,0 +1,54 @@
+server {
+ listen %ip%:%web_port%;
+ server_name %domain_idn% %alias_idn%;
+ root %docroot%;
+ index index.php index.html index.htm;
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+ location / {
+ try_files $uri $uri/ @opencart;
+ location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+ expires max;
+ }
+
+ location ~ [^/]\.php(/|$) {
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ if (!-f $document_root$fastcgi_script_name) {
+ return 404;
+ }
+
+ fastcgi_pass %backend_lsnr%;
+ fastcgi_index index.php;
+ include /etc/nginx/fastcgi_params;
+ }
+ }
+
+ location @opencart {
+ rewrite ^/(.+)$ /index.php?_route_=$1 last;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/conf/web/%domain%.auth*;
+ }
+
+ error_page 403 /error/404.html;
+ error_page 404 /error/404.html;
+ error_page 500 502 503 504 /error/50x.html;
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location ~* "/\.(htaccess|htpasswd)$" {
+ deny all;
+ return 404;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/owncloud.stpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/owncloud.stpl
new file mode 100644
index 00000000..891566b9
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/owncloud.stpl
@@ -0,0 +1,85 @@
+server {
+ listen %ip%:%web_ssl_port%;
+ server_name %domain_idn% %alias_idn%;
+ root %sdocroot%;
+ index index.php index.html index.htm;
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+
+ ssl on;
+ ssl_certificate %ssl_pem%;
+ ssl_certificate_key %ssl_key%;
+
+ location = /favicon.ico {
+ log_not_found off;
+ access_log off;
+ }
+
+ location = /robots.txt {
+ allow all;
+ log_not_found off;
+ access_log off;
+ }
+
+ rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect;
+ rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect;
+ rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect;
+
+ error_page 403 = /core/templates/403.php;
+ error_page 404 = /core/templates/404.php;
+
+ location ~ ^/(?:\.htaccess|data|config|db_structure\.xml|README){
+ deny all;
+ }
+
+ location / {
+ # The following 2 rules are only needed with webfinger
+ rewrite ^/.well-known/host-meta /public.php?service=host-meta last;
+ rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last;
+ rewrite ^/.well-known/carddav /remote.php/carddav/ redirect;
+ rewrite ^/.well-known/caldav /remote.php/caldav/ redirect;
+ rewrite ^(/core/doc/[^\/]+/)$ $1/index.html;
+ try_files $uri $uri/ /index.php;
+
+ location ~ \.php(?:$|/) {
+ fastcgi_split_path_info ^(.+\.php)(/.+)$;
+ include /etc/nginx/fastcgi_params;
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ fastcgi_param PATH_INFO $fastcgi_path_info;
+ #fastcgi_param HTTPS on;
+ fastcgi_pass %backend_lsnr%;
+ }
+ }
+
+ location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+ expires max;
+ # Some basic cache-control for static files to be sent to the browser
+ add_header Pragma public;
+ add_header Cache-Control "public, must-revalidate, proxy-revalidate";
+ }
+
+ #error_page 403 /error/404.html;
+ #error_page 404 /error/404.html;
+ error_page 500 502 503 504 /error/50x.html;
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location ~* "/\.(htaccess|htpasswd)$" {
+ deny all;
+ return 404;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/conf/web/%domain%.auth*;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/owncloud.tpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/owncloud.tpl
new file mode 100644
index 00000000..e3ec31de
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/owncloud.tpl
@@ -0,0 +1,81 @@
+server {
+ listen %ip%:%web_port%;
+ server_name %domain_idn% %alias_idn%;
+ root %docroot%;
+ index index.php index.html index.htm;
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+
+ location = /favicon.ico {
+ log_not_found off;
+ access_log off;
+ }
+
+ location = /robots.txt {
+ allow all;
+ log_not_found off;
+ access_log off;
+ }
+
+ rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect;
+ rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect;
+ rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect;
+
+ error_page 403 = /core/templates/403.php;
+ error_page 404 = /core/templates/404.php;
+
+ location ~ ^/(?:\.htaccess|data|config|db_structure\.xml|README){
+ deny all;
+ }
+
+ location / {
+ # The following 2 rules are only needed with webfinger
+ rewrite ^/.well-known/host-meta /public.php?service=host-meta last;
+ rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last;
+ rewrite ^/.well-known/carddav /remote.php/carddav/ redirect;
+ rewrite ^/.well-known/caldav /remote.php/caldav/ redirect;
+ rewrite ^(/core/doc/[^\/]+/)$ $1/index.html;
+ try_files $uri $uri/ /index.php;
+
+ location ~ \.php(?:$|/) {
+ fastcgi_split_path_info ^(.+\.php)(/.+)$;
+ include /etc/nginx/fastcgi_params;
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ fastcgi_param PATH_INFO $fastcgi_path_info;
+ #fastcgi_param HTTPS on;
+ fastcgi_pass %backend_lsnr%;
+ }
+ }
+
+ location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+ expires max;
+ # Some basic cache-control for static files to be sent to the browser
+ add_header Pragma public;
+ add_header Cache-Control "public, must-revalidate, proxy-revalidate";
+ }
+
+ #error_page 403 /error/404.html;
+ #error_page 404 /error/404.html;
+ error_page 500 502 503 504 /error/50x.html;
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location ~* "/\.(htaccess|htpasswd)$" {
+ deny all;
+ return 404;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/conf/web/%domain%.auth*;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/piwik.stpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/piwik.stpl
new file mode 100644
index 00000000..78c1bb78
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/piwik.stpl
@@ -0,0 +1,73 @@
+server {
+ listen %ip%:%web_ssl_port%;
+ server_name %domain_idn% %alias_idn%;
+ root %sdocroot%;
+ index index.php index.html index.htm;
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+
+ ssl on;
+ ssl_certificate %ssl_pem%;
+ ssl_certificate_key %ssl_key%;
+
+ location = /favicon.ico {
+ try_files /favicon.ico =204;
+ }
+
+ location / {
+ try_files $uri /index.php;
+
+ location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+ valid_referers none blocked %domain_idn% %alias_idn%;
+ if ($invalid_referer) {
+ return 444;
+ }
+ expires max;
+ }
+
+ location ~* ^/(?:index|piwik)\.php$ {
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ if (!-f $document_root$fastcgi_script_name) {
+ return 404;
+ }
+
+ fastcgi_pass %backend_lsnr%;
+ include /etc/nginx/fastcgi_params;
+ }
+ }
+
+ # Any other attempt to access PHP files returns a 404.
+ location ~* ^.+\.php$ {
+ return 404;
+ }
+
+ # Return a 404 for all text files.
+ location ~* ^/(?:README|LICENSE[^.]*|LEGALNOTICE)(?:\.txt)*$ {
+ return 404;
+ }
+
+ error_page 403 /error/404.html;
+ error_page 404 /error/404.html;
+ error_page 500 502 503 504 /error/50x.html;
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location ~* "/\.(htaccess|htpasswd)$" {
+ deny all;
+ return 404;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/conf/web/%domain%.auth*;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/piwik.tpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/piwik.tpl
new file mode 100644
index 00000000..f94fb7de
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/piwik.tpl
@@ -0,0 +1,69 @@
+server {
+ listen %ip%:%web_port%;
+ server_name %domain_idn% %alias_idn%;
+ root %docroot%;
+ index index.php index.html index.htm;
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+
+ location = /favicon.ico {
+ try_files /favicon.ico =204;
+ }
+
+ location / {
+ try_files $uri /index.php;
+
+ location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+ valid_referers none blocked %domain_idn% %alias_idn%;
+ if ($invalid_referer) {
+ return 444;
+ }
+ expires max;
+ }
+
+ location ~* ^/(?:index|piwik)\.php$ {
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ if (!-f $document_root$fastcgi_script_name) {
+ return 404;
+ }
+
+ fastcgi_pass %backend_lsnr%;
+ include /etc/nginx/fastcgi_params;
+ }
+ }
+
+ # Any other attempt to access PHP files returns a 404.
+ location ~* ^.+\.php$ {
+ return 404;
+ }
+
+ # Return a 404 for all text files.
+ location ~* ^/(?:README|LICENSE[^.]*|LEGALNOTICE)(?:\.txt)*$ {
+ return 404;
+ }
+
+ error_page 403 /error/404.html;
+ error_page 404 /error/404.html;
+ error_page 500 502 503 504 /error/50x.html;
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location ~* "/\.(htaccess|htpasswd)$" {
+ deny all;
+ return 404;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/conf/web/%domain%.auth*;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/pyrocms.stpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/pyrocms.stpl
new file mode 100644
index 00000000..5ffc9ed5
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/pyrocms.stpl
@@ -0,0 +1,66 @@
+server {
+ listen %ip%:%web_ssl_port%;
+ server_name %domain_idn% %alias_idn%;
+ root %sdocroot%/public;
+ index index.php index.html index.htm;
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+
+ ssl on;
+ ssl_certificate %ssl_pem%;
+ ssl_certificate_key %ssl_key%;
+
+ location /installer {
+ try_files $uri $uri/ /installer/index.php?$query_string;
+ }
+
+ location / {
+ try_files $uri $uri/ /index.php;
+
+ location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+ expires max;
+ }
+
+ location ~ [^/]\.php(/|$) {
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ if (!-f $document_root$fastcgi_script_name) {
+ return 404;
+ }
+
+ fastcgi_pass %backend_lsnr%;
+ fastcgi_index index.php;
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ include /etc/nginx/fastcgi_params;
+ }
+ }
+
+ location = /robots.txt { access_log off; log_not_found off; }
+ location = /favicon.ico { access_log off; log_not_found off; }
+ location ~ /\. { access_log off; log_not_found off; deny all; }
+ location ~ ~$ { access_log off; log_not_found off; deny all; }
+
+ error_page 403 /error/404.html;
+ error_page 404 /error/404.html;
+ error_page 500 502 503 504 /error/50x.html;
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location ~* "/\.(htaccess|htpasswd)$" {
+ deny all;
+ return 404;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/conf/web/%domain%.auth*;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/pyrocms.tpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/pyrocms.tpl
new file mode 100644
index 00000000..297fe0e8
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/pyrocms.tpl
@@ -0,0 +1,62 @@
+server {
+ listen %ip%:%web_port%;
+ server_name %domain_idn% %alias_idn%;
+ root %docroot%/public;
+ index index.php index.html index.htm;
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+
+ location /installer {
+ try_files $uri $uri/ /installer/index.php?$query_string;
+ }
+
+ location / {
+ try_files $uri $uri/ /index.php;
+
+ location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+ expires max;
+ }
+
+ location ~ [^/]\.php(/|$) {
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ if (!-f $document_root$fastcgi_script_name) {
+ return 404;
+ }
+
+ fastcgi_pass %backend_lsnr%;
+ fastcgi_index index.php;
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ include /etc/nginx/fastcgi_params;
+ }
+ }
+
+ location = /robots.txt { access_log off; log_not_found off; }
+ location = /favicon.ico { access_log off; log_not_found off; }
+ location ~ /\. { access_log off; log_not_found off; deny all; }
+ location ~ ~$ { access_log off; log_not_found off; deny all; }
+
+ error_page 403 /error/404.html;
+ error_page 404 /error/404.html;
+ error_page 500 502 503 504 /error/50x.html;
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location ~* "/\.(htaccess|htpasswd)$" {
+ deny all;
+ return 404;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/conf/web/%domain%.auth*;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/sendy.stpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/sendy.stpl
new file mode 100644
index 00000000..0b351000
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/sendy.stpl
@@ -0,0 +1,88 @@
+server {
+ listen %ip%:%web_ssl_port% ssl http2;
+ server_name %domain_idn% %alias_idn%;
+ ssl_certificate %ssl_pem%;
+ ssl_certificate_key %ssl_key%;
+ root %docroot%;
+ index index.php index.html index.htm;
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+
+ location = /favicon.ico {
+ log_not_found off;
+ access_log off;
+ }
+
+ location = /robots.txt {
+ allow all;
+ log_not_found off;
+ access_log off;
+ }
+
+ location ~* "/\.(htaccess|htpasswd|git|svn|DS_Store)$" {
+ deny all;
+ }
+
+ location ~ /(readme.html|license.txt) {
+ deny all;
+ }
+
+ if (!-f $request_filename){
+ rewrite ^/([a-zA-Z0-9-]+)$ /$1.php last;
+ }
+
+ location / {
+ try_files $uri $uri/ /index.php?$args;
+ location ~* ^.+\.(ogg|ogv|svg|svgz|swf|eot|otf|woff|mov|mp3|mp4|webm|flv|ttf|rss|atom|jpg|jpeg|gif|png|ico|bmp|mid|midi|wav|rtf|css|js|jar|pdf)$ {
+ expires 1d;
+ }
+
+ location ~ [^/]\.php(/|$) {
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ try_files $uri =404;
+ fastcgi_pass %backend_lsnr%;
+ fastcgi_index index.php;
+ include /etc/nginx/fastcgi_params;
+ }
+
+ location /l/ {
+ rewrite ^/l/([a-zA-Z0-9/]+)$ /l.php?i=$1 last;
+ }
+
+ location /t/ {
+ rewrite ^/t/([a-zA-Z0-9/]+)$ /t.php?i=$1 last;
+ }
+
+ location /w/ {
+ rewrite ^/w/([a-zA-Z0-9/]+)$ /w.php?i=$1 last;
+ }
+
+ location /unsubscribe/ {
+ rewrite ^/unsubscribe/(.*)$ /unsubscribe.php?i=$1 last;
+ }
+
+ location /subscribe/ {
+ rewrite ^/subscribe/(.*)$ /subscribe.php?i=$1 last;
+ }
+ }
+
+ error_page 403 /error/404.html;
+ error_page 404 /error/404.html;
+ error_page 500 502 503 504 /error/50x.html;
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/web/%domain%/stats/auth.conf*;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/sendy.tpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/sendy.tpl
new file mode 100644
index 00000000..b27b427d
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/sendy.tpl
@@ -0,0 +1,86 @@
+server {
+ listen %ip%:%web_port%;
+ server_name %domain_idn% %alias_idn%;
+ root %docroot%;
+ index index.php index.html index.htm;
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+
+ location = /favicon.ico {
+ log_not_found off;
+ access_log off;
+ }
+
+ location = /robots.txt {
+ allow all;
+ log_not_found off;
+ access_log off;
+ }
+
+ location ~* "/\.(htaccess|htpasswd|git|svn|DS_Store)$" {
+ deny all;
+ }
+
+ location ~ /(readme.html|license.txt) {
+ deny all;
+ }
+
+ if (!-f $request_filename){
+ rewrite ^/([a-zA-Z0-9-]+)$ /$1.php last;
+ }
+
+ location / {
+ try_files $uri $uri/ /index.php?$args;
+ location ~* ^.+\.(ogg|ogv|svg|svgz|swf|eot|otf|woff|mov|mp3|mp4|webm|flv|ttf|rss|atom|jpg|jpeg|gif|png|ico|bmp|mid|midi|wav|rtf|css|js|jar|pdf)$ {
+ expires 1d;
+ }
+
+ location ~ [^/]\.php(/|$) {
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ try_files $uri =404;
+ fastcgi_pass %backend_lsnr%;
+ fastcgi_index index.php;
+ include /etc/nginx/fastcgi_params;
+ }
+
+ location /l/ {
+ rewrite ^/l/([a-zA-Z0-9/]+)$ /l.php?i=$1 last;
+ }
+
+ location /t/ {
+ rewrite ^/t/([a-zA-Z0-9/]+)$ /t.php?i=$1 last;
+ }
+
+ location /w/ {
+ rewrite ^/w/([a-zA-Z0-9/]+)$ /w.php?i=$1 last;
+ }
+
+ location /unsubscribe/ {
+ rewrite ^/unsubscribe/(.*)$ /unsubscribe.php?i=$1 last;
+ }
+
+ location /subscribe/ {
+ rewrite ^/subscribe/(.*)$ /subscribe.php?i=$1 last;
+ }
+ }
+
+ error_page 403 /error/404.html;
+ error_page 404 /error/404.html;
+ error_page 500 502 503 504 /error/50x.html;
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/web/%domain%/stats/auth.conf*;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/wordpress.stpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/wordpress.stpl
new file mode 100644
index 00000000..5cb55311
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/wordpress.stpl
@@ -0,0 +1,55 @@
+server {
+ listen %ip%:%web_ssl_port%;
+ server_name %domain_idn% %alias_idn%;
+ root %sdocroot%;
+ index index.php index.html index.htm;
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+
+ ssl on;
+ ssl_certificate %ssl_pem%;
+ ssl_certificate_key %ssl_key%;
+
+ location / {
+
+ location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+ expires max;
+ }
+
+ location ~ [^/]\.php(/|$) {
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ if (!-f $document_root$fastcgi_script_name) {
+ return 404;
+ }
+
+ fastcgi_pass %backend_lsnr%;
+ fastcgi_index index.php;
+ include /etc/nginx/fastcgi_params;
+ }
+ }
+
+ error_page 403 /error/404.html;
+ error_page 404 /error/404.html;
+ error_page 500 502 503 504 /error/50x.html;
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location ~* "/\.(htaccess|htpasswd)$" {
+ deny all;
+ return 404;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/conf/web/%domain%.auth*;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/wordpress.tpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/wordpress.tpl
new file mode 100644
index 00000000..a8909efb
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/wordpress.tpl
@@ -0,0 +1,51 @@
+server {
+ listen %ip%:%web_port%;
+ server_name %domain_idn% %alias_idn%;
+ root %docroot%;
+ index index.php index.html index.htm;
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+
+ location / {
+
+ location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+ expires max;
+ }
+
+ location ~ [^/]\.php(/|$) {
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ if (!-f $document_root$fastcgi_script_name) {
+ return 404;
+ }
+
+ fastcgi_pass %backend_lsnr%;
+ fastcgi_index index.php;
+ include /etc/nginx/fastcgi_params;
+ }
+ }
+
+ error_page 403 /error/404.html;
+ error_page 404 /error/404.html;
+ error_page 500 502 503 504 /error/50x.html;
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location ~* "/\.(htaccess|htpasswd)$" {
+ deny all;
+ return 404;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/conf/web/%domain%.auth*;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/wordpress2.stpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/wordpress2.stpl
new file mode 100644
index 00000000..e0aeb524
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/wordpress2.stpl
@@ -0,0 +1,67 @@
+server {
+ listen %ip%:%web_ssl_port%;
+ server_name %domain_idn% %alias_idn%;
+ root %sdocroot%;
+ index index.php index.html index.htm;
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+
+ ssl on;
+ ssl_certificate %ssl_pem%;
+ ssl_certificate_key %ssl_key%;
+
+ location = /favicon.ico {
+ log_not_found off;
+ access_log off;
+ }
+
+ location = /robots.txt {
+ allow all;
+ log_not_found off;
+ access_log off;
+ }
+
+ location / {
+ try_files $uri $uri/ /index.php?$args;
+
+ location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+ expires max;
+ }
+
+ location ~ [^/]\.php(/|$) {
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ if (!-f $document_root$fastcgi_script_name) {
+ return 404;
+ }
+
+ fastcgi_pass %backend_lsnr%;
+ fastcgi_index index.php;
+ include /etc/nginx/fastcgi_params;
+ }
+ }
+
+ error_page 403 /error/404.html;
+ error_page 404 /error/404.html;
+ error_page 500 502 503 504 /error/50x.html;
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location ~* "/\.(htaccess|htpasswd)$" {
+ deny all;
+ return 404;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/conf/web/%domain%.auth*;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/wordpress2.tpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/wordpress2.tpl
new file mode 100644
index 00000000..bccb8b3d
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/wordpress2.tpl
@@ -0,0 +1,63 @@
+server {
+ listen %ip%:%web_port%;
+ server_name %domain_idn% %alias_idn%;
+ root %docroot%;
+ index index.php index.html index.htm;
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+
+ location = /favicon.ico {
+ log_not_found off;
+ access_log off;
+ }
+
+ location = /robots.txt {
+ allow all;
+ log_not_found off;
+ access_log off;
+ }
+
+ location / {
+ try_files $uri $uri/ /index.php?$args;
+
+ location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+ expires max;
+ }
+
+ location ~ [^/]\.php(/|$) {
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ if (!-f $document_root$fastcgi_script_name) {
+ return 404;
+ }
+
+ fastcgi_pass %backend_lsnr%;
+ fastcgi_index index.php;
+ include /etc/nginx/fastcgi_params;
+ }
+ }
+
+ error_page 403 /error/404.html;
+ error_page 404 /error/404.html;
+ error_page 500 502 503 504 /error/50x.html;
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location ~* "/\.(htaccess|htpasswd)$" {
+ deny all;
+ return 404;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/conf/web/%domain%.auth*;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl
new file mode 100644
index 00000000..0d933b30
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl
@@ -0,0 +1,72 @@
+server {
+ listen %ip%:%web_ssl_port%;
+ server_name %domain_idn% %alias_idn%;
+ root %docroot%;
+ index index.php index.html index.htm;
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+
+ ssl on;
+ ssl_certificate %ssl_pem%;
+ ssl_certificate_key %ssl_key%;
+
+ location = /favicon.ico {
+ log_not_found off;
+ access_log off;
+ }
+
+ location = /robots.txt {
+ allow all;
+ log_not_found off;
+ access_log off;
+ }
+
+ location / {
+ try_files $uri $uri/ /index.php?$args;
+
+ if (!-e $request_filename)
+ {
+ rewrite ^(.+)$ /index.php?q=$1 last;
+ }
+
+ location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+ expires max;
+ }
+
+ location ~ [^/]\.php(/|$) {
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ if (!-f $document_root$fastcgi_script_name) {
+ return 404;
+ }
+
+ fastcgi_pass %backend_lsnr%;
+ fastcgi_index index.php;
+ include /etc/nginx/fastcgi_params;
+ }
+ }
+
+ error_page 403 /error/404.html;
+ error_page 404 /error/404.html;
+ error_page 500 502 503 504 /error/50x.html;
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location ~* "/\.(htaccess|htpasswd)$" {
+ deny all;
+ return 404;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/web/%domain%/stats/auth.conf*;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/nginx.%domain_idn%.conf*;
+}
diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/wordpress2_rewrite.tpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/wordpress2_rewrite.tpl
new file mode 100644
index 00000000..39e366b7
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/wordpress2_rewrite.tpl
@@ -0,0 +1,67 @@
+server {
+ listen %ip%:%web_port%;
+ server_name %domain_idn% %alias_idn%;
+ root %docroot%;
+ index index.php index.html index.htm;
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+ location = /favicon.ico {
+ log_not_found off;
+ access_log off;
+ }
+
+ location = /robots.txt {
+ allow all;
+ log_not_found off;
+ access_log off;
+ }
+
+ location / {
+ try_files $uri $uri/ /index.php?$args;
+
+ if (!-e $request_filename)
+ {
+ rewrite ^(.+)$ /index.php?q=$1 last;
+ }
+
+ location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+ expires max;
+ }
+
+ location ~ [^/]\.php(/|$) {
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ if (!-f $document_root$fastcgi_script_name) {
+ return 404;
+ }
+
+ fastcgi_pass %backend_lsnr%;
+ fastcgi_index index.php;
+ include /etc/nginx/fastcgi_params;
+ }
+ }
+
+ error_page 403 /error/404.html;
+ error_page 404 /error/404.html;
+ error_page 500 502 503 504 /error/50x.html;
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location ~* "/\.(htaccess|htpasswd)$" {
+ deny all;
+ return 404;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/web/%domain%/stats/auth.conf*;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/nginx.%domain_idn%.conf*;
+}
diff --git a/install/ubuntu/17.04/templates/web/nginx/proxy_ip.tpl b/install/ubuntu/17.04/templates/web/nginx/proxy_ip.tpl
new file mode 100755
index 00000000..ae195617
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/nginx/proxy_ip.tpl
@@ -0,0 +1,9 @@
+server {
+ listen %ip%:%proxy_port% default;
+ server_name _;
+ #access_log /var/log/nginx/%ip%.log main;
+ location / {
+ proxy_pass http://%ip%:%web_port%;
+ }
+}
+
diff --git a/install/ubuntu/17.04/templates/web/php-fpm/default.tpl b/install/ubuntu/17.04/templates/web/php-fpm/default.tpl
new file mode 100644
index 00000000..209e1e43
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/php-fpm/default.tpl
@@ -0,0 +1,21 @@
+[%backend%]
+listen = 127.0.0.1:%backend_port%
+listen.allowed_clients = 127.0.0.1
+
+user = %user%
+group = %user%
+
+pm = ondemand
+pm.max_children = 4
+pm.max_requests = 4000
+pm.process_idle_timeout = 10s
+pm.status_path = /status
+
+php_admin_value[upload_tmp_dir] = /home/%user%/tmp
+php_admin_value[session.save_path] = /home/%user%/tmp
+
+env[HOSTNAME] = $HOSTNAME
+env[PATH] = /usr/local/bin:/usr/bin:/bin
+env[TMP] = /home/%user%/tmp
+env[TMPDIR] = /home/%user%/tmp
+env[TEMP] = /home/%user%/tmp
diff --git a/install/ubuntu/17.04/templates/web/php-fpm/no-php.tpl b/install/ubuntu/17.04/templates/web/php-fpm/no-php.tpl
new file mode 100644
index 00000000..047c33ed
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/php-fpm/no-php.tpl
@@ -0,0 +1,20 @@
+;[%backend%]
+;listen = /dev/null
+
+;user = %user%
+;group = %user%
+
+;listen.owner = %user%
+;listen.group = www-data
+
+;pm = ondemand
+;pm.max_children = 4
+;pm.max_requests = 4000
+;pm.process_idle_timeout = 10s
+;pm.status_path = /status
+
+;env[HOSTNAME] = $HOSTNAME
+;env[PATH] = /usr/local/bin:/usr/bin:/bin
+;env[TMP] = /home/%user%/tmp
+;env[TMPDIR] = /home/%user%/tmp
+;env[TEMP] = /home/%user%/tmp
diff --git a/install/ubuntu/17.04/templates/web/php-fpm/socket.tpl b/install/ubuntu/17.04/templates/web/php-fpm/socket.tpl
new file mode 100644
index 00000000..a0151084
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/php-fpm/socket.tpl
@@ -0,0 +1,24 @@
+[%backend%]
+listen = /var/run/php/%backend%.sock
+listen.allowed_clients = 127.0.0.1
+
+user = %user%
+group = %user%
+
+listen.owner = %user%
+listen.group = www-data
+
+pm = ondemand
+pm.max_children = 4
+pm.max_requests = 4000
+pm.process_idle_timeout = 10s
+pm.status_path = /status
+
+php_admin_value[upload_tmp_dir] = /home/%user%/tmp
+php_admin_value[session.save_path] = /home/%user%/tmp
+
+env[HOSTNAME] = $HOSTNAME
+env[PATH] = /usr/local/bin:/usr/bin:/bin
+env[TMP] = /home/%user%/tmp
+env[TMPDIR] = /home/%user%/tmp
+env[TEMP] = /home/%user%/tmp
diff --git a/install/ubuntu/17.04/templates/web/skel/document_errors/403.html b/install/ubuntu/17.04/templates/web/skel/document_errors/403.html
new file mode 100755
index 00000000..9c3f6baa
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/skel/document_errors/403.html
@@ -0,0 +1,29 @@
+
+
+ 403 — Forbidden
+
+
+
+
+
+
+ %domain%
+
+ 403
+ Forbidden
+
+ Unfortunately, you do not have permission to view this
+
+
+
+
diff --git a/install/ubuntu/17.04/templates/web/skel/document_errors/404.html b/install/ubuntu/17.04/templates/web/skel/document_errors/404.html
new file mode 100755
index 00000000..2cee7708
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/skel/document_errors/404.html
@@ -0,0 +1,28 @@
+
+
+ 404 — Not Found
+
+
+
+
+
+
+ %domain%
+ 404
+ Page Not Found
+
+ It seems that the page you were trying to reach does not exist anymore, or maybe it has just moved.
+ You can start again from the
home or go back to
previous page.
+
%domain%
+
+ 500
+ Internal Server Error
+
+ Sorry, something went wrong :(
+
+
+
+
diff --git a/install/ubuntu/17.04/templates/web/skel/public_html/index.html b/install/ubuntu/17.04/templates/web/skel/public_html/index.html
new file mode 100755
index 00000000..4f5bb724
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/skel/public_html/index.html
@@ -0,0 +1,26 @@
+
+
+ %domain% — Coming Soon
+
+
+
+
+
+
+ %domain%
+
+
+
+
+
diff --git a/install/ubuntu/17.04/templates/web/skel/public_html/robots.txt b/install/ubuntu/17.04/templates/web/skel/public_html/robots.txt
new file mode 100755
index 00000000..00ee83dc
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/skel/public_html/robots.txt
@@ -0,0 +1,3 @@
+# vestacp autogenerated robots.txt
+User-agent: *
+Crawl-delay: 10
diff --git a/install/ubuntu/17.04/templates/web/skel/public_shtml/index.html b/install/ubuntu/17.04/templates/web/skel/public_shtml/index.html
new file mode 100755
index 00000000..4f5bb724
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/skel/public_shtml/index.html
@@ -0,0 +1,26 @@
+
+
+ %domain% — Coming Soon
+
+
+
+
+
+
+ %domain%
+
+
+
+
+
diff --git a/install/ubuntu/17.04/templates/web/skel/public_shtml/robots.txt b/install/ubuntu/17.04/templates/web/skel/public_shtml/robots.txt
new file mode 100755
index 00000000..00ee83dc
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/skel/public_shtml/robots.txt
@@ -0,0 +1,3 @@
+# vestacp autogenerated robots.txt
+User-agent: *
+Crawl-delay: 10
diff --git a/install/ubuntu/17.04/templates/web/suspend/.htaccess b/install/ubuntu/17.04/templates/web/suspend/.htaccess
new file mode 100755
index 00000000..5a6df83f
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/suspend/.htaccess
@@ -0,0 +1,2 @@
+ErrorDocument 403 /index.html
+ErrorDocument 404 /index.html
diff --git a/install/ubuntu/17.04/templates/web/suspend/index.html b/install/ubuntu/17.04/templates/web/suspend/index.html
new file mode 100755
index 00000000..f2d04e1f
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/suspend/index.html
@@ -0,0 +1,25 @@
+
+
+ Website Suspended
+
+
+
+
+
+ SUSPENDED
+ This website has been suspended.
+
+ Please contact the technical support department.
+
+
+
diff --git a/install/ubuntu/17.04/templates/web/webalizer/webalizer.tpl b/install/ubuntu/17.04/templates/web/webalizer/webalizer.tpl
new file mode 100755
index 00000000..068adcfb
--- /dev/null
+++ b/install/ubuntu/17.04/templates/web/webalizer/webalizer.tpl
@@ -0,0 +1,110 @@
+HostName %domain_idn%
+LogFile /var/log/%web_system%/domains/%domain%.log
+OutputDir %home%/%user%/web/%domain%/stats
+HistoryName %home%/%user%/web/%domain%/stats/%domain%.hist
+Incremental yes
+IncrementalName %home%/%user%/web/%domain%/stats/%domain%.current
+PageType htm*
+PageType cgi
+PageType php
+PageType shtml
+DNSCache /var/lib/webalizer/dns_cache.db
+DNSChildren 10
+Quiet yes
+FoldSeqErr yes
+IndexAlias index.php
+HideURL *.gif
+HideURL *.GIF
+HideURL *.jpg
+HideURL *.JPG
+HideURL *.png
+HideURL *.PNG
+HideURL *.ra
+SearchEngine abcsearch. terms=
+SearchEngine alexa. q=
+SearchEngine alltheweb. q=
+SearchEngine alltheweb. query=
+SearchEngine alot. q=
+SearchEngine altavista. q=
+SearchEngine aolsearch. query=
+SearchEngine aport.ru r=
+SearchEngine ask. q=
+SearchEngine atlas.cz q=
+SearchEngine bbc. q=
+SearchEngine bing. q=
+SearchEngine blingo. q=
+SearchEngine blogs.yandex.ru text=
+SearchEngine btopenworld query=
+SearchEngine buscador.ya.com q=
+SearchEngine busca. q=
+SearchEngine business. query=
+SearchEngine centrum.cz q=
+SearchEngine chiff. q=
+SearchEngine clusty. query=
+SearchEngine comcast. q=
+SearchEngine crawler. q=
+SearchEngine cuil. q=
+SearchEngine dmoz. search=
+SearchEngine dogpile.com q=
+SearchEngine dpxml qkw=
+SearchEngine eureka. searchword=
+SearchEngine euroseek. string=
+SearchEngine exalead. q=
+SearchEngine excite search=
+SearchEngine ezilon. q=
+SearchEngine fastbrowsersearch. q=
+SearchEngine feedster.com q=
+SearchEngine fireball.de q=
+SearchEngine fireball. keyword=
+SearchEngine freeserve. q=
+SearchEngine gigablast. q=
+SearchEngine gogo.ru q=
+SearchEngine go.mail.ru q=
+SearchEngine google. q=
+SearchEngine hakia. q=
+SearchEngine hotbot. query=
+SearchEngine infoseek. qt=
+SearchEngine iwon searchfor=
+SearchEngine ixquick.com query=
+SearchEngine joeant. keywords=
+SearchEngine jyxo.cz s=
+SearchEngine looksmart. key=
+SearchEngine lycos. query=
+SearchEngine mamma. q=
+SearchEngine metacrawler q=
+SearchEngine msn. MT=
+SearchEngine msxml qkw=
+SearchEngine mysearch. searchfor=
+SearchEngine mywebsearch. searchfor=
+SearchEngine netscape. q=
+SearchEngine nigma.ru q=
+SearchEngine northernlight. qr=
+SearchEngine ntlworld. q=
+SearchEngine orange. q=
+SearchEngine overture. Keywords=
+SearchEngine punto.ru text=
+SearchEngine rambler. keyword=
+SearchEngine search.aol. q=
+SearchEngine search.babylon. q=
+SearchEngine search.centrum. phrase=
+SearchEngine search.conduit. q=
+SearchEngine search.earthlink q=
+SearchEngine search.icq. q=
+SearchEngine search.live.com q=
+SearchEngine search.rambler.ru words=
+SearchEngine search.winamp. q=
+SearchEngine searchy. q=
+SearchEngine seznam.cz w=
+SearchEngine snap. query=
+SearchEngine teoma. q=
+SearchEngine teradex.com q=
+SearchEngine ukplus key=
+SearchEngine verizon. q=
+SearchEngine virginmedia. q=
+SearchEngine voila. rdata=
+SearchEngine webcrawler searchText=
+SearchEngine web.search.naver. query=
+SearchEngine wisenut q=
+SearchEngine yahoo. p=
+SearchEngine yandex. text=
+SearchEngine yodao. q=
diff --git a/install/ubuntu/17.04/vsftpd/vsftpd.conf b/install/ubuntu/17.04/vsftpd/vsftpd.conf
new file mode 100644
index 00000000..034b016d
--- /dev/null
+++ b/install/ubuntu/17.04/vsftpd/vsftpd.conf
@@ -0,0 +1,27 @@
+anonymous_enable=NO
+local_enable=YES
+write_enable=YES
+local_umask=022
+anon_umask=022
+anon_upload_enable=NO
+dirmessage_enable=YES
+xferlog_enable=YES
+connect_from_port_20=YES
+xferlog_std_format=YES
+dual_log_enable=YES
+chroot_local_user=YES
+listen=YES
+pam_service_name=vsftpd
+userlist_enable=NO
+tcp_wrappers=YES
+force_dot_files=YES
+ascii_upload_enable=YES
+ascii_download_enable=YES
+allow_writeable_chroot=YES
+seccomp_sandbox=NO
+pasv_enable=YES
+pasv_min_port=12000
+pasv_max_port=12100
+max_per_ip=10
+max_clients=100
+use_localtime=YES
diff --git a/install/ubuntu/17.10/apache2/apache2.conf b/install/ubuntu/17.10/apache2/apache2.conf
new file mode 100644
index 00000000..2756132a
--- /dev/null
+++ b/install/ubuntu/17.10/apache2/apache2.conf
@@ -0,0 +1,94 @@
+# It is split into several files forming the configuration hierarchy outlined
+# below, all located in the /etc/apache2/ directory:
+#
+# /etc/apache2/
+# |-- apache2.conf
+# | `-- ports.conf
+# |-- mods-enabled
+# | |-- *.load
+# | `-- *.conf
+# |-- conf.d
+# | `-- *
+
+# Global configuration
+PidFile ${APACHE_PID_FILE}
+Timeout 30
+KeepAlive Off
+MaxKeepAliveRequests 100
+KeepAliveTimeout 10
+
+
+ StartServers 8
+ MinSpareServers 5
+ MaxSpareServers 20
+ ServerLimit 256
+ MaxClients 200
+ MaxRequestsPerChild 4000
+
+
+
+ StartServers 2
+ MinSpareThreads 25
+ MaxSpareThreads 75
+ ThreadLimit 64
+ ThreadsPerChild 25
+ MaxClients 200
+ MaxRequestsPerChild 4000
+
+
+
+ StartServers 2
+ MinSpareThreads 25
+ MaxSpareThreads 75
+ ThreadLimit 64
+ ThreadsPerChild 25
+ MaxClients 200
+ MaxRequestsPerChild 4000
+
+
+# These need to be set in /etc/apache2/envvars
+User ${APACHE_RUN_USER}
+Group ${APACHE_RUN_GROUP}
+#User www-data
+#Group www-data
+
+AccessFileName .htaccess
+
+
+ Order allow,deny
+ Deny from all
+ Satisfy all
+
+
+DefaultType None
+HostnameLookups Off
+
+ErrorLog ${APACHE_LOG_DIR}/error.log
+LogLevel warn
+
+# Include module configuration:
+Include mods-enabled/*.load
+Include mods-enabled/*.conf
+
+# Include list of ports to listen on and which to use for name based vhosts
+Include ports.conf
+
+LogFormat "%v:%p %h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined
+LogFormat "%h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined
+LogFormat "%h %l %u %t \"%r\" %>s %O" common
+LogFormat "%{Referer}i -> %U" referer
+LogFormat "%{User-agent}i" agent
+LogFormat "%b" bytes
+
+Include conf.d/
+
+# Include the virtual host configurations:
+#Include sites-enabled/
+
+ErrorDocument 403 /error/403.html
+ErrorDocument 404 /error/404.html
+ErrorDocument 500 /error/50x.html
+ErrorDocument 501 /error/50x.html
+ErrorDocument 502 /error/50x.html
+ErrorDocument 503 /error/50x.html
+ErrorDocument 506 /error/50x.html
diff --git a/install/ubuntu/17.10/apache2/status.conf b/install/ubuntu/17.10/apache2/status.conf
new file mode 100644
index 00000000..da9d9633
--- /dev/null
+++ b/install/ubuntu/17.10/apache2/status.conf
@@ -0,0 +1,8 @@
+Listen 127.0.0.1:8081
+
+ SetHandler server-status
+ Order deny,allow
+ Deny from all
+ Allow from 127.0.0.1
+ Allow from all
+
diff --git a/install/ubuntu/17.10/bind/named.conf b/install/ubuntu/17.10/bind/named.conf
new file mode 100644
index 00000000..ed6ece88
--- /dev/null
+++ b/install/ubuntu/17.10/bind/named.conf
@@ -0,0 +1,12 @@
+// This is the primary configuration file for the BIND DNS server named.
+//
+// Please read /usr/share/doc/bind9/README.Debian.gz for information on the
+// structure of BIND configuration files in Debian, *BEFORE* you customize
+// this configuration file.
+//
+// If you are just adding zones, please do that in /etc/bind/named.conf.local
+
+include "/etc/bind/named.conf.options";
+include "/etc/bind/named.conf.local";
+include "/etc/bind/named.conf.default-zones";
+
diff --git a/install/ubuntu/17.10/clamav/clamd.conf b/install/ubuntu/17.10/clamav/clamd.conf
new file mode 100644
index 00000000..4e04356e
--- /dev/null
+++ b/install/ubuntu/17.10/clamav/clamd.conf
@@ -0,0 +1,61 @@
+#Automatically Generated by clamav-base postinst
+#To reconfigure clamd run #dpkg-reconfigure clamav-base
+#Please read /usr/share/doc/clamav-base/README.Debian.gz for details
+LocalSocket /var/run/clamav/clamd.ctl
+FixStaleSocket true
+LocalSocketGroup clamav
+LocalSocketMode 666
+# TemporaryDirectory is not set to its default /tmp here to make overriding
+# the default with environment variables TMPDIR/TMP/TEMP possible
+User clamav
+# AllowSupplementaryGroups true
+ScanMail true
+ScanArchive true
+ArchiveBlockEncrypted false
+MaxDirectoryRecursion 15
+FollowDirectorySymlinks false
+FollowFileSymlinks false
+ReadTimeout 180
+MaxThreads 12
+MaxConnectionQueueLength 15
+LogSyslog false
+LogFacility LOG_LOCAL6
+LogClean false
+LogVerbose true
+PidFile /var/run/clamav/clamd.pid
+DatabaseDirectory /var/lib/clamav
+SelfCheck 3600
+Foreground false
+Debug false
+ScanPE true
+ScanOLE2 true
+ScanHTML true
+DetectBrokenExecutables false
+ExitOnOOM false
+LeaveTemporaryFiles false
+AlgorithmicDetection true
+ScanELF true
+IdleTimeout 30
+PhishingSignatures true
+PhishingScanURLs true
+PhishingAlwaysBlockSSLMismatch false
+PhishingAlwaysBlockCloak false
+DetectPUA false
+ScanPartialMessages false
+HeuristicScanPrecedence false
+StructuredDataDetection false
+CommandReadTimeout 5
+SendBufTimeout 200
+MaxQueue 100
+ExtendedDetectionInfo true
+OLE2BlockMacros false
+StreamMaxLength 25M
+LogFile /var/log/clamav/clamav.log
+LogTime true
+LogFileUnlock false
+LogFileMaxSize 0
+Bytecode true
+BytecodeSecurity TrustSigned
+BytecodeTimeout 60000
+OfficialDatabaseOnly false
+CrossFilesystems true
diff --git a/install/ubuntu/17.10/deb_signing.key b/install/ubuntu/17.10/deb_signing.key
new file mode 100644
index 00000000..2ad2db8b
--- /dev/null
+++ b/install/ubuntu/17.10/deb_signing.key
@@ -0,0 +1,30 @@
+-----BEGIN PGP PUBLIC KEY BLOCK-----
+Version: GnuPG v1.4.12 (GNU/Linux)
+
+mQENBFJIGbEBCAC8SHOOFo7iDTbnC2GhNZ+uBGCh226Dn1QPoFZNFM/DNakHZ6rD
+G3wzr8++eKz4fJual/VLllE2N9XDPuxbozb3LLkcyY1WzJqtIXbXhFGQ/SuIeT+x
+QY90XU6t2Ckze2c+zUniAWmJ8GSyVmXOoc9JxAQ1u47wvGXLzrjWXc8u8PNRYXuf
+fZplTL+dFu9P0d6lP8FGsV+r9wXvvazpRTz3+H8PKrGCYT55ZQIEdG9Jgamylto2
+oVPFXkwGML+TLw6oeCIBuz2y2vtivphW4MJ3ifQjDj7k3n+DTIxfDFs8lB6VRhhY
+2nMHCrcZC6U2mhmXmr6O4s1fu6irBVx05ejPABEBAAG0IFNlcmdoZXkgUm9kaW4g
+PHNraWRAdmVzdGFjcC5jb20+iQE4BBMBAgAiBQJSSBmxAhsDBgsJCAcDAgYVCAIJ
+CgsEFgIDAQIeAQIXgAAKCRBCxbITCh93FPdqB/93GjV9g+wBfeZYLHQK9MDU2wBb
+VloYOJJae6IvYKYQVAJayD3PbHdpxrF8s9e23vdnmb9jKu6jX6oV54EIyqP2HPiN
+QYc8wcea+eSHerznBixCtoQh8mtdWGFeN71zU/ig7L5qlOVF/EmxDVZTFUeivFxh
+IV6qyBnktQKktE45585yKZyyLtfGoXA54DGK69OtJFh+wdkKEMmUXocMl7wUrxW6
+Cx2CuKeEXEgvwu8mRHQi3S3T9XP456qWEn5dWyMVcP660IzEuZfSJApZusNK7zG3
+WMy0/EuX7xHNY3mcNxTOUN1LsO7iHnhHD9+iKWJo9parGkMZzc92MpjDK/g7uQEN
+BFJIGbEBCAC7k5QEA9WQM7E3ceNaeLMrA9lXfuzaNCcySq7ONdVAa5PxzbSKdHvz
+QFoL1VFqBTYQ038lbil1XqnoM0zvIfAI3LcpS8sq92El/vPxp6jZh2Ari9Uw7x95
+k2cZMgI67g+zQMGdjVRA155nFQRCgg000xU4F7JA6+WsuLlVUmccsDv7YWJExMtC
+YPxiuz5DFu8RALnw4Ckts+dbwsrcvUHhkm9b6RAsdCKjjRpUZjLgdltjH83gUVvt
+i1YmdjjsVpt95dtsaG+ad852g/Rk8EdxNMkjPF6HLA67CLADP9wYaj80yPcPtylS
+ycvPtcclVeHkFBRVM8xZpQd4iD19MWI1ABEBAAGJAR8EGAECAAkFAlJIGbECGwwA
+CgkQQsWyEwofdxQ7tQgAhB0FwTs7L8Qr63DHC2yAnXVxgtTAY1/36CccNXVculyR
++EkLcwahms9AKhz7eQb+Mud+5vH0GRohLp2npgO38CjVUfIP5d+Y6dsthmrkF6p8
+XdV1dVK9vWX+i/YZSw/Mded30Cq4P2Yhq9EaemMT0rtli8lz2NnkZ9dFJZk1lzJC
+CZmRpbjSNWqRU4f7qyh21lYk/OC/0XE8fh8CaO23TZ+6gBionoCztwb7NyC9OArN
+qYlNnbmh9iNqdblykPS3bkjf34n2xyMgnIehNrM89tk8PY4UfNPhgT1TMD9W3Svq
+ynNZvLuF/FIDwDeC1qcfjGbfDn9fXO/lMIIRooQYKQ==
+=J2HJ
+-----END PGP PUBLIC KEY BLOCK-----
diff --git a/install/ubuntu/17.10/dovecot/conf.d/10-auth.conf b/install/ubuntu/17.10/dovecot/conf.d/10-auth.conf
new file mode 100644
index 00000000..dfcc8311
--- /dev/null
+++ b/install/ubuntu/17.10/dovecot/conf.d/10-auth.conf
@@ -0,0 +1,4 @@
+disable_plaintext_auth = no
+auth_verbose = yes
+auth_mechanisms = plain login
+!include auth-passwdfile.conf.ext
diff --git a/install/ubuntu/17.10/dovecot/conf.d/10-logging.conf b/install/ubuntu/17.10/dovecot/conf.d/10-logging.conf
new file mode 100644
index 00000000..a5f207d5
--- /dev/null
+++ b/install/ubuntu/17.10/dovecot/conf.d/10-logging.conf
@@ -0,0 +1 @@
+log_path = /var/log/dovecot.log
diff --git a/install/ubuntu/17.10/dovecot/conf.d/10-mail.conf b/install/ubuntu/17.10/dovecot/conf.d/10-mail.conf
new file mode 100644
index 00000000..55313419
--- /dev/null
+++ b/install/ubuntu/17.10/dovecot/conf.d/10-mail.conf
@@ -0,0 +1,4 @@
+mail_privileged_group = mail
+mail_access_groups = mail
+mail_location = maildir:%h/mail/%d/%n
+pop3_uidl_format = %08Xu%08Xv
diff --git a/install/ubuntu/17.10/dovecot/conf.d/10-master.conf b/install/ubuntu/17.10/dovecot/conf.d/10-master.conf
new file mode 100644
index 00000000..a75a9aaa
--- /dev/null
+++ b/install/ubuntu/17.10/dovecot/conf.d/10-master.conf
@@ -0,0 +1,29 @@
+service imap-login {
+ inet_listener imap {
+ }
+ inet_listener imaps {
+ }
+}
+
+service pop3-login {
+ inet_listener pop3 {
+ }
+ inet_listener pop3s {
+ }
+}
+
+
+service imap {
+}
+
+service pop3 {
+}
+
+service auth {
+ unix_listener auth-client {
+ group = mail
+ mode = 0660
+ user = dovecot
+ }
+ user = dovecot
+}
diff --git a/install/ubuntu/17.10/dovecot/conf.d/10-ssl.conf b/install/ubuntu/17.10/dovecot/conf.d/10-ssl.conf
new file mode 100644
index 00000000..24cbf3e2
--- /dev/null
+++ b/install/ubuntu/17.10/dovecot/conf.d/10-ssl.conf
@@ -0,0 +1,5 @@
+ssl = yes
+ssl_protocols = !SSLv2 !SSLv3
+
+ssl_cert = = 2.1.4) : %v.%u
+ # Dovecot v0.99.x : %v.%u
+ # tpop3d : %Mf
+ #
+ # Note that Outlook 2003 seems to have problems with %v.%u format which was
+ # Dovecot's default, so if you're building a new server it would be a good
+ # idea to change this. %08Xu%08Xv should be pretty fail-safe.
+ #
+ #pop3_uidl_format = %08Xu%08Xv
+
+ # Permanently save UIDLs sent to POP3 clients, so pop3_uidl_format changes
+ # won't change those UIDLs. Currently this works only with Maildir.
+ #pop3_save_uidl = no
+
+ # What to do about duplicate UIDLs if they exist?
+ # allow: Show duplicates to clients.
+ # rename: Append a temporary -2, -3, etc. counter after the UIDL.
+ #pop3_uidl_duplicates = allow
+
+ # POP3 logout format string:
+ # %i - total number of bytes read from client
+ # %o - total number of bytes sent to client
+ # %t - number of TOP commands
+ # %p - number of bytes sent to client as a result of TOP command
+ # %r - number of RETR commands
+ # %b - number of bytes sent to client as a result of RETR command
+ # %d - number of deleted messages
+ # %m - number of messages (before deletion)
+ # %s - mailbox size in bytes (before deletion)
+ # %u - old/new UIDL hash. may help finding out if UIDLs changed unexpectedly
+ #pop3_logout_format = top=%t/%p, retr=%r/%b, del=%d/%m, size=%s
+
+ # Maximum number of POP3 connections allowed for a user from each IP address.
+ # NOTE: The username is compared case-sensitively.
+ #mail_max_userip_connections = 10
+
+ # Space separated list of plugins to load (default is global mail_plugins).
+ #mail_plugins = $mail_plugins
+
+ # Workarounds for various client bugs:
+ # outlook-no-nuls:
+ # Outlook and Outlook Express hang if mails contain NUL characters.
+ # This setting replaces them with 0x80 character.
+ # oe-ns-eoh:
+ # Outlook Express and Netscape Mail breaks if end of headers-line is
+ # missing. This option simply sends it if it's missing.
+ # The list is space-separated.
+ #pop3_client_workarounds =
+}
diff --git a/install/ubuntu/17.10/dovecot/conf.d/auth-passwdfile.conf.ext b/install/ubuntu/17.10/dovecot/conf.d/auth-passwdfile.conf.ext
new file mode 100644
index 00000000..75e6e115
--- /dev/null
+++ b/install/ubuntu/17.10/dovecot/conf.d/auth-passwdfile.conf.ext
@@ -0,0 +1,9 @@
+passdb {
+ driver = passwd-file
+ args = scheme=MD5-CRYPT username_format=%n /etc/exim4/domains/%d/passwd
+}
+
+userdb {
+ driver = passwd-file
+ args = username_format=%n /etc/exim4/domains/%d/passwd
+}
diff --git a/install/ubuntu/17.10/dovecot/dovecot.conf b/install/ubuntu/17.10/dovecot/dovecot.conf
new file mode 100644
index 00000000..311a3351
--- /dev/null
+++ b/install/ubuntu/17.10/dovecot/dovecot.conf
@@ -0,0 +1,24 @@
+protocols = imap pop3
+listen = *, ::
+base_dir = /var/run/dovecot/
+!include conf.d/*.conf
+
+namespace {
+ type = private
+ separator = /
+ prefix =
+ inbox = yes
+
+ mailbox Sent {
+ auto = subscribe
+ special_use = \Sent
+ }
+ mailbox Drafts {
+ auto = subscribe
+ special_use = \Drafts
+ }
+ mailbox Trash {
+ auto = subscribe
+ special_use = \Trash
+ }
+}
diff --git a/install/ubuntu/17.10/exim/dnsbl.conf b/install/ubuntu/17.10/exim/dnsbl.conf
new file mode 100644
index 00000000..5166b255
--- /dev/null
+++ b/install/ubuntu/17.10/exim/dnsbl.conf
@@ -0,0 +1,2 @@
+bl.spamcop.net
+zen.spamhaus.org
diff --git a/install/ubuntu/17.10/exim/exim4.conf.template b/install/ubuntu/17.10/exim/exim4.conf.template
new file mode 100644
index 00000000..fc346486
--- /dev/null
+++ b/install/ubuntu/17.10/exim/exim4.conf.template
@@ -0,0 +1,382 @@
+######################################################################
+# #
+# Exim configuration file for Vesta Control Panel #
+# #
+######################################################################
+
+#SPAMASSASSIN = yes
+#SPAM_SCORE = 50
+#CLAMD = yes
+
+add_environment = <; PATH=/bin:/usr/bin
+keep_environment =
+disable_ipv6 = true
+
+domainlist local_domains = dsearch;/etc/exim4/domains/
+domainlist relay_to_domains = dsearch;/etc/exim4/domains/
+hostlist relay_from_hosts = 127.0.0.1
+hostlist whitelist = net-iplsearch;/etc/exim4/white-blocks.conf
+hostlist spammers = net-iplsearch;/etc/exim4/spam-blocks.conf
+no_local_from_check
+untrusted_set_sender = *
+acl_smtp_connect = acl_check_spammers
+acl_smtp_mail = acl_check_mail
+acl_smtp_rcpt = acl_check_rcpt
+acl_smtp_data = acl_check_data
+acl_smtp_mime = acl_check_mime
+
+.ifdef SPAMASSASSIN
+spamd_address = 127.0.0.1 783
+.endif
+
+.ifdef CLAMD
+av_scanner = clamd: /var/run/clamav/clamd.ctl
+.endif
+
+tls_advertise_hosts = *
+tls_certificate = /usr/local/vesta/ssl/certificate.crt
+tls_privatekey = /usr/local/vesta/ssl/certificate.key
+
+daemon_smtp_ports = 25 : 465 : 587 : 2525
+tls_on_connect_ports = 465
+never_users = root
+host_lookup = *
+rfc1413_hosts = *
+rfc1413_query_timeout = 5s
+ignore_bounce_errors_after = 2d
+timeout_frozen_after = 7d
+
+DKIM_DOMAIN = ${lc:${domain:$h_from:}}
+DKIM_FILE = /etc/exim4/domains/${lc:${domain:$h_from:}}/dkim.pem
+DKIM_PRIVATE_KEY = ${if exists{DKIM_FILE}{DKIM_FILE}{0}}
+
+
+
+######################################################################
+# ACL CONFIGURATION #
+# Specifies access control lists for incoming SMTP mail #
+######################################################################
+begin acl
+
+acl_check_spammers:
+ accept hosts = +whitelist
+
+ drop message = Your host in blacklist on this server.
+ log_message = Host in blacklist
+ hosts = +spammers
+
+ accept
+
+
+acl_check_mail:
+ deny condition = ${if eq{$sender_helo_name}{}}
+ message = HELO required before MAIL
+
+ drop message = Helo name contains a ip address (HELO was $sender_helo_name) and not is valid
+ condition = ${if match{$sender_helo_name}{\N((\d{1,3}[.-]\d{1,3}[.-]\d{1,3}[.-]\d{1,3})|([0-9a-f]{8})|([0-9A-F]{8}))\N}{yes}{no}}
+ condition = ${if match {${lookup dnsdb{>: defer_never,ptr=$sender_host_address}}\}{$sender_helo_name}{no}{yes}}
+ delay = 45s
+
+ drop condition = ${if isip{$sender_helo_name}}
+ message = Access denied - Invalid HELO name (See RFC2821 4.1.3)
+
+ drop condition = ${if eq{[$interface_address]}{$sender_helo_name}}
+ message = $interface_address is _my_ address
+
+ accept
+
+
+acl_check_rcpt:
+ accept hosts = :
+
+ deny message = Restricted characters in address
+ domains = +local_domains
+ local_parts = ^[.] : ^.*[@%!/|]
+
+ deny message = Restricted characters in address
+ domains = !+local_domains
+ local_parts = ^[./|] : ^.*[@%!] : ^.*/\\.\\./
+
+ require verify = sender
+
+ accept hosts = +relay_from_hosts
+ control = submission
+
+ accept authenticated = *
+ control = submission/domain=
+
+ deny message = Rejected because $sender_host_address is in a black list at $dnslist_domain\n$dnslist_text
+ hosts = !+whitelist
+ dnslists = ${readfile {/etc/exim4/dnsbl.conf}{:}}
+
+ require message = relay not permitted
+ domains = +local_domains : +relay_to_domains
+
+ deny message = smtp auth required
+ sender_domains = +local_domains
+ !authenticated = *
+
+ require verify = recipient
+
+.ifdef CLAMD
+ warn set acl_m0 = no
+
+ warn condition = ${if exists {/etc/exim4/domains/$domain/antivirus}{yes}{no}}
+ set acl_m0 = yes
+.endif
+
+.ifdef SPAMASSASSIN
+ warn set acl_m1 = no
+
+ warn condition = ${if exists {/etc/exim4/domains/$domain/antispam}{yes}{no}}
+ set acl_m1 = yes
+.endif
+
+ accept
+
+
+acl_check_data:
+.ifdef CLAMD
+ deny message = Message contains a virus ($malware_name) and has been rejected
+ malware = *
+ condition = ${if eq{$acl_m0}{yes}{yes}{no}}
+.endif
+
+.ifdef SPAMASSASSIN
+ warn !authenticated = *
+ hosts = !+relay_from_hosts
+ condition = ${if < {$message_size}{1024K}}
+ condition = ${if eq{$acl_m1}{yes}{yes}{no}}
+ spam = debian-spamd:true/defer_ok
+ add_header = X-Spam-Score: $spam_score_int
+ add_header = X-Spam-Bar: $spam_bar
+ add_header = X-Spam-Report: $spam_report
+ set acl_m2 = $spam_score_int
+
+ warn condition = ${if !eq{$acl_m2}{} {yes}{no}}
+ condition = ${if >{$acl_m2}{SPAM_SCORE} {yes}{no}}
+ add_header = X-Spam-Status: Yes
+ message = SpamAssassin detected spam (from $sender_address to $recipients).
