github/myvesta
1
0
Fork 0
mirror of https://github.com/myvesta/vesta synced 2025-08-21 05:44:08 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions

Merge pull request #1 from serghey-rodin/master

Browse source 
Bringing fork up to date
This commit is contained in:
Juho Räsänen 2019-02-12 22:01:27 +02:00 committed by GitHub
commit d60c2655ec
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3734 changed files with 222874 additions and 25359 deletions
Download patch file Download diff file Expand all files Collapse all files

6
.gitignore vendored Normal file
View file

@ -0,0 +1,6 @@
*.tar
*.zip
*.gzip
*.gz
.vscode
.DS_Store

23
ISSUE_TEMPLATE.md Normal file
View file

@ -0,0 +1,23 @@
### Operating System (OS/VERSION):
Type here, e.g. CentOS 6
### VestaCP Version:
Type here, e.g. 3.14159
### Installed Software (what you got with the installer):
Type here, e.g. php-fpm, apache, nginx, mysql
### Steps to Reproduce:
Type here, e.g. install vesta and type rm -rf / --no-preserve-root
### Related Issues/Forum Threads:
Found anything that might be related to this? It might help us find the cause.
### Other Notes:
Anything else?

0
LICENSE.txt → LICENSE
View file

25
README.md
View file

@ -1,29 +1,42 @@
[Vesta Control Panel](http://vestacp.com/) [Vesta Control Panel](http://vestacp.com/)
================================================== ==================================================
[![Join the chat at https://gitter.im/vesta-cp/Lobby](https://badges.gitter.im/vesta-cp/Lobby.svg)](https://gitter.im/vesta-cp/Lobby?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge)
* Vesta is an open source hosting control panel. * Vesta is an open source hosting control panel.
* Vesta has a clean and focused interface without the clutter. * Vesta has a clean and focused interface without the clutter.
* Vesta has the latest of very innovative technologies. * Vesta has the latest of very innovative technologies.
How to install (2 step)
How to install
---------------------------- ----------------------------
Connect to your server as root via SSH Connect to your server as root via SSH
```bash ```bash
ssh root@your.server ssh root@your.server
``` ```
Download the installation script Download the installation script, and run it:
```bash
curl http://vestacp.com/pub/vst-install.sh | bash
```
How to install (3 step)
----------------------------
If the above example does not work, try this 3 step method:
Connect to your server as root via SSH
```bash
ssh root@your.server
```
Download the installation script:
```bash ```bash
curl -O http://vestacp.com/pub/vst-install.sh curl -O http://vestacp.com/pub/vst-install.sh
``` ```
Then run it:
Run it
```bash ```bash
bash vst-install.sh bash vst-install.sh
``` ```
License License
---------------------------- ----------------------------
Vesta is licensed under [GPL v3 ](https://github.com/serghey-rodin/vesta/blob/master/LICENSE.txt) license Vesta is licensed under [GPL v3 ](https://github.com/serghey-rodin/vesta/blob/master/LICENSE) license

66
bin/v-acknowledge-user-notification Executable file
View file

@ -0,0 +1,66 @@
#!/bin/bash
# info: update user notification
# options: USER NOTIFICATION
#
# The function updates user notification.
#----------------------------------------------------------#
# Variable&Function #
#----------------------------------------------------------#
# Argument definition
user=$1
nid=$2
# Includes
source $VESTA/func/main.sh
source $VESTA/conf/vesta.conf
#----------------------------------------------------------#
# Verifications #
#----------------------------------------------------------#
check_args '2' "$#" 'USER NOTIFICATION'
is_format_valid 'user' 'nid'
is_object_valid 'user' 'USER' "$user"
#----------------------------------------------------------#
# Action #
#----------------------------------------------------------#
# Updating notification
update_object_value 'notifications' 'NID' "$nid" '$ACK' 'yes' 2>/dev/null
# Checking last notification
if [ -e "$USER_DATA/notifications.conf" ]; then
if [ -z "$(grep NID= $USER_DATA/notifications.conf)" ]; then
notice='no'
fi
if [ -z "$(grep "ACK='no'" $USER_DATA/notifications.conf)" ]; then
notice='no'
fi
else
notice='no'
fi
#----------------------------------------------------------#
# Vesta #
#----------------------------------------------------------#
# Updating notification counter
if [ "$notice" = 'no' ]; then
if [ -z "$(grep NOTIFICATIONS $USER_DATA/user.conf)" ]; then
sed -i "s/^TIME/NOTIFICATIONS='no'\nTIME/g" $USER_DATA/user.conf
else
update_user_value "$user" '$NOTIFICATIONS' "no"
fi
fi
# Logging
log_event "$OK" "$ARGUMENTS"
exit

67
bin/v-activate-vesta-license Executable file
View file

@ -0,0 +1,67 @@
#!/bin/bash
# info: activate vesta license
# options: MODULE LICENSE
#
# The function activates and registers the vesta license
#----------------------------------------------------------#
# Variable&Function #
#----------------------------------------------------------#
# Argument definition
module=$(echo $1 | tr '[:lower:]' '[:upper:]')
license=$2
# Importing system environment
source /etc/profile
# Includes
source $VESTA/func/main.sh
source $VESTA/conf/vesta.conf
#----------------------------------------------------------#
# Verifications #
#----------------------------------------------------------#
# Checking arg number
check_args '2' "$#" 'MODULE LICENSE'
#----------------------------------------------------------#
# Action #
#----------------------------------------------------------#
# Activating license
v_host='https://vestacp.com/checkout'
answer=$(curl -s $v_host/activate.php?licence_key=$license&module=$module)
check_result $? "cant' connect to vestacp.com " $E_CONNECT
# Checking server answer
if [[ "$answer" != '0' ]]; then
echo "Error: $module license $license is invalid"
exit $E_INVALID
fi
#----------------------------------------------------------#
# Vesta #
#----------------------------------------------------------#
# Updating vesta.conf
if [ -z "$(grep "${module}_KEY" $VESTA/conf/vesta.conf)" ]; then
echo "${module}_KEY='$license'" >> $VESTA/conf/vesta.conf
else
sed -i "s/${module}_KEY=.*/${module}_KEY='$license'/g" $VESTA/conf/vesta.conf
fi
# Activating sftpjail
if [ "$module" = 'SFTPJAIL' ]; then
setsid $BIN/v-add-sys-sftp-jail 2>/dev/null
fi
# Logging
log_event "$OK" "$ARGUMENTS"
exit

101
bin/v-add-backup-ftp-host
View file

@ -1,101 +0,0 @@
#!/bin/bash
# info: add backup ftp host
# options: HOST USERNAME PASSWORD [PATH] [PORT]
#
# The function adds ftp host for system backups
#----------------------------------------------------------#
# Variable&Function #
#----------------------------------------------------------#
# Argument defenition
host=$1
ftp_user=$2
ftp_password=$3
ftp_path=${4-/backup}
ftp_port=${5-21}
A3='******'
# Includes
source $VESTA/func/main.sh
source $VESTA/conf/vesta.conf
# Defining ftp command function
ftpc() {
ftp -p -n $host $ftp_port <<EOF
quote USER $ftp_user
quote PASS $ftp_password
binary
$1
$2
$3
quit
EOF
}
#----------------------------------------------------------#
# Verifications #
#----------------------------------------------------------#
check_args '3' "$#" "HOST USERNAME PASSWORD [PATH] [PORT]"
validate_format 'host' 'ftp_user' 'ftp_password'
#----------------------------------------------------------#
# Action #
#----------------------------------------------------------#
# Checking network connection
fconn=$(ftpc)
ferror=$(echo $fconn |grep -i -e failed -e error -e "Can't" -e "not conn")
if [ ! -z "$ferror" ]; then
echo "Error: can't login to ftp"
log_event "$E_CONNECT" "$EVENT"
exit $E_CONNECT
fi
# Checking write permissions
ftpc "mkdir $ftp_path" > /dev/null 2>&1
ftmpdir="$ftp_path/vst.bK76A9SUkt"
ftp_result=$(ftpc "mkdir $ftmpdir" "rm $ftmpdir"|grep -v Trying)
if [ ! -z "$ftp_result" ] ; then
echo "$ftp_result"
rm -rf $tmpdir
echo "Error: can't create temp folder on the ftp"
log_event "$E_FTP" "$EVENT"
exit $E_FTP
fi
# Adding backup host
echo "HOST='$host'
USERNAME='$ftp_user'
PASSWORD='$ftp_password'
BPATH='$ftp_path'
PORT='$ftp_port'
TIME='$TIME'
DATE='$DATE'" > $VESTA/conf/ftp.backup.conf
chmod 660 $VESTA/conf/ftp.backup.conf
#----------------------------------------------------------#
# Vesta #
#----------------------------------------------------------#
# Update vesta.conf
if [ -z "$(grep LANGUAGE $VESTA/conf/vesta.conf)" ]; then
echo "BACKUP_SYSTEM='ftp'" >> $VESTA/conf/vesta.conf
else
bckp=$(echo "$BACKUP_SYSTEM,ftp" |\
sed "s/,/\n/g"|\
sort -r -u |\
sed "/^$/d"|\
sed ':a;N;$!ba;s/\n/,/g')
sed -i "s/BACKUP_SYSTEM=.*/BACKUP_SYSTEM='$bckp'/g" $VESTA/conf/vesta.conf
fi
# Logging
log_event "$OK" "$EVENT"
exit

201
bin/v-add-backup-host Executable file
View file

@ -0,0 +1,201 @@
#!/bin/bash
# info: add backup host
# options: TYPE HOST USERNAME PASSWORD [PATH] [PORT]
#
# This function adds a backup host
#----------------------------------------------------------#
# Variable&Function #
#----------------------------------------------------------#
# Argument definition
type=$1
host=$2
user=$3
password=$4; HIDE=4
path=${5-/backup}
port=$6
# Includes
source $VESTA/func/main.sh
source $VESTA/conf/vesta.conf
# Defining ftp command function
ftpc() {
ftp -p -n $host $port <<EOF
quote USER $user
quote PASS $password
binary
$1
$2
$3
quit
EOF
}
# Defining sftp command function
sftpc() {
expect -f "-" <<EOF "$@"
set count 0
spawn "/usr/bin/sftp -o StrictHostKeyChecking=no -o \
Port=$port '$user@$host'"
expect {
"password:" {
send "$password\r"
exp_continue
}
-re "Couldn't|(.*)disconnect|(.*)stalled|(.*)not found" {
set count \$argc
set output "Disconnected."
set rc $E_FTP
exp_continue
}
-re ".*denied.*(publickey|password)." {
set output "Permission denied, wrong publickey or password."
set rc $E_CONNECT
}
"sftp>" {
if {\$count < \$argc} {
set arg [lindex \$argv \$count]
send "\$arg\r"
incr count
} else {
send "exit\r"
set output "Disconnected."
if {[info exists rc] != 1} {
set rc $OK
}
}
exp_continue
}
timeout {
set output "Connection timeout."
set rc $E_CONNECT
}
}
if {[info exists output] == 1} {
puts "\$output"
}
exit \$rc
EOF
}
#----------------------------------------------------------#
# Verifications #
#----------------------------------------------------------#
if [ "$type" != 'local' ];then
check_args '4' "$#" "TYPE HOST USERNAME PASSWORD [PATH] [PORT]"
is_format_valid 'user' 'host' 'path' 'port'
is_password_valid
if [ "$type" = 'sftp' ]; then
which expect >/dev/null 2>&1
check_result $? "expect command not found" $E_NOTEXIST
fi
host "$host" >/dev/null 2>&1
check_result $? "host connection failed" "$E_CONNECT"
fi
#----------------------------------------------------------#
# Action #
#----------------------------------------------------------#
# Checking network connection
if [ "$type" = 'ftp' ]; then
if [ -z $port ]; then
port=21
fi
fconn=$(ftpc 2>&1)
ferror=$(echo $fconn |\
grep -i -e failed -e error -e "can't" -e "not conn" -e "incorrect")
if [ ! -z "$ferror" ]; then
echo "Error: can't login to ftp $user@$host"
log_event "$E_CONNECT" "$ARGUMENTS"
exit $E_CONNECT
fi
# Checking write permissions
if [ -z $path ]; then
ftmpdir="vst.bK76A9SUkt"
else
ftpc "mkdir $path" > /dev/null 2>&1
ftmpdir="$path/vst.bK76A9SUkt"
fi
ftp_result=$(ftpc "mkdir $ftmpdir" "rm $ftmpdir"|grep -v Trying)
if [ ! -z "$ftp_result" ] ; then
echo "$ftp_result"
rm -rf $tmpdir
echo "Error: can't create $ftmpdir folder on the ftp"
log_event "$E_FTP" "$ARGUMENTS"
exit $E_FTP
fi
fi
if [ "$type" = 'sftp' ]; then
if [ -z $port ]; then
port=22
fi
if [ -z $path ]; then
sftmpdir="vst.bK76A9SUkt"
sftpc "mkdir $sftmpdir" "rmdir $sftmpdir" > /dev/null 2>&1
else
if sftpc "mkdir $path" > /dev/null 2>&1 ; then
sftmpdir="$path/vst.bK76A9SUkt"
sftpc "mkdir $sftmpdir" "rmdir $sftmpdir" > /dev/null 2>&1
else
sftmpdir="$path/vst.bK76A9SUkt"
sftpc "mkdir $sftmpdir" "rmdir $sftmpdir" > /dev/null 2>&1
fi
fi
rc=$?
if [[ "$rc" != 0 ]]; then
case $rc in
$E_CONNECT) echo "Error: can't login to sftp $user@$host";;
$E_FTP) echo "Error: can't create temp folder on the sftp host";;
esac
log_event "$rc" "$ARGUMENTS"
exit "$rc"
fi
fi
# Adding backup host
if [ $type != 'local' ]; then
time_n_date=$(date +'%T %F')
time=$(echo "$time_n_date" |cut -f 1 -d \ )
date=$(echo "$time_n_date" |cut -f 2 -d \ )
str="HOST='$host'\nUSERNAME='$user'\nPASSWORD='$password'"
str="$str\nBPATH='$path'\nPORT='$port'\nTIME='$time'\nDATE='$date'"
echo -e "$str" > $VESTA/conf/$type.backup.conf
chmod 660 $VESTA/conf/$type.backup.conf
fi
#----------------------------------------------------------#
# Vesta #
#----------------------------------------------------------#
# Update vesta.conf
if [ -z "$(grep BACKUP_SYSTEM $VESTA/conf/vesta.conf)" ]; then
echo "BACKUP_SYSTEM='$type'" >> $VESTA/conf/vesta.conf
else
bckp=$(echo "$BACKUP_SYSTEM,$type" |\
sed "s/,/\n/g"|\
sort -r -u |\
sed "/^$/d"|\
sed ':a;N;$!ba;s/\n/,/g')
sed -i "s/BACKUP_SYSTEM=.*/BACKUP_SYSTEM='$bckp'/g" $VESTA/conf/vesta.conf
fi
# Logging
log_event "$OK" "$ARGUMENTS"
exit

26
bin/v-add-cron-job
View file

@ -10,7 +10,7 @@
# Variable&Function # # Variable&Function #
#----------------------------------------------------------# #----------------------------------------------------------#
# Argument defenition # Argument definition
user=$1 user=$1
min=$2 min=$2
hour=$3 hour=$3
@ -25,8 +25,7 @@ restart=$9
source $VESTA/func/main.sh source $VESTA/func/main.sh
source $VESTA/conf/vesta.conf source $VESTA/conf/vesta.conf
# Assing new value HIDE=7
A7="$command"
#----------------------------------------------------------# #----------------------------------------------------------#
@ -34,13 +33,13 @@ A7="$command"
#----------------------------------------------------------# #----------------------------------------------------------#
check_args '7' "$#" 'USER MIN HOUR DAY MONTH WDAY COMMAND [JOB] [RESTART]' check_args '7' "$#" 'USER MIN HOUR DAY MONTH WDAY COMMAND [JOB] [RESTART]'
validate_format 'user' 'min' 'hour' 'day' 'month' 'wday' 'command' is_format_valid 'user' 'min' 'hour' 'day' 'month' 'wday' 'command'
is_system_enabled "$CRON_SYSTEM" 'CRON_SYSTEM' is_system_enabled "$CRON_SYSTEM" 'CRON_SYSTEM'
is_object_valid 'user' 'USER' "$user" is_object_valid 'user' 'USER' "$user"
is_object_unsuspended 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user"
is_package_full 'CRON_JOBS' is_package_full 'CRON_JOBS'
get_next_cronjob get_next_cronjob
validate_format 'job' is_format_valid 'job'
is_object_new 'cron' 'JOB' "$job" is_object_new 'cron' 'JOB' "$job"
@ -48,14 +47,19 @@ is_object_new 'cron' 'JOB' "$job"
# Action # # Action #
#----------------------------------------------------------# #----------------------------------------------------------#
# Generating timestamp
time_n_date=$(date +'%T %F')
time=$(echo "$time_n_date" |cut -f 1 -d \ )
date=$(echo "$time_n_date" |cut -f 2 -d \ )
# Concatenating cron string # Concatenating cron string
str="JOB='$job' MIN='$min' HOUR='$hour' DAY='$day' MONTH='$month' WDAY='$wday'" str="JOB='$job' MIN='$min' HOUR='$hour' DAY='$day' MONTH='$month' WDAY='$wday'"
str="$str CMD='$command' SUSPENDED='no' TIME='$TIME' DATE='$DATE'" str="$str CMD='$command' SUSPENDED='no' TIME='$time' DATE='$date'"
# Adding to crontab # Adding to crontab
echo "$str" >> $VESTA/data/users/$user/cron.conf echo "$str" >> $VESTA/data/users/$user/cron.conf
# Chaning permissions # Changing permissions
chmod 660 $VESTA/data/users/$user/cron.conf chmod 660 $VESTA/data/users/$user/cron.conf
# Sort jobs by id number # Sort jobs by id number
@ -72,14 +76,12 @@ sync_cron_jobs
# Increasing cron value # Increasing cron value
increase_user_value $user '$U_CRON_JOBS' increase_user_value $user '$U_CRON_JOBS'
# Restart crond # Restarting crond
$BIN/v-restart-cron $BIN/v-restart-cron
if [ $? -ne 0 ]; then check_result $? "Cron restart failed" >/dev/null
exit $E_RESTART
fi
# Logging # Logging
log_history "added cron job $job" log_history "added cron job $job"
log_event "$OK" "$EVENT" log_event "$OK" "$ARGUMENTS"
exit exit

43
bin/v-add-cron-letsencrypt-job Executable file
View file

@ -0,0 +1,43 @@
#!/bin/bash
# info: add letsencrypt cronjob
# options: NONE
#
# The script for enabling letsencrypt cronjob
#----------------------------------------------------------#
# Variable&Function #
#----------------------------------------------------------#
# Includes
source $VESTA/func/main.sh
source $VESTA/conf/vesta.conf
#----------------------------------------------------------#
# Verifications #
#----------------------------------------------------------#
is_system_enabled "$CRON_SYSTEM" 'CRON_SYSTEM'
#----------------------------------------------------------#
# Action #
#----------------------------------------------------------#
# Add cron job
cmd="sudo /usr/local/vesta/bin/v-update-sys-queue letsencrypt"
check_cron=$(grep "$cmd" $VESTA/data/users/admin/cron.conf 2> /dev/null)
if [ -z "$check_cron" ] && [ ! -z "$CRON_SYSTEM" ]; then
$BIN/v-add-cron-job admin '*/5' '*' '*' '*' '*' "$cmd"
fi
#----------------------------------------------------------#
# Vesta #
#----------------------------------------------------------#
# Logging
log_event "$OK" "$ARGUMENTS"
exit

12
bin/v-add-cron-report → bin/v-add-cron-reports
View file

@ -1,6 +1,6 @@
#!/bin/bash #!/bin/bash
# info: add cron reports # info: add cron reports
# opions: user # options: user
# #
# The script for enabling reports on cron tasks and administrative # The script for enabling reports on cron tasks and administrative
# notifications. # notifications.
@ -10,7 +10,7 @@
# Variable&Function # # Variable&Function #
#----------------------------------------------------------# #----------------------------------------------------------#
# Argument defenition # Argument definition
user=$1 user=$1
# Includes # Includes
@ -23,7 +23,7 @@ source $VESTA/conf/vesta.conf
#----------------------------------------------------------# #----------------------------------------------------------#
check_args '1' "$#" 'USER' check_args '1' "$#" 'USER'
validate_format 'user' is_format_valid 'user'
is_system_enabled "$CRON_SYSTEM" 'CRON_SYSTEM' is_system_enabled "$CRON_SYSTEM" 'CRON_SYSTEM'
is_object_valid 'user' 'USER' "$user" is_object_valid 'user' 'USER' "$user"
is_object_unsuspended 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user"
@ -46,12 +46,10 @@ sync_cron_jobs
# Restart crond # Restart crond
$BIN/v-restart-cron $BIN/v-restart-cron
if [ $? -ne 0 ]; then check_result $? "Cron restart failed" >/dev/null
exit $E_RESTART
fi
# Logging # Logging
log_history "enabled cron reporting" log_history "enabled cron reporting"
log_event "$OK" "$EVENT" log_event "$OK" "$ARGUMENTS"
exit exit

4
bin/v-add-cron-restart-job
View file

@ -1,6 +1,6 @@
#!/bin/bash #!/bin/bash
# info: add cron reports # info: add cron reports
# opions: NONE # options: NONE
# #
# The script for enabling restart cron tasks # The script for enabling restart cron tasks
@ -38,6 +38,6 @@ fi
#----------------------------------------------------------# #----------------------------------------------------------#
# Logging # Logging
log_event "$OK" "$EVENT" log_event "$OK" "$ARGUMENTS"
exit exit

23
bin/v-add-cron-vesta-autoupdate
View file

@ -9,7 +9,7 @@
# Variable&Function # # Variable&Function #
#----------------------------------------------------------# #----------------------------------------------------------#
# Argument defenition # Argument definition
user=admin user=admin
# Includes # Includes
@ -34,9 +34,14 @@ fi
# Action # # Action #
#----------------------------------------------------------# #----------------------------------------------------------#
# Define time somewhere at nigth # Generating timestamp
min=$(gen_password '012345' '2') time_n_date=$(date +'%T %F')
hour=$(gen_password '1234567' '1') time=$(echo "$time_n_date" |cut -f 1 -d \ )
date=$(echo "$time_n_date" |cut -f 2 -d \ )
# Define time somewhere at night
min=$(generate_password '012345' '2')
hour=$(generate_password '1234567' '1')
day='*' day='*'
month='*' month='*'
wday='*' wday='*'
@ -44,7 +49,7 @@ command='sudo /usr/local/vesta/bin/v-update-sys-vesta-all'
# Concatenating cron string # Concatenating cron string
str="JOB='$job' MIN='$min' HOUR='$hour' DAY='$day' MONTH='$month' WDAY='$wday'" str="JOB='$job' MIN='$min' HOUR='$hour' DAY='$day' MONTH='$month' WDAY='$wday'"
str="$str CMD='$command' SUSPENDED='no' TIME='$TIME' DATE='$DATE'" str="$str CMD='$command' SUSPENDED='no' TIME='$time' DATE='$date'"
# Adding to crontab # Adding to crontab
echo "$str" >> $VESTA/data/users/$user/cron.conf echo "$str" >> $VESTA/data/users/$user/cron.conf
@ -66,14 +71,12 @@ sync_cron_jobs
# Increasing cron value # Increasing cron value
increase_user_value $user '$U_CRON_JOBS' increase_user_value $user '$U_CRON_JOBS'
# Restart crond # Restarting crond
$BIN/v-restart-cron $BIN/v-restart-cron
if [ $? -ne 0 ]; then check_result $? "Cron restart failed" >/dev/null
exit $E_RESTART
fi
# Logging # Logging
log_history "added cron job $job" log_history "added cron job $job"
log_event "$OK" "$EVENT" log_event "$OK" "$ARGUMENTS"
exit exit

27
bin/v-add-database
View file

@ -15,11 +15,11 @@
# Variable&Function # # Variable&Function #
#----------------------------------------------------------# #----------------------------------------------------------#
# Argument defenition # Argument definition
user=$1 user=$1
database="$user"_"$2" database="$user"_"$2"
dbuser="$user"_"$3" dbuser="$user"_"$3"
dbpass=$4 password=$4; HIDE=4
type=${5-mysql} type=${5-mysql}
host=$6 host=$6
charset=${7-UTF8} charset=${7-UTF8}
@ -30,27 +30,25 @@ source $VESTA/func/main.sh
source $VESTA/func/db.sh source $VESTA/func/db.sh
source $VESTA/conf/vesta.conf source $VESTA/conf/vesta.conf
# Hiding password
A4='******'
EVENT="$DATE $TIME $SCRIPT $A1 $A2 $A3 $A4 $A5 $A6 $A7 $A8 $A9"
#----------------------------------------------------------# #----------------------------------------------------------#
# Verifications # # Verifications #
#----------------------------------------------------------# #----------------------------------------------------------#
check_args '4' "$#" 'USER DATABASE DBUSER DBPASS [TYPE] [HOST] [CHARSET]' check_args '4' "$#" 'USER DATABASE DBUSER DBPASS [TYPE] [HOST] [CHARSET]'
validate_format 'user' 'database' 'dbuser' 'dbpass' 'charset' is_format_valid 'user' 'database' 'dbuser' 'charset'
is_system_enabled "$DB_SYSTEM" 'DB_SYSTEM' is_system_enabled "$DB_SYSTEM" 'DB_SYSTEM'
is_type_valid "$DB_SYSTEM" "$type" is_type_valid "$DB_SYSTEM" "$type"
is_object_valid 'user' 'USER' "$user" is_object_valid 'user' 'USER' "$user"
is_object_unsuspended 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user"
is_object_new 'db' 'DB' "$database" is_object_new 'db' 'DB' "$database"
get_next_dbhost get_next_dbhost
is_object_valid "../../../conf/$type" 'DBHOST' "$host" is_object_valid "../../../conf/$type" 'HOST' "$host"
is_object_unsuspended "../../../conf/$type" 'DBHOST' "$host" is_object_unsuspended "../../../conf/$type" 'DBHOST' "$host"
#is_charset_valid #is_charset_valid
is_package_full 'DATABASES' is_package_full 'DATABASES'
is_password_valid
dbpass="$password"
#----------------------------------------------------------# #----------------------------------------------------------#
@ -68,14 +66,15 @@ esac
# Vesta # # Vesta #
#----------------------------------------------------------# #----------------------------------------------------------#
# Update time and date # Generating timestamp
DATE=$(date +%F) time_n_date=$(date +'%T %F')
TIME=$(date +%T) time=$(echo "$time_n_date" |cut -f 1 -d \ )
date=$(echo "$time_n_date" |cut -f 2 -d \ )
# Adding db to db conf # Adding db to db conf
str="DB='$database' DBUSER='$dbuser' MD5='$md5' HOST='$host' TYPE='$type'" str="DB='$database' DBUSER='$dbuser' MD5='$md5' HOST='$host' TYPE='$type'"
str="$str CHARSET='$charset' U_DISK='0' SUSPENDED='no' TIME='$TIME'" str="$str CHARSET='$charset' U_DISK='0' SUSPENDED='no' TIME='$time'"
str="$str DATE='$DATE'" str="$str DATE='$date'"
echo "$str" >> $USER_DATA/db.conf echo "$str" >> $USER_DATA/db.conf
chmod 660 $USER_DATA/db.conf chmod 660 $USER_DATA/db.conf
@ -85,6 +84,6 @@ increase_user_value "$user" '$U_DATABASES'
# Logging # Logging
log_history "added $type database $database" log_history "added $type database $database"
log_event "$OK" "$EVENT" log_event "$OK" "$ARGUMENTS"
exit exit

72
bin/v-add-database-host
View file

@ -13,11 +13,11 @@
# Variable&Function # # Variable&Function #
#----------------------------------------------------------# #----------------------------------------------------------#
# Argument defenition # Argument definition
type=$1 type=$1
host=$2 host=$2
dbuser=$3 dbuser=$3
dbpass=$4 password=$4; HIDE=4
max_db=${6-500} max_db=${6-500}
charsets=${7-UTF8,LATIN1,WIN1250,WIN1251,WIN1252,WIN1256,WIN1258,KOI8} charsets=${7-UTF8,LATIN1,WIN1250,WIN1251,WIN1252,WIN1256,WIN1258,KOI8}
template=${8-template1} template=${8-template1}
@ -27,8 +27,31 @@ source $VESTA/func/main.sh
source $VESTA/func/db.sh source $VESTA/func/db.sh
source $VESTA/conf/vesta.conf source $VESTA/conf/vesta.conf
# Hiding password is_mysql_host_alive() {
A4='******' mycnf=$(mktemp)
echo "[client]">$mycnf
echo "host='$HOST'" >> $mycnf
echo "user='$USER'" >> $mycnf
echo "password='$PASSWORD'" >> $mycnf
chmod 600 $mycnf
mysql --defaults-file=$mycnf -e 'SELECT VERSION()' >/dev/null 2>&1
rm $mycnf
if [ '0' -ne "$?" ]; then
echo "Error: MySQL connection to $host failed"
log_event "$E_CONNECT" "$ARGUMENTS"
exit $E_CONNECT
fi
}
is_pgsql_host_alive() {
export PGPASSWORD="$dbpass"
psql -h $host -U $dbuser -c "SELECT VERSION()" > /dev/null 2>&1
if [ '0' -ne "$?" ]; then
echo "Error: PostgreSQL connection to $host failed"
log_event "$E_CONNECT" "$ARGUMENTS"
exit $E_CONNECT
fi
}
#----------------------------------------------------------# #----------------------------------------------------------#
@ -37,10 +60,12 @@ A4='******'
args_usage='TYPE HOST DBUSER DBPASS [MAX_DB] [CHARSETS] [TPL]' args_usage='TYPE HOST DBUSER DBPASS [MAX_DB] [CHARSETS] [TPL]'
check_args '4' "$#" "$args_usage" check_args '4' "$#" "$args_usage"
validate_format 'host' 'dbuser' 'dbpass' 'max_db' 'charsets' 'template' is_format_valid 'host' 'dbuser' 'max_db' 'charsets' 'template'
is_system_enabled "$DB_SYSTEM" 'DB_SYSTEM' #is_system_enabled "$DB_SYSTEM" 'DB_SYSTEM'
is_type_valid "$DB_SYSTEM" "$type" #is_type_valid "$DB_SYSTEM" "$type"
is_dbhost_new is_dbhost_new
is_password_valid
dbpass="$password"
case $type in case $type in
mysql) is_mysql_host_alive ;; mysql) is_mysql_host_alive ;;
pgsql) is_pgsql_host_alive ;; pgsql) is_pgsql_host_alive ;;
@ -51,27 +76,44 @@ esac
# Action # # Action #
#----------------------------------------------------------# #----------------------------------------------------------#
# Concatentating db host string # Generating timestamp
time_n_date=$(date +'%T %F')
time=$(echo "$time_n_date" |cut -f 1 -d \ )
date=$(echo "$time_n_date" |cut -f 2 -d \ )
# Concatenating db host string
case $type in case $type in
mysql) str="HOST='$host' USER='$dbuser' PASSWORD='$dbpass'"; mysql) str="HOST='$host' USER='$dbuser' PASSWORD='$dbpass'";
str="$str CHARSETS='$charsets' MAX_DB='$max_db' U_SYS_USERS=''"; str="$str CHARSETS='$charsets' MAX_DB='$max_db' U_SYS_USERS=''";
str="$str U_DB_BASES='0' SUSPENDED='no' TIME='$TIME' DATE='$DATE'";; str="$str U_DB_BASES='0' SUSPENDED='no' TIME='$time' DATE='$date'";;
pgsql) str="HOST='$host' USER='$dbuser' PASSWORD='$dbpass'"; pgsql) str="HOST='$host' USER='$dbuser' PASSWORD='$dbpass'";
str="$str CHARSETS='$charsets' TPL='$template' MAX_DB='$max_db'"; str="$str CHARSETS='$charsets' TPL='$template' MAX_DB='$max_db'";
str="$str U_SYS_USERS='' U_DB_BASES='0' SUSPENDED='no'"; str="$str U_SYS_USERS='' U_DB_BASES='0' SUSPENDED='no'";
str="$str TIME='$TIME' DATE='$DATE'";; str="$str TIME='$time' DATE='$date'";;
esac esac
# Adding host to conf
echo "$str" >> $VESTA/conf/$type.conf
chmod 660 $VESTA/conf/$type.conf
#----------------------------------------------------------# #----------------------------------------------------------#
# Vesta # # Vesta #
#----------------------------------------------------------# #----------------------------------------------------------#
# Adding host to conf
echo "$str" >> $VESTA/conf/$type.conf
chmod 660 $VESTA/conf/$type.conf
# Updating vesta.conf
if [ -z "$(grep DB_SYSTEM $VESTA/conf/vesta.conf)" ]; then
echo "DB_SYSTEM='$type'" >> $VESTA/conf/vesta.conf
else
db=$(echo "$DB_SYSTEM,$type" |\
sed "s/,/\n/g"|\
sort -r -u |\
sed "/^$/d"|\
sed ':a;N;$!ba;s/\n/,/g')
sed -i "s/DB_SYSTEM=.*/DB_SYSTEM='$db'/g" $VESTA/conf/vesta.conf
fi
# Logging # Logging
log_event "$OK" "$EVENT" log_event "$OK" "$ARGUMENTS"
exit exit

105
bin/v-add-dns-domain
View file

@ -1,6 +1,6 @@
#!/bin/bash #!/bin/bash
# info: add dns domain # info: add dns domain
# options: USER DOMAIN IP [NS1] [NS2] [NS3] [NS4] [RESTART] # options: USER DOMAIN IP [NS1] [NS2] [NS3] [..] [NS8] [RESTART]
# #
# The function adds DNS zone with records defined in the template. If the exp # The function adds DNS zone with records defined in the template. If the exp
# argument isn't stated, the expiration date value will be set to next year. # argument isn't stated, the expiration date value will be set to next year.
@ -13,56 +13,75 @@
# Variable&Function # # Variable&Function #
#----------------------------------------------------------# #----------------------------------------------------------#
# Argument defenition # Argument definition
user=$1 user=$1
domain=$(idn -t --quiet -u "$2" ) domain=$2
domain=$(echo $domain | sed -e 's/\.*$//g' -e 's/^\.*//g')
domain=$(echo $domain | tr '[:upper:]' '[:lower:]')
domain_idn=$(idn -t --quiet -a "$domain")
ip=$3 ip=$3
ns1=$4 ns1=$4
ns2=$5 ns2=$5
ns3=$6 ns3=$6
ns4=$7 ns4=$7
restart=$8 ns5=$8
ns6=$9
ns7=${10}
ns8=${11}
restart=${12}
# Includes # Includes
source $VESTA/func/main.sh source $VESTA/func/main.sh
source $VESTA/func/domain.sh source $VESTA/func/domain.sh
source $VESTA/conf/vesta.conf source $VESTA/conf/vesta.conf
# Additional argument formatting
format_domain
format_domain_idn
#----------------------------------------------------------# #----------------------------------------------------------#
# Verifications # # Verifications #
#----------------------------------------------------------# #----------------------------------------------------------#
check_args '3' "$#" 'USER DOMAIN IP [NS1] [NS2] [NS3] [NS4]' check_args '3' "$#" 'USER DOMAIN IP [NS1] [NS2] [NS3] [..] [NS8] [RESTART]'
validate_format 'user' 'domain' 'ip' is_format_valid 'user' 'domain' 'ip'
is_system_enabled "$DNS_SYSTEM" 'DNS_SYSTEM' is_system_enabled "$DNS_SYSTEM" 'DNS_SYSTEM'
is_object_valid 'user' 'USER' "$user" is_object_valid 'user' 'USER' "$user"
is_object_unsuspended 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user"
is_domain_new 'dns' is_domain_new 'dns' "$domain"
is_package_full 'DNS_DOMAINS' is_package_full 'DNS_DOMAINS'
template=$(get_user_value '$DNS_TEMPLATE') template=$(get_user_value '$DNS_TEMPLATE')
is_dns_template_valid is_dns_template_valid $template
if [ ! -z "$ns1" ]; then if [ ! -z "$ns1" ]; then
ns1=$(echo $4 |sed -e 's/\.*$//g' -e 's/^\.*//g') ns1=$(echo $4 |sed -e 's/\.*$//g' -e 's/^\.*//g')
validate_format 'ns1' is_format_valid 'ns1'
fi fi
if [ ! -z "$ns2" ]; then if [ ! -z "$ns2" ]; then
ns2=$(echo $5 |sed -e 's/\.*$//g' -e 's/^\.*//g') ns2=$(echo $5 |sed -e 's/\.*$//g' -e 's/^\.*//g')
validate_format 'ns2' is_format_valid 'ns2'
fi fi
if [ ! -z "$ns3" ]; then if [ ! -z "$ns3" ]; then
ns3=$(echo $6 |sed -e 's/\.*$//g' -e 's/^\.*//g') ns3=$(echo $6 |sed -e 's/\.*$//g' -e 's/^\.*//g')
validate_format 'ns3' is_format_valid 'ns3'
fi fi
if [ ! -z "$ns4" ]; then if [ ! -z "$ns4" ]; then
ns4=$(echo $7 |sed -e 's/\.*$//g' -e 's/^\.*//g') ns4=$(echo $7 |sed -e 's/\.*$//g' -e 's/^\.*//g')
validate_format 'ns4' is_format_valid 'ns4'
fi
if [ ! -z "$ns5" ]; then
ns5=$(echo $8 |sed -e 's/\.*$//g' -e 's/^\.*//g')
is_format_valid 'ns5'
fi
if [ ! -z "$ns6" ]; then
ns6=$(echo $9 |sed -e 's/\.*$//g' -e 's/^\.*//g')
is_format_valid 'ns6'
fi
if [ ! -z "$ns7" ]; then
ns7=$(echo ${10} |sed -e 's/\.*$//g' -e 's/^\.*//g')
is_format_valid 'ns7'
fi
if [ ! -z "$ns8" ]; then
ns8=$(echo ${11} |sed -e 's/\.*$//g' -e 's/^\.*//g')
is_format_valid 'ns8'
fi fi
@ -81,6 +100,7 @@ if [ -z $ns2 ]; then
fi fi
soa="$ns1" soa="$ns1"
exp=$(date +%F -d "+ 1 year") exp=$(date +%F -d "+ 1 year")
serial=$(date +'%Y%m%d01')
ttl=14400 ttl=14400
# Reading template # Reading template
@ -93,8 +113,25 @@ fi
if [ -z "$ns4" ]; then if [ -z "$ns4" ]; then
template_data=$(echo "$template_data" |grep -v %ns4%) template_data=$(echo "$template_data" |grep -v %ns4%)
fi fi
if [ -z "$ns5" ]; then
template_data=$(echo "$template_data" |grep -v %ns5%)
fi
if [ -z "$ns6" ]; then
template_data=$(echo "$template_data" |grep -v %ns6%)
fi
if [ -z "$ns7" ]; then
template_data=$(echo "$template_data" |grep -v %ns7%)
fi
if [ -z "$ns8" ]; then
template_data=$(echo "$template_data" |grep -v %ns8%)
fi
# Add dns zone to the user config # Generating timestamp
time_n_date=$(date +'%T %F')
time=$(echo "$time_n_date" |cut -f 1 -d \ )
date=$(echo "$time_n_date" |cut -f 2 -d \ )
# Adding dns zone to the user config
echo "$template_data" |\ echo "$template_data" |\
sed -e "s/%ip%/$ip/g" \ sed -e "s/%ip%/$ip/g" \
-e "s/%domain_idn%/$domain_idn/g" \ -e "s/%domain_idn%/$domain_idn/g" \
@ -103,21 +140,25 @@ echo "$template_data" |\
-e "s/%ns2%/$ns2/g" \ -e "s/%ns2%/$ns2/g" \
-e "s/%ns3%/$ns3/g" \ -e "s/%ns3%/$ns3/g" \
-e "s/%ns4%/$ns4/g" \ -e "s/%ns4%/$ns4/g" \
-e "s/%time%/$TIME/g" \ -e "s/%ns5%/$ns5/g" \
-e "s/%date%/$DATE/g" > $USER_DATA/dns/$domain.conf -e "s/%ns6%/$ns6/g" \
-e "s/%ns7%/$ns7/g" \
-e "s/%ns8%/$ns8/g" \
-e "s/%time%/$time/g" \
-e "s/%date%/$date/g" > $USER_DATA/dns/$domain.conf
chmod 660 $USER_DATA/dns/$domain.conf chmod 660 $USER_DATA/dns/$domain.conf
records="$(wc -l $USER_DATA/dns/$domain.conf |cut -f 1 -d ' ')" records="$(wc -l $USER_DATA/dns/$domain.conf |cut -f 1 -d ' ')"
# Adding dns.conf record # Adding dns.conf record
dns_rec="DOMAIN='$domain' IP='$ip' TPL='$template' TTL='$ttl' EXP='$exp'" dns_rec="DOMAIN='$domain' IP='$ip' TPL='$template' TTL='$ttl' EXP='$exp'"
dns_rec="$dns_rec SOA='$soa' RECORDS='$records' SUSPENDED='no' TIME='$TIME'" dns_rec="$dns_rec SOA='$soa' SERIAL='$serial' SRC='' RECORDS='$records'"
dns_rec="$dns_rec DATE='$DATE'" dns_rec="$dns_rec SUSPENDED='no' TIME='$time' DATE='$date'"
echo "$dns_rec" >> $USER_DATA/dns.conf echo "$dns_rec" >> $USER_DATA/dns.conf
chmod 660 $USER_DATA/dns.conf chmod 660 $USER_DATA/dns.conf
# Create system configs # Creating system configs
if [[ "$DNS_SYSTEM" =~ named|bind ]]; then if [[ "$DNS_SYSTEM" =~ named|bind ]]; then
if [ -e '/etc/named.conf' ]; then if [ -e '/etc/named.conf' ]; then
dns_conf='/etc/named.conf' dns_conf='/etc/named.conf'
@ -135,14 +176,14 @@ if [[ "$DNS_SYSTEM" =~ named|bind ]]; then
# Updating domain dns zone # Updating domain dns zone
update_domain_zone update_domain_zone
# Set permissions # Changing permissions
chmod 640 $conf chmod 640 $HOMEDIR/$user/conf/dns/$domain.db
chown root:$dns_group $conf chown root:$dns_group $HOMEDIR/$user/conf/dns/$domain.db
fi fi
# Updating dns-cluster queue # Updating dns-cluster queue
if [ ! -z "$DNS_CLUSTER" ]; then if [ ! -z "$DNS_CLUSTER" ]; then
cmd="$BIN/v-add-remote-dns-domain $user $domain no" cmd="$BIN/v-add-remote-dns-domain $user $domain yes"
echo "$cmd" >> $VESTA/data/queue/dns-cluster.pipe echo "$cmd" >> $VESTA/data/queue/dns-cluster.pipe
fi fi
@ -156,15 +197,11 @@ increase_user_value "$user" '$U_DNS_DOMAINS'
increase_user_value "$user" '$U_DNS_RECORDS' "$records" increase_user_value "$user" '$U_DNS_RECORDS' "$records"
# Restart named # Restart named
if [ "$restart" != 'no' ]; then $BIN/v-restart-dns $restart
$BIN/v-restart-dns check_result $? "DNS restart failed"
if [ $? -ne 0 ]; then
exit $E_RESTART
fi
fi
# Logging # Logging
log_history "added dns domain $domain" log_history "added dns domain $domain"
log_event "$OK" "$EVENT" log_event "$OK" "$ARGUMENTS"
exit exit

