github/myvesta
1
0
Fork 0
mirror of https://github.com/myvesta/vesta synced 2025-08-14 18:49:21 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions

Merge branch 'backups' of github.com:moucho/vesta into backups

Browse source
This commit is contained in:
Marcos 2018-12-24 17:51:15 +01:00
commit 635107b804
641 changed files with 29438 additions and 4737 deletions
Download patch file Download diff file Expand all files Collapse all files

8
bin/v-add-backup-host
View file

@ -38,8 +38,8 @@ EOF
sftpc() {
expect -f "-" <<EOF "$@"
set count 0
spawn /usr/bin/sftp -o StrictHostKeyChecking=no -o \
Port=$port $user@$host
spawn "/usr/bin/sftp -o StrictHostKeyChecking=no -o \
Port=$port '$user@$host'"
expect {
"password:" {
send "$password\r"
@ -94,12 +94,14 @@ EOF
if [ "$type" != 'local' ];then
check_args '4' "$#" "TYPE HOST USERNAME PASSWORD [PATH] [PORT]"
is_format_valid 'host'
is_format_valid 'user' 'host' 'path' 'port'
is_password_valid
if [ "$type" = 'sftp' ]; then
which expect >/dev/null 2>&1
check_result $? "expect command not found" $E_NOTEXIST
fi
host "$host" >/dev/null 2>&1
check_result $? "host connection failed" "$E_CONNECT"
fi

4
bin/v-add-dns-on-web-alias
View file

@ -50,12 +50,12 @@ domain_lvl=$(echo "$alias" |grep -o "\." |wc -l)
# Adding second level domain
if [ "$domain_lvl" -eq 1 ] || [ "${#top_domain}" -le '6' ]; then
$BIN/v-add-dns-domain \
$user $alias $ip '' '' '' '' '' $restart >> /dev/null
$user $alias $ip '' '' '' '' '' '' '' '' $restart >> /dev/null
exit
fi
# Adding top-level domain and then its sub
$BIN/v-add-dns-domain $user $top_domain $ip '' '' '' '' $restart >> /dev/null
$BIN/v-add-dns-domain $user $top_domain $ip '' '' '' '' '' $restart >> /dev/null
# Checking top-level domain
if [ ! -e "$USER_DATA/dns/$top_domain.conf" ]; then

