From 23971375789b48c41c3eefa7fa0495279774e387 Mon Sep 17 00:00:00 2001 From: "Made I.T" Date: Mon, 27 Nov 2017 11:16:52 +0100 Subject: [PATCH 001/197] Add CAA record to is_dns_type_format_valid --- func/main.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/func/main.sh b/func/main.sh index f0041778..d005f2d3 100644 --- a/func/main.sh +++ b/func/main.sh @@ -628,7 +628,7 @@ is_dbuser_format_valid() { # DNS record type validator is_dns_type_format_valid() { - known_dnstype='A,AAAA,NS,CNAME,MX,TXT,SRV,DNSKEY,KEY,IPSECKEY,PTR,SPF,TLSA' + known_dnstype='A,AAAA,NS,CNAME,MX,TXT,SRV,DNSKEY,KEY,IPSECKEY,PTR,SPF,TLSA,CAA' if [ -z "$(echo $known_dnstype |grep -w $1)" ]; then check_result $E_INVALID "invalid dns record type format :: $1" fi From d9686a59f2cdd72b1d0b9d0c70e04eb4d1a3238c Mon Sep 17 00:00:00 2001 From: "Made I.T" Date: Mon, 27 Nov 2017 11:17:47 +0100 Subject: [PATCH 002/197] Add CAA record to web template --- web/templates/admin/add_dns_rec.html | 1 + 1 file changed, 1 insertion(+) diff --git a/web/templates/admin/add_dns_rec.html b/web/templates/admin/add_dns_rec.html index 2c8bebd7..33b4a9be 100644 --- a/web/templates/admin/add_dns_rec.html +++ b/web/templates/admin/add_dns_rec.html @@ -82,6 +82,7 @@ + From 3d6eb2c8eab992b560e6452e0f3a465bcaebe10b Mon Sep 17 00:00:00 2001 From: "Made I.T" Date: Mon, 27 Nov 2017 11:42:49 +0100 Subject: [PATCH 003/197] Update v-add-dns-record --- bin/v-add-dns-record | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/bin/v-add-dns-record b/bin/v-add-dns-record index 2b4c52ca..bbf8edd8 100755 --- a/bin/v-add-dns-record +++ b/bin/v-add-dns-record @@ -45,10 +45,12 @@ if [[ $rtype =~ NS|CNAME|MX|PTR|SRV ]]; then fi fi -dvalue=${dvalue//\"/} +if [ $rtype != "CAA" ]; then + dvalue=${dvalue//\"/} -if [[ "$dvalue" =~ [\;[:space:]] ]]; then - dvalue='"'"$dvalue"'"' + if [[ "$dvalue" =~ [\;[:space:]] ]]; then + dvalue='"'"$dvalue"'"' + fi fi # Additional argument formatting From c28dcc1037b416210447973267a4ee8dbde18e81 Mon Sep 17 00:00:00 2001 From: Somthanat Wongsa Date: Sat, 6 Jan 2018 13:20:16 +0700 Subject: [PATCH 004/197] fix php open_basedir error when using public_shtml as a document root --- install/debian/7/templates/web/apache2/basedir.stpl | 2 +- install/debian/7/templates/web/apache2/hosting.stpl | 2 +- install/debian/7/templates/web/apache2/phpcgi.stpl | 2 +- install/debian/7/templates/web/apache2/phpfcgid.stpl | 2 +- install/debian/7/templates/web/nginx/hosting.stpl | 2 +- install/debian/7/templates/web/nginx/php5-fpm/sendy.stpl | 2 +- .../7/templates/web/nginx/php5-fpm/wordpress2_rewrite.stpl | 2 +- install/debian/8/templates/web/apache2/basedir.stpl | 2 +- install/debian/8/templates/web/apache2/hosting.stpl | 2 +- install/debian/8/templates/web/apache2/phpcgi.stpl | 2 +- install/debian/8/templates/web/apache2/phpfcgid.stpl | 2 +- install/debian/8/templates/web/nginx/hosting.stpl | 2 +- install/debian/8/templates/web/nginx/php5-fpm/sendy.stpl | 2 +- .../8/templates/web/nginx/php5-fpm/wordpress2_rewrite.stpl | 2 +- install/debian/9/templates/web/apache2/basedir.stpl | 2 +- install/debian/9/templates/web/apache2/hosting.stpl | 2 +- install/debian/9/templates/web/apache2/phpcgi.stpl | 2 +- install/debian/9/templates/web/apache2/phpfcgid.stpl | 2 +- install/debian/9/templates/web/nginx/hosting.stpl | 2 +- install/debian/9/templates/web/nginx/php-fpm/sendy.stpl | 2 +- .../9/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl | 2 +- install/rhel/5/templates/web/httpd/basedir.stpl | 2 +- install/rhel/5/templates/web/httpd/hosting.stpl | 2 +- install/rhel/5/templates/web/httpd/phpcgi.stpl | 2 +- install/rhel/5/templates/web/httpd/phpfcgid.stpl | 2 +- install/rhel/5/templates/web/nginx/hosting.stpl | 2 +- install/rhel/5/templates/web/nginx/php-fpm/sendy.stpl | 2 +- .../rhel/5/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl | 2 +- install/rhel/6/templates/web/httpd/basedir.stpl | 2 +- install/rhel/6/templates/web/httpd/hosting.stpl | 2 +- install/rhel/6/templates/web/httpd/phpcgi.stpl | 2 +- install/rhel/6/templates/web/httpd/phpfcgid.stpl | 2 +- install/rhel/6/templates/web/nginx/hosting.stpl | 2 +- install/rhel/6/templates/web/nginx/php-fpm/sendy.stpl | 2 +- .../rhel/6/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl | 2 +- install/rhel/7/templates/web/httpd/basedir.stpl | 2 +- install/rhel/7/templates/web/httpd/hosting.stpl | 2 +- install/rhel/7/templates/web/httpd/phpcgi.stpl | 2 +- install/rhel/7/templates/web/httpd/phpfcgid.stpl | 2 +- install/rhel/7/templates/web/nginx/hosting.stpl | 2 +- install/rhel/7/templates/web/nginx/php-fpm/sendy.stpl | 2 +- .../rhel/7/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl | 2 +- install/ubuntu/12.04/templates/web/apache2/basedir.stpl | 2 +- install/ubuntu/12.04/templates/web/apache2/hosting.stpl | 2 +- install/ubuntu/12.04/templates/web/apache2/phpcgi.stpl | 2 +- install/ubuntu/12.04/templates/web/apache2/phpfcgid.stpl | 2 +- install/ubuntu/12.04/templates/web/nginx/hosting.stpl | 2 +- install/ubuntu/12.04/templates/web/nginx/php-fpm/sendy.stpl | 2 +- .../12.04/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl | 2 +- install/ubuntu/12.10/templates/web/apache2/basedir.stpl | 2 +- install/ubuntu/12.10/templates/web/apache2/hosting.stpl | 2 +- install/ubuntu/12.10/templates/web/apache2/phpcgi.stpl | 2 +- install/ubuntu/12.10/templates/web/apache2/phpfcgid.stpl | 2 +- install/ubuntu/12.10/templates/web/nginx/hosting.stpl | 2 +- install/ubuntu/12.10/templates/web/nginx/php-fpm/sendy.stpl | 2 +- .../12.10/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl | 2 +- install/ubuntu/13.04/templates/web/apache2/basedir.stpl | 2 +- install/ubuntu/13.04/templates/web/apache2/hosting.stpl | 2 +- install/ubuntu/13.04/templates/web/apache2/phpcgi.stpl | 2 +- install/ubuntu/13.04/templates/web/apache2/phpfcgid.stpl | 2 +- install/ubuntu/13.04/templates/web/nginx/hosting.stpl | 2 +- install/ubuntu/13.04/templates/web/nginx/php-fpm/sendy.stpl | 2 +- .../13.04/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl | 2 +- install/ubuntu/13.10/templates/web/apache2/basedir.stpl | 2 +- install/ubuntu/13.10/templates/web/apache2/hosting.stpl | 2 +- install/ubuntu/13.10/templates/web/apache2/phpcgi.stpl | 2 +- install/ubuntu/13.10/templates/web/apache2/phpfcgid.stpl | 2 +- install/ubuntu/13.10/templates/web/nginx/hosting.stpl | 2 +- install/ubuntu/13.10/templates/web/nginx/php-fpm/sendy.stpl | 2 +- .../13.10/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl | 2 +- install/ubuntu/14.04/templates/web/apache2/basedir.stpl | 2 +- install/ubuntu/14.04/templates/web/apache2/hosting.stpl | 2 +- install/ubuntu/14.04/templates/web/apache2/phpcgi.stpl | 2 +- install/ubuntu/14.04/templates/web/apache2/phpfcgid.stpl | 2 +- install/ubuntu/14.04/templates/web/nginx/hosting.stpl | 2 +- install/ubuntu/14.04/templates/web/nginx/php-fpm/sendy.stpl | 2 +- .../14.04/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl | 2 +- install/ubuntu/14.10/templates/web/apache2/basedir.stpl | 2 +- install/ubuntu/14.10/templates/web/apache2/hosting.stpl | 2 +- install/ubuntu/14.10/templates/web/apache2/phpcgi.stpl | 2 +- install/ubuntu/14.10/templates/web/apache2/phpfcgid.stpl | 2 +- install/ubuntu/14.10/templates/web/nginx/hosting.stpl | 2 +- install/ubuntu/14.10/templates/web/nginx/php-fpm/sendy.stpl | 2 +- .../14.10/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl | 2 +- install/ubuntu/15.04/templates/web/apache2/basedir.stpl | 2 +- install/ubuntu/15.04/templates/web/apache2/hosting.stpl | 2 +- install/ubuntu/15.04/templates/web/apache2/phpcgi.stpl | 2 +- install/ubuntu/15.04/templates/web/apache2/phpfcgid.stpl | 2 +- install/ubuntu/15.04/templates/web/nginx/hosting.stpl | 2 +- install/ubuntu/15.04/templates/web/nginx/php-fpm/sendy.stpl | 2 +- .../15.04/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl | 2 +- install/ubuntu/15.10/templates/web/apache2/basedir.stpl | 2 +- install/ubuntu/15.10/templates/web/apache2/hosting.stpl | 2 +- install/ubuntu/15.10/templates/web/apache2/phpcgi.stpl | 2 +- install/ubuntu/15.10/templates/web/apache2/phpfcgid.stpl | 2 +- install/ubuntu/15.10/templates/web/nginx/hosting.stpl | 2 +- install/ubuntu/15.10/templates/web/nginx/php-fpm/sendy.stpl | 2 +- .../15.10/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl | 2 +- install/ubuntu/16.04/templates/web/apache2/basedir.stpl | 2 +- install/ubuntu/16.04/templates/web/apache2/hosting.stpl | 2 +- install/ubuntu/16.04/templates/web/apache2/phpcgi.stpl | 2 +- install/ubuntu/16.04/templates/web/apache2/phpfcgid.stpl | 2 +- install/ubuntu/16.04/templates/web/nginx/hosting.stpl | 2 +- install/ubuntu/16.04/templates/web/nginx/php-fpm/sendy.stpl | 2 +- .../16.04/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl | 2 +- install/ubuntu/16.10/templates/web/apache2/basedir.stpl | 2 +- install/ubuntu/16.10/templates/web/apache2/hosting.stpl | 2 +- install/ubuntu/16.10/templates/web/apache2/phpcgi.stpl | 2 +- install/ubuntu/16.10/templates/web/apache2/phpfcgid.stpl | 2 +- install/ubuntu/16.10/templates/web/nginx/hosting.stpl | 2 +- install/ubuntu/16.10/templates/web/nginx/php-fpm/sendy.stpl | 2 +- .../16.10/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl | 2 +- 112 files changed, 112 insertions(+), 112 deletions(-) diff --git a/install/debian/7/templates/web/apache2/basedir.stpl b/install/debian/7/templates/web/apache2/basedir.stpl index dda3aa76..fe0b5b40 100644 --- a/install/debian/7/templates/web/apache2/basedir.stpl +++ b/install/debian/7/templates/web/apache2/basedir.stpl @@ -15,7 +15,7 @@ AllowOverride All SSLRequireSSL Options +Includes -Indexes +ExecCGI - php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp php_admin_value upload_tmp_dir %home%/%user%/tmp php_admin_value session.save_path %home%/%user%/tmp php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" diff --git a/install/debian/7/templates/web/apache2/hosting.stpl b/install/debian/7/templates/web/apache2/hosting.stpl index 627325e0..e1442ce2 100644 --- a/install/debian/7/templates/web/apache2/hosting.stpl +++ b/install/debian/7/templates/web/apache2/hosting.stpl @@ -22,7 +22,7 @@ php_admin_flag mysql.allow_persistent off php_admin_flag safe_mode off php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" - php_admin_value open_basedir %docroot%:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube php_admin_value upload_tmp_dir %home%/%user%/tmp php_admin_value session.save_path %home%/%user%/tmp diff --git a/install/debian/7/templates/web/apache2/phpcgi.stpl b/install/debian/7/templates/web/apache2/phpcgi.stpl index aa807091..40ce5fb2 100644 --- a/install/debian/7/templates/web/apache2/phpcgi.stpl +++ b/install/debian/7/templates/web/apache2/phpcgi.stpl @@ -15,7 +15,7 @@ SSLRequireSSL AllowOverride All Options +Includes -Indexes +ExecCGI - php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp php_admin_value upload_tmp_dir %home%/%user%/tmp php_admin_value session.save_path %home%/%user%/tmp Action phpcgi-script /cgi-bin/php diff --git a/install/debian/7/templates/web/apache2/phpfcgid.stpl b/install/debian/7/templates/web/apache2/phpfcgid.stpl index 88cea0e6..5d27efcd 100644 --- a/install/debian/7/templates/web/apache2/phpfcgid.stpl +++ b/install/debian/7/templates/web/apache2/phpfcgid.stpl @@ -15,7 +15,7 @@ SSLRequireSSL AllowOverride All Options +Includes -Indexes +ExecCGI - php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp php_admin_value upload_tmp_dir %home%/%user%/tmp php_admin_value session.save_path %home%/%user%/tmp diff --git a/install/debian/7/templates/web/nginx/hosting.stpl b/install/debian/7/templates/web/nginx/hosting.stpl index d778d633..31774a08 100755 --- a/install/debian/7/templates/web/nginx/hosting.stpl +++ b/install/debian/7/templates/web/nginx/hosting.stpl @@ -31,7 +31,7 @@ server { location ~ /\.hg/ {return 404;} location ~ /\.bzr/ {return 404;} - disable_symlinks if_not_owner from=%docroot%; + disable_symlinks if_not_owner from=%sdocroot%; include %home%/%user%/conf/web/snginx.%domain%.conf*; } diff --git a/install/debian/7/templates/web/nginx/php5-fpm/sendy.stpl b/install/debian/7/templates/web/nginx/php5-fpm/sendy.stpl index 0b351000..e7f3dcc6 100644 --- a/install/debian/7/templates/web/nginx/php5-fpm/sendy.stpl +++ b/install/debian/7/templates/web/nginx/php5-fpm/sendy.stpl @@ -3,7 +3,7 @@ server { server_name %domain_idn% %alias_idn%; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; - root %docroot%; + root %sdocroot%; index index.php index.html index.htm; access_log /var/log/nginx/domains/%domain%.log combined; access_log /var/log/nginx/domains/%domain%.bytes bytes; diff --git a/install/debian/7/templates/web/nginx/php5-fpm/wordpress2_rewrite.stpl b/install/debian/7/templates/web/nginx/php5-fpm/wordpress2_rewrite.stpl index 0d933b30..0d9793ae 100644 --- a/install/debian/7/templates/web/nginx/php5-fpm/wordpress2_rewrite.stpl +++ b/install/debian/7/templates/web/nginx/php5-fpm/wordpress2_rewrite.stpl @@ -1,7 +1,7 @@ server { listen %ip%:%web_ssl_port%; server_name %domain_idn% %alias_idn%; - root %docroot%; + root %sdocroot%; index index.php index.html index.htm; access_log /var/log/nginx/domains/%domain%.log combined; access_log /var/log/nginx/domains/%domain%.bytes bytes; diff --git a/install/debian/8/templates/web/apache2/basedir.stpl b/install/debian/8/templates/web/apache2/basedir.stpl index d978d4c4..2db1d52c 100644 --- a/install/debian/8/templates/web/apache2/basedir.stpl +++ b/install/debian/8/templates/web/apache2/basedir.stpl @@ -15,7 +15,7 @@ AllowOverride All SSLRequireSSL Options +Includes -Indexes +ExecCGI - php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp php_admin_value upload_tmp_dir %home%/%user%/tmp php_admin_value session.save_path %home%/%user%/tmp php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" diff --git a/install/debian/8/templates/web/apache2/hosting.stpl b/install/debian/8/templates/web/apache2/hosting.stpl index 8892072b..c9c19512 100644 --- a/install/debian/8/templates/web/apache2/hosting.stpl +++ b/install/debian/8/templates/web/apache2/hosting.stpl @@ -22,7 +22,7 @@ php_admin_flag mysql.allow_persistent off php_admin_flag safe_mode off php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" - php_admin_value open_basedir %docroot%:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube php_admin_value upload_tmp_dir %home%/%user%/tmp php_admin_value session.save_path %home%/%user%/tmp diff --git a/install/debian/8/templates/web/apache2/phpcgi.stpl b/install/debian/8/templates/web/apache2/phpcgi.stpl index 731355bc..ae560dbe 100644 --- a/install/debian/8/templates/web/apache2/phpcgi.stpl +++ b/install/debian/8/templates/web/apache2/phpcgi.stpl @@ -15,7 +15,7 @@ SSLRequireSSL AllowOverride All Options +Includes -Indexes +ExecCGI - php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp php_admin_value upload_tmp_dir %home%/%user%/tmp php_admin_value session.save_path %home%/%user%/tmp Action phpcgi-script /cgi-bin/php diff --git a/install/debian/8/templates/web/apache2/phpfcgid.stpl b/install/debian/8/templates/web/apache2/phpfcgid.stpl index 156c8a91..bc3688d9 100644 --- a/install/debian/8/templates/web/apache2/phpfcgid.stpl +++ b/install/debian/8/templates/web/apache2/phpfcgid.stpl @@ -15,7 +15,7 @@ SSLRequireSSL AllowOverride All Options +Includes -Indexes +ExecCGI - php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp php_admin_value upload_tmp_dir %home%/%user%/tmp php_admin_value session.save_path %home%/%user%/tmp diff --git a/install/debian/8/templates/web/nginx/hosting.stpl b/install/debian/8/templates/web/nginx/hosting.stpl index d778d633..31774a08 100755 --- a/install/debian/8/templates/web/nginx/hosting.stpl +++ b/install/debian/8/templates/web/nginx/hosting.stpl @@ -31,7 +31,7 @@ server { location ~ /\.hg/ {return 404;} location ~ /\.bzr/ {return 404;} - disable_symlinks if_not_owner from=%docroot%; + disable_symlinks if_not_owner from=%sdocroot%; include %home%/%user%/conf/web/snginx.%domain%.conf*; } diff --git a/install/debian/8/templates/web/nginx/php5-fpm/sendy.stpl b/install/debian/8/templates/web/nginx/php5-fpm/sendy.stpl index 0b351000..e7f3dcc6 100644 --- a/install/debian/8/templates/web/nginx/php5-fpm/sendy.stpl +++ b/install/debian/8/templates/web/nginx/php5-fpm/sendy.stpl @@ -3,7 +3,7 @@ server { server_name %domain_idn% %alias_idn%; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; - root %docroot%; + root %sdocroot%; index index.php index.html index.htm; access_log /var/log/nginx/domains/%domain%.log combined; access_log /var/log/nginx/domains/%domain%.bytes bytes; diff --git a/install/debian/8/templates/web/nginx/php5-fpm/wordpress2_rewrite.stpl b/install/debian/8/templates/web/nginx/php5-fpm/wordpress2_rewrite.stpl index 0d933b30..0d9793ae 100644 --- a/install/debian/8/templates/web/nginx/php5-fpm/wordpress2_rewrite.stpl +++ b/install/debian/8/templates/web/nginx/php5-fpm/wordpress2_rewrite.stpl @@ -1,7 +1,7 @@ server { listen %ip%:%web_ssl_port%; server_name %domain_idn% %alias_idn%; - root %docroot%; + root %sdocroot%; index index.php index.html index.htm; access_log /var/log/nginx/domains/%domain%.log combined; access_log /var/log/nginx/domains/%domain%.bytes bytes; diff --git a/install/debian/9/templates/web/apache2/basedir.stpl b/install/debian/9/templates/web/apache2/basedir.stpl index d978d4c4..2db1d52c 100644 --- a/install/debian/9/templates/web/apache2/basedir.stpl +++ b/install/debian/9/templates/web/apache2/basedir.stpl @@ -15,7 +15,7 @@ AllowOverride All SSLRequireSSL Options +Includes -Indexes +ExecCGI - php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp php_admin_value upload_tmp_dir %home%/%user%/tmp php_admin_value session.save_path %home%/%user%/tmp php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" diff --git a/install/debian/9/templates/web/apache2/hosting.stpl b/install/debian/9/templates/web/apache2/hosting.stpl index 8892072b..c9c19512 100644 --- a/install/debian/9/templates/web/apache2/hosting.stpl +++ b/install/debian/9/templates/web/apache2/hosting.stpl @@ -22,7 +22,7 @@ php_admin_flag mysql.allow_persistent off php_admin_flag safe_mode off php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" - php_admin_value open_basedir %docroot%:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube php_admin_value upload_tmp_dir %home%/%user%/tmp php_admin_value session.save_path %home%/%user%/tmp diff --git a/install/debian/9/templates/web/apache2/phpcgi.stpl b/install/debian/9/templates/web/apache2/phpcgi.stpl index 731355bc..ae560dbe 100644 --- a/install/debian/9/templates/web/apache2/phpcgi.stpl +++ b/install/debian/9/templates/web/apache2/phpcgi.stpl @@ -15,7 +15,7 @@ SSLRequireSSL AllowOverride All Options +Includes -Indexes +ExecCGI - php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp php_admin_value upload_tmp_dir %home%/%user%/tmp php_admin_value session.save_path %home%/%user%/tmp Action phpcgi-script /cgi-bin/php diff --git a/install/debian/9/templates/web/apache2/phpfcgid.stpl b/install/debian/9/templates/web/apache2/phpfcgid.stpl index 156c8a91..bc3688d9 100644 --- a/install/debian/9/templates/web/apache2/phpfcgid.stpl +++ b/install/debian/9/templates/web/apache2/phpfcgid.stpl @@ -15,7 +15,7 @@ SSLRequireSSL AllowOverride All Options +Includes -Indexes +ExecCGI - php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp php_admin_value upload_tmp_dir %home%/%user%/tmp php_admin_value session.save_path %home%/%user%/tmp diff --git a/install/debian/9/templates/web/nginx/hosting.stpl b/install/debian/9/templates/web/nginx/hosting.stpl index d778d633..31774a08 100755 --- a/install/debian/9/templates/web/nginx/hosting.stpl +++ b/install/debian/9/templates/web/nginx/hosting.stpl @@ -31,7 +31,7 @@ server { location ~ /\.hg/ {return 404;} location ~ /\.bzr/ {return 404;} - disable_symlinks if_not_owner from=%docroot%; + disable_symlinks if_not_owner from=%sdocroot%; include %home%/%user%/conf/web/snginx.%domain%.conf*; } diff --git a/install/debian/9/templates/web/nginx/php-fpm/sendy.stpl b/install/debian/9/templates/web/nginx/php-fpm/sendy.stpl index 0b351000..e7f3dcc6 100644 --- a/install/debian/9/templates/web/nginx/php-fpm/sendy.stpl +++ b/install/debian/9/templates/web/nginx/php-fpm/sendy.stpl @@ -3,7 +3,7 @@ server { server_name %domain_idn% %alias_idn%; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; - root %docroot%; + root %sdocroot%; index index.php index.html index.htm; access_log /var/log/nginx/domains/%domain%.log combined; access_log /var/log/nginx/domains/%domain%.bytes bytes; diff --git a/install/debian/9/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl b/install/debian/9/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl index 0d933b30..0d9793ae 100644 --- a/install/debian/9/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl +++ b/install/debian/9/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl @@ -1,7 +1,7 @@ server { listen %ip%:%web_ssl_port%; server_name %domain_idn% %alias_idn%; - root %docroot%; + root %sdocroot%; index index.php index.html index.htm; access_log /var/log/nginx/domains/%domain%.log combined; access_log /var/log/nginx/domains/%domain%.bytes bytes; diff --git a/install/rhel/5/templates/web/httpd/basedir.stpl b/install/rhel/5/templates/web/httpd/basedir.stpl index 4ced9f38..2a3f9fbd 100644 --- a/install/rhel/5/templates/web/httpd/basedir.stpl +++ b/install/rhel/5/templates/web/httpd/basedir.stpl @@ -15,7 +15,7 @@ AllowOverride All SSLRequireSSL Options +Includes -Indexes +ExecCGI - php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp php_admin_value upload_tmp_dir %home%/%user%/tmp php_admin_value session.save_path %home%/%user%/tmp php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" diff --git a/install/rhel/5/templates/web/httpd/hosting.stpl b/install/rhel/5/templates/web/httpd/hosting.stpl index f94ba186..f94fdb64 100644 --- a/install/rhel/5/templates/web/httpd/hosting.stpl +++ b/install/rhel/5/templates/web/httpd/hosting.stpl @@ -22,7 +22,7 @@ php_admin_flag mysql.allow_persistent off php_admin_flag safe_mode off php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" - php_admin_value open_basedir %docroot%:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube php_admin_value upload_tmp_dir %home%/%user%/tmp php_admin_value session.save_path %home%/%user%/tmp diff --git a/install/rhel/5/templates/web/httpd/phpcgi.stpl b/install/rhel/5/templates/web/httpd/phpcgi.stpl index 591693a4..d544411c 100644 --- a/install/rhel/5/templates/web/httpd/phpcgi.stpl +++ b/install/rhel/5/templates/web/httpd/phpcgi.stpl @@ -15,7 +15,7 @@ SSLRequireSSL AllowOverride All Options +Includes -Indexes +ExecCGI - php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp php_admin_value upload_tmp_dir %home%/%user%/tmp php_admin_value session.save_path %home%/%user%/tmp Action phpcgi-script /cgi-bin/php diff --git a/install/rhel/5/templates/web/httpd/phpfcgid.stpl b/install/rhel/5/templates/web/httpd/phpfcgid.stpl index 3bb82cca..38c5dd17 100644 --- a/install/rhel/5/templates/web/httpd/phpfcgid.stpl +++ b/install/rhel/5/templates/web/httpd/phpfcgid.stpl @@ -15,7 +15,7 @@ SSLRequireSSL AllowOverride All Options +Includes -Indexes +ExecCGI - php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp php_admin_value upload_tmp_dir %home%/%user%/tmp php_admin_value session.save_path %home%/%user%/tmp diff --git a/install/rhel/5/templates/web/nginx/hosting.stpl b/install/rhel/5/templates/web/nginx/hosting.stpl index aca458a4..59c24af4 100755 --- a/install/rhel/5/templates/web/nginx/hosting.stpl +++ b/install/rhel/5/templates/web/nginx/hosting.stpl @@ -31,7 +31,7 @@ server { location ~ /\.hg/ {return 404;} location ~ /\.bzr/ {return 404;} - disable_symlinks if_not_owner from=%docroot%; + disable_symlinks if_not_owner from=%sdocroot%; include %home%/%user%/conf/web/snginx.%domain%.conf*; } diff --git a/install/rhel/5/templates/web/nginx/php-fpm/sendy.stpl b/install/rhel/5/templates/web/nginx/php-fpm/sendy.stpl index 0b351000..e7f3dcc6 100644 --- a/install/rhel/5/templates/web/nginx/php-fpm/sendy.stpl +++ b/install/rhel/5/templates/web/nginx/php-fpm/sendy.stpl @@ -3,7 +3,7 @@ server { server_name %domain_idn% %alias_idn%; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; - root %docroot%; + root %sdocroot%; index index.php index.html index.htm; access_log /var/log/nginx/domains/%domain%.log combined; access_log /var/log/nginx/domains/%domain%.bytes bytes; diff --git a/install/rhel/5/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl b/install/rhel/5/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl index 0d933b30..0d9793ae 100644 --- a/install/rhel/5/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl +++ b/install/rhel/5/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl @@ -1,7 +1,7 @@ server { listen %ip%:%web_ssl_port%; server_name %domain_idn% %alias_idn%; - root %docroot%; + root %sdocroot%; index index.php index.html index.htm; access_log /var/log/nginx/domains/%domain%.log combined; access_log /var/log/nginx/domains/%domain%.bytes bytes; diff --git a/install/rhel/6/templates/web/httpd/basedir.stpl b/install/rhel/6/templates/web/httpd/basedir.stpl index 4ced9f38..2a3f9fbd 100644 --- a/install/rhel/6/templates/web/httpd/basedir.stpl +++ b/install/rhel/6/templates/web/httpd/basedir.stpl @@ -15,7 +15,7 @@ AllowOverride All SSLRequireSSL Options +Includes -Indexes +ExecCGI - php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp php_admin_value upload_tmp_dir %home%/%user%/tmp php_admin_value session.save_path %home%/%user%/tmp php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" diff --git a/install/rhel/6/templates/web/httpd/hosting.stpl b/install/rhel/6/templates/web/httpd/hosting.stpl index f1c1c111..06bd6183 100644 --- a/install/rhel/6/templates/web/httpd/hosting.stpl +++ b/install/rhel/6/templates/web/httpd/hosting.stpl @@ -22,7 +22,7 @@ php_admin_flag mysql.allow_persistent off php_admin_flag safe_mode off php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" - php_admin_value open_basedir %docroot%:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube php_admin_value upload_tmp_dir %home%/%user%/tmp php_admin_value session.save_path %home%/%user%/tmp diff --git a/install/rhel/6/templates/web/httpd/phpcgi.stpl b/install/rhel/6/templates/web/httpd/phpcgi.stpl index 591693a4..d544411c 100644 --- a/install/rhel/6/templates/web/httpd/phpcgi.stpl +++ b/install/rhel/6/templates/web/httpd/phpcgi.stpl @@ -15,7 +15,7 @@ SSLRequireSSL AllowOverride All Options +Includes -Indexes +ExecCGI - php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp php_admin_value upload_tmp_dir %home%/%user%/tmp php_admin_value session.save_path %home%/%user%/tmp Action phpcgi-script /cgi-bin/php diff --git a/install/rhel/6/templates/web/httpd/phpfcgid.stpl b/install/rhel/6/templates/web/httpd/phpfcgid.stpl index 3bb82cca..38c5dd17 100644 --- a/install/rhel/6/templates/web/httpd/phpfcgid.stpl +++ b/install/rhel/6/templates/web/httpd/phpfcgid.stpl @@ -15,7 +15,7 @@ SSLRequireSSL AllowOverride All Options +Includes -Indexes +ExecCGI - php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp php_admin_value upload_tmp_dir %home%/%user%/tmp php_admin_value session.save_path %home%/%user%/tmp diff --git a/install/rhel/6/templates/web/nginx/hosting.stpl b/install/rhel/6/templates/web/nginx/hosting.stpl index aca458a4..59c24af4 100755 --- a/install/rhel/6/templates/web/nginx/hosting.stpl +++ b/install/rhel/6/templates/web/nginx/hosting.stpl @@ -31,7 +31,7 @@ server { location ~ /\.hg/ {return 404;} location ~ /\.bzr/ {return 404;} - disable_symlinks if_not_owner from=%docroot%; + disable_symlinks if_not_owner from=%sdocroot%; include %home%/%user%/conf/web/snginx.%domain%.conf*; } diff --git a/install/rhel/6/templates/web/nginx/php-fpm/sendy.stpl b/install/rhel/6/templates/web/nginx/php-fpm/sendy.stpl index 0b351000..e7f3dcc6 100644 --- a/install/rhel/6/templates/web/nginx/php-fpm/sendy.stpl +++ b/install/rhel/6/templates/web/nginx/php-fpm/sendy.stpl @@ -3,7 +3,7 @@ server { server_name %domain_idn% %alias_idn%; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; - root %docroot%; + root %sdocroot%; index index.php index.html index.htm; access_log /var/log/nginx/domains/%domain%.log combined; access_log /var/log/nginx/domains/%domain%.bytes bytes; diff --git a/install/rhel/6/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl b/install/rhel/6/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl index 0d933b30..0d9793ae 100644 --- a/install/rhel/6/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl +++ b/install/rhel/6/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl @@ -1,7 +1,7 @@ server { listen %ip%:%web_ssl_port%; server_name %domain_idn% %alias_idn%; - root %docroot%; + root %sdocroot%; index index.php index.html index.htm; access_log /var/log/nginx/domains/%domain%.log combined; access_log /var/log/nginx/domains/%domain%.bytes bytes; diff --git a/install/rhel/7/templates/web/httpd/basedir.stpl b/install/rhel/7/templates/web/httpd/basedir.stpl index 95221539..210edc13 100644 --- a/install/rhel/7/templates/web/httpd/basedir.stpl +++ b/install/rhel/7/templates/web/httpd/basedir.stpl @@ -15,7 +15,7 @@ AllowOverride All SSLRequireSSL Options +Includes -Indexes +ExecCGI - php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp php_admin_value upload_tmp_dir %home%/%user%/tmp php_admin_value session.save_path %home%/%user%/tmp php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" diff --git a/install/rhel/7/templates/web/httpd/hosting.stpl b/install/rhel/7/templates/web/httpd/hosting.stpl index 673c9c01..699c413b 100644 --- a/install/rhel/7/templates/web/httpd/hosting.stpl +++ b/install/rhel/7/templates/web/httpd/hosting.stpl @@ -22,7 +22,7 @@ php_admin_flag mysql.allow_persistent off php_admin_flag safe_mode off php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" - php_admin_value open_basedir %docroot%:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube php_admin_value upload_tmp_dir %home%/%user%/tmp php_admin_value session.save_path %home%/%user%/tmp diff --git a/install/rhel/7/templates/web/httpd/phpcgi.stpl b/install/rhel/7/templates/web/httpd/phpcgi.stpl index 1f7b3547..1eb39e0a 100644 --- a/install/rhel/7/templates/web/httpd/phpcgi.stpl +++ b/install/rhel/7/templates/web/httpd/phpcgi.stpl @@ -15,7 +15,7 @@ SSLRequireSSL AllowOverride All Options +Includes -Indexes +ExecCGI - php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp php_admin_value upload_tmp_dir %home%/%user%/tmp php_admin_value session.save_path %home%/%user%/tmp Action phpcgi-script /cgi-bin/php diff --git a/install/rhel/7/templates/web/httpd/phpfcgid.stpl b/install/rhel/7/templates/web/httpd/phpfcgid.stpl index 6d7e81df..31f09bc1 100644 --- a/install/rhel/7/templates/web/httpd/phpfcgid.stpl +++ b/install/rhel/7/templates/web/httpd/phpfcgid.stpl @@ -15,7 +15,7 @@ SSLRequireSSL AllowOverride All Options +Includes -Indexes +ExecCGI - php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp php_admin_value upload_tmp_dir %home%/%user%/tmp php_admin_value session.save_path %home%/%user%/tmp diff --git a/install/rhel/7/templates/web/nginx/hosting.stpl b/install/rhel/7/templates/web/nginx/hosting.stpl index aca458a4..59c24af4 100755 --- a/install/rhel/7/templates/web/nginx/hosting.stpl +++ b/install/rhel/7/templates/web/nginx/hosting.stpl @@ -31,7 +31,7 @@ server { location ~ /\.hg/ {return 404;} location ~ /\.bzr/ {return 404;} - disable_symlinks if_not_owner from=%docroot%; + disable_symlinks if_not_owner from=%sdocroot%; include %home%/%user%/conf/web/snginx.%domain%.conf*; } diff --git a/install/rhel/7/templates/web/nginx/php-fpm/sendy.stpl b/install/rhel/7/templates/web/nginx/php-fpm/sendy.stpl index 0b351000..e7f3dcc6 100644 --- a/install/rhel/7/templates/web/nginx/php-fpm/sendy.stpl +++ b/install/rhel/7/templates/web/nginx/php-fpm/sendy.stpl @@ -3,7 +3,7 @@ server { server_name %domain_idn% %alias_idn%; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; - root %docroot%; + root %sdocroot%; index index.php index.html index.htm; access_log /var/log/nginx/domains/%domain%.log combined; access_log /var/log/nginx/domains/%domain%.bytes bytes; diff --git a/install/rhel/7/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl b/install/rhel/7/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl index 0d933b30..0d9793ae 100644 --- a/install/rhel/7/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl +++ b/install/rhel/7/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl @@ -1,7 +1,7 @@ server { listen %ip%:%web_ssl_port%; server_name %domain_idn% %alias_idn%; - root %docroot%; + root %sdocroot%; index index.php index.html index.htm; access_log /var/log/nginx/domains/%domain%.log combined; access_log /var/log/nginx/domains/%domain%.bytes bytes; diff --git a/install/ubuntu/12.04/templates/web/apache2/basedir.stpl b/install/ubuntu/12.04/templates/web/apache2/basedir.stpl index dda3aa76..fe0b5b40 100644 --- a/install/ubuntu/12.04/templates/web/apache2/basedir.stpl +++ b/install/ubuntu/12.04/templates/web/apache2/basedir.stpl @@ -15,7 +15,7 @@ AllowOverride All SSLRequireSSL Options +Includes -Indexes +ExecCGI - php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp php_admin_value upload_tmp_dir %home%/%user%/tmp php_admin_value session.save_path %home%/%user%/tmp php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" diff --git a/install/ubuntu/12.04/templates/web/apache2/hosting.stpl b/install/ubuntu/12.04/templates/web/apache2/hosting.stpl index 627325e0..e1442ce2 100644 --- a/install/ubuntu/12.04/templates/web/apache2/hosting.stpl +++ b/install/ubuntu/12.04/templates/web/apache2/hosting.stpl @@ -22,7 +22,7 @@ php_admin_flag mysql.allow_persistent off php_admin_flag safe_mode off php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" - php_admin_value open_basedir %docroot%:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube php_admin_value upload_tmp_dir %home%/%user%/tmp php_admin_value session.save_path %home%/%user%/tmp diff --git a/install/ubuntu/12.04/templates/web/apache2/phpcgi.stpl b/install/ubuntu/12.04/templates/web/apache2/phpcgi.stpl index aa807091..40ce5fb2 100644 --- a/install/ubuntu/12.04/templates/web/apache2/phpcgi.stpl +++ b/install/ubuntu/12.04/templates/web/apache2/phpcgi.stpl @@ -15,7 +15,7 @@ SSLRequireSSL AllowOverride All Options +Includes -Indexes +ExecCGI - php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp php_admin_value upload_tmp_dir %home%/%user%/tmp php_admin_value session.save_path %home%/%user%/tmp Action phpcgi-script /cgi-bin/php diff --git a/install/ubuntu/12.04/templates/web/apache2/phpfcgid.stpl b/install/ubuntu/12.04/templates/web/apache2/phpfcgid.stpl index 88cea0e6..5d27efcd 100644 --- a/install/ubuntu/12.04/templates/web/apache2/phpfcgid.stpl +++ b/install/ubuntu/12.04/templates/web/apache2/phpfcgid.stpl @@ -15,7 +15,7 @@ SSLRequireSSL AllowOverride All Options +Includes -Indexes +ExecCGI - php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp php_admin_value upload_tmp_dir %home%/%user%/tmp php_admin_value session.save_path %home%/%user%/tmp diff --git a/install/ubuntu/12.04/templates/web/nginx/hosting.stpl b/install/ubuntu/12.04/templates/web/nginx/hosting.stpl index d778d633..31774a08 100755 --- a/install/ubuntu/12.04/templates/web/nginx/hosting.stpl +++ b/install/ubuntu/12.04/templates/web/nginx/hosting.stpl @@ -31,7 +31,7 @@ server { location ~ /\.hg/ {return 404;} location ~ /\.bzr/ {return 404;} - disable_symlinks if_not_owner from=%docroot%; + disable_symlinks if_not_owner from=%sdocroot%; include %home%/%user%/conf/web/snginx.%domain%.conf*; } diff --git a/install/ubuntu/12.04/templates/web/nginx/php-fpm/sendy.stpl b/install/ubuntu/12.04/templates/web/nginx/php-fpm/sendy.stpl index 0b351000..e7f3dcc6 100644 --- a/install/ubuntu/12.04/templates/web/nginx/php-fpm/sendy.stpl +++ b/install/ubuntu/12.04/templates/web/nginx/php-fpm/sendy.stpl @@ -3,7 +3,7 @@ server { server_name %domain_idn% %alias_idn%; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; - root %docroot%; + root %sdocroot%; index index.php index.html index.htm; access_log /var/log/nginx/domains/%domain%.log combined; access_log /var/log/nginx/domains/%domain%.bytes bytes; diff --git a/install/ubuntu/12.04/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl b/install/ubuntu/12.04/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl index 0d933b30..0d9793ae 100644 --- a/install/ubuntu/12.04/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl +++ b/install/ubuntu/12.04/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl @@ -1,7 +1,7 @@ server { listen %ip%:%web_ssl_port%; server_name %domain_idn% %alias_idn%; - root %docroot%; + root %sdocroot%; index index.php index.html index.htm; access_log /var/log/nginx/domains/%domain%.log combined; access_log /var/log/nginx/domains/%domain%.bytes bytes; diff --git a/install/ubuntu/12.10/templates/web/apache2/basedir.stpl b/install/ubuntu/12.10/templates/web/apache2/basedir.stpl index dda3aa76..fe0b5b40 100644 --- a/install/ubuntu/12.10/templates/web/apache2/basedir.stpl +++ b/install/ubuntu/12.10/templates/web/apache2/basedir.stpl @@ -15,7 +15,7 @@ AllowOverride All SSLRequireSSL Options +Includes -Indexes +ExecCGI - php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp php_admin_value upload_tmp_dir %home%/%user%/tmp php_admin_value session.save_path %home%/%user%/tmp php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" diff --git a/install/ubuntu/12.10/templates/web/apache2/hosting.stpl b/install/ubuntu/12.10/templates/web/apache2/hosting.stpl index 627325e0..e1442ce2 100644 --- a/install/ubuntu/12.10/templates/web/apache2/hosting.stpl +++ b/install/ubuntu/12.10/templates/web/apache2/hosting.stpl @@ -22,7 +22,7 @@ php_admin_flag mysql.allow_persistent off php_admin_flag safe_mode off php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" - php_admin_value open_basedir %docroot%:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube php_admin_value upload_tmp_dir %home%/%user%/tmp php_admin_value session.save_path %home%/%user%/tmp diff --git a/install/ubuntu/12.10/templates/web/apache2/phpcgi.stpl b/install/ubuntu/12.10/templates/web/apache2/phpcgi.stpl index aa807091..40ce5fb2 100644 --- a/install/ubuntu/12.10/templates/web/apache2/phpcgi.stpl +++ b/install/ubuntu/12.10/templates/web/apache2/phpcgi.stpl @@ -15,7 +15,7 @@ SSLRequireSSL AllowOverride All Options +Includes -Indexes +ExecCGI - php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp php_admin_value upload_tmp_dir %home%/%user%/tmp php_admin_value session.save_path %home%/%user%/tmp Action phpcgi-script /cgi-bin/php diff --git a/install/ubuntu/12.10/templates/web/apache2/phpfcgid.stpl b/install/ubuntu/12.10/templates/web/apache2/phpfcgid.stpl index 88cea0e6..5d27efcd 100644 --- a/install/ubuntu/12.10/templates/web/apache2/phpfcgid.stpl +++ b/install/ubuntu/12.10/templates/web/apache2/phpfcgid.stpl @@ -15,7 +15,7 @@ SSLRequireSSL AllowOverride All Options +Includes -Indexes +ExecCGI - php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp php_admin_value upload_tmp_dir %home%/%user%/tmp php_admin_value session.save_path %home%/%user%/tmp diff --git a/install/ubuntu/12.10/templates/web/nginx/hosting.stpl b/install/ubuntu/12.10/templates/web/nginx/hosting.stpl index d778d633..31774a08 100755 --- a/install/ubuntu/12.10/templates/web/nginx/hosting.stpl +++ b/install/ubuntu/12.10/templates/web/nginx/hosting.stpl @@ -31,7 +31,7 @@ server { location ~ /\.hg/ {return 404;} location ~ /\.bzr/ {return 404;} - disable_symlinks if_not_owner from=%docroot%; + disable_symlinks if_not_owner from=%sdocroot%; include %home%/%user%/conf/web/snginx.%domain%.conf*; } diff --git a/install/ubuntu/12.10/templates/web/nginx/php-fpm/sendy.stpl b/install/ubuntu/12.10/templates/web/nginx/php-fpm/sendy.stpl index 0b351000..e7f3dcc6 100644 --- a/install/ubuntu/12.10/templates/web/nginx/php-fpm/sendy.stpl +++ b/install/ubuntu/12.10/templates/web/nginx/php-fpm/sendy.stpl @@ -3,7 +3,7 @@ server { server_name %domain_idn% %alias_idn%; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; - root %docroot%; + root %sdocroot%; index index.php index.html index.htm; access_log /var/log/nginx/domains/%domain%.log combined; access_log /var/log/nginx/domains/%domain%.bytes bytes; diff --git a/install/ubuntu/12.10/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl b/install/ubuntu/12.10/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl index 0d933b30..0d9793ae 100644 --- a/install/ubuntu/12.10/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl +++ b/install/ubuntu/12.10/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl @@ -1,7 +1,7 @@ server { listen %ip%:%web_ssl_port%; server_name %domain_idn% %alias_idn%; - root %docroot%; + root %sdocroot%; index index.php index.html index.htm; access_log /var/log/nginx/domains/%domain%.log combined; access_log /var/log/nginx/domains/%domain%.bytes bytes; diff --git a/install/ubuntu/13.04/templates/web/apache2/basedir.stpl b/install/ubuntu/13.04/templates/web/apache2/basedir.stpl index dda3aa76..fe0b5b40 100644 --- a/install/ubuntu/13.04/templates/web/apache2/basedir.stpl +++ b/install/ubuntu/13.04/templates/web/apache2/basedir.stpl @@ -15,7 +15,7 @@ AllowOverride All SSLRequireSSL Options +Includes -Indexes +ExecCGI - php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp php_admin_value upload_tmp_dir %home%/%user%/tmp php_admin_value session.save_path %home%/%user%/tmp php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" diff --git a/install/ubuntu/13.04/templates/web/apache2/hosting.stpl b/install/ubuntu/13.04/templates/web/apache2/hosting.stpl index ce0763ae..be7ef310 100644 --- a/install/ubuntu/13.04/templates/web/apache2/hosting.stpl +++ b/install/ubuntu/13.04/templates/web/apache2/hosting.stpl @@ -22,7 +22,7 @@ php_admin_flag mysql.allow_persistent off php_admin_flag safe_mode off php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" - php_admin_value open_basedir %docroot%:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube php_admin_value upload_tmp_dir %home%/%user%/tmp php_admin_value session.save_path %home%/%user%/tmp diff --git a/install/ubuntu/13.04/templates/web/apache2/phpcgi.stpl b/install/ubuntu/13.04/templates/web/apache2/phpcgi.stpl index aa807091..40ce5fb2 100644 --- a/install/ubuntu/13.04/templates/web/apache2/phpcgi.stpl +++ b/install/ubuntu/13.04/templates/web/apache2/phpcgi.stpl @@ -15,7 +15,7 @@ SSLRequireSSL AllowOverride All Options +Includes -Indexes +ExecCGI - php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp php_admin_value upload_tmp_dir %home%/%user%/tmp php_admin_value session.save_path %home%/%user%/tmp Action phpcgi-script /cgi-bin/php diff --git a/install/ubuntu/13.04/templates/web/apache2/phpfcgid.stpl b/install/ubuntu/13.04/templates/web/apache2/phpfcgid.stpl index 88cea0e6..5d27efcd 100644 --- a/install/ubuntu/13.04/templates/web/apache2/phpfcgid.stpl +++ b/install/ubuntu/13.04/templates/web/apache2/phpfcgid.stpl @@ -15,7 +15,7 @@ SSLRequireSSL AllowOverride All Options +Includes -Indexes +ExecCGI - php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp php_admin_value upload_tmp_dir %home%/%user%/tmp php_admin_value session.save_path %home%/%user%/tmp diff --git a/install/ubuntu/13.04/templates/web/nginx/hosting.stpl b/install/ubuntu/13.04/templates/web/nginx/hosting.stpl index d778d633..31774a08 100755 --- a/install/ubuntu/13.04/templates/web/nginx/hosting.stpl +++ b/install/ubuntu/13.04/templates/web/nginx/hosting.stpl @@ -31,7 +31,7 @@ server { location ~ /\.hg/ {return 404;} location ~ /\.bzr/ {return 404;} - disable_symlinks if_not_owner from=%docroot%; + disable_symlinks if_not_owner from=%sdocroot%; include %home%/%user%/conf/web/snginx.%domain%.conf*; } diff --git a/install/ubuntu/13.04/templates/web/nginx/php-fpm/sendy.stpl b/install/ubuntu/13.04/templates/web/nginx/php-fpm/sendy.stpl index 0b351000..e7f3dcc6 100644 --- a/install/ubuntu/13.04/templates/web/nginx/php-fpm/sendy.stpl +++ b/install/ubuntu/13.04/templates/web/nginx/php-fpm/sendy.stpl @@ -3,7 +3,7 @@ server { server_name %domain_idn% %alias_idn%; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; - root %docroot%; + root %sdocroot%; index index.php index.html index.htm; access_log /var/log/nginx/domains/%domain%.log combined; access_log /var/log/nginx/domains/%domain%.bytes bytes; diff --git a/install/ubuntu/13.04/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl b/install/ubuntu/13.04/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl index 0d933b30..0d9793ae 100644 --- a/install/ubuntu/13.04/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl +++ b/install/ubuntu/13.04/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl @@ -1,7 +1,7 @@ server { listen %ip%:%web_ssl_port%; server_name %domain_idn% %alias_idn%; - root %docroot%; + root %sdocroot%; index index.php index.html index.htm; access_log /var/log/nginx/domains/%domain%.log combined; access_log /var/log/nginx/domains/%domain%.bytes bytes; diff --git a/install/ubuntu/13.10/templates/web/apache2/basedir.stpl b/install/ubuntu/13.10/templates/web/apache2/basedir.stpl index d978d4c4..2db1d52c 100644 --- a/install/ubuntu/13.10/templates/web/apache2/basedir.stpl +++ b/install/ubuntu/13.10/templates/web/apache2/basedir.stpl @@ -15,7 +15,7 @@ AllowOverride All SSLRequireSSL Options +Includes -Indexes +ExecCGI - php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp php_admin_value upload_tmp_dir %home%/%user%/tmp php_admin_value session.save_path %home%/%user%/tmp php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" diff --git a/install/ubuntu/13.10/templates/web/apache2/hosting.stpl b/install/ubuntu/13.10/templates/web/apache2/hosting.stpl index 8892072b..c9c19512 100644 --- a/install/ubuntu/13.10/templates/web/apache2/hosting.stpl +++ b/install/ubuntu/13.10/templates/web/apache2/hosting.stpl @@ -22,7 +22,7 @@ php_admin_flag mysql.allow_persistent off php_admin_flag safe_mode off php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" - php_admin_value open_basedir %docroot%:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube php_admin_value upload_tmp_dir %home%/%user%/tmp php_admin_value session.save_path %home%/%user%/tmp diff --git a/install/ubuntu/13.10/templates/web/apache2/phpcgi.stpl b/install/ubuntu/13.10/templates/web/apache2/phpcgi.stpl index 731355bc..ae560dbe 100644 --- a/install/ubuntu/13.10/templates/web/apache2/phpcgi.stpl +++ b/install/ubuntu/13.10/templates/web/apache2/phpcgi.stpl @@ -15,7 +15,7 @@ SSLRequireSSL AllowOverride All Options +Includes -Indexes +ExecCGI - php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp php_admin_value upload_tmp_dir %home%/%user%/tmp php_admin_value session.save_path %home%/%user%/tmp Action phpcgi-script /cgi-bin/php diff --git a/install/ubuntu/13.10/templates/web/apache2/phpfcgid.stpl b/install/ubuntu/13.10/templates/web/apache2/phpfcgid.stpl index 156c8a91..bc3688d9 100644 --- a/install/ubuntu/13.10/templates/web/apache2/phpfcgid.stpl +++ b/install/ubuntu/13.10/templates/web/apache2/phpfcgid.stpl @@ -15,7 +15,7 @@ SSLRequireSSL AllowOverride All Options +Includes -Indexes +ExecCGI - php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp php_admin_value upload_tmp_dir %home%/%user%/tmp php_admin_value session.save_path %home%/%user%/tmp diff --git a/install/ubuntu/13.10/templates/web/nginx/hosting.stpl b/install/ubuntu/13.10/templates/web/nginx/hosting.stpl index d778d633..31774a08 100755 --- a/install/ubuntu/13.10/templates/web/nginx/hosting.stpl +++ b/install/ubuntu/13.10/templates/web/nginx/hosting.stpl @@ -31,7 +31,7 @@ server { location ~ /\.hg/ {return 404;} location ~ /\.bzr/ {return 404;} - disable_symlinks if_not_owner from=%docroot%; + disable_symlinks if_not_owner from=%sdocroot%; include %home%/%user%/conf/web/snginx.%domain%.conf*; } diff --git a/install/ubuntu/13.10/templates/web/nginx/php-fpm/sendy.stpl b/install/ubuntu/13.10/templates/web/nginx/php-fpm/sendy.stpl index 0b351000..e7f3dcc6 100644 --- a/install/ubuntu/13.10/templates/web/nginx/php-fpm/sendy.stpl +++ b/install/ubuntu/13.10/templates/web/nginx/php-fpm/sendy.stpl @@ -3,7 +3,7 @@ server { server_name %domain_idn% %alias_idn%; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; - root %docroot%; + root %sdocroot%; index index.php index.html index.htm; access_log /var/log/nginx/domains/%domain%.log combined; access_log /var/log/nginx/domains/%domain%.bytes bytes; diff --git a/install/ubuntu/13.10/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl b/install/ubuntu/13.10/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl index 0d933b30..0d9793ae 100644 --- a/install/ubuntu/13.10/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl +++ b/install/ubuntu/13.10/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl @@ -1,7 +1,7 @@ server { listen %ip%:%web_ssl_port%; server_name %domain_idn% %alias_idn%; - root %docroot%; + root %sdocroot%; index index.php index.html index.htm; access_log /var/log/nginx/domains/%domain%.log combined; access_log /var/log/nginx/domains/%domain%.bytes bytes; diff --git a/install/ubuntu/14.04/templates/web/apache2/basedir.stpl b/install/ubuntu/14.04/templates/web/apache2/basedir.stpl index d978d4c4..2db1d52c 100644 --- a/install/ubuntu/14.04/templates/web/apache2/basedir.stpl +++ b/install/ubuntu/14.04/templates/web/apache2/basedir.stpl @@ -15,7 +15,7 @@ AllowOverride All SSLRequireSSL Options +Includes -Indexes +ExecCGI - php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp php_admin_value upload_tmp_dir %home%/%user%/tmp php_admin_value session.save_path %home%/%user%/tmp php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" diff --git a/install/ubuntu/14.04/templates/web/apache2/hosting.stpl b/install/ubuntu/14.04/templates/web/apache2/hosting.stpl index 8892072b..c9c19512 100644 --- a/install/ubuntu/14.04/templates/web/apache2/hosting.stpl +++ b/install/ubuntu/14.04/templates/web/apache2/hosting.stpl @@ -22,7 +22,7 @@ php_admin_flag mysql.allow_persistent off php_admin_flag safe_mode off php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" - php_admin_value open_basedir %docroot%:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube php_admin_value upload_tmp_dir %home%/%user%/tmp php_admin_value session.save_path %home%/%user%/tmp diff --git a/install/ubuntu/14.04/templates/web/apache2/phpcgi.stpl b/install/ubuntu/14.04/templates/web/apache2/phpcgi.stpl index 731355bc..ae560dbe 100644 --- a/install/ubuntu/14.04/templates/web/apache2/phpcgi.stpl +++ b/install/ubuntu/14.04/templates/web/apache2/phpcgi.stpl @@ -15,7 +15,7 @@ SSLRequireSSL AllowOverride All Options +Includes -Indexes +ExecCGI - php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp php_admin_value upload_tmp_dir %home%/%user%/tmp php_admin_value session.save_path %home%/%user%/tmp Action phpcgi-script /cgi-bin/php diff --git a/install/ubuntu/14.04/templates/web/apache2/phpfcgid.stpl b/install/ubuntu/14.04/templates/web/apache2/phpfcgid.stpl index 156c8a91..bc3688d9 100644 --- a/install/ubuntu/14.04/templates/web/apache2/phpfcgid.stpl +++ b/install/ubuntu/14.04/templates/web/apache2/phpfcgid.stpl @@ -15,7 +15,7 @@ SSLRequireSSL AllowOverride All Options +Includes -Indexes +ExecCGI - php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp php_admin_value upload_tmp_dir %home%/%user%/tmp php_admin_value session.save_path %home%/%user%/tmp diff --git a/install/ubuntu/14.04/templates/web/nginx/hosting.stpl b/install/ubuntu/14.04/templates/web/nginx/hosting.stpl index d778d633..31774a08 100755 --- a/install/ubuntu/14.04/templates/web/nginx/hosting.stpl +++ b/install/ubuntu/14.04/templates/web/nginx/hosting.stpl @@ -31,7 +31,7 @@ server { location ~ /\.hg/ {return 404;} location ~ /\.bzr/ {return 404;} - disable_symlinks if_not_owner from=%docroot%; + disable_symlinks if_not_owner from=%sdocroot%; include %home%/%user%/conf/web/snginx.%domain%.conf*; } diff --git a/install/ubuntu/14.04/templates/web/nginx/php-fpm/sendy.stpl b/install/ubuntu/14.04/templates/web/nginx/php-fpm/sendy.stpl index 0b351000..e7f3dcc6 100644 --- a/install/ubuntu/14.04/templates/web/nginx/php-fpm/sendy.stpl +++ b/install/ubuntu/14.04/templates/web/nginx/php-fpm/sendy.stpl @@ -3,7 +3,7 @@ server { server_name %domain_idn% %alias_idn%; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; - root %docroot%; + root %sdocroot%; index index.php index.html index.htm; access_log /var/log/nginx/domains/%domain%.log combined; access_log /var/log/nginx/domains/%domain%.bytes bytes; diff --git a/install/ubuntu/14.04/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl b/install/ubuntu/14.04/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl index 0d933b30..0d9793ae 100644 --- a/install/ubuntu/14.04/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl +++ b/install/ubuntu/14.04/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl @@ -1,7 +1,7 @@ server { listen %ip%:%web_ssl_port%; server_name %domain_idn% %alias_idn%; - root %docroot%; + root %sdocroot%; index index.php index.html index.htm; access_log /var/log/nginx/domains/%domain%.log combined; access_log /var/log/nginx/domains/%domain%.bytes bytes; diff --git a/install/ubuntu/14.10/templates/web/apache2/basedir.stpl b/install/ubuntu/14.10/templates/web/apache2/basedir.stpl index d978d4c4..2db1d52c 100644 --- a/install/ubuntu/14.10/templates/web/apache2/basedir.stpl +++ b/install/ubuntu/14.10/templates/web/apache2/basedir.stpl @@ -15,7 +15,7 @@ AllowOverride All SSLRequireSSL Options +Includes -Indexes +ExecCGI - php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp php_admin_value upload_tmp_dir %home%/%user%/tmp php_admin_value session.save_path %home%/%user%/tmp php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" diff --git a/install/ubuntu/14.10/templates/web/apache2/hosting.stpl b/install/ubuntu/14.10/templates/web/apache2/hosting.stpl index 8892072b..c9c19512 100644 --- a/install/ubuntu/14.10/templates/web/apache2/hosting.stpl +++ b/install/ubuntu/14.10/templates/web/apache2/hosting.stpl @@ -22,7 +22,7 @@ php_admin_flag mysql.allow_persistent off php_admin_flag safe_mode off php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" - php_admin_value open_basedir %docroot%:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube php_admin_value upload_tmp_dir %home%/%user%/tmp php_admin_value session.save_path %home%/%user%/tmp diff --git a/install/ubuntu/14.10/templates/web/apache2/phpcgi.stpl b/install/ubuntu/14.10/templates/web/apache2/phpcgi.stpl index 731355bc..ae560dbe 100644 --- a/install/ubuntu/14.10/templates/web/apache2/phpcgi.stpl +++ b/install/ubuntu/14.10/templates/web/apache2/phpcgi.stpl @@ -15,7 +15,7 @@ SSLRequireSSL AllowOverride All Options +Includes -Indexes +ExecCGI - php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp php_admin_value upload_tmp_dir %home%/%user%/tmp php_admin_value session.save_path %home%/%user%/tmp Action phpcgi-script /cgi-bin/php diff --git a/install/ubuntu/14.10/templates/web/apache2/phpfcgid.stpl b/install/ubuntu/14.10/templates/web/apache2/phpfcgid.stpl index 156c8a91..bc3688d9 100644 --- a/install/ubuntu/14.10/templates/web/apache2/phpfcgid.stpl +++ b/install/ubuntu/14.10/templates/web/apache2/phpfcgid.stpl @@ -15,7 +15,7 @@ SSLRequireSSL AllowOverride All Options +Includes -Indexes +ExecCGI - php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp php_admin_value upload_tmp_dir %home%/%user%/tmp php_admin_value session.save_path %home%/%user%/tmp diff --git a/install/ubuntu/14.10/templates/web/nginx/hosting.stpl b/install/ubuntu/14.10/templates/web/nginx/hosting.stpl index d778d633..31774a08 100755 --- a/install/ubuntu/14.10/templates/web/nginx/hosting.stpl +++ b/install/ubuntu/14.10/templates/web/nginx/hosting.stpl @@ -31,7 +31,7 @@ server { location ~ /\.hg/ {return 404;} location ~ /\.bzr/ {return 404;} - disable_symlinks if_not_owner from=%docroot%; + disable_symlinks if_not_owner from=%sdocroot%; include %home%/%user%/conf/web/snginx.%domain%.conf*; } diff --git a/install/ubuntu/14.10/templates/web/nginx/php-fpm/sendy.stpl b/install/ubuntu/14.10/templates/web/nginx/php-fpm/sendy.stpl index 0b351000..e7f3dcc6 100644 --- a/install/ubuntu/14.10/templates/web/nginx/php-fpm/sendy.stpl +++ b/install/ubuntu/14.10/templates/web/nginx/php-fpm/sendy.stpl @@ -3,7 +3,7 @@ server { server_name %domain_idn% %alias_idn%; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; - root %docroot%; + root %sdocroot%; index index.php index.html index.htm; access_log /var/log/nginx/domains/%domain%.log combined; access_log /var/log/nginx/domains/%domain%.bytes bytes; diff --git a/install/ubuntu/14.10/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl b/install/ubuntu/14.10/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl index 0d933b30..0d9793ae 100644 --- a/install/ubuntu/14.10/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl +++ b/install/ubuntu/14.10/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl @@ -1,7 +1,7 @@ server { listen %ip%:%web_ssl_port%; server_name %domain_idn% %alias_idn%; - root %docroot%; + root %sdocroot%; index index.php index.html index.htm; access_log /var/log/nginx/domains/%domain%.log combined; access_log /var/log/nginx/domains/%domain%.bytes bytes; diff --git a/install/ubuntu/15.04/templates/web/apache2/basedir.stpl b/install/ubuntu/15.04/templates/web/apache2/basedir.stpl index d978d4c4..2db1d52c 100644 --- a/install/ubuntu/15.04/templates/web/apache2/basedir.stpl +++ b/install/ubuntu/15.04/templates/web/apache2/basedir.stpl @@ -15,7 +15,7 @@ AllowOverride All SSLRequireSSL Options +Includes -Indexes +ExecCGI - php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp php_admin_value upload_tmp_dir %home%/%user%/tmp php_admin_value session.save_path %home%/%user%/tmp php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" diff --git a/install/ubuntu/15.04/templates/web/apache2/hosting.stpl b/install/ubuntu/15.04/templates/web/apache2/hosting.stpl index 8892072b..c9c19512 100644 --- a/install/ubuntu/15.04/templates/web/apache2/hosting.stpl +++ b/install/ubuntu/15.04/templates/web/apache2/hosting.stpl @@ -22,7 +22,7 @@ php_admin_flag mysql.allow_persistent off php_admin_flag safe_mode off php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" - php_admin_value open_basedir %docroot%:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube php_admin_value upload_tmp_dir %home%/%user%/tmp php_admin_value session.save_path %home%/%user%/tmp diff --git a/install/ubuntu/15.04/templates/web/apache2/phpcgi.stpl b/install/ubuntu/15.04/templates/web/apache2/phpcgi.stpl index 731355bc..ae560dbe 100644 --- a/install/ubuntu/15.04/templates/web/apache2/phpcgi.stpl +++ b/install/ubuntu/15.04/templates/web/apache2/phpcgi.stpl @@ -15,7 +15,7 @@ SSLRequireSSL AllowOverride All Options +Includes -Indexes +ExecCGI - php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp php_admin_value upload_tmp_dir %home%/%user%/tmp php_admin_value session.save_path %home%/%user%/tmp Action phpcgi-script /cgi-bin/php diff --git a/install/ubuntu/15.04/templates/web/apache2/phpfcgid.stpl b/install/ubuntu/15.04/templates/web/apache2/phpfcgid.stpl index 156c8a91..bc3688d9 100644 --- a/install/ubuntu/15.04/templates/web/apache2/phpfcgid.stpl +++ b/install/ubuntu/15.04/templates/web/apache2/phpfcgid.stpl @@ -15,7 +15,7 @@ SSLRequireSSL AllowOverride All Options +Includes -Indexes +ExecCGI - php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp php_admin_value upload_tmp_dir %home%/%user%/tmp php_admin_value session.save_path %home%/%user%/tmp diff --git a/install/ubuntu/15.04/templates/web/nginx/hosting.stpl b/install/ubuntu/15.04/templates/web/nginx/hosting.stpl index d778d633..31774a08 100755 --- a/install/ubuntu/15.04/templates/web/nginx/hosting.stpl +++ b/install/ubuntu/15.04/templates/web/nginx/hosting.stpl @@ -31,7 +31,7 @@ server { location ~ /\.hg/ {return 404;} location ~ /\.bzr/ {return 404;} - disable_symlinks if_not_owner from=%docroot%; + disable_symlinks if_not_owner from=%sdocroot%; include %home%/%user%/conf/web/snginx.%domain%.conf*; } diff --git a/install/ubuntu/15.04/templates/web/nginx/php-fpm/sendy.stpl b/install/ubuntu/15.04/templates/web/nginx/php-fpm/sendy.stpl index 0b351000..e7f3dcc6 100644 --- a/install/ubuntu/15.04/templates/web/nginx/php-fpm/sendy.stpl +++ b/install/ubuntu/15.04/templates/web/nginx/php-fpm/sendy.stpl @@ -3,7 +3,7 @@ server { server_name %domain_idn% %alias_idn%; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; - root %docroot%; + root %sdocroot%; index index.php index.html index.htm; access_log /var/log/nginx/domains/%domain%.log combined; access_log /var/log/nginx/domains/%domain%.bytes bytes; diff --git a/install/ubuntu/15.04/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl b/install/ubuntu/15.04/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl index 0d933b30..0d9793ae 100644 --- a/install/ubuntu/15.04/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl +++ b/install/ubuntu/15.04/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl @@ -1,7 +1,7 @@ server { listen %ip%:%web_ssl_port%; server_name %domain_idn% %alias_idn%; - root %docroot%; + root %sdocroot%; index index.php index.html index.htm; access_log /var/log/nginx/domains/%domain%.log combined; access_log /var/log/nginx/domains/%domain%.bytes bytes; diff --git a/install/ubuntu/15.10/templates/web/apache2/basedir.stpl b/install/ubuntu/15.10/templates/web/apache2/basedir.stpl index d978d4c4..2db1d52c 100644 --- a/install/ubuntu/15.10/templates/web/apache2/basedir.stpl +++ b/install/ubuntu/15.10/templates/web/apache2/basedir.stpl @@ -15,7 +15,7 @@ AllowOverride All SSLRequireSSL Options +Includes -Indexes +ExecCGI - php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp php_admin_value upload_tmp_dir %home%/%user%/tmp php_admin_value session.save_path %home%/%user%/tmp php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" diff --git a/install/ubuntu/15.10/templates/web/apache2/hosting.stpl b/install/ubuntu/15.10/templates/web/apache2/hosting.stpl index 8892072b..c9c19512 100644 --- a/install/ubuntu/15.10/templates/web/apache2/hosting.stpl +++ b/install/ubuntu/15.10/templates/web/apache2/hosting.stpl @@ -22,7 +22,7 @@ php_admin_flag mysql.allow_persistent off php_admin_flag safe_mode off php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" - php_admin_value open_basedir %docroot%:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube php_admin_value upload_tmp_dir %home%/%user%/tmp php_admin_value session.save_path %home%/%user%/tmp diff --git a/install/ubuntu/15.10/templates/web/apache2/phpcgi.stpl b/install/ubuntu/15.10/templates/web/apache2/phpcgi.stpl index 731355bc..ae560dbe 100644 --- a/install/ubuntu/15.10/templates/web/apache2/phpcgi.stpl +++ b/install/ubuntu/15.10/templates/web/apache2/phpcgi.stpl @@ -15,7 +15,7 @@ SSLRequireSSL AllowOverride All Options +Includes -Indexes +ExecCGI - php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp php_admin_value upload_tmp_dir %home%/%user%/tmp php_admin_value session.save_path %home%/%user%/tmp Action phpcgi-script /cgi-bin/php diff --git a/install/ubuntu/15.10/templates/web/apache2/phpfcgid.stpl b/install/ubuntu/15.10/templates/web/apache2/phpfcgid.stpl index 156c8a91..bc3688d9 100644 --- a/install/ubuntu/15.10/templates/web/apache2/phpfcgid.stpl +++ b/install/ubuntu/15.10/templates/web/apache2/phpfcgid.stpl @@ -15,7 +15,7 @@ SSLRequireSSL AllowOverride All Options +Includes -Indexes +ExecCGI - php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp php_admin_value upload_tmp_dir %home%/%user%/tmp php_admin_value session.save_path %home%/%user%/tmp diff --git a/install/ubuntu/15.10/templates/web/nginx/hosting.stpl b/install/ubuntu/15.10/templates/web/nginx/hosting.stpl index d778d633..31774a08 100755 --- a/install/ubuntu/15.10/templates/web/nginx/hosting.stpl +++ b/install/ubuntu/15.10/templates/web/nginx/hosting.stpl @@ -31,7 +31,7 @@ server { location ~ /\.hg/ {return 404;} location ~ /\.bzr/ {return 404;} - disable_symlinks if_not_owner from=%docroot%; + disable_symlinks if_not_owner from=%sdocroot%; include %home%/%user%/conf/web/snginx.