80
bin/v-add-dns-on-web-alias
View file

@ -1,6 +1,6 @@
#!/bin/bash #!/bin/bash
# info: add dns domain or dns record based on web domain alias restart # info: add dns domain or dns record after web domain alias
# options: USER DOMAIN # options: USER ALIAS IP [RESTART]
# #
# The function adds dns domain or dns record based on web domain alias. # The function adds dns domain or dns record based on web domain alias.
@ -9,15 +9,11 @@
# Variable&Function # # Variable&Function #
#----------------------------------------------------------# #----------------------------------------------------------#
# Argument defenition # Argument definition
user=$1 user=$1
domain=$(echo $2 | sed -e 's/\.*$//g' -e 's/^\.*//g') alias=$2
domain_idn=$(idn -t --quiet -a "$domain") ip=$3
dom_alias=$(idn -t --quiet -u "$3" ) restart=$4
dom_alias=$(echo $dom_alias | sed -e 's/\.*$//g' -e 's/^\.*//g')
dom_alias=$(echo $dom_alias | tr '[:upper:]' '[:lower:]')
dom_alias_idn=$(idn -t --quiet -a "$dom_alias" )
restart="$4"
# Includes # Includes
source $VESTA/func/main.sh source $VESTA/func/main.sh
@ -29,58 +25,54 @@ source $VESTA/conf/vesta.conf
# Verifications # # Verifications #
#----------------------------------------------------------# #----------------------------------------------------------#
check_args '3' "$#" 'USER DOMAIN ALIAS' check_args '3' "$#" 'USER ALIAS IP [RESTART]'
validate_format 'user' 'domain' is_format_valid 'user' 'alias' 'ip'
is_system_enabled "$WEB_SYSTEM" 'WEB_SYSTEM'
is_system_enabled "$DNS_SYSTEM" 'DNS_SYSTEM' is_system_enabled "$DNS_SYSTEM" 'DNS_SYSTEM'
is_object_valid 'user' 'USER' "$user" is_object_valid 'user' 'USER' "$user"
is_object_unsuspended 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user"
is_object_valid 'web' 'DOMAIN' "$domain" if [ -e "$USER_DATA/dns/$alias.conf" ]; then
is_object_unsuspended 'web' 'DOMAIN' "$domain" exit
fi
#----------------------------------------------------------# #----------------------------------------------------------#
# Action # # Action #
#----------------------------------------------------------# #----------------------------------------------------------#
# Parsing domain values # Logging
get_domain_values 'web' log_event "$OK" "$ARGUMENTS"
# Check if it a simple domain # Define additional vars
if [ $(echo -e "${dom_alias//\./\n}" | wc -l) -le 2 ]; then sub_domain=$(echo "$alias" |awk -F '.' '{print $1}')
if [ ! -e "$USER_DATA/dns/$dom_alias.conf" ]; then top_domain=$(echo "$alias" |sed -e "s/^$sub_domain.//")
domain_lvl=$(echo "$alias" |grep -o "\." |wc -l)
# Adding second level domain
if [ "$domain_lvl" -eq 1 ] || [ "${#top_domain}" -le '6' ]; then
$BIN/v-add-dns-domain \ $BIN/v-add-dns-domain \
$user $dom_alias $IP '' '' '' '' '' $restart > /dev/null $user $alias $ip '' '' '' '' '' '' '' '' $restart >> /dev/null
fi
else
# Check subdomain
sub=$(echo "$dom_alias" | cut -f1 -d . -s)
dom=$(echo "$dom_alias" | sed -e "s/^$sub.//" )
# Ignore short domains like co.uk, com.au and so on
if [ "${#dom}" -le '6' ]; then
exit exit
fi fi
if [ ! -e "$USER_DATA/dns/$dom.conf" ]; then # Adding top-level domain and then its sub
$BIN/v-add-dns-domain \ $BIN/v-add-dns-domain $user $top_domain $ip '' '' '' '' '' $restart >> /dev/null
$user $dom $IP '' '' '' '' $restart > /dev/null
if [ $? -eq 0 ]; then # Checking top-level domain
$BIN/v-add-dns-record \ if [ ! -e "$USER_DATA/dns/$top_domain.conf" ]; then
$user $dom "$sub" A $IP '' '' $restart exit
fi fi
# Checking subdomain record
if [ "$sub_domain" == '*' ]; then
check_record=$(grep -w "RECORD='\*'" $USER_DATA/dns/$top_domain.conf)
else else
if [ "$sub" == '*' ]; then check_record=$(grep -w "RECORD='$sub_domain'" $USER_DATA/dns/$top_domain.conf)
rec=$(grep -w "RECORD='\*'" $USER_DATA/dns/$dom.conf)
else
rec=$(grep -w "RECORD='$sub'" $USER_DATA/dns/$dom.conf)
fi fi
if [ -z "$rec" ]; then
# Adding subdomain record
if [ -z "$check_record" ]; then
$BIN/v-add-dns-record \ $BIN/v-add-dns-record \
$user $dom "$sub" A $IP '' '' $restart > /dev/null $user $top_domain "$sub_domain" A $ip '' '' $restart >> /dev/null
fi
fi
fi fi
@ -88,6 +80,6 @@ fi
# Vesta # # Vesta #
#----------------------------------------------------------# #----------------------------------------------------------#
# No Logging # No logging
exit exit

44
bin/v-add-dns-record
View file

@ -12,11 +12,10 @@
# Variable&Function # # Variable&Function #
#----------------------------------------------------------# #----------------------------------------------------------#
# Argument defenition # Argument definition
user=$1 user=$1
domain=$(idn -t --quiet -u "$2" ) domain=$2
domain=$(echo $domain | tr '[:upper:]' '[:lower:]') domain_idn=$2
domain_idn=$(idn -t --quiet -a "$domain")
record=$(idn -t --quiet -u "$3" ) record=$(idn -t --quiet -u "$3" )
record=$(echo "$record" | tr '[:upper:]' '[:lower:]') record=$(echo "$record" | tr '[:upper:]' '[:lower:]')
rtype=$(echo "$4"| tr '[:lower:]' '[:upper:]') rtype=$(echo "$4"| tr '[:lower:]' '[:upper:]')
@ -41,18 +40,29 @@ fi
# Add trailing dot at the end of NS/CNAME/MX/PTR/SRV record # Add trailing dot at the end of NS/CNAME/MX/PTR/SRV record
if [[ $rtype =~ NS|CNAME|MX|PTR|SRV ]]; then if [[ $rtype =~ NS|CNAME|MX|PTR|SRV ]]; then
trailing_dot=$(echo $dvalue | grep "\.$") trailing_dot=$(echo $dvalue | grep "\.$")
if [ -z $trailing_dot ]; then if [ -z "$trailing_dot" ]; then
dvalue="$dvalue." dvalue="$dvalue."
fi fi
fi fi
dvalue=${dvalue//\"/}
if [[ "$dvalue" =~ [\;[:space:]] ]]; then
dvalue='"'"$dvalue"'"'
fi
# Additional argument formatting
format_domain
format_domain_idn
# TODO: $domain_idn not used in this script - maybe $domain should be converted to $doman_idn ?
#----------------------------------------------------------# #----------------------------------------------------------#
# Verifications # # Verifications #
#----------------------------------------------------------# #----------------------------------------------------------#
check_args '5' "$#" 'USER DOMAIN RECORD TYPE VALUE [PRIORITY] [ID] [RESTART]' check_args '5' "$#" 'USER DOMAIN RECORD TYPE VALUE [PRIORITY] [ID] [RESTART]'
validate_format 'user' 'domain' 'record' 'rtype' 'dvalue' is_format_valid 'user' 'domain' 'record' 'rtype' 'dvalue'
is_system_enabled "$DNS_SYSTEM" 'DNS_SYSTEM' is_system_enabled "$DNS_SYSTEM" 'DNS_SYSTEM'
is_object_valid 'user' 'USER' "$user" is_object_valid 'user' 'USER' "$user"
is_object_unsuspended 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user"
@ -60,7 +70,7 @@ is_object_valid 'dns' 'DOMAIN' "$domain"
is_object_unsuspended 'dns' 'DOMAIN' "$domain" is_object_unsuspended 'dns' 'DOMAIN' "$domain"
is_package_full 'DNS_RECORDS' is_package_full 'DNS_RECORDS'
get_next_dnsrecord get_next_dnsrecord
validate_format 'id' is_format_valid 'id'
is_object_new "dns/$domain" 'ID' "$id" is_object_new "dns/$domain" 'ID' "$id"
is_dns_fqnd "$rtype" "$dvalue" is_dns_fqnd "$rtype" "$dvalue"
is_dns_nameserver_valid "$domain" "$rtype" "$dvalue" is_dns_nameserver_valid "$domain" "$rtype" "$dvalue"
@ -70,10 +80,15 @@ is_dns_nameserver_valid "$domain" "$rtype" "$dvalue"
# Action # # Action #
#----------------------------------------------------------# #----------------------------------------------------------#
# Generating timestamp
time_n_date=$(date +'%T %F')
time=$(echo "$time_n_date" |cut -f 1 -d \ )
date=$(echo "$time_n_date" |cut -f 2 -d \ )
# Adding record # Adding record
zone="$USER_DATA/dns/$domain.conf" zone="$USER_DATA/dns/$domain.conf"
dns_rec="ID='$id' RECORD='$record' TYPE='$rtype' PRIORITY='$priority'" dns_rec="ID='$id' RECORD='$record' TYPE='$rtype' PRIORITY='$priority'"
dns_rec="$dns_rec VALUE='$dvalue' SUSPENDED='no' TIME='$TIME' DATE='$DATE'" dns_rec="$dns_rec VALUE='$dvalue' SUSPENDED='no' TIME='$time' DATE='$date'"
echo "$dns_rec" >> $zone echo "$dns_rec" >> $zone
chmod 660 $zone chmod 660 $zone
@ -82,6 +97,7 @@ sort_dns_records
# Updating zone # Updating zone
if [[ "$DNS_SYSTEM" =~ named|bind ]]; then if [[ "$DNS_SYSTEM" =~ named|bind ]]; then
update_domain_serial
update_domain_zone update_domain_zone
fi fi
@ -100,21 +116,17 @@ fi
# Vesta # # Vesta #
#----------------------------------------------------------# #----------------------------------------------------------#
# Upddate counters # Update counters
records="$(wc -l $USER_DATA/dns/$domain.conf | cut -f1 -d ' ')" records="$(wc -l $USER_DATA/dns/$domain.conf | cut -f1 -d ' ')"
update_object_value 'dns' 'DOMAIN' "$domain" '$RECORDS' "$records" update_object_value 'dns' 'DOMAIN' "$domain" '$RECORDS' "$records"
increase_user_value "$user" '$U_DNS_RECORDS' increase_user_value "$user" '$U_DNS_RECORDS'
# Restart named # Restart named
if [ "$restart" != 'no' ]; then $BIN/v-restart-dns $restart
$BIN/v-restart-dns check_result $? $E_RESTART 'dns failed to restart'
if [ $? -ne 0 ]; then
exit $E_RESTART
fi
fi
# Logging # Logging
log_history "added $rtype dns record $record for $domain" log_history "added $rtype dns record $record for $domain"
log_event "$OK" "$EVENT" log_event "$OK" "$ARGUMENTS"
exit exit

61
bin/v-add-domain
View file

@ -1,6 +1,6 @@
#!/bin/bash #!/bin/bash
# info: add web/dns/mail domain # info: add web/dns/mail domain
# options: USER DOMAIN [IP] # options: USER DOMAIN [IP] [RESTART]
# #
# The function adds web/dns/mail domain to a server. # The function adds web/dns/mail domain to a server.
@ -9,10 +9,11 @@
# Variable&Function # # Variable&Function #
#----------------------------------------------------------# #----------------------------------------------------------#
# Argument defenition # Argument definition
user=$1 user=$1
domain=$2 domain=$2
ip=$3 ip=$3
restart="${4-yes}"
# Includes # Includes
source $VESTA/func/main.sh source $VESTA/func/main.sh
@ -23,11 +24,10 @@ source $VESTA/conf/vesta.conf
#----------------------------------------------------------# #----------------------------------------------------------#
# Verifications # # Verifications #
#----------------------------------------------------------# #----------------------------------------------------------#
check_args '2' "$#" 'USER DOMAIN [IP] [RESTART]'
check_args '2' "$#" 'USER DOMAIN [IP]' is_format_valid 'user' 'domain'
validate_format 'user' 'domain'
if [ ! -z "$ip" ] ; then if [ ! -z "$ip" ] ; then
validate_format 'ip' is_format_valid 'ip'
fi fi
is_object_valid 'user' 'USER' "$user" is_object_valid 'user' 'USER' "$user"
is_object_unsuspended 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user"
@ -39,44 +39,43 @@ is_object_unsuspended 'user' 'USER' "$user"
# Get ip if it wasn't defined # Get ip if it wasn't defined
if [ -z "$ip" ]; then if [ -z "$ip" ]; then
ip=$(get_user_ip $user) get_user_ip
if [ -z "$ip" ]; then if [ -z "$ip" ]; then
echo "Error: no avaiable IP address" check_result $E_NOTEXIST "no avaiable IP address"
log_event "$E_NOTEXIST" "$EVENT"
exit $E_NOTEXIST
fi fi
fi fi
# Web domain # Working on web domain
if [ ! -z "$WEB_SYSTEM" ] && [ "$WEB_SYSTEM" != 'no' ]; then if [ ! -z "$WEB_SYSTEM" ]; then
$BIN/v-add-web-domain $user $domain $ip $BIN/v-add-web-domain $user $domain $ip 'no'
retun_code=$? check_result $? "can't add web domain" >/dev/null
fi fi
# Proxy support # Working on DNS domain
if [ ! -z "$PROXY_SYSTEM" ] && [ "$retun_code" -eq 0 ]; then if [ ! -z "$DNS_SYSTEM" ]; then
$BIN/v-add-web-domain-proxy $user $domain $BIN/v-add-dns-domain $user $domain $ip "" "" "" "" "" '' '' '' 'no'
check_result $? "can't add dns domain" >/dev/null
fi fi
# DNS domain # Working on mail domain
if [ ! -z "$DNS_SYSTEM" ] && [ "$DNS_SYSTEM" != 'no' ]; then if [ ! -z "$MAIL_SYSTEM" ]; then
if [ "$retun_code" -eq 0 ]; then
$BIN/v-add-dns-domain $user $domain $ip
retun_code=$?
fi
fi
# Mail domain
if [ ! -z "$MAIL_SYSTEM" ] && [ "$MAIL_SYSTEM" != 'no' ]; then
if [ "$retun_code" -eq 0 ]; then
$BIN/v-add-mail-domain $user $domain $BIN/v-add-mail-domain $user $domain
retun_code=$? check_result $? "can't add mail domain" >/dev/null
fi
fi fi
# Restarting services
$BIN/v-restart-web $restart
check_result $? "can't restart web" > /dev/null
$BIN/v-restart-proxy $restart
check_result $? "can't restart proxy" > /dev/null
$BIN/v-restart-dns $restart
check_result $? "can't restart dns" > /dev/null
#----------------------------------------------------------# #----------------------------------------------------------#
# Vesta # # Vesta #
#----------------------------------------------------------# #----------------------------------------------------------#
exit $retun_code exit

83
bin/v-add-firewall-ban Executable file
View file

@ -0,0 +1,83 @@
#!/bin/bash
# info: add firewall blocking rule
# options: IP CHAIN
#
# The function adds new blocking rule to system firewall
#----------------------------------------------------------#
# Variable&Function #
#----------------------------------------------------------#
# Importing system variables
source /etc/profile
# Argument definition
ip=$1
chain=$(echo $2|tr '[:lower:]' '[:upper:]')
# Defining absolute path for iptables and modprobe
iptables="/sbin/iptables"
# Includes
source $VESTA/func/main.sh
source $VESTA/conf/vesta.conf
#----------------------------------------------------------#
# Verifications #
#----------------------------------------------------------#
check_args '2' "$#" 'IP CHAIN'
is_format_valid 'ip' 'chain'
is_system_enabled "$FIREWALL_SYSTEM" 'FIREWALL_SYSTEM'
#----------------------------------------------------------#
# Action #
#----------------------------------------------------------#
# Checking server ip
if [ -e "$VESTA/data/ips/$ip" ] || [ "$ip" = '127.0.0.1' ]; then
exit
fi
# Checking ip exclusions
excludes="$VESTA/data/firewall/excludes.conf"
check_excludes=$(grep "^$ip$" $excludes 2>/dev/null)
if [ ! -z "$check_excludes" ]; then
exit
fi
# Checking ip in banlist
conf="$VESTA/data/firewall/banlist.conf"
check_ip=$(grep "IP='$ip' CHAIN='$chain'" $conf 2>/dev/null)
if [ ! -z "$check_ip" ]; then
exit
fi
# Adding chain
$BIN/v-add-firewall-chain $chain
# Generating timestamp
time_n_date=$(date +'%T %F')
time=$(echo "$time_n_date" |cut -f 1 -d \ )
date=$(echo "$time_n_date" |cut -f 2 -d \ )
# Adding ip to banlist
echo "IP='$ip' CHAIN='$chain' TIME='$time' DATE='$date'" >> $conf
$iptables -I fail2ban-$chain 1 -s $ip \
-j REJECT --reject-with icmp-port-unreachable 2>/dev/null
# Changing permissions
chmod 660 $conf
#----------------------------------------------------------#
# Vesta #
#----------------------------------------------------------#
# Logging
log_event "$OK" "$ARGUMENTS"
exit

92
bin/v-add-firewall-chain Executable file
View file

@ -0,0 +1,92 @@
#!/bin/bash
# info: add firewall chain
# options: CHAIN [PORT] [PROTOCOL] [PROTOCOL]
#
# The function adds new rule to system firewall
#----------------------------------------------------------#
# Variable&Function #
#----------------------------------------------------------#
# Importing system variables
source /etc/profile
# Argument definition
chain=$(echo $1 | tr '[:lower:]' '[:upper:]')
port=$2
protocol=${4-TCP}
protocol=$(echo $protocol|tr '[:lower:]' '[:upper:]')
# Defining absolute path to iptables
iptables="/sbin/iptables"
# Get vesta port by reading nginx.conf
vestaport=$(grep 'listen' /usr/local/vesta/nginx/conf/nginx.conf | awk '{print $2}' | sed "s|;||")
if [ -z "$vestaport" ]; then
vestaport=8083
fi
# Includes
source $VESTA/func/main.sh
source $VESTA/conf/vesta.conf
#----------------------------------------------------------#
# Verifications #
#----------------------------------------------------------#
check_args '1' "$#" 'CHAIN [PORT] [PROTOCOL]'
is_format_valid 'chain'
is_system_enabled "$FIREWALL_SYSTEM" 'FIREWALL_SYSTEM'
#----------------------------------------------------------#
# Action #
#----------------------------------------------------------#
# Checking known chains
case $chain in
SSH) port=22; protocol=TCP ;;
FTP) port=21; protocol=TCP ;;
MAIL) port='25,465,587,2525,110,995,143,993'; protocol=TCP ;;
DNS) port=53; protocol=UDP ;;
WEB) port='80,443'; protocol=TCP ;;
DB) port='3306,5432'; protocol=TCP ;;
VESTA) port=$vestaport; protocol=TCP ;;
*) check_args '2' "$#" 'CHAIN PORT' ;;
esac
# Adding chain
$iptables -N fail2ban-$chain 2>/dev/null
if [ $? -eq 0 ]; then
$iptables -A fail2ban-$chain -j RETURN
# Adding multiport module
if [[ "$port" =~ ,|-|: ]] ; then
port_str="-m multiport --dports $port"
else
port_str="--dport $port"
fi
$iptables -I INPUT -p $protocol $port_str -j fail2ban-$chain
fi
# Preserving chain
chains=$VESTA/data/firewall/chains.conf
check_chain=$(grep "CHAIN='$chain'" $chains 2>/dev/null)
if [ -z "$check_chain" ]; then
echo "CHAIN='$chain' PORT='$port' PROTOCOL='$protocol'" >> $chains
fi
# Changing permissions
chmod 660 $chains
#----------------------------------------------------------#
# Vesta #
#----------------------------------------------------------#
# Logging
log_event "$OK" "$ARGUMENTS"
exit

94
bin/v-add-firewall-rule Executable file
View file

@ -0,0 +1,94 @@
#!/bin/bash
# info: add firewall rule
# options: ACTION IP PORT [PROTOCOL] [COMMENT] [RULE]
#
# The function adds new rule to system firewall
#----------------------------------------------------------#
# Variable&Function #
#----------------------------------------------------------#
# Importing system variables
source /etc/profile
# Argument definition
action=$(echo $1|tr '[:lower:]' '[:upper:]')
ip=$2
port_ext=$3
protocol=${4-TCP}
protocol=$(echo $protocol|tr '[:lower:]' '[:upper:]')
comment=$5
rule=$6
# Includes
source $VESTA/func/main.sh
source $VESTA/conf/vesta.conf
# Get next firewall rule id
get_next_fw_rule() {
if [ -z "$rule" ]; then
curr_str=$(grep "RULE=" $VESTA/data/firewall/rules.conf |\
cut -f 2 -d \' | sort -n | tail -n1)
rule="$((curr_str +1))"
fi
}
sort_fw_rules() {
cat $VESTA/data/firewall/rules.conf |\
sort -n -k 2 -t \' > $VESTA/data/firewall/rules.conf.tmp
mv -f $VESTA/data/firewall/rules.conf.tmp \
$VESTA/data/firewall/rules.conf
}
#----------------------------------------------------------#
# Verifications #
#----------------------------------------------------------#
check_args '3' "$#" 'ACTION IP PORT [PROTOCOL] [COMMENT] [RULE]'
is_format_valid 'action' 'protocol' 'port_ext' 'ip'
is_system_enabled "$FIREWALL_SYSTEM" 'FIREWALL_SYSTEM'
get_next_fw_rule
is_format_valid 'rule'
is_object_new '../../data/firewall/rules' 'RULE' "$rule"
if [ ! -z "$comment" ]; then
is_format_valid 'comment'
fi
#----------------------------------------------------------#
# Action #
#----------------------------------------------------------#
# Generating timestamp
time_n_date=$(date +'%T %F')
time=$(echo "$time_n_date" |cut -f 1 -d \ )
date=$(echo "$time_n_date" |cut -f 2 -d \ )
# Concatenating rule
str="RULE='$rule' ACTION='$action' PROTOCOL='$protocol' PORT='$port_ext'"
str="$str IP='$ip' COMMENT='$comment' SUSPENDED='no'"
str="$str TIME='$time' DATE='$date'"
# Adding to config
echo "$str" >> $VESTA/data/firewall/rules.conf
# Changing permissions
chmod 660 $VESTA/data/firewall/rules.conf
# Sorting firewall rules by id number
sort_fw_rules
# Updating system firewall
$BIN/v-update-firewall
#----------------------------------------------------------#
# Vesta #
#----------------------------------------------------------#
# Logging
log_event "$OK" "$ARGUMENTS"
exit

76
bin/v-add-fs-archive Executable file
View file

@ -0,0 +1,76 @@
#!/bin/bash
# info: archive directory
# options: USER ARCHIVE SOURCE
#
# The function creates tar archive
user=$1
archive=$2
src0=$3
# Checking arguments
if [ -z "$src0" ]; then
echo "Usage: USER ARCHIVE FILE [FILE_2] [FILE_3] [FILE ...]"
exit 1
fi
# Checking vesta user
if [ ! -e "$VESTA/data/users/$user" ]; then
echo "Error: vesta user $user doesn't exist"
exit 3
fi
# Checking user homedir
homedir=$(grep "^$user:" /etc/passwd |cut -f 6 -d :)
if [ -z $homedir ]; then
echo "Error: user home directory doesn't exist"
exit 12
fi
# Checking archive
if [ -e "$archive" ]; then
echo "Error: archive already exist $archive"
exit 1
fi
# Checking source path
IFS=$'\n'
i=1
for src in $*; do
if [ "$i" -gt 2 ]; then
rpath=$(readlink -f "$src")
if [ -z "$(echo $rpath |egrep "^/tmp|^$homedir")" ]; then
echo "Error: invalid source path $src"
exit 1
fi
fi
((i++))
done
i=1
for src in $*; do
if [ "$i" -gt 2 ]; then
# Deleting leading home path
src=$(echo "$src"| sed -e "s|/home/$user/||")
# Creating tar.gz archive
sudo -u $user tar -rf "${archive/.gz/}" -C /home/$user $src >\
/dev/null 2>&1
if [ "$?" -ne 0 ]; then
echo "Error: archive $archive was not created"
exit 3
fi
fi
((i++))
done
# Checking gzip
if [[ "$archive" =~ \.gz$ ]]; then
sudo -u $user gzip "${archive/.gz/}" >/dev/null 2>&1
if [ "$?" -ne 0 ]; then
echo "Error: archive $archive was not gziped"
exit 3
fi
fi
exit

44
bin/v-add-fs-directory Executable file
View file

@ -0,0 +1,44 @@
#!/bin/bash
# info: add directory
# options: USER DIRECTORY
#
# The function creates new directory on the file system
user=$1
dst_dir=$2
# Checking arguments
if [ -z "$dst_dir" ]; then
echo "Usage: USER DIRECTORY"
exit 1
fi
# Checking vesta user
if [ ! -e "$VESTA/data/users/$user" ]; then
echo "Error: vesta user $user doesn't exist"
exit 3
fi
# Checking user homedir
homedir=$(grep "^$user:" /etc/passwd | cut -f 6 -d :)
if [ -z $homedir ]; then
echo "Error: user home directory doesn't exist"
exit 12
fi
# Checking destination path
rpath=$(readlink -f "$dst_dir")
if [ -z "$(echo $rpath |egrep "^/tmp|^$homedir")" ]; then
echo "Error: invalid destination path $dst_dir"
exit 2
fi
# Adding directory
sudo -u $user mkdir -p "$dst_dir" >/dev/null 2>&1
if [ $? -ne 0 ]; then
echo "Error: directory $dst_dir was not created"
exit 3
fi
# Extiging
exit

44
bin/v-add-fs-file Executable file
View file

@ -0,0 +1,44 @@
#!/bin/bash
# info: add file
# options: USER FILE
#
# The function creates new files on file system
user=$1
dst_file=$2
# Checking arguments
if [ -z "$dst_file" ]; then
echo "Usage: USER FILE"
exit 1
fi
# Checking vesta user
if [ ! -e "$VESTA/data/users/$user" ]; then
echo "Error: vesta user $user doesn't exist"
exit 3
fi
# Checking user homedir
homedir=$(grep "^$user:" /etc/passwd | cut -f 6 -d :)
if [ -z $homedir ]; then
echo "Error: user home directory doesn't exist"
exit 12
fi
# Checking destination path
rpath=$(readlink -f "$dst_file")
if [ -z "$(echo $rpath |egrep "^/tmp|^$homedir")" ]; then
echo "Error: invalid destination path $dst_dir"
exit 2
fi
# Creating file
sudo -u $user touch "$dst_file" >/dev/null 2>&1
if [ $? -ne 0 ]; then
echo "Error: file $dst_file was not created"
exit 3
fi
# Exiting
exit

276
bin/v-add-letsencrypt-domain Executable file
View file

@ -0,0 +1,276 @@
#!/bin/bash
# info: check letsencrypt domain
# options: USER DOMAIN [ALIASES]
#
# The function check and validates domain with Let's Encript
#----------------------------------------------------------#
# Variable&Function #
#----------------------------------------------------------#
# Argument definition
user=$1
domain=$2
aliases=$3
# LE API
API='https://acme-v02.api.letsencrypt.org'
# Includes
source $VESTA/func/main.sh
source $VESTA/func/domain.sh
source $VESTA/conf/vesta.conf
# encode base64
encode_base64() {
cat |base64 |tr '+/' '-_' |tr -d '\r\n='
}
# Let's Encrypt v2 curl function
query_le_v2() {
protected='{"nonce": "'$3'",'
protected=''$protected' "url": "'$1'",'
protected=''$protected' "alg": "RS256", "kid": "'$KID'"}'
content="Content-Type: application/jose+json"
payload_=$(echo -n "$2" |encode_base64)
protected_=$(echo -n "$protected" |encode_base64)
signature_=$(printf "%s" "$protected_.$payload_" |\
openssl dgst -sha256 -binary -sign $USER_DATA/ssl/user.key |\
encode_base64)
post_data='{"protected":"'"$protected_"'",'
post_data=$post_data'"payload":"'"$payload_"'",'
post_data=$post_data'"signature":"'"$signature_"'"}'
curl -s -i -d "$post_data" "$1" -H "$content"
}
#----------------------------------------------------------#
# Verifications #
#----------------------------------------------------------#
check_args '2' "$#" 'USER DOMAIN [ALIASES]'
is_format_valid 'user' 'domain' 'aliases'
is_system_enabled "$WEB_SYSTEM" 'WEB_SYSTEM'
is_object_valid 'user' 'USER' "$user"
is_object_unsuspended 'user' 'USER' "$user"
is_object_valid 'web' 'DOMAIN' "$domain"
is_object_unsuspended 'web' 'DOMAIN' "$domain"
get_domain_values 'web'
for alias in $(echo "$aliases" |tr ',' '\n' |sort -u); do
check_alias="$(echo $ALIAS |tr ',' '\n' |grep ^$alias$)"
if [ -z "$check_alias" ]; then
check_result $E_NOTEXIST "domain alias $alias doesn't exist"
fi
done
#----------------------------------------------------------#
# Action #
#----------------------------------------------------------#
# Registering LetsEncrypt user account
$BIN/v-add-letsencrypt-user $user
if [ "$?" -ne 0 ]; then
touch $VESTA/data/queue/letsencrypt.pipe
sed -i "/ $domain /d" $VESTA/data/queue/letsencrypt.pipe
send_notice "LETSENCRYPT" "Account registration failed"
check_result $E_CONNECT "LE account registration" >/dev/null
fi
# Parsing LetsEncrypt account data
source $USER_DATA/ssl/le.conf
# Checking wildcard alias
if [ "$aliases" = "*.$domain" ]; then
wildcard='yes'
proto="dns-01"
if [ ! -e "$VESTA/data/users/$user/dns/$domain.conf" ]; then
check_result $E_NOTEXIST "DNS domain $domain doesn't exist"
fi
else
proto="http-01"
fi
# Requesting nonce / STEP 1
answer=$(curl -s -I "$API/directory")
nonce=$(echo "$answer" |grep Nonce |cut -f2 -d \ |tr -d '\r\n')
status=$(echo "$answer"|grep HTTP/1.1 |tail -n1 |cut -f 2 -d ' ')
if [[ "$status" -ne 200 ]]; then
check_result $E_CONNECT "Let's Encrypt nonce request status $status"
fi
# Placing new order / STEP 2
url="$API/acme/new-order"
payload='{"identifiers":['
for identifier in $(echo $domain,$aliases |tr ',' '\n' |sort -u); do
payload=$payload'{"type":"dns","value":"'$identifier'"},'
done
payload=$(echo "$payload"|sed "s/,$//")
payload=$payload']}'
answer=$(query_le_v2 "$url" "$payload" "$nonce")
nonce=$(echo "$answer" |grep Nonce |cut -f2 -d \ |tr -d '\r\n')
authz=$(echo "$answer" |grep "acme/authz" |cut -f2 -d '"')
finalize=$(echo "$answer" |grep 'finalize":' |cut -f4 -d '"')
status=$(echo "$answer" |grep HTTP/1.1 |tail -n1 |cut -f2 -d ' ')
if [[ "$status" -ne 201 ]]; then
check_result $E_CONNECT "Let's Encrypt new auth status $status"
fi
# Requesting authorization token / STEP 3
for auth in $authz; do
payload=''
answer=$(query_le_v2 "$auth" "$payload" "$nonce")
url=$(echo "$answer" |grep -A3 $proto |grep url |cut -f 4 -d \")
token=$(echo "$answer" |grep -A3 $proto |grep token |cut -f 4 -d \")
nonce=$(echo "$answer" |grep Nonce |cut -f2 -d \ |tr -d '\r\n')
status=$(echo "$answer"|grep HTTP/1.1 |tail -n1 |cut -f 2 -d ' ')
if [[ "$status" -ne 200 ]]; then
check_result $E_CONNECT "Let's Encrypt acme/authz bad status $status"
fi
# Accepting challenge / STEP 4
if [ "$wildcard" = 'yes' ]; then
record=$(printf "%s" "$token.$THUMB" |\
openssl dgst -sha256 -binary |encode_base64)
old_records=$($BIN/v-list-dns-records $user $domain plain|grep 'TXT')
old_records=$(echo "$old_records" |grep _acme-challenge |cut -f 1)
for old_record in $old_records; do
$BIN/v-delete-dns-record $user $domain $old_record
done
$BIN/v-add-dns-record $user $domain "_acme-challenge" "TXT" $record
check_result $? "DNS _acme-challenge record wasn't created"
else
if [ "$WEB_SYSTEM" = 'nginx' ] || [ ! -z "$PROXY_SYSTEM" ]; then
conf="$HOMEDIR/$user/conf/web/nginx.$domain.conf_letsencrypt"
sconf="$HOMEDIR/$user/conf/web/snginx.$domain.conf_letsencrypt"
if [ ! -e "$conf" ]; then
echo 'location ~ "^/\.well-known/acme-challenge/(.*)$" {' \
> $conf
echo ' default_type text/plain;' >> $conf
echo ' return 200 "$1.'$THUMB'";' >> $conf
echo '}' >> $conf
fi
if [ ! -e "$sconf" ]; then
ln -s "$conf" "$sconf"
fi
$BIN/v-restart-proxy
check_result $? "Proxy restart failed" >/dev/null
else
well_known="$HOMEDIR/$user/web/$rdomain/public_html/.well-known"
acme_challenge="$well_known/acme-challenge"
mkdir -p $acme_challenge
echo "$token.$THUMB" > $acme_challenge/$token
chown -R $user:$user $well_known
fi
$BIN/v-restart-web
check_result $? "Web restart failed" >/dev/null
fi
# Requesting ACME validation / STEP 5
validation_check=$(echo "$answer" |grep '"valid"')
if [[ ! -z "$validation_check" ]]; then
validation='valid'
else
validation='pending'
fi
# Doing pol check on status
i=1
while [ "$validation" = 'pending' ]; do
payload='{}'
answer=$(query_le_v2 "$url" "$payload" "$nonce")
validation=$(echo "$answer"|grep -A1 $proto |tail -n1|cut -f4 -d \")
nonce=$(echo "$answer" |grep Nonce |cut -f2 -d \ |tr -d '\r\n')
status=$(echo "$answer"|grep HTTP/1.1 |tail -n1 |cut -f 2 -d ' ')
if [[ "$status" -ne 200 ]]; then
check_result $E_CONNECT "Let's Encrypt vvalidation status $status"
fi
i=$((i + 1))
if [ "$i" -gt 10 ]; then
check_result $E_CONNECT "Let's Encrypt domain validation timeout"
fi
sleep 1
done
if [ "$validation" = 'invalid' ]; then
check_result $E_CONNECT "Let's Encrypt domain verification failed"
fi
done
# Generating new ssl certificate
ssl_dir=$($BIN/v-generate-ssl-cert "$domain" "info@$domain" "US" "California"\
"San Francisco" "Vesta" "IT" "$aliases" |tail -n1 |awk '{print $2}')
# Sedning CSR to finalize order / STEP 6
csr=$(openssl req -in $ssl_dir/$domain.csr -outform DER |encode_base64)
payload='{"csr":"'$csr'"}'
answer=$(query_le_v2 "$finalize" "$payload" "$nonce")
nonce=$(echo "$answer" |grep Nonce |cut -f2 -d \ |tr -d '\r\n')
status=$(echo "$answer"|grep HTTP/1.1 |tail -n1 |cut -f 2 -d ' ')
certificate=$(echo "$answer"|grep 'certificate":' |cut -f4 -d '"')
if [[ "$status" -ne 200 ]]; then
check_result $E_CONNECT "Let's Encrypt finalize bad status $status"
fi
# Downloading signed certificate / STEP 7
curl -s "$certificate" -o $ssl_dir/$domain.pem
# Splitting up downloaded pem
crt_end=$(grep -n END $ssl_dir/$domain.pem |head -n1 |cut -f1 -d:)
head -n $crt_end $ssl_dir/$domain.pem > $ssl_dir/$domain.crt
pem_lines=$(wc -l $ssl_dir/$domain.pem |cut -f 1 -d ' ')
ca_end=$(grep -n "BEGIN" $ssl_dir/$domain.pem |tail -n1 |cut -f 1 -d :)
ca_end=$(( pem_lines - crt_end + 1 ))
tail -n $ca_end $ssl_dir/$domain.pem > $ssl_dir/$domain.ca
# Adding SSL
ssl_home=$(search_objects 'web' 'LETSENCRYPT' 'yes' 'SSL_HOME')
$BIN/v-delete-web-domain-ssl $user $domain >/dev/null 2>&1
$BIN/v-add-web-domain-ssl $user $domain $ssl_dir $ssl_home
if [ "$?" -ne '0' ]; then
touch $VESTA/data/queue/letsencrypt.pipe
sed -i "/ $domain /d" $VESTA/data/queue/letsencrypt.pipe
send_notice 'LETSENCRYPT' "$domain certificate installation failed"
check_result $? "SSL install" >/dev/null
fi
# Adding LE autorenew cronjob
if [ -z "$(grep v-update-lets $VESTA/data/users/admin/cron.conf)" ]; then
min=$(generate_password '012345' '2')
hour=$(generate_password '1234567' '1')
cmd="sudo $BIN/v-update-letsencrypt-ssl"
$BIN/v-add-cron-job admin "$min" "$hour" '*' '*' '*' "$cmd" > /dev/null
fi
# Updating letsencrypt key
if [ -z "$LETSENCRYPT" ]; then
add_object_key "web" 'DOMAIN' "$domain" 'LETSENCRYPT' 'FTP_USER'
fi
update_object_value 'web' 'DOMAIN' "$domain" '$LETSENCRYPT' 'yes'
#----------------------------------------------------------#
# Vesta #
#----------------------------------------------------------#
# Deleteing task from queue
touch $VESTA/data/queue/letsencrypt.pipe
sed -i "/ $domain /d" $VESTA/data/queue/letsencrypt.pipe
# Notifying user
send_notice 'LETSENCRYPT' "$domain SSL has been installed successfully"
# Logging
log_event "$OK" "$ARGUMENTS"
exit

141
bin/v-add-letsencrypt-user Executable file
View file

@ -0,0 +1,141 @@
#!/bin/bash
# info: register letsencrypt user account
# options: USER
#
# The function creates and register LetsEncript account
#----------------------------------------------------------#
# Variable&Function #
#----------------------------------------------------------#
# Argument definition
user=$1
# LE API
API='https://acme-v02.api.letsencrypt.org'
# Includes
source $VESTA/func/main.sh
source $VESTA/conf/vesta.conf
# encode base64
encode_base64() {
cat |base64 |tr '+/' '-_' |tr -d '\r\n='
}
# Let's Encrypt v2 curl function
query_le_v2() {
protected='{"nonce": "'$3'",'
protected=''$protected' "url": "'$1'",'
protected=''$protected' "alg": "RS256", "jwk": '$jwk'}'
content="Content-Type: application/jose+json"
payload_=$(echo -n "$2" |encode_base64)
protected_=$(echo -n "$protected" |encode_base64)
signature_=$(printf "%s" "$protected_.$payload_" |\
openssl dgst -sha256 -binary -sign $USER_DATA/ssl/user.key |\
encode_base64)
post_data='{"protected":"'"$protected_"'",'
post_data=$post_data'"payload":"'"$payload_"'",'
post_data=$post_data'"signature":"'"$signature_"'"}'
curl -s -i -d "$post_data" "$1" -H "$content"
}
#----------------------------------------------------------#
# Verifications #
#----------------------------------------------------------#
check_args '1' "$#" 'USER'
is_format_valid 'user'
is_object_valid 'user' 'USER' "$user"
if [ -e "$USER_DATA/ssl/le.conf" ]; then
source "$USER_DATA/ssl/le.conf"
fi
if [ ! -z "$KID" ]; then
exit
fi
#----------------------------------------------------------#
# Action #
#----------------------------------------------------------#
# Defining user email
if [[ -z "$EMAIL" ]]; then
EMAIL=$(get_user_value '$CONTACT')
fi
# Defining user agreement
agreement=''
# Generating user key
KEY="$USER_DATA/ssl/user.key"
if [ ! -e "$KEY" ]; then
openssl genrsa -out $KEY 4096 >/dev/null 2>&1
chmod 600 $KEY
fi
# Defining key exponent
if [ -z "$EXPONENT" ]; then
EXPONENT=$(openssl pkey -inform pem -in "$KEY" -noout -text_pub |\
grep Exponent: |cut -f 2 -d '(' |cut -f 1 -d ')' |sed -e 's/x//' |\
xxd -r -p |encode_base64)
fi
# Defining key modulus
if [ -z "$MODULUS" ]; then
MODULUS=$(openssl rsa -in "$KEY" -modulus -noout |\
sed -e 's/^Modulus=//' |xxd -r -p |encode_base64)
fi
# Defining JWK
jwk='{"e":"'$EXPONENT'","kty":"RSA","n":"'"$MODULUS"'"}'
# Defining key thumbnail
if [ -z "$THUMB" ]; then
THUMB="$(echo -n "$jwk" |openssl dgst -sha256 -binary |encode_base64)"
fi
# Requesting ACME nonce
nonce=$(curl -s -I "$API/directory" |grep Nonce |cut -f 2 -d \ |tr -d '\r\n')
# Creating ACME account
url="$API/acme/new-acct"
payload='{"termsOfServiceAgreed": true}'
answer=$(query_le_v2 "$url" "$payload" "$nonce")
kid=$(echo "$answer" |grep Location: |cut -f2 -d ' '|tr -d '\r')
# Checking answer status
status=$(echo "$answer" |grep HTTP/1.1 |tail -n1 |cut -f2 -d ' ')
if [[ "${status:0:2}" -ne "20" ]]; then
check_result $E_CONNECT "Let's Encrypt acc registration failed $status"
fi
#----------------------------------------------------------#
# Vesta #
#----------------------------------------------------------#
# Adding le.conf
if [ ! -e "$USER_DATA/ssl/le.conf" ]; then
echo "EXPONENT='$EXPONENT'" > $USER_DATA/ssl/le.conf
echo "MODULUS='$MODULUS'" >> $USER_DATA/ssl/le.conf
echo "THUMB='$THUMB'" >> $USER_DATA/ssl/le.conf
echo "EMAIL='$EMAIL'" >> $USER_DATA/ssl/le.conf
echo "KID='$kid'" >> $USER_DATA/ssl/le.conf
chmod 660 $USER_DATA/ssl/le.conf
else
sed -i '/^KID=/d' $USER_DATA/ssl/le.conf
echo "KID='$kid'" >> $USER_DATA/ssl/le.conf
fi
# Logging
log_event "$OK" "$ARGUMENTS"
exit