+.endif
+
+ accept
+
+
+acl_check_mime:
+ deny message = Blacklisted file extension detected
+ condition = ${if match {${lc:$mime_filename}}{\N(\.ade|\.adp|\.bat|\.chm|\.cmd|\.com|\.cpl|\.exe|\.hta|\.ins|\.isp|\.jse|\.lib|\.lnk|\.mde|\.msc|\.msp|\.mst|\.pif|\.scr|\.sct|\.shb|\.sys|\.vb|\.vbe|\.vbs|\.vxd|\.wsc|\.wsf|\.wsh)$\N}{1}{0}}
+
+ accept
+
+
+
+######################################################################
+# AUTHENTICATION CONFIGURATION #
+######################################################################
+begin authenticators
+
+dovecot_plain:
+ driver = dovecot
+ public_name = PLAIN
+ server_socket = /var/run/dovecot/auth-client
+ server_set_id = $auth1
+
+dovecot_login:
+ driver = dovecot
+ public_name = LOGIN
+ server_socket = /var/run/dovecot/auth-client
+ server_set_id = $auth1
+
+
+
+######################################################################
+# ROUTERS CONFIGURATION #
+# Specifies how addresses are handled #
+######################################################################
+begin routers
+
+#smarthost:
+# driver = manualroute
+# domains = ! +local_domains
+# transport = remote_smtp
+# route_list = * smartrelay.vestacp.com
+# no_more
+# no_verify
+
+dnslookup:
+ driver = dnslookup
+ domains = !+local_domains
+ transport = remote_smtp
+ no_more
+
+userforward:
+ driver = redirect
+ check_local_user
+ file = $home/.forward
+ allow_filter
+ no_verify
+ no_expn
+ check_ancestor
+ file_transport = address_file
+ pipe_transport = address_pipe
+ reply_transport = address_reply
+
+procmail:
+ driver = accept
+ check_local_user
+ require_files = ${local_part}:+${home}/.procmailrc:/usr/bin/procmail
+ transport = procmail
+ no_verify
+
+autoreplay:
+ driver = accept
+ require_files = /etc/exim4/domains/$domain/autoreply.${local_part}.msg
+ condition = ${if exists{/etc/exim4/domains/$domain/autoreply.${local_part}.msg}{yes}{no}}
+ retry_use_local_part
+ transport = userautoreply
+ unseen
+
+aliases:
+ driver = redirect
+ headers_add = X-redirected: yes
+ data = ${extract{1}{:}{${lookup{$local_part@$domain}lsearch{/etc/exim4/domains/$domain/aliases}}}}
+ require_files = /etc/exim4/domains/$domain/aliases
+ redirect_router = dnslookup
+ pipe_transport = address_pipe
+ unseen
+
+localuser_fwd_only:
+ driver = accept
+ transport = devnull
+ condition = ${if exists{/etc/exim4/domains/$domain/fwd_only}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/fwd_only}{true}{false}}}}
+
+localuser_spam:
+ driver = accept
+ transport = local_spam_delivery
+ condition = ${if eq {${if match{$h_X-Spam-Status:}{\N^Yes\N}{yes}{no}}} {${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}{yes}{no_such_user}}}}
+
+localuser:
+ driver = accept
+ transport = local_delivery
+ condition = ${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}{true}{false}}
+
+catchall:
+ driver = redirect
+ headers_add = X-redirected: yes
+ require_files = /etc/exim4/domains/$domain/aliases
+ data = ${extract{1}{:}{${lookup{*@$domain}lsearch{/etc/exim4/domains/$domain/aliases}}}}
+ file_transport = local_delivery
+ redirect_router = dnslookup
+
+terminate_alias:
+ driver = accept
+ transport = devnull
+ condition = ${lookup{$local_part@$domain}lsearch{/etc/exim4/domains/$domain/aliases}{true}{false}}
+
+
+
+######################################################################
+# TRANSPORTS CONFIGURATION #
+######################################################################
+begin transports
+
+remote_smtp:
+ driver = smtp
+ #helo_data = $sender_address_domain
+ dkim_domain = DKIM_DOMAIN
+ dkim_selector = mail
+ dkim_private_key = DKIM_PRIVATE_KEY
+ dkim_canon = relaxed
+ dkim_strict = 0
+
+procmail:
+ driver = pipe
+ command = "/usr/bin/procmail -d $local_part"
+ return_path_add
+ delivery_date_add
+ envelope_to_add
+ user = $local_part
+ initgroups
+ return_output
+
+local_delivery:
+ driver = appendfile
+ maildir_format
+ maildir_use_size_file
+ user = ${extract{2}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}
+ group = mail
+ create_directory
+ directory_mode = 770
+ mode = 660
+ use_lockfile = no
+ delivery_date_add
+ envelope_to_add
+ return_path_add
+ directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}/mail/$domain/$local_part"
+ quota = ${extract{6}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}M
+ quota_warn_threshold = 75%
+
+local_spam_delivery:
+ driver = appendfile
+ maildir_format
+ maildir_use_size_file
+ user = ${extract{2}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}
+ group = mail
+ create_directory
+ directory_mode = 770
+ mode = 660
+ use_lockfile = no
+ delivery_date_add
+ envelope_to_add
+ return_path_add
+ directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}/mail/$domain/$local_part/.Spam"
+ quota = ${extract{6}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}M
+ quota_directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}/mail/$domain/$local_part"
+ quota_warn_threshold = 75%
+
+address_pipe:
+ driver = pipe
+ return_output
+
+address_file:
+ driver = appendfile
+ delivery_date_add
+ envelope_to_add
+ return_path_add
+
+address_reply:
+ driver = autoreply
+
+userautoreply:
+ driver = autoreply
+ file = /etc/exim4/domains/$domain/autoreply.${local_part}.msg
+ from = "${local_part}@${domain}"
+ headers = Content-Type: text/plain; charset=utf-8;\nContent-Transfer-Encoding: 8bit
+ subject = "${if def:h_Subject: {Autoreply: \"${rfc2047:$h_Subject:}\"} {Autoreply Message}}"
+ to = "${sender_address}"
+
+devnull:
+ driver = appendfile
+ file = /dev/null
+
+
+
+######################################################################
+# RETRY CONFIGURATION #
+######################################################################
+begin retry
+
+# Address or Domain Error Retries
+# ----------------- ----- -------
+* * F,2h,15m; G,16h,1h,1.5; F,4d,6h
+
+
+
+######################################################################
+# REWRITE CONFIGURATION #
+######################################################################
+begin rewrite
+
+
+
+######################################################################
diff --git a/install/ubuntu/17.10/exim/spam-blocks.conf b/install/ubuntu/17.10/exim/spam-blocks.conf
new file mode 100644
index 00000000..e69de29b
diff --git a/install/ubuntu/17.10/fail2ban/action.d/vesta.conf b/install/ubuntu/17.10/fail2ban/action.d/vesta.conf
new file mode 100644
index 00000000..0edfc349
--- /dev/null
+++ b/install/ubuntu/17.10/fail2ban/action.d/vesta.conf
@@ -0,0 +1,9 @@
+# Fail2Ban configuration file for vesta
+
+[Definition]
+
+actionstart = /usr/local/vesta/bin/v-add-firewall-chain
+actionstop = /usr/local/vesta/bin/v-delete-firewall-chain
+actioncheck = iptables -n -L INPUT | grep -q 'fail2ban-[ \t]'
+actionban = /usr/local/vesta/bin/v-add-firewall-ban
+actionunban = /usr/local/vesta/bin/v-delete-firewall-ban
diff --git a/install/ubuntu/17.10/fail2ban/filter.d/vesta.conf b/install/ubuntu/17.10/fail2ban/filter.d/vesta.conf
new file mode 100644
index 00000000..69670a56
--- /dev/null
+++ b/install/ubuntu/17.10/fail2ban/filter.d/vesta.conf
@@ -0,0 +1,10 @@
+# Fail2Ban filter for unsuccesfull Vesta authentication attempts
+#
+
+[INCLUDES]
+before = common.conf
+
+[Definition]
+failregex = .* failed to login
+ignoreregex =
+
diff --git a/install/ubuntu/17.10/fail2ban/jail.local b/install/ubuntu/17.10/fail2ban/jail.local
new file mode 100644
index 00000000..013f81c4
--- /dev/null
+++ b/install/ubuntu/17.10/fail2ban/jail.local
@@ -0,0 +1,51 @@
+[DEFAULT]
+ignoreip = 127.0.0.1/8
+
+[ssh-iptables]
+enabled = true
+filter = sshd
+action = vesta[name=SSH]
+logpath = /var/log/auth.log
+maxretry = 5
+
+[vsftpd-iptables]
+enabled = false
+filter = vsftpd
+action = vesta[name=FTP]
+logpath = /var/log/vsftpd.log
+maxretry = 5
+
+[exim-iptables]
+enabled = true
+filter = exim
+action = vesta[name=MAIL]
+logpath = /var/log/exim4/mainlog
+maxretry = 5
+
+[dovecot-iptables]
+enabled = true
+filter = dovecot
+action = vesta[name=MAIL]
+logpath = /var/log/dovecot.log
+maxretry = 5
+
+[mysqld-iptables]
+enabled = false
+filter = mysqld-auth
+action = vesta[name=DB]
+logpath = /var/log/mysql.log
+maxretry = 5
+
+[vesta-iptables]
+enabled = true
+filter = vesta
+action = vesta[name=VESTA]
+logpath = /var/log/vesta/auth.log
+maxretry = 5
+
+[roundcube-auth]
+enabled = false
+filter = roundcube-auth
+port = http,https
+logpath = /var/log/roundcube/errors
+maxretry = 5
diff --git a/install/ubuntu/17.10/firewall/ports.conf b/install/ubuntu/17.10/firewall/ports.conf
new file mode 100644
index 00000000..b730d012
--- /dev/null
+++ b/install/ubuntu/17.10/firewall/ports.conf
@@ -0,0 +1,17 @@
+PROTOCOL='TCP' PORT='20'
+PROTOCOL='TCP' PORT='21'
+PROTOCOL='TCP' PORT='22'
+PROTOCOL='TCP' PORT='25'
+PROTOCOL='TCP' PORT='53'
+PROTOCOL='UDP' PORT='53'
+PROTOCOL='TCP' PORT='80'
+PROTOCOL='TCP' PORT='443'
+PROTOCOL='TCP' PORT='110'
+PROTOCOL='UDP' PORT='123'
+PROTOCOL='TCP' PORT='143'
+PROTOCOL='TCP' PORT='3306'
+PROTOCOL='TCP' PORT='5432'
+PROTOCOL='TCP' PORT='8080'
+PROTOCOL='TCP' PORT='8433'
+PROTOCOL='TCP' PORT='8083'
+PROTOCOL='TCP' PORT='12000:12100'
diff --git a/install/ubuntu/17.10/firewall/rules.conf b/install/ubuntu/17.10/firewall/rules.conf
new file mode 100644
index 00000000..fba98e1e
--- /dev/null
+++ b/install/ubuntu/17.10/firewall/rules.conf
@@ -0,0 +1,11 @@
+RULE='1' ACTION='ACCEPT' PROTOCOL='ICMP' PORT='0' IP='0.0.0.0/0' COMMENT='PING' SUSPENDED='no' TIME='17:13:48' DATE='2014-09-16'
+RULE='2' ACTION='ACCEPT' PROTOCOL='TCP' PORT='8083' IP='0.0.0.0/0' COMMENT='VESTA' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25'
+RULE='3' ACTION='ACCEPT' PROTOCOL='TCP' PORT='3306,5432' IP='0.0.0.0/0' COMMENT='DB' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25'
+RULE='4' ACTION='ACCEPT' PROTOCOL='TCP' PORT='143,993' IP='0.0.0.0/0' COMMENT='IMAP' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25'
+RULE='5' ACTION='ACCEPT' PROTOCOL='TCP' PORT='110,995' IP='0.0.0.0/0' COMMENT='POP3' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25'
+RULE='6' ACTION='ACCEPT' PROTOCOL='TCP' PORT='25,465,587,2525' IP='0.0.0.0/0' COMMENT='SMTP' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25'
+RULE='7' ACTION='ACCEPT' PROTOCOL='TCP' PORT='53' IP='0.0.0.0/0' COMMENT='DNS' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25'
+RULE='8' ACTION='ACCEPT' PROTOCOL='UDP' PORT='53' IP='0.0.0.0/0' COMMENT='DNS' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25'
+RULE='9' ACTION='ACCEPT' PROTOCOL='TCP' PORT='21,12000-12100' IP='0.0.0.0/0' COMMENT='FTP' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25'
+RULE='10' ACTION='ACCEPT' PROTOCOL='TCP' PORT='80,443' IP='0.0.0.0/0' COMMENT='WEB' SUSPENDED='no' TIME='17:04:27' DATE='2014-09-24'
+RULE='11' ACTION='ACCEPT' PROTOCOL='TCP' PORT='22' IP='0.0.0.0/0' COMMENT='SSH' SUSPENDED='no' TIME='17:14:41' DATE='2014-09-16'
diff --git a/install/ubuntu/17.10/logrotate/apache2 b/install/ubuntu/17.10/logrotate/apache2
new file mode 100644
index 00000000..27629d0d
--- /dev/null
+++ b/install/ubuntu/17.10/logrotate/apache2
@@ -0,0 +1,19 @@
+/var/log/apache2/*.log /var/log/apache2/domains/*log {
+ weekly
+ missingok
+ rotate 52
+ compress
+ delaycompress
+ notifempty
+ create 640 root adm
+ sharedscripts
+ postrotate
+ /etc/init.d/apache2 reload > /dev/null || true
+ [ ! -f /var/run/nginx.pid ] || kill -USR1 `cat /var/run/nginx.pid`
+ endscript
+ prerotate
+ if [ -d /etc/logrotate.d/httpd-prerotate ]; then \
+ run-parts /etc/logrotate.d/httpd-prerotate; \
+ fi; \
+ endscript
+}
diff --git a/install/ubuntu/17.10/logrotate/dovecot b/install/ubuntu/17.10/logrotate/dovecot
new file mode 100644
index 00000000..ac4fd6e9
--- /dev/null
+++ b/install/ubuntu/17.10/logrotate/dovecot
@@ -0,0 +1,12 @@
+/var/log/dovecot*.log {
+ weekly
+ rotate 4
+ missingok
+ notifempty
+ compress
+ delaycompress
+ sharedscripts
+ postrotate
+ doveadm log reopen
+ endscript
+}
diff --git a/install/ubuntu/17.10/logrotate/nginx b/install/ubuntu/17.10/logrotate/nginx
new file mode 100644
index 00000000..d667f213
--- /dev/null
+++ b/install/ubuntu/17.10/logrotate/nginx
@@ -0,0 +1,13 @@
+/var/log/nginx/*log /var/log/nginx/domains/*log {
+ daily
+ missingok
+ rotate 52
+ compress
+ delaycompress
+ notifempty
+ create 640 nginx adm
+ sharedscripts
+ postrotate
+ [ -f /var/run/nginx.pid ] && kill -USR1 `cat /var/run/nginx.pid`
+ endscript
+}
diff --git a/install/ubuntu/17.10/logrotate/vesta b/install/ubuntu/17.10/logrotate/vesta
new file mode 100644
index 00000000..027a3439
--- /dev/null
+++ b/install/ubuntu/17.10/logrotate/vesta
@@ -0,0 +1,7 @@
+/usr/local/vesta/log/*.log {
+ missingok
+ notifempty
+ size 30k
+ yearly
+ create 0600 root root
+}
diff --git a/install/ubuntu/17.10/mysql/my-large.cnf b/install/ubuntu/17.10/mysql/my-large.cnf
new file mode 100644
index 00000000..7201377c
--- /dev/null
+++ b/install/ubuntu/17.10/mysql/my-large.cnf
@@ -0,0 +1,41 @@
+[client]
+port=3306
+socket=/var/run/mysqld/mysqld.sock
+
+[mysqld_safe]
+socket=/var/run/mysqld/mysqld.sock
+
+[mysqld]
+user=mysql
+pid-file=/var/run/mysqld/mysqld.pid
+socket=/var/run/mysqld/mysqld.sock
+port=3306
+basedir=/usr
+datadir=/var/lib/mysql
+tmpdir=/tmp
+lc-messages-dir=/usr/share/mysql
+log_error=/var/log/mysql/error.log
+
+symbolic-links=0
+
+skip-external-locking
+key_buffer_size = 256M
+max_allowed_packet = 32M
+table_open_cache = 256
+sort_buffer_size = 1M
+read_buffer_size = 1M
+read_rnd_buffer_size = 4M
+myisam_sort_buffer_size = 64M
+thread_cache_size = 8
+query_cache_size= 16M
+
+#innodb_use_native_aio = 0
+innodb_file_per_table
+
+max_connections=200
+max_user_connections=50
+wait_timeout=10
+interactive_timeout=50
+long_query_time=5
+
+!includedir /etc/mysql/conf.d/
diff --git a/install/ubuntu/17.10/mysql/my-medium.cnf b/install/ubuntu/17.10/mysql/my-medium.cnf
new file mode 100644
index 00000000..1c10ab9a
--- /dev/null
+++ b/install/ubuntu/17.10/mysql/my-medium.cnf
@@ -0,0 +1,40 @@
+[client]
+port=3306
+socket=/var/run/mysqld/mysqld.sock
+
+[mysqld_safe]
+socket=/var/run/mysqld/mysqld.sock
+
+[mysqld]
+user=mysql
+pid-file=/var/run/mysqld/mysqld.pid
+socket=/var/run/mysqld/mysqld.sock
+port=3306
+basedir=/usr
+datadir=/var/lib/mysql
+tmpdir=/tmp
+lc-messages-dir=/usr/share/mysql
+log_error=/var/log/mysql/error.log
+
+symbolic-links=0
+
+skip-external-locking
+key_buffer_size = 16M
+max_allowed_packet = 16M
+table_open_cache = 64
+sort_buffer_size = 512K
+net_buffer_length = 8K
+read_buffer_size = 256K
+read_rnd_buffer_size = 512K
+myisam_sort_buffer_size = 8M
+
+#innodb_use_native_aio = 0
+innodb_file_per_table
+
+max_connections=70
+max_user_connections=30
+wait_timeout=10
+interactive_timeout=50
+long_query_time=5
+
+!includedir /etc/mysql/conf.d/
diff --git a/install/ubuntu/17.10/mysql/my-small.cnf b/install/ubuntu/17.10/mysql/my-small.cnf
new file mode 100644
index 00000000..26a80478
--- /dev/null
+++ b/install/ubuntu/17.10/mysql/my-small.cnf
@@ -0,0 +1,40 @@
+[client]
+port=3306
+socket=/var/run/mysqld/mysqld.sock
+
+[mysqld_safe]
+socket=/var/run/mysqld/mysqld.sock
+
+[mysqld]
+user=mysql
+pid-file=/var/run/mysqld/mysqld.pid
+socket=/var/run/mysqld/mysqld.sock
+port=3306
+basedir=/usr
+datadir=/var/lib/mysql
+tmpdir=/tmp
+lc-messages-dir=/usr/share/mysql
+log_error=/var/log/mysql/error.log
+
+symbolic-links=0
+
+skip-external-locking
+key_buffer_size = 16K
+max_allowed_packet = 1M
+table_open_cache = 4
+sort_buffer_size = 64K
+read_buffer_size = 256K
+read_rnd_buffer_size = 256K
+net_buffer_length = 2K
+thread_stack = 240K
+
+#innodb_use_native_aio = 0
+innodb_file_per_table
+
+max_connections=30
+max_user_connections=20
+wait_timeout=10
+interactive_timeout=50
+long_query_time=5
+
+!includedir /etc/mysql/conf.d/
diff --git a/install/ubuntu/17.10/nginx/nginx.conf b/install/ubuntu/17.10/nginx/nginx.conf
new file mode 100644
index 00000000..e7256de7
--- /dev/null
+++ b/install/ubuntu/17.10/nginx/nginx.conf
@@ -0,0 +1,136 @@
+# Server globals
+user www-data;
+worker_processes auto;
+worker_rlimit_nofile 65535;
+error_log /var/log/nginx/error.log crit;
+pid /var/run/nginx.pid;
+
+
+# Worker config
+events {
+ worker_connections 1024;
+ use epoll;
+ multi_accept on;
+}
+
+
+http {
+ # Main settings
+ sendfile on;
+ tcp_nopush on;
+ tcp_nodelay on;
+ client_header_timeout 1m;
+ client_body_timeout 1m;
+ client_header_buffer_size 2k;
+ client_body_buffer_size 256k;
+ client_max_body_size 256m;
+ large_client_header_buffers 4 8k;
+ send_timeout 30;
+ keepalive_timeout 60 60;
+ reset_timedout_connection on;
+ server_tokens off;
+ server_name_in_redirect off;
+ server_names_hash_max_size 512;
+ server_names_hash_bucket_size 512;
+
+
+ # Log format
+ log_format main '$remote_addr - $remote_user [$time_local] $request '
+ '"$status" $body_bytes_sent "$http_referer" '
+ '"$http_user_agent" "$http_x_forwarded_for"';
+ log_format bytes '$body_bytes_sent';
+ #access_log /var/log/nginx/access.log main;
+ access_log off;
+
+
+ # Mime settings
+ include /etc/nginx/mime.types;
+ default_type application/octet-stream;
+
+
+ # Compression
+ gzip on;
+ gzip_comp_level 9;
+ gzip_min_length 512;
+ gzip_buffers 8 64k;
+ gzip_types text/plain text/css text/javascript text/js text/xml application/json application/javascript application/x-javascript application/xml application/xml+rss application/x-font-ttf image/svg+xml font/opentype;
+ gzip_proxied any;
+ gzip_disable "MSIE [1-6]\.";
+
+ # Proxy settings
+ proxy_redirect off;
+ proxy_set_header Host $host;
+ proxy_set_header X-Real-IP $remote_addr;
+ proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+ proxy_pass_header Set-Cookie;
+ proxy_connect_timeout 90;
+ proxy_send_timeout 90;
+ proxy_read_timeout 90;
+ proxy_buffers 32 4k;
+
+
+ # Cloudflare https://www.cloudflare.com/ips
+ set_real_ip_from 103.21.244.0/22;
+ set_real_ip_from 103.22.200.0/22;
+ set_real_ip_from 103.31.4.0/22;
+ set_real_ip_from 104.16.0.0/12;
+ set_real_ip_from 108.162.192.0/18;
+ set_real_ip_from 131.0.72.0/22;
+ set_real_ip_from 141.101.64.0/18;
+ set_real_ip_from 162.158.0.0/15;
+ set_real_ip_from 172.64.0.0/13;
+ set_real_ip_from 173.245.48.0/20;
+ set_real_ip_from 188.114.96.0/20;
+ set_real_ip_from 190.93.240.0/20;
+ set_real_ip_from 197.234.240.0/22;
+ set_real_ip_from 198.41.128.0/17;
+ #set_real_ip_from 2400:cb00::/32;
+ #set_real_ip_from 2606:4700::/32;
+ #set_real_ip_from 2803:f800::/32;
+ #set_real_ip_from 2405:b500::/32;
+ #set_real_ip_from 2405:8100::/32;
+ #set_real_ip_from 2c0f:f248::/32;
+ #set_real_ip_from 2a06:98c0::/29;
+ real_ip_header CF-Connecting-IP;
+
+
+ # SSL PCI Compliance
+ ssl_session_cache shared:SSL:10m;
+ ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
+ ssl_prefer_server_ciphers on;
+ ssl_ciphers "ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4";
+
+
+ # Error pages
+ error_page 403 /error/403.html;
+ error_page 404 /error/404.html;
+ error_page 502 503 504 /error/50x.html;
+
+
+ # Cache settings
+ proxy_cache_path /var/cache/nginx levels=2 keys_zone=cache:10m inactive=60m max_size=1024m;
+ proxy_cache_key "$host$request_uri $cookie_user";
+ proxy_temp_path /var/cache/nginx/temp;
+ proxy_ignore_headers Expires Cache-Control;
+ proxy_cache_use_stale error timeout invalid_header http_502;
+ proxy_cache_valid any 1d;
+
+
+ # Cache bypass
+ map $http_cookie $no_cache {
+ default 0;
+ ~SESS 1;
+ ~wordpress_logged_in 1;
+ }
+
+
+ # File cache settings
+ open_file_cache max=10000 inactive=30s;
+ open_file_cache_valid 60s;
+ open_file_cache_min_uses 2;
+ open_file_cache_errors off;
+
+
+ # Wildcard include
+ include /etc/nginx/conf.d/*.conf;
+}
diff --git a/install/ubuntu/17.10/nginx/phpmyadmin.inc b/install/ubuntu/17.10/nginx/phpmyadmin.inc
new file mode 100644
index 00000000..1feb8546
--- /dev/null
+++ b/install/ubuntu/17.10/nginx/phpmyadmin.inc
@@ -0,0 +1,18 @@
+location /phpmyadmin {
+ alias /usr/share/phpmyadmin/;
+
+ location ~ /(libraries|setup) {
+ return 404;
+ }
+
+ location ~ ^/phpmyadmin/(.*\.php)$ {
+ alias /usr/share/phpmyadmin/$1;
+ fastcgi_pass 127.0.0.1:9000;
+ fastcgi_index index.php;
+ include fastcgi_params;
+ fastcgi_param SCRIPT_FILENAME $request_filename;
+ }
+ location ~* ^/phpmyadmin/(.+\.(jpg|jpeg|gif|css|png|js|ico|html|xml|txt))$ {
+ root /usr/share/;
+ }
+}
diff --git a/install/ubuntu/17.10/nginx/phppgadmin.inc b/install/ubuntu/17.10/nginx/phppgadmin.inc
new file mode 100644
index 00000000..cd1e5806
--- /dev/null
+++ b/install/ubuntu/17.10/nginx/phppgadmin.inc
@@ -0,0 +1,11 @@
+location /phppgadmin {
+ alias /usr/share/phppgadmin/;
+
+ location ~ ^/phppgadmin/(.*\.php)$ {
+ alias /usr/share/phppgadmin/$1;
+ fastcgi_pass 127.0.0.1:9000;
+ fastcgi_index index.php;
+ include fastcgi_params;
+ fastcgi_param SCRIPT_FILENAME $request_filename;
+ }
+}
diff --git a/install/ubuntu/17.10/nginx/status.conf b/install/ubuntu/17.10/nginx/status.conf
new file mode 100644
index 00000000..c0bcd069
--- /dev/null
+++ b/install/ubuntu/17.10/nginx/status.conf
@@ -0,0 +1,9 @@
+server {
+ listen 127.0.0.1:8084 default;
+ server_name _;
+ server_name_in_redirect off;
+ location / {
+ stub_status on;
+ access_log off;
+ }
+}
diff --git a/install/ubuntu/17.10/nginx/webmail.inc b/install/ubuntu/17.10/nginx/webmail.inc
new file mode 100644
index 00000000..ad66895b
--- /dev/null
+++ b/install/ubuntu/17.10/nginx/webmail.inc
@@ -0,0 +1,15 @@
+location /webmail {
+ alias /var/lib/roundcube/;
+
+ location ~ /(config|temp|logs) {
+ return 404;
+ }
+
+ location ~ ^/webmail/(.*\.php)$ {
+ alias /var/lib/roundcube/$1;
+ fastcgi_pass 127.0.0.1:9000;
+ fastcgi_index index.php;
+ include fastcgi_params;
+ fastcgi_param SCRIPT_FILENAME $request_filename;
+ }
+}
diff --git a/install/ubuntu/17.10/packages/default.pkg b/install/ubuntu/17.10/packages/default.pkg
new file mode 100644
index 00000000..c2a93574
--- /dev/null
+++ b/install/ubuntu/17.10/packages/default.pkg
@@ -0,0 +1,18 @@
+WEB_TEMPLATE='default'
+PROXY_TEMPLATE='default'
+DNS_TEMPLATE='default'
+WEB_DOMAINS='100'
+WEB_ALIASES='100'
+DNS_DOMAINS='100'
+DNS_RECORDS='100'
+MAIL_DOMAINS='100'
+MAIL_ACCOUNTS='100'
+DATABASES='100'
+CRON_JOBS='100'
+DISK_QUOTA='unlimited'
+BANDWIDTH='100000'
+NS='ns1.domain.tld,ns2.domain.tld'
+SHELL='nologin'
+BACKUPS='3'
+TIME='18:00:00'
+DATE='2017-12-28'
diff --git a/install/ubuntu/17.10/packages/gainsboro.pkg b/install/ubuntu/17.10/packages/gainsboro.pkg
new file mode 100644
index 00000000..76d7dae2
--- /dev/null
+++ b/install/ubuntu/17.10/packages/gainsboro.pkg
@@ -0,0 +1,18 @@
+WEB_TEMPLATE='default'
+PROXY_TEMPLATE='default'
+DNS_TEMPLATE='default'
+WEB_DOMAINS='10'
+WEB_ALIASES='10'
+DNS_DOMAINS='10'
+DNS_RECORDS='10'
+MAIL_DOMAINS='10'
+MAIL_ACCOUNTS='10'
+DATABASES='10'
+CRON_JOBS='10'
+DISK_QUOTA='10000'
+BANDWIDTH='10000'
+NS='ns1.domain.tld,ns2.domain.tld'
+SHELL='nologin'
+BACKUPS='1'
+TIME='18:00:00'
+DATE='2017-12-28'
diff --git a/install/ubuntu/17.10/packages/palegreen.pkg b/install/ubuntu/17.10/packages/palegreen.pkg
new file mode 100644
index 00000000..3db5fe57
--- /dev/null
+++ b/install/ubuntu/17.10/packages/palegreen.pkg
@@ -0,0 +1,18 @@
+WEB_TEMPLATE='hosting'
+PROXY_TEMPLATE='hosting'
+DNS_TEMPLATE='default'
+WEB_DOMAINS='50'
+WEB_ALIASES='50'
+DNS_DOMAINS='50'
+DNS_RECORDS='50'
+MAIL_DOMAINS='50'
+MAIL_ACCOUNTS='50'
+DATABASES='50'
+CRON_JOBS='50'
+DISK_QUOTA='50000'
+BANDWIDTH='50000'
+NS='ns1.domain.tld,ns2.domain.tld'
+SHELL='nologin'
+BACKUPS='5'
+TIME='18:00:00'
+DATE='2017-12-28'
diff --git a/install/ubuntu/17.10/packages/slategrey.pkg b/install/ubuntu/17.10/packages/slategrey.pkg
new file mode 100644
index 00000000..d89e796f
--- /dev/null
+++ b/install/ubuntu/17.10/packages/slategrey.pkg
@@ -0,0 +1,18 @@
+WEB_TEMPLATE='default'
+PROXY_TEMPLATE='default'
+DNS_TEMPLATE='default'
+WEB_DOMAINS='100'
+WEB_ALIASES='100'
+DNS_DOMAINS='100'
+DNS_RECORDS='100'
+MAIL_DOMAINS='100'
+MAIL_ACCOUNTS='100'
+DATABASES='100'
+CRON_JOBS='100'
+DISK_QUOTA='10000'
+BANDWIDTH='100000'
+NS='ns1.domain.tld,ns2.domain.tld'
+SHELL='nologin'
+BACKUPS='3'
+TIME='18:00:00'
+DATE='2017-12-28'
diff --git a/install/ubuntu/17.10/pga/config.inc.php b/install/ubuntu/17.10/pga/config.inc.php
new file mode 100644
index 00000000..1eec9776
--- /dev/null
+++ b/install/ubuntu/17.10/pga/config.inc.php
@@ -0,0 +1,159 @@
+
diff --git a/install/ubuntu/17.10/pga/phppgadmin.conf b/install/ubuntu/17.10/pga/phppgadmin.conf
new file mode 100644
index 00000000..f39247d6
--- /dev/null
+++ b/install/ubuntu/17.10/pga/phppgadmin.conf
@@ -0,0 +1,31 @@
+Alias /phppgadmin /usr/share/phppgadmin
+
+
+
+DirectoryIndex index.php
+AllowOverride None
+
+order deny,allow
+deny from all
+allow from 127.0.0.0/255.0.0.0 ::1/128
+allow from all
+
+
+ php_flag magic_quotes_gpc Off
+ php_flag track_vars On
+ php_value include_path .
+
+
+
+
+ AddType application/x-httpd-php .php
+ Action application/x-httpd-php /cgi-bin/php
+
+
+ AddType application/x-httpd-php .php
+ Action application/x-httpd-php /cgi-bin/php
+
+
+
+
+
diff --git a/install/ubuntu/17.10/php-fpm/www.conf b/install/ubuntu/17.10/php-fpm/www.conf
new file mode 100644
index 00000000..3c87f33c
--- /dev/null
+++ b/install/ubuntu/17.10/php-fpm/www.conf
@@ -0,0 +1,11 @@
+[www]
+listen = 127.0.0.1:9000
+listen.allowed_clients = 127.0.0.1
+
+user = www-data
+group = www-data
+
+pm = ondemand
+pm.max_children = 2
+pm.max_requests = 4000
+pm.process_idle_timeout = 10s
diff --git a/install/ubuntu/17.10/pma/apache.conf b/install/ubuntu/17.10/pma/apache.conf
new file mode 100644
index 00000000..4da6ce84
--- /dev/null
+++ b/install/ubuntu/17.10/pma/apache.conf
@@ -0,0 +1,42 @@
+# phpMyAdmin default Apache configuration
+
+Alias /phpmyadmin /usr/share/phpmyadmin
+
+
+ Options FollowSymLinks
+ DirectoryIndex index.php
+
+
+ AddType application/x-httpd-php .php
+
+ php_flag magic_quotes_gpc Off
+ php_flag track_vars On
+ php_flag register_globals Off
+ php_admin_flag allow_url_fopen Off
+ php_value include_path .
+ php_admin_value upload_tmp_dir /var/lib/phpmyadmin/tmp
+ php_admin_value open_basedir /usr/share/phpmyadmin/:/etc/phpmyadmin/:/var/lib/phpmyadmin/:/usr/share/php/php-gettext:/usr/share/javascript/
+
+
+
+
+# Authorize for setup
+
+
+ AuthType Basic
+ AuthName "phpMyAdmin Setup"
+ AuthUserFile /etc/phpmyadmin/htpasswd.setup
+
+ Require valid-user
+
+
+# Disallow web access to directories that don't need it
+
+ Order Deny,Allow
+ Deny from All
+
+
+ Order Deny,Allow
+ Deny from All
+
+
diff --git a/install/ubuntu/17.10/pma/config.inc.php b/install/ubuntu/17.10/pma/config.inc.php
new file mode 100644
index 00000000..a643a065
--- /dev/null
+++ b/install/ubuntu/17.10/pma/config.inc.php
@@ -0,0 +1,146 @@
+
+ VRootEngine on
+ VRootAlias /etc/security/pam_env.conf etc/security/pam_env.conf
+
+
+AuthPAMConfig proftpd
+AuthOrder mod_auth_pam.c* mod_auth_unix.c
+UseReverseDNS off
+User proftpd
+Group nogroup
+MaxInstances 20
+UseSendfile off
+LogFormat default "%h %l %u %t \"%r\" %s %b"
+LogFormat auth "%v [%P] %h %t \"%r\" %s"
+ListOptions -a
+RequireValidShell off
+PassivePorts 12000 12100
+
+
+ Umask 002
+ IdentLookups off
+ AllowOverwrite yes
+
+ AllowAll
+
+
diff --git a/install/ubuntu/17.10/roundcube/apache.conf b/install/ubuntu/17.10/roundcube/apache.conf
new file mode 100644
index 00000000..a0c87bcc
--- /dev/null
+++ b/install/ubuntu/17.10/roundcube/apache.conf
@@ -0,0 +1,40 @@
+Alias /roundcube/program/js/tiny_mce/ /usr/share/tinymce/www/
+Alias /roundcube /var/lib/roundcube
+Alias /webmail /var/lib/roundcube
+
+# Access to tinymce files
+
+ Options Indexes MultiViews FollowSymLinks
+ AllowOverride None
+ Order allow,deny
+ allow from all
+
+
+
+ Options +FollowSymLinks
+ # This is needed to parse /var/lib/roundcube/.htaccess. See its
+ # content before setting AllowOverride to None.
+ AllowOverride All
+ order allow,deny
+ allow from all
+
+
+# Protecting basic directories:
+
+ Options -FollowSymLinks
+ AllowOverride None
+
+
+
+ Options -FollowSymLinks
+ AllowOverride None
+ Order allow,deny
+ Deny from all
+
+
+
+ Options -FollowSymLinks
+ AllowOverride None
+ Order allow,deny
+ Deny from all
+
diff --git a/install/ubuntu/17.10/roundcube/config.inc.php b/install/ubuntu/17.10/roundcube/config.inc.php
new file mode 100644
index 00000000..0c82b1bc
--- /dev/null
+++ b/install/ubuntu/17.10/roundcube/config.inc.php
@@ -0,0 +1,33 @@
+
diff --git a/install/ubuntu/17.10/roundcube/main.inc.php b/install/ubuntu/17.10/roundcube/main.inc.php
new file mode 100644
index 00000000..44b19793
--- /dev/null
+++ b/install/ubuntu/17.10/roundcube/main.inc.php
@@ -0,0 +1,850 @@
+/sendmail or to syslog
+$rcmail_config['smtp_log'] = true;
+
+// Log successful logins to /userlogins or to syslog
+$rcmail_config['log_logins'] = false;
+
+// Log session authentication errors to /session or to syslog
+$rcmail_config['log_session'] = false;
+
+// Log SQL queries to /sql or to syslog
+$rcmail_config['sql_debug'] = false;
+
+// Log IMAP conversation to /imap or to syslog
+$rcmail_config['imap_debug'] = false;
+
+// Log LDAP conversation to /ldap or to syslog
+$rcmail_config['ldap_debug'] = false;
+
+// Log SMTP conversation to /smtp or to syslog
+$rcmail_config['smtp_debug'] = false;
+
+// ----------------------------------
+// IMAP
+// ----------------------------------
+
+// the mail host chosen to perform the log-in
+// leave blank to show a textbox at login, give a list of hosts
+// to display a pulldown menu or set one host as string.
+// To use SSL/TLS connection, enter hostname with prefix ssl:// or tls://
+// Supported replacement variables:
+// %n - http hostname ($_SERVER['SERVER_NAME'])
+// %d - domain (http hostname without the first part)
+// %s - domain name after the '@' from e-mail address provided at login screen
+// For example %n = mail.domain.tld, %d = domain.tld
+$rcmail_config['default_host'] = 'localhost';
+
+// TCP port used for IMAP connections
+$rcmail_config['default_port'] = 143;
+
+// IMAP AUTH type (DIGEST-MD5, CRAM-MD5, LOGIN, PLAIN or empty to use
+// best server supported one)
+$rcmail_config['imap_auth_type'] = null;
+
+// If you know your imap's folder delimiter, you can specify it here.
+// Otherwise it will be determined automatically
+$rcmail_config['imap_delimiter'] = null;
+
+// If IMAP server doesn't support NAMESPACE extension, but you're
+// using shared folders or personal root folder is non-empty, you'll need to
+// set these options. All can be strings or arrays of strings.
+// Folders need to be ended with directory separator, e.g. "INBOX."
+// (special directory "~" is an exception to this rule)
+// These can be used also to overwrite server's namespaces
+$rcmail_config['imap_ns_personal'] = null;
+$rcmail_config['imap_ns_other'] = null;
+$rcmail_config['imap_ns_shared'] = null;
+
+// By default IMAP capabilities are readed after connection to IMAP server
+// In some cases, e.g. when using IMAP proxy, there's a need to refresh the list
+// after login. Set to True if you've got this case.
+$rcmail_config['imap_force_caps'] = false;
+
+// By default list of subscribed folders is determined using LIST-EXTENDED
+// extension if available. Some servers (dovecot 1.x) returns wrong results
+// for shared namespaces in this case. http://trac.roundcube.net/ticket/1486225
+// Enable this option to force LSUB command usage instead.
+$rcmail_config['imap_force_lsub'] = false;
+
+// Some server configurations (e.g. Courier) doesn't list folders in all namespaces
+// Enable this option to force listing of folders in all namespaces
+$rcmail_config['imap_force_ns'] = false;
+
+// IMAP connection timeout, in seconds. Default: 0 (no limit)
+$rcmail_config['imap_timeout'] = 0;
+
+// Optional IMAP authentication identifier to be used as authorization proxy
+$rcmail_config['imap_auth_cid'] = null;
+
+// Optional IMAP authentication password to be used for imap_auth_cid
+$rcmail_config['imap_auth_pw'] = null;
+
+// Type of IMAP indexes cache. Supported values: 'db', 'apc' and 'memcache'.
+$rcmail_config['imap_cache'] = null;
+
+// Enables messages cache. Only 'db' cache is supported.
+$rcmail_config['messages_cache'] = false;
+
+
+// ----------------------------------
+// SMTP
+// ----------------------------------
+
+// SMTP server host (for sending mails).
+// To use SSL/TLS connection, enter hostname with prefix ssl:// or tls://
+// If left blank, the PHP mail() function is used
+// Supported replacement variables:
+// %h - user's IMAP hostname
+// %n - http hostname ($_SERVER['SERVER_NAME'])
+// %d - domain (http hostname without the first part)
+// %z - IMAP domain (IMAP hostname without the first part)
+// For example %n = mail.domain.tld, %d = domain.tld
+$rcmail_config['smtp_server'] = '';
+
+// SMTP port (default is 25; use 587 for STARTTLS or 465 for the
+// deprecated SSL over SMTP (aka SMTPS))
+$rcmail_config['smtp_port'] = 25;
+
+// SMTP username (if required) if you use %u as the username Roundcube
+// will use the current username for login
+$rcmail_config['smtp_user'] = '';
+
+// SMTP password (if required) if you use %p as the password Roundcube
+// will use the current user's password for login
+$rcmail_config['smtp_pass'] = '';
+
+// SMTP AUTH type (DIGEST-MD5, CRAM-MD5, LOGIN, PLAIN or empty to use
+// best server supported one)
+$rcmail_config['smtp_auth_type'] = '';
+
+// Optional SMTP authentication identifier to be used as authorization proxy
+$rcmail_config['smtp_auth_cid'] = null;
+
+// Optional SMTP authentication password to be used for smtp_auth_cid
+$rcmail_config['smtp_auth_pw'] = null;
+
+// SMTP HELO host
+// Hostname to give to the remote server for SMTP 'HELO' or 'EHLO' messages
+// Leave this blank and you will get the server variable 'server_name' or
+// localhost if that isn't defined.
+$rcmail_config['smtp_helo_host'] = '';
+
+// SMTP connection timeout, in seconds. Default: 0 (no limit)
+$rcmail_config['smtp_timeout'] = 0;
+
+// ----------------------------------
+// SYSTEM
+// ----------------------------------
+include_once("/etc/roundcube/debian-db-roundcube.php");
+
+
+// THIS OPTION WILL ALLOW THE INSTALLER TO RUN AND CAN EXPOSE SENSITIVE CONFIG DATA.
+// ONLY ENABLE IT IF YOU'RE REALLY SURE WHAT YOU'RE DOING!
+$rcmail_config['enable_installer'] = false;
+
+// provide an URL where a user can get support for this Roundcube installation
+// PLEASE DO NOT LINK TO THE ROUNDCUBE.NET WEBSITE HERE!
+$rcmail_config['support_url'] = '';
+
+// replace Roundcube logo with this image
+// specify an URL relative to the document root of this Roundcube installation
+$rcmail_config['skin_logo'] = null;
+
+// automatically create a new Roundcube user when log-in the first time.
+// a new user will be created once the IMAP login succeeds.
+// set to false if only registered users can use this service
+$rcmail_config['auto_create_user'] = true;
+
+// use this folder to store log files (must be writeable for apache user)
+// This is used by the 'file' log driver.
+$rcmail_config['log_dir'] = '/var/log/roundcubemail/';
+
+// use this folder to store temp files (must be writeable for apache user)
+$rcmail_config['temp_dir'] = '/tmp';
+
+// lifetime of message cache
+// possible units: s, m, h, d, w
+$rcmail_config['message_cache_lifetime'] = '10d';
+
+// enforce connections over https
+// with this option enabled, all non-secure connections will be redirected.
+// set the port for the ssl connection as value of this option if it differs from the default 443
+$rcmail_config['force_https'] = false;
+
+// tell PHP that it should work as under secure connection
+// even if it doesn't recognize it as secure ($_SERVER['HTTPS'] is not set)
+// e.g. when you're running Roundcube behind a https proxy
+// this option is mutually exclusive to 'force_https' and only either one of them should be set to true.
+$rcmail_config['use_https'] = false;
+
+// Allow browser-autocompletion on login form.
+// 0 - disabled, 1 - username and host only, 2 - username, host, password
+$rcmail_config['login_autocomplete'] = 0;
+
+// Forces conversion of logins to lower case.
+// 0 - disabled, 1 - only domain part, 2 - domain and local part.
+// If users authentication is not case-sensitive this must be enabled.
+// After enabling it all user records need to be updated, e.g. with query:
+// UPDATE users SET username = LOWER(username);
+$rcmail_config['login_lc'] = 0;
+
+// Includes should be interpreted as PHP files
+$rcmail_config['skin_include_php'] = false;
+
+// display software version on login screen
+$rcmail_config['display_version'] = false;
+
+// Session lifetime in minutes
+// must be greater than 'keep_alive'/60
+$rcmail_config['session_lifetime'] = 10;
+
+// session domain: .example.org
+$rcmail_config['session_domain'] = '';
+
+// session name. Default: 'roundcube_sessid'
+$rcmail_config['session_name'] = null;
+
+// Backend to use for session storage. Can either be 'db' (default) or 'memcache'
+// If set to memcache, a list of servers need to be specified in 'memcache_hosts'
+// Make sure the Memcache extension (http://pecl.php.net/package/memcache) version >= 2.0.0 is installed
+$rcmail_config['session_storage'] = 'db';
+
+// Use these hosts for accessing memcached
+// Define any number of hosts in the form of hostname:port or unix:///path/to/sock.file
+$rcmail_config['memcache_hosts'] = null; // e.g. array( 'localhost:11211', '192.168.1.12:11211', 'unix:///var/tmp/memcached.sock' );
+
+// check client IP in session athorization
+$rcmail_config['ip_check'] = false;
+
+// check referer of incoming requests
+$rcmail_config['referer_check'] = false;
+
+// X-Frame-Options HTTP header value sent to prevent from Clickjacking.
+// Possible values: sameorigin|deny. Set to false in order to disable sending them
+$rcmail_config['x_frame_options'] = 'sameorigin';
+
+// this key is used to encrypt the users imap password which is stored
+// in the session record (and the client cookie if remember password is enabled).
+// please provide a string of exactly 24 chars.
+$rcmail_config['des_key'] = 'vtIOjLZo9kffJoqzpSbm5r1r';
+
+// Automatically add this domain to user names for login
+// Only for IMAP servers that require full e-mail addresses for login
+// Specify an array with 'host' => 'domain' values to support multiple hosts
+// Supported replacement variables:
+// %h - user's IMAP hostname
+// %n - http hostname ($_SERVER['SERVER_NAME'])
+// %d - domain (http hostname without the first part)
+// %z - IMAP domain (IMAP hostname without the first part)
+// For example %n = mail.domain.tld, %d = domain.tld
+$rcmail_config['username_domain'] = '';
+
+// This domain will be used to form e-mail addresses of new users
+// Specify an array with 'host' => 'domain' values to support multiple hosts
+// Supported replacement variables:
+// %h - user's IMAP hostname
+// %n - http hostname ($_SERVER['SERVER_NAME'])
+// %d - domain (http hostname without the first part)
+// %z - IMAP domain (IMAP hostname without the first part)
+// For example %n = mail.domain.tld, %d = domain.tld
+$rcmail_config['mail_domain'] = '';
+
+// Password charset.
+// Use it if your authentication backend doesn't support UTF-8.
+// Defaults to ISO-8859-1 for backward compatibility
+$rcmail_config['password_charset'] = 'ISO-8859-1';
+
+// How many seconds must pass between emails sent by a user
+$rcmail_config['sendmail_delay'] = 0;
+
+// Maximum number of recipients per message. Default: 0 (no limit)
+$rcmail_config['max_recipients'] = 0;
+
+// Maximum allowednumber of members of an address group. Default: 0 (no limit)
+// If 'max_recipients' is set this value should be less or equal
+$rcmail_config['max_group_members'] = 0;
+
+// add this user-agent to message headers when sending
+$rcmail_config['useragent'] = 'Roundcube Webmail/'.RCMAIL_VERSION;
+
+// use this name to compose page titles
+$rcmail_config['product_name'] = 'Roundcube Webmail';
+
+// try to load host-specific configuration
+// see http://trac.roundcube.net/wiki/Howto_Config for more details
+$rcmail_config['include_host_config'] = false;
+
+// path to a text file which will be added to each sent message
+// paths are relative to the Roundcube root folder
+$rcmail_config['generic_message_footer'] = '';
+
+// path to a text file which will be added to each sent HTML message
+// paths are relative to the Roundcube root folder
+$rcmail_config['generic_message_footer_html'] = '';
+
+// add a received header to outgoing mails containing the creators IP and hostname
+$rcmail_config['http_received_header'] = false;
+
+// Whether or not to encrypt the IP address and the host name
+// these could, in some circles, be considered as sensitive information;
+// however, for the administrator, these could be invaluable help
+// when tracking down issues.
+$rcmail_config['http_received_header_encrypt'] = false;
+
+// This string is used as a delimiter for message headers when sending
+// a message via mail() function. Leave empty for auto-detection
+$rcmail_config['mail_header_delimiter'] = NULL;
+
+// number of chars allowed for line when wrapping text.
+// text wrapping is done when composing/sending messages
+$rcmail_config['line_length'] = 72;
+
+// send plaintext messages as format=flowed
+$rcmail_config['send_format_flowed'] = true;
+
+// don't allow these settings to be overriden by the user
+$rcmail_config['dont_override'] = array();
+
+// Set identities access level:
+// 0 - many identities with possibility to edit all params
+// 1 - many identities with possibility to edit all params but not email address
+// 2 - one identity with possibility to edit all params
+// 3 - one identity with possibility to edit all params but not email address
+$rcmail_config['identities_level'] = 0;
+
+// Mimetypes supported by the browser.
+// attachments of these types will open in a preview window
+// either a comma-separated list or an array: 'text/plain,text/html,text/xml,image/jpeg,image/gif,image/png,application/pdf'
+$rcmail_config['client_mimetypes'] = null; # null == default
+
+// mime magic database
+$rcmail_config['mime_magic'] = null;
+
+// path to imagemagick identify binary
+$rcmail_config['im_identify_path'] = null;
+
+// path to imagemagick convert binary
+$rcmail_config['im_convert_path'] = null;
+
+// maximum size of uploaded contact photos in pixel
+$rcmail_config['contact_photo_size'] = 160;
+
+// Enable DNS checking for e-mail address validation
+$rcmail_config['email_dns_check'] = false;
+
+// ----------------------------------
+// PLUGINS
+// ----------------------------------
+
+// List of active plugins (in plugins/ directory)
+$rcmail_config['plugins'] = array('password');
+
+// ----------------------------------
+// USER INTERFACE
+// ----------------------------------
+
+// default messages sort column. Use empty value for default server's sorting,
+// or 'arrival', 'date', 'subject', 'from', 'to', 'fromto', 'size', 'cc'
+$rcmail_config['message_sort_col'] = '';
+
+// default messages sort order
+$rcmail_config['message_sort_order'] = 'DESC';
+
+// These cols are shown in the message list. Available cols are:
+// subject, from, to, fromto, cc, replyto, date, size, status, flag, attachment, 'priority'
+$rcmail_config['list_cols'] = array('subject', 'status', 'fromto', 'date', 'size', 'flag', 'attachment');
+
+// the default locale setting (leave empty for auto-detection)
+// RFC1766 formatted language name like en_US, de_DE, de_CH, fr_FR, pt_BR
+$rcmail_config['language'] = null;
+
+// use this format for date display (date or strftime format)
+$rcmail_config['date_format'] = 'Y-m-d';
+
+// give this choice of date formats to the user to select from
+$rcmail_config['date_formats'] = array('Y-m-d', 'd-m-Y', 'Y/m/d', 'm/d/Y', 'd/m/Y', 'd.m.Y', 'j.n.Y');
+
+// use this format for time display (date or strftime format)
+$rcmail_config['time_format'] = 'H:i';
+
+// give this choice of time formats to the user to select from
+$rcmail_config['time_formats'] = array('G:i', 'H:i', 'g:i a', 'h:i A');
+
+// use this format for short date display (derived from date_format and time_format)
+$rcmail_config['date_short'] = 'D H:i';
+
+// use this format for detailed date/time formatting (derived from date_format and time_format)
+$rcmail_config['date_long'] = 'Y-m-d H:i';
+
+// store draft message is this mailbox
+// leave blank if draft messages should not be stored
+// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP)
+$rcmail_config['drafts_mbox'] = 'Drafts';
+
+// store spam messages in this mailbox
+// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP)
+$rcmail_config['junk_mbox'] = 'Spam';
+
+// store sent message is this mailbox
+// leave blank if sent messages should not be stored
+// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP)
+$rcmail_config['sent_mbox'] = 'Sent';
+
+// move messages to this folder when deleting them
+// leave blank if they should be deleted directly
+// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP)
+$rcmail_config['trash_mbox'] = 'Trash';
+
+// display these folders separately in the mailbox list.
+// these folders will also be displayed with localized names
+// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP)
+$rcmail_config['default_folders'] = array('INBOX', 'Drafts', 'Sent', 'Spam', 'Trash');
+$rcmail_config['default_imap_folders'] = array('INBOX', 'Drafts', 'Sent', 'Spam', 'Trash');
+
+// automatically create the above listed default folders on first login
+$rcmail_config['create_default_folders'] = true;
+
+// protect the default folders from renames, deletes, and subscription changes
+$rcmail_config['protect_default_folders'] = true;
+
+// if in your system 0 quota means no limit set this option to true
+$rcmail_config['quota_zero_as_unlimited'] = true;
+
+// Make use of the built-in spell checker. It is based on GoogieSpell.
+// Since Google only accepts connections over https your PHP installatation
+// requires to be compiled with Open SSL support
+$rcmail_config['enable_spellcheck'] = true;
+
+// Enables spellchecker exceptions dictionary.
+// Setting it to 'shared' will make the dictionary shared by all users.
+$rcmail_config['spellcheck_dictionary'] = false;
+
+// Set the spell checking engine. 'googie' is the default. 'pspell' is also available,
+// but requires the Pspell extensions. When using Nox Spell Server, also set 'googie' here.
+$rcmail_config['spellcheck_engine'] = 'googie';
+
+// For a locally installed Nox Spell Server, please specify the URI to call it.
+// Get Nox Spell Server from http://orangoo.com/labs/?page_id=72
+// Leave empty to use the Google spell checking service, what means
+// that the message content will be sent to Google in order to check spelling
+$rcmail_config['spellcheck_uri'] = '';
+
+// These languages can be selected for spell checking.
+// Configure as a PHP style hash array: array('en'=>'English', 'de'=>'Deutsch');
+// Leave empty for default set of available language.
+$rcmail_config['spellcheck_languages'] = NULL;
+
+// Makes that words with all letters capitalized will be ignored (e.g. GOOGLE)
+$rcmail_config['spellcheck_ignore_caps'] = false;
+
+// Makes that words with numbers will be ignored (e.g. g00gle)
+$rcmail_config['spellcheck_ignore_nums'] = false;
+
+// Makes that words with symbols will be ignored (e.g. g@@gle)
+$rcmail_config['spellcheck_ignore_syms'] = false;
+
+// Use this char/string to separate recipients when composing a new message
+$rcmail_config['recipients_separator'] = ',';
+
+// don't let users set pagesize to more than this value if set
+$rcmail_config['max_pagesize'] = 200;
+
+// Minimal value of user's 'keep_alive' setting (in seconds)
+// Must be less than 'session_lifetime'
+$rcmail_config['min_keep_alive'] = 60;
+
+// Enables files upload indicator. Requires APC installed and enabled apc.rfc1867 option.
+// By default refresh time is set to 1 second. You can set this value to true
+// or any integer value indicating number of seconds.
+$rcmail_config['upload_progress'] = false;
+
+// Specifies for how many seconds the Undo button will be available
+// after object delete action. Currently used with supporting address book sources.
+// Setting it to 0, disables the feature.
+$rcmail_config['undo_timeout'] = 0;
+
+// ----------------------------------
+// ADDRESSBOOK SETTINGS
+// ----------------------------------
+
+// This indicates which type of address book to use. Possible choises:
+// 'sql' (default) and 'ldap'.
+// If set to 'ldap' then it will look at using the first writable LDAP
+// address book as the primary address book and it will not display the
+// SQL address book in the 'Address Book' view.
+$rcmail_config['address_book_type'] = 'sql';
+
+// In order to enable public ldap search, configure an array like the Verisign
+// example further below. if you would like to test, simply uncomment the example.
+// Array key must contain only safe characters, ie. a-zA-Z0-9_
+$rcmail_config['ldap_public'] = array();
+
+// If you are going to use LDAP for individual address books, you will need to
+// set 'user_specific' to true and use the variables to generate the appropriate DNs to access it.
+//
+// The recommended directory structure for LDAP is to store all the address book entries
+// under the users main entry, e.g.:
+//
+// o=root
+// ou=people
+// uid=user@domain
+// mail=contact@contactdomain
+//
+// So the base_dn would be uid=%fu,ou=people,o=root
+// The bind_dn would be the same as based_dn or some super user login.
+/*
+ * example config for Verisign directory
+ *
+$rcmail_config['ldap_public']['Verisign'] = array(
+ 'name' => 'Verisign.com',
+ // Replacement variables supported in host names:
+ // %h - user's IMAP hostname
+ // %n - http hostname ($_SERVER['SERVER_NAME'])
+ // %d - domain (http hostname without the first part)
+ // %z - IMAP domain (IMAP hostname without the first part)
+ // For example %n = mail.domain.tld, %d = domain.tld
+ 'hosts' => array('directory.verisign.com'),
+ 'port' => 389,
+ 'use_tls' => false,
+ 'ldap_version' => 3, // using LDAPv3
+ 'user_specific' => false, // If true the base_dn, bind_dn and bind_pass default to the user's IMAP login.
+ // %fu - The full username provided, assumes the username is an email
+ // address, uses the username_domain value if not an email address.
+ // %u - The username prior to the '@'.
+ // %d - The domain name after the '@'.
+ // %dc - The domain name hierarchal string e.g. "dc=test,dc=domain,dc=com"
+ // %dn - DN found by ldap search when search_filter/search_base_dn are used
+ 'base_dn' => '',
+ 'bind_dn' => '',
+ 'bind_pass' => '',
+ // It's possible to bind for an individual address book
+ // The login name is used to search for the DN to bind with
+ 'search_base_dn' => '',
+ 'search_filter' => '', // e.g. '(&(objectClass=posixAccount)(uid=%u))'
+ // DN and password to bind as before searching for bind DN, if anonymous search is not allowed
+ 'search_bind_dn' => '',
+ 'search_bind_pw' => '',
+ // Default for %dn variable if search doesn't return DN value
+ 'search_dn_default' => '',
+ // Optional authentication identifier to be used as SASL authorization proxy
+ // bind_dn need to be empty
+ 'auth_cid' => '',
+ // SASL authentication method (for proxy auth), e.g. DIGEST-MD5
+ 'auth_method' => '',
+ // Indicates if the addressbook shall be hidden from the list.
+ // With this option enabled you can still search/view contacts.
+ 'hidden' => false,
+ // Indicates if the addressbook shall not list contacts but only allows searching.
+ 'searchonly' => false,
+ // Indicates if we can write to the LDAP directory or not.
+ // If writable is true then these fields need to be populated:
+ // LDAP_Object_Classes, required_fields, LDAP_rdn
+ 'writable' => false,
+ // To create a new contact these are the object classes to specify
+ // (or any other classes you wish to use).
+ 'LDAP_Object_Classes' => array('top', 'inetOrgPerson'),
+ // The RDN field that is used for new entries, this field needs
+ // to be one of the search_fields, the base of base_dn is appended
+ // to the RDN to insert into the LDAP directory.
+ 'LDAP_rdn' => 'cn',
+ // The required fields needed to build a new contact as required by
+ // the object classes (can include additional fields not required by the object classes).
+ 'required_fields' => array('cn', 'sn', 'mail'),
+ 'search_fields' => array('mail', 'cn'), // fields to search in
+ // mapping of contact fields to directory attributes
+ // for every attribute one can specify the number of values (limit) allowed.
+ // default is 1, a wildcard * means unlimited
+ 'fieldmap' => array(
+ // Roundcube => LDAP:limit
+ 'name' => 'cn',
+ 'surname' => 'sn',
+ 'firstname' => 'givenName',
+ 'title' => 'title',
+ 'email' => 'mail:*',
+ 'phone:home' => 'homePhone',
+ 'phone:work' => 'telephoneNumber',
+ 'phone:mobile' => 'mobile',
+ 'phone:pager' => 'pager',
+ 'street' => 'street',
+ 'zipcode' => 'postalCode',
+ 'region' => 'st',
+ 'locality' => 'l',
+// if you uncomment country, you need to modify 'sub_fields' above
+// 'country' => 'c',
+ 'department' => 'departmentNumber',
+ 'notes' => 'description',
+// these currently don't work:
+// 'phone:workfax' => 'facsimileTelephoneNumber',
+// 'photo' => 'jpegPhoto',
+// 'organization' => 'o',
+// 'manager' => 'manager',
+// 'assistant' => 'secretary',
+ ),
+ // Map of contact sub-objects (attribute name => objectClass(es)), e.g. 'c' => 'country'
+ 'sub_fields' => array(),
+ 'sort' => 'cn', // The field to sort the listing by.
+ 'scope' => 'sub', // search mode: sub|base|list
+ 'filter' => '(objectClass=inetOrgPerson)', // used for basic listing (if not empty) and will be &'d with search queries. example: status=act
+ 'fuzzy_search' => true, // server allows wildcard search
+ 'vlv' => false, // Enable Virtual List View to more efficiently fetch paginated data (if server supports it)
+ 'numsub_filter' => '(objectClass=organizationalUnit)', // with VLV, we also use numSubOrdinates to query the total number of records. Set this filter to get all numSubOrdinates attributes for counting
+ 'sizelimit' => '0', // Enables you to limit the count of entries fetched. Setting this to 0 means no limit.
+ 'timelimit' => '0', // Sets the number of seconds how long is spend on the search. Setting this to 0 means no limit.
+ 'referrals' => true|false, // Sets the LDAP_OPT_REFERRALS option. Mostly used in multi-domain Active Directory setups
+
+ // definition for contact groups (uncomment if no groups are supported)
+ // for the groups base_dn, the user replacements %fu, %u, $d and %dc work as for base_dn (see above)
+ // if the groups base_dn is empty, the contact base_dn is used for the groups as well
+ // -> in this case, assure that groups and contacts are separated due to the concernig filters!
+ 'groups' => array(
+ 'base_dn' => '',
+ 'scope' => 'sub', // search mode: sub|base|list
+ 'filter' => '(objectClass=groupOfNames)',
+ 'object_classes' => array("top", "groupOfNames"),
+ 'member_attr' => 'member', // name of the member attribute, e.g. uniqueMember
+ 'name_attr' => 'cn', // attribute to be used as group name
+ ),
+);
+*/
+
+// An ordered array of the ids of the addressbooks that should be searched
+// when populating address autocomplete fields server-side. ex: array('sql','Verisign');
+$rcmail_config['autocomplete_addressbooks'] = array('sql');
+
+// The minimum number of characters required to be typed in an autocomplete field
+// before address books will be searched. Most useful for LDAP directories that
+// may need to do lengthy results building given overly-broad searches
+$rcmail_config['autocomplete_min_length'] = 1;
+
+// Number of parallel autocomplete requests.
+// If there's more than one address book, n parallel (async) requests will be created,
+// where each request will search in one address book. By default (0), all address
+// books are searched in one request.
+$rcmail_config['autocomplete_threads'] = 0;
+
+// Max. numer of entries in autocomplete popup. Default: 15.
+$rcmail_config['autocomplete_max'] = 15;
+
+// show address fields in this order
+// available placeholders: {street}, {locality}, {zipcode}, {country}, {region}
+$rcmail_config['address_template'] = '{street}
{locality} {zipcode}
{country} {region}';
+
+// Matching mode for addressbook search (including autocompletion)
+// 0 - partial (*abc*), default
+// 1 - strict (abc)
+// 2 - prefix (abc*)
+// Note: For LDAP sources fuzzy_search must be enabled to use 'partial' or 'prefix' mode
+$rcmail_config['addressbook_search_mode'] = 0;
+
+// ----------------------------------
+// USER PREFERENCES
+// ----------------------------------
+
+// Use this charset as fallback for message decoding
+//$rcmail_config['default_charset'] = 'ISO-8859-1';
+$rcmail_config['default_charset'] = 'UTF-8';
+
+// skin name: folder from skins/
+$rcmail_config['skin'] = 'larry';
+
+// show up to X items in messages list view
+$rcmail_config['mail_pagesize'] = 50;
+
+// show up to X items in contacts list view
+$rcmail_config['addressbook_pagesize'] = 50;
+
+// sort contacts by this col (preferably either one of name, firstname, surname)
+$rcmail_config['addressbook_sort_col'] = 'surname';
+
+// the way how contact names are displayed in the list
+// 0: display name
+// 1: (prefix) firstname middlename surname (suffix)
+// 2: (prefix) surname firstname middlename (suffix)
+// 3: (prefix) surname, firstname middlename (suffix)
+$rcmail_config['addressbook_name_listing'] = 0;
+
+// use this timezone to display date/time
+// valid timezone identifers are listed here: php.net/manual/en/timezones.php
+// 'auto' will use the browser's timezone settings
+$rcmail_config['timezone'] = 'auto';
+
+// prefer displaying HTML messages
+$rcmail_config['prefer_html'] = true;
+
+// display remote inline images
+// 0 - Never, always ask
+// 1 - Ask if sender is not in address book
+// 2 - Always show inline images
+$rcmail_config['show_images'] = 0;
+
+// compose html formatted messages by default
+// 0 - never, 1 - always, 2 - on reply to HTML message only
+$rcmail_config['htmleditor'] = 0;
+
+// show pretty dates as standard
+$rcmail_config['prettydate'] = true;
+
+// save compose message every 30 seconds
+$rcmail_config['draft_autosave'] = 30;
+
+// default setting if preview pane is enabled
+$rcmail_config['preview_pane'] = false;
+
+// Mark as read when viewed in preview pane (delay in seconds)
+// Set to -1 if messages in preview pane should not be marked as read
+$rcmail_config['preview_pane_mark_read'] = 0;
+
+// Clear Trash on logout
+$rcmail_config['logout_purge'] = false;
+
+// Compact INBOX on logout
+$rcmail_config['logout_expunge'] = false;
+
+// Display attached images below the message body
+$rcmail_config['inline_images'] = true;
+
+// Encoding of long/non-ascii attachment names:
+// 0 - Full RFC 2231 compatible
+// 1 - RFC 2047 for 'name' and RFC 2231 for 'filename' parameter (Thunderbird's default)
+// 2 - Full 2047 compatible
+$rcmail_config['mime_param_folding'] = 1;
+
+// Set true if deleted messages should not be displayed
+// This will make the application run slower
+$rcmail_config['skip_deleted'] = false;
+
+// Set true to Mark deleted messages as read as well as deleted
+// False means that a message's read status is not affected by marking it as deleted
+$rcmail_config['read_when_deleted'] = true;
+
+// Set to true to never delete messages immediately
+// Use 'Purge' to remove messages marked as deleted
+$rcmail_config['flag_for_deletion'] = false;
+
+// Default interval for keep-alive/check-recent requests (in seconds)
+// Must be greater than or equal to 'min_keep_alive' and less than 'session_lifetime'
+$rcmail_config['keep_alive'] = 60;
+
+// If true all folders will be checked for recent messages
+$rcmail_config['check_all_folders'] = false;
+
+// If true, after message delete/move, the next message will be displayed
+$rcmail_config['display_next'] = false;
+
+// 0 - Do not expand threads
+// 1 - Expand all threads automatically
+// 2 - Expand only threads with unread messages
+$rcmail_config['autoexpand_threads'] = 0;
+
+// When replying place cursor above original message (top posting)
+$rcmail_config['top_posting'] = false;
+
+// When replying strip original signature from message
+$rcmail_config['strip_existing_sig'] = true;
+
+// Show signature:
+// 0 - Never
+// 1 - Always
+// 2 - New messages only
+// 3 - Forwards and Replies only
+$rcmail_config['show_sig'] = 1;
+
+// When replying or forwarding place sender's signature above existing message
+$rcmail_config['sig_above'] = false;
+
+// Use MIME encoding (quoted-printable) for 8bit characters in message body
+$rcmail_config['force_7bit'] = false;
+
+// Defaults of the search field configuration.