146
bin/v-add-letsencrypt-user
View file

@ -1,6 +1,6 @@
#!/bin/bash
# info: register letsencrypt user account
# options: USER [EMAIL]
# options: USER [TYPE]
#
# The function creates and register LetsEncript account key
@ -11,7 +11,7 @@
# Argument definition
user=$1
email=$2
type=${2-1}
key_size=4096
# Includes
@ -28,11 +28,17 @@ encode_base64() {
# Verifications #
#----------------------------------------------------------#
check_args '1' "$#" 'USER [EMAIL]'
check_args '1' "$#" 'USER [TYPE]'
is_format_valid 'user'
is_object_valid 'user' 'USER' "$user"
if [ -e "$USER_DATA/ssl/le.conf" ]; then
exit
source "$USER_DATA/ssl/le.conf"
if [ "$type" -eq 1 ] && [ ! -z "$EMAIL" ]; then
exit
fi
if [ "$type" -eq 2 ] && [ ! -z "$KID" ]; then
exit
fi
fi
@ -40,14 +46,29 @@ fi
# Action #
#----------------------------------------------------------#
api='https://acme-v01.api.letsencrypt.org'
if [ -z "$email" ]; then
# Defining LE API endpoint
if [ "$type" -eq 1 ]; then
api='https://acme-v01.api.letsencrypt.org'
else
api='https://acme-v02.api.letsencrypt.org'
fi
# Defining user email
if [ $type -eq 1 ]; then
email=$(get_user_value '$CONTACT')
fi
agreement=$(curl -s -I "$api/terms" |grep Location |cut -f 2 -d \ |tr -d '\r\n')
# Defining user agreement
if [ "$type" -eq 1 ]; then
agreement=$(curl -s -I "$api/terms" |grep Location |\
cut -f 2 -d \ |tr -d '\r\n')
else
#agreement=$(curl -s "$api/directory" |grep termsOfService |\
# cut -f 4 -d '"')
agreement=''
fi
# Generating key
# Generating user key
key="$USER_DATA/ssl/user.key"
if [ ! -e "$key" ]; then
openssl genrsa -out $key $key_size >/dev/null 2>&1
@ -55,41 +76,77 @@ if [ ! -e "$key" ]; then
fi
# Defining key exponent
exponent=$(openssl pkey -inform pem -in "$key" -noout -text_pub |\
grep Exponent: |cut -f 2 -d '(' |cut -f 1 -d ')' |sed -e 's/x//' |\
xxd -r -p |encode_base64)
if [ -z "$EXPONENT" ]; then
exponent=$(openssl pkey -inform pem -in "$key" -noout -text_pub |\
grep Exponent: |cut -f 2 -d '(' |cut -f 1 -d ')' |sed -e 's/x//' |\
xxd -r -p |encode_base64)
else
exponent="$EXPONENT"
fi
# Defining key modulus
modulus=$(openssl rsa -in "$key" -modulus -noout |\
sed -e 's/^Modulus=//' |xxd -r -p |encode_base64)
if [ -z "$MODULUS" ]; then
modulus=$(openssl rsa -in "$key" -modulus -noout |\
sed -e 's/^Modulus=//' |xxd -r -p |encode_base64)
else
modulus="$MODULUS"
fi
# Defining key thumb
thumb='{"e":"'$exponent'","kty":"RSA","n":"'"$modulus"'"}'
thumb="$(echo -n "$thumb" |openssl dgst -sha256 -binary |encode_base64)"
# Defining JWK token
jwk='{"e":"'$exponent'","kty":"RSA","n":"'"$modulus"'"}'
# Defining JWK header
header='{"e":"'$exponent'","kty":"RSA","n":"'"$modulus"'"}'
header='{"alg":"RS256","jwk":'"$header"'}'
# Defining key thumbnail
if [ -z "$THUMB" ]; then
thumb="$(echo -n "$jwk" |openssl dgst -sha256 -binary |encode_base64)"
else
thumb="$THUMB"
fi
# Requesting nonce
# Requesting ACME nonce
nonce=$(curl -s -I "$api/directory" |grep Nonce |cut -f 2 -d \ |tr -d '\r\n')
protected=$(echo -n '{"nonce":"'"$nonce"'"}' |encode_base64)
# Defining registration query
query='{"resource":"new-reg","contact":["mailto:'"$email"'"],'
query=$query'"agreement":"'$agreement'"}'
payload=$(echo -n "$query" |encode_base64)
# Defining payload and protected data for v1 and v2
if [ "$type" -eq 1 ]; then
header='{"alg":"RS256","jwk":'"$jwk"'}'
protected='{"nonce":"'"$nonce"'"}'
payload='{"resource":"new-reg","contact":["mailto:'"$email"'"],'
payload=$payload'"agreement":"'$agreement'"}'
else
protected='{"nonce": "'$nonce'",'
protected=''$protected' "url": "'$api/acme/new-acct'",'
protected=''$protected' "alg": "RS256", "jwk": '$jwk'}'
payload='{"termsOfServiceAgreed": true}'
fi
# Encoding data
protected=$(echo -n "$protected" |encode_base64)
payload=$(echo -n "$payload" |encode_base64)
# Signing request
signature=$(printf "%s" "$protected.$payload" |\
openssl dgst -sha256 -binary -sign "$key" |encode_base64)
data='{"header":'"$header"',"protected":"'"$protected"'",'
data=$data'"payload":"'"$payload"'","signature":"'"$signature"'"}'
openssl dgst -sha256 -binary -sign "$key" |\
encode_base64)
# Sending request to LetsEncrypt API
answer=$(curl -s -i -d "$data" "$api/acme/new-reg")
status=$(echo "$answer" |grep HTTP/1.1 |tail -n1 |cut -f2 -d ' ')
if [ "$type" -eq 1 ]; then
data='{"header":'"$header"',"protected":"'"$protected"'",'
data=$data'"payload":"'"$payload"'","signature":"'"$signature"'"}'
answer=$(curl -s -i -d "$data" "$api/acme/new-reg")
status=$(echo "$answer" |grep HTTP/1.1 |tail -n1 |cut -f2 -d ' ')
else
data='{"protected":"'"$protected"'",'
data=$data'"payload":"'"$payload"'",'
data=$data'"signature":"'"$signature"'"}'
answer=$(curl -s -i -d "$data" "$api/acme/new-acct" \
-H "Content-Type: application/jose+json")
status=$(echo "$answer" |grep HTTP/1.1 |tail -n1 |cut -f2 -d ' ')
kid=$(echo "$answer" |grep Location: |cut -f2 -d ' '|tr -d '\r')
fi
# Checking http answer status
if [[ "$status" -ne "201" ]] && [[ "$status" -ne "409" ]]; then
if [[ "${status:0:2}" -ne "20" ]] && [[ "$status" -ne "409" ]]; then
check_result $E_CONNECT "LetsEncrypt account registration $status"
fi
@ -99,12 +156,25 @@ fi
#----------------------------------------------------------#
# Adding le.conf
echo "EMAIL='$email'" > $USER_DATA/ssl/le.conf
echo "EXPONENT='$exponent'" >> $USER_DATA/ssl/le.conf
echo "MODULUS='$modulus'" >> $USER_DATA/ssl/le.conf
echo "THUMB='$thumb'" >> $USER_DATA/ssl/le.conf
chmod 660 $USER_DATA/ssl/le.conf
if [ ! -e "$USER_DATA/ssl/le.conf" ]; then
echo "EXPONENT='$exponent'" > $USER_DATA/ssl/le.conf
echo "MODULUS='$modulus'" >> $USER_DATA/ssl/le.conf
echo "THUMB='$thumb'" >> $USER_DATA/ssl/le.conf
if [ "$type" -eq 1 ]; then
echo "EMAIL='$email'" >> $USER_DATA/ssl/le.conf
else
echo "KID='$kid'" >> $USER_DATA/ssl/le.conf
fi
chmod 660 $USER_DATA/ssl/le.conf
else
if [ "$type" -eq 1 ]; then
sed -i '/^EMAIL=/d' $USER_DATA/ssl/le.conf
echo "EMAIL='$email'" >> $USER_DATA/ssl/le.conf
else
sed -i '/^KID=/d' $USER_DATA/ssl/le.conf
echo "KID='$kid'" >> $USER_DATA/ssl/le.conf
fi
fi
# Logging
log_event "$OK" "$ARGUMENTS"