54
bin/v-add-mail-account
View file

@ -9,23 +9,22 @@
# Variable&Function # # Variable&Function #
#----------------------------------------------------------# #----------------------------------------------------------#
# Argument defenition # Argument definition
user=$1 user=$1
domain=$(idn -t --quiet -u "$2" ) domain=$2
domain=$(echo $domain | tr '[:upper:]' '[:lower:]') account=$3
domain_idn=$(idn -t --quiet -a "$domain") password=$4; HIDE=4
account=$(echo $3 | tr '[:upper:]' '[:lower:]') quota=${5-unlimited}
password=$4
quota=${5-0}
# Includes # Includes
source $VESTA/func/main.sh source $VESTA/func/main.sh
source $VESTA/func/domain.sh source $VESTA/func/domain.sh
source $VESTA/conf/vesta.conf source $VESTA/conf/vesta.conf
# Hiding password # Additional argument formatting
A4='******' if [[ "$account" =~ [[:upper:]] ]]; then
EVENT="$DATE $TIME $SCRIPT $A1 $A2 $A3 $A4 $A5 $A6 $A7 $A8 $A9" account=$(echo "$account" |tr '[:upper:]' '[:lower:]')
fi
#----------------------------------------------------------# #----------------------------------------------------------#
@ -33,7 +32,10 @@ EVENT="$DATE $TIME $SCRIPT $A1 $A2 $A3 $A4 $A5 $A6 $A7 $A8 $A9"
#----------------------------------------------------------# #----------------------------------------------------------#
check_args '4' "$#" 'USER DOMAIN ACCOUNT PASSWORD [QUOTA]' check_args '4' "$#" 'USER DOMAIN ACCOUNT PASSWORD [QUOTA]'
validate_format 'user' 'domain' 'account' 'password' 'quota' is_format_valid 'user' 'domain' 'account'
if [ "$quota" != 'unlimited' ]; then
is_format_valid 'quota'
fi
is_system_enabled "$MAIL_SYSTEM" 'MAIL_SYSTEM' is_system_enabled "$MAIL_SYSTEM" 'MAIL_SYSTEM'
is_object_valid 'user' 'USER' "$user" is_object_valid 'user' 'USER' "$user"
is_object_unsuspended 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user"
@ -41,19 +43,22 @@ is_object_valid 'mail' 'DOMAIN' "$domain"
is_object_unsuspended 'mail' 'DOMAIN' "$domain" is_object_unsuspended 'mail' 'DOMAIN' "$domain"
is_package_full 'MAIL_ACCOUNTS' is_package_full 'MAIL_ACCOUNTS'
is_mail_new "$account" is_mail_new "$account"
is_password_valid
#----------------------------------------------------------# #----------------------------------------------------------#
# Action # # Action #
#----------------------------------------------------------# #----------------------------------------------------------#
if [ -x '/usr/bin/doveadm' ]; then # Generating hashed password
md5=$(/usr/bin/doveadm pw -s md5 -p "$password") salt=$(generate_password "$PW_MATRIX" "8")
else md5="{MD5}$($BIN/v-generate-password-hash md5 $salt <<<$password)"
md5=$(/usr/sbin/dovecotpw -s md5 -p "$password")
fi
# Adding account info into password file
if [[ "$MAIL_SYSTEM" =~ exim ]]; then if [[ "$MAIL_SYSTEM" =~ exim ]]; then
if [ "$quota" = 'unlimited' ]; then
quota='0'
fi
str="$account:$md5:$user:mail::$HOMEDIR/$user:$quota" str="$account:$md5:$user:mail::$HOMEDIR/$user:$quota"
echo $str >> $HOMEDIR/$user/conf/mail/$domain/passwd echo $str >> $HOMEDIR/$user/conf/mail/$domain/passwd
fi fi
@ -63,9 +68,18 @@ fi
# Vesta # # Vesta #
#----------------------------------------------------------# #----------------------------------------------------------#
str="ACCOUNT='$account' ALIAS='' QUOTA='$quota' AUTOREPLY='no' FWD=''" # Generating timestamp
str="$str FWD_ONLY='' MD5='$md5' U_DISK='0' SUSPENDED='no' TIME='$TIME'" time_n_date=$(date +'%T %F')
str="$str DATE='$DATE'" time=$(echo "$time_n_date" |cut -f 1 -d \ )
date=$(echo "$time_n_date" |cut -f 2 -d \ )
if [[ "$quota" -eq '0' ]]; then
quota='unlimited'
fi
str="ACCOUNT='$account' ALIAS='' AUTOREPLY='no' FWD='' FWD_ONLY=''"
str="$str MD5='$md5' QUOTA='$quota' U_DISK='0' SUSPENDED='no'"
str="$str TIME='$time' DATE='$date'"
echo "$str" >> $USER_DATA/mail/$domain.conf echo "$str" >> $USER_DATA/mail/$domain.conf
chmod 660 $USER_DATA/mail/$domain.conf chmod 660 $USER_DATA/mail/$domain.conf
@ -76,6 +90,6 @@ update_object_value 'mail' 'DOMAIN' "$domain" '$ACCOUNTS' "$accounts"
# Logging # Logging
log_history "added mail account $account@$domain" log_history "added mail account $account@$domain"
log_event "$OK" "$EVENT" log_event "$OK" "$ARGUMENTS"
exit exit

18
bin/v-add-mail-account-alias
View file

@ -9,11 +9,10 @@
# Variable&Function # # Variable&Function #
#----------------------------------------------------------# #----------------------------------------------------------#
# Argument defenition # Argument definition
user=$1 user=$1
domain=$(idn -t --quiet -u "$2" ) domain=$2
domain=$(echo $domain | tr '[:upper:]' '[:lower:]') domain_idn=$2
domain_idn=$(idn -t --quiet -a "$domain")
account=$3 account=$3
malias=$4 malias=$4
@ -22,13 +21,18 @@ source $VESTA/func/main.sh
source $VESTA/func/domain.sh source $VESTA/func/domain.sh
source $VESTA/conf/vesta.conf source $VESTA/conf/vesta.conf
# Additional argument formatting
format_domain
format_domain_idn
# TODO: $domain_idn not used in this script - maybe $domain should be converted to $doman_idn ?
#----------------------------------------------------------# #----------------------------------------------------------#
# Verifications # # Verifications #
#----------------------------------------------------------# #----------------------------------------------------------#
check_args '4' "$#" 'USER DOMAIN ACCOUNT ALIAS' check_args '4' "$#" 'USER DOMAIN ACCOUNT ALIAS'
validate_format 'user' 'domain' 'account' 'malias' is_format_valid 'user' 'domain' 'account' 'malias'
is_system_enabled "$MAIL_SYSTEM" 'MAIL_SYSTEM' is_system_enabled "$MAIL_SYSTEM" 'MAIL_SYSTEM'
is_object_valid 'user' 'USER' "$user" is_object_valid 'user' 'USER' "$user"
is_object_unsuspended 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user"
@ -45,7 +49,7 @@ is_mail_new "$malias"
# Adding exim alias # Adding exim alias
if [[ "$MAIL_SYSTEM" =~ exim ]]; then if [[ "$MAIL_SYSTEM" =~ exim ]]; then
str="$malias@$domain:$account@$domain" str="$malias@$domain_idn:$account@$domain_idn"
echo "$str" >> $HOMEDIR/$user/conf/mail/$domain/aliases echo "$str" >> $HOMEDIR/$user/conf/mail/$domain/aliases
fi fi
@ -65,6 +69,6 @@ update_object_value "mail/$domain" 'ACCOUNT' "$account" '$ALIAS' "$aliases"
# Logging # Logging
log_history "added alias $malias to $account@$domain " log_history "added alias $malias to $account@$domain "
log_event "$OK" "$EVENT" log_event "$OK" "$ARGUMENTS"
exit exit

16
bin/v-add-mail-account-autoreply
View file

@ -9,11 +9,10 @@
# Variable&Function # # Variable&Function #
#----------------------------------------------------------# #----------------------------------------------------------#
# Argument defenition # Argument definition
user=$1 user=$1
domain=$(idn -t --quiet -u "$2" ) domain=$2
domain=$(echo $domain | tr '[:upper:]' '[:lower:]') domain_idn=$2
domain_idn=$(idn -t --quiet -a "$domain")
account=$3 account=$3
autoreply=$4 autoreply=$4
@ -29,13 +28,18 @@ else
MAIL_USER=exim MAIL_USER=exim
fi fi
# Additional argument formatting
format_domain
format_domain_idn
# TODO: $domain_idn not used in this script - maybe $domain should be converted to $doman_idn ?
#----------------------------------------------------------# #----------------------------------------------------------#
# Verifications # # Verifications #
#----------------------------------------------------------# #----------------------------------------------------------#
check_args '4' "$#" 'USER DOMAIN ACCOUNT MESSAGE' check_args '4' "$#" 'USER DOMAIN ACCOUNT MESSAGE'
validate_format 'user' 'domain' 'account' 'autoreply' is_format_valid 'user' 'domain' 'account' 'autoreply'
is_system_enabled "$MAIL_SYSTEM" 'MAIL_SYSTEM' is_system_enabled "$MAIL_SYSTEM" 'MAIL_SYSTEM'
is_object_valid 'user' 'USER' "$user" is_object_valid 'user' 'USER' "$user"
is_object_unsuspended 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user"
@ -70,6 +74,6 @@ update_object_value "mail/$domain" 'ACCOUNT' "$account" '$AUTOREPLY' 'yes'
# Logging # Logging
log_history "added autoreply message on $account@$domain" log_history "added autoreply message on $account@$domain"
log_event "$OK" "$EVENT" log_event "$OK" "$ARGUMENTS"
exit exit

21
bin/v-add-mail-account-forward
View file

@ -9,11 +9,10 @@
# Variable&Function # # Variable&Function #
#----------------------------------------------------------# #----------------------------------------------------------#
# Argument defenition # Argument definition
user=$1 user=$1
domain=$(idn -t --quiet -u "$2" ) domain=$2
domain=$(echo $domain | tr '[:upper:]' '[:lower:]') domain_idn=$2
domain_idn=$(idn -t --quiet -a "$domain")
account=$3 account=$3
forward=$4 forward=$4
@ -22,13 +21,17 @@ source $VESTA/func/main.sh
source $VESTA/func/domain.sh source $VESTA/func/domain.sh
source $VESTA/conf/vesta.conf source $VESTA/conf/vesta.conf
# Additional argument formatting
format_domain
format_domain_idn
#----------------------------------------------------------# #----------------------------------------------------------#
# Verifications # # Verifications #
#----------------------------------------------------------# #----------------------------------------------------------#
check_args '4' "$#" 'USER DOMAIN ACCOUNT FORWARD' check_args '4' "$#" 'USER DOMAIN ACCOUNT FORWARD'
validate_format 'user' 'domain' 'account' 'forward' is_format_valid 'user' 'domain' 'account' 'forward'
is_system_enabled "$MAIL_SYSTEM" 'MAIL_SYSTEM' is_system_enabled "$MAIL_SYSTEM" 'MAIL_SYSTEM'
is_object_valid 'user' 'USER' "$user" is_object_valid 'user' 'USER' "$user"
is_object_unsuspended 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user"
@ -39,7 +42,7 @@ is_object_unsuspended "mail/$domain" 'ACCOUNT' "$account"
fwd=$(get_object_value "mail/$domain" 'ACCOUNT' "$account" '$FWD') fwd=$(get_object_value "mail/$domain" 'ACCOUNT' "$account" '$FWD')
if [ ! -z "$(echo $fwd | grep -w $forward)" ]; then if [ ! -z "$(echo $fwd | grep -w $forward)" ]; then
echo "Error: forward $forward exists" echo "Error: forward $forward exists"
log_event "$E_EXISTS $EVENT" log_event "$E_EXISTS $ARGUMENTS"
exit $E_EXISTS exit $E_EXISTS
fi fi
@ -57,8 +60,8 @@ fi
# Adding forward to exim # Adding forward to exim
if [[ "$MAIL_SYSTEM" =~ exim ]]; then if [[ "$MAIL_SYSTEM" =~ exim ]]; then
sed -i "/^$account@$domain:/ d" $HOMEDIR/$user/conf/mail/$domain/aliases sed -i "/^$account@$domain_idn:/ d" $HOMEDIR/$user/conf/mail/$domain/aliases
echo "$account@$domain:$fwd" >> $HOMEDIR/$user/conf/mail/$domain/aliases echo "$account@$domain_idn:$fwd" >> $HOMEDIR/$user/conf/mail/$domain/aliases
fi fi
@ -71,6 +74,6 @@ update_object_value "mail/$domain" 'ACCOUNT' "$account" '$FWD' "$fwd"
# Logging # Logging
log_history "added forwarding from $account@$domain to $forward" log_history "added forwarding from $account@$domain to $forward"
log_event "$OK" "$EVENT" log_event "$OK" "$ARGUMENTS"
exit exit

20
bin/v-add-mail-account-fwd-only
View file

@ -9,11 +9,10 @@
# Variable&Function # # Variable&Function #
#----------------------------------------------------------# #----------------------------------------------------------#
# Argument defenition # Argument definition
user=$1 user=$1
domain=$(idn -t --quiet -u "$2" ) domain=$2
domain=$(echo $domain | tr '[:upper:]' '[:lower:]') domain_idn=$2
domain_idn=$(idn -t --quiet -a "$domain")
account=$3 account=$3
# Includes # Includes
@ -28,13 +27,18 @@ else
MAIL_USER=exim MAIL_USER=exim
fi fi
# Additional argument formatting
format_domain
format_domain_idn
# TODO: $domain_idn not used in this script - maybe $domain should be converted to $doman_idn ?
#----------------------------------------------------------# #----------------------------------------------------------#
# Verifications # # Verifications #
#----------------------------------------------------------# #----------------------------------------------------------#
check_args '3' "$#" 'USER DOMAIN ACCOUNT' check_args '3' "$#" 'USER DOMAIN ACCOUNT'
validate_format 'user' 'domain' 'account' is_format_valid 'user' 'domain' 'account'
is_system_enabled "$MAIL_SYSTEM" 'MAIL_SYSTEM' is_system_enabled "$MAIL_SYSTEM" 'MAIL_SYSTEM'
is_object_valid 'user' 'USER' "$user" is_object_valid 'user' 'USER' "$user"
is_object_unsuspended 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user"
@ -45,7 +49,7 @@ is_object_unsuspended "mail/$domain" 'ACCOUNT' "$account"
fwd=$(get_object_value "mail/$domain" 'ACCOUNT' "$account" '$FWD') fwd=$(get_object_value "mail/$domain" 'ACCOUNT' "$account" '$FWD')
if [ -z "$fwd" ]; then if [ -z "$fwd" ]; then
echo "Error: forward doesn't exist" echo "Error: forward doesn't exist"
log_event "$E_NOTEXIST $EVENT" log_event "$E_NOTEXIST $ARGUMENTS"
exit $E_NOTEXIST exit $E_NOTEXIST
fi fi
@ -56,7 +60,7 @@ fi
# Adding account to fwd_only # Adding account to fwd_only
if [[ "$MAIL_SYSTEM" =~ exim ]]; then if [[ "$MAIL_SYSTEM" =~ exim ]]; then
echo "$account" > $HOMEDIR/$user/conf/mail/$domain/fwd_only echo "$account" >> $HOMEDIR/$user/conf/mail/$domain/fwd_only
chown -R $MAIL_USER:mail $HOMEDIR/$user/conf/mail/$domain/fwd_only chown -R $MAIL_USER:mail $HOMEDIR/$user/conf/mail/$domain/fwd_only
fi fi
@ -71,6 +75,6 @@ update_object_value "mail/$domain" 'ACCOUNT' "$account" '$FWD_ONLY' "yes"
# Logging # Logging
log_history "added fwd_only flag for $account@$domain" log_history "added fwd_only flag for $account@$domain"
log_event "$OK" "$EVENT" log_event "$OK" "$ARGUMENTS"
exit exit

31
bin/v-add-mail-domain
View file

@ -9,12 +9,9 @@
# Variable&Function # # Variable&Function #
#----------------------------------------------------------# #----------------------------------------------------------#
# Argument defenition # Argument definition
user=$1 user=$1
domain=$(idn -t --quiet -u "$2" ) domain=$2
domain=$(echo $domain | sed -e 's/\.*$//g' -e 's/^\.*//g')
domain=$(echo $domain | tr '[:upper:]' '[:lower:]')
domain_idn=$(idn -t --quiet -a "$domain")
antispam=${3-yes} antispam=${3-yes}
antivirus=${4-yes} antivirus=${4-yes}
dkim=${5-yes} dkim=${5-yes}
@ -32,28 +29,38 @@ else
MAIL_USER=exim MAIL_USER=exim
fi fi
# Additional argument formatting
format_domain
format_domain_idn
#----------------------------------------------------------# #----------------------------------------------------------#
# Verifications # # Verifications #
#----------------------------------------------------------# #----------------------------------------------------------#
check_args '2' "$#" 'USER DOMAIN [ANTISPAM] [ANTIVIRUS] [DKIM] [DKIM_SIZE]' check_args '2' "$#" 'USER DOMAIN [ANTISPAM] [ANTIVIRUS] [DKIM] [DKIM_SIZE]'
validate_format 'user' 'domain' 'antispam' 'antivirus' 'dkim' 'dkim_size' is_format_valid 'user' 'domain' 'antispam' 'antivirus' 'dkim' 'dkim_size'
is_system_enabled "$MAIL_SYSTEM" 'MAIL_SYSTEM' is_system_enabled "$MAIL_SYSTEM" 'MAIL_SYSTEM'
is_object_valid 'user' 'USER' "$user" is_object_valid 'user' 'USER' "$user"
is_object_unsuspended 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user"
is_domain_new 'mail' is_domain_new 'mail' "$domain"
is_package_full 'MAIL_DOMAINS' is_package_full 'MAIL_DOMAINS'
is_dir_symlink $HOMEDIR/$user/mail
#----------------------------------------------------------# #----------------------------------------------------------#
# Action # # Action #
#----------------------------------------------------------# #----------------------------------------------------------#
# Generating timestamp
time_n_date=$(date +'%T %F')
time=$(echo "$time_n_date" |cut -f 1 -d \ )
date=$(echo "$time_n_date" |cut -f 2 -d \ )
# Adding domain to mail.conf # Adding domain to mail.conf
s="DOMAIN='$domain' ANTIVIRUS='$antivirus' ANTISPAM='$antispam' DKIM='$dkim'" s="DOMAIN='$domain' ANTIVIRUS='$antivirus' ANTISPAM='$antispam' DKIM='$dkim'"
s="$s ACCOUNTS='0' U_DISK='0' CATCHALL='' SUSPENDED='no' TIME='$TIME'" s="$s CATCHALL='' ACCOUNTS='0' U_DISK='0' SUSPENDED='no' TIME='$time'"
s="$s DATE='$DATE'" s="$s DATE='$date'"
echo $s >> $USER_DATA/mail.conf echo $s >> $USER_DATA/mail.conf
touch $USER_DATA/mail/$domain.conf touch $USER_DATA/mail/$domain.conf
@ -113,10 +120,10 @@ if [ ! -z "$DNS_SYSTEM" ] && [ "$dkim" = 'yes' ]; then
p=$(cat $USER_DATA/mail/$domain.pub|grep -v ' KEY---'|tr -d '\n') p=$(cat $USER_DATA/mail/$domain.pub|grep -v ' KEY---'|tr -d '\n')
record='_domainkey' record='_domainkey'
policy="\"t=y; o=~;\"" policy="\"t=y; o=~;\""
$BIN/v-add-dns-record $user $domain $record TXT "$policy" $BIN/v-add-dns-record $user $domain $record TXT "$policy" '' '' 'no'
record='mail._domainkey' record='mail._domainkey'
selector="\"k=rsa\; p=$p\"" selector="\"v=DKIM1\; k=rsa\; p=$p\""
$BIN/v-add-dns-record $user $domain $record TXT "$selector" $BIN/v-add-dns-record $user $domain $record TXT "$selector"
fi fi
fi fi
@ -134,6 +141,6 @@ fi
# Logging # Logging
log_history "added mail domain $domain" log_history "added mail domain $domain"
log_event "$OK" "$EVENT" log_event "$OK" "$ARGUMENTS"
exit exit

18
bin/v-add-mail-domain-antispam
View file

@ -2,31 +2,35 @@
# info: add mail domain antispam support # info: add mail domain antispam support
# options: USER DOMAIN # options: USER DOMAIN
# #
# The function enables spamassasin for incomming emails. # The function enables spamassasin for incoming emails.
#----------------------------------------------------------# #----------------------------------------------------------#
# Variable&Function # # Variable&Function #
#----------------------------------------------------------# #----------------------------------------------------------#
# Argument defenition # Argument definition
user=$1 user=$1
domain=$(idn -t --quiet -u "$2" ) domain=$2
domain=$(echo $domain | tr '[:upper:]' '[:lower:]') domain_idn=$2
domain_idn=$(idn -t --quiet -a "$domain")
# Includes # Includes
source $VESTA/func/main.sh source $VESTA/func/main.sh
source $VESTA/func/domain.sh source $VESTA/func/domain.sh
source $VESTA/conf/vesta.conf source $VESTA/conf/vesta.conf
# Additional argument formatting
format_domain
format_domain_idn
# TODO: $domain_idn not used in this script - maybe $domain should be converted to $doman_idn ?
#----------------------------------------------------------# #----------------------------------------------------------#
# Verifications # # Verifications #
#----------------------------------------------------------# #----------------------------------------------------------#
check_args '2' "$#" 'USER DOMAIN' check_args '2' "$#" 'USER DOMAIN'
validate_format 'user' 'domain' is_format_valid 'user' 'domain'
is_system_enabled "$MAIL_SYSTEM" 'MAIL_SYSTEM' is_system_enabled "$MAIL_SYSTEM" 'MAIL_SYSTEM'
is_object_valid 'user' 'USER' "$user" is_object_valid 'user' 'USER' "$user"
is_object_unsuspended 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user"
@ -54,6 +58,6 @@ update_object_value 'mail' 'DOMAIN' "$domain" '$ANTISPAM' 'yes'
# Logging # Logging
log_history "enabled antispam on $domain" log_history "enabled antispam on $domain"
log_event "$OK" "$EVENT" log_event "$OK" "$ARGUMENTS"
exit exit

18
bin/v-add-mail-domain-antivirus
View file

@ -2,31 +2,35 @@
# info: add mail domain antivirus support # info: add mail domain antivirus support
# options: USER DOMAIN # options: USER DOMAIN
# #
# The function enables clamav scan for incomming emails. # The function enables clamav scan for incoming emails.
#----------------------------------------------------------# #----------------------------------------------------------#
# Variable&Function # # Variable&Function #
#----------------------------------------------------------# #----------------------------------------------------------#
# Argument defenition # Argument definition
user=$1 user=$1
domain=$(idn -t --quiet -u "$2" ) domain=$2
domain=$(echo $domain | tr '[:upper:]' '[:lower:]') domain_idn=$2
domain_idn=$(idn -t --quiet -a "$domain")
# Includes # Includes
source $VESTA/func/main.sh source $VESTA/func/main.sh
source $VESTA/func/domain.sh source $VESTA/func/domain.sh
source $VESTA/conf/vesta.conf source $VESTA/conf/vesta.conf
# Additional argument formatting
format_domain
format_domain_idn
# TODO: $domain_idn not used in this script - maybe $domain should be converted to $doman_idn ?
#----------------------------------------------------------# #----------------------------------------------------------#
# Verifications # # Verifications #
#----------------------------------------------------------# #----------------------------------------------------------#
check_args '2' "$#" 'USER DOMAIN' check_args '2' "$#" 'USER DOMAIN'
validate_format 'user' 'domain' is_format_valid 'user' 'domain'
is_system_enabled "$MAIL_SYSTEM" 'MAIL_SYSTEM' is_system_enabled "$MAIL_SYSTEM" 'MAIL_SYSTEM'
is_object_valid 'user' 'USER' "$user" is_object_valid 'user' 'USER' "$user"
is_object_unsuspended 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user"
@ -54,6 +58,6 @@ update_object_value 'mail' 'DOMAIN' "$domain" '$ANTIVIRUS' 'yes'
# Logging # Logging
log_history "enabled antivirus on $domain" log_history "enabled antivirus on $domain"
log_event "$OK" "$EVENT" log_event "$OK" "$ARGUMENTS"
exit exit

21
bin/v-add-mail-domain-catchall
View file

@ -2,18 +2,17 @@
# info: add mail domain catchall account # info: add mail domain catchall account
# options: USER DOMAIN EMAIL # options: USER DOMAIN EMAIL
# #
# The function enables catchall account for incomming emails. # The function enables catchall account for incoming emails.
#----------------------------------------------------------# #----------------------------------------------------------#
# Variable&Function # # Variable&Function #
#----------------------------------------------------------# #----------------------------------------------------------#
# Argument defenition # Argument definition
user=$1 user=$1
domain=$(idn -t --quiet -u "$2" ) domain=$2
domain=$(echo $domain | tr '[:upper:]' '[:lower:]') domain_idn=$2
domain_idn=$(idn -t --quiet -a "$domain")
email="$3" email="$3"
# Includes # Includes
@ -21,13 +20,17 @@ source $VESTA/func/main.sh
source $VESTA/func/domain.sh source $VESTA/func/domain.sh
source $VESTA/conf/vesta.conf source $VESTA/conf/vesta.conf
# Additional argument formatting
format_domain
format_domain_idn
#----------------------------------------------------------# #----------------------------------------------------------#
# Verifications # # Verifications #
#----------------------------------------------------------# #----------------------------------------------------------#
check_args '3' "$#" 'USER DOMAIN EMAIL' check_args '3' "$#" 'USER DOMAIN EMAIL'
validate_format 'user' 'domain' 'email' is_format_valid 'user' 'domain' 'email'
is_system_enabled "$MAIL_SYSTEM" 'MAIL_SYSTEM' is_system_enabled "$MAIL_SYSTEM" 'MAIL_SYSTEM'
is_object_valid 'user' 'USER' "$user" is_object_valid 'user' 'USER' "$user"
is_object_unsuspended 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user"
@ -42,8 +45,8 @@ is_object_value_empty 'mail' 'DOMAIN' "$domain" '$CATCHALL'
# Adding catchall alias # Adding catchall alias
if [[ "$MAIL_SYSTEM" =~ exim ]]; then if [[ "$MAIL_SYSTEM" =~ exim ]]; then
sed -i "/*@$domain:/d" $HOMEDIR/$user/conf/mail/$domain/aliases sed -i "/*@$domain_idn:/d" $HOMEDIR/$user/conf/mail/$domain/aliases
echo "*@$domain:$email" >> $HOMEDIR/$user/conf/mail/$domain/aliases echo "*@$domain_idn:$email" >> $HOMEDIR/$user/conf/mail/$domain/aliases
fi fi
@ -56,6 +59,6 @@ update_object_value 'mail' 'DOMAIN' "$domain" '$CATCHALL' "$email"
# Logging # Logging
log_history "added $email as catchall email for $domain" log_history "added $email as catchall email for $domain"
log_event "$OK" "$EVENT" log_event "$OK" "$ARGUMENTS"
exit exit

26
bin/v-add-mail-domain-dkim
View file

@ -9,11 +9,10 @@
# Variable&Function # # Variable&Function #
#----------------------------------------------------------# #----------------------------------------------------------#
# Argument defenition # Argument definition
user=$1 user=$1
domain=$(idn -t --quiet -u "$2" ) domain=$2
domain=$(echo $domain | tr '[:upper:]' '[:lower:]') domain_idn=$2
domain_idn=$(idn -t --quiet -a "$domain")
dkim_size=${3-1024} dkim_size=${3-1024}
# Includes # Includes
@ -28,13 +27,18 @@ else
MAIL_USER=exim MAIL_USER=exim
fi fi
# Additional argument formatting
format_domain
format_domain_idn
# TODO: $domain_idn not used in this script - maybe $domain should be converted to $doman_idn ?
#----------------------------------------------------------# #----------------------------------------------------------#
# Verifications # # Verifications #
#----------------------------------------------------------# #----------------------------------------------------------#
check_args '2' "$#" 'USER DOMAIN [DKIM_SIZE]' check_args '2' "$#" 'USER DOMAIN [DKIM_SIZE]'
validate_format 'user' 'domain' 'dkim_size' is_format_valid 'user' 'domain' 'dkim_size'
is_system_enabled "$MAIL_SYSTEM" 'MAIL_SYSTEM' is_system_enabled "$MAIL_SYSTEM" 'MAIL_SYSTEM'
is_object_valid 'user' 'USER' "$user" is_object_valid 'user' 'USER' "$user"
is_object_unsuspended 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user"
@ -63,12 +67,12 @@ fi
# Adding dns records # Adding dns records
if [ ! -z "$DNS_SYSTEM" ] && [ -e "$USER_DATA/dns/$domain.conf" ]; then if [ ! -z "$DNS_SYSTEM" ] && [ -e "$USER_DATA/dns/$domain.conf" ]; then
p=$(cat $USER_DATA/mail/$domain.pub |grep -v ' KEY---' |tr -d '\n') p=$(cat $USER_DATA/mail/$domain.pub |grep -v ' KEY---' |tr -d '\n')
record='_domainkey' record="_domainkey"
policy="\"t=y; o=~;\"" policy="\"t=y; o=~;\""
$BIN/v-add-dns-record $user $domain $record TXT "$policy" $BIN/v-add-dns-record $user $domain $record TXT "$policy" '' '' 'no'
record='mail._domainkey' record="mail._domainkey"
selector="\"k=rsa\; p=$p\"" selector="\"v=DKIM1\; k=rsa\; p=$p\""
$BIN/v-add-dns-record $user $domain $record TXT "$selector" $BIN/v-add-dns-record $user $domain $record TXT "$selector"
fi fi
@ -79,10 +83,10 @@ fi
# Adding dkim in config # Adding dkim in config
update_object_value 'mail' 'DOMAIN' "$domain" '$DKIM' 'yes' update_object_value 'mail' 'DOMAIN' "$domain" '$DKIM' 'yes'
increase_user_value "$user" '$U_MAIL_DKMI' increase_user_value "$user" '$U_MAIL_DKIM'
# Logging # Logging
log_history "enabled DKIM support for $domain" log_history "enabled DKIM support for $domain"
log_event "$OK" "$EVENT" log_event "$OK" "$ARGUMENTS"
exit exit

117
bin/v-add-remote-dns-domain
View file

@ -9,11 +9,12 @@
# Variable&Function # # Variable&Function #
#----------------------------------------------------------# #----------------------------------------------------------#
# Argument defenition # Argument definition
user=$1 user=$1
domain=$2 domain=$2
flush=$3 flush=$3
# Includes # Includes
source $VESTA/func/main.sh source $VESTA/func/main.sh
source $VESTA/func/remote.sh source $VESTA/func/remote.sh
@ -25,103 +26,61 @@ source $VESTA/conf/vesta.conf
#----------------------------------------------------------# #----------------------------------------------------------#
check_args '2' "$#" 'USER DOMAIN [FLUSH]' check_args '2' "$#" 'USER DOMAIN [FLUSH]'
validate_format 'user' 'domain' is_format_valid 'user' 'domain'
is_system_enabled "$DNS_CLUSTER" 'DNS_CLUSTER' is_system_enabled "$DNS_CLUSTER" 'DNS_CLUSTER'
is_procces_running
if [ ! -e "$VESTA/conf/dns-cluster.conf" ]; then remote_dns_health_check
echo "Error: dns-cluster.conf doesn't exist"
log_event "$E_NOTEXIST $EVENT"
exit $E_NOTEXIST
fi
number_of_proc=$(ps auxf | grep -v grep | grep $VESTA/bin/$SCRIPT | wc -l)
if [ "$number_of_proc" -gt 2 ]; then
echo "Error: another sync process already exists"
log_event "$E_EXISTS $EVENT"
exit $E_EXISTS
fi
#----------------------------------------------------------# #----------------------------------------------------------#
# Action # # Action #
#----------------------------------------------------------# #----------------------------------------------------------#
# Check domain existance # Parsing domain record
check_local_domain=$(grep "DOMAIN='$domain'" $USER_DATA/dns.conf 2>/dev/null) str=$(grep "DOMAIN='$domain'" $USER_DATA/dns.conf 2>/dev/null)
if [ -z "$check_local_domain" ]; then if [ -z "$str" ]; then
pipe="$VESTA/data/queue/dns-cluster.pipe" pipe="$VESTA/data/queue/dns-cluster.pipe"
str=$(grep -n "$SCRIPT $1 $2$" $pipe | cut -f1 -d: | head -n1) queue_str=$(grep -n "$SCRIPT $1 $2 " $pipe |cut -f1 -d: |head -n1)
if [ ! -z "$str" ]; then if [ ! -z "$queue_str" ]; then
sed -i "$str d" $pipe sed -i "$queue_str d" $pipe
fi fi
exit exit
fi fi
old_ifs="$IFS"
IFS=$'\n' IFS=$'\n'
for cluster in $(grep "SUSPENDED='no'" $VESTA/conf/dns-cluster.conf); do
# Check remote dns nodes # Parsing remote dns host parameters
remote_dns_health_check eval $cluster
search_str=$(grep "SUSPENDED='no'" $VESTA/conf/dns-cluster.conf) # Parsing domain parameters
for cluster_str in $search_str; do
# Get host values
eval $cluster_str
# Check connection type
if [ -z "TYPE" ]; then
TYPE='api'
fi
# Check recipient dns user
if [ -z "$DNS_USER" ]; then
DNS_USER='dns-cluster'
fi
# Switch on connection type
case $TYPE in
ssh) send_cmd="send_ssh_cmd" ;;
*) send_cmd="send_api_cmd" ;;
esac
# Check dns exceptions
if [ -z "$DNS_CLUSTER_IGNORE" ]; then
DNS_CLUSTER_IGNORE='dns-cluster'
fi
# Check flush parameters
# Sync domain
str=$(grep "DOMAIN='$domain'" $USER_DATA/dns.conf)
eval $str eval $str
$send_cmd v-insert-dns-domain $DNS_USER "$str" $HOSTNAME "$flush" 'no' # Syncing domain data
if [ $? -eq 0 ]; then cluster_cmd v-insert-dns-domain $DNS_USER "$str" $HOSTNAME $flush 'no'
# Sync records check_result $? "$HOST connection failed" $E_CONNECT
if [ "$TYPE" = 'ssh' ]; then
tmp=$(mktemp -u)
scp_cmd $USER_DATA/dns/$DOMAIN.conf $tmp
$send_cmd v-insert-dns-records $DNS_USER $DOMAIN $tmp 'no'
else
for str in $(cat $USER_DATA/dns/$DOMAIN.conf); do
str=$(echo "$str" | sed 's/"/\\"/g')
$send_cmd v-insert-dns-record $DNS_USER $DOMAIN "$str"
done
fi
# Rebuild dns zone # Syncing domain records
$send_cmd v-rebuild-dns-domain $DNS_USER $domain 'scheduled' tmp_file="/tmp/vst-sync.$DOMAIN"
if [ $? -ne 0 ]; then cluster_file $USER_DATA/dns/$DOMAIN.conf $tmp_file
echo "Error: $TYPE connection to $HOST failed" check_result $? "$HOST connection failed" $E_CONNECT
log_event "$E_CONNECT $EVENT"
exit $E_CONNECT
fi
fi
# Inserting synced records
cluster_cmd v-insert-dns-records $DNS_USER $DOMAIN $tmp_file 'no'
check_result $? "$HOST connection failed" $E_CONNECT
# Rebuilding dns zone
cluster_cmd v-rebuild-dns-domain $DNS_USER $domain 'yes' 'no'
check_result $? "$HOST connection failed" $E_CONNECT
done done
# Update pipe
#----------------------------------------------------------#
# Vesta #
#----------------------------------------------------------#
# Updating pipe
rm -f $tmpfile rm -f $tmpfile
pipe="$VESTA/data/queue/dns-cluster.pipe" pipe="$VESTA/data/queue/dns-cluster.pipe"
str=$(grep -n "$SCRIPT $1 $2 " $pipe | cut -f1 -d: | head -n1) str=$(grep -n "$SCRIPT $1 $2 " $pipe | cut -f1 -d: | head -n1)
@ -129,8 +88,4 @@ if [ ! -z "$str" ]; then
sed -i "$str d" $pipe sed -i "$str d" $pipe
fi fi
#----------------------------------------------------------#
# Vesta #
#----------------------------------------------------------#
exit exit

58
bin/v-add-remote-dns-host
View file

@ -9,12 +9,17 @@
# Variable&Function # # Variable&Function #
#----------------------------------------------------------# #----------------------------------------------------------#
# Argument defenition # Argument definition
host=$1 host=$1
HOST=$host
port=$2 port=$2
PORT=$port
user=$3 user=$3
password=$4 USER=$user
password=$4; HIDE=4
PASSWORD=$password
type=${5-api} type=${5-api}
TYPE="$type"
dns_user=${6-dns-cluster} dns_user=${6-dns-cluster}
DNS_USER=$dns_user DNS_USER=$dns_user
@ -23,9 +28,6 @@ source $VESTA/func/main.sh
source $VESTA/func/remote.sh source $VESTA/func/remote.sh
source $VESTA/conf/vesta.conf source $VESTA/conf/vesta.conf
# Hiding passwords
A4='******'
#----------------------------------------------------------# #----------------------------------------------------------#
# Verifications # # Verifications #
@ -33,8 +35,9 @@ A4='******'
args_usage='HOST PORT USER PASSWORD [TYPE] [DNS_USER]' args_usage='HOST PORT USER PASSWORD [TYPE] [DNS_USER]'
check_args '4' "$#" "$args_usage" check_args '4' "$#" "$args_usage"
validate_format 'host' 'port' 'user' 'password' 'type' 'dns_user' is_format_valid 'host' 'port' 'user' 'type' 'dns_user'
is_system_enabled "$DNS_SYSTEM" 'DNS_SYSTEM' is_system_enabled "$DNS_SYSTEM" 'DNS_SYSTEM'
is_password_valid
is_dnshost_new is_dnshost_new
is_dnshost_alive is_dnshost_alive
@ -43,10 +46,15 @@ is_dnshost_alive
# Action # # Action #
#----------------------------------------------------------# #----------------------------------------------------------#
# Generating timestamp
time_n_date=$(date +'%T %F')
time=$(echo "$time_n_date" |cut -f 1 -d \ )
date=$(echo "$time_n_date" |cut -f 2 -d \ )
# Concatentating dns host string # Concatentating dns host string
str="HOST='$host' PORT='$port' USER='$user' PASSWORD='$password'" str="HOST='$host' PORT='$port' USER='$user' PASSWORD='$password'"
str="$str DNS_USER='$dns_user' TYPE='$type' SUSPENDED='no'" str="$str DNS_USER='$dns_user' TYPE='$type' SUSPENDED='no'"
str="$str TIME='$TIME' DATE='$DATE'" str="$str TIME='$time' DATE='$date'"
# Adding host to dns-cluster.conf # Adding host to dns-cluster.conf
echo "$str" >> $VESTA/conf/dns-cluster.conf echo "$str" >> $VESTA/conf/dns-cluster.conf
@ -59,37 +67,27 @@ else
sed -i "s/DNS_CLUSTER=.*/DNS_CLUSTER='yes'/g" $VESTA/conf/vesta.conf sed -i "s/DNS_CLUSTER=.*/DNS_CLUSTER='yes'/g" $VESTA/conf/vesta.conf
fi fi
# Enabling restart queue # Enabling remote dns-cluster queue
HOST=$host cluster_cmd v-add-cron-restart-job
PORT=$port check_result $? "$HOST connection failed" $E_CONNECT
USER=$user
PASSWORD=$password
case $type in
ssh) send_cmd="send_ssh_cmd" ;;
*) send_cmd="send_api_cmd" ;;
esac
$send_cmd v-add-cron-restart-job
# Sync current zones # Syncing all domains
$BIN/v-sync-dns-cluster $host $BIN/v-sync-dns-cluster $host
return_code=$? check_result $? "$HOST sync failed" $E_CONNECT
if [ "$return_code" -ne 0 ]; then
exit $return_code
fi
# Add dns-cluster cron job
cmd="sudo /usr/local/vesta/bin/v-update-sys-queue dns-cluster"
check_cron=$(grep "$cmd" $VESTA/data/users/admin/cron.conf 2> /dev/null)
if [ -z "$check_cron" ] && [ ! -z "$CRON_SYSTEM" ]; then
$BIN/v-add-cron-job admin '*/5' '*' '*' '*' '*' "$cmd"
fi
#----------------------------------------------------------# #----------------------------------------------------------#
# Vesta # # Vesta #
#----------------------------------------------------------# #----------------------------------------------------------#
# Adding local dns-cluster cron job
cmd="sudo /usr/local/vesta/bin/v-update-sys-queue dns-cluster"
check_cron=$(grep "$cmd" $VESTA/data/users/admin/cron.conf 2> /dev/null)
if [ -z "$check_cron" ] && [ ! -z "$CRON_SYSTEM" ]; then
$BIN/v-add-cron-job admin '*/5' '*' '*' '*' '*' "$cmd"
fi
# Logging # Logging
log_event "$OK" "$EVENT" log_event "$OK" "$ARGUMENTS"
exit exit