%domain%.conf*; } diff --git a/install/ubuntu/15.10/templates/web/nginx/php-fpm/sendy.stpl b/install/ubuntu/15.10/templates/web/nginx/php-fpm/sendy.stpl index 0b351000..e7f3dcc6 100644 --- a/install/ubuntu/15.10/templates/web/nginx/php-fpm/sendy.stpl +++ b/install/ubuntu/15.10/templates/web/nginx/php-fpm/sendy.stpl @@ -3,7 +3,7 @@ server { server_name %domain_idn% %alias_idn%; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; - root %docroot%; + root %sdocroot%; index index.php index.html index.htm; access_log /var/log/nginx/domains/%domain%.log combined; access_log /var/log/nginx/domains/%domain%.bytes bytes; diff --git a/install/ubuntu/15.10/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl b/install/ubuntu/15.10/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl index 0d933b30..0d9793ae 100644 --- a/install/ubuntu/15.10/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl +++ b/install/ubuntu/15.10/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl @@ -1,7 +1,7 @@ server { listen %ip%:%web_ssl_port%; server_name %domain_idn% %alias_idn%; - root %docroot%; + root %sdocroot%; index index.php index.html index.htm; access_log /var/log/nginx/domains/%domain%.log combined; access_log /var/log/nginx/domains/%domain%.bytes bytes; diff --git a/install/ubuntu/16.04/templates/web/apache2/basedir.stpl b/install/ubuntu/16.04/templates/web/apache2/basedir.stpl index d978d4c4..2db1d52c 100644 --- a/install/ubuntu/16.04/templates/web/apache2/basedir.stpl +++ b/install/ubuntu/16.04/templates/web/apache2/basedir.stpl @@ -15,7 +15,7 @@ AllowOverride All SSLRequireSSL Options +Includes -Indexes +ExecCGI - php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp php_admin_value upload_tmp_dir %home%/%user%/tmp php_admin_value session.save_path %home%/%user%/tmp php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" diff --git a/install/ubuntu/16.04/templates/web/apache2/hosting.stpl b/install/ubuntu/16.04/templates/web/apache2/hosting.stpl index 8892072b..c9c19512 100644 --- a/install/ubuntu/16.04/templates/web/apache2/hosting.stpl +++ b/install/ubuntu/16.04/templates/web/apache2/hosting.stpl @@ -22,7 +22,7 @@ php_admin_flag mysql.allow_persistent off php_admin_flag safe_mode off php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" - php_admin_value open_basedir %docroot%:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube php_admin_value upload_tmp_dir %home%/%user%/tmp php_admin_value session.save_path %home%/%user%/tmp diff --git a/install/ubuntu/16.04/templates/web/apache2/phpcgi.stpl b/install/ubuntu/16.04/templates/web/apache2/phpcgi.stpl index 731355bc..ae560dbe 100644 --- a/install/ubuntu/16.04/templates/web/apache2/phpcgi.stpl +++ b/install/ubuntu/16.04/templates/web/apache2/phpcgi.stpl @@ -15,7 +15,7 @@ SSLRequireSSL AllowOverride All Options +Includes -Indexes +ExecCGI - php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp php_admin_value upload_tmp_dir %home%/%user%/tmp php_admin_value session.save_path %home%/%user%/tmp Action phpcgi-script /cgi-bin/php diff --git a/install/ubuntu/16.04/templates/web/apache2/phpfcgid.stpl b/install/ubuntu/16.04/templates/web/apache2/phpfcgid.stpl index 156c8a91..bc3688d9 100644 --- a/install/ubuntu/16.04/templates/web/apache2/phpfcgid.stpl +++ b/install/ubuntu/16.04/templates/web/apache2/phpfcgid.stpl @@ -15,7 +15,7 @@ SSLRequireSSL AllowOverride All Options +Includes -Indexes +ExecCGI - php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp php_admin_value upload_tmp_dir %home%/%user%/tmp php_admin_value session.save_path %home%/%user%/tmp diff --git a/install/ubuntu/16.04/templates/web/nginx/hosting.stpl b/install/ubuntu/16.04/templates/web/nginx/hosting.stpl index d778d633..31774a08 100755 --- a/install/ubuntu/16.04/templates/web/nginx/hosting.stpl +++ b/install/ubuntu/16.04/templates/web/nginx/hosting.stpl @@ -31,7 +31,7 @@ server { location ~ /\.hg/ {return 404;} location ~ /\.bzr/ {return 404;} - disable_symlinks if_not_owner from=%docroot%; + disable_symlinks if_not_owner from=%sdocroot%; include %home%/%user%/conf/web/snginx.%domain%.conf*; } diff --git a/install/ubuntu/16.04/templates/web/nginx/php-fpm/sendy.stpl b/install/ubuntu/16.04/templates/web/nginx/php-fpm/sendy.stpl index 0b351000..e7f3dcc6 100644 --- a/install/ubuntu/16.04/templates/web/nginx/php-fpm/sendy.stpl +++ b/install/ubuntu/16.04/templates/web/nginx/php-fpm/sendy.stpl @@ -3,7 +3,7 @@ server { server_name %domain_idn% %alias_idn%; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; - root %docroot%; + root %sdocroot%; index index.php index.html index.htm; access_log /var/log/nginx/domains/%domain%.log combined; access_log /var/log/nginx/domains/%domain%.bytes bytes; diff --git a/install/ubuntu/16.04/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl b/install/ubuntu/16.04/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl index 0d933b30..0d9793ae 100644 --- a/install/ubuntu/16.04/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl +++ b/install/ubuntu/16.04/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl @@ -1,7 +1,7 @@ server { listen %ip%:%web_ssl_port%; server_name %domain_idn% %alias_idn%; - root %docroot%; + root %sdocroot%; index index.php index.html index.htm; access_log /var/log/nginx/domains/%domain%.log combined; access_log /var/log/nginx/domains/%domain%.bytes bytes; diff --git a/install/ubuntu/16.10/templates/web/apache2/basedir.stpl b/install/ubuntu/16.10/templates/web/apache2/basedir.stpl index d978d4c4..2db1d52c 100644 --- a/install/ubuntu/16.10/templates/web/apache2/basedir.stpl +++ b/install/ubuntu/16.10/templates/web/apache2/basedir.stpl @@ -15,7 +15,7 @@ AllowOverride All SSLRequireSSL Options +Includes -Indexes +ExecCGI - php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp php_admin_value upload_tmp_dir %home%/%user%/tmp php_admin_value session.save_path %home%/%user%/tmp php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" diff --git a/install/ubuntu/16.10/templates/web/apache2/hosting.stpl b/install/ubuntu/16.10/templates/web/apache2/hosting.stpl index 8892072b..c9c19512 100644 --- a/install/ubuntu/16.10/templates/web/apache2/hosting.stpl +++ b/install/ubuntu/16.10/templates/web/apache2/hosting.stpl @@ -22,7 +22,7 @@ php_admin_flag mysql.allow_persistent off php_admin_flag safe_mode off php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" - php_admin_value open_basedir %docroot%:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube php_admin_value upload_tmp_dir %home%/%user%/tmp php_admin_value session.save_path %home%/%user%/tmp diff --git a/install/ubuntu/16.10/templates/web/apache2/phpcgi.stpl b/install/ubuntu/16.10/templates/web/apache2/phpcgi.stpl index 731355bc..ae560dbe 100644 --- a/install/ubuntu/16.10/templates/web/apache2/phpcgi.stpl +++ b/install/ubuntu/16.10/templates/web/apache2/phpcgi.stpl @@ -15,7 +15,7 @@ SSLRequireSSL AllowOverride All Options +Includes -Indexes +ExecCGI - php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp php_admin_value upload_tmp_dir %home%/%user%/tmp php_admin_value session.save_path %home%/%user%/tmp Action phpcgi-script /cgi-bin/php diff --git a/install/ubuntu/16.10/templates/web/apache2/phpfcgid.stpl b/install/ubuntu/16.10/templates/web/apache2/phpfcgid.stpl index 156c8a91..bc3688d9 100644 --- a/install/ubuntu/16.10/templates/web/apache2/phpfcgid.stpl +++ b/install/ubuntu/16.10/templates/web/apache2/phpfcgid.stpl @@ -15,7 +15,7 @@ SSLRequireSSL AllowOverride All Options +Includes -Indexes +ExecCGI - php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp php_admin_value upload_tmp_dir %home%/%user%/tmp php_admin_value session.save_path %home%/%user%/tmp diff --git a/install/ubuntu/16.10/templates/web/nginx/hosting.stpl b/install/ubuntu/16.10/templates/web/nginx/hosting.stpl index d778d633..31774a08 100755 --- a/install/ubuntu/16.10/templates/web/nginx/hosting.stpl +++ b/install/ubuntu/16.10/templates/web/nginx/hosting.stpl @@ -31,7 +31,7 @@ server { location ~ /\.hg/ {return 404;} location ~ /\.bzr/ {return 404;} - disable_symlinks if_not_owner from=%docroot%; + disable_symlinks if_not_owner from=%sdocroot%; include %home%/%user%/conf/web/snginx.%domain%.conf*; } diff --git a/install/ubuntu/16.10/templates/web/nginx/php-fpm/sendy.stpl b/install/ubuntu/16.10/templates/web/nginx/php-fpm/sendy.stpl index 0b351000..e7f3dcc6 100644 --- a/install/ubuntu/16.10/templates/web/nginx/php-fpm/sendy.stpl +++ b/install/ubuntu/16.10/templates/web/nginx/php-fpm/sendy.stpl @@ -3,7 +3,7 @@ server { server_name %domain_idn% %alias_idn%; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; - root %docroot%; + root %sdocroot%; index index.php index.html index.htm; access_log /var/log/nginx/domains/%domain%.log combined; access_log /var/log/nginx/domains/%domain%.bytes bytes; diff --git a/install/ubuntu/16.10/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl b/install/ubuntu/16.10/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl index 0d933b30..0d9793ae 100644 --- a/install/ubuntu/16.10/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl +++ b/install/ubuntu/16.10/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl @@ -1,7 +1,7 @@ server { listen %ip%:%web_ssl_port%; server_name %domain_idn% %alias_idn%; - root %docroot%; + root %sdocroot%; index index.php index.html index.htm; access_log /var/log/nginx/domains/%domain%.log combined; access_log /var/log/nginx/domains/%domain%.bytes bytes; From 4b1b1e3299c924c821f8cc184c872e2a76b25fce Mon Sep 17 00:00:00 2001 From: Emmanuel Higgins Date: Thu, 25 Jan 2018 19:30:38 +1100 Subject: [PATCH 005/197] 644 chmod should only apply to files --- bin/v-add-web-domain | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/bin/v-add-web-domain b/bin/v-add-web-domain index 018adcb4..f4243f33 100755 --- a/bin/v-add-web-domain +++ b/bin/v-add-web-domain @@ -90,7 +90,7 @@ chown root:$user /var/log/$WEB_SYSTEM/domains/$domain.* $conf chmod 640 /var/log/$WEB_SYSTEM/domains/$domain.* chmod 751 $HOMEDIR/$user/web/$domain $HOMEDIR/$user/web/$domain/* chmod 551 $HOMEDIR/$user/web/$domain/stats $HOMEDIR/$user/web/$domain/logs -chmod 644 $HOMEDIR/$user/web/$domain/public_*html/* +chmod 644 $HOMEDIR/$user/web/$domain/public_*html/*.* # Addding PHP-FPM backend if [ ! -z "$WEB_BACKEND" ]; then From 40011f8f751015a233264e8120a0554b9dbe2404 Mon Sep 17 00:00:00 2001 From: "info@madeit.be" Date: Wed, 31 Jan 2018 10:46:18 +0000 Subject: [PATCH 006/197] #1462 --- install/debian/7/templates/web/nginx/http2.stpl | 6 +++--- install/debian/7/templates/web/nginx/http2.tpl | 6 +++--- install/debian/8/templates/web/nginx/http2.stpl | 6 +++--- install/debian/8/templates/web/nginx/http2.tpl | 6 +++--- install/debian/9/templates/web/nginx/http2.stpl | 6 +++--- install/debian/9/templates/web/nginx/http2.tpl | 6 +++--- install/rhel/5/templates/web/nginx/http2.stpl | 6 +++--- install/rhel/5/templates/web/nginx/http2.tpl | 6 +++--- install/rhel/6/templates/web/nginx/http2.stpl | 6 +++--- install/rhel/6/templates/web/nginx/http2.tpl | 6 +++--- install/rhel/7/templates/web/nginx/http2.stpl | 6 +++--- install/rhel/7/templates/web/nginx/http2.tpl | 6 +++--- install/ubuntu/12.04/templates/web/nginx/http2.stpl | 6 +++--- install/ubuntu/12.04/templates/web/nginx/http2.tpl | 6 +++--- install/ubuntu/12.10/templates/web/nginx/http2.stpl | 6 +++--- install/ubuntu/12.10/templates/web/nginx/http2.tpl | 6 +++--- install/ubuntu/13.04/templates/web/nginx/http2.stpl | 6 +++--- install/ubuntu/13.04/templates/web/nginx/http2.tpl | 6 +++--- install/ubuntu/13.10/templates/web/nginx/http2.stpl | 6 +++--- install/ubuntu/13.10/templates/web/nginx/http2.tpl | 6 +++--- install/ubuntu/14.04/templates/web/nginx/http2.stpl | 6 +++--- install/ubuntu/14.04/templates/web/nginx/http2.tpl | 6 +++--- install/ubuntu/14.10/templates/web/nginx/http2.stpl | 6 +++--- install/ubuntu/14.10/templates/web/nginx/http2.tpl | 6 +++--- install/ubuntu/15.04/templates/web/nginx/http2.stpl | 6 +++--- install/ubuntu/15.04/templates/web/nginx/http2.tpl | 6 +++--- install/ubuntu/15.10/templates/web/nginx/http2.stpl | 6 +++--- install/ubuntu/15.10/templates/web/nginx/http2.tpl | 6 +++--- install/ubuntu/16.04/templates/web/nginx/http2.stpl | 6 +++--- install/ubuntu/16.04/templates/web/nginx/http2.tpl | 6 +++--- install/ubuntu/16.10/templates/web/nginx/http2.stpl | 6 +++--- install/ubuntu/16.10/templates/web/nginx/http2.tpl | 6 +++--- 32 files changed, 96 insertions(+), 96 deletions(-) diff --git a/install/debian/7/templates/web/nginx/http2.stpl b/install/debian/7/templates/web/nginx/http2.stpl index 76dd2f8e..72e72a90 100644 --- a/install/debian/7/templates/web/nginx/http2.stpl +++ b/install/debian/7/templates/web/nginx/http2.stpl @@ -4,14 +4,14 @@ server { ssl on; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; - error_log /var/log/httpd/domains/%domain%.error.log error; + error_log /var/log/%web_system%/domains/%domain%.error.log error; location / { proxy_pass https://%ip%:%web_ssl_port%; location ~* ^.+\.(%proxy_extentions%)$ { root %sdocroot%; - access_log /var/log/httpd/domains/%domain%.log combined; - access_log /var/log/httpd/domains/%domain%.bytes bytes; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; expires max; try_files $uri @fallback; } diff --git a/install/debian/7/templates/web/nginx/http2.tpl b/install/debian/7/templates/web/nginx/http2.tpl index c1fec114..4d5c774b 100644 --- a/install/debian/7/templates/web/nginx/http2.tpl +++ b/install/debian/7/templates/web/nginx/http2.tpl @@ -1,14 +1,14 @@ server { listen %ip%:%proxy_port%; server_name %domain_idn% %alias_idn%; - error_log /var/log/httpd/domains/%domain%.error.log error; + error_log /var/log/%web_system%/domains/%domain%.error.log error; location / { proxy_pass http://%ip%:%web_port%; location ~* ^.+\.(%proxy_extentions%)$ { root %docroot%; - access_log /var/log/httpd/domains/%domain%.log combined; - access_log /var/log/httpd/domains/%domain%.bytes bytes; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; expires max; try_files $uri @fallback; } diff --git a/install/debian/8/templates/web/nginx/http2.stpl b/install/debian/8/templates/web/nginx/http2.stpl index 76dd2f8e..72e72a90 100644 --- a/install/debian/8/templates/web/nginx/http2.stpl +++ b/install/debian/8/templates/web/nginx/http2.stpl @@ -4,14 +4,14 @@ server { ssl on; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; - error_log /var/log/httpd/domains/%domain%.error.log error; + error_log /var/log/%web_system%/domains/%domain%.error.log error; location / { proxy_pass https://%ip%:%web_ssl_port%; location ~* ^.+\.(%proxy_extentions%)$ { root %sdocroot%; - access_log /var/log/httpd/domains/%domain%.log combined; - access_log /var/log/httpd/domains/%domain%.bytes bytes; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; expires max; try_files $uri @fallback; } diff --git a/install/debian/8/templates/web/nginx/http2.tpl b/install/debian/8/templates/web/nginx/http2.tpl index c1fec114..4d5c774b 100644 --- a/install/debian/8/templates/web/nginx/http2.tpl +++ b/install/debian/8/templates/web/nginx/http2.tpl @@ -1,14 +1,14 @@ server { listen %ip%:%proxy_port%; server_name %domain_idn% %alias_idn%; - error_log /var/log/httpd/domains/%domain%.error.log error; + error_log /var/log/%web_system%/domains/%domain%.error.log error; location / { proxy_pass http://%ip%:%web_port%; location ~* ^.+\.(%proxy_extentions%)$ { root %docroot%; - access_log /var/log/httpd/domains/%domain%.log combined; - access_log /var/log/httpd/domains/%domain%.bytes bytes; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; expires max; try_files $uri @fallback; } diff --git a/install/debian/9/templates/web/nginx/http2.stpl b/install/debian/9/templates/web/nginx/http2.stpl index 76dd2f8e..72e72a90 100644 --- a/install/debian/9/templates/web/nginx/http2.stpl +++ b/install/debian/9/templates/web/nginx/http2.stpl @@ -4,14 +4,14 @@ server { ssl on; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; - error_log /var/log/httpd/domains/%domain%.error.log error; + error_log /var/log/%web_system%/domains/%domain%.error.log error; location / { proxy_pass https://%ip%:%web_ssl_port%; location ~* ^.+\.(%proxy_extentions%)$ { root %sdocroot%; - access_log /var/log/httpd/domains/%domain%.log combined; - access_log /var/log/httpd/domains/%domain%.bytes bytes; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; expires max; try_files $uri @fallback; } diff --git a/install/debian/9/templates/web/nginx/http2.tpl b/install/debian/9/templates/web/nginx/http2.tpl index c1fec114..4d5c774b 100644 --- a/install/debian/9/templates/web/nginx/http2.tpl +++ b/install/debian/9/templates/web/nginx/http2.tpl @@ -1,14 +1,14 @@ server { listen %ip%:%proxy_port%; server_name %domain_idn% %alias_idn%; - error_log /var/log/httpd/domains/%domain%.error.log error; + error_log /var/log/%web_system%/domains/%domain%.error.log error; location / { proxy_pass http://%ip%:%web_port%; location ~* ^.+\.(%proxy_extentions%)$ { root %docroot%; - access_log /var/log/httpd/domains/%domain%.log combined; - access_log /var/log/httpd/domains/%domain%.bytes bytes; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; expires max; try_files $uri @fallback; } diff --git a/install/rhel/5/templates/web/nginx/http2.stpl b/install/rhel/5/templates/web/nginx/http2.stpl index 76dd2f8e..72e72a90 100644 --- a/install/rhel/5/templates/web/nginx/http2.stpl +++ b/install/rhel/5/templates/web/nginx/http2.stpl @@ -4,14 +4,14 @@ server { ssl on; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; - error_log /var/log/httpd/domains/%domain%.error.log error; + error_log /var/log/%web_system%/domains/%domain%.error.log error; location / { proxy_pass https://%ip%:%web_ssl_port%; location ~* ^.+\.(%proxy_extentions%)$ { root %sdocroot%; - access_log /var/log/httpd/domains/%domain%.log combined; - access_log /var/log/httpd/domains/%domain%.bytes bytes; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; expires max; try_files $uri @fallback; } diff --git a/install/rhel/5/templates/web/nginx/http2.tpl b/install/rhel/5/templates/web/nginx/http2.tpl index c1fec114..4d5c774b 100644 --- a/install/rhel/5/templates/web/nginx/http2.tpl +++ b/install/rhel/5/templates/web/nginx/http2.tpl @@ -1,14 +1,14 @@ server { listen %ip%:%proxy_port%; server_name %domain_idn% %alias_idn%; - error_log /var/log/httpd/domains/%domain%.error.log error; + error_log /var/log/%web_system%/domains/%domain%.error.log error; location / { proxy_pass http://%ip%:%web_port%; location ~* ^.+\.(%proxy_extentions%)$ { root %docroot%; - access_log /var/log/httpd/domains/%domain%.log combined; - access_log /var/log/httpd/domains/%domain%.bytes bytes; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; expires max; try_files $uri @fallback; } diff --git a/install/rhel/6/templates/web/nginx/http2.stpl b/install/rhel/6/templates/web/nginx/http2.stpl index 40e79aef..af55e7e5 100644 --- a/install/rhel/6/templates/web/nginx/http2.stpl +++ b/install/rhel/6/templates/web/nginx/http2.stpl @@ -4,14 +4,14 @@ server { ssl on; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; - error_log /var/log/httpd/domains/%domain%.error.log error; + error_log /var/log/%web_system%/domains/%domain%.error.log error; location / { proxy_pass https://%ip%:%web_ssl_port%; location ~* ^.+\.(%proxy_extentions%)$ { root %sdocroot%; - access_log /var/log/httpd/domains/%domain%.log combined; - access_log /var/log/httpd/domains/%domain%.bytes bytes; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; expires max; try_files $uri @fallback; } diff --git a/install/rhel/6/templates/web/nginx/http2.tpl b/install/rhel/6/templates/web/nginx/http2.tpl index 826276bd..b20e2922 100644 --- a/install/rhel/6/templates/web/nginx/http2.tpl +++ b/install/rhel/6/templates/web/nginx/http2.tpl @@ -1,14 +1,14 @@ server { listen %ip%:%proxy_port%; server_name %domain_idn% %alias_idn%; - error_log /var/log/httpd/domains/%domain%.error.log error; + error_log /var/log/%web_system%/domains/%domain%.error.log error; location / { proxy_pass http://%ip%:%web_port%; location ~* ^.+\.(%proxy_extentions%)$ { root %docroot%; - access_log /var/log/httpd/domains/%domain%.log combined; - access_log /var/log/httpd/domains/%domain%.bytes bytes; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; expires max; try_files $uri @fallback; } diff --git a/install/rhel/7/templates/web/nginx/http2.stpl b/install/rhel/7/templates/web/nginx/http2.stpl index 76dd2f8e..72e72a90 100644 --- a/install/rhel/7/templates/web/nginx/http2.stpl +++ b/install/rhel/7/templates/web/nginx/http2.stpl @@ -4,14 +4,14 @@ server { ssl on; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; - error_log /var/log/httpd/domains/%domain%.error.log error; + error_log /var/log/%web_system%/domains/%domain%.error.log error; location / { proxy_pass https://%ip%:%web_ssl_port%; location ~* ^.+\.(%proxy_extentions%)$ { root %sdocroot%; - access_log /var/log/httpd/domains/%domain%.log combined; - access_log /var/log/httpd/domains/%domain%.bytes bytes; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; expires max; try_files $uri @fallback; } diff --git a/install/rhel/7/templates/web/nginx/http2.tpl b/install/rhel/7/templates/web/nginx/http2.tpl index c1fec114..4d5c774b 100644 --- a/install/rhel/7/templates/web/nginx/http2.tpl +++ b/install/rhel/7/templates/web/nginx/http2.tpl @@ -1,14 +1,14 @@ server { listen %ip%:%proxy_port%; server_name %domain_idn% %alias_idn%; - error_log /var/log/httpd/domains/%domain%.error.log error; + error_log /var/log/%web_system%/domains/%domain%.error.log error; location / { proxy_pass http://%ip%:%web_port%; location ~* ^.+\.(%proxy_extentions%)$ { root %docroot%; - access_log /var/log/httpd/domains/%domain%.log combined; - access_log /var/log/httpd/domains/%domain%.bytes bytes; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; expires max; try_files $uri @fallback; } diff --git a/install/ubuntu/12.04/templates/web/nginx/http2.stpl b/install/ubuntu/12.04/templates/web/nginx/http2.stpl index 76dd2f8e..72e72a90 100644 --- a/install/ubuntu/12.04/templates/web/nginx/http2.stpl +++ b/install/ubuntu/12.04/templates/web/nginx/http2.stpl @@ -4,14 +4,14 @@ server { ssl on; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; - error_log /var/log/httpd/domains/%domain%.error.log error; + error_log /var/log/%web_system%/domains/%domain%.error.log error; location / { proxy_pass https://%ip%:%web_ssl_port%; location ~* ^.+\.(%proxy_extentions%)$ { root %sdocroot%; - access_log /var/log/httpd/domains/%domain%.log combined; - access_log /var/log/httpd/domains/%domain%.bytes bytes; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; expires max; try_files $uri @fallback; } diff --git a/install/ubuntu/12.04/templates/web/nginx/http2.tpl b/install/ubuntu/12.04/templates/web/nginx/http2.tpl index c1fec114..4d5c774b 100644 --- a/install/ubuntu/12.04/templates/web/nginx/http2.tpl +++ b/install/ubuntu/12.04/templates/web/nginx/http2.tpl @@ -1,14 +1,14 @@ server { listen %ip%:%proxy_port%; server_name %domain_idn% %alias_idn%; - error_log /var/log/httpd/domains/%domain%.error.log error; + error_log /var/log/%web_system%/domains/%domain%.error.log error; location / { proxy_pass http://%ip%:%web_port%; location ~* ^.+\.(%proxy_extentions%)$ { root %docroot%; - access_log /var/log/httpd/domains/%domain%.log combined; - access_log /var/log/httpd/domains/%domain%.bytes bytes; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; expires max; try_files $uri @fallback; } diff --git a/install/ubuntu/12.10/templates/web/nginx/http2.stpl b/install/ubuntu/12.10/templates/web/nginx/http2.stpl index 76dd2f8e..72e72a90 100644 --- a/install/ubuntu/12.10/templates/web/nginx/http2.stpl +++ b/install/ubuntu/12.10/templates/web/nginx/http2.stpl @@ -4,14 +4,14 @@ server { ssl on; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; - error_log /var/log/httpd/domains/%domain%.error.log error; + error_log /var/log/%web_system%/domains/%domain%.error.log error; location / { proxy_pass https://%ip%:%web_ssl_port%; location ~* ^.+\.(%proxy_extentions%)$ { root %sdocroot%; - access_log /var/log/httpd/domains/%domain%.log combined; - access_log /var/log/httpd/domains/%domain%.bytes bytes; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; expires max; try_files $uri @fallback; } diff --git a/install/ubuntu/12.10/templates/web/nginx/http2.tpl b/install/ubuntu/12.10/templates/web/nginx/http2.tpl index c1fec114..4d5c774b 100644 --- a/install/ubuntu/12.10/templates/web/nginx/http2.tpl +++ b/install/ubuntu/12.10/templates/web/nginx/http2.tpl @@ -1,14 +1,14 @@ server { listen %ip%:%proxy_port%; server_name %domain_idn% %alias_idn%; - error_log /var/log/httpd/domains/%domain%.error.log error; + error_log /var/log/%web_system%/domains/%domain%.error.log error; location / { proxy_pass http://%ip%:%web_port%; location ~* ^.+\.(%proxy_extentions%)$ { root %docroot%; - access_log /var/log/httpd/domains/%domain%.log combined; - access_log /var/log/httpd/domains/%domain%.bytes bytes; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; expires max; try_files $uri @fallback; } diff --git a/install/ubuntu/13.04/templates/web/nginx/http2.stpl b/install/ubuntu/13.04/templates/web/nginx/http2.stpl index 76dd2f8e..72e72a90 100644 --- a/install/ubuntu/13.04/templates/web/nginx/http2.stpl +++ b/install/ubuntu/13.04/templates/web/nginx/http2.stpl @@ -4,14 +4,14 @@ server { ssl on; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; - error_log /var/log/httpd/domains/%domain%.error.log error; + error_log /var/log/%web_system%/domains/%domain%.error.log error; location / { proxy_pass https://%ip%:%web_ssl_port%; location ~* ^.+\.(%proxy_extentions%)$ { root %sdocroot%; - access_log /var/log/httpd/domains/%domain%.log combined; - access_log /var/log/httpd/domains/%domain%.bytes bytes; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; expires max; try_files $uri @fallback; } diff --git a/install/ubuntu/13.04/templates/web/nginx/http2.tpl b/install/ubuntu/13.04/templates/web/nginx/http2.tpl index c1fec114..4d5c774b 100644 --- a/install/ubuntu/13.04/templates/web/nginx/http2.tpl +++ b/install/ubuntu/13.04/templates/web/nginx/http2.tpl @@ -1,14 +1,14 @@ server { listen %ip%:%proxy_port%; server_name %domain_idn% %alias_idn%; - error_log /var/log/httpd/domains/%domain%.error.log error; + error_log /var/log/%web_system%/domains/%domain%.error.log error; location / { proxy_pass http://%ip%:%web_port%; location ~* ^.+\.(%proxy_extentions%)$ { root %docroot%; - access_log /var/log/httpd/domains/%domain%.log combined; - access_log /var/log/httpd/domains/%domain%.bytes bytes; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; expires max; try_files $uri @fallback; } diff --git a/install/ubuntu/13.10/templates/web/nginx/http2.stpl b/install/ubuntu/13.10/templates/web/nginx/http2.stpl index 76dd2f8e..72e72a90 100644 --- a/install/ubuntu/13.10/templates/web/nginx/http2.stpl +++ b/install/ubuntu/13.10/templates/web/nginx/http2.stpl @@ -4,14 +4,14 @@ server { ssl on; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; - error_log /var/log/httpd/domains/%domain%.error.log error; + error_log /var/log/%web_system%/domains/%domain%.error.log error; location / { proxy_pass https://%ip%:%web_ssl_port%; location ~* ^.+\.(%proxy_extentions%)$ { root %sdocroot%; - access_log /var/log/httpd/domains/%domain%.log combined; - access_log /var/log/httpd/domains/%domain%.bytes bytes; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; expires max; try_files $uri @fallback; } diff --git a/install/ubuntu/13.10/templates/web/nginx/http2.tpl b/install/ubuntu/13.10/templates/web/nginx/http2.tpl index c1fec114..4d5c774b 100644 --- a/install/ubuntu/13.10/templates/web/nginx/http2.tpl +++ b/install/ubuntu/13.10/templates/web/nginx/http2.tpl @@ -1,14 +1,14 @@ server { listen %ip%:%proxy_port%; server_name %domain_idn% %alias_idn%; - error_log /var/log/httpd/domains/%domain%.error.log error; + error_log /var/log/%web_system%/domains/%domain%.error.log error; location / { proxy_pass http://%ip%:%web_port%; location ~* ^.+\.(%proxy_extentions%)$ { root %docroot%; - access_log /var/log/httpd/domains/%domain%.log combined; - access_log /var/log/httpd/domains/%domain%.bytes bytes; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; expires max; try_files $uri @fallback; } diff --git a/install/ubuntu/14.04/templates/web/nginx/http2.stpl b/install/ubuntu/14.04/templates/web/nginx/http2.stpl index 76dd2f8e..72e72a90 100644 --- a/install/ubuntu/14.04/templates/web/nginx/http2.stpl +++ b/install/ubuntu/14.04/templates/web/nginx/http2.stpl @@ -4,14 +4,14 @@ server { ssl on; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; - error_log /var/log/httpd/domains/%domain%.error.log error; + error_log /var/log/%web_system%/domains/%domain%.error.log error; location / { proxy_pass https://%ip%:%web_ssl_port%; location ~* ^.+\.(%proxy_extentions%)$ { root %sdocroot%; - access_log /var/log/httpd/domains/%domain%.log combined; - access_log /var/log/httpd/domains/%domain%.bytes bytes; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; expires max; try_files $uri @fallback; } diff --git a/install/ubuntu/14.04/templates/web/nginx/http2.tpl b/install/ubuntu/14.04/templates/web/nginx/http2.tpl index c1fec114..4d5c774b 100644 --- a/install/ubuntu/14.04/templates/web/nginx/http2.tpl +++ b/install/ubuntu/14.04/templates/web/nginx/http2.tpl @@ -1,14 +1,14 @@ server { listen %ip%:%proxy_port%; server_name %domain_idn% %alias_idn%; - error_log /var/log/httpd/domains/%domain%.error.log error; + error_log /var/log/%web_system%/domains/%domain%.error.log error; location / { proxy_pass http://%ip%:%web_port%; location ~* ^.+\.(%proxy_extentions%)$ { root %docroot%; - access_log /var/log/httpd/domains/%domain%.log combined; - access_log /var/log/httpd/domains/%domain%.bytes bytes; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; expires max; try_files $uri @fallback; } diff --git a/install/ubuntu/14.10/templates/web/nginx/http2.stpl b/install/ubuntu/14.10/templates/web/nginx/http2.stpl index 76dd2f8e..72e72a90 100644 --- a/install/ubuntu/14.10/templates/web/nginx/http2.stpl +++ b/install/ubuntu/14.10/templates/web/nginx/http2.stpl @@ -4,14 +4,14 @@ server { ssl on; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; - error_log /var/log/httpd/domains/%domain%.error.log error; + error_log /var/log/%web_system%/domains/%domain%.error.log error; location / { proxy_pass https://%ip%:%web_ssl_port%; location ~* ^.+\.(%proxy_extentions%)$ { root %sdocroot%; - access_log /var/log/httpd/domains/%domain%.log combined; - access_log /var/log/httpd/domains/%domain%.bytes bytes; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; expires max; try_files $uri @fallback; } diff --git a/install/ubuntu/14.10/templates/web/nginx/http2.tpl b/install/ubuntu/14.10/templates/web/nginx/http2.tpl index c1fec114..4d5c774b 100644 --- a/install/ubuntu/14.10/templates/web/nginx/http2.tpl +++ b/install/ubuntu/14.10/templates/web/nginx/http2.tpl @@ -1,14 +1,14 @@ server { listen %ip%:%proxy_port%; server_name %domain_idn% %alias_idn%; - error_log /var/log/httpd/domains/%domain%.error.log error; + error_log /var/log/%web_system%/domains/%domain%.error.log error; location / { proxy_pass http://%ip%:%web_port%; location ~* ^.+\.(%proxy_extentions%)$ { root %docroot%; - access_log /var/log/httpd/domains/%domain%.log combined; - access_log /var/log/httpd/domains/%domain%.bytes bytes; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; expires max; try_files $uri @fallback; } diff --git a/install/ubuntu/15.04/templates/web/nginx/http2.stpl b/install/ubuntu/15.04/templates/web/nginx/http2.stpl index 76dd2f8e..72e72a90 100644 --- a/install/ubuntu/15.04/templates/web/nginx/http2.stpl +++ b/install/ubuntu/15.04/templates/web/nginx/http2.stpl @@ -4,14 +4,14 @@ server { ssl on; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; - error_log /var/log/httpd/domains/%domain%.error.log error; + error_log /var/log/%web_system%/domains/%domain%.error.log error; location / { proxy_pass https://%ip%:%web_ssl_port%; location ~* ^.+\.(%proxy_extentions%)$ { root %sdocroot%; - access_log /var/log/httpd/domains/%domain%.log combined; - access_log /var/log/httpd/domains/%domain%.bytes bytes; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; expires max; try_files $uri @fallback; } diff --git a/install/ubuntu/15.04/templates/web/nginx/http2.tpl b/install/ubuntu/15.04/templates/web/nginx/http2.tpl index c1fec114..4d5c774b 100644 --- a/install/ubuntu/15.04/templates/web/nginx/http2.tpl +++ b/install/ubuntu/15.04/templates/web/nginx/http2.tpl @@ -1,14 +1,14 @@ server { listen %ip%:%proxy_port%; server_name %domain_idn% %alias_idn%; - error_log /var/log/httpd/domains/%domain%.error.log error; + error_log /var/log/%web_system%/domains/%domain%.error.log error; location / { proxy_pass http://%ip%:%web_port%; location ~* ^.+\.(%proxy_extentions%)$ { root %docroot%; - access_log /var/log/httpd/domains/%domain%.log combined; - access_log /var/log/httpd/domains/%domain%.bytes bytes; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; expires max; try_files $uri @fallback; } diff --git a/install/ubuntu/15.10/templates/web/nginx/http2.stpl b/install/ubuntu/15.10/templates/web/nginx/http2.stpl index 76dd2f8e..72e72a90 100644 --- a/install/ubuntu/15.10/templates/web/nginx/http2.stpl +++ b/install/ubuntu/15.10/templates/web/nginx/http2.stpl @@ -4,14 +4,14 @@ server { ssl on; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; - error_log /var/log/httpd/domains/%domain%.error.log error; + error_log /var/log/%web_system%/domains/%domain%.error.log error; location / { proxy_pass https://%ip%:%web_ssl_port%; location ~* ^.+\.(%proxy_extentions%)$ { root %sdocroot%; - access_log /var/log/httpd/domains/%domain%.log combined; - access_log /var/log/httpd/domains/%domain%.bytes bytes; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; expires max; try_files $uri @fallback; } diff --git a/install/ubuntu/15.10/templates/web/nginx/http2.tpl b/install/ubuntu/15.10/templates/web/nginx/http2.tpl index c1fec114..4d5c774b 100644 --- a/install/ubuntu/15.10/templates/web/nginx/http2.tpl +++ b/install/ubuntu/15.10/templates/web/nginx/http2.tpl @@ -1,14 +1,14 @@ server { listen %ip%:%proxy_port%; server_name %domain_idn% %alias_idn%; - error_log /var/log/httpd/domains/%domain%.error.log error; + error_log /var/log/%web_system%/domains/%domain%.error.log error; location / { proxy_pass http://%ip%:%web_port%; location ~* ^.+\.(%proxy_extentions%)$ { root %docroot%; - access_log /var/log/httpd/domains/%domain%.log combined; - access_log /var/log/httpd/domains/%domain%.bytes bytes; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; expires max; try_files $uri @fallback; } diff --git a/install/ubuntu/16.04/templates/web/nginx/http2.stpl b/install/ubuntu/16.04/templates/web/nginx/http2.stpl index 76dd2f8e..72e72a90 100644 --- a/install/ubuntu/16.04/templates/web/nginx/http2.stpl +++ b/install/ubuntu/16.04/templates/web/nginx/http2.stpl @@ -4,14 +4,14 @@ server { ssl on; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; - error_log /var/log/httpd/domains/%domain%.error.log error; + error_log /var/log/%web_system%/domains/%domain%.error.log error; location / { proxy_pass https://%ip%:%web_ssl_port%; location ~* ^.+\.(%proxy_extentions%)$ { root %sdocroot%; - access_log /var/log/httpd/domains/%domain%.log combined; - access_log /var/log/httpd/domains/%domain%.bytes bytes; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; expires max; try_files $uri @fallback; } diff --git a/install/ubuntu/16.04/templates/web/nginx/http2.tpl b/install/ubuntu/16.04/templates/web/nginx/http2.tpl index c1fec114..4d5c774b 100644 --- a/install/ubuntu/16.04/templates/web/nginx/http2.tpl +++ b/install/ubuntu/16.04/templates/web/nginx/http2.tpl @@ -1,14 +1,14 @@ server { listen %ip%:%proxy_port%; server_name %domain_idn% %alias_idn%; - error_log /var/log/httpd/domains/%domain%.error.log error; + error_log /var/log/%web_system%/domains/%domain%.error.log error; location / { proxy_pass http://%ip%:%web_port%; location ~* ^.+\.(%proxy_extentions%)$ { root %docroot%; - access_log /var/log/httpd/domains/%domain%.log combined; - access_log /var/log/httpd/domains/%domain%.bytes bytes; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; expires max; try_files $uri @fallback; } diff --git a/install/ubuntu/16.10/templates/web/nginx/http2.stpl b/install/ubuntu/16.10/templates/web/nginx/http2.stpl index 76dd2f8e..72e72a90 100644 --- a/install/ubuntu/16.10/templates/web/nginx/http2.stpl +++ b/install/ubuntu/16.10/templates/web/nginx/http2.stpl @@ -4,14 +4,14 @@ server { ssl on; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; - error_log /var/log/httpd/domains/%domain%.error.log error; + error_log /var/log/%web_system%/domains/%domain%.error.log error; location / { proxy_pass https://%ip%:%web_ssl_port%; location ~* ^.+\.(%proxy_extentions%)$ { root %sdocroot%; - access_log /var/log/httpd/domains/%domain%.log combined; - access_log /var/log/httpd/domains/%domain%.bytes bytes; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; expires max; try_files $uri @fallback; } diff --git a/install/ubuntu/16.10/templates/web/nginx/http2.tpl b/install/ubuntu/16.10/templates/web/nginx/http2.tpl index c1fec114..4d5c774b 100644 --- a/install/ubuntu/16.10/templates/web/nginx/http2.tpl +++ b/install/ubuntu/16.10/templates/web/nginx/http2.tpl @@ -1,14 +1,14 @@ server { listen %ip%:%proxy_port%; server_name %domain_idn% %alias_idn%; - error_log /var/log/httpd/domains/%domain%.error.log error; + error_log /var/log/%web_system%/domains/%domain%.error.log error; location / { proxy_pass http://%ip%:%web_port%; location ~* ^.+\.(%proxy_extentions%)$ { root %docroot%; - access_log /var/log/httpd/domains/%domain%.log combined; - access_log /var/log/httpd/domains/%domain%.bytes bytes; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; expires max; try_files $uri @fallback; } From acf3e0be1391115610ba959cf182006294c96676 Mon Sep 17 00:00:00 2001 From: darkworks Date: Tue, 10 Apr 2018 19:53:27 +0500 Subject: [PATCH 007/197] check for yum properly. check for yum properly. --- bin/v-update-sys-vesta | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/bin/v-update-sys-vesta b/bin/v-update-sys-vesta index 39cd33a2..418fe26f 100755 --- a/bin/v-update-sys-vesta +++ b/bin/v-update-sys-vesta @@ -33,7 +33,7 @@ check_args '1' "$#" 'PACKAGE' # Action # #----------------------------------------------------------# -if [ -d "/etc/sysconfig" ]; then +if [ -n "$(command -v yum)" ]; then # Clean yum chache yum -q clean all From 3742d5f13decc9e5bda699b661f773294cd1ada6 Mon Sep 17 00:00:00 2001 From: asfihani Date: Tue, 17 Apr 2018 16:23:36 +0700 Subject: [PATCH 008/197] Add wp super cache support --- .../php-fpm/wordpress2_wp_super_cache.tpl | 85 +++++++++++++++++++ 1 file changed, 85 insertions(+) create mode 100644 install/rhel/7/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl diff --git a/install/rhel/7/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl b/install/rhel/7/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl new file mode 100644 index 00000000..c0a5239e --- /dev/null +++ b/install/rhel/7/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl @@ -0,0 +1,85 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + set $cache_uri $request_uri; + + if ($request_method = POST) { + set $cache_uri 'null cache'; + } + + if ($query_string != "") { + set $cache_uri 'null cache'; + } + + if ($request_uri ~* "(/wp-admin/|/xmlrpc.php|/wp-(app|cron|login|register|mail).php + |wp-.*.php|/feed/|index.php|wp-comments-popup.php + |wp-links-opml.php|wp-locations.php |sitemap(_index)?.xml + |[a-z0-9_-]+-sitemap([0-9]+)?.xml)") { + set $cache_uri 'null cache'; + } + + if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+ + |wp-postpass|wordpress_logged_in|woocommerce_cart_hash|woocommerce_items_in_cart|wp_woocommerce_session_") { + set $cache_uri 'null cache'; + } + + location / { + try_files /wp-content/cache/supercache/$http_host/$cache_uri/index.html $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} From 3f9f8d9467b68299e36ff3e3385eb2add80ce66b Mon Sep 17 00:00:00 2001 From: asfihani Date: Tue, 17 Apr 2018 16:27:38 +0700 Subject: [PATCH 009/197] Add wp super cache support --- .../php-fpm/wordpress2_wp_super_cache.stpl | 89 +++++++++++++++++++ 1 file changed, 89 insertions(+) create mode 100644 install/rhel/7/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl diff --git a/install/rhel/7/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl b/install/rhel/7/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl new file mode 100644 index 00000000..f33ed507 --- /dev/null +++ b/install/rhel/7/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl @@ -0,0 +1,89 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + set $cache_uri $request_uri; + + if ($request_method = POST) { + set $cache_uri 'null cache'; + } + + if ($query_string != "") { + set $cache_uri 'null cache'; + } + + if ($request_uri ~* "(/wp-admin/|/xmlrpc.php|/wp-(app|cron|login|register|mail).php + |wp-.*.php|/feed/|index.php|wp-comments-popup.php + |wp-links-opml.php|wp-locations.php |sitemap(_index)?.xml + |[a-z0-9_-]+-sitemap([0-9]+)?.xml)") { + set $cache_uri 'null cache'; + } + + if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+ + |wp-postpass|wordpress_logged_in|woocommerce_cart_hash|woocommerce_items_in_cart|wp_woocommerce_session_") { + set $cache_uri 'null cache'; + } + + location / { + try_files /wp-content/cache/supercache/$http_host/$cache_uri/index-https.html $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} From 17f198cc360775c35e71700e0da9e7abaff20f6d Mon Sep 17 00:00:00 2001 From: Asfihani Date: Tue, 17 Apr 2018 16:44:12 +0700 Subject: [PATCH 010/197] Add Wordpress WP Super Cache plugin template support --- .../php5-fpm/wordpress2_wp_super_cache.stpl | 89 +++++++++++++++++++ .../php5-fpm/wordpress2_wp_super_cache.tpl | 85 ++++++++++++++++++ .../php5-fpm/wordpress2_wp_super_cache.stpl | 89 +++++++++++++++++++ .../php5-fpm/wordpress2_wp_super_cache.tpl | 85 ++++++++++++++++++ .../php-fpm/wordpress2_wp_super_cache.stpl | 89 +++++++++++++++++++ .../php-fpm/wordpress2_wp_super_cache.tpl | 85 ++++++++++++++++++ .../php-fpm/wordpress2_wp_super_cache.stpl | 89 +++++++++++++++++++ .../php-fpm/wordpress2_wp_super_cache.tpl | 85 ++++++++++++++++++ .../php-fpm/wordpress2_wp_super_cache.stpl | 89 +++++++++++++++++++ .../php-fpm/wordpress2_wp_super_cache.tpl | 85 ++++++++++++++++++ .../php-fpm/wordpress2_wp_super_cache.stpl | 89 +++++++++++++++++++ .../php-fpm/wordpress2_wp_super_cache.tpl | 85 ++++++++++++++++++ .../php-fpm/wordpress2_wp_super_cache.stpl | 89 +++++++++++++++++++ .../php-fpm/wordpress2_wp_super_cache.tpl | 85 ++++++++++++++++++ .../php-fpm/wordpress2_wp_super_cache.stpl | 89 +++++++++++++++++++ .../php-fpm/wordpress2_wp_super_cache.tpl | 85 ++++++++++++++++++ .../php-fpm/wordpress2_wp_super_cache.stpl | 89 +++++++++++++++++++ .../php-fpm/wordpress2_wp_super_cache.tpl | 85 ++++++++++++++++++ .../php-fpm/wordpress2_wp_super_cache.stpl | 89 +++++++++++++++++++ .../php-fpm/wordpress2_wp_super_cache.tpl | 85 ++++++++++++++++++ .../php-fpm/wordpress2_wp_super_cache.stpl | 89 +++++++++++++++++++ .../php-fpm/wordpress2_wp_super_cache.tpl | 85 ++++++++++++++++++ .../php-fpm/wordpress2_wp_super_cache.stpl | 89 +++++++++++++++++++ .../php-fpm/wordpress2_wp_super_cache.tpl | 85 ++++++++++++++++++ .../php-fpm/wordpress2_wp_super_cache.stpl | 89 +++++++++++++++++++ .../php-fpm/wordpress2_wp_super_cache.tpl | 85 ++++++++++++++++++ .../php-fpm/wordpress2_wp_super_cache.stpl | 89 +++++++++++++++++++ .../php-fpm/wordpress2_wp_super_cache.tpl | 85 ++++++++++++++++++ .../php-fpm/wordpress2_wp_super_cache.stpl | 89 +++++++++++++++++++ .../php-fpm/wordpress2_wp_super_cache.tpl | 85 ++++++++++++++++++ 30 files changed, 2610 insertions(+) create mode 100644 install/debian/7/templates/web/nginx/php5-fpm/wordpress2_wp_super_cache.stpl create mode 100644 install/debian/7/templates/web/nginx/php5-fpm/wordpress2_wp_super_cache.tpl create mode 100644 install/debian/8/templates/web/nginx/php5-fpm/wordpress2_wp_super_cache.stpl create mode 100644 install/debian/8/templates/web/nginx/php5-fpm/wordpress2_wp_super_cache.tpl create mode 100644 install/debian/9/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl create mode 100644 install/debian/9/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl create mode 100644 install/rhel/5/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl create mode 100644 install/rhel/5/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl create mode 100644 install/rhel/6/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl create mode 100644 install/rhel/6/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl create mode 100644 install/ubuntu/12.04/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl create mode 100644 install/ubuntu/12.04/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl create mode 100644 install/ubuntu/12.10/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl create mode 100644 install/ubuntu/12.10/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl create mode 100644 install/ubuntu/13.04/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl create mode 100644 install/ubuntu/13.04/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl create mode 100644 install/ubuntu/13.10/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl create mode 100644 install/ubuntu/13.10/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl create mode 100644 install/ubuntu/14.04/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl create mode 100644 install/ubuntu/14.04/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl create mode 100644 install/ubuntu/14.10/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl create mode 100644 install/ubuntu/14.10/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl create mode 100644 install/ubuntu/15.04/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl create mode 100644 install/ubuntu/15.04/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl create mode 100644 install/ubuntu/15.10/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl create mode 100644 install/ubuntu/15.10/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl create mode 100644 install/ubuntu/16.04/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl create mode 100644 install/ubuntu/16.04/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl create mode 100644 install/ubuntu/16.10/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl create mode 100644 install/ubuntu/16.10/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl diff --git a/install/debian/7/templates/web/nginx/php5-fpm/wordpress2_wp_super_cache.stpl b/install/debian/7/templates/web/nginx/php5-fpm/wordpress2_wp_super_cache.stpl new file mode 100644 index 00000000..f33ed507 --- /dev/null +++ b/install/debian/7/templates/web/nginx/php5-fpm/wordpress2_wp_super_cache.stpl @@ -0,0 +1,89 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + set $cache_uri $request_uri; + + if ($request_method = POST) { + set $cache_uri 'null cache'; + } + + if ($query_string != "") { + set $cache_uri 'null cache'; + } + + if ($request_uri ~* "(/wp-admin/|/xmlrpc.php|/wp-(app|cron|login|register|mail).php + |wp-.*.php|/feed/|index.php|wp-comments-popup.php + |wp-links-opml.php|wp-locations.php |sitemap(_index)?.xml + |[a-z0-9_-]+-sitemap([0-9]+)?.xml)") { + set $cache_uri 'null cache'; + } + + if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+ + |wp-postpass|wordpress_logged_in|woocommerce_cart_hash|woocommerce_items_in_cart|wp_woocommerce_session_") { + set $cache_uri 'null cache'; + } + + location / { + try_files /wp-content/cache/supercache/$http_host/$cache_uri/index-https.html $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/debian/7/templates/web/nginx/php5-fpm/wordpress2_wp_super_cache.tpl b/install/debian/7/templates/web/nginx/php5-fpm/wordpress2_wp_super_cache.tpl new file mode 100644 index 00000000..c0a5239e --- /dev/null +++ b/install/debian/7/templates/web/nginx/php5-fpm/wordpress2_wp_super_cache.tpl @@ -0,0 +1,85 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + set $cache_uri $request_uri; + + if ($request_method = POST) { + set $cache_uri 'null cache'; + } + + if ($query_string != "") { + set $cache_uri 'null cache'; + } + + if ($request_uri ~* "(/wp-admin/|/xmlrpc.php|/wp-(app|cron|login|register|mail).php + |wp-.*.php|/feed/|index.php|wp-comments-popup.php + |wp-links-opml.php|wp-locations.php |sitemap(_index)?.xml + |[a-z0-9_-]+-sitemap([0-9]+)?.xml)") { + set $cache_uri 'null cache'; + } + + if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+ + |wp-postpass|wordpress_logged_in|woocommerce_cart_hash|woocommerce_items_in_cart|wp_woocommerce_session_") { + set $cache_uri 'null cache'; + } + + location / { + try_files /wp-content/cache/supercache/$http_host/$cache_uri/index.html $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/8/templates/web/nginx/php5-fpm/wordpress2_wp_super_cache.stpl b/install/debian/8/templates/web/nginx/php5-fpm/wordpress2_wp_super_cache.stpl new file mode 100644 index 00000000..f33ed507 --- /dev/null +++ b/install/debian/8/templates/web/nginx/php5-fpm/wordpress2_wp_super_cache.stpl @@ -0,0 +1,89 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + set $cache_uri $request_uri; + + if ($request_method = POST) { + set $cache_uri 'null cache'; + } + + if ($query_string != "") { + set $cache_uri 'null cache'; + } + + if ($request_uri ~* "(/wp-admin/|/xmlrpc.php|/wp-(app|cron|login|register|mail).php + |wp-.*.php|/feed/|index.php|wp-comments-popup.php + |wp-links-opml.php|wp-locations.php |sitemap(_index)?.xml + |[a-z0-9_-]+-sitemap([0-9]+)?.xml)") { + set $cache_uri 'null cache'; + } + + if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+ + |wp-postpass|wordpress_logged_in|woocommerce_cart_hash|woocommerce_items_in_cart|wp_woocommerce_session_") { + set $cache_uri 'null cache'; + } + + location / { + try_files /wp-content/cache/supercache/$http_host/$cache_uri/index-https.html $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/debian/8/templates/web/nginx/php5-fpm/wordpress2_wp_super_cache.tpl b/install/debian/8/templates/web/nginx/php5-fpm/wordpress2_wp_super_cache.tpl new file mode 100644 index 00000000..c0a5239e --- /dev/null +++ b/install/debian/8/templates/web/nginx/php5-fpm/wordpress2_wp_super_cache.tpl @@ -0,0 +1,85 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + set $cache_uri $request_uri; + + if ($request_method = POST) { + set $cache_uri 'null cache'; + } + + if ($query_string != "") { + set $cache_uri 'null cache'; + } + + if ($request_uri ~* "(/wp-admin/|/xmlrpc.php|/wp-(app|cron|login|register|mail).php + |wp-.*.php|/feed/|index.php|wp-comments-popup.php + |wp-links-opml.php|wp-locations.php |sitemap(_index)?.xml + |[a-z0-9_-]+-sitemap([0-9]+)?.xml)") { + set $cache_uri 'null cache'; + } + + if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+ + |wp-postpass|wordpress_logged_in|woocommerce_cart_hash|woocommerce_items_in_cart|wp_woocommerce_session_") { + set $cache_uri 'null cache'; + } + + location / { + try_files /wp-content/cache/supercache/$http_host/$cache_uri/index.html $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/9/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl b/install/debian/9/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl new file mode 100644 index 00000000..f33ed507 --- /dev/null +++ b/install/debian/9/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl @@ -0,0 +1,89 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + set $cache_uri $request_uri; + + if ($request_method = POST) { + set $cache_uri 'null cache'; + } + + if ($query_string != "") { + set $cache_uri 'null cache'; + } + + if ($request_uri ~* "(/wp-admin/|/xmlrpc.php|/wp-(app|cron|login|register|mail).php + |wp-.*.php|/feed/|index.php|wp-comments-popup.php + |wp-links-opml.php|wp-locations.php |sitemap(_index)?.xml + |[a-z0-9_-]+-sitemap([0-9]+)?.xml)") { + set $cache_uri 'null cache'; + } + + if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+ + |wp-postpass|wordpress_logged_in|woocommerce_cart_hash|woocommerce_items_in_cart|wp_woocommerce_session_") { + set $cache_uri 'null cache'; + } + + location / { + try_files /wp-content/cache/supercache/$http_host/$cache_uri/index-https.html $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/debian/9/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl b/install/debian/9/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl new file mode 100644 index 00000000..c0a5239e --- /dev/null +++ b/install/debian/9/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl @@ -0,0 +1,85 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + set $cache_uri $request_uri; + + if ($request_method = POST) { + set $cache_uri 'null cache'; + } + + if ($query_string != "") { + set $cache_uri 'null cache'; + } + + if ($request_uri ~* "(/wp-admin/|/xmlrpc.php|/wp-(app|cron|login|register|mail).php + |wp-.*.php|/feed/|index.php|wp-comments-popup.php + |wp-links-opml.php|wp-locations.php |sitemap(_index)?.xml + |[a-z0-9_-]+-sitemap([0-9]+)?.xml)") { + set $cache_uri 'null cache'; + } + + if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+ + |wp-postpass|wordpress_logged_in|woocommerce_cart_hash|woocommerce_items_in_cart|wp_woocommerce_session_") { + set $cache_uri 'null cache'; + } + + location / { + try_files /wp-content/cache/supercache/$http_host/$cache_uri/index.html $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/5/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl b/install/rhel/5/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl new file mode 100644 index 00000000..f33ed507 --- /dev/null +++ b/install/rhel/5/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl @@ -0,0 +1,89 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + set $cache_uri $request_uri; + + if ($request_method = POST) { + set $cache_uri 'null cache'; + } + + if ($query_string != "") { + set $cache_uri 'null cache'; + } + + if ($request_uri ~* "(/wp-admin/|/xmlrpc.php|/wp-(app|cron|login|register|mail).php + |wp-.*.php|/feed/|index.php|wp-comments-popup.php + |wp-links-opml.php|wp-locations.php |sitemap(_index)?.xml + |[a-z0-9_-]+-sitemap([0-9]+)?.xml)") { + set $cache_uri 'null cache'; + } + + if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+ + |wp-postpass|wordpress_logged_in|woocommerce_cart_hash|woocommerce_items_in_cart|wp_woocommerce_session_") { + set $cache_uri 'null cache'; + } + + location / { + try_files /wp-content/cache/supercache/$http_host/$cache_uri/index-https.html $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/rhel/5/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl b/install/rhel/5/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl new file mode 100644 index 00000000..c0a5239e --- /dev/null +++ b/install/rhel/5/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl @@ -0,0 +1,85 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + set $cache_uri $request_uri; + + if ($request_method = POST) { + set $cache_uri 'null cache'; + } + + if ($query_string != "") { + set $cache_uri 'null cache'; + } + + if ($request_uri ~* "(/wp-admin/|/xmlrpc.php|/wp-(app|cron|login|register|mail).php + |wp-.*.php|/feed/|index.php|wp-comments-popup.php + |wp-links-opml.php|wp-locations.php |sitemap(_index)?.xml + |[a-z0-9_-]+-sitemap([0-9]+)?.xml)") { + set $cache_uri 'null cache'; + } + + if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+ + |wp-postpass|wordpress_logged_in|woocommerce_cart_hash|woocommerce_items_in_cart|wp_woocommerce_session_") { + set $cache_uri 'null cache'; + } + + location / { + try_files /wp-content/cache/supercache/$http_host/$cache_uri/index.html $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/6/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl b/install/rhel/6/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl new file mode 100644 index 00000000..f33ed507 --- /dev/null +++ b/install/rhel/6/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl @@ -0,0 +1,89 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + set $cache_uri $request_uri; + + if ($request_method = POST) { + set $cache_uri 'null cache'; + } + + if ($query_string != "") { + set $cache_uri 'null cache'; + } + + if ($request_uri ~* "(/wp-admin/|/xmlrpc.php|/wp-(app|cron|login|register|mail).php + |wp-.*.php|/feed/|index.php|wp-comments-popup.php + |wp-links-opml.php|wp-locations.php |sitemap(_index)?.xml + |[a-z0-9_-]+-sitemap([0-9]+)?.xml)") { + set $cache_uri 'null cache'; + } + + if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+ + |wp-postpass|wordpress_logged_in|woocommerce_cart_hash|woocommerce_items_in_cart|wp_woocommerce_session_") { + set $cache_uri 'null cache'; + } + + location / { + try_files /wp-content/cache/supercache/$http_host/$cache_uri/index-https.html $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/rhel/6/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl b/install/rhel/6/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl new file mode 100644 index 00000000..c0a5239e --- /dev/null +++ b/install/rhel/6/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl @@ -0,0 +1,85 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + set $cache_uri $request_uri; + + if ($request_method = POST) { + set $cache_uri 'null cache'; + } + + if ($query_string != "") { + set $cache_uri 'null cache'; + } + + if ($request_uri ~* "(/wp-admin/|/xmlrpc.php|/wp-(app|cron|login|register|mail).php + |wp-.*.php|/feed/|index.php|wp-comments-popup.php + |wp-links-opml.php|wp-locations.php |sitemap(_index)?.xml + |[a-z0-9_-]+-sitemap([0-9]+)?.xml)") { + set $cache_uri 'null cache'; + } + + if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+ + |wp-postpass|wordpress_logged_in|woocommerce_cart_hash|woocommerce_items_in_cart|wp_woocommerce_session_") { + set $cache_uri 'null cache'; + } + + location / { + try_files /wp-content/cache/supercache/$http_host/$cache_uri/index.html $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.04/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl b/install/ubuntu/12.04/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl new file mode 100644 index 00000000..f33ed507 --- /dev/null +++ b/install/ubuntu/12.04/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl @@ -0,0 +1,89 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + set $cache_uri $request_uri; + + if ($request_method = POST) { + set $cache_uri 'null cache'; + } + + if ($query_string != "") { + set $cache_uri 'null cache'; + } + + if ($request_uri ~* "(/wp-admin/|/xmlrpc.php|/wp-(app|cron|login|register|mail).php + |wp-.*.php|/feed/|index.php|wp-comments-popup.php + |wp-links-opml.php|wp-locations.php |sitemap(_index)?.xml + |[a-z0-9_-]+-sitemap([0-9]+)?.xml)") { + set $cache_uri 'null cache'; + } + + if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+ + |wp-postpass|wordpress_logged_in|woocommerce_cart_hash|woocommerce_items_in_cart|wp_woocommerce_session_") { + set $cache_uri 'null cache'; + } + + location / { + try_files /wp-content/cache/supercache/$http_host/$cache_uri/index-https.html $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.04/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl b/install/ubuntu/12.04/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl new file mode 100644 index 00000000..c0a5239e --- /dev/null +++ b/install/ubuntu/12.04/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl @@ -0,0 +1,85 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + set $cache_uri $request_uri; + + if ($request_method = POST) { + set $cache_uri 'null cache'; + } + + if ($query_string != "") { + set $cache_uri 'null cache'; + } + + if ($request_uri ~* "(/wp-admin/|/xmlrpc.php|/wp-(app|cron|login|register|mail).php + |wp-.*.php|/feed/|index.php|wp-comments-popup.php + |wp-links-opml.php|wp-locations.php |sitemap(_index)?.xml + |[a-z0-9_-]+-sitemap([0-9]+)?.xml)") { + set $cache_uri 'null cache'; + } + + if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+ + |wp-postpass|wordpress_logged_in|woocommerce_cart_hash|woocommerce_items_in_cart|wp_woocommerce_session_") { + set $cache_uri 'null cache'; + } + + location / { + try_files /wp-content/cache/supercache/$http_host/$cache_uri/index.html $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.10/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl b/install/ubuntu/12.10/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl new file mode 100644 index 00000000..f33ed507 --- /dev/null +++ b/install/ubuntu/12.10/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl @@ -0,0 +1,89 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + set $cache_uri $request_uri; + + if ($request_method = POST) { + set $cache_uri 'null cache'; + } + + if ($query_string != "") { + set $cache_uri 'null cache'; + } + + if ($request_uri ~* "(/wp-admin/|/xmlrpc.php|/wp-(app|cron|login|register|mail).php + |wp-.*.php|/feed/|index.php|wp-comments-popup.php + |wp-links-opml.php|wp-locations.php |sitemap(_index)?.xml + |[a-z0-9_-]+-sitemap([0-9]+)?.xml)") { + set $cache_uri 'null cache'; + } + + if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+ + |wp-postpass|wordpress_logged_in|woocommerce_cart_hash|woocommerce_items_in_cart|wp_woocommerce_session_") { + set $cache_uri 'null cache'; + } + + location / { + try_files /wp-content/cache/supercache/$http_host/$cache_uri/index-https.html $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.10/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl b/install/ubuntu/12.10/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl new file mode 100644 index 00000000..c0a5239e --- /dev/null +++ b/install/ubuntu/12.10/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl @@ -0,0 +1,85 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + set $cache_uri $request_uri; + + if ($request_method = POST) { + set $cache_uri 'null cache'; + } + + if ($query_string != "") { + set $cache_uri 'null cache'; + } + + if ($request_uri ~* "(/wp-admin/|/xmlrpc.php|/wp-(app|cron|login|register|mail).php + |wp-.*.php|/feed/|index.php|wp-comments-popup.php + |wp-links-opml.php|wp-locations.php |sitemap(_index)?.xml + |[a-z0-9_-]+-sitemap([0-9]+)?.xml)") { + set $cache_uri 'null cache'; + } + + if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+ + |wp-postpass|wordpress_logged_in|woocommerce_cart_hash|woocommerce_items_in_cart|wp_woocommerce_session_") { + set $cache_uri 'null cache'; + } + + location / { + try_files /wp-content/cache/supercache/$http_host/$cache_uri/index.html $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.04/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl b/install/ubuntu/13.04/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl new file mode 100644 index 00000000..f33ed507 --- /dev/null +++ b/install/ubuntu/13.04/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl @@ -0,0 +1,89 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + set $cache_uri $request_uri; + + if ($request_method = POST) { + set $cache_uri 'null cache'; + } + + if ($query_string != "") { + set $cache_uri 'null cache'; + } + + if ($request_uri ~* "(/wp-admin/|/xmlrpc.php|/wp-(app|cron|login|register|mail).php + |wp-.*.php|/feed/|index.php|wp-comments-popup.php + |wp-links-opml.php|wp-locations.php |sitemap(_index)?.xml + |[a-z0-9_-]+-sitemap([0-9]+)?.xml)") { + set $cache_uri 'null cache'; + } + + if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+ + |wp-postpass|wordpress_logged_in|woocommerce_cart_hash|woocommerce_items_in_cart|wp_woocommerce_session_") { + set $cache_uri 'null cache'; + } + + location / { + try_files /wp-content/cache/supercache/$http_host/$cache_uri/index-https.html $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.04/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl b/install/ubuntu/13.04/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl new file mode 100644 index 00000000..c0a5239e --- /dev/null +++ b/install/ubuntu/13.04/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl @@ -0,0 +1,85 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + set $cache_uri $request_uri; + + if ($request_method = POST) { + set $cache_uri 'null cache'; + } + + if ($query_string != "") { + set $cache_uri 'null cache'; + } + + if ($request_uri ~* "(/wp-admin/|/xmlrpc.php|/wp-(app|cron|login|register|mail).php + |wp-.