+// The array can contain a per-folder list of header fields which should be considered when searching
+// The entry with key '*' stands for all folders which do not have a specific list set.
+// Please note that folder names should to be in sync with $rcmail_config['default_folders']
+$rcmail_config['search_mods'] = null; // Example: array('*' => array('subject'=>1, 'from'=>1), 'Sent' => array('subject'=>1, 'to'=>1));
+
+// Defaults of the addressbook search field configuration.
+$rcmail_config['addressbook_search_mods'] = null; // Example: array('name'=>1, 'firstname'=>1, 'surname'=>1, 'email'=>1, '*'=>1);
+
+// 'Delete always'
+// This setting reflects if mail should be always deleted
+// when moving to Trash fails. This is necessary in some setups
+// when user is over quota and Trash is included in the quota.
+$rcmail_config['delete_always'] = false;
+
+// Directly delete messages in Junk instead of moving to Trash
+$rcmail_config['delete_junk'] = true;
+
+// Behavior if a received message requests a message delivery notification (read receipt)
+// 0 = ask the user, 1 = send automatically, 2 = ignore (never send or ask)
+// 3 = send automatically if sender is in addressbook, otherwise ask the user
+// 4 = send automatically if sender is in addressbook, otherwise ignore
+$rcmail_config['mdn_requests'] = 0;
+
+// Return receipt checkbox default state
+$rcmail_config['mdn_default'] = 0;
+
+// Delivery Status Notification checkbox default state
+$rcmail_config['dsn_default'] = 0;
+
+// Place replies in the folder of the message being replied to
+$rcmail_config['reply_same_folder'] = false;
+
+// Sets default mode of Forward feature to "forward as attachment"
+$rcmail_config['forward_attachment'] = false;
+
+// Defines address book (internal index) to which new contacts will be added
+// By default it is the first writeable addressbook.
+// Note: Use '0' for built-in address book.
+$rcmail_config['default_addressbook'] = null;
+
+// Enables spell checking before sending a message.
+$rcmail_config['spellcheck_before_send'] = false;
+
+// Skip alternative email addresses in autocompletion (show one address per contact)
+$rcmail_config['autocomplete_single'] = false;
+
+// Default font for composed HTML message.
+// Supported values: Andale Mono, Arial, Arial Black, Book Antiqua, Courier New,
+// Georgia, Helvetica, Impact, Tahoma, Terminal, Times New Roman, Trebuchet MS, Verdana
+$rcmail_config['default_font'] = '';
+
+// end of config file
diff --git a/install/ubuntu/17.10/roundcube/vesta.php b/install/ubuntu/17.10/roundcube/vesta.php
new file mode 100644
index 00000000..99e1d4bc
--- /dev/null
+++ b/install/ubuntu/17.10/roundcube/vesta.php
@@ -0,0 +1,71 @@
+
+ */
+
+ function password_save($curpass, $passwd)
+ {
+ $rcmail = rcmail::get_instance();
+ $vesta_host = $rcmail->config->get('password_vesta_host');
+
+ if (empty($vesta_host))
+ {
+ $vesta_host = 'localhost';
+ }
+
+ $vesta_port = $rcmail->config->get('password_vesta_port');
+ if (empty($vesta_port))
+ {
+ $vesta_port = '8083';
+ }
+
+ $postvars = array(
+ 'email' => $_SESSION['username'],
+ 'password' => $curpass,
+ 'new' => $passwd
+ );
+
+ $postdata = http_build_query($postvars);
+
+ $send = 'POST /reset/mail/ HTTP/1.1' . PHP_EOL;
+ $send .= 'Host: ' . $vesta_host . PHP_EOL;
+ $send .= 'User-Agent: PHP Script' . PHP_EOL;
+ $send .= 'Content-length: ' . strlen($postdata) . PHP_EOL;
+ $send .= 'Content-type: application/x-www-form-urlencoded' . PHP_EOL;
+ $send .= 'Connection: close' . PHP_EOL;
+ $send .= PHP_EOL;
+ $send .= $postdata . PHP_EOL . PHP_EOL;
+
+ //$fp = fsockopen('ssl://' . $vesta_host, $vesta_port);
+ $errno = "";
+ $errstr = "";
+ $context = stream_context_create();
+ $result = stream_context_set_option($context, 'ssl', 'verify_peer', false);
+ $result = stream_context_set_option($context, 'ssl', 'verify_peer_name', false);
+ $result = stream_context_set_option($context, 'ssl', 'verify_host', false);
+ $result = stream_context_set_option($context, 'ssl', 'allow_self_signed', true);
+
+ $fp = stream_socket_client('ssl://' . $vesta_host . ':'.$vesta_port, $errno, $errstr, 60, STREAM_CLIENT_CONNECT, $context);
+ fputs($fp, $send);
+ $result = fread($fp, 2048);
+ fclose($fp);
+
+ $fp = fopen("/tmp/roundcube.log", 'w');
+ fwrite($fp, "test ok");
+ fwrite($fp, "\n");
+ fclose($fp);
+
+
+ if(strpos($result, 'ok') && !strpos($result, 'error'))
+ {
+ return PASSWORD_SUCCESS;
+ }
+ else {
+ return PASSWORD_ERROR;
+ }
+
+ }
diff --git a/install/ubuntu/17.10/sudo/admin b/install/ubuntu/17.10/sudo/admin
new file mode 100644
index 00000000..4226bdd4
--- /dev/null
+++ b/install/ubuntu/17.10/sudo/admin
@@ -0,0 +1,8 @@
+# Created by vesta installer
+Defaults env_keep="VESTA"
+Defaults:admin !syslog
+Defaults:admin !requiretty
+Defaults:root !requiretty
+
+admin ALL=(ALL) ALL
+admin ALL=NOPASSWD:/usr/local/vesta/bin/*
diff --git a/install/ubuntu/17.10/templates/dns/child-ns.tpl b/install/ubuntu/17.10/templates/dns/child-ns.tpl
new file mode 100755
index 00000000..42c046e4
--- /dev/null
+++ b/install/ubuntu/17.10/templates/dns/child-ns.tpl
@@ -0,0 +1,14 @@
+ID='1' RECORD='@' TYPE='NS' PRIORITY='' VALUE='ns1.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='2' RECORD='@' TYPE='NS' PRIORITY='' VALUE='ns2.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='3' RECORD='@' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='4' RECORD='ns1' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='5' RECORD='ns2' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='6' RECORD='www' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='7' RECORD='ftp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='8' RECORD='mail' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='9' RECORD='smtp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='10' RECORD='pop' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='11' RECORD='imap' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='12' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='mail.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='13' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"v=spf1 a mx ip4:%ip% ~all"' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='14' RECORD='_dmarc' TYPE='TXT' PRIORITY='' VALUE='"v=DMARC1; p=none"' SUSPENDED='no' TIME='%time%' DATE='%date%'
diff --git a/install/ubuntu/17.10/templates/dns/default.tpl b/install/ubuntu/17.10/templates/dns/default.tpl
new file mode 100755
index 00000000..e0a37e62
--- /dev/null
+++ b/install/ubuntu/17.10/templates/dns/default.tpl
@@ -0,0 +1,18 @@
+ID='1' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns1%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='2' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns2%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='3' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns3%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='4' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns4%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='5' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns5%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='6' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns6%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='7' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns7%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='8' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns8%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='9' RECORD='@' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='10' RECORD='www' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='11' RECORD='ftp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='12' RECORD='mail' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='13' RECORD='smtp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='14' RECORD='pop' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='15' RECORD='imap' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='16' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='mail.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='17' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"v=spf1 a mx ip4:%ip% ~all"' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='18' RECORD='_dmarc' TYPE='TXT' PRIORITY='' VALUE='"v=DMARC1; p=none"' SUSPENDED='no' TIME='%time%' DATE='%date%'
diff --git a/install/ubuntu/17.10/templates/dns/gmail.tpl b/install/ubuntu/17.10/templates/dns/gmail.tpl
new file mode 100755
index 00000000..219c9d24
--- /dev/null
+++ b/install/ubuntu/17.10/templates/dns/gmail.tpl
@@ -0,0 +1,12 @@
+ID='1' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns1%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='2' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns2%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='3' RECORD='@' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='4' RECORD='ftp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='5' RECORD='localhost' TYPE='A' PRIORITY='' VALUE='127.0.0.1' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='6' RECORD='www' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='7' RECORD='@' TYPE='MX' PRIORITY='1' VALUE='ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='8' RECORD='@' TYPE='MX' PRIORITY='5' VALUE='ALT1.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='9' RECORD='@' TYPE='MX' PRIORITY='5' VALUE='ALT2.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='10' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='ALT3.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='11' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='ALT4.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='12' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"v=spf1 a mx ip4:%ip% include:_spf.google.com ~all"' SUSPENDED='no' TIME='%time%' DATE='%date%'
diff --git a/install/ubuntu/17.10/templates/web/apache2/basedir.stpl b/install/ubuntu/17.10/templates/web/apache2/basedir.stpl
new file mode 100644
index 00000000..d978d4c4
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/apache2/basedir.stpl
@@ -0,0 +1,44 @@
+
+
+ ServerName %domain_idn%
+ %alias_string%
+ ServerAdmin %email%
+ DocumentRoot %sdocroot%
+ ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/
+ Alias /vstats/ %home%/%user%/web/%domain%/stats/
+ Alias /error/ %home%/%user%/web/%domain%/document_errors/
+ #SuexecUserGroup %user% %group%
+ CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes
+ CustomLog /var/log/%web_system%/domains/%domain%.log combined
+ ErrorLog /var/log/%web_system%/domains/%domain%.error.log
+
+ AllowOverride All
+ SSLRequireSSL
+ Options +Includes -Indexes +ExecCGI
+ php_admin_value open_basedir %docroot%:%home%/%user%/tmp
+ php_admin_value upload_tmp_dir %home%/%user%/tmp
+ php_admin_value session.save_path %home%/%user%/tmp
+ php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%"
+
+
+ AllowOverride All
+
+ SSLEngine on
+ SSLVerifyClient none
+ SSLCertificateFile %ssl_crt%
+ SSLCertificateKeyFile %ssl_key%
+ %ssl_ca_str%SSLCertificateChainFile %ssl_ca%
+
+
+ RMode config
+ RUidGid %user% %group%
+ RGroups www-data
+
+
+ AssignUserID %user% %group%
+
+
+ IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf*
+
+
+
diff --git a/install/ubuntu/17.10/templates/web/apache2/basedir.tpl b/install/ubuntu/17.10/templates/web/apache2/basedir.tpl
new file mode 100644
index 00000000..96c94a1b
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/apache2/basedir.tpl
@@ -0,0 +1,38 @@
+
+
+ ServerName %domain_idn%
+ %alias_string%
+ ServerAdmin %email%
+ DocumentRoot %docroot%
+ ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/
+ Alias /vstats/ %home%/%user%/web/%domain%/stats/
+ Alias /error/ %home%/%user%/web/%domain%/document_errors/
+ #SuexecUserGroup %user% %group%
+ CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes
+ CustomLog /var/log/%web_system%/domains/%domain%.log combined
+ ErrorLog /var/log/%web_system%/domains/%domain%.error.log
+
+ AllowOverride All
+ Options +Includes -Indexes +ExecCGI
+ php_admin_value open_basedir %docroot%:%home%/%user%/tmp
+ php_admin_value upload_tmp_dir %home%/%user%/tmp
+ php_admin_value session.save_path %home%/%user%/tmp
+ php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%"
+
+
+ AllowOverride All
+
+
+
+ RMode config
+ RUidGid %user% %group%
+ RGroups www-data
+
+
+ AssignUserID %user% %group%
+
+
+ IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf*
+
+
+
diff --git a/install/ubuntu/17.10/templates/web/apache2/default.stpl b/install/ubuntu/17.10/templates/web/apache2/default.stpl
new file mode 100644
index 00000000..ec34c279
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/apache2/default.stpl
@@ -0,0 +1,43 @@
+
+
+ ServerName %domain_idn%
+ %alias_string%
+ ServerAdmin %email%
+ DocumentRoot %sdocroot%
+ ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/
+ Alias /vstats/ %home%/%user%/web/%domain%/stats/
+ Alias /error/ %home%/%user%/web/%domain%/document_errors/
+ #SuexecUserGroup %user% %group%
+ CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes
+ CustomLog /var/log/%web_system%/domains/%domain%.log combined
+ ErrorLog /var/log/%web_system%/domains/%domain%.error.log
+
+ AllowOverride All
+ SSLRequireSSL
+ Options +Includes -Indexes +ExecCGI
+ php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp
+ php_admin_value upload_tmp_dir %home%/%user%/tmp
+ php_admin_value session.save_path %home%/%user%/tmp
+
+
+ AllowOverride All
+
+ SSLEngine on
+ SSLVerifyClient none
+ SSLCertificateFile %ssl_crt%
+ SSLCertificateKeyFile %ssl_key%
+ %ssl_ca_str%SSLCertificateChainFile %ssl_ca%
+
+
+ RMode config
+ RUidGid %user% %group%
+ RGroups www-data
+
+
+ AssignUserID %user% %group%
+
+
+ IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf*
+
+
+
diff --git a/install/ubuntu/17.10/templates/web/apache2/default.tpl b/install/ubuntu/17.10/templates/web/apache2/default.tpl
new file mode 100644
index 00000000..3a227015
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/apache2/default.tpl
@@ -0,0 +1,37 @@
+
+
+ ServerName %domain_idn%
+ %alias_string%
+ ServerAdmin %email%
+ DocumentRoot %docroot%
+ ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/
+ Alias /vstats/ %home%/%user%/web/%domain%/stats/
+ Alias /error/ %home%/%user%/web/%domain%/document_errors/
+ #SuexecUserGroup %user% %group%
+ CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes
+ CustomLog /var/log/%web_system%/domains/%domain%.log combined
+ ErrorLog /var/log/%web_system%/domains/%domain%.error.log
+
+ AllowOverride All
+ Options +Includes -Indexes +ExecCGI
+ php_admin_value open_basedir %docroot%:%home%/%user%/tmp
+ php_admin_value upload_tmp_dir %home%/%user%/tmp
+ php_admin_value session.save_path %home%/%user%/tmp
+
+
+ AllowOverride All
+
+
+
+ RMode config
+ RUidGid %user% %group%
+ RGroups www-data
+
+
+ AssignUserID %user% %group%
+
+
+ IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf*
+
+
+
diff --git a/install/ubuntu/17.10/templates/web/apache2/hosting.stpl b/install/ubuntu/17.10/templates/web/apache2/hosting.stpl
new file mode 100644
index 00000000..8892072b
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/apache2/hosting.stpl
@@ -0,0 +1,49 @@
+
+
+ ServerName %domain_idn%
+ %alias_string%
+ ServerAdmin %email%
+ DocumentRoot %sdocroot%
+ ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/
+ Alias /vstats/ %home%/%user%/web/%domain%/stats/
+ Alias /error/ %home%/%user%/web/%domain%/document_errors/
+ #SuexecUserGroup %user% %group%
+ CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes
+ CustomLog /var/log/%web_system%/domains/%domain%.log combined
+ ErrorLog /var/log/%web_system%/domains/%domain%.error.log
+
+ AllowOverride All
+ SSLRequireSSL
+ Options +Includes -Indexes +ExecCGI
+ php_admin_value upload_max_filesize 10M
+ php_admin_value max_execution_time 20
+ php_admin_value post_max_size 8M
+ php_admin_value memory_limit 32M
+ php_admin_flag mysql.allow_persistent off
+ php_admin_flag safe_mode off
+ php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%"
+ php_admin_value open_basedir %docroot%:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube
+ php_admin_value upload_tmp_dir %home%/%user%/tmp
+ php_admin_value session.save_path %home%/%user%/tmp
+
+
+ AllowOverride All
+
+ SSLEngine on
+ SSLVerifyClient none
+ SSLCertificateFile %ssl_crt%
+ SSLCertificateKeyFile %ssl_key%
+ %ssl_ca_str%SSLCertificateChainFile %ssl_ca%
+
+ RMode config
+ RUidGid %user% %group%
+ RGroups www-data
+
+
+ AssignUserID %user% %group%
+
+
+ IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf*
+
+
+
diff --git a/install/ubuntu/17.10/templates/web/apache2/hosting.tpl b/install/ubuntu/17.10/templates/web/apache2/hosting.tpl
new file mode 100644
index 00000000..1eb26910
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/apache2/hosting.tpl
@@ -0,0 +1,43 @@
+
+
+ ServerName %domain_idn%
+ %alias_string%
+ ServerAdmin %email%
+ DocumentRoot %docroot%
+ ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/
+ Alias /vstats/ %home%/%user%/web/%domain%/stats/
+ Alias /error/ %home%/%user%/web/%domain%/document_errors/
+ #SuexecUserGroup %user% %group%
+ CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes
+ CustomLog /var/log/%web_system%/domains/%domain%.log combined
+ ErrorLog /var/log/%web_system%/domains/%domain%.error.log
+
+ AllowOverride All
+ Options +Includes -Indexes +ExecCGI
+ php_admin_value upload_max_filesize 10M
+ php_admin_value max_execution_time 20
+ php_admin_value post_max_size 8M
+ php_admin_value memory_limit 32M
+ php_admin_flag mysql.allow_persistent off
+ php_admin_flag safe_mode off
+ php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%"
+ php_admin_value open_basedir %docroot%:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube
+ php_admin_value upload_tmp_dir %home%/%user%/tmp
+ php_admin_value session.save_path %home%/%user%/tmp
+
+
+ AllowOverride All
+
+
+ RMode config
+ RUidGid %user% %group%
+ RGroups www-data
+
+
+ AssignUserID %user% %group%
+
+
+ IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf*
+
+
+
diff --git a/install/ubuntu/17.10/templates/web/apache2/phpcgi.sh b/install/ubuntu/17.10/templates/web/apache2/phpcgi.sh
new file mode 100755
index 00000000..6565e103
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/apache2/phpcgi.sh
@@ -0,0 +1,16 @@
+#!/bin/bash
+# Adding php wrapper
+user="$1"
+domain="$2"
+ip="$3"
+home_dir="$4"
+docroot="$5"
+
+wrapper_script='#!/usr/bin/php-cgi -cphp5-cgi.ini'
+wrapper_file="$home_dir/$user/web/$domain/cgi-bin/php"
+
+echo "$wrapper_script" > $wrapper_file
+chown $user:$user $wrapper_file
+chmod -f 751 $wrapper_file
+
+exit 0
diff --git a/install/ubuntu/17.10/templates/web/apache2/phpcgi.stpl b/install/ubuntu/17.10/templates/web/apache2/phpcgi.stpl
new file mode 100644
index 00000000..731355bc
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/apache2/phpcgi.stpl
@@ -0,0 +1,38 @@
+
+
+ ServerName %domain_idn%
+ %alias_string%
+ ServerAdmin %email%
+ DocumentRoot %sdocroot%
+ ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/
+ Alias /vstats/ %home%/%user%/web/%domain%/stats/
+ Alias /error/ %home%/%user%/web/%domain%/document_errors/
+ SuexecUserGroup %user% %group%
+ CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes
+ CustomLog /var/log/%web_system%/domains/%domain%.log combined
+ ErrorLog /var/log/%web_system%/domains/%domain%.error.log
+
+ SSLRequireSSL
+ AllowOverride All
+ Options +Includes -Indexes +ExecCGI
+ php_admin_value open_basedir %docroot%:%home%/%user%/tmp
+ php_admin_value upload_tmp_dir %home%/%user%/tmp
+ php_admin_value session.save_path %home%/%user%/tmp
+ Action phpcgi-script /cgi-bin/php
+
+ SetHandler phpcgi-script
+
+
+
+ AllowOverride All
+
+ SSLEngine on
+ SSLVerifyClient none
+ SSLCertificateFile %ssl_crt%
+ SSLCertificateKeyFile %ssl_key%
+ %ssl_ca_str%SSLCertificateChainFile %ssl_ca%
+
+ IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf*
+
+
+
diff --git a/install/ubuntu/17.10/templates/web/apache2/phpcgi.tpl b/install/ubuntu/17.10/templates/web/apache2/phpcgi.tpl
new file mode 100644
index 00000000..c6796d29
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/apache2/phpcgi.tpl
@@ -0,0 +1,31 @@
+
+
+ ServerName %domain_idn%
+ %alias_string%
+ ServerAdmin %email%
+ DocumentRoot %docroot%
+ ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/
+ Alias /vstats/ %home%/%user%/web/%domain%/stats/
+ Alias /error/ %home%/%user%/web/%domain%/document_errors/
+ SuexecUserGroup %user% %group%
+ CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes
+ CustomLog /var/log/%web_system%/domains/%domain%.log combined
+ ErrorLog /var/log/%web_system%/domains/%domain%.error.log
+
+ AllowOverride All
+ Options +Includes -Indexes +ExecCGI
+ php_admin_value open_basedir %docroot%:%home%/%user%/tmp
+ php_admin_value upload_tmp_dir %home%/%user%/tmp
+ php_admin_value session.save_path %home%/%user%/tmp
+ Action phpcgi-script /cgi-bin/php
+
+ SetHandler phpcgi-script
+
+
+
+ AllowOverride All
+
+ IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf*
+
+
+
diff --git a/install/ubuntu/17.10/templates/web/apache2/phpfcgid.sh b/install/ubuntu/17.10/templates/web/apache2/phpfcgid.sh
new file mode 100755
index 00000000..e8058249
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/apache2/phpfcgid.sh
@@ -0,0 +1,22 @@
+#!/bin/bash
+# Adding php wrapper
+user="$1"
+domain="$2"
+ip="$3"
+home_dir="$4"
+docroot="$5"
+
+wrapper_script="#!/bin/sh
+PHPRC=/usr/local/lib
+export PHPRC
+export PHP_FCGI_MAX_REQUESTS=1000
+export PHP_FCGI_CHILDREN=20
+exec /usr/bin/php-cgi
+"
+wrapper_file="$home_dir/$user/web/$domain/cgi-bin/fcgi-starter"
+
+echo "$wrapper_script" > $wrapper_file
+chown $user:$user $wrapper_file
+chmod -f 751 $wrapper_file
+
+exit 0
diff --git a/install/ubuntu/17.10/templates/web/apache2/phpfcgid.stpl b/install/ubuntu/17.10/templates/web/apache2/phpfcgid.stpl
new file mode 100644
index 00000000..156c8a91
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/apache2/phpfcgid.stpl
@@ -0,0 +1,39 @@
+
+
+ ServerName %domain_idn%
+ %alias_string%
+ ServerAdmin %email%
+ DocumentRoot %sdocroot%
+ ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/
+ Alias /vstats/ %home%/%user%/web/%domain%/stats/
+ Alias /error/ %home%/%user%/web/%domain%/document_errors/
+ SuexecUserGroup %user% %group%
+ CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes
+ CustomLog /var/log/%web_system%/domains/%domain%.log combined
+ ErrorLog /var/log/%web_system%/domains/%domain%.error.log
+
+ SSLRequireSSL
+ AllowOverride All
+ Options +Includes -Indexes +ExecCGI
+ php_admin_value open_basedir %docroot%:%home%/%user%/tmp
+ php_admin_value upload_tmp_dir %home%/%user%/tmp
+ php_admin_value session.save_path %home%/%user%/tmp
+
+ SetHandler fcgid-script
+
+ FCGIWrapper %home%/%user%/web/%domain%/cgi-bin/fcgi-starter .php
+
+
+ AllowOverride All
+
+ php_admin_value open_basedir none
+ SSLEngine on
+ SSLVerifyClient none
+ SSLCertificateFile %ssl_crt%
+ SSLCertificateKeyFile %ssl_key%
+ %ssl_ca_str%SSLCertificateChainFile %ssl_ca%
+
+ IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf*
+
+
+
diff --git a/install/ubuntu/17.10/templates/web/apache2/phpfcgid.tpl b/install/ubuntu/17.10/templates/web/apache2/phpfcgid.tpl
new file mode 100644
index 00000000..a4c01269
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/apache2/phpfcgid.tpl
@@ -0,0 +1,31 @@
+
+
+ ServerName %domain_idn%
+ %alias_string%
+ ServerAdmin %email%
+ DocumentRoot %docroot%
+ ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/
+ Alias /vstats/ %home%/%user%/web/%domain%/stats/
+ Alias /error/ %home%/%user%/web/%domain%/document_errors/
+ SuexecUserGroup %user% %group%
+ CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes
+ CustomLog /var/log/%web_system%/domains/%domain%.log combined
+ ErrorLog /var/log/%web_system%/domains/%domain%.error.log
+
+ AllowOverride All
+ Options +Includes -Indexes +ExecCGI
+ php_admin_value open_basedir %docroot%:%home%/%user%/tmp
+ php_admin_value upload_tmp_dir %home%/%user%/tmp
+ php_admin_value session.save_path %home%/%user%/tmp
+
+ SetHandler fcgid-script
+
+ FCGIWrapper %home%/%user%/web/%domain%/cgi-bin/fcgi-starter .php
+
+
+ AllowOverride All
+
+ IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf*
+
+
+
diff --git a/install/ubuntu/17.10/templates/web/awstats/awstats.tpl b/install/ubuntu/17.10/templates/web/awstats/awstats.tpl
new file mode 100755
index 00000000..9a92e0fd
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/awstats/awstats.tpl
@@ -0,0 +1,133 @@
+LogFile="/var/log/%web_system%/domains/%domain%.log"
+LogType=W
+LogFormat=1
+LogSeparator=" "
+SiteDomain="%domain_idn%"
+HostAliases="%alias_idn%"
+DirData="%home%/%user%/web/%domain%/stats"
+DirCgi="/vstats"
+DirIcons="/vstats/icon"
+AllowToUpdateStatsFromBrowser=0
+AllowFullYearView=2
+EnableLockForUpdate=1
+DNSStaticCacheFile="dnscache.txt"
+DNSLastUpdateCacheFile="dnscachelastupdate.txt"
+SkipDNSLookupFor=""
+AllowAccessFromWebToAuthenticatedUsersOnly=0
+AllowAccessFromWebToFollowingAuthenticatedUsers=""
+AllowAccessFromWebToFollowingIPAddresses=""
+CreateDirDataIfNotExists=0
+BuildHistoryFormat=text
+BuildReportFormat=html
+SaveDatabaseFilesWithPermissionsForEveryone=0
+PurgeLogFile=0
+ArchiveLogRecords=0
+KeepBackupOfHistoricFiles=1
+DefaultFile="index.php index.html"
+SkipHosts="127.0.0.1
+SkipUserAgents=""
+SkipFiles=""
+SkipReferrersBlackList=""
+OnlyHosts=""
+OnlyUserAgents=""
+OnlyUsers=""
+OnlyFiles=""
+NotPageList="css js class gif jpg jpeg png bmp ico rss xml swf"
+ValidHTTPCodes="200 304"
+ValidSMTPCodes="1 250"
+AuthenticatedUsersNotCaseSensitive=0
+URLNotCaseSensitive=0
+URLWithAnchor=0
+URLQuerySeparators="?;"
+URLWithQuery=0
+URLWithQueryWithOnlyFollowingParameters=""
+URLWithQueryWithoutFollowingParameters=""
+URLReferrerWithQuery=0
+WarningMessages=1
+ErrorMessages=""
+DebugMessages=0
+NbOfLinesForCorruptedLog=50
+WrapperScript=""
+DecodeUA=0
+MiscTrackerUrl="/js/awstats_misc_tracker.js"
+UseFramesWhenCGI=1
+DetailedReportsOnNewWindows=1
+Expires=3600
+MaxRowsInHTMLOutput=1000
+Lang="auto"
+DirLang="./lang"
+ShowMenu=1
+ShowSummary=UVPHB
+ShowMonthStats=UVPHB
+ShowDaysOfMonthStats=VPHB
+ShowDaysOfWeekStats=PHB
+ShowHoursStats=PHB
+ShowDomainsStats=PHB
+ShowHostsStats=PHBL
+ShowAuthenticatedUsers=0
+ShowRobotsStats=HBL
+ShowWormsStats=0
+ShowEMailSenders=0
+ShowEMailReceivers=0
+ShowSessionsStats=1
+ShowPagesStats=PBEX
+ShowFileTypesStats=HB
+ShowFileSizesStats=0
+ShowDownloadsStats=HB
+ShowOSStats=1
+ShowBrowsersStats=1
+ShowScreenSizeStats=0
+ShowOriginStats=PH
+ShowKeyphrasesStats=1
+ShowKeywordsStats=1
+ShowMiscStats=a
+ShowHTTPErrorsStats=1
+ShowSMTPErrorsStats=0
+ShowClusterStats=0
+AddDataArrayMonthStats=1
+AddDataArrayShowDaysOfMonthStats=1
+AddDataArrayShowDaysOfWeekStats=1
+AddDataArrayShowHoursStats=1
+IncludeInternalLinksInOriginSection=0
+MaxNbOfDomain = 10
+MinHitDomain = 1
+MaxNbOfHostsShown = 10
+MinHitHost = 1
+MaxNbOfLoginShown = 10
+MinHitLogin = 1
+MaxNbOfRobotShown = 10
+MinHitRobot = 1
+MaxNbOfDownloadsShown = 10
+MinHitDownloads = 1
+MaxNbOfPageShown = 10
+MinHitFile = 1
+MaxNbOfOsShown = 10
+MinHitOs = 1
+MaxNbOfBrowsersShown = 10
+MinHitBrowser = 1
+MaxNbOfScreenSizesShown = 5
+MinHitScreenSize = 1
+MaxNbOfWindowSizesShown = 5
+MinHitWindowSize = 1
+MaxNbOfRefererShown = 10
+MinHitRefer = 1
+MaxNbOfKeyphrasesShown = 10
+MinHitKeyphrase = 1
+MaxNbOfKeywordsShown = 10
+MinHitKeyword = 1
+MaxNbOfEMailsShown = 20
+MinHitEMail = 1
+FirstDayOfWeek=0
+ShowFlagLinks=""
+ShowLinksOnUrl=1
+UseHTTPSLinkForUrl=""
+MaxLengthOfShownURL=64
+HTMLHeadSection=""
+HTMLEndSection=""
+MetaRobot=0
+Logo="awstats_logo6.png"
+LogoLink="http://awstats.sourceforge.net"
+BarWidth = 260
+BarHeight = 90
+StyleSheet=""
+ExtraTrackedRowsLimit=500
diff --git a/install/ubuntu/17.10/templates/web/awstats/index.tpl b/install/ubuntu/17.10/templates/web/awstats/index.tpl
new file mode 100755
index 00000000..9df9bb5c
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/awstats/index.tpl
@@ -0,0 +1,10 @@
+
+
+
+ Awstats log analyzer
+
+
+
diff --git a/install/ubuntu/17.10/templates/web/awstats/nav.tpl b/install/ubuntu/17.10/templates/web/awstats/nav.tpl
new file mode 100755
index 00000000..f29bed68
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/awstats/nav.tpl
@@ -0,0 +1,23 @@
+
+
+ Awstats navigation
+
+
+
+
+
+ |
+
+ |
+
+
+
+
diff --git a/install/ubuntu/17.10/templates/web/nginx/caching.sh b/install/ubuntu/17.10/templates/web/nginx/caching.sh
new file mode 100755
index 00000000..09d8efe7
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/nginx/caching.sh
@@ -0,0 +1,19 @@
+#!/bin/bash
+
+user=$1
+domain=$2
+ip=$3
+home=$4
+docroot=$5
+
+str="proxy_cache_path /var/cache/nginx/$domain levels=2"
+str="$str keys_zone=$domain:10m inactive=60m max_size=512m;"
+conf='/etc/nginx/conf.d/01_caching_pool.conf'
+if [ -e "$conf" ]; then
+ if [ -z "$(grep "=${domain}:" $conf)" ]; then
+ echo "$str" >> $conf
+ fi
+else
+ echo "$str" >> $conf
+fi
+
diff --git a/install/ubuntu/17.10/templates/web/nginx/caching.stpl b/install/ubuntu/17.10/templates/web/nginx/caching.stpl
new file mode 100755
index 00000000..5e0e4064
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/nginx/caching.stpl
@@ -0,0 +1,44 @@
+server {
+ listen %ip%:%proxy_ssl_port%;
+ server_name %domain_idn% %alias_idn%;
+ ssl on;
+ ssl_certificate %ssl_pem%;
+ ssl_certificate_key %ssl_key%;
+ error_log /var/log/%web_system%/domains/%domain%.error.log error;
+
+ location / {
+ proxy_pass https://%ip%:%web_ssl_port%;
+
+ proxy_cache cache;
+ proxy_cache_valid 15m;
+ proxy_cache_valid 404 1m;
+ proxy_no_cache $no_cache;
+ proxy_cache_bypass $no_cache;
+ proxy_cache_bypass $cookie_session $http_x_update;
+
+ location ~* ^.+\.(%proxy_extentions%)$ {
+ proxy_cache off;
+ root %sdocroot%;
+ access_log /var/log/%web_system%/domains/%domain%.log combined;
+ access_log /var/log/%web_system%/domains/%domain%.bytes bytes;
+ expires max;
+ try_files $uri @fallback;
+ }
+ }
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location @fallback {
+ proxy_pass https://%ip%:%web_ssl_port%;
+ }
+
+ location ~ /\.ht {return 404;}
+ location ~ /\.svn/ {return 404;}
+ location ~ /\.git/ {return 404;}
+ location ~ /\.hg/ {return 404;}
+ location ~ /\.bzr/ {return 404;}
+
+ include %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.10/templates/web/nginx/caching.tpl b/install/ubuntu/17.10/templates/web/nginx/caching.tpl
new file mode 100755
index 00000000..36761b65
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/nginx/caching.tpl
@@ -0,0 +1,41 @@
+server {
+ listen %ip%:%proxy_port%;
+ server_name %domain_idn% %alias_idn%;
+ error_log /var/log/%web_system%/domains/%domain%.error.log error;
+
+ location / {
+ proxy_pass http://%ip%:%web_port%;
+
+ proxy_cache cache;
+ proxy_cache_valid 15m;
+ proxy_cache_valid 404 1m;
+ proxy_no_cache $no_cache;
+ proxy_cache_bypass $no_cache;
+ proxy_cache_bypass $cookie_session $http_x_update;
+
+ location ~* ^.+\.(%proxy_extentions%)$ {
+ proxy_cache off;
+ root %docroot%;
+ access_log /var/log/%web_system%/domains/%domain%.log combined;
+ access_log /var/log/%web_system%/domains/%domain%.bytes bytes;
+ expires max;
+ try_files $uri @fallback;
+ }
+ }
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location @fallback {
+ proxy_pass http://%ip%:%web_port%;
+ }
+
+ location ~ /\.ht {return 404;}
+ location ~ /\.svn/ {return 404;}
+ location ~ /\.git/ {return 404;}
+ location ~ /\.hg/ {return 404;}
+ location ~ /\.bzr/ {return 404;}
+
+ include %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.10/templates/web/nginx/default.stpl b/install/ubuntu/17.10/templates/web/nginx/default.stpl
new file mode 100755
index 00000000..fa538060
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/nginx/default.stpl
@@ -0,0 +1,36 @@
+server {
+ listen %ip%:%proxy_ssl_port%;
+ server_name %domain_idn% %alias_idn%;
+ ssl on;
+ ssl_certificate %ssl_pem%;
+ ssl_certificate_key %ssl_key%;
+ error_log /var/log/%web_system%/domains/%domain%.error.log error;
+
+ location / {
+ proxy_pass https://%ip%:%web_ssl_port%;
+ location ~* ^.+\.(%proxy_extentions%)$ {
+ root %sdocroot%;
+ access_log /var/log/%web_system%/domains/%domain%.log combined;
+ access_log /var/log/%web_system%/domains/%domain%.bytes bytes;
+ expires max;
+ try_files $uri @fallback;
+ }
+ }
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location @fallback {
+ proxy_pass https://%ip%:%web_ssl_port%;
+ }
+
+ location ~ /\.ht {return 404;}
+ location ~ /\.svn/ {return 404;}
+ location ~ /\.git/ {return 404;}
+ location ~ /\.hg/ {return 404;}
+ location ~ /\.bzr/ {return 404;}
+
+ include %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
+
diff --git a/install/ubuntu/17.10/templates/web/nginx/default.tpl b/install/ubuntu/17.10/templates/web/nginx/default.tpl
new file mode 100755
index 00000000..4d5c774b
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/nginx/default.tpl
@@ -0,0 +1,33 @@
+server {
+ listen %ip%:%proxy_port%;
+ server_name %domain_idn% %alias_idn%;
+ error_log /var/log/%web_system%/domains/%domain%.error.log error;
+
+ location / {
+ proxy_pass http://%ip%:%web_port%;
+ location ~* ^.+\.(%proxy_extentions%)$ {
+ root %docroot%;
+ access_log /var/log/%web_system%/domains/%domain%.log combined;
+ access_log /var/log/%web_system%/domains/%domain%.bytes bytes;
+ expires max;
+ try_files $uri @fallback;
+ }
+ }
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location @fallback {
+ proxy_pass http://%ip%:%web_port%;
+ }
+
+ location ~ /\.ht {return 404;}
+ location ~ /\.svn/ {return 404;}
+ location ~ /\.git/ {return 404;}
+ location ~ /\.hg/ {return 404;}
+ location ~ /\.bzr/ {return 404;}
+
+ include %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
+
diff --git a/install/ubuntu/17.10/templates/web/nginx/hosting.sh b/install/ubuntu/17.10/templates/web/nginx/hosting.sh
new file mode 100755
index 00000000..eeed37ef
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/nginx/hosting.sh
@@ -0,0 +1,11 @@
+#!/bin/bash
+# Changing public_html permission
+user="$1"
+domain="$2"
+ip="$3"
+home_dir="$4"
+docroot="$5"
+
+chmod 755 $docroot
+
+exit 0
diff --git a/install/ubuntu/17.10/templates/web/nginx/hosting.stpl b/install/ubuntu/17.10/templates/web/nginx/hosting.stpl
new file mode 100755
index 00000000..d778d633
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/nginx/hosting.stpl
@@ -0,0 +1,38 @@
+server {
+ listen %ip%:%proxy_ssl_port%;
+ server_name %domain_idn% %alias_idn%;
+ ssl on;
+ ssl_certificate %ssl_pem%;
+ ssl_certificate_key %ssl_key%;
+ error_log /var/log/%web_system%/domains/%domain%.error.log error;
+
+ location / {
+ proxy_pass https://%ip%:%web_ssl_port%;
+ location ~* ^.+\.(%proxy_extentions%)$ {
+ root %sdocroot%;
+ access_log /var/log/%web_system%/domains/%domain%.log combined;
+ access_log /var/log/%web_system%/domains/%domain%.bytes bytes;
+ expires max;
+ try_files $uri @fallback;
+ }
+ }
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location @fallback {
+ proxy_pass https://%ip%:%web_ssl_port%;
+ }
+
+ location ~ /\.ht {return 404;}
+ location ~ /\.svn/ {return 404;}
+ location ~ /\.git/ {return 404;}
+ location ~ /\.hg/ {return 404;}
+ location ~ /\.bzr/ {return 404;}
+
+ disable_symlinks if_not_owner from=%docroot%;
+
+ include %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
+
diff --git a/install/ubuntu/17.10/templates/web/nginx/hosting.tpl b/install/ubuntu/17.10/templates/web/nginx/hosting.tpl
new file mode 100755
index 00000000..15961c95
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/nginx/hosting.tpl
@@ -0,0 +1,35 @@
+server {
+ listen %ip%:%proxy_port%;
+ server_name %domain_idn% %alias_idn%;
+ error_log /var/log/%web_system%/domains/%domain%.error.log error;
+
+ location / {
+ proxy_pass http://%ip%:%web_port%;
+ location ~* ^.+\.(%proxy_extentions%)$ {
+ root %docroot%;
+ access_log /var/log/%web_system%/domains/%domain%.log combined;
+ access_log /var/log/%web_system%/domains/%domain%.bytes bytes;
+ expires max;
+ try_files $uri @fallback;
+ }
+ }
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location @fallback {
+ proxy_pass http://%ip%:%web_port%;
+ }
+
+ location ~ /\.ht {return 404;}
+ location ~ /\.svn/ {return 404;}
+ location ~ /\.git/ {return 404;}
+ location ~ /\.hg/ {return 404;}
+ location ~ /\.bzr/ {return 404;}
+
+ disable_symlinks if_not_owner from=%docroot%;
+
+ include %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
+
diff --git a/install/ubuntu/17.10/templates/web/nginx/http2.stpl b/install/ubuntu/17.10/templates/web/nginx/http2.stpl
new file mode 100644
index 00000000..76dd2f8e
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/nginx/http2.stpl
@@ -0,0 +1,36 @@
+server {
+ listen %ip%:%proxy_ssl_port% http2;
+ server_name %domain_idn% %alias_idn%;
+ ssl on;
+ ssl_certificate %ssl_pem%;
+ ssl_certificate_key %ssl_key%;
+ error_log /var/log/httpd/domains/%domain%.error.log error;
+
+ location / {
+ proxy_pass https://%ip%:%web_ssl_port%;
+ location ~* ^.+\.(%proxy_extentions%)$ {
+ root %sdocroot%;
+ access_log /var/log/httpd/domains/%domain%.log combined;
+ access_log /var/log/httpd/domains/%domain%.bytes bytes;
+ expires max;
+ try_files $uri @fallback;
+ }
+ }
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location @fallback {
+ proxy_pass https://%ip%:%web_ssl_port%;
+ }
+
+ location ~ /\.ht {return 404;}
+ location ~ /\.svn/ {return 404;}
+ location ~ /\.git/ {return 404;}
+ location ~ /\.hg/ {return 404;}
+ location ~ /\.bzr/ {return 404;}
+
+ include %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
+
diff --git a/install/ubuntu/17.10/templates/web/nginx/http2.tpl b/install/ubuntu/17.10/templates/web/nginx/http2.tpl
new file mode 100644
index 00000000..c1fec114
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/nginx/http2.tpl
@@ -0,0 +1,33 @@
+server {
+ listen %ip%:%proxy_port%;
+ server_name %domain_idn% %alias_idn%;
+ error_log /var/log/httpd/domains/%domain%.error.log error;
+
+ location / {
+ proxy_pass http://%ip%:%web_port%;
+ location ~* ^.+\.(%proxy_extentions%)$ {
+ root %docroot%;
+ access_log /var/log/httpd/domains/%domain%.log combined;
+ access_log /var/log/httpd/domains/%domain%.bytes bytes;
+ expires max;
+ try_files $uri @fallback;
+ }
+ }
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location @fallback {
+ proxy_pass http://%ip%:%web_port%;
+ }
+
+ location ~ /\.ht {return 404;}
+ location ~ /\.svn/ {return 404;}
+ location ~ /\.git/ {return 404;}
+ location ~ /\.hg/ {return 404;}
+ location ~ /\.bzr/ {return 404;}
+
+ include %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
+
diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/cms_made_simple.stpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/cms_made_simple.stpl
new file mode 100644
index 00000000..d85bcce3
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/cms_made_simple.stpl
@@ -0,0 +1,56 @@
+server {
+ listen %ip%:%web_ssl_port%;
+ server_name %domain_idn% %alias_idn%;
+ root %sdocroot%;
+ index index.php index.html index.htm;
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+
+ ssl on;
+ ssl_certificate %ssl_pem%;
+ ssl_certificate_key %ssl_key%;
+
+ location / {
+ try_files $uri $uri/ /index.php?page=$request_uri;
+
+ location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+ expires max;
+ }
+
+ location ~ [^/]\.php(/|$) {
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ if (!-f $document_root$fastcgi_script_name) {
+ return 404;
+ }
+ fastcgi_pass %backend_lsnr%;
+ fastcgi_index index.php;
+ include /etc/nginx/fastcgi_params;
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ }
+ }
+
+ error_page 403 /error/404.html;
+ error_page 404 /error/404.html;
+ error_page 500 502 503 504 /error/50x.html;
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location ~* "/\.(htaccess|htpasswd)$" {
+ deny all;
+ return 404;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/conf/web/%domain%.auth*;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/cms_made_simple.tpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/cms_made_simple.tpl
new file mode 100644
index 00000000..f9e90393
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/cms_made_simple.tpl
@@ -0,0 +1,52 @@
+server {
+ listen %ip%:%web_port%;
+ server_name %domain_idn% %alias_idn%;
+ root %docroot%;
+ index index.php index.html index.htm;
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+
+ location / {
+ try_files $uri $uri/ /index.php?page=$request_uri;
+
+ location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+ expires max;
+ }
+
+ location ~ [^/]\.php(/|$) {
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ if (!-f $document_root$fastcgi_script_name) {
+ return 404;
+ }
+ fastcgi_pass %backend_lsnr%;
+ fastcgi_index index.php;
+ include /etc/nginx/fastcgi_params;
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ }
+ }
+
+ error_page 403 /error/404.html;
+ error_page 404 /error/404.html;
+ error_page 500 502 503 504 /error/50x.html;
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location ~* "/\.(htaccess|htpasswd)$" {
+ deny all;
+ return 404;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/conf/web/%domain%.auth*;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/codeigniter2.stpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/codeigniter2.stpl
new file mode 100644
index 00000000..9c24c3ea
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/codeigniter2.stpl
@@ -0,0 +1,61 @@
+server {
+ listen %ip%:%web_ssl_port%;
+ server_name %domain_idn% %alias_idn%;
+ root %sdocroot%;
+ index index.php index.html index.htm;
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+
+ ssl on;
+ ssl_certificate %ssl_pem%;
+ ssl_certificate_key %ssl_key%;
+
+ location / {
+ try_files $uri $uri/ /index.php;
+
+ location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+ expires max;
+ }
+
+ location = /index.php {
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ if (!-f $document_root$fastcgi_script_name) {
+ return 404;
+ }
+
+ fastcgi_pass %backend_lsnr%;
+ fastcgi_index index.php;
+ fastcgi_param SCRIPT_FILENAME /var/www/html/ci$fastcgi_script_name;
+ include /etc/nginx/fastcgi_params;
+ }
+ }
+
+ location ~ \.php$ {
+ return 444;
+ }
+
+ error_page 403 /error/404.html;
+ error_page 404 /error/404.html;
+ error_page 500 502 503 504 /error/50x.html;
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location ~* "/\.(htaccess|htpasswd)$" {
+ deny all;
+ return 404;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/conf/web/%domain%.auth*;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/codeigniter2.tpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/codeigniter2.tpl
new file mode 100644
index 00000000..d2422be2
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/codeigniter2.tpl
@@ -0,0 +1,57 @@
+server {
+ listen %ip%:%web_port%;
+ server_name %domain_idn% %alias_idn%;
+ root %docroot%;
+ index index.php index.html index.htm;
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+
+ location / {
+ try_files $uri $uri/ /index.php;
+
+ location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+ expires max;
+ }
+
+ location = /index.php {
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ if (!-f $document_root$fastcgi_script_name) {
+ return 404;
+ }
+
+ fastcgi_pass %backend_lsnr%;
+ fastcgi_index index.php;
+ fastcgi_param SCRIPT_FILENAME /var/www/html/ci$fastcgi_script_name;
+ include /etc/nginx/fastcgi_params;
+ }
+ }
+
+ location ~ \.php$ {
+ return 444;
+ }
+
+ error_page 403 /error/404.html;
+ error_page 404 /error/404.html;
+ error_page 500 502 503 504 /error/50x.html;
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location ~* "/\.(htaccess|htpasswd)$" {
+ deny all;
+ return 404;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/conf/web/%domain%.auth*;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/codeigniter3.stpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/codeigniter3.stpl
new file mode 100644
index 00000000..d7186314
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/codeigniter3.stpl
@@ -0,0 +1,56 @@
+server {
+ listen %ip%:%web_ssl_port%;
+ server_name %domain_idn% %alias_idn%;
+ root %sdocroot%;
+ index index.php index.html index.htm;
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+
+ ssl on;
+ ssl_certificate %ssl_pem%;
+ ssl_certificate_key %ssl_key%;
+
+ location / {
+ try_files $uri $uri/ /index.php;
+
+ location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+ expires max;
+ }
+
+ location ~ [^/]\.php(/|$) {
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ if (!-f $document_root$fastcgi_script_name) {
+ return 404;
+ }
+
+ fastcgi_pass %backend_lsnr%;
+ fastcgi_index index.php;
+ include /etc/nginx/fastcgi_params;
+ }
+ }
+
+ error_page 403 /error/404.html;
+ error_page 404 /error/404.html;
+ error_page 500 502 503 504 /error/50x.html;
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location ~* "/\.(htaccess|htpasswd)$" {
+ deny all;
+ return 404;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/conf/web/%domain%.auth*;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/codeigniter3.tpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/codeigniter3.tpl
new file mode 100644
index 00000000..54f81b99
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/codeigniter3.tpl
@@ -0,0 +1,52 @@
+server {
+ listen %ip%:%web_port%;
+ server_name %domain_idn% %alias_idn%;
+ root %docroot%;
+ index index.php index.html index.htm;
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+
+ location / {
+ try_files $uri $uri/ /index.php;
+
+ location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+ expires max;
+ }
+
+ location ~ [^/]\.php(/|$) {
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ if (!-f $document_root$fastcgi_script_name) {
+ return 404;
+ }
+
+ fastcgi_pass %backend_lsnr%;
+ fastcgi_index index.php;
+ include /etc/nginx/fastcgi_params;
+ }
+ }
+
+ error_page 403 /error/404.html;
+ error_page 404 /error/404.html;
+ error_page 500 502 503 504 /error/50x.html;
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location ~* "/\.(htaccess|htpasswd)$" {
+ deny all;
+ return 404;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/conf/web/%domain%.auth*;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/datalife_engine.stpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/datalife_engine.stpl
new file mode 100644
index 00000000..4f0b9ec7
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/datalife_engine.stpl
@@ -0,0 +1,127 @@
+server {
+ listen %ip%:%web_ssl_port%;
+ server_name %domain_idn% %alias_idn%;
+ root %sdocroot%;
+ index index.php index.html index.htm;
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+
+ ssl on;
+ ssl_certificate %ssl_pem%;
+ ssl_certificate_key %ssl_key%;
+
+ location / {
+ rewrite "^/page/([0-9]+)(/?)$" /index.php?cstart=$1 last;
+
+ rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&cstart=$5&news_name=$6&seourl=$6 last;
+ rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last;
+ rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/print:page,([0-9]+),(.*).html(/?)+$" /engine/print.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last;
+ rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_name=$4&seourl=$4 last;
+
+ rewrite "^/([^.]+)/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$4&news_page=$2&cstart=$3&seourl=$5&seocat=$1 last;
+ rewrite "^/([^.]+)/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$2&seourl=$4&seocat=$1 last;
+ rewrite "^/([^.]+)/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$2&newsid=$3&seourl=$4&seocat=$1 last;
+ rewrite "^/([^.]+)/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&seourl=$3&seocat=$1 last;
+
+ rewrite "^/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$1&cstart=$2&seourl=$4 last;
+ rewrite "^/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&news_page=$1&seourl=$3 last;
+ rewrite "^/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$1&newsid=$2&seourl=$3 last;
+ rewrite "^/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$1&seourl=$2 last;
+
+ rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2&day=$3 last;
+ rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&day=$3&cstart=$4 last;
+
+ rewrite "^/([0-9]{4})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2 last;
+ rewrite "^/([0-9]{4})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&cstart=$3 last;
+
+ rewrite "^/([0-9]{4})(/?)+$" /index.php?year=$1 last;
+ rewrite "^/([0-9]{4})/page/([0-9]+)(/?)+$" /index.php?year=$1&cstart=$2 last;
+
+ rewrite "^/tags/([^/]*)(/?)+$" /index.php?do=tags&tag=$1 last;
+ rewrite "^/tags/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=tags&tag=$1&cstart=$2 last;
+
+ rewrite "^/xfsearch/([^/]*)(/?)+$" /index.php?do=xfsearch&xf=$1 last;
+ rewrite "^/xfsearch/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=xfsearch&xf=$1&cstart=$2 last;
+
+ rewrite "^/user/([^/]*)/rss.xml$" /engine/rss.php?subaction=allnews&user=$1 last;
+ rewrite "^/user/([^/]*)(/?)+$" /index.php?subaction=userinfo&user=$1 last;
+ rewrite "^/user/([^/]*)/page/([0-9]+)(/?)+$" /index.php?subaction=userinfo&user=$1&cstart=$2 last;
+ rewrite "^/user/([^/]*)/news(/?)+$" /index.php?subaction=allnews&user=$1 last;
+ rewrite "^/user/([^/]*)/news/page/([0-9]+)(/?)+$" /index.php?subaction=allnews&user=$1&cstart=$2 last;
+ rewrite "^/user/([^/]*)/news/rss.xml(/?)+$" /engine/rss.php?subaction=allnews&user=$1 last;
+
+ rewrite "^/lastnews(/?)+$" /index.php?do=lastnews last;
+ rewrite "^/lastnews/page/([0-9]+)(/?)+$" /index.php?do=lastnews&cstart=$1 last;
+
+ rewrite "^/catalog/([^/]*)/rss.xml$" /engine/rss.php?catalog=$1 last;
+ rewrite "^/catalog/([^/]*)(/?)+$" /index.php?catalog=$1 last;
+ rewrite "^/catalog/([^/]*)/page/([0-9]+)(/?)+$" /index.php?catalog=$1&cstart=$2 last;
+
+ rewrite "^/newposts(/?)+$" /index.php?subaction=newposts last;
+ rewrite "^/newposts/page/([0-9]+)(/?)+$" /index.php?subaction=newposts&cstart=$1 last;
+
+ rewrite "^/favorites(/?)+$" /index.php?do=favorites last;
+ rewrite "^/favorites/page/([0-9]+)(/?)+$" /index.php?do=favorites&cstart=$1 last;
+
+ rewrite "^/rules.html$" /index.php?do=rules last;
+ rewrite "^/statistics.html$" /index.php?do=stats last;
+ rewrite "^/addnews.html$" /index.php?do=addnews last;
+ rewrite "^/rss.xml$" /engine/rss.php last;
+ rewrite "^/sitemap.xml$" /uploads/sitemap.xml last;
+
+ if (!-d $request_filename) {
+ rewrite "^/([^.]+)/page/([0-9]+)(/?)+$" /index.php?do=cat&category=$1&cstart=$2 last;
+ rewrite "^/([^.]+)/?$" /index.php?do=cat&category=$1 last;
+ }
+
+ if (!-f $request_filename) {
+ rewrite "^/([^.]+)/rss.xml$" /engine/rss.php?do=cat&category=$1 last;
+ rewrite "^/page,([0-9]+),([^/]+).html$" /index.php?do=static&page=$2&news_page=$1 last;
+ rewrite "^/print:([^/]+).html$" /engine/print.php?do=static&page=$1 last;
+ }
+
+ if (!-f $request_filename) {
+ rewrite "^/([^/]+).html$" /index.php?do=static&page=$1 last;
+ }
+
+ location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+ expires max;
+ }
+
+ location ~ [^/]\.php(/|$) {
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ if (!-f $document_root$fastcgi_script_name) {
+ return 404;
+ }
+
+ fastcgi_pass %backend_lsnr%;
+ fastcgi_index index.php;
+ include /etc/nginx/fastcgi_params;
+ }
+ }
+
+ error_page 403 /error/404.html;
+ error_page 404 /error/404.html;
+ error_page 500 502 503 504 /error/50x.html;
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location ~* "/\.(htaccess|htpasswd)$" {
+ deny all;
+ return 404;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/conf/web/%domain%.auth*;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/datalife_engine.tpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/datalife_engine.tpl
new file mode 100644
index 00000000..3ea45347
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/datalife_engine.tpl
@@ -0,0 +1,123 @@
+server {
+ listen %ip%:%web_port%;
+ server_name %domain_idn% %alias_idn%;
+ root %docroot%;
+ index index.php index.html index.htm;
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+
+ location / {
+ rewrite "^/page/([0-9]+)(/?)$" /index.php?cstart=$1 last;
+
+ rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&cstart=$5&news_name=$6&seourl=$6 last;
+ rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last;
+ rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/print:page,([0-9]+),(.*).html(/?)+$" /engine/print.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last;
+ rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_name=$4&seourl=$4 last;
+
+ rewrite "^/([^.]+)/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$4&news_page=$2&cstart=$3&seourl=$5&seocat=$1 last;
+ rewrite "^/([^.]+)/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$2&seourl=$4&seocat=$1 last;
+ rewrite "^/([^.]+)/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$2&newsid=$3&seourl=$4&seocat=$1 last;
+ rewrite "^/([^.]+)/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&seourl=$3&seocat=$1 last;
+
+ rewrite "^/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$1&cstart=$2&seourl=$4 last;
+ rewrite "^/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&news_page=$1&seourl=$3 last;
+ rewrite "^/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$1&newsid=$2&seourl=$3 last;
+ rewrite "^/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$1&seourl=$2 last;
+
+ rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2&day=$3 last;
+ rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&day=$3&cstart=$4 last;
+
+ rewrite "^/([0-9]{4})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2 last;
+ rewrite "^/([0-9]{4})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&cstart=$3 last;
+
+ rewrite "^/([0-9]{4})(/?)+$" /index.php?year=$1 last;
+ rewrite "^/([0-9]{4})/page/([0-9]+)(/?)+$" /index.php?year=$1&cstart=$2 last;
+
+ rewrite "^/tags/([^/]*)(/?)+$" /index.php?do=tags&tag=$1 last;
+ rewrite "^/tags/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=tags&tag=$1&cstart=$2 last;
+
+ rewrite "^/xfsearch/([^/]*)(/?)+$" /index.php?do=xfsearch&xf=$1 last;
+ rewrite "^/xfsearch/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=xfsearch&xf=$1&cstart=$2 last;
+
+ rewrite "^/user/([^/]*)/rss.xml$" /engine/rss.php?subaction=allnews&user=$1 last;
+ rewrite "^/user/([^/]*)(/?)+$" /index.php?subaction=userinfo&user=$1 last;
+ rewrite "^/user/([^/]*)/page/([0-9]+)(/?)+$" /index.php?subaction=userinfo&user=$1&cstart=$2 last;
+ rewrite "^/user/([^/]*)/news(/?)+$" /index.php?subaction=allnews&user=$1 last;
+ rewrite "^/user/([^/]*)/news/page/([0-9]+)(/?)+$" /index.php?subaction=allnews&user=$1&cstart=$2 last;
+ rewrite "^/user/([^/]*)/news/rss.xml(/?)+$" /engine/rss.php?subaction=allnews&user=$1 last;
+
+ rewrite "^/lastnews(/?)+$" /index.php?do=lastnews last;
+ rewrite "^/lastnews/page/([0-9]+)(/?)+$" /index.php?do=lastnews&cstart=$1 last;
+
+ rewrite "^/catalog/([^/]*)/rss.xml$" /engine/rss.php?catalog=$1 last;
+ rewrite "^/catalog/([^/]*)(/?)+$" /index.php?catalog=$1 last;
+ rewrite "^/catalog/([^/]*)/page/([0-9]+)(/?)+$" /index.php?catalog=$1&cstart=$2 last;
+
+ rewrite "^/newposts(/?)+$" /index.php?subaction=newposts last;
+ rewrite "^/newposts/page/([0-9]+)(/?)+$" /index.php?subaction=newposts&cstart=$1 last;
+
+ rewrite "^/favorites(/?)+$" /index.php?do=favorites last;
+ rewrite "^/favorites/page/([0-9]+)(/?)+$" /index.php?do=favorites&cstart=$1 last;
+
+ rewrite "^/rules.html$" /index.php?do=rules last;
+ rewrite "^/statistics.html$" /index.php?do=stats last;
+ rewrite "^/addnews.html$" /index.php?do=addnews last;
+ rewrite "^/rss.xml$" /engine/rss.php last;
+ rewrite "^/sitemap.xml$" /uploads/sitemap.xml last;
+
+ if (!-d $request_filename) {
+ rewrite "^/([^.]+)/page/([0-9]+)(/?)+$" /index.php?do=cat&category=$1&cstart=$2 last;
+ rewrite "^/([^.]+)/?$" /index.php?do=cat&category=$1 last;
+ }
+
+ if (!-f $request_filename) {
+ rewrite "^/([^.]+)/rss.xml$" /engine/rss.php?do=cat&category=$1 last;
+ rewrite "^/page,([0-9]+),([^/]+).html$" /index.php?do=static&page=$2&news_page=$1 last;
+ rewrite "^/print:([^/]+).html$" /engine/print.php?do=static&page=$1 last;
+ }
+
+ if (!-f $request_filename) {
+ rewrite "^/([^/]+).html$" /index.php?do=static&page=$1 last;
+ }
+
+ location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+ expires max;
+ }
+
+ location ~ [^/]\.php(/|$) {
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ if (!-f $document_root$fastcgi_script_name) {
+ return 404;
+ }
+
+ fastcgi_pass %backend_lsnr%;
+ fastcgi_index index.php;
+ include /etc/nginx/fastcgi_params;
+ }
+ }
+
+ error_page 403 /error/404.html;
+ error_page 404 /error/404.html;
+ error_page 500 502 503 504 /error/50x.html;
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location ~* "/\.(htaccess|htpasswd)$" {
+ deny all;
+ return 404;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/conf/web/%domain%.auth*;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/default.stpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/default.stpl
new file mode 100644
index 00000000..5cb55311
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/default.stpl
@@ -0,0 +1,55 @@
+server {
+ listen %ip%:%web_ssl_port%;
+ server_name %domain_idn% %alias_idn%;
+ root %sdocroot%;
+ index index.php index.html index.htm;
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+
+ ssl on;
+ ssl_certificate %ssl_pem%;
+ ssl_certificate_key %ssl_key%;
+
+ location / {
+
+ location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+ expires max;
+ }
+
+ location ~ [^/]\.php(/|$) {
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ if (!-f $document_root$fastcgi_script_name) {
+ return 404;
+ }
+
+ fastcgi_pass %backend_lsnr%;
+ fastcgi_index index.php;
+ include /etc/nginx/fastcgi_params;
+ }
+ }
+
+ error_page 403 /error/404.html;
+ error_page 404 /error/404.html;
+ error_page 500 502 503 504 /error/50x.html;
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location ~* "/\.(htaccess|htpasswd)$" {
+ deny all;
+ return 404;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/conf/web/%domain%.auth*;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/default.tpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/default.tpl
new file mode 100644
index 00000000..a8909efb
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/default.tpl
@@ -0,0 +1,51 @@
+server {
+ listen %ip%:%web_port%;
+ server_name %domain_idn% %alias_idn%;
+ root %docroot%;
+ index index.php index.html index.htm;
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+
+ location / {
+
+ location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+ expires max;
+ }
+
+ location ~ [^/]\.php(/|$) {
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ if (!-f $document_root$fastcgi_script_name) {
+ return 404;
+ }
+
+ fastcgi_pass %backend_lsnr%;
+ fastcgi_index index.php;
+ include /etc/nginx/fastcgi_params;
+ }
+ }
+
+ error_page 403 /error/404.html;
+ error_page 404 /error/404.html;
+ error_page 500 502 503 504 /error/50x.html;
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location ~* "/\.(htaccess|htpasswd)$" {
+ deny all;
+ return 404;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/conf/web/%domain%.auth*;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/dokuwiki.stpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/dokuwiki.stpl
new file mode 100644
index 00000000..f85032ba
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/dokuwiki.stpl
@@ -0,0 +1,72 @@
+server {
+ listen %ip%:%web_ssl_port%;
+ server_name %domain_idn% %alias_idn%;
+ root %sdocroot%;
+ index index.php index.html index.htm;
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+
+ ssl on;
+ ssl_certificate %ssl_pem%;
+ ssl_certificate_key %ssl_key%;
+
+ location / {
+ index doku.php;
+ try_files $uri $uri/ @dokuwiki;
+
+ location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+ expires max;
+ }
+
+ location ~ [^/]\.php(/|$) {
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ if (!-f $document_root$fastcgi_script_name) {
+ return 404;
+ }
+
+ fastcgi_pass %backend_lsnr%;
+ fastcgi_index index.php;
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ include /etc/nginx/fastcgi_params;
+ }
+ }
+
+ location ~ ^/lib.*\.(gif|png|ico|jpg)$ {
+ expires 30d;
+ }
+
+ location ^~ /conf/ { return 403; }
+ location ^~ /data/ { return 403; }
+
+ location @dokuwiki {
+ rewrite ^/_media/(.*) /lib/exe/fetch.php?media=$1 last;
+ rewrite ^/_detail/(.*) /lib/exe/detail.php?media=$1 last;
+ rewrite ^/_export/([^/]+)/(.*) /doku.php?do=export_$1&id=$2 last;
+ rewrite ^/(.*) /doku.php?id=$1 last;
+ }
+
+ error_page 403 /error/404.html;
+ error_page 404 /error/404.html;
+ error_page 500 502 503 504 /error/50x.html;
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location ~* "/\.(htaccess|htpasswd)$" {
+ deny all;
+ return 404;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/conf/web/%domain%.auth*;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/dokuwiki.tpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/dokuwiki.tpl
new file mode 100644
index 00000000..0a9a75ed
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/dokuwiki.tpl
@@ -0,0 +1,67 @@
+server {
+ listen %ip%:%web_port%;
+ server_name %domain_idn% %alias_idn%;
+ root %docroot%;
+ index index.php index.html index.htm;
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+
+ location / {
+ index doku.php;
+ try_files $uri $uri/ @dokuwiki;
+
+ location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+ expires max;
+ }
+
+ location ~ [^/]\.php(/|$) {
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ if (!-f $document_root$fastcgi_script_name) {
+ return 404;
+ }
+
+ fastcgi_pass %backend_lsnr%;
+ fastcgi_index index.php;
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ include /etc/nginx/fastcgi_params;
+ }
+ }
+
+ location ~ ^/lib.*\.(gif|png|ico|jpg)$ {
+ expires 30d;
+ }
+
+ location ^~ /conf/ { return 403; }
+ location ^~ /data/ { return 403; }
+ location @dokuwiki {
+ rewrite ^/_media/(.*) /lib/exe/fetch.php?media=$1 last;
+ rewrite ^/_detail/(.*) /lib/exe/detail.php?media=$1 last;
+ rewrite ^/_export/([^/]+)/(.*) /doku.php?do=export_$1&id=$2 last;
+ rewrite ^/(.*) /doku.php?id=$1 last;
+ }
+
+ error_page 403 /error/404.html;
+ error_page 404 /error/404.html;
+ error_page 500 502 503 504 /error/50x.html;
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location ~* "/\.(htaccess|htpasswd)$" {
+ deny all;
+ return 404;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/conf/web/%domain%.auth*;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal6.stpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal6.stpl
new file mode 100644
index 00000000..91a70936
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal6.stpl
@@ -0,0 +1,101 @@
+server {
+ listen %ip%:%web_ssl_port%;
+ server_name %domain_idn% %alias_idn%;
+ root %sdocroot%;
+ index index.php index.html index.htm;
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+
+ ssl on;
+ ssl_certificate %ssl_pem%;
+ ssl_certificate_key %ssl_key%;
+
+ location = /favicon.ico {
+ log_not_found off;
+ access_log off;
+ }
+
+ location = /robots.txt {
+ allow all;
+ log_not_found off;
+ access_log off;
+ }
+
+ location ~* \.(txt|log)$ {
+ allow 192.168.0.0/16;
+ deny all;
+ }
+
+ location ~ \..*/.*\.php$ {
+ return 403;
+ }
+
+ # No no for private
+ location ~ ^/sites/.*/private/ {
+ return 403;
+ }
+
+ # Block access to "hidden" files and directories whose names begin with a
+ # period. This includes directories used by version control systems such
+ # as Subversion or Git to store control files.