22
bin/v-add-user-package
View file

@ -30,37 +30,37 @@ is_package_new() {
is_package_consistent() {
source $pkg_dir/$package.pkg
if [ "$WEB_DOMAINS" != 'unlimited' ]; then
is_format_valid_int $WEB_DOMAINS 'WEB_DOMAINS'
is_int_format_valid $WEB_DOMAINS 'WEB_DOMAINS'
fi
if [ "$WEB_ALIASES" != 'unlimited' ]; then
is_format_valid_int $WEB_ALIASES 'WEB_ALIASES'
is_int_format_valid $WEB_ALIASES 'WEB_ALIASES'
fi
if [ "$DNS_DOMAINS" != 'unlimited' ]; then
is_format_valid_int $DNS_DOMAINS 'DNS_DOMAINS'
is_int_format_valid $DNS_DOMAINS 'DNS_DOMAINS'
fi
if [ "$DNS_RECORDS" != 'unlimited' ]; then
is_format_valid_int $DNS_RECORDS 'DNS_RECORDS'
is_int_format_valid $DNS_RECORDS 'DNS_RECORDS'
fi
if [ "$MAIL_DOMAINS" != 'unlimited' ]; then
is_format_valid_int $MAIL_DOMAINS 'MAIL_DOMAINS'
is_int_format_valid $MAIL_DOMAINS 'MAIL_DOMAINS'
fi
if [ "$MAIL_ACCOUNTS" != 'unlimited' ]; then
is_format_valid_int $MAIL_ACCOUNTS 'MAIL_ACCOUNTS'
is_int_format_valid $MAIL_ACCOUNTS 'MAIL_ACCOUNTS'
fi
if [ "$DATABASES" != 'unlimited' ]; then
is_format_valid_int $DATABASES 'DATABASES'
is_int_format_valid $DATABASES 'DATABASES'
fi
if [ "$CRON_JOBS" != 'unlimited' ]; then
is_format_valid_int $CRON_JOBS 'CRON_JOBS'
is_int_format_valid $CRON_JOBS 'CRON_JOBS'
fi
if [ "$DISK_QUOTA" != 'unlimited' ]; then
is_format_valid_int $DISK_QUOTA 'DISK_QUOTA'
is_int_format_valid $DISK_QUOTA 'DISK_QUOTA'
fi
if [ "$BANDWIDTH" != 'unlimited' ]; then
is_format_valid_int $BANDWIDTH 'BANDWIDTH'
is_int_format_valid $BANDWIDTH 'BANDWIDTH'
fi
if [ "$BACKUPS" != 'unlimited' ]; then
is_format_valid_int $BACKUPS 'BACKUPS'
is_int_format_valid $BACKUPS 'BACKUPS'
fi
is_format_valid_shell $SHELL
}

7
bin/v-add-web-domain
View file

@ -113,9 +113,12 @@ if [ "$aliases" = 'none' ]; then
ALIAS=''
else
ALIAS="www.$domain"
if [ ! -z "$aliases" ]; then
ALIAS="$ALIAS,$aliases"
if [ -z "$aliases" ]; then
ALIAS="www.$domain"
else
ALIAS="$aliases"
fi
ip_alias=$(get_ip_alias $domain)
if [ ! -z "$ip_alias" ]; then
ALIAS="$ALIAS,$ip_alias"