*.php|/feed/|index.php|wp-comments-popup.php + |wp-links-opml.php|wp-locations.php |sitemap(_index)?.xml + |[a-z0-9_-]+-sitemap([0-9]+)?.xml)") { + set $cache_uri 'null cache'; + } + + if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+ + |wp-postpass|wordpress_logged_in|woocommerce_cart_hash|woocommerce_items_in_cart|wp_woocommerce_session_") { + set $cache_uri 'null cache'; + } + + location / { + try_files /wp-content/cache/supercache/$http_host/$cache_uri/index.html $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.10/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl b/install/ubuntu/13.10/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl new file mode 100644 index 00000000..f33ed507 --- /dev/null +++ b/install/ubuntu/13.10/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl @@ -0,0 +1,89 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + set $cache_uri $request_uri; + + if ($request_method = POST) { + set $cache_uri 'null cache'; + } + + if ($query_string != "") { + set $cache_uri 'null cache'; + } + + if ($request_uri ~* "(/wp-admin/|/xmlrpc.php|/wp-(app|cron|login|register|mail).php + |wp-.*.php|/feed/|index.php|wp-comments-popup.php + |wp-links-opml.php|wp-locations.php |sitemap(_index)?.xml + |[a-z0-9_-]+-sitemap([0-9]+)?.xml)") { + set $cache_uri 'null cache'; + } + + if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+ + |wp-postpass|wordpress_logged_in|woocommerce_cart_hash|woocommerce_items_in_cart|wp_woocommerce_session_") { + set $cache_uri 'null cache'; + } + + location / { + try_files /wp-content/cache/supercache/$http_host/$cache_uri/index-https.html $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.10/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl b/install/ubuntu/13.10/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl new file mode 100644 index 00000000..c0a5239e --- /dev/null +++ b/install/ubuntu/13.10/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl @@ -0,0 +1,85 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + set $cache_uri $request_uri; + + if ($request_method = POST) { + set $cache_uri 'null cache'; + } + + if ($query_string != "") { + set $cache_uri 'null cache'; + } + + if ($request_uri ~* "(/wp-admin/|/xmlrpc.php|/wp-(app|cron|login|register|mail).php + |wp-.*.php|/feed/|index.php|wp-comments-popup.php + |wp-links-opml.php|wp-locations.php |sitemap(_index)?.xml + |[a-z0-9_-]+-sitemap([0-9]+)?.xml)") { + set $cache_uri 'null cache'; + } + + if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+ + |wp-postpass|wordpress_logged_in|woocommerce_cart_hash|woocommerce_items_in_cart|wp_woocommerce_session_") { + set $cache_uri 'null cache'; + } + + location / { + try_files /wp-content/cache/supercache/$http_host/$cache_uri/index.html $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.04/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl b/install/ubuntu/14.04/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl new file mode 100644 index 00000000..f33ed507 --- /dev/null +++ b/install/ubuntu/14.04/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl @@ -0,0 +1,89 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + set $cache_uri $request_uri; + + if ($request_method = POST) { + set $cache_uri 'null cache'; + } + + if ($query_string != "") { + set $cache_uri 'null cache'; + } + + if ($request_uri ~* "(/wp-admin/|/xmlrpc.php|/wp-(app|cron|login|register|mail).php + |wp-.*.php|/feed/|index.php|wp-comments-popup.php + |wp-links-opml.php|wp-locations.php |sitemap(_index)?.xml + |[a-z0-9_-]+-sitemap([0-9]+)?.xml)") { + set $cache_uri 'null cache'; + } + + if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+ + |wp-postpass|wordpress_logged_in|woocommerce_cart_hash|woocommerce_items_in_cart|wp_woocommerce_session_") { + set $cache_uri 'null cache'; + } + + location / { + try_files /wp-content/cache/supercache/$http_host/$cache_uri/index-https.html $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.04/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl b/install/ubuntu/14.04/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl new file mode 100644 index 00000000..c0a5239e --- /dev/null +++ b/install/ubuntu/14.04/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl @@ -0,0 +1,85 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + set $cache_uri $request_uri; + + if ($request_method = POST) { + set $cache_uri 'null cache'; + } + + if ($query_string != "") { + set $cache_uri 'null cache'; + } + + if ($request_uri ~* "(/wp-admin/|/xmlrpc.php|/wp-(app|cron|login|register|mail).php + |wp-.*.php|/feed/|index.php|wp-comments-popup.php + |wp-links-opml.php|wp-locations.php |sitemap(_index)?.xml + |[a-z0-9_-]+-sitemap([0-9]+)?.xml)") { + set $cache_uri 'null cache'; + } + + if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+ + |wp-postpass|wordpress_logged_in|woocommerce_cart_hash|woocommerce_items_in_cart|wp_woocommerce_session_") { + set $cache_uri 'null cache'; + } + + location / { + try_files /wp-content/cache/supercache/$http_host/$cache_uri/index.html $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.10/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl b/install/ubuntu/14.10/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl new file mode 100644 index 00000000..f33ed507 --- /dev/null +++ b/install/ubuntu/14.10/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl @@ -0,0 +1,89 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + set $cache_uri $request_uri; + + if ($request_method = POST) { + set $cache_uri 'null cache'; + } + + if ($query_string != "") { + set $cache_uri 'null cache'; + } + + if ($request_uri ~* "(/wp-admin/|/xmlrpc.php|/wp-(app|cron|login|register|mail).php + |wp-.*.php|/feed/|index.php|wp-comments-popup.php + |wp-links-opml.php|wp-locations.php |sitemap(_index)?.xml + |[a-z0-9_-]+-sitemap([0-9]+)?.xml)") { + set $cache_uri 'null cache'; + } + + if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+ + |wp-postpass|wordpress_logged_in|woocommerce_cart_hash|woocommerce_items_in_cart|wp_woocommerce_session_") { + set $cache_uri 'null cache'; + } + + location / { + try_files /wp-content/cache/supercache/$http_host/$cache_uri/index-https.html $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.10/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl b/install/ubuntu/14.10/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl new file mode 100644 index 00000000..c0a5239e --- /dev/null +++ b/install/ubuntu/14.10/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl @@ -0,0 +1,85 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + set $cache_uri $request_uri; + + if ($request_method = POST) { + set $cache_uri 'null cache'; + } + + if ($query_string != "") { + set $cache_uri 'null cache'; + } + + if ($request_uri ~* "(/wp-admin/|/xmlrpc.php|/wp-(app|cron|login|register|mail).php + |wp-.*.php|/feed/|index.php|wp-comments-popup.php + |wp-links-opml.php|wp-locations.php |sitemap(_index)?.xml + |[a-z0-9_-]+-sitemap([0-9]+)?.xml)") { + set $cache_uri 'null cache'; + } + + if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+ + |wp-postpass|wordpress_logged_in|woocommerce_cart_hash|woocommerce_items_in_cart|wp_woocommerce_session_") { + set $cache_uri 'null cache'; + } + + location / { + try_files /wp-content/cache/supercache/$http_host/$cache_uri/index.html $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/15.04/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl b/install/ubuntu/15.04/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl new file mode 100644 index 00000000..f33ed507 --- /dev/null +++ b/install/ubuntu/15.04/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl @@ -0,0 +1,89 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + set $cache_uri $request_uri; + + if ($request_method = POST) { + set $cache_uri 'null cache'; + } + + if ($query_string != "") { + set $cache_uri 'null cache'; + } + + if ($request_uri ~* "(/wp-admin/|/xmlrpc.php|/wp-(app|cron|login|register|mail).php + |wp-.*.php|/feed/|index.php|wp-comments-popup.php + |wp-links-opml.php|wp-locations.php |sitemap(_index)?.xml + |[a-z0-9_-]+-sitemap([0-9]+)?.xml)") { + set $cache_uri 'null cache'; + } + + if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+ + |wp-postpass|wordpress_logged_in|woocommerce_cart_hash|woocommerce_items_in_cart|wp_woocommerce_session_") { + set $cache_uri 'null cache'; + } + + location / { + try_files /wp-content/cache/supercache/$http_host/$cache_uri/index-https.html $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/15.04/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl b/install/ubuntu/15.04/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl new file mode 100644 index 00000000..c0a5239e --- /dev/null +++ b/install/ubuntu/15.04/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl @@ -0,0 +1,85 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + set $cache_uri $request_uri; + + if ($request_method = POST) { + set $cache_uri 'null cache'; + } + + if ($query_string != "") { + set $cache_uri 'null cache'; + } + + if ($request_uri ~* "(/wp-admin/|/xmlrpc.php|/wp-(app|cron|login|register|mail).php + |wp-.*.php|/feed/|index.php|wp-comments-popup.php + |wp-links-opml.php|wp-locations.php |sitemap(_index)?.xml + |[a-z0-9_-]+-sitemap([0-9]+)?.xml)") { + set $cache_uri 'null cache'; + } + + if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+ + |wp-postpass|wordpress_logged_in|woocommerce_cart_hash|woocommerce_items_in_cart|wp_woocommerce_session_") { + set $cache_uri 'null cache'; + } + + location / { + try_files /wp-content/cache/supercache/$http_host/$cache_uri/index.html $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/15.10/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl b/install/ubuntu/15.10/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl new file mode 100644 index 00000000..f33ed507 --- /dev/null +++ b/install/ubuntu/15.10/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl @@ -0,0 +1,89 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + set $cache_uri $request_uri; + + if ($request_method = POST) { + set $cache_uri 'null cache'; + } + + if ($query_string != "") { + set $cache_uri 'null cache'; + } + + if ($request_uri ~* "(/wp-admin/|/xmlrpc.php|/wp-(app|cron|login|register|mail).php + |wp-.*.php|/feed/|index.php|wp-comments-popup.php + |wp-links-opml.php|wp-locations.php |sitemap(_index)?.xml + |[a-z0-9_-]+-sitemap([0-9]+)?.xml)") { + set $cache_uri 'null cache'; + } + + if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+ + |wp-postpass|wordpress_logged_in|woocommerce_cart_hash|woocommerce_items_in_cart|wp_woocommerce_session_") { + set $cache_uri 'null cache'; + } + + location / { + try_files /wp-content/cache/supercache/$http_host/$cache_uri/index-https.html $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/15.10/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl b/install/ubuntu/15.10/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl new file mode 100644 index 00000000..c0a5239e --- /dev/null +++ b/install/ubuntu/15.10/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl @@ -0,0 +1,85 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + set $cache_uri $request_uri; + + if ($request_method = POST) { + set $cache_uri 'null cache'; + } + + if ($query_string != "") { + set $cache_uri 'null cache'; + } + + if ($request_uri ~* "(/wp-admin/|/xmlrpc.php|/wp-(app|cron|login|register|mail).php + |wp-.*.php|/feed/|index.php|wp-comments-popup.php + |wp-links-opml.php|wp-locations.php |sitemap(_index)?.xml + |[a-z0-9_-]+-sitemap([0-9]+)?.xml)") { + set $cache_uri 'null cache'; + } + + if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+ + |wp-postpass|wordpress_logged_in|woocommerce_cart_hash|woocommerce_items_in_cart|wp_woocommerce_session_") { + set $cache_uri 'null cache'; + } + + location / { + try_files /wp-content/cache/supercache/$http_host/$cache_uri/index.html $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/16.04/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl b/install/ubuntu/16.04/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl new file mode 100644 index 00000000..f33ed507 --- /dev/null +++ b/install/ubuntu/16.04/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl @@ -0,0 +1,89 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + set $cache_uri $request_uri; + + if ($request_method = POST) { + set $cache_uri 'null cache'; + } + + if ($query_string != "") { + set $cache_uri 'null cache'; + } + + if ($request_uri ~* "(/wp-admin/|/xmlrpc.php|/wp-(app|cron|login|register|mail).php + |wp-.*.php|/feed/|index.php|wp-comments-popup.php + |wp-links-opml.php|wp-locations.php |sitemap(_index)?.xml + |[a-z0-9_-]+-sitemap([0-9]+)?.xml)") { + set $cache_uri 'null cache'; + } + + if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+ + |wp-postpass|wordpress_logged_in|woocommerce_cart_hash|woocommerce_items_in_cart|wp_woocommerce_session_") { + set $cache_uri 'null cache'; + } + + location / { + try_files /wp-content/cache/supercache/$http_host/$cache_uri/index-https.html $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/16.04/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl b/install/ubuntu/16.04/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl new file mode 100644 index 00000000..c0a5239e --- /dev/null +++ b/install/ubuntu/16.04/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl @@ -0,0 +1,85 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + set $cache_uri $request_uri; + + if ($request_method = POST) { + set $cache_uri 'null cache'; + } + + if ($query_string != "") { + set $cache_uri 'null cache'; + } + + if ($request_uri ~* "(/wp-admin/|/xmlrpc.php|/wp-(app|cron|login|register|mail).php + |wp-.*.php|/feed/|index.php|wp-comments-popup.php + |wp-links-opml.php|wp-locations.php |sitemap(_index)?.xml + |[a-z0-9_-]+-sitemap([0-9]+)?.xml)") { + set $cache_uri 'null cache'; + } + + if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+ + |wp-postpass|wordpress_logged_in|woocommerce_cart_hash|woocommerce_items_in_cart|wp_woocommerce_session_") { + set $cache_uri 'null cache'; + } + + location / { + try_files /wp-content/cache/supercache/$http_host/$cache_uri/index.html $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/16.10/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl b/install/ubuntu/16.10/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl new file mode 100644 index 00000000..f33ed507 --- /dev/null +++ b/install/ubuntu/16.10/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.stpl @@ -0,0 +1,89 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + set $cache_uri $request_uri; + + if ($request_method = POST) { + set $cache_uri 'null cache'; + } + + if ($query_string != "") { + set $cache_uri 'null cache'; + } + + if ($request_uri ~* "(/wp-admin/|/xmlrpc.php|/wp-(app|cron|login|register|mail).php + |wp-.*.php|/feed/|index.php|wp-comments-popup.php + |wp-links-opml.php|wp-locations.php |sitemap(_index)?.xml + |[a-z0-9_-]+-sitemap([0-9]+)?.xml)") { + set $cache_uri 'null cache'; + } + + if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+ + |wp-postpass|wordpress_logged_in|woocommerce_cart_hash|woocommerce_items_in_cart|wp_woocommerce_session_") { + set $cache_uri 'null cache'; + } + + location / { + try_files /wp-content/cache/supercache/$http_host/$cache_uri/index-https.html $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/16.10/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl b/install/ubuntu/16.10/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl new file mode 100644 index 00000000..c0a5239e --- /dev/null +++ b/install/ubuntu/16.10/templates/web/nginx/php-fpm/wordpress2_wp_super_cache.tpl @@ -0,0 +1,85 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + set $cache_uri $request_uri; + + if ($request_method = POST) { + set $cache_uri 'null cache'; + } + + if ($query_string != "") { + set $cache_uri 'null cache'; + } + + if ($request_uri ~* "(/wp-admin/|/xmlrpc.php|/wp-(app|cron|login|register|mail).php + |wp-.*.php|/feed/|index.php|wp-comments-popup.php + |wp-links-opml.php|wp-locations.php |sitemap(_index)?.xml + |[a-z0-9_-]+-sitemap([0-9]+)?.xml)") { + set $cache_uri 'null cache'; + } + + if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+ + |wp-postpass|wordpress_logged_in|woocommerce_cart_hash|woocommerce_items_in_cart|wp_woocommerce_session_") { + set $cache_uri 'null cache'; + } + + location / { + try_files /wp-content/cache/supercache/$http_host/$cache_uri/index.html $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} From 37c69b8f4cd087d8d406ab3de766ad11564b978b Mon Sep 17 00:00:00 2001 From: Marcos Date: Mon, 21 May 2018 03:41:46 +0200 Subject: [PATCH 011/197] Don't exclude "logs" folder recursively --- bin/v-backup-user | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/bin/v-backup-user b/bin/v-backup-user index cc28a1c8..a68778f2 100755 --- a/bin/v-backup-user +++ b/bin/v-backup-user @@ -229,7 +229,7 @@ if [ ! -z "$WEB_SYSTEM" ] && [ "$WEB" != '*' ]; then # Backup files cd $HOMEDIR/$user/web/$domain - tar -cpf- * ${fargs[@]} |gzip -$BACKUP_GZIP - > $tmpdir/web/$domain/domain_data.tar.gz + tar --anchored -cpf- * ${fargs[@]} |gzip -$BACKUP_GZIP - > $tmpdir/web/$domain/domain_data.tar.gz done # Print total From d2d6b85d43a7b6afb96cf4d14de96638bae14908 Mon Sep 17 00:00:00 2001 From: Phinitnan Chanasabaeng Date: Tue, 7 Aug 2018 14:02:36 +0700 Subject: [PATCH 012/197] Fixed missing NGINX rewrite rule for Drupal 7 & 8 --- install/debian/7/templates/web/nginx/php5-fpm/drupal7.stpl | 4 ++++ install/debian/7/templates/web/nginx/php5-fpm/drupal7.tpl | 4 ++++ install/debian/7/templates/web/nginx/php5-fpm/drupal8.stpl | 4 ++++ install/debian/7/templates/web/nginx/php5-fpm/drupal8.tpl | 6 +++++- install/debian/8/templates/web/nginx/php5-fpm/drupal7.stpl | 4 ++++ install/debian/8/templates/web/nginx/php5-fpm/drupal7.tpl | 4 ++++ install/debian/8/templates/web/nginx/php5-fpm/drupal8.stpl | 4 ++++ install/debian/8/templates/web/nginx/php5-fpm/drupal8.tpl | 6 +++++- install/debian/9/templates/web/nginx/php-fpm/drupal7.stpl | 4 ++++ install/debian/9/templates/web/nginx/php-fpm/drupal7.tpl | 4 ++++ install/debian/9/templates/web/nginx/php-fpm/drupal8.stpl | 4 ++++ install/debian/9/templates/web/nginx/php-fpm/drupal8.tpl | 6 +++++- install/rhel/5/templates/web/nginx/php-fpm/drupal7.stpl | 4 ++++ install/rhel/5/templates/web/nginx/php-fpm/drupal7.tpl | 4 ++++ install/rhel/5/templates/web/nginx/php-fpm/drupal8.stpl | 4 ++++ install/rhel/5/templates/web/nginx/php-fpm/drupal8.tpl | 6 +++++- install/rhel/6/templates/web/nginx/php-fpm/drupal7.stpl | 4 ++++ install/rhel/6/templates/web/nginx/php-fpm/drupal7.tpl | 4 ++++ install/rhel/6/templates/web/nginx/php-fpm/drupal8.stpl | 4 ++++ install/rhel/6/templates/web/nginx/php-fpm/drupal8.tpl | 6 +++++- install/rhel/7/templates/web/nginx/php-fpm/drupal7.stpl | 4 ++++ install/rhel/7/templates/web/nginx/php-fpm/drupal7.tpl | 4 ++++ install/rhel/7/templates/web/nginx/php-fpm/drupal8.stpl | 4 ++++ install/rhel/7/templates/web/nginx/php-fpm/drupal8.tpl | 6 +++++- .../ubuntu/12.04/templates/web/nginx/php-fpm/drupal7.stpl | 4 ++++ .../ubuntu/12.04/templates/web/nginx/php-fpm/drupal7.tpl | 4 ++++ .../ubuntu/12.04/templates/web/nginx/php-fpm/drupal8.stpl | 4 ++++ .../ubuntu/12.04/templates/web/nginx/php-fpm/drupal8.tpl | 6 +++++- .../ubuntu/12.10/templates/web/nginx/php-fpm/drupal7.stpl | 4 ++++ .../ubuntu/12.10/templates/web/nginx/php-fpm/drupal7.tpl | 4 ++++ .../ubuntu/12.10/templates/web/nginx/php-fpm/drupal8.stpl | 4 ++++ .../ubuntu/12.10/templates/web/nginx/php-fpm/drupal8.tpl | 6 +++++- .../ubuntu/13.04/templates/web/nginx/php-fpm/drupal7.stpl | 4 ++++ .../ubuntu/13.04/templates/web/nginx/php-fpm/drupal7.tpl | 4 ++++ .../ubuntu/13.04/templates/web/nginx/php-fpm/drupal8.stpl | 4 ++++ .../ubuntu/13.04/templates/web/nginx/php-fpm/drupal8.tpl | 6 +++++- .../ubuntu/13.10/templates/web/nginx/php-fpm/drupal7.stpl | 4 ++++ .../ubuntu/13.10/templates/web/nginx/php-fpm/drupal7.tpl | 4 ++++ .../ubuntu/13.10/templates/web/nginx/php-fpm/drupal8.stpl | 4 ++++ .../ubuntu/13.10/templates/web/nginx/php-fpm/drupal8.tpl | 6 +++++- .../ubuntu/14.04/templates/web/nginx/php-fpm/drupal7.stpl | 4 ++++ .../ubuntu/14.04/templates/web/nginx/php-fpm/drupal7.tpl | 4 ++++ .../ubuntu/14.04/templates/web/nginx/php-fpm/drupal8.stpl | 4 ++++ .../ubuntu/14.04/templates/web/nginx/php-fpm/drupal8.tpl | 6 +++++- .../ubuntu/14.10/templates/web/nginx/php-fpm/drupal7.stpl | 4 ++++ .../ubuntu/14.10/templates/web/nginx/php-fpm/drupal7.tpl | 4 ++++ .../ubuntu/14.10/templates/web/nginx/php-fpm/drupal8.stpl | 4 ++++ .../ubuntu/14.10/templates/web/nginx/php-fpm/drupal8.tpl | 6 +++++- .../ubuntu/15.04/templates/web/nginx/php-fpm/drupal7.stpl | 4 ++++ .../ubuntu/15.04/templates/web/nginx/php-fpm/drupal7.tpl | 4 ++++ .../ubuntu/15.04/templates/web/nginx/php-fpm/drupal8.stpl | 4 ++++ .../ubuntu/15.04/templates/web/nginx/php-fpm/drupal8.tpl | 6 +++++- .../ubuntu/15.10/templates/web/nginx/php-fpm/drupal7.stpl | 4 ++++ .../ubuntu/15.10/templates/web/nginx/php-fpm/drupal7.tpl | 4 ++++ .../ubuntu/15.10/templates/web/nginx/php-fpm/drupal8.stpl | 4 ++++ .../ubuntu/15.10/templates/web/nginx/php-fpm/drupal8.tpl | 6 +++++- .../ubuntu/16.04/templates/web/nginx/php-fpm/drupal7.stpl | 4 ++++ .../ubuntu/16.04/templates/web/nginx/php-fpm/drupal7.tpl | 4 ++++ .../ubuntu/16.04/templates/web/nginx/php-fpm/drupal8.stpl | 4 ++++ .../ubuntu/16.04/templates/web/nginx/php-fpm/drupal8.tpl | 6 +++++- .../ubuntu/16.10/templates/web/nginx/php-fpm/drupal7.stpl | 4 ++++ .../ubuntu/16.10/templates/web/nginx/php-fpm/drupal7.tpl | 4 ++++ .../ubuntu/16.10/templates/web/nginx/php-fpm/drupal8.stpl | 4 ++++ .../ubuntu/16.10/templates/web/nginx/php-fpm/drupal8.tpl | 6 +++++- .../ubuntu/17.04/templates/web/nginx/php-fpm/drupal7.stpl | 4 ++++ .../ubuntu/17.04/templates/web/nginx/php-fpm/drupal7.tpl | 4 ++++ .../ubuntu/17.04/templates/web/nginx/php-fpm/drupal8.stpl | 4 ++++ .../ubuntu/17.04/templates/web/nginx/php-fpm/drupal8.tpl | 6 +++++- .../ubuntu/17.10/templates/web/nginx/php-fpm/drupal7.stpl | 4 ++++ .../ubuntu/17.10/templates/web/nginx/php-fpm/drupal7.tpl | 4 ++++ .../ubuntu/17.10/templates/web/nginx/php-fpm/drupal8.stpl | 4 ++++ .../ubuntu/17.10/templates/web/nginx/php-fpm/drupal8.tpl | 6 +++++- .../ubuntu/18.04/templates/web/nginx/php-fpm/drupal7.stpl | 4 ++++ .../ubuntu/18.04/templates/web/nginx/php-fpm/drupal7.tpl | 4 ++++ .../ubuntu/18.04/templates/web/nginx/php-fpm/drupal8.stpl | 4 ++++ .../ubuntu/18.04/templates/web/nginx/php-fpm/drupal8.tpl | 6 +++++- 76 files changed, 323 insertions(+), 19 deletions(-) diff --git a/install/debian/7/templates/web/nginx/php5-fpm/drupal7.stpl b/install/debian/7/templates/web/nginx/php5-fpm/drupal7.stpl index 030ea952..bdf97f65 100644 --- a/install/debian/7/templates/web/nginx/php5-fpm/drupal7.stpl +++ b/install/debian/7/templates/web/nginx/php5-fpm/drupal7.stpl @@ -48,6 +48,10 @@ server { return 404; } + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + location ~ ^/sites/.*/files/styles/ { try_files $uri @rewrite; } diff --git a/install/debian/7/templates/web/nginx/php5-fpm/drupal7.tpl b/install/debian/7/templates/web/nginx/php5-fpm/drupal7.tpl index c9729795..14f0c833 100644 --- a/install/debian/7/templates/web/nginx/php5-fpm/drupal7.tpl +++ b/install/debian/7/templates/web/nginx/php5-fpm/drupal7.tpl @@ -44,6 +44,10 @@ server { return 404; } + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + location ~ ^/sites/.*/files/styles/ { try_files $uri @rewrite; } diff --git a/install/debian/7/templates/web/nginx/php5-fpm/drupal8.stpl b/install/debian/7/templates/web/nginx/php5-fpm/drupal8.stpl index 030ea952..bdf97f65 100644 --- a/install/debian/7/templates/web/nginx/php5-fpm/drupal8.stpl +++ b/install/debian/7/templates/web/nginx/php5-fpm/drupal8.stpl @@ -48,6 +48,10 @@ server { return 404; } + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + location ~ ^/sites/.*/files/styles/ { try_files $uri @rewrite; } diff --git a/install/debian/7/templates/web/nginx/php5-fpm/drupal8.tpl b/install/debian/7/templates/web/nginx/php5-fpm/drupal8.tpl index c9729795..6d0e5bd6 100644 --- a/install/debian/7/templates/web/nginx/php5-fpm/drupal8.tpl +++ b/install/debian/7/templates/web/nginx/php5-fpm/drupal8.tpl @@ -42,7 +42,11 @@ server { location ~ /vendor/.*\.php$ { deny all; return 404; - } + } + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } location ~ ^/sites/.*/files/styles/ { try_files $uri @rewrite; diff --git a/install/debian/8/templates/web/nginx/php5-fpm/drupal7.stpl b/install/debian/8/templates/web/nginx/php5-fpm/drupal7.stpl index 030ea952..bdf97f65 100644 --- a/install/debian/8/templates/web/nginx/php5-fpm/drupal7.stpl +++ b/install/debian/8/templates/web/nginx/php5-fpm/drupal7.stpl @@ -48,6 +48,10 @@ server { return 404; } + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + location ~ ^/sites/.*/files/styles/ { try_files $uri @rewrite; } diff --git a/install/debian/8/templates/web/nginx/php5-fpm/drupal7.tpl b/install/debian/8/templates/web/nginx/php5-fpm/drupal7.tpl index c9729795..14f0c833 100644 --- a/install/debian/8/templates/web/nginx/php5-fpm/drupal7.tpl +++ b/install/debian/8/templates/web/nginx/php5-fpm/drupal7.tpl @@ -44,6 +44,10 @@ server { return 404; } + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + location ~ ^/sites/.*/files/styles/ { try_files $uri @rewrite; } diff --git a/install/debian/8/templates/web/nginx/php5-fpm/drupal8.stpl b/install/debian/8/templates/web/nginx/php5-fpm/drupal8.stpl index 030ea952..bdf97f65 100644 --- a/install/debian/8/templates/web/nginx/php5-fpm/drupal8.stpl +++ b/install/debian/8/templates/web/nginx/php5-fpm/drupal8.stpl @@ -48,6 +48,10 @@ server { return 404; } + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + location ~ ^/sites/.*/files/styles/ { try_files $uri @rewrite; } diff --git a/install/debian/8/templates/web/nginx/php5-fpm/drupal8.tpl b/install/debian/8/templates/web/nginx/php5-fpm/drupal8.tpl index c9729795..6d0e5bd6 100644 --- a/install/debian/8/templates/web/nginx/php5-fpm/drupal8.tpl +++ b/install/debian/8/templates/web/nginx/php5-fpm/drupal8.tpl @@ -42,7 +42,11 @@ server { location ~ /vendor/.*\.php$ { deny all; return 404; - } + } + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } location ~ ^/sites/.*/files/styles/ { try_files $uri @rewrite; diff --git a/install/debian/9/templates/web/nginx/php-fpm/drupal7.stpl b/install/debian/9/templates/web/nginx/php-fpm/drupal7.stpl index 030ea952..bdf97f65 100644 --- a/install/debian/9/templates/web/nginx/php-fpm/drupal7.stpl +++ b/install/debian/9/templates/web/nginx/php-fpm/drupal7.stpl @@ -48,6 +48,10 @@ server { return 404; } + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + location ~ ^/sites/.*/files/styles/ { try_files $uri @rewrite; } diff --git a/install/debian/9/templates/web/nginx/php-fpm/drupal7.tpl b/install/debian/9/templates/web/nginx/php-fpm/drupal7.tpl index c9729795..14f0c833 100644 --- a/install/debian/9/templates/web/nginx/php-fpm/drupal7.tpl +++ b/install/debian/9/templates/web/nginx/php-fpm/drupal7.tpl @@ -44,6 +44,10 @@ server { return 404; } + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + location ~ ^/sites/.*/files/styles/ { try_files $uri @rewrite; } diff --git a/install/debian/9/templates/web/nginx/php-fpm/drupal8.stpl b/install/debian/9/templates/web/nginx/php-fpm/drupal8.stpl index 030ea952..bdf97f65 100644 --- a/install/debian/9/templates/web/nginx/php-fpm/drupal8.stpl +++ b/install/debian/9/templates/web/nginx/php-fpm/drupal8.stpl @@ -48,6 +48,10 @@ server { return 404; } + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + location ~ ^/sites/.*/files/styles/ { try_files $uri @rewrite; } diff --git a/install/debian/9/templates/web/nginx/php-fpm/drupal8.tpl b/install/debian/9/templates/web/nginx/php-fpm/drupal8.tpl index c9729795..6d0e5bd6 100644 --- a/install/debian/9/templates/web/nginx/php-fpm/drupal8.tpl +++ b/install/debian/9/templates/web/nginx/php-fpm/drupal8.tpl @@ -42,7 +42,11 @@ server { location ~ /vendor/.*\.php$ { deny all; return 404; - } + } + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } location ~ ^/sites/.*/files/styles/ { try_files $uri @rewrite; diff --git a/install/rhel/5/templates/web/nginx/php-fpm/drupal7.stpl b/install/rhel/5/templates/web/nginx/php-fpm/drupal7.stpl index 030ea952..bdf97f65 100644 --- a/install/rhel/5/templates/web/nginx/php-fpm/drupal7.stpl +++ b/install/rhel/5/templates/web/nginx/php-fpm/drupal7.stpl @@ -48,6 +48,10 @@ server { return 404; } + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + location ~ ^/sites/.*/files/styles/ { try_files $uri @rewrite; } diff --git a/install/rhel/5/templates/web/nginx/php-fpm/drupal7.tpl b/install/rhel/5/templates/web/nginx/php-fpm/drupal7.tpl index c9729795..14f0c833 100644 --- a/install/rhel/5/templates/web/nginx/php-fpm/drupal7.tpl +++ b/install/rhel/5/templates/web/nginx/php-fpm/drupal7.tpl @@ -44,6 +44,10 @@ server { return 404; } + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + location ~ ^/sites/.*/files/styles/ { try_files $uri @rewrite; } diff --git a/install/rhel/5/templates/web/nginx/php-fpm/drupal8.stpl b/install/rhel/5/templates/web/nginx/php-fpm/drupal8.stpl index 030ea952..bdf97f65 100644 --- a/install/rhel/5/templates/web/nginx/php-fpm/drupal8.stpl +++ b/install/rhel/5/templates/web/nginx/php-fpm/drupal8.stpl @@ -48,6 +48,10 @@ server { return 404; } + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + location ~ ^/sites/.*/files/styles/ { try_files $uri @rewrite; } diff --git a/install/rhel/5/templates/web/nginx/php-fpm/drupal8.tpl b/install/rhel/5/templates/web/nginx/php-fpm/drupal8.tpl index c9729795..6d0e5bd6 100644 --- a/install/rhel/5/templates/web/nginx/php-fpm/drupal8.tpl +++ b/install/rhel/5/templates/web/nginx/php-fpm/drupal8.tpl @@ -42,7 +42,11 @@ server { location ~ /vendor/.*\.php$ { deny all; return 404; - } + } + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } location ~ ^/sites/.*/files/styles/ { try_files $uri @rewrite; diff --git a/install/rhel/6/templates/web/nginx/php-fpm/drupal7.stpl b/install/rhel/6/templates/web/nginx/php-fpm/drupal7.stpl index 030ea952..bdf97f65 100644 --- a/install/rhel/6/templates/web/nginx/php-fpm/drupal7.stpl +++ b/install/rhel/6/templates/web/nginx/php-fpm/drupal7.stpl @@ -48,6 +48,10 @@ server { return 404; } + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + location ~ ^/sites/.*/files/styles/ { try_files $uri @rewrite; } diff --git a/install/rhel/6/templates/web/nginx/php-fpm/drupal7.tpl b/install/rhel/6/templates/web/nginx/php-fpm/drupal7.tpl index c9729795..14f0c833 100644 --- a/install/rhel/6/templates/web/nginx/php-fpm/drupal7.tpl +++ b/install/rhel/6/templates/web/nginx/php-fpm/drupal7.tpl @@ -44,6 +44,10 @@ server { return 404; } + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + location ~ ^/sites/.*/files/styles/ { try_files $uri @rewrite; } diff --git a/install/rhel/6/templates/web/nginx/php-fpm/drupal8.stpl b/install/rhel/6/templates/web/nginx/php-fpm/drupal8.stpl index 030ea952..bdf97f65 100644 --- a/install/rhel/6/templates/web/nginx/php-fpm/drupal8.stpl +++ b/install/rhel/6/templates/web/nginx/php-fpm/drupal8.stpl @@ -48,6 +48,10 @@ server { return 404; } + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + location ~ ^/sites/.*/files/styles/ { try_files $uri @rewrite; } diff --git a/install/rhel/6/templates/web/nginx/php-fpm/drupal8.tpl b/install/rhel/6/templates/web/nginx/php-fpm/drupal8.tpl index c9729795..6d0e5bd6 100644 --- a/install/rhel/6/templates/web/nginx/php-fpm/drupal8.tpl +++ b/install/rhel/6/templates/web/nginx/php-fpm/drupal8.tpl @@ -42,7 +42,11 @@ server { location ~ /vendor/.*\.php$ { deny all; return 404; - } + } + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } location ~ ^/sites/.*/files/styles/ { try_files $uri @rewrite; diff --git a/install/rhel/7/templates/web/nginx/php-fpm/drupal7.stpl b/install/rhel/7/templates/web/nginx/php-fpm/drupal7.stpl index 030ea952..bdf97f65 100644 --- a/install/rhel/7/templates/web/nginx/php-fpm/drupal7.stpl +++ b/install/rhel/7/templates/web/nginx/php-fpm/drupal7.stpl @@ -48,6 +48,10 @@ server { return 404; } + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + location ~ ^/sites/.*/files/styles/ { try_files $uri @rewrite; } diff --git a/install/rhel/7/templates/web/nginx/php-fpm/drupal7.tpl b/install/rhel/7/templates/web/nginx/php-fpm/drupal7.tpl index c9729795..14f0c833 100644 --- a/install/rhel/7/templates/web/nginx/php-fpm/drupal7.tpl +++ b/install/rhel/7/templates/web/nginx/php-fpm/drupal7.tpl @@ -44,6 +44,10 @@ server { return 404; } + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + location ~ ^/sites/.*/files/styles/ { try_files $uri @rewrite; } diff --git a/install/rhel/7/templates/web/nginx/php-fpm/drupal8.stpl b/install/rhel/7/templates/web/nginx/php-fpm/drupal8.stpl index 030ea952..bdf97f65 100644 --- a/install/rhel/7/templates/web/nginx/php-fpm/drupal8.stpl +++ b/install/rhel/7/templates/web/nginx/php-fpm/drupal8.stpl @@ -48,6 +48,10 @@ server { return 404; } + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + location ~ ^/sites/.*/files/styles/ { try_files $uri @rewrite; } diff --git a/install/rhel/7/templates/web/nginx/php-fpm/drupal8.tpl b/install/rhel/7/templates/web/nginx/php-fpm/drupal8.tpl index c9729795..6d0e5bd6 100644 --- a/install/rhel/7/templates/web/nginx/php-fpm/drupal8.tpl +++ b/install/rhel/7/templates/web/nginx/php-fpm/drupal8.tpl @@ -42,7 +42,11 @@ server { location ~ /vendor/.*\.php$ { deny all; return 404; - } + } + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } location ~ ^/sites/.*/files/styles/ { try_files $uri @rewrite; diff --git a/install/ubuntu/12.04/templates/web/nginx/php-fpm/drupal7.stpl b/install/ubuntu/12.04/templates/web/nginx/php-fpm/drupal7.stpl index 030ea952..bdf97f65 100644 --- a/install/ubuntu/12.04/templates/web/nginx/php-fpm/drupal7.stpl +++ b/install/ubuntu/12.04/templates/web/nginx/php-fpm/drupal7.stpl @@ -48,6 +48,10 @@ server { return 404; } + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + location ~ ^/sites/.*/files/styles/ { try_files $uri @rewrite; } diff --git a/install/ubuntu/12.04/templates/web/nginx/php-fpm/drupal7.tpl b/install/ubuntu/12.04/templates/web/nginx/php-fpm/drupal7.tpl index c9729795..14f0c833 100644 --- a/install/ubuntu/12.04/templates/web/nginx/php-fpm/drupal7.tpl +++ b/install/ubuntu/12.04/templates/web/nginx/php-fpm/drupal7.tpl @@ -44,6 +44,10 @@ server { return 404; } + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + location ~ ^/sites/.*/files/styles/ { try_files $uri @rewrite; } diff --git a/install/ubuntu/12.04/templates/web/nginx/php-fpm/drupal8.stpl b/install/ubuntu/12.04/templates/web/nginx/php-fpm/drupal8.stpl index 030ea952..bdf97f65 100644 --- a/install/ubuntu/12.04/templates/web/nginx/php-fpm/drupal8.stpl +++ b/install/ubuntu/12.04/templates/web/nginx/php-fpm/drupal8.stpl @@ -48,6 +48,10 @@ server { return 404; } + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + location ~ ^/sites/.*/files/styles/ { try_files $uri @rewrite; } diff --git a/install/ubuntu/12.04/templates/web/nginx/php-fpm/drupal8.tpl b/install/ubuntu/12.04/templates/web/nginx/php-fpm/drupal8.tpl index c9729795..6d0e5bd6 100644 --- a/install/ubuntu/12.04/templates/web/nginx/php-fpm/drupal8.tpl +++ b/install/ubuntu/12.04/templates/web/nginx/php-fpm/drupal8.tpl @@ -42,7 +42,11 @@ server { location ~ /vendor/.*\.php$ { deny all; return 404; - } + } + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } location ~ ^/sites/.*/files/styles/ { try_files $uri @rewrite; diff --git a/install/ubuntu/12.10/templates/web/nginx/php-fpm/drupal7.stpl b/install/ubuntu/12.10/templates/web/nginx/php-fpm/drupal7.stpl index 030ea952..bdf97f65 100644 --- a/install/ubuntu/12.10/templates/web/nginx/php-fpm/drupal7.stpl +++ b/install/ubuntu/12.10/templates/web/nginx/php-fpm/drupal7.stpl @@ -48,6 +48,10 @@ server { return 404; } + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + location ~ ^/sites/.*/files/styles/ { try_files $uri @rewrite; } diff --git a/install/ubuntu/12.10/templates/web/nginx/php-fpm/drupal7.tpl b/install/ubuntu/12.10/templates/web/nginx/php-fpm/drupal7.tpl index c9729795..14f0c833 100644 --- a/install/ubuntu/12.10/templates/web/nginx/php-fpm/drupal7.tpl +++ b/install/ubuntu/12.10/templates/web/nginx/php-fpm/drupal7.tpl @@ -44,6 +44,10 @@ server { return 404; } + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + location ~ ^/sites/.*/files/styles/ { try_files $uri @rewrite; } diff --git a/install/ubuntu/12.10/templates/web/nginx/php-fpm/drupal8.stpl b/install/ubuntu/12.10/templates/web/nginx/php-fpm/drupal8.stpl index 030ea952..bdf97f65 100644 --- a/install/ubuntu/12.10/templates/web/nginx/php-fpm/drupal8.stpl +++ b/install/ubuntu/12.10/templates/web/nginx/php-fpm/drupal8.stpl @@ -48,6 +48,10 @@ server { return 404; } + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + location ~ ^/sites/.*/files/styles/ { try_files $uri @rewrite; } diff --git a/install/ubuntu/12.10/templates/web/nginx/php-fpm/drupal8.tpl b/install/ubuntu/12.10/templates/web/nginx/php-fpm/drupal8.tpl index c9729795..6d0e5bd6 100644 --- a/install/ubuntu/12.10/templates/web/nginx/php-fpm/drupal8.tpl +++ b/install/ubuntu/12.10/templates/web/nginx/php-fpm/drupal8.tpl @@ -42,7 +42,11 @@ server { location ~ /vendor/.*\.php$ { deny all; return 404; - } + } + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } location ~ ^/sites/.*/files/styles/ { try_files $uri @rewrite; diff --git a/install/ubuntu/13.04/templates/web/nginx/php-fpm/drupal7.stpl b/install/ubuntu/13.04/templates/web/nginx/php-fpm/drupal7.stpl index 030ea952..bdf97f65 100644 --- a/install/ubuntu/13.04/templates/web/nginx/php-fpm/drupal7.stpl +++ b/install/ubuntu/13.04/templates/web/nginx/php-fpm/drupal7.stpl @@ -48,6 +48,10 @@ server { return 404; } + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + location ~ ^/sites/.*/files/styles/ { try_files $uri @rewrite; } diff --git a/install/ubuntu/13.04/templates/web/nginx/php-fpm/drupal7.tpl b/install/ubuntu/13.04/templates/web/nginx/php-fpm/drupal7.tpl index c9729795..14f0c833 100644 --- a/install/ubuntu/13.04/templates/web/nginx/php-fpm/drupal7.tpl +++ b/install/ubuntu/13.04/templates/web/nginx/php-fpm/drupal7.tpl @@ -44,6 +44,10 @@ server { return 404; } + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + location ~ ^/sites/.*/files/styles/ { try_files $uri @rewrite; } diff --git a/install/ubuntu/13.04/templates/web/nginx/php-fpm/drupal8.stpl b/install/ubuntu/13.04/templates/web/nginx/php-fpm/drupal8.stpl index 030ea952..bdf97f65 100644 --- a/install/ubuntu/13.04/templates/web/nginx/php-fpm/drupal8.stpl +++ b/install/ubuntu/13.04/templates/web/nginx/php-fpm/drupal8.stpl @@ -48,6 +48,10 @@ server { return 404; } + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + location ~ ^/sites/.*/files/styles/ { try_files $uri @rewrite; } diff --git a/install/ubuntu/13.04/templates/web/nginx/php-fpm/drupal8.tpl b/install/ubuntu/13.04/templates/web/nginx/php-fpm/drupal8.tpl index c9729795..6d0e5bd6 100644 --- a/install/ubuntu/13.04/templates/web/nginx/php-fpm/drupal8.tpl +++ b/install/ubuntu/13.04/templates/web/nginx/php-fpm/drupal8.tpl @@ -42,7 +42,11 @@ server { location ~ /vendor/.*\.php$ { deny all; return 404; - } + } + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } location ~ ^/sites/.*/files/styles/ { try_files $uri @rewrite; diff --git a/install/ubuntu/13.10/templates/web/nginx/php-fpm/drupal7.stpl b/install/ubuntu/13.10/templates/web/nginx/php-fpm/drupal7.stpl index 030ea952..bdf97f65 100644 --- a/install/ubuntu/13.10/templates/web/nginx/php-fpm/drupal7.stpl +++ b/install/ubuntu/13.10/templates/web/nginx/php-fpm/drupal7.stpl @@ -48,6 +48,10 @@ server { return 404; } + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + location ~ ^/sites/.*/files/styles/ { try_files $uri @rewrite; } diff --git a/install/ubuntu/13.10/templates/web/nginx/php-fpm/drupal7.tpl b/install/ubuntu/13.10/templates/web/nginx/php-fpm/drupal7.tpl index c9729795..14f0c833 100644 --- a/install/ubuntu/13.10/templates/web/nginx/php-fpm/drupal7.tpl +++ b/install/ubuntu/13.10/templates/web/nginx/php-fpm/drupal7.tpl @@ -44,6 +44,10 @@ server { return 404; } + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + location ~ ^/sites/.*/files/styles/ { try_files $uri @rewrite; } diff --git a/install/ubuntu/13.10/templates/web/nginx/php-fpm/drupal8.stpl b/install/ubuntu/13.10/templates/web/nginx/php-fpm/drupal8.stpl index 030ea952..bdf97f65 100644 --- a/install/ubuntu/13.10/templates/web/nginx/php-fpm/drupal8.stpl +++ b/install/ubuntu/13.10/templates/web/nginx/php-fpm/drupal8.stpl @@ -48,6 +48,10 @@ server { return 404; } + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + location ~ ^/sites/.*/files/styles/ { try_files $uri @rewrite; } diff --git a/install/ubuntu/13.10/templates/web/nginx/php-fpm/drupal8.tpl b/install/ubuntu/13.10/templates/web/nginx/php-fpm/drupal8.tpl index c9729795..6d0e5bd6 100644 --- a/install/ubuntu/13.10/templates/web/nginx/php-fpm/drupal8.tpl +++ b/install/ubuntu/13.10/templates/web/nginx/php-fpm/drupal8.tpl @@ -42,7 +42,11 @@ server { location ~ /vendor/.*\.php$ { deny all; return 404; - } + } + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } location ~ ^/sites/.*/files/styles/ { try_files $uri @rewrite; diff --git a/install/ubuntu/14.04/templates/web/nginx/php-fpm/drupal7.stpl b/install/ubuntu/14.04/templates/web/nginx/php-fpm/drupal7.stpl index 030ea952..bdf97f65 100644 --- a/install/ubuntu/14.04/templates/web/nginx/php-fpm/drupal7.stpl +++ b/install/ubuntu/14.04/templates/web/nginx/php-fpm/drupal7.stpl @@ -48,6 +48,10 @@ server { return 404; } + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + location ~ ^/sites/.*/files/styles/ { try_files $uri @rewrite; } diff --git a/install/ubuntu/14.04/templates/web/nginx/php-fpm/drupal7.tpl b/install/ubuntu/14.04/templates/web/nginx/php-fpm/drupal7.tpl index c9729795..14f0c833 100644 --- a/install/ubuntu/14.04/templates/web/nginx/php-fpm/drupal7.tpl +++ b/install/ubuntu/14.04/templates/web/nginx/php-fpm/drupal7.tpl @@ -44,6 +44,10 @@ server { return 404; } + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + location ~ ^/sites/.*/files/styles/ { try_files $uri @rewrite; } diff --git a/install/ubuntu/14.04/templates/web/nginx/php-fpm/drupal8.stpl b/install/ubuntu/14.04/templates/web/nginx/php-fpm/drupal8.stpl index 030ea952..bdf97f65 100644 --- a/install/ubuntu/14.04/templates/web/nginx/php-fpm/drupal8.stpl +++ b/install/ubuntu/14.04/templates/web/nginx/php-fpm/drupal8.stpl @@ -48,6 +48,10 @@ server { return 404; } + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + location ~ ^/sites/.*/files/styles/ { try_files $uri @rewrite; } diff --git a/install/ubuntu/14.04/templates/web/nginx/php-fpm/drupal8.tpl b/install/ubuntu/14.04/templates/web/nginx/php-fpm/drupal8.tpl index c9729795..6d0e5bd6 100644 --- a/install/ubuntu/14.04/templates/web/nginx/php-fpm/drupal8.tpl +++ b/install/ubuntu/14.04/templates/web/nginx/php-fpm/drupal8.tpl @@ -42,7 +42,11 @@ server { location ~ /vendor/.*\.php$ { deny all; return 404; - } + } + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } location ~ ^/sites/.*/files/styles/ { try_files $uri @rewrite; diff --git a/install/ubuntu/14.10/templates/web/nginx/php-fpm/drupal7.stpl b/install/ubuntu/14.10/templates/web/nginx/php-fpm/drupal7.stpl index 030ea952..bdf97f65 100644 --- a/install/ubuntu/14.10/templates/web/nginx/php-fpm/drupal7.stpl +++ b/install/ubuntu/14.10/templates/web/nginx/php-fpm/drupal7.stpl @@ -48,6 +48,10 @@ server { return 404; } + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + location ~ ^/sites/.*/files/styles/ { try_files $uri @rewrite; } diff --git a/install/ubuntu/14.10/templates/web/nginx/php-fpm/drupal7.tpl b/install/ubuntu/14.10/templates/web/nginx/php-fpm/drupal7.tpl index c9729795..14f0c833 100644 --- a/install/ubuntu/14.10/templates/web/nginx/php-fpm/drupal7.tpl +++ b/install/ubuntu/14.10/templates/web/nginx/php-fpm/drupal7.tpl @@ -44,6 +44,10 @@ server { return 404; } + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + location ~ ^/sites/.*/files/styles/ { try_files $uri @rewrite; } diff --git a/install/ubuntu/14.10/templates/web/nginx/php-fpm/drupal8.stpl b/install/ubuntu/14.10/templates/web/nginx/php-fpm/drupal8.stpl index 030ea952..bdf97f65 100644 --- a/install/ubuntu/14.10/templates/web/nginx/php-fpm/drupal8.stpl +++ b/install/ubuntu/14.10/templates/web/nginx/php-fpm/drupal8.stpl @@ -48,6 +48,10 @@ server { return 404; } + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + location ~ ^/sites/.*/files/styles/ { try_files $uri @rewrite; } diff --git a/install/ubuntu/14.10/templates/web/nginx/php-fpm/drupal8.tpl b/install/ubuntu/14.10/templates/web/nginx/php-fpm/drupal8.tpl index c9729795..6d0e5bd6 100644 --- a/install/ubuntu/14.10/templates/web/nginx/php-fpm/drupal8.tpl +++ b/install/ubuntu/14.10/templates/web/nginx/php-fpm/drupal8.tpl @@ -42,7 +42,11 @@ server { location ~ /vendor/.*\.php$ { deny all; return 404; - } + } + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } location ~ ^/sites/.*/files/styles/ { try_files $uri @rewrite; diff --git a/install/ubuntu/15.04/templates/web/nginx/php-fpm/drupal7.stpl b/install/ubuntu/15.04/templates/web/nginx/php-fpm/drupal7.stpl index 030ea952..bdf97f65 100644 --- a/install/ubuntu/15.04/templates/web/nginx/php-fpm/drupal7.stpl +++ b/install/ubuntu/15.04/templates/web/nginx/php-fpm/drupal7.stpl @@ -48,6 +48,10 @@ server { return 404; } + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + location ~ ^/sites/.*/files/styles/ { try_files $uri @rewrite; } diff --git a/install/ubuntu/15.04/templates/web/nginx/php-fpm/drupal7.tpl b/install/ubuntu/15.04/templates/web/nginx/php-fpm/drupal7.tpl index c9729795..14f0c833 100644 --- a/install/ubuntu/15.04/templates/web/nginx/php-fpm/drupal7.tpl +++ b/install/ubuntu/15.04/templates/web/nginx/php-fpm/drupal7.tpl @@ -44,6 +44,10 @@ server { return 404; } + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + location ~ ^/sites/.*/files/styles/ { try_files $uri @rewrite; } diff --git a/install/ubuntu/15.04/templates/web/nginx/php-fpm/drupal8.stpl b/install/ubuntu/15.04/templates/web/nginx/php-fpm/drupal8.stpl index 030ea952..bdf97f65 100644 --- a/install/ubuntu/15.04/templates/web/nginx/php-fpm/drupal8.stpl +++ b/install/ubuntu/15.04/templates/web/nginx/php-fpm/drupal8.stpl @@ -48,6 +48,10 @@ server { return 404; } + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + location ~ ^/sites/.*/files/styles/ { try_files $uri @rewrite; } diff --git a/install/ubuntu/15.04/templates/web/nginx/php-fpm/drupal8.tpl b/install/ubuntu/15.04/templates/web/nginx/php-fpm/drupal8.tpl index c9729795..6d0e5bd6 100644 --- a/install/ubuntu/15.04/templates/web/nginx/php-fpm/drupal8.tpl +++ b/install/ubuntu/15.04/templates/web/nginx/php-fpm/drupal8.tpl @@ -42,7 +42,11 @@ server { location ~ /vendor/.*\.php$ { deny all; return 404; - } + } + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } location ~ ^/sites/.*/files/styles/ { try_files $uri @rewrite; diff --git a/install/ubuntu/15.10/templates/web/nginx/php-fpm/drupal7.stpl b/install/ubuntu/15.10/templates/web/nginx/php-fpm/drupal7.stpl index 030ea952..bdf97f65 100644 --- a/install/ubuntu/15.10/templates/web/nginx/php-fpm/drupal7.stpl +++ b/install/ubuntu/15.10/templates/web/nginx/php-fpm/drupal7.stpl @@ -48,6 +48,10 @@ server { return 404; } + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + location ~ ^/sites/.*/files/styles/ { try_files $uri @rewrite; } diff --git a/install/ubuntu/15.10/templates/web/nginx/php-fpm/drupal7.tpl b/install/ubuntu/15.10/templates/web/nginx/php-fpm/drupal7.tpl index c9729795..14f0c833 100644 --- a/install/ubuntu/15.10/templates/web/nginx/php-fpm/drupal7.tpl +++ b/install/ubuntu/15.10/templates/web/nginx/php-fpm/drupal7.tpl @@ -44,6 +44,10 @@ server { return 404; } + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + location ~ ^/sites/.*/files/styles/ { try_files $uri @rewrite; } diff --git a/install/ubuntu/15.10/templates/web/nginx/php-fpm/drupal8.stpl b/install/ubuntu/15.10/templates/web/nginx/php-fpm/drupal8.stpl index 030ea952..bdf97f65 100644 --- a/install/ubuntu/15.10/templates/web/nginx/php-fpm/drupal8.stpl +++ b/install/ubuntu/15.10/templates/web/nginx/php-fpm/drupal8.stpl @@ -48,6 +48,10 @@ server { return 404; } + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + location ~ ^/sites/.*/files/styles/ { try_files $uri @rewrite; } diff --git a/install/ubuntu/15.10/templates/web/nginx/php-fpm/drupal8.tpl b/install/ubuntu/15.10/templates/web/nginx/php-fpm/drupal8.tpl index c9729795..6d0e5bd6 100644 --- a/install/ubuntu/15.10/templates/web/nginx/php-fpm/drupal8.tpl +++ b/install/ubuntu/15.10/templates/web/nginx/php-fpm/drupal8.tpl @@ -42,7 +42,11 @@ server { location ~ /vendor/.*\.php$ { deny all; return 404; - } + } + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } location ~ ^/sites/.*/files/styles/ { try_files $uri @rewrite; diff --git a/install/ubuntu/16.04/templates/web/nginx/php-fpm/drupal7.stpl b/install/ubuntu/16.04/templates/web/nginx/php-fpm/drupal7.stpl index 030ea952..bdf97f65 100644 --- a/install/ubuntu/16.04/templates/web/nginx/php-fpm/drupal7.stpl +++ b/install/ubuntu/16.04/templates/web/nginx/php-fpm/drupal7.stpl @@ -48,6 +48,10 @@ server { return 404; } + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + location ~ ^/sites/.*/files/styles/ { try_files $uri @rewrite; } diff --git a/install/ubuntu/16.04/templates/web/nginx/php-fpm/drupal7.tpl b/install/ubuntu/16.04/templates/web/nginx/php-fpm/drupal7.tpl index c9729795..14f0c833 100644 --- a/install/ubuntu/16.04/templates/web/nginx/php-fpm/drupal7.tpl +++ b/install/ubuntu/16.04/templates/web/nginx/php-fpm/drupal7.tpl @@ -44,6 +44,10 @@ server { return 404; } + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + location ~ ^/sites/.*/files/styles/ { try_files $uri @rewrite; } diff --git a/install/ubuntu/16.04/templates/web/nginx/php-fpm/drupal8.stpl b/install/ubuntu/16.04/templates/web/nginx/php-fpm/drupal8.stpl index 030ea952..bdf97f65 100644 --- a/install/ubuntu/16.04/templates/web/nginx/php-fpm/drupal8.stpl +++ b/install/ubuntu/16.04/templates/web/nginx/php-fpm/drupal8.stpl @@ -48,6 +48,10 @@ server { return 404; } + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + location ~ ^/sites/.*/files/styles/ { try_files $uri @rewrite; } diff --git a/install/ubuntu/16.04/templates/web/nginx/php-fpm/drupal8.tpl b/install/ubuntu/16.04/templates/web/nginx/php-fpm/drupal8.tpl index c9729795..6d0e5bd6 100644 --- a/install/ubuntu/16.04/templates/web/nginx/php-fpm/drupal8.tpl +++ b/install/ubuntu/16.04/templates/web/nginx/php-fpm/drupal8.tpl @@ -42,7 +42,11 @@ server { location ~ /vendor/.*\.php$ { deny all; return 404; - } + } + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } location ~ ^/sites/.*/files/styles/ { try_files $uri @rewrite; diff --git a/install/ubuntu/16.10/templates/web/nginx/php-fpm/drupal7.stpl b/install/ubuntu/16.10/templates/web/nginx/php-fpm/drupal7.stpl index 030ea952..bdf97f65 100644 --- a/install/ubuntu/16.10/templates/web/nginx/php-fpm/drupal7.stpl +++ b/install/ubuntu/16.10/templates/web/nginx/php-fpm/drupal7.stpl @@ -48,6 +48,10 @@ server { return 404; } + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + location ~ ^/sites/.*/files/styles/ { try_files $uri @rewrite; } diff --git a/install/ubuntu/16.10/templates/web/nginx/php-fpm/drupal7.tpl b/install/ubuntu/16.10/templates/web/nginx/php-fpm/drupal7.tpl index c9729795..14f0c833 100644 --- a/install/ubuntu/16.10/templates/web/nginx/php-fpm/drupal7.tpl +++ b/install/ubuntu/16.10/templates/web/nginx/php-fpm/drupal7.tpl @@ -44,6 +44,10 @@ server { return 404; } + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + location ~ ^/sites/.*/files/styles/ { try_files $uri @rewrite; } diff --git a/install/ubuntu/16.10/templates/web/nginx/php-fpm/drupal8.stpl b/install/ubuntu/16.10/templates/web/nginx/php-fpm/drupal8.stpl index 030ea952..bdf97f65 100644 --- a/install/ubuntu/16.10/templates/web/nginx/php-fpm/drupal8.stpl +++ b/install/ubuntu/16.10/templates/web/nginx/php-fpm/drupal8.stpl @@ -48,6 +48,10 @@ server { return 404; } + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + location ~ ^/sites/.*/files/styles/ { try_files $uri @rewrite; } diff --git a/install/ubuntu/16.10/templates/web/nginx/php-fpm/drupal8.tpl b/install/ubuntu/16.10/templates/web/nginx/php-fpm/drupal8.tpl index c9729795..6d0e5bd6 100644 --- a/install/ubuntu/16.10/templates/web/nginx/php-fpm/drupal8.tpl +++ b/install/ubuntu/16.10/templates/web/nginx/php-fpm/drupal8.tpl @@ -42,7 +42,11 @@ server { location ~ /vendor/.*\.php$ { deny all; return 404; - } + } + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } location ~ ^/sites/.*/files/styles/ { try_files $uri @rewrite; diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal7.stpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal7.stpl index 030ea952..bdf97f65 100644 --- a/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal7.stpl +++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal7.stpl @@ -48,6 +48,10 @@ server { return 404; } + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + location ~ ^/sites/.*/files/styles/ { try_files $uri @rewrite; } diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal7.tpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal7.tpl index c9729795..14f0c833 100644 --- a/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal7.tpl +++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal7.tpl @@ -44,6 +44,10 @@ server { return 404; } + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + location ~ ^/sites/.*/files/styles/ { try_files $uri @rewrite; } diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal8.stpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal8.stpl index 030ea952..bdf97f65 100644 --- a/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal8.stpl +++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal8.stpl @@ -48,6 +48,10 @@ server { return 404; } + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + location ~ ^/sites/.*/files/styles/ { try_files $uri @rewrite; } diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal8.tpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal8.tpl index c9729795..6d0e5bd6 100644 --- a/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal8.tpl +++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal8.tpl @@ -42,7 +42,11 @@ server { location ~ /vendor/.*\.php$ { deny all; return 404; - } + } + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } location ~ ^/sites/.*/files/styles/ { try_files $uri @rewrite; diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal7.stpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal7.stpl index 030ea952..bdf97f65 100644 --- a/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal7.stpl +++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal7.stpl @@ -48,6 +48,10 @@ server { return 404; } + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + location ~ ^/sites/.*/files/styles/ { try_files $uri @rewrite; } diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal7.tpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal7.tpl index c9729795..14f0c833 100644 --- a/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal7.tpl +++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal7.tpl @@ -44,6 +44,10 @@ server { return 404; } + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + location ~ ^/sites/.*/files/styles/ { try_files $uri @rewrite; } diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal8.stpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal8.stpl index 030ea952..bdf97f65 100644 --- a/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal8.stpl +++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal8.stpl @@ -48,6 +48,10 @@ server { return 404; } + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + location ~ ^/sites/.*/files/styles/ { try_files $uri @rewrite; } diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal8.tpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal8.tpl index c9729795..6d0e5bd6 100644 --- a/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal8.tpl +++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal8.tpl @@ -42,7 +42,11 @@ server { location ~ /vendor/.*\.php$ { deny all; return 404; - } + } + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } location ~ ^/sites/.*/files/styles/ { try_files $uri @rewrite; diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal7.stpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal7.stpl index 030ea952..bdf97f65 100644 --- a/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal7.stpl +++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal7.stpl @@ -48,6 +48,10 @@ server { return 404; } + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + location ~ ^/sites/.*/files/styles/ { try_files $uri @rewrite; } diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal7.tpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal7.tpl index c9729795..14f0c833 100644 --- a/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal7.tpl +++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal7.tpl @@ -44,6 +44,10 @@ server { return 404; } + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + location ~ ^/sites/.*/files/styles/ { try_files $uri @rewrite; } diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal8.stpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal8.stpl index 030ea952..bdf97f65 100644 --- a/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal8.stpl +++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal8.stpl @@ -48,6 +48,10 @@ server { return 404; } + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + location ~ ^/sites/.*/files/styles/ { try_files $uri @rewrite; } diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal8.tpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal8.tpl index c9729795..6d0e5bd6 100644 --- a/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal8.tpl +++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal8.tpl @@ -42,7 +42,11 @@ server { location ~ /vendor/.*\.php$ { deny all; return 404; - } + } + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } location ~ ^/sites/.*/files/styles/ { try_files $uri @rewrite; From 287da0f336e00704dbd8bb7fb2a053ff3e276e98 Mon Sep 17 00:00:00 2001 From: Phinitnan Chanasabaeng Date: Sat, 11 Aug 2018 16:01:41 +0700 Subject: [PATCH 013/197] Reworked on Drupal's nginx template. --- .../templates/web/nginx/php5-fpm/drupal6.stpl | 92 +++++++--------- .../templates/web/nginx/php5-fpm/drupal6.tpl | 90 +++++++-------- .../templates/web/nginx/php5-fpm/drupal7.stpl | 102 ++++++++--------- .../templates/web/nginx/php5-fpm/drupal7.tpl | 94 +++++++--------- .../templates/web/nginx/php5-fpm/drupal8.stpl | 103 +++++++++--------- .../templates/web/nginx/php5-fpm/drupal8.tpl | 103 +++++++++--------- .../templates/web/nginx/php5-fpm/drupal6.stpl | 92 +++++++--------- .../templates/web/nginx/php5-fpm/drupal6.tpl | 90 +++++++-------- .../templates/web/nginx/php5-fpm/drupal7.stpl | 102 ++++++++--------- .../templates/web/nginx/php5-fpm/drupal7.tpl | 94 +++++++--------- .../templates/web/nginx/php5-fpm/drupal8.stpl | 103 +++++++++--------- .../templates/web/nginx/php5-fpm/drupal8.tpl | 103 +++++++++--------- .../templates/web/nginx/php-fpm/drupal6.stpl | 92 +++++++--------- .../9/templates/web/nginx/php-fpm/drupal6.tpl | 90 +++++++-------- .../templates/web/nginx/php-fpm/drupal7.stpl | 102 ++++++++--------- .../9/templates/web/nginx/php-fpm/drupal7.tpl | 94 +++++++--------- .../templates/web/nginx/php-fpm/drupal8.stpl | 103 +++++++++--------- .../9/templates/web/nginx/php-fpm/drupal8.tpl | 103 +++++++++--------- .../templates/web/nginx/php-fpm/drupal6.stpl | 92 +++++++--------- .../5/templates/web/nginx/php-fpm/drupal6.tpl | 90 +++++++-------- .../templates/web/nginx/php-fpm/drupal7.stpl | 102 ++++++++--------- .../5/templates/web/nginx/php-fpm/drupal7.tpl | 94 +++++++--------- .../templates/web/nginx/php-fpm/drupal8.stpl | 103 +++++++++--------- .../5/templates/web/nginx/php-fpm/drupal8.tpl | 103 +++++++++--------- .../templates/web/nginx/php-fpm/drupal6.stpl | 92 +++++++--------- .../6/templates/web/nginx/php-fpm/drupal6.tpl | 90 +++++++-------- .../templates/web/nginx/php-fpm/drupal7.stpl | 102 ++++++++--------- .../6/templates/web/nginx/php-fpm/drupal7.tpl | 94 +++++++--------- .../templates/web/nginx/php-fpm/drupal8.stpl | 103 +++++++++--------- .../6/templates/web/nginx/php-fpm/drupal8.tpl | 103 +++++++++--------- .../templates/web/nginx/php-fpm/drupal6.stpl | 92 +++++++--------- .../7/templates/web/nginx/php-fpm/drupal6.tpl | 90 +++++++-------- .../templates/web/nginx/php-fpm/drupal7.stpl | 102 ++++++++--------- .../7/templates/web/nginx/php-fpm/drupal7.tpl | 94 +++++++--------- .../templates/web/nginx/php-fpm/drupal8.stpl | 103 +++++++++--------- .../7/templates/web/nginx/php-fpm/drupal8.tpl | 103 +++++++++--------- .../templates/web/nginx/php-fpm/drupal6.stpl | 92 +++++++--------- .../templates/web/nginx/php-fpm/drupal6.tpl | 90 +++++++-------- .../templates/web/nginx/php-fpm/drupal7.stpl | 102 ++++++++--------- .../templates/web/nginx/php-fpm/drupal7.tpl | 94 +++++++--------- .../templates/web/nginx/php-fpm/drupal8.stpl | 103 +++++++++--------- .../templates/web/nginx/php-fpm/drupal8.tpl | 103 +++++++++--------- .../templates/web/nginx/php-fpm/drupal6.stpl | 92 +++++++--------- .../templates/web/nginx/php-fpm/drupal6.tpl | 90 +++++++-------- .../templates/web/nginx/php-fpm/drupal7.stpl | 102 ++++++++--------- .../templates/web/nginx/php-fpm/drupal7.tpl | 94 +++++++--------- .../templates/web/nginx/php-fpm/drupal8.stpl | 103 +++++++++--------- .../templates/web/nginx/php-fpm/drupal8.tpl | 103 +++++++++--------- .../templates/web/nginx/php-fpm/drupal6.stpl | 92 +++++++--------- .../templates/web/nginx/php-fpm/drupal6.tpl | 90 +++++++-------- .../templates/web/nginx/php-fpm/drupal7.stpl | 102 ++++++++--------- .../templates/web/nginx/php-fpm/drupal7.tpl | 94 +++++++--------- .../templates/web/nginx/php-fpm/drupal8.stpl | 103 +++++++++--------- .../templates/web/nginx/php-fpm/drupal8.tpl | 103 +++++++++--------- .../templates/web/nginx/php-fpm/drupal6.stpl | 92 +++++++--------- .../templates/web/nginx/php-fpm/drupal6.tpl | 90 +++++++-------- .../templates/web/nginx/php-fpm/drupal7.stpl | 102 ++++++++--------- .../templates/web/nginx/php-fpm/drupal7.tpl | 94 +++++++--------- .../templates/web/nginx/php-fpm/drupal8.stpl | 103 +++++++++--------- .../templates/web/nginx/php-fpm/drupal8.tpl | 103 +++++++++--------- .../templates/web/nginx/php-fpm/drupal6.stpl | 92 +++++++--------- .../templates/web/nginx/php-fpm/drupal6.tpl | 90 +++++++-------- .../templates/web/nginx/php-fpm/drupal7.stpl | 102 ++++++++--------- .../templates/web/nginx/php-fpm/drupal7.tpl | 94 +++++++--------- .../templates/web/nginx/php-fpm/drupal8.stpl | 103 +++++++++--------- .../templates/web/nginx/php-fpm/drupal8.tpl | 103 +++++++++--------- .../templates/web/nginx/php-fpm/drupal6.stpl | 92 +++++++--------- .../templates/web/nginx/php-fpm/drupal6.tpl | 90 +++++++-------- .../templates/web/nginx/php-fpm/drupal7.stpl | 102 ++++++++--------- .../templates/web/nginx/php-fpm/drupal7.tpl | 94 +++++++--------- .../templates/web/nginx/php-fpm/drupal8.stpl | 103 +++++++++--------- .../templates/web/nginx/php-fpm/drupal8.tpl | 103 +++++++++--------- .../templates/web/nginx/php-fpm/drupal6.stpl | 92 +++++++--------- .../templates/web/nginx/php-fpm/drupal6.tpl | 90 +++++++-------- .../templates/web/nginx/php-fpm/drupal7.stpl | 102 ++++++++--------- .../templates/web/nginx/php-fpm/drupal7.tpl | 94 +++++++--------- .../templates/web/nginx/php-fpm/drupal8.stpl | 103 +++++++++--------- .../templates/web/nginx/php-fpm/drupal8.tpl | 103 +++++++++--------- .../templates/web/nginx/php-fpm/drupal6.stpl | 92 +++++++--------- .../templates/web/nginx/php-fpm/drupal6.tpl | 90 +++++++-------- .../templates/web/nginx/php-fpm/drupal7.stpl | 102 ++++++++--------- .../templates/web/nginx/php-fpm/drupal7.tpl | 94 +++++++--------- .../templates/web/nginx/php-fpm/drupal8.stpl | 103 +++++++++--------- .../templates/web/nginx/php-fpm/drupal8.tpl | 103 +++++++++--------- .../templates/web/nginx/php-fpm/drupal6.stpl | 92 +++++++--------- .../templates/web/nginx/php-fpm/drupal6.tpl | 90 +++++++-------- .../templates/web/nginx/php-fpm/drupal7.stpl | 102 ++++++++--------- .../templates/web/nginx/php-fpm/drupal7.tpl | 94 +++++++--------- .../templates/web/nginx/php-fpm/drupal8.stpl | 103 +++++++++--------- .../templates/web/nginx/php-fpm/drupal8.tpl | 103 +++++++++--------- .../templates/web/nginx/php-fpm/drupal6.stpl | 92 +++++++--------- .../templates/web/nginx/php-fpm/drupal6.tpl | 90 +++++++-------- .../templates/web/nginx/php-fpm/drupal7.stpl | 102 ++++++++--------- .../templates/web/nginx/php-fpm/drupal7.tpl | 94 +++++++--------- .../templates/web/nginx/php-fpm/drupal8.stpl | 103 +++++++++--------- .../templates/web/nginx/php-fpm/drupal8.tpl | 103 +++++++++--------- .../templates/web/nginx/php-fpm/drupal6.stpl | 92 +++++++--------- .../templates/web/nginx/php-fpm/drupal6.tpl | 90 +++++++-------- .../templates/web/nginx/php-fpm/drupal7.stpl | 102 ++++++++--------- .../templates/web/nginx/php-fpm/drupal7.tpl | 94 +++++++--------- .../templates/web/nginx/php-fpm/drupal8.stpl | 103 +++++++++--------- .../templates/web/nginx/php-fpm/drupal8.tpl | 103 +++++++++--------- .../templates/web/nginx/php-fpm/drupal6.stpl | 92 +++++++--------- .../templates/web/nginx/php-fpm/drupal6.tpl | 90 +++++++-------- .../templates/web/nginx/php-fpm/drupal7.stpl | 102 ++++++++--------- .../templates/web/nginx/php-fpm/drupal7.tpl | 94 +++++++--------- .../templates/web/nginx/php-fpm/drupal8.stpl | 103 +++++++++--------- .../templates/web/nginx/php-fpm/drupal8.tpl | 103 +++++++++--------- .../templates/web/nginx/php-fpm/drupal6.stpl | 92 +++++++--------- .../templates/web/nginx/php-fpm/drupal6.tpl | 90 +++++++-------- .../templates/web/nginx/php-fpm/drupal7.stpl | 102 ++++++++--------- .../templates/web/nginx/php-fpm/drupal7.tpl | 94 +++++++--------- .../templates/web/nginx/php-fpm/drupal8.stpl | 103 +++++++++--------- .../templates/web/nginx/php-fpm/drupal8.tpl | 103 +++++++++--------- 114 files changed, 5073 insertions(+), 6023 deletions(-) diff --git a/install/debian/7/templates/web/nginx/php5-fpm/drupal6.stpl b/install/debian/7/templates/web/nginx/php5-fpm/drupal6.stpl index 0af7ce84..9d984000 100644 --- a/install/debian/7/templates/web/nginx/php5-fpm/drupal6.stpl +++ b/install/debian/7/templates/web/nginx/php5-fpm/drupal6.stpl @@ -10,63 +10,53 @@ server { ssl on; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; - - location = /favicon.ico { - log_not_found off; - access_log off; - } - - location = /robots.txt { - allow all; - log_not_found off; - access_log off; - } - - location ~* \.