102
bin/v-add-remote-dns-record
View file

@ -9,7 +9,7 @@
# Variable&Function # # Variable&Function #
#----------------------------------------------------------# #----------------------------------------------------------#
# Argument defenition # Argument definition
user=$1 user=$1
domain=$2 domain=$2
id=$3 id=$3
@ -25,87 +25,61 @@ source $VESTA/conf/vesta.conf
#----------------------------------------------------------# #----------------------------------------------------------#
check_args '3' "$#" 'USER DOMAIN ID' check_args '3' "$#" 'USER DOMAIN ID'
validate_format 'user' 'domain' 'id' is_format_valid 'user' 'domain' 'id'
is_system_enabled "$DNS_CLUSTER" 'DNS_CLUSTER' is_system_enabled "$DNS_CLUSTER" 'DNS_CLUSTER'
is_object_valid 'user' 'USER' "$user" is_object_valid 'user' 'USER' "$user"
is_object_valid 'dns' 'DOMAIN' "$domain" is_object_valid 'dns' 'DOMAIN' "$domain"
is_object_valid "dns/$domain" 'ID' "$id" is_procces_running
remote_dns_health_check
if [ ! -e "$VESTA/conf/dns-cluster.conf" ]; then
echo "Error: dns-cluster.conf doesn't exist"
log_event "$E_NOTEXIST $EVENT"
exit $E_NOTEXIST
fi
number_of_proc=$(ps auxf | grep -v grep | grep $VESTA/bin/$SCRIPT | wc -l)
if [ "$number_of_proc" -gt 2 ]; then
echo "Error: another sync process already exists"
log_event "$E_EXISTS $EVENT"
exit $E_EXISTS
fi
#----------------------------------------------------------# #----------------------------------------------------------#
# Action # # Action #
#----------------------------------------------------------# #----------------------------------------------------------#
old_ifs="$IFS" # Parsing record
IFS=$'\n'
# Check remote dns nodes
remote_dns_health_check
for cluster_str in $(grep "SUSPENDED='no'" $VESTA/conf/dns-cluster.conf); do
# Get host values
eval $cluster_str
# Check connection type
if [ -z "TYPE" ]; then
TYPE='api'
fi
# Switch on connection type
case $TYPE in
ssh) send_cmd="send_ssh_cmd" ;;
*) send_cmd="send_api_cmd" ;;
esac
# Check recipient dns user
if [ -z "$DNS_USER" ]; then
DNS_USER='dns-cluster'
fi
# Check dns exceptions
if [ -z "$DNS_CLUSTER_IGNORE" ]; then
DNS_CLUSTER_IGNORE='dns-cluster'
fi
# Sync record
str=$(grep "ID='$id'" $USER_DATA/dns/$domain.conf) str=$(grep "ID='$id'" $USER_DATA/dns/$domain.conf)
str=$(echo "$str" | sed 's/"/\\"/g') if [ -z "$str" ]; then
$send_cmd v-insert-dns-record $DNS_USER $domain "$str" 'no' pipe="$VESTA/data/queue/dns-cluster.pipe"
if [ $? -eq 0 ]; then queue_str=$(grep -n "$SCRIPT $1 $2 $3$" $pipe | cut -f1 -d: | head -n1)
# Rebuild dns zone if [ ! -z "$queue_str" ]; then
$send_cmd v-rebuild-dns-domain $DNS_USER $domain 'scheduled' sed -i "$queue_str d" $pipe
if [ $? -ne 0 ]; then
echo "Error: $TYPE connection to $HOST failed (rebuild)"
log_event "$E_CONNECT $EVENT"
exit $E_CONNECT
fi fi
exit
fi fi
IFS=$'\n'
for cluster in $(grep "SUSPENDED='no'" $VESTA/conf/dns-cluster.conf); do
# Parsing remote host parameters
eval $cluster
# Syncing serial
str=$(grep "DOMAIN='$domain'" $USER_DATA/dns.conf)
cluster_cmd v-insert-dns-domain $DNS_USER "$str" $HOSTNAME 'domain' 'no'
check_result $? "$HOST connection failed (soa sync)" $E_CONNECT
# Syncing record
str=$(grep "ID='$id'" $USER_DATA/dns/$domain.conf | sed 's/"/\\"/g')
cluster_cmd v-insert-dns-record $DNS_USER $domain "$str" 'no'
check_result $? "$HOST connection failed (record sync)" $E_CONNECT
# Rebuilding dns zone
cluster_cmd v-rebuild-dns-domain $DNS_USER $domain 'yes' 'no'
check_result $? "$HOST connection failed (rebuild)" $E_CONNECT
done done
# Update pipe
pipe="$VESTA/data/queue/dns-cluster.pipe"
str=$(grep -n "$SCRIPT $1 $2 $3$" $pipe | cut -f1 -d: | head -n1)
if [ ! -z "$str" ]; then
sed -i "$str d" $pipe
fi
#----------------------------------------------------------# #----------------------------------------------------------#
# Vesta # # Vesta #
#----------------------------------------------------------# #----------------------------------------------------------#
# Updating pipe
pipe="$VESTA/data/queue/dns-cluster.pipe"
str=$(grep -n "$SCRIPT $1 $2 $3$" $pipe | cut -f1 -d: | head -n1)
if [ ! -z "$str" ]; then
sed -i "$str d" $pipe
fi
exit exit

57
bin/v-add-sys-firewall Executable file
View file

@ -0,0 +1,57 @@
#!/bin/bash
# info: add system firewall
# options: NONE
#
# The script enables firewall
#----------------------------------------------------------#
# Variable&Function #
#----------------------------------------------------------#
# Includes
source $VESTA/func/main.sh
source $VESTA/conf/vesta.conf
#----------------------------------------------------------#
# Verifications #
#----------------------------------------------------------#
if [ "$FIREWALL_SYSTEM" = 'iptables' ]; then
exit
fi
#----------------------------------------------------------#
# Action #
#----------------------------------------------------------#
# Adding firewall directory
mkdir -p $VESTA/data/firewall/
# Adding default ruleset
if [ ! -e "$VESTA/data/firewall/rules.conf" ]; then
cp $VESTA/install/rhel/7/* $VESTA/data/firewall/
fi
# Updating FIREWAL_SYSTEM value
if [ -z "$(grep FIREWALL_SYSTEM $VESTA/conf/vesta.conf)" ]; then
echo "FIREWALL_SYSTEM='iptables'" >> $VESTA/conf/vesta.conf
else
sed -i "s/FIREWALL_SYSTEM.*/FIREWALL_SYSTEM='iptables'/g" \
$VESTA/conf/vesta.conf
fi
# Updating firewall rules
$BIN/v-update-firewall
#----------------------------------------------------------#
# Vesta #
#----------------------------------------------------------#
# Logging
log_event "$OK" "$ARGUMENTS"
exit

77
bin/v-add-sys-ip
View file

@ -1,11 +1,11 @@
#!/bin/bash #!/bin/bash
# info: add system ip address # info: add system ip address
# options: IP MASK [INTERFACE] [USER] [IP_STATUS] [IP_NAME] [NAT_IP] # options: IP NETMASK [INTERFACE] [USER] [IP_STATUS] [IP_NAME] [NAT_IP]
# #
# The function adds ip address into a system. It also creates rc scripts. You # The function adds ip address into a system. It also creates rc scripts. You
# can specify ip name which will be used as root domain for temporary aliases. # can specify ip name which will be used as root domain for temporary aliases.
# For example, if you set a1.myhosting.com as name, each new domain created on # For example, if you set a1.myhosting.com as name, each new domain created on
# this ip will automaticaly receive alias $domain.a1.myhosting.com. Of course # this ip will automatically receive alias $domain.a1.myhosting.com. Of course
# you must have wildcard record *.a1.myhosting.com pointed to ip. This feature # you must have wildcard record *.a1.myhosting.com pointed to ip. This feature
# is very handy when customer wants to test domain before dns migration. # is very handy when customer wants to test domain before dns migration.
@ -14,9 +14,9 @@
# Variable&Function # # Variable&Function #
#----------------------------------------------------------# #----------------------------------------------------------#
# Argument defenition # Argument definition
ip=${1// /} ip=${1// /}
mask=$2 netmask=$2
interface="${3-eth0}" interface="${3-eth0}"
user="${4-admin}" user="${4-admin}"
ip_status="${5-shared}" ip_status="${5-shared}"
@ -34,36 +34,40 @@ source $VESTA/conf/vesta.conf
# Verifications # # Verifications #
#----------------------------------------------------------# #----------------------------------------------------------#
check_args '2' "$#" 'IP MASK [INTERFACE] [USER] [IP_STATUS] [IP_NAME] [NAT_IP]' check_args '2' "$#" 'IP NETMASK [INTERFACE] [USER] [STATUS] [NAME] [NATED_IP]'
validate_format 'ip' 'mask' 'interface' 'user' 'ip_status' is_format_valid 'ip' 'netmask' 'interface' 'user' 'ip_status'
is_ip_free is_ip_free
is_object_valid 'user' 'USER' "$user" is_object_valid 'user' 'USER' "$user"
is_object_unsuspended 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user"
if [ ! -z "$ip_name" ] ; then if [ ! -z "$ip_name" ] ; then
validate_format 'ip_name' is_format_valid 'ip_name'
fi fi
if [ ! -z "$nat_ip" ] ; then if [ ! -z "$nat_ip" ] ; then
validate_format 'nat_ip' is_format_valid 'nat_ip'
fi fi
#----------------------------------------------------------# #----------------------------------------------------------#
# Action # # Action #
#----------------------------------------------------------# #----------------------------------------------------------#
get_ip_iface iface=$(get_ip_iface)
sys_ip_check=$(/sbin/ifconfig | grep "addr:$ip ") cidr=$(convert_netmask $netmask)
broadcast=$(get_broadcast $ip $netmask)
sys_ip_check=$(/sbin/ip addr | grep "$ip")
if [ -z "$sys_ip_check" ]; then if [ -z "$sys_ip_check" ]; then
# Adding sys ip # Adding sys ip
/sbin/ifconfig "$iface" "$ip" netmask "$mask" /sbin/ip addr add $ip/$cidr dev $interface \
broadcast $broadcast label $iface
# Adding RHEL/CentOS/Fedora startup script # Adding RHEL/CentOS/Fedora/Amazon startup script
if [ -e "/etc/redhat-release" ]; then if [ -d "/etc/sysconfig" ]; then
sys_ip="# Added by vesta" sys_ip="# Added by vesta"
sys_ip="$sys_ip\nDEVICE=$iface" sys_ip="$sys_ip\nDEVICE=$iface"
sys_ip="$sys_ip\nBOOTPROTO=static" sys_ip="$sys_ip\nBOOTPROTO=static"
sys_ip="$sys_ip\nONBOOT=yes" sys_ip="$sys_ip\nONBOOT=yes"
sys_ip="$sys_ip\nIPADDR=$ip" sys_ip="$sys_ip\nIPADDR=$ip"
sys_ip="$sys_ip\nNETMASK=$mask" sys_ip="$sys_ip\nNETMASK=$netmask"
echo -e $sys_ip > /etc/sysconfig/network-scripts/ifcfg-$iface echo -e $sys_ip > /etc/sysconfig/network-scripts/ifcfg-$iface
fi fi
@ -73,11 +77,16 @@ if [ -z "$sys_ip_check" ]; then
sys_ip="$sys_ip\nauto $iface" sys_ip="$sys_ip\nauto $iface"
sys_ip="$sys_ip\niface $iface inet static" sys_ip="$sys_ip\niface $iface inet static"
sys_ip="$sys_ip\naddress $ip" sys_ip="$sys_ip\naddress $ip"
sys_ip="$sys_ip\nnetmask $mask" sys_ip="$sys_ip\nnetmask $netmask"
echo -e $sys_ip >> /etc/network/interfaces echo -e $sys_ip >> /etc/network/interfaces
fi fi
fi fi
# Generating timestamp
time_n_date=$(date +'%T %F')
time=$(echo "$time_n_date" |cut -f 1 -d \ )
date=$(echo "$time_n_date" |cut -f 2 -d \ )
# Adding vesta ip # Adding vesta ip
echo "OWNER='$user' echo "OWNER='$user'
STATUS='$ip_status' STATUS='$ip_status'
@ -85,23 +94,28 @@ NAME='$ip_name'
U_SYS_USERS='' U_SYS_USERS=''
U_WEB_DOMAINS='0' U_WEB_DOMAINS='0'
INTERFACE='$interface' INTERFACE='$interface'
NETMASK='$mask' NETMASK='$netmask'
NAT='$nat_ip' NAT='$nat_ip'
TIME='$TIME' TIME='$time'
DATE='$DATE'" > $VESTA/data/ips/$ip DATE='$date'" > $VESTA/data/ips/$ip
chmod 660 $VESTA/data/ips/$ip chmod 660 $VESTA/data/ips/$ip
# WEB support # WEB support
if [ ! -z "$WEB_SYSTEM" ]; then if [ ! -z "$WEB_SYSTEM" ]; then
web_conf="/etc/$WEB_SYSTEM/conf.d/$ip.conf" web_conf="/etc/$WEB_SYSTEM/conf.d/$ip.conf"
rm -f $web_conf
if [ "$WEB_SYSTEM" = 'httpd' ] || [ "$WEB_SYSTEM" = 'apache2' ]; then if [ "$WEB_SYSTEM" = 'httpd' ] || [ "$WEB_SYSTEM" = 'apache2' ]; then
if [ -z "$(/usr/sbin/apachectl -v | grep Apache/2.4)" ]; then
echo "NameVirtualHost $ip:$WEB_PORT" > $web_conf echo "NameVirtualHost $ip:$WEB_PORT" > $web_conf
fi
echo "Listen $ip:$WEB_PORT" >> $web_conf echo "Listen $ip:$WEB_PORT" >> $web_conf
fi fi
if [ "$WEB_SSL" = 'mod_ssl' ]; then if [ "$WEB_SSL" = 'mod_ssl' ]; then
if [ -z "$(/usr/sbin/apachectl -v | grep Apache/2.4)" ]; then
echo "NameVirtualHost $ip:$WEB_SSL_PORT" >> $web_conf echo "NameVirtualHost $ip:$WEB_SSL_PORT" >> $web_conf
fi
echo "Listen $ip:$WEB_SSL_PORT" >> $web_conf echo "Listen $ip:$WEB_SSL_PORT" >> $web_conf
fi fi
fi fi
@ -128,6 +142,14 @@ if [ ! -z "$PROXY_SYSTEM" ]; then
rpaf_str="$rpaf_str $ip" rpaf_str="$rpaf_str $ip"
sed -i "s/.*RPAFproxy_ips.*/$rpaf_str/" $rpaf_conf sed -i "s/.*RPAFproxy_ips.*/$rpaf_str/" $rpaf_conf
fi fi
#mod_remoteip
remoteip_conf="/etc/$WEB_SYSTEM/mods-enabled/remoteip.conf"
if [ -e "$remoteip_conf" ]; then
if [ $( grep -ic "$ip" $remoteip_conf ) -eq 0 ]; then
sed -i "s/<\/IfModule>/RemoteIPInternalProxy $ip\n<\/IfModule>/g" $remoteip_conf
fi
fi
fi fi
@ -150,18 +172,23 @@ else
increase_user_value 'admin' '$IP_AVAIL' increase_user_value 'admin' '$IP_AVAIL'
fi fi
# Restart web server # Restarting web server
$BIN/v-restart-web $BIN/v-restart-web
if [ $? -ne 0 ]; then check_result $? "Web restart failed" >/dev/null
exit $E_RESTART
fi # Restarting proxy server
if [ ! -z "$PROXY_SYSTEM" ]; then
$BIN/v-restart-proxy $BIN/v-restart-proxy
if [ $? -ne 0 ]; then check_result $? "Proxy restart failed" >/dev/null
exit $E_RESTART fi
# Restarting firewall
if [ ! -z "$FIREWALL_SYSTEM" ]; then
$BIN/v-update-firewall
fi fi
# Logging # Logging
log_history "added system ip address $ip" '' 'admin' log_history "added system ip address $ip" '' 'admin'
log_event "$OK" "$EVENT" log_event "$OK" "$ARGUMENTS"
exit exit

64
bin/v-add-sys-quota
View file

@ -1,8 +1,8 @@
#!/bin/bash #!/bin/bash
# info: add system quota # info: add system quota
# opions: NONE # options: NONE
# #
# The script enables filesystem quota on /home patition # The script enables filesystem quota on /home partition
#----------------------------------------------------------# #----------------------------------------------------------#
@ -19,21 +19,15 @@ source $VESTA/conf/vesta.conf
#----------------------------------------------------------# #----------------------------------------------------------#
# Checking quota package # Checking quota package
if [ ! -e "/usr/sbin/setquota" ]; then quota=$(which --skip-alias --skip-functions quota 2>/dev/null)
if [ -e "/etc/redhat-release" ]; then if [ $? -ne 0 ]; then
if [ -d "/etc/sysconfig" ]; then
yum -y install quota >/dev/null 2>&1 yum -y install quota >/dev/null 2>&1
result=$? check_result $? "quota package installation failed" $E_UPDATE
else else
export DEBIAN_FRONTEND=noninteractive export DEBIAN_FRONTEND=noninteractive
apt-get -y install quota >/dev/null 2>&1 apt-get -y install quota >/dev/null 2>&1
result=$? check_result $? "quota package installation failed" $E_UPDATE
fi
# Checking installation status
if [ "$result" -ne 0 ]; then
echo "Error: quota package wasn't successfully installed"
log_event "$E_UPDATE" "$EVENT"
exit $E_UPDATE
fi fi
fi fi
@ -42,38 +36,38 @@ fi
# Action # # Action #
#----------------------------------------------------------# #----------------------------------------------------------#
# Adding usrquota option on /home partition # Adding group and user quota on /home partition
mnt=$(df -P /home | awk '{print $6}' | tail -n1) mnt=$(df -P /home | awk '{print $6}' | tail -n1)
lnr=$(cat -n /etc/fstab |awk '{print $1,$3}' |grep "$mnt$" |cut -f 1 -d ' ') lnr=$(cat -n /etc/fstab | grep -v "#" | awk '{print $1,$3}' | grep "$mnt$" | cut -f 1 -d ' ')
options=$(sed -n ${lnr}p /etc/fstab |awk '{print $4}') opt=$(sed -n ${lnr}p /etc/fstab | awk '{print $4}')
if [ -z "$(echo $options |grep usrquota)" ]; then fnd='usrquota\|grpquota\|usrjquota=aquota.user\|grpjquota=aquota.group\|jqfmt=vfsv0'
sed -i "$lnr s/$options/$options,usrquota/" /etc/fstab if [ $(echo $opt | tr ',' '\n' | grep -x $fnd | wc -l) -ne 5 ]; then
old=$(echo $(echo $opt | tr ',' '\n' | grep -v 'usrquota\|grpquota\|usrjquota=\|grpjquota=\|jqfmt=') | tr ' ' ',')
new='usrquota,grpquota,usrjquota=aquota.user,grpjquota=aquota.group,jqfmt=vfsv0'
sed -i "$lnr s/$opt/$old,$new/" /etc/fstab
mount -o remount $mnt mount -o remount $mnt
fi fi
# Adding aquota.user file # Adding v2 group and user quota index
if [ ! -e "$mnt/aquota.user" ]; then if [ ! -e "$mnt/aquota.user" ] || [ ! -e "$mnt/aquota.group" ]; then
quotacheck -cu $mnt >/dev/null 2>&1 quotacheck -avcugm >/dev/null 2>&1
fi fi
# Building fs quota index # Adding quotacheck on reboot
quotacheck -um $mnt touch /forcequotacheck
# Adding weekly cron job # Adding cron job
echo "quotacheck -um $mnt" > /etc/cron.daily/quotacheck echo '#!/bin/bash' > /etc/cron.daily/quotacheck
echo 'touch /forcequotacheck' >> /etc/cron.daily/quotacheck
chmod a+x /etc/cron.daily/quotacheck chmod a+x /etc/cron.daily/quotacheck
# Enabling fs quota # Enabling group and user quota
if [ ! -z "$(quotaon -pa|grep " $mnt "|grep user|grep 'off')" ]; then if [ ! -z "$(quotaon -pa | grep " $mnt " | grep 'user\|group' | grep 'is off')" ]; then
quotaon $mnt quotaon -v $mnt
if [ $? -ne 0 ]; then check_result $? "quota can't be enabled in $mnt" $E_DISK
echo "Error: quota can't be enabled on $mnt partition"
log_event "$E_DISK" "$EVENT"
exit $E_DISK
fi
fi fi
# Updating DISK_QUOTA value # Updating vesta.conf value
if [ -z "$(grep DISK_QUOTA $VESTA/conf/vesta.conf)" ]; then if [ -z "$(grep DISK_QUOTA $VESTA/conf/vesta.conf)" ]; then
echo "DISK_QUOTA='yes'" >> $VESTA/conf/vesta.conf echo "DISK_QUOTA='yes'" >> $VESTA/conf/vesta.conf
else else
@ -91,6 +85,6 @@ done
#----------------------------------------------------------# #----------------------------------------------------------#
# Logging # Logging
log_event "$OK" "$EVENT" log_event "$OK" "$ARGUMENTS"
exit exit

106
bin/v-add-sys-sftp-jail Executable file
View file

@ -0,0 +1,106 @@
#!/bin/bash
# info: add system sftp jail
# options: NONE
#
# The script enables sftp jailed environment
#----------------------------------------------------------#
# Variable&Function #
#----------------------------------------------------------#
# Importing system environment as we run this script
# mostly by cron which do not read it by itself
source /etc/profile
# Includes
source $VESTA/func/main.sh
source $VESTA/conf/vesta.conf
#----------------------------------------------------------#
# Verifications #
#----------------------------------------------------------#
if [ -z "$SFTPJAIL_KEY" ]; then
exit
fi
#----------------------------------------------------------#
# Action #
#----------------------------------------------------------#
# Checking sshd directives
config='/etc/ssh/sshd_config'
sftp_n=$(grep -n "Subsystem.*sftp" $config |grep -v internal |grep -v ":#")
sftp_i=$(grep -n "Subsystem.*sftp" $config |grep internal |grep -v ":#")
# Disabling normal sftp
if [ ! -z "$sftp_n" ]; then
fline=$(echo $sftp_n |cut -f 1 -d :)
sed -i "${fline}s/Subsystem.*sftp/#Subsystem sftp/" $config
restart='yes'
fi
# Enabling jailed sftp
if [ -z "$sftp_i" ]; then
echo " " >> $config
echo "Subsystem sftp internal-sftp" >> $config
echo "Match Group sftp-only" >> $config
echo "ChrootDirectory /chroot/%u" >> $config
echo " AllowTCPForwarding no" >> $config
echo " X11Forwarding no" >> $config
echo " ForceCommand internal-sftp" >> $config
restart='yes'
fi
# Validating opensshd config
if [ "$restart" = 'yes' ]; then
subj="OpenSSH restart failed"
email=$(grep CONTACT $VESTA/data/users/admin/user.conf |cut -f 2 -d \')
/usr/sbin/sshd -t >/dev/null 2>&1
if [ "$?" -ne 0 ]; then
mail_text="OpenSSH can not be restarted. Please check config:
\n\n$(/usr/sbin/sshd -t)"
echo -e "$mail_text" |$SENDMAIL -s "$subj" $email
else
service ssh restart >/dev/null 2>&1
service sshd restart >/dev/null 2>&1
fi
fi
# Adding sftp group
groupadd sftp-only 2>/dev/null
# Checking users
shells="rssh|nologin"
for user in $(grep "$HOMEDIR" /etc/passwd |egrep "$shells" |cut -f 1 -d:); do
$BIN/v-add-user-sftp-jail $user
done
# Adding v-add-sys-sftp-jail to startup
if [ -e "/etc/rc.local" ]; then
check_sftp=$(grep $0 /etc/rc.local)
check_exit=$(grep ^exit /etc/rc.local)
if [ -z "$check_sftp" ]; then
if [ -z "$check_exit" ]; then
echo "$BIN/v-add-sys-sftp-jail" >> /etc/rc.local
else
sed -i "s|^exit|$BIN/v-add-sys-sftp-jail\nexit|" /etc/rc.local
fi
fi
chmod +x /etc/rc.local
else
echo "$BIN/v-add-sys-sftp-jail" > /etc/rc.local
chmod +x /etc/rc.local
fi
#----------------------------------------------------------#
# Vesta #
#----------------------------------------------------------#
# Logging
log_event "$OK" "$ARGUMENTS"
exit

117
bin/v-add-user
View file

@ -9,9 +9,9 @@
# Variable&Function # # Variable&Function #
#----------------------------------------------------------# #----------------------------------------------------------#
# Argument defenition # Argument definition
user=$1 user=$1
password=$2 password=$2; HIDE=2
email=$3 email=$3
package=${4-default} package=${4-default}
fname=$5 fname=$5
@ -21,16 +21,10 @@ lname=$6
source $VESTA/func/main.sh source $VESTA/func/main.sh
source $VESTA/conf/vesta.conf source $VESTA/conf/vesta.conf
# Hiding password
A2='******'
EVENT="$DATE $TIME $SCRIPT $A1 $A2 $A3 $A4 $A5 $A6 $A7 $A8 $A9"
is_user_free() { is_user_free() {
check_sysuser=$(cut -f 1 -d : /etc/passwd | grep -w "$user" ) check_sysuser=$(cut -f 1 -d : /etc/passwd | grep "^$user$" )
if [ ! -z "$check_sysuser" ] || [ -e "$USER_DATA" ]; then if [ ! -z "$check_sysuser" ] || [ -e "$USER_DATA" ]; then
echo "Error: user $user exist" check_result $E_EXISTS "user $user exists"
log_event "$E_EXISTS" "$EVENT"
exit $E_EXISTS
fi fi
} }
@ -40,12 +34,12 @@ is_user_free() {
#----------------------------------------------------------# #----------------------------------------------------------#
check_args '3' "$#" 'USER PASSWORD EMAIL [PACKAGE] [FNAME] [LNAME]' check_args '3' "$#" 'USER PASSWORD EMAIL [PACKAGE] [FNAME] [LNAME]'
validate_format 'user' 'password' 'email' 'package' is_format_valid 'user' 'email' 'package'
if [ ! -z "$fname" ]; then if [ ! -z "$fname" ]; then
validate_format 'fname' 'lname' is_format_valid 'fname' 'lname'
fi fi
is_user_free "$user" is_user_free "$user"
is_password_valid
is_package_valid is_package_valid
@ -54,7 +48,7 @@ is_package_valid
#----------------------------------------------------------# #----------------------------------------------------------#
# Parsing package data # Parsing package data
pkg_data=$(cat $VESTA/data/packages/$package.pkg |grep -v TIME |grep -v DATE) pkg_data=$(cat $VESTA/data/packages/$package.pkg |egrep -v "TIME|DATE")
# Checking shell # Checking shell
shell_conf=$(echo "$pkg_data" | grep 'SHELL' | cut -f 2 -d \') shell_conf=$(echo "$pkg_data" | grep 'SHELL' | cut -f 2 -d \')
@ -62,11 +56,7 @@ shell=$(grep -w "$shell_conf" /etc/shells |head -n1)
# Adding user # Adding user
/usr/sbin/useradd "$user" -s "$shell" -c "$email" -m -d "$HOMEDIR/$user" /usr/sbin/useradd "$user" -s "$shell" -c "$email" -m -d "$HOMEDIR/$user"
if [ $? -ne 0 ]; then check_result $? "user creation failed" $E_INVALID
echo "Error: user creation failed"
log_event "$E_INVALID" "$EVENT"
exit $E_INVALID
fi
# Adding password # Adding password
echo "$user:$password" | /usr/sbin/chpasswd echo "$user:$password" | /usr/sbin/chpasswd
@ -75,21 +65,16 @@ echo "$user:$password" | /usr/sbin/chpasswd
mkdir $HOMEDIR/$user/conf mkdir $HOMEDIR/$user/conf
if [ ! -z "$WEB_SYSTEM" ]; then if [ ! -z "$WEB_SYSTEM" ]; then
mkdir $HOMEDIR/$user/conf/web mkdir $HOMEDIR/$user/conf/web $HOMEDIR/$user/web $HOMEDIR/$user/tmp
mkdir $HOMEDIR/$user/web
mkdir $HOMEDIR/$user/tmp
chmod 751 $HOMEDIR/$user/conf/web chmod 751 $HOMEDIR/$user/conf/web
chmod 751 $HOMEDIR/$user/web chmod 700 $HOMEDIR/$user/tmp
chmod 771 $HOMEDIR/$user/tmp chown $user:$user $HOMEDIR/$user/web $HOMEDIR/$user/tmp
chown $user:$user $HOMEDIR/$user/web
chown $user:$user $HOMEDIR/$user/tmp
fi fi
if [ ! -z "$MAIL_SYSTEM" ]; then if [ ! -z "$MAIL_SYSTEM" ]; then
mkdir $HOMEDIR/$user/conf/mail mkdir $HOMEDIR/$user/conf/mail $HOMEDIR/$user/mail
mkdir $HOMEDIR/$user/mail
chmod 751 $HOMEDIR/$user/mail chmod 751 $HOMEDIR/$user/mail
chmod 751 $HOMEDIR/$user/conf/mail chmod 755 $HOMEDIR/$user/conf/mail
fi fi
if [ ! -z "$DNS_SYSTEM" ]; then if [ ! -z "$DNS_SYSTEM" ]; then
@ -107,54 +92,51 @@ chattr +i $HOMEDIR/$user/conf
#----------------------------------------------------------# #----------------------------------------------------------#
# Adding user dir # Adding user dir
mkdir $USER_DATA mkdir -p $USER_DATA/ssl $USER_DATA/dns $USER_DATA/mail
chmod 770 $USER_DATA
# Creating configuration files and pipes # Creating configuration files and pipes
touch $USER_DATA/backup.conf touch $USER_DATA/backup.conf \
chmod 660 $USER_DATA/backup.conf $USER_DATA/history.log \
touch $USER_DATA/history.log $USER_DATA/stats.log \
chmod 660 $USER_DATA/history.log $USER_DATA/web.conf \
touch $USER_DATA/stats.log $USER_DATA/dns.conf \
chmod 660 $USER_DATA/stats.log $USER_DATA/mail.conf \
$USER_DATA/db.conf \
$USER_DATA/cron.conf
chmod 770 $USER_DATA \
$USER_DATA/ssl \
$USER_DATA/dns \
$USER_DATA/mail
chmod 660 $USER_DATA/backup.conf \
$USER_DATA/history.log \
$USER_DATA/stats.log \
$USER_DATA/web.conf \
$USER_DATA/dns.conf \
$USER_DATA/mail.conf \
$USER_DATA/db.conf \
$USER_DATA/cron.conf
# Updating queue pipes
echo "$BIN/v-update-user-disk $user" >> $VESTA/data/queue/disk.pipe echo "$BIN/v-update-user-disk $user" >> $VESTA/data/queue/disk.pipe
if [ ! -z "$WEB_SYSTEM" ]; then if [ ! -z "$WEB_SYSTEM" ]; then
mkdir $USER_DATA/ssl
chmod 770 $USER_DATA/ssl
touch $USER_DATA/web.conf
chmod 660 $USER_DATA/web.conf
echo "$BIN/v-update-web-domains-traff $user" \ echo "$BIN/v-update-web-domains-traff $user" \
>> $VESTA/data/queue/traffic.pipe >> $VESTA/data/queue/traffic.pipe
echo "$BIN/v-update-web-domains-disk $user" >> $VESTA/data/queue/disk.pipe echo "$BIN/v-update-web-domains-disk $user" >> $VESTA/data/queue/disk.pipe
fi fi
if [ ! -z "$DNS_SYSTEM" ]; then
mkdir $USER_DATA/dns
chmod 770 $USER_DATA/dns
touch $USER_DATA/dns.conf
chmod 660 $USER_DATA/dns.conf
fi
if [ ! -z "$MAIL_SYSTEM" ]; then if [ ! -z "$MAIL_SYSTEM" ]; then
mkdir $USER_DATA/mail
chmod 770 $USER_DATA/mail
touch $USER_DATA/mail.conf
chmod 660 $USER_DATA/mail.conf
echo "$BIN/v-update-mail-domains-disk $user" >> $VESTA/data/queue/disk.pipe echo "$BIN/v-update-mail-domains-disk $user" >> $VESTA/data/queue/disk.pipe
fi fi
if [ ! -z "$DB_SYSTEM" ]; then if [ ! -z "$DB_SYSTEM" ]; then
touch $USER_DATA/db.conf
chmod 660 $USER_DATA/db.conf
echo "$BIN/v-update-databases-disk $user" >> $VESTA/data/queue/disk.pipe echo "$BIN/v-update-databases-disk $user" >> $VESTA/data/queue/disk.pipe
fi fi
if [ ! -z "$CRON_SYSTEM" ]; then # Generating timestamp
touch $USER_DATA/cron.conf time_n_date=$(date +'%T %F')
chmod 660 $USER_DATA/cron.conf time=$(echo "$time_n_date" |cut -f 1 -d \ )
fi date=$(echo "$time_n_date" |cut -f 2 -d \ )
# Filling user config # Filling user config
if [ "$user" != 'admin' ]; then if [ "$user" != 'admin' ]; then
@ -172,7 +154,7 @@ $pkg_data
CONTACT='$email' CONTACT='$email'
CRON_REPORTS='yes' CRON_REPORTS='yes'
MD5='$(awk -v user=$user -F : 'user == $1 {print $2}' /etc/shadow)' MD5='$(awk -v user=$user -F : 'user == $1 {print $2}' /etc/shadow)'
RKEY='$(gen_password)' RKEY='$(generate_password)'
SUSPENDED='no' SUSPENDED='no'
SUSPENDED_USERS='0' SUSPENDED_USERS='0'
SUSPENDED_WEB='0' SUSPENDED_WEB='0'
@ -201,13 +183,13 @@ U_DATABASES='0'
U_CRON_JOBS='0' U_CRON_JOBS='0'
U_BACKUPS='0' U_BACKUPS='0'
LANGUAGE='' LANGUAGE=''
TIME='$TIME' NOTIFICATIONS='no'
DATE='$DATE'" > $USER_DATA/user.conf TIME='$time'
DATE='$date'" > $USER_DATA/user.conf
chmod 660 $USER_DATA/user.conf chmod 660 $USER_DATA/user.conf
# Updating quota # Updating quota
if [ "$DISK_QUOTA" = 'yes' ]; then if [ "$DISK_QUOTA" = 'yes' ]; then
echo "Setting quota"
$BIN/v-update-user-quota "$user" $BIN/v-update-user-quota "$user"
fi fi
@ -221,8 +203,13 @@ if [ -x "$VESTA/data/packages/$package.sh" ]; then
$VESTA/data/packages/$package.sh "$user" "$email" "$fname" "$lname" $VESTA/data/packages/$package.sh "$user" "$email" "$fname" "$lname"
fi fi
# Adding jailed sftp env
if [ ! -z "$SFTPJAIL_KEY" ]; then
$BIN/v-add-user-sftp-jail $user
fi
# Logging # Logging
log_history "added system user $user" '' 'admin' log_history "added system user $user" '' 'admin'
log_event "$OK" "$EVENT" log_event "$OK" "$ARGUMENTS"
exit exit

125
bin/v-add-user-favourites Executable file
View file

@ -0,0 +1,125 @@
#!/bin/bash
# info: adding user favourites
# options: USER SYSTEM OBJECT
#
# The function adds object to users favourites
#----------------------------------------------------------#
# Variable&Function #
#----------------------------------------------------------#
# Argument definition
user=$1
system=$(echo "$2" |tr '[:lower:]' '[:upper:]')
object=$3
email=$3
id=$3
# Includes
source $VESTA/func/main.sh
source $VESTA/conf/vesta.conf
#----------------------------------------------------------#
# Verifications #
#----------------------------------------------------------#
check_args '3' "$#" 'USER SYSTEM OBJECT'
is_format_valid 'user' 'system'
case $system in
MAIL_ACC) is_format_valid 'email' ;;
CRON) is_format_valid 'id' ;;
DNS_REC) is_format_valid 'id' ;;
*) is_format_valid 'object'
esac
is_object_valid 'user' 'USER' "$user"
is_object_unsuspended 'user' 'USER' "$user"
# Checking system
case $system in
USER) check='ok' ;;
WEB) check='ok' ;;
DNS) check='ok' ;;
DNS_REC) check='ok' ;;
MAIL) check='ok' ;;
MAIL_ACC) check='ok' ;;
DB) check='ok' ;;
CRON) check='ok' ;;
BACKUP) check='ok' ;;
IP) check='ok' ;;
PACKAGE) check='ok' ;;
FIREWALL) check='ok' ;;
*) check_args '2' '0' 'USER SYSTEM OBJECT'
esac
#----------------------------------------------------------#
# Action #
#----------------------------------------------------------#
# Flushing vars
USER=''
WEB=''
DNS=''
DNS_REC=''
MAIL=''
MAIL_ACC=''
DB=''
CRON=''
BACKUP=''
IP=''
PACKAGE=''
FIREWALL=''
# Creating config just in case
touch $USER_DATA/favourites.conf
# Reading current values
source $USER_DATA/favourites.conf
# Assigning current system value
eval value=\$$system
# Checking if object is new
check_fav=$(echo "$value" |tr ',' '\n'| grep "^$object$")
if [ ! -z "$check_fav" ]; then
exit 0
fi
# Adding object to favorites
if [ -z "$value" ]; then
value="$object"
else
value="$value,$object"
fi
# Updating sytem
eval $system=$value
# Updating user favorites
echo "USER='$USER'
WEB='$WEB'
DNS='$DNS'
DNS_REC='$DNS_REC'
MAIL='$MAIL'
MAIL_ACC='$MAIL_ACC'
DB='$DB'
CRON='$CRON'
BACKUP='$BACKUP'
IP='$IP'
PACKAGE='$PACKAGE'
FIREWALL='$FIREWALL'" > $USER_DATA/favourites.conf
# Changing file permission
chmod 640 $USER_DATA/favourites.conf
#----------------------------------------------------------#
# Vesta #
#----------------------------------------------------------#
# Logging
log_history "added starred $object in $system listing"
log_event "$OK" "$ARGUMENTS"
exit

76
bin/v-add-user-notification Executable file
View file

@ -0,0 +1,76 @@
#!/bin/bash
# info: add user notification
# options: USER TOPIC NOTICE [TYPE]
#
# The function adds user notification.
#----------------------------------------------------------#
# Variable&Function #
#----------------------------------------------------------#
# Argument definition
user=$1
topic=$(echo $2 |sed "s/'/%quote%/g")
notice=$(echo $3 |sed "s/'/%quote%/g")
type=$4
# Includes
source $VESTA/func/main.sh
source $VESTA/conf/vesta.conf
#----------------------------------------------------------#
# Verifications #
#----------------------------------------------------------#
check_args '2' "$#" 'USER TOPIC NOTICE [TYPE]'
is_format_valid 'user' 'topic' 'notice'
is_object_valid 'user' 'USER' "$user"
#----------------------------------------------------------#
# Action #
#----------------------------------------------------------#
# Defining notification id
if [ -e "$USER_DATA/notifications.conf" ]; then
nid=$(grep "NID=" $USER_DATA/notifications.conf |cut -f 2 -d \')
nid=$(echo "$nid" |sort -n |tail -n1)
if [ ! -z "$nid" ]; then
nid="$((nid +1))"
else
nid=1
fi
else
nid=1
fi
# Generating timestamp
time_n_date=$(date +'%T %F')
time=$(echo "$time_n_date" |cut -f 1 -d \ )
date=$(echo "$time_n_date" |cut -f 2 -d \ )
# Concatenating string
str="NID='$nid' TOPIC='$topic' NOTICE='$notice' TYPE='$type'"
str="$str ACK='no' TIME='$time' DATE='$date'"
# Adding to config
echo "$str" >> $USER_DATA/notifications.conf
# Changing permissions
chmod 660 $USER_DATA/notifications.conf
#----------------------------------------------------------#
# Vesta #
#----------------------------------------------------------#
# Updating notification counter
if [ -z "$(grep NOTIFICATIONS $USER_DATA/user.conf)" ]; then
sed -i "s/^TIME/NOTIFICATIONS='yes'\nTIME/g" $USER_DATA/user.conf
else
update_user_value "$user" '$NOTIFICATIONS' "yes"
fi
exit

53
bin/v-add-user-package
View file

@ -9,7 +9,7 @@
# Variable&Function # # Variable&Function #
#----------------------------------------------------------# #----------------------------------------------------------#
# Argument defenition # Argument definition
pkg_dir=$1 pkg_dir=$1
package=$2 package=$2
rewrite=$3 rewrite=$3
@ -22,24 +22,47 @@ source $VESTA/conf/vesta.conf
is_package_new() { is_package_new() {
if [ -e "$VESTA/data/packages/$package.pkg" ]; then if [ -e "$VESTA/data/packages/$package.pkg" ]; then
echo "Error: package $package already exists." echo "Error: package $package already exists."
log_event "$E_EXISTS" "$EVENT" log_event "$E_EXISTS" "$ARGUMENTS"
exit $E_EXISTS exit $E_EXISTS
fi fi
} }
is_package_consistent() { is_package_consistent() {
source $pkg_dir/$package.pkg source $pkg_dir/$package.pkg
validate_format_int $WEB_DOMAINS 'WEB_DOMAINS' if [ "$WEB_DOMAINS" != 'unlimited' ]; then
validate_format_int $WEB_ALIASES 'WEB_ALIASES' is_int_format_valid $WEB_DOMAINS 'WEB_DOMAINS'
validate_format_int $DNS_DOMAINS 'DNS_DOMAINS' fi
validate_format_int $DNS_RECORDS 'DNS_RECORDS' if [ "$WEB_ALIASES" != 'unlimited' ]; then
validate_format_int $MAIL_DOMAINS 'MAIL_DOMAINS' is_int_format_valid $WEB_ALIASES 'WEB_ALIASES'
validate_format_int $MAIL_ACCOUNTS 'MAIL_ACCOUNTS' fi
validate_format_int $DATABASES 'DATABASES' if [ "$DNS_DOMAINS" != 'unlimited' ]; then
validate_format_int $CRON_JOBS 'CRON_JOBS' is_int_format_valid $DNS_DOMAINS 'DNS_DOMAINS'
validate_format_int $DISK_QUOTA 'DISK_QUOTA' fi
validate_format_int $BACKUPS 'BACKUPS' if [ "$DNS_RECORDS" != 'unlimited' ]; then
validate_format_shell $SHELL is_int_format_valid $DNS_RECORDS 'DNS_RECORDS'
fi
if [ "$MAIL_DOMAINS" != 'unlimited' ]; then
is_int_format_valid $MAIL_DOMAINS 'MAIL_DOMAINS'
fi
if [ "$MAIL_ACCOUNTS" != 'unlimited' ]; then
is_int_format_valid $MAIL_ACCOUNTS 'MAIL_ACCOUNTS'
fi
if [ "$DATABASES" != 'unlimited' ]; then
is_int_format_valid $DATABASES 'DATABASES'
fi
if [ "$CRON_JOBS" != 'unlimited' ]; then
is_int_format_valid $CRON_JOBS 'CRON_JOBS'
fi
if [ "$DISK_QUOTA" != 'unlimited' ]; then
is_int_format_valid $DISK_QUOTA 'DISK_QUOTA'
fi
if [ "$BANDWIDTH" != 'unlimited' ]; then
is_int_format_valid $BANDWIDTH 'BANDWIDTH'
fi
if [ "$BACKUPS" != 'unlimited' ]; then
is_int_format_valid $BACKUPS 'BACKUPS'
fi
is_format_valid_shell $SHELL
} }
@ -48,7 +71,7 @@ is_package_consistent() {
#----------------------------------------------------------# #----------------------------------------------------------#
check_args '2' "$#" 'PKG_DIR PACKAGE' 'rewrite' check_args '2' "$#" 'PKG_DIR PACKAGE' 'rewrite'
validate_format 'pkg_dir' 'package' is_format_valid 'pkg_dir' 'package'
if [ "$rewrite" != 'yes' ]; then if [ "$rewrite" != 'yes' ]; then
is_package_new is_package_new
fi fi
@ -74,6 +97,6 @@ if [ "$rewrite" != 'yes' ]; then
else else
log_history "updated user package $package" '' 'admin' log_history "updated user package $package" '' 'admin'
fi fi
log_event "$OK" "$EVENT" log_event "$OK" "$ARGUMENTS"
exit exit