+ location ~ (^|/)\. {
+ return 403;
+ }
+
+ location / {
+ try_files $uri @rewrite;
+
+ location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+ expires max;
+ }
+
+ location ~ [^/]\.php(/|$) {
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ if (!-f $document_root$fastcgi_script_name) {
+ return 404;
+ }
+
+ fastcgi_pass %backend_lsnr%;
+ fastcgi_index index.php;
+ fastcgi_param SCRIPT_FILENAME $request_filename;
+ fastcgi_intercept_errors on;
+ include /etc/nginx/fastcgi_params;
+ }
+ }
+
+ location @rewrite {
+ # For Drupal 6 and bwlow:
+ # Some modules enforce no slash (/) at the end of the URL
+ # Else this rewrite block wouldn't be needed (GlobalRedirect)
+ rewrite ^/(.*)$ /index.php?q=$1;
+ }
+
+ location ~ ^/sites/.*/files/styles/ {
+ try_files $uri @rewrite;
+ }
+
+ error_page 403 /error/404.html;
+ error_page 404 /error/404.html;
+ error_page 500 502 503 504 /error/50x.html;
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location ~* "/\.(htaccess|htpasswd)$" {
+ deny all;
+ return 404;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/conf/web/%domain%.auth*;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal6.tpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal6.tpl
new file mode 100644
index 00000000..ac32dcd9
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal6.tpl
@@ -0,0 +1,98 @@
+server {
+ listen %ip%:%web_port%;
+ server_name %domain_idn% %alias_idn%;
+ root %docroot%;
+ index index.php index.html index.htm;
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+
+ location = /favicon.ico {
+ log_not_found off;
+ access_log off;
+ }
+
+ location = /robots.txt {
+ allow all;
+ log_not_found off;
+ access_log off;
+ }
+
+ # Very rarely should these ever be accessed outside of your lan
+ location ~* \.(txt|log)$ {
+ allow 192.168.0.0/16;
+ deny all;
+ }
+
+ location ~ \..*/.*\.php$ {
+ return 403;
+ }
+
+ # No no for private
+ location ~ ^/sites/.*/private/ {
+ return 403;
+ }
+
+ # Block access to "hidden" files and directories whose names begin with a
+ # period. This includes directories used by version control systems such
+ # as Subversion or Git to store control files.
+ location ~ (^|/)\. {
+ return 403;
+ }
+
+ location / {
+ try_files $uri @rewrite;
+
+ location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+ expires max;
+ }
+
+ location ~ [^/]\.php(/|$) {
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ if (!-f $document_root$fastcgi_script_name) {
+ return 404;
+ }
+
+ fastcgi_pass %backend_lsnr%;
+ fastcgi_index index.php;
+ fastcgi_param SCRIPT_FILENAME $request_filename;
+ fastcgi_intercept_errors on;
+ include /etc/nginx/fastcgi_params;
+ }
+ }
+
+ location @rewrite {
+ # For Drupal 6 and bwlow:
+ # Some modules enforce no slash (/) at the end of the URL
+ # Else this rewrite block wouldn't be needed (GlobalRedirect)
+ rewrite ^/(.*)$ /index.php?q=$1;
+ }
+
+ location ~ ^/sites/.*/files/styles/ {
+ try_files $uri @rewrite;
+ }
+
+ error_page 403 /error/404.html;
+ error_page 404 /error/404.html;
+ error_page 500 502 503 504 /error/50x.html;
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location ~* "/\.(htaccess|htpasswd)$" {
+ deny all;
+ return 404;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/conf/web/%domain%.auth*;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal7.stpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal7.stpl
new file mode 100644
index 00000000..3b9dabf5
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal7.stpl
@@ -0,0 +1,101 @@
+server {
+ listen %ip%:%web_ssl_port%;
+ server_name %domain_idn% %alias_idn%;
+ root %sdocroot%;
+ index index.php index.html index.htm;
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+
+ ssl on;
+ ssl_certificate %ssl_pem%;
+ ssl_certificate_key %ssl_key%;
+
+ location = /favicon.ico {
+ log_not_found off;
+ access_log off;
+ }
+
+ location = /robots.txt {
+ allow all;
+ log_not_found off;
+ access_log off;
+ }
+
+ location ~* \.(txt|log)$ {
+ allow 192.168.0.0/16;
+ deny all;
+ }
+
+ location ~ \..*/.*\.php$ {
+ return 403;
+ }
+
+ # No no for private
+ location ~ ^/sites/.*/private/ {
+ return 403;
+ }
+
+ # Block access to "hidden" files and directories whose names begin with a
+ # period. This includes directories used by version control systems such
+ # as Subversion or Git to store control files.
+ location ~ (^|/)\. {
+ return 403;
+ }
+
+ location / {
+ try_files $uri @rewrite;
+
+ location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+ expires max;
+ }
+
+ location ~ [^/]\.php(/|$) {
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ if (!-f $document_root$fastcgi_script_name) {
+ return 404;
+ }
+
+ fastcgi_pass %backend_lsnr%;
+ fastcgi_index index.php;
+ fastcgi_param SCRIPT_FILENAME $request_filename;
+ fastcgi_intercept_errors on;
+ include /etc/nginx/fastcgi_params;
+ }
+ }
+
+ location @rewrite {
+ # You have 2 options here
+ # For D7 and above:
+ # Clean URLs are handled in drupal_environment_initialize().
+ rewrite ^ /index.php;
+ }
+
+ location ~ ^/sites/.*/files/styles/ {
+ try_files $uri @rewrite;
+ }
+
+ error_page 403 /error/404.html;
+ error_page 404 /error/404.html;
+ error_page 500 502 503 504 /error/50x.html;
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location ~* "/\.(htaccess|htpasswd)$" {
+ deny all;
+ return 404;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/conf/web/%domain%.auth*;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal7.tpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal7.tpl
new file mode 100644
index 00000000..1b979475
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal7.tpl
@@ -0,0 +1,98 @@
+server {
+ listen %ip%:%web_port%;
+ server_name %domain_idn% %alias_idn%;
+ root %docroot%;
+ index index.php index.html index.htm;
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+
+ location = /favicon.ico {
+ log_not_found off;
+ access_log off;
+ }
+
+ location = /robots.txt {
+ allow all;
+ log_not_found off;
+ access_log off;
+ }
+
+ # Very rarely should these ever be accessed outside of your lan
+ location ~* \.(txt|log)$ {
+ allow 192.168.0.0/16;
+ deny all;
+ }
+
+ location ~ \..*/.*\.php$ {
+ return 403;
+ }
+
+ # No no for private
+ location ~ ^/sites/.*/private/ {
+ return 403;
+ }
+
+ # Block access to "hidden" files and directories whose names begin with a
+ # period. This includes directories used by version control systems such
+ # as Subversion or Git to store control files.
+ location ~ (^|/)\. {
+ return 403;
+ }
+
+ location / {
+ try_files $uri @rewrite;
+
+ location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+ expires max;
+ }
+
+ location ~ [^/]\.php(/|$) {
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ if (!-f $document_root$fastcgi_script_name) {
+ return 404;
+ }
+
+ fastcgi_pass %backend_lsnr%;
+ fastcgi_index index.php;
+ fastcgi_param SCRIPT_FILENAME $request_filename;
+ fastcgi_intercept_errors on;
+ include /etc/nginx/fastcgi_params;
+ }
+ }
+
+ location @rewrite {
+ # You have 2 options here
+ # For D7 and above:
+ # Clean URLs are handled in drupal_environment_initialize().
+ rewrite ^ /index.php;
+ }
+
+ location ~ ^/sites/.*/files/styles/ {
+ try_files $uri @rewrite;
+ }
+
+ error_page 403 /error/404.html;
+ error_page 404 /error/404.html;
+ error_page 500 502 503 504 /error/50x.html;
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location ~* "/\.(htaccess|htpasswd)$" {
+ deny all;
+ return 404;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/conf/web/%domain%.auth*;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal8.stpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal8.stpl
new file mode 100644
index 00000000..50d85b68
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal8.stpl
@@ -0,0 +1,102 @@
+server {
+ listen %ip%:%web_ssl_port%;
+ server_name %domain_idn% %alias_idn%;
+ root %sdocroot%;
+ index index.php index.html index.htm;
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+
+ ssl on;
+ ssl_certificate %ssl_pem%;
+ ssl_certificate_key %ssl_key%;
+
+ location = /favicon.ico {
+ log_not_found off;
+ access_log off;
+ }
+
+ location = /robots.txt {
+ allow all;
+ log_not_found off;
+ access_log off;
+ }
+
+ location ~* \.(txt|log)$ {
+ allow 192.168.0.0/16;
+ deny all;
+ }
+
+ location ~ \..*/.*\.php$ {
+ return 403;
+ }
+
+ # No no for private
+ location ~ ^/sites/.*/private/ {
+ return 403;
+ }
+
+ # Block access to "hidden" files and directories whose names begin with a
+ # period. This includes directories used by version control systems such
+ # as Subversion or Git to store control files.
+ location ~ (^|/)\. {
+ return 403;
+ }
+
+ location / {
+ try_files $uri @rewrite;
+
+ location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+ expires max;
+ }
+
+ location ~ [^/]\.php(/|$)|^/update.php {
+ fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ if (!-f $document_root$fastcgi_script_name) {
+ return 404;
+ }
+
+ fastcgi_pass %backend_lsnr%;
+ fastcgi_index index.php;
+ fastcgi_param SCRIPT_FILENAME $request_filename;
+ fastcgi_intercept_errors on;
+ include /etc/nginx/fastcgi_params;
+ }
+ }
+
+ location @rewrite {
+ # You have 2 options here
+ # For D7 and above:
+ # Clean URLs are handled in drupal_environment_initialize().
+ rewrite ^ /index.php;
+ }
+
+ location ~ ^/sites/.*/files/styles/ {
+ try_files $uri @rewrite;
+ }
+
+ error_page 403 /error/404.html;
+ error_page 404 /error/404.html;
+ error_page 500 502 503 504 /error/50x.html;
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location ~* "/\.(htaccess|htpasswd)$" {
+ deny all;
+ return 404;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/conf/web/%domain%.auth*;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal8.tpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal8.tpl
new file mode 100644
index 00000000..71b538bf
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal8.tpl
@@ -0,0 +1,99 @@
+server {
+ listen %ip%:%web_port%;
+ server_name %domain_idn% %alias_idn%;
+ root %docroot%;
+ index index.php index.html index.htm;
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+
+ location = /favicon.ico {
+ log_not_found off;
+ access_log off;
+ }
+
+ location = /robots.txt {
+ allow all;
+ log_not_found off;
+ access_log off;
+ }
+
+ # Very rarely should these ever be accessed outside of your lan
+ location ~* \.(txt|log)$ {
+ allow 192.168.0.0/16;
+ deny all;
+ }
+
+ location ~ \..*/.*\.php$ {
+ return 403;
+ }
+
+ # No no for private
+ location ~ ^/sites/.*/private/ {
+ return 403;
+ }
+
+ # Block access to "hidden" files and directories whose names begin with a
+ # period. This includes directories used by version control systems such
+ # as Subversion or Git to store control files.
+ location ~ (^|/)\. {
+ return 403;
+ }
+
+ location / {
+ try_files $uri @rewrite;
+
+ location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+ expires max;
+ }
+
+ location ~ [^/]\.php(/|$)|^/update.php {
+ fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ if (!-f $document_root$fastcgi_script_name) {
+ return 404;
+ }
+
+ fastcgi_pass %backend_lsnr%;
+ fastcgi_index index.php;
+ fastcgi_param SCRIPT_FILENAME $request_filename;
+ fastcgi_intercept_errors on;
+ include /etc/nginx/fastcgi_params;
+ }
+ }
+
+ location @rewrite {
+ # You have 2 options here
+ # For D7 and above:
+ # Clean URLs are handled in drupal_environment_initialize().
+ rewrite ^ /index.php;
+ }
+
+ location ~ ^/sites/.*/files/styles/ {
+ try_files $uri @rewrite;
+ }
+
+ error_page 403 /error/404.html;
+ error_page 404 /error/404.html;
+ error_page 500 502 503 504 /error/50x.html;
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location ~* "/\.(htaccess|htpasswd)$" {
+ deny all;
+ return 404;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/conf/web/%domain%.auth*;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/joomla.stpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/joomla.stpl
new file mode 100644
index 00000000..704405f3
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/joomla.stpl
@@ -0,0 +1,63 @@
+server {
+ listen %ip%:%web_ssl_port%;
+ server_name %domain_idn% %alias_idn%;
+ root %sdocroot%;
+ index index.php index.html index.htm;
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+
+ ssl on;
+ ssl_certificate %ssl_pem%;
+ ssl_certificate_key %ssl_key%;
+
+ location / {
+ try_files $uri $uri/ /index.php?$args;
+
+ location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+ expires max;
+ }
+
+ # deny running scripts inside writable directories
+ location ~* /(images|cache|media|logs|tmp)/.*\.(php|pl|py|jsp|asp|sh|cgi)$ {
+ return 403;
+ error_page 403 /403_error.html;
+ }
+
+ location ~ [^/]\.php(/|$) {
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ if (!-f $document_root$fastcgi_script_name) {
+ return 404;
+ }
+
+ fastcgi_pass %backend_lsnr%;
+ fastcgi_index index.php;
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ include /etc/nginx/fastcgi_params;
+ }
+ }
+
+ error_page 403 /error/404.html;
+ error_page 404 /error/404.html;
+ error_page 500 502 503 504 /error/50x.html;
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location ~* "/\.(htaccess|htpasswd)$" {
+ deny all;
+ return 404;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/conf/web/%domain%.auth*;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/joomla.tpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/joomla.tpl
new file mode 100644
index 00000000..91b7a8f1
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/joomla.tpl
@@ -0,0 +1,59 @@
+server {
+ listen %ip%:%web_port%;
+ server_name %domain_idn% %alias_idn%;
+ root %docroot%;
+ index index.php index.html index.htm;
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+
+ location / {
+ try_files $uri $uri/ /index.php?$args;
+
+ location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+ expires max;
+ }
+
+ # deny running scripts inside writable directories
+ location ~* /(images|cache|media|logs|tmp)/.*\.(php|pl|py|jsp|asp|sh|cgi)$ {
+ return 403;
+ error_page 403 /403_error.html;
+ }
+
+ location ~ [^/]\.php(/|$) {
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ if (!-f $document_root$fastcgi_script_name) {
+ return 404;
+ }
+
+ fastcgi_pass %backend_lsnr%;
+ fastcgi_index index.php;
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ include /etc/nginx/fastcgi_params;
+ }
+ }
+
+ error_page 403 /error/404.html;
+ error_page 404 /error/404.html;
+ error_page 500 502 503 504 /error/50x.html;
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location ~* "/\.(htaccess|htpasswd)$" {
+ deny all;
+ return 404;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/conf/web/%domain%.auth*;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/laravel.stpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/laravel.stpl
new file mode 100644
index 00000000..477f6f01
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/laravel.stpl
@@ -0,0 +1,56 @@
+server {
+ listen %ip%:%web_ssl_port%;
+ server_name %domain_idn% %alias_idn%;
+ root %sdocroot%/public;
+ index index.php index.html index.htm;
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+
+
+ ssl on;
+ ssl_certificate %ssl_pem%;
+ ssl_certificate_key %ssl_key%;
+
+ location / {
+ try_files $uri $uri/ /index.php?$query_string;
+ location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+ expires max;
+ }
+
+ location ~ [^/]\.php(/|$) {
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ if (!-f $document_root$fastcgi_script_name) {
+ return 404;
+ }
+
+ fastcgi_pass %backend_lsnr%;
+ fastcgi_index index.php;
+ include /etc/nginx/fastcgi_params;
+ }
+ }
+
+ error_page 403 /error/404.html;
+ error_page 404 /error/404.html;
+ error_page 500 502 503 504 /error/50x.html;
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location ~* "/\.(htaccess|htpasswd)$" {
+ deny all;
+ return 404;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/conf/web/%domain%.auth*;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/laravel.tpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/laravel.tpl
new file mode 100644
index 00000000..d14b0173
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/laravel.tpl
@@ -0,0 +1,50 @@
+server {
+ listen %ip%:%web_port%;
+ server_name %domain_idn% %alias_idn%;
+ root %docroot%/public;
+ index index.php index.html index.htm;
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+ location / {
+ try_files $uri $uri/ /index.php?$query_string;
+ location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+ expires max;
+ }
+
+ location ~ [^/]\.php(/|$) {
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ if (!-f $document_root$fastcgi_script_name) {
+ return 404;
+ }
+
+ fastcgi_pass %backend_lsnr%;
+ fastcgi_index index.php;
+ include /etc/nginx/fastcgi_params;
+ }
+ }
+
+ error_page 403 /error/404.html;
+ error_page 404 /error/404.html;
+ error_page 500 502 503 504 /error/50x.html;
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location ~* "/\.(htaccess|htpasswd)$" {
+ deny all;
+ return 404;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/conf/web/%domain%.auth*;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/magento.stpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/magento.stpl
new file mode 100644
index 00000000..fdab43aa
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/magento.stpl
@@ -0,0 +1,198 @@
+server {
+ listen %ip%:%web_ssl_port%;
+ server_name %domain_idn% %alias_idn%;
+
+ root %sdocroot%/pub;
+ index index.php;
+ autoindex off;
+ charset UTF-8;
+ error_page 404 403 = /errors/404.php;
+ add_header "X-UA-Compatible" "IE=Edge";
+
+ ssl on;
+ ssl_certificate %ssl_pem%;
+ ssl_certificate_key %ssl_key%;
+
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+
+ # PHP entry point for setup application
+ location ~* ^/setup($|/) {
+ root %sdocroot%;
+
+ location ~ ^/setup/index.php {
+ fastcgi_pass %backend_lsnr%;
+ fastcgi_index index.php;
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ include /etc/nginx/fastcgi_params;
+ }
+
+ location ~ ^/setup/(?!pub/). {
+ deny all;
+ }
+
+ location ~ ^/setup/pub/ {
+ add_header X-Frame-Options "SAMEORIGIN";
+ }
+ }
+
+ # PHP entry point for update application
+ location ~* ^/update($|/) {
+ root %sdocroot%;
+
+ location ~ ^/update/index.php {
+ fastcgi_split_path_info ^(/update/index.php)(/.+)$;
+ fastcgi_pass %backend_lsnr%;
+ fastcgi_index index.php;
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ fastcgi_param PATH_INFO $fastcgi_path_info;
+ include /etc/nginx/fastcgi_params;
+ }
+
+ # Deny everything but index.php
+ location ~ ^/update/(?!pub/). {
+ deny all;
+ }
+
+ location ~ ^/update/pub/ {
+ add_header X-Frame-Options "SAMEORIGIN";
+ }
+ }
+
+ location / {
+ try_files $uri $uri/ /index.php?$args;
+ }
+
+ location /pub/ {
+ location ~ ^/pub/media/(downloadable|customer|import|theme_customization/.*\.xml) {
+ deny all;
+ }
+
+ alias %sdocroot%/pub/;
+ add_header X-Frame-Options "SAMEORIGIN";
+ }
+
+ location /static/ {
+ # Uncomment the following line in production mode
+ # expires max;
+
+ # Remove signature of the static files that is used to overcome the browser cache
+ location ~ ^/static/version {
+ rewrite ^/static/(version\d*/)?(.*)$ /static/$2 last;
+ }
+
+ location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ {
+ add_header Cache-Control "public";
+ add_header X-Frame-Options "SAMEORIGIN";
+ expires +1y;
+
+ if (!-f $request_filename) {
+ rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last;
+ }
+ }
+
+ location ~* \.(zip|gz|gzip|bz2|csv|xml)$ {
+ add_header Cache-Control "no-store";
+ add_header X-Frame-Options "SAMEORIGIN";
+ expires off;
+
+ if (!-f $request_filename) {
+ rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last;
+ }
+ }
+
+ if (!-f $request_filename) {
+ rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last;
+ }
+
+ add_header X-Frame-Options "SAMEORIGIN";
+ }
+
+ location /media/ {
+ try_files $uri $uri/ /get.php?$args;
+
+ location ~ ^/media/theme_customization/.*\.xml {
+ deny all;
+ }
+
+ location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ {
+ add_header Cache-Control "public";
+ add_header X-Frame-Options "SAMEORIGIN";
+ expires +1y;
+ try_files $uri $uri/ /get.php?$args;
+ }
+
+ location ~* \.(zip|gz|gzip|bz2|csv|xml)$ {
+ add_header Cache-Control "no-store";
+ add_header X-Frame-Options "SAMEORIGIN";
+ expires off;
+ try_files $uri $uri/ /get.php?$args;
+ }
+
+ add_header X-Frame-Options "SAMEORIGIN";
+ }
+
+ location /media/customer/ {
+ deny all;
+ }
+
+ location /media/downloadable/ {
+ deny all;
+ }
+
+ location /media/import/ {
+ deny all;
+ }
+
+ # PHP entry point for main application
+ location ~ (index|get|static|report|404|503)\.php$ {
+ try_files $uri =404;
+
+ fastcgi_pass %backend_lsnr%;
+ fastcgi_buffers 1024 4k;
+ fastcgi_read_timeout 600s;
+ fastcgi_connect_timeout 600s;
+
+ fastcgi_index index.php;
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ include /etc/nginx/fastcgi_params;
+ }
+
+ gzip on;
+ gzip_disable "msie6";
+
+ gzip_comp_level 6;
+ gzip_min_length 1100;
+ gzip_buffers 16 8k;
+ gzip_proxied any;
+ gzip_types
+ text/plain
+ text/css
+ text/js
+ text/xml
+ text/javascript
+ application/javascript
+ application/x-javascript
+ application/json
+ application/xml
+ application/xml+rss
+ image/svg+xml;
+ gzip_vary on;
+
+ # Banned locations (only reached if the earlier PHP entry point regexes don't match)
+ location ~* (\.php$|\.htaccess$|\.git) {
+ deny all;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/conf/web/%domain%.auth*;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/magento.tpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/magento.tpl
new file mode 100644
index 00000000..3f292fff
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/magento.tpl
@@ -0,0 +1,194 @@
+server {
+ listen %ip%:%web_port%;
+ server_name %domain_idn% %alias_idn%;
+
+ root %docroot%/pub;
+ index index.php;
+ autoindex off;
+ charset UTF-8;
+ error_page 404 403 = /errors/404.php;
+ add_header "X-UA-Compatible" "IE=Edge";
+
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+
+ # PHP entry point for setup application
+ location ~* ^/setup($|/) {
+ root %docroot%;
+
+ location ~ ^/setup/index.php {
+ fastcgi_pass %backend_lsnr%;
+ fastcgi_index index.php;
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ include /etc/nginx/fastcgi_params;
+ }
+
+ location ~ ^/setup/(?!pub/). {
+ deny all;
+ }
+
+ location ~ ^/setup/pub/ {
+ add_header X-Frame-Options "SAMEORIGIN";
+ }
+ }
+
+ # PHP entry point for update application
+ location ~* ^/update($|/) {
+ root %docroot%;
+
+ location ~ ^/update/index.php {
+ fastcgi_split_path_info ^(/update/index.php)(/.+)$;
+ fastcgi_pass %backend_lsnr%;
+ fastcgi_index index.php;
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ fastcgi_param PATH_INFO $fastcgi_path_info;
+ include /etc/nginx/fastcgi_params;
+ }
+
+ # Deny everything but index.php
+ location ~ ^/update/(?!pub/). {
+ deny all;
+ }
+
+ location ~ ^/update/pub/ {
+ add_header X-Frame-Options "SAMEORIGIN";
+ }
+ }
+
+ location / {
+ try_files $uri $uri/ /index.php?$args;
+ }
+
+ location /pub/ {
+ location ~ ^/pub/media/(downloadable|customer|import|theme_customization/.*\.xml) {
+ deny all;
+ }
+
+ alias %docroot%/pub/;
+ add_header X-Frame-Options "SAMEORIGIN";
+ }
+
+ location /static/ {
+ # Uncomment the following line in production mode
+ # expires max;
+
+ # Remove signature of the static files that is used to overcome the browser cache
+ location ~ ^/static/version {
+ rewrite ^/static/(version\d*/)?(.*)$ /static/$2 last;
+ }
+
+ location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ {
+ add_header Cache-Control "public";
+ add_header X-Frame-Options "SAMEORIGIN";
+ expires +1y;
+
+ if (!-f $request_filename) {
+ rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last;
+ }
+ }
+
+ location ~* \.(zip|gz|gzip|bz2|csv|xml)$ {
+ add_header Cache-Control "no-store";
+ add_header X-Frame-Options "SAMEORIGIN";
+ expires off;
+
+ if (!-f $request_filename) {
+ rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last;
+ }
+ }
+
+ if (!-f $request_filename) {
+ rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last;
+ }
+
+ add_header X-Frame-Options "SAMEORIGIN";
+ }
+
+ location /media/ {
+ try_files $uri $uri/ /get.php?$args;
+
+ location ~ ^/media/theme_customization/.*\.xml {
+ deny all;
+ }
+
+ location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ {
+ add_header Cache-Control "public";
+ add_header X-Frame-Options "SAMEORIGIN";
+ expires +1y;
+ try_files $uri $uri/ /get.php?$args;
+ }
+
+ location ~* \.(zip|gz|gzip|bz2|csv|xml)$ {
+ add_header Cache-Control "no-store";
+ add_header X-Frame-Options "SAMEORIGIN";
+ expires off;
+ try_files $uri $uri/ /get.php?$args;
+ }
+
+ add_header X-Frame-Options "SAMEORIGIN";
+ }
+
+ location /media/customer/ {
+ deny all;
+ }
+
+ location /media/downloadable/ {
+ deny all;
+ }
+
+ location /media/import/ {
+ deny all;
+ }
+
+ # PHP entry point for main application
+ location ~ (index|get|static|report|404|503)\.php$ {
+ try_files $uri =404;
+
+ fastcgi_pass %backend_lsnr%;
+ fastcgi_buffers 1024 4k;
+ fastcgi_read_timeout 600s;
+ fastcgi_connect_timeout 600s;
+
+ fastcgi_index index.php;
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ include /etc/nginx/fastcgi_params;
+ }
+
+ gzip on;
+ gzip_disable "msie6";
+
+ gzip_comp_level 6;
+ gzip_min_length 1100;
+ gzip_buffers 16 8k;
+ gzip_proxied any;
+ gzip_types
+ text/plain
+ text/css
+ text/js
+ text/xml
+ text/javascript
+ application/javascript
+ application/x-javascript
+ application/json
+ application/xml
+ application/xml+rss
+ image/svg+xml;
+ gzip_vary on;
+
+ # Banned locations (only reached if the earlier PHP entry point regexes don't match)
+ location ~* (\.php$|\.htaccess$|\.git) {
+ deny all;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/conf/web/%domain%.auth*;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/modx.stpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/modx.stpl
new file mode 100644
index 00000000..f410ab77
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/modx.stpl
@@ -0,0 +1,69 @@
+server {
+ listen %ip%:%web_ssl_port%;
+ server_name %domain_idn% %alias_idn%;
+ root %sdocroot%;
+ index index.php index.html index.htm;
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+
+ ssl on;
+ ssl_certificate %ssl_pem%;
+ ssl_certificate_key %ssl_key%;
+# if you need to rewrite www to non-www uncomment bellow
+# if ($host != '%domain%' ) {
+# rewrite ^/(.*)$ https://%domain%/$1 permanent;
+# }
+ location = /favicon.ico {
+ log_not_found off;
+ access_log off;
+ }
+
+ location = /robots.txt {
+ allow all;
+ log_not_found off;
+ access_log off;
+ }
+
+ location / {
+ try_files $uri $uri/ @rewrite;
+ location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+ expires max;
+ }
+ }
+ location @rewrite {
+ rewrite ^/(.*)$ /index.php?q=$1;
+ }
+
+ location ~ \.php$ {
+ try_files $uri =404;
+ fastcgi_pass %backend_lsnr%;
+ fastcgi_index index.php;
+ fastcgi_param SCRIPT_FILENAME $request_filename;
+ include /etc/nginx/fastcgi_params;
+ }
+
+ error_page 403 /error/404.html;
+ error_page 404 /error/404.html;
+ error_page 500 502 503 504 /error/50x.html;
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location ~* "/\.(htaccess|htpasswd)$" {
+ deny all;
+ return 404;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/conf/web/%domain%.auth*;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/modx.tpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/modx.tpl
new file mode 100644
index 00000000..342d3ecf
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/modx.tpl
@@ -0,0 +1,65 @@
+server {
+ listen %ip%:%web_port%;
+ server_name %domain_idn% %alias_idn%;
+ root %docroot%;
+ index index.php index.html index.htm;
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+# if you need to rewrite www to non-www uncomment bellow
+# if ($host != '%domain%' ) {
+# rewrite ^/(.*)$ http://%domain%/$1 permanent;
+# }
+ location = /favicon.ico {
+ log_not_found off;
+ access_log off;
+ }
+
+ location = /robots.txt {
+ allow all;
+ log_not_found off;
+ access_log off;
+ }
+
+ location / {
+ try_files $uri $uri/ @rewrite;
+ location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+ expires max;
+ }
+ }
+ location @rewrite {
+ rewrite ^/(.*)$ /index.php?q=$1;
+ }
+
+ location ~ \.php$ {
+ try_files $uri =404;
+ fastcgi_pass %backend_lsnr%;
+ fastcgi_index index.php;
+ fastcgi_param SCRIPT_FILENAME $request_filename;
+ include /etc/nginx/fastcgi_params;
+ }
+
+ error_page 403 /error/404.html;
+ error_page 404 /error/404.html;
+ error_page 500 502 503 504 /error/50x.html;
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location ~* "/\.(htaccess|htpasswd)$" {
+ deny all;
+ return 404;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/conf/web/%domain%.auth*;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/moodle.stpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/moodle.stpl
new file mode 100644
index 00000000..f15a68c5
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/moodle.stpl
@@ -0,0 +1,90 @@
+server {
+ listen %ip%:%web_ssl_port%;
+ server_name %domain_idn% %alias_idn%;
+ root %sdocroot%;
+ index index.php index.html index.htm;
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+
+ ssl on;
+ ssl_certificate %ssl_pem%;
+ ssl_certificate_key %ssl_key%;
+
+ rewrite ^/(.*\.php)(/)(.*)$ /$1?file=/$3 last;
+
+ location = /favicon.ico {
+ log_not_found off;
+ access_log off;
+ }
+
+ location = /robots.txt {
+ allow all;
+ log_not_found off;
+ access_log off;
+ }
+
+ location ~* \.(txt|log)$ {
+ allow 192.168.0.0/16;
+ deny all;
+ }
+
+ location ~ \..*/.*\.php$ {
+ return 403;
+ }
+
+ # No no for private
+ location ~ ^/sites/.*/private/ {
+ return 403;
+ }
+
+ # Block access to "hidden" files and directories whose names begin with a
+ # period. This includes directories used by version control systems such
+ # as Subversion or Git to store control files.
+ location ~ (^|/)\. {
+ return 403;
+ }
+
+ location / {
+ location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+ expires max;
+ }
+
+ location ~ [^/]\.php(/|$) {
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ if (!-f $document_root$fastcgi_script_name) {
+ return 404;
+ }
+
+ fastcgi_pass %backend_lsnr%;
+ fastcgi_index index.php;
+ fastcgi_param SCRIPT_FILENAME $request_filename;
+ fastcgi_intercept_errors on;
+ include /etc/nginx/fastcgi_params;
+ }
+ }
+
+ error_page 403 /error/404.html;
+ error_page 404 /error/404.html;
+ error_page 500 502 503 504 /error/50x.html;
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location ~* "/\.(htaccess|htpasswd)$" {
+ deny all;
+ return 404;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/conf/web/%domain%.auth*;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/moodle.tpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/moodle.tpl
new file mode 100644
index 00000000..c20ba648
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/moodle.tpl
@@ -0,0 +1,87 @@
+server {
+ listen %ip%:%web_port%;
+ server_name %domain_idn% %alias_idn%;
+ root %docroot%;
+ index index.php index.html index.htm;
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+
+ rewrite ^/(.*\.php)(/)(.*)$ /$1?file=/$3 last;
+
+ location = /favicon.ico {
+ log_not_found off;
+ access_log off;
+ }
+
+ location = /robots.txt {
+ allow all;
+ log_not_found off;
+ access_log off;
+ }
+
+ # Very rarely should these ever be accessed outside of your lan
+ location ~* \.(txt|log)$ {
+ allow 192.168.0.0/16;
+ deny all;
+ }
+
+ location ~ \..*/.*\.php$ {
+ return 403;
+ }
+
+ # No no for private
+ location ~ ^/sites/.*/private/ {
+ return 403;
+ }
+
+ # Block access to "hidden" files and directories whose names begin with a
+ # period. This includes directories used by version control systems such
+ # as Subversion or Git to store control files.
+ location ~ (^|/)\. {
+ return 403;
+ }
+
+ location / {
+ location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+ expires max;
+ }
+
+ location ~ [^/]\.php(/|$) {
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ if (!-f $document_root$fastcgi_script_name) {
+ return 404;
+ }
+
+ fastcgi_pass %backend_lsnr%;
+ fastcgi_index index.php;
+ fastcgi_param SCRIPT_FILENAME $request_filename;
+ fastcgi_intercept_errors on;
+ include /etc/nginx/fastcgi_params;
+ }
+ }
+
+ error_page 403 /error/404.html;
+ error_page 404 /error/404.html;
+ error_page 500 502 503 504 /error/50x.html;
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location ~* "/\.(htaccess|htpasswd)$" {
+ deny all;
+ return 404;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/conf/web/%domain%.auth*;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/no-php.stpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/no-php.stpl
new file mode 100644
index 00000000..bc8b53a3
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/no-php.stpl
@@ -0,0 +1,47 @@
+server {
+ listen %ip%:%web_ssl_port%;
+ server_name %domain_idn% %alias_idn%;
+ root %sdocroot%;
+ index index.php index.html index.htm;
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+
+ ssl on;
+ ssl_certificate %ssl_pem%;
+ ssl_certificate_key %ssl_key%;
+
+ types {
+ text/html html htm shtml php php5;
+ }
+
+ location / {
+ location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+ expires max;
+ }
+ }
+
+ error_page 403 /error/404.html;
+ error_page 404 /error/404.html;
+ error_page 500 502 503 504 /error/50x.html;
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location ~* "/\.(htaccess|htpasswd)$" {
+ deny all;
+ return 404;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/conf/web/%domain%.auth*;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/no-php.tpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/no-php.tpl
new file mode 100644
index 00000000..7ff8aa1d
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/no-php.tpl
@@ -0,0 +1,43 @@
+server {
+ listen %ip%:%web_port%;
+ server_name %domain_idn% %alias_idn%;
+ root %docroot%;
+ index index.php index.html index.htm;
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+
+ types {
+ text/html html htm shtml php php5;
+ }
+
+ location / {
+ location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+ expires max;
+ }
+ }
+
+ error_page 403 /error/404.html;
+ error_page 404 /error/404.html;
+ error_page 500 502 503 504 /error/50x.html;
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location ~* "/\.(htaccess|htpasswd)$" {
+ deny all;
+ return 404;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/conf/web/%domain%.auth*;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/odoo.stpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/odoo.stpl
new file mode 100644
index 00000000..d6697d7a
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/odoo.stpl
@@ -0,0 +1,70 @@
+server {
+ listen %ip%:%web_ssl_port%;
+ server_name %domain_idn% %alias_idn%;
+ root %sdocroot%;
+ index index.php index.html index.htm;
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+
+ ssl on;
+ ssl_certificate %ssl_pem%;
+ ssl_certificate_key %ssl_key%;
+
+ proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504;
+ proxy_redirect off;
+
+ proxy_set_header X-Forwarded-Host $host;
+ proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+ proxy_set_header X-Forwarded-Proto $scheme;
+ proxy_set_header X-Real-IP $remote_addr;
+
+ proxy_connect_timeout 720;
+ proxy_send_timeout 720;
+ proxy_read_timeout 720;
+ send_timeout 720;
+
+ # Allow "Well-Known URIs" as per RFC 5785
+ location ~* ^/.well-known/ {
+ allow all;
+ }
+
+ location / {
+ proxy_pass http://127.0.0.1:8069;
+ }
+
+ location /longpolling {
+ proxy_pass http://127.0.0.1:8072;
+ }
+
+ location ~* /web/static/ {
+ proxy_cache_valid 200 60m;
+ proxy_buffering on;
+ expires 864000;
+ proxy_pass http://127.0.0.1:8069;
+ }
+
+ error_page 403 /error/404.html;
+ error_page 404 /error/404.html;
+ error_page 500 502 503 504 /error/50x.html;
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location ~* "/\.(htaccess|htpasswd)$" {
+ deny all;
+ return 404;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/conf/web/%domain%.auth*;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/odoo.tpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/odoo.tpl
new file mode 100644
index 00000000..b1240aae
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/odoo.tpl
@@ -0,0 +1,66 @@
+server {
+ listen %ip%:%web_port%;
+ server_name %domain_idn% %alias_idn%;
+ root %docroot%;
+ index index.php index.html index.htm;
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+
+ proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504;
+ proxy_redirect off;
+
+ proxy_set_header X-Forwarded-Host $host;
+ proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+ proxy_set_header X-Forwarded-Proto $scheme;
+ proxy_set_header X-Real-IP $remote_addr;
+
+ proxy_connect_timeout 720;
+ proxy_send_timeout 720;
+ proxy_read_timeout 720;
+ send_timeout 720;
+
+ # Allow "Well-Known URIs" as per RFC 5785
+ location ~* ^/.well-known/ {
+ allow all;
+ }
+
+ location / {
+ proxy_pass http://127.0.0.1:8069;
+ }
+
+ location /longpolling {
+ proxy_pass http://127.0.0.1:8072;
+ }
+
+ location ~* /web/static/ {
+ proxy_cache_valid 200 60m;
+ proxy_buffering on;
+ expires 864000;
+ proxy_pass http://127.0.0.1:8069;
+ }
+
+ error_page 403 /error/404.html;
+ error_page 404 /error/404.html;
+ error_page 500 502 503 504 /error/50x.html;
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location ~* "/\.(htaccess|htpasswd)$" {
+ deny all;
+ return 404;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/conf/web/%domain%.auth*;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/opencart.stpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/opencart.stpl
new file mode 100644
index 00000000..908b9aeb
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/opencart.stpl
@@ -0,0 +1,59 @@
+server {
+ listen %ip%:%web_ssl_port%;
+ server_name %domain_idn% %alias_idn%;
+ root %sdocroot%;
+ index index.php index.html index.htm;
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+
+ ssl on;
+ ssl_certificate %ssl_pem%;
+ ssl_certificate_key %ssl_key%;
+
+ location / {
+ try_files $uri $uri/ @opencart;
+ location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+ expires max;
+ }
+
+ location ~ [^/]\.php(/|$) {
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ if (!-f $document_root$fastcgi_script_name) {
+ return 404;
+ }
+
+ fastcgi_pass %backend_lsnr%;
+ fastcgi_index index.php;
+ include /etc/nginx/fastcgi_params;
+ }
+ }
+
+ location @opencart {
+ rewrite ^/(.+)$ /index.php?_route_=$1 last;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/conf/web/%domain%.auth*;
+ }
+
+ error_page 403 /error/404.html;
+ error_page 404 /error/404.html;
+ error_page 500 502 503 504 /error/50x.html;
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location ~* "/\.(htaccess|htpasswd)$" {
+ deny all;
+ return 404;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/opencart.tpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/opencart.tpl
new file mode 100644
index 00000000..d0a9060b
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/opencart.tpl
@@ -0,0 +1,54 @@
+server {
+ listen %ip%:%web_port%;
+ server_name %domain_idn% %alias_idn%;
+ root %docroot%;
+ index index.php index.html index.htm;
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+ location / {
+ try_files $uri $uri/ @opencart;
+ location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+ expires max;
+ }
+
+ location ~ [^/]\.php(/|$) {
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ if (!-f $document_root$fastcgi_script_name) {
+ return 404;
+ }
+
+ fastcgi_pass %backend_lsnr%;
+ fastcgi_index index.php;
+ include /etc/nginx/fastcgi_params;
+ }
+ }
+
+ location @opencart {
+ rewrite ^/(.+)$ /index.php?_route_=$1 last;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/conf/web/%domain%.auth*;
+ }
+
+ error_page 403 /error/404.html;
+ error_page 404 /error/404.html;
+ error_page 500 502 503 504 /error/50x.html;
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location ~* "/\.(htaccess|htpasswd)$" {
+ deny all;
+ return 404;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/owncloud.stpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/owncloud.stpl
new file mode 100644
index 00000000..891566b9
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/owncloud.stpl
@@ -0,0 +1,85 @@
+server {
+ listen %ip%:%web_ssl_port%;
+ server_name %domain_idn% %alias_idn%;
+ root %sdocroot%;
+ index index.php index.html index.htm;
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+
+ ssl on;
+ ssl_certificate %ssl_pem%;
+ ssl_certificate_key %ssl_key%;
+
+ location = /favicon.ico {
+ log_not_found off;
+ access_log off;
+ }
+
+ location = /robots.txt {
+ allow all;
+ log_not_found off;
+ access_log off;
+ }
+
+ rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect;
+ rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect;
+ rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect;
+
+ error_page 403 = /core/templates/403.php;
+ error_page 404 = /core/templates/404.php;
+
+ location ~ ^/(?:\.htaccess|data|config|db_structure\.xml|README){
+ deny all;
+ }
+
+ location / {
+ # The following 2 rules are only needed with webfinger
+ rewrite ^/.well-known/host-meta /public.php?service=host-meta last;
+ rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last;
+ rewrite ^/.well-known/carddav /remote.php/carddav/ redirect;
+ rewrite ^/.well-known/caldav /remote.php/caldav/ redirect;
+ rewrite ^(/core/doc/[^\/]+/)$ $1/index.html;
+ try_files $uri $uri/ /index.php;
+
+ location ~ \.php(?:$|/) {
+ fastcgi_split_path_info ^(.+\.php)(/.+)$;
+ include /etc/nginx/fastcgi_params;
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ fastcgi_param PATH_INFO $fastcgi_path_info;
+ #fastcgi_param HTTPS on;
+ fastcgi_pass %backend_lsnr%;
+ }
+ }
+
+ location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+ expires max;
+ # Some basic cache-control for static files to be sent to the browser
+ add_header Pragma public;
+ add_header Cache-Control "public, must-revalidate, proxy-revalidate";
+ }
+
+ #error_page 403 /error/404.html;
+ #error_page 404 /error/404.html;
+ error_page 500 502 503 504 /error/50x.html;
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location ~* "/\.(htaccess|htpasswd)$" {
+ deny all;
+ return 404;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/conf/web/%domain%.auth*;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/owncloud.tpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/owncloud.tpl
new file mode 100644
index 00000000..e3ec31de
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/owncloud.tpl
@@ -0,0 +1,81 @@
+server {
+ listen %ip%:%web_port%;
+ server_name %domain_idn% %alias_idn%;
+ root %docroot%;
+ index index.php index.html index.htm;
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+
+ location = /favicon.ico {
+ log_not_found off;
+ access_log off;
+ }
+
+ location = /robots.txt {
+ allow all;
+ log_not_found off;
+ access_log off;
+ }
+
+ rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect;
+ rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect;
+ rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect;
+
+ error_page 403 = /core/templates/403.php;
+ error_page 404 = /core/templates/404.php;
+
+ location ~ ^/(?:\.htaccess|data|config|db_structure\.xml|README){
+ deny all;
+ }
+
+ location / {
+ # The following 2 rules are only needed with webfinger
+ rewrite ^/.well-known/host-meta /public.php?service=host-meta last;
+ rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last;
+ rewrite ^/.well-known/carddav /remote.php/carddav/ redirect;
+ rewrite ^/.well-known/caldav /remote.php/caldav/ redirect;
+ rewrite ^(/core/doc/[^\/]+/)$ $1/index.html;
+ try_files $uri $uri/ /index.php;
+
+ location ~ \.php(?:$|/) {
+ fastcgi_split_path_info ^(.+\.php)(/.+)$;
+ include /etc/nginx/fastcgi_params;
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ fastcgi_param PATH_INFO $fastcgi_path_info;
+ #fastcgi_param HTTPS on;
+ fastcgi_pass %backend_lsnr%;
+ }
+ }
+
+ location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+ expires max;
+ # Some basic cache-control for static files to be sent to the browser
+ add_header Pragma public;
+ add_header Cache-Control "public, must-revalidate, proxy-revalidate";
+ }
+
+ #error_page 403 /error/404.html;
+ #error_page 404 /error/404.html;
+ error_page 500 502 503 504 /error/50x.html;
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location ~* "/\.(htaccess|htpasswd)$" {
+ deny all;
+ return 404;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/conf/web/%domain%.auth*;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/piwik.stpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/piwik.stpl
new file mode 100644
index 00000000..78c1bb78
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/piwik.stpl
@@ -0,0 +1,73 @@
+server {
+ listen %ip%:%web_ssl_port%;
+ server_name %domain_idn% %alias_idn%;
+ root %sdocroot%;
+ index index.php index.html index.htm;
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+
+ ssl on;
+ ssl_certificate %ssl_pem%;
+ ssl_certificate_key %ssl_key%;
+
+ location = /favicon.ico {
+ try_files /favicon.ico =204;
+ }
+
+ location / {
+ try_files $uri /index.php;
+
+ location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+ valid_referers none blocked %domain_idn% %alias_idn%;
+ if ($invalid_referer) {
+ return 444;
+ }
+ expires max;
+ }
+
+ location ~* ^/(?:index|piwik)\.php$ {
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ if (!-f $document_root$fastcgi_script_name) {
+ return 404;
+ }
+
+ fastcgi_pass %backend_lsnr%;
+ include /etc/nginx/fastcgi_params;
+ }
+ }
+
+ # Any other attempt to access PHP files returns a 404.
+ location ~* ^.+\.php$ {
+ return 404;
+ }
+
+ # Return a 404 for all text files.
+ location ~* ^/(?:README|LICENSE[^.]*|LEGALNOTICE)(?:\.txt)*$ {
+ return 404;
+ }
+
+ error_page 403 /error/404.html;
+ error_page 404 /error/404.html;
+ error_page 500 502 503 504 /error/50x.html;
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location ~* "/\.(htaccess|htpasswd)$" {
+ deny all;
+ return 404;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/conf/web/%domain%.auth*;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/piwik.tpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/piwik.tpl
new file mode 100644
index 00000000..f94fb7de
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/piwik.tpl
@@ -0,0 +1,69 @@
+server {
+ listen %ip%:%web_port%;
+ server_name %domain_idn% %alias_idn%;
+ root %docroot%;
+ index index.php index.html index.htm;
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+
+ location = /favicon.ico {
+ try_files /favicon.ico =204;
+ }
+
+ location / {
+ try_files $uri /index.php;
+
+ location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+ valid_referers none blocked %domain_idn% %alias_idn%;
+ if ($invalid_referer) {
+ return 444;
+ }
+ expires max;
+ }
+
+ location ~* ^/(?:index|piwik)\.php$ {
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ if (!-f $document_root$fastcgi_script_name) {
+ return 404;
+ }
+
+ fastcgi_pass %backend_lsnr%;
+ include /etc/nginx/fastcgi_params;
+ }
+ }
+
+ # Any other attempt to access PHP files returns a 404.
+ location ~* ^.+\.php$ {
+ return 404;
+ }
+
+ # Return a 404 for all text files.
+ location ~* ^/(?:README|LICENSE[^.]*|LEGALNOTICE)(?:\.txt)*$ {
+ return 404;
+ }
+
+ error_page 403 /error/404.html;
+ error_page 404 /error/404.html;
+ error_page 500 502 503 504 /error/50x.html;
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location ~* "/\.(htaccess|htpasswd)$" {
+ deny all;
+ return 404;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/conf/web/%domain%.auth*;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/pyrocms.stpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/pyrocms.stpl
new file mode 100644
index 00000000..5ffc9ed5
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/pyrocms.stpl
@@ -0,0 +1,66 @@
+server {
+ listen %ip%:%web_ssl_port%;
+ server_name %domain_idn% %alias_idn%;
+ root %sdocroot%/public;
+ index index.php index.html index.htm;
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+
+ ssl on;
+ ssl_certificate %ssl_pem%;
+ ssl_certificate_key %ssl_key%;
+
+ location /installer {
+ try_files $uri $uri/ /installer/index.php?$query_string;
+ }
+
+ location / {
+ try_files $uri $uri/ /index.php;
+
+ location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+ expires max;
+ }
+
+ location ~ [^/]\.php(/|$) {
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ if (!-f $document_root$fastcgi_script_name) {
+ return 404;
+ }
+
+ fastcgi_pass %backend_lsnr%;
+ fastcgi_index index.php;
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ include /etc/nginx/fastcgi_params;
+ }
+ }
+
+ location = /robots.txt { access_log off; log_not_found off; }
+ location = /favicon.ico { access_log off; log_not_found off; }
+ location ~ /\. { access_log off; log_not_found off; deny all; }
+ location ~ ~$ { access_log off; log_not_found off; deny all; }
+
+ error_page 403 /error/404.html;
+ error_page 404 /error/404.html;
+ error_page 500 502 503 504 /error/50x.html;
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location ~* "/\.(htaccess|htpasswd)$" {
+ deny all;
+ return 404;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/conf/web/%domain%.auth*;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/pyrocms.tpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/pyrocms.tpl
new file mode 100644
index 00000000..297fe0e8
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/pyrocms.tpl
@@ -0,0 +1,62 @@
+server {
+ listen %ip%:%web_port%;
+ server_name %domain_idn% %alias_idn%;
+ root %docroot%/public;
+ index index.php index.html index.htm;
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+
+ location /installer {
+ try_files $uri $uri/ /installer/index.php?$query_string;
+ }
+
+ location / {
+ try_files $uri $uri/ /index.php;
+
+ location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+ expires max;
+ }
+
+ location ~ [^/]\.php(/|$) {
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ if (!-f $document_root$fastcgi_script_name) {
+ return 404;
+ }
+
+ fastcgi_pass %backend_lsnr%;
+ fastcgi_index index.php;
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ include /etc/nginx/fastcgi_params;
+ }
+ }
+
+ location = /robots.txt { access_log off; log_not_found off; }
+ location = /favicon.ico { access_log off; log_not_found off; }
+ location ~ /\. { access_log off; log_not_found off; deny all; }
+ location ~ ~$ { access_log off; log_not_found off; deny all; }
+
+ error_page 403 /error/404.html;
+ error_page 404 /error/404.html;
+ error_page 500 502 503 504 /error/50x.html;
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location ~* "/\.(htaccess|htpasswd)$" {
+ deny all;
+ return 404;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/conf/web/%domain%.auth*;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/sendy.stpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/sendy.stpl
new file mode 100644
index 00000000..0b351000
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/sendy.stpl
@@ -0,0 +1,88 @@
+server {
+ listen %ip%:%web_ssl_port% ssl http2;
+ server_name %domain_idn% %alias_idn%;
+ ssl_certificate %ssl_pem%;
+ ssl_certificate_key %ssl_key%;
+ root %docroot%;
+ index index.php index.html index.htm;
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+
+ location = /favicon.ico {
+ log_not_found off;
+ access_log off;
+ }
+
+ location = /robots.txt {
+ allow all;
+ log_not_found off;
+ access_log off;
+ }
+
+ location ~* "/\.(htaccess|htpasswd|git|svn|DS_Store)$" {
+ deny all;
+ }
+
+ location ~ /(readme.html|license.txt) {
+ deny all;
+ }
+
+ if (!-f $request_filename){
+ rewrite ^/([a-zA-Z0-9-]+)$ /$1.php last;
+ }
+
+ location / {
+ try_files $uri $uri/ /index.php?$args;
+ location ~* ^.+\.(ogg|ogv|svg|svgz|swf|eot|otf|woff|mov|mp3|mp4|webm|flv|ttf|rss|atom|jpg|jpeg|gif|png|ico|bmp|mid|midi|wav|rtf|css|js|jar|pdf)$ {
+ expires 1d;
+ }
+
+ location ~ [^/]\.php(/|$) {
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ try_files $uri =404;
+ fastcgi_pass %backend_lsnr%;
+ fastcgi_index index.php;
+ include /etc/nginx/fastcgi_params;
+ }
+
+ location /l/ {
+ rewrite ^/l/([a-zA-Z0-9/]+)$ /l.php?i=$1 last;
+ }
+
+ location /t/ {
+ rewrite ^/t/([a-zA-Z0-9/]+)$ /t.php?i=$1 last;
+ }
+
+ location /w/ {
+ rewrite ^/w/([a-zA-Z0-9/]+)$ /w.php?i=$1 last;
+ }
+
+ location /unsubscribe/ {
+ rewrite ^/unsubscribe/(.*)$ /unsubscribe.php?i=$1 last;
+ }
+
+ location /subscribe/ {
+ rewrite ^/subscribe/(.*)$ /subscribe.php?i=$1 last;
+ }
+ }
+
+ error_page 403 /error/404.html;
+ error_page 404 /error/404.html;
+ error_page 500 502 503 504 /error/50x.html;
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/web/%domain%/stats/auth.conf*;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/sendy.tpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/sendy.tpl
new file mode 100644
index 00000000..b27b427d
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/sendy.tpl
@@ -0,0 +1,86 @@
+server {
+ listen %ip%:%web_port%;
+ server_name %domain_idn% %alias_idn%;
+ root %docroot%;
+ index index.php index.html index.htm;
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+
+ location = /favicon.ico {
+ log_not_found off;
+ access_log off;
+ }
+
+ location = /robots.txt {
+ allow all;
+ log_not_found off;
+ access_log off;
+ }
+
+ location ~* "/\.(htaccess|htpasswd|git|svn|DS_Store)$" {
+ deny all;
+ }
+
+ location ~ /(readme.html|license.txt) {
+ deny all;
+ }
+
+ if (!-f $request_filename){
+ rewrite ^/([a-zA-Z0-9-]+)$ /$1.php last;
+ }
+
+ location / {
+ try_files $uri $uri/ /index.php?$args;
+ location ~* ^.+\.(ogg|ogv|svg|svgz|swf|eot|otf|woff|mov|mp3|mp4|webm|flv|ttf|rss|atom|jpg|jpeg|gif|png|ico|bmp|mid|midi|wav|rtf|css|js|jar|pdf)$ {
+ expires 1d;
+ }
+
+ location ~ [^/]\.php(/|$) {
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ try_files $uri =404;
+ fastcgi_pass %backend_lsnr%;
+ fastcgi_index index.php;
+ include /etc/nginx/fastcgi_params;
+ }
+
+ location /l/ {
+ rewrite ^/l/([a-zA-Z0-9/]+)$ /l.php?i=$1 last;
+ }
+
+ location /t/ {
+ rewrite ^/t/([a-zA-Z0-9/]+)$ /t.php?i=$1 last;
+ }
+
+ location /w/ {
+ rewrite ^/w/([a-zA-Z0-9/]+)$ /w.php?i=$1 last;
+ }
+
+ location /unsubscribe/ {
+ rewrite ^/unsubscribe/(.*)$ /unsubscribe.php?i=$1 last;
+ }
+
+ location /subscribe/ {
+ rewrite ^/subscribe/(.*)$ /subscribe.php?i=$1 last;
+ }
+ }
+
+ error_page 403 /error/404.html;
+ error_page 404 /error/404.html;
+ error_page 500 502 503 504 /error/50x.html;
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/web/%domain%/stats/auth.conf*;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/wordpress.stpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/wordpress.stpl
new file mode 100644
index 00000000..5cb55311
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/wordpress.stpl
@@ -0,0 +1,55 @@
+server {
+ listen %ip%:%web_ssl_port%;
+ server_name %domain_idn% %alias_idn%;
+ root %sdocroot%;
+ index index.php index.html index.htm;
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+
+ ssl on;
+ ssl_certificate %ssl_pem%;
+ ssl_certificate_key %ssl_key%;
+
+ location / {
+
+ location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+ expires max;
+ }
+
+ location ~ [^/]\.php(/|$) {
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ if (!-f $document_root$fastcgi_script_name) {
+ return 404;
+ }
+
+ fastcgi_pass %backend_lsnr%;
+ fastcgi_index index.php;
+ include /etc/nginx/fastcgi_params;
+ }
+ }
+
+ error_page 403 /error/404.html;
+ error_page 404 /error/404.html;
+ error_page 500 502 503 504 /error/50x.html;
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location ~* "/\.(htaccess|htpasswd)$" {
+ deny all;
+ return 404;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/conf/web/%domain%.auth*;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/wordpress.tpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/wordpress.tpl
new file mode 100644
index 00000000..a8909efb
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/wordpress.tpl
@@ -0,0 +1,51 @@
+server {
+ listen %ip%:%web_port%;
+ server_name %domain_idn% %alias_idn%;
+ root %docroot%;
+ index index.php index.html index.htm;
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+
+ location / {
+
+ location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+ expires max;
+ }
+
+ location ~ [^/]\.php(/|$) {
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ if (!-f $document_root$fastcgi_script_name) {
+ return 404;
+ }
+
+ fastcgi_pass %backend_lsnr%;
+ fastcgi_index index.php;
+ include /etc/nginx/fastcgi_params;
+ }
+ }
+
+ error_page 403 /error/404.html;
+ error_page 404 /error/404.html;
+ error_page 500 502 503 504 /error/50x.html;
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location ~* "/\.(htaccess|htpasswd)$" {
+ deny all;
+ return 404;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/conf/web/%domain%.auth*;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/wordpress2.stpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/wordpress2.stpl
new file mode 100644
index 00000000..e0aeb524
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/wordpress2.stpl
@@ -0,0 +1,67 @@
+server {
+ listen %ip%:%web_ssl_port%;
+ server_name %domain_idn% %alias_idn%;
+ root %sdocroot%;
+ index index.php index.html index.htm;
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+
+ ssl on;
+ ssl_certificate %ssl_pem%;
+ ssl_certificate_key %ssl_key%;
+
+ location = /favicon.ico {
+ log_not_found off;
+ access_log off;
+ }
+
+ location = /robots.txt {
+ allow all;
+ log_not_found off;
+ access_log off;
+ }
+
+ location / {
+ try_files $uri $uri/ /index.php?$args;
+
+ location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+ expires max;
+ }
+
+ location ~ [^/]\.php(/|$) {
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ if (!-f $document_root$fastcgi_script_name) {
+ return 404;
+ }
+
+ fastcgi_pass %backend_lsnr%;
+ fastcgi_index index.php;
+ include /etc/nginx/fastcgi_params;
+ }
+ }
+
+ error_page 403 /error/404.html;
+ error_page 404 /error/404.html;
+ error_page 500 502 503 504 /error/50x.html;
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location ~* "/\.(htaccess|htpasswd)$" {
+ deny all;
+ return 404;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/conf/web/%domain%.auth*;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/wordpress2.tpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/wordpress2.tpl
new file mode 100644
index 00000000..bccb8b3d
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/wordpress2.tpl
@@ -0,0 +1,63 @@
+server {
+ listen %ip%:%web_port%;
+ server_name %domain_idn% %alias_idn%;
+ root %docroot%;
+ index index.php index.html index.htm;
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+
+ location = /favicon.ico {
+ log_not_found off;
+ access_log off;
+ }
+
+ location = /robots.txt {
+ allow all;
+ log_not_found off;
+ access_log off;
+ }
+
+ location / {
+ try_files $uri $uri/ /index.php?$args;
+
+ location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+ expires max;
+ }
+
+ location ~ [^/]\.php(/|$) {
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ if (!-f $document_root$fastcgi_script_name) {
+ return 404;
+ }
+
+ fastcgi_pass %backend_lsnr%;
+ fastcgi_index index.php;
+ include /etc/nginx/fastcgi_params;
+ }
+ }
+
+ error_page 403 /error/404.html;
+ error_page 404 /error/404.html;
+ error_page 500 502 503 504 /error/50x.html;
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location ~* "/\.(htaccess|htpasswd)$" {
+ deny all;
+ return 404;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/conf/web/%domain%.auth*;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl
new file mode 100644
index 00000000..0d933b30
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl
@@ -0,0 +1,72 @@
+server {
+ listen %ip%:%web_ssl_port%;
+ server_name %domain_idn% %alias_idn%;
+ root %docroot%;
+ index index.php index.html index.htm;
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+
+ ssl on;
+ ssl_certificate %ssl_pem%;
+ ssl_certificate_key %ssl_key%;
+
+ location = /favicon.ico {
+ log_not_found off;
+ access_log off;
+ }
+
+ location = /robots.txt {
+ allow all;
+ log_not_found off;
+ access_log off;
+ }
+
+ location / {
+ try_files $uri $uri/ /index.php?$args;
+
+ if (!-e $request_filename)
+ {
+ rewrite ^(.+)$ /index.php?q=$1 last;
+ }
+
+ location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+ expires max;
+ }
+
+ location ~ [^/]\.php(/|$) {
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ if (!-f $document_root$fastcgi_script_name) {
+ return 404;
+ }
+
+ fastcgi_pass %backend_lsnr%;
+ fastcgi_index index.php;
+ include /etc/nginx/fastcgi_params;
+ }
+ }
+
+ error_page 403 /error/404.html;
+ error_page 404 /error/404.html;
+ error_page 500 502 503 504 /error/50x.html;
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location ~* "/\.(htaccess|htpasswd)$" {
+ deny all;
+ return 404;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/web/%domain%/stats/auth.conf*;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/nginx.%domain_idn%.conf*;
+}
diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/wordpress2_rewrite.tpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/wordpress2_rewrite.tpl
new file mode 100644
index 00000000..39e366b7
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/wordpress2_rewrite.tpl
@@ -0,0 +1,67 @@
+server {
+ listen %ip%:%web_port%;
+ server_name %domain_idn% %alias_idn%;
+ root %docroot%;
+ index index.php index.html index.htm;
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+ location = /favicon.ico {
+ log_not_found off;
+ access_log off;
+ }
+
+ location = /robots.txt {
+ allow all;
+ log_not_found off;
+ access_log off;
+ }
+
+ location / {
+ try_files $uri $uri/ /index.php?$args;
+
+ if (!-e $request_filename)
+ {
+ rewrite ^(.+)$ /index.php?q=$1 last;
+ }
+
+ location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+ expires max;
+ }
+
+ location ~ [^/]\.php(/|$) {
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ if (!-f $document_root$fastcgi_script_name) {
+ return 404;
+ }
+
+ fastcgi_pass %backend_lsnr%;
+ fastcgi_index index.php;
+ include /etc/nginx/fastcgi_params;
+ }
+ }
+
+ error_page 403 /error/404.html;
+ error_page 404 /error/404.html;
+ error_page 500 502 503 504 /error/50x.html;
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location ~* "/\.(htaccess|htpasswd)$" {
+ deny all;
+ return 404;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/web/%domain%/stats/auth.conf*;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/nginx.%domain_idn%.conf*;
+}
diff --git a/install/ubuntu/17.10/templates/web/nginx/proxy_ip.tpl b/install/ubuntu/17.10/templates/web/nginx/proxy_ip.tpl
new file mode 100755
index 00000000..ae195617
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/nginx/proxy_ip.tpl
@@ -0,0 +1,9 @@
+server {
+ listen %ip%:%proxy_port% default;
+ server_name _;
+ #access_log /var/log/nginx/%ip%.log main;
+ location / {
+ proxy_pass http://%ip%:%web_port%;
+ }
+}
+
diff --git a/install/ubuntu/17.10/templates/web/php-fpm/default.tpl b/install/ubuntu/17.10/templates/web/php-fpm/default.tpl
new file mode 100644
index 00000000..209e1e43
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/php-fpm/default.tpl
@@ -0,0 +1,21 @@
+[%backend%]
+listen = 127.0.0.1:%backend_port%
+listen.allowed_clients = 127.0.0.1
+
+user = %user%
+group = %user%
+
+pm = ondemand
+pm.max_children = 4
+pm.max_requests = 4000
+pm.process_idle_timeout = 10s
+pm.status_path = /status
+
+php_admin_value[upload_tmp_dir] = /home/%user%/tmp
+php_admin_value[session.save_path] = /home/%user%/tmp
+
+env[HOSTNAME] = $HOSTNAME
+env[PATH] = /usr/local/bin:/usr/bin:/bin
+env[TMP] = /home/%user%/tmp
+env[TMPDIR] = /home/%user%/tmp
+env[TEMP] = /home/%user%/tmp
diff --git a/install/ubuntu/17.10/templates/web/php-fpm/no-php.tpl b/install/ubuntu/17.10/templates/web/php-fpm/no-php.tpl
new file mode 100644
index 00000000..047c33ed
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/php-fpm/no-php.tpl
@@ -0,0 +1,20 @@
+;[%backend%]
+;listen = /dev/null
+
+;user = %user%
+;group = %user%
+
+;listen.owner = %user%
+;listen.group = www-data
+
+;pm = ondemand
+;pm.max_children = 4
+;pm.max_requests = 4000
+;pm.process_idle_timeout = 10s
+;pm.status_path = /status
+
+;env[HOSTNAME] = $HOSTNAME
+;env[PATH] = /usr/local/bin:/usr/bin:/bin
+;env[TMP] = /home/%user%/tmp
+;env[TMPDIR] = /home/%user%/tmp
+;env[TEMP] = /home/%user%/tmp
diff --git a/install/ubuntu/17.10/templates/web/php-fpm/socket.tpl b/install/ubuntu/17.10/templates/web/php-fpm/socket.tpl
new file mode 100644
index 00000000..a0151084
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/php-fpm/socket.tpl
@@ -0,0 +1,24 @@
+[%backend%]
+listen = /var/run/php/%backend%.sock
+listen.allowed_clients = 127.0.0.1
+
+user = %user%
+group = %user%
+
+listen.owner = %user%
+listen.group = www-data
+
+pm = ondemand
+pm.max_children = 4
+pm.max_requests = 4000
+pm.process_idle_timeout = 10s
+pm.status_path = /status
+
+php_admin_value[upload_tmp_dir] = /home/%user%/tmp
+php_admin_value[session.save_path] = /home/%user%/tmp
+
+env[HOSTNAME] = $HOSTNAME
+env[PATH] = /usr/local/bin:/usr/bin:/bin
+env[TMP] = /home/%user%/tmp
+env[TMPDIR] = /home/%user%/tmp
+env[TEMP] = /home/%user%/tmp
diff --git a/install/ubuntu/17.10/templates/web/skel/document_errors/403.html b/install/ubuntu/17.10/templates/web/skel/document_errors/403.html
new file mode 100755
index 00000000..9c3f6baa
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/skel/document_errors/403.html
@@ -0,0 +1,29 @@
+
+
+ 403 — Forbidden
+
+
+
+
+
+
+ %domain%
+
+ 403
+ Forbidden
+
+ Unfortunately, you do not have permission to view this
+
+
+
+
diff --git a/install/ubuntu/17.10/templates/web/skel/document_errors/404.html b/install/ubuntu/17.10/templates/web/skel/document_errors/404.html
new file mode 100755
index 00000000..2cee7708
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/skel/document_errors/404.html
@@ -0,0 +1,28 @@
+
+
+ 404 — Not Found
+
+
+
+
+
+
+ %domain%
+ 404
+ Page Not Found
+
+ It seems that the page you were trying to reach does not exist anymore, or maybe it has just moved.