(txt|log)$ { - allow 192.168.0.0/16; - deny all; - } - - location ~ \..*/.*\.php$ { - return 403; - } - - location ~ ^/sites/.*/private/ { - return 403; - } - - location ~ ^/sites/[^/]+/files/.*\.php$ { - deny all; - } - - location / { - try_files $uri @rewrite; - } - + location @rewrite { rewrite ^/(.*)$ /index.php?q=$1; - } - - location ~ /vendor/.*\.php$ { - deny all; - return 404; - } + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } - location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + try_files $uri @rewrite; - expires max; - log_not_found off; - } - location ~ ^/sites/.*/files/imagecache/ { - try_files $uri @rewrite; - } + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } - location ~ '\.php$|^/update.php' { - fastcgi_split_path_info ^(.+?\.php)(|/.*)$; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - fastcgi_pass %backend_lsnr%; - include /etc/nginx/fastcgi_params; + location ~ ^/sites/.*/files/imagecache/ { + try_files $uri @rewrite; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } } error_page 403 /error/404.html; diff --git a/install/debian/7/templates/web/nginx/php5-fpm/drupal6.tpl b/install/debian/7/templates/web/nginx/php5-fpm/drupal6.tpl index d1096bff..0ae7568b 100644 --- a/install/debian/7/templates/web/nginx/php5-fpm/drupal6.tpl +++ b/install/debian/7/templates/web/nginx/php5-fpm/drupal6.tpl @@ -7,62 +7,52 @@ server { access_log /var/log/nginx/domains/%domain%.bytes bytes; error_log /var/log/nginx/domains/%domain%.error.log error; - location = /favicon.ico { - log_not_found off; - access_log off; - } - - location = /robots.txt { - allow all; - log_not_found off; - access_log off; - } - - location ~* \.(txt|log)$ { - allow 192.168.0.0/16; - deny all; - } - - location ~ \..*/.*\.php$ { - return 403; - } - - location ~ ^/sites/.*/private/ { - return 403; - } - - location ~ ^/sites/[^/]+/files/.*\.php$ { - deny all; - } - - location / { - try_files $uri @rewrite; - } - location @rewrite { rewrite ^/(.*)$ /index.php?q=$1; } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } - location ~ /vendor/.*\.php$ { - deny all; - return 404; - } + try_files $uri @rewrite; - location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { - try_files $uri @rewrite; - expires max; - log_not_found off; - } + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } - location ~ ^/sites/.*/files/imagecache/ { - try_files $uri @rewrite; - } - - location ~ '\.php$|^/update.php' { - fastcgi_split_path_info ^(.+?\.php)(|/.*)$; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - fastcgi_pass %backend_lsnr%; - include /etc/nginx/fastcgi_params; + location ~ ^/sites/.*/files/imagecache/ { + try_files $uri @rewrite; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } } error_page 403 /error/404.html; diff --git a/install/debian/7/templates/web/nginx/php5-fpm/drupal7.stpl b/install/debian/7/templates/web/nginx/php5-fpm/drupal7.stpl index bdf97f65..0d7930fa 100644 --- a/install/debian/7/templates/web/nginx/php5-fpm/drupal7.stpl +++ b/install/debian/7/templates/web/nginx/php5-fpm/drupal7.stpl @@ -11,66 +11,56 @@ server { ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; - location = /favicon.ico { - log_not_found off; - access_log off; - } - - location = /robots.txt { - allow all; - log_not_found off; - access_log off; - } - - location ~* \.(txt|log)$ { - allow 192.168.0.0/16; - deny all; - } - - location ~ \..*/.*\.php$ { - return 403; - } - - location ~ ^/sites/.*/private/ { - return 403; - } - - location ~ ^/sites/[^/]+/files/.*\.php$ { - deny all; - } - - location / { - try_files $uri /index.php?$query_string; - } - - location ~ /vendor/.*\.php$ { - deny all; - return 404; - } - location @rewrite { rewrite ^/(.*)$ /index.php?q=$1; } - - location ~ ^/sites/.*/files/styles/ { - try_files $uri @rewrite; - } - - location ~ ^(/[a-z\-]+)?/system/files/ { - try_files $uri /index.php?$query_string; - } - - location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { - try_files $uri @rewrite; - expires max; - log_not_found off; - } - location ~ '\.php$|^/update.php' { - fastcgi_split_path_info ^(.+?\.php)(|/.*)$; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - fastcgi_pass %backend_lsnr%; - include /etc/nginx/fastcgi_params; + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + try_files $uri /index.php?$query_string; + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } + + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } } error_page 403 /error/404.html; diff --git a/install/debian/7/templates/web/nginx/php5-fpm/drupal7.tpl b/install/debian/7/templates/web/nginx/php5-fpm/drupal7.tpl index 14f0c833..6b41f319 100644 --- a/install/debian/7/templates/web/nginx/php5-fpm/drupal7.tpl +++ b/install/debian/7/templates/web/nginx/php5-fpm/drupal7.tpl @@ -7,66 +7,56 @@ server { access_log /var/log/nginx/domains/%domain%.bytes bytes; error_log /var/log/nginx/domains/%domain%.error.log error; - location = /favicon.ico { - log_not_found off; - access_log off; - } - - location = /robots.txt { - allow all; - log_not_found off; - access_log off; - } - - location ~* \.(txt|log)$ { - allow 192.168.0.0/16; - deny all; - } - - location ~ \..*/.*\.php$ { - return 403; - } - - location ~ ^/sites/.*/private/ { - return 403; - } - - location ~ ^/sites/[^/]+/files/.*\.php$ { - deny all; - } - - location / { - try_files $uri /index.php?$query_string; - } - - location ~ /vendor/.*\.php$ { - deny all; - return 404; - } - location @rewrite { rewrite ^/(.*)$ /index.php?q=$1; } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } - location ~ ^/sites/.*/files/styles/ { - try_files $uri @rewrite; - } + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } - location ~ ^(/[a-z\-]+)?/system/files/ { try_files $uri /index.php?$query_string; - } - location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { - try_files $uri @rewrite; - expires max; - log_not_found off; - } + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } - location ~ '\.php$|^/update.php' { - fastcgi_split_path_info ^(.+?\.php)(|/.*)$; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - fastcgi_pass %backend_lsnr%; - include /etc/nginx/fastcgi_params; + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } } error_page 403 /error/404.html; diff --git a/install/debian/7/templates/web/nginx/php5-fpm/drupal8.stpl b/install/debian/7/templates/web/nginx/php5-fpm/drupal8.stpl index bdf97f65..6fd64db6 100644 --- a/install/debian/7/templates/web/nginx/php5-fpm/drupal8.stpl +++ b/install/debian/7/templates/web/nginx/php5-fpm/drupal8.stpl @@ -11,67 +11,62 @@ server { ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; - location = /favicon.ico { - log_not_found off; - access_log off; - } - - location = /robots.txt { - allow all; - log_not_found off; - access_log off; - } - - location ~* \.(txt|log)$ { - allow 192.168.0.0/16; - deny all; - } - - location ~ \..*/.*\.php$ { - return 403; - } - - location ~ ^/sites/.*/private/ { - return 403; - } - - location ~ ^/sites/[^/]+/files/.*\.php$ { - deny all; - } - - location / { - try_files $uri /index.php?$query_string; - } - - location ~ /vendor/.*\.php$ { - deny all; - return 404; - } - location @rewrite { rewrite ^/(.*)$ /index.php?q=$1; } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } - location ~ ^/sites/.*/files/styles/ { - try_files $uri @rewrite; - } + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } - location ~ ^(/[a-z\-]+)?/system/files/ { + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + location ~ /vendor/.*\.php$ { + deny all; + return 404; + } + try_files $uri /index.php?$query_string; - } + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } - location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { - try_files $uri @rewrite; - expires max; - log_not_found off; - } - - location ~ '\.php$|^/update.php' { - fastcgi_split_path_info ^(.+?\.php)(|/.*)$; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - fastcgi_pass %backend_lsnr%; - include /etc/nginx/fastcgi_params; - } + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } error_page 403 /error/404.html; error_page 404 /error/404.html; diff --git a/install/debian/7/templates/web/nginx/php5-fpm/drupal8.tpl b/install/debian/7/templates/web/nginx/php5-fpm/drupal8.tpl index 6d0e5bd6..452aa9e6 100644 --- a/install/debian/7/templates/web/nginx/php5-fpm/drupal8.tpl +++ b/install/debian/7/templates/web/nginx/php5-fpm/drupal8.tpl @@ -7,67 +7,62 @@ server { access_log /var/log/nginx/domains/%domain%.bytes bytes; error_log /var/log/nginx/domains/%domain%.error.log error; - location = /favicon.ico { - log_not_found off; - access_log off; - } - - location = /robots.txt { - allow all; - log_not_found off; - access_log off; - } - - location ~* \.(txt|log)$ { - allow 192.168.0.0/16; - deny all; - } - - location ~ \..*/.*\.php$ { - return 403; - } - - location ~ ^/sites/.*/private/ { - return 403; - } - - location ~ ^/sites/[^/]+/files/.*\.php$ { - deny all; - } - - location / { - try_files $uri /index.php?$query_string; - } - - location ~ /vendor/.*\.php$ { - deny all; - return 404; - } - location @rewrite { rewrite ^/(.*)$ /index.php?q=$1; - } + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } - location ~ ^/sites/.*/files/styles/ { - try_files $uri @rewrite; - } + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } - location ~ ^(/[a-z\-]+)?/system/files/ { + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + location ~ /vendor/.*\.php$ { + deny all; + return 404; + } + try_files $uri /index.php?$query_string; - } + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } - location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { - try_files $uri @rewrite; - expires max; - log_not_found off; - } + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } - location ~ '\.php$|^/update.php' { - fastcgi_split_path_info ^(.+?\.php)(|/.*)$; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - fastcgi_pass %backend_lsnr%; - include /etc/nginx/fastcgi_params; - } + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } error_page 403 /error/404.html; error_page 404 /error/404.html; diff --git a/install/debian/8/templates/web/nginx/php5-fpm/drupal6.stpl b/install/debian/8/templates/web/nginx/php5-fpm/drupal6.stpl index 0af7ce84..9d984000 100644 --- a/install/debian/8/templates/web/nginx/php5-fpm/drupal6.stpl +++ b/install/debian/8/templates/web/nginx/php5-fpm/drupal6.stpl @@ -10,63 +10,53 @@ server { ssl on; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; - - location = /favicon.ico { - log_not_found off; - access_log off; - } - - location = /robots.txt { - allow all; - log_not_found off; - access_log off; - } - - location ~* \.(txt|log)$ { - allow 192.168.0.0/16; - deny all; - } - - location ~ \..*/.*\.php$ { - return 403; - } - - location ~ ^/sites/.*/private/ { - return 403; - } - - location ~ ^/sites/[^/]+/files/.*\.php$ { - deny all; - } - - location / { - try_files $uri @rewrite; - } - + location @rewrite { rewrite ^/(.*)$ /index.php?q=$1; - } - - location ~ /vendor/.*\.php$ { - deny all; - return 404; - } + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } - location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + try_files $uri @rewrite; - expires max; - log_not_found off; - } - location ~ ^/sites/.*/files/imagecache/ { - try_files $uri @rewrite; - } + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } - location ~ '\.php$|^/update.php' { - fastcgi_split_path_info ^(.+?\.php)(|/.*)$; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - fastcgi_pass %backend_lsnr%; - include /etc/nginx/fastcgi_params; + location ~ ^/sites/.*/files/imagecache/ { + try_files $uri @rewrite; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } } error_page 403 /error/404.html; diff --git a/install/debian/8/templates/web/nginx/php5-fpm/drupal6.tpl b/install/debian/8/templates/web/nginx/php5-fpm/drupal6.tpl index d1096bff..0ae7568b 100644 --- a/install/debian/8/templates/web/nginx/php5-fpm/drupal6.tpl +++ b/install/debian/8/templates/web/nginx/php5-fpm/drupal6.tpl @@ -7,62 +7,52 @@ server { access_log /var/log/nginx/domains/%domain%.bytes bytes; error_log /var/log/nginx/domains/%domain%.error.log error; - location = /favicon.ico { - log_not_found off; - access_log off; - } - - location = /robots.txt { - allow all; - log_not_found off; - access_log off; - } - - location ~* \.(txt|log)$ { - allow 192.168.0.0/16; - deny all; - } - - location ~ \..*/.*\.php$ { - return 403; - } - - location ~ ^/sites/.*/private/ { - return 403; - } - - location ~ ^/sites/[^/]+/files/.*\.php$ { - deny all; - } - - location / { - try_files $uri @rewrite; - } - location @rewrite { rewrite ^/(.*)$ /index.php?q=$1; } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } - location ~ /vendor/.*\.php$ { - deny all; - return 404; - } + try_files $uri @rewrite; - location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { - try_files $uri @rewrite; - expires max; - log_not_found off; - } + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } - location ~ ^/sites/.*/files/imagecache/ { - try_files $uri @rewrite; - } - - location ~ '\.php$|^/update.php' { - fastcgi_split_path_info ^(.+?\.php)(|/.*)$; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - fastcgi_pass %backend_lsnr%; - include /etc/nginx/fastcgi_params; + location ~ ^/sites/.*/files/imagecache/ { + try_files $uri @rewrite; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } } error_page 403 /error/404.html; diff --git a/install/debian/8/templates/web/nginx/php5-fpm/drupal7.stpl b/install/debian/8/templates/web/nginx/php5-fpm/drupal7.stpl index bdf97f65..0d7930fa 100644 --- a/install/debian/8/templates/web/nginx/php5-fpm/drupal7.stpl +++ b/install/debian/8/templates/web/nginx/php5-fpm/drupal7.stpl @@ -11,66 +11,56 @@ server { ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; - location = /favicon.ico { - log_not_found off; - access_log off; - } - - location = /robots.txt { - allow all; - log_not_found off; - access_log off; - } - - location ~* \.(txt|log)$ { - allow 192.168.0.0/16; - deny all; - } - - location ~ \..*/.*\.php$ { - return 403; - } - - location ~ ^/sites/.*/private/ { - return 403; - } - - location ~ ^/sites/[^/]+/files/.*\.php$ { - deny all; - } - - location / { - try_files $uri /index.php?$query_string; - } - - location ~ /vendor/.*\.php$ { - deny all; - return 404; - } - location @rewrite { rewrite ^/(.*)$ /index.php?q=$1; } - - location ~ ^/sites/.*/files/styles/ { - try_files $uri @rewrite; - } - - location ~ ^(/[a-z\-]+)?/system/files/ { - try_files $uri /index.php?$query_string; - } - - location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { - try_files $uri @rewrite; - expires max; - log_not_found off; - } - location ~ '\.php$|^/update.php' { - fastcgi_split_path_info ^(.+?\.php)(|/.*)$; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - fastcgi_pass %backend_lsnr%; - include /etc/nginx/fastcgi_params; + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + try_files $uri /index.php?$query_string; + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } + + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } } error_page 403 /error/404.html; diff --git a/install/debian/8/templates/web/nginx/php5-fpm/drupal7.tpl b/install/debian/8/templates/web/nginx/php5-fpm/drupal7.tpl index 14f0c833..6b41f319 100644 --- a/install/debian/8/templates/web/nginx/php5-fpm/drupal7.tpl +++ b/install/debian/8/templates/web/nginx/php5-fpm/drupal7.tpl @@ -7,66 +7,56 @@ server { access_log /var/log/nginx/domains/%domain%.bytes bytes; error_log /var/log/nginx/domains/%domain%.error.log error; - location = /favicon.ico { - log_not_found off; - access_log off; - } - - location = /robots.txt { - allow all; - log_not_found off; - access_log off; - } - - location ~* \.(txt|log)$ { - allow 192.168.0.0/16; - deny all; - } - - location ~ \..*/.*\.php$ { - return 403; - } - - location ~ ^/sites/.*/private/ { - return 403; - } - - location ~ ^/sites/[^/]+/files/.*\.php$ { - deny all; - } - - location / { - try_files $uri /index.php?$query_string; - } - - location ~ /vendor/.*\.php$ { - deny all; - return 404; - } - location @rewrite { rewrite ^/(.*)$ /index.php?q=$1; } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } - location ~ ^/sites/.*/files/styles/ { - try_files $uri @rewrite; - } + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } - location ~ ^(/[a-z\-]+)?/system/files/ { try_files $uri /index.php?$query_string; - } - location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { - try_files $uri @rewrite; - expires max; - log_not_found off; - } + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } - location ~ '\.php$|^/update.php' { - fastcgi_split_path_info ^(.+?\.php)(|/.*)$; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - fastcgi_pass %backend_lsnr%; - include /etc/nginx/fastcgi_params; + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } } error_page 403 /error/404.html; diff --git a/install/debian/8/templates/web/nginx/php5-fpm/drupal8.stpl b/install/debian/8/templates/web/nginx/php5-fpm/drupal8.stpl index bdf97f65..6fd64db6 100644 --- a/install/debian/8/templates/web/nginx/php5-fpm/drupal8.stpl +++ b/install/debian/8/templates/web/nginx/php5-fpm/drupal8.stpl @@ -11,67 +11,62 @@ server { ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; - location = /favicon.ico { - log_not_found off; - access_log off; - } - - location = /robots.txt { - allow all; - log_not_found off; - access_log off; - } - - location ~* \.(txt|log)$ { - allow 192.168.0.0/16; - deny all; - } - - location ~ \..*/.*\.php$ { - return 403; - } - - location ~ ^/sites/.*/private/ { - return 403; - } - - location ~ ^/sites/[^/]+/files/.*\.php$ { - deny all; - } - - location / { - try_files $uri /index.php?$query_string; - } - - location ~ /vendor/.*\.php$ { - deny all; - return 404; - } - location @rewrite { rewrite ^/(.*)$ /index.php?q=$1; } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } - location ~ ^/sites/.*/files/styles/ { - try_files $uri @rewrite; - } + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } - location ~ ^(/[a-z\-]+)?/system/files/ { + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + location ~ /vendor/.*\.php$ { + deny all; + return 404; + } + try_files $uri /index.php?$query_string; - } + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } - location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { - try_files $uri @rewrite; - expires max; - log_not_found off; - } - - location ~ '\.php$|^/update.php' { - fastcgi_split_path_info ^(.+?\.php)(|/.*)$; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - fastcgi_pass %backend_lsnr%; - include /etc/nginx/fastcgi_params; - } + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } error_page 403 /error/404.html; error_page 404 /error/404.html; diff --git a/install/debian/8/templates/web/nginx/php5-fpm/drupal8.tpl b/install/debian/8/templates/web/nginx/php5-fpm/drupal8.tpl index 6d0e5bd6..452aa9e6 100644 --- a/install/debian/8/templates/web/nginx/php5-fpm/drupal8.tpl +++ b/install/debian/8/templates/web/nginx/php5-fpm/drupal8.tpl @@ -7,67 +7,62 @@ server { access_log /var/log/nginx/domains/%domain%.bytes bytes; error_log /var/log/nginx/domains/%domain%.error.log error; - location = /favicon.ico { - log_not_found off; - access_log off; - } - - location = /robots.txt { - allow all; - log_not_found off; - access_log off; - } - - location ~* \.(txt|log)$ { - allow 192.168.0.0/16; - deny all; - } - - location ~ \..*/.*\.php$ { - return 403; - } - - location ~ ^/sites/.*/private/ { - return 403; - } - - location ~ ^/sites/[^/]+/files/.*\.php$ { - deny all; - } - - location / { - try_files $uri /index.php?$query_string; - } - - location ~ /vendor/.*\.php$ { - deny all; - return 404; - } - location @rewrite { rewrite ^/(.*)$ /index.php?q=$1; - } + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } - location ~ ^/sites/.*/files/styles/ { - try_files $uri @rewrite; - } + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } - location ~ ^(/[a-z\-]+)?/system/files/ { + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + location ~ /vendor/.*\.php$ { + deny all; + return 404; + } + try_files $uri /index.php?$query_string; - } + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } - location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { - try_files $uri @rewrite; - expires max; - log_not_found off; - } + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } - location ~ '\.php$|^/update.php' { - fastcgi_split_path_info ^(.+?\.php)(|/.*)$; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - fastcgi_pass %backend_lsnr%; - include /etc/nginx/fastcgi_params; - } + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } error_page 403 /error/404.html; error_page 404 /error/404.html; diff --git a/install/debian/9/templates/web/nginx/php-fpm/drupal6.stpl b/install/debian/9/templates/web/nginx/php-fpm/drupal6.stpl index 0af7ce84..9d984000 100644 --- a/install/debian/9/templates/web/nginx/php-fpm/drupal6.stpl +++ b/install/debian/9/templates/web/nginx/php-fpm/drupal6.stpl @@ -10,63 +10,53 @@ server { ssl on; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; - - location = /favicon.ico { - log_not_found off; - access_log off; - } - - location = /robots.txt { - allow all; - log_not_found off; - access_log off; - } - - location ~* \.(txt|log)$ { - allow 192.168.0.0/16; - deny all; - } - - location ~ \..*/.*\.php$ { - return 403; - } - - location ~ ^/sites/.*/private/ { - return 403; - } - - location ~ ^/sites/[^/]+/files/.*\.php$ { - deny all; - } - - location / { - try_files $uri @rewrite; - } - + location @rewrite { rewrite ^/(.*)$ /index.php?q=$1; - } - - location ~ /vendor/.*\.php$ { - deny all; - return 404; - } + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } - location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + try_files $uri @rewrite; - expires max; - log_not_found off; - } - location ~ ^/sites/.*/files/imagecache/ { - try_files $uri @rewrite; - } + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } - location ~ '\.php$|^/update.php' { - fastcgi_split_path_info ^(.+?\.php)(|/.*)$; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - fastcgi_pass %backend_lsnr%; - include /etc/nginx/fastcgi_params; + location ~ ^/sites/.*/files/imagecache/ { + try_files $uri @rewrite; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } } error_page 403 /error/404.html; diff --git a/install/debian/9/templates/web/nginx/php-fpm/drupal6.tpl b/install/debian/9/templates/web/nginx/php-fpm/drupal6.tpl index d1096bff..0ae7568b 100644 --- a/install/debian/9/templates/web/nginx/php-fpm/drupal6.tpl +++ b/install/debian/9/templates/web/nginx/php-fpm/drupal6.tpl @@ -7,62 +7,52 @@ server { access_log /var/log/nginx/domains/%domain%.bytes bytes; error_log /var/log/nginx/domains/%domain%.error.log error; - location = /favicon.ico { - log_not_found off; - access_log off; - } - - location = /robots.txt { - allow all; - log_not_found off; - access_log off; - } - - location ~* \.(txt|log)$ { - allow 192.168.0.0/16; - deny all; - } - - location ~ \..*/.*\.php$ { - return 403; - } - - location ~ ^/sites/.*/private/ { - return 403; - } - - location ~ ^/sites/[^/]+/files/.*\.php$ { - deny all; - } - - location / { - try_files $uri @rewrite; - } - location @rewrite { rewrite ^/(.*)$ /index.php?q=$1; } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } - location ~ /vendor/.*\.php$ { - deny all; - return 404; - } + try_files $uri @rewrite; - location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { - try_files $uri @rewrite; - expires max; - log_not_found off; - } + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } - location ~ ^/sites/.*/files/imagecache/ { - try_files $uri @rewrite; - } - - location ~ '\.php$|^/update.php' { - fastcgi_split_path_info ^(.+?\.php)(|/.*)$; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - fastcgi_pass %backend_lsnr%; - include /etc/nginx/fastcgi_params; + location ~ ^/sites/.*/files/imagecache/ { + try_files $uri @rewrite; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } } error_page 403 /error/404.html; diff --git a/install/debian/9/templates/web/nginx/php-fpm/drupal7.stpl b/install/debian/9/templates/web/nginx/php-fpm/drupal7.stpl index bdf97f65..0d7930fa 100644 --- a/install/debian/9/templates/web/nginx/php-fpm/drupal7.stpl +++ b/install/debian/9/templates/web/nginx/php-fpm/drupal7.stpl @@ -11,66 +11,56 @@ server { ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; - location = /favicon.ico { - log_not_found off; - access_log off; - } - - location = /robots.txt { - allow all; - log_not_found off; - access_log off; - } - - location ~* \.(txt|log)$ { - allow 192.168.0.0/16; - deny all; - } - - location ~ \..*/.*\.php$ { - return 403; - } - - location ~ ^/sites/.*/private/ { - return 403; - } - - location ~ ^/sites/[^/]+/files/.*\.php$ { - deny all; - } - - location / { - try_files $uri /index.php?$query_string; - } - - location ~ /vendor/.*\.php$ { - deny all; - return 404; - } - location @rewrite { rewrite ^/(.*)$ /index.php?q=$1; } - - location ~ ^/sites/.*/files/styles/ { - try_files $uri @rewrite; - } - - location ~ ^(/[a-z\-]+)?/system/files/ { - try_files $uri /index.php?$query_string; - } - - location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { - try_files $uri @rewrite; - expires max; - log_not_found off; - } - location ~ '\.php$|^/update.php' { - fastcgi_split_path_info ^(.+?\.php)(|/.*)$; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - fastcgi_pass %backend_lsnr%; - include /etc/nginx/fastcgi_params; + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + try_files $uri /index.php?$query_string; + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } + + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } } error_page 403 /error/404.html; diff --git a/install/debian/9/templates/web/nginx/php-fpm/drupal7.tpl b/install/debian/9/templates/web/nginx/php-fpm/drupal7.tpl index 14f0c833..6b41f319 100644 --- a/install/debian/9/templates/web/nginx/php-fpm/drupal7.tpl +++ b/install/debian/9/templates/web/nginx/php-fpm/drupal7.tpl @@ -7,66 +7,56 @@ server { access_log /var/log/nginx/domains/%domain%.bytes bytes; error_log /var/log/nginx/domains/%domain%.error.log error; - location = /favicon.ico { - log_not_found off; - access_log off; - } - - location = /robots.txt { - allow all; - log_not_found off; - access_log off; - } - - location ~* \.(txt|log)$ { - allow 192.168.0.0/16; - deny all; - } - - location ~ \..*/.*\.php$ { - return 403; - } - - location ~ ^/sites/.*/private/ { - return 403; - } - - location ~ ^/sites/[^/]+/files/.*\.php$ { - deny all; - } - - location / { - try_files $uri /index.php?$query_string; - } - - location ~ /vendor/.*\.php$ { - deny all; - return 404; - } - location @rewrite { rewrite ^/(.*)$ /index.php?q=$1; } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } - location ~ ^/sites/.*/files/styles/ { - try_files $uri @rewrite; - } + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } - location ~ ^(/[a-z\-]+)?/system/files/ { try_files $uri /index.php?$query_string; - } - location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { - try_files $uri @rewrite; - expires max; - log_not_found off; - } + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } - location ~ '\.php$|^/update.php' { - fastcgi_split_path_info ^(.+?\.php)(|/.*)$; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - fastcgi_pass %backend_lsnr%; - include /etc/nginx/fastcgi_params; + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } } error_page 403 /error/404.html; diff --git a/install/debian/9/templates/web/nginx/php-fpm/drupal8.stpl b/install/debian/9/templates/web/nginx/php-fpm/drupal8.stpl index bdf97f65..6fd64db6 100644 --- a/install/debian/9/templates/web/nginx/php-fpm/drupal8.stpl +++ b/install/debian/9/templates/web/nginx/php-fpm/drupal8.stpl @@ -11,67 +11,62 @@ server { ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; - location = /favicon.ico { - log_not_found off; - access_log off; - } - - location = /robots.txt { - allow all; - log_not_found off; - access_log off; - } - - location ~* \.(txt|log)$ { - allow 192.168.0.0/16; - deny all; - } - - location ~ \..*/.*\.php$ { - return 403; - } - - location ~ ^/sites/.*/private/ { - return 403; - } - - location ~ ^/sites/[^/]+/files/.*\.php$ { - deny all; - } - - location / { - try_files $uri /index.php?$query_string; - } - - location ~ /vendor/.*\.php$ { - deny all; - return 404; - } - location @rewrite { rewrite ^/(.*)$ /index.php?q=$1; } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } - location ~ ^/sites/.*/files/styles/ { - try_files $uri @rewrite; - } + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } - location ~ ^(/[a-z\-]+)?/system/files/ { + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + location ~ /vendor/.*\.php$ { + deny all; + return 404; + } + try_files $uri /index.php?$query_string; - } + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } - location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { - try_files $uri @rewrite; - expires max; - log_not_found off; - } - - location ~ '\.php$|^/update.php' { - fastcgi_split_path_info ^(.+?\.php)(|/.*)$; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - fastcgi_pass %backend_lsnr%; - include /etc/nginx/fastcgi_params; - } + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } error_page 403 /error/404.html; error_page 404 /error/404.html; diff --git a/install/debian/9/templates/web/nginx/php-fpm/drupal8.tpl b/install/debian/9/templates/web/nginx/php-fpm/drupal8.tpl index 6d0e5bd6..452aa9e6 100644 --- a/install/debian/9/templates/web/nginx/php-fpm/drupal8.tpl +++ b/install/debian/9/templates/web/nginx/php-fpm/drupal8.tpl @@ -7,67 +7,62 @@ server { access_log /var/log/nginx/domains/%domain%.bytes bytes; error_log /var/log/nginx/domains/%domain%.error.log error; - location = /favicon.ico { - log_not_found off; - access_log off; - } - - location = /robots.txt { - allow all; - log_not_found off; - access_log off; - } - - location ~* \.(txt|log)$ { - allow 192.168.0.0/16; - deny all; - } - - location ~ \..*/.*\.php$ { - return 403; - } - - location ~ ^/sites/.*/private/ { - return 403; - } - - location ~ ^/sites/[^/]+/files/.*\.php$ { - deny all; - } - - location / { - try_files $uri /index.php?$query_string; - } - - location ~ /vendor/.*\.php$ { - deny all; - return 404; - } - location @rewrite { rewrite ^/(.*)$ /index.php?q=$1; - } + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } - location ~ ^/sites/.*/files/styles/ { - try_files $uri @rewrite; - } + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } - location ~ ^(/[a-z\-]+)?/system/files/ { + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + location ~ /vendor/.*\.php$ { + deny all; + return 404; + } + try_files $uri /index.php?$query_string; - } + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } - location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { - try_files $uri @rewrite; - expires max; - log_not_found off; - } + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } - location ~ '\.php$|^/update.php' { - fastcgi_split_path_info ^(.+?\.php)(|/.*)$; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - fastcgi_pass %backend_lsnr%; - include /etc/nginx/fastcgi_params; - } + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } error_page 403 /error/404.html; error_page 404 /error/404.html; diff --git a/install/rhel/5/templates/web/nginx/php-fpm/drupal6.stpl b/install/rhel/5/templates/web/nginx/php-fpm/drupal6.stpl index 0af7ce84..9d984000 100644 --- a/install/rhel/5/templates/web/nginx/php-fpm/drupal6.stpl +++ b/install/rhel/5/templates/web/nginx/php-fpm/drupal6.stpl @@ -10,63 +10,53 @@ server { ssl on; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; - - location = /favicon.ico { - log_not_found off; - access_log off; - } - - location = /robots.txt { - allow all; - log_not_found off; - access_log off; - } - - location ~* \.(txt|log)$ { - allow 192.168.0.0/16; - deny all; - } - - location ~ \..*/.*\.php$ { - return 403; - } - - location ~ ^/sites/.*/private/ { - return 403; - } - - location ~ ^/sites/[^/]+/files/.*\.php$ { - deny all; - } - - location / { - try_files $uri @rewrite; - } - + location @rewrite { rewrite ^/(.*)$ /index.php?q=$1; - } - - location ~ /vendor/.*\.php$ { - deny all; - return 404; - } + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } - location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + try_files $uri @rewrite; - expires max; - log_not_found off; - } - location ~ ^/sites/.*/files/imagecache/ { - try_files $uri @rewrite; - } + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } - location ~ '\.php$|^/update.php' { - fastcgi_split_path_info ^(.+?\.php)(|/.*)$; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - fastcgi_pass %backend_lsnr%; - include /etc/nginx/fastcgi_params; + location ~ ^/sites/.*/files/imagecache/ { + try_files $uri @rewrite; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } } error_page 403 /error/404.html; diff --git a/install/rhel/5/templates/web/nginx/php-fpm/drupal6.tpl b/install/rhel/5/templates/web/nginx/php-fpm/drupal6.tpl index d1096bff..0ae7568b 100644 --- a/install/rhel/5/templates/web/nginx/php-fpm/drupal6.tpl +++ b/install/rhel/5/templates/web/nginx/php-fpm/drupal6.tpl @@ -7,62 +7,52 @@ server { access_log /var/log/nginx/domains/%domain%.bytes bytes; error_log /var/log/nginx/domains/%domain%.error.log error; - location = /favicon.ico { - log_not_found off; - access_log off; - } - - location = /robots.txt { - allow all; - log_not_found off; - access_log off; - } - - location ~* \.(txt|log)$ { - allow 192.168.0.0/16; - deny all; - } - - location ~ \..*/.*\.php$ { - return 403; - } - - location ~ ^/sites/.*/private/ { - return 403; - } - - location ~ ^/sites/[^/]+/files/.*\.php$ { - deny all; - } - - location / { - try_files $uri @rewrite; - } - location @rewrite { rewrite ^/(.*)$ /index.php?q=$1; } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } - location ~ /vendor/.*\.php$ { - deny all; - return 404; - } + try_files $uri @rewrite; - location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { - try_files $uri @rewrite; - expires max; - log_not_found off; - } + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } - location ~ ^/sites/.*/files/imagecache/ { - try_files $uri @rewrite; - } - - location ~ '\.php$|^/update.php' { - fastcgi_split_path_info ^(.+?\.php)(|/.*)$; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - fastcgi_pass %backend_lsnr%; - include /etc/nginx/fastcgi_params; + location ~ ^/sites/.*/files/imagecache/ { + try_files $uri @rewrite; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } } error_page 403 /error/404.html; diff --git a/install/rhel/5/templates/web/nginx/php-fpm/drupal7.stpl b/install/rhel/5/templates/web/nginx/php-fpm/drupal7.stpl index bdf97f65..0d7930fa 100644 --- a/install/rhel/5/templates/web/nginx/php-fpm/drupal7.stpl +++ b/install/rhel/5/templates/web/nginx/php-fpm/drupal7.stpl @@ -11,66 +11,56 @@ server { ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; - location = /favicon.ico { - log_not_found off; - access_log off; - } - - location = /robots.txt { - allow all; - log_not_found off; - access_log off; - } - - location ~* \.(txt|log)$ { - allow 192.168.0.0/16; - deny all; - } - - location ~ \..*/.*\.php$ { - return 403; - } - - location ~ ^/sites/.*/private/ { - return 403; - } - - location ~ ^/sites/[^/]+/files/.*\.php$ { - deny all; - } - - location / { - try_files $uri /index.php?$query_string; - } - - location ~ /vendor/.*\.php$ { - deny all; - return 404; - } - location @rewrite { rewrite ^/(.*)$ /index.php?q=$1; } - - location ~ ^/sites/.*/files/styles/ { - try_files $uri @rewrite; - } - - location ~ ^(/[a-z\-]+)?/system/files/ { - try_files $uri /index.php?$query_string; - } - - location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { - try_files $uri @rewrite; - expires max; - log_not_found off; - } - location ~ '\.php$|^/update.php' { - fastcgi_split_path_info ^(.+?\.php)(|/.*)$; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - fastcgi_pass %backend_lsnr%; - include /etc/nginx/fastcgi_params; + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + try_files $uri /index.php?$query_string; + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } + + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } } error_page 403 /error/404.html; diff --git a/install/rhel/5/templates/web/nginx/php-fpm/drupal7.tpl b/install/rhel/5/templates/web/nginx/php-fpm/drupal7.tpl index 14f0c833..6b41f319 100644 --- a/install/rhel/5/templates/web/nginx/php-fpm/drupal7.tpl +++ b/install/rhel/5/templates/web/nginx/php-fpm/drupal7.tpl @@ -7,66 +7,56 @@ server { access_log /var/log/nginx/domains/%domain%.bytes bytes; error_log /var/log/nginx/domains/%domain%.error.log error; - location = /favicon.ico { - log_not_found off; - access_log off; - } - - location = /robots.txt { - allow all; - log_not_found off; - access_log off; - } - - location ~* \.(txt|log)$ { - allow 192.168.0.0/16; - deny all; - } - - location ~ \..*/.*\.php$ { - return 403; - } - - location ~ ^/sites/.*/private/ { - return 403; - } - - location ~ ^/sites/[^/]+/files/.*\.php$ { - deny all; - } - - location / { - try_files $uri /index.php?$query_string; - } - - location ~ /vendor/.*\.php$ { - deny all; - return 404; - } - location @rewrite { rewrite ^/(.*)$ /index.php?q=$1; } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } - location ~ ^/sites/.*/files/styles/ { - try_files $uri @rewrite; - } + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } - location ~ ^(/[a-z\-]+)?/system/files/ { try_files $uri /index.php?$query_string; - } - location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { - try_files $uri @rewrite; - expires max; - log_not_found off; - } + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } - location ~ '\.php$|^/update.php' { - fastcgi_split_path_info ^(.+?\.php)(|/.*)$; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - fastcgi_pass %backend_lsnr%; - include /etc/nginx/fastcgi_params; + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } } error_page 403 /error/404.html; diff --git a/install/rhel/5/templates/web/nginx/php-fpm/drupal8.stpl b/install/rhel/5/templates/web/nginx/php-fpm/drupal8.stpl index bdf97f65..6fd64db6 100644 --- a/install/rhel/5/templates/web/nginx/php-fpm/drupal8.stpl +++ b/install/rhel/5/templates/web/nginx/php-fpm/drupal8.stpl @@ -11,67 +11,62 @@ server { ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; - location = /favicon.ico { - log_not_found off; - access_log off; - } - - location = /robots.txt { - allow all; - log_not_found off; - access_log off; - } - - location ~* \.(txt|log)$ { - allow 192.168.0.0/16; - deny all; - } - - location ~ \..*/.*\.php$ { - return 403; - } - - location ~ ^/sites/.*/private/ { - return 403; - } - - location ~ ^/sites/[^/]+/files/.*\.php$ { - deny all; - } - - location / { - try_files $uri /index.php?$query_string; - } - - location ~ /vendor/.*\.php$ { - deny all; - return 404; - } - location @rewrite { rewrite ^/(.*)$ /index.php?q=$1; } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } - location ~ ^/sites/.*/files/styles/ { - try_files $uri @rewrite; - } + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } - location ~ ^(/[a-z\-]+)?/system/files/ { + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + location ~ /vendor/.*\.php$ { + deny all; + return 404; + } + try_files $uri /index.php?$query_string; - } + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } - location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { - try_files $uri @rewrite; - expires max; - log_not_found off; - } - - location ~ '\.php$|^/update.php' { - fastcgi_split_path_info ^(.+?\.php)(|/.*)$; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - fastcgi_pass %backend_lsnr%; - include /etc/nginx/fastcgi_params; - } + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } error_page 403 /error/404.html; error_page 404 /error/404.html; diff --git a/install/rhel/5/templates/web/nginx/php-fpm/drupal8.tpl b/install/rhel/5/templates/web/nginx/php-fpm/drupal8.tpl index 6d0e5bd6..452aa9e6 100644 --- a/install/rhel/5/templates/web/nginx/php-fpm/drupal8.tpl +++ b/install/rhel/5/templates/web/nginx/php-fpm/drupal8.tpl @@ -7,67 +7,62 @@ server { access_log /var/log/nginx/domains/%domain%.bytes bytes; error_log /var/log/nginx/domains/%domain%.error.log error; - location = /favicon.ico { - log_not_found off; - access_log off; - } - - location = /robots.txt { - allow all; - log_not_found off; - access_log off; - } - - location ~* \.(txt|log)$ { - allow 192.168.0.0/16; - deny all; - } - - location ~ \..*/.*\.php$ { - return 403; - } - - location ~ ^/sites/.*/private/ { - return 403; - } - - location ~ ^/sites/[^/]+/files/.*\.php$ { - deny all; - } - - location / { - try_files $uri /index.php?$query_string; - } - - location ~ /vendor/.*\.php$ { - deny all; - return 404; - } - location @rewrite { rewrite ^/(.*)$ /index.php?q=$1; - } + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } - location ~ ^/sites/.*/files/styles/ { - try_files $uri @rewrite; - } + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } - location ~ ^(/[a-z\-]+)?/system/files/ { + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + location ~ /vendor/.*\.php$ { + deny all; + return 404; + } + try_files $uri /index.php?$query_string; - } + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } - location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { - try_files $uri @rewrite; - expires max; - log_not_found off; - } + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } - location ~ '\.php$|^/update.php' { - fastcgi_split_path_info ^(.+?\.php)(|/.*)$; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - fastcgi_pass %backend_lsnr%; - include /etc/nginx/fastcgi_params; - } + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } error_page 403 /error/404.html; error_page 404 /error/404.html; diff --git a/install/rhel/6/templates/web/nginx/php-fpm/drupal6.stpl b/install/rhel/6/templates/web/nginx/php-fpm/drupal6.stpl index 0af7ce84..9d984000 100644 --- a/install/rhel/6/templates/web/nginx/php-fpm/drupal6.stpl +++ b/install/rhel/6/templates/web/nginx/php-fpm/drupal6.stpl @@ -10,63 +10,53 @@ server { ssl on; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; - - location = /favicon.ico { - log_not_found off; - access_log off; - } - - location = /robots.txt { - allow all; - log_not_found off; - access_log off; - } - - location ~* \.(txt|log)$ { - allow 192.168.0.0/16; - deny all; - } - - location ~ \..*/.*\.php$ { - return 403; - } - - location ~ ^/sites/.*/private/ { - return 403; - } - - location ~ ^/sites/[^/]+/files/.*\.php$ { - deny all; - } - - location / { - try_files $uri @rewrite; - } - + location @rewrite { rewrite ^/(.*)$ /index.php?q=$1; - } - - location ~ /vendor/.*\.php$ { - deny all; - return 404; - } + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } - location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + try_files $uri @rewrite; - expires max; - log_not_found off; - } - location ~ ^/sites/.*/files/imagecache/ { - try_files $uri @rewrite; - } + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } - location ~ '\.php$|^/update.php' { - fastcgi_split_path_info ^(.+?\.php)(|/.*)$; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - fastcgi_pass %backend_lsnr%; - include /etc/nginx/fastcgi_params; + location ~ ^/sites/.*/files/imagecache/ { + try_files $uri @rewrite; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } } error_page 403 /error/404.html; diff --git a/install/rhel/6/templates/web/nginx/php-fpm/drupal6.tpl b/install/rhel/6/templates/web/nginx/php-fpm/drupal6.tpl index d1096bff..0ae7568b 100644 --- a/install/rhel/6/templates/web/nginx/php-fpm/drupal6.tpl +++ b/install/rhel/6/templates/web/nginx/php-fpm/drupal6.tpl @@ -7,62 +7,52 @@ server { access_log /var/log/nginx/domains/%domain%.bytes bytes; error_log /var/log/nginx/domains/%domain%.error.log error; - location = /favicon.ico { - log_not_found off; - access_log off; - } - - location = /robots.txt { - allow all; - log_not_found off; - access_log off; - } - - location ~* \.(txt|log)$ { - allow 192.168.0.0/16; - deny all; - } - - location ~ \..*/.*\.php$ { - return 403; - } - - location ~ ^/sites/.*/private/ { - return 403; - } - - location ~ ^/sites/[^/]+/files/.*\.php$ { - deny all; - } - - location / { - try_files $uri @rewrite; - } - location @rewrite { rewrite ^/(.*)$ /index.php?q=$1; } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } - location ~ /vendor/.*\.php$ { - deny all; - return 404; - } + try_files $uri @rewrite; - location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { - try_files $uri @rewrite; - expires max; - log_not_found off; - } + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } - location ~ ^/sites/.*/files/imagecache/ { - try_files $uri @rewrite; - } - - location ~ '\.php$|^/update.php' { - fastcgi_split_path_info ^(.+?\.php)(|/.*)$; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - fastcgi_pass %backend_lsnr%; - include /etc/nginx/fastcgi_params; + location ~ ^/sites/.*/files/imagecache/ { + try_files $uri @rewrite; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } } error_page 403 /error/404.html; diff --git a/install/rhel/6/templates/web/nginx/php-fpm/drupal7.stpl b/install/rhel/6/templates/web/nginx/php-fpm/drupal7.stpl index bdf97f65..0d7930fa 100644 --- a/install/rhel/6/templates/web/nginx/php-fpm/drupal7.stpl +++ b/install/rhel/6/templates/web/nginx/php-fpm/drupal7.stpl @@ -11,66 +11,56 @@ server { ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; - location = /favicon.ico { - log_not_found off; - access_log off; - } - - location = /robots.txt { - allow all; - log_not_found off; - access_log off; - } - - location ~* \.(txt|log)$ { - allow 192.168.0.0/16; - deny all; - } - - location ~ \..*/.*\.php$ { - return 403; - } - - location ~ ^/sites/.*/private/ { - return 403; - } - - location ~ ^/sites/[^/]+/files/.*\.php$ { - deny all; - } - - location / { - try_files $uri /index.php?$query_string; - } - - location ~ /vendor/.*\.php$ { - deny all; - return 404; - } - location @rewrite { rewrite ^/(.*)$ /index.php?q=$1; } - - location ~ ^/sites/.*/files/styles/ { - try_files $uri @rewrite; - } - - location ~ ^(/[a-z\-]+)?/system/files/ { - try_files $uri /index.php?$query_string; - } - - location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { - try_files $uri @rewrite; - expires max; - log_not_found off; - } - location ~ '\.php$|^/update.php' { - fastcgi_split_path_info ^(.+?\.php)(|/.*)$; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - fastcgi_pass %backend_lsnr%; - include /etc/nginx/fastcgi_params; + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + try_files $uri /index.php?$query_string; + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } + + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } } error_page 403 /error/404.html; diff --git a/install/rhel/6/templates/web/nginx/php-fpm/drupal7.tpl b/install/rhel/6/templates/web/nginx/php-fpm/drupal7.tpl index 14f0c833..6b41f319 100644 --- a/install/rhel/6/templates/web/nginx/php-fpm/drupal7.tpl +++ b/install/rhel/6/templates/web/nginx/php-fpm/drupal7.tpl @@ -7,66 +7,56 @@ server { access_log /var/log/nginx/domains/%domain%.bytes bytes; error_log /var/log/nginx/domains/%domain%.error.log error; - location = /favicon.ico { - log_not_found off; - access_log off; - } - - location = /robots.txt { - allow all; - log_not_found off; - access_log off; - } - - location ~* \.(txt|log)$ { - allow 192.168.0.0/16; - deny all; - } - - location ~ \..*/.*\.php$ { - return 403; - } - - location ~ ^/sites/.*/private/ { - return 403; - } - - location ~ ^/sites/[^/]+/files/.*\.php$ { - deny all; - } - - location / { - try_files $uri /index.php?$query_string; - } - - location ~ /vendor/.*\.php$ { - deny all; - return 404; - } - location @rewrite { rewrite ^/(.*)$ /index.php?q=$1; } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } - location ~ ^/sites/.*/files/styles/ { - try_files $uri @rewrite; - } + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } - location ~ ^(/[a-z\-]+)?/system/files/ { try_files $uri /index.php?$query_string; - } - location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { - try_files $uri @rewrite; - expires max; - log_not_found off; - } + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } - location ~ '\.php$|^/update.php' { - fastcgi_split_path_info ^(.+?\.php)(|/.*)$; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - fastcgi_pass %backend_lsnr%; - include /etc/nginx/fastcgi_params; + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } } error_page 403 /error/404.html; diff --git a/install/rhel/6/templates/web/nginx/php-fpm/drupal8.stpl b/install/rhel/6/templates/web/nginx/php-fpm/drupal8.stpl index bdf97f65..6fd64db6 100644 --- a/install/rhel/6/templates/web/nginx/php-fpm/drupal8.stpl +++ b/install/rhel/6/templates/web/nginx/php-fpm/drupal8.stpl @@ -11,67 +11,62 @@ server { ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; - location = /favicon.ico { - log_not_found off; - access_log off; - } - - location = /robots.txt { - allow all; - log_not_found off; - access_log off; - } - - location ~* \.(txt|log)$ { - allow 192.168.0.0/16; - deny all; - } - - location ~ \..*/.*\.php$ { - return 403; - } - - location ~ ^/sites/.*/private/ { - return 403; - } - - location ~ ^/sites/[^/]+/files/.*\.php$ { - deny all; - } - - location / { - try_files $uri /index.php?$query_string; - } - - location ~ /vendor/.*\.php$ { - deny all; - return 404; - } - location @rewrite { rewrite ^/(.*)$ /index.php?q=$1; } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } - location ~ ^/sites/.*/files/styles/ { - try_files $uri @rewrite; - } + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } - location ~ ^(/[a-z\-]+)?/system/files/ { + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + location ~ /vendor/.*\.php$ { + deny all; + return 404; + } + try_files $uri /index.php?$query_string; - } + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } - location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { - try_files $uri @rewrite; - expires max; - log_not_found off; - } - - location ~ '\.php$|^/update.php' { - fastcgi_split_path_info ^(.+?\.php)(|/.*)$; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - fastcgi_pass %backend_lsnr%; - include /etc/nginx/fastcgi_params; - } + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } error_page 403 /error/404.html; error_page 404 /error/404.html; diff --git a/install/rhel/6/templates/web/nginx/php-fpm/drupal8.tpl b/install/rhel/6/templates/web/nginx/php-fpm/drupal8.tpl index 6d0e5bd6..452aa9e6 100644 --- a/install/rhel/6/templates/web/nginx/php-fpm/drupal8.tpl +++ b/install/rhel/6/templates/web/nginx/php-fpm/drupal8.tpl @@ -7,67 +7,62 @@ server { access_log /var/log/nginx/domains/%domain%.bytes bytes; error_log /var/log/nginx/domains/%domain%.error.log error; - location = /favicon.ico { - log_not_found off; - access_log off; - } - - location = /robots.txt { - allow all; - log_not_found off; - access_log off; - } - - location ~* \.(txt|log)$ { - allow 192.168.0.0/16; - deny all; - } - - location ~ \..*/.*\.php$ { - return 403; - } - - location ~ ^/sites/.*/private/ { - return 403; - } - - location ~ ^/sites/[^/]+/files/.*\.php$ { - deny all; - } - - location / { - try_files $uri /index.php?$query_string; - } - - location ~ /vendor/.*\.php$ { - deny all; - return 404; - } - location @rewrite { rewrite ^/(.*)$ /index.php?q=$1; - } + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } - location ~ ^/sites/.*/files/styles/ { - try_files $uri @rewrite; - } + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } - location ~ ^(/[a-z\-]+)?/system/files/ { + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + location ~ /vendor/.*\.php$ { + deny all; + return 404; + } + try_files $uri /index.php?$query_string; - } + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } - location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { - try_files $uri @rewrite; - expires max; - log_not_found off; - } + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } - location ~ '\.php$|^/update.php' { - fastcgi_split_path_info ^(.+?\.php)(|/.*)$; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - fastcgi_pass %backend_lsnr%; - include /etc/nginx/fastcgi_params; - } + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } error_page 403 /error/404.html; error_page 404 /error/404.html; diff --git a/install/rhel/7/templates/web/nginx/php-fpm/drupal6.stpl b/install/rhel/7/templates/web/nginx/php-fpm/drupal6.stpl index 0af7ce84..9d984000 100644 --- a/install/rhel/7/templates/web/nginx/php-fpm/drupal6.stpl +++ b/install/rhel/7/templates/web/nginx/php-fpm/drupal6.stpl @@ -10,63 +10,53 @@ server { ssl on; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; - - location = /favicon.ico { - log_not_found off; - access_log off; - } - - location = /robots.txt { - allow all; - log_not_found off; - access_log off; - } - - location ~* \.(txt|log)$ { - allow 192.168.0.0/16; - deny all; - } - - location ~ \..*/.*\.php$ { - return 403; - } - - location ~ ^/sites/.*/private/ { - return 403; - } - - location ~ ^/sites/[^/]+/files/.*\.php$ { - deny all; - } - - location / { - try_files $uri @rewrite; - } - + location @rewrite { rewrite ^/(.*)$ /index.php?q=$1; - } - - location ~ /vendor/.*\.php$ { - deny all; - return 404; - } + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } - location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + try_files $uri @rewrite; - expires max; - log_not_found off; - } - location ~ ^/sites/.*/files/imagecache/ { - try_files $uri @rewrite; - } + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } - location ~ '\.php$|^/update.php' { - fastcgi_split_path_info ^(.+?\.php)(|/.*)$; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - fastcgi_pass %backend_lsnr%; - include /etc/nginx/fastcgi_params; + location ~ ^/sites/.*/files/imagecache/ { + try_files $uri @rewrite; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } } error_page 403 /error/404.html; diff --git a/install/rhel/7/templates/web/nginx/php-fpm/drupal6.tpl b/install/rhel/7/templates/web/nginx/php-fpm/drupal6.tpl index d1096bff..0ae7568b 100644 --- a/install/rhel/7/templates/web/nginx/php-fpm/drupal6.tpl +++ b/install/rhel/7/templates/web/nginx/php-fpm/drupal6.tpl @@ -7,62 +7,52 @@ server { access_log /var/log/nginx/domains/%domain%.bytes bytes; error_log /var/log/nginx/domains/%domain%.error.log error; - location = /favicon.ico { - log_not_found off; - access_log off; - } - - location = /robots.txt { - allow all; - log_not_found off; - access_log off; - } - - location ~* \.(txt|log)$ { - allow 192.168.0.0/16; - deny all; - } - - location ~ \..*/.*\.php$ { - return 403; - } - - location ~ ^/sites/.*/private/ { - return 403; - } - - location ~ ^/sites/[^/]+/files/.*\.php$ { - deny all; - } - - location / { - try_files $uri @rewrite; - } - location @rewrite { rewrite ^/(.*)$ /index.php?q=$1; } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } - location ~ /vendor/.*\.php$ { - deny all; - return 404; - } + try_files $uri @rewrite; - location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { - try_files $uri @rewrite; - expires max; - log_not_found off; - } + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } - location ~ ^/sites/.*/files/imagecache/ { - try_files $uri @rewrite; - } - - location ~ '\.php$|^/update.php' { - fastcgi_split_path_info ^(.+?\.php)(|/.*)$; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - fastcgi_pass %backend_lsnr%; - include /etc/nginx/fastcgi_params; + location ~ ^/sites/.*/files/imagecache/ { + try_files $uri @rewrite; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } } error_page 403 /error/404.html; diff --git a/install/rhel/7/templates/web/nginx/php-fpm/drupal7.stpl b/install/rhel/7/templates/web/nginx/php-fpm/drupal7.stpl index bdf97f65..0d7930fa 100644 --- a/install/rhel/7/templates/web/nginx/php-fpm/drupal7.stpl +++ b/install/rhel/7/templates/web/nginx/php-fpm/drupal7.stpl @@ -11,66 +11,56 @@ server { ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; - location = /favicon.ico { - log_not_found off; - access_log off; - } - - location = /robots.txt { - allow all; - log_not_found off; - access_log off; - } - - location ~* \.(txt|log)$ { - allow 192.168.0.0/16; - deny all; - } - - location ~ \..*/.*\.php$ { - return 403; - } - - location ~ ^/sites/.*/private/ { - return 403; - } - - location ~ ^/sites/[^/]+/files/.*\.php$ { - deny all; - } - - location / { - try_files $uri /index.php?$query_string; - } - - location ~ /vendor/.*\.php$ { - deny all; - return 404; - } - location @rewrite { rewrite ^/(.*)$ /index.php?q=$1; } - - location ~ ^/sites/.*/files/styles/ { - try_files $uri @rewrite; - } - - location ~ ^(/[a-z\-]+)?/system/files/ { - try_files $uri /index.php?$query_string; - } - - location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { - try_files $uri @rewrite; - expires max; - log_not_found off; - } - location ~ '\.php$|^/update.php' { - fastcgi_split_path_info ^(.+?\.php)(|/.*)$; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - fastcgi_pass %backend_lsnr%; - include /etc/nginx/fastcgi_params; + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + try_files $uri /index.php?$query_string; + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } + + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } } error_page 403 /error/404.html; diff --git a/install/rhel/7/templates/web/nginx/php-fpm/drupal7.tpl b/install/rhel/7/templates/web/nginx/php-fpm/drupal7.tpl index 14f0c833..6b41f319 100644 --- a/install/rhel/7/templates/web/nginx/php-fpm/drupal7.tpl +++ b/install/rhel/7/templates/web/nginx/php-fpm/drupal7.tpl @@ -7,66 +7,56 @@ server { access_log /var/log/nginx/domains/%domain%.bytes bytes; error_log /var/log/nginx/domains/%domain%.error.log error; - location = /favicon.ico { - log_not_found off; - access_log off; - } - - location = /robots.txt { - allow all; - log_not_found off; - access_log off; - } - - location ~* \.(txt|log)$ { - allow 192.168.0.0/16; - deny all; - } - - location ~ \..*/.*\.php$ { - return 403; - } - - location ~ ^/sites/.*/private/ { - return 403; - } - - location ~ ^/sites/[^/]+/files/.*\.php$ { - deny all; - } - - location / { - try_files $uri /index.php?$query_string; - } - - location ~ /vendor/.*\.php$ { - deny all; - return 404; - } - location @rewrite { rewrite ^/(.*)$ /index.php?q=$1; } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } - location ~ ^/sites/.*/files/styles/ { - try_files $uri @rewrite; - } + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } - location ~ ^(/[a-z\-]+)?/system/files/ { try_files $uri /index.php?$query_string; - } - location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { - try_files $uri @rewrite; - expires max; - log_not_found off; - } + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } - location ~ '\.php$|^/update.php' { - fastcgi_split_path_info ^(.+?\.php)(|/.*)$; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - fastcgi_pass %backend_lsnr%; - include /etc/nginx/fastcgi_params; + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } } error_page 403 /error/404.html; diff --git a/install/rhel/7/templates/web/nginx/php-fpm/drupal8.stpl b/install/rhel/7/templates/web/nginx/php-fpm/drupal8.stpl index bdf97f65..6fd64db6 100644 --- a/install/rhel/7/templates/web/nginx/php-fpm/drupal8.stpl +++ b/install/rhel/7/templates/web/nginx/php-fpm/drupal8.stpl @@ -11,67 +11,62 @@ server { ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; - location = /favicon.ico { - log_not_found off; - access_log off; - } - - location = /robots.txt { - allow all; - log_not_found off; - access_log off; - } - - location ~* \.(txt|log)$ { - allow 192.168.0.0/16; - deny all; - } - - location ~ \..*/.*\.php$ { - return 403; - } - - location ~ ^/sites/.*/private/ { - return 403; - } - - location ~ ^/sites/[^/]+/files/.*\.php$ { - deny all; - } - - location / { - try_files $uri /index.php?$query_string; - } - - location ~ /vendor/.*\.php$ { - deny all; - return 404; - } - location @rewrite { rewrite ^/(.*)$ /index.php?q=$1; } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } - location ~ ^/sites/.*/files/styles/ { - try_files $uri @rewrite; - } + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } - location ~ ^(/[a-z\-]+)?/system/files/ { + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + location ~ /vendor/.*\.php$ { + deny all; + return 404; + } + try_files $uri /index.php?$query_string; - } + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } - location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { - try_files $uri @rewrite; - expires max; - log_not_found off; - } - - location ~ '\.php$|^/update.php' { - fastcgi_split_path_info ^(.+?\.php)(|/.*)$; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - fastcgi_pass %backend_lsnr%; - include /etc/nginx/fastcgi_params; - } + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } error_page 403 /error/404.html; error_page 404 /error/404.html; diff --git a/install/rhel/7/templates/web/nginx/php-fpm/drupal8.tpl b/install/rhel/7/templates/web/nginx/php-fpm/drupal8.tpl index 6d0e5bd6..452aa9e6 100644 --- a/install/rhel/7/templates/web/nginx/php-fpm/drupal8.tpl +++ b/install/rhel/7/templates/web/nginx/php-fpm/drupal8.tpl @@ -7,67 +7,62 @@ server { access_log /var/log/nginx/domains/%domain%.bytes bytes; error_log /var/log/nginx/domains/%domain%.error.log error; - location = /favicon.ico { - log_not_found off; - access_log off; - } - - location = /robots.txt { - allow all; - log_not_found off; - access_log off; - } - - location ~* \.(txt|log)$ { - allow 192.168.0.0/16; - deny all; - } - - location ~ \..*/.*\.php$ { - return 403; - } - - location ~ ^/sites/.*/private/ { - return 403; - } - - location ~ ^/sites/[^/]+/files/.*\.php$ { - deny all; - } - - location / { - try_files $uri /index.php?$query_string; - } - - location ~ /vendor/.*\.php$ { - deny all; - return 404; - } - location @rewrite { rewrite ^/(.*)$ /index.php?q=$1; - } + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } - location ~ ^/sites/.