36
bin/v-backup-user
View file

@ -68,8 +68,12 @@ while [ "$la" -ge "$BACKUP_LA_LIMIT" ]; do
(( ++i))
done
if [ -z "$BACKUP_TEMP" ]; then
BACKUP_TEMP=$BACKUP
fi
# Creating temporary directory
tmpdir=$(mktemp -p /tmp -d)
tmpdir=$(mktemp -p $BACKUP_TEMP -d)
if [ "$?" -ne 0 ]; then
echo "Can't create tmp dir $tmpdir" |$SENDMAIL -s "$subj" $email $notify
@ -212,6 +216,9 @@ if [ ! -z "$WEB_SYSTEM" ] && [ "$WEB" != '*' ]; then
cp $USER_DATA/ssl/$domain.* vesta/
fi
# Changin dir to documentroot
cd $HOMEDIR/$user/web/$domain
# Define exclude arguments
exlusion=$(echo -e "$WEB" |tr ',' '\n' |grep "^$domain:")
set -f
@ -220,9 +227,15 @@ if [ ! -z "$WEB_SYSTEM" ] && [ "$WEB" != '*' ]; then
if [ ! -z "$exlusion" ]; then
xdirs="$(echo -e "$exlusion" |tr ':' '\n' |grep -v $domain)"
for xpath in $xdirs; do
fargs+=(--exclude=$xpath/*)
echo "$(date "+%F %T") excluding directory $xpath"
msg="$msg\n$(date "+%F %T") excluding directory $xpath"
if [ -d "$xpath" ]; then
fargs+=(--exclude=$xpath/*)
echo "$(date "+%F %T") excluding directory $xpath"
msg="$msg\n$(date "+%F %T") excluding directory $xpath"
else
echo "$(date "+%F %T") excluding file $xpath"
msg="$msg\n$(date "+%F %T") excluding file $xpath"
fargs+=(--exclude=$xpath)
fi
done
fi
set +f
@ -387,14 +400,17 @@ if [ ! -z "$DB_SYSTEM" ] && [ "$DB" != '*' ]; then
grep "DB='$database'" $conf > vesta/db.conf
dump="$tmpdir/db/$database/$database.$TYPE.sql"
dumpgz="$tmpdir/db/$database/$database.$TYPE.sql.gz"
grants="$tmpdir/db/$database/conf/$database.$TYPE.$DBUSER"
case $TYPE in
mysql) dump_mysql_database ;;
pgsql) dump_pgsql_database ;;
esac
if [ ! -f "$dumpgz" ]; then
case $TYPE in
mysql) dump_mysql_database ;;
pgsql) dump_pgsql_database ;;
esac
# Compress dump
gzip -$BACKUP_GZIP $dump
# Compress dump
gzip -$BACKUP_GZIP $dump
fi
done
# Print total

3
bin/v-backup-users
View file

@ -28,6 +28,9 @@ if [ -z "$BACKUP_SYSTEM" ]; then
exit
fi
for user in $(grep '@' /etc/passwd |cut -f1 -d:); do
if [ ! -f "$VESTA/data/users/$user/user.conf" ]; then
continue;
fi
check_suspend=$(grep "SUSPENDED='no'" $VESTA/data/users/$user/user.conf)
log=$VESTA/log/backup.log
if [ ! -z "$check_suspend" ]; then

86
bin/v-change-sys-ip-nat
View file

@ -34,48 +34,72 @@ is_ip_valid "$ip"
# Action #
#----------------------------------------------------------#
# Changing nat ip
# Updating IP
if [ -z "$(grep NAT= $VESTA/data/ips/$ip)" ]; then
sed -i "s/^TIME/NAT='$nat_ip'\nTIME/g" $VESTA/data/ips/$ip
old=''
new=$nat_ip
else
update_ip_value '$NAT' "$nat_ip"
fi
# Check ftp system
if [ "$FTP_SYSTEM" = 'vsftpd' ]; then
# Find configuration
if [ -e '/etc/vsftpd/vsftpd.conf' ]; then
conf='/etc/vsftpd/vsftpd.conf'
fi
if [ -e '/etc/vsftpd.conf' ]; then
conf='/etc/vsftpd.conf'
fi
# Update config
if [ -z "$(grep pasv_address $conf)" ]; then
if [ ! -z "$nat_ip" ]; then
echo "pasv_address=$nat_ip" >> $conf
fi
else
if [ ! -z "$nat_ip" ]; then
sed -i "s/pasv_address=.*/pasv_address='$nat_ip'/g" $conf
else
sed -i "/pasv_address/d" $conf
fi
old=$(get_ip_value '$NAT')
new=$nat_ip
sed -i "s/NAT=.*/NAT='$new'/" $VESTA/data/ips/$ip
if [ -z "$nat_ip" ]; then
new=$ip
fi
fi
# Updating WEB configs
if [ ! -z "$old" ] && [ ! -z "$WEB_SYSTEM" ]; then
sed -i "s/$old/$new/" $VESTA/data/users/*/web.conf
for user in $(ls $VESTA/data/users/); do
$BIN/v-rebuild-web-domains $user no
done
$BIN/v-restart-dns $restart
fi
# Updating DNS configs
if [ ! -z "$old" ] && [ ! -z "$DNS_SYSTEM" ]; then
sed -i "s/$old/$new/" $VESTA/data/users/*/dns.conf
sed -i "s/$old/$new/" $VESTA/data/users/*/dns/*.conf
for user in $(ls $VESTA/data/users/); do
$BIN/v-rebuild-dns-domains $user no
done
$BIN/v-restart-dns $restart
fi
# Updating FTP
if [ ! -z "$old" ] && [ ! -z "$FTP_SYSTEM" ]; then
conf=$(find /etc -name $FTP_SYSTEM.conf)
if [ -e "$conf" ]; then
sed -i "s/$old/$new/g" $conf
if [ "$FTP_SYSTEM" = 'vsftpd' ]; then
check_pasv=$(grep pasv_address $conf)
if [ -z "$check_pasv" ] && [ ! -z "$nat_ip" ]; then
echo "pasv_address=$nat_ip" >> $conf
fi
if [ ! -z "$check_pasv" ] && [ -z "$nat_ip" ]; then
sed -i "/pasv_address/d" $conf
fi
if [ ! -z "$check_pasv" ] && [ ! -z "$nat_ip" ]; then
sed -i "s/pasv_address=.*/pasv_address='$nat_ip'/g" $conf
fi
fi
fi
$BIN/v-restart-ftp $restart
fi
# Updating firewall
if [ ! -z "$old" ] && [ ! -z "$FIREWALL_SYSTEM" ]; then
sed -i "s/$old/$new/g" $VESTA/data/firewall/*.conf
$BIN/v-update-firewall
fi
#----------------------------------------------------------#
# Vesta #
#----------------------------------------------------------#
# Restart ftp server
$BIN/v-restart-ftp $restart
check_result $? "FTP restart failed" >/dev/null
# Logging
log_history "changed associated nat address on $ip to $nat_ip" '' 'admin'
log_event "$OK" "$ARGUMENTS"