+ You can start again from the
home or go back to
previous page.
+
%domain%
+
+ 500
+ Internal Server Error
+
+ Sorry, something went wrong :(
+
+
+
+
diff --git a/install/ubuntu/17.10/templates/web/skel/public_html/index.html b/install/ubuntu/17.10/templates/web/skel/public_html/index.html
new file mode 100755
index 00000000..4f5bb724
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/skel/public_html/index.html
@@ -0,0 +1,26 @@
+
+
+ %domain% — Coming Soon
+
+
+
+
+
+
+ %domain%
+
+
+
+
+
diff --git a/install/ubuntu/17.10/templates/web/skel/public_html/robots.txt b/install/ubuntu/17.10/templates/web/skel/public_html/robots.txt
new file mode 100755
index 00000000..00ee83dc
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/skel/public_html/robots.txt
@@ -0,0 +1,3 @@
+# vestacp autogenerated robots.txt
+User-agent: *
+Crawl-delay: 10
diff --git a/install/ubuntu/17.10/templates/web/skel/public_shtml/index.html b/install/ubuntu/17.10/templates/web/skel/public_shtml/index.html
new file mode 100755
index 00000000..4f5bb724
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/skel/public_shtml/index.html
@@ -0,0 +1,26 @@
+
+
+ %domain% — Coming Soon
+
+
+
+
+
+
+ %domain%
+
+
+
+
+
diff --git a/install/ubuntu/17.10/templates/web/skel/public_shtml/robots.txt b/install/ubuntu/17.10/templates/web/skel/public_shtml/robots.txt
new file mode 100755
index 00000000..00ee83dc
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/skel/public_shtml/robots.txt
@@ -0,0 +1,3 @@
+# vestacp autogenerated robots.txt
+User-agent: *
+Crawl-delay: 10
diff --git a/install/ubuntu/17.10/templates/web/suspend/.htaccess b/install/ubuntu/17.10/templates/web/suspend/.htaccess
new file mode 100755
index 00000000..5a6df83f
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/suspend/.htaccess
@@ -0,0 +1,2 @@
+ErrorDocument 403 /index.html
+ErrorDocument 404 /index.html
diff --git a/install/ubuntu/17.10/templates/web/suspend/index.html b/install/ubuntu/17.10/templates/web/suspend/index.html
new file mode 100755
index 00000000..f2d04e1f
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/suspend/index.html
@@ -0,0 +1,25 @@
+
+
+ Website Suspended
+
+
+
+
+
+ SUSPENDED
+ This website has been suspended.
+
+ Please contact the technical support department.
+
+
+
diff --git a/install/ubuntu/17.10/templates/web/webalizer/webalizer.tpl b/install/ubuntu/17.10/templates/web/webalizer/webalizer.tpl
new file mode 100755
index 00000000..068adcfb
--- /dev/null
+++ b/install/ubuntu/17.10/templates/web/webalizer/webalizer.tpl
@@ -0,0 +1,110 @@
+HostName %domain_idn%
+LogFile /var/log/%web_system%/domains/%domain%.log
+OutputDir %home%/%user%/web/%domain%/stats
+HistoryName %home%/%user%/web/%domain%/stats/%domain%.hist
+Incremental yes
+IncrementalName %home%/%user%/web/%domain%/stats/%domain%.current
+PageType htm*
+PageType cgi
+PageType php
+PageType shtml
+DNSCache /var/lib/webalizer/dns_cache.db
+DNSChildren 10
+Quiet yes
+FoldSeqErr yes
+IndexAlias index.php
+HideURL *.gif
+HideURL *.GIF
+HideURL *.jpg
+HideURL *.JPG
+HideURL *.png
+HideURL *.PNG
+HideURL *.ra
+SearchEngine abcsearch. terms=
+SearchEngine alexa. q=
+SearchEngine alltheweb. q=
+SearchEngine alltheweb. query=
+SearchEngine alot. q=
+SearchEngine altavista. q=
+SearchEngine aolsearch. query=
+SearchEngine aport.ru r=
+SearchEngine ask. q=
+SearchEngine atlas.cz q=
+SearchEngine bbc. q=
+SearchEngine bing. q=
+SearchEngine blingo. q=
+SearchEngine blogs.yandex.ru text=
+SearchEngine btopenworld query=
+SearchEngine buscador.ya.com q=
+SearchEngine busca. q=
+SearchEngine business. query=
+SearchEngine centrum.cz q=
+SearchEngine chiff. q=
+SearchEngine clusty. query=
+SearchEngine comcast. q=
+SearchEngine crawler. q=
+SearchEngine cuil. q=
+SearchEngine dmoz. search=
+SearchEngine dogpile.com q=
+SearchEngine dpxml qkw=
+SearchEngine eureka. searchword=
+SearchEngine euroseek. string=
+SearchEngine exalead. q=
+SearchEngine excite search=
+SearchEngine ezilon. q=
+SearchEngine fastbrowsersearch. q=
+SearchEngine feedster.com q=
+SearchEngine fireball.de q=
+SearchEngine fireball. keyword=
+SearchEngine freeserve. q=
+SearchEngine gigablast. q=
+SearchEngine gogo.ru q=
+SearchEngine go.mail.ru q=
+SearchEngine google. q=
+SearchEngine hakia. q=
+SearchEngine hotbot. query=
+SearchEngine infoseek. qt=
+SearchEngine iwon searchfor=
+SearchEngine ixquick.com query=
+SearchEngine joeant. keywords=
+SearchEngine jyxo.cz s=
+SearchEngine looksmart. key=
+SearchEngine lycos. query=
+SearchEngine mamma. q=
+SearchEngine metacrawler q=
+SearchEngine msn. MT=
+SearchEngine msxml qkw=
+SearchEngine mysearch. searchfor=
+SearchEngine mywebsearch. searchfor=
+SearchEngine netscape. q=
+SearchEngine nigma.ru q=
+SearchEngine northernlight. qr=
+SearchEngine ntlworld. q=
+SearchEngine orange. q=
+SearchEngine overture. Keywords=
+SearchEngine punto.ru text=
+SearchEngine rambler. keyword=
+SearchEngine search.aol. q=
+SearchEngine search.babylon. q=
+SearchEngine search.centrum. phrase=
+SearchEngine search.conduit. q=
+SearchEngine search.earthlink q=
+SearchEngine search.icq. q=
+SearchEngine search.live.com q=
+SearchEngine search.rambler.ru words=
+SearchEngine search.winamp. q=
+SearchEngine searchy. q=
+SearchEngine seznam.cz w=
+SearchEngine snap. query=
+SearchEngine teoma. q=
+SearchEngine teradex.com q=
+SearchEngine ukplus key=
+SearchEngine verizon. q=
+SearchEngine virginmedia. q=
+SearchEngine voila. rdata=
+SearchEngine webcrawler searchText=
+SearchEngine web.search.naver. query=
+SearchEngine wisenut q=
+SearchEngine yahoo. p=
+SearchEngine yandex. text=
+SearchEngine yodao. q=
diff --git a/install/ubuntu/17.10/vsftpd/vsftpd.conf b/install/ubuntu/17.10/vsftpd/vsftpd.conf
new file mode 100644
index 00000000..034b016d
--- /dev/null
+++ b/install/ubuntu/17.10/vsftpd/vsftpd.conf
@@ -0,0 +1,27 @@
+anonymous_enable=NO
+local_enable=YES
+write_enable=YES
+local_umask=022
+anon_umask=022
+anon_upload_enable=NO
+dirmessage_enable=YES
+xferlog_enable=YES
+connect_from_port_20=YES
+xferlog_std_format=YES
+dual_log_enable=YES
+chroot_local_user=YES
+listen=YES
+pam_service_name=vsftpd
+userlist_enable=NO
+tcp_wrappers=YES
+force_dot_files=YES
+ascii_upload_enable=YES
+ascii_download_enable=YES
+allow_writeable_chroot=YES
+seccomp_sandbox=NO
+pasv_enable=YES
+pasv_min_port=12000
+pasv_max_port=12100
+max_per_ip=10
+max_clients=100
+use_localtime=YES
diff --git a/install/ubuntu/18.04/apache2/apache2.conf b/install/ubuntu/18.04/apache2/apache2.conf
new file mode 100644
index 00000000..2756132a
--- /dev/null
+++ b/install/ubuntu/18.04/apache2/apache2.conf
@@ -0,0 +1,94 @@
+# It is split into several files forming the configuration hierarchy outlined
+# below, all located in the /etc/apache2/ directory:
+#
+# /etc/apache2/
+# |-- apache2.conf
+# | `-- ports.conf
+# |-- mods-enabled
+# | |-- *.load
+# | `-- *.conf
+# |-- conf.d
+# | `-- *
+
+# Global configuration
+PidFile ${APACHE_PID_FILE}
+Timeout 30
+KeepAlive Off
+MaxKeepAliveRequests 100
+KeepAliveTimeout 10
+
+
+ StartServers 8
+ MinSpareServers 5
+ MaxSpareServers 20
+ ServerLimit 256
+ MaxClients 200
+ MaxRequestsPerChild 4000
+
+
+
+ StartServers 2
+ MinSpareThreads 25
+ MaxSpareThreads 75
+ ThreadLimit 64
+ ThreadsPerChild 25
+ MaxClients 200
+ MaxRequestsPerChild 4000
+
+
+
+ StartServers 2
+ MinSpareThreads 25
+ MaxSpareThreads 75
+ ThreadLimit 64
+ ThreadsPerChild 25
+ MaxClients 200
+ MaxRequestsPerChild 4000
+
+
+# These need to be set in /etc/apache2/envvars
+User ${APACHE_RUN_USER}
+Group ${APACHE_RUN_GROUP}
+#User www-data
+#Group www-data
+
+AccessFileName .htaccess
+
+
+ Order allow,deny
+ Deny from all
+ Satisfy all
+
+
+DefaultType None
+HostnameLookups Off
+
+ErrorLog ${APACHE_LOG_DIR}/error.log
+LogLevel warn
+
+# Include module configuration:
+Include mods-enabled/*.load
+Include mods-enabled/*.conf
+
+# Include list of ports to listen on and which to use for name based vhosts
+Include ports.conf
+
+LogFormat "%v:%p %h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined
+LogFormat "%h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined
+LogFormat "%h %l %u %t \"%r\" %>s %O" common
+LogFormat "%{Referer}i -> %U" referer
+LogFormat "%{User-agent}i" agent
+LogFormat "%b" bytes
+
+Include conf.d/
+
+# Include the virtual host configurations:
+#Include sites-enabled/
+
+ErrorDocument 403 /error/403.html
+ErrorDocument 404 /error/404.html
+ErrorDocument 500 /error/50x.html
+ErrorDocument 501 /error/50x.html
+ErrorDocument 502 /error/50x.html
+ErrorDocument 503 /error/50x.html
+ErrorDocument 506 /error/50x.html
diff --git a/install/ubuntu/18.04/apache2/status.conf b/install/ubuntu/18.04/apache2/status.conf
new file mode 100644
index 00000000..da9d9633
--- /dev/null
+++ b/install/ubuntu/18.04/apache2/status.conf
@@ -0,0 +1,8 @@
+Listen 127.0.0.1:8081
+
+ SetHandler server-status
+ Order deny,allow
+ Deny from all
+ Allow from 127.0.0.1
+ Allow from all
+
diff --git a/install/ubuntu/18.04/bind/named.conf b/install/ubuntu/18.04/bind/named.conf
new file mode 100644
index 00000000..ed6ece88
--- /dev/null
+++ b/install/ubuntu/18.04/bind/named.conf
@@ -0,0 +1,12 @@
+// This is the primary configuration file for the BIND DNS server named.
+//
+// Please read /usr/share/doc/bind9/README.Debian.gz for information on the
+// structure of BIND configuration files in Debian, *BEFORE* you customize
+// this configuration file.
+//
+// If you are just adding zones, please do that in /etc/bind/named.conf.local
+
+include "/etc/bind/named.conf.options";
+include "/etc/bind/named.conf.local";
+include "/etc/bind/named.conf.default-zones";
+
diff --git a/install/ubuntu/18.04/clamav/clamd.conf b/install/ubuntu/18.04/clamav/clamd.conf
new file mode 100644
index 00000000..4e04356e
--- /dev/null
+++ b/install/ubuntu/18.04/clamav/clamd.conf
@@ -0,0 +1,61 @@
+#Automatically Generated by clamav-base postinst
+#To reconfigure clamd run #dpkg-reconfigure clamav-base
+#Please read /usr/share/doc/clamav-base/README.Debian.gz for details
+LocalSocket /var/run/clamav/clamd.ctl
+FixStaleSocket true
+LocalSocketGroup clamav
+LocalSocketMode 666
+# TemporaryDirectory is not set to its default /tmp here to make overriding
+# the default with environment variables TMPDIR/TMP/TEMP possible
+User clamav
+# AllowSupplementaryGroups true
+ScanMail true
+ScanArchive true
+ArchiveBlockEncrypted false
+MaxDirectoryRecursion 15
+FollowDirectorySymlinks false
+FollowFileSymlinks false
+ReadTimeout 180
+MaxThreads 12
+MaxConnectionQueueLength 15
+LogSyslog false
+LogFacility LOG_LOCAL6
+LogClean false
+LogVerbose true
+PidFile /var/run/clamav/clamd.pid
+DatabaseDirectory /var/lib/clamav
+SelfCheck 3600
+Foreground false
+Debug false
+ScanPE true
+ScanOLE2 true
+ScanHTML true
+DetectBrokenExecutables false
+ExitOnOOM false
+LeaveTemporaryFiles false
+AlgorithmicDetection true
+ScanELF true
+IdleTimeout 30
+PhishingSignatures true
+PhishingScanURLs true
+PhishingAlwaysBlockSSLMismatch false
+PhishingAlwaysBlockCloak false
+DetectPUA false
+ScanPartialMessages false
+HeuristicScanPrecedence false
+StructuredDataDetection false
+CommandReadTimeout 5
+SendBufTimeout 200
+MaxQueue 100
+ExtendedDetectionInfo true
+OLE2BlockMacros false
+StreamMaxLength 25M
+LogFile /var/log/clamav/clamav.log
+LogTime true
+LogFileUnlock false
+LogFileMaxSize 0
+Bytecode true
+BytecodeSecurity TrustSigned
+BytecodeTimeout 60000
+OfficialDatabaseOnly false
+CrossFilesystems true
diff --git a/install/ubuntu/18.04/deb_signing.key b/install/ubuntu/18.04/deb_signing.key
new file mode 100644
index 00000000..2ad2db8b
--- /dev/null
+++ b/install/ubuntu/18.04/deb_signing.key
@@ -0,0 +1,30 @@
+-----BEGIN PGP PUBLIC KEY BLOCK-----
+Version: GnuPG v1.4.12 (GNU/Linux)
+
+mQENBFJIGbEBCAC8SHOOFo7iDTbnC2GhNZ+uBGCh226Dn1QPoFZNFM/DNakHZ6rD
+G3wzr8++eKz4fJual/VLllE2N9XDPuxbozb3LLkcyY1WzJqtIXbXhFGQ/SuIeT+x
+QY90XU6t2Ckze2c+zUniAWmJ8GSyVmXOoc9JxAQ1u47wvGXLzrjWXc8u8PNRYXuf
+fZplTL+dFu9P0d6lP8FGsV+r9wXvvazpRTz3+H8PKrGCYT55ZQIEdG9Jgamylto2
+oVPFXkwGML+TLw6oeCIBuz2y2vtivphW4MJ3ifQjDj7k3n+DTIxfDFs8lB6VRhhY
+2nMHCrcZC6U2mhmXmr6O4s1fu6irBVx05ejPABEBAAG0IFNlcmdoZXkgUm9kaW4g
+PHNraWRAdmVzdGFjcC5jb20+iQE4BBMBAgAiBQJSSBmxAhsDBgsJCAcDAgYVCAIJ
+CgsEFgIDAQIeAQIXgAAKCRBCxbITCh93FPdqB/93GjV9g+wBfeZYLHQK9MDU2wBb
+VloYOJJae6IvYKYQVAJayD3PbHdpxrF8s9e23vdnmb9jKu6jX6oV54EIyqP2HPiN
+QYc8wcea+eSHerznBixCtoQh8mtdWGFeN71zU/ig7L5qlOVF/EmxDVZTFUeivFxh
+IV6qyBnktQKktE45585yKZyyLtfGoXA54DGK69OtJFh+wdkKEMmUXocMl7wUrxW6
+Cx2CuKeEXEgvwu8mRHQi3S3T9XP456qWEn5dWyMVcP660IzEuZfSJApZusNK7zG3
+WMy0/EuX7xHNY3mcNxTOUN1LsO7iHnhHD9+iKWJo9parGkMZzc92MpjDK/g7uQEN
+BFJIGbEBCAC7k5QEA9WQM7E3ceNaeLMrA9lXfuzaNCcySq7ONdVAa5PxzbSKdHvz
+QFoL1VFqBTYQ038lbil1XqnoM0zvIfAI3LcpS8sq92El/vPxp6jZh2Ari9Uw7x95
+k2cZMgI67g+zQMGdjVRA155nFQRCgg000xU4F7JA6+WsuLlVUmccsDv7YWJExMtC
+YPxiuz5DFu8RALnw4Ckts+dbwsrcvUHhkm9b6RAsdCKjjRpUZjLgdltjH83gUVvt
+i1YmdjjsVpt95dtsaG+ad852g/Rk8EdxNMkjPF6HLA67CLADP9wYaj80yPcPtylS
+ycvPtcclVeHkFBRVM8xZpQd4iD19MWI1ABEBAAGJAR8EGAECAAkFAlJIGbECGwwA
+CgkQQsWyEwofdxQ7tQgAhB0FwTs7L8Qr63DHC2yAnXVxgtTAY1/36CccNXVculyR
++EkLcwahms9AKhz7eQb+Mud+5vH0GRohLp2npgO38CjVUfIP5d+Y6dsthmrkF6p8
+XdV1dVK9vWX+i/YZSw/Mded30Cq4P2Yhq9EaemMT0rtli8lz2NnkZ9dFJZk1lzJC
+CZmRpbjSNWqRU4f7qyh21lYk/OC/0XE8fh8CaO23TZ+6gBionoCztwb7NyC9OArN
+qYlNnbmh9iNqdblykPS3bkjf34n2xyMgnIehNrM89tk8PY4UfNPhgT1TMD9W3Svq
+ynNZvLuF/FIDwDeC1qcfjGbfDn9fXO/lMIIRooQYKQ==
+=J2HJ
+-----END PGP PUBLIC KEY BLOCK-----
diff --git a/install/ubuntu/18.04/dovecot/conf.d/10-auth.conf b/install/ubuntu/18.04/dovecot/conf.d/10-auth.conf
new file mode 100644
index 00000000..dfcc8311
--- /dev/null
+++ b/install/ubuntu/18.04/dovecot/conf.d/10-auth.conf
@@ -0,0 +1,4 @@
+disable_plaintext_auth = no
+auth_verbose = yes
+auth_mechanisms = plain login
+!include auth-passwdfile.conf.ext
diff --git a/install/ubuntu/18.04/dovecot/conf.d/10-logging.conf b/install/ubuntu/18.04/dovecot/conf.d/10-logging.conf
new file mode 100644
index 00000000..a5f207d5
--- /dev/null
+++ b/install/ubuntu/18.04/dovecot/conf.d/10-logging.conf
@@ -0,0 +1 @@
+log_path = /var/log/dovecot.log
diff --git a/install/ubuntu/18.04/dovecot/conf.d/10-mail.conf b/install/ubuntu/18.04/dovecot/conf.d/10-mail.conf
new file mode 100644
index 00000000..55313419
--- /dev/null
+++ b/install/ubuntu/18.04/dovecot/conf.d/10-mail.conf
@@ -0,0 +1,4 @@
+mail_privileged_group = mail
+mail_access_groups = mail
+mail_location = maildir:%h/mail/%d/%n
+pop3_uidl_format = %08Xu%08Xv
diff --git a/install/ubuntu/18.04/dovecot/conf.d/10-master.conf b/install/ubuntu/18.04/dovecot/conf.d/10-master.conf
new file mode 100644
index 00000000..a75a9aaa
--- /dev/null
+++ b/install/ubuntu/18.04/dovecot/conf.d/10-master.conf
@@ -0,0 +1,29 @@
+service imap-login {
+ inet_listener imap {
+ }
+ inet_listener imaps {
+ }
+}
+
+service pop3-login {
+ inet_listener pop3 {
+ }
+ inet_listener pop3s {
+ }
+}
+
+
+service imap {
+}
+
+service pop3 {
+}
+
+service auth {
+ unix_listener auth-client {
+ group = mail
+ mode = 0660
+ user = dovecot
+ }
+ user = dovecot
+}
diff --git a/install/ubuntu/18.04/dovecot/conf.d/10-ssl.conf b/install/ubuntu/18.04/dovecot/conf.d/10-ssl.conf
new file mode 100644
index 00000000..24cbf3e2
--- /dev/null
+++ b/install/ubuntu/18.04/dovecot/conf.d/10-ssl.conf
@@ -0,0 +1,5 @@
+ssl = yes
+ssl_protocols = !SSLv2 !SSLv3
+
+ssl_cert = = 2.1.4) : %v.%u
+ # Dovecot v0.99.x : %v.%u
+ # tpop3d : %Mf
+ #
+ # Note that Outlook 2003 seems to have problems with %v.%u format which was
+ # Dovecot's default, so if you're building a new server it would be a good
+ # idea to change this. %08Xu%08Xv should be pretty fail-safe.
+ #
+ #pop3_uidl_format = %08Xu%08Xv
+
+ # Permanently save UIDLs sent to POP3 clients, so pop3_uidl_format changes
+ # won't change those UIDLs. Currently this works only with Maildir.
+ #pop3_save_uidl = no
+
+ # What to do about duplicate UIDLs if they exist?
+ # allow: Show duplicates to clients.
+ # rename: Append a temporary -2, -3, etc. counter after the UIDL.
+ #pop3_uidl_duplicates = allow
+
+ # POP3 logout format string:
+ # %i - total number of bytes read from client
+ # %o - total number of bytes sent to client
+ # %t - number of TOP commands
+ # %p - number of bytes sent to client as a result of TOP command
+ # %r - number of RETR commands
+ # %b - number of bytes sent to client as a result of RETR command
+ # %d - number of deleted messages
+ # %m - number of messages (before deletion)
+ # %s - mailbox size in bytes (before deletion)
+ # %u - old/new UIDL hash. may help finding out if UIDLs changed unexpectedly
+ #pop3_logout_format = top=%t/%p, retr=%r/%b, del=%d/%m, size=%s
+
+ # Maximum number of POP3 connections allowed for a user from each IP address.
+ # NOTE: The username is compared case-sensitively.
+ #mail_max_userip_connections = 10
+
+ # Space separated list of plugins to load (default is global mail_plugins).
+ #mail_plugins = $mail_plugins
+
+ # Workarounds for various client bugs:
+ # outlook-no-nuls:
+ # Outlook and Outlook Express hang if mails contain NUL characters.
+ # This setting replaces them with 0x80 character.
+ # oe-ns-eoh:
+ # Outlook Express and Netscape Mail breaks if end of headers-line is
+ # missing. This option simply sends it if it's missing.
+ # The list is space-separated.
+ #pop3_client_workarounds =
+}
diff --git a/install/ubuntu/18.04/dovecot/conf.d/auth-passwdfile.conf.ext b/install/ubuntu/18.04/dovecot/conf.d/auth-passwdfile.conf.ext
new file mode 100644
index 00000000..75e6e115
--- /dev/null
+++ b/install/ubuntu/18.04/dovecot/conf.d/auth-passwdfile.conf.ext
@@ -0,0 +1,9 @@
+passdb {
+ driver = passwd-file
+ args = scheme=MD5-CRYPT username_format=%n /etc/exim4/domains/%d/passwd
+}
+
+userdb {
+ driver = passwd-file
+ args = username_format=%n /etc/exim4/domains/%d/passwd
+}
diff --git a/install/ubuntu/18.04/dovecot/dovecot.conf b/install/ubuntu/18.04/dovecot/dovecot.conf
new file mode 100644
index 00000000..311a3351
--- /dev/null
+++ b/install/ubuntu/18.04/dovecot/dovecot.conf
@@ -0,0 +1,24 @@
+protocols = imap pop3
+listen = *, ::
+base_dir = /var/run/dovecot/
+!include conf.d/*.conf
+
+namespace {
+ type = private
+ separator = /
+ prefix =
+ inbox = yes
+
+ mailbox Sent {
+ auto = subscribe
+ special_use = \Sent
+ }
+ mailbox Drafts {
+ auto = subscribe
+ special_use = \Drafts
+ }
+ mailbox Trash {
+ auto = subscribe
+ special_use = \Trash
+ }
+}
diff --git a/install/ubuntu/18.04/exim/dnsbl.conf b/install/ubuntu/18.04/exim/dnsbl.conf
new file mode 100644
index 00000000..5166b255
--- /dev/null
+++ b/install/ubuntu/18.04/exim/dnsbl.conf
@@ -0,0 +1,2 @@
+bl.spamcop.net
+zen.spamhaus.org
diff --git a/install/ubuntu/18.04/exim/exim4.conf.template b/install/ubuntu/18.04/exim/exim4.conf.template
new file mode 100644
index 00000000..fc346486
--- /dev/null
+++ b/install/ubuntu/18.04/exim/exim4.conf.template
@@ -0,0 +1,382 @@
+######################################################################
+# #
+# Exim configuration file for Vesta Control Panel #
+# #
+######################################################################
+
+#SPAMASSASSIN = yes
+#SPAM_SCORE = 50
+#CLAMD = yes
+
+add_environment = <; PATH=/bin:/usr/bin
+keep_environment =
+disable_ipv6 = true
+
+domainlist local_domains = dsearch;/etc/exim4/domains/
+domainlist relay_to_domains = dsearch;/etc/exim4/domains/
+hostlist relay_from_hosts = 127.0.0.1
+hostlist whitelist = net-iplsearch;/etc/exim4/white-blocks.conf
+hostlist spammers = net-iplsearch;/etc/exim4/spam-blocks.conf
+no_local_from_check
+untrusted_set_sender = *
+acl_smtp_connect = acl_check_spammers
+acl_smtp_mail = acl_check_mail
+acl_smtp_rcpt = acl_check_rcpt
+acl_smtp_data = acl_check_data
+acl_smtp_mime = acl_check_mime
+
+.ifdef SPAMASSASSIN
+spamd_address = 127.0.0.1 783
+.endif
+
+.ifdef CLAMD
+av_scanner = clamd: /var/run/clamav/clamd.ctl
+.endif
+
+tls_advertise_hosts = *
+tls_certificate = /usr/local/vesta/ssl/certificate.crt
+tls_privatekey = /usr/local/vesta/ssl/certificate.key
+
+daemon_smtp_ports = 25 : 465 : 587 : 2525
+tls_on_connect_ports = 465
+never_users = root
+host_lookup = *
+rfc1413_hosts = *
+rfc1413_query_timeout = 5s
+ignore_bounce_errors_after = 2d
+timeout_frozen_after = 7d
+
+DKIM_DOMAIN = ${lc:${domain:$h_from:}}
+DKIM_FILE = /etc/exim4/domains/${lc:${domain:$h_from:}}/dkim.pem
+DKIM_PRIVATE_KEY = ${if exists{DKIM_FILE}{DKIM_FILE}{0}}
+
+
+
+######################################################################
+# ACL CONFIGURATION #
+# Specifies access control lists for incoming SMTP mail #
+######################################################################
+begin acl
+
+acl_check_spammers:
+ accept hosts = +whitelist
+
+ drop message = Your host in blacklist on this server.
+ log_message = Host in blacklist
+ hosts = +spammers
+
+ accept
+
+
+acl_check_mail:
+ deny condition = ${if eq{$sender_helo_name}{}}
+ message = HELO required before MAIL
+
+ drop message = Helo name contains a ip address (HELO was $sender_helo_name) and not is valid
+ condition = ${if match{$sender_helo_name}{\N((\d{1,3}[.-]\d{1,3}[.-]\d{1,3}[.-]\d{1,3})|([0-9a-f]{8})|([0-9A-F]{8}))\N}{yes}{no}}
+ condition = ${if match {${lookup dnsdb{>: defer_never,ptr=$sender_host_address}}\}{$sender_helo_name}{no}{yes}}
+ delay = 45s
+
+ drop condition = ${if isip{$sender_helo_name}}
+ message = Access denied - Invalid HELO name (See RFC2821 4.1.3)
+
+ drop condition = ${if eq{[$interface_address]}{$sender_helo_name}}
+ message = $interface_address is _my_ address
+
+ accept
+
+
+acl_check_rcpt:
+ accept hosts = :
+
+ deny message = Restricted characters in address
+ domains = +local_domains
+ local_parts = ^[.] : ^.*[@%!/|]
+
+ deny message = Restricted characters in address
+ domains = !+local_domains
+ local_parts = ^[./|] : ^.*[@%!] : ^.*/\\.\\./
+
+ require verify = sender
+
+ accept hosts = +relay_from_hosts
+ control = submission
+
+ accept authenticated = *
+ control = submission/domain=
+
+ deny message = Rejected because $sender_host_address is in a black list at $dnslist_domain\n$dnslist_text
+ hosts = !+whitelist
+ dnslists = ${readfile {/etc/exim4/dnsbl.conf}{:}}
+
+ require message = relay not permitted
+ domains = +local_domains : +relay_to_domains
+
+ deny message = smtp auth required
+ sender_domains = +local_domains
+ !authenticated = *
+
+ require verify = recipient
+
+.ifdef CLAMD
+ warn set acl_m0 = no
+
+ warn condition = ${if exists {/etc/exim4/domains/$domain/antivirus}{yes}{no}}
+ set acl_m0 = yes
+.endif
+
+.ifdef SPAMASSASSIN
+ warn set acl_m1 = no
+
+ warn condition = ${if exists {/etc/exim4/domains/$domain/antispam}{yes}{no}}
+ set acl_m1 = yes
+.endif
+
+ accept
+
+
+acl_check_data:
+.ifdef CLAMD
+ deny message = Message contains a virus ($malware_name) and has been rejected
+ malware = *
+ condition = ${if eq{$acl_m0}{yes}{yes}{no}}
+.endif
+
+.ifdef SPAMASSASSIN
+ warn !authenticated = *
+ hosts = !+relay_from_hosts
+ condition = ${if < {$message_size}{1024K}}
+ condition = ${if eq{$acl_m1}{yes}{yes}{no}}
+ spam = debian-spamd:true/defer_ok
+ add_header = X-Spam-Score: $spam_score_int
+ add_header = X-Spam-Bar: $spam_bar
+ add_header = X-Spam-Report: $spam_report
+ set acl_m2 = $spam_score_int
+
+ warn condition = ${if !eq{$acl_m2}{} {yes}{no}}
+ condition = ${if >{$acl_m2}{SPAM_SCORE} {yes}{no}}
+ add_header = X-Spam-Status: Yes
+ message = SpamAssassin detected spam (from $sender_address to $recipients).
+.endif
+
+ accept
+
+
+acl_check_mime:
+ deny message = Blacklisted file extension detected
+ condition = ${if match {${lc:$mime_filename}}{\N(\.ade|\.adp|\.bat|\.chm|\.cmd|\.com|\.cpl|\.exe|\.hta|\.ins|\.isp|\.jse|\.lib|\.lnk|\.mde|\.msc|\.msp|\.mst|\.pif|\.scr|\.sct|\.shb|\.sys|\.vb|\.vbe|\.vbs|\.vxd|\.wsc|\.wsf|\.wsh)$\N}{1}{0}}
+
+ accept
+
+
+
+######################################################################
+# AUTHENTICATION CONFIGURATION #
+######################################################################
+begin authenticators
+
+dovecot_plain:
+ driver = dovecot
+ public_name = PLAIN
+ server_socket = /var/run/dovecot/auth-client
+ server_set_id = $auth1
+
+dovecot_login:
+ driver = dovecot
+ public_name = LOGIN
+ server_socket = /var/run/dovecot/auth-client
+ server_set_id = $auth1
+
+
+
+######################################################################
+# ROUTERS CONFIGURATION #
+# Specifies how addresses are handled #
+######################################################################
+begin routers
+
+#smarthost:
+# driver = manualroute
+# domains = ! +local_domains
+# transport = remote_smtp
+# route_list = * smartrelay.vestacp.com
+# no_more
+# no_verify
+
+dnslookup:
+ driver = dnslookup
+ domains = !+local_domains
+ transport = remote_smtp
+ no_more
+
+userforward:
+ driver = redirect
+ check_local_user
+ file = $home/.forward
+ allow_filter
+ no_verify
+ no_expn
+ check_ancestor
+ file_transport = address_file
+ pipe_transport = address_pipe
+ reply_transport = address_reply
+
+procmail:
+ driver = accept
+ check_local_user
+ require_files = ${local_part}:+${home}/.procmailrc:/usr/bin/procmail
+ transport = procmail
+ no_verify
+
+autoreplay:
+ driver = accept
+ require_files = /etc/exim4/domains/$domain/autoreply.${local_part}.msg
+ condition = ${if exists{/etc/exim4/domains/$domain/autoreply.${local_part}.msg}{yes}{no}}
+ retry_use_local_part
+ transport = userautoreply
+ unseen
+
+aliases:
+ driver = redirect
+ headers_add = X-redirected: yes
+ data = ${extract{1}{:}{${lookup{$local_part@$domain}lsearch{/etc/exim4/domains/$domain/aliases}}}}
+ require_files = /etc/exim4/domains/$domain/aliases
+ redirect_router = dnslookup
+ pipe_transport = address_pipe
+ unseen
+
+localuser_fwd_only:
+ driver = accept
+ transport = devnull
+ condition = ${if exists{/etc/exim4/domains/$domain/fwd_only}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/fwd_only}{true}{false}}}}
+
+localuser_spam:
+ driver = accept
+ transport = local_spam_delivery
+ condition = ${if eq {${if match{$h_X-Spam-Status:}{\N^Yes\N}{yes}{no}}} {${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}{yes}{no_such_user}}}}
+
+localuser:
+ driver = accept
+ transport = local_delivery
+ condition = ${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}{true}{false}}
+
+catchall:
+ driver = redirect
+ headers_add = X-redirected: yes
+ require_files = /etc/exim4/domains/$domain/aliases
+ data = ${extract{1}{:}{${lookup{*@$domain}lsearch{/etc/exim4/domains/$domain/aliases}}}}
+ file_transport = local_delivery
+ redirect_router = dnslookup
+
+terminate_alias:
+ driver = accept
+ transport = devnull
+ condition = ${lookup{$local_part@$domain}lsearch{/etc/exim4/domains/$domain/aliases}{true}{false}}
+
+
+
+######################################################################
+# TRANSPORTS CONFIGURATION #
+######################################################################
+begin transports
+
+remote_smtp:
+ driver = smtp
+ #helo_data = $sender_address_domain
+ dkim_domain = DKIM_DOMAIN
+ dkim_selector = mail
+ dkim_private_key = DKIM_PRIVATE_KEY
+ dkim_canon = relaxed
+ dkim_strict = 0
+
+procmail:
+ driver = pipe
+ command = "/usr/bin/procmail -d $local_part"
+ return_path_add
+ delivery_date_add
+ envelope_to_add
+ user = $local_part
+ initgroups
+ return_output
+
+local_delivery:
+ driver = appendfile
+ maildir_format
+ maildir_use_size_file
+ user = ${extract{2}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}
+ group = mail
+ create_directory
+ directory_mode = 770
+ mode = 660
+ use_lockfile = no
+ delivery_date_add
+ envelope_to_add
+ return_path_add
+ directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}/mail/$domain/$local_part"
+ quota = ${extract{6}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}M
+ quota_warn_threshold = 75%
+
+local_spam_delivery:
+ driver = appendfile
+ maildir_format
+ maildir_use_size_file
+ user = ${extract{2}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}
+ group = mail
+ create_directory
+ directory_mode = 770
+ mode = 660
+ use_lockfile = no
+ delivery_date_add
+ envelope_to_add
+ return_path_add
+ directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}/mail/$domain/$local_part/.Spam"
+ quota = ${extract{6}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}M
+ quota_directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}/mail/$domain/$local_part"
+ quota_warn_threshold = 75%
+
+address_pipe:
+ driver = pipe
+ return_output
+
+address_file:
+ driver = appendfile
+ delivery_date_add
+ envelope_to_add
+ return_path_add
+
+address_reply:
+ driver = autoreply
+
+userautoreply:
+ driver = autoreply
+ file = /etc/exim4/domains/$domain/autoreply.${local_part}.msg
+ from = "${local_part}@${domain}"
+ headers = Content-Type: text/plain; charset=utf-8;\nContent-Transfer-Encoding: 8bit
+ subject = "${if def:h_Subject: {Autoreply: \"${rfc2047:$h_Subject:}\"} {Autoreply Message}}"
+ to = "${sender_address}"
+
+devnull:
+ driver = appendfile
+ file = /dev/null
+
+
+
+######################################################################
+# RETRY CONFIGURATION #
+######################################################################
+begin retry
+
+# Address or Domain Error Retries
+# ----------------- ----- -------
+* * F,2h,15m; G,16h,1h,1.5; F,4d,6h
+
+
+
+######################################################################
+# REWRITE CONFIGURATION #
+######################################################################
+begin rewrite
+
+
+
+######################################################################
diff --git a/install/ubuntu/18.04/exim/spam-blocks.conf b/install/ubuntu/18.04/exim/spam-blocks.conf
new file mode 100644
index 00000000..e69de29b
diff --git a/install/ubuntu/18.04/fail2ban/action.d/vesta.conf b/install/ubuntu/18.04/fail2ban/action.d/vesta.conf
new file mode 100644
index 00000000..0edfc349
--- /dev/null
+++ b/install/ubuntu/18.04/fail2ban/action.d/vesta.conf
@@ -0,0 +1,9 @@
+# Fail2Ban configuration file for vesta
+
+[Definition]
+
+actionstart = /usr/local/vesta/bin/v-add-firewall-chain
+actionstop = /usr/local/vesta/bin/v-delete-firewall-chain
+actioncheck = iptables -n -L INPUT | grep -q 'fail2ban-[ \t]'
+actionban = /usr/local/vesta/bin/v-add-firewall-ban
+actionunban = /usr/local/vesta/bin/v-delete-firewall-ban
diff --git a/install/ubuntu/18.04/fail2ban/filter.d/vesta.conf b/install/ubuntu/18.04/fail2ban/filter.d/vesta.conf
new file mode 100644
index 00000000..69670a56
--- /dev/null
+++ b/install/ubuntu/18.04/fail2ban/filter.d/vesta.conf
@@ -0,0 +1,10 @@
+# Fail2Ban filter for unsuccesfull Vesta authentication attempts
+#
+
+[INCLUDES]
+before = common.conf
+
+[Definition]
+failregex = .* failed to login
+ignoreregex =
+
diff --git a/install/ubuntu/18.04/fail2ban/jail.local b/install/ubuntu/18.04/fail2ban/jail.local
new file mode 100644
index 00000000..013f81c4
--- /dev/null
+++ b/install/ubuntu/18.04/fail2ban/jail.local
@@ -0,0 +1,51 @@
+[DEFAULT]
+ignoreip = 127.0.0.1/8
+
+[ssh-iptables]
+enabled = true
+filter = sshd
+action = vesta[name=SSH]
+logpath = /var/log/auth.log
+maxretry = 5
+
+[vsftpd-iptables]
+enabled = false
+filter = vsftpd
+action = vesta[name=FTP]
+logpath = /var/log/vsftpd.log
+maxretry = 5
+
+[exim-iptables]
+enabled = true
+filter = exim
+action = vesta[name=MAIL]
+logpath = /var/log/exim4/mainlog
+maxretry = 5
+
+[dovecot-iptables]
+enabled = true
+filter = dovecot
+action = vesta[name=MAIL]
+logpath = /var/log/dovecot.log
+maxretry = 5
+
+[mysqld-iptables]
+enabled = false
+filter = mysqld-auth
+action = vesta[name=DB]
+logpath = /var/log/mysql.log
+maxretry = 5
+
+[vesta-iptables]
+enabled = true
+filter = vesta
+action = vesta[name=VESTA]
+logpath = /var/log/vesta/auth.log
+maxretry = 5
+
+[roundcube-auth]
+enabled = false
+filter = roundcube-auth
+port = http,https
+logpath = /var/log/roundcube/errors
+maxretry = 5
diff --git a/install/ubuntu/18.04/firewall/ports.conf b/install/ubuntu/18.04/firewall/ports.conf
new file mode 100644
index 00000000..b730d012
--- /dev/null
+++ b/install/ubuntu/18.04/firewall/ports.conf
@@ -0,0 +1,17 @@
+PROTOCOL='TCP' PORT='20'
+PROTOCOL='TCP' PORT='21'
+PROTOCOL='TCP' PORT='22'
+PROTOCOL='TCP' PORT='25'
+PROTOCOL='TCP' PORT='53'
+PROTOCOL='UDP' PORT='53'
+PROTOCOL='TCP' PORT='80'
+PROTOCOL='TCP' PORT='443'
+PROTOCOL='TCP' PORT='110'
+PROTOCOL='UDP' PORT='123'
+PROTOCOL='TCP' PORT='143'
+PROTOCOL='TCP' PORT='3306'
+PROTOCOL='TCP' PORT='5432'
+PROTOCOL='TCP' PORT='8080'
+PROTOCOL='TCP' PORT='8433'
+PROTOCOL='TCP' PORT='8083'
+PROTOCOL='TCP' PORT='12000:12100'
diff --git a/install/ubuntu/18.04/firewall/rules.conf b/install/ubuntu/18.04/firewall/rules.conf
new file mode 100644
index 00000000..fba98e1e
--- /dev/null
+++ b/install/ubuntu/18.04/firewall/rules.conf
@@ -0,0 +1,11 @@
+RULE='1' ACTION='ACCEPT' PROTOCOL='ICMP' PORT='0' IP='0.0.0.0/0' COMMENT='PING' SUSPENDED='no' TIME='17:13:48' DATE='2014-09-16'
+RULE='2' ACTION='ACCEPT' PROTOCOL='TCP' PORT='8083' IP='0.0.0.0/0' COMMENT='VESTA' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25'
+RULE='3' ACTION='ACCEPT' PROTOCOL='TCP' PORT='3306,5432' IP='0.0.0.0/0' COMMENT='DB' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25'
+RULE='4' ACTION='ACCEPT' PROTOCOL='TCP' PORT='143,993' IP='0.0.0.0/0' COMMENT='IMAP' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25'
+RULE='5' ACTION='ACCEPT' PROTOCOL='TCP' PORT='110,995' IP='0.0.0.0/0' COMMENT='POP3' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25'
+RULE='6' ACTION='ACCEPT' PROTOCOL='TCP' PORT='25,465,587,2525' IP='0.0.0.0/0' COMMENT='SMTP' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25'
+RULE='7' ACTION='ACCEPT' PROTOCOL='TCP' PORT='53' IP='0.0.0.0/0' COMMENT='DNS' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25'
+RULE='8' ACTION='ACCEPT' PROTOCOL='UDP' PORT='53' IP='0.0.0.0/0' COMMENT='DNS' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25'
+RULE='9' ACTION='ACCEPT' PROTOCOL='TCP' PORT='21,12000-12100' IP='0.0.0.0/0' COMMENT='FTP' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25'
+RULE='10' ACTION='ACCEPT' PROTOCOL='TCP' PORT='80,443' IP='0.0.0.0/0' COMMENT='WEB' SUSPENDED='no' TIME='17:04:27' DATE='2014-09-24'
+RULE='11' ACTION='ACCEPT' PROTOCOL='TCP' PORT='22' IP='0.0.0.0/0' COMMENT='SSH' SUSPENDED='no' TIME='17:14:41' DATE='2014-09-16'
diff --git a/install/ubuntu/18.04/logrotate/apache2 b/install/ubuntu/18.04/logrotate/apache2
new file mode 100644
index 00000000..27629d0d
--- /dev/null
+++ b/install/ubuntu/18.04/logrotate/apache2
@@ -0,0 +1,19 @@
+/var/log/apache2/*.log /var/log/apache2/domains/*log {
+ weekly
+ missingok
+ rotate 52
+ compress
+ delaycompress
+ notifempty
+ create 640 root adm
+ sharedscripts
+ postrotate
+ /etc/init.d/apache2 reload > /dev/null || true
+ [ ! -f /var/run/nginx.pid ] || kill -USR1 `cat /var/run/nginx.pid`
+ endscript
+ prerotate
+ if [ -d /etc/logrotate.d/httpd-prerotate ]; then \
+ run-parts /etc/logrotate.d/httpd-prerotate; \
+ fi; \
+ endscript
+}
diff --git a/install/ubuntu/18.04/logrotate/dovecot b/install/ubuntu/18.04/logrotate/dovecot
new file mode 100644
index 00000000..ac4fd6e9
--- /dev/null
+++ b/install/ubuntu/18.04/logrotate/dovecot
@@ -0,0 +1,12 @@
+/var/log/dovecot*.log {
+ weekly
+ rotate 4
+ missingok
+ notifempty
+ compress
+ delaycompress
+ sharedscripts
+ postrotate
+ doveadm log reopen
+ endscript
+}
diff --git a/install/ubuntu/18.04/logrotate/nginx b/install/ubuntu/18.04/logrotate/nginx
new file mode 100644
index 00000000..d667f213
--- /dev/null
+++ b/install/ubuntu/18.04/logrotate/nginx
@@ -0,0 +1,13 @@
+/var/log/nginx/*log /var/log/nginx/domains/*log {
+ daily
+ missingok
+ rotate 52
+ compress
+ delaycompress
+ notifempty
+ create 640 nginx adm
+ sharedscripts
+ postrotate
+ [ -f /var/run/nginx.pid ] && kill -USR1 `cat /var/run/nginx.pid`
+ endscript
+}
diff --git a/install/ubuntu/18.04/logrotate/vesta b/install/ubuntu/18.04/logrotate/vesta
new file mode 100644
index 00000000..027a3439
--- /dev/null
+++ b/install/ubuntu/18.04/logrotate/vesta
@@ -0,0 +1,7 @@
+/usr/local/vesta/log/*.log {
+ missingok
+ notifempty
+ size 30k
+ yearly
+ create 0600 root root
+}
diff --git a/install/ubuntu/18.04/mysql/my-large.cnf b/install/ubuntu/18.04/mysql/my-large.cnf
new file mode 100644
index 00000000..7201377c
--- /dev/null
+++ b/install/ubuntu/18.04/mysql/my-large.cnf
@@ -0,0 +1,41 @@
+[client]
+port=3306
+socket=/var/run/mysqld/mysqld.sock
+
+[mysqld_safe]
+socket=/var/run/mysqld/mysqld.sock
+
+[mysqld]
+user=mysql
+pid-file=/var/run/mysqld/mysqld.pid
+socket=/var/run/mysqld/mysqld.sock
+port=3306
+basedir=/usr
+datadir=/var/lib/mysql
+tmpdir=/tmp
+lc-messages-dir=/usr/share/mysql
+log_error=/var/log/mysql/error.log
+
+symbolic-links=0
+
+skip-external-locking
+key_buffer_size = 256M
+max_allowed_packet = 32M
+table_open_cache = 256
+sort_buffer_size = 1M
+read_buffer_size = 1M
+read_rnd_buffer_size = 4M
+myisam_sort_buffer_size = 64M
+thread_cache_size = 8
+query_cache_size= 16M
+
+#innodb_use_native_aio = 0
+innodb_file_per_table
+
+max_connections=200
+max_user_connections=50
+wait_timeout=10
+interactive_timeout=50
+long_query_time=5
+
+!includedir /etc/mysql/conf.d/
diff --git a/install/ubuntu/18.04/mysql/my-medium.cnf b/install/ubuntu/18.04/mysql/my-medium.cnf
new file mode 100644
index 00000000..1c10ab9a
--- /dev/null
+++ b/install/ubuntu/18.04/mysql/my-medium.cnf
@@ -0,0 +1,40 @@
+[client]
+port=3306
+socket=/var/run/mysqld/mysqld.sock
+
+[mysqld_safe]
+socket=/var/run/mysqld/mysqld.sock
+
+[mysqld]
+user=mysql
+pid-file=/var/run/mysqld/mysqld.pid
+socket=/var/run/mysqld/mysqld.sock
+port=3306
+basedir=/usr
+datadir=/var/lib/mysql
+tmpdir=/tmp
+lc-messages-dir=/usr/share/mysql
+log_error=/var/log/mysql/error.log
+
+symbolic-links=0
+
+skip-external-locking
+key_buffer_size = 16M
+max_allowed_packet = 16M
+table_open_cache = 64
+sort_buffer_size = 512K
+net_buffer_length = 8K
+read_buffer_size = 256K
+read_rnd_buffer_size = 512K
+myisam_sort_buffer_size = 8M
+
+#innodb_use_native_aio = 0
+innodb_file_per_table
+
+max_connections=70
+max_user_connections=30
+wait_timeout=10
+interactive_timeout=50
+long_query_time=5
+
+!includedir /etc/mysql/conf.d/
diff --git a/install/ubuntu/18.04/mysql/my-small.cnf b/install/ubuntu/18.04/mysql/my-small.cnf
new file mode 100644
index 00000000..26a80478
--- /dev/null
+++ b/install/ubuntu/18.04/mysql/my-small.cnf
@@ -0,0 +1,40 @@
+[client]
+port=3306
+socket=/var/run/mysqld/mysqld.sock
+
+[mysqld_safe]
+socket=/var/run/mysqld/mysqld.sock
+
+[mysqld]
+user=mysql
+pid-file=/var/run/mysqld/mysqld.pid
+socket=/var/run/mysqld/mysqld.sock
+port=3306
+basedir=/usr
+datadir=/var/lib/mysql
+tmpdir=/tmp
+lc-messages-dir=/usr/share/mysql
+log_error=/var/log/mysql/error.log
+
+symbolic-links=0
+
+skip-external-locking
+key_buffer_size = 16K
+max_allowed_packet = 1M
+table_open_cache = 4
+sort_buffer_size = 64K
+read_buffer_size = 256K
+read_rnd_buffer_size = 256K
+net_buffer_length = 2K
+thread_stack = 240K
+
+#innodb_use_native_aio = 0
+innodb_file_per_table
+
+max_connections=30
+max_user_connections=20
+wait_timeout=10
+interactive_timeout=50
+long_query_time=5
+
+!includedir /etc/mysql/conf.d/
diff --git a/install/ubuntu/18.04/nginx/nginx.conf b/install/ubuntu/18.04/nginx/nginx.conf
new file mode 100644
index 00000000..e7256de7
--- /dev/null
+++ b/install/ubuntu/18.04/nginx/nginx.conf
@@ -0,0 +1,136 @@
+# Server globals
+user www-data;
+worker_processes auto;
+worker_rlimit_nofile 65535;
+error_log /var/log/nginx/error.log crit;
+pid /var/run/nginx.pid;
+
+
+# Worker config
+events {
+ worker_connections 1024;
+ use epoll;
+ multi_accept on;
+}
+
+
+http {
+ # Main settings
+ sendfile on;
+ tcp_nopush on;
+ tcp_nodelay on;
+ client_header_timeout 1m;
+ client_body_timeout 1m;
+ client_header_buffer_size 2k;
+ client_body_buffer_size 256k;
+ client_max_body_size 256m;
+ large_client_header_buffers 4 8k;
+ send_timeout 30;
+ keepalive_timeout 60 60;
+ reset_timedout_connection on;
+ server_tokens off;
+ server_name_in_redirect off;
+ server_names_hash_max_size 512;
+ server_names_hash_bucket_size 512;
+
+
+ # Log format
+ log_format main '$remote_addr - $remote_user [$time_local] $request '
+ '"$status" $body_bytes_sent "$http_referer" '
+ '"$http_user_agent" "$http_x_forwarded_for"';
+ log_format bytes '$body_bytes_sent';
+ #access_log /var/log/nginx/access.log main;
+ access_log off;
+
+
+ # Mime settings
+ include /etc/nginx/mime.types;
+ default_type application/octet-stream;
+
+
+ # Compression
+ gzip on;
+ gzip_comp_level 9;
+ gzip_min_length 512;
+ gzip_buffers 8 64k;
+ gzip_types text/plain text/css text/javascript text/js text/xml application/json application/javascript application/x-javascript application/xml application/xml+rss application/x-font-ttf image/svg+xml font/opentype;
+ gzip_proxied any;
+ gzip_disable "MSIE [1-6]\.";
+
+ # Proxy settings
+ proxy_redirect off;
+ proxy_set_header Host $host;
+ proxy_set_header X-Real-IP $remote_addr;
+ proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+ proxy_pass_header Set-Cookie;
+ proxy_connect_timeout 90;
+ proxy_send_timeout 90;
+ proxy_read_timeout 90;
+ proxy_buffers 32 4k;
+
+
+ # Cloudflare https://www.cloudflare.com/ips
+ set_real_ip_from 103.21.244.0/22;
+ set_real_ip_from 103.22.200.0/22;
+ set_real_ip_from 103.31.4.0/22;
+ set_real_ip_from 104.16.0.0/12;
+ set_real_ip_from 108.162.192.0/18;
+ set_real_ip_from 131.0.72.0/22;
+ set_real_ip_from 141.101.64.0/18;
+ set_real_ip_from 162.158.0.0/15;
+ set_real_ip_from 172.64.0.0/13;
+ set_real_ip_from 173.245.48.0/20;
+ set_real_ip_from 188.114.96.0/20;
+ set_real_ip_from 190.93.240.0/20;
+ set_real_ip_from 197.234.240.0/22;
+ set_real_ip_from 198.41.128.0/17;
+ #set_real_ip_from 2400:cb00::/32;
+ #set_real_ip_from 2606:4700::/32;
+ #set_real_ip_from 2803:f800::/32;
+ #set_real_ip_from 2405:b500::/32;
+ #set_real_ip_from 2405:8100::/32;
+ #set_real_ip_from 2c0f:f248::/32;
+ #set_real_ip_from 2a06:98c0::/29;
+ real_ip_header CF-Connecting-IP;
+
+
+ # SSL PCI Compliance
+ ssl_session_cache shared:SSL:10m;
+ ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
+ ssl_prefer_server_ciphers on;
+ ssl_ciphers "ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4";
+
+
+ # Error pages
+ error_page 403 /error/403.html;
+ error_page 404 /error/404.html;
+ error_page 502 503 504 /error/50x.html;
+
+
+ # Cache settings
+ proxy_cache_path /var/cache/nginx levels=2 keys_zone=cache:10m inactive=60m max_size=1024m;
+ proxy_cache_key "$host$request_uri $cookie_user";
+ proxy_temp_path /var/cache/nginx/temp;
+ proxy_ignore_headers Expires Cache-Control;
+ proxy_cache_use_stale error timeout invalid_header http_502;
+ proxy_cache_valid any 1d;
+
+
+ # Cache bypass
+ map $http_cookie $no_cache {
+ default 0;
+ ~SESS 1;
+ ~wordpress_logged_in 1;
+ }
+
+
+ # File cache settings
+ open_file_cache max=10000 inactive=30s;
+ open_file_cache_valid 60s;
+ open_file_cache_min_uses 2;
+ open_file_cache_errors off;
+
+
+ # Wildcard include
+ include /etc/nginx/conf.d/*.conf;
+}
diff --git a/install/ubuntu/18.04/nginx/phpmyadmin.inc b/install/ubuntu/18.04/nginx/phpmyadmin.inc
new file mode 100644
index 00000000..1feb8546
--- /dev/null
+++ b/install/ubuntu/18.04/nginx/phpmyadmin.inc
@@ -0,0 +1,18 @@
+location /phpmyadmin {
+ alias /usr/share/phpmyadmin/;
+
+ location ~ /(libraries|setup) {
+ return 404;
+ }
+
+ location ~ ^/phpmyadmin/(.*\.php)$ {
+ alias /usr/share/phpmyadmin/$1;
+ fastcgi_pass 127.0.0.1:9000;
+ fastcgi_index index.php;
+ include fastcgi_params;
+ fastcgi_param SCRIPT_FILENAME $request_filename;
+ }
+ location ~* ^/phpmyadmin/(.+\.(jpg|jpeg|gif|css|png|js|ico|html|xml|txt))$ {
+ root /usr/share/;
+ }
+}
diff --git a/install/ubuntu/18.04/nginx/phppgadmin.inc b/install/ubuntu/18.04/nginx/phppgadmin.inc
new file mode 100644
index 00000000..cd1e5806
--- /dev/null
+++ b/install/ubuntu/18.04/nginx/phppgadmin.inc
@@ -0,0 +1,11 @@
+location /phppgadmin {
+ alias /usr/share/phppgadmin/;
+
+ location ~ ^/phppgadmin/(.*\.php)$ {
+ alias /usr/share/phppgadmin/$1;
+ fastcgi_pass 127.0.0.1:9000;
+ fastcgi_index index.php;
+ include fastcgi_params;
+ fastcgi_param SCRIPT_FILENAME $request_filename;
+ }
+}
diff --git a/install/ubuntu/18.04/nginx/status.conf b/install/ubuntu/18.04/nginx/status.conf
new file mode 100644
index 00000000..c0bcd069
--- /dev/null
+++ b/install/ubuntu/18.04/nginx/status.conf
@@ -0,0 +1,9 @@
+server {
+ listen 127.0.0.1:8084 default;
+ server_name _;
+ server_name_in_redirect off;
+ location / {
+ stub_status on;
+ access_log off;
+ }
+}
diff --git a/install/ubuntu/18.04/nginx/webmail.inc b/install/ubuntu/18.04/nginx/webmail.inc
new file mode 100644
index 00000000..ad66895b
--- /dev/null
+++ b/install/ubuntu/18.04/nginx/webmail.inc
@@ -0,0 +1,15 @@
+location /webmail {
+ alias /var/lib/roundcube/;
+
+ location ~ /(config|temp|logs) {
+ return 404;
+ }
+
+ location ~ ^/webmail/(.*\.php)$ {
+ alias /var/lib/roundcube/$1;
+ fastcgi_pass 127.0.0.1:9000;
+ fastcgi_index index.php;
+ include fastcgi_params;
+ fastcgi_param SCRIPT_FILENAME $request_filename;
+ }
+}
diff --git a/install/ubuntu/18.04/packages/default.pkg b/install/ubuntu/18.04/packages/default.pkg
new file mode 100644
index 00000000..c2a93574
--- /dev/null
+++ b/install/ubuntu/18.04/packages/default.pkg
@@ -0,0 +1,18 @@
+WEB_TEMPLATE='default'
+PROXY_TEMPLATE='default'
+DNS_TEMPLATE='default'
+WEB_DOMAINS='100'
+WEB_ALIASES='100'
+DNS_DOMAINS='100'
+DNS_RECORDS='100'
+MAIL_DOMAINS='100'
+MAIL_ACCOUNTS='100'
+DATABASES='100'
+CRON_JOBS='100'
+DISK_QUOTA='unlimited'
+BANDWIDTH='100000'
+NS='ns1.domain.tld,ns2.domain.tld'
+SHELL='nologin'
+BACKUPS='3'
+TIME='18:00:00'
+DATE='2017-12-28'
diff --git a/install/ubuntu/18.04/packages/gainsboro.pkg b/install/ubuntu/18.04/packages/gainsboro.pkg
new file mode 100644
index 00000000..76d7dae2
--- /dev/null
+++ b/install/ubuntu/18.04/packages/gainsboro.pkg
@@ -0,0 +1,18 @@
+WEB_TEMPLATE='default'
+PROXY_TEMPLATE='default'
+DNS_TEMPLATE='default'
+WEB_DOMAINS='10'
+WEB_ALIASES='10'
+DNS_DOMAINS='10'
+DNS_RECORDS='10'
+MAIL_DOMAINS='10'
+MAIL_ACCOUNTS='10'
+DATABASES='10'
+CRON_JOBS='10'
+DISK_QUOTA='10000'
+BANDWIDTH='10000'
+NS='ns1.domain.tld,ns2.domain.tld'
+SHELL='nologin'
+BACKUPS='1'
+TIME='18:00:00'
+DATE='2017-12-28'
diff --git a/install/ubuntu/18.04/packages/palegreen.pkg b/install/ubuntu/18.04/packages/palegreen.pkg
new file mode 100644
index 00000000..3db5fe57
--- /dev/null
+++ b/install/ubuntu/18.04/packages/palegreen.pkg
@@ -0,0 +1,18 @@
+WEB_TEMPLATE='hosting'
+PROXY_TEMPLATE='hosting'
+DNS_TEMPLATE='default'
+WEB_DOMAINS='50'
+WEB_ALIASES='50'
+DNS_DOMAINS='50'
+DNS_RECORDS='50'
+MAIL_DOMAINS='50'
+MAIL_ACCOUNTS='50'
+DATABASES='50'
+CRON_JOBS='50'
+DISK_QUOTA='50000'
+BANDWIDTH='50000'
+NS='ns1.domain.tld,ns2.domain.tld'
+SHELL='nologin'
+BACKUPS='5'
+TIME='18:00:00'
+DATE='2017-12-28'
diff --git a/install/ubuntu/18.04/packages/slategrey.pkg b/install/ubuntu/18.04/packages/slategrey.pkg
new file mode 100644
index 00000000..d89e796f
--- /dev/null
+++ b/install/ubuntu/18.04/packages/slategrey.pkg
@@ -0,0 +1,18 @@
+WEB_TEMPLATE='default'
+PROXY_TEMPLATE='default'
+DNS_TEMPLATE='default'
+WEB_DOMAINS='100'
+WEB_ALIASES='100'
+DNS_DOMAINS='100'
+DNS_RECORDS='100'
+MAIL_DOMAINS='100'
+MAIL_ACCOUNTS='100'
+DATABASES='100'
+CRON_JOBS='100'
+DISK_QUOTA='10000'
+BANDWIDTH='100000'
+NS='ns1.domain.tld,ns2.domain.tld'
+SHELL='nologin'
+BACKUPS='3'
+TIME='18:00:00'
+DATE='2017-12-28'
diff --git a/install/ubuntu/18.04/pga/config.inc.php b/install/ubuntu/18.04/pga/config.inc.php
new file mode 100644
index 00000000..1eec9776
--- /dev/null
+++ b/install/ubuntu/18.04/pga/config.inc.php
@@ -0,0 +1,159 @@
+
diff --git a/install/ubuntu/18.04/pga/phppgadmin.conf b/install/ubuntu/18.04/pga/phppgadmin.conf
new file mode 100644
index 00000000..f39247d6
--- /dev/null
+++ b/install/ubuntu/18.04/pga/phppgadmin.conf
@@ -0,0 +1,31 @@
+Alias /phppgadmin /usr/share/phppgadmin
+
+
+
+DirectoryIndex index.php
+AllowOverride None
+
+order deny,allow
+deny from all
+allow from 127.0.0.0/255.0.0.0 ::1/128
+allow from all
+
+
+ php_flag magic_quotes_gpc Off
+ php_flag track_vars On
+ php_value include_path .