*/files/styles/ { - try_files $uri @rewrite; - } + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } - location ~ ^(/[a-z\-]+)?/system/files/ { + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + location ~ /vendor/.*\.php$ { + deny all; + return 404; + } + try_files $uri /index.php?$query_string; - } + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } - location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { - try_files $uri @rewrite; - expires max; - log_not_found off; - } + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } - location ~ '\.php$|^/update.php' { - fastcgi_split_path_info ^(.+?\.php)(|/.*)$; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - fastcgi_pass %backend_lsnr%; - include /etc/nginx/fastcgi_params; - } + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } error_page 403 /error/404.html; error_page 404 /error/404.html; diff --git a/install/ubuntu/12.04/templates/web/nginx/php-fpm/drupal6.stpl b/install/ubuntu/12.04/templates/web/nginx/php-fpm/drupal6.stpl index 0af7ce84..9d984000 100644 --- a/install/ubuntu/12.04/templates/web/nginx/php-fpm/drupal6.stpl +++ b/install/ubuntu/12.04/templates/web/nginx/php-fpm/drupal6.stpl @@ -10,63 +10,53 @@ server { ssl on; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; - - location = /favicon.ico { - log_not_found off; - access_log off; - } - - location = /robots.txt { - allow all; - log_not_found off; - access_log off; - } - - location ~* \.(txt|log)$ { - allow 192.168.0.0/16; - deny all; - } - - location ~ \..*/.*\.php$ { - return 403; - } - - location ~ ^/sites/.*/private/ { - return 403; - } - - location ~ ^/sites/[^/]+/files/.*\.php$ { - deny all; - } - - location / { - try_files $uri @rewrite; - } - + location @rewrite { rewrite ^/(.*)$ /index.php?q=$1; - } - - location ~ /vendor/.*\.php$ { - deny all; - return 404; - } + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } - location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + try_files $uri @rewrite; - expires max; - log_not_found off; - } - location ~ ^/sites/.*/files/imagecache/ { - try_files $uri @rewrite; - } + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } - location ~ '\.php$|^/update.php' { - fastcgi_split_path_info ^(.+?\.php)(|/.*)$; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - fastcgi_pass %backend_lsnr%; - include /etc/nginx/fastcgi_params; + location ~ ^/sites/.*/files/imagecache/ { + try_files $uri @rewrite; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } } error_page 403 /error/404.html; diff --git a/install/ubuntu/12.04/templates/web/nginx/php-fpm/drupal6.tpl b/install/ubuntu/12.04/templates/web/nginx/php-fpm/drupal6.tpl index d1096bff..0ae7568b 100644 --- a/install/ubuntu/12.04/templates/web/nginx/php-fpm/drupal6.tpl +++ b/install/ubuntu/12.04/templates/web/nginx/php-fpm/drupal6.tpl @@ -7,62 +7,52 @@ server { access_log /var/log/nginx/domains/%domain%.bytes bytes; error_log /var/log/nginx/domains/%domain%.error.log error; - location = /favicon.ico { - log_not_found off; - access_log off; - } - - location = /robots.txt { - allow all; - log_not_found off; - access_log off; - } - - location ~* \.(txt|log)$ { - allow 192.168.0.0/16; - deny all; - } - - location ~ \..*/.*\.php$ { - return 403; - } - - location ~ ^/sites/.*/private/ { - return 403; - } - - location ~ ^/sites/[^/]+/files/.*\.php$ { - deny all; - } - - location / { - try_files $uri @rewrite; - } - location @rewrite { rewrite ^/(.*)$ /index.php?q=$1; } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } - location ~ /vendor/.*\.php$ { - deny all; - return 404; - } + try_files $uri @rewrite; - location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { - try_files $uri @rewrite; - expires max; - log_not_found off; - } + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } - location ~ ^/sites/.*/files/imagecache/ { - try_files $uri @rewrite; - } - - location ~ '\.php$|^/update.php' { - fastcgi_split_path_info ^(.+?\.php)(|/.*)$; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - fastcgi_pass %backend_lsnr%; - include /etc/nginx/fastcgi_params; + location ~ ^/sites/.*/files/imagecache/ { + try_files $uri @rewrite; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } } error_page 403 /error/404.html; diff --git a/install/ubuntu/12.04/templates/web/nginx/php-fpm/drupal7.stpl b/install/ubuntu/12.04/templates/web/nginx/php-fpm/drupal7.stpl index bdf97f65..0d7930fa 100644 --- a/install/ubuntu/12.04/templates/web/nginx/php-fpm/drupal7.stpl +++ b/install/ubuntu/12.04/templates/web/nginx/php-fpm/drupal7.stpl @@ -11,66 +11,56 @@ server { ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; - location = /favicon.ico { - log_not_found off; - access_log off; - } - - location = /robots.txt { - allow all; - log_not_found off; - access_log off; - } - - location ~* \.(txt|log)$ { - allow 192.168.0.0/16; - deny all; - } - - location ~ \..*/.*\.php$ { - return 403; - } - - location ~ ^/sites/.*/private/ { - return 403; - } - - location ~ ^/sites/[^/]+/files/.*\.php$ { - deny all; - } - - location / { - try_files $uri /index.php?$query_string; - } - - location ~ /vendor/.*\.php$ { - deny all; - return 404; - } - location @rewrite { rewrite ^/(.*)$ /index.php?q=$1; } - - location ~ ^/sites/.*/files/styles/ { - try_files $uri @rewrite; - } - - location ~ ^(/[a-z\-]+)?/system/files/ { - try_files $uri /index.php?$query_string; - } - - location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { - try_files $uri @rewrite; - expires max; - log_not_found off; - } - location ~ '\.php$|^/update.php' { - fastcgi_split_path_info ^(.+?\.php)(|/.*)$; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - fastcgi_pass %backend_lsnr%; - include /etc/nginx/fastcgi_params; + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + try_files $uri /index.php?$query_string; + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } + + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } } error_page 403 /error/404.html; diff --git a/install/ubuntu/12.04/templates/web/nginx/php-fpm/drupal7.tpl b/install/ubuntu/12.04/templates/web/nginx/php-fpm/drupal7.tpl index 14f0c833..6b41f319 100644 --- a/install/ubuntu/12.04/templates/web/nginx/php-fpm/drupal7.tpl +++ b/install/ubuntu/12.04/templates/web/nginx/php-fpm/drupal7.tpl @@ -7,66 +7,56 @@ server { access_log /var/log/nginx/domains/%domain%.bytes bytes; error_log /var/log/nginx/domains/%domain%.error.log error; - location = /favicon.ico { - log_not_found off; - access_log off; - } - - location = /robots.txt { - allow all; - log_not_found off; - access_log off; - } - - location ~* \.(txt|log)$ { - allow 192.168.0.0/16; - deny all; - } - - location ~ \..*/.*\.php$ { - return 403; - } - - location ~ ^/sites/.*/private/ { - return 403; - } - - location ~ ^/sites/[^/]+/files/.*\.php$ { - deny all; - } - - location / { - try_files $uri /index.php?$query_string; - } - - location ~ /vendor/.*\.php$ { - deny all; - return 404; - } - location @rewrite { rewrite ^/(.*)$ /index.php?q=$1; } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } - location ~ ^/sites/.*/files/styles/ { - try_files $uri @rewrite; - } + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } - location ~ ^(/[a-z\-]+)?/system/files/ { try_files $uri /index.php?$query_string; - } - location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { - try_files $uri @rewrite; - expires max; - log_not_found off; - } + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } - location ~ '\.php$|^/update.php' { - fastcgi_split_path_info ^(.+?\.php)(|/.*)$; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - fastcgi_pass %backend_lsnr%; - include /etc/nginx/fastcgi_params; + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } } error_page 403 /error/404.html; diff --git a/install/ubuntu/12.04/templates/web/nginx/php-fpm/drupal8.stpl b/install/ubuntu/12.04/templates/web/nginx/php-fpm/drupal8.stpl index bdf97f65..6fd64db6 100644 --- a/install/ubuntu/12.04/templates/web/nginx/php-fpm/drupal8.stpl +++ b/install/ubuntu/12.04/templates/web/nginx/php-fpm/drupal8.stpl @@ -11,67 +11,62 @@ server { ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; - location = /favicon.ico { - log_not_found off; - access_log off; - } - - location = /robots.txt { - allow all; - log_not_found off; - access_log off; - } - - location ~* \.(txt|log)$ { - allow 192.168.0.0/16; - deny all; - } - - location ~ \..*/.*\.php$ { - return 403; - } - - location ~ ^/sites/.*/private/ { - return 403; - } - - location ~ ^/sites/[^/]+/files/.*\.php$ { - deny all; - } - - location / { - try_files $uri /index.php?$query_string; - } - - location ~ /vendor/.*\.php$ { - deny all; - return 404; - } - location @rewrite { rewrite ^/(.*)$ /index.php?q=$1; } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } - location ~ ^/sites/.*/files/styles/ { - try_files $uri @rewrite; - } + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } - location ~ ^(/[a-z\-]+)?/system/files/ { + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + location ~ /vendor/.*\.php$ { + deny all; + return 404; + } + try_files $uri /index.php?$query_string; - } + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } - location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { - try_files $uri @rewrite; - expires max; - log_not_found off; - } - - location ~ '\.php$|^/update.php' { - fastcgi_split_path_info ^(.+?\.php)(|/.*)$; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - fastcgi_pass %backend_lsnr%; - include /etc/nginx/fastcgi_params; - } + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } error_page 403 /error/404.html; error_page 404 /error/404.html; diff --git a/install/ubuntu/12.04/templates/web/nginx/php-fpm/drupal8.tpl b/install/ubuntu/12.04/templates/web/nginx/php-fpm/drupal8.tpl index 6d0e5bd6..452aa9e6 100644 --- a/install/ubuntu/12.04/templates/web/nginx/php-fpm/drupal8.tpl +++ b/install/ubuntu/12.04/templates/web/nginx/php-fpm/drupal8.tpl @@ -7,67 +7,62 @@ server { access_log /var/log/nginx/domains/%domain%.bytes bytes; error_log /var/log/nginx/domains/%domain%.error.log error; - location = /favicon.ico { - log_not_found off; - access_log off; - } - - location = /robots.txt { - allow all; - log_not_found off; - access_log off; - } - - location ~* \.(txt|log)$ { - allow 192.168.0.0/16; - deny all; - } - - location ~ \..*/.*\.php$ { - return 403; - } - - location ~ ^/sites/.*/private/ { - return 403; - } - - location ~ ^/sites/[^/]+/files/.*\.php$ { - deny all; - } - - location / { - try_files $uri /index.php?$query_string; - } - - location ~ /vendor/.*\.php$ { - deny all; - return 404; - } - location @rewrite { rewrite ^/(.*)$ /index.php?q=$1; - } + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } - location ~ ^/sites/.*/files/styles/ { - try_files $uri @rewrite; - } + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } - location ~ ^(/[a-z\-]+)?/system/files/ { + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + location ~ /vendor/.*\.php$ { + deny all; + return 404; + } + try_files $uri /index.php?$query_string; - } + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } - location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { - try_files $uri @rewrite; - expires max; - log_not_found off; - } + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } - location ~ '\.php$|^/update.php' { - fastcgi_split_path_info ^(.+?\.php)(|/.*)$; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - fastcgi_pass %backend_lsnr%; - include /etc/nginx/fastcgi_params; - } + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } error_page 403 /error/404.html; error_page 404 /error/404.html; diff --git a/install/ubuntu/12.10/templates/web/nginx/php-fpm/drupal6.stpl b/install/ubuntu/12.10/templates/web/nginx/php-fpm/drupal6.stpl index 0af7ce84..9d984000 100644 --- a/install/ubuntu/12.10/templates/web/nginx/php-fpm/drupal6.stpl +++ b/install/ubuntu/12.10/templates/web/nginx/php-fpm/drupal6.stpl @@ -10,63 +10,53 @@ server { ssl on; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; - - location = /favicon.ico { - log_not_found off; - access_log off; - } - - location = /robots.txt { - allow all; - log_not_found off; - access_log off; - } - - location ~* \.(txt|log)$ { - allow 192.168.0.0/16; - deny all; - } - - location ~ \..*/.*\.php$ { - return 403; - } - - location ~ ^/sites/.*/private/ { - return 403; - } - - location ~ ^/sites/[^/]+/files/.*\.php$ { - deny all; - } - - location / { - try_files $uri @rewrite; - } - + location @rewrite { rewrite ^/(.*)$ /index.php?q=$1; - } - - location ~ /vendor/.*\.php$ { - deny all; - return 404; - } + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } - location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + try_files $uri @rewrite; - expires max; - log_not_found off; - } - location ~ ^/sites/.*/files/imagecache/ { - try_files $uri @rewrite; - } + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } - location ~ '\.php$|^/update.php' { - fastcgi_split_path_info ^(.+?\.php)(|/.*)$; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - fastcgi_pass %backend_lsnr%; - include /etc/nginx/fastcgi_params; + location ~ ^/sites/.*/files/imagecache/ { + try_files $uri @rewrite; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } } error_page 403 /error/404.html; diff --git a/install/ubuntu/12.10/templates/web/nginx/php-fpm/drupal6.tpl b/install/ubuntu/12.10/templates/web/nginx/php-fpm/drupal6.tpl index d1096bff..0ae7568b 100644 --- a/install/ubuntu/12.10/templates/web/nginx/php-fpm/drupal6.tpl +++ b/install/ubuntu/12.10/templates/web/nginx/php-fpm/drupal6.tpl @@ -7,62 +7,52 @@ server { access_log /var/log/nginx/domains/%domain%.bytes bytes; error_log /var/log/nginx/domains/%domain%.error.log error; - location = /favicon.ico { - log_not_found off; - access_log off; - } - - location = /robots.txt { - allow all; - log_not_found off; - access_log off; - } - - location ~* \.(txt|log)$ { - allow 192.168.0.0/16; - deny all; - } - - location ~ \..*/.*\.php$ { - return 403; - } - - location ~ ^/sites/.*/private/ { - return 403; - } - - location ~ ^/sites/[^/]+/files/.*\.php$ { - deny all; - } - - location / { - try_files $uri @rewrite; - } - location @rewrite { rewrite ^/(.*)$ /index.php?q=$1; } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } - location ~ /vendor/.*\.php$ { - deny all; - return 404; - } + try_files $uri @rewrite; - location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { - try_files $uri @rewrite; - expires max; - log_not_found off; - } + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } - location ~ ^/sites/.*/files/imagecache/ { - try_files $uri @rewrite; - } - - location ~ '\.php$|^/update.php' { - fastcgi_split_path_info ^(.+?\.php)(|/.*)$; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - fastcgi_pass %backend_lsnr%; - include /etc/nginx/fastcgi_params; + location ~ ^/sites/.*/files/imagecache/ { + try_files $uri @rewrite; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } } error_page 403 /error/404.html; diff --git a/install/ubuntu/12.10/templates/web/nginx/php-fpm/drupal7.stpl b/install/ubuntu/12.10/templates/web/nginx/php-fpm/drupal7.stpl index bdf97f65..0d7930fa 100644 --- a/install/ubuntu/12.10/templates/web/nginx/php-fpm/drupal7.stpl +++ b/install/ubuntu/12.10/templates/web/nginx/php-fpm/drupal7.stpl @@ -11,66 +11,56 @@ server { ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; - location = /favicon.ico { - log_not_found off; - access_log off; - } - - location = /robots.txt { - allow all; - log_not_found off; - access_log off; - } - - location ~* \.(txt|log)$ { - allow 192.168.0.0/16; - deny all; - } - - location ~ \..*/.*\.php$ { - return 403; - } - - location ~ ^/sites/.*/private/ { - return 403; - } - - location ~ ^/sites/[^/]+/files/.*\.php$ { - deny all; - } - - location / { - try_files $uri /index.php?$query_string; - } - - location ~ /vendor/.*\.php$ { - deny all; - return 404; - } - location @rewrite { rewrite ^/(.*)$ /index.php?q=$1; } - - location ~ ^/sites/.*/files/styles/ { - try_files $uri @rewrite; - } - - location ~ ^(/[a-z\-]+)?/system/files/ { - try_files $uri /index.php?$query_string; - } - - location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { - try_files $uri @rewrite; - expires max; - log_not_found off; - } - location ~ '\.php$|^/update.php' { - fastcgi_split_path_info ^(.+?\.php)(|/.*)$; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - fastcgi_pass %backend_lsnr%; - include /etc/nginx/fastcgi_params; + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + try_files $uri /index.php?$query_string; + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } + + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } } error_page 403 /error/404.html; diff --git a/install/ubuntu/12.10/templates/web/nginx/php-fpm/drupal7.tpl b/install/ubuntu/12.10/templates/web/nginx/php-fpm/drupal7.tpl index 14f0c833..6b41f319 100644 --- a/install/ubuntu/12.10/templates/web/nginx/php-fpm/drupal7.tpl +++ b/install/ubuntu/12.10/templates/web/nginx/php-fpm/drupal7.tpl @@ -7,66 +7,56 @@ server { access_log /var/log/nginx/domains/%domain%.bytes bytes; error_log /var/log/nginx/domains/%domain%.error.log error; - location = /favicon.ico { - log_not_found off; - access_log off; - } - - location = /robots.txt { - allow all; - log_not_found off; - access_log off; - } - - location ~* \.(txt|log)$ { - allow 192.168.0.0/16; - deny all; - } - - location ~ \..*/.*\.php$ { - return 403; - } - - location ~ ^/sites/.*/private/ { - return 403; - } - - location ~ ^/sites/[^/]+/files/.*\.php$ { - deny all; - } - - location / { - try_files $uri /index.php?$query_string; - } - - location ~ /vendor/.*\.php$ { - deny all; - return 404; - } - location @rewrite { rewrite ^/(.*)$ /index.php?q=$1; } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } - location ~ ^/sites/.*/files/styles/ { - try_files $uri @rewrite; - } + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } - location ~ ^(/[a-z\-]+)?/system/files/ { try_files $uri /index.php?$query_string; - } - location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { - try_files $uri @rewrite; - expires max; - log_not_found off; - } + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } - location ~ '\.php$|^/update.php' { - fastcgi_split_path_info ^(.+?\.php)(|/.*)$; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - fastcgi_pass %backend_lsnr%; - include /etc/nginx/fastcgi_params; + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } } error_page 403 /error/404.html; diff --git a/install/ubuntu/12.10/templates/web/nginx/php-fpm/drupal8.stpl b/install/ubuntu/12.10/templates/web/nginx/php-fpm/drupal8.stpl index bdf97f65..6fd64db6 100644 --- a/install/ubuntu/12.10/templates/web/nginx/php-fpm/drupal8.stpl +++ b/install/ubuntu/12.10/templates/web/nginx/php-fpm/drupal8.stpl @@ -11,67 +11,62 @@ server { ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; - location = /favicon.ico { - log_not_found off; - access_log off; - } - - location = /robots.txt { - allow all; - log_not_found off; - access_log off; - } - - location ~* \.(txt|log)$ { - allow 192.168.0.0/16; - deny all; - } - - location ~ \..*/.*\.php$ { - return 403; - } - - location ~ ^/sites/.*/private/ { - return 403; - } - - location ~ ^/sites/[^/]+/files/.*\.php$ { - deny all; - } - - location / { - try_files $uri /index.php?$query_string; - } - - location ~ /vendor/.*\.php$ { - deny all; - return 404; - } - location @rewrite { rewrite ^/(.*)$ /index.php?q=$1; } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } - location ~ ^/sites/.*/files/styles/ { - try_files $uri @rewrite; - } + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } - location ~ ^(/[a-z\-]+)?/system/files/ { + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + location ~ /vendor/.*\.php$ { + deny all; + return 404; + } + try_files $uri /index.php?$query_string; - } + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } - location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { - try_files $uri @rewrite; - expires max; - log_not_found off; - } - - location ~ '\.php$|^/update.php' { - fastcgi_split_path_info ^(.+?\.php)(|/.*)$; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - fastcgi_pass %backend_lsnr%; - include /etc/nginx/fastcgi_params; - } + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } error_page 403 /error/404.html; error_page 404 /error/404.html; diff --git a/install/ubuntu/12.10/templates/web/nginx/php-fpm/drupal8.tpl b/install/ubuntu/12.10/templates/web/nginx/php-fpm/drupal8.tpl index 6d0e5bd6..452aa9e6 100644 --- a/install/ubuntu/12.10/templates/web/nginx/php-fpm/drupal8.tpl +++ b/install/ubuntu/12.10/templates/web/nginx/php-fpm/drupal8.tpl @@ -7,67 +7,62 @@ server { access_log /var/log/nginx/domains/%domain%.bytes bytes; error_log /var/log/nginx/domains/%domain%.error.log error; - location = /favicon.ico { - log_not_found off; - access_log off; - } - - location = /robots.txt { - allow all; - log_not_found off; - access_log off; - } - - location ~* \.(txt|log)$ { - allow 192.168.0.0/16; - deny all; - } - - location ~ \..*/.*\.php$ { - return 403; - } - - location ~ ^/sites/.*/private/ { - return 403; - } - - location ~ ^/sites/[^/]+/files/.*\.php$ { - deny all; - } - - location / { - try_files $uri /index.php?$query_string; - } - - location ~ /vendor/.*\.php$ { - deny all; - return 404; - } - location @rewrite { rewrite ^/(.*)$ /index.php?q=$1; - } + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } - location ~ ^/sites/.*/files/styles/ { - try_files $uri @rewrite; - } + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } - location ~ ^(/[a-z\-]+)?/system/files/ { + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + location ~ /vendor/.*\.php$ { + deny all; + return 404; + } + try_files $uri /index.php?$query_string; - } + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } - location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { - try_files $uri @rewrite; - expires max; - log_not_found off; - } + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } - location ~ '\.php$|^/update.php' { - fastcgi_split_path_info ^(.+?\.php)(|/.*)$; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - fastcgi_pass %backend_lsnr%; - include /etc/nginx/fastcgi_params; - } + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } error_page 403 /error/404.html; error_page 404 /error/404.html; diff --git a/install/ubuntu/13.04/templates/web/nginx/php-fpm/drupal6.stpl b/install/ubuntu/13.04/templates/web/nginx/php-fpm/drupal6.stpl index 0af7ce84..9d984000 100644 --- a/install/ubuntu/13.04/templates/web/nginx/php-fpm/drupal6.stpl +++ b/install/ubuntu/13.04/templates/web/nginx/php-fpm/drupal6.stpl @@ -10,63 +10,53 @@ server { ssl on; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; - - location = /favicon.ico { - log_not_found off; - access_log off; - } - - location = /robots.txt { - allow all; - log_not_found off; - access_log off; - } - - location ~* \.(txt|log)$ { - allow 192.168.0.0/16; - deny all; - } - - location ~ \..*/.*\.php$ { - return 403; - } - - location ~ ^/sites/.*/private/ { - return 403; - } - - location ~ ^/sites/[^/]+/files/.*\.php$ { - deny all; - } - - location / { - try_files $uri @rewrite; - } - + location @rewrite { rewrite ^/(.*)$ /index.php?q=$1; - } - - location ~ /vendor/.*\.php$ { - deny all; - return 404; - } + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } - location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + try_files $uri @rewrite; - expires max; - log_not_found off; - } - location ~ ^/sites/.*/files/imagecache/ { - try_files $uri @rewrite; - } + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } - location ~ '\.php$|^/update.php' { - fastcgi_split_path_info ^(.+?\.php)(|/.*)$; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - fastcgi_pass %backend_lsnr%; - include /etc/nginx/fastcgi_params; + location ~ ^/sites/.*/files/imagecache/ { + try_files $uri @rewrite; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } } error_page 403 /error/404.html; diff --git a/install/ubuntu/13.04/templates/web/nginx/php-fpm/drupal6.tpl b/install/ubuntu/13.04/templates/web/nginx/php-fpm/drupal6.tpl index d1096bff..0ae7568b 100644 --- a/install/ubuntu/13.04/templates/web/nginx/php-fpm/drupal6.tpl +++ b/install/ubuntu/13.04/templates/web/nginx/php-fpm/drupal6.tpl @@ -7,62 +7,52 @@ server { access_log /var/log/nginx/domains/%domain%.bytes bytes; error_log /var/log/nginx/domains/%domain%.error.log error; - location = /favicon.ico { - log_not_found off; - access_log off; - } - - location = /robots.txt { - allow all; - log_not_found off; - access_log off; - } - - location ~* \.(txt|log)$ { - allow 192.168.0.0/16; - deny all; - } - - location ~ \..*/.*\.php$ { - return 403; - } - - location ~ ^/sites/.*/private/ { - return 403; - } - - location ~ ^/sites/[^/]+/files/.*\.php$ { - deny all; - } - - location / { - try_files $uri @rewrite; - } - location @rewrite { rewrite ^/(.*)$ /index.php?q=$1; } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } - location ~ /vendor/.*\.php$ { - deny all; - return 404; - } + try_files $uri @rewrite; - location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { - try_files $uri @rewrite; - expires max; - log_not_found off; - } + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } - location ~ ^/sites/.*/files/imagecache/ { - try_files $uri @rewrite; - } - - location ~ '\.php$|^/update.php' { - fastcgi_split_path_info ^(.+?\.php)(|/.*)$; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - fastcgi_pass %backend_lsnr%; - include /etc/nginx/fastcgi_params; + location ~ ^/sites/.*/files/imagecache/ { + try_files $uri @rewrite; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } } error_page 403 /error/404.html; diff --git a/install/ubuntu/13.04/templates/web/nginx/php-fpm/drupal7.stpl b/install/ubuntu/13.04/templates/web/nginx/php-fpm/drupal7.stpl index bdf97f65..0d7930fa 100644 --- a/install/ubuntu/13.04/templates/web/nginx/php-fpm/drupal7.stpl +++ b/install/ubuntu/13.04/templates/web/nginx/php-fpm/drupal7.stpl @@ -11,66 +11,56 @@ server { ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; - location = /favicon.ico { - log_not_found off; - access_log off; - } - - location = /robots.txt { - allow all; - log_not_found off; - access_log off; - } - - location ~* \.(txt|log)$ { - allow 192.168.0.0/16; - deny all; - } - - location ~ \..*/.*\.php$ { - return 403; - } - - location ~ ^/sites/.*/private/ { - return 403; - } - - location ~ ^/sites/[^/]+/files/.*\.php$ { - deny all; - } - - location / { - try_files $uri /index.php?$query_string; - } - - location ~ /vendor/.*\.php$ { - deny all; - return 404; - } - location @rewrite { rewrite ^/(.*)$ /index.php?q=$1; } - - location ~ ^/sites/.*/files/styles/ { - try_files $uri @rewrite; - } - - location ~ ^(/[a-z\-]+)?/system/files/ { - try_files $uri /index.php?$query_string; - } - - location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { - try_files $uri @rewrite; - expires max; - log_not_found off; - } - location ~ '\.php$|^/update.php' { - fastcgi_split_path_info ^(.+?\.php)(|/.*)$; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - fastcgi_pass %backend_lsnr%; - include /etc/nginx/fastcgi_params; + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + try_files $uri /index.php?$query_string; + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } + + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } } error_page 403 /error/404.html; diff --git a/install/ubuntu/13.04/templates/web/nginx/php-fpm/drupal7.tpl b/install/ubuntu/13.04/templates/web/nginx/php-fpm/drupal7.tpl index 14f0c833..6b41f319 100644 --- a/install/ubuntu/13.04/templates/web/nginx/php-fpm/drupal7.tpl +++ b/install/ubuntu/13.04/templates/web/nginx/php-fpm/drupal7.tpl @@ -7,66 +7,56 @@ server { access_log /var/log/nginx/domains/%domain%.bytes bytes; error_log /var/log/nginx/domains/%domain%.error.log error; - location = /favicon.ico { - log_not_found off; - access_log off; - } - - location = /robots.txt { - allow all; - log_not_found off; - access_log off; - } - - location ~* \.(txt|log)$ { - allow 192.168.0.0/16; - deny all; - } - - location ~ \..*/.*\.php$ { - return 403; - } - - location ~ ^/sites/.*/private/ { - return 403; - } - - location ~ ^/sites/[^/]+/files/.*\.php$ { - deny all; - } - - location / { - try_files $uri /index.php?$query_string; - } - - location ~ /vendor/.*\.php$ { - deny all; - return 404; - } - location @rewrite { rewrite ^/(.*)$ /index.php?q=$1; } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } - location ~ ^/sites/.*/files/styles/ { - try_files $uri @rewrite; - } + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } - location ~ ^(/[a-z\-]+)?/system/files/ { try_files $uri /index.php?$query_string; - } - location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { - try_files $uri @rewrite; - expires max; - log_not_found off; - } + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } - location ~ '\.php$|^/update.php' { - fastcgi_split_path_info ^(.+?\.php)(|/.*)$; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - fastcgi_pass %backend_lsnr%; - include /etc/nginx/fastcgi_params; + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } } error_page 403 /error/404.html; diff --git a/install/ubuntu/13.04/templates/web/nginx/php-fpm/drupal8.stpl b/install/ubuntu/13.04/templates/web/nginx/php-fpm/drupal8.stpl index bdf97f65..6fd64db6 100644 --- a/install/ubuntu/13.04/templates/web/nginx/php-fpm/drupal8.stpl +++ b/install/ubuntu/13.04/templates/web/nginx/php-fpm/drupal8.stpl @@ -11,67 +11,62 @@ server { ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; - location = /favicon.ico { - log_not_found off; - access_log off; - } - - location = /robots.txt { - allow all; - log_not_found off; - access_log off; - } - - location ~* \.(txt|log)$ { - allow 192.168.0.0/16; - deny all; - } - - location ~ \..*/.*\.php$ { - return 403; - } - - location ~ ^/sites/.*/private/ { - return 403; - } - - location ~ ^/sites/[^/]+/files/.*\.php$ { - deny all; - } - - location / { - try_files $uri /index.php?$query_string; - } - - location ~ /vendor/.*\.php$ { - deny all; - return 404; - } - location @rewrite { rewrite ^/(.*)$ /index.php?q=$1; } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } - location ~ ^/sites/.*/files/styles/ { - try_files $uri @rewrite; - } + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } - location ~ ^(/[a-z\-]+)?/system/files/ { + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + location ~ /vendor/.*\.php$ { + deny all; + return 404; + } + try_files $uri /index.php?$query_string; - } + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } - location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { - try_files $uri @rewrite; - expires max; - log_not_found off; - } - - location ~ '\.php$|^/update.php' { - fastcgi_split_path_info ^(.+?\.php)(|/.*)$; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - fastcgi_pass %backend_lsnr%; - include /etc/nginx/fastcgi_params; - } + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } error_page 403 /error/404.html; error_page 404 /error/404.html; diff --git a/install/ubuntu/13.04/templates/web/nginx/php-fpm/drupal8.tpl b/install/ubuntu/13.04/templates/web/nginx/php-fpm/drupal8.tpl index 6d0e5bd6..452aa9e6 100644 --- a/install/ubuntu/13.04/templates/web/nginx/php-fpm/drupal8.tpl +++ b/install/ubuntu/13.04/templates/web/nginx/php-fpm/drupal8.tpl @@ -7,67 +7,62 @@ server { access_log /var/log/nginx/domains/%domain%.bytes bytes; error_log /var/log/nginx/domains/%domain%.error.log error; - location = /favicon.ico { - log_not_found off; - access_log off; - } - - location = /robots.txt { - allow all; - log_not_found off; - access_log off; - } - - location ~* \.(txt|log)$ { - allow 192.168.0.0/16; - deny all; - } - - location ~ \..*/.*\.php$ { - return 403; - } - - location ~ ^/sites/.*/private/ { - return 403; - } - - location ~ ^/sites/[^/]+/files/.*\.php$ { - deny all; - } - - location / { - try_files $uri /index.php?$query_string; - } - - location ~ /vendor/.*\.php$ { - deny all; - return 404; - } - location @rewrite { rewrite ^/(.*)$ /index.php?q=$1; - } + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } - location ~ ^/sites/.*/files/styles/ { - try_files $uri @rewrite; - } + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } - location ~ ^(/[a-z\-]+)?/system/files/ { + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + location ~ /vendor/.*\.php$ { + deny all; + return 404; + } + try_files $uri /index.php?$query_string; - } + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } - location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { - try_files $uri @rewrite; - expires max; - log_not_found off; - } + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } - location ~ '\.php$|^/update.php' { - fastcgi_split_path_info ^(.+?\.php)(|/.*)$; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - fastcgi_pass %backend_lsnr%; - include /etc/nginx/fastcgi_params; - } + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } error_page 403 /error/404.html; error_page 404 /error/404.html; diff --git a/install/ubuntu/13.10/templates/web/nginx/php-fpm/drupal6.stpl b/install/ubuntu/13.10/templates/web/nginx/php-fpm/drupal6.stpl index 0af7ce84..9d984000 100644 --- a/install/ubuntu/13.10/templates/web/nginx/php-fpm/drupal6.stpl +++ b/install/ubuntu/13.10/templates/web/nginx/php-fpm/drupal6.stpl @@ -10,63 +10,53 @@ server { ssl on; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; - - location = /favicon.ico { - log_not_found off; - access_log off; - } - - location = /robots.txt { - allow all; - log_not_found off; - access_log off; - } - - location ~* \.(txt|log)$ { - allow 192.168.0.0/16; - deny all; - } - - location ~ \..*/.*\.php$ { - return 403; - } - - location ~ ^/sites/.*/private/ { - return 403; - } - - location ~ ^/sites/[^/]+/files/.*\.php$ { - deny all; - } - - location / { - try_files $uri @rewrite; - } - + location @rewrite { rewrite ^/(.*)$ /index.php?q=$1; - } - - location ~ /vendor/.*\.php$ { - deny all; - return 404; - } + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } - location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + try_files $uri @rewrite; - expires max; - log_not_found off; - } - location ~ ^/sites/.*/files/imagecache/ { - try_files $uri @rewrite; - } + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } - location ~ '\.php$|^/update.php' { - fastcgi_split_path_info ^(.+?\.php)(|/.*)$; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - fastcgi_pass %backend_lsnr%; - include /etc/nginx/fastcgi_params; + location ~ ^/sites/.*/files/imagecache/ { + try_files $uri @rewrite; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } } error_page 403 /error/404.html; diff --git a/install/ubuntu/13.10/templates/web/nginx/php-fpm/drupal6.tpl b/install/ubuntu/13.10/templates/web/nginx/php-fpm/drupal6.tpl index d1096bff..0ae7568b 100644 --- a/install/ubuntu/13.10/templates/web/nginx/php-fpm/drupal6.tpl +++ b/install/ubuntu/13.10/templates/web/nginx/php-fpm/drupal6.tpl @@ -7,62 +7,52 @@ server { access_log /var/log/nginx/domains/%domain%.bytes bytes; error_log /var/log/nginx/domains/%domain%.error.log error; - location = /favicon.ico { - log_not_found off; - access_log off; - } - - location = /robots.txt { - allow all; - log_not_found off; - access_log off; - } - - location ~* \.(txt|log)$ { - allow 192.168.0.0/16; - deny all; - } - - location ~ \..*/.*\.php$ { - return 403; - } - - location ~ ^/sites/.*/private/ { - return 403; - } - - location ~ ^/sites/[^/]+/files/.*\.php$ { - deny all; - } - - location / { - try_files $uri @rewrite; - } - location @rewrite { rewrite ^/(.*)$ /index.php?q=$1; } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } - location ~ /vendor/.*\.php$ { - deny all; - return 404; - } + try_files $uri @rewrite; - location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { - try_files $uri @rewrite; - expires max; - log_not_found off; - } + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } - location ~ ^/sites/.*/files/imagecache/ { - try_files $uri @rewrite; - } - - location ~ '\.php$|^/update.php' { - fastcgi_split_path_info ^(.+?\.php)(|/.*)$; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - fastcgi_pass %backend_lsnr%; - include /etc/nginx/fastcgi_params; + location ~ ^/sites/.*/files/imagecache/ { + try_files $uri @rewrite; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } } error_page 403 /error/404.html; diff --git a/install/ubuntu/13.10/templates/web/nginx/php-fpm/drupal7.stpl b/install/ubuntu/13.10/templates/web/nginx/php-fpm/drupal7.stpl index bdf97f65..0d7930fa 100644 --- a/install/ubuntu/13.10/templates/web/nginx/php-fpm/drupal7.stpl +++ b/install/ubuntu/13.10/templates/web/nginx/php-fpm/drupal7.stpl @@ -11,66 +11,56 @@ server { ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; - location = /favicon.ico { - log_not_found off; - access_log off; - } - - location = /robots.txt { - allow all; - log_not_found off; - access_log off; - } - - location ~* \.(txt|log)$ { - allow 192.168.0.0/16; - deny all; - } - - location ~ \..*/.*\.php$ { - return 403; - } - - location ~ ^/sites/.*/private/ { - return 403; - } - - location ~ ^/sites/[^/]+/files/.*\.php$ { - deny all; - } - - location / { - try_files $uri /index.php?$query_string; - } - - location ~ /vendor/.*\.php$ { - deny all; - return 404; - } - location @rewrite { rewrite ^/(.*)$ /index.php?q=$1; } - - location ~ ^/sites/.*/files/styles/ { - try_files $uri @rewrite; - } - - location ~ ^(/[a-z\-]+)?/system/files/ { - try_files $uri /index.php?$query_string; - } - - location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { - try_files $uri @rewrite; - expires max; - log_not_found off; - } - location ~ '\.php$|^/update.php' { - fastcgi_split_path_info ^(.+?\.php)(|/.*)$; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - fastcgi_pass %backend_lsnr%; - include /etc/nginx/fastcgi_params; + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + try_files $uri /index.php?$query_string; + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } + + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } } error_page 403 /error/404.html; diff --git a/install/ubuntu/13.10/templates/web/nginx/php-fpm/drupal7.tpl b/install/ubuntu/13.10/templates/web/nginx/php-fpm/drupal7.tpl index 14f0c833..6b41f319 100644 --- a/install/ubuntu/13.10/templates/web/nginx/php-fpm/drupal7.tpl +++ b/install/ubuntu/13.10/templates/web/nginx/php-fpm/drupal7.tpl @@ -7,66 +7,56 @@ server { access_log /var/log/nginx/domains/%domain%.bytes bytes; error_log /var/log/nginx/domains/%domain%.error.log error; - location = /favicon.ico { - log_not_found off; - access_log off; - } - - location = /robots.txt { - allow all; - log_not_found off; - access_log off; - } - - location ~* \.(txt|log)$ { - allow 192.168.0.0/16; - deny all; - } - - location ~ \..*/.*\.php$ { - return 403; - } - - location ~ ^/sites/.*/private/ { - return 403; - } - - location ~ ^/sites/[^/]+/files/.*\.php$ { - deny all; - } - - location / { - try_files $uri /index.php?$query_string; - } - - location ~ /vendor/.*\.php$ { - deny all; - return 404; - } - location @rewrite { rewrite ^/(.*)$ /index.php?q=$1; } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } - location ~ ^/sites/.*/files/styles/ { - try_files $uri @rewrite; - } + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } - location ~ ^(/[a-z\-]+)?/system/files/ { try_files $uri /index.php?$query_string; - } - location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { - try_files $uri @rewrite; - expires max; - log_not_found off; - } + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } - location ~ '\.php$|^/update.php' { - fastcgi_split_path_info ^(.+?\.php)(|/.*)$; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - fastcgi_pass %backend_lsnr%; - include /etc/nginx/fastcgi_params; + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } } error_page 403 /error/404.html; diff --git a/install/ubuntu/13.10/templates/web/nginx/php-fpm/drupal8.stpl b/install/ubuntu/13.10/templates/web/nginx/php-fpm/drupal8.stpl index bdf97f65..6fd64db6 100644 --- a/install/ubuntu/13.10/templates/web/nginx/php-fpm/drupal8.stpl +++ b/install/ubuntu/13.10/templates/web/nginx/php-fpm/drupal8.stpl @@ -11,67 +11,62 @@ server { ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; - location = /favicon.ico { - log_not_found off; - access_log off; - } - - location = /robots.txt { - allow all; - log_not_found off; - access_log off; - } - - location ~* \.(txt|log)$ { - allow 192.168.0.0/16; - deny all; - } - - location ~ \..*/.*\.php$ { - return 403; - } - - location ~ ^/sites/.*/private/ { - return 403; - } - - location ~ ^/sites/[^/]+/files/.*\.php$ { - deny all; - } - - location / { - try_files $uri /index.php?$query_string; - } - - location ~ /vendor/.*\.php$ { - deny all; - return 404; - } - location @rewrite { rewrite ^/(.*)$ /index.php?q=$1; } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } - location ~ ^/sites/.*/files/styles/ { - try_files $uri @rewrite; - } + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } - location ~ ^(/[a-z\-]+)?/system/files/ { + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + location ~ /vendor/.*\.php$ { + deny all; + return 404; + } + try_files $uri /index.php?$query_string; - } + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } - location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { - try_files $uri @rewrite; - expires max; - log_not_found off; - } - - location ~ '\.php$|^/update.php' { - fastcgi_split_path_info ^(.+?\.php)(|/.*)$; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - fastcgi_pass %backend_lsnr%; - include /etc/nginx/fastcgi_params; - } + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } error_page 403 /error/404.html; error_page 404 /error/404.html; diff --git a/install/ubuntu/13.10/templates/web/nginx/php-fpm/drupal8.tpl b/install/ubuntu/13.10/templates/web/nginx/php-fpm/drupal8.tpl index 6d0e5bd6..452aa9e6 100644 --- a/install/ubuntu/13.10/templates/web/nginx/php-fpm/drupal8.tpl +++ b/install/ubuntu/13.10/templates/web/nginx/php-fpm/drupal8.tpl @@ -7,67 +7,62 @@ server { access_log /var/log/nginx/domains/%domain%.bytes bytes; error_log /var/log/nginx/domains/%domain%.error.log error; - location = /favicon.ico { - log_not_found off; - access_log off; - } - - location = /robots.txt { - allow all; - log_not_found off; - access_log off; - } - - location ~* \.(txt|log)$ { - allow 192.168.0.0/16; - deny all; - } - - location ~ \..*/.*\.php$ { - return 403; - } - - location ~ ^/sites/.*/private/ { - return 403; - } - - location ~ ^/sites/[^/]+/files/.*\.php$ { - deny all; - } - - location / { - try_files $uri /index.php?$query_string; - } - - location ~ /vendor/.*\.php$ { - deny all; - return 404; - } - location @rewrite { rewrite ^/(.*)$ /index.php?q=$1; - } + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } - location ~ ^/sites/.*/files/styles/ { - try_files $uri @rewrite; - } + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } - location ~ ^(/[a-z\-]+)?/system/files/ { + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + location ~ /vendor/.*\.php$ { + deny all; + return 404; + } + try_files $uri /index.php?$query_string; - } + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } - location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { - try_files $uri @rewrite; - expires max; - log_not_found off; - } + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } - location ~ '\.php$|^/update.php' { - fastcgi_split_path_info ^(.+?\.php)(|/.*)$; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - fastcgi_pass %backend_lsnr%; - include /etc/nginx/fastcgi_params; - } + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } error_page 403 /error/404.html; error_page 404 /error/404.html; diff --git a/install/ubuntu/14.04/templates/web/nginx/php-fpm/drupal6.stpl b/install/ubuntu/14.04/templates/web/nginx/php-fpm/drupal6.stpl index 0af7ce84..9d984000 100644 --- a/install/ubuntu/14.04/templates/web/nginx/php-fpm/drupal6.stpl +++ b/install/ubuntu/14.04/templates/web/nginx/php-fpm/drupal6.stpl @@ -10,63 +10,53 @@ server { ssl on; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; - - location = /favicon.ico { - log_not_found off; - access_log off; - } - - location = /robots.txt { - allow all; - log_not_found off; - access_log off; - } - - location ~* \.(txt|log)$ { - allow 192.168.0.0/16; - deny all; - } - - location ~ \..*/.*\.php$ { - return 403; - } - - location ~ ^/sites/.*/private/ { - return 403; - } - - location ~ ^/sites/[^/]+/files/.*\.php$ { - deny all; - } - - location / { - try_files $uri @rewrite; - } - + location @rewrite { rewrite ^/(.*)$ /index.php?q=$1; - } - - location ~ /vendor/.*\.php$ { - deny all; - return 404; - } + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } - location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + try_files $uri @rewrite; - expires max; - log_not_found off; - } - location ~ ^/sites/.*/files/imagecache/ { - try_files $uri @rewrite; - } + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } - location ~ '\.php$|^/update.php' { - fastcgi_split_path_info ^(.+?\.php)(|/.*)$; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - fastcgi_pass %backend_lsnr%; - include /etc/nginx/fastcgi_params; + location ~ ^/sites/.*/files/imagecache/ { + try_files $uri @rewrite; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } } error_page 403 /error/404.html; diff --git a/install/ubuntu/14.04/templates/web/nginx/php-fpm/drupal6.tpl b/install/ubuntu/14.04/templates/web/nginx/php-fpm/drupal6.tpl index d1096bff..0ae7568b 100644 --- a/install/ubuntu/14.04/templates/web/nginx/php-fpm/drupal6.tpl +++ b/install/ubuntu/14.04/templates/web/nginx/php-fpm/drupal6.tpl @@ -7,62 +7,52 @@ server { access_log /var/log/nginx/domains/%domain%.bytes bytes; error_log /var/log/nginx/domains/%domain%.error.log error; - location = /favicon.ico { - log_not_found off; - access_log off; - } - - location = /robots.txt { - allow all; - log_not_found off; - access_log off; - } - - location ~* \.(txt|log)$ { - allow 192.168.0.0/16; - deny all; - } - - location ~ \..*/.*\.php$ { - return 403; - } - - location ~ ^/sites/.*/private/ { - return 403; - } - - location ~ ^/sites/[^/]+/files/.*\.php$ { - deny all; - } - - location / { - try_files $uri @rewrite; - } - location @rewrite { rewrite ^/(.*)$ /index.php?q=$1; } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } - location ~ /vendor/.*\.php$ { - deny all; - return 404; - } + try_files $uri @rewrite; - location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { - try_files $uri @rewrite; - expires max; - log_not_found off; - } + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } - location ~ ^/sites/.*/files/imagecache/ { - try_files $uri @rewrite; - } - - location ~ '\.php$|^/update.php' { - fastcgi_split_path_info ^(.+?\.php)(|/.*)$; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - fastcgi_pass %backend_lsnr%; - include /etc/nginx/fastcgi_params; + location ~ ^/sites/.*/files/imagecache/ { + try_files $uri @rewrite; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } } error_page 403 /error/404.html; diff --git a/install/ubuntu/14.04/templates/web/nginx/php-fpm/drupal7.stpl b/install/ubuntu/14.04/templates/web/nginx/php-fpm/drupal7.stpl index bdf97f65..0d7930fa 100644 --- a/install/ubuntu/14.04/templates/web/nginx/php-fpm/drupal7.stpl +++ b/install/ubuntu/14.04/templates/web/nginx/php-fpm/drupal7.stpl @@ -11,66 +11,56 @@ server { ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; - location = /favicon.ico { - log_not_found off; - access_log off; - } - - location = /robots.txt { - allow all; - log_not_found off; - access_log off; - } - - location ~* \.(txt|log)$ { - allow 192.168.0.0/16; - deny all; - } - - location ~ \..*/.*\.php$ { - return 403; - } - - location ~ ^/sites/.*/private/ { - return 403; - } - - location ~ ^/sites/[^/]+/files/.*\.php$ { - deny all; - } - - location / { - try_files $uri /index.php?$query_string; - } - - location ~ /vendor/.*\.php$ { - deny all; - return 404; - } - location @rewrite { rewrite ^/(.*)$ /index.php?q=$1; } - - location ~ ^/sites/.*/files/styles/ { - try_files $uri @rewrite; - } - - location ~ ^(/[a-z\-]+)?/system/files/ { - try_files $uri /index.php?$query_string; - } - - location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { - try_files $uri @rewrite; - expires max; - log_not_found off; - } - location ~ '\.php$|^/update.php' { - fastcgi_split_path_info ^(.+?\.php)(|/.*)$; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - fastcgi_pass %backend_lsnr%; - include /etc/nginx/fastcgi_params; + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + try_files $uri /index.php?$query_string; + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } + + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } } error_page 403 /error/404.html; diff --git a/install/ubuntu/14.04/templates/web/nginx/php-fpm/drupal7.tpl b/install/ubuntu/14.04/templates/web/nginx/php-fpm/drupal7.tpl index 14f0c833..6b41f319 100644 --- a/install/ubuntu/14.04/templates/web/nginx/php-fpm/drupal7.tpl +++ b/install/ubuntu/14.04/templates/web/nginx/php-fpm/drupal7.tpl @@ -7,66 +7,56 @@ server { access_log /var/log/nginx/domains/%domain%.bytes bytes; error_log /var/log/nginx/domains/%domain%.error.log error; - location = /favicon.ico { - log_not_found off; - access_log off; - } - - location = /robots.txt { - allow all; - log_not_found off; - access_log off; - } - - location ~* \.(txt|log)$ { - allow 192.168.0.0/16; - deny all; - } - - location ~ \..*/.*\.php$ { - return 403; - } - - location ~ ^/sites/.*/private/ { - return 403; - } - - location ~ ^/sites/[^/]+/files/.*\.php$ { - deny all; - } - - location / { - try_files $uri /index.php?$query_string; - } - - location ~ /vendor/.*\.php$ { - deny all; - return 404; - } - location @rewrite { rewrite ^/(.*)$ /index.php?q=$1; } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } - location ~ ^/sites/.*/files/styles/ { - try_files $uri @rewrite; - } + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } - location ~ ^(/[a-z\-]+)?/system/files/ { try_files $uri /index.php?$query_string; - } - location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { - try_files $uri @rewrite; - expires max; - log_not_found off; - } + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } - location ~ '\.php$|^/update.php' { - fastcgi_split_path_info ^(.+?\.php)(|/.*)$; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - fastcgi_pass %backend_lsnr%; - include /etc/nginx/fastcgi_params; + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } } error_page 403 /error/404.html; diff --git a/install/ubuntu/14.04/templates/web/nginx/php-fpm/drupal8.stpl b/install/ubuntu/14.04/templates/web/nginx/php-fpm/drupal8.stpl index bdf97f65..6fd64db6 100644 --- a/install/ubuntu/14.04/templates/web/nginx/php-fpm/drupal8.stpl +++ b/install/ubuntu/14.04/templates/web/nginx/php-fpm/drupal8.stpl @@ -11,67 +11,62 @@ server { ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; - location = /favicon.ico { - log_not_found off; - access_log off; - } - - location = /robots.txt { - allow all; - log_not_found off; - access_log off; - } - - location ~* \.(txt|log)$ { - allow 192.168.0.0/16; - deny all; - } - - location ~ \..*/.*\.php$ { - return 403; - } - - location ~ ^/sites/.*/private/ { - return 403; - } - - location ~ ^/sites/[^/]+/files/.*\.php$ { - deny all; - } - - location / { - try_files $uri /index.php?$query_string; - } - - location ~ /vendor/.*\.php$ { - deny all; - return 404; - } - location @rewrite { rewrite ^/(.*)$ /index.php?q=$1; } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } - location ~ ^/sites/.*/files/styles/ { - try_files $uri @rewrite; - } + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } - location ~ ^(/[a-z\-]+)?/system/files/ { + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + location ~ /vendor/.*\.php$ { + deny all; + return 404; + } + try_files $uri /index.php?$query_string; - } + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } - location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { - try_files $uri @rewrite; - expires max; - log_not_found off; - } - - location ~ '\.php$|^/update.php' { - fastcgi_split_path_info ^(.+?\.php)(|/.*)$; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - fastcgi_pass %backend_lsnr%; - include /etc/nginx/fastcgi_params; - } + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } error_page 403 /error/404.html; error_page 404 /error/404.html; diff --git a/install/ubuntu/14.04/templates/web/nginx/php-fpm/drupal8.tpl b/install/ubuntu/14.04/templates/web/nginx/php-fpm/drupal8.tpl index 6d0e5bd6..452aa9e6 100644 --- a/install/ubuntu/14.04/templates/web/nginx/php-fpm/drupal8.tpl +++ b/install/ubuntu/14.04/templates/web/nginx/php-fpm/drupal8.tpl @@ -7,67 +7,62 @@ server { access_log /var/log/nginx/domains/%domain%.bytes bytes; error_log /var/log/nginx/domains/%domain%.error.log error; - location = /favicon.ico { - log_not_found off; - access_log off; - } - - location = /robots.txt { - allow all; - log_not_found off; - access_log off; - } - - location ~* \.(txt|log)$ { - allow 192.168.0.0/16; - deny all; - } - - location ~ \..*/.*\.php$ { - return 403; - } - - location ~ ^/sites/.*/private/ { - return 403; - } - - location ~ ^/sites/[^/]+/files/.*\.php$ { - deny all; - } - - location / { - try_files $uri /index.php?$query_string; - } - - location ~ /vendor/.*\.php$ { - deny all; - return 404; - } - location @rewrite { rewrite ^/(.*)$ /index.php?q=$1; - } + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } - location ~ ^/sites/.*/files/styles/ { - try_files $uri @rewrite; - } + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } - location ~ ^(/[a-z\-]+)?/system/files/ { + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + location ~ /vendor/.*\.php$ { + deny all; + return 404; + } + try_files $uri /index.php?$query_string; - } + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } - location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { - try_files $uri @rewrite; - expires max; - log_not_found off; - } + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } - location ~ '\.php$|^/update.php' { - fastcgi_split_path_info ^(.+?\.php)(|/.*)$; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - fastcgi_pass %backend_lsnr%; - include /etc/nginx/fastcgi_params; - } + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } error_page 403 /error/404.html; error_page 404 /error/404.html; diff --git a/install/ubuntu/14.10/templates/web/nginx/php-fpm/drupal6.stpl b/install/ubuntu/14.10/templates/web/nginx/php-fpm/drupal6.stpl index 0af7ce84..9d984000 100644 --- a/install/ubuntu/14.10/templates/web/nginx/php-fpm/drupal6.stpl +++ b/install/ubuntu/14.10/templates/web/nginx/php-fpm/drupal6.stpl @@ -10,63 +10,53 @@ server { ssl on; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; - - location = /favicon.ico { - log_not_found off; - access_log off; - } - - location = /robots.txt { - allow all; - log_not_found off; - access_log off; - } - - location ~* \.(txt|log)$ { - allow 192.168.0.0/16; - deny all; - } - - location ~ \..*/.*\.php$ { - return 403; - } - - location ~ ^/sites/.*/private/ { - return 403; - } - - location ~ ^/sites/[^/]+/files/.*\.php$ { - deny all; - } - - location / { - try_files $uri @rewrite; - } - + location @rewrite { rewrite ^/(.*)$ /index.php?q=$1; - } - - location ~ /vendor/.*\.php$ { - deny all; - return 404; - } + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } - location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + try_files $uri @rewrite; - expires max; - log_not_found off; - } - location ~ ^/sites/.*/files/imagecache/ { - try_files $uri @rewrite; - } + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } - location ~ '\.php$|^/update.php' { - fastcgi_split_path_info ^(.+?\.php)(|/.*)$; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - fastcgi_pass %backend_lsnr%; - include /etc/nginx/fastcgi_params; + location ~ ^/sites/.*/files/imagecache/ { + try_files $uri @rewrite; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } } error_page 403 /error/404.html; diff --git a/install/ubuntu/14.10/templates/web/nginx/php-fpm/drupal6.tpl b/install/ubuntu/14.10/templates/web/nginx/php-fpm/drupal6.tpl index d1096bff..0ae7568b 100644 --- a/install/ubuntu/14.10/templates/web/nginx/php-fpm/drupal6.tpl +++ b/install/ubuntu/14.10/templates/web/nginx/php-fpm/drupal6.tpl @@ -7,62 +7,52 @@ server { access_log /var/log/nginx/domains/%domain%.bytes bytes; error_log /var/log/nginx/domains/%domain%.error.log error; - location = /favicon.ico { - log_not_found off; - access_log off; - } - - location = /robots.txt { - allow all; - log_not_found off; - access_log off; - } - - location ~* \.(txt|log)$ { - allow 192.168.0.0/16; - deny all; - } - - location ~ \..*/.*\.php$ { - return 403; - } - - location ~ ^/sites/.*/private/ { - return 403; - } - - location ~ ^/sites/[^/]+/files/.*\.php$ { - deny all; - } - - location / { - try_files $uri @rewrite; - } - location @rewrite { rewrite ^/(.*)$ /index.php?q=$1; } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } - location ~ /vendor/.*\.php$ { - deny all; - return 404; - } + try_files $uri @rewrite; - location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { - try_files $uri @rewrite; - expires max; - log_not_found off; - } + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } - location ~ ^/sites/.*/files/imagecache/ { - try_files $uri @rewrite; - } - - location ~ '\.php$|^/update.php' { - fastcgi_split_path_info ^(.+?\.php)(|/.*)$; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - fastcgi_pass %backend_lsnr%; - include /etc/nginx/fastcgi_params; + location ~ ^/sites/.*/files/imagecache/ { + try_files $uri @rewrite; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } } error_page 403 /error/404.html; diff --git a/install/ubuntu/14.10/templates/web/nginx/php-fpm/drupal7.stpl b/install/ubuntu/14.10/templates/web/nginx/php-fpm/drupal7.stpl index bdf97f65..0d7930fa 100644 --- a/install/ubuntu/14.10/templates/web/nginx/php-fpm/drupal7.stpl +++ b/install/ubuntu/14.10/templates/web/nginx/php-fpm/drupal7.stpl @@ -11,66 +11,56 @@ server { ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; - location = /favicon.ico { - log_not_found off; - access_log off; - } - - location = /robots.txt { - allow all; - log_not_found off; - access_log off; - } - - location ~* \.(txt|log)$ { - allow 192.168.0.0/16; - deny all; - } - - location ~ \..*/.*\.php$ { - return 403; - } - - location ~ ^/sites/.*/private/ { - return 403; - } - - location ~ ^/sites/[^/]+/files/.*\.php$ { - deny all; - } - - location / { - try_files $uri /index.php?$query_string; - } - - location ~ /vendor/.*\.php$ { - deny all; - return 404; - } - location @rewrite { rewrite ^/(.*)$ /index.php?q=$1; } - - location ~ ^/sites/.*/files/styles/ { - try_files $uri @rewrite; - } - - location ~ ^(/[a-z\-]+)?/system/files/ { - try_files $uri /index.php?$query_string; - } - - location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { - try_files $uri @rewrite; - expires max; - log_not_found off; - } - location ~ '\.php$|^/update.php' { - fastcgi_split_path_info ^(.+?\.php)(|/.*)$; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - fastcgi_pass %backend_lsnr%; - include /etc/nginx/fastcgi_params; + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + try_files $uri /index.php?$query_string; + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } + + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } } error_page 403 /error/404.html; diff --git a/install/ubuntu/14.10/templates/web/nginx/php-fpm/drupal7.tpl b/install/ubuntu/14.10/templates/web/nginx/php-fpm/drupal7.tpl index 14f0c833..6b41f319 100644 --- a/install/ubuntu/14.10/templates/web/nginx/php-fpm/drupal7.tpl +++ b/install/ubuntu/14.10/templates/web/nginx/php-fpm/drupal7.tpl @@ -7,66 +7,56 @@ server { access_log /var/log/nginx/domains/%domain%.bytes bytes; error_log /var/log/nginx/domains/%domain%.error.log error; - location = /favicon.ico { - log_not_found off; - access_log off; - } - - location = /robots.txt { - allow all; - log_not_found off; - access_log off; - } - - location ~* \.(txt|log)$ { - allow 192.168.0.0/16; - deny all; - } - - location ~ \..*/.*\.php$ { - return 403; - } - - location ~ ^/sites/.*/private/ { - return 403; - } - - location ~ ^/sites/[^/]+/files/.*\.php$ { - deny all; - } - - location / { - try_files $uri /index.php?$query_string; - } - - location ~ /vendor/.*\.php$ { - deny all; - return 404; - } - location @rewrite { rewrite ^/(.*)$ /index.php?q=$1; } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } - location ~ ^/sites/.*/files/styles/ { - try_files $uri @rewrite; - } + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } - location ~ ^(/[a-z\-]+)?/system/files/ { try_files $uri /index.php?$query_string; - } - location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { - try_files $uri @rewrite; - expires max; - log_not_found off; - } + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } - location ~ '\.php$|^/update.php' { - fastcgi_split_path_info ^(.+?\.php)(|/.*)$; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - fastcgi_pass %backend_lsnr%; - include /etc/nginx/fastcgi_params; + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } } error_page 403 /error/404.html; diff --git a/install/ubuntu/14.10/templates/web/nginx/php-fpm/drupal8.stpl b/install/ubuntu/14.10/templates/web/nginx/php-fpm/drupal8.stpl index bdf97f65..6fd64db6 100644 --- a/install/ubuntu/14.10/templates/web/nginx/php-fpm/drupal8.stpl +++ b/install/ubuntu/14.10/templates/web/nginx/php-fpm/drupal8.stpl @@ -11,67 +11,62 @@ server { ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; - location = /favicon.ico { - log_not_found off; - access_log off; - } - - location = /robots.txt { - allow all; - log_not_found off; - access_log off; - } - - location ~* \.(txt|log)$ { - allow 192.168.0.0/16; - deny all; - } - - location ~ \..*/.*\.php$ { - return 403; - } - - location ~ ^/sites/.*/private/ { - return 403; - } - - location ~ ^/sites/[^/]+/files/.*\.php$ { - deny all; - } - - location / { - try_files $uri /index.php?$query_string; - } - - location ~ /vendor/.*\.php$ { - deny all; - return 404; - } - location @rewrite { rewrite ^/(.*)$ /index.php?q=$1; } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } - location ~ ^/sites/.*/files/styles/ { - try_files $uri @rewrite; - } + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } - location ~ ^(/[a-z\-]+)?/system/files/ { + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + location ~ /vendor/.*\.php$ { + deny all; + return 404; + } + try_files $uri /index.php?$query_string; - } + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } - location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { - try_files $uri @rewrite; - expires max; - log_not_found off; - } - - location ~ '\.php$|^/update.php' { - fastcgi_split_path_info ^(.+?\.php)(|/.*)$; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - fastcgi_pass %backend_lsnr%; - include /etc/nginx/fastcgi_params; - } + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } error_page 403 /error/404.html; error_page 404 /error/404.html; diff --git a/install/ubuntu/14.10/templates/web/nginx/php-fpm/drupal8.tpl b/install/ubuntu/14.10/templates/web/nginx/php-fpm/drupal8.tpl index 6d0e5bd6..452aa9e6 100644 --- a/install/ubuntu/14.10/templates/web/nginx/php-fpm/drupal8.tpl +++ b/install/ubuntu/14.10/templates/web/nginx/php-fpm/drupal8.tpl @@ -7,67 +7,62 @@ server { access_log /var/log/nginx/domains/%domain%.bytes bytes; error_log /var/log/nginx/domains/%domain%.error.log error; - location = /favicon.ico { - log_not_found off; - access_log off; - } - - location = /robots.txt { - allow all; - log_not_found off; - access_log off; - } - - location ~* \.(txt|log)$ { - allow 192.168.0.0/16; - deny all; - } - - location ~ \..*/.*\.php$ { - return 403; - } - - location ~ ^/sites/.*/private/ { - return 403; - } - - location ~ ^/sites/[^/]+/files/.*\.php$ { - deny all; - } - - location / { - try_files $uri /index.php?$query_string; - } - - location ~ /vendor/.*\.php$ { - deny all; - return 404; - } - location @rewrite { rewrite ^/(.*)$ /index.php?q=$1; - } + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } - location ~ ^/sites/.*/files/styles/ { - try_files $uri @rewrite; - } + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } - location ~ ^(/[a-z\-]+)?