2
bin/v-change-web-domain-ip
View file

@ -49,7 +49,7 @@ is_ip_valid "$ip" "$user"
# Preparing variables for vhost replace
get_domain_values 'web'
old=$(get_real_ip $IP)
new=$ip
new=$(get_real_ip $ip)
# Replacing vhost
replace_web_config "$WEB_SYSTEM" "$TPL.tpl"

10
bin/v-list-letsencrypt-user
View file

@ -23,7 +23,8 @@ json_list() {
"EMAIL": "'$EMAIL'",
"EXPONENT": "'$EXPONENT'",
"MODULUS": "'$MODULUS'",
"THUMB: "'$THUMB'"
"THUMB": "'$THUMB'",
"KID": "'$KID'"
}'
echo '}'
}
@ -35,17 +36,18 @@ shell_list() {
echo "THUMB: $THUMB"
echo "EXPONENT: $EXPONENT"
echo "MODULUS: $MODULUS"
echo "KID: $KID"
}
# PLAIN list function
plain_list() {
echo -e "$user\t$EMAIL\t$EXPONENT\t$MODULUS\t$THUMB"
echo -e "$user\t$EMAIL\t$EXPONENT\t$MODULUS\t$THUMB\t$KID"
}
# CSV list function
csv_list() {
echo "USER,EMAIL,EXPONENT,MODULUS,THUMB"
echo "$user,$EMAIL,$EXPONENT,$MODULUS,$THUMB"
echo "USER,EMAIL,EXPONENT,MODULUS,THUMB,KID"
echo "$user,$EMAIL,$EXPONENT,$MODULUS,$THUMB,$KID"
}

25
bin/v-list-users
View file

@ -15,9 +15,14 @@ format=${1-shell}
# JSON list function
json_list() {
echo '{'
object_count=$(grep '@' /etc/passwd |wc -l)
i=1
while read USER; do
if [ ! -f "$VESTA/data/users/$USER/user.conf" ]; then
continue;
fi
if [ $i -gt 1 ]; then
echo ","
fi
source $VESTA/data/users/$USER/user.conf
echo -n ' "'$USER'": {
"FNAME": "'$FNAME'",
@ -74,14 +79,8 @@ json_list() {
"TIME": "'$TIME'",
"DATE": "'$DATE'"
}'
if [ "$i" -lt "$object_count" ]; then
echo ','
else
echo
fi
((i++))
done < <(grep '@' /etc/passwd |cut -f1 -d:)
echo '}'
}
@ -90,6 +89,9 @@ shell_list() {
echo "USER PKG WEB DNS MAIL DB DISK BW SPND DATE"
echo "---- --- --- --- --- -- ---- -- ---- ----"
while read USER; do
if [ ! -f "$VESTA/data/users/$USER/user.conf" ]; then
continue;
fi
source $VESTA/data/users/$USER/user.conf
echo -n "$USER $PACKAGE $U_WEB_DOMAINS $U_DNS_DOMAINS $U_MAIL_DOMAINS"
echo " $U_DATABASES $U_DISK $U_BANDWIDTH $SUSPENDED $DATE"
@ -99,6 +101,9 @@ shell_list() {
# PLAIN list function
plain_list() {
while read USER; do
if [ ! -f "$VESTA/data/users/$USER/user.conf" ]; then
continue;
fi
source $VESTA/data/users/$USER/user.conf
echo -ne "$USER\t$FNAME\t$LNAME\t$PACKAGE\t$WEB_TEMPLATE\t"
echo -ne "$BACKEND_TEMPLATE\t$PROXY_TEMPLATE\t$DNS_TEMPLATE\t"
@ -131,6 +136,9 @@ csv_list() {
echo -n "U_MAIL_DOMAINS,U_MAIL_DKIM,U_MAIL_ACCOUNTS,U_DATABASES"
echo "U_CRON_JOBS,U_BACKUPS,LANGUAGE,TIME,DATE"
while read USER; do
if [ ! -f "$VESTA/data/users/$USER/user.conf" ]; then
continue;
fi
source $VESTA/data/users/$USER/user.conf
echo -n "$USER,\"$FNAME\",\"$LNAME\",$PACKAGE,$WEB_TEMPLATE,"
echo -n "$BACKEND_TEMPLATE,$PROXY_TEMPLATE,$DNS_TEMPLATE,"
@ -151,6 +159,9 @@ csv_list() {
# Raw list function
raw_list() {
while read USER; do
if [ ! -f "$VESTA/data/users/$USER/user.conf" ]; then
continue;
fi
echo $VESTA/data/users/$USER/user.conf
cat $VESTA/data/users/$USER/user.conf
done < <(grep '@' /etc/passwd |cut -f1 -d:)