+
+
+
+
+ AddType application/x-httpd-php .php
+ Action application/x-httpd-php /cgi-bin/php
+
+
+ AddType application/x-httpd-php .php
+ Action application/x-httpd-php /cgi-bin/php
+
+
+
+
+
diff --git a/install/ubuntu/18.04/php-fpm/www.conf b/install/ubuntu/18.04/php-fpm/www.conf
new file mode 100644
index 00000000..3c87f33c
--- /dev/null
+++ b/install/ubuntu/18.04/php-fpm/www.conf
@@ -0,0 +1,11 @@
+[www]
+listen = 127.0.0.1:9000
+listen.allowed_clients = 127.0.0.1
+
+user = www-data
+group = www-data
+
+pm = ondemand
+pm.max_children = 2
+pm.max_requests = 4000
+pm.process_idle_timeout = 10s
diff --git a/install/ubuntu/18.04/pma/apache.conf b/install/ubuntu/18.04/pma/apache.conf
new file mode 100644
index 00000000..4da6ce84
--- /dev/null
+++ b/install/ubuntu/18.04/pma/apache.conf
@@ -0,0 +1,42 @@
+# phpMyAdmin default Apache configuration
+
+Alias /phpmyadmin /usr/share/phpmyadmin
+
+
+ Options FollowSymLinks
+ DirectoryIndex index.php
+
+
+ AddType application/x-httpd-php .php
+
+ php_flag magic_quotes_gpc Off
+ php_flag track_vars On
+ php_flag register_globals Off
+ php_admin_flag allow_url_fopen Off
+ php_value include_path .
+ php_admin_value upload_tmp_dir /var/lib/phpmyadmin/tmp
+ php_admin_value open_basedir /usr/share/phpmyadmin/:/etc/phpmyadmin/:/var/lib/phpmyadmin/:/usr/share/php/php-gettext:/usr/share/javascript/
+
+
+
+
+# Authorize for setup
+
+
+ AuthType Basic
+ AuthName "phpMyAdmin Setup"
+ AuthUserFile /etc/phpmyadmin/htpasswd.setup
+
+ Require valid-user
+
+
+# Disallow web access to directories that don't need it
+
+ Order Deny,Allow
+ Deny from All
+
+
+ Order Deny,Allow
+ Deny from All
+
+
diff --git a/install/ubuntu/18.04/pma/config.inc.php b/install/ubuntu/18.04/pma/config.inc.php
new file mode 100644
index 00000000..a643a065
--- /dev/null
+++ b/install/ubuntu/18.04/pma/config.inc.php
@@ -0,0 +1,146 @@
+
+ VRootEngine on
+ VRootAlias /etc/security/pam_env.conf etc/security/pam_env.conf
+
+
+AuthPAMConfig proftpd
+AuthOrder mod_auth_pam.c* mod_auth_unix.c
+UseReverseDNS off
+User proftpd
+Group nogroup
+MaxInstances 20
+UseSendfile off
+LogFormat default "%h %l %u %t \"%r\" %s %b"
+LogFormat auth "%v [%P] %h %t \"%r\" %s"
+ListOptions -a
+RequireValidShell off
+PassivePorts 12000 12100
+
+
+ Umask 002
+ IdentLookups off
+ AllowOverwrite yes
+
+ AllowAll
+
+
diff --git a/install/ubuntu/18.04/roundcube/apache.conf b/install/ubuntu/18.04/roundcube/apache.conf
new file mode 100644
index 00000000..a0c87bcc
--- /dev/null
+++ b/install/ubuntu/18.04/roundcube/apache.conf
@@ -0,0 +1,40 @@
+Alias /roundcube/program/js/tiny_mce/ /usr/share/tinymce/www/
+Alias /roundcube /var/lib/roundcube
+Alias /webmail /var/lib/roundcube
+
+# Access to tinymce files
+
+ Options Indexes MultiViews FollowSymLinks
+ AllowOverride None
+ Order allow,deny
+ allow from all
+
+
+
+ Options +FollowSymLinks
+ # This is needed to parse /var/lib/roundcube/.htaccess. See its
+ # content before setting AllowOverride to None.
+ AllowOverride All
+ order allow,deny
+ allow from all
+
+
+# Protecting basic directories:
+
+ Options -FollowSymLinks
+ AllowOverride None
+
+
+
+ Options -FollowSymLinks
+ AllowOverride None
+ Order allow,deny
+ Deny from all
+
+
+
+ Options -FollowSymLinks
+ AllowOverride None
+ Order allow,deny
+ Deny from all
+
diff --git a/install/ubuntu/18.04/roundcube/config.inc.php b/install/ubuntu/18.04/roundcube/config.inc.php
new file mode 100644
index 00000000..0c82b1bc
--- /dev/null
+++ b/install/ubuntu/18.04/roundcube/config.inc.php
@@ -0,0 +1,33 @@
+
diff --git a/install/ubuntu/18.04/roundcube/main.inc.php b/install/ubuntu/18.04/roundcube/main.inc.php
new file mode 100644
index 00000000..44b19793
--- /dev/null
+++ b/install/ubuntu/18.04/roundcube/main.inc.php
@@ -0,0 +1,850 @@
+/sendmail or to syslog
+$rcmail_config['smtp_log'] = true;
+
+// Log successful logins to /userlogins or to syslog
+$rcmail_config['log_logins'] = false;
+
+// Log session authentication errors to /session or to syslog
+$rcmail_config['log_session'] = false;
+
+// Log SQL queries to /sql or to syslog
+$rcmail_config['sql_debug'] = false;
+
+// Log IMAP conversation to /imap or to syslog
+$rcmail_config['imap_debug'] = false;
+
+// Log LDAP conversation to /ldap or to syslog
+$rcmail_config['ldap_debug'] = false;
+
+// Log SMTP conversation to /smtp or to syslog
+$rcmail_config['smtp_debug'] = false;
+
+// ----------------------------------
+// IMAP
+// ----------------------------------
+
+// the mail host chosen to perform the log-in
+// leave blank to show a textbox at login, give a list of hosts
+// to display a pulldown menu or set one host as string.
+// To use SSL/TLS connection, enter hostname with prefix ssl:// or tls://
+// Supported replacement variables:
+// %n - http hostname ($_SERVER['SERVER_NAME'])
+// %d - domain (http hostname without the first part)
+// %s - domain name after the '@' from e-mail address provided at login screen
+// For example %n = mail.domain.tld, %d = domain.tld
+$rcmail_config['default_host'] = 'localhost';
+
+// TCP port used for IMAP connections
+$rcmail_config['default_port'] = 143;
+
+// IMAP AUTH type (DIGEST-MD5, CRAM-MD5, LOGIN, PLAIN or empty to use
+// best server supported one)
+$rcmail_config['imap_auth_type'] = null;
+
+// If you know your imap's folder delimiter, you can specify it here.
+// Otherwise it will be determined automatically
+$rcmail_config['imap_delimiter'] = null;
+
+// If IMAP server doesn't support NAMESPACE extension, but you're
+// using shared folders or personal root folder is non-empty, you'll need to
+// set these options. All can be strings or arrays of strings.
+// Folders need to be ended with directory separator, e.g. "INBOX."
+// (special directory "~" is an exception to this rule)
+// These can be used also to overwrite server's namespaces
+$rcmail_config['imap_ns_personal'] = null;
+$rcmail_config['imap_ns_other'] = null;
+$rcmail_config['imap_ns_shared'] = null;
+
+// By default IMAP capabilities are readed after connection to IMAP server
+// In some cases, e.g. when using IMAP proxy, there's a need to refresh the list
+// after login. Set to True if you've got this case.
+$rcmail_config['imap_force_caps'] = false;
+
+// By default list of subscribed folders is determined using LIST-EXTENDED
+// extension if available. Some servers (dovecot 1.x) returns wrong results
+// for shared namespaces in this case. http://trac.roundcube.net/ticket/1486225
+// Enable this option to force LSUB command usage instead.
+$rcmail_config['imap_force_lsub'] = false;
+
+// Some server configurations (e.g. Courier) doesn't list folders in all namespaces
+// Enable this option to force listing of folders in all namespaces
+$rcmail_config['imap_force_ns'] = false;
+
+// IMAP connection timeout, in seconds. Default: 0 (no limit)
+$rcmail_config['imap_timeout'] = 0;
+
+// Optional IMAP authentication identifier to be used as authorization proxy
+$rcmail_config['imap_auth_cid'] = null;
+
+// Optional IMAP authentication password to be used for imap_auth_cid
+$rcmail_config['imap_auth_pw'] = null;
+
+// Type of IMAP indexes cache. Supported values: 'db', 'apc' and 'memcache'.
+$rcmail_config['imap_cache'] = null;
+
+// Enables messages cache. Only 'db' cache is supported.
+$rcmail_config['messages_cache'] = false;
+
+
+// ----------------------------------
+// SMTP
+// ----------------------------------
+
+// SMTP server host (for sending mails).
+// To use SSL/TLS connection, enter hostname with prefix ssl:// or tls://
+// If left blank, the PHP mail() function is used
+// Supported replacement variables:
+// %h - user's IMAP hostname
+// %n - http hostname ($_SERVER['SERVER_NAME'])
+// %d - domain (http hostname without the first part)
+// %z - IMAP domain (IMAP hostname without the first part)
+// For example %n = mail.domain.tld, %d = domain.tld
+$rcmail_config['smtp_server'] = '';
+
+// SMTP port (default is 25; use 587 for STARTTLS or 465 for the
+// deprecated SSL over SMTP (aka SMTPS))
+$rcmail_config['smtp_port'] = 25;
+
+// SMTP username (if required) if you use %u as the username Roundcube
+// will use the current username for login
+$rcmail_config['smtp_user'] = '';
+
+// SMTP password (if required) if you use %p as the password Roundcube
+// will use the current user's password for login
+$rcmail_config['smtp_pass'] = '';
+
+// SMTP AUTH type (DIGEST-MD5, CRAM-MD5, LOGIN, PLAIN or empty to use
+// best server supported one)
+$rcmail_config['smtp_auth_type'] = '';
+
+// Optional SMTP authentication identifier to be used as authorization proxy
+$rcmail_config['smtp_auth_cid'] = null;
+
+// Optional SMTP authentication password to be used for smtp_auth_cid
+$rcmail_config['smtp_auth_pw'] = null;
+
+// SMTP HELO host
+// Hostname to give to the remote server for SMTP 'HELO' or 'EHLO' messages
+// Leave this blank and you will get the server variable 'server_name' or
+// localhost if that isn't defined.
+$rcmail_config['smtp_helo_host'] = '';
+
+// SMTP connection timeout, in seconds. Default: 0 (no limit)
+$rcmail_config['smtp_timeout'] = 0;
+
+// ----------------------------------
+// SYSTEM
+// ----------------------------------
+include_once("/etc/roundcube/debian-db-roundcube.php");
+
+
+// THIS OPTION WILL ALLOW THE INSTALLER TO RUN AND CAN EXPOSE SENSITIVE CONFIG DATA.
+// ONLY ENABLE IT IF YOU'RE REALLY SURE WHAT YOU'RE DOING!
+$rcmail_config['enable_installer'] = false;
+
+// provide an URL where a user can get support for this Roundcube installation
+// PLEASE DO NOT LINK TO THE ROUNDCUBE.NET WEBSITE HERE!
+$rcmail_config['support_url'] = '';
+
+// replace Roundcube logo with this image
+// specify an URL relative to the document root of this Roundcube installation
+$rcmail_config['skin_logo'] = null;
+
+// automatically create a new Roundcube user when log-in the first time.
+// a new user will be created once the IMAP login succeeds.
+// set to false if only registered users can use this service
+$rcmail_config['auto_create_user'] = true;
+
+// use this folder to store log files (must be writeable for apache user)
+// This is used by the 'file' log driver.
+$rcmail_config['log_dir'] = '/var/log/roundcubemail/';
+
+// use this folder to store temp files (must be writeable for apache user)
+$rcmail_config['temp_dir'] = '/tmp';
+
+// lifetime of message cache
+// possible units: s, m, h, d, w
+$rcmail_config['message_cache_lifetime'] = '10d';
+
+// enforce connections over https
+// with this option enabled, all non-secure connections will be redirected.
+// set the port for the ssl connection as value of this option if it differs from the default 443
+$rcmail_config['force_https'] = false;
+
+// tell PHP that it should work as under secure connection
+// even if it doesn't recognize it as secure ($_SERVER['HTTPS'] is not set)
+// e.g. when you're running Roundcube behind a https proxy
+// this option is mutually exclusive to 'force_https' and only either one of them should be set to true.
+$rcmail_config['use_https'] = false;
+
+// Allow browser-autocompletion on login form.
+// 0 - disabled, 1 - username and host only, 2 - username, host, password
+$rcmail_config['login_autocomplete'] = 0;
+
+// Forces conversion of logins to lower case.
+// 0 - disabled, 1 - only domain part, 2 - domain and local part.
+// If users authentication is not case-sensitive this must be enabled.
+// After enabling it all user records need to be updated, e.g. with query:
+// UPDATE users SET username = LOWER(username);
+$rcmail_config['login_lc'] = 0;
+
+// Includes should be interpreted as PHP files
+$rcmail_config['skin_include_php'] = false;
+
+// display software version on login screen
+$rcmail_config['display_version'] = false;
+
+// Session lifetime in minutes
+// must be greater than 'keep_alive'/60
+$rcmail_config['session_lifetime'] = 10;
+
+// session domain: .example.org
+$rcmail_config['session_domain'] = '';
+
+// session name. Default: 'roundcube_sessid'
+$rcmail_config['session_name'] = null;
+
+// Backend to use for session storage. Can either be 'db' (default) or 'memcache'
+// If set to memcache, a list of servers need to be specified in 'memcache_hosts'
+// Make sure the Memcache extension (http://pecl.php.net/package/memcache) version >= 2.0.0 is installed
+$rcmail_config['session_storage'] = 'db';
+
+// Use these hosts for accessing memcached
+// Define any number of hosts in the form of hostname:port or unix:///path/to/sock.file
+$rcmail_config['memcache_hosts'] = null; // e.g. array( 'localhost:11211', '192.168.1.12:11211', 'unix:///var/tmp/memcached.sock' );
+
+// check client IP in session athorization
+$rcmail_config['ip_check'] = false;
+
+// check referer of incoming requests
+$rcmail_config['referer_check'] = false;
+
+// X-Frame-Options HTTP header value sent to prevent from Clickjacking.
+// Possible values: sameorigin|deny. Set to false in order to disable sending them
+$rcmail_config['x_frame_options'] = 'sameorigin';
+
+// this key is used to encrypt the users imap password which is stored
+// in the session record (and the client cookie if remember password is enabled).
+// please provide a string of exactly 24 chars.
+$rcmail_config['des_key'] = 'vtIOjLZo9kffJoqzpSbm5r1r';
+
+// Automatically add this domain to user names for login
+// Only for IMAP servers that require full e-mail addresses for login
+// Specify an array with 'host' => 'domain' values to support multiple hosts
+// Supported replacement variables:
+// %h - user's IMAP hostname
+// %n - http hostname ($_SERVER['SERVER_NAME'])
+// %d - domain (http hostname without the first part)
+// %z - IMAP domain (IMAP hostname without the first part)
+// For example %n = mail.domain.tld, %d = domain.tld
+$rcmail_config['username_domain'] = '';
+
+// This domain will be used to form e-mail addresses of new users
+// Specify an array with 'host' => 'domain' values to support multiple hosts
+// Supported replacement variables:
+// %h - user's IMAP hostname
+// %n - http hostname ($_SERVER['SERVER_NAME'])
+// %d - domain (http hostname without the first part)
+// %z - IMAP domain (IMAP hostname without the first part)
+// For example %n = mail.domain.tld, %d = domain.tld
+$rcmail_config['mail_domain'] = '';
+
+// Password charset.
+// Use it if your authentication backend doesn't support UTF-8.
+// Defaults to ISO-8859-1 for backward compatibility
+$rcmail_config['password_charset'] = 'ISO-8859-1';
+
+// How many seconds must pass between emails sent by a user
+$rcmail_config['sendmail_delay'] = 0;
+
+// Maximum number of recipients per message. Default: 0 (no limit)
+$rcmail_config['max_recipients'] = 0;
+
+// Maximum allowednumber of members of an address group. Default: 0 (no limit)
+// If 'max_recipients' is set this value should be less or equal
+$rcmail_config['max_group_members'] = 0;
+
+// add this user-agent to message headers when sending
+$rcmail_config['useragent'] = 'Roundcube Webmail/'.RCMAIL_VERSION;
+
+// use this name to compose page titles
+$rcmail_config['product_name'] = 'Roundcube Webmail';
+
+// try to load host-specific configuration
+// see http://trac.roundcube.net/wiki/Howto_Config for more details
+$rcmail_config['include_host_config'] = false;
+
+// path to a text file which will be added to each sent message
+// paths are relative to the Roundcube root folder
+$rcmail_config['generic_message_footer'] = '';
+
+// path to a text file which will be added to each sent HTML message
+// paths are relative to the Roundcube root folder
+$rcmail_config['generic_message_footer_html'] = '';
+
+// add a received header to outgoing mails containing the creators IP and hostname
+$rcmail_config['http_received_header'] = false;
+
+// Whether or not to encrypt the IP address and the host name
+// these could, in some circles, be considered as sensitive information;
+// however, for the administrator, these could be invaluable help
+// when tracking down issues.
+$rcmail_config['http_received_header_encrypt'] = false;
+
+// This string is used as a delimiter for message headers when sending
+// a message via mail() function. Leave empty for auto-detection
+$rcmail_config['mail_header_delimiter'] = NULL;
+
+// number of chars allowed for line when wrapping text.
+// text wrapping is done when composing/sending messages
+$rcmail_config['line_length'] = 72;
+
+// send plaintext messages as format=flowed
+$rcmail_config['send_format_flowed'] = true;
+
+// don't allow these settings to be overriden by the user
+$rcmail_config['dont_override'] = array();
+
+// Set identities access level:
+// 0 - many identities with possibility to edit all params
+// 1 - many identities with possibility to edit all params but not email address
+// 2 - one identity with possibility to edit all params
+// 3 - one identity with possibility to edit all params but not email address
+$rcmail_config['identities_level'] = 0;
+
+// Mimetypes supported by the browser.
+// attachments of these types will open in a preview window
+// either a comma-separated list or an array: 'text/plain,text/html,text/xml,image/jpeg,image/gif,image/png,application/pdf'
+$rcmail_config['client_mimetypes'] = null; # null == default
+
+// mime magic database
+$rcmail_config['mime_magic'] = null;
+
+// path to imagemagick identify binary
+$rcmail_config['im_identify_path'] = null;
+
+// path to imagemagick convert binary
+$rcmail_config['im_convert_path'] = null;
+
+// maximum size of uploaded contact photos in pixel
+$rcmail_config['contact_photo_size'] = 160;
+
+// Enable DNS checking for e-mail address validation
+$rcmail_config['email_dns_check'] = false;
+
+// ----------------------------------
+// PLUGINS
+// ----------------------------------
+
+// List of active plugins (in plugins/ directory)
+$rcmail_config['plugins'] = array('password');
+
+// ----------------------------------
+// USER INTERFACE
+// ----------------------------------
+
+// default messages sort column. Use empty value for default server's sorting,
+// or 'arrival', 'date', 'subject', 'from', 'to', 'fromto', 'size', 'cc'
+$rcmail_config['message_sort_col'] = '';
+
+// default messages sort order
+$rcmail_config['message_sort_order'] = 'DESC';
+
+// These cols are shown in the message list. Available cols are:
+// subject, from, to, fromto, cc, replyto, date, size, status, flag, attachment, 'priority'
+$rcmail_config['list_cols'] = array('subject', 'status', 'fromto', 'date', 'size', 'flag', 'attachment');
+
+// the default locale setting (leave empty for auto-detection)
+// RFC1766 formatted language name like en_US, de_DE, de_CH, fr_FR, pt_BR
+$rcmail_config['language'] = null;
+
+// use this format for date display (date or strftime format)
+$rcmail_config['date_format'] = 'Y-m-d';
+
+// give this choice of date formats to the user to select from
+$rcmail_config['date_formats'] = array('Y-m-d', 'd-m-Y', 'Y/m/d', 'm/d/Y', 'd/m/Y', 'd.m.Y', 'j.n.Y');
+
+// use this format for time display (date or strftime format)
+$rcmail_config['time_format'] = 'H:i';
+
+// give this choice of time formats to the user to select from
+$rcmail_config['time_formats'] = array('G:i', 'H:i', 'g:i a', 'h:i A');
+
+// use this format for short date display (derived from date_format and time_format)
+$rcmail_config['date_short'] = 'D H:i';
+
+// use this format for detailed date/time formatting (derived from date_format and time_format)
+$rcmail_config['date_long'] = 'Y-m-d H:i';
+
+// store draft message is this mailbox
+// leave blank if draft messages should not be stored
+// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP)
+$rcmail_config['drafts_mbox'] = 'Drafts';
+
+// store spam messages in this mailbox
+// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP)
+$rcmail_config['junk_mbox'] = 'Spam';
+
+// store sent message is this mailbox
+// leave blank if sent messages should not be stored
+// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP)
+$rcmail_config['sent_mbox'] = 'Sent';
+
+// move messages to this folder when deleting them
+// leave blank if they should be deleted directly
+// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP)
+$rcmail_config['trash_mbox'] = 'Trash';
+
+// display these folders separately in the mailbox list.
+// these folders will also be displayed with localized names
+// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP)
+$rcmail_config['default_folders'] = array('INBOX', 'Drafts', 'Sent', 'Spam', 'Trash');
+$rcmail_config['default_imap_folders'] = array('INBOX', 'Drafts', 'Sent', 'Spam', 'Trash');
+
+// automatically create the above listed default folders on first login
+$rcmail_config['create_default_folders'] = true;
+
+// protect the default folders from renames, deletes, and subscription changes
+$rcmail_config['protect_default_folders'] = true;
+
+// if in your system 0 quota means no limit set this option to true
+$rcmail_config['quota_zero_as_unlimited'] = true;
+
+// Make use of the built-in spell checker. It is based on GoogieSpell.
+// Since Google only accepts connections over https your PHP installatation
+// requires to be compiled with Open SSL support
+$rcmail_config['enable_spellcheck'] = true;
+
+// Enables spellchecker exceptions dictionary.
+// Setting it to 'shared' will make the dictionary shared by all users.
+$rcmail_config['spellcheck_dictionary'] = false;
+
+// Set the spell checking engine. 'googie' is the default. 'pspell' is also available,
+// but requires the Pspell extensions. When using Nox Spell Server, also set 'googie' here.
+$rcmail_config['spellcheck_engine'] = 'googie';
+
+// For a locally installed Nox Spell Server, please specify the URI to call it.
+// Get Nox Spell Server from http://orangoo.com/labs/?page_id=72
+// Leave empty to use the Google spell checking service, what means
+// that the message content will be sent to Google in order to check spelling
+$rcmail_config['spellcheck_uri'] = '';
+
+// These languages can be selected for spell checking.
+// Configure as a PHP style hash array: array('en'=>'English', 'de'=>'Deutsch');
+// Leave empty for default set of available language.
+$rcmail_config['spellcheck_languages'] = NULL;
+
+// Makes that words with all letters capitalized will be ignored (e.g. GOOGLE)
+$rcmail_config['spellcheck_ignore_caps'] = false;
+
+// Makes that words with numbers will be ignored (e.g. g00gle)
+$rcmail_config['spellcheck_ignore_nums'] = false;
+
+// Makes that words with symbols will be ignored (e.g. g@@gle)
+$rcmail_config['spellcheck_ignore_syms'] = false;
+
+// Use this char/string to separate recipients when composing a new message
+$rcmail_config['recipients_separator'] = ',';
+
+// don't let users set pagesize to more than this value if set
+$rcmail_config['max_pagesize'] = 200;
+
+// Minimal value of user's 'keep_alive' setting (in seconds)
+// Must be less than 'session_lifetime'
+$rcmail_config['min_keep_alive'] = 60;
+
+// Enables files upload indicator. Requires APC installed and enabled apc.rfc1867 option.
+// By default refresh time is set to 1 second. You can set this value to true
+// or any integer value indicating number of seconds.
+$rcmail_config['upload_progress'] = false;
+
+// Specifies for how many seconds the Undo button will be available
+// after object delete action. Currently used with supporting address book sources.
+// Setting it to 0, disables the feature.
+$rcmail_config['undo_timeout'] = 0;
+
+// ----------------------------------
+// ADDRESSBOOK SETTINGS
+// ----------------------------------
+
+// This indicates which type of address book to use. Possible choises:
+// 'sql' (default) and 'ldap'.
+// If set to 'ldap' then it will look at using the first writable LDAP
+// address book as the primary address book and it will not display the
+// SQL address book in the 'Address Book' view.
+$rcmail_config['address_book_type'] = 'sql';
+
+// In order to enable public ldap search, configure an array like the Verisign
+// example further below. if you would like to test, simply uncomment the example.
+// Array key must contain only safe characters, ie. a-zA-Z0-9_
+$rcmail_config['ldap_public'] = array();
+
+// If you are going to use LDAP for individual address books, you will need to
+// set 'user_specific' to true and use the variables to generate the appropriate DNs to access it.
+//
+// The recommended directory structure for LDAP is to store all the address book entries
+// under the users main entry, e.g.:
+//
+// o=root
+// ou=people
+// uid=user@domain
+// mail=contact@contactdomain
+//
+// So the base_dn would be uid=%fu,ou=people,o=root
+// The bind_dn would be the same as based_dn or some super user login.
+/*
+ * example config for Verisign directory
+ *
+$rcmail_config['ldap_public']['Verisign'] = array(
+ 'name' => 'Verisign.com',
+ // Replacement variables supported in host names:
+ // %h - user's IMAP hostname
+ // %n - http hostname ($_SERVER['SERVER_NAME'])
+ // %d - domain (http hostname without the first part)
+ // %z - IMAP domain (IMAP hostname without the first part)
+ // For example %n = mail.domain.tld, %d = domain.tld
+ 'hosts' => array('directory.verisign.com'),
+ 'port' => 389,
+ 'use_tls' => false,
+ 'ldap_version' => 3, // using LDAPv3
+ 'user_specific' => false, // If true the base_dn, bind_dn and bind_pass default to the user's IMAP login.
+ // %fu - The full username provided, assumes the username is an email
+ // address, uses the username_domain value if not an email address.
+ // %u - The username prior to the '@'.
+ // %d - The domain name after the '@'.
+ // %dc - The domain name hierarchal string e.g. "dc=test,dc=domain,dc=com"
+ // %dn - DN found by ldap search when search_filter/search_base_dn are used
+ 'base_dn' => '',
+ 'bind_dn' => '',
+ 'bind_pass' => '',
+ // It's possible to bind for an individual address book
+ // The login name is used to search for the DN to bind with
+ 'search_base_dn' => '',
+ 'search_filter' => '', // e.g. '(&(objectClass=posixAccount)(uid=%u))'
+ // DN and password to bind as before searching for bind DN, if anonymous search is not allowed
+ 'search_bind_dn' => '',
+ 'search_bind_pw' => '',
+ // Default for %dn variable if search doesn't return DN value
+ 'search_dn_default' => '',
+ // Optional authentication identifier to be used as SASL authorization proxy
+ // bind_dn need to be empty
+ 'auth_cid' => '',
+ // SASL authentication method (for proxy auth), e.g. DIGEST-MD5
+ 'auth_method' => '',
+ // Indicates if the addressbook shall be hidden from the list.
+ // With this option enabled you can still search/view contacts.
+ 'hidden' => false,
+ // Indicates if the addressbook shall not list contacts but only allows searching.
+ 'searchonly' => false,
+ // Indicates if we can write to the LDAP directory or not.
+ // If writable is true then these fields need to be populated:
+ // LDAP_Object_Classes, required_fields, LDAP_rdn
+ 'writable' => false,
+ // To create a new contact these are the object classes to specify
+ // (or any other classes you wish to use).
+ 'LDAP_Object_Classes' => array('top', 'inetOrgPerson'),
+ // The RDN field that is used for new entries, this field needs
+ // to be one of the search_fields, the base of base_dn is appended
+ // to the RDN to insert into the LDAP directory.
+ 'LDAP_rdn' => 'cn',
+ // The required fields needed to build a new contact as required by
+ // the object classes (can include additional fields not required by the object classes).
+ 'required_fields' => array('cn', 'sn', 'mail'),
+ 'search_fields' => array('mail', 'cn'), // fields to search in
+ // mapping of contact fields to directory attributes
+ // for every attribute one can specify the number of values (limit) allowed.
+ // default is 1, a wildcard * means unlimited
+ 'fieldmap' => array(
+ // Roundcube => LDAP:limit
+ 'name' => 'cn',
+ 'surname' => 'sn',
+ 'firstname' => 'givenName',
+ 'title' => 'title',
+ 'email' => 'mail:*',
+ 'phone:home' => 'homePhone',
+ 'phone:work' => 'telephoneNumber',
+ 'phone:mobile' => 'mobile',
+ 'phone:pager' => 'pager',
+ 'street' => 'street',
+ 'zipcode' => 'postalCode',
+ 'region' => 'st',
+ 'locality' => 'l',
+// if you uncomment country, you need to modify 'sub_fields' above
+// 'country' => 'c',
+ 'department' => 'departmentNumber',
+ 'notes' => 'description',
+// these currently don't work:
+// 'phone:workfax' => 'facsimileTelephoneNumber',
+// 'photo' => 'jpegPhoto',
+// 'organization' => 'o',
+// 'manager' => 'manager',
+// 'assistant' => 'secretary',
+ ),
+ // Map of contact sub-objects (attribute name => objectClass(es)), e.g. 'c' => 'country'
+ 'sub_fields' => array(),
+ 'sort' => 'cn', // The field to sort the listing by.
+ 'scope' => 'sub', // search mode: sub|base|list
+ 'filter' => '(objectClass=inetOrgPerson)', // used for basic listing (if not empty) and will be &'d with search queries. example: status=act
+ 'fuzzy_search' => true, // server allows wildcard search
+ 'vlv' => false, // Enable Virtual List View to more efficiently fetch paginated data (if server supports it)
+ 'numsub_filter' => '(objectClass=organizationalUnit)', // with VLV, we also use numSubOrdinates to query the total number of records. Set this filter to get all numSubOrdinates attributes for counting
+ 'sizelimit' => '0', // Enables you to limit the count of entries fetched. Setting this to 0 means no limit.
+ 'timelimit' => '0', // Sets the number of seconds how long is spend on the search. Setting this to 0 means no limit.
+ 'referrals' => true|false, // Sets the LDAP_OPT_REFERRALS option. Mostly used in multi-domain Active Directory setups
+
+ // definition for contact groups (uncomment if no groups are supported)
+ // for the groups base_dn, the user replacements %fu, %u, $d and %dc work as for base_dn (see above)
+ // if the groups base_dn is empty, the contact base_dn is used for the groups as well
+ // -> in this case, assure that groups and contacts are separated due to the concernig filters!
+ 'groups' => array(
+ 'base_dn' => '',
+ 'scope' => 'sub', // search mode: sub|base|list
+ 'filter' => '(objectClass=groupOfNames)',
+ 'object_classes' => array("top", "groupOfNames"),
+ 'member_attr' => 'member', // name of the member attribute, e.g. uniqueMember
+ 'name_attr' => 'cn', // attribute to be used as group name
+ ),
+);
+*/
+
+// An ordered array of the ids of the addressbooks that should be searched
+// when populating address autocomplete fields server-side. ex: array('sql','Verisign');
+$rcmail_config['autocomplete_addressbooks'] = array('sql');
+
+// The minimum number of characters required to be typed in an autocomplete field
+// before address books will be searched. Most useful for LDAP directories that
+// may need to do lengthy results building given overly-broad searches
+$rcmail_config['autocomplete_min_length'] = 1;
+
+// Number of parallel autocomplete requests.
+// If there's more than one address book, n parallel (async) requests will be created,
+// where each request will search in one address book. By default (0), all address
+// books are searched in one request.
+$rcmail_config['autocomplete_threads'] = 0;
+
+// Max. numer of entries in autocomplete popup. Default: 15.
+$rcmail_config['autocomplete_max'] = 15;
+
+// show address fields in this order
+// available placeholders: {street}, {locality}, {zipcode}, {country}, {region}
+$rcmail_config['address_template'] = '{street}
{locality} {zipcode}
{country} {region}';
+
+// Matching mode for addressbook search (including autocompletion)
+// 0 - partial (*abc*), default
+// 1 - strict (abc)
+// 2 - prefix (abc*)
+// Note: For LDAP sources fuzzy_search must be enabled to use 'partial' or 'prefix' mode
+$rcmail_config['addressbook_search_mode'] = 0;
+
+// ----------------------------------
+// USER PREFERENCES
+// ----------------------------------
+
+// Use this charset as fallback for message decoding
+//$rcmail_config['default_charset'] = 'ISO-8859-1';
+$rcmail_config['default_charset'] = 'UTF-8';
+
+// skin name: folder from skins/
+$rcmail_config['skin'] = 'larry';
+
+// show up to X items in messages list view
+$rcmail_config['mail_pagesize'] = 50;
+
+// show up to X items in contacts list view
+$rcmail_config['addressbook_pagesize'] = 50;
+
+// sort contacts by this col (preferably either one of name, firstname, surname)
+$rcmail_config['addressbook_sort_col'] = 'surname';
+
+// the way how contact names are displayed in the list
+// 0: display name
+// 1: (prefix) firstname middlename surname (suffix)
+// 2: (prefix) surname firstname middlename (suffix)
+// 3: (prefix) surname, firstname middlename (suffix)
+$rcmail_config['addressbook_name_listing'] = 0;
+
+// use this timezone to display date/time
+// valid timezone identifers are listed here: php.net/manual/en/timezones.php
+// 'auto' will use the browser's timezone settings
+$rcmail_config['timezone'] = 'auto';
+
+// prefer displaying HTML messages
+$rcmail_config['prefer_html'] = true;
+
+// display remote inline images
+// 0 - Never, always ask
+// 1 - Ask if sender is not in address book
+// 2 - Always show inline images
+$rcmail_config['show_images'] = 0;
+
+// compose html formatted messages by default
+// 0 - never, 1 - always, 2 - on reply to HTML message only
+$rcmail_config['htmleditor'] = 0;
+
+// show pretty dates as standard
+$rcmail_config['prettydate'] = true;
+
+// save compose message every 30 seconds
+$rcmail_config['draft_autosave'] = 30;
+
+// default setting if preview pane is enabled
+$rcmail_config['preview_pane'] = false;
+
+// Mark as read when viewed in preview pane (delay in seconds)
+// Set to -1 if messages in preview pane should not be marked as read
+$rcmail_config['preview_pane_mark_read'] = 0;
+
+// Clear Trash on logout
+$rcmail_config['logout_purge'] = false;
+
+// Compact INBOX on logout
+$rcmail_config['logout_expunge'] = false;
+
+// Display attached images below the message body
+$rcmail_config['inline_images'] = true;
+
+// Encoding of long/non-ascii attachment names:
+// 0 - Full RFC 2231 compatible
+// 1 - RFC 2047 for 'name' and RFC 2231 for 'filename' parameter (Thunderbird's default)
+// 2 - Full 2047 compatible
+$rcmail_config['mime_param_folding'] = 1;
+
+// Set true if deleted messages should not be displayed
+// This will make the application run slower
+$rcmail_config['skip_deleted'] = false;
+
+// Set true to Mark deleted messages as read as well as deleted
+// False means that a message's read status is not affected by marking it as deleted
+$rcmail_config['read_when_deleted'] = true;
+
+// Set to true to never delete messages immediately
+// Use 'Purge' to remove messages marked as deleted
+$rcmail_config['flag_for_deletion'] = false;
+
+// Default interval for keep-alive/check-recent requests (in seconds)
+// Must be greater than or equal to 'min_keep_alive' and less than 'session_lifetime'
+$rcmail_config['keep_alive'] = 60;
+
+// If true all folders will be checked for recent messages
+$rcmail_config['check_all_folders'] = false;
+
+// If true, after message delete/move, the next message will be displayed
+$rcmail_config['display_next'] = false;
+
+// 0 - Do not expand threads
+// 1 - Expand all threads automatically
+// 2 - Expand only threads with unread messages
+$rcmail_config['autoexpand_threads'] = 0;
+
+// When replying place cursor above original message (top posting)
+$rcmail_config['top_posting'] = false;
+
+// When replying strip original signature from message
+$rcmail_config['strip_existing_sig'] = true;
+
+// Show signature:
+// 0 - Never
+// 1 - Always
+// 2 - New messages only
+// 3 - Forwards and Replies only
+$rcmail_config['show_sig'] = 1;
+
+// When replying or forwarding place sender's signature above existing message
+$rcmail_config['sig_above'] = false;
+
+// Use MIME encoding (quoted-printable) for 8bit characters in message body
+$rcmail_config['force_7bit'] = false;
+
+// Defaults of the search field configuration.
+// The array can contain a per-folder list of header fields which should be considered when searching
+// The entry with key '*' stands for all folders which do not have a specific list set.
+// Please note that folder names should to be in sync with $rcmail_config['default_folders']
+$rcmail_config['search_mods'] = null; // Example: array('*' => array('subject'=>1, 'from'=>1), 'Sent' => array('subject'=>1, 'to'=>1));
+
+// Defaults of the addressbook search field configuration.
+$rcmail_config['addressbook_search_mods'] = null; // Example: array('name'=>1, 'firstname'=>1, 'surname'=>1, 'email'=>1, '*'=>1);
+
+// 'Delete always'
+// This setting reflects if mail should be always deleted
+// when moving to Trash fails. This is necessary in some setups
+// when user is over quota and Trash is included in the quota.
+$rcmail_config['delete_always'] = false;
+
+// Directly delete messages in Junk instead of moving to Trash
+$rcmail_config['delete_junk'] = true;
+
+// Behavior if a received message requests a message delivery notification (read receipt)
+// 0 = ask the user, 1 = send automatically, 2 = ignore (never send or ask)
+// 3 = send automatically if sender is in addressbook, otherwise ask the user
+// 4 = send automatically if sender is in addressbook, otherwise ignore
+$rcmail_config['mdn_requests'] = 0;
+
+// Return receipt checkbox default state
+$rcmail_config['mdn_default'] = 0;
+
+// Delivery Status Notification checkbox default state
+$rcmail_config['dsn_default'] = 0;
+
+// Place replies in the folder of the message being replied to
+$rcmail_config['reply_same_folder'] = false;
+
+// Sets default mode of Forward feature to "forward as attachment"
+$rcmail_config['forward_attachment'] = false;
+
+// Defines address book (internal index) to which new contacts will be added
+// By default it is the first writeable addressbook.
+// Note: Use '0' for built-in address book.
+$rcmail_config['default_addressbook'] = null;
+
+// Enables spell checking before sending a message.
+$rcmail_config['spellcheck_before_send'] = false;
+
+// Skip alternative email addresses in autocompletion (show one address per contact)
+$rcmail_config['autocomplete_single'] = false;
+
+// Default font for composed HTML message.