/system/files/ { + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + location ~ /vendor/.*\.php$ { + deny all; + return 404; + } + try_files $uri /index.php?$query_string; - } + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } - location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { - try_files $uri @rewrite; - expires max; - log_not_found off; - } + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } - location ~ '\.php$|^/update.php' { - fastcgi_split_path_info ^(.+?\.php)(|/.*)$; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - fastcgi_pass %backend_lsnr%; - include /etc/nginx/fastcgi_params; - } + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } error_page 403 /error/404.html; error_page 404 /error/404.html; diff --git a/install/ubuntu/15.04/templates/web/nginx/php-fpm/drupal6.stpl b/install/ubuntu/15.04/templates/web/nginx/php-fpm/drupal6.stpl index 0af7ce84..9d984000 100644 --- a/install/ubuntu/15.04/templates/web/nginx/php-fpm/drupal6.stpl +++ b/install/ubuntu/15.04/templates/web/nginx/php-fpm/drupal6.stpl @@ -10,63 +10,53 @@ server { ssl on; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; - - location = /favicon.ico { - log_not_found off; - access_log off; - } - - location = /robots.txt { - allow all; - log_not_found off; - access_log off; - } - - location ~* \.(txt|log)$ { - allow 192.168.0.0/16; - deny all; - } - - location ~ \..*/.*\.php$ { - return 403; - } - - location ~ ^/sites/.*/private/ { - return 403; - } - - location ~ ^/sites/[^/]+/files/.*\.php$ { - deny all; - } - - location / { - try_files $uri @rewrite; - } - + location @rewrite { rewrite ^/(.*)$ /index.php?q=$1; - } - - location ~ /vendor/.*\.php$ { - deny all; - return 404; - } + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } - location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + try_files $uri @rewrite; - expires max; - log_not_found off; - } - location ~ ^/sites/.*/files/imagecache/ { - try_files $uri @rewrite; - } + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } - location ~ '\.php$|^/update.php' { - fastcgi_split_path_info ^(.+?\.php)(|/.*)$; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - fastcgi_pass %backend_lsnr%; - include /etc/nginx/fastcgi_params; + location ~ ^/sites/.*/files/imagecache/ { + try_files $uri @rewrite; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } } error_page 403 /error/404.html; diff --git a/install/ubuntu/15.04/templates/web/nginx/php-fpm/drupal6.tpl b/install/ubuntu/15.04/templates/web/nginx/php-fpm/drupal6.tpl index d1096bff..0ae7568b 100644 --- a/install/ubuntu/15.04/templates/web/nginx/php-fpm/drupal6.tpl +++ b/install/ubuntu/15.04/templates/web/nginx/php-fpm/drupal6.tpl @@ -7,62 +7,52 @@ server { access_log /var/log/nginx/domains/%domain%.bytes bytes; error_log /var/log/nginx/domains/%domain%.error.log error; - location = /favicon.ico { - log_not_found off; - access_log off; - } - - location = /robots.txt { - allow all; - log_not_found off; - access_log off; - } - - location ~* \.(txt|log)$ { - allow 192.168.0.0/16; - deny all; - } - - location ~ \..*/.*\.php$ { - return 403; - } - - location ~ ^/sites/.*/private/ { - return 403; - } - - location ~ ^/sites/[^/]+/files/.*\.php$ { - deny all; - } - - location / { - try_files $uri @rewrite; - } - location @rewrite { rewrite ^/(.*)$ /index.php?q=$1; } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } - location ~ /vendor/.*\.php$ { - deny all; - return 404; - } + try_files $uri @rewrite; - location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { - try_files $uri @rewrite; - expires max; - log_not_found off; - } + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } - location ~ ^/sites/.*/files/imagecache/ { - try_files $uri @rewrite; - } - - location ~ '\.php$|^/update.php' { - fastcgi_split_path_info ^(.+?\.php)(|/.*)$; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - fastcgi_pass %backend_lsnr%; - include /etc/nginx/fastcgi_params; + location ~ ^/sites/.*/files/imagecache/ { + try_files $uri @rewrite; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } } error_page 403 /error/404.html; diff --git a/install/ubuntu/15.04/templates/web/nginx/php-fpm/drupal7.stpl b/install/ubuntu/15.04/templates/web/nginx/php-fpm/drupal7.stpl index bdf97f65..0d7930fa 100644 --- a/install/ubuntu/15.04/templates/web/nginx/php-fpm/drupal7.stpl +++ b/install/ubuntu/15.04/templates/web/nginx/php-fpm/drupal7.stpl @@ -11,66 +11,56 @@ server { ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; - location = /favicon.ico { - log_not_found off; - access_log off; - } - - location = /robots.txt { - allow all; - log_not_found off; - access_log off; - } - - location ~* \.(txt|log)$ { - allow 192.168.0.0/16; - deny all; - } - - location ~ \..*/.*\.php$ { - return 403; - } - - location ~ ^/sites/.*/private/ { - return 403; - } - - location ~ ^/sites/[^/]+/files/.*\.php$ { - deny all; - } - - location / { - try_files $uri /index.php?$query_string; - } - - location ~ /vendor/.*\.php$ { - deny all; - return 404; - } - location @rewrite { rewrite ^/(.*)$ /index.php?q=$1; } - - location ~ ^/sites/.*/files/styles/ { - try_files $uri @rewrite; - } - - location ~ ^(/[a-z\-]+)?/system/files/ { - try_files $uri /index.php?$query_string; - } - - location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { - try_files $uri @rewrite; - expires max; - log_not_found off; - } - location ~ '\.php$|^/update.php' { - fastcgi_split_path_info ^(.+?\.php)(|/.*)$; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - fastcgi_pass %backend_lsnr%; - include /etc/nginx/fastcgi_params; + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + try_files $uri /index.php?$query_string; + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } + + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } } error_page 403 /error/404.html; diff --git a/install/ubuntu/15.04/templates/web/nginx/php-fpm/drupal7.tpl b/install/ubuntu/15.04/templates/web/nginx/php-fpm/drupal7.tpl index 14f0c833..6b41f319 100644 --- a/install/ubuntu/15.04/templates/web/nginx/php-fpm/drupal7.tpl +++ b/install/ubuntu/15.04/templates/web/nginx/php-fpm/drupal7.tpl @@ -7,66 +7,56 @@ server { access_log /var/log/nginx/domains/%domain%.bytes bytes; error_log /var/log/nginx/domains/%domain%.error.log error; - location = /favicon.ico { - log_not_found off; - access_log off; - } - - location = /robots.txt { - allow all; - log_not_found off; - access_log off; - } - - location ~* \.(txt|log)$ { - allow 192.168.0.0/16; - deny all; - } - - location ~ \..*/.*\.php$ { - return 403; - } - - location ~ ^/sites/.*/private/ { - return 403; - } - - location ~ ^/sites/[^/]+/files/.*\.php$ { - deny all; - } - - location / { - try_files $uri /index.php?$query_string; - } - - location ~ /vendor/.*\.php$ { - deny all; - return 404; - } - location @rewrite { rewrite ^/(.*)$ /index.php?q=$1; } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } - location ~ ^/sites/.*/files/styles/ { - try_files $uri @rewrite; - } + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } - location ~ ^(/[a-z\-]+)?/system/files/ { try_files $uri /index.php?$query_string; - } - location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { - try_files $uri @rewrite; - expires max; - log_not_found off; - } + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } - location ~ '\.php$|^/update.php' { - fastcgi_split_path_info ^(.+?\.php)(|/.*)$; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - fastcgi_pass %backend_lsnr%; - include /etc/nginx/fastcgi_params; + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } } error_page 403 /error/404.html; diff --git a/install/ubuntu/15.04/templates/web/nginx/php-fpm/drupal8.stpl b/install/ubuntu/15.04/templates/web/nginx/php-fpm/drupal8.stpl index bdf97f65..6fd64db6 100644 --- a/install/ubuntu/15.04/templates/web/nginx/php-fpm/drupal8.stpl +++ b/install/ubuntu/15.04/templates/web/nginx/php-fpm/drupal8.stpl @@ -11,67 +11,62 @@ server { ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; - location = /favicon.ico { - log_not_found off; - access_log off; - } - - location = /robots.txt { - allow all; - log_not_found off; - access_log off; - } - - location ~* \.(txt|log)$ { - allow 192.168.0.0/16; - deny all; - } - - location ~ \..*/.*\.php$ { - return 403; - } - - location ~ ^/sites/.*/private/ { - return 403; - } - - location ~ ^/sites/[^/]+/files/.*\.php$ { - deny all; - } - - location / { - try_files $uri /index.php?$query_string; - } - - location ~ /vendor/.*\.php$ { - deny all; - return 404; - } - location @rewrite { rewrite ^/(.*)$ /index.php?q=$1; } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } - location ~ ^/sites/.*/files/styles/ { - try_files $uri @rewrite; - } + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } - location ~ ^(/[a-z\-]+)?/system/files/ { + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + location ~ /vendor/.*\.php$ { + deny all; + return 404; + } + try_files $uri /index.php?$query_string; - } + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } - location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { - try_files $uri @rewrite; - expires max; - log_not_found off; - } - - location ~ '\.php$|^/update.php' { - fastcgi_split_path_info ^(.+?\.php)(|/.*)$; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - fastcgi_pass %backend_lsnr%; - include /etc/nginx/fastcgi_params; - } + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } error_page 403 /error/404.html; error_page 404 /error/404.html; diff --git a/install/ubuntu/15.04/templates/web/nginx/php-fpm/drupal8.tpl b/install/ubuntu/15.04/templates/web/nginx/php-fpm/drupal8.tpl index 6d0e5bd6..452aa9e6 100644 --- a/install/ubuntu/15.04/templates/web/nginx/php-fpm/drupal8.tpl +++ b/install/ubuntu/15.04/templates/web/nginx/php-fpm/drupal8.tpl @@ -7,67 +7,62 @@ server { access_log /var/log/nginx/domains/%domain%.bytes bytes; error_log /var/log/nginx/domains/%domain%.error.log error; - location = /favicon.ico { - log_not_found off; - access_log off; - } - - location = /robots.txt { - allow all; - log_not_found off; - access_log off; - } - - location ~* \.(txt|log)$ { - allow 192.168.0.0/16; - deny all; - } - - location ~ \..*/.*\.php$ { - return 403; - } - - location ~ ^/sites/.*/private/ { - return 403; - } - - location ~ ^/sites/[^/]+/files/.*\.php$ { - deny all; - } - - location / { - try_files $uri /index.php?$query_string; - } - - location ~ /vendor/.*\.php$ { - deny all; - return 404; - } - location @rewrite { rewrite ^/(.*)$ /index.php?q=$1; - } + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } - location ~ ^/sites/.*/files/styles/ { - try_files $uri @rewrite; - } + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } - location ~ ^(/[a-z\-]+)?/system/files/ { + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + location ~ /vendor/.*\.php$ { + deny all; + return 404; + } + try_files $uri /index.php?$query_string; - } + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } - location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { - try_files $uri @rewrite; - expires max; - log_not_found off; - } + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } - location ~ '\.php$|^/update.php' { - fastcgi_split_path_info ^(.+?\.php)(|/.*)$; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - fastcgi_pass %backend_lsnr%; - include /etc/nginx/fastcgi_params; - } + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } error_page 403 /error/404.html; error_page 404 /error/404.html; diff --git a/install/ubuntu/15.10/templates/web/nginx/php-fpm/drupal6.stpl b/install/ubuntu/15.10/templates/web/nginx/php-fpm/drupal6.stpl index 0af7ce84..9d984000 100644 --- a/install/ubuntu/15.10/templates/web/nginx/php-fpm/drupal6.stpl +++ b/install/ubuntu/15.10/templates/web/nginx/php-fpm/drupal6.stpl @@ -10,63 +10,53 @@ server { ssl on; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; - - location = /favicon.ico { - log_not_found off; - access_log off; - } - - location = /robots.txt { - allow all; - log_not_found off; - access_log off; - } - - location ~* \.(txt|log)$ { - allow 192.168.0.0/16; - deny all; - } - - location ~ \..*/.*\.php$ { - return 403; - } - - location ~ ^/sites/.*/private/ { - return 403; - } - - location ~ ^/sites/[^/]+/files/.*\.php$ { - deny all; - } - - location / { - try_files $uri @rewrite; - } - + location @rewrite { rewrite ^/(.*)$ /index.php?q=$1; - } - - location ~ /vendor/.*\.php$ { - deny all; - return 404; - } + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } - location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + try_files $uri @rewrite; - expires max; - log_not_found off; - } - location ~ ^/sites/.*/files/imagecache/ { - try_files $uri @rewrite; - } + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } - location ~ '\.php$|^/update.php' { - fastcgi_split_path_info ^(.+?\.php)(|/.*)$; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - fastcgi_pass %backend_lsnr%; - include /etc/nginx/fastcgi_params; + location ~ ^/sites/.*/files/imagecache/ { + try_files $uri @rewrite; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } } error_page 403 /error/404.html; diff --git a/install/ubuntu/15.10/templates/web/nginx/php-fpm/drupal6.tpl b/install/ubuntu/15.10/templates/web/nginx/php-fpm/drupal6.tpl index d1096bff..0ae7568b 100644 --- a/install/ubuntu/15.10/templates/web/nginx/php-fpm/drupal6.tpl +++ b/install/ubuntu/15.10/templates/web/nginx/php-fpm/drupal6.tpl @@ -7,62 +7,52 @@ server { access_log /var/log/nginx/domains/%domain%.bytes bytes; error_log /var/log/nginx/domains/%domain%.error.log error; - location = /favicon.ico { - log_not_found off; - access_log off; - } - - location = /robots.txt { - allow all; - log_not_found off; - access_log off; - } - - location ~* \.(txt|log)$ { - allow 192.168.0.0/16; - deny all; - } - - location ~ \..*/.*\.php$ { - return 403; - } - - location ~ ^/sites/.*/private/ { - return 403; - } - - location ~ ^/sites/[^/]+/files/.*\.php$ { - deny all; - } - - location / { - try_files $uri @rewrite; - } - location @rewrite { rewrite ^/(.*)$ /index.php?q=$1; } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } - location ~ /vendor/.*\.php$ { - deny all; - return 404; - } + try_files $uri @rewrite; - location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { - try_files $uri @rewrite; - expires max; - log_not_found off; - } + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } - location ~ ^/sites/.*/files/imagecache/ { - try_files $uri @rewrite; - } - - location ~ '\.php$|^/update.php' { - fastcgi_split_path_info ^(.+?\.php)(|/.*)$; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - fastcgi_pass %backend_lsnr%; - include /etc/nginx/fastcgi_params; + location ~ ^/sites/.*/files/imagecache/ { + try_files $uri @rewrite; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } } error_page 403 /error/404.html; diff --git a/install/ubuntu/15.10/templates/web/nginx/php-fpm/drupal7.stpl b/install/ubuntu/15.10/templates/web/nginx/php-fpm/drupal7.stpl index bdf97f65..0d7930fa 100644 --- a/install/ubuntu/15.10/templates/web/nginx/php-fpm/drupal7.stpl +++ b/install/ubuntu/15.10/templates/web/nginx/php-fpm/drupal7.stpl @@ -11,66 +11,56 @@ server { ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; - location = /favicon.ico { - log_not_found off; - access_log off; - } - - location = /robots.txt { - allow all; - log_not_found off; - access_log off; - } - - location ~* \.(txt|log)$ { - allow 192.168.0.0/16; - deny all; - } - - location ~ \..*/.*\.php$ { - return 403; - } - - location ~ ^/sites/.*/private/ { - return 403; - } - - location ~ ^/sites/[^/]+/files/.*\.php$ { - deny all; - } - - location / { - try_files $uri /index.php?$query_string; - } - - location ~ /vendor/.*\.php$ { - deny all; - return 404; - } - location @rewrite { rewrite ^/(.*)$ /index.php?q=$1; } - - location ~ ^/sites/.*/files/styles/ { - try_files $uri @rewrite; - } - - location ~ ^(/[a-z\-]+)?/system/files/ { - try_files $uri /index.php?$query_string; - } - - location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { - try_files $uri @rewrite; - expires max; - log_not_found off; - } - location ~ '\.php$|^/update.php' { - fastcgi_split_path_info ^(.+?\.php)(|/.*)$; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - fastcgi_pass %backend_lsnr%; - include /etc/nginx/fastcgi_params; + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + try_files $uri /index.php?$query_string; + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } + + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } } error_page 403 /error/404.html; diff --git a/install/ubuntu/15.10/templates/web/nginx/php-fpm/drupal7.tpl b/install/ubuntu/15.10/templates/web/nginx/php-fpm/drupal7.tpl index 14f0c833..6b41f319 100644 --- a/install/ubuntu/15.10/templates/web/nginx/php-fpm/drupal7.tpl +++ b/install/ubuntu/15.10/templates/web/nginx/php-fpm/drupal7.tpl @@ -7,66 +7,56 @@ server { access_log /var/log/nginx/domains/%domain%.bytes bytes; error_log /var/log/nginx/domains/%domain%.error.log error; - location = /favicon.ico { - log_not_found off; - access_log off; - } - - location = /robots.txt { - allow all; - log_not_found off; - access_log off; - } - - location ~* \.(txt|log)$ { - allow 192.168.0.0/16; - deny all; - } - - location ~ \..*/.*\.php$ { - return 403; - } - - location ~ ^/sites/.*/private/ { - return 403; - } - - location ~ ^/sites/[^/]+/files/.*\.php$ { - deny all; - } - - location / { - try_files $uri /index.php?$query_string; - } - - location ~ /vendor/.*\.php$ { - deny all; - return 404; - } - location @rewrite { rewrite ^/(.*)$ /index.php?q=$1; } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } - location ~ ^/sites/.*/files/styles/ { - try_files $uri @rewrite; - } + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } - location ~ ^(/[a-z\-]+)?/system/files/ { try_files $uri /index.php?$query_string; - } - location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { - try_files $uri @rewrite; - expires max; - log_not_found off; - } + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } - location ~ '\.php$|^/update.php' { - fastcgi_split_path_info ^(.+?\.php)(|/.*)$; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - fastcgi_pass %backend_lsnr%; - include /etc/nginx/fastcgi_params; + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } } error_page 403 /error/404.html; diff --git a/install/ubuntu/15.10/templates/web/nginx/php-fpm/drupal8.stpl b/install/ubuntu/15.10/templates/web/nginx/php-fpm/drupal8.stpl index bdf97f65..6fd64db6 100644 --- a/install/ubuntu/15.10/templates/web/nginx/php-fpm/drupal8.stpl +++ b/install/ubuntu/15.10/templates/web/nginx/php-fpm/drupal8.stpl @@ -11,67 +11,62 @@ server { ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; - location = /favicon.ico { - log_not_found off; - access_log off; - } - - location = /robots.txt { - allow all; - log_not_found off; - access_log off; - } - - location ~* \.(txt|log)$ { - allow 192.168.0.0/16; - deny all; - } - - location ~ \..*/.*\.php$ { - return 403; - } - - location ~ ^/sites/.*/private/ { - return 403; - } - - location ~ ^/sites/[^/]+/files/.*\.php$ { - deny all; - } - - location / { - try_files $uri /index.php?$query_string; - } - - location ~ /vendor/.*\.php$ { - deny all; - return 404; - } - location @rewrite { rewrite ^/(.*)$ /index.php?q=$1; } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } - location ~ ^/sites/.*/files/styles/ { - try_files $uri @rewrite; - } + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } - location ~ ^(/[a-z\-]+)?/system/files/ { + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + location ~ /vendor/.*\.php$ { + deny all; + return 404; + } + try_files $uri /index.php?$query_string; - } + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } - location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { - try_files $uri @rewrite; - expires max; - log_not_found off; - } - - location ~ '\.php$|^/update.php' { - fastcgi_split_path_info ^(.+?\.php)(|/.*)$; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - fastcgi_pass %backend_lsnr%; - include /etc/nginx/fastcgi_params; - } + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } error_page 403 /error/404.html; error_page 404 /error/404.html; diff --git a/install/ubuntu/15.10/templates/web/nginx/php-fpm/drupal8.tpl b/install/ubuntu/15.10/templates/web/nginx/php-fpm/drupal8.tpl index 6d0e5bd6..452aa9e6 100644 --- a/install/ubuntu/15.10/templates/web/nginx/php-fpm/drupal8.tpl +++ b/install/ubuntu/15.10/templates/web/nginx/php-fpm/drupal8.tpl @@ -7,67 +7,62 @@ server { access_log /var/log/nginx/domains/%domain%.bytes bytes; error_log /var/log/nginx/domains/%domain%.error.log error; - location = /favicon.ico { - log_not_found off; - access_log off; - } - - location = /robots.txt { - allow all; - log_not_found off; - access_log off; - } - - location ~* \.(txt|log)$ { - allow 192.168.0.0/16; - deny all; - } - - location ~ \..*/.*\.php$ { - return 403; - } - - location ~ ^/sites/.*/private/ { - return 403; - } - - location ~ ^/sites/[^/]+/files/.*\.php$ { - deny all; - } - - location / { - try_files $uri /index.php?$query_string; - } - - location ~ /vendor/.*\.php$ { - deny all; - return 404; - } - location @rewrite { rewrite ^/(.*)$ /index.php?q=$1; - } + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } - location ~ ^/sites/.*/files/styles/ { - try_files $uri @rewrite; - } + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } - location ~ ^(/[a-z\-]+)?/system/files/ { + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + location ~ /vendor/.*\.php$ { + deny all; + return 404; + } + try_files $uri /index.php?$query_string; - } + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } - location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { - try_files $uri @rewrite; - expires max; - log_not_found off; - } + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } - location ~ '\.php$|^/update.php' { - fastcgi_split_path_info ^(.+?\.php)(|/.*)$; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - fastcgi_pass %backend_lsnr%; - include /etc/nginx/fastcgi_params; - } + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } error_page 403 /error/404.html; error_page 404 /error/404.html; diff --git a/install/ubuntu/16.04/templates/web/nginx/php-fpm/drupal6.stpl b/install/ubuntu/16.04/templates/web/nginx/php-fpm/drupal6.stpl index 0af7ce84..9d984000 100644 --- a/install/ubuntu/16.04/templates/web/nginx/php-fpm/drupal6.stpl +++ b/install/ubuntu/16.04/templates/web/nginx/php-fpm/drupal6.stpl @@ -10,63 +10,53 @@ server { ssl on; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; - - location = /favicon.ico { - log_not_found off; - access_log off; - } - - location = /robots.txt { - allow all; - log_not_found off; - access_log off; - } - - location ~* \.(txt|log)$ { - allow 192.168.0.0/16; - deny all; - } - - location ~ \..*/.*\.php$ { - return 403; - } - - location ~ ^/sites/.*/private/ { - return 403; - } - - location ~ ^/sites/[^/]+/files/.*\.php$ { - deny all; - } - - location / { - try_files $uri @rewrite; - } - + location @rewrite { rewrite ^/(.*)$ /index.php?q=$1; - } - - location ~ /vendor/.*\.php$ { - deny all; - return 404; - } + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } - location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + try_files $uri @rewrite; - expires max; - log_not_found off; - } - location ~ ^/sites/.*/files/imagecache/ { - try_files $uri @rewrite; - } + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } - location ~ '\.php$|^/update.php' { - fastcgi_split_path_info ^(.+?\.php)(|/.*)$; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - fastcgi_pass %backend_lsnr%; - include /etc/nginx/fastcgi_params; + location ~ ^/sites/.*/files/imagecache/ { + try_files $uri @rewrite; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } } error_page 403 /error/404.html; diff --git a/install/ubuntu/16.04/templates/web/nginx/php-fpm/drupal6.tpl b/install/ubuntu/16.04/templates/web/nginx/php-fpm/drupal6.tpl index d1096bff..0ae7568b 100644 --- a/install/ubuntu/16.04/templates/web/nginx/php-fpm/drupal6.tpl +++ b/install/ubuntu/16.04/templates/web/nginx/php-fpm/drupal6.tpl @@ -7,62 +7,52 @@ server { access_log /var/log/nginx/domains/%domain%.bytes bytes; error_log /var/log/nginx/domains/%domain%.error.log error; - location = /favicon.ico { - log_not_found off; - access_log off; - } - - location = /robots.txt { - allow all; - log_not_found off; - access_log off; - } - - location ~* \.(txt|log)$ { - allow 192.168.0.0/16; - deny all; - } - - location ~ \..*/.*\.php$ { - return 403; - } - - location ~ ^/sites/.*/private/ { - return 403; - } - - location ~ ^/sites/[^/]+/files/.*\.php$ { - deny all; - } - - location / { - try_files $uri @rewrite; - } - location @rewrite { rewrite ^/(.*)$ /index.php?q=$1; } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } - location ~ /vendor/.*\.php$ { - deny all; - return 404; - } + try_files $uri @rewrite; - location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { - try_files $uri @rewrite; - expires max; - log_not_found off; - } + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } - location ~ ^/sites/.*/files/imagecache/ { - try_files $uri @rewrite; - } - - location ~ '\.php$|^/update.php' { - fastcgi_split_path_info ^(.+?\.php)(|/.*)$; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - fastcgi_pass %backend_lsnr%; - include /etc/nginx/fastcgi_params; + location ~ ^/sites/.*/files/imagecache/ { + try_files $uri @rewrite; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } } error_page 403 /error/404.html; diff --git a/install/ubuntu/16.04/templates/web/nginx/php-fpm/drupal7.stpl b/install/ubuntu/16.04/templates/web/nginx/php-fpm/drupal7.stpl index bdf97f65..0d7930fa 100644 --- a/install/ubuntu/16.04/templates/web/nginx/php-fpm/drupal7.stpl +++ b/install/ubuntu/16.04/templates/web/nginx/php-fpm/drupal7.stpl @@ -11,66 +11,56 @@ server { ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; - location = /favicon.ico { - log_not_found off; - access_log off; - } - - location = /robots.txt { - allow all; - log_not_found off; - access_log off; - } - - location ~* \.(txt|log)$ { - allow 192.168.0.0/16; - deny all; - } - - location ~ \..*/.*\.php$ { - return 403; - } - - location ~ ^/sites/.*/private/ { - return 403; - } - - location ~ ^/sites/[^/]+/files/.*\.php$ { - deny all; - } - - location / { - try_files $uri /index.php?$query_string; - } - - location ~ /vendor/.*\.php$ { - deny all; - return 404; - } - location @rewrite { rewrite ^/(.*)$ /index.php?q=$1; } - - location ~ ^/sites/.*/files/styles/ { - try_files $uri @rewrite; - } - - location ~ ^(/[a-z\-]+)?/system/files/ { - try_files $uri /index.php?$query_string; - } - - location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { - try_files $uri @rewrite; - expires max; - log_not_found off; - } - location ~ '\.php$|^/update.php' { - fastcgi_split_path_info ^(.+?\.php)(|/.*)$; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - fastcgi_pass %backend_lsnr%; - include /etc/nginx/fastcgi_params; + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + try_files $uri /index.php?$query_string; + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } + + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } } error_page 403 /error/404.html; diff --git a/install/ubuntu/16.04/templates/web/nginx/php-fpm/drupal7.tpl b/install/ubuntu/16.04/templates/web/nginx/php-fpm/drupal7.tpl index 14f0c833..6b41f319 100644 --- a/install/ubuntu/16.04/templates/web/nginx/php-fpm/drupal7.tpl +++ b/install/ubuntu/16.04/templates/web/nginx/php-fpm/drupal7.tpl @@ -7,66 +7,56 @@ server { access_log /var/log/nginx/domains/%domain%.bytes bytes; error_log /var/log/nginx/domains/%domain%.error.log error; - location = /favicon.ico { - log_not_found off; - access_log off; - } - - location = /robots.txt { - allow all; - log_not_found off; - access_log off; - } - - location ~* \.(txt|log)$ { - allow 192.168.0.0/16; - deny all; - } - - location ~ \..*/.*\.php$ { - return 403; - } - - location ~ ^/sites/.*/private/ { - return 403; - } - - location ~ ^/sites/[^/]+/files/.*\.php$ { - deny all; - } - - location / { - try_files $uri /index.php?$query_string; - } - - location ~ /vendor/.*\.php$ { - deny all; - return 404; - } - location @rewrite { rewrite ^/(.*)$ /index.php?q=$1; } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } - location ~ ^/sites/.*/files/styles/ { - try_files $uri @rewrite; - } + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } - location ~ ^(/[a-z\-]+)?/system/files/ { try_files $uri /index.php?$query_string; - } - location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { - try_files $uri @rewrite; - expires max; - log_not_found off; - } + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } - location ~ '\.php$|^/update.php' { - fastcgi_split_path_info ^(.+?\.php)(|/.*)$; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - fastcgi_pass %backend_lsnr%; - include /etc/nginx/fastcgi_params; + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } } error_page 403 /error/404.html; diff --git a/install/ubuntu/16.04/templates/web/nginx/php-fpm/drupal8.stpl b/install/ubuntu/16.04/templates/web/nginx/php-fpm/drupal8.stpl index bdf97f65..6fd64db6 100644 --- a/install/ubuntu/16.04/templates/web/nginx/php-fpm/drupal8.stpl +++ b/install/ubuntu/16.04/templates/web/nginx/php-fpm/drupal8.stpl @@ -11,67 +11,62 @@ server { ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; - location = /favicon.ico { - log_not_found off; - access_log off; - } - - location = /robots.txt { - allow all; - log_not_found off; - access_log off; - } - - location ~* \.(txt|log)$ { - allow 192.168.0.0/16; - deny all; - } - - location ~ \..*/.*\.php$ { - return 403; - } - - location ~ ^/sites/.*/private/ { - return 403; - } - - location ~ ^/sites/[^/]+/files/.*\.php$ { - deny all; - } - - location / { - try_files $uri /index.php?$query_string; - } - - location ~ /vendor/.*\.php$ { - deny all; - return 404; - } - location @rewrite { rewrite ^/(.*)$ /index.php?q=$1; } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } - location ~ ^/sites/.*/files/styles/ { - try_files $uri @rewrite; - } + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } - location ~ ^(/[a-z\-]+)?/system/files/ { + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + location ~ /vendor/.*\.php$ { + deny all; + return 404; + } + try_files $uri /index.php?$query_string; - } + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } - location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { - try_files $uri @rewrite; - expires max; - log_not_found off; - } - - location ~ '\.php$|^/update.php' { - fastcgi_split_path_info ^(.+?\.php)(|/.*)$; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - fastcgi_pass %backend_lsnr%; - include /etc/nginx/fastcgi_params; - } + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } error_page 403 /error/404.html; error_page 404 /error/404.html; diff --git a/install/ubuntu/16.04/templates/web/nginx/php-fpm/drupal8.tpl b/install/ubuntu/16.04/templates/web/nginx/php-fpm/drupal8.tpl index 6d0e5bd6..452aa9e6 100644 --- a/install/ubuntu/16.04/templates/web/nginx/php-fpm/drupal8.tpl +++ b/install/ubuntu/16.04/templates/web/nginx/php-fpm/drupal8.tpl @@ -7,67 +7,62 @@ server { access_log /var/log/nginx/domains/%domain%.bytes bytes; error_log /var/log/nginx/domains/%domain%.error.log error; - location = /favicon.ico { - log_not_found off; - access_log off; - } - - location = /robots.txt { - allow all; - log_not_found off; - access_log off; - } - - location ~* \.(txt|log)$ { - allow 192.168.0.0/16; - deny all; - } - - location ~ \..*/.*\.php$ { - return 403; - } - - location ~ ^/sites/.*/private/ { - return 403; - } - - location ~ ^/sites/[^/]+/files/.*\.php$ { - deny all; - } - - location / { - try_files $uri /index.php?$query_string; - } - - location ~ /vendor/.*\.php$ { - deny all; - return 404; - } - location @rewrite { rewrite ^/(.*)$ /index.php?q=$1; - } + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } - location ~ ^/sites/.*/files/styles/ { - try_files $uri @rewrite; - } + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } - location ~ ^(/[a-z\-]+)?/system/files/ { + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + location ~ /vendor/.*\.php$ { + deny all; + return 404; + } + try_files $uri /index.php?$query_string; - } + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } - location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { - try_files $uri @rewrite; - expires max; - log_not_found off; - } + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } - location ~ '\.php$|^/update.php' { - fastcgi_split_path_info ^(.+?\.php)(|/.*)$; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - fastcgi_pass %backend_lsnr%; - include /etc/nginx/fastcgi_params; - } + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } error_page 403 /error/404.html; error_page 404 /error/404.html; diff --git a/install/ubuntu/16.10/templates/web/nginx/php-fpm/drupal6.stpl b/install/ubuntu/16.10/templates/web/nginx/php-fpm/drupal6.stpl index 0af7ce84..9d984000 100644 --- a/install/ubuntu/16.10/templates/web/nginx/php-fpm/drupal6.stpl +++ b/install/ubuntu/16.10/templates/web/nginx/php-fpm/drupal6.stpl @@ -10,63 +10,53 @@ server { ssl on; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; - - location = /favicon.ico { - log_not_found off; - access_log off; - } - - location = /robots.txt { - allow all; - log_not_found off; - access_log off; - } - - location ~* \.(txt|log)$ { - allow 192.168.0.0/16; - deny all; - } - - location ~ \..*/.*\.php$ { - return 403; - } - - location ~ ^/sites/.*/private/ { - return 403; - } - - location ~ ^/sites/[^/]+/files/.*\.php$ { - deny all; - } - - location / { - try_files $uri @rewrite; - } - + location @rewrite { rewrite ^/(.*)$ /index.php?q=$1; - } - - location ~ /vendor/.*\.php$ { - deny all; - return 404; - } + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } - location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + try_files $uri @rewrite; - expires max; - log_not_found off; - } - location ~ ^/sites/.*/files/imagecache/ { - try_files $uri @rewrite; - } + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } - location ~ '\.php$|^/update.php' { - fastcgi_split_path_info ^(.+?\.php)(|/.*)$; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - fastcgi_pass %backend_lsnr%; - include /etc/nginx/fastcgi_params; + location ~ ^/sites/.*/files/imagecache/ { + try_files $uri @rewrite; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } } error_page 403 /error/404.html; diff --git a/install/ubuntu/16.10/templates/web/nginx/php-fpm/drupal6.tpl b/install/ubuntu/16.10/templates/web/nginx/php-fpm/drupal6.tpl index d1096bff..0ae7568b 100644 --- a/install/ubuntu/16.10/templates/web/nginx/php-fpm/drupal6.tpl +++ b/install/ubuntu/16.10/templates/web/nginx/php-fpm/drupal6.tpl @@ -7,62 +7,52 @@ server { access_log /var/log/nginx/domains/%domain%.bytes bytes; error_log /var/log/nginx/domains/%domain%.error.log error; - location = /favicon.ico { - log_not_found off; - access_log off; - } - - location = /robots.txt { - allow all; - log_not_found off; - access_log off; - } - - location ~* \.(txt|log)$ { - allow 192.168.0.0/16; - deny all; - } - - location ~ \..*/.*\.php$ { - return 403; - } - - location ~ ^/sites/.*/private/ { - return 403; - } - - location ~ ^/sites/[^/]+/files/.*\.php$ { - deny all; - } - - location / { - try_files $uri @rewrite; - } - location @rewrite { rewrite ^/(.*)$ /index.php?q=$1; } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } - location ~ /vendor/.*\.php$ { - deny all; - return 404; - } + try_files $uri @rewrite; - location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { - try_files $uri @rewrite; - expires max; - log_not_found off; - } + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } - location ~ ^/sites/.*/files/imagecache/ { - try_files $uri @rewrite; - } - - location ~ '\.php$|^/update.php' { - fastcgi_split_path_info ^(.+?\.php)(|/.*)$; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - fastcgi_pass %backend_lsnr%; - include /etc/nginx/fastcgi_params; + location ~ ^/sites/.*/files/imagecache/ { + try_files $uri @rewrite; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } } error_page 403 /error/404.html; diff --git a/install/ubuntu/16.10/templates/web/nginx/php-fpm/drupal7.stpl b/install/ubuntu/16.10/templates/web/nginx/php-fpm/drupal7.stpl index bdf97f65..0d7930fa 100644 --- a/install/ubuntu/16.10/templates/web/nginx/php-fpm/drupal7.stpl +++ b/install/ubuntu/16.10/templates/web/nginx/php-fpm/drupal7.stpl @@ -11,66 +11,56 @@ server { ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; - location = /favicon.ico { - log_not_found off; - access_log off; - } - - location = /robots.txt { - allow all; - log_not_found off; - access_log off; - } - - location ~* \.(txt|log)$ { - allow 192.168.0.0/16; - deny all; - } - - location ~ \..*/.*\.php$ { - return 403; - } - - location ~ ^/sites/.*/private/ { - return 403; - } - - location ~ ^/sites/[^/]+/files/.*\.php$ { - deny all; - } - - location / { - try_files $uri /index.php?$query_string; - } - - location ~ /vendor/.*\.php$ { - deny all; - return 404; - } - location @rewrite { rewrite ^/(.*)$ /index.php?q=$1; } - - location ~ ^/sites/.*/files/styles/ { - try_files $uri @rewrite; - } - - location ~ ^(/[a-z\-]+)?/system/files/ { - try_files $uri /index.php?$query_string; - } - - location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { - try_files $uri @rewrite; - expires max; - log_not_found off; - } - location ~ '\.php$|^/update.php' { - fastcgi_split_path_info ^(.+?\.php)(|/.*)$; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - fastcgi_pass %backend_lsnr%; - include /etc/nginx/fastcgi_params; + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + try_files $uri /index.php?$query_string; + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } + + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } } error_page 403 /error/404.html; diff --git a/install/ubuntu/16.10/templates/web/nginx/php-fpm/drupal7.tpl b/install/ubuntu/16.10/templates/web/nginx/php-fpm/drupal7.tpl index 14f0c833..6b41f319 100644 --- a/install/ubuntu/16.10/templates/web/nginx/php-fpm/drupal7.tpl +++ b/install/ubuntu/16.10/templates/web/nginx/php-fpm/drupal7.tpl @@ -7,66 +7,56 @@ server { access_log /var/log/nginx/domains/%domain%.bytes bytes; error_log /var/log/nginx/domains/%domain%.error.log error; - location = /favicon.ico { - log_not_found off; - access_log off; - } - - location = /robots.txt { - allow all; - log_not_found off; - access_log off; - } - - location ~* \.(txt|log)$ { - allow 192.168.0.0/16; - deny all; - } - - location ~ \..*/.*\.php$ { - return 403; - } - - location ~ ^/sites/.*/private/ { - return 403; - } - - location ~ ^/sites/[^/]+/files/.*\.php$ { - deny all; - } - - location / { - try_files $uri /index.php?$query_string; - } - - location ~ /vendor/.*\.php$ { - deny all; - return 404; - } - location @rewrite { rewrite ^/(.*)$ /index.php?q=$1; } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } - location ~ ^/sites/.*/files/styles/ { - try_files $uri @rewrite; - } + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } - location ~ ^(/[a-z\-]+)?/system/files/ { try_files $uri /index.php?$query_string; - } - location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { - try_files $uri @rewrite; - expires max; - log_not_found off; - } + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } - location ~ '\.php$|^/update.php' { - fastcgi_split_path_info ^(.+?\.php)(|/.*)$; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - fastcgi_pass %backend_lsnr%; - include /etc/nginx/fastcgi_params; + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } } error_page 403 /error/404.html; diff --git a/install/ubuntu/16.10/templates/web/nginx/php-fpm/drupal8.stpl b/install/ubuntu/16.10/templates/web/nginx/php-fpm/drupal8.stpl index bdf97f65..6fd64db6 100644 --- a/install/ubuntu/16.10/templates/web/nginx/php-fpm/drupal8.stpl +++ b/install/ubuntu/16.10/templates/web/nginx/php-fpm/drupal8.stpl @@ -11,67 +11,62 @@ server { ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; - location = /favicon.ico { - log_not_found off; - access_log off; - } - - location = /robots.txt { - allow all; - log_not_found off; - access_log off; - } - - location ~* \.(txt|log)$ { - allow 192.168.0.0/16; - deny all; - } - - location ~ \..*/.*\.php$ { - return 403; - } - - location ~ ^/sites/.*/private/ { - return 403; - } - - location ~ ^/sites/[^/]+/files/.*\.php$ { - deny all; - } - - location / { - try_files $uri /index.php?$query_string; - } - - location ~ /vendor/.*\.php$ { - deny all; - return 404; - } - location @rewrite { rewrite ^/(.*)$ /index.php?q=$1; } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } - location ~ ^/sites/.*/files/styles/ { - try_files $uri @rewrite; - } + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } - location ~ ^(/[a-z\-]+)?/system/files/ { + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + location ~ /vendor/.*\.php$ { + deny all; + return 404; + } + try_files $uri /index.php?$query_string; - } + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } - location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { - try_files $uri @rewrite; - expires max; - log_not_found off; - } - - location ~ '\.php$|^/update.php' { - fastcgi_split_path_info ^(.+?\.php)(|/.*)$; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - fastcgi_pass %backend_lsnr%; - include /etc/nginx/fastcgi_params; - } + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } error_page 403 /error/404.html; error_page 404 /error/404.html; diff --git a/install/ubuntu/16.10/templates/web/nginx/php-fpm/drupal8.tpl b/install/ubuntu/16.10/templates/web/nginx/php-fpm/drupal8.tpl index 6d0e5bd6..452aa9e6 100644 --- a/install/ubuntu/16.10/templates/web/nginx/php-fpm/drupal8.tpl +++ b/install/ubuntu/16.10/templates/web/nginx/php-fpm/drupal8.tpl @@ -7,67 +7,62 @@ server { access_log /var/log/nginx/domains/%domain%.bytes bytes; error_log /var/log/nginx/domains/%domain%.error.log error; - location = /favicon.ico { - log_not_found off; - access_log off; - } - - location = /robots.txt { - allow all; - log_not_found off; - access_log off; - } - - location ~* \.(txt|log)$ { - allow 192.168.0.0/16; - deny all; - } - - location ~ \..*/.*\.php$ { - return 403; - } - - location ~ ^/sites/.*/private/ { - return 403; - } - - location ~ ^/sites/[^/]+/files/.*\.php$ { - deny all; - } - - location / { - try_files $uri /index.php?$query_string; - } - - location ~ /vendor/.*\.php$ { - deny all; - return 404; - } - location @rewrite { rewrite ^/(.*)$ /index.php?q=$1; - } + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } - location ~ ^/sites/.*/files/styles/ { - try_files $uri @rewrite; - } + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } - location ~ ^(/[a-z\-]+)?/system/files/ { + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + location ~ /vendor/.*\.php$ { + deny all; + return 404; + } + try_files $uri /index.php?$query_string; - } + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } - location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { - try_files $uri @rewrite; - expires max; - log_not_found off; - } + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } - location ~ '\.php$|^/update.php' { - fastcgi_split_path_info ^(.+?\.php)(|/.*)$; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - fastcgi_pass %backend_lsnr%; - include /etc/nginx/fastcgi_params; - } + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } error_page 403 /error/404.html; error_page 404 /error/404.html; diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal6.stpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal6.stpl index 0af7ce84..9d984000 100644 --- a/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal6.stpl +++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal6.stpl @@ -10,63 +10,53 @@ server { ssl on; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; - - location = /favicon.ico { - log_not_found off; - access_log off; - } - - location = /robots.txt { - allow all; - log_not_found off; - access_log off; - } - - location ~* \.(txt|log)$ { - allow 192.168.0.0/16; - deny all; - } - - location ~ \..*/.*\.php$ { - return 403; - } - - location ~ ^/sites/.*/private/ { - return 403; - } - - location ~ ^/sites/[^/]+/files/.*\.php$ { - deny all; - } - - location / { - try_files $uri @rewrite; - } - + location @rewrite { rewrite ^/(.*)$ /index.php?q=$1; - } - - location ~ /vendor/.*\.php$ { - deny all; - return 404; - } + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } - location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + try_files $uri @rewrite; - expires max; - log_not_found off; - } - location ~ ^/sites/.*/files/imagecache/ { - try_files $uri @rewrite; - } + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } - location ~ '\.php$|^/update.php' { - fastcgi_split_path_info ^(.+?\.php)(|/.*)$; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - fastcgi_pass %backend_lsnr%; - include /etc/nginx/fastcgi_params; + location ~ ^/sites/.*/files/imagecache/ { + try_files $uri @rewrite; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } } error_page 403 /error/404.html; diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal6.tpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal6.tpl index d1096bff..0ae7568b 100644 --- a/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal6.tpl +++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal6.tpl @@ -7,62 +7,52 @@ server { access_log /var/log/nginx/domains/%domain%.bytes bytes; error_log /var/log/nginx/domains/%domain%.error.log error; - location = /favicon.ico { - log_not_found off; - access_log off; - } - - location = /robots.txt { - allow all; - log_not_found off; - access_log off; - } - - location ~* \.(txt|log)$ { - allow 192.168.0.0/16; - deny all; - } - - location ~ \..*/.*\.php$ { - return 403; - } - - location ~ ^/sites/.*/private/ { - return 403; - } - - location ~ ^/sites/[^/]+/files/.*\.php$ { - deny all; - } - - location / { - try_files $uri @rewrite; - } - location @rewrite { rewrite ^/(.*)$ /index.php?q=$1; } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } - location ~ /vendor/.*\.php$ { - deny all; - return 404; - } + try_files $uri @rewrite; - location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { - try_files $uri @rewrite; - expires max; - log_not_found off; - } + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } - location ~ ^/sites/.*/files/imagecache/ { - try_files $uri @rewrite; - } - - location ~ '\.php$|^/update.php' { - fastcgi_split_path_info ^(.+?\.php)(|/.*)$; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - fastcgi_pass %backend_lsnr%; - include /etc/nginx/fastcgi_params; + location ~ ^/sites/.*/files/imagecache/ { + try_files $uri @rewrite; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } } error_page 403 /error/404.html; diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal7.stpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal7.stpl index bdf97f65..0d7930fa 100644 --- a/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal7.stpl +++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal7.stpl @@ -11,66 +11,56 @@ server { ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; - location = /favicon.ico { - log_not_found off; - access_log off; - } - - location = /robots.txt { - allow all; - log_not_found off; - access_log off; - } - - location ~* \.(txt|log)$ { - allow 192.168.0.0/16; - deny all; - } - - location ~ \..*/.*\.php$ { - return 403; - } - - location ~ ^/sites/.*/private/ { - return 403; - } - - location ~ ^/sites/[^/]+/files/.*\.php$ { - deny all; - } - - location / { - try_files $uri /index.php?$query_string; - } - - location ~ /vendor/.*\.php$ { - deny all; - return 404; - } - location @rewrite { rewrite ^/(.*)$ /index.php?q=$1; } - - location ~ ^/sites/.*/files/styles/ { - try_files $uri @rewrite; - } - - location ~ ^(/[a-z\-]+)?/system/files/ { - try_files $uri /index.php?$query_string; - } - - location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { - try_files $uri @rewrite; - expires max; - log_not_found off; - } - location ~ '\.php$|^/update.php' { - fastcgi_split_path_info ^(.+?\.php)(|/.*)$; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - fastcgi_pass %backend_lsnr%; - include /etc/nginx/fastcgi_params; + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + try_files $uri /index.php?$query_string; + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } + + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } } error_page 403 /error/404.html; diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal7.tpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal7.tpl index 14f0c833..6b41f319 100644 --- a/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal7.tpl +++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal7.tpl @@ -7,66 +7,56 @@ server { access_log /var/log/nginx/domains/%domain%.bytes bytes; error_log /var/log/nginx/domains/%domain%.error.log error; - location = /favicon.ico { - log_not_found off; - access_log off; - } - - location = /robots.txt { - allow all; - log_not_found off; - access_log off; - } - - location ~* \.(txt|log)$ { - allow 192.168.0.0/16; - deny all; - } - - location ~ \..*/.*\.php$ { - return 403; - } - - location ~ ^/sites/.*/private/ { - return 403; - } - - location ~ ^/sites/[^/]+/files/.*\.php$ { - deny all; - } - - location / { - try_files $uri /index.php?$query_string; - } - - location ~ /vendor/.*\.php$ { - deny all; - return 404; - } - location @rewrite { rewrite ^/(.*)$ /index.php?q=$1; } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } - location ~ ^/sites/.*/files/styles/ { - try_files $uri @rewrite; - } + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } - location ~ ^(/[a-z\-]+)?/system/files/ { try_files $uri /index.php?$query_string; - } - location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { - try_files $uri @rewrite; - expires max; - log_not_found off; - } + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } - location ~ '\.php$|^/update.php' { - fastcgi_split_path_info ^(.+?\.php)(|/.*)$; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - fastcgi_pass %backend_lsnr%; - include /etc/nginx/fastcgi_params; + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } } error_page 403 /error/404.html; diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal8.stpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal8.stpl index bdf97f65..6fd64db6 100644 --- a/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal8.stpl +++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal8.stpl @@ -11,67 +11,62 @@ server { ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; - location = /favicon.ico { - log_not_found off; - access_log off; - } - - location = /robots.txt { - allow all; - log_not_found off; - access_log off; - } - - location ~* \.(txt|log)$ { - allow 192.168.0.0/16; - deny all; - } - - location ~ \..*/.*\.php$ { - return 403; - } - - location ~ ^/sites/.*/private/ { - return 403; - } - - location ~ ^/sites/[^/]+/files/.*\.php$ { - deny all; - } - - location / { - try_files $uri /index.php?$query_string; - } - - location ~ /vendor/.*\.php$ { - deny all; - return 404; - } - location @rewrite { rewrite ^/(.*)$ /index.php?q=$1; } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } - location ~ ^/sites/.*/files/styles/ { - try_files $uri @rewrite; - } + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } - location ~ ^(/[a-z\-]+)?/system/files/ { + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + location ~ /vendor/.*\.php$ { + deny all; + return 404; + } + try_files $uri /index.php?$query_string; - } + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } - location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { - try_files $uri @rewrite; - expires max; - log_not_found off; - } - - location ~ '\.php$|^/update.php' { - fastcgi_split_path_info ^(.+?\.php)(|/.*)$; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - fastcgi_pass %backend_lsnr%; - include /etc/nginx/fastcgi_params; - } + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } error_page 403 /error/404.html; error_page 404 /error/404.html; diff --git a/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal8.tpl b/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal8.tpl index 6d0e5bd6..452aa9e6 100644 --- a/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal8.tpl +++ b/install/ubuntu/17.04/templates/web/nginx/php-fpm/drupal8.tpl @@ -7,67 +7,62 @@ server { access_log /var/log/nginx/domains/%domain%.bytes bytes; error_log /var/log/nginx/domains/%domain%.error.log error; - location = /favicon.ico { - log_not_found off; - access_log off; - } - - location = /robots.txt { - allow all; - log_not_found off; - access_log off; - } - - location ~* \.(txt|log)$ { - allow 192.168.0.0/16; - deny all; - } - - location ~ \..*/.*\.php$ { - return 403; - } - - location ~ ^/sites/.*/private/ { - return 403; - } - - location ~ ^/sites/[^/]+/files/.*\.php$ { - deny all; - } - - location / { - try_files $uri /index.php?$query_string; - } - - location ~ /vendor/.*\.php$ { - deny all; - return 404; - } - location @rewrite { rewrite ^/(.*)$ /index.php?q=$1; - } + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } - location ~ ^/sites/.*/files/styles/ { - try_files $uri @rewrite; - } + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } - location ~ ^(/[a-z\-]+)?/system/files/ { + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + location ~ /vendor/.*\.php$ { + deny all; + return 404; + } + try_files $uri /index.php?$query_string; - } + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } - location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { - try_files $uri @rewrite; - expires max; - log_not_found off; - } + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } - location ~ '\.php$|^/update.php' { - fastcgi_split_path_info ^(.+?\.php)(|/.*)$; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - fastcgi_pass %backend_lsnr%; - include /etc/nginx/fastcgi_params; - } + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } error_page 403 /error/404.html; error_page 404 /error/404.html; diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal6.stpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal6.stpl index 0af7ce84..9d984000 100644 --- a/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal6.stpl +++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal6.stpl @@ -10,63 +10,53 @@ server { ssl on; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; - - location = /favicon.ico { - log_not_found off; - access_log off; - } - - location = /robots.txt { - allow all; - log_not_found off; - access_log off; - } - - location ~* \.(txt|log)$ { - allow 192.168.0.0/16; - deny all; - } - - location ~ \..*/.*\.php$ { - return 403; - } - - location ~ ^/sites/.*/private/ { - return 403; - } - - location ~ ^/sites/[^/]+/files/.*\.php$ { - deny all; - } - - location / { - try_files $uri @rewrite; - } - + location @rewrite { rewrite ^/(.*)$ /index.php?q=$1; - } - - location ~ /vendor/.*\.php$ { - deny all; - return 404; - } + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } - location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + try_files $uri @rewrite; - expires max; - log_not_found off; - } - location ~ ^/sites/.*/files/imagecache/ { - try_files $uri @rewrite; - } + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } - location ~ '\.php$|^/update.php' { - fastcgi_split_path_info ^(.+?\.php)(|/.*)$; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - fastcgi_pass %backend_lsnr%; - include /etc/nginx/fastcgi_params; + location ~ ^/sites/.*/files/imagecache/ { + try_files $uri @rewrite; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } } error_page 403 /error/404.html; diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal6.tpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal6.tpl index d1096bff..0ae7568b 100644 --- a/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal6.tpl +++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal6.tpl @@ -7,62 +7,52 @@ server { access_log /var/log/nginx/domains/%domain%.bytes bytes; error_log /var/log/nginx/domains/%domain%.error.log error; - location = /favicon.ico { - log_not_found off; - access_log off; - } - - location = /robots.txt { - allow all; - log_not_found off; - access_log off; - } - - location ~* \.(txt|log)$ { - allow 192.168.0.0/16; - deny all; - } - - location ~ \..*/.*\.php$ { - return 403; - } - - location ~ ^/sites/.*/private/ { - return 403; - } - - location ~ ^/sites/[^/]+/files/.*\.php$ { - deny all; - } - - location / { - try_files $uri @rewrite; - } - location @rewrite { rewrite ^/(.*)$ /index.php?q=$1; } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } - location ~ /vendor/.*\.php$ { - deny all; - return 404; - } + try_files $uri @rewrite; - location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { - try_files $uri @rewrite; - expires max; - log_not_found off; - } + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } - location ~ ^/sites/.*/files/imagecache/ { - try_files $uri @rewrite; - } - - location ~ '\.php$|^/update.php' { - fastcgi_split_path_info ^(.+?\.php)(|/.*)$; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - fastcgi_pass %backend_lsnr%; - include /etc/nginx/fastcgi_params; + location ~ ^/sites/.*/files/imagecache/ { + try_files $uri @rewrite; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } } error_page 403 /error/404.html; diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal7.stpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal7.stpl index bdf97f65..0d7930fa 100644 --- a/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal7.stpl +++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal7.stpl @@ -11,66 +11,56 @@ server { ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; - location = /favicon.ico { - log_not_found off; - access_log off; - } - - location = /robots.txt { - allow all; - log_not_found off; - access_log off; - } - - location ~* \.(txt|log)$ { - allow 192.168.0.0/16; - deny all; - } - - location ~ \..*/.*\.php$ { - return 403; - } - - location ~ ^/sites/.*/private/ { - return 403; - } - - location ~ ^/sites/[^/]+/files/.*\.php$ { - deny all; - } - - location / { - try_files $uri /index.php?$query_string; - } - - location ~ /vendor/.*\.php$ { - deny all; - return 404; - } - location @rewrite { rewrite ^/(.*)$ /index.php?q=$1; } - - location ~ ^/sites/.*/files/styles/ { - try_files $uri @rewrite; - } - - location ~ ^(/[a-z\-]+)?/system/files/ { - try_files $uri /index.php?$query_string; - } - - location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { - try_files $uri @rewrite; - expires max; - log_not_found off; - } - location ~ '\.php$|^/update.php' { - fastcgi_split_path_info ^(.+?\.php)(|/.*)$; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - fastcgi_pass %backend_lsnr%; - include /etc/nginx/fastcgi_params; + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + try_files $uri /index.php?$query_string; + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } + + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } } error_page 403 /error/404.html; diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal7.tpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal7.tpl index 14f0c833..6b41f319 100644 --- a/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal7.tpl +++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal7.tpl @@ -7,66 +7,56 @@ server { access_log /var/log/nginx/domains/%domain%.bytes bytes; error_log /var/log/nginx/domains/%domain%.error.log error; - location = /favicon.ico { - log_not_found off; - access_log off; - } - - location = /robots.txt { - allow all; - log_not_found off; - access_log off; - } - - location ~* \.(txt|log)$ { - allow 192.168.0.0/16; - deny all; - } - - location ~ \..*/.*\.php$ { - return 403; - } - - location ~ ^/sites/.*/private/ { - return 403; - } - - location ~ ^/sites/[^/]+/files/.*\.php$ { - deny all; - } - - location / { - try_files $uri /index.php?$query_string; - } - - location ~ /vendor/.*\.php$ { - deny all; - return 404; - } - location @rewrite { rewrite ^/(.*)$ /index.php?q=$1; } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } - location ~ ^/sites/.*/files/styles/ { - try_files $uri @rewrite; - } + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } - location ~ ^(/[a-z\-]+)?/system/files/ { try_files $uri /index.php?$query_string; - } - location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { - try_files $uri @rewrite; - expires max; - log_not_found off; - } + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } - location ~ '\.php$|^/update.php' { - fastcgi_split_path_info ^(.+?\.php)(|/.*)$; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - fastcgi_pass %backend_lsnr%; - include /etc/nginx/fastcgi_params; + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } } error_page 403 /error/404.html; diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal8.stpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal8.stpl index bdf97f65..6fd64db6 100644 --- a/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal8.stpl +++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal8.stpl @@ -11,67 +11,62 @@ server { ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; - location = /favicon.ico { - log_not_found off; - access_log off; - } - - location = /robots.txt { - allow all; - log_not_found off; - access_log off; - } - - location ~* \.(txt|log)$ { - allow 192.168.0.0/16; - deny all; - } - - location ~ \..*/.*\.php$ { - return 403; - } - - location ~ ^/sites/.*/private/ { - return 403; - } - - location ~ ^/sites/[^/]+/files/.*\.php$ { - deny all; - } - - location / { - try_files $uri /index.php?$query_string; - } - - location ~ /vendor/.*\.php$ { - deny all; - return 404; - } - location @rewrite { rewrite ^/(.*)$ /index.php?q=$1; } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } - location ~ ^/sites/.*/files/styles/ { - try_files $uri @rewrite; - } + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } - location ~ ^(/[a-z\-]+)?/system/files/ { + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + location ~ /vendor/.*\.php$ { + deny all; + return 404; + } + try_files $uri /index.php?$query_string; - } + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } - location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { - try_files $uri @rewrite; - expires max; - log_not_found off; - } - - location ~ '\.php$|^/update.php' { - fastcgi_split_path_info ^(.+?\.php)(|/.*)$; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - fastcgi_pass %backend_lsnr%; - include /etc/nginx/fastcgi_params; - } + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } error_page 403 /error/404.html; error_page 404 /error/404.html; diff --git a/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal8.tpl b/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal8.tpl index 6d0e5bd6..452aa9e6 100644 --- a/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal8.tpl +++ b/install/ubuntu/17.10/templates/web/nginx/php-fpm/drupal8.tpl @@ -7,67 +7,62 @@ server { access_log /var/log/nginx/domains/%domain%.bytes bytes; error_log /var/log/nginx/domains/%domain%.error.log error; - location = /favicon.ico { - log_not_found off; - access_log off; - } - - location = /robots.txt { - allow all; - log_not_found off; - access_log off; - } - - location ~* \.(txt|log)$ { - allow 192.168.0.0/16; - deny all; - } - - location ~ \..*/.*\.php$ { - return 403; - } - - location ~ ^/sites/.*/private/ { - return 403; - } - - location ~ ^/sites/[^/]+/files/.*\.php$ { - deny all; - } - - location / { - try_files $uri /index.php?$query_string; - } - - location ~ /vendor/.*\.php$ { - deny all; - return 404; - } - location @rewrite { rewrite ^/(.*)$ /index.php?q=$1; - } + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } - location ~ ^/sites/.*/files/styles/ { - try_files $uri @rewrite; - } + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } - location ~ ^(/[a-z\-]+)?/system/files/ { + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + location ~ /vendor/.*\.php$ { + deny all; + return 404; + } + try_files $uri /index.php?$query_string; - } + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } - location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { - try_files $uri @rewrite; - expires max; - log_not_found off; - } + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } - location ~ '\.php$|^/update.php' { - fastcgi_split_path_info ^(.