1
bin/v-list-web-domain-ssl
View file

@ -19,6 +19,7 @@ source $VESTA/func/main.sh
# JSON list function
json_list() {
issuer=$(echo "$issuer" |sed -e 's/"/\\"/g' -e "s/%quote%/'/g")
echo '{'
echo -e "\t\"$domain\": {"
echo " \"CRT\": \"$crt\","

5
bin/v-open-fs-config
View file

@ -35,6 +35,11 @@ if [ ! -z "$src_file" ]; then
echo "Error: invalid source path $src_file"
exit 2
fi
spath=$(echo "$rpath" |egrep "/etc|/var/lib")
if [ -z "$spath" ]; then
echo "Error: invalid source path $src_file"
exit 2
fi
fi
# Reading conf

4
bin/v-rebuild-web-domains
View file

@ -37,7 +37,7 @@ is_object_unsuspended 'user' 'USER' "$user"
#----------------------------------------------------------#
# Deleting old web configs
sed -i "/.*\/$user\//d" /etc/$WEB_SYSTEM/conf.d/vesta.conf
sed -i "/.*\/$user\/conf\/web\//d" /etc/$WEB_SYSTEM/conf.d/vesta.conf
if [ -e "$HOMEDIR/$user/conf/web/$WEB_SYSTEM.conf" ]; then
rm $HOMEDIR/$user/conf/web/$WEB_SYSTEM.conf
fi
@ -47,7 +47,7 @@ fi
# Deleting old proxy configs
if [ ! -z "$PROXY_SYSTEM" ]; then
sed -i "/.*\/$user\//d" /etc/$PROXY_SYSTEM/conf.d/vesta.conf
sed -i "/.*\/$user\/conf\/web\//d" /etc/$PROXY_SYSTEM/conf.d/vesta.conf
if [ -e "$HOMEDIR/$user/conf/web/$PROXY_SYSTEM.conf" ]; then
rm $HOMEDIR/$user/conf/web/$PROXY_SYSTEM.conf

6
bin/v-restore-user
View file

@ -229,8 +229,12 @@ while [ "$la" -ge "$BACKUP_LA_LIMIT" ]; do
(( ++i))
done
if [ -z "$BACKUP_TEMP" ]; then
BACKUP_TEMP=$BACKUP
fi
# Creating temporary directory
tmpdir=$(mktemp -p /tmp -d)
tmpdir=$(mktemp -p $BACKUP_TEMP -d)
if [ "$?" -ne 0 ]; then
echo "Can't create tmp dir $tmpdir" |$SENDMAIL -s "$subj" $email $notify
sed -i "/ $user /d" $VESTA/data/queue/backup.pipe

10
bin/v-suspend-dns-domain
View file

@ -41,6 +41,16 @@ is_object_unsuspended 'dns' 'DOMAIN' "$domain"
# Action #
#----------------------------------------------------------#
# Deleting system configs
if [[ "$DNS_SYSTEM" =~ named|bind ]]; then
if [ -e '/etc/named.conf' ]; then
dns_conf='/etc/named.conf'
else
dns_conf='/etc/bind/named.conf'
fi
sed -i "/\/$user\/conf\/dns\/$domain.db\"/d" $dns_conf
fi
#----------------------------------------------------------#
# Vesta #

14
bin/v-unsuspend-dns-domain
View file

@ -40,7 +40,21 @@ is_object_suspended 'dns' 'DOMAIN' "$domain"
# Action #
#----------------------------------------------------------#
# Creating system configs
if [[ "$DNS_SYSTEM" =~ named|bind ]]; then
if [ -e '/etc/named.conf' ]; then
dns_conf='/etc/named.conf'
dns_group='named'
else
dns_conf='/etc/bind/named.conf'
dns_group='bind'
fi
# Adding zone in named.conf
named="zone \"$domain_idn\" {type master; file"
named="$named \"$HOMEDIR/$user/conf/dns/$domain.db\";};"
echo "$named" >> $dns_conf
fi
#----------------------------------------------------------#
# Vesta #