66
bin/v-add-user-sftp-jail Executable file
View file

@ -0,0 +1,66 @@
#!/bin/bash
# info: add user sftp jail
# options: USER
#
# The script enables sftp jailed environment
#----------------------------------------------------------#
# Variable&Function #
#----------------------------------------------------------#
# Argument definition
user=$1
# Includes
source $VESTA/func/main.sh
source $VESTA/conf/vesta.conf
#----------------------------------------------------------#
# Verifications #
#----------------------------------------------------------#
check_args '1' "$#" 'USER'
is_format_valid 'user'
if [ -z "$SFTPJAIL_KEY" ]; then
exit
fi
user_str=$(grep "^$user:" /etc/passwd |egrep "rssh|nologin")
if [ -z "$user_str" ]; then
exit
fi
#----------------------------------------------------------#
# Action #
#----------------------------------------------------------#
# Defining user homedir
home="$(echo $user_str |cut -f 6 -d :)"
# Adding chroot directory
if [ ! -d "/chroot/$user/$home" ]; then
mkdir -p /chroot/$user/$home
chmod 750 /chroot/$user
chmod 775 /chroot/$user/$home
chown root:sftp-only /chroot/$user
chown $user:sftp-only /chroot/$user/$home
fi
# Adding user to sftp group
usermod -a -G sftp-only $user
# Mouting home directory
if [ -z "$(mount |grep /chroot/$user/$home)" ]; then
mount -o bind $home /chroot/$user/$home/
fi
#----------------------------------------------------------#
# Vesta #
#----------------------------------------------------------#
# Logging
log_event "$OK" "$ARGUMENTS"
exit

133
bin/v-add-vesta-softaculous Executable file
View file

@ -0,0 +1,133 @@
#!/bin/bash
# info: add vesta softaculous
# options: [TYPE]
#
# The script enables softaculous plugin
#----------------------------------------------------------#
# Variable&Function #
#----------------------------------------------------------#
TYPE=$1
# Includes
source /etc/profile
source $VESTA/func/main.sh
source $VESTA/conf/vesta.conf
#----------------------------------------------------------#
# Verifications #
#----------------------------------------------------------#
if [ "$TYPE" = 'WEB' ]; then
if [ ! -e "$VESTA/softaculous" ] && [ ! -e "$VESTA/ioncube" ]; then
$BIN/v-schedule-vesta-softaculous
exit
fi
else
cmd="v-add-vesta-softaculous"
check_cron=$(grep "$cmd" $VESTA/data/users/admin/cron.conf 2> /dev/null)
if [ ! -z "$check_cron" ]; then
eval $check_cron
$BIN/v-delete-cron-job admin $JOB
fi
fi
if [ "$SOFTACULOUS" = 'yes' ]; then
exit
fi
#----------------------------------------------------------#
# Action #
#----------------------------------------------------------#
# Cleaning yum cache
if [ -d "/etc/sysconfig" ]; then
yum -q clean all
yum="yum -q -y --noplugins --disablerepo=* --enablerepo=vesta"
else
export DEBIAN_FRONTEND=noninteractive
apt-get update -o Dir::Etc::sourcelist="sources.list.d/vesta.list" \
-o Dir::Etc::sourceparts="-" -o APT::Get::List-Cleanup="0" -qq
fi
# Updating php pacakge
if [ -z "$($VESTA/php/bin/php -v|grep 'PHP 5.6')" ]; then
if [ -d "/etc/sysconfig" ]; then
$yum -y update vesta-php
check_result $? "vesta-php package upgrade failed" $E_UPDATE
else
apt-get -y install vesta-php
check_result $? "vesta-php package upgrade failed" $E_UPDATE
fi
fi
# Adding vesta-ioncube package
if [ -d "/etc/sysconfig" ]; then
rpm -q vesta-ioncube >/dev/null 2>&1
if [ $? -ne 0 ]; then
$yum -y install vesta-ioncube >/dev/null 2>&1
check_result $? "vesta-ioncube package installation failed" $E_UPDATE
fi
else
dpkg -l vesta-ioncube |grep ^ii >/dev/null 2>&1
if [ $? -ne 0 ]; then
apt-get -y install vesta-ioncube >/dev/null 2>&1
check_result $? "vesta-ioncube package installation failed" $E_UPDATE
fi
fi
# Adding vesta-softaculous package
if [ -d "/etc/sysconfig" ]; then
rpm -q vesta-softaculous >/dev/null 2>&1
if [ $? -ne 0 ]; then
$yum -y install vesta-softaculous >/dev/null 2>&1
check_result $? "vesta-softaculous package installation failed" $E_UPDATE
fi
else
dpkg -l vesta-softaculous |grep ^ii >/dev/null 2>&1
if [ $? -ne 0 ]; then
apt-get -y install vesta-softaculous >/dev/null 2>&1
check_result $? "vesta-softaculous package installation failed" $E_UPDATE
fi
fi
# Installing softaculous
if [ ! -e "$VESTA/softaculous/vst_installed" ]; then
mkdir -p /var/softaculous
chown -R admin:admin /var/softaculous
cd $VESTA/softaculous
wget -q http://c.vestacp.com/3rdparty/softaculous_install.inc
$VESTA/php/bin/php softaculous_install.inc
check_result $? "vesta-softaculous package installation failed" $E_UPDATE
touch $VESTA/softaculous/vst_installed
fi
# Enabling symlink
if [ -e "$VESTA/disabled_plugins/softaculous" ]; then
if [ ! -e "$VESTA/web/softaculous" ]; then
mv $VESTA/disabled_plugins/softaculous $VESTA/web/softaculous
fi
fi
# Updating SOFTACULOUS value
if [ -z "$(grep SOFTACULOUS $VESTA/conf/vesta.conf)" ]; then
echo "SOFTACULOUS='yes'" >> $VESTA/conf/vesta.conf
else
sed -i "s/SOFTACULOUS.*/SOFTACULOUS='yes'/g" \
$VESTA/conf/vesta.conf
fi
#----------------------------------------------------------#
# Vesta #
#----------------------------------------------------------#
# Logging
log_event "$OK" "$ARGUMENTS"
exit

217
bin/v-add-web-domain
View file

@ -1,27 +1,28 @@
#!/bin/bash #!/bin/bash
# info: add web domain # info: add web domain
# options: USER DOMAIN IP [RESTART] # options: USER DOMAIN [IP] [ALIASES] [PROXY_EXTENSIONS] [RESTART]
# #
# The function adds virtual host to a server. In cases when a template is # The function adds virtual host to a server. In cases when ip is
# undefined in the script, the template "default" will be used. The alias of # undefined in the script, "default" template will be used. The alias of
# www.domain.tld type will be automatically assigned to the domain. If ip have # www.domain.tld type will be automatically assigned to the domain unless
# assocated dns name, this domain will also get the alias domain-tpl.$ipname. # "none" is transmited as argument. If ip have associated dns name, this
# An alias with the ip name is useful during the site testing while dns isn't # domain will also get the alias domain-tpl.$ipname. An alias with the ip
# moved to a server yet. # name is useful during the site testing while dns isn't moved to server yet.
#----------------------------------------------------------# #----------------------------------------------------------#
# Variable&Function # # Variable&Function #
#----------------------------------------------------------# #----------------------------------------------------------#
# Argument defenition
# Argument definition
user=$1 user=$1
domain=$(idn -t --quiet -u "$2" ) domain=$2
domain=$(echo $domain | sed -e 's/\.*$//g' -e 's/^\.*//g') domain_idn=$2
domain=$(echo $domain | tr '[:upper:]' '[:lower:]')
domain_idn=$(idn -t --quiet -a "$domain")
ip=$3 ip=$3
restart=$4 restart=$4 # will be moved to the end soon
aliases=$5
proxy_ext=$6
# Includes # Includes
source $VESTA/func/main.sh source $VESTA/func/main.sh
@ -29,61 +30,39 @@ source $VESTA/func/domain.sh
source $VESTA/func/ip.sh source $VESTA/func/ip.sh
source $VESTA/conf/vesta.conf source $VESTA/conf/vesta.conf
# Additional argument formatting
format_domain
format_domain_idn
format_aliases
#----------------------------------------------------------# #----------------------------------------------------------#
# Verifications # # Verifications #
#----------------------------------------------------------# #----------------------------------------------------------#
check_args '3' "$#" 'USER DOMAIN IP [RESTART]'
validate_format 'user' 'domain' 'ip'
is_system_enabled "$WEB_SYSTEM" 'WEB_SYSTEM' is_system_enabled "$WEB_SYSTEM" 'WEB_SYSTEM'
check_args '2' "$#" 'USER DOMAIN [IP] [RESTART] [ALIASES] [PROXY_EXTENSIONS]'
is_format_valid 'user' 'domain' 'aliases' 'ip' 'proxy_ext'
is_object_valid 'user' 'USER' "$user" is_object_valid 'user' 'USER' "$user"
is_object_unsuspended 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user"
is_domain_new 'web' is_package_full 'WEB_DOMAINS' 'WEB_ALIASES'
is_ip_valid is_domain_new 'web' "$domain,$aliases"
is_ip_avalable is_dir_symlink $HOMEDIR/$user/web
is_package_full 'WEB_DOMAINS' if [ ! -z "$ip" ]; then
is_ip_valid "$ip" "$user"
template=$(get_user_value '$WEB_TEMPLATE') else
is_web_template_valid get_user_ip
fi
#----------------------------------------------------------# #----------------------------------------------------------#
# Action # # Action #
#----------------------------------------------------------# #----------------------------------------------------------#
# Define real ip in case of NAT # Reading user values
IP=$ip source $USER_DATA/user.conf
ip=$(get_real_ip $ip)
# Defining domain aliases # Creating domain directories
ip_name=$(get_ip_name)
ip_name_idn=$(idn -t --quiet -a "$ip_name")
domain_alias="www.$domain"
domain_alias_idn="www.$domain_idn"
if [ ! -z "$ip_name" ]; then
domain_alias_dash="${domain//./-}.$ip_name"
domain_alias_dash_idn="${domain_idn//./-}.$ip_name_idn"
aliases="$domain_alias,$domain_alias_dash"
aliases_idn="$domain_alias_idn,$domain_alias_dash_idn"
alias_string="ServerAlias $domain_alias_idn $domain_alias_dash_idn"
else
aliases="$domain_alias"
aliases_idn="$domain_alias_idn"
alias_string="ServerAlias $domain_alias_idn"
fi
# Defining vars for add_config function
group="$user"
email="info@$domain"
docroot="$HOMEDIR/$user/web/$domain/public_html"
tpl_file="$WEBTPL/$WEB_SYSTEM/$template.tpl"
conf="$HOMEDIR/$user/conf/web/$WEB_SYSTEM.conf"
# Adding web config
add_web_config
# Building directory tree
mkdir -p $HOMEDIR/$user/web/$domain \ mkdir -p $HOMEDIR/$user/web/$domain \
$HOMEDIR/$user/web/$domain/public_html \ $HOMEDIR/$user/web/$domain/public_html \
$HOMEDIR/$user/web/$domain/public_shtml \ $HOMEDIR/$user/web/$domain/public_shtml \
@ -93,63 +72,74 @@ mkdir -p $HOMEDIR/$user/web/$domain \
$HOMEDIR/$user/web/$domain/stats \ $HOMEDIR/$user/web/$domain/stats \
$HOMEDIR/$user/web/$domain/logs $HOMEDIR/$user/web/$domain/logs
# Adding domain logs # Creating domain logs
touch /var/log/$WEB_SYSTEM/domains/$domain.bytes \ touch /var/log/$WEB_SYSTEM/domains/$domain.bytes \
/var/log/$WEB_SYSTEM/domains/$domain.log \ /var/log/$WEB_SYSTEM/domains/$domain.log \
/var/log/$WEB_SYSTEM/domains/$domain.error.log /var/log/$WEB_SYSTEM/domains/$domain.error.log
# Adding symlink for logs
ln -f -s /var/log/$WEB_SYSTEM/domains/$domain.*log \ ln -f -s /var/log/$WEB_SYSTEM/domains/$domain.*log \
$HOMEDIR/$user/web/$domain/logs/ $HOMEDIR/$user/web/$domain/logs/
# Adding domain skeleton # Adding domain skeleton
if [ -e "$WEBTPL/skel/public_html/" ]; then cp -r $WEBTPL/skel/* $HOMEDIR/$user/web/$domain/ >/dev/null 2>&1
cp -r $WEBTPL/skel/public_html/ $HOMEDIR/$user/web/$domain/
fi
if [ -e "$WEBTPL/skel/public_shtml/" ]; then
cp -r $WEBTPL/skel/public_shtml/ $HOMEDIR/$user/web/$domain/
fi
if [ -e "$WEBTPL/skel/document_errors/" ]; then
cp -r $WEBTPL/skel/document_errors/ $HOMEDIR/$user/web/$domain/
fi
if [ -e "$WEBTPL/skel/cgi-bin/" ]; then
cp -r $WEBTPL/skel/cgi-bin/ $HOMEDIR/$user/web/$domain/
fi
# Changing tpl values
for file in $(find "$HOMEDIR/$user/web/$domain/" -type f); do for file in $(find "$HOMEDIR/$user/web/$domain/" -type f); do
sed -i "s/%domain%/$domain/g" $file sed -i "s/%domain%/$domain/g" $file
done done
# Changing file owner # Changing file owner & permission
chown -R $user:$user $HOMEDIR/$user/web/$domain chown -R $user:$user $HOMEDIR/$user/web/$domain
chown root:$user /var/log/$WEB_SYSTEM/domains/$domain.* chown root:$user /var/log/$WEB_SYSTEM/domains/$domain.* $conf
chown root:$user $conf
# Changing file permissions
chmod 640 $conf
chmod 551 $HOMEDIR/$user/web/$domain
chmod 751 $HOMEDIR/$user/web/$domain/private
chmod 751 $HOMEDIR/$user/web/$domain/cgi-bin
chmod 751 $HOMEDIR/$user/web/$domain/public_html
chmod 751 $HOMEDIR/$user/web/$domain/public_shtml
chmod 751 $HOMEDIR/$user/web/$domain/document_errors
chmod -f -R 665 $HOMEDIR/$user/web/$domain/cgi-bin/*
chmod -f -R 665 $HOMEDIR/$user/web/$domain/public_html/*
chmod -f -R 665 $HOMEDIR/$user/web/$domain/document_errors/*
chmod 551 $HOMEDIR/$user/web/$domain/stats
chmod 551 $HOMEDIR/$user/web/$domain/logs
chmod 640 /var/log/$WEB_SYSTEM/domains/$domain.* chmod 640 /var/log/$WEB_SYSTEM/domains/$domain.*
chmod 751 $HOMEDIR/$user/web/$domain $HOMEDIR/$user/web/$domain/*
chmod 551 $HOMEDIR/$user/web/$domain/stats $HOMEDIR/$user/web/$domain/logs
chmod 644 $HOMEDIR/$user/web/$domain/public_*html/*
# Running template trigger # Addding PHP-FPM backend
if [ -x $WEBTPL/$WEB_SYSTEM/$template.sh ]; then if [ ! -z "$WEB_BACKEND" ]; then
$WEBTPL/$WEB_SYSTEM/$template.sh $user $domain $ip $HOMEDIR $docroot if [ -z "$BACKEND_TEMPLATE" ]; then
BACKEND_TEMPLATE='default'
if [ -z "$(grep BACKEND_TEMPLATE $USER_DATA/user.conf)" ]; then
sed -i "s/^DNS_TEMPL/BACKEND_TEMPLATE='default'\nDNS_TEMPL/g" \
$USER_DATA/user.conf
else
update_user_value "$user" '$BACKEND_TEMPLATE' "default"
fi
fi
$BIN/v-add-web-domain-backend "$user" "$domain" $BACKEND_TEMPLATE
check_result $? "Backend error" >/dev/null
fi fi
# Checking web config # Preparing domain aliases
web_conf="/etc/$WEB_SYSTEM/conf.d/vesta.conf" if [ "$aliases" = 'none' ]; then
if [ -z "$(grep $conf $web_conf)" ]; then ALIAS=''
echo "Include $conf" >> $web_conf else
ALIAS="www.$domain"
if [ -z "$aliases" ]; then
ALIAS="www.$domain"
else
ALIAS="$aliases"
fi
ip_alias=$(get_ip_alias $domain)
if [ ! -z "$ip_alias" ]; then
ALIAS="$ALIAS,$ip_alias"
fi
fi
# Preparing domain variables
prepare_web_domain_values
# Adding web server config
add_web_config "$WEB_SYSTEM" "$WEB_TEMPLATE.tpl"
# Adding proxy config
if [ ! -z "$PROXY_SYSTEM" ]; then
PROXY_EXT="$proxy_ext"
if [ -z "$proxy_ext" ]; then
PROXY_EXT="jpg,jpeg,gif,png,ico,svg,css,zip,tgz,gz,rar,bz2,doc,xls"
PROXY_EXT="$PROXY_EXT,exe,pdf,ppt,txt,odt,ods,odp,odf,tar,wav,bmp"
PROXY_EXT="$PROXY_EXT,rtf,js,mp3,avi,mpeg,flv,html,htm"
fi
add_web_config "$PROXY_SYSTEM" "$PROXY_TEMPLATE.tpl"
fi fi
@ -158,31 +148,32 @@ fi
#----------------------------------------------------------# #----------------------------------------------------------#
# Increasing counters # Increasing counters
increase_ip_value "$ip" increase_ip_value "$local_ip"
increase_user_value "$user" '$U_WEB_DOMAINS' increase_user_value "$user" '$U_WEB_DOMAINS'
increase_user_value "$user" '$U_WEB_ALIASES' increase_user_value "$user" '$U_WEB_ALIASES' "$alias_number"
# Defining domain variables # Generating timestamp
str="DOMAIN='$domain' IP='$IP' IP6='' ALIAS='$aliases' TPL='$template'" time_n_date=$(date +'%T %F')
str="$str SSL='no' SSL_HOME='same' FTP_USER='' FTP_MD5=''" time=$(echo "$time_n_date" |cut -f 1 -d \ )
str="$str PROXY='' PROXY_EXT='' STATS='' STATS_USER=''" date=$(echo "$time_n_date" |cut -f 2 -d \ )
str="$str STATS_CRYPT='' U_DISK='0' U_BANDWIDTH='0' SUSPENDED='no'"
str="$str TIME='$TIME' DATE='$DATE'"
# Registering domain # Adding domain in web.conf
echo "$str" >> $USER_DATA/web.conf echo "DOMAIN='$domain' IP='$ip' IP6='' ALIAS='$ALIAS' TPL='$WEB_TEMPLATE'\
chmod 660 $USER_DATA/web.conf SSL='no' SSL_HOME='same' LETSENCRYPT='no' FTP_USER='' FTP_MD5=''\
BACKEND='$BACKEND_TEMPLATE' PROXY='$PROXY_TEMPLATE' PROXY_EXT='$PROXY_EXT'\
STATS='' STATS_USER='' STATS_CRYPT='' U_DISK='0' U_BANDWIDTH='0'\
SUSPENDED='no' TIME='$time' DATE='$date'" >> $USER_DATA/web.conf
# Restart web server # Restarting web server
if [ "$restart" != 'no' ]; then $BIN/v-restart-web $restart
$BIN/v-restart-web check_result $? "Web restart failed" >/dev/null
if [ $? -ne 0 ]; then
exit $E_RESTART # Restarting proxy server
fi $BIN/v-restart-proxy $restart
fi check_result $? "Proxy restart failed" >/dev/null
# Logging # Logging
log_history "added web domain $domain" log_history "added web domain $domain"
log_event "$OK" "$EVENT" log_event "$OK" "$ARGUMENTS"
exit exit

98
bin/v-add-web-domain-alias
View file

@ -1,6 +1,6 @@
#!/bin/bash #!/bin/bash
# info: add web domain alias # info: add web domain alias
# options: USER DOMAIN ALIAS [RESTART] # options: USER DOMAIN ALIASES [RESTART]
# #
# The call is intended for adding aliases to a domain (it is also called # The call is intended for adding aliases to a domain (it is also called
# "domain parking"). The function supports wildcards *.domain.tpl. # "domain parking"). The function supports wildcards *.domain.tpl.
@ -10,15 +10,11 @@
# Variable&Function # # Variable&Function #
#----------------------------------------------------------# #----------------------------------------------------------#
# Argument defenition # Argument definition
user=$1 user=$1
domain=$(idn -t --quiet -u "$2" ) domain=$2
domain=$(echo $domain | tr '[:upper:]' '[:lower:]') domain_idn=$2
domain_idn=$(idn -t --quiet -a "$domain") aliases=$3
dom_alias=$(idn -t --quiet -u "$3" )
dom_alias=$(echo $dom_alias | sed -e 's/\.*$//g' -e 's/^\.*//g')
dom_alias=$(echo $dom_alias | tr '[:upper:]' '[:lower:]')
dom_alias_idn=$(idn -t --quiet -a "$dom_alias" )
restart="$4" restart="$4"
# Includes # Includes
@ -27,19 +23,25 @@ source $VESTA/func/domain.sh
source $VESTA/func/ip.sh source $VESTA/func/ip.sh
source $VESTA/conf/vesta.conf source $VESTA/conf/vesta.conf
# Additional argument formatting
format_domain
format_domain_idn
# TODO: $domain_idn not used in this script - maybe $domain should be converted to $doman_idn ?
format_aliases
#----------------------------------------------------------# #----------------------------------------------------------#
# Verifications # # Verifications #
#----------------------------------------------------------# #----------------------------------------------------------#
check_args '3' "$#" 'USER DOMAIN DOM_ALIAS [RESTART]' check_args '3' "$#" 'USER DOMAIN ALIASES [RESTART]'
validate_format 'user' 'domain' 'dom_alias' is_format_valid 'user' 'domain' 'dom_alias'
is_system_enabled "$WEB_SYSTEM" 'WEB_SYSTEM' is_system_enabled "$WEB_SYSTEM" 'WEB_SYSTEM'
is_object_valid 'user' 'USER' "$user" is_object_valid 'user' 'USER' "$user"
is_object_unsuspended 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user"
is_object_valid 'web' 'DOMAIN' "$domain" is_object_valid 'web' 'DOMAIN' "$domain"
is_object_unsuspended 'web' 'DOMAIN' "$domain" is_object_unsuspended 'web' 'DOMAIN' "$domain"
is_domain_new 'web' "$dom_alias" is_domain_new 'web' "$aliases"
is_package_full 'WEB_ALIASES' is_package_full 'WEB_ALIASES'
@ -49,43 +51,31 @@ is_package_full 'WEB_ALIASES'
# Parsing domain values # Parsing domain values
get_domain_values 'web' get_domain_values 'web'
tpl_file="$WEBTPL/$WEB_SYSTEM/$TPL.tpl"
conf="$HOMEDIR/$user/conf/web/$WEB_SYSTEM.conf"
ip=$(get_real_ip $IP)
# Parsing domain aliases
if [ -z "$ALIAS" ]; then
ALIAS="$dom_alias"
else
ALIAS="$ALIAS,$dom_alias"
fi
# Preparing domain values for the template substitution # Preparing domain values for the template substitution
upd_web_domain_values local_ip=$(get_real_ip $IP)
if [ -z "$ALIAS" ]; then
# Recreating vhost ALIAS="$aliases"
del_web_config else
add_web_config ALIAS="$ALIAS,$aliases"
fi
prepare_web_domain_values
# Rebuilding vhost
del_web_config "$WEB_SYSTEM" "$TPL.tpl"
add_web_config "$WEB_SYSTEM" "$TPL.tpl"
if [ "$SSL" = 'yes' ]; then if [ "$SSL" = 'yes' ]; then
tpl_file="$WEBTPL/$WEB_SYSTEM/$TPL.stpl" del_web_config "$WEB_SYSTEM" "$TPL.stpl"
conf="$HOMEDIR/$user/conf/web/s$WEB_SYSTEM.conf" add_web_config "$WEB_SYSTEM" "$TPL.stpl"
del_web_config
add_web_config
fi fi
# Checking proxy # Rebuilding proxy configuration
if [ ! -z "$PROXY" ]; then if [ ! -z "$PROXY_SYSTEM" ] && [ ! -z "$PROXY" ]; then
tpl_file="$WEBTPL/$PROXY_SYSTEM/$PROXY.tpl" del_web_config "$PROXY_SYSTEM" "$PROXY.tpl"
conf="$HOMEDIR/$user/conf/web/$PROXY_SYSTEM.conf" add_web_config "$PROXY_SYSTEM" "$PROXY.tpl"
del_web_config
add_web_config
if [ "$SSL" = 'yes' ]; then if [ "$SSL" = 'yes' ]; then
tpl_file="$WEBTPL/$PROXY_SYSTEM/$PROXY.stpl" del_web_config "$PROXY_SYSTEM" "$PROXY.stpl"
conf="$HOMEDIR/$user/conf/web/s$PROXY_SYSTEM.conf" add_web_config "$PROXY_SYSTEM" "$PROXY.stpl"
del_web_config
add_web_config
fi fi
fi fi
@ -96,24 +86,18 @@ fi
# Adding new alias # Adding new alias
update_object_value 'web' 'DOMAIN' "$domain" '$ALIAS' "$ALIAS" update_object_value 'web' 'DOMAIN' "$domain" '$ALIAS' "$ALIAS"
# Update counters
increase_user_value "$user" '$U_WEB_ALIASES' increase_user_value "$user" '$U_WEB_ALIASES'
# Adding task to the vesta pipe # Restarting web server
if [ "$restart" != 'no' ]; then $BIN/v-restart-web $restart
$BIN/v-restart-web check_result $? "Web restart failed" >/dev/null
if [ $? -ne 0 ]; then
exit $E_RESTART
fi
$BIN/v-restart-proxy # Restarting proxy server
if [ $? -ne 0 ]; then $BIN/v-restart-proxy $restart
exit $E_RESTART check_result $? "Proxy restart failed" >/dev/null
fi
fi
log_history "added $dom_alias as alias for $domain"
log_event "$OK" "$EVENT" log_history "added $aliases for $domain"
log_event "$OK" "$ARGUMENTS"
exit exit

77
bin/v-add-web-domain-backend Executable file
View file

@ -0,0 +1,77 @@
#!/bin/bash
# info: add web domain backend
# options: USER DOMAIN [TEMPLATE] [RESTART]
#
# The call is used for adding web backend configuration.
#----------------------------------------------------------#
# Variable&Function #
#----------------------------------------------------------#
# Argument definition
user=$1
domain=$2
template=${3-default}
restart=$4
# Includes
source $VESTA/func/main.sh
source $VESTA/func/domain.sh
source $VESTA/conf/vesta.conf
#----------------------------------------------------------#
# Verifications #
#----------------------------------------------------------#
check_args '2' "$#" 'USER DOMAIN [TEMPLATE] [RESTART]'
is_system_enabled "$WEB_BACKEND" 'WEB_BACKEND'
is_object_valid 'user' 'USER' "$user"
is_object_unsuspended 'user' 'USER' "$user"
is_backend_template_valid "$template"
#----------------------------------------------------------#
# Action #
#----------------------------------------------------------#
# Defining pool directory
prepare_web_backend
# Checking backend configuration
if [ -e "$pool/$backend_type.conf" ]; then
exit
fi
# Allocating backend port
backend_port=9000
ports=$(grep -v '^;' $pool/* 2>/dev/null |grep listen |grep -o :[0-9].*)
ports=$(echo "$ports" |sed "s/://" |sort -n)
for port in $ports; do
if [ "$backend_port" -eq "$port" ]; then
backend_port=$((backend_port + 1))
fi
done
# Adding backend config
cat $WEBTPL/$WEB_BACKEND/$template.tpl |\
sed -e "s|%backend_port%|$backend_port|" \
-e "s|%user%|$user|g"\
-e "s|%domain%|$domain|g"\
-e "s|%backend%|$backend_type|g" > $pool/$backend_type.conf
#----------------------------------------------------------#
# Vesta #
#----------------------------------------------------------#
# Restart backend server
$BIN/v-restart-web-backend $restart
check_result $? "Web backend restart failed" >/dev/null
# Logging
log_history "added $WEB_BACKEND backend configuration for $domain"
log_event "$OK" "$ARGUMENTS"
exit

39
bin/v-add-web-domain-ftp
View file

@ -9,12 +9,12 @@
# Variable&Function # # Variable&Function #
#----------------------------------------------------------# #----------------------------------------------------------#
# Argument defenition # Argument definition
user=$1 user=$1
domain=$(idn -t --quiet -u "$2" ) domain=$2
domain_idn=$(idn -t --quiet -a "$domain") domain_idn=$2
ftp_user=${1}_${3} ftp_user=${1}_${3}
ftp_password=$4 password=$4; HIDE=4
ftp_path=$5 ftp_path=$5
# Includes # Includes
@ -22,9 +22,10 @@ source $VESTA/func/main.sh
source $VESTA/func/domain.sh source $VESTA/func/domain.sh
source $VESTA/conf/vesta.conf source $VESTA/conf/vesta.conf
# Hiding password # Additional argument formatting
A4='******' format_domain
EVENT="$DATE $TIME $SCRIPT $A1 $A2 $A3 $A4 $A5 $A6 $A7 $A8 $A9" format_domain_idn
# TODO: $domain_idn not used in this script - maybe $domain should be converted to $doman_idn ?
#----------------------------------------------------------# #----------------------------------------------------------#
@ -32,7 +33,7 @@ EVENT="$DATE $TIME $SCRIPT $A1 $A2 $A3 $A4 $A5 $A6 $A7 $A8 $A9"
#----------------------------------------------------------# #----------------------------------------------------------#
check_args '4' "$#" 'USER DOMAIN FTP_USER FTP_PASSWORD [FTP_PATH]' check_args '4' "$#" 'USER DOMAIN FTP_USER FTP_PASSWORD [FTP_PATH]'
validate_format 'user' 'domain' 'ftp_user' 'ftp_password' is_format_valid 'user' 'domain' 'ftp_user'
is_system_enabled "$WEB_SYSTEM" 'WEB_SYSTEM' is_system_enabled "$WEB_SYSTEM" 'WEB_SYSTEM'
is_object_valid 'user' 'USER' "$user" is_object_valid 'user' 'USER' "$user"
is_object_unsuspended 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user"
@ -41,9 +42,10 @@ is_object_unsuspended 'web' 'DOMAIN' "$domain"
check_ftp_user=$(grep "^$ftp_user:" /etc/passwd) check_ftp_user=$(grep "^$ftp_user:" /etc/passwd)
if [ ! -z "$check_ftp_user" ] && [ "$FTP_USER" != "$ftp_user" ]; then if [ ! -z "$check_ftp_user" ] && [ "$FTP_USER" != "$ftp_user" ]; then
echo "Error: ftp user $ftp_user already exists" echo "Error: ftp user $ftp_user already exists"
log_event "$E_EXISTS" "$EVENT" log_event "$E_EXISTS" "$ARGUMENTS"
exit $E_EXISTS exit $E_EXISTS
fi fi
is_password_valid
#----------------------------------------------------------# #----------------------------------------------------------#
@ -54,12 +56,8 @@ fi
get_domain_values 'web' get_domain_values 'web'
# Defining ftp user shell # Defining ftp user shell
if [ -z "$FTP_SHELL" ]; then shell=$(which nologin)
shell='/sbin/nologin' if [ ! -z "$FTP_SHELL" ]; then
if [ -e "/usr/bin/rssh" ]; then
shell='/usr/bin/rssh'
fi
else
shell=$FTP_SHELL shell=$FTP_SHELL
fi fi
@ -71,7 +69,7 @@ else
ftp_path_a=$(readlink -f "$HOMEDIR/$user/web/$domain/$ftp_path") ftp_path_a=$(readlink -f "$HOMEDIR/$user/web/$domain/$ftp_path")
if [ -z "$(echo $ftp_path_a |grep $HOMEDIR/$user/web/$domain)" ]; then if [ -z "$(echo $ftp_path_a |grep $HOMEDIR/$user/web/$domain)" ]; then
echo "Error: absolute path $ftp_path_a is invalid" echo "Error: absolute path $ftp_path_a is invalid"
log_event "$E_INVALID" "$EVENT" log_event "$E_INVALID" "$ARGUMENTS"
exit $E_INVALID exit $E_INVALID
fi fi
# Creating ftp user home directory # Creating ftp user home directory
@ -90,9 +88,14 @@ fi
-M -d "$ftp_path_a" > /dev/null 2>&1 -M -d "$ftp_path_a" > /dev/null 2>&1
# Set ftp user password # Set ftp user password
echo "$ftp_user:$ftp_password" | /usr/sbin/chpasswd echo "$ftp_user:$password" | /usr/sbin/chpasswd
ftp_md5=$(awk -v user=$ftp_user -F : 'user == $1 {print $2}' /etc/shadow) ftp_md5=$(awk -v user=$ftp_user -F : 'user == $1 {print $2}' /etc/shadow)
# Adding jailed sftp env
if [ ! -z "$SFTPJAIL_KEY" ]; then
$BIN/v-add-user-sftp-jail $ftp_user
fi
#----------------------------------------------------------# #----------------------------------------------------------#
# Vesta # # Vesta #
@ -118,6 +121,6 @@ update_object_value 'web' 'DOMAIN' "$domain" '$FTP_PATH' "$ftp_path"
# Logging # Logging
log_history "added ftp account ${1}_${3}@$domain" log_history "added ftp account ${1}_${3}@$domain"
log_event "$OK" "$EVENT" log_event "$OK" "$ARGUMENTS"
exit exit

115
bin/v-add-web-domain-httpauth Executable file
View file

@ -0,0 +1,115 @@
#!/bin/bash
# info: add password protection for web domain
# options: USER DOMAIN AUTH_USER AUTH_PASSWORD [RESTART]
#
# The call is used for securing web domain with http auth
#----------------------------------------------------------#
# Variable&Function #
#----------------------------------------------------------#
# Argument definition
user=$1
domain=$2
auth_user=$3
password=$4; HIDE=4
restart=${5-yes}
# Includes
source $VESTA/func/main.sh
source $VESTA/func/domain.sh
source $VESTA/conf/vesta.conf
# Defining htpasswd file
htaccess="$HOMEDIR/$user/conf/web/$WEB_SYSTEM.$domain.conf_htaccess"
htpasswd="$HOMEDIR/$user/conf/web/$WEB_SYSTEM.$domain.htpasswd"
shtaccess="$HOMEDIR/$user/conf/web/s$WEB_SYSTEM.$domain.conf_htaccess"
shtpasswd="$HOMEDIR/$user/conf/web/s$WEB_SYSTEM.$domain.htpasswd"
docroot="$HOMEDIR/$user/web/$domain/public_html"
#----------------------------------------------------------#
# Verifications #
#----------------------------------------------------------#
check_args '4' "$#" 'USER DOMAIN AUTH_USER AUTH_PASSWORD [RESTART]'
is_format_valid 'user' 'domain'
is_system_enabled "$WEB_SYSTEM" 'WEB_SYSTEM'
is_object_valid 'user' 'USER' "$user"
is_object_unsuspended 'user' 'USER' "$user"
is_object_valid 'web' 'DOMAIN' "$domain"
is_object_unsuspended 'web' 'DOMAIN' "$domain"
is_password_valid
get_domain_values 'web'
if [ ! -z "$(echo "$AUTH_USER" |tr : '\n' |grep ^$auth_user$)" ]; then
echo "Error: auth user $auth_user already exists"
log_event "$E_EXISTS" "$ARGUMENTS"
exit $E_EXISTS
fi
#----------------------------------------------------------#
# Action #
#----------------------------------------------------------#
# Adding htaccess password protection
if [ ! -e "$htaccess" ]; then
if [ "$WEB_SYSTEM" != 'nginx' ]; then
echo "<Directory $docroot>" > $htaccess
echo " AuthUserFile $htpasswd" >> $htaccess
echo " AuthName \"$domain access\"" >> $htaccess
echo " AuthType Basic" >> $htaccess
echo " Require valid-user" >> $htaccess
echo "</Directory>" >> $htaccess
else
echo "auth_basic \"$domain password access\";" > $htaccess
echo "auth_basic_user_file $htpasswd;" >> $htaccess
fi
restart_required='yes'
fi
# Adding httpasswd user
auth_hash=$($BIN/v-generate-password-hash htpasswd htpasswd $password)
touch $htpasswd
chmod 640 $htpasswd $htaccess
chgrp $user $htpasswd $htaccess
sed -i "/^$auth_user:/d" $htpasswd
echo "$auth_user:$auth_hash" >> $htpasswd
# Symbolic link for secure web templates
if [ ! -L $shtpasswd ]; then
ln -s $htpasswd $shtpasswd
fi
if [ ! -L $shtaccess ]; then
ln -s $htaccess $shtaccess
fi
# Restarting web server
if [ "$restart" != 'no' ] && [ "$restart_required" = 'yes' ]; then
$BIN/v-restart-web
fi
#----------------------------------------------------------#
# Vesta #
#----------------------------------------------------------#
# Preparing web.conf keys
if [ ! -z "$AUTH_USER" ]; then
auth_user="$AUTH_USER:$auth_user"
auth_hash="$AUTH_HASH:$auth_hash"
else
# Adding new key into web.conf
add_object_key "web" 'DOMAIN' "$domain" 'AUTH_USER' 'U_DISK'
add_object_key "web" 'DOMAIN' "$domain" 'AUTH_HASH' 'U_DISK'
fi
# Updating config
update_object_value 'web' 'DOMAIN' "$domain" '$AUTH_USER' "$auth_user"
update_object_value 'web' 'DOMAIN' "$domain" '$AUTH_HASH' "$auth_hash"
# Logging
log_history "added http auth user $httpauth_user on $domain"
log_event "$OK" "$ARGUMENTS"
exit

63
bin/v-add-web-domain-proxy
View file

@ -10,10 +10,9 @@
# Variable&Function # # Variable&Function #
#----------------------------------------------------------# #----------------------------------------------------------#
# Argument defenition # Argument definition
user=$1 user=$1
domain=$(idn -t --quiet -u "$2" ) domain=$2
domain_idn=$(idn -t --quiet -a "$domain")
template=$3 template=$3
default_extentions="jpg,jpeg,gif,png,ico,svg,css,zip,tgz,gz,rar,bz2,doc,xls,\ default_extentions="jpg,jpeg,gif,png,ico,svg,css,zip,tgz,gz,rar,bz2,doc,xls,\
exe,pdf,ppt,txt,odt,ods,odp,odf,tar,wav,bmp,rtf,js,mp3,avi,mpeg,flv,html,htm" exe,pdf,ppt,txt,odt,ods,odp,odf,tar,wav,bmp,rtf,js,mp3,avi,mpeg,flv,html,htm"
@ -32,7 +31,7 @@ source $VESTA/conf/vesta.conf
#----------------------------------------------------------# #----------------------------------------------------------#
check_args '2' "$#" 'USER DOMAIN [TEMPLATE] [EXTENTIONS] [RESTART]' check_args '2' "$#" 'USER DOMAIN [TEMPLATE] [EXTENTIONS] [RESTART]'
validate_format 'user' 'domain' 'extentions' is_format_valid 'user' 'domain' 'extentions'
is_system_enabled "$PROXY_SYSTEM" 'PROXY_SYSTEM' is_system_enabled "$PROXY_SYSTEM" 'PROXY_SYSTEM'
is_object_valid 'user' 'USER' "$user" is_object_valid 'user' 'USER' "$user"
is_object_unsuspended 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user"
@ -42,7 +41,7 @@ is_object_value_empty 'web' 'DOMAIN' "$domain" '$PROXY'
if [ -z $template ]; then if [ -z $template ]; then
template=$(get_user_value '$PROXY_TEMPLATE') template=$(get_user_value '$PROXY_TEMPLATE')
fi fi
is_proxy_template_valid is_proxy_template_valid $template
#----------------------------------------------------------# #----------------------------------------------------------#
@ -51,44 +50,16 @@ is_proxy_template_valid
# Defining domain parameters # Defining domain parameters
get_domain_values 'web' get_domain_values 'web'
PROXY="$template" prepare_web_domain_values
PROXY_EXT="$extentions" local_ip=$(get_real_ip $IP)
tpl_file="$WEBTPL/$PROXY_SYSTEM/$PROXY.tpl"
conf="$HOMEDIR/$user/conf/web/$PROXY_SYSTEM.conf"
ip=$(get_real_ip $IP)
# Preparing domain values for the template substitution # Preparing domain values for the template substitution
upd_web_domain_values PROXY_EXT="$extentions"
add_web_config add_web_config "$PROXY_SYSTEM" "$template.tpl"
# Set permission and ownership # Adding proxy for ssl
chown root:$user $conf
chmod 640 $conf
# Checking proxy config
proxy_conf="/etc/$PROXY_SYSTEM/conf.d/vesta.conf"
if [ -z "$(grep "$conf" $proxy_conf)" ]; then
echo "include $conf;" >> $proxy_conf
fi
# Checking ssl
if [ "$SSL" = 'yes' ]; then if [ "$SSL" = 'yes' ]; then
tpl_file="$WEBTPL/$PROXY_SYSTEM/$PROXY.stpl" add_web_config "$PROXY_SYSTEM" "$template.stpl"
conf="$HOMEDIR/$user/conf/web/s$PROXY_SYSTEM.conf"
add_web_config
chown root:$user $conf
chmod 640 $conf
proxy_conf="/etc/$PROXY_SYSTEM/conf.d/vesta.conf"
if [ -z "$(grep "$conf" $proxy_conf)" ]; then
echo "include $conf;" >> $proxy_conf
fi
fi
# Running template trigger
if [ -x $WEBTPL/$PROXY_SYSTEM/$template.sh ]; then
$WEBTPL/$PROXY_SYSTEM/$template.sh $user $domain $ip $HOMEDIR $docroot
fi fi
@ -97,18 +68,14 @@ fi
#----------------------------------------------------------# #----------------------------------------------------------#
# Update config # Update config
update_object_value 'web' 'DOMAIN' "$domain" '$PROXY' "$PROXY" update_object_value 'web' 'DOMAIN' "$domain" '$PROXY' "$template"
update_object_value 'web' 'DOMAIN' "$domain" '$PROXY_EXT' "$extentions" update_object_value 'web' 'DOMAIN' "$domain" '$PROXY_EXT' "$extentions"
# Restart web server # Restarting web server
if [ "$restart" != 'no' ]; then $BIN/v-restart-proxy $restart
$BIN/v-restart-proxy check_result $? "Proxy restart failed" >/dev/null
if [ $? -ne 0 ]; then
exit $E_RESTART
fi
fi
log_history "enabled proxy support for $domain" log_history "enabled proxy support for $domain"
log_event "$OK" "$EVENT" log_event "$OK" "$ARGUMENTS"
exit exit