+?\.php)(|/.*)$; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - fastcgi_pass %backend_lsnr%; - include /etc/nginx/fastcgi_params; - } + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } error_page 403 /error/404.html; error_page 404 /error/404.html; diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal6.stpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal6.stpl index 0af7ce84..9d984000 100644 --- a/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal6.stpl +++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal6.stpl @@ -10,63 +10,53 @@ server { ssl on; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; - - location = /favicon.ico { - log_not_found off; - access_log off; - } - - location = /robots.txt { - allow all; - log_not_found off; - access_log off; - } - - location ~* \.(txt|log)$ { - allow 192.168.0.0/16; - deny all; - } - - location ~ \..*/.*\.php$ { - return 403; - } - - location ~ ^/sites/.*/private/ { - return 403; - } - - location ~ ^/sites/[^/]+/files/.*\.php$ { - deny all; - } - - location / { - try_files $uri @rewrite; - } - + location @rewrite { rewrite ^/(.*)$ /index.php?q=$1; - } - - location ~ /vendor/.*\.php$ { - deny all; - return 404; - } + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } - location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + try_files $uri @rewrite; - expires max; - log_not_found off; - } - location ~ ^/sites/.*/files/imagecache/ { - try_files $uri @rewrite; - } + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } - location ~ '\.php$|^/update.php' { - fastcgi_split_path_info ^(.+?\.php)(|/.*)$; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - fastcgi_pass %backend_lsnr%; - include /etc/nginx/fastcgi_params; + location ~ ^/sites/.*/files/imagecache/ { + try_files $uri @rewrite; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } } error_page 403 /error/404.html; diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal6.tpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal6.tpl index d1096bff..0ae7568b 100644 --- a/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal6.tpl +++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal6.tpl @@ -7,62 +7,52 @@ server { access_log /var/log/nginx/domains/%domain%.bytes bytes; error_log /var/log/nginx/domains/%domain%.error.log error; - location = /favicon.ico { - log_not_found off; - access_log off; - } - - location = /robots.txt { - allow all; - log_not_found off; - access_log off; - } - - location ~* \.(txt|log)$ { - allow 192.168.0.0/16; - deny all; - } - - location ~ \..*/.*\.php$ { - return 403; - } - - location ~ ^/sites/.*/private/ { - return 403; - } - - location ~ ^/sites/[^/]+/files/.*\.php$ { - deny all; - } - - location / { - try_files $uri @rewrite; - } - location @rewrite { rewrite ^/(.*)$ /index.php?q=$1; } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } - location ~ /vendor/.*\.php$ { - deny all; - return 404; - } + try_files $uri @rewrite; - location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { - try_files $uri @rewrite; - expires max; - log_not_found off; - } + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } - location ~ ^/sites/.*/files/imagecache/ { - try_files $uri @rewrite; - } - - location ~ '\.php$|^/update.php' { - fastcgi_split_path_info ^(.+?\.php)(|/.*)$; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - fastcgi_pass %backend_lsnr%; - include /etc/nginx/fastcgi_params; + location ~ ^/sites/.*/files/imagecache/ { + try_files $uri @rewrite; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } } error_page 403 /error/404.html; diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal7.stpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal7.stpl index bdf97f65..0d7930fa 100644 --- a/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal7.stpl +++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal7.stpl @@ -11,66 +11,56 @@ server { ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; - location = /favicon.ico { - log_not_found off; - access_log off; - } - - location = /robots.txt { - allow all; - log_not_found off; - access_log off; - } - - location ~* \.(txt|log)$ { - allow 192.168.0.0/16; - deny all; - } - - location ~ \..*/.*\.php$ { - return 403; - } - - location ~ ^/sites/.*/private/ { - return 403; - } - - location ~ ^/sites/[^/]+/files/.*\.php$ { - deny all; - } - - location / { - try_files $uri /index.php?$query_string; - } - - location ~ /vendor/.*\.php$ { - deny all; - return 404; - } - location @rewrite { rewrite ^/(.*)$ /index.php?q=$1; } - - location ~ ^/sites/.*/files/styles/ { - try_files $uri @rewrite; - } - - location ~ ^(/[a-z\-]+)?/system/files/ { - try_files $uri /index.php?$query_string; - } - - location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { - try_files $uri @rewrite; - expires max; - log_not_found off; - } - location ~ '\.php$|^/update.php' { - fastcgi_split_path_info ^(.+?\.php)(|/.*)$; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - fastcgi_pass %backend_lsnr%; - include /etc/nginx/fastcgi_params; + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + try_files $uri /index.php?$query_string; + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } + + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } } error_page 403 /error/404.html; diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal7.tpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal7.tpl index 14f0c833..6b41f319 100644 --- a/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal7.tpl +++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal7.tpl @@ -7,66 +7,56 @@ server { access_log /var/log/nginx/domains/%domain%.bytes bytes; error_log /var/log/nginx/domains/%domain%.error.log error; - location = /favicon.ico { - log_not_found off; - access_log off; - } - - location = /robots.txt { - allow all; - log_not_found off; - access_log off; - } - - location ~* \.(txt|log)$ { - allow 192.168.0.0/16; - deny all; - } - - location ~ \..*/.*\.php$ { - return 403; - } - - location ~ ^/sites/.*/private/ { - return 403; - } - - location ~ ^/sites/[^/]+/files/.*\.php$ { - deny all; - } - - location / { - try_files $uri /index.php?$query_string; - } - - location ~ /vendor/.*\.php$ { - deny all; - return 404; - } - location @rewrite { rewrite ^/(.*)$ /index.php?q=$1; } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } - location ~ ^/sites/.*/files/styles/ { - try_files $uri @rewrite; - } + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } - location ~ ^(/[a-z\-]+)?/system/files/ { try_files $uri /index.php?$query_string; - } - location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { - try_files $uri @rewrite; - expires max; - log_not_found off; - } + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } - location ~ '\.php$|^/update.php' { - fastcgi_split_path_info ^(.+?\.php)(|/.*)$; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - fastcgi_pass %backend_lsnr%; - include /etc/nginx/fastcgi_params; + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } } error_page 403 /error/404.html; diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal8.stpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal8.stpl index bdf97f65..6fd64db6 100644 --- a/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal8.stpl +++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal8.stpl @@ -11,67 +11,62 @@ server { ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; - location = /favicon.ico { - log_not_found off; - access_log off; - } - - location = /robots.txt { - allow all; - log_not_found off; - access_log off; - } - - location ~* \.(txt|log)$ { - allow 192.168.0.0/16; - deny all; - } - - location ~ \..*/.*\.php$ { - return 403; - } - - location ~ ^/sites/.*/private/ { - return 403; - } - - location ~ ^/sites/[^/]+/files/.*\.php$ { - deny all; - } - - location / { - try_files $uri /index.php?$query_string; - } - - location ~ /vendor/.*\.php$ { - deny all; - return 404; - } - location @rewrite { rewrite ^/(.*)$ /index.php?q=$1; } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } - location ~ ^/sites/.*/files/styles/ { - try_files $uri @rewrite; - } + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } - location ~ ^(/[a-z\-]+)?/system/files/ { + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + location ~ /vendor/.*\.php$ { + deny all; + return 404; + } + try_files $uri /index.php?$query_string; - } + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } - location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { - try_files $uri @rewrite; - expires max; - log_not_found off; - } - - location ~ '\.php$|^/update.php' { - fastcgi_split_path_info ^(.+?\.php)(|/.*)$; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - fastcgi_pass %backend_lsnr%; - include /etc/nginx/fastcgi_params; - } + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } error_page 403 /error/404.html; error_page 404 /error/404.html; diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal8.tpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal8.tpl index 6d0e5bd6..452aa9e6 100644 --- a/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal8.tpl +++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/drupal8.tpl @@ -7,67 +7,62 @@ server { access_log /var/log/nginx/domains/%domain%.bytes bytes; error_log /var/log/nginx/domains/%domain%.error.log error; - location = /favicon.ico { - log_not_found off; - access_log off; - } - - location = /robots.txt { - allow all; - log_not_found off; - access_log off; - } - - location ~* \.(txt|log)$ { - allow 192.168.0.0/16; - deny all; - } - - location ~ \..*/.*\.php$ { - return 403; - } - - location ~ ^/sites/.*/private/ { - return 403; - } - - location ~ ^/sites/[^/]+/files/.*\.php$ { - deny all; - } - - location / { - try_files $uri /index.php?$query_string; - } - - location ~ /vendor/.*\.php$ { - deny all; - return 404; - } - location @rewrite { rewrite ^/(.*)$ /index.php?q=$1; - } + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } - location ~ ^/sites/.*/files/styles/ { - try_files $uri @rewrite; - } + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } - location ~ ^(/[a-z\-]+)?/system/files/ { + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + location ~ /vendor/.*\.php$ { + deny all; + return 404; + } + try_files $uri /index.php?$query_string; - } + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } - location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { - try_files $uri @rewrite; - expires max; - log_not_found off; - } + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } - location ~ '\.php$|^/update.php' { - fastcgi_split_path_info ^(.+?\.php)(|/.*)$; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - fastcgi_pass %backend_lsnr%; - include /etc/nginx/fastcgi_params; - } + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } error_page 403 /error/404.html; error_page 404 /error/404.html; From ebc67f647843d23f87a4bbb60a2f504b6d10b421 Mon Sep 17 00:00:00 2001 From: Chernyavskiy Leonid Date: Fri, 24 Aug 2018 14:05:37 +0700 Subject: [PATCH 014/197] Fix invalid extension replace in add_web_config Do not use globbing, because it kills too many characters. Use conditionals and search at the end of the line instead. --- func/domain.sh | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/func/domain.sh b/func/domain.sh index cc66aecb..59823b28 100644 --- a/func/domain.sh +++ b/func/domain.sh @@ -215,7 +215,11 @@ add_web_config() { fi fi - trigger="${2/.*pl/.sh}" + trigger="${2/%.tpl/.sh}" + if [[ "$2" =~ stpl$ ]]; then + trigger="${2/%.stpl/.sh}" + fi + if [ -x "$WEBTPL/$1/$WEB_BACKEND/$trigger" ]; then $WEBTPL/$1/$WEB_BACKEND/$trigger \ $user $domain $local_ip $HOMEDIR \ From 74334fae11778322355b97814f589720e18c964c Mon Sep 17 00:00:00 2001 From: Clark Chen <9372896+clarkchentw@users.noreply.github.com> Date: Mon, 17 Sep 2018 21:57:06 -0500 Subject: [PATCH 015/197] Traditional Chinese - TW, update to match en.php This update the file to match 100% as en.php, also corrected some term in the file --- web/inc/i18n/tw.php | 26 +++++++++++++------------- 1 file changed, 13 insertions(+), 13 deletions(-) diff --git a/web/inc/i18n/tw.php b/web/inc/i18n/tw.php index d35cba4a..3572fbf1 100644 --- a/web/inc/i18n/tw.php +++ b/web/inc/i18n/tw.php @@ -4,10 +4,8 @@ * This language file is translate by * Clark's Hosting Service (https://host.clark-chen.com) * Clark Chen (clark@clark-chen.com) - * - * Translation recheck by: - * pan93412 */ + $LANG['tw'] = array( 'Packages' => '方案設定', 'IP' => 'IP 管理', @@ -199,9 +197,9 @@ $LANG['tw'] = array( 'SSL Home Directory' => 'SSL 主目錄', 'Lets Encrypt Support' => 'Lets Encrypt 支援', 'Lets Encrypt' => 'Lets Encrypt', - 'Your certificate will be automatically issued in 5 minutes' => '您的憑證會在五分鐘內完成簽署', + 'Your certificate will be automatically issued in 5 minutes' => '您的憑證會在五分鐘內完成簽發', 'Proxy Support' => 'Proxy 支援', - 'Proxy Extensions' => 'Proxy 擴充', + 'Proxy Extensions' => 'Proxy 副檔名', 'Web Statistics' => '網站統計', 'Additional FTP Account' => '其他 FTP 帳號', 'Path' => '路徑', @@ -219,7 +217,6 @@ $LANG['tw'] = array( 'Autoreply' => '自動回覆', 'Forward to' => '轉寄到', 'Do not store forwarded mail' => '不保留已轉發的郵件', - 'Email Credentials' => '信箱登入資訊', 'IMAP hostname' => 'IMAP 主機名稱', 'IMAP port' => 'IMAP 連接埠', 'IMAP security' => 'IMAP 安全性', @@ -393,8 +390,8 @@ $LANG['tw'] = array( 'Banlist' => '封鎖清單', 'ranges are acceptable' => '可接受陣列', 'CIDR format is supported' => '支援 CIDR 格式', - 'ACCEPT' => 'ACCEPT', - 'DROP' => 'DROP', + 'ACCEPT' => '允許', + 'DROP' => '封鎖', 'TCP' => 'TCP', 'UDP' => 'UDP', 'ICMP' => 'ICMP', @@ -403,11 +400,11 @@ $LANG['tw'] = array( 'VESTA' => 'VESTA', 'Add one more Name Server' => '新增至少一個域名伺服器', - 'web domain' => 'web 網域', - 'dns domain' => 'dns 網域', - 'dns record' => 'dns 紀錄', - 'mail domain' => 'mail 紀錄', - 'mail account' => 'mail 帳號', + 'web domain' => 'Web 網域', + 'dns domain' => 'DNS 網域', + 'dns record' => 'DNS 紀錄', + 'mail domain' => 'Mail 紀錄', + 'mail account' => 'Mail 帳號', 'cron job' => '任務排程', 'cron' => '任務排程', @@ -757,4 +754,7 @@ $LANG['tw'] = array( 'Do not use encryption' => '不要使用加密', 'maximum characters length, including prefix' => '最多 %s 字元 (包含前綴)', + + 'Email Credentials' => '信箱登入資訊', + ); From a54771261d947fd20b1676ba0d15eb2ca2a0adc6 Mon Sep 17 00:00:00 2001 From: Clark Chen <9372896+clarkchentw@users.noreply.github.com> Date: Mon, 17 Sep 2018 21:59:22 -0500 Subject: [PATCH 016/197] Traditional Chinese - TW, update to match en.php This update the file to match 100% as en.php, also corrected some term in the file --- web/inc/i18n/tw.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/web/inc/i18n/tw.php b/web/inc/i18n/tw.php index 3572fbf1..0760d4a2 100644 --- a/web/inc/i18n/tw.php +++ b/web/inc/i18n/tw.php @@ -81,8 +81,8 @@ $LANG['tw'] = array( 'rebuild db' => '重建資料庫', 'rebuild cron' => '重建任務排程', 'update counters' => '更新計數器', - 'suspend' => '暫停', - 'unsuspend' => '解除暫停', + 'suspend' => '停用', + 'unsuspend' => '解除停用', 'delete' => '刪除', 'show per user' => '依選擇的使用者', 'login as' => '登入帳號', From c7f6bf4e284e7239c41de1fb13559d81b70cb79e Mon Sep 17 00:00:00 2001 From: Clark Chen <9372896+clarkchentw@users.noreply.github.com> Date: Mon, 17 Sep 2018 22:02:04 -0500 Subject: [PATCH 017/197] Traditional Chinese - TW, update to match en.php This update the file to match 100% as en.php, also corrected some term in the file --- web/inc/i18n/tw.php | 37 ++++++++++++++++++------------------- 1 file changed, 18 insertions(+), 19 deletions(-) diff --git a/web/inc/i18n/tw.php b/web/inc/i18n/tw.php index 0760d4a2..1a5974c9 100644 --- a/web/inc/i18n/tw.php +++ b/web/inc/i18n/tw.php @@ -5,8 +5,8 @@ * Clark's Hosting Service (https://host.clark-chen.com) * Clark Chen (clark@clark-chen.com) */ - $LANG['tw'] = array( + 'Packages' => '方案設定', 'IP' => 'IP 管理', 'Graphs' => '資源使用圖表', @@ -142,8 +142,8 @@ $LANG['tw'] = array( 'Adding IP Address to Banlist' => '新增IP至黑名單', 'active' => '正常', - 'spnd' => '暫停', - 'suspended' => '已暫停', + 'spnd' => '停用', + 'suspended' => '已停用', 'running' => '執行中', 'stopped' => '已停止', 'outdated' => '有可升級的新版本', @@ -462,30 +462,30 @@ $LANG['tw'] = array( 'Changes has been saved.' => '已儲存變更', 'Confirmation' => '確認', 'DELETE_USER_CONFIRMATION' => '確定要刪除使用者 %s 嗎?', - 'SUSPEND_USER_CONFIRMATION' => '確定要暫停使用者 %s 嗎?', - 'UNSUSPEND_USER_CONFIRMATION' => '確定要解除暫停使用者 %s 嗎?', + 'SUSPEND_USER_CONFIRMATION' => '確定要停用使用者 %s 嗎?', + 'UNSUSPEND_USER_CONFIRMATION' => '確定要解除停用使用者 %s 嗎?', 'DELETE_DOMAIN_CONFIRMATION' => '確定要刪除網域 %s 嗎?', - 'SUSPEND_DOMAIN_CONFIRMATION' => '確定要暫停網域 %s 嗎?', - 'UNSUSPEND_DOMAIN_CONFIRMATION' => '確定要解除暫停網域 %s 嗎?', + 'SUSPEND_DOMAIN_CONFIRMATION' => '確定要停用網域 %s 嗎?', + 'UNSUSPEND_DOMAIN_CONFIRMATION' => '確定要解除停用網域 %s 嗎?', 'DELETE_RECORD_CONFIRMATION' => '確定要刪除記錄 %s 嗎?', - 'SUSPEND_RECORD_CONFIRMATION' => '確定要暫停記錄 %s 嗎?', - 'UNSUSPEND_RECORD_CONFIRMATION' => '確定要解除暫停紀錄 %s 嗎?', + 'SUSPEND_RECORD_CONFIRMATION' => '確定要停用記錄 %s 嗎?', + 'UNSUSPEND_RECORD_CONFIRMATION' => '確定要解除停用紀錄 %s 嗎?', 'DELETE_MAIL_ACCOUNT_CONFIRMATION' => '確定要刪除 %s 嗎?', - 'SUSPEND_MAIL_ACCOUNT_CONFIRMATION' => '確定要暫停 %s 嗎?', - 'UNSUSPEND_MAIL_ACCOUNT_CONFIRMATION' => '確定要解除暫停 %s 嗎?', + 'SUSPEND_MAIL_ACCOUNT_CONFIRMATION' => '確定要停用 %s 嗎?', + 'UNSUSPEND_MAIL_ACCOUNT_CONFIRMATION' => '確定要解除停用 %s 嗎?', 'DELETE_DATABASE_CONFIRMATION' => '確定要刪除資料庫 %s 嗎?', - 'SUSPEND_DATABASE_CONFIRMATION' => '確定要暫停資料庫 %s 嗎?', - 'UNSUSPEND_DATABASE_CONFIRMATION' => '確定要解除暫停資料庫 %s 嗎?', + 'SUSPEND_DATABASE_CONFIRMATION' => '確定要停用資料庫 %s 嗎?', + 'UNSUSPEND_DATABASE_CONFIRMATION' => '確定要解除停用資料庫 %s 嗎?', 'DELETE_CRON_CONFIRMATION' => '確定要刪除 任務排程嗎?', - 'SUSPEND_CRON_CONFIRMATION' => '確定要暫停 任務排程嗎?', - 'UNSUSPEND_CRON_CONFIRMATION' => '確定要解除暫停 任務排程嗎?', + 'SUSPEND_CRON_CONFIRMATION' => '確定要停用 任務排程嗎?', + 'UNSUSPEND_CRON_CONFIRMATION' => '確定要解除停用 任務排程嗎?', 'DELETE_BACKUP_CONFIRMATION' => '確定要刪除 %s 備份嗎?', 'DELETE_EXCLUSION_CONFIRMATION' => '確定要刪除 %s 例外嗎?', 'DELETE_PACKAGE_CONFIRMATION' => '確定要刪除方案 %s 嗎?', 'DELETE_IP_CONFIRMATION' => '確定要刪除 IP 地址 %s 嗎?', - 'DELETE_RULE_CONFIRMATION' => '確定要刪除規則 #%s 嗎?', - 'SUSPEND_RULE_CONFIRMATION' => '確定要暫停規則 #%s 嗎?', - 'UNSUSPEND_RULE_CONFIRMATION' => '確定要解除暫停規則 #%s 嗎?', + 'DELETE_RULE_CONFIRMATION' => '確定要刪除防火牆規則 #%s 嗎?', + 'SUSPEND_RULE_CONFIRMATION' => '確定要停用防火牆規則 #%s 嗎?', + 'UNSUSPEND_RULE_CONFIRMATION' => '確定要解除停用防火牆規則 #%s 嗎?', 'LEAVE_PAGE_CONFIRMATION' => '確定離開嗎?', 'RESTART_CONFIRMATION' => '確定要重新啟動 %s 嗎?', 'Welcome' => '歡迎', @@ -756,5 +756,4 @@ $LANG['tw'] = array( 'maximum characters length, including prefix' => '最多 %s 字元 (包含前綴)', 'Email Credentials' => '信箱登入資訊', - ); From 0760e6a2e6752d00534aa2af6ae94228dc0685b0 Mon Sep 17 00:00:00 2001 From: Hacktivista Date: Wed, 7 Nov 2018 12:53:59 -0300 Subject: [PATCH 018/197] Don't chown $VESTA/data/sessions admin:admin previous to user admin creation Fixes `chown: invalid user: 'admin:admin'` on Debian installations, line not present in other distros install scripts --- install/vst-install-debian.sh | 1 - 1 file changed, 1 deletion(-) diff --git a/install/vst-install-debian.sh b/install/vst-install-debian.sh index 47f36142..846092e9 100644 --- a/install/vst-install-debian.sh +++ b/install/vst-install-debian.sh @@ -711,7 +711,6 @@ chmod -R 750 $VESTA/data/queue chmod 660 $VESTA/log/* rm -f /var/log/vesta ln -s $VESTA/log /var/log/vesta -chown admin:admin $VESTA/data/sessions chmod 770 $VESTA/data/sessions # Generating vesta configuration From 9abd3baf2ebe5460fb869e2deb292a23b3eea429 Mon Sep 17 00:00:00 2001 From: Hacktivista Date: Wed, 7 Nov 2018 15:31:01 -0300 Subject: [PATCH 019/197] Fix v-update-sys-ip: verify if primary IP exists Fixes the following errors on new installations: > mv: cannot move '/usr/local/vesta/data/ips/' to a subdirectory of itself, '/usr/local/vesta/data/ips/x.x.x.x' > sed: can't read /usr/local/vesta/data/users/*/dns/*.conf: No such file or directory > sed: -e expression #1, char 0: no previous regular expression > sed: -e expression #1, char 0: no previous regular expression --- bin/v-update-sys-ip | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/bin/v-update-sys-ip b/bin/v-update-sys-ip index 7360b07f..6c07edc6 100755 --- a/bin/v-update-sys-ip +++ b/bin/v-update-sys-ip @@ -44,7 +44,7 @@ if [[ "$ip_num" -eq '1' ]] && [[ "$v_ip_num" -eq 1 ]]; then fi # Updating configs -if [ ! -z "$new" ]; then +if [ ! -z "$old" ]; then mv $VESTA/data/ips/$old $VESTA/data/ips/$new # Updating PROXY From 73cb7667cd236024fad6985ac2d25f7ce8a16b9b Mon Sep 17 00:00:00 2001 From: Marcos Date: Mon, 24 Dec 2018 17:44:23 +0100 Subject: [PATCH 020/197] Fix conflict --- bin/v-backup-user | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/bin/v-backup-user b/bin/v-backup-user index a68778f2..59d071bc 100755 --- a/bin/v-backup-user +++ b/bin/v-backup-user @@ -229,7 +229,7 @@ if [ ! -z "$WEB_SYSTEM" ] && [ "$WEB" != '*' ]; then # Backup files cd $HOMEDIR/$user/web/$domain - tar --anchored -cpf- * ${fargs[@]} |gzip -$BACKUP_GZIP - > $tmpdir/web/$domain/domain_data.tar.gz + tar --anchored -cpf- ${fargs[@]} * |gzip -$BACKUP_GZIP - > $tmpdir/web/$domain/domain_data.tar.gz done # Print total From 49f69ce60d581547259ba4f6d6ecb82ea8906321 Mon Sep 17 00:00:00 2001 From: Marcos Date: Mon, 24 Dec 2018 17:51:07 +0100 Subject: [PATCH 021/197] Fix conflicts --- bin/v-backup-user | 1 - 1 file changed, 1 deletion(-) diff --git a/bin/v-backup-user b/bin/v-backup-user index 59d071bc..cdbc9414 100755 --- a/bin/v-backup-user +++ b/bin/v-backup-user @@ -228,7 +228,6 @@ if [ ! -z "$WEB_SYSTEM" ] && [ "$WEB" != '*' ]; then set +f # Backup files - cd $HOMEDIR/$user/web/$domain tar --anchored -cpf- ${fargs[@]} * |gzip -$BACKUP_GZIP - > $tmpdir/web/$domain/domain_data.tar.gz done From f8b4d42b740752e17944370440f37d3105f4b21f Mon Sep 17 00:00:00 2001 From: Serghey Rodin Date: Wed, 26 Dec 2018 12:54:33 +0200 Subject: [PATCH 022/197] Let's Encrypt v2 with wildcard support --- bin/v-add-letsencrypt-domain | 243 ++++++++++++++++++++++++--------- bin/v-add-letsencrypt-user | 159 ++++++++------------- bin/v-check-letsencrypt-domain | 162 ---------------------- bin/v-sign-letsencrypt-csr | 110 --------------- bin/v-update-letsencrypt-ssl | 55 +++----- 5 files changed, 257 insertions(+), 472 deletions(-) delete mode 100755 bin/v-check-letsencrypt-domain delete mode 100755 bin/v-sign-letsencrypt-csr diff --git a/bin/v-add-letsencrypt-domain b/bin/v-add-letsencrypt-domain index c69a21f1..a6946695 100755 --- a/bin/v-add-letsencrypt-domain +++ b/bin/v-add-letsencrypt-domain @@ -1,13 +1,8 @@ #!/bin/bash -# info: adding letsencrypt ssl cetificate for domain -# options: USER DOMAIN [ALIASES] [RESTART] [NOTIFY] +# info: check letsencrypt domain +# options: USER DOMAIN [ALIASES] # -# The function turns on SSL support for a domain. Parameter ssl_dir is a path -# to directory where 2 or 3 ssl files can be found. Certificate file -# domain.tld.crt and its key domain.tld.key are mandatory. Certificate -# authority domain.tld.ca file is optional. If home directory parameter -# (ssl_home) is not set, https domain uses public_shtml as separate -# documentroot directory. +# The function check and validates domain with Let's Encript #----------------------------------------------------------# @@ -18,39 +13,67 @@ user=$1 domain=$2 aliases=$3 -restart=$4 -notify=$5 + +# LE API +API='https://acme-v02.api.letsencrypt.org' # Includes source $VESTA/func/main.sh source $VESTA/func/domain.sh source $VESTA/conf/vesta.conf -# Additional argument formatting -format_domain_idn +# encode base64 +encode_base64() { + cat |base64 |tr '+/' '-_' |tr -d '\r\n=' +} + +# Let's Encrypt v2 curl function +query_le_v2() { + + protected='{"nonce": "'$3'",' + protected=''$protected' "url": "'$1'",' + protected=''$protected' "alg": "RS256", "kid": "'$KID'"}' + content="Content-Type: application/jose+json" + + payload_=$(echo -n "$2" |encode_base64) + protected_=$(echo -n "$protected" |encode_base64) + signature_=$(printf "%s" "$protected_.$payload_" |\ + openssl dgst -sha256 -binary -sign $USER_DATA/ssl/user.key |\ + encode_base64) + + post_data='{"protected":"'"$protected_"'",' + post_data=$post_data'"payload":"'"$payload_"'",' + post_data=$post_data'"signature":"'"$signature_"'"}' + + curl -s -i -d "$post_data" "$1" -H "$content" +} + #----------------------------------------------------------# # Verifications # #----------------------------------------------------------# -check_args '2' "$#" 'USER DOMAIN [ALIASES] [RESTART] [NOTIFY]' -is_format_valid 'user' 'domain' +check_args '2' "$#" 'USER DOMAIN [ALIASES]' +is_format_valid 'user' 'domain' 'aliases' is_system_enabled "$WEB_SYSTEM" 'WEB_SYSTEM' -is_system_enabled "$WEB_SSL" 'SSL_SUPPORT' is_object_valid 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user" is_object_valid 'web' 'DOMAIN' "$domain" is_object_unsuspended 'web' 'DOMAIN' "$domain" +get_domain_values 'web' +for alias in $(echo "$aliases" |tr ',' '\n' |sort -u); do + check_alias="$(echo $ALIAS |tr ',' '\n' |grep ^$alias$)" + if [ -z "$check_alias" ]; then + check_result $E_NOTEXIST "domain alias $alias doesn't exist" + fi +done #----------------------------------------------------------# # Action # #----------------------------------------------------------# -# Parsing domain data -get_domain_values 'web' - # Registering LetsEncrypt user account $BIN/v-add-letsencrypt-user $user if [ "$?" -ne 0 ]; then @@ -62,53 +85,152 @@ fi # Parsing LetsEncrypt account data source $USER_DATA/ssl/le.conf -email=$EMAIL -# Validating domain and aliases -i=1 -for alias in $(echo $domain,$aliases |tr ',' '\n' |sort -u); do - $BIN/v-check-letsencrypt-domain $user $alias - if [ "$?" -ne 0 ]; then - touch $VESTA/data/queue/letsencrypt.pipe - sed -i "/ $domain /d" $VESTA/data/queue/letsencrypt.pipe - send_notice "LETSENCRYPT" "$alias validation failed" - check_result $E_INVALID "LE domain validation" >/dev/null +# Checking wildcard alias +if [ "$aliases" = "*.$domain" ]; then + wildcard='yes' + proto="dns-01" + if [ ! -e "$VESTA/data/users/$user/dns/$domain.conf" ]; then + check_result $E_NOTEXIST "DNS domain $domain doesn't exist" + fi +else + proto="http-01" +fi + +# Requesting nonce / STEP 1 +answer=$(curl -s -I "$API/directory") +nonce=$(echo "$answer" |grep Nonce |cut -f2 -d \ |tr -d '\r\n') +status=$(echo "$answer"|grep HTTP/1.1 |tail -n1 |cut -f 2 -d ' ') +if [[ "$status" -ne 200 ]]; then + check_result $E_CONNECT "Let's Encrypt nonce request status $status" +fi + +# Placing new order / STEP 2 +url="$API/acme/new-order" +payload='{"identifiers":[' +for identifier in $(echo $domain,$aliases |tr ',' '\n' |sort -u); do + payload=$payload'{"type":"dns","value":"'$identifier'"},' +done +payload=$(echo "$payload"|sed "s/,$//") +payload=$payload']}' +answer=$(query_le_v2 "$url" "$payload" "$nonce") +nonce=$(echo "$answer" |grep Nonce |cut -f2 -d \ |tr -d '\r\n') +authz=$(echo "$answer" |grep "acme/authz" |cut -f2 -d '"') +finalize=$(echo "$answer" |grep 'finalize":' |cut -f4 -d '"') +status=$(echo "$answer" |grep HTTP/1.1 |tail -n1 |cut -f2 -d ' ') +if [[ "$status" -ne 201 ]]; then + check_result $E_CONNECT "Let's Encrypt new auth status $status" +fi + +# Requesting authorization token / STEP 3 +for auth in $authz; do + payload='' + answer=$(query_le_v2 "$auth" "$payload" "$nonce") + url=$(echo "$answer" |grep -A3 $proto |grep url |cut -f 4 -d \") + token=$(echo "$answer" |grep -A3 $proto |grep token |cut -f 4 -d \") + nonce=$(echo "$answer" |grep Nonce |cut -f2 -d \ |tr -d '\r\n') + status=$(echo "$answer"|grep HTTP/1.1 |tail -n1 |cut -f 2 -d ' ') + if [[ "$status" -ne 200 ]]; then + check_result $E_CONNECT "Let's Encrypt acme/authz bad status $status" fi - # Checking LE limits per account - if [ "$i" -gt 100 ]; then - touch $VESTA/data/queue/letsencrypt.pipe - sed -i "/ $domain /d" $VESTA/data/queue/letsencrypt.pipe - send_notice 'LETSENCRYPT' 'Limit of domains per account is reached' - check_result $E_LIMIT "LE can't sign more than 100 domains" + # Accepting challenge / STEP 4 + if [ "$wildcard" = 'yes' ]; then + record=$(printf "%s" "$token.$THUMB" |\ + openssl dgst -sha256 -binary |encode_base64) + old_records=$($BIN/v-list-dns-records $user $domain plain|grep 'TXT') + old_records=$(echo "$old_records" |grep _acme-challenge |cut -f 1) + for old_record in $old_records; do + $BIN/v-delete-dns-record $user $domain $old_record + done + $BIN/v-add-dns-record $user $domain "_acme-challenge" "TXT" $record + check_result $? "DNS _acme-challenge record wasn't created" + else + if [ "$WEB_SYSTEM" = 'nginx' ] || [ ! -z "$PROXY_SYSTEM" ]; then + conf="$HOMEDIR/$user/conf/web/nginx.$domain.conf_letsencrypt" + sconf="$HOMEDIR/$user/conf/web/snginx.$domain.conf_letsencrypt" + if [ ! -e "$conf" ]; then + echo 'location ~ "^/\.well-known/acme-challenge/(.*)$" {' \ + > $conf + echo ' default_type text/plain;' >> $conf + echo ' return 200 "$1.'$THUMB'";' >> $conf + echo '}' >> $conf + fi + if [ ! -e "$sconf" ]; then + ln -s "$conf" "$sconf" + fi + $BIN/v-restart-proxy + check_result $? "Proxy restart failed" >/dev/null + + else + well_known="$HOMEDIR/$user/web/$rdomain/public_html/.well-known" + acme_challenge="$well_known/acme-challenge" + mkdir -p $acme_challenge + echo "$token.$THUMB" > $acme_challenge/$token + chown -R $user:$user $well_known + fi + $BIN/v-restart-web + check_result $? "Web restart failed" >/dev/null + fi + + # Requesting ACME validation / STEP 5 + validation_check=$(echo "$answer" |grep '"valid"') + if [[ ! -z "$validation_check" ]]; then + validation='valid' + else + validation='pending' + fi + + # Doing pol check on status + i=1 + while [ "$validation" = 'pending' ]; do + payload='{}' + answer=$(query_le_v2 "$url" "$payload" "$nonce") + validation=$(echo "$answer"|grep -A1 $proto |tail -n1|cut -f4 -d \") + nonce=$(echo "$answer" |grep Nonce |cut -f2 -d \ |tr -d '\r\n') + status=$(echo "$answer"|grep HTTP/1.1 |tail -n1 |cut -f 2 -d ' ') + if [[ "$status" -ne 200 ]]; then + check_result $E_CONNECT "Let's Encrypt vvalidation status $status" + fi + + i=$((i + 1)) + if [ "$i" -gt 10 ]; then + check_result $E_CONNECT "Let's Encrypt domain validation timeout" + fi + sleep 1 + done + if [ "$validation" = 'invalid' ]; then + check_result $E_CONNECT "Let's Encrypt domain verification failed" fi - i=$((i++)) done -# Generating CSR -ssl_dir=$($BIN/v-generate-ssl-cert "$domain" "$email" "US" "California" \ + +# Generating new ssl certificate +ssl_dir=$($BIN/v-generate-ssl-cert "$domain" "info@$domain" "US" "California"\ "San Francisco" "Vesta" "IT" "$aliases" |tail -n1 |awk '{print $2}') -# Signing CSR -crt=$($BIN/v-sign-letsencrypt-csr $user $domain $ssl_dir) -if [ "$?" -ne 0 ]; then - touch $VESTA/data/queue/letsencrypt.pipe - sed -i "/ $domain /d" $VESTA/data/queue/letsencrypt.pipe - send_notice "LETSENCRYPT" "$alias validation failed" - check_result "$E_INVALID" "LE $domain validation" +# Sedning CSR to finalize order / STEP 6 +csr=$(openssl req -in $ssl_dir/$domain.csr -outform DER |encode_base64) +payload='{"csr":"'$csr'"}' +answer=$(query_le_v2 "$finalize" "$payload" "$nonce") +nonce=$(echo "$answer" |grep Nonce |cut -f2 -d \ |tr -d '\r\n') +status=$(echo "$answer"|grep HTTP/1.1 |tail -n1 |cut -f 2 -d ' ') +certificate=$(echo "$answer"|grep 'certificate":' |cut -f4 -d '"') +if [[ "$status" -ne 200 ]]; then + check_result $E_CONNECT "Let's Encrypt finalize bad status $status" fi -echo "$crt" > $ssl_dir/$domain.crt -# Dowloading CA certificate -le_certs='https://letsencrypt.org/certs' -x1='lets-encrypt-x1-cross-signed.pem.txt' -x3='lets-encrypt-x3-cross-signed.pem.txt' -issuer=$(openssl x509 -text -in $ssl_dir/$domain.crt |grep "Issuer:") -if [ -z "$(echo $issuer|grep X3)" ]; then - curl -s $le_certs/$x1 > $ssl_dir/$domain.ca -else - curl -s $le_certs/$x3 > $ssl_dir/$domain.ca -fi +# Downloading signed certificate / STEP 7 +curl -s "$certificate" -o $ssl_dir/$domain.pem + +# Splitting up downloaded pem +crt_end=$(grep -n END $ssl_dir/$domain.pem |head -n1 |cut -f1 -d:) +head -n $crt_end $ssl_dir/$domain.pem > $ssl_dir/$domain.crt + +pem_lines=$(wc -l $ssl_dir/$domain.pem |cut -f 1 -d ' ') +ca_end=$(grep -n "BEGIN" $ssl_dir/$domain.pem |tail -n1 |cut -f 1 -d :) +ca_end=$(( pem_lines - crt_end + 1 )) +tail -n $ca_end $ssl_dir/$domain.pem > $ssl_dir/$domain.ca # Adding SSL ssl_home=$(search_objects 'web' 'LETSENCRYPT' 'yes' 'SSL_HOME') @@ -140,18 +262,13 @@ update_object_value 'web' 'DOMAIN' "$domain" '$LETSENCRYPT' 'yes' # Vesta # #----------------------------------------------------------# -# Restarting web -$BIN/v-restart-web $restart -if [ "$?" -ne 0 ]; then - send_notice 'LETSENCRYPT' "web server needs to be restarted manually" -fi +# Deleteing task from queue +touch $VESTA/data/queue/letsencrypt.pipe +sed -i "/ $domain /d" $VESTA/data/queue/letsencrypt.pipe # Notifying user send_notice 'LETSENCRYPT' "$domain SSL has been installed successfully" -# Deleteing task from queue -touch $VESTA/data/queue/letsencrypt.pipe -sed -i "/ $domain /d" $VESTA/data/queue/letsencrypt.pipe # Logging log_event "$OK" "$ARGUMENTS" diff --git a/bin/v-add-letsencrypt-user b/bin/v-add-letsencrypt-user index 6bd3c560..f3a19163 100755 --- a/bin/v-add-letsencrypt-user +++ b/bin/v-add-letsencrypt-user @@ -1,8 +1,8 @@ #!/bin/bash # info: register letsencrypt user account -# options: USER [TYPE] +# options: USER # -# The function creates and register LetsEncript account key +# The function creates and register LetsEncript account #----------------------------------------------------------# @@ -11,8 +11,9 @@ # Argument definition user=$1 -type=${2-1} -key_size=4096 + +# LE API +API='https://acme-v02.api.letsencrypt.org' # Includes source $VESTA/func/main.sh @@ -23,22 +24,39 @@ encode_base64() { cat |base64 |tr '+/' '-_' |tr -d '\r\n=' } +# Let's Encrypt v2 curl function +query_le_v2() { + protected='{"nonce": "'$3'",' + protected=''$protected' "url": "'$1'",' + protected=''$protected' "alg": "RS256", "jwk": '$jwk'}' + content="Content-Type: application/jose+json" + + payload_=$(echo -n "$2" |encode_base64) + protected_=$(echo -n "$protected" |encode_base64) + signature_=$(printf "%s" "$protected_.$payload_" |\ + openssl dgst -sha256 -binary -sign $USER_DATA/ssl/user.key |\ + encode_base64) + + post_data='{"protected":"'"$protected_"'",' + post_data=$post_data'"payload":"'"$payload_"'",' + post_data=$post_data'"signature":"'"$signature_"'"}' + + curl -s -i -d "$post_data" "$1" -H "$content" +} + #----------------------------------------------------------# # Verifications # #----------------------------------------------------------# -check_args '1' "$#" 'USER [TYPE]' +check_args '1' "$#" 'USER' is_format_valid 'user' is_object_valid 'user' 'USER' "$user" if [ -e "$USER_DATA/ssl/le.conf" ]; then source "$USER_DATA/ssl/le.conf" - if [ "$type" -eq 1 ] && [ ! -z "$EMAIL" ]; then - exit - fi - if [ "$type" -eq 2 ] && [ ! -z "$KID" ]; then - exit - fi +fi +if [ ! -z "$KID" ]; then + exit fi @@ -46,108 +64,57 @@ fi # Action # #----------------------------------------------------------# -# Defining LE API endpoint -if [ "$type" -eq 1 ]; then - api='https://acme-v01.api.letsencrypt.org' -else - api='https://acme-v02.api.letsencrypt.org' -fi # Defining user email -if [ $type -eq 1 ]; then - email=$(get_user_value '$CONTACT') +if [[ -z "$EMAIL" ]]; then + EMAIL=$(get_user_value '$CONTACT') fi # Defining user agreement -if [ "$type" -eq 1 ]; then - agreement=$(curl -s -I "$api/terms" |grep Location |\ - cut -f 2 -d \ |tr -d '\r\n') -else - #agreement=$(curl -s "$api/directory" |grep termsOfService |\ - # cut -f 4 -d '"') - agreement='' -fi +agreement='' # Generating user key -key="$USER_DATA/ssl/user.key" -if [ ! -e "$key" ]; then - openssl genrsa -out $key $key_size >/dev/null 2>&1 - chmod 600 $key +KEY="$USER_DATA/ssl/user.key" +if [ ! -e "$KEY" ]; then + openssl genrsa -out $KEY 4096 >/dev/null 2>&1 + chmod 600 $KEY fi # Defining key exponent if [ -z "$EXPONENT" ]; then - exponent=$(openssl pkey -inform pem -in "$key" -noout -text_pub |\ + EXPONENT=$(openssl pkey -inform pem -in "$KEY" -noout -text_pub |\ grep Exponent: |cut -f 2 -d '(' |cut -f 1 -d ')' |sed -e 's/x//' |\ xxd -r -p |encode_base64) -else - exponent="$EXPONENT" fi # Defining key modulus if [ -z "$MODULUS" ]; then - modulus=$(openssl rsa -in "$key" -modulus -noout |\ + MODULUS=$(openssl rsa -in "$KEY" -modulus -noout |\ sed -e 's/^Modulus=//' |xxd -r -p |encode_base64) -else - modulus="$MODULUS" fi -# Defining JWK token -jwk='{"e":"'$exponent'","kty":"RSA","n":"'"$modulus"'"}' +# Defining JWK +jwk='{"e":"'$EXPONENT'","kty":"RSA","n":"'"$MODULUS"'"}' # Defining key thumbnail if [ -z "$THUMB" ]; then - thumb="$(echo -n "$jwk" |openssl dgst -sha256 -binary |encode_base64)" -else - thumb="$THUMB" + THUMB="$(echo -n "$jwk" |openssl dgst -sha256 -binary |encode_base64)" fi + # Requesting ACME nonce -nonce=$(curl -s -I "$api/directory" |grep Nonce |cut -f 2 -d \ |tr -d '\r\n') +nonce=$(curl -s -I "$API/directory" |grep Nonce |cut -f 2 -d \ |tr -d '\r\n') -# Defining payload and protected data for v1 and v2 -if [ "$type" -eq 1 ]; then - header='{"alg":"RS256","jwk":'"$jwk"'}' - protected='{"nonce":"'"$nonce"'"}' - payload='{"resource":"new-reg","contact":["mailto:'"$email"'"],' - payload=$payload'"agreement":"'$agreement'"}' +# Creating ACME account +url="$API/acme/new-acct" +payload='{"termsOfServiceAgreed": true}' +answer=$(query_le_v2 "$url" "$payload" "$nonce") +kid=$(echo "$answer" |grep Location: |cut -f2 -d ' '|tr -d '\r') -else - protected='{"nonce": "'$nonce'",' - protected=''$protected' "url": "'$api/acme/new-acct'",' - protected=''$protected' "alg": "RS256", "jwk": '$jwk'}' - payload='{"termsOfServiceAgreed": true}' -fi - -# Encoding data -protected=$(echo -n "$protected" |encode_base64) -payload=$(echo -n "$payload" |encode_base64) - -# Signing request -signature=$(printf "%s" "$protected.$payload" |\ - openssl dgst -sha256 -binary -sign "$key" |\ - encode_base64) - -if [ "$type" -eq 1 ]; then - data='{"header":'"$header"',"protected":"'"$protected"'",' - data=$data'"payload":"'"$payload"'","signature":"'"$signature"'"}' - - answer=$(curl -s -i -d "$data" "$api/acme/new-reg") - status=$(echo "$answer" |grep HTTP/1.1 |tail -n1 |cut -f2 -d ' ') -else - data='{"protected":"'"$protected"'",' - data=$data'"payload":"'"$payload"'",' - data=$data'"signature":"'"$signature"'"}' - - answer=$(curl -s -i -d "$data" "$api/acme/new-acct" \ - -H "Content-Type: application/jose+json") - status=$(echo "$answer" |grep HTTP/1.1 |tail -n1 |cut -f2 -d ' ') - kid=$(echo "$answer" |grep Location: |cut -f2 -d ' '|tr -d '\r') -fi - -# Checking http answer status -if [[ "${status:0:2}" -ne "20" ]] && [[ "$status" -ne "409" ]]; then - check_result $E_CONNECT "LetsEncrypt account registration $status" +# Checking answer status +status=$(echo "$answer" |grep HTTP/1.1 |tail -n1 |cut -f2 -d ' ') +if [[ "${status:0:2}" -ne "20" ]]; then + check_result $E_CONNECT "Let's Encrypt acc registration failed $status" fi @@ -157,23 +124,15 @@ fi # Adding le.conf if [ ! -e "$USER_DATA/ssl/le.conf" ]; then - echo "EXPONENT='$exponent'" > $USER_DATA/ssl/le.conf - echo "MODULUS='$modulus'" >> $USER_DATA/ssl/le.conf - echo "THUMB='$thumb'" >> $USER_DATA/ssl/le.conf - if [ "$type" -eq 1 ]; then - echo "EMAIL='$email'" >> $USER_DATA/ssl/le.conf - else - echo "KID='$kid'" >> $USER_DATA/ssl/le.conf - fi + echo "EXPONENT='$EXPONENT'" > $USER_DATA/ssl/le.conf + echo "MODULUS='$MODULUS'" >> $USER_DATA/ssl/le.conf + echo "THUMB='$THUMB'" >> $USER_DATA/ssl/le.conf + echo "EMAIL='$EMAIL'" >> $USER_DATA/ssl/le.conf + echo "KID='$kid'" >> $USER_DATA/ssl/le.conf chmod 660 $USER_DATA/ssl/le.conf else - if [ "$type" -eq 1 ]; then - sed -i '/^EMAIL=/d' $USER_DATA/ssl/le.conf - echo "EMAIL='$email'" >> $USER_DATA/ssl/le.conf - else - sed -i '/^KID=/d' $USER_DATA/ssl/le.conf - echo "KID='$kid'" >> $USER_DATA/ssl/le.conf - fi + sed -i '/^KID=/d' $USER_DATA/ssl/le.conf + echo "KID='$kid'" >> $USER_DATA/ssl/le.conf fi # Logging diff --git a/bin/v-check-letsencrypt-domain b/bin/v-check-letsencrypt-domain deleted file mode 100755 index 97e24878..00000000 --- a/bin/v-check-letsencrypt-domain +++ /dev/null @@ -1,162 +0,0 @@ -#!/bin/bash -# info: check letsencrypt domain -# options: USER DOMAIN -# -# The function check and validates domain with LetsEncript - - -#----------------------------------------------------------# -# Variable&Function # -#----------------------------------------------------------# - -# Argument definition -user=$1 -domain=$2 - -# Includes -source $VESTA/func/main.sh -source $VESTA/conf/vesta.conf - -# encode base64 -encode_base64() { - cat |base64 |tr '+/' '-_' |tr -d '\r\n=' -} - -# Additional argument formatting -format_domain_idn - - -#----------------------------------------------------------# -# Verifications # -#----------------------------------------------------------# - -check_args '2' "$#" 'USER DOMAIN' -is_format_valid 'user' 'domain' -is_system_enabled "$WEB_SYSTEM" 'WEB_SYSTEM' -is_object_valid 'user' 'USER' "$user" -is_object_unsuspended 'user' 'USER' "$user" -if [ ! -e "$USER_DATA/ssl/le.conf" ]; then - check_result $E_NOTEXIST "LetsEncrypt key doesn't exist" -fi -rdomain=$(egrep "'$domain'|'$domain,|,$domain,|,$domain'" $USER_DATA/web.conf) -if [ -z "$rdomain" ]; then - check_result $E_NOTEXIST "domain $domain doesn't exist" -fi - - -#----------------------------------------------------------# -# Action # -#----------------------------------------------------------# - -source $USER_DATA/ssl/le.conf -api='https://acme-v01.api.letsencrypt.org' -r_domain=$(echo "$rdomain" |cut -f 2 -d \') -key="$USER_DATA/ssl/user.key" -exponent="$EXPONENT" -modulus="$MODULUS" -thumb="$THUMB" - -# Defining JWK header -header='{"e":"'$exponent'","kty":"RSA","n":"'"$modulus"'"}' -header='{"alg":"RS256","jwk":'"$header"'}' - -# Requesting nonce -nonce=$(curl -s -I "$api/directory" |grep Nonce |cut -f2 -d \ |tr -d '\r\n') -protected=$(echo -n '{"nonce":"'"$nonce"'"}' |encode_base64) - -# Defining ACME query (request challenge) -query='{"resource":"new-authz","identifier"' -query=$query':{"type":"dns","value":"'"$domain_idn"'"}}' -payload=$(echo -n "$query" |encode_base64) -signature=$(printf "%s" "$protected.$payload" |\ - openssl dgst -sha256 -binary -sign "$key" |encode_base64) -data='{"header":'"$header"',"protected":"'"$protected"'",' -data=$data'"payload":"'"$payload"'","signature":"'"$signature"'"}' - -# Sending request to LetsEncrypt API -answer=$(curl -s -i -d "$data" "$api/acme/new-authz") - -# Checking http answer status -status=$(echo "$answer" |grep HTTP/1.1 |tail -n1 |cut -f2 -d ' ') -if [[ "$status" -ne "201" ]]; then - check_result $E_CONNECT "LetsEncrypt challenge request $status" -fi - -# Parsing domain nonce,token and uri -nonce=$(echo "$answer" |grep Nonce |cut -f2 -d \ |tr -d '\r\n') -protected=$(echo -n '{"nonce":"'"$nonce"'"}' |encode_base64) -token=$(echo "$answer" |grep -A 3 http-01 |grep token |cut -f 4 -d \") -uri=$(echo "$answer" |grep -A 3 http-01 |grep uri |cut -f 4 -d \") - -# Adding location wrapper for request challenge -if [ "$WEB_SYSTEM" = 'nginx' ] || [ "$PROXY_SYSTEM" = 'nginx' ]; then - conf="$HOMEDIR/$user/conf/web/nginx.$r_domain.conf_letsencrypt" - sconf="$HOMEDIR/$user/conf/web/snginx.$r_domain.conf_letsencrypt" - if [ ! -e "$conf" ]; then - echo 'location ~ "^/\.well-known/acme-challenge/(.*)$" {' > $conf - echo ' default_type text/plain;' >> $conf - echo ' return 200 "$1.'$thumb'";' >> $conf - echo '}' >> $conf - fi - if [ ! -e "$sconf" ]; then - ln -s "$conf" "$sconf" - fi -else - acme="$HOMEDIR/$user/web/$r_domain/public_html/.well-known/acme-challenge" - if [ ! -d "$acme" ]; then - mkdir -p $acme - fi - echo "$token.$thumb" > $acme/$token - chown -R $user:$user $HOMEDIR/$user/web/$r_domain/public_html/.well-known -fi - -# Restarting web server -if [ -z "$PROXY_SYSTEM" ]; then - $BIN/v-restart-web - check_result $? "Proxy restart failed" >/dev/null -else - $BIN/v-restart-proxy - $BIN/v-restart-web - check_result $? "Web restart failed" >/dev/null -fi - -# Defining ACME query (request validation) -query='{"resource":"challenge","type":"http-01","keyAuthorization"' -query=$query':"'$token.$thumb'","token":"'$token'"}' -payload=$(echo -n "$query" |encode_base64) -signature=$(printf "%s" "$protected.$payload" |\ - openssl dgst -sha256 -binary -sign "$key" |encode_base64) -data='{"header":'"$header"',"protected":"'"$protected"'",' -data=$data'"payload":"'"$payload"'","signature":"'"$signature"'"}' - -# Sending request to LetsEncrypt API -answer=$(curl -s -i -d "$data" "$uri") - -# Checking domain validation status -i=1 -status=$(echo $answer |tr ',' '\n' |grep status |cut -f 4 -d \") -location=$(echo "$answer" |grep Location: |awk '{print $2}' |tr -d '\r\n') -while [ "$status" = 'pending' ]; do - answer=$(curl -s -i "$location") - detail="$(echo $answer |tr ',' '\n' |grep detail |cut -f 4 -d \")" - status=$(echo "$answer" |tr ',' '\n' |grep status |cut -f 4 -d \") - sleep 1 - i=$((i + 1)) - if [ "$i" -gt 60 ]; then - check_result $E_CONNECT "$detail" - fi -done -if [ "$status" = 'invalid' ]; then - detail="$(echo $answer |tr ',' '\n' |grep detail |cut -f 4 -d \")" - check_result $E_CONNECT "$detail" -fi - - -#----------------------------------------------------------# -# Vesta # -#----------------------------------------------------------# - -# Logging -log_event "$OK" "$ARGUMENTS" - -exit diff --git a/bin/v-sign-letsencrypt-csr b/bin/v-sign-letsencrypt-csr deleted file mode 100755 index 414eb8b3..00000000 --- a/bin/v-sign-letsencrypt-csr +++ /dev/null @@ -1,110 +0,0 @@ -#!/bin/bash -# info: sing letsencrypt csr -# options: USER DOMAIN CSR_DIR [FORMAT] -# -# The function signs certificate request using LetsEncript API - - -#----------------------------------------------------------# -# Variable&Function # -#----------------------------------------------------------# - -# Argument definition -user=$1 -domain=$2 -csr="$3/$domain.csr" -format=$4 - -# Includes -source $VESTA/func/main.sh -source $VESTA/conf/vesta.conf - -# encode base64 -encode_base64() { - cat |base64 |tr '+/' '-_' |tr -d '\r\n=' -} - - -#----------------------------------------------------------# -# Verifications # -#----------------------------------------------------------# - -check_args '3' "$#" 'USER DOMAIN CSR' -is_format_valid 'user' 'domain' -is_system_enabled "$WEB_SYSTEM" 'WEB_SYSTEM' -is_object_valid 'user' 'USER' "$user" -is_object_unsuspended 'user' 'USER' "$user" -if [ ! -e "$USER_DATA/ssl/le.conf" ]; then - check_result $E_NOTEXIST "LetsEncrypt key doesn't exist" -fi -check_domain=$(grep -w "$domain'" $USER_DATA/web.conf) -if [ -z "$check_domain" ]; then - check_result $E_NOTEXIST "domain $domain doesn't exist" -fi -if [ ! -e "$csr" ]; then - check_result $E_NOTEXIST "$csr doesn't exist" -fi - - -#----------------------------------------------------------# -# Action # -#----------------------------------------------------------# - -source $USER_DATA/ssl/le.conf -api='https://acme-v01.api.letsencrypt.org' -key="$USER_DATA/ssl/user.key" -exponent="$EXPONENT" -modulus="$MODULUS" -thumb="$THUMB" - -# Defining JWK header -header='{"e":"'$exponent'","kty":"RSA","n":"'"$modulus"'"}' -header='{"alg":"RS256","jwk":'"$header"'}' - -# Requesting nonce -nonce=$(curl -s -I "$api/directory" |grep Nonce |cut -f2 -d \ |tr -d '\r\n') -protected=$(echo -n '{"nonce":"'"$nonce"'"}' |encode_base64) - -# Defining ACME query (request challenge) -csr=$(openssl req -in $csr -outform DER |encode_base64) -query='{"resource":"new-cert","csr":"'$csr'"}' -payload=$(echo -n "$query" |encode_base64) -signature=$(printf "%s" "$protected.$payload" |\ - openssl dgst -sha256 -binary -sign "$key" |encode_base64) -data='{"header":'"$header"',"protected":"'"$protected"'",' -data=$data'"payload":"'"$payload"'","signature":"'"$signature"'"}' - -# Sending request to LetsEncrypt API -answer=$(mktemp) -curl -s -d "$data" "$api/acme/new-cert" -o $answer -if [ ! -z "$(grep Error $answer)" ]; then - detail="$(cat $answer |tr ',' '\n' |grep detail |cut -f 4 -d \")" - detail=$(echo "$detail" |awk -F "::" '{print $2}') - rm $answer - check_result $E_LIMIT "$detail" -fi - -# Printing certificate -crt=$(cat "$answer" |openssl base64 -e) -rm $answer -if [ "$format" != 'json' ]; then - echo "-----BEGIN CERTIFICATE-----" - echo "$crt" - echo "-----END CERTIFICATE-----" -else - echo -e "{\n\t\"$domain\": {\n\t\t\"CRT\":\"" - echo -n '-----BEGIN CERTIFICATE-----\n' - echo -n "$crt" |sed ':a;N;$!ba;s/\n/\\n/g' - echo -n '-----END CERTIFICATE-----' - echo -e "\"\n\t\t}\n\t}" -fi - - -#----------------------------------------------------------# -# Vesta # -#----------------------------------------------------------# - -# Logging -log_event "$OK" "$ARGUMENTS" - -exit diff --git a/bin/v-update-letsencrypt-ssl b/bin/v-update-letsencrypt-ssl index 17f8f0f6..a5cbc286 100755 --- a/bin/v-update-letsencrypt-ssl +++ b/bin/v-update-letsencrypt-ssl @@ -22,51 +22,32 @@ source $VESTA/conf/vesta.conf # Action # #----------------------------------------------------------# -# Defining user list -users=$($BIN/v-list-users | tail -n+3 | awk '{ print $1 }') - -lecounter=0 - -# Checking users -for user in $users; do +# Checking user certificates +for user in $($BIN/v-list-users plain |cut -f 1); do USER_DATA=$VESTA/data/users/$user - # Checking user certificates + lecounter=0 + for domain in $(search_objects 'web' 'LETSENCRYPT' 'yes' 'DOMAIN'); do - # Working on Web domain check - if is suspended - webSuspended=$(grep "DOMAIN='$domain'" $USER_DATA/web.conf |grep "SUSPENDED='yes") - if [ ! -z "$webSuspended" ]; then - continue; - fi; - crt="$VESTA/data/users/$user/ssl/$domain.crt" - crt_data=$(openssl x509 -text -in "$crt") - expire=$(echo "$crt_data" |grep "Not After") - expire=$(echo "$expire" |cut -f 2,3,4 -d :) - expire=$(date -d "$expire" +%s) + crt_data=$(openssl x509 -text -in $USER_DATA/ssl/$domain.crt) + not_after=$(echo "$crt_data" |grep "Not After" |cut -f 2,3,4 -d :) + expiration=$(date -d "$not_after" +%s) now=$(date +%s) - expire=$((expire - now)) - expire=$((expire / 86400)) - domain=$(basename $crt |sed -e "s/.crt$//") - if [[ "$expire" -lt 31 ]]; then - if [ $lecounter -gt 0 ]; then - sleep 10 - fi - ((lecounter++)) + seconds_valid=$((expiration - now)) + days_valid=$((seconds_valid / 86400)) + if [[ "$days_valid" -lt 31 ]]; then aliases=$(echo "$crt_data" |grep DNS:) aliases=$(echo "$aliases" |sed -e "s/DNS://g" -e "s/,//") aliases=$(echo "$aliases" |tr ' ' '\n' |sed "/^$/d") aliases=$(echo "$aliases" |grep -v "^$domain$") - if [ ! -z "$aliases" ]; then - aliases=$(echo "$aliases" |sed -e ':a;N;$!ba;s/\n/,/g') - msg=$($BIN/v-add-letsencrypt-domain $user $domain $aliases) - if [ $? -ne 0 ]; then - echo "$domain $msg" - fi - else - msg==$($BIN/v-add-letsencrypt-domain $user $domain) - if [ $? -ne 0 ]; then - echo "$domain $msg" - fi + aliases=$(echo "$aliases" |sed -e ':a;N;$!ba;s/\n/,/g') + msg=$($BIN/v-add-letsencrypt-domain $user $domain $aliases) + if [ $? -ne 0 ]; then + echo "$domain $msg" fi + if [ $lecounter -gt 0 ]; then + sleep 10 + fi + ((lecounter++)) fi done done From 8010f5d80261ed4ba9d2f2094229b283d0ab47be Mon Sep 17 00:00:00 2001 From: dpeca Date: Thu, 27 Dec 2018 20:56:14 +0100 Subject: [PATCH 023/197] CentOS7: Register /sbin/nologin and /usr/sbin/nologin Fix for https://github.com/serghey-rodin/vesta/issues/1437 --- install/vst-install-rhel.sh | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/install/vst-install-rhel.sh b/install/vst-install-rhel.sh index 385534ec..b7c2839e 100755 --- a/install/vst-install-rhel.sh +++ b/install/vst-install-rhel.sh @@ -691,6 +691,10 @@ chmod a+x /backup # Set directory color echo 'LS_COLORS="$LS_COLORS:di=00;33"' >> /etc/profile +# Register /sbin/nologin and /usr/sbin/nologin +echo "/sbin/nologin" >> /etc/shells +echo "/usr/sbin/nologin" >> /etc/shells + # Changing default systemd interval if [ "$release" -eq '7' ]; then # Hi Lennart From 0d85c88d181a314b22ec1d0489bdfb3269e53fd6 Mon Sep 17 00:00:00 2001 From: dpeca Date: Thu, 27 Dec 2018 21:10:17 +0100 Subject: [PATCH 024/197] Bringing back Better handling of calm-down routine while LE renewing Accidentally overwritten in https://github.com/serghey-rodin/vesta/commit/f8b4d42b740752e17944370440f37d3105f4b21f commit Original commit: https://github.com/serghey-rodin/vesta/commit/3d8b6a87a77ae8c026e90eb45212349585adc5e3 Calming down is because https://github.com/serghey-rodin/vesta/issues/1193 issue --- bin/v-update-letsencrypt-ssl | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/bin/v-update-letsencrypt-ssl b/bin/v-update-letsencrypt-ssl index a5cbc286..4dd1fcc0 100755 --- a/bin/v-update-letsencrypt-ssl +++ b/bin/v-update-letsencrypt-ssl @@ -22,10 +22,11 @@ source $VESTA/conf/vesta.conf # Action # #----------------------------------------------------------# +lecounter=0 + # Checking user certificates for user in $($BIN/v-list-users plain |cut -f 1); do USER_DATA=$VESTA/data/users/$user - lecounter=0 for domain in $(search_objects 'web' 'LETSENCRYPT' 'yes' 'DOMAIN'); do crt_data=$(openssl x509 -text -in $USER_DATA/ssl/$domain.crt) @@ -35,6 +36,10 @@ for user in $($BIN/v-list-users plain |cut -f 1); do seconds_valid=$((expiration - now)) days_valid=$((seconds_valid / 86400)) if [[ "$days_valid" -lt 31 ]]; then + if [ $lecounter -gt 0 ]; then + sleep 10 + fi + ((lecounter++)) aliases=$(echo "$crt_data" |grep DNS:) aliases=$(echo "$aliases" |sed -e "s/DNS://g" -e "s/,//") aliases=$(echo "$aliases" |tr ' ' '\n' |sed "/^$/d") @@ -44,10 +49,6 @@ for user in $($BIN/v-list-users plain |cut -f 1); do if [ $? -ne 0 ]; then echo "$domain $msg" fi - if [ $lecounter -gt 0 ]; then - sleep 10 - fi - ((lecounter++)) fi done done From 18ec586831c9f06394e4f3184cb44471f2a389b0 Mon Sep 17 00:00:00 2001 From: ifaist0s Date: Tue, 22 Jan 2019 12:51:59 +0200 Subject: [PATCH 025/197] Use of deprecated directive FIX: [warn] 31172#31172: the "ssl" directive is deprecated, use the "listen ... ssl" directive instead CAUSE: http://hg.nginx.org/nginx/rev/46c0c7ef4913 --- install/ubuntu/16.04/templates/web/nginx/caching.stpl | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/install/ubuntu/16.04/templates/web/nginx/caching.stpl b/install/ubuntu/16.04/templates/web/nginx/caching.stpl index 5e0e4064..e149b98b 100755 --- a/install/ubuntu/16.04/templates/web/nginx/caching.stpl +++ b/install/ubuntu/16.04/templates/web/nginx/caching.stpl @@ -1,7 +1,6 @@ server { - listen %ip%:%proxy_ssl_port%; + listen %ip%:%proxy_ssl_port% ssl; server_name %domain_idn% %alias_idn%; - ssl on; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; error_log /var/log/%web_system%/domains/%domain%.error.log error; From 45a6824990a75d11c8faa578b785b7289cda961a Mon Sep 17 00:00:00 2001 From: ifaist0s Date: Tue, 22 Jan 2019 12:52:36 +0200 Subject: [PATCH 026/197] Use of deprecated directive FIX: [warn] 31172#31172: the "ssl" directive is deprecated, use the "listen ... ssl" directive instead CAUSE: http://hg.nginx.org/nginx/rev/46c0c7ef4913 --- install/ubuntu/16.04/templates/web/nginx/hosting.stpl | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/install/ubuntu/16.04/templates/web/nginx/hosting.stpl b/install/ubuntu/16.04/templates/web/nginx/hosting.stpl index d778d633..1ef8994b 100755 --- a/install/ubuntu/16.04/templates/web/nginx/hosting.stpl +++ b/install/ubuntu/16.04/templates/web/nginx/hosting.stpl @@ -1,7 +1,6 @@ server { - listen %ip%:%proxy_ssl_port%; + listen %ip%:%proxy_ssl_port% ssl; server_name %domain_idn% %alias_idn%; - ssl on; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; error_log /var/log/%web_system%/domains/%domain%.error.log error; From a72ecfbcfb4d4f23040ae0c1e3191357bb1eb08f Mon Sep 17 00:00:00 2001 From: ifaist0s Date: Tue, 22 Jan 2019 12:58:48 +0200 Subject: [PATCH 027/197] Use of deprecated directive FIX: [warn] 31172#31172: the "ssl" directive is deprecated, use the "listen ... ssl" directive instead CAUSE: http://hg.nginx.org/nginx/rev/46c0c7ef4913 --- install/ubuntu/16.04/templates/web/nginx/http2.stpl | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/install/ubuntu/16.04/templates/web/nginx/http2.stpl b/install/ubuntu/16.04/templates/web/nginx/http2.stpl index 72e72a90..f225becd 100644 --- a/install/ubuntu/16.04/templates/web/nginx/http2.stpl +++ b/install/ubuntu/16.04/templates/web/nginx/http2.stpl @@ -1,7 +1,6 @@ server { - listen %ip%:%proxy_ssl_port% http2; + listen %ip%:%proxy_ssl_port% ssl http2; server_name %domain_idn% %alias_idn%; - ssl on; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; error_log /var/log/%web_system%/domains/%domain%.error.log error; From 6c072a91c4773203e2d07fd2936dea9f8039b8aa Mon Sep 17 00:00:00 2001 From: ifaist0s Date: Tue, 22 Jan 2019 12:59:33 +0200 Subject: [PATCH 028/197] Use of deprecated directive FIX: [warn] 31172#31172: the "ssl" directive is deprecated, use the "listen ... ssl" directive instead CAUSE: http://hg.nginx.org/nginx/rev/46c0c7ef4913 --- install/ubuntu/16.04/templates/web/nginx/default.stpl | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/install/ubuntu/16.04/templates/web/nginx/default.stpl b/install/ubuntu/16.04/templates/web/nginx/default.stpl index fa538060..0e669b3d 100755 --- a/install/ubuntu/16.04/templates/web/nginx/default.stpl +++ b/install/ubuntu/16.04/templates/web/nginx/default.stpl @@ -1,7 +1,6 @@ server { - listen %ip%:%proxy_ssl_port%; + listen %ip%:%proxy_ssl_port% ssl; server_name %domain_idn% %alias_idn%; - ssl on; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; error_log /var/log/%web_system%/domains/%domain%.error.log error; From c1fc0208f79488b2e0f3d1ddca2fd18e52eeaf41 Mon Sep 17 00:00:00 2001 From: Dandi Darmawan Date: Thu, 24 Jan 2019 18:16:01 +0700 Subject: [PATCH 029/197] Fixing Typo check_result $E_CONNECT "Let's Encrypt vvalidation status $status" > check_result $E_CONNECT "Let's Encrypt validation status $status" --- bin/v-add-letsencrypt-domain | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/bin/v-add-letsencrypt-domain b/bin/v-add-letsencrypt-domain index a6946695..56026b9b 100755 --- a/bin/v-add-letsencrypt-domain +++ b/bin/v-add-letsencrypt-domain @@ -190,7 +190,7 @@ for auth in $authz; do nonce=$(echo "$answer" |grep Nonce |cut -f2 -d \ |tr -d '\r\n') status=$(echo "$answer"|grep HTTP/1.1 |tail -n1 |cut -f 2 -d ' ') if [[ "$status" -ne 200 ]]; then - check_result $E_CONNECT "Let's Encrypt vvalidation status $status" + check_result $E_CONNECT "Let's Encrypt validation status $status" fi i=$((i + 1)) From 2d96e3631f9c5e48c8aa297328060942f7707220 Mon Sep 17 00:00:00 2001 From: devius Date: Wed, 6 Feb 2019 17:23:58 +0400 Subject: [PATCH 030/197] Add missing translations I have found and translated last missing Georgian versions for strings --- web/inc/i18n/ka.php | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/web/inc/i18n/ka.php b/web/inc/i18n/ka.php index 0ebf2d11..abbcb479 100644 --- a/web/inc/i18n/ka.php +++ b/web/inc/i18n/ka.php @@ -744,14 +744,14 @@ $LANG['ka'] = array( 'PUB_KEY' => 'PUB_KEY', 'ISSUER' => 'ISSUER', - 'Use server hostname' => 'Use server hostname', - 'Use domain hostname' => 'Use domain hostname', - 'Use STARTTLS' => 'Use STARTTLS', - 'Use SSL / TLS' => 'Use SSL / TLS', - 'No encryption' => 'No encryption', - 'Do not use encryption' => 'Do not use encryption', + 'Use server hostname' => 'სერვერის hostname-ის გამოყენება', + 'Use domain hostname' => 'დეომენის hostname-ის გამოყენება', + 'Use STARTTLS' => 'STARTTLS-ის გამოყენება', + 'Use SSL / TLS' => 'SSL / TLS-ის გამოყენება', + 'No encryption' => 'დაშიფრვის გარეშე', + 'Do not use encryption' => 'არ გამოიყენო დაშიფრვა', - 'maximum characters length, including prefix' => 'maximum %s characters length, including prefix', + 'maximum characters length, including prefix' => 'დასაშვებია მაქსიმუმ %s სიმბოლო, პრეფიქსის ჩათვლით', - 'Email Credentials' => 'Email Credentials', + 'Email Credentials' => 'რეკვიზიტების ელ-ფოსტით გაგზავნა', ); From d334ddc5016d34fabf79c73d59aeb98d2209c81f Mon Sep 17 00:00:00 2001 From: pablobae <33727260+pablobae@users.noreply.github.com> Date: Thu, 7 Feb 2019 16:49:43 +0100 Subject: [PATCH 031/197] Update v-add-firewall-chain Obtains the SSH port from the service configuration file (originally it was hardcoded). This allow the correct creation of ssh chain when this service has a custom port. --- bin/v-add-firewall-chain | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/bin/v-add-firewall-chain b/bin/v-add-firewall-chain index c7b826fa..5026d264 100755 --- a/bin/v-add-firewall-chain +++ b/bin/v-add-firewall-chain @@ -47,7 +47,13 @@ is_system_enabled "$FIREWALL_SYSTEM" 'FIREWALL_SYSTEM' # Checking known chains case $chain in - SSH) port=22; protocol=TCP ;; + SSH) # Get ssh port by reading ssh config file. + sshport=$(grep '^Port ' /etc/ssh/sshd_config | head -1 | cut -d ' ' -f 2) + if [ -z "$sshport" ]; then + sshport=22 + fi + port=$sshport; + protocol=TCP ;; FTP) port=21; protocol=TCP ;; MAIL) port='25,465,587,2525,110,995,143,993'; protocol=TCP ;; DNS) port=53; protocol=UDP ;; From 1725a61491fb5e723b215ca0b55d23db8daa6e49 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Juho=20R=C3=A4s=C3=A4nen?= Date: Tue, 12 Feb 2019 22:05:47 +0200 Subject: [PATCH 032/197] Finnish translation updated and some changes New strings translated and some small changes. --- web/inc/i18n/fi.php | 302 ++++++++++++++++++++++---------------------- 1 file changed, 151 insertions(+), 151 deletions(-) diff --git a/web/inc/i18n/fi.php b/web/inc/i18n/fi.php index aff1375b..f2eddbab 100644 --- a/web/inc/i18n/fi.php +++ b/web/inc/i18n/fi.php @@ -2,7 +2,7 @@ /** * Vesta Finnish language file * OHakala (onni@koodimonni.fi) -* RJuho (juho.rasanen@kotikone.fi) +* RJuho (juho.rasanen@setuppi.fi) * theel0ja (theel0ja@theel0ja.info) */ @@ -40,9 +40,9 @@ $LANG['fi'] = array( 'MEMORY' => 'MUISTI', 'DISK' => 'LEVY', 'NETWORK' => 'VERKKO', - 'Web Log Manager' => 'Web Log Manager', + 'Web Log Manager' => 'Verkkolokimanageri', - 'no notifications' => 'no notifications', + 'no notifications' => 'ei ilmoituksia', 'Add User' => 'Lisää käyttäjä', 'Add Domain' => 'Lisää domaini', @@ -111,7 +111,7 @@ $LANG['fi'] = array( 'disable autoupdate' => 'älä päivitä automaattisesti', 'turn on notifications' => 'päälle ilmoitus', 'turn off notifications' => 'sammuta ilmoitus', - 'configure' => 'configure', + 'configure' => 'määritä', 'Adding User' => 'Lisätään käyttäjää', 'Editing User' => 'Muokataan käyttäjää', @@ -195,14 +195,14 @@ $LANG['fi'] = array( 'template' => 'pohjat', 'SSL Support' => 'SSL-tuki', 'SSL Home Directory' => 'SSL-kotihakemisto', - 'Lets Encrypt Support' => 'Lets Encrypt Support', + 'Lets Encrypt Support' => 'Lets Encrypt Tuki', 'Lets Encrypt' => 'Lets Encrypt', - 'Your certificate will be automatically issued in 5 minutes' => 'Your certificate will be automatically issued in 5 minutes', + 'Your certificate will be automatically issued in 5 minutes' => 'Sertifikaattisi käsitellään viiden minuutin sisään', 'Proxy Support' => 'Proxy-tuki', 'Proxy Extensions' => 'Proxy-laajennukset', 'Web Statistics' => 'Web-tilastot', 'Additional FTP Account' => 'Ylimääräinen FTP-tili', - 'Path' => 'Path', + 'Path' => 'Polku', 'SOA' => 'SOA', 'TTL' => 'TTL', 'Expire' => 'Päättyy', @@ -217,19 +217,19 @@ $LANG['fi'] = array( 'Autoreply' => 'Automaattinen vastaus', 'Forward to' => 'Uudelleenohjaa', 'Do not store forwarded mail' => 'Älä säilytä uudelleenohjattuja viestejä', - 'IMAP hostname' => 'IMAP hostname', - 'IMAP port' => 'IMAP port', - 'IMAP security' => 'IMAP security', - 'IMAP auth method' => 'IMAP auth method', - 'SMTP hostname' => 'SMTP-hostname', - 'SMTP port' => 'SMTP-portti', - 'SMTP security' => 'SMTP-turvallisuus', - 'SMTP auth method' => 'SMTP auth method', + 'IMAP hostname' => 'IMAP osoite', + 'IMAP port' => 'IMAP portti', + 'IMAP security' => 'IMAP turvallisuus', + 'IMAP auth method' => 'IMAP auth-menetelmä', + 'SMTP hostname' => 'SMTP osoite', + 'SMTP port' => 'SMTP portti', + 'SMTP security' => 'SMTP turvallisuus', + 'SMTP auth method' => 'SMTP auth-menetelmä', 'STARTTLS' => 'STARTTLS', 'Normal password' => 'Normaali salasana', 'database' => 'tietokanta', 'User' => 'Käyttäjä', - 'Host' => 'Host', + 'Host' => 'Isäntä', 'Charset' => 'Merkistö', 'Min' => 'Min', 'Hour' => 'Tunti', @@ -243,7 +243,7 @@ $LANG['fi'] = array( 'Domains' => 'Domainit', 'Status' => 'Tila', 'shared' => 'jaetut', - 'dedicated' => 'dedicated', + 'dedicated' => 'omistautunut', 'Owner' => 'Omistaja', 'Users' => 'Käyttäjät', 'Load Average' => 'Keskimääräinen Käyttöaste', @@ -268,8 +268,8 @@ $LANG['fi'] = array( 'database server' => 'tietokantapalvelin', 'ftp server' => 'ftp-palvelin', 'job scheduler' => 'ajastettu työ', //no-idea E: @theel0ja: ajastettu työ would be good. - 'firewall' => 'firewall', - 'brute-force monitor' => 'brute-force monitor', + 'firewall' => 'palomuuri', + 'brute-force monitor' => 'raaka voima monitori', 'CPU' => 'Prosessori', 'Memory' => 'Muisti', 'Uptime' => 'Käyttöaika', @@ -282,7 +282,7 @@ $LANG['fi'] = array( 'Object' => 'Objekti', 'Username' => 'Käyttäjä', 'Password' => 'Salasana', - 'Email' => 'Email', + 'Email' => 'Sähköposti', 'Package' => 'Paketti', 'Language' => 'Kieli', 'First Name' => 'Etunimi', @@ -290,15 +290,15 @@ $LANG['fi'] = array( 'Send login credentials to email address' => 'Lähetä kirjautumistiedot sähköpostilla.', 'Default Template' => 'Oletuspohja', 'Default Name Servers' => 'Oletusnimipalvelimet', - 'Domain' => 'Domain', + 'Domain' => 'Domaini', 'DNS Support' => 'Tarvitsee DNS:n', 'Mail Support' => 'Tarvitsee sähköpostin', 'Advanced options' => 'Lisäasetukset', - 'Basic options' => 'Basic options', + 'Basic options' => 'Perusasetukset', 'Aliases' => 'Aliakset', 'SSL Certificate' => 'SSL-sertifikaatti', 'SSL Key' => 'SSL-avain', - 'SSL Certificate Authority / Intermediate' => 'SSL Certificate Authority / Intermediate', //no-idea + 'SSL Certificate Authority / Intermediate' => 'SSL varmenteen tarjoaja', //no-idea 'SSL CSR' => 'SSL CSR', 'optional' => 'valinnainen', 'internal' => 'sisäinen', @@ -311,12 +311,12 @@ $LANG['fi'] = array( 'YYYY-MM-DD' => 'YYYY-MM-DD', 'Name servers' => 'Nimipalvelimet', 'Record' => 'Tietue', - 'IP or Value' => 'IP or Value', //no-idea + 'IP or Value' => 'IP tai Arvo', //no-idea 'Priority' => 'Prioriteetti', 'Record Number' => 'Tietueen numero', 'in megabytes' => 'megatavuissa', 'Message' => 'Viesti', - 'use local-part' => 'use local-part', //no-idea + 'use local-part' => 'käytä paikallista osaa', //no-idea 'one or more email addresses' => 'yksi tai useampia sähköposteja', 'Prefix will be automaticaly added to database name and database user' => 'Etuliite %s lisätään automaattisesti tietokannan nimeen ja käyttäjään', 'Database' => 'Tietokanta', @@ -324,12 +324,12 @@ $LANG['fi'] = array( 'Minute' => 'Minuutti', 'Command' => 'Käsky', 'Package Name' => 'Paketin nimi', - 'Netmask' => 'Netmask', //no-idea - 'Interface' => 'Interface', //no-idea + 'Netmask' => 'Verkkopeite', //no-idea + 'Interface' => 'Käyttöliittymä', //no-idea 'Shared' => 'Jaettu', 'Assigned user' => 'Määritetty käyttäjä', 'Assigned domain' => 'Määritetty domain', - 'NAT IP association' => 'NAT IP association', //no-idea + 'NAT IP association' => 'NAT IP yhteys', //no-idea 'shell' => 'shell', 'web domains' => 'web-domainit', 'web aliases' => 'web-aliakset', @@ -351,12 +351,12 @@ $LANG['fi'] = array( 'username' => 'käyttäjänimi', 'password' => 'salasana', 'type' => 'tyyppi', - 'charset' => 'charset', + 'charset' => 'merkistö', 'domain' => 'domain', 'ip' => 'ip', 'ip address' => 'ip-osoite', 'IP address' => 'IP-osoite', - 'netmask' => 'netmask', + 'netmask' => 'verkkopeite', 'interface' => 'yhdyskäytävä', 'assigned user' => 'omistaja', 'ns1' => 'ns1', @@ -385,35 +385,35 @@ $LANG['fi'] = array( 'Organization' => 'Organisaatio', 'Action' => 'Toiminta', 'Protocol' => 'Protokolla', - 'Port' => 'Port', + 'Port' => 'Portti', 'Comment' => 'Kommentti', 'Banlist' => 'Bannilista', 'ranges are acceptable' => 'vaihteluvälit ovat hyväksyttäviä', 'CIDR format is supported' => 'CIDR muotoa tuetaan', - 'ACCEPT' => 'ACCEPT', - 'DROP' => 'DROP', + 'ACCEPT' => 'HYVÄKSY', + 'DROP' => 'TIPUTA', 'TCP' => 'TCP', 'UDP' => 'UDP', 'ICMP' => 'ICMP', 'SSH' => 'SSH', 'FTP' => 'FTP', 'VESTA' => 'VESTA', - 'Add one more Name Server' => 'Add one more Name Server', + 'Add one more Name Server' => 'Lisää vielä yksi nimipalvelin', - 'web domain' => 'web domain', - 'dns domain' => 'dns domain', - 'dns record' => 'dns record', - 'mail domain' => 'mail domain', - 'mail account' => 'mail account', - 'cron job' => 'cron job', + 'web domain' => 'web domaini', + 'dns domain' => 'dns domaini', + 'dns record' => 'dns tietue', + 'mail domain' => 'mail domaini', + 'mail account' => 'mail tili', + 'cron job' => 'cron-tehtävä', 'cron' => 'cron', - 'user dir' => 'user dir', + 'user dir' => 'käyttäjän hakemisto', - 'unlimited' => 'unlimited', + 'unlimited' => 'rajoittamaton', '1 account' => '1 tili', '%s accounts' => '%s tiliä', - '1 domain' => '1 domain', + '1 domain' => '1 domaini', '%s domains' => '%s domainia', '1 record' => '1 tietue', '%s records' => '%s tietuetta', @@ -423,10 +423,10 @@ $LANG['fi'] = array( '%s databases' => '%s tietokantaa', '1 cron job' => '1 cron-tehtävä', '%s cron jobs' => '%s cron-tehtävää', - '1 archive' => '1 archive', - '%s archives' => '%s archives', - '1 item' => '1 item', - '%s items' => '%s items', + '1 archive' => '1 arkisto', + '%s archives' => '%s arkistoa', + '1 item' => '1 kohde', + '%s items' => '%s kohdetta', '1 package' => '1 paketti', '%s packages' => '%s pakettia', '1 IP address' => '1 IP-osoite', @@ -454,11 +454,11 @@ $LANG['fi'] = array( 'PACKAGE_CREATED_OK' => 'Paketti %s lisättiin onnistuneesti.', 'SSL_GENERATED_OK' => 'Sertifikaatti lisättiin onnistuneesti.', 'RULE_CREATED_OK' => 'Sääntö lisättiin onnistuneesti.', - 'BANLIST_CREATED_OK' => 'IP address has been banned successfully', + 'BANLIST_CREATED_OK' => 'IP-osoite on bannattu onnistuneesti', 'Autoupdate has been successfully enabled' => 'Automaattinen päivitys otettu käyttöön', 'Autoupdate has been successfully disabled' => 'Automaattinen päivitys poistettu käytöstä', - 'Cronjob email reporting has been successfully enabled' => 'Cronjob sähköposti raportointi on onnistuneesti mahdollistanut', - 'Cronjob email reporting has been successfully disabled' => 'Cronjob sähköposti raportointi on onnistuneesti poistettu', + 'Cronjob email reporting has been successfully enabled' => 'Ajoitettu sähköposti raportointi onnistuneesti aktivoitu', + 'Cronjob email reporting has been successfully disabled' => 'Ajoitettu sähköposti raportointi onnistuneesti poistettu käytöstä', 'Changes has been saved.' => 'Muutokset tallennettu.', 'Confirmation' => 'Hyväksyntä', 'DELETE_USER_CONFIRMATION' => 'Haluatko varmasti poistaa käyttäjän %s?', @@ -530,7 +530,7 @@ $LANG['fi'] = array( 'Confirm Password' => 'Hyväksy salasana', 'Reset' => 'Nollaa', 'Reset Code' => 'Nollauskoodi', - 'RESET_NOTICE' => '', // should we add something here? + 'RESET_NOTICE' => '', 'RESET_CODE_SENT' => 'Salasanan nollauskoodi on lähetetty sähköpostiisi