17
bin/v-update-letsencrypt-ssl
View file

@ -25,13 +25,18 @@ source $VESTA/conf/vesta.conf
# Defining user list
users=$($BIN/v-list-users | tail -n+3 | awk '{ print $1 }')
lecounter=0
# Checking users
for user in $users; do
USER_DATA=$VESTA/data/users/$user
# Checking user certificates
lecounter=0
for domain in $(search_objects 'web' 'LETSENCRYPT' 'yes' 'DOMAIN'); do
# Working on Web domain check - if is suspended
webSuspended=$(grep "DOMAIN='$domain'" $USER_DATA/web.conf |grep "SUSPENDED='yes")
if [ ! -z "$webSuspended" ]; then
continue;
fi;
crt="$VESTA/data/users/$user/ssl/$domain.crt"
crt_data=$(openssl x509 -text -in "$crt")
expire=$(echo "$crt_data" |grep "Not After")
@ -42,6 +47,10 @@ for user in $users; do
expire=$((expire / 86400))
domain=$(basename $crt |sed -e "s/.crt$//")
if [[ "$expire" -lt 31 ]]; then
if [ $lecounter -gt 0 ]; then
sleep 10
fi
((lecounter++))
aliases=$(echo "$crt_data" |grep DNS:)
aliases=$(echo "$aliases" |sed -e "s/DNS://g" -e "s/,//")
aliases=$(echo "$aliases" |tr ' ' '\n' |sed "/^$/d")
@ -58,10 +67,6 @@ for user in $users; do
echo "$domain $msg"
fi
fi
if [ $lecounter -gt 0 ]; then
sleep 10
fi
((lecounter++))
fi
done
done

154
bin/v-update-sys-ip
View file

@ -1,6 +1,6 @@
#!/bin/bash
# info: update system ip
# options: [USER] [IP_STATUS]
# options: [NONE]
#
# The function scans configured ip in the system and register them with vesta
# internal database. This call is intended for use on vps servers, where ip is
@ -11,12 +11,10 @@
# Variable&Function #
#----------------------------------------------------------#
# Argument definition
user=${1-admin}
ip_status=${2-shared}
# Importing system variables
source /etc/profile
# Includes
source /etc/profile.d/vesta.sh
source $VESTA/func/main.sh
source $VESTA/func/ip.sh
source $VESTA/conf/vesta.conf
@ -26,87 +24,84 @@ source $VESTA/conf/vesta.conf
# Verifications #
#----------------------------------------------------------#
check_args '0' "$#" '[USER] [IP_STATUS]'
is_format_valid 'user' 'ip_status'
is_object_valid 'user' 'USER' "$user" "$user"
#----------------------------------------------------------#
# Action #
#----------------------------------------------------------#
# Get list of ip addresses
ip_list=$(/sbin/ip addr|grep 'inet '|grep global|awk '{print $2}')
ip_list=$(echo "$ip_list"|cut -f 1 -d /)
ip_num=$(echo "$ip_list" | wc -l)
# Listing system ip addresses
ips=$(/sbin/ip addr |grep 'inet ' |grep global |awk '{print $2}' |cut -f1 -d/)
v_ips=$(ls $VESTA/data/ips/)
ip_num=$(echo "$ips" |wc -l)
v_ip_num=$(echo "$v_ips" |wc -l)
# WorkAround for DHCP IP address
vst_ip_list=$(ls $VESTA/data/ips/)
vst_ip_num=$(echo "$vst_ip_list" | wc -l)
if [ ! -z "$vst_ip_list" ] && [ "$vst_ip_num" -eq '1' ]; then
if [ $ip_num -eq 1 ] && [ "$ip_list" != "$vst_ip_list" ]; then
new=$ip_list
old=$vst_ip_list
mv $VESTA/data/ips/$old $VESTA/data/ips/$new
if [ ! -z "$PROXY_SYSTEM" ]; then
mv /etc/$PROXY_SYSTEM/conf.d/$old.conf \
/etc/$PROXY_SYSTEM/conf.d/$new.conf
sed -i "s/$old/$new/g" /etc/$PROXY_SYSTEM/conf.d/$new.conf
fi
if [ ! -z "$WEB_SYSTEM" ]; then
mv /etc/$WEB_SYSTEM/conf.d/$old.conf \
/etc/$WEB_SYSTEM/conf.d/$new.conf
sed -i "s/$old/$new/g" /etc/$WEB_SYSTEM/conf.d/$new.conf
sed -i "s/$old/$new/g" $VESTA/data/users/*/web.conf
# Rebuild web domains
for user in $(ls $VESTA/data/users/); do
$BIN/v-rebuild-web-domains $user no
done
fi
if [ ! -z "$FTP_SYSTEM" ];then
ftpd_conf_file=$(find /etc/ -maxdepth 2 -name $FTP_SYSTEM.conf)
sed -i "s/$old/$new/g" $ftpd_conf_file
fi
# Restarting web server
$BIN/v-restart-web
# Restarting ftp server
$BIN/v-restart-ftp
# Restarting proxy server
if [ ! -z "$PROXY_SYSTEM" ]; then
$BIN/v-restart-proxy
fi
# Restarting firewall
if [ ! -z "$FIREWALL_SYSTEM" ]; then
$BIN/v-update-firewall
fi
if [ ! -z "$DNS_SYSTEM" ]; then
# Rebuild dns domains
for user in $(ls $VESTA/data/users/); do
sed -i "s/$old/$new/g" $VESTA/data/users/$user/dns.conf
sed -i "s/$old/$new/g" $VESTA/data/users/$user/dns/*.conf
$BIN/v-rebuild-dns-domains $user no
done
$BIN/v-restart-dns
check_result $? "dns restart failed" >/dev/null
fi
# No further comparation is needed
exit
# Checking primary IP change
if [[ "$ip_num" -eq '1' ]] && [[ "$v_ip_num" -eq 1 ]]; then
if [ "$ips" != "$v_ips" ]; then
new=$ips
old=$v_ips
fi
fi
# Compare ips
for ip in $ip_list; do
# Updating configs
if [ ! -z "$new" ]; then
mv $VESTA/data/ips/$old $VESTA/data/ips/$new
# Updating PROXY
if [ ! -z "$PROXY_SYSTEM" ]; then
cd /etc/$PROXY_SYSTEM/conf.d
if [ -e "$old.conf" ]; then
mv $old.conf $new.conf
sed -i "s/$old/$new/g" $new.conf
fi
fi
# Updating WEB
if [ ! -z "$WEB_SYSTEM" ]; then
cd /etc/$WEB_SYSTEM/conf.d
if [ -e "$old.conf" ]; then
mv $old.conf $new.conf
sed -i "s/$old/$new/g" $new.conf
fi
sed -i "s/$old/$new/g" $VESTA/data/users/*/web.conf
for user in $(ls $VESTA/data/users/); do
$BIN/v-rebuild-web-domains $user no
done
$BIN/v-restart-proxy
$BIN/v-restart-web
fi
# Updating DNS
if [ ! -z "$DNS_SYSTEM" ]; then
sed -i "s/$old/$new/g" $VESTA/data/users/*/dns.conf
sed -i "s/$old/$new/g" $VESTA/data/users/*/dns/*.conf
for user in $(ls $VESTA/data/users/); do
$BIN/v-rebuild-dns-domains $user no
done
$BIN/v-restart-dns
fi
# Updating FTP
if [ ! -z "$FTP_SYSTEM" ] && [ "$FTP_SYSTEM" = 'vsftpd' ]; then
conf=$(find /etc/ -maxdepth 2 -name $FTP_SYSTEM.conf)
if [ ! -z "$conf" ]; then
sed -i "s/$old/$new/g" $conf
$BIN/v-restart-ftp
fi
fi
# Updating firewall
if [ ! -z "$FIREWALL_SYSTEM" ]; then
sed -i "s/$old/$new/g" $VESTA/data/firewall/*.conf
$BIN/v-update-firewall
fi
fi
# Adding system IP
for ip in $ips; do
check_ifconfig=$(/sbin/ifconfig |grep "$ip")
if [ ! -e "$VESTA/data/ips/$ip" ] && [ ! -z "$check_ifconfig" ]; then
interface=$(/sbin/ip addr |grep $ip |awk '{print $NF}'|uniq)
interface=$(/sbin/ip addr |grep $ip |awk '{print $NF}' |uniq)
interface=$(echo "$interface" |cut -f 1 -d : |head -n 1)
netmask=$(/sbin/ip addr |grep $ip |cut -f 2 -d / |cut -f 1 -d \ )
netmask=$(convert_cidr $netmask)
@ -114,12 +109,11 @@ for ip in $ip_list; do
fi
done
# Checking NAT
# Updating NAT
pub_ip=$(curl -s vestacp.com/what-is-my-ip/)
if [ ! -z "$pub_ip" ] && [ ! -e "$VESTA/data/ips/$pub_ip" ]; then
check_nat=$(grep -R "$pub_ip" $VESTA/data/ips/)
if [ -z "$check_nat" ]; then
ip=$(ls -t $VESTA/data/ips/|head -n1)
if [ ! -e "$VESTA/data/ips/$pub_ip" ]; then
if [ -z "$(grep -R "$pub_ip" $VESTA/data/ips/)" ]; then
ip=$(ls -t $VESTA/data/ips/ |head -n1)
$BIN/v-change-sys-ip-nat $ip $pub_ip
fi
fi