+// Supported values: Andale Mono, Arial, Arial Black, Book Antiqua, Courier New,
+// Georgia, Helvetica, Impact, Tahoma, Terminal, Times New Roman, Trebuchet MS, Verdana
+$rcmail_config['default_font'] = '';
+
+// end of config file
diff --git a/install/ubuntu/18.04/roundcube/vesta.php b/install/ubuntu/18.04/roundcube/vesta.php
new file mode 100644
index 00000000..99e1d4bc
--- /dev/null
+++ b/install/ubuntu/18.04/roundcube/vesta.php
@@ -0,0 +1,71 @@
+
+ */
+
+ function password_save($curpass, $passwd)
+ {
+ $rcmail = rcmail::get_instance();
+ $vesta_host = $rcmail->config->get('password_vesta_host');
+
+ if (empty($vesta_host))
+ {
+ $vesta_host = 'localhost';
+ }
+
+ $vesta_port = $rcmail->config->get('password_vesta_port');
+ if (empty($vesta_port))
+ {
+ $vesta_port = '8083';
+ }
+
+ $postvars = array(
+ 'email' => $_SESSION['username'],
+ 'password' => $curpass,
+ 'new' => $passwd
+ );
+
+ $postdata = http_build_query($postvars);
+
+ $send = 'POST /reset/mail/ HTTP/1.1' . PHP_EOL;
+ $send .= 'Host: ' . $vesta_host . PHP_EOL;
+ $send .= 'User-Agent: PHP Script' . PHP_EOL;
+ $send .= 'Content-length: ' . strlen($postdata) . PHP_EOL;
+ $send .= 'Content-type: application/x-www-form-urlencoded' . PHP_EOL;
+ $send .= 'Connection: close' . PHP_EOL;
+ $send .= PHP_EOL;
+ $send .= $postdata . PHP_EOL . PHP_EOL;
+
+ //$fp = fsockopen('ssl://' . $vesta_host, $vesta_port);
+ $errno = "";
+ $errstr = "";
+ $context = stream_context_create();
+ $result = stream_context_set_option($context, 'ssl', 'verify_peer', false);
+ $result = stream_context_set_option($context, 'ssl', 'verify_peer_name', false);
+ $result = stream_context_set_option($context, 'ssl', 'verify_host', false);
+ $result = stream_context_set_option($context, 'ssl', 'allow_self_signed', true);
+
+ $fp = stream_socket_client('ssl://' . $vesta_host . ':'.$vesta_port, $errno, $errstr, 60, STREAM_CLIENT_CONNECT, $context);
+ fputs($fp, $send);
+ $result = fread($fp, 2048);
+ fclose($fp);
+
+ $fp = fopen("/tmp/roundcube.log", 'w');
+ fwrite($fp, "test ok");
+ fwrite($fp, "\n");
+ fclose($fp);
+
+
+ if(strpos($result, 'ok') && !strpos($result, 'error'))
+ {
+ return PASSWORD_SUCCESS;
+ }
+ else {
+ return PASSWORD_ERROR;
+ }
+
+ }
diff --git a/install/ubuntu/18.04/sudo/admin b/install/ubuntu/18.04/sudo/admin
new file mode 100644
index 00000000..4226bdd4
--- /dev/null
+++ b/install/ubuntu/18.04/sudo/admin
@@ -0,0 +1,8 @@
+# Created by vesta installer
+Defaults env_keep="VESTA"
+Defaults:admin !syslog
+Defaults:admin !requiretty
+Defaults:root !requiretty
+
+admin ALL=(ALL) ALL
+admin ALL=NOPASSWD:/usr/local/vesta/bin/*
diff --git a/install/ubuntu/18.04/templates/dns/child-ns.tpl b/install/ubuntu/18.04/templates/dns/child-ns.tpl
new file mode 100755
index 00000000..42c046e4
--- /dev/null
+++ b/install/ubuntu/18.04/templates/dns/child-ns.tpl
@@ -0,0 +1,14 @@
+ID='1' RECORD='@' TYPE='NS' PRIORITY='' VALUE='ns1.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='2' RECORD='@' TYPE='NS' PRIORITY='' VALUE='ns2.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='3' RECORD='@' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='4' RECORD='ns1' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='5' RECORD='ns2' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='6' RECORD='www' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='7' RECORD='ftp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='8' RECORD='mail' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='9' RECORD='smtp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='10' RECORD='pop' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='11' RECORD='imap' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='12' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='mail.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='13' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"v=spf1 a mx ip4:%ip% ~all"' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='14' RECORD='_dmarc' TYPE='TXT' PRIORITY='' VALUE='"v=DMARC1; p=none"' SUSPENDED='no' TIME='%time%' DATE='%date%'
diff --git a/install/ubuntu/18.04/templates/dns/default.tpl b/install/ubuntu/18.04/templates/dns/default.tpl
new file mode 100755
index 00000000..e0a37e62
--- /dev/null
+++ b/install/ubuntu/18.04/templates/dns/default.tpl
@@ -0,0 +1,18 @@
+ID='1' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns1%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='2' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns2%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='3' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns3%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='4' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns4%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='5' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns5%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='6' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns6%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='7' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns7%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='8' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns8%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='9' RECORD='@' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='10' RECORD='www' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='11' RECORD='ftp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='12' RECORD='mail' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='13' RECORD='smtp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='14' RECORD='pop' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='15' RECORD='imap' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='16' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='mail.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='17' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"v=spf1 a mx ip4:%ip% ~all"' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='18' RECORD='_dmarc' TYPE='TXT' PRIORITY='' VALUE='"v=DMARC1; p=none"' SUSPENDED='no' TIME='%time%' DATE='%date%'
diff --git a/install/ubuntu/18.04/templates/dns/gmail.tpl b/install/ubuntu/18.04/templates/dns/gmail.tpl
new file mode 100755
index 00000000..219c9d24
--- /dev/null
+++ b/install/ubuntu/18.04/templates/dns/gmail.tpl
@@ -0,0 +1,12 @@
+ID='1' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns1%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='2' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns2%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='3' RECORD='@' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='4' RECORD='ftp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='5' RECORD='localhost' TYPE='A' PRIORITY='' VALUE='127.0.0.1' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='6' RECORD='www' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='7' RECORD='@' TYPE='MX' PRIORITY='1' VALUE='ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='8' RECORD='@' TYPE='MX' PRIORITY='5' VALUE='ALT1.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='9' RECORD='@' TYPE='MX' PRIORITY='5' VALUE='ALT2.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='10' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='ALT3.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='11' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='ALT4.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='12' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"v=spf1 a mx ip4:%ip% include:_spf.google.com ~all"' SUSPENDED='no' TIME='%time%' DATE='%date%'
diff --git a/install/ubuntu/18.04/templates/web/apache2/basedir.stpl b/install/ubuntu/18.04/templates/web/apache2/basedir.stpl
new file mode 100644
index 00000000..d978d4c4
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/apache2/basedir.stpl
@@ -0,0 +1,44 @@
+
+
+ ServerName %domain_idn%
+ %alias_string%
+ ServerAdmin %email%
+ DocumentRoot %sdocroot%
+ ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/
+ Alias /vstats/ %home%/%user%/web/%domain%/stats/
+ Alias /error/ %home%/%user%/web/%domain%/document_errors/
+ #SuexecUserGroup %user% %group%
+ CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes
+ CustomLog /var/log/%web_system%/domains/%domain%.log combined
+ ErrorLog /var/log/%web_system%/domains/%domain%.error.log
+
+ AllowOverride All
+ SSLRequireSSL
+ Options +Includes -Indexes +ExecCGI
+ php_admin_value open_basedir %docroot%:%home%/%user%/tmp
+ php_admin_value upload_tmp_dir %home%/%user%/tmp
+ php_admin_value session.save_path %home%/%user%/tmp
+ php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%"
+
+
+ AllowOverride All
+
+ SSLEngine on
+ SSLVerifyClient none
+ SSLCertificateFile %ssl_crt%
+ SSLCertificateKeyFile %ssl_key%
+ %ssl_ca_str%SSLCertificateChainFile %ssl_ca%
+
+
+ RMode config
+ RUidGid %user% %group%
+ RGroups www-data
+
+
+ AssignUserID %user% %group%
+
+
+ IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf*
+
+
+
diff --git a/install/ubuntu/18.04/templates/web/apache2/basedir.tpl b/install/ubuntu/18.04/templates/web/apache2/basedir.tpl
new file mode 100644
index 00000000..96c94a1b
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/apache2/basedir.tpl
@@ -0,0 +1,38 @@
+
+
+ ServerName %domain_idn%
+ %alias_string%
+ ServerAdmin %email%
+ DocumentRoot %docroot%
+ ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/
+ Alias /vstats/ %home%/%user%/web/%domain%/stats/
+ Alias /error/ %home%/%user%/web/%domain%/document_errors/
+ #SuexecUserGroup %user% %group%
+ CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes
+ CustomLog /var/log/%web_system%/domains/%domain%.log combined
+ ErrorLog /var/log/%web_system%/domains/%domain%.error.log
+
+ AllowOverride All
+ Options +Includes -Indexes +ExecCGI
+ php_admin_value open_basedir %docroot%:%home%/%user%/tmp
+ php_admin_value upload_tmp_dir %home%/%user%/tmp
+ php_admin_value session.save_path %home%/%user%/tmp
+ php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%"
+
+
+ AllowOverride All
+
+
+
+ RMode config
+ RUidGid %user% %group%
+ RGroups www-data
+
+
+ AssignUserID %user% %group%
+
+
+ IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf*
+
+
+
diff --git a/install/ubuntu/18.04/templates/web/apache2/default.stpl b/install/ubuntu/18.04/templates/web/apache2/default.stpl
new file mode 100644
index 00000000..ec34c279
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/apache2/default.stpl
@@ -0,0 +1,43 @@
+
+
+ ServerName %domain_idn%
+ %alias_string%
+ ServerAdmin %email%
+ DocumentRoot %sdocroot%
+ ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/
+ Alias /vstats/ %home%/%user%/web/%domain%/stats/
+ Alias /error/ %home%/%user%/web/%domain%/document_errors/
+ #SuexecUserGroup %user% %group%
+ CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes
+ CustomLog /var/log/%web_system%/domains/%domain%.log combined
+ ErrorLog /var/log/%web_system%/domains/%domain%.error.log
+
+ AllowOverride All
+ SSLRequireSSL
+ Options +Includes -Indexes +ExecCGI
+ php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp
+ php_admin_value upload_tmp_dir %home%/%user%/tmp
+ php_admin_value session.save_path %home%/%user%/tmp
+
+
+ AllowOverride All
+
+ SSLEngine on
+ SSLVerifyClient none
+ SSLCertificateFile %ssl_crt%
+ SSLCertificateKeyFile %ssl_key%
+ %ssl_ca_str%SSLCertificateChainFile %ssl_ca%
+
+
+ RMode config
+ RUidGid %user% %group%
+ RGroups www-data
+
+
+ AssignUserID %user% %group%
+
+
+ IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf*
+
+
+
diff --git a/install/ubuntu/18.04/templates/web/apache2/default.tpl b/install/ubuntu/18.04/templates/web/apache2/default.tpl
new file mode 100644
index 00000000..3a227015
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/apache2/default.tpl
@@ -0,0 +1,37 @@
+
+
+ ServerName %domain_idn%
+ %alias_string%
+ ServerAdmin %email%
+ DocumentRoot %docroot%
+ ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/
+ Alias /vstats/ %home%/%user%/web/%domain%/stats/
+ Alias /error/ %home%/%user%/web/%domain%/document_errors/
+ #SuexecUserGroup %user% %group%
+ CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes
+ CustomLog /var/log/%web_system%/domains/%domain%.log combined
+ ErrorLog /var/log/%web_system%/domains/%domain%.error.log
+
+ AllowOverride All
+ Options +Includes -Indexes +ExecCGI
+ php_admin_value open_basedir %docroot%:%home%/%user%/tmp
+ php_admin_value upload_tmp_dir %home%/%user%/tmp
+ php_admin_value session.save_path %home%/%user%/tmp
+
+
+ AllowOverride All
+
+
+
+ RMode config
+ RUidGid %user% %group%
+ RGroups www-data
+
+
+ AssignUserID %user% %group%
+
+
+ IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf*
+
+
+
diff --git a/install/ubuntu/18.04/templates/web/apache2/hosting.stpl b/install/ubuntu/18.04/templates/web/apache2/hosting.stpl
new file mode 100644
index 00000000..8892072b
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/apache2/hosting.stpl
@@ -0,0 +1,49 @@
+
+
+ ServerName %domain_idn%
+ %alias_string%
+ ServerAdmin %email%
+ DocumentRoot %sdocroot%
+ ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/
+ Alias /vstats/ %home%/%user%/web/%domain%/stats/
+ Alias /error/ %home%/%user%/web/%domain%/document_errors/
+ #SuexecUserGroup %user% %group%
+ CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes
+ CustomLog /var/log/%web_system%/domains/%domain%.log combined
+ ErrorLog /var/log/%web_system%/domains/%domain%.error.log
+
+ AllowOverride All
+ SSLRequireSSL
+ Options +Includes -Indexes +ExecCGI
+ php_admin_value upload_max_filesize 10M
+ php_admin_value max_execution_time 20
+ php_admin_value post_max_size 8M
+ php_admin_value memory_limit 32M
+ php_admin_flag mysql.allow_persistent off
+ php_admin_flag safe_mode off
+ php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%"
+ php_admin_value open_basedir %docroot%:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube
+ php_admin_value upload_tmp_dir %home%/%user%/tmp
+ php_admin_value session.save_path %home%/%user%/tmp
+
+
+ AllowOverride All
+
+ SSLEngine on
+ SSLVerifyClient none
+ SSLCertificateFile %ssl_crt%
+ SSLCertificateKeyFile %ssl_key%
+ %ssl_ca_str%SSLCertificateChainFile %ssl_ca%
+
+ RMode config
+ RUidGid %user% %group%
+ RGroups www-data
+
+
+ AssignUserID %user% %group%
+
+
+ IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf*
+
+
+
diff --git a/install/ubuntu/18.04/templates/web/apache2/hosting.tpl b/install/ubuntu/18.04/templates/web/apache2/hosting.tpl
new file mode 100644
index 00000000..1eb26910
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/apache2/hosting.tpl
@@ -0,0 +1,43 @@
+
+
+ ServerName %domain_idn%
+ %alias_string%
+ ServerAdmin %email%
+ DocumentRoot %docroot%
+ ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/
+ Alias /vstats/ %home%/%user%/web/%domain%/stats/
+ Alias /error/ %home%/%user%/web/%domain%/document_errors/
+ #SuexecUserGroup %user% %group%
+ CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes
+ CustomLog /var/log/%web_system%/domains/%domain%.log combined
+ ErrorLog /var/log/%web_system%/domains/%domain%.error.log
+
+ AllowOverride All
+ Options +Includes -Indexes +ExecCGI
+ php_admin_value upload_max_filesize 10M
+ php_admin_value max_execution_time 20
+ php_admin_value post_max_size 8M
+ php_admin_value memory_limit 32M
+ php_admin_flag mysql.allow_persistent off
+ php_admin_flag safe_mode off
+ php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%"
+ php_admin_value open_basedir %docroot%:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube
+ php_admin_value upload_tmp_dir %home%/%user%/tmp
+ php_admin_value session.save_path %home%/%user%/tmp
+
+
+ AllowOverride All
+
+
+ RMode config
+ RUidGid %user% %group%
+ RGroups www-data
+
+
+ AssignUserID %user% %group%
+
+
+ IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf*
+
+
+
diff --git a/install/ubuntu/18.04/templates/web/apache2/phpcgi.sh b/install/ubuntu/18.04/templates/web/apache2/phpcgi.sh
new file mode 100755
index 00000000..6565e103
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/apache2/phpcgi.sh
@@ -0,0 +1,16 @@
+#!/bin/bash
+# Adding php wrapper
+user="$1"
+domain="$2"
+ip="$3"
+home_dir="$4"
+docroot="$5"
+
+wrapper_script='#!/usr/bin/php-cgi -cphp5-cgi.ini'
+wrapper_file="$home_dir/$user/web/$domain/cgi-bin/php"
+
+echo "$wrapper_script" > $wrapper_file
+chown $user:$user $wrapper_file
+chmod -f 751 $wrapper_file
+
+exit 0
diff --git a/install/ubuntu/18.04/templates/web/apache2/phpcgi.stpl b/install/ubuntu/18.04/templates/web/apache2/phpcgi.stpl
new file mode 100644
index 00000000..731355bc
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/apache2/phpcgi.stpl
@@ -0,0 +1,38 @@
+
+
+ ServerName %domain_idn%
+ %alias_string%
+ ServerAdmin %email%
+ DocumentRoot %sdocroot%
+ ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/
+ Alias /vstats/ %home%/%user%/web/%domain%/stats/
+ Alias /error/ %home%/%user%/web/%domain%/document_errors/
+ SuexecUserGroup %user% %group%
+ CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes
+ CustomLog /var/log/%web_system%/domains/%domain%.log combined
+ ErrorLog /var/log/%web_system%/domains/%domain%.error.log
+
+ SSLRequireSSL
+ AllowOverride All
+ Options +Includes -Indexes +ExecCGI
+ php_admin_value open_basedir %docroot%:%home%/%user%/tmp
+ php_admin_value upload_tmp_dir %home%/%user%/tmp
+ php_admin_value session.save_path %home%/%user%/tmp
+ Action phpcgi-script /cgi-bin/php
+
+ SetHandler phpcgi-script
+
+
+
+ AllowOverride All
+
+ SSLEngine on
+ SSLVerifyClient none
+ SSLCertificateFile %ssl_crt%
+ SSLCertificateKeyFile %ssl_key%
+ %ssl_ca_str%SSLCertificateChainFile %ssl_ca%
+
+ IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf*
+
+
+
diff --git a/install/ubuntu/18.04/templates/web/apache2/phpcgi.tpl b/install/ubuntu/18.04/templates/web/apache2/phpcgi.tpl
new file mode 100644
index 00000000..c6796d29
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/apache2/phpcgi.tpl
@@ -0,0 +1,31 @@
+
+
+ ServerName %domain_idn%
+ %alias_string%
+ ServerAdmin %email%
+ DocumentRoot %docroot%
+ ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/
+ Alias /vstats/ %home%/%user%/web/%domain%/stats/
+ Alias /error/ %home%/%user%/web/%domain%/document_errors/
+ SuexecUserGroup %user% %group%
+ CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes
+ CustomLog /var/log/%web_system%/domains/%domain%.log combined
+ ErrorLog /var/log/%web_system%/domains/%domain%.error.log
+
+ AllowOverride All
+ Options +Includes -Indexes +ExecCGI
+ php_admin_value open_basedir %docroot%:%home%/%user%/tmp
+ php_admin_value upload_tmp_dir %home%/%user%/tmp
+ php_admin_value session.save_path %home%/%user%/tmp
+ Action phpcgi-script /cgi-bin/php
+
+ SetHandler phpcgi-script
+
+
+
+ AllowOverride All
+
+ IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf*
+
+
+
diff --git a/install/ubuntu/18.04/templates/web/apache2/phpfcgid.sh b/install/ubuntu/18.04/templates/web/apache2/phpfcgid.sh
new file mode 100755
index 00000000..e8058249
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/apache2/phpfcgid.sh
@@ -0,0 +1,22 @@
+#!/bin/bash
+# Adding php wrapper
+user="$1"
+domain="$2"
+ip="$3"
+home_dir="$4"
+docroot="$5"
+
+wrapper_script="#!/bin/sh
+PHPRC=/usr/local/lib
+export PHPRC
+export PHP_FCGI_MAX_REQUESTS=1000
+export PHP_FCGI_CHILDREN=20
+exec /usr/bin/php-cgi
+"
+wrapper_file="$home_dir/$user/web/$domain/cgi-bin/fcgi-starter"
+
+echo "$wrapper_script" > $wrapper_file
+chown $user:$user $wrapper_file
+chmod -f 751 $wrapper_file
+
+exit 0
diff --git a/install/ubuntu/18.04/templates/web/apache2/phpfcgid.stpl b/install/ubuntu/18.04/templates/web/apache2/phpfcgid.stpl
new file mode 100644
index 00000000..156c8a91
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/apache2/phpfcgid.stpl
@@ -0,0 +1,39 @@
+
+
+ ServerName %domain_idn%
+ %alias_string%
+ ServerAdmin %email%
+ DocumentRoot %sdocroot%
+ ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/
+ Alias /vstats/ %home%/%user%/web/%domain%/stats/
+ Alias /error/ %home%/%user%/web/%domain%/document_errors/
+ SuexecUserGroup %user% %group%
+ CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes
+ CustomLog /var/log/%web_system%/domains/%domain%.log combined
+ ErrorLog /var/log/%web_system%/domains/%domain%.error.log
+
+ SSLRequireSSL
+ AllowOverride All
+ Options +Includes -Indexes +ExecCGI
+ php_admin_value open_basedir %docroot%:%home%/%user%/tmp
+ php_admin_value upload_tmp_dir %home%/%user%/tmp
+ php_admin_value session.save_path %home%/%user%/tmp
+
+ SetHandler fcgid-script
+
+ FCGIWrapper %home%/%user%/web/%domain%/cgi-bin/fcgi-starter .php
+
+
+ AllowOverride All
+
+ php_admin_value open_basedir none
+ SSLEngine on
+ SSLVerifyClient none
+ SSLCertificateFile %ssl_crt%
+ SSLCertificateKeyFile %ssl_key%
+ %ssl_ca_str%SSLCertificateChainFile %ssl_ca%
+
+ IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf*
+
+
+
diff --git a/install/ubuntu/18.04/templates/web/apache2/phpfcgid.tpl b/install/ubuntu/18.04/templates/web/apache2/phpfcgid.tpl
new file mode 100644
index 00000000..a4c01269
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/apache2/phpfcgid.tpl
@@ -0,0 +1,31 @@
+
+
+ ServerName %domain_idn%
+ %alias_string%
+ ServerAdmin %email%
+ DocumentRoot %docroot%
+ ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/
+ Alias /vstats/ %home%/%user%/web/%domain%/stats/
+ Alias /error/ %home%/%user%/web/%domain%/document_errors/
+ SuexecUserGroup %user% %group%
+ CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes
+ CustomLog /var/log/%web_system%/domains/%domain%.log combined
+ ErrorLog /var/log/%web_system%/domains/%domain%.error.log
+
+ AllowOverride All
+ Options +Includes -Indexes +ExecCGI
+ php_admin_value open_basedir %docroot%:%home%/%user%/tmp
+ php_admin_value upload_tmp_dir %home%/%user%/tmp
+ php_admin_value session.save_path %home%/%user%/tmp
+
+ SetHandler fcgid-script
+
+ FCGIWrapper %home%/%user%/web/%domain%/cgi-bin/fcgi-starter .php
+
+
+ AllowOverride All
+
+ IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf*
+
+
+
diff --git a/install/ubuntu/18.04/templates/web/awstats/awstats.tpl b/install/ubuntu/18.04/templates/web/awstats/awstats.tpl
new file mode 100755
index 00000000..9a92e0fd
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/awstats/awstats.tpl
@@ -0,0 +1,133 @@
+LogFile="/var/log/%web_system%/domains/%domain%.log"
+LogType=W
+LogFormat=1
+LogSeparator=" "
+SiteDomain="%domain_idn%"
+HostAliases="%alias_idn%"
+DirData="%home%/%user%/web/%domain%/stats"
+DirCgi="/vstats"
+DirIcons="/vstats/icon"
+AllowToUpdateStatsFromBrowser=0
+AllowFullYearView=2
+EnableLockForUpdate=1
+DNSStaticCacheFile="dnscache.txt"
+DNSLastUpdateCacheFile="dnscachelastupdate.txt"
+SkipDNSLookupFor=""
+AllowAccessFromWebToAuthenticatedUsersOnly=0
+AllowAccessFromWebToFollowingAuthenticatedUsers=""
+AllowAccessFromWebToFollowingIPAddresses=""
+CreateDirDataIfNotExists=0
+BuildHistoryFormat=text
+BuildReportFormat=html
+SaveDatabaseFilesWithPermissionsForEveryone=0
+PurgeLogFile=0
+ArchiveLogRecords=0
+KeepBackupOfHistoricFiles=1
+DefaultFile="index.php index.html"
+SkipHosts="127.0.0.1
+SkipUserAgents=""
+SkipFiles=""
+SkipReferrersBlackList=""
+OnlyHosts=""
+OnlyUserAgents=""
+OnlyUsers=""
+OnlyFiles=""
+NotPageList="css js class gif jpg jpeg png bmp ico rss xml swf"
+ValidHTTPCodes="200 304"
+ValidSMTPCodes="1 250"
+AuthenticatedUsersNotCaseSensitive=0
+URLNotCaseSensitive=0
+URLWithAnchor=0
+URLQuerySeparators="?;"
+URLWithQuery=0
+URLWithQueryWithOnlyFollowingParameters=""
+URLWithQueryWithoutFollowingParameters=""
+URLReferrerWithQuery=0
+WarningMessages=1
+ErrorMessages=""
+DebugMessages=0
+NbOfLinesForCorruptedLog=50
+WrapperScript=""
+DecodeUA=0
+MiscTrackerUrl="/js/awstats_misc_tracker.js"
+UseFramesWhenCGI=1
+DetailedReportsOnNewWindows=1
+Expires=3600
+MaxRowsInHTMLOutput=1000
+Lang="auto"
+DirLang="./lang"
+ShowMenu=1
+ShowSummary=UVPHB
+ShowMonthStats=UVPHB
+ShowDaysOfMonthStats=VPHB
+ShowDaysOfWeekStats=PHB
+ShowHoursStats=PHB
+ShowDomainsStats=PHB
+ShowHostsStats=PHBL
+ShowAuthenticatedUsers=0
+ShowRobotsStats=HBL
+ShowWormsStats=0
+ShowEMailSenders=0
+ShowEMailReceivers=0
+ShowSessionsStats=1
+ShowPagesStats=PBEX
+ShowFileTypesStats=HB
+ShowFileSizesStats=0
+ShowDownloadsStats=HB
+ShowOSStats=1
+ShowBrowsersStats=1
+ShowScreenSizeStats=0
+ShowOriginStats=PH
+ShowKeyphrasesStats=1
+ShowKeywordsStats=1
+ShowMiscStats=a
+ShowHTTPErrorsStats=1
+ShowSMTPErrorsStats=0
+ShowClusterStats=0
+AddDataArrayMonthStats=1
+AddDataArrayShowDaysOfMonthStats=1
+AddDataArrayShowDaysOfWeekStats=1
+AddDataArrayShowHoursStats=1
+IncludeInternalLinksInOriginSection=0
+MaxNbOfDomain = 10
+MinHitDomain = 1
+MaxNbOfHostsShown = 10
+MinHitHost = 1
+MaxNbOfLoginShown = 10
+MinHitLogin = 1
+MaxNbOfRobotShown = 10
+MinHitRobot = 1
+MaxNbOfDownloadsShown = 10
+MinHitDownloads = 1
+MaxNbOfPageShown = 10
+MinHitFile = 1
+MaxNbOfOsShown = 10
+MinHitOs = 1
+MaxNbOfBrowsersShown = 10
+MinHitBrowser = 1
+MaxNbOfScreenSizesShown = 5
+MinHitScreenSize = 1
+MaxNbOfWindowSizesShown = 5
+MinHitWindowSize = 1
+MaxNbOfRefererShown = 10
+MinHitRefer = 1
+MaxNbOfKeyphrasesShown = 10
+MinHitKeyphrase = 1
+MaxNbOfKeywordsShown = 10
+MinHitKeyword = 1
+MaxNbOfEMailsShown = 20
+MinHitEMail = 1
+FirstDayOfWeek=0
+ShowFlagLinks=""
+ShowLinksOnUrl=1
+UseHTTPSLinkForUrl=""
+MaxLengthOfShownURL=64
+HTMLHeadSection=""
+HTMLEndSection=""
+MetaRobot=0
+Logo="awstats_logo6.png"
+LogoLink="http://awstats.sourceforge.net"
+BarWidth = 260
+BarHeight = 90
+StyleSheet=""
+ExtraTrackedRowsLimit=500
diff --git a/install/ubuntu/18.04/templates/web/awstats/index.tpl b/install/ubuntu/18.04/templates/web/awstats/index.tpl
new file mode 100755
index 00000000..9df9bb5c
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/awstats/index.tpl
@@ -0,0 +1,10 @@
+
+
+
+ Awstats log analyzer
+
+
+
diff --git a/install/ubuntu/18.04/templates/web/awstats/nav.tpl b/install/ubuntu/18.04/templates/web/awstats/nav.tpl
new file mode 100755
index 00000000..f29bed68
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/awstats/nav.tpl
@@ -0,0 +1,23 @@
+
+
+ Awstats navigation
+
+
+
+
+
+ |
+
+ |
+
+
+
+
diff --git a/install/ubuntu/18.04/templates/web/nginx/caching.sh b/install/ubuntu/18.04/templates/web/nginx/caching.sh
new file mode 100755
index 00000000..09d8efe7
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/nginx/caching.sh
@@ -0,0 +1,19 @@
+#!/bin/bash
+
+user=$1
+domain=$2
+ip=$3
+home=$4
+docroot=$5
+
+str="proxy_cache_path /var/cache/nginx/$domain levels=2"
+str="$str keys_zone=$domain:10m inactive=60m max_size=512m;"
+conf='/etc/nginx/conf.d/01_caching_pool.conf'
+if [ -e "$conf" ]; then
+ if [ -z "$(grep "=${domain}:" $conf)" ]; then
+ echo "$str" >> $conf
+ fi
+else
+ echo "$str" >> $conf
+fi
+
diff --git a/install/ubuntu/18.04/templates/web/nginx/caching.stpl b/install/ubuntu/18.04/templates/web/nginx/caching.stpl
new file mode 100755
index 00000000..5e0e4064
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/nginx/caching.stpl
@@ -0,0 +1,44 @@
+server {
+ listen %ip%:%proxy_ssl_port%;
+ server_name %domain_idn% %alias_idn%;
+ ssl on;
+ ssl_certificate %ssl_pem%;
+ ssl_certificate_key %ssl_key%;
+ error_log /var/log/%web_system%/domains/%domain%.error.log error;
+
+ location / {
+ proxy_pass https://%ip%:%web_ssl_port%;
+
+ proxy_cache cache;
+ proxy_cache_valid 15m;
+ proxy_cache_valid 404 1m;
+ proxy_no_cache $no_cache;
+ proxy_cache_bypass $no_cache;
+ proxy_cache_bypass $cookie_session $http_x_update;
+
+ location ~* ^.+\.(%proxy_extentions%)$ {
+ proxy_cache off;
+ root %sdocroot%;
+ access_log /var/log/%web_system%/domains/%domain%.log combined;
+ access_log /var/log/%web_system%/domains/%domain%.bytes bytes;
+ expires max;
+ try_files $uri @fallback;
+ }
+ }
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location @fallback {
+ proxy_pass https://%ip%:%web_ssl_port%;
+ }
+
+ location ~ /\.ht {return 404;}
+ location ~ /\.svn/ {return 404;}
+ location ~ /\.git/ {return 404;}
+ location ~ /\.hg/ {return 404;}
+ location ~ /\.bzr/ {return 404;}
+
+ include %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.04/templates/web/nginx/caching.tpl b/install/ubuntu/18.04/templates/web/nginx/caching.tpl
new file mode 100755
index 00000000..36761b65
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/nginx/caching.tpl
@@ -0,0 +1,41 @@
+server {
+ listen %ip%:%proxy_port%;
+ server_name %domain_idn% %alias_idn%;
+ error_log /var/log/%web_system%/domains/%domain%.error.log error;
+
+ location / {
+ proxy_pass http://%ip%:%web_port%;
+
+ proxy_cache cache;
+ proxy_cache_valid 15m;
+ proxy_cache_valid 404 1m;
+ proxy_no_cache $no_cache;
+ proxy_cache_bypass $no_cache;
+ proxy_cache_bypass $cookie_session $http_x_update;
+
+ location ~* ^.+\.(%proxy_extentions%)$ {
+ proxy_cache off;
+ root %docroot%;
+ access_log /var/log/%web_system%/domains/%domain%.log combined;
+ access_log /var/log/%web_system%/domains/%domain%.bytes bytes;
+ expires max;
+ try_files $uri @fallback;
+ }
+ }
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location @fallback {
+ proxy_pass http://%ip%:%web_port%;
+ }
+
+ location ~ /\.ht {return 404;}
+ location ~ /\.svn/ {return 404;}
+ location ~ /\.git/ {return 404;}
+ location ~ /\.hg/ {return 404;}
+ location ~ /\.bzr/ {return 404;}
+
+ include %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.04/templates/web/nginx/default.stpl b/install/ubuntu/18.04/templates/web/nginx/default.stpl
new file mode 100755
index 00000000..fa538060
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/nginx/default.stpl
@@ -0,0 +1,36 @@
+server {
+ listen %ip%:%proxy_ssl_port%;
+ server_name %domain_idn% %alias_idn%;
+ ssl on;
+ ssl_certificate %ssl_pem%;
+ ssl_certificate_key %ssl_key%;
+ error_log /var/log/%web_system%/domains/%domain%.error.log error;
+
+ location / {
+ proxy_pass https://%ip%:%web_ssl_port%;
+ location ~* ^.+\.(%proxy_extentions%)$ {
+ root %sdocroot%;
+ access_log /var/log/%web_system%/domains/%domain%.log combined;
+ access_log /var/log/%web_system%/domains/%domain%.bytes bytes;
+ expires max;
+ try_files $uri @fallback;
+ }
+ }
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location @fallback {
+ proxy_pass https://%ip%:%web_ssl_port%;
+ }
+
+ location ~ /\.ht {return 404;}
+ location ~ /\.svn/ {return 404;}
+ location ~ /\.git/ {return 404;}
+ location ~ /\.hg/ {return 404;}
+ location ~ /\.bzr/ {return 404;}
+
+ include %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
+
diff --git a/install/ubuntu/18.04/templates/web/nginx/default.tpl b/install/ubuntu/18.04/templates/web/nginx/default.tpl
new file mode 100755
index 00000000..4d5c774b
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/nginx/default.tpl
@@ -0,0 +1,33 @@
+server {
+ listen %ip%:%proxy_port%;
+ server_name %domain_idn% %alias_idn%;
+ error_log /var/log/%web_system%/domains/%domain%.error.log error;
+
+ location / {
+ proxy_pass http://%ip%:%web_port%;
+ location ~* ^.+\.(%proxy_extentions%)$ {
+ root %docroot%;
+ access_log /var/log/%web_system%/domains/%domain%.log combined;
+ access_log /var/log/%web_system%/domains/%domain%.bytes bytes;
+ expires max;
+ try_files $uri @fallback;
+ }
+ }
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location @fallback {
+ proxy_pass http://%ip%:%web_port%;
+ }
+
+ location ~ /\.ht {return 404;}
+ location ~ /\.svn/ {return 404;}
+ location ~ /\.git/ {return 404;}
+ location ~ /\.hg/ {return 404;}
+ location ~ /\.bzr/ {return 404;}
+
+ include %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
+
diff --git a/install/ubuntu/18.04/templates/web/nginx/hosting.sh b/install/ubuntu/18.04/templates/web/nginx/hosting.sh
new file mode 100755
index 00000000..eeed37ef
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/nginx/hosting.sh
@@ -0,0 +1,11 @@
+#!/bin/bash
+# Changing public_html permission
+user="$1"
+domain="$2"
+ip="$3"
+home_dir="$4"
+docroot="$5"
+
+chmod 755 $docroot
+
+exit 0
diff --git a/install/ubuntu/18.04/templates/web/nginx/hosting.stpl b/install/ubuntu/18.04/templates/web/nginx/hosting.stpl
new file mode 100755
index 00000000..d778d633
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/nginx/hosting.stpl
@@ -0,0 +1,38 @@
+server {
+ listen %ip%:%proxy_ssl_port%;
+ server_name %domain_idn% %alias_idn%;
+ ssl on;
+ ssl_certificate %ssl_pem%;
+ ssl_certificate_key %ssl_key%;
+ error_log /var/log/%web_system%/domains/%domain%.error.log error;
+
+ location / {
+ proxy_pass https://%ip%:%web_ssl_port%;
+ location ~* ^.+\.(%proxy_extentions%)$ {
+ root %sdocroot%;
+ access_log /var/log/%web_system%/domains/%domain%.log combined;
+ access_log /var/log/%web_system%/domains/%domain%.bytes bytes;
+ expires max;
+ try_files $uri @fallback;
+ }
+ }
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location @fallback {
+ proxy_pass https://%ip%:%web_ssl_port%;
+ }
+
+ location ~ /\.ht {return 404;}
+ location ~ /\.svn/ {return 404;}
+ location ~ /\.git/ {return 404;}
+ location ~ /\.hg/ {return 404;}
+ location ~ /\.bzr/ {return 404;}
+
+ disable_symlinks if_not_owner from=%docroot%;
+
+ include %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
+
diff --git a/install/ubuntu/18.04/templates/web/nginx/hosting.tpl b/install/ubuntu/18.04/templates/web/nginx/hosting.tpl
new file mode 100755
index 00000000..15961c95
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/nginx/hosting.tpl
@@ -0,0 +1,35 @@
+server {
+ listen %ip%:%proxy_port%;
+ server_name %domain_idn% %alias_idn%;
+ error_log /var/log/%web_system%/domains/%domain%.error.log error;
+
+ location / {
+ proxy_pass http://%ip%:%web_port%;
+ location ~* ^.+\.(%proxy_extentions%)$ {
+ root %docroot%;
+ access_log /var/log/%web_system%/domains/%domain%.log combined;
+ access_log /var/log/%web_system%/domains/%domain%.bytes bytes;
+ expires max;
+ try_files $uri @fallback;
+ }
+ }
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location @fallback {
+ proxy_pass http://%ip%:%web_port%;
+ }
+
+ location ~ /\.ht {return 404;}
+ location ~ /\.svn/ {return 404;}
+ location ~ /\.git/ {return 404;}
+ location ~ /\.hg/ {return 404;}
+ location ~ /\.bzr/ {return 404;}
+
+ disable_symlinks if_not_owner from=%docroot%;
+
+ include %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
+
diff --git a/install/ubuntu/18.04/templates/web/nginx/http2.stpl b/install/ubuntu/18.04/templates/web/nginx/http2.stpl
new file mode 100644
index 00000000..76dd2f8e
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/nginx/http2.stpl
@@ -0,0 +1,36 @@
+server {
+ listen %ip%:%proxy_ssl_port% http2;
+ server_name %domain_idn% %alias_idn%;
+ ssl on;
+ ssl_certificate %ssl_pem%;
+ ssl_certificate_key %ssl_key%;
+ error_log /var/log/httpd/domains/%domain%.error.log error;
+
+ location / {
+ proxy_pass https://%ip%:%web_ssl_port%;
+ location ~* ^.+\.(%proxy_extentions%)$ {
+ root %sdocroot%;
+ access_log /var/log/httpd/domains/%domain%.log combined;
+ access_log /var/log/httpd/domains/%domain%.bytes bytes;
+ expires max;
+ try_files $uri @fallback;
+ }
+ }
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location @fallback {
+ proxy_pass https://%ip%:%web_ssl_port%;
+ }
+
+ location ~ /\.ht {return 404;}
+ location ~ /\.svn/ {return 404;}
+ location ~ /\.git/ {return 404;}
+ location ~ /\.hg/ {return 404;}
+ location ~ /\.bzr/ {return 404;}
+
+ include %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
+
diff --git a/install/ubuntu/18.04/templates/web/nginx/http2.tpl b/install/ubuntu/18.04/templates/web/nginx/http2.tpl
new file mode 100644
index 00000000..c1fec114
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/nginx/http2.tpl
@@ -0,0 +1,33 @@
+server {
+ listen %ip%:%proxy_port%;
+ server_name %domain_idn% %alias_idn%;
+ error_log /var/log/httpd/domains/%domain%.error.log error;
+
+ location / {
+ proxy_pass http://%ip%:%web_port%;
+ location ~* ^.+\.(%proxy_extentions%)$ {
+ root %docroot%;
+ access_log /var/log/httpd/domains/%domain%.log combined;
+ access_log /var/log/httpd/domains/%domain%.bytes bytes;
+ expires max;
+ try_files $uri @fallback;
+ }
+ }
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location @fallback {
+ proxy_pass http://%ip%:%web_port%;
+ }
+
+ location ~ /\.ht {return 404;}
+ location ~ /\.svn/ {return 404;}
+ location ~ /\.git/ {return 404;}
+ location ~ /\.hg/ {return 404;}
+ location ~ /\.bzr/ {return 404;}
+
+ include %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
+
diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/cms_made_simple.stpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/cms_made_simple.stpl
new file mode 100644
index 00000000..d85bcce3
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/cms_made_simple.stpl
@@ -0,0 +1,56 @@
+server {
+ listen %ip%:%web_ssl_port%;
+ server_name %domain_idn% %alias_idn%;
+ root %sdocroot%;
+ index index.php index.html index.htm;
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+
+ ssl on;
+ ssl_certificate %ssl_pem%;
+ ssl_certificate_key %ssl_key%;
+
+ location / {
+ try_files $uri $uri/ /index.php?page=$request_uri;
+
+ location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+ expires max;
+ }
+
+ location ~ [^/]\.php(/|$) {
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ if (!-f $document_root$fastcgi_script_name) {
+ return 404;
+ }
+ fastcgi_pass %backend_lsnr%;
+ fastcgi_index index.php;
+ include /etc/nginx/fastcgi_params;
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ }
+ }
+
+ error_page 403 /error/404.html;
+ error_page 404 /error/404.html;
+ error_page 500 502 503 504 /error/50x.html;
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location ~* "/\.(htaccess|htpasswd)$" {
+ deny all;
+ return 404;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/conf/web/%domain%.auth*;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/cms_made_simple.tpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/cms_made_simple.tpl
new file mode 100644
index 00000000..f9e90393
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/cms_made_simple.tpl
@@ -0,0 +1,52 @@
+server {
+ listen %ip%:%web_port%;
+ server_name %domain_idn% %alias_idn%;
+ root %docroot%;
+ index index.php index.html index.htm;
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+
+ location / {
+ try_files $uri $uri/ /index.php?page=$request_uri;
+
+ location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+ expires max;
+ }
+
+ location ~ [^/]\.php(/|$) {
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ if (!-f $document_root$fastcgi_script_name) {
+ return 404;
+ }
+ fastcgi_pass %backend_lsnr%;
+ fastcgi_index index.php;
+ include /etc/nginx/fastcgi_params;
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ }
+ }
+
+ error_page 403 /error/404.html;
+ error_page 404 /error/404.html;
+ error_page 500 502 503 504 /error/50x.html;
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location ~* "/\.(htaccess|htpasswd)$" {
+ deny all;
+ return 404;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/conf/web/%domain%.auth*;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/codeigniter2.stpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/codeigniter2.stpl
new file mode 100644
index 00000000..9c24c3ea
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/codeigniter2.stpl
@@ -0,0 +1,61 @@
+server {
+ listen %ip%:%web_ssl_port%;
+ server_name %domain_idn% %alias_idn%;
+ root %sdocroot%;
+ index index.php index.html index.htm;
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+
+ ssl on;
+ ssl_certificate %ssl_pem%;
+ ssl_certificate_key %ssl_key%;
+
+ location / {
+ try_files $uri $uri/ /index.php;
+
+ location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+ expires max;
+ }
+
+ location = /index.php {
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ if (!-f $document_root$fastcgi_script_name) {
+ return 404;
+ }
+
+ fastcgi_pass %backend_lsnr%;
+ fastcgi_index index.php;
+ fastcgi_param SCRIPT_FILENAME /var/www/html/ci$fastcgi_script_name;
+ include /etc/nginx/fastcgi_params;
+ }
+ }
+
+ location ~ \.php$ {
+ return 444;
+ }
+
+ error_page 403 /error/404.html;
+ error_page 404 /error/404.html;
+ error_page 500 502 503 504 /error/50x.html;
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location ~* "/\.(htaccess|htpasswd)$" {
+ deny all;
+ return 404;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/conf/web/%domain%.auth*;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/codeigniter2.tpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/codeigniter2.tpl
new file mode 100644
index 00000000..d2422be2
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/codeigniter2.tpl
@@ -0,0 +1,57 @@
+server {
+ listen %ip%:%web_port%;
+ server_name %domain_idn% %alias_idn%;
+ root %docroot%;
+ index index.php index.html index.htm;
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+
+ location / {
+ try_files $uri $uri/ /index.php;
+
+ location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+ expires max;
+ }
+
+ location = /index.php {
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ if (!-f $document_root$fastcgi_script_name) {
+ return 404;
+ }
+
+ fastcgi_pass %backend_lsnr%;
+ fastcgi_index index.php;
+ fastcgi_param SCRIPT_FILENAME /var/www/html/ci$fastcgi_script_name;
+ include /etc/nginx/fastcgi_params;
+ }
+ }
+
+ location ~ \.php$ {
+ return 444;
+ }
+
+ error_page 403 /error/404.html;
+ error_page 404 /error/404.html;
+ error_page 500 502 503 504 /error/50x.html;
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location ~* "/\.(htaccess|htpasswd)$" {
+ deny all;
+ return 404;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/conf/web/%domain%.auth*;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/codeigniter3.stpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/codeigniter3.stpl
new file mode 100644
index 00000000..d7186314
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/codeigniter3.stpl
@@ -0,0 +1,56 @@
+server {
+ listen %ip%:%web_ssl_port%;
+ server_name %domain_idn% %alias_idn%;
+ root %sdocroot%;
+ index index.php index.html index.htm;
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+
+ ssl on;
+ ssl_certificate %ssl_pem%;
+ ssl_certificate_key %ssl_key%;
+
+ location / {
+ try_files $uri $uri/ /index.php;
+
+ location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+ expires max;
+ }
+
+ location ~ [^/]\.php(/|$) {
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ if (!-f $document_root$fastcgi_script_name) {
+ return 404;
+ }
+
+ fastcgi_pass %backend_lsnr%;
+ fastcgi_index index.php;
+ include /etc/nginx/fastcgi_params;
+ }
+ }
+
+ error_page 403 /error/404.html;
+ error_page 404 /error/404.html;
+ error_page 500 502 503 504 /error/50x.html;
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location ~* "/\.(htaccess|htpasswd)$" {
+ deny all;
+ return 404;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/conf/web/%domain%.auth*;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/codeigniter3.tpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/codeigniter3.tpl
new file mode 100644
index 00000000..54f81b99
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/codeigniter3.tpl
@@ -0,0 +1,52 @@
+server {
+ listen %ip%:%web_port%;
+ server_name %domain_idn% %alias_idn%;
+ root %docroot%;
+ index index.php index.html index.htm;
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+
+ location / {
+ try_files $uri $uri/ /index.php;
+
+ location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+ expires max;
+ }
+
+ location ~ [^/]\.php(/|$) {
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ if (!-f $document_root$fastcgi_script_name) {
+ return 404;
+ }
+
+ fastcgi_pass %backend_lsnr%;
+ fastcgi_index index.php;
+ include /etc/nginx/fastcgi_params;
+ }
+ }
+
+ error_page 403 /error/404.html;
+ error_page 404 /error/404.html;
+ error_page 500 502 503 504 /error/50x.html;
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location ~* "/\.(htaccess|htpasswd)$" {
+ deny all;
+ return 404;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/conf/web/%domain%.auth*;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/datalife_engine.stpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/datalife_engine.stpl
new file mode 100644
index 00000000..4f0b9ec7
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/datalife_engine.stpl
@@ -0,0 +1,127 @@
+server {
+ listen %ip%:%web_ssl_port%;
+ server_name %domain_idn% %alias_idn%;
+ root %sdocroot%;
+ index index.php index.html index.htm;
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+
+ ssl on;
+ ssl_certificate %ssl_pem%;
+ ssl_certificate_key %ssl_key%;
+
+ location / {
+ rewrite "^/page/([0-9]+)(/?)$" /index.php?cstart=$1 last;
+
+ rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&cstart=$5&news_name=$6&seourl=$6 last;
+ rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last;
+ rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/print:page,([0-9]+),(.*).html(/?)+$" /engine/print.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last;
+ rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_name=$4&seourl=$4 last;
+
+ rewrite "^/([^.]+)/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$4&news_page=$2&cstart=$3&seourl=$5&seocat=$1 last;
+ rewrite "^/([^.]+)/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$2&seourl=$4&seocat=$1 last;
+ rewrite "^/([^.]+)/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$2&newsid=$3&seourl=$4&seocat=$1 last;
+ rewrite "^/([^.]+)/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&seourl=$3&seocat=$1 last;
+
+ rewrite "^/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$1&cstart=$2&seourl=$4 last;
+ rewrite "^/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&news_page=$1&seourl=$3 last;
+ rewrite "^/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$1&newsid=$2&seourl=$3 last;
+ rewrite "^/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$1&seourl=$2 last;
+
+ rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2&day=$3 last;
+ rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&day=$3&cstart=$4 last;
+
+ rewrite "^/([0-9]{4})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2 last;
+ rewrite "^/([0-9]{4})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&cstart=$3 last;
+
+ rewrite "^/([0-9]{4})(/?)+$" /index.php?year=$1 last;
+ rewrite "^/([0-9]{4})/page/([0-9]+)(/?)+$" /index.php?year=$1&cstart=$2 last;
+
+ rewrite "^/tags/([^/]*)(/?)+$" /index.php?do=tags&tag=$1 last;
+ rewrite "^/tags/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=tags&tag=$1&cstart=$2 last;
+
+ rewrite "^/xfsearch/([^/]*)(/?)+$" /index.php?do=xfsearch&xf=$1 last;
+ rewrite "^/xfsearch/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=xfsearch&xf=$1&cstart=$2 last;
+
+ rewrite "^/user/([^/]*)/rss.xml$" /engine/rss.php?subaction=allnews&user=$1 last;
+ rewrite "^/user/([^/]*)(/?)+$" /index.php?subaction=userinfo&user=$1 last;
+ rewrite "^/user/([^/]*)/page/([0-9]+)(/?)+$" /index.php?subaction=userinfo&user=$1&cstart=$2 last;
+ rewrite "^/user/([^/]*)/news(/?)+$" /index.php?subaction=allnews&user=$1 last;
+ rewrite "^/user/([^/]*)/news/page/([0-9]+)(/?)+$" /index.php?subaction=allnews&user=$1&cstart=$2 last;
+ rewrite "^/user/([^/]*)/news/rss.xml(/?)+$" /engine/rss.php?subaction=allnews&user=$1 last;
+
+ rewrite "^/lastnews(/?)+$" /index.php?do=lastnews last;
+ rewrite "^/lastnews/page/([0-9]+)(/?)+$" /index.php?do=lastnews&cstart=$1 last;
+
+ rewrite "^/catalog/([^/]*)/rss.xml$" /engine/rss.php?catalog=$1 last;
+ rewrite "^/catalog/([^/]*)(/?)+$" /index.php?catalog=$1 last;
+ rewrite "^/catalog/([^/]*)/page/([0-9]+)(/?)+$" /index.php?catalog=$1&cstart=$2 last;
+
+ rewrite "^/newposts(/?)+$" /index.php?subaction=newposts last;
+ rewrite "^/newposts/page/([0-9]+)(/?)+$" /index.php?subaction=newposts&cstart=$1 last;
+
+ rewrite "^/favorites(/?)+$" /index.php?do=favorites last;
+ rewrite "^/favorites/page/([0-9]+)(/?)+$" /index.php?do=favorites&cstart=$1 last;
+
+ rewrite "^/rules.html$" /index.php?do=rules last;
+ rewrite "^/statistics.html$" /index.php?do=stats last;
+ rewrite "^/addnews.html$" /index.php?do=addnews last;
+ rewrite "^/rss.xml$" /engine/rss.php last;
+ rewrite "^/sitemap.xml$" /uploads/sitemap.xml last;
+
+ if (!-d $request_filename) {
+ rewrite "^/([^.]+)/page/([0-9]+)(/?)+$" /index.php?do=cat&category=$1&cstart=$2 last;
+ rewrite "^/([^.]+)/?$" /index.php?do=cat&category=$1 last;
+ }
+
+ if (!-f $request_filename) {
+ rewrite "^/([^.]+)/rss.xml$" /engine/rss.php?do=cat&category=$1 last;
+ rewrite "^/page,([0-9]+),([^/]+).html$" /index.php?do=static&page=$2&news_page=$1 last;
+ rewrite "^/print:([^/]+).html$" /engine/print.php?do=static&page=$1 last;
+ }
+
+ if (!-f $request_filename) {
+ rewrite "^/([^/]+).html$" /index.php?do=static&page=$1 last;
+ }
+
+ location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+ expires max;
+ }
+
+ location ~ [^/]\.php(/|$) {
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ if (!-f $document_root$fastcgi_script_name) {
+ return 404;
+ }
+
+ fastcgi_pass %backend_lsnr%;
+ fastcgi_index index.php;
+ include /etc/nginx/fastcgi_params;
+ }
+ }
+
+ error_page 403 /error/404.html;
+ error_page 404 /error/404.html;
+ error_page 500 502 503 504 /error/50x.html;
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location ~* "/\.(htaccess|htpasswd)$" {
+ deny all;
+ return 404;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/conf/web/%domain%.auth*;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/datalife_engine.tpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/datalife_engine.tpl
new file mode 100644
index 00000000..3ea45347
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/datalife_engine.tpl
@@ -0,0 +1,123 @@
+server {
+ listen %ip%:%web_port%;
+ server_name %domain_idn% %alias_idn%;
+ root %docroot%;
+ index index.php index.html index.htm;
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+
+ location / {
+ rewrite "^/page/([0-9]+)(/?)$" /index.php?cstart=$1 last;
+
+ rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&cstart=$5&news_name=$6&seourl=$6 last;
+ rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last;
+ rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/print:page,([0-9]+),(.*).html(/?)+$" /engine/print.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last;
+ rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_name=$4&seourl=$4 last;
+
+ rewrite "^/([^.]+)/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$4&news_page=$2&cstart=$3&seourl=$5&seocat=$1 last;
+ rewrite "^/([^.]+)/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$2&seourl=$4&seocat=$1 last;
+ rewrite "^/([^.]+)/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$2&newsid=$3&seourl=$4&seocat=$1 last;
+ rewrite "^/([^.]+)/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&seourl=$3&seocat=$1 last;
+
+ rewrite "^/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$1&cstart=$2&seourl=$4 last;
+ rewrite "^/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&news_page=$1&seourl=$3 last;
+ rewrite "^/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$1&newsid=$2&seourl=$3 last;
+ rewrite "^/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$1&seourl=$2 last;
+
+ rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2&day=$3 last;
+ rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&day=$3&cstart=$4 last;
+
+ rewrite "^/([0-9]{4})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2 last;
+ rewrite "^/([0-9]{4})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&cstart=$3 last;
+
+ rewrite "^/([0-9]{4})(/?)+$" /index.php?year=$1 last;
+ rewrite "^/([0-9]{4})/page/([0-9]+)(/?)+$" /index.php?year=$1&cstart=$2 last;
+
+ rewrite "^/tags/([^/]*)(/?)+$" /index.php?do=tags&tag=$1 last;
+ rewrite "^/tags/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=tags&tag=$1&cstart=$2 last;
+
+ rewrite "^/xfsearch/([^/]*)(/?)+$" /index.php?do=xfsearch&xf=$1 last;
+ rewrite "^/xfsearch/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=xfsearch&xf=$1&cstart=$2 last;
+
+ rewrite "^/user/([^/]*)/rss.xml$" /engine/rss.php?subaction=allnews&user=$1 last;
+ rewrite "^/user/([^/]*)(/?)+$" /index.php?subaction=userinfo&user=$1 last;
+ rewrite "^/user/([^/]*)/page/([0-9]+)(/?)+$" /index.php?subaction=userinfo&user=$1&cstart=$2 last;
+ rewrite "^/user/([^/]*)/news(/?)+$" /index.php?subaction=allnews&user=$1 last;
+ rewrite "^/user/([^/]*)/news/page/([0-9]+)(/?)+$" /index.php?subaction=allnews&user=$1&cstart=$2 last;
+ rewrite "^/user/([^/]*)/news/rss.xml(/?)+$" /engine/rss.php?subaction=allnews&user=$1 last;
+
+ rewrite "^/lastnews(/?)+$" /index.php?do=lastnews last;
+ rewrite "^/lastnews/page/([0-9]+)(/?)+$" /index.php?do=lastnews&cstart=$1 last;
+
+ rewrite "^/catalog/([^/]*)/rss.xml$" /engine/rss.php?catalog=$1 last;
+ rewrite "^/catalog/([^/]*)(/?)+$" /index.php?catalog=$1 last;
+ rewrite "^/catalog/([^/]*)/page/([0-9]+)(/?)+$" /index.php?catalog=$1&cstart=$2 last;
+
+ rewrite "^/newposts(/?)+$" /index.php?subaction=newposts last;
+ rewrite "^/newposts/page/([0-9]+)(/?)+$" /index.php?subaction=newposts&cstart=$1 last;
+
+ rewrite "^/favorites(/?)+$" /index.php?do=favorites last;
+ rewrite "^/favorites/page/([0-9]+)(/?)+$" /index.php?do=favorites&cstart=$1 last;
+
+ rewrite "^/rules.html$" /index.php?do=rules last;
+ rewrite "^/statistics.html$" /index.php?do=stats last;
+ rewrite "^/addnews.html$" /index.php?do=addnews last;
+ rewrite "^/rss.xml$" /engine/rss.php last;
+ rewrite "^/sitemap.xml$" /uploads/sitemap.xml last;
+
+ if (!-d $request_filename) {
+ rewrite "^/([^.]+)/page/([0-9]+)(/?)+$" /index.php?do=cat&category=$1&cstart=$2 last;
+ rewrite "^/([^.]+)/?$" /index.php?do=cat&category=$1 last;
+ }
+
+ if (!-f $request_filename) {
+ rewrite "^/([^.]+)/rss.xml$" /engine/rss.php?do=cat&category=$1 last;
+ rewrite "^/page,([0-9]+),([^/]+).html$" /index.php?do=static&page=$2&news_page=$1 last;
+ rewrite "^/print:([^/]+).html$" /engine/print.php?do=static&page=$1 last;
+ }
+
+ if (!-f $request_filename) {
+ rewrite "^/([^/]+).html$" /index.php?do=static&page=$1 last;
+ }
+
+ location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+ expires max;
+ }
+
+ location ~ [^/]\.php(/|$) {
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ if (!-f $document_root$fastcgi_script_name) {
+ return 404;
+ }
+
+ fastcgi_pass %backend_lsnr%;
+ fastcgi_index index.php;
+ include /etc/nginx/fastcgi_params;
+ }
+ }
+
+ error_page 403 /error/404.html;
+ error_page 404 /error/404.html;
+ error_page 500 502 503 504 /error/50x.html;
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location ~* "/\.(htaccess|htpasswd)$" {
+ deny all;
+ return 404;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/conf/web/%domain%.auth*;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/default.stpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/default.stpl
new file mode 100644
index 00000000..5cb55311
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/default.stpl
@@ -0,0 +1,55 @@
+server {
+ listen %ip%:%web_ssl_port%;
+ server_name %domain_idn% %alias_idn%;
+ root %sdocroot%;
+ index index.php index.html index.htm;
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+
+ ssl on;
+ ssl_certificate %ssl_pem%;
+ ssl_certificate_key %ssl_key%;
+
+ location / {
+
+ location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+ expires max;
+ }
+
+ location ~ [^/]\.php(/|$) {
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ if (!-f $document_root$fastcgi_script_name) {
+ return 404;
+ }
+
+ fastcgi_pass %backend_lsnr%;
+ fastcgi_index index.php;
+ include /etc/nginx/fastcgi_params;
+ }
+ }
+
+ error_page 403 /error/404.html;
+ error_page 404 /error/404.html;
+ error_page 500 502 503 504 /error/50x.html;
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location ~* "/\.(htaccess|htpasswd)$" {
+ deny all;
+ return 404;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/conf/web/%domain%.auth*;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/default.tpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/default.tpl
new file mode 100644
index 00000000..a8909efb
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/default.tpl
@@ -0,0 +1,51 @@
+server {
+ listen %ip%:%web_port%;
+ server_name %domain_idn% %alias_idn%;
+ root %docroot%;
+ index index.php index.html index.htm;
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+
+ location / {
+
+ location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+ expires max;
+ }
+
+ location ~ [^/]\.php(/|$) {
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ if (!-f $document_root$fastcgi_script_name) {
+ return 404;
+ }
+
+ fastcgi_pass %backend_lsnr%;
+ fastcgi_index index.php;
+ include /etc/nginx/fastcgi_params;
+ }
+ }
+
+ error_page 403 /error/404.html;
+ error_page 404 /error/404.html;
+ error_page 500 502 503 504 /error/50x.html;
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location ~* "/\.(htaccess|htpasswd)$" {
+ deny all;
+ return 404;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/conf/web/%domain%.auth*;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/dokuwiki.stpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/dokuwiki.stpl
new file mode 100644
index 00000000..f85032ba
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/dokuwiki.stpl
@@ -0,0 +1,72 @@
+server {
+ listen %ip%:%web_ssl_port%;
+ server_name %domain_idn% %alias_idn%;
+ root %sdocroot%;
+ index index.php index.html index.htm;
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+
+ ssl on;
+ ssl_certificate %ssl_pem%;
+ ssl_certificate_key %ssl_key%;
+
+ location / {
+ index doku.php;
+ try_files $uri $uri/ @dokuwiki;
+
+ location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+ expires max;
+ }
+
+ location ~ [^/]\.php(/|$) {
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ if (!-f $document_root$fastcgi_script_name) {
+ return 404;
+ }
+
+ fastcgi_pass %backend_lsnr%;
+ fastcgi_index index.php;
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ include /etc/nginx/fastcgi_params;
+ }
+ }
+
+ location ~ ^/lib.*\.(gif|png|ico|jpg)$ {
+ expires 30d;
+ }
+
+ location ^~ /conf/ { return 403; }
+ location ^~ /data/ { return 403; }
+
+ location @dokuwiki {
+ rewrite ^/_media/(.*) /lib/exe/fetch.php?media=$1 last;
+ rewrite ^/_detail/(.*) /lib/exe/detail.php?media=$1 last;
+ rewrite ^/_export/([^/]+)/(.*) /doku.php?do=export_$1&id=$2 last;
+ rewrite ^/(.*) /doku.php?id=$1 last;
+ }
+
+ error_page 403 /error/404.html;
+ error_page 404 /error/404.html;
+ error_page 500 502 503 504 /error/50x.html;
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location ~* "/\.(htaccess|htpasswd)$" {
+ deny all;
+ return 404;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/conf/web/%domain%.auth*;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/dokuwiki.tpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/dokuwiki.tpl
new file mode 100644
index 00000000..0a9a75ed
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/dokuwiki.tpl
@@ -0,0 +1,67 @@
+server {
+ listen %ip%:%web_port%;
+ server_name %domain_idn% %alias_idn%;
+ root %docroot%;
+ index index.php index.html index.htm;
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+
+ location / {
+ index doku.php;
+ try_files $uri $uri/ @dokuwiki;
+
+ location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+ expires max;
+ }
+
+ location ~ [^/]\.php(/|$) {
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ if (!-f $document_root$fastcgi_script_name) {
+ return 404;
+ }
+
+ fastcgi_pass %backend_lsnr%;
+ fastcgi_index index.php;
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ include /etc/nginx/fastcgi_params;
+ }
+ }
+
+ location ~ ^/lib.*\.(gif|png|ico|jpg)$ {
+ expires 30d;
+ }
+
+ location ^~ /conf/ { return 403; }
+ location ^~ /data/ { return 403; }
+ location @dokuwiki {
+ rewrite ^/_media/(.*) /lib/exe/fetch.php?media=$1 last;
+ rewrite ^/_detail/(.*) /lib/exe/detail.php?media=$1 last;
+ rewrite ^/_export/([^/]+)/(.*) /doku.php?do=export_$1&id=$2 last;
+ rewrite ^/(.*) /doku.php?id=$1 last;
+ }
+
+ error_page 403 /error/404.html;
+ error_page 404 /error/404.html;
+ error_page 500 502 503 504 /error/50x.html;
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location ~* "/\.(htaccess|htpasswd)$" {
+ deny all;
+ return 404;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/conf/web/%domain%.auth*;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal6.stpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal6.stpl
new file mode 100644
index 00000000..91a70936
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal6.stpl
@@ -0,0 +1,101 @@
+server {
+ listen %ip%:%web_ssl_port%;
+ server_name %domain_idn% %alias_idn%;
+ root %sdocroot%;
+ index index.php index.html index.htm;
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+
+ ssl on;
+ ssl_certificate %ssl_pem%;
+ ssl_certificate_key %ssl_key%;
+
+ location = /favicon.ico {
+ log_not_found off;
+ access_log off;
+ }
+
+ location = /robots.txt {
+ allow all;
+ log_not_found off;
+ access_log off;
+ }
+
+ location ~* \.(txt|log)$ {
+ allow 192.168.0.0/16;
+ deny all;
+ }
+
+ location ~ \..*/.*\.php$ {
+ return 403;
+ }
+
+ # No no for private
+ location ~ ^/sites/.*/private/ {
+ return 403;
+ }
+
+ # Block access to "hidden" files and directories whose names begin with a
+ # period. This includes directories used by version control systems such
+ # as Subversion or Git to store control files.
+ location ~ (^|/)\. {
+ return 403;
+ }
+
+ location / {
+ try_files $uri @rewrite;
+
+ location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+ expires max;
+ }
+
+ location ~ [^/]\.php(/|$) {
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ if (!-f $document_root$fastcgi_script_name) {
+ return 404;
+ }
+
+ fastcgi_pass %backend_lsnr%;
+ fastcgi_index index.php;
+ fastcgi_param SCRIPT_FILENAME $request_filename;
+ fastcgi_intercept_errors on;
+ include /etc/nginx/fastcgi_params;
+ }
+ }
+
+ location @rewrite {
+ # For Drupal 6 and bwlow:
+ # Some modules enforce no slash (/) at the end of the URL
+ # Else this rewrite block wouldn't be needed (GlobalRedirect)
+ rewrite ^/(.*)$ /index.php?q=$1;
+ }
+
+ location ~ ^/sites/.*/files/styles/ {
+ try_files $uri @rewrite;
+ }
+
+ error_page 403 /error/404.html;
+ error_page 404 /error/404.html;
+ error_page 500 502 503 504 /error/50x.html;
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location ~* "/\.(htaccess|htpasswd)$" {
+ deny all;
+ return 404;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/conf/web/%domain%.auth*;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal6.tpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal6.tpl
new file mode 100644
index 00000000..ac32dcd9
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal6.tpl
@@ -0,0 +1,98 @@
+server {
+ listen %ip%:%web_port%;
+ server_name %domain_idn% %alias_idn%;
+ root %docroot%;
+ index index.php index.html index.htm;
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+
+ location = /favicon.ico {
+ log_not_found off;
+ access_log off;
+ }
+
+ location = /robots.txt {
+ allow all;
+ log_not_found off;
+ access_log off;
+ }
+
+ # Very rarely should these ever be accessed outside of your lan
+ location ~* \.(txt|log)$ {
+ allow 192.168.0.0/16;
+ deny all;
+ }
+
+ location ~ \..*/.*\.php$ {
+ return 403;
+ }
+
+ # No no for private
+ location ~ ^/sites/.*/private/ {
+ return 403;
+ }
+
+ # Block access to "hidden" files and directories whose names begin with a
+ # period. This includes directories used by version control systems such
+ # as Subversion or Git to store control files.
+ location ~ (^|/)\. {
+ return 403;
+ }
+
+ location / {
+ try_files $uri @rewrite;
+
+ location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+ expires max;
+ }
+
+ location ~ [^/]\.php(/|$) {
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ if (!-f $document_root$fastcgi_script_name) {
+ return 404;
+ }
+
+ fastcgi_pass %backend_lsnr%;
+ fastcgi_index index.php;
+ fastcgi_param SCRIPT_FILENAME $request_filename;
+ fastcgi_intercept_errors on;
+ include /etc/nginx/fastcgi_params;
+ }
+ }
+
+ location @rewrite {
+ # For Drupal 6 and bwlow:
+ # Some modules enforce no slash (/) at the end of the URL
+ # Else this rewrite block wouldn't be needed (GlobalRedirect)
+ rewrite ^/(.*)$ /index.php?q=$1;
+ }
+
+ location ~ ^/sites/.*/files/styles/ {
+ try_files $uri @rewrite;
+ }
+
+ error_page 403 /error/404.html;
+ error_page 404 /error/404.html;
+ error_page 500 502 503 504 /error/50x.html;
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location ~* "/\.(htaccess|htpasswd)$" {
+ deny all;
+ return 404;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/conf/web/%domain%.auth*;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal7.stpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal7.stpl
new file mode 100644
index 00000000..3b9dabf5
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal7.stpl
@@ -0,0 +1,101 @@
+server {
+ listen %ip%:%web_ssl_port%;
+ server_name %domain_idn% %alias_idn%;
+ root %sdocroot%;
+ index index.php index.html index.htm;
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+
+ ssl on;
+ ssl_certificate %ssl_pem%;
+ ssl_certificate_key %ssl_key%;
+
+ location = /favicon.ico {
+ log_not_found off;
+ access_log off;
+ }
+
+ location = /robots.txt {
+ allow all;
+ log_not_found off;
+ access_log off;
+ }
+
+ location ~* \.(txt|log)$ {
+ allow 192.168.0.0/16;
+ deny all;
+ }
+
+ location ~ \..*/.*\.php$ {
+ return 403;
+ }
+
+ # No no for private
+ location ~ ^/sites/.*/private/ {
+ return 403;
+ }
+
+ # Block access to "hidden" files and directories whose names begin with a
+ # period. This includes directories used by version control systems such
+ # as Subversion or Git to store control files.
+ location ~ (^|/)\. {
+ return 403;
+ }
+
+ location / {
+ try_files $uri @rewrite;
+
+ location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+ expires max;
+ }
+
+ location ~ [^/]\.php(/|$) {
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ if (!-f $document_root$fastcgi_script_name) {
+ return 404;
+ }
+
+ fastcgi_pass %backend_lsnr%;
+ fastcgi_index index.php;
+ fastcgi_param SCRIPT_FILENAME $request_filename;
+ fastcgi_intercept_errors on;
+ include /etc/nginx/fastcgi_params;
+ }
+ }
+
+ location @rewrite {
+ # You have 2 options here
+ # For D7 and above:
+ # Clean URLs are handled in drupal_environment_initialize().
+ rewrite ^ /index.php;
+ }
+
+ location ~ ^/sites/.*/files/styles/ {
+ try_files $uri @rewrite;
+ }
+
+ error_page 403 /error/404.html;
+ error_page 404 /error/404.html;
+ error_page 500 502 503 504 /error/50x.html;
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location ~* "/\.(htaccess|htpasswd)$" {
+ deny all;
+ return 404;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/conf/web/%domain%.auth*;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal7.tpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal7.tpl
new file mode 100644
index 00000000..1b979475
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal7.tpl
@@ -0,0 +1,98 @@
+server {
+ listen %ip%:%web_port%;
+ server_name %domain_idn% %alias_idn%;
+ root %docroot%;
+ index index.php index.html index.htm;
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+
+ location = /favicon.ico {
+ log_not_found off;
+ access_log off;
+ }
+
+ location = /robots.txt {
+ allow all;
+ log_not_found off;
+ access_log off;
+ }
+
+ # Very rarely should these ever be accessed outside of your lan
+ location ~* \.(txt|log)$ {
+ allow 192.168.0.0/16;
+ deny all;
+ }
+
+ location ~ \..*/.*\.php$ {
+ return 403;
+ }
+
+ # No no for private
+ location ~ ^/sites/.*/private/ {
+ return 403;
+ }
+
+ # Block access to "hidden" files and directories whose names begin with a
+ # period. This includes directories used by version control systems such
+ # as Subversion or Git to store control files.
+ location ~ (^|/)\. {
+ return 403;
+ }
+
+ location / {
+ try_files $uri @rewrite;
+
+ location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+ expires max;
+ }
+
+ location ~ [^/]\.php(/|$) {
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ if (!-f $document_root$fastcgi_script_name) {
+ return 404;
+ }
+
+ fastcgi_pass %backend_lsnr%;
+ fastcgi_index index.php;
+ fastcgi_param SCRIPT_FILENAME $request_filename;
+ fastcgi_intercept_errors on;
+ include /etc/nginx/fastcgi_params;
+ }
+ }
+
+ location @rewrite {
+ # You have 2 options here
+ # For D7 and above:
+ # Clean URLs are handled in drupal_environment_initialize().
+ rewrite ^ /index.php;
+ }
+
+ location ~ ^/sites/.*/files/styles/ {
+ try_files $uri @rewrite;
+ }
+
+ error_page 403 /error/404.html;
+ error_page 404 /error/404.html;
+ error_page 500 502 503 504 /error/50x.html;
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location ~* "/\.(htaccess|htpasswd)$" {
+ deny all;
+ return 404;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/conf/web/%domain%.auth*;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal8.stpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal8.stpl
new file mode 100644
index 00000000..50d85b68
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal8.stpl
@@ -0,0 +1,102 @@
+server {
+ listen %ip%:%web_ssl_port%;
+ server_name %domain_idn% %alias_idn%;
+ root %sdocroot%;
+ index index.php index.html index.htm;
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+
+ ssl on;
+ ssl_certificate %ssl_pem%;
+ ssl_certificate_key %ssl_key%;
+
+ location = /favicon.ico {
+ log_not_found off;
+ access_log off;
+ }
+
+ location = /robots.txt {
+ allow all;
+ log_not_found off;
+ access_log off;
+ }
+
+ location ~* \.(txt|log)$ {
+ allow 192.168.0.0/16;
+ deny all;
+ }
+
+ location ~ \..*/.*\.php$ {
+ return 403;
+ }
+
+ # No no for private
+ location ~ ^/sites/.*/private/ {
+ return 403;
+ }
+
+ # Block access to "hidden" files and directories whose names begin with a
+ # period. This includes directories used by version control systems such
+ # as Subversion or Git to store control files.
+ location ~ (^|/)\. {
+ return 403;
+ }
+
+ location / {
+ try_files $uri @rewrite;
+
+ location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+ expires max;
+ }
+
+ location ~ [^/]\.php(/|$)|^/update.php {
+ fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ if (!-f $document_root$fastcgi_script_name) {
+ return 404;
+ }
+
+ fastcgi_pass %backend_lsnr%;
+ fastcgi_index index.php;
+ fastcgi_param SCRIPT_FILENAME $request_filename;
+ fastcgi_intercept_errors on;
+ include /etc/nginx/fastcgi_params;
+ }
+ }
+
+ location @rewrite {
+ # You have 2 options here
+ # For D7 and above:
+ # Clean URLs are handled in drupal_environment_initialize().
+ rewrite ^ /index.php;
+ }
+
+ location ~ ^/sites/.*/files/styles/ {
+ try_files $uri @rewrite;
+ }
+
+ error_page 403 /error/404.html;
+ error_page 404 /error/404.html;
+ error_page 500 502 503 504 /error/50x.html;
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location ~* "/\.(htaccess|htpasswd)$" {
+ deny all;
+ return 404;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/conf/web/%domain%.auth*;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal8.tpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal8.tpl
new file mode 100644
index 00000000..71b538bf
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal8.tpl
@@ -0,0 +1,99 @@
+server {
+ listen %ip%:%web_port%;
+ server_name %domain_idn% %alias_idn%;
+ root %docroot%;
+ index index.php index.html index.htm;
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+
+ location = /favicon.ico {
+ log_not_found off;
+ access_log off;
+ }
+
+ location = /robots.txt {
+ allow all;
+ log_not_found off;
+ access_log off;
+ }
+
+ # Very rarely should these ever be accessed outside of your lan
+ location ~* \.(txt|log)$ {
+ allow 192.168.0.0/16;
+ deny all;
+ }
+
+ location ~ \..*/.*\.php$ {
+ return 403;
+ }
+
+ # No no for private
+ location ~ ^/sites/.*/private/ {
+ return 403;
+ }
+
+ # Block access to "hidden" files and directories whose names begin with a
+ # period. This includes directories used by version control systems such
+ # as Subversion or Git to store control files.
+ location ~ (^|/)\. {
+ return 403;
+ }
+
+ location / {
+ try_files $uri @rewrite;
+
+ location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+ expires max;
+ }
+
+ location ~ [^/]\.php(/|$)|^/update.php {
+ fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ if (!-f $document_root$fastcgi_script_name) {
+ return 404;
+ }
+
+ fastcgi_pass %backend_lsnr%;
+ fastcgi_index index.php;
+ fastcgi_param SCRIPT_FILENAME $request_filename;
+ fastcgi_intercept_errors on;
+ include /etc/nginx/fastcgi_params;
+ }
+ }
+
+ location @rewrite {
+ # You have 2 options here
+ # For D7 and above:
+ # Clean URLs are handled in drupal_environment_initialize().