93
bin/v-add-web-domain-ssl
View file

@ -14,27 +14,44 @@
# Variable&Function # # Variable&Function #
#----------------------------------------------------------# #----------------------------------------------------------#
# Argument defenition # Argument definition
user=$1 user=$1
domain=$(idn -t --quiet -u "$2" ) domain=$2
domain_idn=$(idn -t --quiet -a "$domain")
ssl_dir=$3 ssl_dir=$3
ssl_home=${4-same} ssl_home=${4-same}
restart="$5" restart="$5"
# Additional argument formatting
if [[ "$domain" =~ [[:upper:]] ]]; then
domain=$(echo "$domain" |tr '[:upper:]' '[:lower:]')
fi
if [[ "$domain" =~ ^www\..* ]]; then
domain=$(echo "$domain" |sed -e "s/^www.//")
fi
if [[ "$domain" =~ .*\.$ ]]; then
domain=$(echo "$domain" |sed -e "s/\.$//")
fi
domain=$(idn -t --quiet -u "$domain" )
domain_idn=$(idn -t --quiet -a "$domain")
# Includes # Includes
source $VESTA/func/main.sh source $VESTA/func/main.sh
source $VESTA/func/domain.sh source $VESTA/func/domain.sh
source $VESTA/func/ip.sh source $VESTA/func/ip.sh
source $VESTA/conf/vesta.conf source $VESTA/conf/vesta.conf
# Additional argument formatting
format_domain
format_domain_idn
#----------------------------------------------------------# #----------------------------------------------------------#
# Verifications # # Verifications #
#----------------------------------------------------------# #----------------------------------------------------------#
check_args '3' "$#" 'USER DOMAIN SSL_DIR [SSL_HOME] [RESTART]' check_args '3' "$#" 'USER DOMAIN SSL_DIR [SSL_HOME] [RESTART]'
validate_format 'user' 'domain' 'ssl_dir' is_format_valid 'user' 'domain' 'ssl_dir'
is_system_enabled "$WEB_SYSTEM" 'WEB_SYSTEM' is_system_enabled "$WEB_SYSTEM" 'WEB_SYSTEM'
is_system_enabled "$WEB_SSL" 'SSL_SUPPORT' is_system_enabled "$WEB_SSL" 'SSL_SUPPORT'
is_object_valid 'user' 'USER' "$user" is_object_valid 'user' 'USER' "$user"
@ -60,22 +77,6 @@ if [ -e "$ssl_dir/$domain.ca" ]; then
fi fi
chmod 660 $USER_DATA/ssl/$domain.* chmod 660 $USER_DATA/ssl/$domain.*
# Parsing domain values
get_domain_values 'web'
conf="$HOMEDIR/$user/conf/web/s$WEB_SYSTEM.conf"
tpl_file="$WEBTPL/$WEB_SYSTEM/$TPL.stpl"
SSL_HOME="$ssl_home"
ip=$(get_real_ip $IP)
# Preparing domain values for the template substitution
upd_web_domain_values
# Adding domain to the web config
add_web_config
chown root:$user $conf
chmod 640 $conf
# Adding certificate to user dir # Adding certificate to user dir
cp -f $USER_DATA/ssl/$domain.crt $HOMEDIR/$user/conf/web/ssl.$domain.crt cp -f $USER_DATA/ssl/$domain.crt $HOMEDIR/$user/conf/web/ssl.$domain.crt
cp -f $USER_DATA/ssl/$domain.key $HOMEDIR/$user/conf/web/ssl.$domain.key cp -f $USER_DATA/ssl/$domain.key $HOMEDIR/$user/conf/web/ssl.$domain.key
@ -84,31 +85,20 @@ if [ -e "$USER_DATA/ssl/$domain.ca" ]; then
cp -f $USER_DATA/ssl/$domain.ca $HOMEDIR/$user/conf/web/ssl.$domain.ca cp -f $USER_DATA/ssl/$domain.ca $HOMEDIR/$user/conf/web/ssl.$domain.ca
fi fi
# Running template trigger # Parsing domain values
if [ -x $WEBTPL/$WEB_SYSTEM/$template.sh ]; then get_domain_values 'web'
$WEBTPL/$WEB_SYSTEM/$template.sh $user $domain $ip $HOMEDIR $sdocroot local_ip=$(get_real_ip $IP)
fi
# Checking web config # Preparing domain values for the template substitution
web_conf="/etc/$WEB_SYSTEM/conf.d/vesta.conf" SSL_HOME="$ssl_home"
if [ -z "$(grep "$conf" $web_conf)" ]; then prepare_web_domain_values
echo "Include $conf" >> $web_conf
fi
# Checking proxy # Adding domain to the web config
if [ ! -z "$PROXY" ]; then add_web_config "$WEB_SYSTEM" "$TPL.stpl"
conf="$HOMEDIR/$user/conf/web/s$PROXY_SYSTEM.conf"
tpl_file="$WEBTPL/$PROXY_SYSTEM/$PROXY.stpl"
add_web_config
chown root:$user $conf
chmod 640 $conf
# Checking proxy config # Checking proxy config
proxy_conf="/etc/$PROXY_SYSTEM/conf.d/vesta.conf" if [ ! -z "$PROXY_SYSTEM" ] && [ ! -z "$PROXY" ]; then
if [ -z "$(grep "$conf" $proxy_conf )" ]; then add_web_config "$PROXY_SYSTEM" "$PROXY.stpl"
echo "include $conf;" >> $proxy_conf
fi
fi fi
@ -123,21 +113,22 @@ increase_user_value "$user" '$U_WEB_SSL'
update_object_value 'web' 'DOMAIN' "$domain" '$SSL_HOME' "$SSL_HOME" update_object_value 'web' 'DOMAIN' "$domain" '$SSL_HOME' "$SSL_HOME"
update_object_value 'web' 'DOMAIN' "$domain" '$SSL' "yes" update_object_value 'web' 'DOMAIN' "$domain" '$SSL' "yes"
# Restart web server # Restarting web server
if [ "$restart" != 'no' ]; then $BIN/v-restart-web $restart
$BIN/v-restart-web check_result $? "Web restart failed" >/dev/null
if [ $? -ne 0 ]; then
exit $E_RESTART
fi
$BIN/v-restart-proxy $BIN/v-restart-proxy $restart
if [ $? -ne 0 ]; then check_result $? "Proxy restart failed" >/dev/null
exit $E_RESTART
if [ ! -z "$UPDATE_HOSTNAME_SSL" ] && [ "$UPDATE_HOSTNAME_SSL" = "yes" ]; then
hostname=$(hostname)
if [ "$hostname" = "$domain" ]; then
$BIN/v-update-host-certificate $user $domain
fi fi
fi fi
# Logging # Logging
log_history "enabled ssl support for $domain" log_history "enabled ssl support for $domain"
log_event "$OK" "$EVENT" log_event "$OK" "$ARGUMENTS"
exit exit

18
bin/v-add-web-domain-stats
View file

@ -13,10 +13,10 @@
# Variable&Function # # Variable&Function #
#----------------------------------------------------------# #----------------------------------------------------------#
# Argument defenition # Argument definition
user=$1 user=$1
domain=$(idn -t --quiet -u "$2" ) domain=$2
domain_idn=$(idn -t --quiet -a "$domain") domain_idn=$2
type=$3 type=$3
# Includes # Includes
@ -24,13 +24,17 @@ source $VESTA/func/main.sh
source $VESTA/func/domain.sh source $VESTA/func/domain.sh
source $VESTA/conf/vesta.conf source $VESTA/conf/vesta.conf
# Additional argument formatting
format_domain
format_domain_idn
#----------------------------------------------------------# #----------------------------------------------------------#
# Verifications # # Verifications #
#----------------------------------------------------------# #----------------------------------------------------------#
check_args '3' "$#" 'USER DOMAIN TYPE' check_args '3' "$#" 'USER DOMAIN TYPE'
validate_format 'user' 'domain' is_format_valid 'user' 'domain'
is_system_enabled "$WEB_SYSTEM" 'WEB_SYSTEM' is_system_enabled "$WEB_SYSTEM" 'WEB_SYSTEM'
is_type_valid "$STATS_SYSTEM" "$type" is_type_valid "$STATS_SYSTEM" "$type"
is_object_valid 'user' 'USER' "$user" "$user" is_object_valid 'user' 'USER' "$user" "$user"
@ -47,10 +51,8 @@ is_object_value_empty 'web' 'DOMAIN' "$domain" '$STATS'
# Parse aliases # Parse aliases
get_domain_values 'web' get_domain_values 'web'
# Preparing domain values for the template substitution
upd_web_domain_values
# Adding statistic config # Adding statistic config
prepare_web_domain_values
cat $WEBTPL/$type/$type.tpl |\ cat $WEBTPL/$type/$type.tpl |\
sed -e "s|%ip%|$ip|g" \ sed -e "s|%ip%|$ip|g" \
-e "s|%web_port%|$WEB_PORT|g" \ -e "s|%web_port%|$WEB_PORT|g" \
@ -90,7 +92,7 @@ update_object_value 'web' 'DOMAIN' "$domain" '$STATS' "$type"
# Logging # Logging
log_history "enabled web log analyzer for $domain" log_history "enabled web log analyzer for $domain"
log_event "$OK" "$EVENT" log_event "$OK" "$ARGUMENTS"
# Build stats # Build stats
exec $BIN/v-update-web-domain-stat $user $domain exec $BIN/v-update-web-domain-stat $user $domain

51
bin/v-add-web-domain-stats-user
View file

@ -1,6 +1,6 @@
#!/bin/bash #!/bin/bash
# info: add password protection to web domain statistics # info: add password protection to web domain statistics
# options: USER DOMAIN STATS_USER STATS_PASSWORD # options: USER DOMAIN STATS_USER STATS_PASSWORD [RESTART]
# #
# The call is used for securing the web statistics page. # The call is used for securing the web statistics page.
@ -9,52 +9,57 @@
# Variable&Function # # Variable&Function #
#----------------------------------------------------------# #----------------------------------------------------------#
# Argument defenition # Argument definition
user=$1 user=$1
domain=$(idn -t --quiet -u "$2" ) domain=$2
stats_user=$3 stats_user=$3
stats_pass=$4 password=$4; HIDE=4
restart=$5
# Includes # Includes
source $VESTA/func/main.sh source $VESTA/func/main.sh
source $VESTA/func/domain.sh source $VESTA/func/domain.sh
source $VESTA/conf/vesta.conf source $VESTA/conf/vesta.conf
# Hiding password
A4='******'
EVENT="$DATE $TIME $SCRIPT $A1 $A2 $A3 $A4 $A5 $A6 $A7 $A8 $A9"
#----------------------------------------------------------# #----------------------------------------------------------#
# Verifications # # Verifications #
#----------------------------------------------------------# #----------------------------------------------------------#
check_args '4' "$#" 'USER DOMAIN STATS_USER STATS_PASS' check_args '4' "$#" 'USER DOMAIN STATS_USER STATS_PASS [RESTART]'
validate_format 'user' 'domain' 'stats_user' 'stats_pass' is_format_valid 'user' 'domain' 'stats_user'
is_system_enabled "$WEB_SYSTEM" 'WEB_SYSTEM' is_system_enabled "$WEB_SYSTEM" 'WEB_SYSTEM'
is_object_valid 'user' 'USER' "$user" is_object_valid 'user' 'USER' "$user"
is_object_unsuspended 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user"
is_object_valid 'web' 'DOMAIN' "$domain" is_object_valid 'web' 'DOMAIN' "$domain"
is_object_unsuspended 'web' 'DOMAIN' "$domain" is_object_unsuspended 'web' 'DOMAIN' "$domain"
is_password_valid
#----------------------------------------------------------# #----------------------------------------------------------#
# Action # # Action #
#----------------------------------------------------------# #----------------------------------------------------------#
# Definining statistic dir # Defining statistic dir
stats_dir="$HOMEDIR/$user/web/$domain/stats" stats_dir="$HOMEDIR/$user/web/$domain/stats"
conf_dir="$HOMEDIR/$user/conf/web"
# Adding htaccess file # Adding htaccess file
echo "AuthUserFile $stats_dir/.htpasswd if [ "$WEB_SYSTEM" = 'nginx' ]; then
AuthName \"Web Statistics\" echo "auth_basic \"Web Statistics\";" > $conf_dir/$domain.auth
AuthType Basic echo "auth_basic_user_file $stats_dir/.htpasswd;" >> $conf_dir/$domain.auth
Require valid-user" > $stats_dir/.htaccess else
echo "AuthUserFile $stats_dir/.htpasswd" > $stats_dir/.htaccess
echo "AuthName \"Web Statistics\"" >> $stats_dir/.htaccess
echo "AuthType Basic" >> $stats_dir/.htaccess
echo "Require valid-user" >> $stats_dir/.htaccess
fi
# Generating htaccess user and password # Generating htaccess user and password
rm -f $stats_dir/.htpasswd salt=$(generate_password "$PW_MATRIX" "8")
htpasswd -bc $stats_dir/.htpasswd "$stats_user" "$stats_pass" &>/dev/null stats_pass=$($BIN/v-generate-password-hash md5 $salt $password)
stats_crypt=$(grep $stats_user: $stats_dir/.htpasswd |cut -f 2 -d :) echo "$stats_user:$stats_pass" > $stats_dir/.htpasswd
#----------------------------------------------------------# #----------------------------------------------------------#
# Vesta # # Vesta #
@ -62,10 +67,16 @@ stats_crypt=$(grep $stats_user: $stats_dir/.htpasswd |cut -f 2 -d :)
# Adding stats user in config # Adding stats user in config
update_object_value 'web' 'DOMAIN' "$domain" '$STATS_USER' "$stats_user" update_object_value 'web' 'DOMAIN' "$domain" '$STATS_USER' "$stats_user"
update_object_value 'web' 'DOMAIN' "$domain" '$STATS_CRYPT' "$stats_crypt" update_object_value 'web' 'DOMAIN' "$domain" '$STATS_CRYPT' "$stats_pass"
# Restarting web server
if [ "$WEB_SYSTEM" = 'nginx' ]; then
$BIN/v-restart-web $restart
check_result $? "Web restart failed" >/dev/null
fi
# Logging # Logging
log_history "added password protection for web stats on $domain" log_history "added password protection for web stats on $domain"
log_event "$OK" "$EVENT" log_event "$OK" "$ARGUMENTS"
exit exit

683
bin/v-backup-user
View file

File diff suppressed because it is too large Load diff

16
bin/v-backup-users
View file

@ -9,8 +9,8 @@
# Variable&Function # # Variable&Function #
#----------------------------------------------------------# #----------------------------------------------------------#
# Importing system enviroment as we run this script # Importing system environment as we run this script
# mostly by cron wich not read it by itself # mostly by cron which not read it by itself
source /etc/profile source /etc/profile
# Includes # Includes
@ -22,7 +22,15 @@ source $VESTA/conf/vesta.conf
# Action # # Action #
#----------------------------------------------------------# #----------------------------------------------------------#
for user in $(ls $VESTA/data/users); do $BIN/v-check-vesta-license >/dev/null
if [ -z "$BACKUP_SYSTEM" ]; then
exit
fi
for user in $(grep '@' /etc/passwd |cut -f1 -d:); do
if [ ! -f "$VESTA/data/users/$user/user.conf" ]; then
continue;
fi
check_suspend=$(grep "SUSPENDED='no'" $VESTA/data/users/$user/user.conf) check_suspend=$(grep "SUSPENDED='no'" $VESTA/data/users/$user/user.conf)
log=$VESTA/log/backup.log log=$VESTA/log/backup.log
if [ ! -z "$check_suspend" ]; then if [ ! -z "$check_suspend" ]; then
@ -39,6 +47,6 @@ done
#----------------------------------------------------------# #----------------------------------------------------------#
# No Logging # No Logging
#log_event "$OK" "$EVENT" #log_event "$OK" "$ARGUMENTS"
exit exit

20
bin/v-change-cron-job
View file

@ -10,7 +10,7 @@
# Variable&Function # # Variable&Function #
#----------------------------------------------------------# #----------------------------------------------------------#
# Argument defenition # Argument definition
user=$1 user=$1
job=$2 job=$2
min=$3 min=$3
@ -30,21 +30,27 @@ source $VESTA/conf/vesta.conf
#----------------------------------------------------------# #----------------------------------------------------------#
check_args '7' "$#" 'USER JOB MIN HOUR DAY MONTH WDAY COMMAND' check_args '7' "$#" 'USER JOB MIN HOUR DAY MONTH WDAY COMMAND'
validate_format 'user' 'job' 'min' 'hour' 'day' 'month' 'wday' 'command' is_format_valid 'user' 'job' 'min' 'hour' 'day' 'month' 'wday' 'command'
is_system_enabled "$CRON_SYSTEM" 'CRON_SYSTEM' is_system_enabled "$CRON_SYSTEM" 'CRON_SYSTEM'
is_object_valid 'user' 'USER' "$user" is_object_valid 'user' 'USER' "$user"
is_object_unsuspended 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user"
is_object_valid 'cron' 'JOB' "$job" is_object_valid 'cron' 'JOB' "$job"
is_object_unsuspended 'cron' 'JOB' "$job"
#----------------------------------------------------------# #----------------------------------------------------------#
# Action # # Action #
#----------------------------------------------------------# #----------------------------------------------------------#
# Generating timestamp
time_n_date=$(date +'%T %F')
time=$(echo "$time_n_date" |cut -f 1 -d \ )
date=$(echo "$time_n_date" |cut -f 2 -d \ )
# Concatenating cron string # Concatenating cron string
command=$(echo $command | sed -e "s/'/%quote%/g") command=$(echo $command | sed -e "s/'/%quote%/g")
str="JOB='$job' MIN='$min' HOUR='$hour' DAY='$day' MONTH='$month' WDAY='$wday'" str="JOB='$job' MIN='$min' HOUR='$hour' DAY='$day' MONTH='$month' WDAY='$wday'"
str="$str CMD='$command' SUSPENDED='no' TIME='$TIME' DATE='$DATE'" str="$str CMD='$command' SUSPENDED='no' TIME='$time' DATE='$date'"
# Deleting old job # Deleting old job
sed -i "/JOB='$job' /d" $USER_DATA/cron.conf sed -i "/JOB='$job' /d" $USER_DATA/cron.conf
@ -63,14 +69,12 @@ sync_cron_jobs
# Vesta # # Vesta #
#----------------------------------------------------------# #----------------------------------------------------------#
# Restart crond # Restarting crond
$BIN/v-restart-cron $BIN/v-restart-cron
if [ $? -ne 0 ]; then check_result $? "Cron restart failed" >/dev/null
exit $E_RESTART
fi
# Logging # Logging
log_history "changed cron job $job" log_history "changed cron job $job"
log_event "$OK" "$EVENT" log_event "$OK" "$ARGUMENTS"
exit exit

68
bin/v-change-database-host-password Executable file
View file

@ -0,0 +1,68 @@
#!/bin/bash
# info: change database server password
# options: TYPE HOST USER PASSWORD
#
# The function changes database server password.
#----------------------------------------------------------#
# Variable&Function #
#----------------------------------------------------------#
# Argument definition
type=$1
host=$2
dbuser=$3
password=$4; HIDE=4
# Includes
source $VESTA/func/main.sh
source $VESTA/func/db.sh
source $VESTA/conf/vesta.conf
#----------------------------------------------------------#
# Verifications #
#----------------------------------------------------------#
args_usage='TYPE HOST DBUSER DBPASS'
check_args '4' "$#" "$args_usage"
is_format_valid 'host' 'dbuser'
is_object_valid "../../conf/$type" 'HOST' "$host"
dbpass="$password"
#----------------------------------------------------------#
# Action #
#----------------------------------------------------------#
# Define email
email=$(grep CONTACT $VESTA/data/users/admin/user.conf |cut -f2 -d \')
subj="v-change-database-host-password $*"
case $type in
mysql) mysql_connect $host;
query="USE mysql; UPDATE user SET"
query="$query password=PASSWORD('$dbpass')"
query="$query WHERE User='$dbuser';"
query="$query FLUSH PRIVILEGES;"
mysql_query "$query" ;
if [ "$dbuser" == "root" ]; then
echo -e "[client]\npassword='$dbpass'\n" > /root/.my.cnf
chmod 600 /root/.my.cnf
fi;;
pgsql) echo "TBD" >/dev/null;;
esac
update_object_value "../../conf/$type" 'HOST' "$host" '$USER' "$dbuser"
update_object_value "../../conf/$type" 'HOST' "$host" '$PASSWORD' "$dbpass"
#----------------------------------------------------------#
# Vesta #
#----------------------------------------------------------#
# Logging
log_event "$OK" "$ARGUMENTS"
exit

17
bin/v-change-database-owner
View file

@ -1,5 +1,5 @@
#!/bin/bash #!/bin/bash
# info: change database password # info: change database owner
# options: DATABASE USER # options: DATABASE USER
# #
# The function for changing database owner. # The function for changing database owner.
@ -9,7 +9,7 @@
# Variable&Function # # Variable&Function #
#----------------------------------------------------------# #----------------------------------------------------------#
# Argument defenition # Argument definition
database=$1 database=$1
user=$2 user=$2
@ -25,7 +25,7 @@ source $VESTA/conf/vesta.conf
#----------------------------------------------------------# #----------------------------------------------------------#
check_args '2' "$#" 'DATABASE USER' check_args '2' "$#" 'DATABASE USER'
validate_format 'database' 'user' is_format_valid 'database' 'user'
is_system_enabled "$DB_SYSTEM" 'DB_SYSTEM' is_system_enabled "$DB_SYSTEM" 'DB_SYSTEM'
is_object_valid 'user' 'USER' "$user" is_object_valid 'user' 'USER' "$user"
is_object_unsuspended 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user"
@ -34,7 +34,7 @@ is_object_unsuspended 'user' 'USER' "$user"
owner=$(echo $database | cut -f 1 -d '_') owner=$(echo $database | cut -f 1 -d '_')
if [ ! -e "$VESTA/data/users/$owner" ]; then if [ ! -e "$VESTA/data/users/$owner" ]; then
echo "Error: database owner doesn't exist" echo "Error: database owner doesn't exist"
log_event "$E_NOTEXIST" "$EVENT" log_event "$E_NOTEXIST" "$ARGUMENTS"
exit $E_NOTEXIST exit $E_NOTEXIST
fi fi
@ -47,7 +47,7 @@ fi
db_data=$(grep "DB='$database'" $VESTA/data/users/$owner/db.conf) db_data=$(grep "DB='$database'" $VESTA/data/users/$owner/db.conf)
if [ -z "$db_data" ]; then if [ -z "$db_data" ]; then
echo "Error: database $database doesn't exist" echo "Error: database $database doesn't exist"
log_event "$E_NOTEXIST" "$EVENT" log_event "$E_NOTEXIST" "$ARGUMENTS"
exit $E_NOTEXIST exit $E_NOTEXIST
fi fi
@ -56,7 +56,7 @@ new_db=$(echo $database | sed "s/^${owner}_/${user}_/")
check_db=$(grep "DB='$new_db'" $VESTA/data/users/$user/db.conf) check_db=$(grep "DB='$new_db'" $VESTA/data/users/$user/db.conf)
if [ ! -z "$check_db" ]; then if [ ! -z "$check_db" ]; then
echo "Error: $new_db database exists" echo "Error: $new_db database exists"
log_event "$E_EXISTS" "$EVENT" log_event "$E_EXISTS" "$ARGUMENTS"
exit $E_EXISTS exit $E_EXISTS
fi fi
@ -69,7 +69,7 @@ fi
tmpdir=$(mktemp -p $BACKUP -d) tmpdir=$(mktemp -p $BACKUP -d)
if [ "$?" -ne 0 ]; then if [ "$?" -ne 0 ]; then
echo "Error: can't create $tmpdir" echo "Error: can't create $tmpdir"
log_event "$E_NOTEXIST" "$EVENT" log_event "$E_NOTEXIST" "$ARGUMENTS"
exit $E_NOTEXIST exit $E_NOTEXIST
fi fi
@ -80,7 +80,6 @@ $BIN/v-suspend-database $owner $database > /dev/null 2>&1
eval $db_data eval $db_data
dump="$tmpdir/$database.$TYPE.sql" dump="$tmpdir/$database.$TYPE.sql"
grants="$tmpdir/$database.$TYPE.$DBUSER" grants="$tmpdir/$database.$TYPE.$DBUSER"
send_mail='/bin/true'
case $TYPE in case $TYPE in
mysql) dump_mysql_database ;; mysql) dump_mysql_database ;;
pgsql) dump_pgsql_database ;; pgsql) dump_pgsql_database ;;
@ -120,6 +119,6 @@ $BIN/v-update-user-counters $user
#----------------------------------------------------------# #----------------------------------------------------------#
# Logging # Logging
log_event "$OK" "$EVENT" log_event "$OK" "$ARGUMENTS"
exit exit

15
bin/v-change-database-password
View file

@ -10,33 +10,30 @@
# Variable&Function # # Variable&Function #
#----------------------------------------------------------# #----------------------------------------------------------#
# Argument defenition # Argument definition
user=$1 user=$1
database=$2 database=$2
dbpass=$3 password=$3; HIDE=3
# Includes # Includes
source $VESTA/func/main.sh source $VESTA/func/main.sh
source $VESTA/func/db.sh source $VESTA/func/db.sh
source $VESTA/conf/vesta.conf source $VESTA/conf/vesta.conf
# Hiding password
A3='******'
EVENT="$DATE $TIME $SCRIPT $A1 $A2 $A3 $A4 $A5 $A6 $A7 $A8 $A9"
#----------------------------------------------------------# #----------------------------------------------------------#
# Verifications # # Verifications #
#----------------------------------------------------------# #----------------------------------------------------------#
check_args '3' "$#" 'USER DATABASE DBPASS' check_args '3' "$#" 'USER DATABASE DBPASS'
validate_format 'user' 'database' 'dbpass' is_format_valid 'user' 'database'
is_system_enabled "$DB_SYSTEM" 'DB_SYSTEM' is_system_enabled "$DB_SYSTEM" 'DB_SYSTEM'
is_object_valid 'user' 'USER' "$user" is_object_valid 'user' 'USER' "$user"
is_object_unsuspended 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user"
is_object_valid 'db' 'DB' "$database" is_object_valid 'db' 'DB' "$database"
is_object_unsuspended 'db' 'DB' "$database" is_object_unsuspended 'db' 'DB' "$database"
is_password_valid
dbpass="$password"
#----------------------------------------------------------# #----------------------------------------------------------#
# Action # # Action #
@ -59,6 +56,6 @@ update_object_value 'db' 'DB' "$database" '$MD5' "$md5"
# Logging # Logging
log_history "changed $database database password" log_history "changed $database database password"
log_event "$OK" "$EVENT" log_event "$OK" "$ARGUMENTS"
exit exit

27
bin/v-change-database-user
View file

@ -9,11 +9,11 @@
# Variable&Function # # Variable&Function #
#----------------------------------------------------------# #----------------------------------------------------------#
# Argument defenition # Argument definition
user=$1 user=$1
database=$2 database=$2
dbuser="$user"_"$3" dbuser="$user"_"$3"
dbpass=$4 password=$4; HIDE=4
# Includes # Includes
source $VESTA/func/main.sh source $VESTA/func/main.sh
@ -21,25 +21,25 @@ source $VESTA/func/db.sh
source $VESTA/func/rebuild.sh source $VESTA/func/rebuild.sh
source $VESTA/conf/vesta.conf source $VESTA/conf/vesta.conf
# Hiding password
A4='******'
EVENT="$DATE $TIME $SCRIPT $A1 $A2 $A3 $A4 $A5 $A6 $A7 $A8 $A9"
#----------------------------------------------------------# #----------------------------------------------------------#
# Verifications # # Verifications #
#----------------------------------------------------------# #----------------------------------------------------------#
check_args '3' "$#" 'USER DATABASE DBUSER [DBPASS]' check_args '3' "$#" 'USER DATABASE DBUSER [DBPASS]'
validate_format 'user' 'database' 'dbuser' is_format_valid 'user' 'database' 'dbuser'
if [ ! -z "$dbpass" ]; then
validate_format 'dbpass'
fi
is_system_enabled "$DB_SYSTEM" 'DB_SYSTEM' is_system_enabled "$DB_SYSTEM" 'DB_SYSTEM'
is_object_valid 'user' 'USER' "$user" is_object_valid 'user' 'USER' "$user"
is_object_unsuspended 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user"
is_object_valid 'db' 'DB' "$database" is_object_valid 'db' 'DB' "$database"
is_object_unsuspended 'db' 'DB' "$database" is_object_unsuspended 'db' 'DB' "$database"
is_password_valid
dbpass="$password"
#----------------------------------------------------------#
# Action #
#----------------------------------------------------------#
# Compare old and new user # Compare old and new user
old_dbuser=$(get_object_value 'db' 'DB' "$database" '$DBUSER') old_dbuser=$(get_object_value 'db' 'DB' "$database" '$DBUSER')
@ -47,11 +47,6 @@ if [ "$old_dbuser" = "$dbuser" ]; then
exit exit
fi fi
#----------------------------------------------------------#
# Action #
#----------------------------------------------------------#
# Set new dbuser # Set new dbuser
update_object_value 'db' 'DB' "$database" '$DBUSER' "$dbuser" update_object_value 'db' 'DB' "$database" '$DBUSER' "$dbuser"
@ -91,6 +86,6 @@ fi
# Logging # Logging
log_history "changed $database database user to $dbuser" log_history "changed $database database user to $dbuser"
log_event "$OK" "$EVENT" log_event "$OK" "$ARGUMENTS"
exit exit

19
bin/v-change-dns-domain-exp
View file

@ -1,5 +1,5 @@
#!/bin/bash #!/bin/bash
# info: change dns domain expiriation date # info: change dns domain expiration date
# options: USER DOMAIN EXP # options: USER DOMAIN EXP
# #
# The function of changing the term of expiration domain's registration. The # The function of changing the term of expiration domain's registration. The
@ -10,23 +10,28 @@
# Variable&Function # # Variable&Function #
#----------------------------------------------------------# #----------------------------------------------------------#
# Argument defenition # Argument definition
user=$1 user=$1
domain=$(idn -t --quiet -u "$2" ) domain=$2
domain_idn=$(idn -t --quiet -a "$domain") domain_idn=$2
exp=$3 exp=$3
# Includes # Includes
source $VESTA/func/main.sh source $VESTA/func/main.sh
source $VESTA/conf/vesta.conf source $VESTA/conf/vesta.conf
# Additional argument formatting
format_domain
format_domain_idn
# TODO: $domain_idn not used in this script - maybe $domain should be converted to $doman_idn ?
#----------------------------------------------------------# #----------------------------------------------------------#
# Verifications # # Verifications #
#----------------------------------------------------------# #----------------------------------------------------------#
check_args '3' "$#" 'USER DOMAIN EXP' check_args '3' "$#" 'USER DOMAIN EXP'
validate_format 'user' 'domain' 'exp' is_format_valid 'user' 'domain' 'exp'
is_system_enabled "$DNS_SYSTEM" 'DNS_SYSTEM' is_system_enabled "$DNS_SYSTEM" 'DNS_SYSTEM'
is_object_valid 'user' 'USER' "$user" is_object_valid 'user' 'USER' "$user"
is_object_unsuspended 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user"
@ -57,7 +62,7 @@ fi
#----------------------------------------------------------# #----------------------------------------------------------#
# Logging # Logging
log_history "changed whois expiriation date for $domain" log_history "changed whois expiration date for $domain"
log_event "$OK" "$EVENT" log_event "$OK" "$ARGUMENTS"
exit exit

28
bin/v-change-dns-domain-ip
View file

@ -9,10 +9,10 @@
# Variable&Function # # Variable&Function #
#----------------------------------------------------------# #----------------------------------------------------------#
# Argument defenition # Argument definition
user=$1 user=$1
domain=$(idn -t --quiet -u "$2" ) domain=$2
domain_idn=$(idn -t --quiet -a "$domain") domain_idn=$2
ip=$3 ip=$3
restart=$4 restart=$4
@ -21,13 +21,18 @@ source $VESTA/func/main.sh
source $VESTA/func/domain.sh source $VESTA/func/domain.sh
source $VESTA/conf/vesta.conf source $VESTA/conf/vesta.conf
# Additional argument formatting
format_domain
format_domain_idn
# TODO: $domain_idn not used in this script - maybe $domain should be converted to $doman_idn ?
#----------------------------------------------------------# #----------------------------------------------------------#
# Verifications # # Verifications #
#----------------------------------------------------------# #----------------------------------------------------------#
check_args '3' "$#" 'USER DOMAIN IP' check_args '3' "$#" 'USER DOMAIN IP'
validate_format 'user' 'domain' 'ip' is_format_valid 'user' 'domain' 'ip'
is_system_enabled "$DNS_SYSTEM" 'DNS_SYSTEM' is_system_enabled "$DNS_SYSTEM" 'DNS_SYSTEM'
is_object_valid 'user' 'USER' "$user" is_object_valid 'user' 'USER' "$user"
is_object_unsuspended 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user"
@ -51,6 +56,7 @@ sed -i "s/$old/$ip/g" $USER_DATA/dns/$domain.conf
# Updating zone # Updating zone
if [[ "$DNS_SYSTEM" =~ named|bind ]]; then if [[ "$DNS_SYSTEM" =~ named|bind ]]; then
update_domain_serial
update_domain_zone update_domain_zone
fi fi
@ -59,7 +65,7 @@ if [ ! -z "$DNS_CLUSTER" ]; then
# Check for first sync # Check for first sync
dlock=$(grep "domain $user $domain" $VESTA/data/queue/dns-cluster.pipe) dlock=$(grep "domain $user $domain" $VESTA/data/queue/dns-cluster.pipe)
if [ -z "$dlock" ]; then if [ -z "$dlock" ]; then
cmd="$BIN/v-add-remote-dns-domain $user $domain domain" cmd="$BIN/v-add-remote-dns-domain $user $domain domain yes"
echo "$cmd" >> $VESTA/data/queue/dns-cluster.pipe echo "$cmd" >> $VESTA/data/queue/dns-cluster.pipe
fi fi
fi fi
@ -69,16 +75,12 @@ fi
# Vesta # # Vesta #
#----------------------------------------------------------# #----------------------------------------------------------#
# Restart named # Restarting named
if [ "$restart" != 'no' ]; then $BIN/v-restart-dns $restart
$BIN/v-restart-dns check_result $? "DNS restart failed" >/dev/null
if [ $? -ne 0 ]; then
exit $E_RESTART
fi
fi
# Logging # Logging
log_history "changed dns ip for $domain to $ip" log_history "changed dns ip for $domain to $ip"
log_event "$OK" "$EVENT" log_event "$OK" "$ARGUMENTS"
exit exit

26
bin/v-change-dns-domain-soa
View file

@ -10,10 +10,10 @@
# Variable&Function # # Variable&Function #
#----------------------------------------------------------# #----------------------------------------------------------#
# Argument defenition # Argument definition
user=$1 user=$1
domain=$(idn -t --quiet -u "$2" ) domain=$2
domain_idn=$(idn -t --quiet -a "$domain") domain_idn=$2
soa=$(echo $3 | sed -e 's/\.*$//g' -e 's/^\.*//g') soa=$(echo $3 | sed -e 's/\.*$//g' -e 's/^\.*//g')
restart=$4 restart=$4
@ -22,13 +22,18 @@ source $VESTA/func/main.sh
source $VESTA/func/domain.sh source $VESTA/func/domain.sh
source $VESTA/conf/vesta.conf source $VESTA/conf/vesta.conf
# Additional argument formatting
format_domain
format_domain_idn
# TODO: $domain_idn not used in this script - maybe $domain should be converted to $doman_idn ?
#----------------------------------------------------------# #----------------------------------------------------------#
# Verifications # # Verifications #
#----------------------------------------------------------# #----------------------------------------------------------#
check_args '3' "$#" 'USER DOMAIN SOA' check_args '3' "$#" 'USER DOMAIN SOA'
validate_format 'user' 'domain' 'soa' is_format_valid 'user' 'domain' 'soa'
is_system_enabled "$DNS_SYSTEM" 'DNS_SYSTEM' is_system_enabled "$DNS_SYSTEM" 'DNS_SYSTEM'
is_object_valid 'user' 'USER' "$user" is_object_valid 'user' 'USER' "$user"
is_object_unsuspended 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user"
@ -45,6 +50,7 @@ update_object_value 'dns' 'DOMAIN' "$domain" '$SOA' "$soa"
# Updating zone # Updating zone
if [[ "$DNS_SYSTEM" =~ named|bind ]]; then if [[ "$DNS_SYSTEM" =~ named|bind ]]; then
update_domain_serial
update_domain_zone update_domain_zone
fi fi
@ -63,16 +69,12 @@ fi
# Vesta # # Vesta #
#----------------------------------------------------------# #----------------------------------------------------------#
# Restart named # Restarting named
if [ "$restart" != 'no' ]; then $BIN/v-restart-dns $restart
$BIN/v-restart-dns check_result $? "DNS restart failed" >/dev/null
if [ $? -ne 0 ]; then
exit $E_RESTART
fi
fi
# Logging # Logging
log_history "changed soa record for $domain to $soa" log_history "changed soa record for $domain to $soa"
log_event "$OK" "$EVENT" log_event "$OK" "$ARGUMENTS"
exit exit

61
bin/v-change-dns-domain-tpl
View file

@ -11,10 +11,10 @@
# Variable&Function # # Variable&Function #
#----------------------------------------------------------# #----------------------------------------------------------#
# Argument defenition # Argument definition
user=$1 user=$1
domain=$(idn -t --quiet -u "$2" ) domain=$2
domain_idn=$(idn -t --quiet -a "$domain") domain_idn=$2
template=$3 template=$3
restart=$4 restart=$4
@ -23,19 +23,23 @@ source $VESTA/func/main.sh
source $VESTA/func/domain.sh source $VESTA/func/domain.sh
source $VESTA/conf/vesta.conf source $VESTA/conf/vesta.conf
# Additional argument formatting
format_domain
format_domain_idn
#----------------------------------------------------------# #----------------------------------------------------------#
# Verifications # # Verifications #
#----------------------------------------------------------# #----------------------------------------------------------#
check_args '3' "$#" 'USER DOMAIN TEMPLATE [RESTART]' check_args '3' "$#" 'USER DOMAIN TEMPLATE [RESTART]'
validate_format 'user' 'domain' 'template' is_format_valid 'user' 'domain' 'template'
is_system_enabled "$DNS_SYSTEM" 'DNS_SYSTEM' is_system_enabled "$DNS_SYSTEM" 'DNS_SYSTEM'
is_object_valid 'user' 'USER' "$user" is_object_valid 'user' 'USER' "$user"
is_object_unsuspended 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user"
is_object_valid 'dns' 'DOMAIN' "$domain" is_object_valid 'dns' 'DOMAIN' "$domain"
is_object_unsuspended 'dns' 'DOMAIN' "$domain" is_object_unsuspended 'dns' 'DOMAIN' "$domain"
is_dns_template_valid is_dns_template_valid "$template"
#----------------------------------------------------------# #----------------------------------------------------------#
@ -43,8 +47,7 @@ is_dns_template_valid
#----------------------------------------------------------# #----------------------------------------------------------#
# Defining variables # Defining variables
ip=$(get_object_value 'dns' 'DOMAIN' "$domain" '$IP') get_domain_values 'dns'
i=1 i=1
ns=$(get_user_value '$NS') ns=$(get_user_value '$NS')
for nameserver in ${ns//,/ };do for nameserver in ${ns//,/ };do
@ -52,21 +55,49 @@ for nameserver in ${ns//,/ };do
(( ++i)) (( ++i))
done done
# Reading template
template_data=$(cat $DNSTPL/$template.tpl)
# Deleting unused nameservers
if [ -z "$ns3" ]; then
template_data=$(echo "$template_data" |grep -v %ns3%)
fi
if [ -z "$ns4" ]; then
template_data=$(echo "$template_data" |grep -v %ns4%)
fi
if [ -z "$ns5" ]; then
template_data=$(echo "$template_data" |grep -v %ns5%)
fi
if [ -z "$ns6" ]; then
template_data=$(echo "$template_data" |grep -v %ns6%)
fi
if [ -z "$ns7" ]; then
template_data=$(echo "$template_data" |grep -v %ns7%)
fi
if [ -z "$ns8" ]; then
template_data=$(echo "$template_data" |grep -v %ns8%)
fi
# Changing tpl # Changing tpl
cat $DNSTPL/$template.tpl |\ echo "$template_data" |\
sed -e "s/%ip%/$ip/g" \ sed -e "s/%ip%/$IP/g" \
-e "s/%domain_idn%/$domain_idn/g" \ -e "s/%domain_idn%/$domain_idn/g" \
-e "s/%domain%/$domain/g" \ -e "s/%domain%/$domain/g" \
-e "s/%ns1%/$ns1/g" \ -e "s/%ns1%/$ns1/g" \
-e "s/%ns2%/$ns2/g" \ -e "s/%ns2%/$ns2/g" \
-e "s/%ns3%/$ns3/g" \ -e "s/%ns3%/$ns3/g" \
-e "s/%ns4%/$ns4/g" \ -e "s/%ns4%/$ns4/g" \
-e "s/%ns5%/$ns5/g" \
-e "s/%ns6%/$ns6/g" \
-e "s/%ns7%/$ns7/g" \
-e "s/%ns8%/$ns8/g" \
-e "s/%time%/$TIME/g" \ -e "s/%time%/$TIME/g" \
-e "s/%date%/$DATE/g" > $USER_DATA/dns/$domain.conf -e "s/%date%/$DATE/g" > $USER_DATA/dns/$domain.conf
records="$(wc -l $USER_DATA/dns/$domain.conf |cut -f 1 -d ' ')" records="$(wc -l $USER_DATA/dns/$domain.conf |cut -f 1 -d ' ')"
# Updating zone # Updating zone
if [[ "$DNS_SYSTEM" =~ named|bind ]]; then if [[ "$DNS_SYSTEM" =~ named|bind ]]; then
update_domain_serial
update_domain_zone update_domain_zone
fi fi
@ -89,16 +120,12 @@ fi
update_object_value 'dns' 'DOMAIN' "$domain" '$TPL' "$template" update_object_value 'dns' 'DOMAIN' "$domain" '$TPL' "$template"
update_object_value 'dns' 'DOMAIN' "$domain" '$RECORDS' "$records" update_object_value 'dns' 'DOMAIN' "$domain" '$RECORDS' "$records"
# Restart named # Restarting named
if [ "$restart" != 'no' ]; then $BIN/v-restart-dns $restart
$BIN/v-restart-dns check_result $? "DNS restart failed" >/dev/null
if [ $? -ne 0 ]; then
exit $E_RESTART
fi
fi
# Logging # Logging
log_history "changed dns template for $domain to $template" '' 'admin' log_history "changed dns template for $domain to $template" '' 'admin'
log_event "$OK" "$EVENT" log_event "$OK" "$ARGUMENTS"
exit exit