1
bin/v-update-user-counters
View file

@ -53,6 +53,7 @@ for user in $user_list; do
IP_OWNED=0
U_USERS=0
U_DISK=0
DISK=0
U_DISK_DIRS=$(get_user_value '$U_DISK_DIRS')
if [ -z "$U_DISK_DIRS" ]; then
U_DISK_DIRS=0

2
bin/v-update-user-quota
View file

@ -33,7 +33,7 @@ is_object_valid 'user' 'USER' "$user"
# Updating disk quota
# Had quota equals package value. Soft quota equals 90% of package value for warnings.
quota=$(get_user_value '$DISK_QUOTA')
soft=$(echo "$quota * 1024 * 0.90"|bc |cut -f 1 -d .)
soft=$(echo "$quota * 1024"|bc |cut -f 1 -d .)
hard=$(echo "$quota * 1024"|bc |cut -f 1 -d .)
# Searching home mount point

3
bin/v-update-user-stats
View file

@ -67,6 +67,9 @@ TOTAL_USERS=0
# Updating user stats
for user in $user_list; do
if [ ! -f "$VESTA/data/users/$user/user.conf" ]; then
continue;
fi
USER_DATA=$VESTA/data/users/$user
source $USER_DATA/user.conf
next_month=$(date +'%m/01/%y' -d '+ 1 month')