+ rewrite ^ /index.php;
+ }
+
+ location ~ ^/sites/.*/files/styles/ {
+ try_files $uri @rewrite;
+ }
+
+ error_page 403 /error/404.html;
+ error_page 404 /error/404.html;
+ error_page 500 502 503 504 /error/50x.html;
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location ~* "/\.(htaccess|htpasswd)$" {
+ deny all;
+ return 404;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/conf/web/%domain%.auth*;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/joomla.stpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/joomla.stpl
new file mode 100644
index 00000000..704405f3
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/joomla.stpl
@@ -0,0 +1,63 @@
+server {
+ listen %ip%:%web_ssl_port%;
+ server_name %domain_idn% %alias_idn%;
+ root %sdocroot%;
+ index index.php index.html index.htm;
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+
+ ssl on;
+ ssl_certificate %ssl_pem%;
+ ssl_certificate_key %ssl_key%;
+
+ location / {
+ try_files $uri $uri/ /index.php?$args;
+
+ location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+ expires max;
+ }
+
+ # deny running scripts inside writable directories
+ location ~* /(images|cache|media|logs|tmp)/.*\.(php|pl|py|jsp|asp|sh|cgi)$ {
+ return 403;
+ error_page 403 /403_error.html;
+ }
+
+ location ~ [^/]\.php(/|$) {
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ if (!-f $document_root$fastcgi_script_name) {
+ return 404;
+ }
+
+ fastcgi_pass %backend_lsnr%;
+ fastcgi_index index.php;
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ include /etc/nginx/fastcgi_params;
+ }
+ }
+
+ error_page 403 /error/404.html;
+ error_page 404 /error/404.html;
+ error_page 500 502 503 504 /error/50x.html;
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location ~* "/\.(htaccess|htpasswd)$" {
+ deny all;
+ return 404;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/conf/web/%domain%.auth*;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/joomla.tpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/joomla.tpl
new file mode 100644
index 00000000..91b7a8f1
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/joomla.tpl
@@ -0,0 +1,59 @@
+server {
+ listen %ip%:%web_port%;
+ server_name %domain_idn% %alias_idn%;
+ root %docroot%;
+ index index.php index.html index.htm;
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+
+ location / {
+ try_files $uri $uri/ /index.php?$args;
+
+ location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+ expires max;
+ }
+
+ # deny running scripts inside writable directories
+ location ~* /(images|cache|media|logs|tmp)/.*\.(php|pl|py|jsp|asp|sh|cgi)$ {
+ return 403;
+ error_page 403 /403_error.html;
+ }
+
+ location ~ [^/]\.php(/|$) {
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ if (!-f $document_root$fastcgi_script_name) {
+ return 404;
+ }
+
+ fastcgi_pass %backend_lsnr%;
+ fastcgi_index index.php;
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ include /etc/nginx/fastcgi_params;
+ }
+ }
+
+ error_page 403 /error/404.html;
+ error_page 404 /error/404.html;
+ error_page 500 502 503 504 /error/50x.html;
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location ~* "/\.(htaccess|htpasswd)$" {
+ deny all;
+ return 404;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/conf/web/%domain%.auth*;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/laravel.stpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/laravel.stpl
new file mode 100644
index 00000000..477f6f01
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/laravel.stpl
@@ -0,0 +1,56 @@
+server {
+ listen %ip%:%web_ssl_port%;
+ server_name %domain_idn% %alias_idn%;
+ root %sdocroot%/public;
+ index index.php index.html index.htm;
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+
+
+ ssl on;
+ ssl_certificate %ssl_pem%;
+ ssl_certificate_key %ssl_key%;
+
+ location / {
+ try_files $uri $uri/ /index.php?$query_string;
+ location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+ expires max;
+ }
+
+ location ~ [^/]\.php(/|$) {
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ if (!-f $document_root$fastcgi_script_name) {
+ return 404;
+ }
+
+ fastcgi_pass %backend_lsnr%;
+ fastcgi_index index.php;
+ include /etc/nginx/fastcgi_params;
+ }
+ }
+
+ error_page 403 /error/404.html;
+ error_page 404 /error/404.html;
+ error_page 500 502 503 504 /error/50x.html;
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location ~* "/\.(htaccess|htpasswd)$" {
+ deny all;
+ return 404;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/conf/web/%domain%.auth*;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/laravel.tpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/laravel.tpl
new file mode 100644
index 00000000..d14b0173
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/laravel.tpl
@@ -0,0 +1,50 @@
+server {
+ listen %ip%:%web_port%;
+ server_name %domain_idn% %alias_idn%;
+ root %docroot%/public;
+ index index.php index.html index.htm;
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+ location / {
+ try_files $uri $uri/ /index.php?$query_string;
+ location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+ expires max;
+ }
+
+ location ~ [^/]\.php(/|$) {
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ if (!-f $document_root$fastcgi_script_name) {
+ return 404;
+ }
+
+ fastcgi_pass %backend_lsnr%;
+ fastcgi_index index.php;
+ include /etc/nginx/fastcgi_params;
+ }
+ }
+
+ error_page 403 /error/404.html;
+ error_page 404 /error/404.html;
+ error_page 500 502 503 504 /error/50x.html;
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location ~* "/\.(htaccess|htpasswd)$" {
+ deny all;
+ return 404;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/conf/web/%domain%.auth*;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/magento.stpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/magento.stpl
new file mode 100644
index 00000000..fdab43aa
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/magento.stpl
@@ -0,0 +1,198 @@
+server {
+ listen %ip%:%web_ssl_port%;
+ server_name %domain_idn% %alias_idn%;
+
+ root %sdocroot%/pub;
+ index index.php;
+ autoindex off;
+ charset UTF-8;
+ error_page 404 403 = /errors/404.php;
+ add_header "X-UA-Compatible" "IE=Edge";
+
+ ssl on;
+ ssl_certificate %ssl_pem%;
+ ssl_certificate_key %ssl_key%;
+
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+
+ # PHP entry point for setup application
+ location ~* ^/setup($|/) {
+ root %sdocroot%;
+
+ location ~ ^/setup/index.php {
+ fastcgi_pass %backend_lsnr%;
+ fastcgi_index index.php;
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ include /etc/nginx/fastcgi_params;
+ }
+
+ location ~ ^/setup/(?!pub/). {
+ deny all;
+ }
+
+ location ~ ^/setup/pub/ {
+ add_header X-Frame-Options "SAMEORIGIN";
+ }
+ }
+
+ # PHP entry point for update application
+ location ~* ^/update($|/) {
+ root %sdocroot%;
+
+ location ~ ^/update/index.php {
+ fastcgi_split_path_info ^(/update/index.php)(/.+)$;
+ fastcgi_pass %backend_lsnr%;
+ fastcgi_index index.php;
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ fastcgi_param PATH_INFO $fastcgi_path_info;
+ include /etc/nginx/fastcgi_params;
+ }
+
+ # Deny everything but index.php
+ location ~ ^/update/(?!pub/). {
+ deny all;
+ }
+
+ location ~ ^/update/pub/ {
+ add_header X-Frame-Options "SAMEORIGIN";
+ }
+ }
+
+ location / {
+ try_files $uri $uri/ /index.php?$args;
+ }
+
+ location /pub/ {
+ location ~ ^/pub/media/(downloadable|customer|import|theme_customization/.*\.xml) {
+ deny all;
+ }
+
+ alias %sdocroot%/pub/;
+ add_header X-Frame-Options "SAMEORIGIN";
+ }
+
+ location /static/ {
+ # Uncomment the following line in production mode
+ # expires max;
+
+ # Remove signature of the static files that is used to overcome the browser cache
+ location ~ ^/static/version {
+ rewrite ^/static/(version\d*/)?(.*)$ /static/$2 last;
+ }
+
+ location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ {
+ add_header Cache-Control "public";
+ add_header X-Frame-Options "SAMEORIGIN";
+ expires +1y;
+
+ if (!-f $request_filename) {
+ rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last;
+ }
+ }
+
+ location ~* \.(zip|gz|gzip|bz2|csv|xml)$ {
+ add_header Cache-Control "no-store";
+ add_header X-Frame-Options "SAMEORIGIN";
+ expires off;
+
+ if (!-f $request_filename) {
+ rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last;
+ }
+ }
+
+ if (!-f $request_filename) {
+ rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last;
+ }
+
+ add_header X-Frame-Options "SAMEORIGIN";
+ }
+
+ location /media/ {
+ try_files $uri $uri/ /get.php?$args;
+
+ location ~ ^/media/theme_customization/.*\.xml {
+ deny all;
+ }
+
+ location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ {
+ add_header Cache-Control "public";
+ add_header X-Frame-Options "SAMEORIGIN";
+ expires +1y;
+ try_files $uri $uri/ /get.php?$args;
+ }
+
+ location ~* \.(zip|gz|gzip|bz2|csv|xml)$ {
+ add_header Cache-Control "no-store";
+ add_header X-Frame-Options "SAMEORIGIN";
+ expires off;
+ try_files $uri $uri/ /get.php?$args;
+ }
+
+ add_header X-Frame-Options "SAMEORIGIN";
+ }
+
+ location /media/customer/ {
+ deny all;
+ }
+
+ location /media/downloadable/ {
+ deny all;
+ }
+
+ location /media/import/ {
+ deny all;
+ }
+
+ # PHP entry point for main application
+ location ~ (index|get|static|report|404|503)\.php$ {
+ try_files $uri =404;
+
+ fastcgi_pass %backend_lsnr%;
+ fastcgi_buffers 1024 4k;
+ fastcgi_read_timeout 600s;
+ fastcgi_connect_timeout 600s;
+
+ fastcgi_index index.php;
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ include /etc/nginx/fastcgi_params;
+ }
+
+ gzip on;
+ gzip_disable "msie6";
+
+ gzip_comp_level 6;
+ gzip_min_length 1100;
+ gzip_buffers 16 8k;
+ gzip_proxied any;
+ gzip_types
+ text/plain
+ text/css
+ text/js
+ text/xml
+ text/javascript
+ application/javascript
+ application/x-javascript
+ application/json
+ application/xml
+ application/xml+rss
+ image/svg+xml;
+ gzip_vary on;
+
+ # Banned locations (only reached if the earlier PHP entry point regexes don't match)
+ location ~* (\.php$|\.htaccess$|\.git) {
+ deny all;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/conf/web/%domain%.auth*;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/magento.tpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/magento.tpl
new file mode 100644
index 00000000..3f292fff
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/magento.tpl
@@ -0,0 +1,194 @@
+server {
+ listen %ip%:%web_port%;
+ server_name %domain_idn% %alias_idn%;
+
+ root %docroot%/pub;
+ index index.php;
+ autoindex off;
+ charset UTF-8;
+ error_page 404 403 = /errors/404.php;
+ add_header "X-UA-Compatible" "IE=Edge";
+
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+
+ # PHP entry point for setup application
+ location ~* ^/setup($|/) {
+ root %docroot%;
+
+ location ~ ^/setup/index.php {
+ fastcgi_pass %backend_lsnr%;
+ fastcgi_index index.php;
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ include /etc/nginx/fastcgi_params;
+ }
+
+ location ~ ^/setup/(?!pub/). {
+ deny all;
+ }
+
+ location ~ ^/setup/pub/ {
+ add_header X-Frame-Options "SAMEORIGIN";
+ }
+ }
+
+ # PHP entry point for update application
+ location ~* ^/update($|/) {
+ root %docroot%;
+
+ location ~ ^/update/index.php {
+ fastcgi_split_path_info ^(/update/index.php)(/.+)$;
+ fastcgi_pass %backend_lsnr%;
+ fastcgi_index index.php;
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ fastcgi_param PATH_INFO $fastcgi_path_info;
+ include /etc/nginx/fastcgi_params;
+ }
+
+ # Deny everything but index.php
+ location ~ ^/update/(?!pub/). {
+ deny all;
+ }
+
+ location ~ ^/update/pub/ {
+ add_header X-Frame-Options "SAMEORIGIN";
+ }
+ }
+
+ location / {
+ try_files $uri $uri/ /index.php?$args;
+ }
+
+ location /pub/ {
+ location ~ ^/pub/media/(downloadable|customer|import|theme_customization/.*\.xml) {
+ deny all;
+ }
+
+ alias %docroot%/pub/;
+ add_header X-Frame-Options "SAMEORIGIN";
+ }
+
+ location /static/ {
+ # Uncomment the following line in production mode
+ # expires max;
+
+ # Remove signature of the static files that is used to overcome the browser cache
+ location ~ ^/static/version {
+ rewrite ^/static/(version\d*/)?(.*)$ /static/$2 last;
+ }
+
+ location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ {
+ add_header Cache-Control "public";
+ add_header X-Frame-Options "SAMEORIGIN";
+ expires +1y;
+
+ if (!-f $request_filename) {
+ rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last;
+ }
+ }
+
+ location ~* \.(zip|gz|gzip|bz2|csv|xml)$ {
+ add_header Cache-Control "no-store";
+ add_header X-Frame-Options "SAMEORIGIN";
+ expires off;
+
+ if (!-f $request_filename) {
+ rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last;
+ }
+ }
+
+ if (!-f $request_filename) {
+ rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last;
+ }
+
+ add_header X-Frame-Options "SAMEORIGIN";
+ }
+
+ location /media/ {
+ try_files $uri $uri/ /get.php?$args;
+
+ location ~ ^/media/theme_customization/.*\.xml {
+ deny all;
+ }
+
+ location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ {
+ add_header Cache-Control "public";
+ add_header X-Frame-Options "SAMEORIGIN";
+ expires +1y;
+ try_files $uri $uri/ /get.php?$args;
+ }
+
+ location ~* \.(zip|gz|gzip|bz2|csv|xml)$ {
+ add_header Cache-Control "no-store";
+ add_header X-Frame-Options "SAMEORIGIN";
+ expires off;
+ try_files $uri $uri/ /get.php?$args;
+ }
+
+ add_header X-Frame-Options "SAMEORIGIN";
+ }
+
+ location /media/customer/ {
+ deny all;
+ }
+
+ location /media/downloadable/ {
+ deny all;
+ }
+
+ location /media/import/ {
+ deny all;
+ }
+
+ # PHP entry point for main application
+ location ~ (index|get|static|report|404|503)\.php$ {
+ try_files $uri =404;
+
+ fastcgi_pass %backend_lsnr%;
+ fastcgi_buffers 1024 4k;
+ fastcgi_read_timeout 600s;
+ fastcgi_connect_timeout 600s;
+
+ fastcgi_index index.php;
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ include /etc/nginx/fastcgi_params;
+ }
+
+ gzip on;
+ gzip_disable "msie6";
+
+ gzip_comp_level 6;
+ gzip_min_length 1100;
+ gzip_buffers 16 8k;
+ gzip_proxied any;
+ gzip_types
+ text/plain
+ text/css
+ text/js
+ text/xml
+ text/javascript
+ application/javascript
+ application/x-javascript
+ application/json
+ application/xml
+ application/xml+rss
+ image/svg+xml;
+ gzip_vary on;
+
+ # Banned locations (only reached if the earlier PHP entry point regexes don't match)
+ location ~* (\.php$|\.htaccess$|\.git) {
+ deny all;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/conf/web/%domain%.auth*;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/modx.stpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/modx.stpl
new file mode 100644
index 00000000..f410ab77
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/modx.stpl
@@ -0,0 +1,69 @@
+server {
+ listen %ip%:%web_ssl_port%;
+ server_name %domain_idn% %alias_idn%;
+ root %sdocroot%;
+ index index.php index.html index.htm;
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+
+ ssl on;
+ ssl_certificate %ssl_pem%;
+ ssl_certificate_key %ssl_key%;
+# if you need to rewrite www to non-www uncomment bellow
+# if ($host != '%domain%' ) {
+# rewrite ^/(.*)$ https://%domain%/$1 permanent;
+# }
+ location = /favicon.ico {
+ log_not_found off;
+ access_log off;
+ }
+
+ location = /robots.txt {
+ allow all;
+ log_not_found off;
+ access_log off;
+ }
+
+ location / {
+ try_files $uri $uri/ @rewrite;
+ location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+ expires max;
+ }
+ }
+ location @rewrite {
+ rewrite ^/(.*)$ /index.php?q=$1;
+ }
+
+ location ~ \.php$ {
+ try_files $uri =404;
+ fastcgi_pass %backend_lsnr%;
+ fastcgi_index index.php;
+ fastcgi_param SCRIPT_FILENAME $request_filename;
+ include /etc/nginx/fastcgi_params;
+ }
+
+ error_page 403 /error/404.html;
+ error_page 404 /error/404.html;
+ error_page 500 502 503 504 /error/50x.html;
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location ~* "/\.(htaccess|htpasswd)$" {
+ deny all;
+ return 404;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/conf/web/%domain%.auth*;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/modx.tpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/modx.tpl
new file mode 100644
index 00000000..342d3ecf
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/modx.tpl
@@ -0,0 +1,65 @@
+server {
+ listen %ip%:%web_port%;
+ server_name %domain_idn% %alias_idn%;
+ root %docroot%;
+ index index.php index.html index.htm;
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+# if you need to rewrite www to non-www uncomment bellow
+# if ($host != '%domain%' ) {
+# rewrite ^/(.*)$ http://%domain%/$1 permanent;
+# }
+ location = /favicon.ico {
+ log_not_found off;
+ access_log off;
+ }
+
+ location = /robots.txt {
+ allow all;
+ log_not_found off;
+ access_log off;
+ }
+
+ location / {
+ try_files $uri $uri/ @rewrite;
+ location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+ expires max;
+ }
+ }
+ location @rewrite {
+ rewrite ^/(.*)$ /index.php?q=$1;
+ }
+
+ location ~ \.php$ {
+ try_files $uri =404;
+ fastcgi_pass %backend_lsnr%;
+ fastcgi_index index.php;
+ fastcgi_param SCRIPT_FILENAME $request_filename;
+ include /etc/nginx/fastcgi_params;
+ }
+
+ error_page 403 /error/404.html;
+ error_page 404 /error/404.html;
+ error_page 500 502 503 504 /error/50x.html;
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location ~* "/\.(htaccess|htpasswd)$" {
+ deny all;
+ return 404;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/conf/web/%domain%.auth*;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/moodle.stpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/moodle.stpl
new file mode 100644
index 00000000..f15a68c5
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/moodle.stpl
@@ -0,0 +1,90 @@
+server {
+ listen %ip%:%web_ssl_port%;
+ server_name %domain_idn% %alias_idn%;
+ root %sdocroot%;
+ index index.php index.html index.htm;
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+
+ ssl on;
+ ssl_certificate %ssl_pem%;
+ ssl_certificate_key %ssl_key%;
+
+ rewrite ^/(.*\.php)(/)(.*)$ /$1?file=/$3 last;
+
+ location = /favicon.ico {
+ log_not_found off;
+ access_log off;
+ }
+
+ location = /robots.txt {
+ allow all;
+ log_not_found off;
+ access_log off;
+ }
+
+ location ~* \.(txt|log)$ {
+ allow 192.168.0.0/16;
+ deny all;
+ }
+
+ location ~ \..*/.*\.php$ {
+ return 403;
+ }
+
+ # No no for private
+ location ~ ^/sites/.*/private/ {
+ return 403;
+ }
+
+ # Block access to "hidden" files and directories whose names begin with a
+ # period. This includes directories used by version control systems such
+ # as Subversion or Git to store control files.
+ location ~ (^|/)\. {
+ return 403;
+ }
+
+ location / {
+ location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+ expires max;
+ }
+
+ location ~ [^/]\.php(/|$) {
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ if (!-f $document_root$fastcgi_script_name) {
+ return 404;
+ }
+
+ fastcgi_pass %backend_lsnr%;
+ fastcgi_index index.php;
+ fastcgi_param SCRIPT_FILENAME $request_filename;
+ fastcgi_intercept_errors on;
+ include /etc/nginx/fastcgi_params;
+ }
+ }
+
+ error_page 403 /error/404.html;
+ error_page 404 /error/404.html;
+ error_page 500 502 503 504 /error/50x.html;
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location ~* "/\.(htaccess|htpasswd)$" {
+ deny all;
+ return 404;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/conf/web/%domain%.auth*;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/moodle.tpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/moodle.tpl
new file mode 100644
index 00000000..c20ba648
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/moodle.tpl
@@ -0,0 +1,87 @@
+server {
+ listen %ip%:%web_port%;
+ server_name %domain_idn% %alias_idn%;
+ root %docroot%;
+ index index.php index.html index.htm;
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+
+ rewrite ^/(.*\.php)(/)(.*)$ /$1?file=/$3 last;
+
+ location = /favicon.ico {
+ log_not_found off;
+ access_log off;
+ }
+
+ location = /robots.txt {
+ allow all;
+ log_not_found off;
+ access_log off;
+ }
+
+ # Very rarely should these ever be accessed outside of your lan
+ location ~* \.(txt|log)$ {
+ allow 192.168.0.0/16;
+ deny all;
+ }
+
+ location ~ \..*/.*\.php$ {
+ return 403;
+ }
+
+ # No no for private
+ location ~ ^/sites/.*/private/ {
+ return 403;
+ }
+
+ # Block access to "hidden" files and directories whose names begin with a
+ # period. This includes directories used by version control systems such
+ # as Subversion or Git to store control files.
+ location ~ (^|/)\. {
+ return 403;
+ }
+
+ location / {
+ location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+ expires max;
+ }
+
+ location ~ [^/]\.php(/|$) {
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ if (!-f $document_root$fastcgi_script_name) {
+ return 404;
+ }
+
+ fastcgi_pass %backend_lsnr%;
+ fastcgi_index index.php;
+ fastcgi_param SCRIPT_FILENAME $request_filename;
+ fastcgi_intercept_errors on;
+ include /etc/nginx/fastcgi_params;
+ }
+ }
+
+ error_page 403 /error/404.html;
+ error_page 404 /error/404.html;
+ error_page 500 502 503 504 /error/50x.html;
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location ~* "/\.(htaccess|htpasswd)$" {
+ deny all;
+ return 404;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/conf/web/%domain%.auth*;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/no-php.stpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/no-php.stpl
new file mode 100644
index 00000000..bc8b53a3
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/no-php.stpl
@@ -0,0 +1,47 @@
+server {
+ listen %ip%:%web_ssl_port%;
+ server_name %domain_idn% %alias_idn%;
+ root %sdocroot%;
+ index index.php index.html index.htm;
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+
+ ssl on;
+ ssl_certificate %ssl_pem%;
+ ssl_certificate_key %ssl_key%;
+
+ types {
+ text/html html htm shtml php php5;
+ }
+
+ location / {
+ location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+ expires max;
+ }
+ }
+
+ error_page 403 /error/404.html;
+ error_page 404 /error/404.html;
+ error_page 500 502 503 504 /error/50x.html;
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location ~* "/\.(htaccess|htpasswd)$" {
+ deny all;
+ return 404;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/conf/web/%domain%.auth*;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/no-php.tpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/no-php.tpl
new file mode 100644
index 00000000..7ff8aa1d
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/no-php.tpl
@@ -0,0 +1,43 @@
+server {
+ listen %ip%:%web_port%;
+ server_name %domain_idn% %alias_idn%;
+ root %docroot%;
+ index index.php index.html index.htm;
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+
+ types {
+ text/html html htm shtml php php5;
+ }
+
+ location / {
+ location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+ expires max;
+ }
+ }
+
+ error_page 403 /error/404.html;
+ error_page 404 /error/404.html;
+ error_page 500 502 503 504 /error/50x.html;
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location ~* "/\.(htaccess|htpasswd)$" {
+ deny all;
+ return 404;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/conf/web/%domain%.auth*;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/odoo.stpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/odoo.stpl
new file mode 100644
index 00000000..d6697d7a
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/odoo.stpl
@@ -0,0 +1,70 @@
+server {
+ listen %ip%:%web_ssl_port%;
+ server_name %domain_idn% %alias_idn%;
+ root %sdocroot%;
+ index index.php index.html index.htm;
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+
+ ssl on;
+ ssl_certificate %ssl_pem%;
+ ssl_certificate_key %ssl_key%;
+
+ proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504;
+ proxy_redirect off;
+
+ proxy_set_header X-Forwarded-Host $host;
+ proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+ proxy_set_header X-Forwarded-Proto $scheme;
+ proxy_set_header X-Real-IP $remote_addr;
+
+ proxy_connect_timeout 720;
+ proxy_send_timeout 720;
+ proxy_read_timeout 720;
+ send_timeout 720;
+
+ # Allow "Well-Known URIs" as per RFC 5785
+ location ~* ^/.well-known/ {
+ allow all;
+ }
+
+ location / {
+ proxy_pass http://127.0.0.1:8069;
+ }
+
+ location /longpolling {
+ proxy_pass http://127.0.0.1:8072;
+ }
+
+ location ~* /web/static/ {
+ proxy_cache_valid 200 60m;
+ proxy_buffering on;
+ expires 864000;
+ proxy_pass http://127.0.0.1:8069;
+ }
+
+ error_page 403 /error/404.html;
+ error_page 404 /error/404.html;
+ error_page 500 502 503 504 /error/50x.html;
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location ~* "/\.(htaccess|htpasswd)$" {
+ deny all;
+ return 404;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/conf/web/%domain%.auth*;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/odoo.tpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/odoo.tpl
new file mode 100644
index 00000000..b1240aae
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/odoo.tpl
@@ -0,0 +1,66 @@
+server {
+ listen %ip%:%web_port%;
+ server_name %domain_idn% %alias_idn%;
+ root %docroot%;
+ index index.php index.html index.htm;
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+
+ proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504;
+ proxy_redirect off;
+
+ proxy_set_header X-Forwarded-Host $host;
+ proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+ proxy_set_header X-Forwarded-Proto $scheme;
+ proxy_set_header X-Real-IP $remote_addr;
+
+ proxy_connect_timeout 720;
+ proxy_send_timeout 720;
+ proxy_read_timeout 720;
+ send_timeout 720;
+
+ # Allow "Well-Known URIs" as per RFC 5785
+ location ~* ^/.well-known/ {
+ allow all;
+ }
+
+ location / {
+ proxy_pass http://127.0.0.1:8069;
+ }
+
+ location /longpolling {
+ proxy_pass http://127.0.0.1:8072;
+ }
+
+ location ~* /web/static/ {
+ proxy_cache_valid 200 60m;
+ proxy_buffering on;
+ expires 864000;
+ proxy_pass http://127.0.0.1:8069;
+ }
+
+ error_page 403 /error/404.html;
+ error_page 404 /error/404.html;
+ error_page 500 502 503 504 /error/50x.html;
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location ~* "/\.(htaccess|htpasswd)$" {
+ deny all;
+ return 404;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/conf/web/%domain%.auth*;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/opencart.stpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/opencart.stpl
new file mode 100644
index 00000000..908b9aeb
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/opencart.stpl
@@ -0,0 +1,59 @@
+server {
+ listen %ip%:%web_ssl_port%;
+ server_name %domain_idn% %alias_idn%;
+ root %sdocroot%;
+ index index.php index.html index.htm;
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+
+ ssl on;
+ ssl_certificate %ssl_pem%;
+ ssl_certificate_key %ssl_key%;
+
+ location / {
+ try_files $uri $uri/ @opencart;
+ location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+ expires max;
+ }
+
+ location ~ [^/]\.php(/|$) {
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ if (!-f $document_root$fastcgi_script_name) {
+ return 404;
+ }
+
+ fastcgi_pass %backend_lsnr%;
+ fastcgi_index index.php;
+ include /etc/nginx/fastcgi_params;
+ }
+ }
+
+ location @opencart {
+ rewrite ^/(.+)$ /index.php?_route_=$1 last;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/conf/web/%domain%.auth*;
+ }
+
+ error_page 403 /error/404.html;
+ error_page 404 /error/404.html;
+ error_page 500 502 503 504 /error/50x.html;
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location ~* "/\.(htaccess|htpasswd)$" {
+ deny all;
+ return 404;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/opencart.tpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/opencart.tpl
new file mode 100644
index 00000000..d0a9060b
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/opencart.tpl
@@ -0,0 +1,54 @@
+server {
+ listen %ip%:%web_port%;
+ server_name %domain_idn% %alias_idn%;
+ root %docroot%;
+ index index.php index.html index.htm;
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+ location / {
+ try_files $uri $uri/ @opencart;
+ location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+ expires max;
+ }
+
+ location ~ [^/]\.php(/|$) {
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ if (!-f $document_root$fastcgi_script_name) {
+ return 404;
+ }
+
+ fastcgi_pass %backend_lsnr%;
+ fastcgi_index index.php;
+ include /etc/nginx/fastcgi_params;
+ }
+ }
+
+ location @opencart {
+ rewrite ^/(.+)$ /index.php?_route_=$1 last;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/conf/web/%domain%.auth*;
+ }
+
+ error_page 403 /error/404.html;
+ error_page 404 /error/404.html;
+ error_page 500 502 503 504 /error/50x.html;
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location ~* "/\.(htaccess|htpasswd)$" {
+ deny all;
+ return 404;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/owncloud.stpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/owncloud.stpl
new file mode 100644
index 00000000..891566b9
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/owncloud.stpl
@@ -0,0 +1,85 @@
+server {
+ listen %ip%:%web_ssl_port%;
+ server_name %domain_idn% %alias_idn%;
+ root %sdocroot%;
+ index index.php index.html index.htm;
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+
+ ssl on;
+ ssl_certificate %ssl_pem%;
+ ssl_certificate_key %ssl_key%;
+
+ location = /favicon.ico {
+ log_not_found off;
+ access_log off;
+ }
+
+ location = /robots.txt {
+ allow all;
+ log_not_found off;
+ access_log off;
+ }
+
+ rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect;
+ rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect;
+ rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect;
+
+ error_page 403 = /core/templates/403.php;
+ error_page 404 = /core/templates/404.php;
+
+ location ~ ^/(?:\.htaccess|data|config|db_structure\.xml|README){
+ deny all;
+ }
+
+ location / {
+ # The following 2 rules are only needed with webfinger
+ rewrite ^/.well-known/host-meta /public.php?service=host-meta last;
+ rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last;
+ rewrite ^/.well-known/carddav /remote.php/carddav/ redirect;
+ rewrite ^/.well-known/caldav /remote.php/caldav/ redirect;
+ rewrite ^(/core/doc/[^\/]+/)$ $1/index.html;
+ try_files $uri $uri/ /index.php;
+
+ location ~ \.php(?:$|/) {
+ fastcgi_split_path_info ^(.+\.php)(/.+)$;
+ include /etc/nginx/fastcgi_params;
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ fastcgi_param PATH_INFO $fastcgi_path_info;
+ #fastcgi_param HTTPS on;
+ fastcgi_pass %backend_lsnr%;
+ }
+ }
+
+ location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+ expires max;
+ # Some basic cache-control for static files to be sent to the browser
+ add_header Pragma public;
+ add_header Cache-Control "public, must-revalidate, proxy-revalidate";
+ }
+
+ #error_page 403 /error/404.html;
+ #error_page 404 /error/404.html;
+ error_page 500 502 503 504 /error/50x.html;
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location ~* "/\.(htaccess|htpasswd)$" {
+ deny all;
+ return 404;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/conf/web/%domain%.auth*;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/owncloud.tpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/owncloud.tpl
new file mode 100644
index 00000000..e3ec31de
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/owncloud.tpl
@@ -0,0 +1,81 @@
+server {
+ listen %ip%:%web_port%;
+ server_name %domain_idn% %alias_idn%;
+ root %docroot%;
+ index index.php index.html index.htm;
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+
+ location = /favicon.ico {
+ log_not_found off;
+ access_log off;
+ }
+
+ location = /robots.txt {
+ allow all;
+ log_not_found off;
+ access_log off;
+ }
+
+ rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect;
+ rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect;
+ rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect;
+
+ error_page 403 = /core/templates/403.php;
+ error_page 404 = /core/templates/404.php;
+
+ location ~ ^/(?:\.htaccess|data|config|db_structure\.xml|README){
+ deny all;
+ }
+
+ location / {
+ # The following 2 rules are only needed with webfinger
+ rewrite ^/.well-known/host-meta /public.php?service=host-meta last;
+ rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last;
+ rewrite ^/.well-known/carddav /remote.php/carddav/ redirect;
+ rewrite ^/.well-known/caldav /remote.php/caldav/ redirect;
+ rewrite ^(/core/doc/[^\/]+/)$ $1/index.html;
+ try_files $uri $uri/ /index.php;
+
+ location ~ \.php(?:$|/) {
+ fastcgi_split_path_info ^(.+\.php)(/.+)$;
+ include /etc/nginx/fastcgi_params;
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ fastcgi_param PATH_INFO $fastcgi_path_info;
+ #fastcgi_param HTTPS on;
+ fastcgi_pass %backend_lsnr%;
+ }
+ }
+
+ location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+ expires max;
+ # Some basic cache-control for static files to be sent to the browser
+ add_header Pragma public;
+ add_header Cache-Control "public, must-revalidate, proxy-revalidate";
+ }
+
+ #error_page 403 /error/404.html;
+ #error_page 404 /error/404.html;
+ error_page 500 502 503 504 /error/50x.html;
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location ~* "/\.(htaccess|htpasswd)$" {
+ deny all;
+ return 404;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/conf/web/%domain%.auth*;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/piwik.stpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/piwik.stpl
new file mode 100644
index 00000000..78c1bb78
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/piwik.stpl
@@ -0,0 +1,73 @@
+server {
+ listen %ip%:%web_ssl_port%;
+ server_name %domain_idn% %alias_idn%;
+ root %sdocroot%;
+ index index.php index.html index.htm;
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+
+ ssl on;
+ ssl_certificate %ssl_pem%;
+ ssl_certificate_key %ssl_key%;
+
+ location = /favicon.ico {
+ try_files /favicon.ico =204;
+ }
+
+ location / {
+ try_files $uri /index.php;
+
+ location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+ valid_referers none blocked %domain_idn% %alias_idn%;
+ if ($invalid_referer) {
+ return 444;
+ }
+ expires max;
+ }
+
+ location ~* ^/(?:index|piwik)\.php$ {
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ if (!-f $document_root$fastcgi_script_name) {
+ return 404;
+ }
+
+ fastcgi_pass %backend_lsnr%;
+ include /etc/nginx/fastcgi_params;
+ }
+ }
+
+ # Any other attempt to access PHP files returns a 404.
+ location ~* ^.+\.php$ {
+ return 404;
+ }
+
+ # Return a 404 for all text files.
+ location ~* ^/(?:README|LICENSE[^.]*|LEGALNOTICE)(?:\.txt)*$ {
+ return 404;
+ }
+
+ error_page 403 /error/404.html;
+ error_page 404 /error/404.html;
+ error_page 500 502 503 504 /error/50x.html;
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location ~* "/\.(htaccess|htpasswd)$" {
+ deny all;
+ return 404;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/conf/web/%domain%.auth*;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/piwik.tpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/piwik.tpl
new file mode 100644
index 00000000..f94fb7de
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/piwik.tpl
@@ -0,0 +1,69 @@
+server {
+ listen %ip%:%web_port%;
+ server_name %domain_idn% %alias_idn%;
+ root %docroot%;
+ index index.php index.html index.htm;
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+
+ location = /favicon.ico {
+ try_files /favicon.ico =204;
+ }
+
+ location / {
+ try_files $uri /index.php;
+
+ location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+ valid_referers none blocked %domain_idn% %alias_idn%;
+ if ($invalid_referer) {
+ return 444;
+ }
+ expires max;
+ }
+
+ location ~* ^/(?:index|piwik)\.php$ {
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ if (!-f $document_root$fastcgi_script_name) {
+ return 404;
+ }
+
+ fastcgi_pass %backend_lsnr%;
+ include /etc/nginx/fastcgi_params;
+ }
+ }
+
+ # Any other attempt to access PHP files returns a 404.
+ location ~* ^.+\.php$ {
+ return 404;
+ }
+
+ # Return a 404 for all text files.
+ location ~* ^/(?:README|LICENSE[^.]*|LEGALNOTICE)(?:\.txt)*$ {
+ return 404;
+ }
+
+ error_page 403 /error/404.html;
+ error_page 404 /error/404.html;
+ error_page 500 502 503 504 /error/50x.html;
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location ~* "/\.(htaccess|htpasswd)$" {
+ deny all;
+ return 404;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/conf/web/%domain%.auth*;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/pyrocms.stpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/pyrocms.stpl
new file mode 100644
index 00000000..5ffc9ed5
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/pyrocms.stpl
@@ -0,0 +1,66 @@
+server {
+ listen %ip%:%web_ssl_port%;
+ server_name %domain_idn% %alias_idn%;
+ root %sdocroot%/public;
+ index index.php index.html index.htm;
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+
+ ssl on;
+ ssl_certificate %ssl_pem%;
+ ssl_certificate_key %ssl_key%;
+
+ location /installer {
+ try_files $uri $uri/ /installer/index.php?$query_string;
+ }
+
+ location / {
+ try_files $uri $uri/ /index.php;
+
+ location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+ expires max;
+ }
+
+ location ~ [^/]\.php(/|$) {
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ if (!-f $document_root$fastcgi_script_name) {
+ return 404;
+ }
+
+ fastcgi_pass %backend_lsnr%;
+ fastcgi_index index.php;
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ include /etc/nginx/fastcgi_params;
+ }
+ }
+
+ location = /robots.txt { access_log off; log_not_found off; }
+ location = /favicon.ico { access_log off; log_not_found off; }
+ location ~ /\. { access_log off; log_not_found off; deny all; }
+ location ~ ~$ { access_log off; log_not_found off; deny all; }
+
+ error_page 403 /error/404.html;
+ error_page 404 /error/404.html;
+ error_page 500 502 503 504 /error/50x.html;
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location ~* "/\.(htaccess|htpasswd)$" {
+ deny all;
+ return 404;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/conf/web/%domain%.auth*;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/pyrocms.tpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/pyrocms.tpl
new file mode 100644
index 00000000..297fe0e8
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/pyrocms.tpl
@@ -0,0 +1,62 @@
+server {
+ listen %ip%:%web_port%;
+ server_name %domain_idn% %alias_idn%;
+ root %docroot%/public;
+ index index.php index.html index.htm;
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+
+ location /installer {
+ try_files $uri $uri/ /installer/index.php?$query_string;
+ }
+
+ location / {
+ try_files $uri $uri/ /index.php;
+
+ location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+ expires max;
+ }
+
+ location ~ [^/]\.php(/|$) {
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ if (!-f $document_root$fastcgi_script_name) {
+ return 404;
+ }
+
+ fastcgi_pass %backend_lsnr%;
+ fastcgi_index index.php;
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ include /etc/nginx/fastcgi_params;
+ }
+ }
+
+ location = /robots.txt { access_log off; log_not_found off; }
+ location = /favicon.ico { access_log off; log_not_found off; }
+ location ~ /\. { access_log off; log_not_found off; deny all; }
+ location ~ ~$ { access_log off; log_not_found off; deny all; }
+
+ error_page 403 /error/404.html;
+ error_page 404 /error/404.html;
+ error_page 500 502 503 504 /error/50x.html;
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location ~* "/\.(htaccess|htpasswd)$" {
+ deny all;
+ return 404;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/conf/web/%domain%.auth*;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/sendy.stpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/sendy.stpl
new file mode 100644
index 00000000..0b351000
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/sendy.stpl
@@ -0,0 +1,88 @@
+server {
+ listen %ip%:%web_ssl_port% ssl http2;
+ server_name %domain_idn% %alias_idn%;
+ ssl_certificate %ssl_pem%;
+ ssl_certificate_key %ssl_key%;
+ root %docroot%;
+ index index.php index.html index.htm;
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+
+ location = /favicon.ico {
+ log_not_found off;
+ access_log off;
+ }
+
+ location = /robots.txt {
+ allow all;
+ log_not_found off;
+ access_log off;
+ }
+
+ location ~* "/\.(htaccess|htpasswd|git|svn|DS_Store)$" {
+ deny all;
+ }
+
+ location ~ /(readme.html|license.txt) {
+ deny all;
+ }
+
+ if (!-f $request_filename){
+ rewrite ^/([a-zA-Z0-9-]+)$ /$1.php last;
+ }
+
+ location / {
+ try_files $uri $uri/ /index.php?$args;
+ location ~* ^.+\.(ogg|ogv|svg|svgz|swf|eot|otf|woff|mov|mp3|mp4|webm|flv|ttf|rss|atom|jpg|jpeg|gif|png|ico|bmp|mid|midi|wav|rtf|css|js|jar|pdf)$ {
+ expires 1d;
+ }
+
+ location ~ [^/]\.php(/|$) {
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ try_files $uri =404;
+ fastcgi_pass %backend_lsnr%;
+ fastcgi_index index.php;
+ include /etc/nginx/fastcgi_params;
+ }
+
+ location /l/ {
+ rewrite ^/l/([a-zA-Z0-9/]+)$ /l.php?i=$1 last;
+ }
+
+ location /t/ {
+ rewrite ^/t/([a-zA-Z0-9/]+)$ /t.php?i=$1 last;
+ }
+
+ location /w/ {
+ rewrite ^/w/([a-zA-Z0-9/]+)$ /w.php?i=$1 last;
+ }
+
+ location /unsubscribe/ {
+ rewrite ^/unsubscribe/(.*)$ /unsubscribe.php?i=$1 last;
+ }
+
+ location /subscribe/ {
+ rewrite ^/subscribe/(.*)$ /subscribe.php?i=$1 last;
+ }
+ }
+
+ error_page 403 /error/404.html;
+ error_page 404 /error/404.html;
+ error_page 500 502 503 504 /error/50x.html;
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/web/%domain%/stats/auth.conf*;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/sendy.tpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/sendy.tpl
new file mode 100644
index 00000000..b27b427d
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/sendy.tpl
@@ -0,0 +1,86 @@
+server {
+ listen %ip%:%web_port%;
+ server_name %domain_idn% %alias_idn%;
+ root %docroot%;
+ index index.php index.html index.htm;
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+
+ location = /favicon.ico {
+ log_not_found off;
+ access_log off;
+ }
+
+ location = /robots.txt {
+ allow all;
+ log_not_found off;
+ access_log off;
+ }
+
+ location ~* "/\.(htaccess|htpasswd|git|svn|DS_Store)$" {
+ deny all;
+ }
+
+ location ~ /(readme.html|license.txt) {
+ deny all;
+ }
+
+ if (!-f $request_filename){
+ rewrite ^/([a-zA-Z0-9-]+)$ /$1.php last;
+ }
+
+ location / {
+ try_files $uri $uri/ /index.php?$args;
+ location ~* ^.+\.(ogg|ogv|svg|svgz|swf|eot|otf|woff|mov|mp3|mp4|webm|flv|ttf|rss|atom|jpg|jpeg|gif|png|ico|bmp|mid|midi|wav|rtf|css|js|jar|pdf)$ {
+ expires 1d;
+ }
+
+ location ~ [^/]\.php(/|$) {
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ try_files $uri =404;
+ fastcgi_pass %backend_lsnr%;
+ fastcgi_index index.php;
+ include /etc/nginx/fastcgi_params;
+ }
+
+ location /l/ {
+ rewrite ^/l/([a-zA-Z0-9/]+)$ /l.php?i=$1 last;
+ }
+
+ location /t/ {
+ rewrite ^/t/([a-zA-Z0-9/]+)$ /t.php?i=$1 last;
+ }
+
+ location /w/ {
+ rewrite ^/w/([a-zA-Z0-9/]+)$ /w.php?i=$1 last;
+ }
+
+ location /unsubscribe/ {
+ rewrite ^/unsubscribe/(.*)$ /unsubscribe.php?i=$1 last;
+ }
+
+ location /subscribe/ {
+ rewrite ^/subscribe/(.*)$ /subscribe.php?i=$1 last;
+ }
+ }
+
+ error_page 403 /error/404.html;
+ error_page 404 /error/404.html;
+ error_page 500 502 503 504 /error/50x.html;
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/web/%domain%/stats/auth.conf*;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/wordpress.stpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/wordpress.stpl
new file mode 100644
index 00000000..5cb55311
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/wordpress.stpl
@@ -0,0 +1,55 @@
+server {
+ listen %ip%:%web_ssl_port%;
+ server_name %domain_idn% %alias_idn%;
+ root %sdocroot%;
+ index index.php index.html index.htm;
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+
+ ssl on;
+ ssl_certificate %ssl_pem%;
+ ssl_certificate_key %ssl_key%;
+
+ location / {
+
+ location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+ expires max;
+ }
+
+ location ~ [^/]\.php(/|$) {
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ if (!-f $document_root$fastcgi_script_name) {
+ return 404;
+ }
+
+ fastcgi_pass %backend_lsnr%;
+ fastcgi_index index.php;
+ include /etc/nginx/fastcgi_params;
+ }
+ }
+
+ error_page 403 /error/404.html;
+ error_page 404 /error/404.html;
+ error_page 500 502 503 504 /error/50x.html;
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location ~* "/\.(htaccess|htpasswd)$" {
+ deny all;
+ return 404;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/conf/web/%domain%.auth*;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/wordpress.tpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/wordpress.tpl
new file mode 100644
index 00000000..a8909efb
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/wordpress.tpl
@@ -0,0 +1,51 @@
+server {
+ listen %ip%:%web_port%;
+ server_name %domain_idn% %alias_idn%;
+ root %docroot%;
+ index index.php index.html index.htm;
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+
+ location / {
+
+ location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+ expires max;
+ }
+
+ location ~ [^/]\.php(/|$) {
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ if (!-f $document_root$fastcgi_script_name) {
+ return 404;
+ }
+
+ fastcgi_pass %backend_lsnr%;
+ fastcgi_index index.php;
+ include /etc/nginx/fastcgi_params;
+ }
+ }
+
+ error_page 403 /error/404.html;
+ error_page 404 /error/404.html;
+ error_page 500 502 503 504 /error/50x.html;
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location ~* "/\.(htaccess|htpasswd)$" {
+ deny all;
+ return 404;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/conf/web/%domain%.auth*;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/wordpress2.stpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/wordpress2.stpl
new file mode 100644
index 00000000..e0aeb524
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/wordpress2.stpl
@@ -0,0 +1,67 @@
+server {
+ listen %ip%:%web_ssl_port%;
+ server_name %domain_idn% %alias_idn%;
+ root %sdocroot%;
+ index index.php index.html index.htm;
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+
+ ssl on;
+ ssl_certificate %ssl_pem%;
+ ssl_certificate_key %ssl_key%;
+
+ location = /favicon.ico {
+ log_not_found off;
+ access_log off;
+ }
+
+ location = /robots.txt {
+ allow all;
+ log_not_found off;
+ access_log off;
+ }
+
+ location / {
+ try_files $uri $uri/ /index.php?$args;
+
+ location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+ expires max;
+ }
+
+ location ~ [^/]\.php(/|$) {
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ if (!-f $document_root$fastcgi_script_name) {
+ return 404;
+ }
+
+ fastcgi_pass %backend_lsnr%;
+ fastcgi_index index.php;
+ include /etc/nginx/fastcgi_params;
+ }
+ }
+
+ error_page 403 /error/404.html;
+ error_page 404 /error/404.html;
+ error_page 500 502 503 504 /error/50x.html;
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location ~* "/\.(htaccess|htpasswd)$" {
+ deny all;
+ return 404;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/conf/web/%domain%.auth*;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/snginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/wordpress2.tpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/wordpress2.tpl
new file mode 100644
index 00000000..bccb8b3d
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/wordpress2.tpl
@@ -0,0 +1,63 @@
+server {
+ listen %ip%:%web_port%;
+ server_name %domain_idn% %alias_idn%;
+ root %docroot%;
+ index index.php index.html index.htm;
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+
+ location = /favicon.ico {
+ log_not_found off;
+ access_log off;
+ }
+
+ location = /robots.txt {
+ allow all;
+ log_not_found off;
+ access_log off;
+ }
+
+ location / {
+ try_files $uri $uri/ /index.php?$args;
+
+ location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+ expires max;
+ }
+
+ location ~ [^/]\.php(/|$) {
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ if (!-f $document_root$fastcgi_script_name) {
+ return 404;
+ }
+
+ fastcgi_pass %backend_lsnr%;
+ fastcgi_index index.php;
+ include /etc/nginx/fastcgi_params;
+ }
+ }
+
+ error_page 403 /error/404.html;
+ error_page 404 /error/404.html;
+ error_page 500 502 503 504 /error/50x.html;
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location ~* "/\.(htaccess|htpasswd)$" {
+ deny all;
+ return 404;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/conf/web/%domain%.auth*;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/nginx.%domain%.conf*;
+}
diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl
new file mode 100644
index 00000000..0d933b30
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl
@@ -0,0 +1,72 @@
+server {
+ listen %ip%:%web_ssl_port%;
+ server_name %domain_idn% %alias_idn%;
+ root %docroot%;
+ index index.php index.html index.htm;
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+
+ ssl on;
+ ssl_certificate %ssl_pem%;
+ ssl_certificate_key %ssl_key%;
+
+ location = /favicon.ico {
+ log_not_found off;
+ access_log off;
+ }
+
+ location = /robots.txt {
+ allow all;
+ log_not_found off;
+ access_log off;
+ }
+
+ location / {
+ try_files $uri $uri/ /index.php?$args;
+
+ if (!-e $request_filename)
+ {
+ rewrite ^(.+)$ /index.php?q=$1 last;
+ }
+
+ location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+ expires max;
+ }
+
+ location ~ [^/]\.php(/|$) {
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ if (!-f $document_root$fastcgi_script_name) {
+ return 404;
+ }
+
+ fastcgi_pass %backend_lsnr%;
+ fastcgi_index index.php;
+ include /etc/nginx/fastcgi_params;
+ }
+ }
+
+ error_page 403 /error/404.html;
+ error_page 404 /error/404.html;
+ error_page 500 502 503 504 /error/50x.html;
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location ~* "/\.(htaccess|htpasswd)$" {
+ deny all;
+ return 404;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/web/%domain%/stats/auth.conf*;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/nginx.%domain_idn%.conf*;
+}
diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/wordpress2_rewrite.tpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/wordpress2_rewrite.tpl
new file mode 100644
index 00000000..39e366b7
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/wordpress2_rewrite.tpl
@@ -0,0 +1,67 @@
+server {
+ listen %ip%:%web_port%;
+ server_name %domain_idn% %alias_idn%;
+ root %docroot%;
+ index index.php index.html index.htm;
+ access_log /var/log/nginx/domains/%domain%.log combined;
+ access_log /var/log/nginx/domains/%domain%.bytes bytes;
+ error_log /var/log/nginx/domains/%domain%.error.log error;
+ location = /favicon.ico {
+ log_not_found off;
+ access_log off;
+ }
+
+ location = /robots.txt {
+ allow all;
+ log_not_found off;
+ access_log off;
+ }
+
+ location / {
+ try_files $uri $uri/ /index.php?$args;
+
+ if (!-e $request_filename)
+ {
+ rewrite ^(.+)$ /index.php?q=$1 last;
+ }
+
+ location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+ expires max;
+ }
+
+ location ~ [^/]\.php(/|$) {
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ if (!-f $document_root$fastcgi_script_name) {
+ return 404;
+ }
+
+ fastcgi_pass %backend_lsnr%;
+ fastcgi_index index.php;
+ include /etc/nginx/fastcgi_params;
+ }
+ }
+
+ error_page 403 /error/404.html;
+ error_page 404 /error/404.html;
+ error_page 500 502 503 504 /error/50x.html;
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location ~* "/\.(htaccess|htpasswd)$" {
+ deny all;
+ return 404;
+ }
+
+ location /vstats/ {
+ alias %home%/%user%/web/%domain%/stats/;
+ include %home%/%user%/web/%domain%/stats/auth.conf*;
+ }
+
+ include /etc/nginx/conf.d/phpmyadmin.inc*;
+ include /etc/nginx/conf.d/phppgadmin.inc*;
+ include /etc/nginx/conf.d/webmail.inc*;
+
+ include %home%/%user%/conf/web/nginx.%domain_idn%.conf*;
+}
diff --git a/install/ubuntu/18.04/templates/web/nginx/proxy_ip.tpl b/install/ubuntu/18.04/templates/web/nginx/proxy_ip.tpl
new file mode 100755
index 00000000..ae195617
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/nginx/proxy_ip.tpl
@@ -0,0 +1,9 @@
+server {
+ listen %ip%:%proxy_port% default;
+ server_name _;
+ #access_log /var/log/nginx/%ip%.log main;
+ location / {
+ proxy_pass http://%ip%:%web_port%;
+ }
+}
+
diff --git a/install/ubuntu/18.04/templates/web/php-fpm/default.tpl b/install/ubuntu/18.04/templates/web/php-fpm/default.tpl
new file mode 100644
index 00000000..209e1e43
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/php-fpm/default.tpl
@@ -0,0 +1,21 @@
+[%backend%]
+listen = 127.0.0.1:%backend_port%
+listen.allowed_clients = 127.0.0.1
+
+user = %user%
+group = %user%
+
+pm = ondemand
+pm.max_children = 4
+pm.max_requests = 4000
+pm.process_idle_timeout = 10s
+pm.status_path = /status
+
+php_admin_value[upload_tmp_dir] = /home/%user%/tmp
+php_admin_value[session.save_path] = /home/%user%/tmp
+
+env[HOSTNAME] = $HOSTNAME
+env[PATH] = /usr/local/bin:/usr/bin:/bin
+env[TMP] = /home/%user%/tmp
+env[TMPDIR] = /home/%user%/tmp
+env[TEMP] = /home/%user%/tmp
diff --git a/install/ubuntu/18.04/templates/web/php-fpm/no-php.tpl b/install/ubuntu/18.04/templates/web/php-fpm/no-php.tpl
new file mode 100644
index 00000000..047c33ed
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/php-fpm/no-php.tpl
@@ -0,0 +1,20 @@
+;[%backend%]
+;listen = /dev/null
+
+;user = %user%
+;group = %user%
+
+;listen.owner = %user%
+;listen.group = www-data
+
+;pm = ondemand
+;pm.max_children = 4
+;pm.max_requests = 4000
+;pm.process_idle_timeout = 10s
+;pm.status_path = /status
+
+;env[HOSTNAME] = $HOSTNAME
+;env[PATH] = /usr/local/bin:/usr/bin:/bin
+;env[TMP] = /home/%user%/tmp
+;env[TMPDIR] = /home/%user%/tmp
+;env[TEMP] = /home/%user%/tmp
diff --git a/install/ubuntu/18.04/templates/web/php-fpm/socket.tpl b/install/ubuntu/18.04/templates/web/php-fpm/socket.tpl
new file mode 100644
index 00000000..a0151084
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/php-fpm/socket.tpl
@@ -0,0 +1,24 @@
+[%backend%]
+listen = /var/run/php/%backend%.sock
+listen.allowed_clients = 127.0.0.1
+
+user = %user%
+group = %user%
+
+listen.owner = %user%
+listen.group = www-data
+
+pm = ondemand
+pm.max_children = 4
+pm.max_requests = 4000
+pm.process_idle_timeout = 10s
+pm.status_path = /status
+
+php_admin_value[upload_tmp_dir] = /home/%user%/tmp
+php_admin_value[session.save_path] = /home/%user%/tmp
+
+env[HOSTNAME] = $HOSTNAME
+env[PATH] = /usr/local/bin:/usr/bin:/bin
+env[TMP] = /home/%user%/tmp
+env[TMPDIR] = /home/%user%/tmp
+env[TEMP] = /home/%user%/tmp
diff --git a/install/ubuntu/18.04/templates/web/skel/document_errors/403.html b/install/ubuntu/18.04/templates/web/skel/document_errors/403.html
new file mode 100755
index 00000000..9c3f6baa
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/skel/document_errors/403.html
@@ -0,0 +1,29 @@
+
+
+ 403 — Forbidden
+
+
+
+
+
+
+ %domain%
+
+ 403
+ Forbidden
+
+ Unfortunately, you do not have permission to view this
+
+
+
+
diff --git a/install/ubuntu/18.04/templates/web/skel/document_errors/404.html b/install/ubuntu/18.04/templates/web/skel/document_errors/404.html
new file mode 100755
index 00000000..2cee7708
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/skel/document_errors/404.html
@@ -0,0 +1,28 @@
+
+
+ 404 — Not Found
+
+
+
+
+
+
+ %domain%
+ 404
+ Page Not Found
+
+ It seems that the page you were trying to reach does not exist anymore, or maybe it has just moved.
+ You can start again from the
home or go back to
previous page.
+
%domain%
+
+ 500
+ Internal Server Error
+
+ Sorry, something went wrong :(
+
+
+
+
diff --git a/install/ubuntu/18.04/templates/web/skel/public_html/index.html b/install/ubuntu/18.04/templates/web/skel/public_html/index.html
new file mode 100755
index 00000000..4f5bb724
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/skel/public_html/index.html
@@ -0,0 +1,26 @@
+
+
+ %domain% — Coming Soon
+
+
+
+
+
+
+ %domain%
+
+
+
+
+
diff --git a/install/ubuntu/18.04/templates/web/skel/public_html/robots.txt b/install/ubuntu/18.04/templates/web/skel/public_html/robots.txt
new file mode 100755
index 00000000..00ee83dc
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/skel/public_html/robots.txt
@@ -0,0 +1,3 @@
+# vestacp autogenerated robots.txt
+User-agent: *
+Crawl-delay: 10
diff --git a/install/ubuntu/18.04/templates/web/skel/public_shtml/index.html b/install/ubuntu/18.04/templates/web/skel/public_shtml/index.html
new file mode 100755
index 00000000..4f5bb724
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/skel/public_shtml/index.html
@@ -0,0 +1,26 @@
+
+
+ %domain% — Coming Soon
+
+
+
+
+
+
+ %domain%
+
+
+
+
+
diff --git a/install/ubuntu/18.04/templates/web/skel/public_shtml/robots.txt b/install/ubuntu/18.04/templates/web/skel/public_shtml/robots.txt
new file mode 100755
index 00000000..00ee83dc
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/skel/public_shtml/robots.txt
@@ -0,0 +1,3 @@
+# vestacp autogenerated robots.txt
+User-agent: *
+Crawl-delay: 10
diff --git a/install/ubuntu/18.04/templates/web/suspend/.htaccess b/install/ubuntu/18.04/templates/web/suspend/.htaccess
new file mode 100755
index 00000000..5a6df83f
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/suspend/.htaccess
@@ -0,0 +1,2 @@
+ErrorDocument 403 /index.html
+ErrorDocument 404 /index.html
diff --git a/install/ubuntu/18.04/templates/web/suspend/index.html b/install/ubuntu/18.04/templates/web/suspend/index.html
new file mode 100755
index 00000000..f2d04e1f
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/suspend/index.html
@@ -0,0 +1,25 @@
+
+
+ Website Suspended
+
+
+
+
+
+ SUSPENDED
+ This website has been suspended.
+
+ Please contact the technical support department.
+
+
+
diff --git a/install/ubuntu/18.04/templates/web/webalizer/webalizer.tpl b/install/ubuntu/18.04/templates/web/webalizer/webalizer.tpl
new file mode 100755
index 00000000..068adcfb
--- /dev/null
+++ b/install/ubuntu/18.04/templates/web/webalizer/webalizer.tpl
@@ -0,0 +1,110 @@
+HostName %domain_idn%
+LogFile /var/log/%web_system%/domains/%domain%.log
+OutputDir %home%/%user%/web/%domain%/stats
+HistoryName %home%/%user%/web/%domain%/stats/%domain%.hist
+Incremental yes
+IncrementalName %home%/%user%/web/%domain%/stats/%domain%.current
+PageType htm*
+PageType cgi
+PageType php
+PageType shtml
+DNSCache /var/lib/webalizer/dns_cache.db
+DNSChildren 10
+Quiet yes
+FoldSeqErr yes
+IndexAlias index.php
+HideURL *.gif
+HideURL *.GIF
+HideURL *.jpg
+HideURL *.JPG
+HideURL *.png
+HideURL *.PNG
+HideURL *.ra
+SearchEngine abcsearch. terms=
+SearchEngine alexa. q=
+SearchEngine alltheweb. q=
+SearchEngine alltheweb. query=
+SearchEngine alot. q=
+SearchEngine altavista. q=
+SearchEngine aolsearch. query=
+SearchEngine aport.ru r=
+SearchEngine ask. q=
+SearchEngine atlas.cz q=
+SearchEngine bbc. q=
+SearchEngine bing. q=
+SearchEngine blingo. q=
+SearchEngine blogs.yandex.ru text=
+SearchEngine btopenworld query=
+SearchEngine buscador.ya.com q=
+SearchEngine busca. q=
+SearchEngine business. query=
+SearchEngine centrum.cz q=
+SearchEngine chiff. q=
+SearchEngine clusty. query=
+SearchEngine comcast. q=
+SearchEngine crawler. q=
+SearchEngine cuil. q=
+SearchEngine dmoz. search=
+SearchEngine dogpile.com q=
+SearchEngine dpxml qkw=
+SearchEngine eureka. searchword=
+SearchEngine euroseek. string=
+SearchEngine exalead. q=
+SearchEngine excite search=
+SearchEngine ezilon. q=
+SearchEngine fastbrowsersearch. q=
+SearchEngine feedster.com q=
+SearchEngine fireball.de q=
+SearchEngine fireball. keyword=
+SearchEngine freeserve. q=
+SearchEngine gigablast. q=
+SearchEngine gogo.ru q=
+SearchEngine go.mail.ru q=
+SearchEngine google. q=
+SearchEngine hakia. q=
+SearchEngine hotbot. query=
+SearchEngine infoseek. qt=
+SearchEngine iwon searchfor=
+SearchEngine ixquick.com query=
+SearchEngine joeant. keywords=
+SearchEngine jyxo.cz s=
+SearchEngine looksmart. key=
+SearchEngine lycos. query=
+SearchEngine mamma. q=
+SearchEngine metacrawler q=
+SearchEngine msn. MT=
+SearchEngine msxml qkw=
+SearchEngine mysearch. searchfor=
+SearchEngine mywebsearch. searchfor=
+SearchEngine netscape. q=
+SearchEngine nigma.ru q=
+SearchEngine northernlight. qr=
+SearchEngine ntlworld. q=
+SearchEngine orange. q=
+SearchEngine overture. Keywords=
+SearchEngine punto.ru text=
+SearchEngine rambler. keyword=
+SearchEngine search.aol. q=
+SearchEngine search.babylon. q=
+SearchEngine search.centrum. phrase=
+SearchEngine search.conduit. q=
+SearchEngine search.earthlink q=
+SearchEngine search.icq. q=
+SearchEngine search.live.com q=
+SearchEngine search.rambler.ru words=
+SearchEngine search.winamp. q=
+SearchEngine searchy. q=
+SearchEngine seznam.cz w=
+SearchEngine snap. query=
+SearchEngine teoma. q=
+SearchEngine teradex.com q=
+SearchEngine ukplus key=
+SearchEngine verizon. q=
+SearchEngine virginmedia. q=
+SearchEngine voila. rdata=
+SearchEngine webcrawler searchText=
+SearchEngine web.search.naver. query=
+SearchEngine wisenut q=
+SearchEngine yahoo. p=
+SearchEngine yandex. text=
+SearchEngine yodao. q=
diff --git a/install/ubuntu/18.04/vsftpd/vsftpd.conf b/install/ubuntu/18.04/vsftpd/vsftpd.conf
new file mode 100644
index 00000000..034b016d
--- /dev/null
+++ b/install/ubuntu/18.04/vsftpd/vsftpd.conf
@@ -0,0 +1,27 @@
+anonymous_enable=NO
+local_enable=YES
+write_enable=YES
+local_umask=022
+anon_umask=022
+anon_upload_enable=NO
+dirmessage_enable=YES
+xferlog_enable=YES
+connect_from_port_20=YES
+xferlog_std_format=YES
+dual_log_enable=YES
+chroot_local_user=YES
+listen=YES
+pam_service_name=vsftpd
+userlist_enable=NO
+tcp_wrappers=YES
+force_dot_files=YES
+ascii_upload_enable=YES
+ascii_download_enable=YES
+allow_writeable_chroot=YES
+seccomp_sandbox=NO
+pasv_enable=YES
+pasv_min_port=12000
+pasv_max_port=12100
+max_per_ip=10
+max_clients=100
+use_localtime=YES