28
bin/v-change-dns-domain-ttl
View file

@ -2,17 +2,17 @@
# info: change dns domain ttl # info: change dns domain ttl
# options: USER DOMAIN TTL # options: USER DOMAIN TTL
# #
# The function for chaning the time to live TTL parameter for all records. # The function for changing the time to live TTL parameter for all records.
#----------------------------------------------------------# #----------------------------------------------------------#
# Variable&Function # # Variable&Function #
#----------------------------------------------------------# #----------------------------------------------------------#
# Argument defenition # Argument definition
user=$1 user=$1
domain=$(idn -t --quiet -u "$2" ) domain=$2
domain_idn=$(idn -t --quiet -a "$domain") domain_idn=$2
ttl=$3 ttl=$3
restart=$4 restart=$4
@ -21,13 +21,18 @@ source $VESTA/func/main.sh
source $VESTA/func/domain.sh source $VESTA/func/domain.sh
source $VESTA/conf/vesta.conf source $VESTA/conf/vesta.conf
# Additional argument formatting
format_domain
format_domain_idn
# TODO: $domain_idn not used in this script - maybe $domain should be converted to $doman_idn ?
#----------------------------------------------------------# #----------------------------------------------------------#
# Verifications # # Verifications #
#----------------------------------------------------------# #----------------------------------------------------------#
check_args '3' "$#" 'USER DOMAIN TTL' check_args '3' "$#" 'USER DOMAIN TTL'
validate_format 'user' 'domain' 'ttl' is_format_valid 'user' 'domain' 'ttl'
is_system_enabled "$DNS_SYSTEM" 'DNS_SYSTEM' is_system_enabled "$DNS_SYSTEM" 'DNS_SYSTEM'
is_object_valid 'user' 'USER' "$user" is_object_valid 'user' 'USER' "$user"
is_object_unsuspended 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user"
@ -44,6 +49,7 @@ update_object_value 'dns' 'DOMAIN' "$domain" '$TTL' "$ttl"
# Updating zone # Updating zone
if [[ "$DNS_SYSTEM" =~ named|bind ]]; then if [[ "$DNS_SYSTEM" =~ named|bind ]]; then
update_domain_serial
update_domain_zone update_domain_zone
fi fi
@ -62,16 +68,12 @@ fi
# Vesta # # Vesta #
#----------------------------------------------------------# #----------------------------------------------------------#
# Restart named # Restarting named
if [ "$restart" != 'no' ]; then $BIN/v-restart-dns $restart
$BIN/v-restart-dns check_result $? "DNS restart failed" >/dev/null
if [ $? -ne 0 ]; then
exit $E_RESTART
fi
fi
# Logging # Logging
log_history "changed TTL for $domain to $ttl" log_history "changed TTL for $domain to $ttl"
log_event "$OK" "$EVENT" log_event "$OK" "$ARGUMENTS"
exit exit

35
bin/v-change-dns-record
View file

@ -9,14 +9,12 @@
# Variable&Function # # Variable&Function #
#----------------------------------------------------------# #----------------------------------------------------------#
# Argument defenition # Argument definition
user=$1 user=$1
domain=$(idn -t --quiet -u "$2" ) domain=$2
domain=$(echo $domain | tr '[:upper:]' '[:lower:]') domain_idn=$2
domain_idn=$(idn -t --quiet -a "$domain")
id=$3 id=$3
dvalue=$(idn -t --quiet -u "$4" ) dvalue=$(idn -t --quiet -u "$4" )
dvalue=$(echo $dvalue | tr '[:upper:]' '[:lower:]')
priority=$5 priority=$5
restart=$6 restart=$6
@ -25,13 +23,18 @@ source $VESTA/func/main.sh
source $VESTA/func/domain.sh source $VESTA/func/domain.sh
source $VESTA/conf/vesta.conf source $VESTA/conf/vesta.conf
# Additional argument formatting
format_domain
format_domain_idn
# TODO: $domain_idn not used in this script - maybe $domain should be converted to $doman_idn ?
#----------------------------------------------------------# #----------------------------------------------------------#
# Verifications # # Verifications #
#----------------------------------------------------------# #----------------------------------------------------------#
check_args '4' "$#" 'USER DOMAIN ID VALUE [PRIORITY] [RESTART]' check_args '4' "$#" 'USER DOMAIN ID VALUE [PRIORITY] [RESTART]'
validate_format 'user' 'domain' 'id' 'dvalue' is_format_valid 'user' 'domain' 'id' 'dvalue'
is_system_enabled "$DNS_SYSTEM" 'DNS_SYSTEM' is_system_enabled "$DNS_SYSTEM" 'DNS_SYSTEM'
is_object_valid 'user' 'USER' "$user" is_object_valid 'user' 'USER' "$user"
is_object_unsuspended 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user"
@ -68,9 +71,14 @@ is_dns_nameserver_valid "$domain" "$TYPE" "$dvalue"
# Deleting old record # Deleting old record
sed -i "/^ID='$id'/d" $USER_DATA/dns/$domain.conf sed -i "/^ID='$id'/d" $USER_DATA/dns/$domain.conf
# Generating timestamp
time_n_date=$(date +'%T %F')
time=$(echo "$time_n_date" |cut -f 1 -d \ )
date=$(echo "$time_n_date" |cut -f 2 -d \ )
# Adding record # Adding record
dns_rec="ID='$id' RECORD='$RECORD' TYPE='$TYPE' PRIORITY='$priority'" dns_rec="ID='$id' RECORD='$RECORD' TYPE='$TYPE' PRIORITY='$priority'"
dns_rec="$dns_rec VALUE='$dvalue' SUSPENDED='no' TIME='$TIME' DATE='$DATE'" dns_rec="$dns_rec VALUE='$dvalue' SUSPENDED='no' TIME='$time' DATE='$date'"
echo "$dns_rec" >> $USER_DATA/dns/$domain.conf echo "$dns_rec" >> $USER_DATA/dns/$domain.conf
# Sorting records # Sorting records
@ -78,6 +86,7 @@ sort_dns_records
# Updating zone # Updating zone
if [[ "$DNS_SYSTEM" =~ named|bind ]]; then if [[ "$DNS_SYSTEM" =~ named|bind ]]; then
update_domain_serial
update_domain_zone update_domain_zone
fi fi
@ -96,16 +105,12 @@ fi
# Vesta # # Vesta #
#----------------------------------------------------------# #----------------------------------------------------------#
# Restart named # Restarting named
if [ "$restart" != 'no' ]; then $BIN/v-restart-dns $restart
$BIN/v-restart-dns check_result $? "DNS restart failed" >/dev/null
if [ $? -ne 0 ]; then
exit $E_RESTART
fi
fi
# Logging # Logging
log_history "changed dns record on $domain to $dvalue" log_history "changed dns record on $domain to $dvalue"
log_event "$OK" "$EVENT" log_event "$OK" "$ARGUMENTS"
exit exit

27
bin/v-change-dns-record-id
View file

@ -9,11 +9,10 @@
# Variable&Function # # Variable&Function #
#----------------------------------------------------------# #----------------------------------------------------------#
# Argument defenition # Argument definition
user=$1 user=$1
domain=$(idn -t --quiet -u "$2" ) domain=$2
domain=$(echo $domain | tr '[:upper:]' '[:lower:]') domain_idn=$2
domain_idn=$(idn -t --quiet -a "$domain")
id=$3 id=$3
newid=$4 newid=$4
restart=$5 restart=$5
@ -23,13 +22,18 @@ source $VESTA/func/main.sh
source $VESTA/func/domain.sh source $VESTA/func/domain.sh
source $VESTA/conf/vesta.conf source $VESTA/conf/vesta.conf
# Additional argument formatting
format_domain
format_domain_idn
# TODO: $domain_idn not used in this script - maybe $domain should be converted to $doman_idn ?
#----------------------------------------------------------# #----------------------------------------------------------#
# Verifications # # Verifications #
#----------------------------------------------------------# #----------------------------------------------------------#
check_args '4' "$#" 'USER DOMAIN ID NEWID [RESTART]' check_args '4' "$#" 'USER DOMAIN ID NEWID [RESTART]'
validate_format 'user' 'domain' 'id' 'newid' is_format_valid 'user' 'domain' 'id' 'newid'
is_system_enabled "$DNS_SYSTEM" 'DNS_SYSTEM' is_system_enabled "$DNS_SYSTEM" 'DNS_SYSTEM'
is_object_valid 'user' 'USER' "$user" is_object_valid 'user' 'USER' "$user"
is_object_unsuspended 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user"
@ -51,6 +55,7 @@ sort_dns_records
# Updating zone # Updating zone
if [[ "$DNS_SYSTEM" =~ named|bind ]]; then if [[ "$DNS_SYSTEM" =~ named|bind ]]; then
update_domain_serial
update_domain_zone update_domain_zone
fi fi
@ -69,16 +74,12 @@ fi
# Vesta # # Vesta #
#----------------------------------------------------------# #----------------------------------------------------------#
# Restart named # Restarting named
if [ "$restart" != 'no' ]; then $BIN/v-restart-dns $restart
$BIN/v-restart-dns check_result $? "DNS restart failed" >/dev/null
if [ $? -ne 0 ]; then
exit $E_RESTART
fi
fi
# Logging # Logging
log_history "changed dns record id on $domain" log_history "changed dns record id on $domain"
log_event "$OK" "$EVENT" log_event "$OK" "$ARGUMENTS"
exit exit

36
bin/v-change-domain-owner
View file

@ -1,6 +1,6 @@
#!/bin/bash #!/bin/bash
# info: change ip owner # info: change domain owner
# options: DOMAIN USER [IP] # options: DOMAIN USER
# #
# The function of changing domain ownership. # The function of changing domain ownership.
@ -9,10 +9,9 @@
# Variable&Function # # Variable&Function #
#----------------------------------------------------------# #----------------------------------------------------------#
# Argument defenition # Argument definition
domain=$1 domain=$1
user=$2 user=$2
ip=$3
# Includes # Includes
source $VESTA/func/ip.sh source $VESTA/func/ip.sh
@ -24,20 +23,13 @@ source $VESTA/conf/vesta.conf
# Verifications # # Verifications #
#----------------------------------------------------------# #----------------------------------------------------------#
check_args '2' "$#" 'DOMAIN USER [IP]' check_args '2' "$#" 'DOMAIN USER'
validate_format 'domain' 'user' is_format_valid 'domain' 'user'
is_object_valid 'user' 'USER' "$user" is_object_valid 'user' 'USER' "$user"
is_object_unsuspended 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user"
if [ ! -z "$ip" ]; then owner=$($BIN/v-search-domain-owner $domain)
is_ip_valid
is_ip_avalable
fi
owner=$(v-search-domain-owner $domain)
if [ -z "$owner" ]; then if [ -z "$owner" ]; then
echo "Error: domain $domain doesn't exist" check_result $E_NOTEXIST "domain $domain doesn't exist"
log_event "$E_NOTEXIST" "$EVENT"
exit $E_NOTEXIST
fi fi
if [ "$owner" = "$user" ]; then if [ "$owner" = "$user" ]; then
exit exit
@ -156,6 +148,18 @@ if [ ! -z "$mail_data" ]; then
$BIN/v-unsuspend-mail-domain $user $domain no >> /dev/null 2>&1 $BIN/v-unsuspend-mail-domain $user $domain no >> /dev/null 2>&1
$BIN/v-rebuild-mail-domains $owner no $BIN/v-rebuild-mail-domains $owner no
$BIN/v-rebuild-mail-domains $user $BIN/v-rebuild-mail-domains $user
# Checking exim username for later chowning
exim_user="exim";
check_exim_username=$(grep -c '^Debian-exim:' /etc/passwd)
if [ "$check_exim_username" -eq 1 ]; then
exim_user="Debian-exim"
fi
# Chowning mail conf files to exim user
if [ -d "$HOMEDIR/$user/conf/mail/$domain" ]; then
find $HOMEDIR/$user/conf/mail/$domain -user root \
-exec chown $exim_user {} \;
fi
fi fi
# Update counters # Update counters
@ -168,6 +172,6 @@ $BIN/v-update-user-counters $user
#----------------------------------------------------------# #----------------------------------------------------------#
# Logging # Logging
log_event "$OK" "$EVENT" log_event "$OK" "$ARGUMENTS"
exit exit

85
bin/v-change-firewall-rule Executable file
View file

@ -0,0 +1,85 @@
#!/bin/bash
# info: change firewall rule
# options: RULE ACTION IP PORT [PROTOCOL] [COMMENT]
#
# The function is used for changing existing firewall rule.
# It fully replace rule with new one but keeps same id.
#----------------------------------------------------------#
# Variable&Function #
#----------------------------------------------------------#
# Importing system variables
source /etc/profile
# Argument definition
rule=$1
action=$(echo $2|tr '[:lower:]' '[:upper:]')
ip=$3
port_ext=$4
protocol=${5-TCP}
protocol=$(echo $protocol|tr '[:lower:]' '[:upper:]')
comment=$6
# Includes
source $VESTA/func/main.sh
source $VESTA/conf/vesta.conf
# Sort function
sort_fw_rules() {
cat $VESTA/data/firewall/rules.conf |\
sort -n -k 2 -t \' > $VESTA/data/firewall/rules.conf.tmp
mv -f $VESTA/data/firewall/rules.conf.tmp \
$VESTA/data/firewall/rules.conf
}
#----------------------------------------------------------#
# Verifications #
#----------------------------------------------------------#
check_args '5' "$#" 'RULE ACTION IP PORT [PROTOCOL] [COMMENT]'
is_format_valid 'rule' 'action' 'protocol' 'port_ext' 'ip'
if [ ! -z "$comment" ]; then
is_format_valid 'comment'
fi
is_system_enabled "$FIREWALL_SYSTEM" 'FIREWALL_SYSTEM'
is_object_valid '../../data/firewall/rules' 'RULE' "$rule"
#----------------------------------------------------------#
# Action #
#----------------------------------------------------------#
# Generating timestamp
time_n_date=$(date +'%T %F')
time=$(echo "$time_n_date" |cut -f 1 -d \ )
date=$(echo "$time_n_date" |cut -f 2 -d \ )
# Concatenating firewall rule
str="RULE='$rule' ACTION='$action' PROTOCOL='$protocol' PORT='$port_ext'"
str="$str IP='$ip' COMMENT='$comment' SUSPENDED='no'"
str="$str TIME='$time' DATE='$date'"
# Deleting old rule
sed -i "/RULE='$rule' /d" $VESTA/data/firewall/rules.conf
# Adding new
echo "$str" >> $VESTA/data/firewall/rules.conf
# Sorting firewall rules by id number
sort_fw_rules
# Updating system firewall
$BIN/v-update-firewall
#----------------------------------------------------------#
# Vesta #
#----------------------------------------------------------#
# Logging
log_event "$OK" "$ARGUMENTS"
exit

51
bin/v-change-fs-file-permission Executable file
View file

@ -0,0 +1,51 @@
#!/bin/bash
# info: change file permission
# options: USER FILE PERMISSIONS
#
# The function changes file access permissions on the file system
user=$1
src_file=$2
permissions=$3
# Checking arguments
if [ -z "$permissions" ]; then
echo "Usage: USER FILE PERMISSIONS"
exit 1
fi
# Checking vesta user
if [ ! -e "$VESTA/data/users/$user" ]; then
echo "Error: vesta user $user doesn't exist"
exit 3
fi
# Checking user homedir
homedir=$(grep "^$user:" /etc/passwd | cut -f 6 -d :)
if [ -z $homedir ]; then
echo "Error: user home directory doesn't exist"
exit 12
fi
# Checking source file
if [ ! -fe "$src_file" ]; then
echo "Error: source file doesn't exist $src_file"
exit 3
fi
# Checking source path
rpath=$(readlink -f "$src_file")
if [ -z "$(echo $rpath |egrep "^/tmp|^$homedir")" ]; then
echo "Error: invalid source path $src_file"
exit 2
fi
# Changing file permissions
sudo -u $user chmod -R $permissions "$src_file" >/dev/null 2>&1
if [ $? -ne 0 ]; then
echo "Error: access permission on $src_file was not changed"
exit 3
fi
# Exiting
exit

29
bin/v-change-mail-account-password
View file

@ -9,22 +9,22 @@
# Variable&Function # # Variable&Function #
#----------------------------------------------------------# #----------------------------------------------------------#
# Argument defenition # Argument definition
user=$1 user=$1
domain=$(idn -t --quiet -u "$2" ) domain=$2
domain=$(echo $domain | tr '[:upper:]' '[:lower:]') domain_idn=$2
domain_idn=$(idn -t --quiet -a "$domain")
account=$3 account=$3
password=$4 password=$4; HIDE=4
# Includes # Includes
source $VESTA/func/main.sh source $VESTA/func/main.sh
source $VESTA/func/domain.sh source $VESTA/func/domain.sh
source $VESTA/conf/vesta.conf source $VESTA/conf/vesta.conf
# Hiding password # Additional argument formatting
A4='******' format_domain
EVENT="$DATE $TIME $SCRIPT $A1 $A2 $A3 $A4 $A5 $A6 $A7 $A8 $A9" format_domain_idn
# TODO: $domain_idn not used in this script - maybe $domain should be converted to $doman_idn ?
#----------------------------------------------------------# #----------------------------------------------------------#
@ -32,7 +32,7 @@ EVENT="$DATE $TIME $SCRIPT $A1 $A2 $A3 $A4 $A5 $A6 $A7 $A8 $A9"
#----------------------------------------------------------# #----------------------------------------------------------#
check_args '4' "$#" 'USER DOMAIN ACCOUNT PASSWORD' check_args '4' "$#" 'USER DOMAIN ACCOUNT PASSWORD'
validate_format 'user' 'domain' 'account' 'password' is_format_valid 'user' 'domain' 'account'
is_system_enabled "$MAIL_SYSTEM" 'MAIL_SYSTEM' is_system_enabled "$MAIL_SYSTEM" 'MAIL_SYSTEM'
is_object_valid 'user' 'USER' "$user" is_object_valid 'user' 'USER' "$user"
is_object_unsuspended 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user"
@ -40,17 +40,16 @@ is_object_valid 'mail' 'DOMAIN' "$domain"
is_object_unsuspended 'mail' 'DOMAIN' "$domain" is_object_unsuspended 'mail' 'DOMAIN' "$domain"
is_object_valid "mail/$domain" 'ACCOUNT' "$account" is_object_valid "mail/$domain" 'ACCOUNT' "$account"
is_object_unsuspended "mail/$domain" 'ACCOUNT' "$account" is_object_unsuspended "mail/$domain" 'ACCOUNT' "$account"
is_password_valid
#----------------------------------------------------------# #----------------------------------------------------------#
# Action # # Action #
#----------------------------------------------------------# #----------------------------------------------------------#
if [ -x '/usr/bin/doveadm' ]; then # Generating hashed password
md5=$(/usr/bin/doveadm pw -s md5 -p "$password") salt=$(generate_password "$PW_MATRIX" "8")
else md5="{MD5}$($BIN/v-generate-password-hash md5 $salt <<<$password)"
md5=$(/usr/sbin/dovecotpw -s md5 -p "$password")
fi
if [[ "$MAIL_SYSTEM" =~ exim ]]; then if [[ "$MAIL_SYSTEM" =~ exim ]]; then
sed -i "/^$account:/d" $HOMEDIR/$user/conf/mail/$domain/passwd sed -i "/^$account:/d" $HOMEDIR/$user/conf/mail/$domain/passwd
@ -68,6 +67,6 @@ update_object_value "mail/$domain" 'ACCOUNT' "$account" '$MD5' "$md5"
# Logging # Logging
log_history "changed password for $account@$domain" log_history "changed password for $account@$domain"
log_event "$OK" "$EVENT" log_event "$OK" "$ARGUMENTS"
exit exit

26
bin/v-change-mail-account-quota
View file

@ -9,11 +9,10 @@
# Variable&Function # # Variable&Function #
#----------------------------------------------------------# #----------------------------------------------------------#
# Argument defenition # Argument definition
user=$1 user=$1
domain=$(idn -t --quiet -u "$2" ) domain=$2
domain=$(echo $domain | tr '[:upper:]' '[:lower:]') domain_idn=$2
domain_idn=$(idn -t --quiet -a "$domain")
account=$3 account=$3
quota=$4 quota=$4
@ -22,13 +21,21 @@ source $VESTA/func/main.sh
source $VESTA/func/domain.sh source $VESTA/func/domain.sh
source $VESTA/conf/vesta.conf source $VESTA/conf/vesta.conf
# Additional argument formatting
format_domain
format_domain_idn
# TODO: $domain_idn not used in this script - maybe $domain should be converted to $doman_idn ?
#----------------------------------------------------------# #----------------------------------------------------------#
# Verifications # # Verifications #
#----------------------------------------------------------# #----------------------------------------------------------#
check_args '4' "$#" 'USER DOMAIN ACCOUNT QUOTA' check_args '4' "$#" 'USER DOMAIN ACCOUNT QUOTA'
validate_format 'user' 'domain' 'account' 'quota' is_format_valid 'user' 'domain' 'account'
if [ "$quota" != 'unlimited' ]; then
is_format_valid 'quota'
fi
is_system_enabled "$MAIL_SYSTEM" 'MAIL_SYSTEM' is_system_enabled "$MAIL_SYSTEM" 'MAIL_SYSTEM'
is_object_valid 'user' 'USER' "$user" is_object_valid 'user' 'USER' "$user"
is_object_unsuspended 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user"
@ -44,6 +51,9 @@ is_object_unsuspended "mail/$domain" 'ACCOUNT' "$account"
md5=$(get_object_value "mail/$domain" 'ACCOUNT' "$account" '$MD5') md5=$(get_object_value "mail/$domain" 'ACCOUNT' "$account" '$MD5')
if [[ "$MAIL_SYSTEM" =~ exim ]]; then if [[ "$MAIL_SYSTEM" =~ exim ]]; then
if [ "$quota" = 'unlimited' ]; then
quota=0
fi
sed -i "/^$account:/d" $HOMEDIR/$user/conf/mail/$domain/passwd sed -i "/^$account:/d" $HOMEDIR/$user/conf/mail/$domain/passwd
str="$account:$md5:$user:mail::$HOMEDIR/$user:$quota" str="$account:$md5:$user:mail::$HOMEDIR/$user:$quota"
echo $str >> $HOMEDIR/$user/conf/mail/$domain/passwd echo $str >> $HOMEDIR/$user/conf/mail/$domain/passwd
@ -54,11 +64,15 @@ fi
# Vesta # # Vesta #
#----------------------------------------------------------# #----------------------------------------------------------#
if [[ "$quota" -eq 0 ]]; then
quota='unlimited'
fi
# Update quota # Update quota
update_object_value "mail/$domain" 'ACCOUNT' "$account" '$QUOTA' "$quota" update_object_value "mail/$domain" 'ACCOUNT' "$account" '$QUOTA' "$quota"
# Logging # Logging
log_history "changed mail quota for $account@$domain to $quota" log_history "changed mail quota for $account@$domain to $quota"
log_event "$OK" "$EVENT" log_event "$OK" "$ARGUMENTS"
exit exit

24
bin/v-change-mail-domain-catchall
View file

@ -2,32 +2,35 @@
# info: change mail domain catchall email # info: change mail domain catchall email
# options: USER DOMAIN EMAIL # options: USER DOMAIN EMAIL
# #
# The function changes mail domain cathcall. # The function changes mail domain catchall.
#----------------------------------------------------------# #----------------------------------------------------------#
# Variable&Function # # Variable&Function #
#----------------------------------------------------------# #----------------------------------------------------------#
# Argument defenition # Argument definition
user=$1 user=$1
domain=$(idn -t --quiet -u "$2" ) domain=$2
domain=$(echo $domain | tr '[:upper:]' '[:lower:]') domain_idn=$2
domain_idn=$(idn -t --quiet -a "$domain") email=$3
email="$3"
# Includes # Includes
source $VESTA/func/main.sh source $VESTA/func/main.sh
source $VESTA/func/domain.sh source $VESTA/func/domain.sh
source $VESTA/conf/vesta.conf source $VESTA/conf/vesta.conf
# Additional argument formatting
format_domain
format_domain_idn
#----------------------------------------------------------# #----------------------------------------------------------#
# Verifications # # Verifications #
#----------------------------------------------------------# #----------------------------------------------------------#
check_args '3' "$#" 'USER DOMAIN EMAIL' check_args '3' "$#" 'USER DOMAIN EMAIL'
validate_format 'user' 'domain' 'email' is_format_valid 'user' 'domain' 'email'
is_system_enabled "$MAIL_SYSTEM" 'MAIL_SYSTEM' is_system_enabled "$MAIL_SYSTEM" 'MAIL_SYSTEM'
is_object_valid 'user' 'USER' "$user" is_object_valid 'user' 'USER' "$user"
is_object_unsuspended 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user"
@ -41,8 +44,8 @@ is_object_unsuspended 'mail' 'DOMAIN' "$domain"
# Change cathcall alias # Change cathcall alias
if [[ "$MAIL_SYSTEM" =~ exim ]]; then if [[ "$MAIL_SYSTEM" =~ exim ]]; then
sed -i "/*@$domain:/d" $HOMEDIR/$user/conf/mail/$domain/aliases sed -i "/*@$domain_idn:/d" $HOMEDIR/$user/conf/mail/$domain/aliases
echo "*@$domain:$email" >> $HOMEDIR/$user/conf/mail/$domain/aliases echo "*@$domain_idn:$email" >> $HOMEDIR/$user/conf/mail/$domain/aliases
fi fi
@ -53,9 +56,8 @@ fi
# Change catchall in config # Change catchall in config
update_object_value 'mail' 'DOMAIN' "$domain" '$CATCHALL' "$email" update_object_value 'mail' 'DOMAIN' "$domain" '$CATCHALL' "$email"
# Logging # Logging
log_history "changed catchall email for $domain to $email" log_history "changed catchall email for $domain to $email"
log_event "$OK" "$EVENT" log_event "$OK" "$ARGUMENTS"
exit exit

78
bin/v-change-remote-dns-domain-exp
View file

@ -1,5 +1,5 @@
#!/bin/bash #!/bin/bash
# info: change remote dns domain expiriation date # info: change remote dns domain expiration date
# options: USER DOMAIN # options: USER DOMAIN
# #
# The function synchronize dns domain with the remote server. # The function synchronize dns domain with the remote server.
@ -9,7 +9,7 @@
# Variable&Function # # Variable&Function #
#----------------------------------------------------------# #----------------------------------------------------------#
# Argument defenition # Argument definition
user=$1 user=$1
domain=$2 domain=$2
@ -24,83 +24,41 @@ source $VESTA/conf/vesta.conf
#----------------------------------------------------------# #----------------------------------------------------------#
check_args '2' "$#" 'USER DOMAIN' check_args '2' "$#" 'USER DOMAIN'
validate_format 'user' 'domain' is_format_valid 'user' 'domain'
is_system_enabled "$DNS_CLUSTER" 'DNS_CLUSTER' is_system_enabled "$DNS_CLUSTER" 'DNS_CLUSTER'
is_object_valid 'user' 'USER' "$user" is_object_valid 'user' 'USER' "$user"
is_object_valid 'dns' 'DOMAIN' "$domain" is_object_valid 'dns' 'DOMAIN' "$domain"
is_procces_running
if [ ! -e "$VESTA/conf/dns-cluster.conf" ]; then remote_dns_health_check
echo "Error: dns-cluster.conf doesn't exist"
log_event "$E_NOTEXIST $EVENT"
exit $E_NOTEXIST
fi
number_of_proc=$(ps auxf | grep -v grep | grep $VESTA/bin/$SCRIPT | wc -l)
if [ "$number_of_proc" -gt 2 ]; then
echo "Error: another sync process already exists"
log_event "$E_EXISTS $EVENT"
exit $E_EXISTS
fi
#----------------------------------------------------------# #----------------------------------------------------------#
# Action # # Action #
#----------------------------------------------------------# #----------------------------------------------------------#
old_ifs="$IFS"
IFS=$'\n' IFS=$'\n'
for cluster in $(grep "SUSPENDED='no'" $VESTA/conf/dns-cluster.conf); do
# Check remote dns nodes # Parsing remote host parameters
remote_dns_health_check eval $cluster
for cluster_str in $(grep "SUSPENDED='no'" $VESTA/conf/dns-cluster.conf); do # Syncing domain
# Get host values
eval $cluster_str
# Check connection type
if [ -z "TYPE" ]; then
TYPE='api'
fi
# Switch on connection type
case $TYPE in
ssh) send_cmd="send_ssh_cmd" ;;
*) send_cmd="send_api_cmd" ;;
esac
# Check recipient dns user
if [ -z "$DNS_USER" ]; then
DNS_USER='dns-cluster'
fi
# Check dns exceptions
if [ -z "$DNS_CLUSTER_IGNORE" ]; then
DNS_CLUSTER_IGNORE='dns-cluster'
fi
# Sync domain
str=$(grep "DOMAIN='$domain'" $USER_DATA/dns.conf) str=$(grep "DOMAIN='$domain'" $USER_DATA/dns.conf)
eval $str cluster_cmd v-insert-dns-domain $DNS_USER "$str" $HOSTNAME 'no'
$send_cmd v-insert-dns-domain $DNS_USER "$str" $HOSTNAME 'scheduled' check_result $? "$HOST connection failed (exp insert)" $E_CONNECT
if [ $? -ne 0 ]; then
echo "Error: $TYPE connection to $HOST failed"
log_event "$E_CONNECT $EVENT"
exit $E_CONNECT
fi
done done
# Update pipe
pipe="$VESTA/data/queue/dns-cluster.pipe"
str=$(grep -n "$SCRIPT $1 $2 $3$" $pipe | cut -f1 -d: | head -n1)
if [ ! -z "$str" ]; then
sed -i "$str d" $pipe
fi
#----------------------------------------------------------# #----------------------------------------------------------#
# Vesta # # Vesta #
#----------------------------------------------------------# #----------------------------------------------------------#
# Updating pipe
pipe="$VESTA/data/queue/dns-cluster.pipe"
str=$(grep -n "$SCRIPT $1 $2 $3$" $pipe | cut -f1 -d: | head -n1)
if [ ! -z "$str" ]; then
sed -i "$str d" $pipe
fi
exit exit

81
bin/v-change-remote-dns-domain-soa
View file

@ -9,7 +9,7 @@
# Variable&Function # # Variable&Function #
#----------------------------------------------------------# #----------------------------------------------------------#
# Argument defenition # Argument definition
user=$1 user=$1
domain=$2 domain=$2
@ -24,86 +24,45 @@ source $VESTA/conf/vesta.conf
#----------------------------------------------------------# #----------------------------------------------------------#
check_args '2' "$#" 'USER DOMAIN' check_args '2' "$#" 'USER DOMAIN'
validate_format 'user' 'domain' is_format_valid 'user' 'domain'
is_system_enabled "$DNS_CLUSTER" 'DNS_CLUSTER' is_system_enabled "$DNS_CLUSTER" 'DNS_CLUSTER'
is_object_valid 'user' 'USER' "$user" is_object_valid 'user' 'USER' "$user"
is_object_valid 'dns' 'DOMAIN' "$domain" is_object_valid 'dns' 'DOMAIN' "$domain"
is_procces_running
if [ ! -e "$VESTA/conf/dns-cluster.conf" ]; then remote_dns_health_check
echo "Error: dns-cluster.conf doesn't exist"
log_event "$E_NOTEXIST $EVENT"
exit $E_NOTEXIST
fi
number_of_proc=$(ps auxf | grep -v grep | grep $VESTA/bin/$SCRIPT | wc -l)
if [ "$number_of_proc" -gt 2 ]; then
echo "Error: another sync process already exists"
log_event "$E_EXISTS $EVENT"
exit $E_EXISTS
fi
#----------------------------------------------------------# #----------------------------------------------------------#
# Action # # Action #
#----------------------------------------------------------# #----------------------------------------------------------#
old_ifs="$IFS"
IFS=$'\n' IFS=$'\n'
for cluster in $(grep "SUSPENDED='no'" $VESTA/conf/dns-cluster.conf); do
# Check remote dns nodes # Parsing remote host parameters
remote_dns_health_check eval $cluster
for cluster_str in $(grep "SUSPENDED='no'" $VESTA/conf/dns-cluster.conf); do # Syncing SOA
# Get host values
eval $cluster_str
# Check connection type
if [ -z "TYPE" ]; then
TYPE='api'
fi
# Switch on connection type
case $TYPE in
ssh) send_cmd="send_ssh_cmd" ;;
*) send_cmd="send_api_cmd" ;;
esac
# Check recipient dns user
if [ -z "$DNS_USER" ]; then
DNS_USER='dns-cluster'
fi
# Check dns exceptions
if [ -z "$DNS_CLUSTER_IGNORE" ]; then
DNS_CLUSTER_IGNORE='dns-cluster'
fi
# Sync domain
str=$(grep "DOMAIN='$domain'" $USER_DATA/dns.conf) str=$(grep "DOMAIN='$domain'" $USER_DATA/dns.conf)
eval $str cluster_cmd v-insert-dns-domain $DNS_USER "$str" $HOSTNAME 'domain' 'no'
$send_cmd v-insert-dns-domain $DNS_USER "$str" $HOSTNAME 'no' check_result $? "$HOST connection failed (sync)" $E_CONNECT
# Rebuild dns zone # Rebuilding dns zone
$send_cmd v-rebuild-dns-domain $DNS_USER $domain 'scheduled' cluster_cmd v-rebuild-dns-domain $DNS_USER $domain 'yes' 'no'
if [ $? -ne 0 ]; then check_result $? "$HOST connection failed (rebuild)" $E_CONNECT
echo "Error: $TYPE connection to $HOST failed (rebuild)"
log_event "$E_CONNECT $EVENT"
exit $E_CONNECT
fi
done done
# Update pipe
pipe="$VESTA/data/queue/dns-cluster.pipe"
str=$(grep -n "$SCRIPT $1 $2 $3$" $pipe | cut -f1 -d: | head -n1)
if [ ! -z "$str" ]; then
sed -i "$str d" $pipe
fi
#----------------------------------------------------------# #----------------------------------------------------------#
# Vesta # # Vesta #
#----------------------------------------------------------# #----------------------------------------------------------#
# Updating pipe
pipe="$VESTA/data/queue/dns-cluster.pipe"
str=$(grep -n "$SCRIPT $1 $2 $3$" $pipe | cut -f1 -d: | head -n1)
if [ ! -z "$str" ]; then
sed -i "$str d" $pipe
fi
exit exit

93
bin/v-change-remote-dns-domain-ttl
View file

@ -9,7 +9,7 @@
# Variable&Function # # Variable&Function #
#----------------------------------------------------------# #----------------------------------------------------------#
# Argument defenition # Argument definition
user=$1 user=$1
domain=$2 domain=$2
@ -24,100 +24,45 @@ source $VESTA/conf/vesta.conf
#----------------------------------------------------------# #----------------------------------------------------------#
check_args '2' "$#" 'USER DOMAIN' check_args '2' "$#" 'USER DOMAIN'
validate_format 'user' 'domain' is_format_valid 'user' 'domain'
is_system_enabled "$DNS_CLUSTER" 'DNS_CLUSTER' is_system_enabled "$DNS_CLUSTER" 'DNS_CLUSTER'
is_object_valid 'user' 'USER' "$user" is_object_valid 'user' 'USER' "$user"
is_object_valid 'dns' 'DOMAIN' "$domain" is_object_valid 'dns' 'DOMAIN' "$domain"
is_procces_running
if [ ! -e "$VESTA/conf/dns-cluster.conf" ]; then remote_dns_health_check
echo "Error: dns-cluster.conf doesn't exist"
log_event "$E_NOTEXIST $EVENT"
exit $E_NOTEXIST
fi
number_of_proc=$(ps auxf | grep -v grep | grep $VESTA/bin/$SCRIPT | wc -l)
if [ "$number_of_proc" -gt 2 ]; then
echo "Error: another sync process already exists"
log_event "$E_EXISTS $EVENT"
exit $E_EXISTS
fi
#----------------------------------------------------------# #----------------------------------------------------------#
# Action # # Action #
#----------------------------------------------------------# #----------------------------------------------------------#
old_ifs="$IFS"
IFS=$'\n' IFS=$'\n'
for cluster in $(grep "SUSPENDED='no'" $VESTA/conf/dns-cluster.conf); do
# Check remote dns nodes # Parsing remote host parameters
remote_dns_health_check eval $cluster
# Starting cluster loop # Syncing TTL
for cluster_str in $(grep "SUSPENDED='no'" $VESTA/conf/dns-cluster.conf); do
# Get host values
eval $cluster_str
# Check connection type
if [ -z "TYPE" ]; then
TYPE='api'
fi
# Switch on connection type
case $TYPE in
ssh) send_cmd="send_ssh_cmd" ;;
*) send_cmd="send_api_cmd" ;;
esac
# Check host connection
$send_cmd v-list-sys-config
if [ $? -ne 0 ]; then
echo "Error: $TYPE connection to $HOST failed"
log_event "$E_CONNECT $EVENT"
exit $E_CONNECT
fi
# Check recipient dns user
if [ -z "$DNS_USER" ]; then
DNS_USER='dns-cluster'
fi
$send_cmd v-list-user $DNS_USER
if [ $? -ne 0 ]; then
echo "Error: dns user $DNS_USER doesn't exist"
log_event "$E_NOTEXIST $EVENT"
exit $E_NOTEXIST
fi
# Check dns exceptions
if [ -z "$DNS_CLUSTER_IGNORE" ]; then
DNS_CLUSTER_IGNORE='dns-cluster'
fi
# Sync domain
str=$(grep "DOMAIN='$domain'" $USER_DATA/dns.conf) str=$(grep "DOMAIN='$domain'" $USER_DATA/dns.conf)
eval $str cluster_cmd v-insert-dns-domain $DNS_USER "$str" $HOSTNAME 'domain' 'no'
$send_cmd v-insert-dns-domain $DNS_USER "$str" $HOSTNAME 'no' check_result $? "$HOST connection failed (sync)" $E_CONNECT
# Rebuild dns zone # Rebuilding dns zone
$send_cmd v-rebuild-dns-domain $DNS_USER $domain 'scheduled' cluster_cmd v-rebuild-dns-domain $DNS_USER $domain 'yes' 'no'
if [ $? -ne 0 ]; then check_result $? "$HOST connection failed (rebuild)" $E_CONNECT
echo "Error: $TYPE connection to $HOST failed (rebuild)"
log_event "$E_CONNECT $EVENT"
exit $E_CONNECT
fi
done done
# Update pipe
#----------------------------------------------------------#
# Vesta #
#----------------------------------------------------------#
# Updating pipe
pipe="$VESTA/data/queue/dns-cluster.pipe" pipe="$VESTA/data/queue/dns-cluster.pipe"
str=$(grep -n "$SCRIPT $1 $2 $3$" $pipe | cut -f1 -d: | head -n1) str=$(grep -n "$SCRIPT $1 $2 $3$" $pipe | cut -f1 -d: | head -n1)
if [ ! -z "$str" ]; then if [ ! -z "$str" ]; then
sed -i "$str d" $pipe sed -i "$str d" $pipe
fi fi
#----------------------------------------------------------#
# Vesta #
#----------------------------------------------------------#
exit exit

26
bin/v-change-sys-config-value
View file

@ -10,7 +10,7 @@
# Variable&Function # # Variable&Function #
#----------------------------------------------------------# #----------------------------------------------------------#
# Argument defenition # Argument definition
key=$(echo "$1" | tr '[:lower:]' '[:upper:]' ) key=$(echo "$1" | tr '[:lower:]' '[:upper:]' )
value=$2 value=$2
@ -18,19 +18,15 @@ value=$2
source $VESTA/func/main.sh source $VESTA/func/main.sh
source $VESTA/conf/vesta.conf source $VESTA/conf/vesta.conf
PATH="$PATH:/usr/local/sbin:/sbin:/usr/sbin:/root/bin"
#----------------------------------------------------------# #----------------------------------------------------------#
# Verifications # # Verifications #
#----------------------------------------------------------# #----------------------------------------------------------#
check_args '2' "$#" 'KEY VALUE' check_args '2' "$#" 'KEY VALUE'
validate_format 'key' is_format_valid 'key'
check_ckey=$(grep "^$key='" $VESTA/conf/vesta.conf)
if [ -z "$check_ckey" ]; then
echo "Error: key $key not found"
log_event "$E_INVALID" "$EVENT"
exit $E_INVALID
fi
#----------------------------------------------------------# #----------------------------------------------------------#
@ -38,7 +34,17 @@ fi
#----------------------------------------------------------# #----------------------------------------------------------#
# Updating conf # Updating conf
sed -i "s/$key=.*/$key='$value'/g" $VESTA/conf/vesta.conf check_ckey=$(grep "^$key='" $VESTA/conf/vesta.conf)
if [ -z "$check_ckey" ]; then
echo "$key='$value'" >> $VESTA/conf/vesta.conf
else
sed -i "s|$key=.*|$key='$value'|g" $VESTA/conf/vesta.conf
fi
if [ "$key" = "BACKUP" ] && [ "$value" != '/backup' ]; then
rm /backup
ln -s $value /backup
fi
#----------------------------------------------------------# #----------------------------------------------------------#
@ -46,6 +52,6 @@ sed -i "s/$key=.*/$key='$value'/g" $VESTA/conf/vesta.conf
#----------------------------------------------------------# #----------------------------------------------------------#
# Logging # Logging
log_event "$OK" "$EVENT" log_event "$OK" "$ARGUMENTS"
exit exit

14
bin/v-change-sys-hostname
View file

@ -9,7 +9,7 @@
# Variable&Function # # Variable&Function #
#----------------------------------------------------------# #----------------------------------------------------------#
# Argument defenition # Argument definition
domain=$1 domain=$1
# Includes # Includes
@ -22,7 +22,7 @@ source $VESTA/conf/vesta.conf
#----------------------------------------------------------# #----------------------------------------------------------#
check_args '1' "$#" 'HOSTNAME' check_args '1' "$#" 'HOSTNAME'
validate_format 'domain' is_format_valid 'domain'
#----------------------------------------------------------# #----------------------------------------------------------#
@ -31,18 +31,16 @@ validate_format 'domain'
hostname $domain hostname $domain
# RHEL/CentOS if [ -d "/etc/sysconfig" ]; then
if [ -e "/etc/redhat-release" ]; then # RHEL/CentOS/Amazon
touch /etc/sysconfig/network touch /etc/sysconfig/network
if [ -z "$(grep HOSTNAME /etc/sysconfig/network)" ]; then if [ -z "$(grep HOSTNAME /etc/sysconfig/network)" ]; then
echo "HOSTNAME='$domain'" >> /etc/sysconfig/network echo "HOSTNAME='$domain'" >> /etc/sysconfig/network
else else
sed -i "s/HOSTNAME=.*/HOSTNAME='$domain'/" /etc/sysconfig/network sed -i "s/HOSTNAME=.*/HOSTNAME='$domain'/" /etc/sysconfig/network
fi fi
fi else
# Debian/Ubuntu # Debian/Ubuntu
if [ ! -e "/etc/redhat-release" ]; then
echo "$domain" > /etc/hostname echo "$domain" > /etc/hostname
fi fi
@ -52,6 +50,6 @@ fi
#----------------------------------------------------------# #----------------------------------------------------------#
# Logging # Logging
log_event "$OK" "$EVENT" log_event "$OK" "$ARGUMENTS"
exit exit

14
bin/v-change-sys-ip-name
View file

@ -9,7 +9,7 @@
# Variable&Function # # Variable&Function #
#----------------------------------------------------------# #----------------------------------------------------------#
# Argument defenition # Argument definition
ip=$1 ip=$1
ip_name=$2 ip_name=$2
@ -24,11 +24,9 @@ source $VESTA/conf/vesta.conf
#----------------------------------------------------------# #----------------------------------------------------------#
check_args '2' "$#" 'IP IP_NAME' check_args '2' "$#" 'IP IP_NAME'
validate_format 'ip' is_format_valid 'ip'
if [ ! -z "$ip_name" ]; then is_format_valid 'ip_name'
validate_format 'ip_name' is_ip_valid "$ip"
fi
is_ip_valid
#----------------------------------------------------------# #----------------------------------------------------------#
@ -44,7 +42,7 @@ update_ip_value '$NAME' "$ip_name"
#----------------------------------------------------------# #----------------------------------------------------------#
# Logging # Logging
log_history "changed associated dns on $ip to $domain" '' 'admin' log_history "changed associated dns on $ip to $ip_name" '' 'admin'
log_event "$OK" "$EVENT" log_event "$OK" "$ARGUMENTS"
exit exit

88
bin/v-change-sys-ip-nat
View file

@ -9,7 +9,7 @@
# Variable&Function # # Variable&Function #
#----------------------------------------------------------# #----------------------------------------------------------#
# Argument defenition # Argument definition
ip=$1 ip=$1
nat_ip=$2 nat_ip=$2
restart=$3 restart=$3
@ -25,65 +25,83 @@ source $VESTA/conf/vesta.conf
#----------------------------------------------------------# #----------------------------------------------------------#
check_args '2' "$#" 'IP NAT_IP [RESTART]' check_args '2' "$#" 'IP NAT_IP [RESTART]'
validate_format 'ip' is_format_valid 'ip'
if [ ! -z "$nat_ip" ]; then is_format_valid 'nat_ip'
validate_format 'nat_ip' is_ip_valid "$ip"
fi
is_ip_valid
#----------------------------------------------------------# #----------------------------------------------------------#
# Action # # Action #
#----------------------------------------------------------# #----------------------------------------------------------#
# Changing nat ip # Updating IP
if [ -z "$(grep NAT= $VESTA/data/ips/$ip)" ]; then if [ -z "$(grep NAT= $VESTA/data/ips/$ip)" ]; then
sed -i "s/^TIME/NAT='$nat_ip'\nTIME/g" $VESTA/data/ips/$ip sed -i "s/^TIME/NAT='$nat_ip'\nTIME/g" $VESTA/data/ips/$ip
old=''
new=$nat_ip
else else
update_ip_value '$NAT' "$nat_ip" old=$(get_ip_value '$NAT')
new=$nat_ip
sed -i "s/NAT=.*/NAT='$new'/" $VESTA/data/ips/$ip
if [ -z "$nat_ip" ]; then
new=$ip
fi
fi fi
# Check ftp system # Updating WEB configs
if [ ! -z "$old" ] && [ ! -z "$WEB_SYSTEM" ]; then
sed -i "s/$old/$new/" $VESTA/data/users/*/web.conf
for user in $(ls $VESTA/data/users/); do
$BIN/v-rebuild-web-domains $user no
done
$BIN/v-restart-dns $restart
fi
# Updating DNS configs
if [ ! -z "$old" ] && [ ! -z "$DNS_SYSTEM" ]; then
sed -i "s/$old/$new/" $VESTA/data/users/*/dns.conf
sed -i "s/$old/$new/" $VESTA/data/users/*/dns/*.conf
for user in $(ls $VESTA/data/users/); do
$BIN/v-rebuild-dns-domains $user no
done
$BIN/v-restart-dns $restart
fi
# Updating FTP
if [ ! -z "$old" ] && [ ! -z "$FTP_SYSTEM" ]; then
conf=$(find /etc -name $FTP_SYSTEM.conf)
if [ -e "$conf" ]; then
sed -i "s/$old/$new/g" $conf
if [ "$FTP_SYSTEM" = 'vsftpd' ]; then if [ "$FTP_SYSTEM" = 'vsftpd' ]; then
check_pasv=$(grep pasv_address $conf)
# Find configuration if [ -z "$check_pasv" ] && [ ! -z "$nat_ip" ]; then
if [ -e '/etc/vsftpd/vsftpd.conf' ]; then
conf='/etc/vsftpd/vsftpd.conf'
fi
if [ -e '/etc/vsftpd.conf' ]; then
conf='/etc/vsftpd.conf'
fi
# Update config
if [ -z "$(grep pasv_address $conf)" ]; then
if [ ! -z "$nat_ip" ]; then
echo "pasv_address=$nat_ip" >> $conf echo "pasv_address=$nat_ip" >> $conf
fi fi
else if [ ! -z "$check_pasv" ] && [ -z "$nat_ip" ]; then
if [ ! -z "$nat_ip" ]; then
sed -i "s/pasv_address=.*/pasv_address='$nat_ip'/g" $conf
else
sed -i "/pasv_address/d" $conf sed -i "/pasv_address/d" $conf
fi fi
if [ ! -z "$check_pasv" ] && [ ! -z "$nat_ip" ]; then
sed -i "s/pasv_address=.*/pasv_address='$nat_ip'/g" $conf
fi fi
fi fi
fi
$BIN/v-restart-ftp $restart
fi
# Updating firewall
if [ ! -z "$old" ] && [ ! -z "$FIREWALL_SYSTEM" ]; then
sed -i "s/$old/$new/g" $VESTA/data/firewall/*.conf
$BIN/v-update-firewall
fi
#----------------------------------------------------------# #----------------------------------------------------------#
# Vesta # # Vesta #
#----------------------------------------------------------# #----------------------------------------------------------#
# Restart ftp server
if [ "$restart" != 'no' ]; then
$BIN/v-restart-ftp
if [ $? -ne 0 ]; then
exit $E_RESTART
fi
fi
# Logging # Logging
log_history "changed associated nat address on $ip to $nat_ip" '' 'admin' log_history "changed associated nat address on $ip to $nat_ip" '' 'admin'
log_event "$OK" "$EVENT" log_event "$OK" "$ARGUMENTS"
exit exit

9
bin/v-change-sys-ip-owner
View file

@ -9,7 +9,7 @@
# Variable&Function # # Variable&Function #
#----------------------------------------------------------# #----------------------------------------------------------#
# Argument defenition # Argument definition
ip=$1 ip=$1
user=$2 user=$2
@ -24,14 +24,13 @@ source $VESTA/conf/vesta.conf
#----------------------------------------------------------# #----------------------------------------------------------#
check_args '2' "$#" 'IP USER' check_args '2' "$#" 'IP USER'
validate_format 'ip' 'user' is_format_valid 'ip' 'user'
is_object_valid 'user' 'USER' "$user" is_object_valid 'user' 'USER' "$user"
is_object_unsuspended 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user"
is_ip_valid is_ip_valid "$ip"
is_ip_key_empty '$U_WEB_DOMAINS' is_ip_key_empty '$U_WEB_DOMAINS'
is_ip_key_empty '$U_SYS_USERS' is_ip_key_empty '$U_SYS_USERS'
#----------------------------------------------------------# #----------------------------------------------------------#
# Action # # Action #
#----------------------------------------------------------# #----------------------------------------------------------#
@ -77,6 +76,6 @@ fi
# Logging # Logging
log_history "changed owner of $ip to $user" '' 'admin' log_history "changed owner of $ip to $user" '' 'admin'
log_event "$OK" "$EVENT" log_event "$OK" "$ARGUMENTS"
exit exit

17
bin/v-change-sys-ip-status
View file

@ -9,7 +9,7 @@
# Variable&Function # # Variable&Function #
#----------------------------------------------------------# #----------------------------------------------------------#
# Argument defenition # Argument definition
ip=$1 ip=$1
ip_status=$2 ip_status=$2
@ -24,21 +24,16 @@ source $VESTA/conf/vesta.conf
#----------------------------------------------------------# #----------------------------------------------------------#
check_args '2' "$#" 'IP IP_STATUS' check_args '2' "$#" 'IP IP_STATUS'
validate_format 'ip' 'ip_status' is_format_valid 'ip' 'ip_status'
is_ip_valid is_ip_valid "$ip"
if [ "$ip_status" = "$(get_ip_value '$STATUS')" ]; then if [ "$ip_status" = "$(get_ip_value '$STATUS')" ]; then
echo "Error: status $ip_status is already set" check_result "$E_EXISTS" "status $ip_status is already set"
log_event "$E_EXISTS" "$EVENT"
exit $E_EXISTS
fi fi
web_domains=$(get_ip_value '$U_WEB_DOMAINS') web_domains=$(get_ip_value '$U_WEB_DOMAINS')
sys_user=$(get_ip_value '$U_SYS_USERS') sys_user=$(get_ip_value '$U_SYS_USERS')
ip_owner=$(get_ip_value '$OWNER') ip_owner=$(get_ip_value '$OWNER')
if [ "$web_domains" -ne '0' ] && [ "$sys_user" != "$ip_owner" ]; then if [ "$web_domains" -ne '0' ] && [ "$sys_user" != "$ip_owner" ]; then
echo "Error: ip $ip is used" check_result "$E_INUSE" "ip $ip is used"
log_event "$E_INUSE" "$EVENT"
exit $E_INUSE
fi fi
@ -56,6 +51,6 @@ update_ip_value '$STATUS' "$ip_status"
# Logging # Logging
log_history "changed $ip status to $ip_status" '' 'admin' log_history "changed $ip status to $ip_status" '' 'admin'
log_event "$OK" "$EVENT" log_event "$OK" "$ARGUMENTS"
exit exit

8
bin/v-change-sys-language
View file

@ -9,7 +9,7 @@
# Variable&Function # # Variable&Function #
#----------------------------------------------------------# #----------------------------------------------------------#
# Argument defenition # Argument definition
language=$1 language=$1
# Includes # Includes
@ -20,7 +20,7 @@ source $VESTA/conf/vesta.conf
is_language_valid() { is_language_valid() {
if [ ! -e "$VESTA/web/inc/i18n/$language.php" ]; then if [ ! -e "$VESTA/web/inc/i18n/$language.php" ]; then
echo "Error: language file $language doesn't exist" echo "Error: language file $language doesn't exist"
log_event "$E_NOTEXIST $EVENT" log_event "$E_NOTEXIST $ARGUMENTS"
exit $E_NOTEXIST exit $E_NOTEXIST
fi fi
} }
@ -31,7 +31,7 @@ is_language_valid() {
#----------------------------------------------------------# #----------------------------------------------------------#
check_args '1' "$#" 'LANGUAGE' check_args '1' "$#" 'LANGUAGE'
validate_format 'language' is_format_valid 'language'
is_language_valid $language is_language_valid $language
@ -52,6 +52,6 @@ fi
#----------------------------------------------------------# #----------------------------------------------------------#
# Logging # Logging
log_event "$OK" "$EVENT" log_event "$OK" "$ARGUMENTS"
exit exit

122
bin/v-change-sys-service-config Executable file
View file

@ -0,0 +1,122 @@
#!/bin/bash
# info: change service config
# options: CONFIG SERVICE [RESTART]
#
# The function for changing service confguration.
#----------------------------------------------------------#
# Variable&Function #
#----------------------------------------------------------#
# Argument definition
src=$1
service=$2
restart=$3
echo "$0 $*" >/tmp/t.log
# Includes
source $VESTA/func/main.sh
source $VESTA/conf/vesta.conf
#----------------------------------------------------------#
# Verifications #
#----------------------------------------------------------#
check_args '2' "$#" 'CONFIG SERVICE [RESTART]'
if [ ! -e "$src" ]; then
check_result "$E_NOTEXIST" "$src config doesn't exist"
fi
#----------------------------------------------------------#
# Action #
#----------------------------------------------------------#
# Defining dst config path
case $service in
nginx) dst='/etc/nginx/nginx.conf';;
httpd) dst='/etc/httpd/conf/httpd.conf';;
apache2) dst='/etc/apache2/apache2.conf';;
exim) dst='/etc/exim/exim.conf';;
exim4) dst='/etc/exim4/exim4.conf.template';;
vsftpd) dst=$(find /etc/vsftpd* -name 'vsftpd.conf');;
proftpd) dst=$(find /etc/proftpd* -name 'proftpd.conf');;
php) dst=$(find /etc/php* -name php.ini);;
mysql) dst=$(find /etc/my* -name my.cnf);;
mysqld) dst=$(find /etc/my* -name my.cnf);;
mariadb) dst=$(find /etc/my* -name my.cnf);;
postgresql) dst=$($BIN/v-list-sys-pgsql-config plain |cut -f 1);;
postgresql-hba) dst=$($BIN/v-list-sys-pgsql-config plain |cut -f 2);;
dovecot) dst=$(find /etc/dovecot* -name dovecot.conf);;
dovecot-1) dst='/etc/dovecot/conf.d/10-auth.conf';;
dovecot-2) dst='/etc/dovecot/conf.d/10-logging.conf';;
dovecot-3) dst='/etc/dovecot/conf.d/10-mail.conf';;
dovecot-4) dst='/etc/dovecot/conf.d/10-master.conf';;
dovecot-5) dst='/etc/dovecot/conf.d/10-ssl.conf';;
dovecot-6) dst='/etc/dovecot/conf.d/20-imap.conf';;
dovecot-7) dst='/etc/dovecot/conf.d/20-pop3.conf';;
dovecot-8) dst='/etc/dovecot/conf.d/auth-passwdfile.conf.ext';;
named) dst='/etc/named.conf';;
bind9) dst='/etc/bind/named.conf';;
bind9-opt) dst='/etc/bind/named.conf.options';;
spamd) dst=$($BIN/v-list-sys-spamd-config plain);;
spamassassin) dst=$($BIN/v-list-sys-spamd-config plain);;
clamd) dst=$($BIN/v-list-sys-clamd-config plain);;
cron) dst='/etc/crontab';;
crond) dst='/etc/crontab';;
fail2ban) dst='/etc/fail2ban/jail.local';;
*) check_result $E_NOTEXIST "service $service doesn't exist"
esac
# Checking config path
for config in $dst; do
if [ ! -e "$config" ]; then
check_result $E_NOTEXIST "$service config doesn't exist"
fi
done
# Checking diff between src and dst configs
for config in $dst; do
diff -q $src $config >/dev/null
if [ $? -ne 0 ]; then
cp $config $config.vst.back
cp $src $config
update="yes"
fi
done
# Restarting service
if [ "$update" = 'yes' ] && [ "$restart" != 'no' ]; then
if [[ "$service" =~ - ]]; then
service=$(echo ${service%-*})
fi
if [ "$service" = 'php' ]; then
if [ "$WEB_SYSTEM" = "nginx" ]; then
service=$(ls /etc/init.d/php*fpm* |cut -f 4 -d / |sed -n 1p)
else
service=$WEB_SYSTEM
fi
fi
service $service restart >/dev/null 2>&1
if [ $? -ne 0 ]; then
for config in $dst; do
cat $config.vst.back > $config
rm -f $config.vst.back
done
check_result $E_RESTART "$service failed to start with new config"
fi
fi
#----------------------------------------------------------#
# Vesta #
#----------------------------------------------------------#
# Logging
log_event "$OK" "$ARGUMENTS"
exit

72
bin/v-change-sys-timezone Executable file
View file

@ -0,0 +1,72 @@
#!/bin/bash
# info: change system timezone
# options: TIMEZONE
#
# The function for changing system timezone.
#----------------------------------------------------------#
# Variable&Function #
#----------------------------------------------------------#
# Argument definition
timezone=$1
# Includes
source $VESTA/func/main.sh
source $VESTA/conf/vesta.conf
is_timezone_valid() {
if [ ! -e "/usr/share/zoneinfo/$timezone" ]; then
echo "Error: tz file $timezone doesn't exist"
log_event $E_NOTEXIST "$ARGUMENTS"
exit $E_NOTEXIST
fi
}
#----------------------------------------------------------#
# Verifications #
#----------------------------------------------------------#
check_args '1' "$#" 'TIMEZONE'
is_timezone_valid
#----------------------------------------------------------#
# Action #
#----------------------------------------------------------#
# Changing system timezone
which timedatectls >/dev/null 2>&1
if [ "$?" -eq 0 ]; then
timedatectl set-timezone $timezone
else
if [ -e "/etc/sysconfig/clock" ]; then
sed -i "s/ZONE.*//" /etc/sysconfig/clock
echo "ZONE=\"$timezone\"" >> /etc/sysconfig/clock
fi
if [ -e "/etc/timezone" ]; then
echo "$timezone" > /etc/timezone
fi
rm -f /etc/localtime
ln -sf /usr/share/zoneinfo/$timezone /etc/localtime
fi
# Chaning php timezone
if [ ! -z "$WEB_SYSTEM" ]; then
for conf in $(find /etc/php* -name php.ini); do
sed -i "s|;date.timezone =|date.timezone =|" $conf
sed -i "s|date.timezone =.*|date.timezone = $timezone|" $conf
done
fi
#----------------------------------------------------------#
# Vesta #
#----------------------------------------------------------#
# Logging
log_event "$OK" "$ARGUMENTS"
exit

77
bin/v-change-sys-vesta-ssl Executable file
View file

@ -0,0 +1,77 @@
#!/bin/bash
# info: change vesta ssl certificate
# options: SSL_DIR [RESTART]
#
# The function changes vesta SSL certificate and the key.
#----------------------------------------------------------#
# Variable&Function #
#----------------------------------------------------------#
# Argument definition
domain='certificate'
ssl_dir=$1
restart=$2
# Includes
source $VESTA/func/main.sh
source $VESTA/func/domain.sh
source $VESTA/conf/vesta.conf
#----------------------------------------------------------#
# Verifications #
#----------------------------------------------------------#
check_args '1' "$#" 'SSL_DIR [RESTART]'
is_format_valid 'ssl_dir'
#----------------------------------------------------------#
# Action #
#----------------------------------------------------------#
# Checking new certificate
certificate=$(cat $ssl_dir/$domain.crt |grep -n END)
certificate_count=$(echo "$certificate" |wc -l)
if [ "$certificate_count" -gt 1 ]; then
crt_end=$(echo "$certificate" |head -n1 |cut -f 1 -d :)
crt_lines=$(wc -l $ssl_dir/$domain.crt |cut -f1 -d ' ')
pem_begin=$((crt_lines - crt_end))
mv $ssl_dir/$domain.crt $ssl_dir/$domain.crt_full
head -n $crt_end $ssl_dir/$domain.crt_full > $ssl_dir/$domain.crt
tail -n $pem_begin $ssl_dir/$domain.crt_full > $ssl_dir/$domain.ca
is_web_domain_cert_valid
mv -f $ssl_dir/$domain.crt_full $ssl_dir/$domain.crt
rm -f $ssl_dir/$domain.ca
else
is_web_domain_cert_valid
fi
# Moving old certificate
mv $VESTA/ssl/certificate.crt $VESTA/ssl/certificate.crt.back
mv $VESTA/ssl/certificate.key $VESTA/ssl/certificate.key.back
# Adding new certificate
cp -f $ssl_dir/certificate.crt $VESTA/ssl/certificate.crt
cp -f $ssl_dir/certificate.key $VESTA/ssl/certificate.key
#----------------------------------------------------------#
# Vesta #
#----------------------------------------------------------#
# Restarting web server
if [ "$restart" != 'no' ]; then
kill -HUP $(cat /var/run/vesta-nginx.pid)
$BIN/v-restart-mail
if [ ! -z "$IMAP_SYSTEM" ]; then
v-restart-service "$IMAP_SYSTEM"
fi
fi
# Logging
log_event "$OK" "$ARGUMENTS"
exit

9
bin/v-change-user-contact
View file

@ -9,7 +9,7 @@
# Variable&Function # # Variable&Function #
#----------------------------------------------------------# #----------------------------------------------------------#
# Argument defenition # Argument definition
user=$1 user=$1
email=$2 email=$2
@ -23,7 +23,7 @@ source $VESTA/conf/vesta.conf
#----------------------------------------------------------# #----------------------------------------------------------#
check_args '2' "$#" 'USER EMAIL' check_args '2' "$#" 'USER EMAIL'
validate_format 'user' 'email' is_format_valid 'user' 'email'
is_object_valid 'user' 'USER' "$user" is_object_valid 'user' 'USER' "$user"
is_object_unsuspended 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user"
@ -39,6 +39,9 @@ pw_str=$(grep -n "^$user:" /etc/passwd)
str=$(echo "$pw_str" | cut -f 1 -d :) str=$(echo "$pw_str" | cut -f 1 -d :)
sed -i "$str s/$old_email/$email/g" /etc/passwd sed -i "$str s/$old_email/$email/g" /etc/passwd
# Update crontab email
$BIN/v-rebuild-cron-jobs $user > /dev/null 2>&1
#----------------------------------------------------------# #----------------------------------------------------------#
# Vesta # # Vesta #
@ -46,6 +49,6 @@ sed -i "$str s/$old_email/$email/g" /etc/passwd
# Logging # Logging
log_history "changed contact email to $email" log_history "changed contact email to $email"
log_event "$OK" "$EVENT" log_event "$OK" "$ARGUMENTS"
exit exit

19
bin/v-change-user-language
View file

@ -9,7 +9,7 @@
# Variable&Function # # Variable&Function #
#----------------------------------------------------------# #----------------------------------------------------------#
# Argument defenition # Argument definition
user=$1 user=$1
language=$2 language=$2
@ -19,9 +19,14 @@ source $VESTA/conf/vesta.conf
is_language_valid() { is_language_valid() {
if [ ! -e "$VESTA/web/inc/i18n/$language.php" ]; then if ! [[ "$1" =~ ^[[:alnum:]_-]+$ ]]; then
echo "Error: language $language not exist" echo "Error: language $1 is not valid"
log_event "$E_NOTEXIST $EVENT" log_event "$E_INVALID" "$ARGUMENTS"
exit $E_INVALID
fi
if [ ! -e "$VESTA/web/inc/i18n/$1.php" ]; then
echo "Error: language $1 doesn't exist"
log_event "$E_NOTEXIST" "$ARGUMENTS"
exit $E_NOTEXIST exit $E_NOTEXIST
fi fi
} }
@ -32,7 +37,7 @@ is_language_valid() {
#----------------------------------------------------------# #----------------------------------------------------------#
check_args '2' "$#" 'USER LANGUAGE' check_args '2' "$#" 'USER LANGUAGE'
validate_format 'user' 'language' is_format_valid 'user' 'language'
is_object_valid 'user' 'USER' "$user" is_object_valid 'user' 'USER' "$user"
is_object_unsuspended 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user"
is_language_valid $language is_language_valid $language
@ -55,7 +60,7 @@ fi
#----------------------------------------------------------# #----------------------------------------------------------#
# Logging # Logging
log_history "changed contact email to $email" log_history "changed language to $language"
log_event "$OK" "$EVENT" log_event "$OK" "$ARGUMENTS"
exit exit

6
bin/v-change-user-name
View file

@ -9,7 +9,7 @@
# Variable&Function # # Variable&Function #
#----------------------------------------------------------# #----------------------------------------------------------#
# Argument defenition # Argument definition
user=$1 user=$1
fname=$2 fname=$2
lname=$3 lname=$3
@ -24,7 +24,7 @@ source $VESTA/conf/vesta.conf
#----------------------------------------------------------# #----------------------------------------------------------#
check_args '3' "$#" 'USER FNAME LNAME' check_args '3' "$#" 'USER FNAME LNAME'
validate_format 'user' 'fname' 'lname' is_format_valid 'user' 'fname' 'lname'
is_object_valid 'user' 'USER' "$user" is_object_valid 'user' 'USER' "$user"
is_object_unsuspended 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user"
@ -48,6 +48,6 @@ update_user_value "$user" '$LNAME' "$lname"
# Logging # Logging
log_history "changed user name to $fname $lname" log_history "changed user name to $fname $lname"
log_event "$OK" "$EVENT" log_event "$OK" "$ARGUMENTS"
exit exit

45
bin/v-change-user-ns
View file

@ -1,20 +1,24 @@
#!/bin/bash #!/bin/bash
# info: change user nameservers # info: change user nameservers
# options: USER NS1 NS2 [NS3] [NS4] # options: USER NS1 NS2 [NS3] [NS4] [NS5] [NS6] [NS7] [NS8]
# #
# The function for changing default nameservers for speciefic user. # The function for changing default nameservers for specific user.
#----------------------------------------------------------# #----------------------------------------------------------#
# Variable&Function # # Variable&Function #
#----------------------------------------------------------# #----------------------------------------------------------#
# Argument defenition # Argument definition
user=$1 user=$1
ns1=$(echo $2 | sed -e 's/\.*$//g' -e 's/^\.*//g') ns1=$(echo $2 | sed -e 's/\.*$//g' -e 's/^\.*//g')
ns2=$(echo $3 | sed -e 's/\.*$//g' -e 's/^\.*//g') ns2=$(echo $3 | sed -e 's/\.*$//g' -e 's/^\.*//g')
ns3=$4 ns3=$(echo $4 | sed -e 's/\.*$//g' -e 's/^\.*//g')
ns4=$5 ns4=$(echo $5 | sed -e 's/\.*$//g' -e 's/^\.*//g')
ns5=$(echo $6 | sed -e 's/\.*$//g' -e 's/^\.*//g')
ns6=$(echo $7 | sed -e 's/\.*$//g' -e 's/^\.*//g')
ns7=$(echo $8 | sed -e 's/\.*$//g' -e 's/^\.*//g')
ns8=$(echo $9 | sed -e 's/\.*$//g' -e 's/^\.*//g')
# Includes # Includes
source $VESTA/func/main.sh source $VESTA/func/main.sh
@ -26,19 +30,34 @@ source $VESTA/conf/vesta.conf
#----------------------------------------------------------# #----------------------------------------------------------#
# Checking args # Checking args
check_args '3' "$#" 'USER NS1 NS2 [NS3] [NS4]' check_args '3' "$#" 'USER NS1 NS2 [NS3] [NS4] [NS5] [NS6] [NS7] [NS8]'
# Checking argument format # Checking argument format
validate_format 'user' 'ns1' 'ns2' is_format_valid 'user' 'ns1' 'ns2'
if [ ! -z "$ns3" ]; then if [ ! -z "$ns3" ]; then
ns3=$(echo $4 | sed -e 's/\.*$//g' -e 's/^\.*//g') ns3=$(echo $4 | sed -e 's/\.*$//g' -e 's/^\.*//g')
validate_format 'ns3' is_format_valid 'ns3'
fi fi
if [ ! -z "$ns4" ]; then if [ ! -z "$ns4" ]; then
ns4=$(echo $5 | sed -e 's/\.*$//g' -e 's/^\.*//g') ns4=$(echo $5 | sed -e 's/\.*$//g' -e 's/^\.*//g')
validate_format 'ns4' is_format_valid 'ns4'
fi
if [ ! -z "$ns5" ]; then
ns5=$(echo $6 | sed -e 's/\.*$//g' -e 's/^\.*//g')
is_format_valid 'ns5'
fi
if [ ! -z "$ns6" ]; then
ns6=$(echo $7 | sed -e 's/\.*$//g' -e 's/^\.*//g')
is_format_valid 'ns6'
fi
if [ ! -z "$ns7" ]; then
ns7=$(echo $8 | sed -e 's/\.*$//g' -e 's/^\.*//g')
is_format_valid 'ns7'
fi
if [ ! -z "$ns8" ]; then
ns8=$(echo $9 | sed -e 's/\.*$//g' -e 's/^\.*//g')
is_format_valid 'ns8'
fi fi
is_object_valid 'user' 'USER' "$user" is_object_valid 'user' 'USER' "$user"
is_object_unsuspended 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user"
@ -48,7 +67,7 @@ is_object_unsuspended 'user' 'USER' "$user"
#----------------------------------------------------------# #----------------------------------------------------------#
# Merging values # Merging values
ns="$ns1,$ns2,$ns3,$ns4" ns="$ns1,$ns2,$ns3,$ns4,$ns5,$ns6,$ns7,$ns8"
ns=$(echo "$ns" | sed -e "s/,,//g" -e "s/,$//") ns=$(echo "$ns" | sed -e "s/,,//g" -e "s/,$//")
# Changing ns values # Changing ns values
@ -60,7 +79,7 @@ update_user_value "$user" '$NS' "$ns"
#----------------------------------------------------------# #----------------------------------------------------------#
# Logging # Logging
log_history "changed user nameservers to $ns1, $ns2" log_history "updated nameservers $ns1 $ns2 $ns3 $ns4 $ns5 $ns6 $ns7 $ns8"
log_event "$OK" "$EVENT" log_event "$OK" "$ARGUMENTS"
exit exit

70
bin/v-change-user-package
View file

@ -9,7 +9,7 @@
# Variable&Function # # Variable&Function #
#----------------------------------------------------------# #----------------------------------------------------------#
# Argument defenition # Argument definition
user=$1 user=$1
package=$2 package=$2
force=$3 force=$3
@ -19,7 +19,7 @@ source $VESTA/func/main.sh
source $VESTA/conf/vesta.conf source $VESTA/conf/vesta.conf
is_package_avalable() { is_package_avalable() {
# Parsing user data
usr_data=$(cat $USER_DATA/user.conf) usr_data=$(cat $USER_DATA/user.conf)
IFS=$'\n' IFS=$'\n'
for key in $usr_data; do for key in $usr_data; do
@ -37,28 +37,47 @@ is_package_avalable() {
grep -v DATE) grep -v DATE)
eval $pkg_data eval $pkg_data
# Comparing user data with package # Checking usage agains package limits
if [[ "$WEB_DOMAINS" -lt "$U_WEB_DOMAINS" ]] ||\ if [ "$WEB_DOMAINS" != 'unlimited' ]; then
[[ "$DNS_DOMAINS" -lt "$U_DNS_DOMAINS" ]] ||\ if [ "$WEB_DOMAINS" -lt "$U_WEB_DOMAINS" ]; then
[[ "$MAIL_DOMAINS" -lt "$U_MAIL_DOMAINS" ]] ||\ check_result $E_LIMIT "Package doesn't cover WEB_DOMAIN usage"
[[ "$DATABASES" -lt "$U_DATABASES" ]] ||\ fi
[[ "$CRON_JOBS" -lt "$U_CRON_JOBS" ]] ||\ fi
[[ "$DISK_QUOTA" -lt "$U_DISK" ]] ||\ if [ "$DNS_DOMAINS" != 'unlimited' ]; then
[[ "$BANDWIDTH" -lt "$U_BANDWIDTH" ]]; then if [ "$DNS_DOMAINS" -lt "$U_DNS_DOMAINS" ]; then
echo "Error: Package not cover current usage" check_result $E_LIMIT "Package doesn't cover DNS_DOMAIN usage"
log_event "$E_LIMIT" "$EVENT" fi
exit $E_LIMIT fi
if [ "$MAIL_DOMAINS" != 'unlimited' ]; then
if [ "$MAIL_DOMAINS" -lt "$U_MAIL_DOMAINS" ]; then
check_result $E_LIMIT "Package doesn't cover MAIL_DOMAIN usage"
fi
fi
if [ "$DATABASES" != 'unlimited' ]; then
if [ "$DATABASES" -lt "$U_DATABASES" ]; then
check_result $E_LIMIT "Package doesn't cover DATABASE usage"
fi
fi
if [ "$CRON_JOBS" != 'unlimited' ]; then
if [ "$CRON_JOBS" -lt "$U_CRON_JOBS" ]; then
check_result $E_LIMIT "Package doesn't cover CRON usage"
fi
fi
if [ "$DISK_QUOTA" != 'unlimited' ]; then
if [ "$DISK_QUOTA" -lt "$U_DISK" ]; then
check_result $E_LIMIT "Package doesn't cover DISK usage"
fi
fi
if [ "$BANDWIDTH" != 'unlimited' ]; then
if [ "$BANDWIDTH" -lt "$U_BANDWIDTH" ]; then
check_result $E_LIMIT "Package doesn't cover BANDWIDTH usage"
fi
fi fi
} }
change_user_package() { change_user_package() {
usr_data=$(cat $USER_DATA/user.conf) eval $(cat $USER_DATA/user.conf)
eval $usr_data eval $(cat $VESTA/data/packages/$package.pkg |egrep -v "TIME|DATE")
pkg_data=$(cat $VESTA/data/packages/$package.pkg |grep -v TIME |\
grep -v DATE)
eval $pkg_data
echo "FNAME='$FNAME' echo "FNAME='$FNAME'
LNAME='$LNAME' LNAME='$LNAME'
PACKAGE='$package' PACKAGE='$package'
@ -110,6 +129,7 @@ U_DATABASES='$U_DATABASES'
U_CRON_JOBS='$U_CRON_JOBS' U_CRON_JOBS='$U_CRON_JOBS'
U_BACKUPS='$U_BACKUPS' U_BACKUPS='$U_BACKUPS'
LANGUAGE='$LANGUAGE' LANGUAGE='$LANGUAGE'
NOTIFICATIONS='$NOTIFICATIONS'
TIME='$TIME' TIME='$TIME'
DATE='$DATE'" > $USER_DATA/user.conf DATE='$DATE'" > $USER_DATA/user.conf
} }
@ -120,7 +140,7 @@ DATE='$DATE'" > $USER_DATA/user.conf
#----------------------------------------------------------# #----------------------------------------------------------#
check_args '2' "$#" 'USER PACKAGE [FORCE]' check_args '2' "$#" 'USER PACKAGE [FORCE]'
validate_format 'user' 'package' is_format_valid 'user' 'package'
is_object_valid 'user' 'USER' "$user" is_object_valid 'user' 'USER' "$user"
is_package_valid is_package_valid
if [ "$force" != 'yes' ];then if [ "$force" != 'yes' ];then
@ -145,6 +165,12 @@ if [ -x "$VESTA/data/packages/$package.sh" ]; then
$VESTA/data/packages/$package.sh "$user" "$CONTACT" "$FNAME" "$LNAME" $VESTA/data/packages/$package.sh "$user" "$CONTACT" "$FNAME" "$LNAME"
fi fi
# Update disk quota
source $VESTA/conf/vesta.conf
if [ "$DISK_QUOTA" = 'yes' ]; then
$BIN/v-update-user-quota $user
fi
#----------------------------------------------------------# #----------------------------------------------------------#
# Vesta # # Vesta #
@ -152,6 +178,6 @@ fi
# Logging # Logging
log_history "changed $user package to $package" '' 'admin' log_history "changed $user package to $package" '' 'admin'
log_event "$OK" "$EVENT" log_event "$OK" "$ARGUMENTS"
exit exit

19
bin/v-change-user-password
View file

@ -9,27 +9,24 @@
# Variable&Function # # Variable&Function #
#----------------------------------------------------------# #----------------------------------------------------------#
# Argument defenition # Argument definition
user=$1 user=$1
password=$2 password=$2; HIDE=2
# Includes # Includes
source $VESTA/func/main.sh source $VESTA/func/main.sh
source $VESTA/conf/vesta.conf source $VESTA/conf/vesta.conf
# Hiding password
A2="******"
EVENT="$DATE $TIME $SCRIPT $A1 $A2 $A3 $A4 $A5 $A6 $A7 $A8 $A9"
#----------------------------------------------------------# #----------------------------------------------------------#
# Verifications # # Verifications #
#----------------------------------------------------------# #----------------------------------------------------------#
check_args '2' "$#" 'USER PASSWORD' check_args '2' "$#" 'USER PASSWORD'
validate_format 'user' 'password' is_format_valid 'user'
is_object_valid 'user' 'USER' "$user" is_object_valid 'user' 'USER' "$user"
is_object_unsuspended 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user"
is_password_valid
#----------------------------------------------------------# #----------------------------------------------------------#
@ -40,17 +37,21 @@ is_object_unsuspended 'user' 'USER' "$user"
echo "$user:$password" | /usr/sbin/chpasswd echo "$user:$password" | /usr/sbin/chpasswd
md5=$(awk -v user=$user -F : 'user == $1 {print $2}' /etc/shadow) md5=$(awk -v user=$user -F : 'user == $1 {print $2}' /etc/shadow)
if [ "$user" = 'admin' ] && [ -e "$VESTA/web/reset.admin" ]; then
rm -f $VESTA/web/reset.admin
fi
#----------------------------------------------------------# #----------------------------------------------------------#
# Vesta # # Vesta #
#----------------------------------------------------------# #----------------------------------------------------------#
# Changing RKEY value # Changing RKEY value
update_user_value "$user" '$RKEY' "$(gen_password)" update_user_value "$user" '$RKEY' "$(generate_password)"
update_user_value "$user" '$MD5' "$md5" update_user_value "$user" '$MD5' "$md5"
# Logging # Logging
log_history "changed password" log_history "changed password"
log_event "$OK" "$EVENT" log_event "$OK" "$ARGUMENTS"
exit exit

19
bin/v-change-user-shell
View file

@ -2,14 +2,14 @@
# info: change user shell # info: change user shell
# options: USER SHELL # options: USER SHELL
# #
# The function changes system shell of a user. Shell gives abilty to use ssh. # The function changes system shell of a user. Shell gives ability to use ssh.
#----------------------------------------------------------# #----------------------------------------------------------#
# Variable&Function # # Variable&Function #
#----------------------------------------------------------# #----------------------------------------------------------#
# Argument defenition # Argument definition
user=$1 user=$1
shell=$2 shell=$2
@ -23,7 +23,7 @@ source $VESTA/conf/vesta.conf
#----------------------------------------------------------# #----------------------------------------------------------#
check_args '2' "$#" 'USER SHELL' check_args '2' "$#" 'USER SHELL'
validate_format 'user' 'shell' is_format_valid 'user' 'shell'
is_object_valid 'user' 'USER' "$user" is_object_valid 'user' 'USER' "$user"
is_object_unsuspended 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user"
@ -36,9 +36,18 @@ is_object_unsuspended 'user' 'USER' "$user"
shell_path=$(grep -w "$shell" /etc/shells | head -n1) shell_path=$(grep -w "$shell" /etc/shells | head -n1)
# Changing passwd file # Changing passwd file
/usr/bin/chsh -s "$shell_path" "$user" &>/dev/null /usr/bin/chsh -s "$shell_path" "$user" >/dev/null 2>&1
shell=$(basename $shell_path) shell=$(basename $shell_path)
# Adding jailed sftp env
if [ ! -z "$SFTPJAIL_KEY" ]; then
if [[ "$shell" =~ nologin ]] || [[ "$shell" =~ rssh ]]; then
$BIN/v-add-user-sftp-jail $user >/dev/null 2>&1
else
$BIN/v-delete-user-sftp-jail $user >/dev/null 2>&1
fi
fi
#----------------------------------------------------------# #----------------------------------------------------------#
# Vesta # # Vesta #
@ -49,6 +58,6 @@ update_user_value "$user" '$SHELL' "$shell"
# Logging # Logging
log_history "changed $user shell to $shell" '' 'admin' log_history "changed $user shell to $shell" '' 'admin'
log_event "$OK" "$EVENT" log_event "$OK" "$ARGUMENTS"
exit exit

12
bin/v-change-user-template
View file

@ -9,7 +9,7 @@
# Variable&Function # # Variable&Function #
#----------------------------------------------------------# #----------------------------------------------------------#
# Argument defenition # Argument definition
user=$1 user=$1
type=$(echo "$2" | tr '[:lower:]' '[:upper:]') type=$(echo "$2" | tr '[:lower:]' '[:upper:]')
template=$3 template=$3
@ -25,7 +25,7 @@ source $VESTA/conf/vesta.conf
#----------------------------------------------------------# #----------------------------------------------------------#
check_args '3' "$#" 'USER TYPE TEMPLATE' check_args '3' "$#" 'USER TYPE TEMPLATE'
validate_format 'user' 'template' is_format_valid 'user' 'template'
is_object_valid 'user' 'USER' "$user" is_object_valid 'user' 'USER' "$user"
is_object_unsuspended 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user"
@ -35,11 +35,11 @@ is_object_unsuspended 'user' 'USER' "$user"
#----------------------------------------------------------# #----------------------------------------------------------#
case $type in case $type in
WEB) is_web_template_valid; WEB) is_web_template_valid $template;
update_user_value "$user" '$WEB_TEMPLATE' "$template";; update_user_value "$user" '$WEB_TEMPLATE' "$template";;
PROXY) is_proxy_template_valid; PROXY) is_proxy_template_valid $template;
update_user_value "$user" '$PROXY_TEMPLATE' "$template";; update_user_value "$user" '$PROXY_TEMPLATE' "$template";;
DNS) is_dns_template_valid; DNS) is_dns_template_valid $template;
update_user_value "$user" '$DNS_TEMPLATE' "$template";; update_user_value "$user" '$DNS_TEMPLATE' "$template";;
*) check_args '1' '0' 'USER TYPE TEMPLATE' *) check_args '1' '0' 'USER TYPE TEMPLATE'
esac esac
@ -51,6 +51,6 @@ esac
# Logging # Logging
log_history "changed $type template to $template" log_history "changed $type template to $template"
log_event "$OK" "$EVENT" log_event "$OK" "$ARGUMENTS"
exit exit

Some files were not shown because too many files have changed in this diff Show more