', 'MAIL_RESET_SUBJECT' => 'Salana vaihdettiin %s', 'PASSWORD_RESET_REQUEST' => "Nollataksesi hallintapaneelin salasanan, seuraa tätä linkkiä:\nhttps://%s/reset/?action=confirm&user=%s&code=%s\n\nVaihtoehtoisesti voit mennä https://%s/reset/?action=code&user=%s ja syöttää nollauskoodin:\n%s\n\nJos et varta vasten pyytänyt tätä salasananvaihtoa, mene paniikkiin ja ota yhteyttä ylläpitoon.\n\n--\nVesta-hallintapaneeli\n", @@ -549,13 +549,13 @@ $LANG['fi'] = array( 'Dec' => 'Jou', 'Configuring Server' => 'Konfiguroidaan palvelinta', - 'Hostname' => 'Hostname', + 'Hostname' => 'Osoite', 'Time Zone' => 'Aikavyöhyke', 'Default Language' => 'Oletuskieli', 'Proxy Server' => 'Välityspalvelin', 'Web Server' => 'Web Server', - 'Backend Server' => 'Backend Server', - 'Backend Pool Mode' => 'Backend Pool Mode', + 'Backend Server' => 'Taustapalvelin', + 'Backend Pool Mode' => 'Taustapalvelin Allas Tila', 'DNS Server' => 'DNS-palvelin', 'DNS Cluster' => 'DNS-klusteri', 'MAIL Server' => 'MAIL-palvelin', @@ -564,39 +564,39 @@ $LANG['fi'] = array( 'Webmail URL' => 'Webmailin URL', 'MySQL Support' => 'MySQL Support', 'phpMyAdmin URL' => 'phpMyAdmin URL', - 'PostgreSQL Support' => 'PostgreSQL Support', + 'PostgreSQL Support' => 'PostgreSQL Tuki', 'phpPgAdmin URL' => 'phpPgAdmin URL', 'Maximum Number Of Databases' => 'Maksimimäärä tietokantoja', - 'Current Number Of Databases' => 'Current Number Of Databases', + 'Current Number Of Databases' => 'Nykyisten tietokantojen lukumäärä', 'Local backup' => 'Paikallinen varmuuskopio', - 'Compression level' => 'Compression level', + 'Compression level' => 'Pakkausaste', 'Directory' => 'Hakemisto', - 'Remote backup' => 'Remote backup', + 'Remote backup' => 'Etävarmuuskopiointi', 'ftp' => 'FTP', 'sftp' => 'SFTP', 'SFTP Chroot' => 'SFTP Chroot', - 'FileSystem Disk Quota' => 'FileSystem Disk Quota', - 'Vesta Control Panel Plugins' => 'Vesta Control Panel Plugins', - 'preview' => 'preview', - 'Reseller Role' => 'Reseller Role', - 'Web Config Editor' => 'Web Config Editor', - 'Template Manager' => 'Template Manager', - 'Backup Migration Manager' => 'Backup Migration Manager', + 'FileSystem Disk Quota' => 'FileSystem Levykiintiö', + 'Vesta Control Panel Plugins' => 'Vesta Hallintapaneeli Lisäosat', + 'preview' => 'esikatselu', + 'Reseller Role' => 'Jälleenmyyjän Rooli', + 'Web Config Editor' => 'Web-määrityseditori', + 'Template Manager' => 'Pohja Hallinta', + 'Backup Migration Manager' => 'Varmuuskopion Siirtymänhallinta', 'FileManager' => 'FileManager', - 'show: CPU / MEM / NET / DISK' => 'show: CPU / MEM / NET / DISK', + 'show: CPU / MEM / NET / DISK' => 'näytä: CPU / MEM / NET / DISK', - 'sort by' => 'sort by', + 'sort by' => 'järjestä', 'Date' => 'Päivämäärä', - 'Starred' => 'Starred', + 'Starred' => 'Tähditetty', 'Name' => 'Nimi', - 'save to favorites' => 'save to favorites', + 'save to favorites' => 'tallenna suosikkeihin', 'File Manager' => 'Tiedostonhallinta', 'size' => 'koko', 'date' => 'päivämäärä', 'name' => 'nimi', - 'Initializing' => 'Initializing', + 'Initializing' => 'Alustetaan', 'UPLOAD' => 'LÄHETÄ', 'NEW FILE' => 'UUSI TIEDOSTO', 'NEW DIR' => 'UUSI HAKEMISTO', @@ -609,117 +609,117 @@ $LANG['fi'] = array( 'EXTRACT' => 'PURA', 'DOWNLOAD' => 'LATAA', 'Are you sure?' => 'Oletko varma?', // unused? - 'Hit' => 'Hit', - 'to reload the page' => 'to reload the page', - 'Directory name cannot be empty' => 'Directory name cannot be empty', - 'File name cannot be empty' => 'File name cannot be empty', - 'No file selected' => 'No file selected', - 'No file or folder selected' => 'No file or folder selected', - 'File type not supported' => 'File type not supported', - 'Directory download not available in current version' => 'Directory download not available in current version', - 'Directory not available' => 'Directory not available', - 'Done' => 'Done', + 'Hit' => 'Osuma', + 'to reload the page' => 'ladataksesi sivu uudelleen', + 'Directory name cannot be empty' => 'Hakemiston nimi ei voi olla tyhjä', + 'File name cannot be empty' => 'Tiedostonimi ei voi olla tyhjä', + 'No file selected' => 'Ei tiedostoa valittuna', + 'No file or folder selected' => 'Ei tiedostoa tai kansiota valittuna', + 'File type not supported' => 'Tiedostotyyppiä ei tueta', + 'Directory download not available in current version' => 'Hakemiston lataus ei ole saatavilla nykyisessä versiossa', + 'Directory not available' => 'Hakemisto ei ole käytettävissä', + 'Done' => 'Tehty', 'Close' => 'Sulje', 'Copy' => 'Kopioi', 'Cancel' => 'Peru', 'Rename' => 'Uudelleennimeä', 'Move' => 'Siirrä', - 'Change Rights' => 'Change Rights', + 'Change Rights' => 'Muuta Oikeuksia', 'Delete' => 'Poista', 'Extract' => 'Pura', 'Create' => 'Luo', 'Compress' => 'Pakkaa', 'OK' => 'OK', - 'YOU ARE COPYING' => 'YOU ARE COPYING', // unused? - 'YOU ARE REMOVING' => 'YOU ARE REMOVING', - 'Delete items' => 'Delete items', + 'YOU ARE COPYING' => 'OLET KOPIOIMASSA', // unused? + 'YOU ARE REMOVING' => 'OLET POISTAMASSA', + 'Delete items' => 'Poista kohteet', 'Copy files' => 'Kopioi tiedostoja', 'Move files' => 'Siirrä tiedostoja', - 'Are you sure you want to copy' => 'Are you sure you want to copy', - 'Are you sure you want to move' => 'Are you sure you want to move', - 'Are you sure you want to delete' => 'Are you sure you want to delete', - 'into' => 'into', - 'existing files will be replaced' => 'existing files will be replaced', - 'Original name' => 'Original name', + 'Are you sure you want to copy' => 'Haluatko varmasti kopioida', + 'Are you sure you want to move' => 'Haluatko varmasti siirtää', + 'Are you sure you want to delete' => 'Haluatko varmasti poistaa', + 'into' => 'osaksi', + 'existing files will be replaced' => 'olemassa olevat tiedostot korvataan', + 'Original name' => 'Alkuperäinen nimi', 'File' => 'Tiedosto', 'already exists' => 'on jo olemassa', 'Create file' => 'Luo tiedosto', 'Create directory' => 'Luo hakemisto', - 'read by owner' => 'read by owner', - 'write by owner' => 'write by owner', - 'execute/search by owner' => 'execute/search by owner', - 'read by group' => 'read by group', - 'write by group' => 'write by group', - 'execute/search by group' => 'execute/search by group', - 'read by others' => 'read by others', - 'write by others' => 'write by others', - 'execute/search by others' => 'execute/search by others', + 'read by owner' => 'read by owner', // no idea + 'write by owner' => 'write by owner', // no idea + 'execute/search by owner' => 'execute/search by owner', // no idea + 'read by group' => 'read by group',// no idea + 'write by group' => 'write by group', // no idea + 'execute/search by group' => 'execute/search by group', // no idea + 'read by others' => 'read by others', // no idea + 'write by others' => 'write by others', // no idea + 'execute/search by others' => 'execute/search by others', // no idea - 'Shortcuts' => 'Shortcuts', - 'Add New object' => 'Add New object', - 'Save Form' => 'Save Form', - 'Cancel saving form' => 'Cancel saving form', - 'Go to USER list' => 'Go to USER list', - 'Go to WEB list' => 'Go to WEB list', - 'Go to DNS list' => 'Go to DNS list', - 'Go to MAIL list' => 'Go to MAIL list', - 'Go to DB list' => 'Go to DB list', - 'Go to CRON list' => 'Go to CRON list', - 'Go to BACKUP list' => 'Go to BACKUP list', - 'Focus on search' => 'Focus on search', - 'Display/Close shortcuts' => 'Display/Close shortcuts', - 'Move backward through top menu' => 'Move backward through top menu', - 'Move forward through top menu' => 'Move forward through top menu', - 'Enter focused element' => 'Enter focused element', - 'Move up through elements list' => 'Move up through elements list', - 'Move down through elements list' => 'Move down through elements list', + 'Shortcuts' => 'Pikavalinnat', + 'Add New object' => 'Lisää uusi objekti', + 'Save Form' => 'Tallenna Lomake', + 'Cancel saving form' => 'Peruuta tallennuslomake', + 'Go to USER list' => 'Mene USER listaan', + 'Go to WEB list' => 'Mene WEB listaan', + 'Go to DNS list' => 'Mene DNS listaan', + 'Go to MAIL list' => 'Mene MAIL listaan', + 'Go to DB list' => 'Mene DB listaan', + 'Go to CRON list' => 'Mene CRON listaan', + 'Go to BACKUP list' => 'Mene BACKUP listaan', + 'Focus on search' => 'Keskity hakuun', + 'Display/Close shortcuts' => 'Näytä/Piilota pikavalinnat', + 'Move backward through top menu' => 'Siirrä taaksepäin ylävalikosta', + 'Move forward through top menu' => 'Siirry eteenpäin ylävalikosta', + 'Enter focused element' => 'Anna valittuun elementtiin', + 'Move up through elements list' => 'Siirry ylöspäin elementtien listassa', + 'Move down through elements list' => 'Siirry alaspäin elementtien listassa', 'Upload' => 'Lähetä', 'New File' => 'Uusi kansio', 'New Folder' => 'Uusi hakemisto', 'Download' => 'Lataa', 'Archive' => 'Arkisto', - 'Save File (in text editor)' => 'Save File (in text editor)', - 'Close Popup / Cancel' => 'Close Popup / Cancel', - 'Move Cursor Up' => 'Move Cursor Up', - 'Move Cursor Down' => 'Move Cursor Down', - 'Switch to Left Tab' => 'Switch to Left Tab', - 'Switch to Right Tab' => 'Switch to Right Tab', - 'Switch Tab' => 'Switch Tab', - 'Go to the Top of the File List' => 'Go to the Top of the File List', - 'Go to the Last File' => 'Go to the Last File', - 'Open File / Enter Directory' => 'Open File / Enter Directory', - 'Edit File' => 'Edit File', - 'Go to Parent Directory' => 'Go to Parent Directory', - 'Select Current File' => 'Select Current File', - 'Select Bunch of Files' => 'Select Bunch of Files', - 'Add File to the Current Selection' => 'Add File to the Current Selection', + 'Save File (in text editor)' => 'Tallenna tiedosto (tekstieditorissa)', + 'Close Popup / Cancel' => 'Sulje ponnahdusikkuna / Peruuta', + 'Move Cursor Up' => 'Siirrä Osoitin Ylös', + 'Move Cursor Down' => 'Siirrä Osoitin Alas', + 'Switch to Left Tab' => 'Vaihda Vasempaan Välilehteen', + 'Switch to Right Tab' => 'Vaihda Oikeaan Välilehteen', + 'Switch Tab' => 'Vaihda Välilehteä', + 'Go to the Top of the File List' => 'Siirry Tiedosto Luettelon Yläreunaan', + 'Go to the Last File' => 'Siirry Viimeiseen Tiedostoon', + 'Open File / Enter Directory' => 'Avaa Tiedosto / Anna hakemisto', + 'Edit File' => 'Muokkaa tiedostoa', + 'Go to Parent Directory' => 'Mene emohakemistoon', + 'Select Current File' => 'Valitse Nykyinen Tiedosto', + 'Select Bunch of Files' => 'Valitse Joukko Tiedostoja', + 'Add File to the Current Selection' => 'Lisää Tiedosto Nykyiseen Valintaan', 'Select All Files' => 'Valitse kaikki tiedostot', 'shortcuts are inspired by magnificent GNU Midnight Commander file manager' => - 'shortcuts are inspired by magnificent GNU Midnight Commander file manager', + 'pikavalinnat inspiroi upea GNU Midnight Commander tiedostonhallinta', 'Licence Key' => 'Lisenssiavain', - 'Enter License Key' => 'Enter License Key', + 'Enter License Key' => 'Syötä Lisenssi Avain', 'Buy Licence' => 'Osta lisenssi', 'Buy Lifetime License' => 'Osta elinikäinen lisenssi', - 'Disable and Cancel Licence' => 'Disable and Cancel Licence', + 'Disable and Cancel Licence' => 'Poista Käytöstä ja Peruuta Lisenssi', 'Licence Activated' => 'Lisenssi aktivoitu', 'Licence Deactivated' => 'Lisenssi deaktivoitu', - 'Restrict users so that they cannot use SSH and access only their home directory.' => 'Restrict users so that they cannot use SSH and access only their home directory.', - 'Browse, copy, edit, view, and retrieve all of your web domain files using fully featured File Manager.' => 'Browse, copy, edit, view, and retrieve all of your web domain files using fully featured File Manager.', - 'This is a commercial module, you would need to purchace license key to enable it.' => 'This is a commercial module, you would need to purchace license key to enable it.', + 'Restrict users so that they cannot use SSH and access only their home directory.' => 'Rajoita käyttäjiä siten, että he eivät voi käyttää SSH:ta ja heillä on pääsy vain kotikansioonsa.', + 'Browse, copy, edit, view, and retrieve all of your web domain files using fully featured File Manager.' => 'Selaa, kopioi, muokkaa, tarkastele ja hae kaikista web palveluista täysin varustellulla File Managerilla.', + 'This is a commercial module, you would need to purchace license key to enable it.' => 'Tämä on kaupallinen moduuli, sinun on ostettava lisenssiavain, ottaaksesi se käyttöön.', 'Minutes' => 'Minuutittain', // fuzzy 'Hourly' => 'Tunneittain', 'Run Command' => 'Aja Komento', 'every month' => 'joka kuukausi', 'every odd month' => 'joka toinen kuukausi', - 'every even month' => 'every even month', + 'every even month' => 'joka parillinen kuukausi', 'every day' => 'joka päivä', 'every odd day' => 'joka toinen päivä', - 'every even day' => 'every even day', - 'weekdays (5 days)' => 'weekdays (5 days)', - 'weekend (2 days)' => 'weekend (2 days)', + 'every even day' => 'joka parillinen päivä', + 'weekdays (5 days)' => 'arkisin (5 päivää)', + 'weekend (2 days)' => 'viikonloppu (2 päivää)', 'Monday' => 'Maanantai', 'Tuesday' => 'Tiistai', 'Wednesday' => 'Keskiviikko', @@ -731,7 +731,7 @@ $LANG['fi'] = array( 'every two hours' => 'joka toinen tunti', 'every minute' => 'joka minuutti', 'every two minutes' => 'joka toinen minuutti', - 'every' => 'every', + 'every' => 'joka', 'Generate' => 'Generoi', 'webalizer' => 'webalizer', @@ -746,16 +746,16 @@ $LANG['fi'] = array( 'PUB_KEY' => 'PUB_KEY', 'ISSUER' => 'ISSUER', - 'Use server hostname' => 'Use server hostname', - 'Use domain hostname' => 'Use domain hostname', - 'Use STARTTLS' => 'Use STARTTLS', - 'Use SSL / TLS' => 'Use SSL / TLS', - 'No encryption' => 'No encryption', - 'Do not use encryption' => 'Do not use encryption', + 'Use server hostname' => 'Käytä palvelimen isäntänimeä', + 'Use domain hostname' => 'Käytä verkkotunnuksen isäntänimeä', + 'Use STARTTLS' => 'Käytä STARTTLS', + 'Use SSL / TLS' => 'Käytä SSL / TLS', + 'No encryption' => 'Ei salausta', + 'Do not use encryption' => 'Älä käytä salausta', - 'maximum characters length, including prefix' => 'maximum %s characters length, including prefix', + 'maximum characters length, including prefix' => 'maksimissaan %s merkkiä pitkä, mukaan lukien etuliite', - 'Email Credentials' => 'Email Credentials', + 'Email Credentials' => 'Sähköpostitiedot', // Texts below doesn't exist in en.php 'traffic' => 'tiedonsiirto', From bad8ee8042f01d85dad70efd6ab68eac69691aea Mon Sep 17 00:00:00 2001 From: Marcus Viefeld Date: Thu, 14 Feb 2019 05:41:16 +0100 Subject: [PATCH 033/197] fix german translation, forwarded mail --- web/inc/i18n/de.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/web/inc/i18n/de.php b/web/inc/i18n/de.php index 43fc857b..e5ee45d0 100644 --- a/web/inc/i18n/de.php +++ b/web/inc/i18n/de.php @@ -214,7 +214,7 @@ $LANG['de'] = array( 'Quota' => 'Kontingent', 'Autoreply' => 'Autoreply', 'Forward to' => 'Weiterleiten zu', - 'Do not store forwarded mail' => 'Weiterleitungs Adresse nicht speichern', + 'Do not store forwarded mail' => 'Weitergeleitete E-Mails nicht speichern', 'IMAP hostname' => 'IMAP hostname', 'IMAP port' => 'IMAP port', 'IMAP security' => 'IMAP security', From 0d9218e9fc6e944c9542de081cc1462ca8465f1f Mon Sep 17 00:00:00 2001 From: Serghey Rodin Date: Thu, 14 Feb 2019 13:24:18 +0200 Subject: [PATCH 034/197] in case there is no conf --- func/domain.sh | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/func/domain.sh b/func/domain.sh index cc66aecb..84a7c177 100644 --- a/func/domain.sh +++ b/func/domain.sh @@ -285,8 +285,10 @@ del_web_config() { if [[ "$2" =~ stpl$ ]]; then conf="$HOMEDIR/$user/conf/web/s$1.conf" fi - get_web_config_lines $WEBTPL/$1/$WEB_BACKEND/$2 $conf - sed -i "$top_line,$bottom_line d" $conf + if [ -e "$conf" ]; then + get_web_config_lines $WEBTPL/$1/$WEB_BACKEND/$2 $conf + sed -i "$top_line,$bottom_line d" $conf + fi fi # clean-up for both config styles if there is no more domains web_domain=$(grep DOMAIN $USER_DATA/web.conf |wc -l) From 6b2f651418785c94c8fbb6fa6cb78bae048d9025 Mon Sep 17 00:00:00 2001 From: Serghey Rodin Date: Thu, 14 Feb 2019 17:47:58 +0200 Subject: [PATCH 035/197] protection in case there are two or more ips with the same nat association --- func/ip.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/func/ip.sh b/func/ip.sh index 605554af..c99a3272 100644 --- a/func/ip.sh +++ b/func/ip.sh @@ -141,7 +141,7 @@ get_real_ip() { else nat=$(grep -H "^NAT='$1'" $VESTA/data/ips/*) if [ ! -z "$nat" ]; then - echo "$nat" |cut -f 1 -d : |cut -f 7 -d / + echo "$nat" |cut -f 1 -d : |cut -f 7 -d / |head -n 1 fi fi } From d15e1037041a59b9f2edebf8744f7ee7fc1721cd Mon Sep 17 00:00:00 2001 From: dpeca Date: Thu, 14 Feb 2019 18:29:56 +0100 Subject: [PATCH 036/197] Allow admins to run custom script after SSL is put to any domain Useful if you have separated SSLs for each IP address. If admin add to vesta.conf this: UPDATE_SSL_SCRIPT='/usr/local/bin/update_ssl_script.sh' that script will be called after each domain get new SSL or renew old SSL. Then admin can write custom script that will, for example, copy new SSL to some file that is needed for dovecot or exim, for example... Passed parameters are $user and $domain ($1 and $2), so custom script can check what domain got new SSL, and then to run custom task... --- bin/v-add-web-domain-ssl | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/bin/v-add-web-domain-ssl b/bin/v-add-web-domain-ssl index 55c4ce41..a006d072 100755 --- a/bin/v-add-web-domain-ssl +++ b/bin/v-add-web-domain-ssl @@ -127,6 +127,10 @@ if [ ! -z "$UPDATE_HOSTNAME_SSL" ] && [ "$UPDATE_HOSTNAME_SSL" = "yes" ]; then fi fi +if [ ! -z "$UPDATE_SSL_SCRIPT" ]; then + eval "$UPDATE_SSL_SCRIPT $user $domain" +fi + # Logging log_history "enabled ssl support for $domain" log_event "$OK" "$ARGUMENTS" From 561d7e9f0134d1883e6284df2642dcfe4c2adfb3 Mon Sep 17 00:00:00 2001 From: Serghey Rodin Date: Wed, 20 Feb 2019 17:59:06 +0200 Subject: [PATCH 037/197] force flag isn't required when admin group exists since it's there by default --- install/vst-install-debian.sh | 4 ++-- install/vst-install-ubuntu.sh | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/install/vst-install-debian.sh b/install/vst-install-debian.sh index 87edd88b..a7ea3da5 100644 --- a/install/vst-install-debian.sh +++ b/install/vst-install-debian.sh @@ -260,7 +260,7 @@ if [ "x$(id -u)" != 'x0' ]; then fi # Checking admin user account -if [ ! -z "$(grep ^admin: /etc/passwd /etc/group)" ] && [ -z "$force" ]; then +if [ ! -z "$(grep ^admin: /etc/passwd)" ] && [ -z "$force" ]; then echo 'Please remove admin user account before proceeding.' echo 'If you want to do it automatically run installer with -f option:' echo -e "Example: bash $0 --force\n" @@ -1236,7 +1236,7 @@ if [ ! -z "$(grep ^admin: /etc/passwd)" ] && [ "$force" = 'yes' ]; then mv -f /home/admin $vst_backups/home/ >/dev/null 2>&1 rm -f /tmp/sess_* >/dev/null 2>&1 fi -if [ ! -z "$(grep ^admin: /etc/group)" ] && [ "$force" = 'yes' ]; then +if [ ! -z "$(grep ^admin: /etc/group)" ]; then groupdel admin > /dev/null 2>&1 fi diff --git a/install/vst-install-ubuntu.sh b/install/vst-install-ubuntu.sh index e1ca1044..effa0dcd 100755 --- a/install/vst-install-ubuntu.sh +++ b/install/vst-install-ubuntu.sh @@ -240,7 +240,7 @@ if [ "x$(id -u)" != 'x0' ]; then fi # Checking admin user account -if [ ! -z "$(grep ^admin: /etc/passwd /etc/group)" ] && [ -z "$force" ]; then +if [ ! -z "$(grep ^admin: /etc/passwd)" ] && [ -z "$force" ]; then echo 'Please remove admin user account before proceeding.' echo 'If you want to do it automatically run installer with -f option:' echo -e "Example: bash $0 --force\n" @@ -1213,7 +1213,7 @@ if [ ! -z "$(grep ^admin: /etc/passwd)" ] && [ "$force" = 'yes' ]; then mv -f /home/admin $vst_backups/home/ >/dev/null 2>&1 rm -f /tmp/sess_* >/dev/null 2>&1 fi -if [ ! -z "$(grep ^admin: /etc/group)" ] && [ "$force" = 'yes' ]; then +if [ ! -z "$(grep ^admin: /etc/group)" ]; then groupdel admin > /dev/null 2>&1 fi From d05a02e0b64499c1c4d551c298af780b4a0cc1b9 Mon Sep 17 00:00:00 2001 From: Serghey Rodin Date: Thu, 21 Feb 2019 14:58:13 +0200 Subject: [PATCH 038/197] hotfix for dovecot namespace on ubuntu 18.04 --- .../ubuntu/18.04/dovecot/conf.d/10-mail.conf | 5 +++++ install/ubuntu/18.04/dovecot/dovecot.conf | 20 ------------------- install/vst-install-ubuntu.sh | 13 +++++++++++- 3 files changed, 17 insertions(+), 21 deletions(-) diff --git a/install/ubuntu/18.04/dovecot/conf.d/10-mail.conf b/install/ubuntu/18.04/dovecot/conf.d/10-mail.conf index 55313419..7a20878a 100644 --- a/install/ubuntu/18.04/dovecot/conf.d/10-mail.conf +++ b/install/ubuntu/18.04/dovecot/conf.d/10-mail.conf @@ -2,3 +2,8 @@ mail_privileged_group = mail mail_access_groups = mail mail_location = maildir:%h/mail/%d/%n pop3_uidl_format = %08Xu%08Xv +namespace inbox { + inbox = yes +} +first_valid_uid = 1000 +mbox_write_locks = fcntl diff --git a/install/ubuntu/18.04/dovecot/dovecot.conf b/install/ubuntu/18.04/dovecot/dovecot.conf index 163460ba..0a855351 100644 --- a/install/ubuntu/18.04/dovecot/dovecot.conf +++ b/install/ubuntu/18.04/dovecot/dovecot.conf @@ -2,23 +2,3 @@ protocols = imap pop3 listen = *, :: base_dir = /var/run/dovecot/ !include conf.d/*.conf - -namespace inbox { - type = private - separator = / - prefix = - inbox = yes - - mailbox Sent { - auto = subscribe - special_use = \Sent - } - mailbox Drafts { - auto = subscribe - special_use = \Drafts - } - mailbox Trash { - auto = subscribe - special_use = \Trash - } -} diff --git a/install/vst-install-ubuntu.sh b/install/vst-install-ubuntu.sh index effa0dcd..7fe4003e 100755 --- a/install/vst-install-ubuntu.sh +++ b/install/vst-install-ubuntu.sh @@ -1087,7 +1087,18 @@ fi if [ "$dovecot" = 'yes' ]; then gpasswd -a dovecot mail - cp -rf $vestacp/dovecot /etc/ + if [[ ${release:0:2} -ge 18 ]]; then + cp -r /usr/local/vesta/install/debian/9/dovecot /etc/ + if [ -z "$(grep yes /etc/dovecot/conf.d/10-mail.conf)" ]; then + echo "namespace inbox {" >> /etc/dovecot/conf.d/10-mail.conf + echo " inbox = yes" >> /etc/dovecot/conf.d/10-mail.conf + echo "}" >> /etc/dovecot/conf.d/10-mail.conf + echo "first_valid_uid = 1000" >> /etc/dovecot/conf.d/10-mail.conf + echo "mbox_write_locks = fcntl" >> /etc/dovecot/conf.d/10-mail.conf + fi + else + cp -rf $vestacp/dovecot /etc/ + fi cp -f $vestacp/logrotate/dovecot /etc/logrotate.d/ chown -R root:root /etc/dovecot* update-rc.d dovecot defaults From bf5aa0fd6ed94bc06db8a81964ae62968b7f561f Mon Sep 17 00:00:00 2001 From: Serghey Rodin Date: Sat, 23 Feb 2019 11:30:28 +0200 Subject: [PATCH 039/197] auto subscribe mail dirs --- .../debian/9/dovecot/conf.d/15-mailboxes.conf | 29 +++++++++++++++++++ .../rhel/7/dovecot/conf.d/15-mailboxes.conf | 29 +++++++++++++++++++ .../18.04/dovecot/conf.d/15-mailboxes.conf | 29 +++++++++++++++++++ 3 files changed, 87 insertions(+) create mode 100644 install/debian/9/dovecot/conf.d/15-mailboxes.conf create mode 100644 install/rhel/7/dovecot/conf.d/15-mailboxes.conf create mode 100644 install/ubuntu/18.04/dovecot/conf.d/15-mailboxes.conf diff --git a/install/debian/9/dovecot/conf.d/15-mailboxes.conf b/install/debian/9/dovecot/conf.d/15-mailboxes.conf new file mode 100644 index 00000000..7b2bab97 --- /dev/null +++ b/install/debian/9/dovecot/conf.d/15-mailboxes.conf @@ -0,0 +1,29 @@ +## Mailbox definitions +## + + +# NOTE: Assumes "namespace inbox" has been defined in 10-mail.conf. +namespace inbox { + mailbox Drafts { + special_use = \Drafts + auto = subscribe + } + + mailbox Junk { + special_use = \Junk + auto = subscribe + } + + mailbox Trash { + special_use = \Trash + auto = subscribe + } + + mailbox Sent { + special_use = \Sent + auto = subscribe + } + mailbox "Sent Messages" { + special_use = \Sent + } +} diff --git a/install/rhel/7/dovecot/conf.d/15-mailboxes.conf b/install/rhel/7/dovecot/conf.d/15-mailboxes.conf new file mode 100644 index 00000000..7b2bab97 --- /dev/null +++ b/install/rhel/7/dovecot/conf.d/15-mailboxes.conf @@ -0,0 +1,29 @@ +## Mailbox definitions +## + + +# NOTE: Assumes "namespace inbox" has been defined in 10-mail.conf. +namespace inbox { + mailbox Drafts { + special_use = \Drafts + auto = subscribe + } + + mailbox Junk { + special_use = \Junk + auto = subscribe + } + + mailbox Trash { + special_use = \Trash + auto = subscribe + } + + mailbox Sent { + special_use = \Sent + auto = subscribe + } + mailbox "Sent Messages" { + special_use = \Sent + } +} diff --git a/install/ubuntu/18.04/dovecot/conf.d/15-mailboxes.conf b/install/ubuntu/18.04/dovecot/conf.d/15-mailboxes.conf new file mode 100644 index 00000000..7b2bab97 --- /dev/null +++ b/install/ubuntu/18.04/dovecot/conf.d/15-mailboxes.conf @@ -0,0 +1,29 @@ +## Mailbox definitions +## + + +# NOTE: Assumes "namespace inbox" has been defined in 10-mail.conf. +namespace inbox { + mailbox Drafts { + special_use = \Drafts + auto = subscribe + } + + mailbox Junk { + special_use = \Junk + auto = subscribe + } + + mailbox Trash { + special_use = \Trash + auto = subscribe + } + + mailbox Sent { + special_use = \Sent + auto = subscribe + } + mailbox "Sent Messages" { + special_use = \Sent + } +} From b510f55e8854b28f39febdfa6721e56e51d464bf Mon Sep 17 00:00:00 2001 From: Anton Reutov Date: Mon, 25 Feb 2019 16:08:40 +0300 Subject: [PATCH 040/197] a new pricing for FileManager & SFTP chroot plugin a new pricing for FileManager & SFTP chroot plugin --- web/templates/admin/edit_server.html | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/web/templates/admin/edit_server.html b/web/templates/admin/edit_server.html index cde031fc..285a16c3 100644 --- a/web/templates/admin/edit_server.html +++ b/web/templates/admin/edit_server.html @@ -790,7 +790,7 @@ '.__('Buy Licence').' 3$/'.__('month').'
  • - '.__('Buy Lifetime License').' 18$ + '.__('Buy Lifetime License').' 21$
    • 2Checkout.com Inc. (Ohio, USA) is a payment facilitator for goods and services provided by vestacp.com.'; @@ -835,10 +835,10 @@ 2Checkout.com Inc. (Ohio, USA) is a payment facilitator for goods and services provided by vestacp.com.'; From f4d3f7a85fb56acbe88816b4bbbb93c4c53fe422 Mon Sep 17 00:00:00 2001 From: Serghey Rodin Date: Wed, 27 Feb 2019 14:03:51 +0200 Subject: [PATCH 041/197] Full PMA&Roundcube installs + dovecot namespace hotfix --- install/vst-install-ubuntu.sh | 53 ++++++++++++++++++++++++----------- 1 file changed, 37 insertions(+), 16 deletions(-) diff --git a/install/vst-install-ubuntu.sh b/install/vst-install-ubuntu.sh index 7fe4003e..f66407c3 100755 --- a/install/vst-install-ubuntu.sh +++ b/install/vst-install-ubuntu.sh @@ -999,10 +999,18 @@ if [ "$mysql" = 'yes' ]; then cp -f $vestacp/pma/apache.conf /etc/phpmyadmin/ ln -s /etc/phpmyadmin/apache.conf /etc/apache2/conf.d/phpmyadmin.conf fi - cp -f $vestacp/pma/config.inc.php /etc/phpmyadmin/ + if [[ ${release:0:2} -ge 18 ]]; then + mysql < /usr/share/phpmyadmin/sql/create_tables.sql + p=$(grep dbpass /etc/phpmyadmin/config-db.php |cut -f 2 -d "'") + mysql -e "GRANT ALL ON phpmyadmin.* + TO phpmyadmin@localhost IDENTIFIED BY '$p'" + else + cp -f $vestacp/pma/config.inc.php /etc/phpmyadmin/ + fi chmod 777 /var/lib/phpmyadmin/tmp fi + #----------------------------------------------------------# # Configure PostgreSQL # #----------------------------------------------------------# @@ -1147,29 +1155,42 @@ if [ "$exim" = 'yes' ] && [ "$mysql" = 'yes' ]; then cp -f $vestacp/roundcube/apache.conf /etc/roundcube/ ln -s /etc/roundcube/apache.conf /etc/apache2/conf.d/roundcube.conf fi - cp -f $vestacp/roundcube/main.inc.php /etc/roundcube/ - cp -f $vestacp/roundcube/db.inc.php /etc/roundcube/ - chmod 640 /etc/roundcube/debian-db* - chown root:www-data /etc/roundcube/debian-db* - cp -f $vestacp/roundcube/vesta.php \ - /usr/share/roundcube/plugins/password/drivers/ - cp -f $vestacp/roundcube/config.inc.php /etc/roundcube/plugins/password/ - r="$(gen_pass)" - mysql -e "CREATE DATABASE roundcube" - mysql -e "GRANT ALL ON roundcube.* - TO roundcube@localhost IDENTIFIED BY '$r'" - sed -i "s/%password%/$r/g" /etc/roundcube/db.inc.php - touch /var/log/roundcube/errors - chmod 640 /var/log/roundcube/errors - chown www-data:adm /var/log/roundcube/errors + + if [[ ${release:0:2} -ge 18 ]]; then + r=$(grep dbpass= /etc/roundcube/debian-db.php |cut -f 2 -d "'") + sed -i "s/default_host.*/default_host'] = 'localhost';/" \ + /etc/roundcube/config.inc.php + sed -i "s/^);/'password');/" /etc/roundcube/config.inc.php + else + r="$(gen_pass)" + cp -f $vestacp/roundcube/main.inc.php /etc/roundcube/ + cp -f $vestacp/roundcube/db.inc.php /etc/roundcube/ + sed -i "s/%password%/$r/g" /etc/roundcube/db.inc.php + fi + if [ "$release" = '16.04' ]; then + # TBD: should be fixed in config repo mv /etc/roundcube/db.inc.php /etc/roundcube/debian-db-roundcube.php mv /etc/roundcube/main.inc.php /etc/roundcube/config.inc.php chmod 640 /etc/roundcube/debian-db-roundcube.php chown root:www-data /etc/roundcube/debian-db-roundcube.php fi + cp -f $vestacp/roundcube/vesta.php \ + /usr/share/roundcube/plugins/password/drivers/ + cp -f $vestacp/roundcube/config.inc.php /etc/roundcube/plugins/password/ + + mysql -e "CREATE DATABASE roundcube" + mysql -e "GRANT ALL ON roundcube.* + TO roundcube@localhost IDENTIFIED BY '$r'" mysql roundcube < /usr/share/dbconfig-common/data/roundcube/install/mysql + + chmod 640 /etc/roundcube/debian-db* + chown root:www-data /etc/roundcube/debian-db* + touch /var/log/roundcube/errors + chmod 640 /var/log/roundcube/errors + chown www-data:adm /var/log/roundcube/errors + php5enmod mcrypt 2>/dev/null phpenmod mcrypt 2>/dev/null if [ "$apache" = 'yes' ]; then From 372770931cae3eaa3119fe82c476e4c762135d60 Mon Sep 17 00:00:00 2001 From: Anton Reutov Date: Thu, 28 Feb 2019 14:05:12 +0300 Subject: [PATCH 042/197] fix for the use of a deprecated directive in nginx --- install/debian/7/templates/web/nginx/caching.stpl | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/install/debian/7/templates/web/nginx/caching.stpl b/install/debian/7/templates/web/nginx/caching.stpl index 5e0e4064..e149b98b 100755 --- a/install/debian/7/templates/web/nginx/caching.stpl +++ b/install/debian/7/templates/web/nginx/caching.stpl @@ -1,7 +1,6 @@ server { - listen %ip%:%proxy_ssl_port%; + listen %ip%:%proxy_ssl_port% ssl; server_name %domain_idn% %alias_idn%; - ssl on; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; error_log /var/log/%web_system%/domains/%domain%.error.log error; From edb3fcc2df4def7f4123c59c9428020cc515025d Mon Sep 17 00:00:00 2001 From: Anton Reutov Date: Thu, 28 Feb 2019 14:06:25 +0300 Subject: [PATCH 043/197] fix for the use of a deprecated directive in nginx --- install/debian/7/templates/web/nginx/default.stpl | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/install/debian/7/templates/web/nginx/default.stpl b/install/debian/7/templates/web/nginx/default.stpl index fa538060..0e669b3d 100755 --- a/install/debian/7/templates/web/nginx/default.stpl +++ b/install/debian/7/templates/web/nginx/default.stpl @@ -1,7 +1,6 @@ server { - listen %ip%:%proxy_ssl_port%; + listen %ip%:%proxy_ssl_port% ssl; server_name %domain_idn% %alias_idn%; - ssl on; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; error_log /var/log/%web_system%/domains/%domain%.error.log error; From 21ce107c681b8ee614d879c0d74715119b7dae50 Mon Sep 17 00:00:00 2001 From: Anton Reutov Date: Thu, 28 Feb 2019 14:07:07 +0300 Subject: [PATCH 044/197] fix for the use of a deprecated directive in nginx --- install/debian/7/templates/web/nginx/hosting.stpl | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/install/debian/7/templates/web/nginx/hosting.stpl b/install/debian/7/templates/web/nginx/hosting.stpl index d778d633..1ef8994b 100755 --- a/install/debian/7/templates/web/nginx/hosting.stpl +++ b/install/debian/7/templates/web/nginx/hosting.stpl @@ -1,7 +1,6 @@ server { - listen %ip%:%proxy_ssl_port%; + listen %ip%:%proxy_ssl_port% ssl; server_name %domain_idn% %alias_idn%; - ssl on; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; error_log /var/log/%web_system%/domains/%domain%.error.log error; From b22802478d9a000b9e3a9891eea938e415716d2f Mon Sep 17 00:00:00 2001 From: Anton Reutov Date: Thu, 28 Feb 2019 14:07:33 +0300 Subject: [PATCH 045/197] fix for the use of a deprecated directive in nginx --- install/debian/7/templates/web/nginx/http2.stpl | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/install/debian/7/templates/web/nginx/http2.stpl b/install/debian/7/templates/web/nginx/http2.stpl index 76dd2f8e..db83fcd7 100644 --- a/install/debian/7/templates/web/nginx/http2.stpl +++ b/install/debian/7/templates/web/nginx/http2.stpl @@ -1,7 +1,6 @@ server { - listen %ip%:%proxy_ssl_port% http2; + listen %ip%:%proxy_ssl_port% ssl http2; server_name %domain_idn% %alias_idn%; - ssl on; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; error_log /var/log/httpd/domains/%domain%.error.log error; From 7aa71c6ca08af15bbd3b2b1ac2655826db668730 Mon Sep 17 00:00:00 2001 From: Anton Reutov Date: Thu, 28 Feb 2019 14:10:11 +0300 Subject: [PATCH 046/197] fix for the use of a deprecated directive in nginx --- install/debian/8/templates/web/nginx/caching.stpl | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/install/debian/8/templates/web/nginx/caching.stpl b/install/debian/8/templates/web/nginx/caching.stpl index 52641dbe..3c56004d 100755 --- a/install/debian/8/templates/web/nginx/caching.stpl +++ b/install/debian/8/templates/web/nginx/caching.stpl @@ -1,7 +1,6 @@ server { - listen %ip%:%proxy_ssl_port%; + listen %ip%:%proxy_ssl_port% ssl; server_name %domain_idn% %alias_idn%; - ssl on; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; error_log /var/log/%web_system%/domains/%domain%.error.log error; From 6a5061a7a9a730372b64d6a8a5d6e7faa015b4da Mon Sep 17 00:00:00 2001 From: Anton Reutov Date: Thu, 28 Feb 2019 14:11:03 +0300 Subject: [PATCH 047/197] fix for the use of a deprecated directive in nginx --- install/debian/8/templates/web/nginx/default.stpl | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/install/debian/8/templates/web/nginx/default.stpl b/install/debian/8/templates/web/nginx/default.stpl index fa538060..0e669b3d 100755 --- a/install/debian/8/templates/web/nginx/default.stpl +++ b/install/debian/8/templates/web/nginx/default.stpl @@ -1,7 +1,6 @@ server { - listen %ip%:%proxy_ssl_port%; + listen %ip%:%proxy_ssl_port% ssl; server_name %domain_idn% %alias_idn%; - ssl on; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; error_log /var/log/%web_system%/domains/%domain%.error.log error; From 5b4d89b47fd07037163f558bf8594748359ddcd3 Mon Sep 17 00:00:00 2001 From: Anton Reutov Date: Thu, 28 Feb 2019 14:11:21 +0300 Subject: [PATCH 048/197] fix for the use of a deprecated directive in nginx --- install/debian/8/templates/web/nginx/hosting.stpl | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/install/debian/8/templates/web/nginx/hosting.stpl b/install/debian/8/templates/web/nginx/hosting.stpl index d778d633..1ef8994b 100755 --- a/install/debian/8/templates/web/nginx/hosting.stpl +++ b/install/debian/8/templates/web/nginx/hosting.stpl @@ -1,7 +1,6 @@ server { - listen %ip%:%proxy_ssl_port%; + listen %ip%:%proxy_ssl_port% ssl; server_name %domain_idn% %alias_idn%; - ssl on; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; error_log /var/log/%web_system%/domains/%domain%.error.log error; From 232dbf0d0937164d7b9556b8bfeccd3fc32505ad Mon Sep 17 00:00:00 2001 From: Anton Reutov Date: Thu, 28 Feb 2019 14:11:55 +0300 Subject: [PATCH 049/197] fix for the use of a deprecated directive in nginx --- install/debian/8/templates/web/nginx/http2.stpl | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/install/debian/8/templates/web/nginx/http2.stpl b/install/debian/8/templates/web/nginx/http2.stpl index 76dd2f8e..db83fcd7 100644 --- a/install/debian/8/templates/web/nginx/http2.stpl +++ b/install/debian/8/templates/web/nginx/http2.stpl @@ -1,7 +1,6 @@ server { - listen %ip%:%proxy_ssl_port% http2; + listen %ip%:%proxy_ssl_port% ssl http2; server_name %domain_idn% %alias_idn%; - ssl on; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; error_log /var/log/httpd/domains/%domain%.error.log error; From 7a1cdc689ee1b2e4a81c131c121514004b588032 Mon Sep 17 00:00:00 2001 From: Anton Reutov Date: Thu, 28 Feb 2019 14:13:15 +0300 Subject: [PATCH 050/197] fix for the use of a deprecated directive in nginx --- install/debian/9/templates/web/nginx/caching.stpl | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/install/debian/9/templates/web/nginx/caching.stpl b/install/debian/9/templates/web/nginx/caching.stpl index 52641dbe..3c56004d 100755 --- a/install/debian/9/templates/web/nginx/caching.stpl +++ b/install/debian/9/templates/web/nginx/caching.stpl @@ -1,7 +1,6 @@ server { - listen %ip%:%proxy_ssl_port%; + listen %ip%:%proxy_ssl_port% ssl; server_name %domain_idn% %alias_idn%; - ssl on; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; error_log /var/log/%web_system%/domains/%domain%.error.log error; From 5ea43b6df656b250aa0ec5e6cf48439143c80881 Mon Sep 17 00:00:00 2001 From: Anton Reutov Date: Thu, 28 Feb 2019 14:39:05 +0300 Subject: [PATCH 051/197] fix for the use of a deprecated directive in nginx --- install/debian/9/templates/web/nginx/default.stpl | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/install/debian/9/templates/web/nginx/default.stpl b/install/debian/9/templates/web/nginx/default.stpl index fa538060..0e669b3d 100755 --- a/install/debian/9/templates/web/nginx/default.stpl +++ b/install/debian/9/templates/web/nginx/default.stpl @@ -1,7 +1,6 @@ server { - listen %ip%:%proxy_ssl_port%; + listen %ip%:%proxy_ssl_port% ssl; server_name %domain_idn% %alias_idn%; - ssl on; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; error_log /var/log/%web_system%/domains/%domain%.error.log error; From 6bb56a874257672f7388a1255071c4242092f2ce Mon Sep 17 00:00:00 2001 From: Anton Reutov Date: Thu, 28 Feb 2019 14:39:37 +0300 Subject: [PATCH 052/197] fix for the use of a deprecated directive in nginx --- install/debian/9/templates/web/nginx/hosting.stpl | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/install/debian/9/templates/web/nginx/hosting.stpl b/install/debian/9/templates/web/nginx/hosting.stpl index d778d633..1ef8994b 100755 --- a/install/debian/9/templates/web/nginx/hosting.stpl +++ b/install/debian/9/templates/web/nginx/hosting.stpl @@ -1,7 +1,6 @@ server { - listen %ip%:%proxy_ssl_port%; + listen %ip%:%proxy_ssl_port% ssl; server_name %domain_idn% %alias_idn%; - ssl on; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; error_log /var/log/%web_system%/domains/%domain%.error.log error; From dc3dec644dc3291880ce31d6ca8c2928125aa8b7 Mon Sep 17 00:00:00 2001 From: Anton Reutov Date: Thu, 28 Feb 2019 14:40:06 +0300 Subject: [PATCH 053/197] fix for the use of a deprecated directive in nginx --- install/debian/9/templates/web/nginx/http2.stpl | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/install/debian/9/templates/web/nginx/http2.stpl b/install/debian/9/templates/web/nginx/http2.stpl index 72e72a90..f225becd 100644 --- a/install/debian/9/templates/web/nginx/http2.stpl +++ b/install/debian/9/templates/web/nginx/http2.stpl @@ -1,7 +1,6 @@ server { - listen %ip%:%proxy_ssl_port% http2; + listen %ip%:%proxy_ssl_port% ssl http2; server_name %domain_idn% %alias_idn%; - ssl on; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; error_log /var/log/%web_system%/domains/%domain%.error.log error; From 4ed0ca484ca1e7e8249ed8360c240814c1462ad4 Mon Sep 17 00:00:00 2001 From: Anton Reutov Date: Thu, 28 Feb 2019 14:41:35 +0300 Subject: [PATCH 054/197] fix for the use of a deprecated directive in nginx --- install/rhel/5/templates/web/nginx/caching.stpl | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/install/rhel/5/templates/web/nginx/caching.stpl b/install/rhel/5/templates/web/nginx/caching.stpl index 67b2f6c2..5e1ac757 100755 --- a/install/rhel/5/templates/web/nginx/caching.stpl +++ b/install/rhel/5/templates/web/nginx/caching.stpl @@ -1,7 +1,6 @@ server { - listen %ip%:%proxy_ssl_port%; + listen %ip%:%proxy_ssl_port% ssl; server_name %domain_idn% %alias_idn%; - ssl on; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; error_log /var/log/%web_system%/domains/%domain%.error.log error; From 3ed733669e8fd259feea3c4d412de3a0c62eb4df Mon Sep 17 00:00:00 2001 From: Anton Reutov Date: Thu, 28 Feb 2019 14:41:55 +0300 Subject: [PATCH 055/197] fix for the use of a deprecated directive in nginx --- install/rhel/5/templates/web/nginx/default.stpl | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/install/rhel/5/templates/web/nginx/default.stpl b/install/rhel/5/templates/web/nginx/default.stpl index 53ad8d1b..22bbd55a 100755 --- a/install/rhel/5/templates/web/nginx/default.stpl +++ b/install/rhel/5/templates/web/nginx/default.stpl @@ -1,7 +1,6 @@ server { - listen %ip%:%proxy_ssl_port%; + listen %ip%:%proxy_ssl_port% ssl; server_name %domain_idn% %alias_idn%; - ssl on; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; error_log /var/log/httpd/domains/%domain%.error.log error; From 01d9626b6cc1d124c3ecc51980fcd24966515344 Mon Sep 17 00:00:00 2001 From: Anton Reutov Date: Thu, 28 Feb 2019 14:42:38 +0300 Subject: [PATCH 056/197] fix for the use of a deprecated directive in nginx --- install/rhel/5/templates/web/nginx/hosting.stpl | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/install/rhel/5/templates/web/nginx/hosting.stpl b/install/rhel/5/templates/web/nginx/hosting.stpl index aca458a4..06abc94e 100755 --- a/install/rhel/5/templates/web/nginx/hosting.stpl +++ b/install/rhel/5/templates/web/nginx/hosting.stpl @@ -1,7 +1,6 @@ server { - listen %ip%:%proxy_ssl_port%; + listen %ip%:%proxy_ssl_port% ssl; server_name %domain_idn% %alias_idn%; - ssl on; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; error_log /var/log/httpd/domains/%domain%.error.log error; From 3188ae9999f5e3a3fc72eea4fe41740c03c11874 Mon Sep 17 00:00:00 2001 From: Anton Reutov Date: Thu, 28 Feb 2019 14:42:44 +0300 Subject: [PATCH 057/197] fix for the use of a deprecated directive in nginx --- install/rhel/5/templates/web/nginx/http2.stpl | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/install/rhel/5/templates/web/nginx/http2.stpl b/install/rhel/5/templates/web/nginx/http2.stpl index 76dd2f8e..db83fcd7 100644 --- a/install/rhel/5/templates/web/nginx/http2.stpl +++ b/install/rhel/5/templates/web/nginx/http2.stpl @@ -1,7 +1,6 @@ server { - listen %ip%:%proxy_ssl_port% http2; + listen %ip%:%proxy_ssl_port% ssl http2; server_name %domain_idn% %alias_idn%; - ssl on; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; error_log /var/log/httpd/domains/%domain%.error.log error; From 48f61fcc2cea45c3fc18f05415f8d7a2f7136304 Mon Sep 17 00:00:00 2001 From: Anton Reutov Date: Thu, 28 Feb 2019 14:47:29 +0300 Subject: [PATCH 058/197] fix for the use of a deprecated directive in nginx --- install/rhel/6/templates/web/nginx/caching.stpl | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/install/rhel/6/templates/web/nginx/caching.stpl b/install/rhel/6/templates/web/nginx/caching.stpl index 67b2f6c2..5e1ac757 100755 --- a/install/rhel/6/templates/web/nginx/caching.stpl +++ b/install/rhel/6/templates/web/nginx/caching.stpl @@ -1,7 +1,6 @@ server { - listen %ip%:%proxy_ssl_port%; + listen %ip%:%proxy_ssl_port% ssl; server_name %domain_idn% %alias_idn%; - ssl on; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; error_log /var/log/%web_system%/domains/%domain%.error.log error; From 064a16043dfb47dabd9df7b91abe5bf9af77b841 Mon Sep 17 00:00:00 2001 From: Anton Reutov Date: Thu, 28 Feb 2019 14:47:31 +0300 Subject: [PATCH 059/197] fix for the use of a deprecated directive in nginx --- install/rhel/6/templates/web/nginx/default.stpl | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/install/rhel/6/templates/web/nginx/default.stpl b/install/rhel/6/templates/web/nginx/default.stpl index 53ad8d1b..22bbd55a 100755 --- a/install/rhel/6/templates/web/nginx/default.stpl +++ b/install/rhel/6/templates/web/nginx/default.stpl @@ -1,7 +1,6 @@ server { - listen %ip%:%proxy_ssl_port%; + listen %ip%:%proxy_ssl_port% ssl; server_name %domain_idn% %alias_idn%; - ssl on; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; error_log /var/log/httpd/domains/%domain%.error.log error; From 0226e7b862c68e87ce8027f038c6b07e8741558f Mon Sep 17 00:00:00 2001 From: Anton Reutov Date: Thu, 28 Feb 2019 14:47:33 +0300 Subject: [PATCH 060/197] fix for the use of a deprecated directive in nginx --- install/rhel/6/templates/web/nginx/hosting.stpl | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/install/rhel/6/templates/web/nginx/hosting.stpl b/install/rhel/6/templates/web/nginx/hosting.stpl index aca458a4..06abc94e 100755 --- a/install/rhel/6/templates/web/nginx/hosting.stpl +++ b/install/rhel/6/templates/web/nginx/hosting.stpl @@ -1,7 +1,6 @@ server { - listen %ip%:%proxy_ssl_port%; + listen %ip%:%proxy_ssl_port% ssl; server_name %domain_idn% %alias_idn%; - ssl on; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; error_log /var/log/httpd/domains/%domain%.error.log error; From f36148ca017bc1e0768bb2dda733c40c484d5fc3 Mon Sep 17 00:00:00 2001 From: Anton Reutov Date: Thu, 28 Feb 2019 14:47:36 +0300 Subject: [PATCH 061/197] fix for the use of a deprecated directive in nginx --- install/rhel/6/templates/web/nginx/http2.stpl | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/install/rhel/6/templates/web/nginx/http2.stpl b/install/rhel/6/templates/web/nginx/http2.stpl index 40e79aef..7874e9b1 100644 --- a/install/rhel/6/templates/web/nginx/http2.stpl +++ b/install/rhel/6/templates/web/nginx/http2.stpl @@ -1,7 +1,6 @@ server { - listen %ip%:%proxy_ssl_port% http2; + listen %ip%:%proxy_ssl_port% ssl http2; server_name %domain_idn% %alias_idn%; - ssl on; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; error_log /var/log/httpd/domains/%domain%.error.log error; From 40a8461b28b4e8b030615fcaf3f93f339e62b5a0 Mon Sep 17 00:00:00 2001 From: Anton Reutov Date: Thu, 28 Feb 2019 14:49:56 +0300 Subject: [PATCH 062/197] fix for the use of a deprecated directive in nginx --- install/rhel/7/templates/web/nginx/caching.stpl | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/install/rhel/7/templates/web/nginx/caching.stpl b/install/rhel/7/templates/web/nginx/caching.stpl index 67b2f6c2..5e1ac757 100755 --- a/install/rhel/7/templates/web/nginx/caching.stpl +++ b/install/rhel/7/templates/web/nginx/caching.stpl @@ -1,7 +1,6 @@ server { - listen %ip%:%proxy_ssl_port%; + listen %ip%:%proxy_ssl_port% ssl; server_name %domain_idn% %alias_idn%; - ssl on; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; error_log /var/log/%web_system%/domains/%domain%.error.log error; From 4f086744be2e012bfe3272977df3b010b281dce8 Mon Sep 17 00:00:00 2001 From: Anton Reutov Date: Thu, 28 Feb 2019 14:50:00 +0300 Subject: [PATCH 063/197] fix for the use of a deprecated directive in nginx --- install/rhel/7/templates/web/nginx/default.stpl | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/install/rhel/7/templates/web/nginx/default.stpl b/install/rhel/7/templates/web/nginx/default.stpl index 53ad8d1b..22bbd55a 100755 --- a/install/rhel/7/templates/web/nginx/default.stpl +++ b/install/rhel/7/templates/web/nginx/default.stpl @@ -1,7 +1,6 @@ server { - listen %ip%:%proxy_ssl_port%; + listen %ip%:%proxy_ssl_port% ssl; server_name %domain_idn% %alias_idn%; - ssl on; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; error_log /var/log/httpd/domains/%domain%.error.log error; From b289a46cfbe651701c05b04c850564a9475810e6 Mon Sep 17 00:00:00 2001 From: Anton Reutov Date: Thu, 28 Feb 2019 14:50:05 +0300 Subject: [PATCH 064/197] fix for the use of a deprecated directive in nginx --- install/rhel/7/templates/web/nginx/hosting.stpl | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/install/rhel/7/templates/web/nginx/hosting.stpl b/install/rhel/7/templates/web/nginx/hosting.stpl index aca458a4..06abc94e 100755 --- a/install/rhel/7/templates/web/nginx/hosting.stpl +++ b/install/rhel/7/templates/web/nginx/hosting.stpl @@ -1,7 +1,6 @@ server { - listen %ip%:%proxy_ssl_port%; + listen %ip%:%proxy_ssl_port% ssl; server_name %domain_idn% %alias_idn%; - ssl on; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; error_log /var/log/httpd/domains/%domain%.error.log error; From 75283ef755f467d5479ec9559f9855f3005e9784 Mon Sep 17 00:00:00 2001 From: Anton Reutov Date: Thu, 28 Feb 2019 14:50:10 +0300 Subject: [PATCH 065/197] fix for the use of a deprecated directive in nginx --- install/rhel/7/templates/web/nginx/http2.stpl | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/install/rhel/7/templates/web/nginx/http2.stpl b/install/rhel/7/templates/web/nginx/http2.stpl index 76dd2f8e..db83fcd7 100644 --- a/install/rhel/7/templates/web/nginx/http2.stpl +++ b/install/rhel/7/templates/web/nginx/http2.stpl @@ -1,7 +1,6 @@ server { - listen %ip%:%proxy_ssl_port% http2; + listen %ip%:%proxy_ssl_port% ssl http2; server_name %domain_idn% %alias_idn%; - ssl on; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; error_log /var/log/httpd/domains/%domain%.error.log error; From faa9d4aa625fedaab492835746b3a6d20130b173 Mon Sep 17 00:00:00 2001 From: Anton Reutov Date: Thu, 28 Feb 2019 15:04:45 +0300 Subject: [PATCH 066/197] fix for the use of a deprecated directive in nginx --- install/ubuntu/12.10/templates/web/nginx/caching.stpl | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/install/ubuntu/12.10/templates/web/nginx/caching.stpl b/install/ubuntu/12.10/templates/web/nginx/caching.stpl index 5e0e4064..e149b98b 100755 --- a/install/ubuntu/12.10/templates/web/nginx/caching.stpl +++ b/install/ubuntu/12.10/templates/web/nginx/caching.stpl @@ -1,7 +1,6 @@ server { - listen %ip%:%proxy_ssl_port%; + listen %ip%:%proxy_ssl_port% ssl; server_name %domain_idn% %alias_idn%; - ssl on; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; error_log /var/log/%web_system%/domains/%domain%.error.log error; From 37acc7bf319783936553dff7bc09782dc1e6c49e Mon Sep 17 00:00:00 2001 From: Anton Reutov Date: Thu, 28 Feb 2019 15:04:49 +0300 Subject: [PATCH 067/197] fix for the use of a deprecated directive in nginx --- install/ubuntu/12.10/templates/web/nginx/default.stpl | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/install/ubuntu/12.10/templates/web/nginx/default.stpl b/install/ubuntu/12.10/templates/web/nginx/default.stpl index fa538060..0e669b3d 100755 --- a/install/ubuntu/12.10/templates/web/nginx/default.stpl +++ b/install/ubuntu/12.10/templates/web/nginx/default.stpl @@ -1,7 +1,6 @@ server { - listen %ip%:%proxy_ssl_port%; + listen %ip%:%proxy_ssl_port% ssl; server_name %domain_idn% %alias_idn%; - ssl on; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; error_log /var/log/%web_system%/domains/%domain%.error.log error; From 68230531b3c48a8a33aea387f9830a8b11fc4abd Mon Sep 17 00:00:00 2001 From: Anton Reutov Date: Thu, 28 Feb 2019 15:04:53 +0300 Subject: [PATCH 068/197] fix for the use of a deprecated directive in nginx --- install/ubuntu/12.10/templates/web/nginx/hosting.stpl | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/install/ubuntu/12.10/templates/web/nginx/hosting.stpl b/install/ubuntu/12.10/templates/web/nginx/hosting.stpl index d778d633..1ef8994b 100755 --- a/install/ubuntu/12.10/templates/web/nginx/hosting.stpl +++ b/install/ubuntu/12.10/templates/web/nginx/hosting.stpl @@ -1,7 +1,6 @@ server { - listen %ip%:%proxy_ssl_port%; + listen %ip%:%proxy_ssl_port% ssl; server_name %domain_idn% %alias_idn%; - ssl on; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; error_log /var/log/%web_system%/domains/%domain%.error.log error; From d4497846970bf4734624821eb50b736a511e9ccd Mon Sep 17 00:00:00 2001 From: Anton Reutov Date: Thu, 28 Feb 2019 15:04:58 +0300 Subject: [PATCH 069/197] fix for the use of a deprecated directive in nginx --- install/ubuntu/12.10/templates/web/nginx/http2.stpl | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/install/ubuntu/12.10/templates/web/nginx/http2.stpl b/install/ubuntu/12.10/templates/web/nginx/http2.stpl index 72e72a90..f225becd 100644 --- a/install/ubuntu/12.10/templates/web/nginx/http2.stpl +++ b/install/ubuntu/12.10/templates/web/nginx/http2.stpl @@ -1,7 +1,6 @@ server { - listen %ip%:%proxy_ssl_port% http2; + listen %ip%:%proxy_ssl_port% ssl http2; server_name %domain_idn% %alias_idn%; - ssl on; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; error_log /var/log/%web_system%/domains/%domain%.error.log error; From 8ef8d8b722fe4ed3d1bfae9f54c89178656e06a9 Mon Sep 17 00:00:00 2001 From: Anton Reutov Date: Thu, 28 Feb 2019 15:05:00 +0300 Subject: [PATCH 070/197] fix for the use of a deprecated directive in nginx --- install/ubuntu/13.04/templates/web/nginx/caching.stpl | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/install/ubuntu/13.04/templates/web/nginx/caching.stpl b/install/ubuntu/13.04/templates/web/nginx/caching.stpl index 5e0e4064..e149b98b 100755 --- a/install/ubuntu/13.04/templates/web/nginx/caching.stpl +++ b/install/ubuntu/13.04/templates/web/nginx/caching.stpl @@ -1,7 +1,6 @@ server { - listen %ip%:%proxy_ssl_port%; + listen %ip%:%proxy_ssl_port% ssl; server_name %domain_idn% %alias_idn%; - ssl on; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; error_log /var/log/%web_system%/domains/%domain%.error.log error; From f64e745e20783538f28cd45ca856bf8f07fe851f Mon Sep 17 00:00:00 2001 From: Anton Reutov Date: Thu, 28 Feb 2019 15:05:02 +0300 Subject: [PATCH 071/197] fix for the use of a deprecated directive in nginx --- install/ubuntu/13.04/templates/web/nginx/default.stpl | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/install/ubuntu/13.04/templates/web/nginx/default.stpl b/install/ubuntu/13.04/templates/web/nginx/default.stpl index fa538060..0e669b3d 100755 --- a/install/ubuntu/13.04/templates/web/nginx/default.stpl +++ b/install/ubuntu/13.04/templates/web/nginx/default.stpl @@ -1,7 +1,6 @@ server { - listen %ip%:%proxy_ssl_port%; + listen %ip%:%proxy_ssl_port% ssl; server_name %domain_idn% %alias_idn%; - ssl on; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; error_log /var/log/%web_system%/domains/%domain%.error.log error; From 58ddfd4b4dedf23d4c079f42ac8785fda9972742 Mon Sep 17 00:00:00 2001 From: Anton Reutov Date: Thu, 28 Feb 2019 15:05:04 +0300 Subject: [PATCH 072/197] fix for the use of a deprecated directive in nginx --- install/ubuntu/13.04/templates/web/nginx/hosting.stpl | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/install/ubuntu/13.04/templates/web/nginx/hosting.stpl b/install/ubuntu/13.04/templates/web/nginx/hosting.stpl index d778d633..1ef8994b 100755 --- a/install/ubuntu/13.04/templates/web/nginx/hosting.stpl +++ b/install/ubuntu/13.04/templates/web/nginx/hosting.stpl @@ -1,7 +1,6 @@ server { - listen %ip%:%proxy_ssl_port%; + listen %ip%:%proxy_ssl_port% ssl; server_name %domain_idn% %alias_idn%; - ssl on; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; error_log /var/log/%web_system%/domains/%domain%.error.log error; From dca488c0f7c51caa055e88d70eba7f9462df7d45 Mon Sep 17 00:00:00 2001 From: Anton Reutov Date: Thu, 28 Feb 2019 15:05:06 +0300 Subject: [PATCH 073/197] fix for the use of a deprecated directive in nginx --- install/ubuntu/13.04/templates/web/nginx/http2.stpl | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/install/ubuntu/13.04/templates/web/nginx/http2.stpl b/install/ubuntu/13.04/templates/web/nginx/http2.stpl index 72e72a90..f225becd 100644 --- a/install/ubuntu/13.04/templates/web/nginx/http2.stpl +++ b/install/ubuntu/13.04/templates/web/nginx/http2.stpl @@ -1,7 +1,6 @@ server { - listen %ip%:%proxy_ssl_port% http2; + listen %ip%:%proxy_ssl_port% ssl http2; server_name %domain_idn% %alias_idn%; - ssl on; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; error_log /var/log/%web_system%/domains/%domain%.error.log error; From 1806c2a3d6136a1e454d0f6e471a07936c3bf48b Mon Sep 17 00:00:00 2001 From: Anton Reutov Date: Thu, 28 Feb 2019 15:05:09 +0300 Subject: [PATCH 074/197] fix for the use of a deprecated directive in nginx --- install/ubuntu/13.10/templates/web/nginx/caching.stpl | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/install/ubuntu/13.10/templates/web/nginx/caching.stpl b/install/ubuntu/13.10/templates/web/nginx/caching.stpl index 5e0e4064..e149b98b 100755 --- a/install/ubuntu/13.10/templates/web/nginx/caching.stpl +++ b/install/ubuntu/13.10/templates/web/nginx/caching.stpl @@ -1,7 +1,6 @@ server { - listen %ip%:%proxy_ssl_port%; + listen %ip%:%proxy_ssl_port% ssl; server_name %domain_idn% %alias_idn%; - ssl on; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; error_log /var/log/%web_system%/domains/%domain%.error.log error; From ada32d5535ae4ef4ed9037823da198eb0bb770b4 Mon Sep 17 00:00:00 2001 From: Anton Reutov Date: Thu, 28 Feb 2019 15:05:11 +0300 Subject: [PATCH 075/197] fix for the use of a deprecated directive in nginx --- install/ubuntu/13.10/templates/web/nginx/default.stpl | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/install/ubuntu/13.10/templates/web/nginx/default.stpl b/install/ubuntu/13.10/templates/web/nginx/default.stpl index fa538060..0e669b3d 100755 --- a/install/ubuntu/13.10/templates/web/nginx/default.stpl +++ b/install/ubuntu/13.10/templates/web/nginx/default.stpl @@ -1,7 +1,6 @@ server { - listen %ip%:%proxy_ssl_port%; + listen %ip%:%proxy_ssl_port% ssl; server_name %domain_idn% %alias_idn%; - ssl on; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; error_log /var/log/%web_system%/domains/%domain%.error.log error; From 6c6520a18c12ea101f9ed4ed438a7c57c25104c3 Mon Sep 17 00:00:00 2001 From: Anton Reutov Date: Thu, 28 Feb 2019 15:05:16 +0300 Subject: [PATCH 076/197] fix for the use of a deprecated directive in nginx --- install/ubuntu/13.10/templates/web/nginx/hosting.stpl | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/install/ubuntu/13.10/templates/web/nginx/hosting.stpl b/install/ubuntu/13.10/templates/web/nginx/hosting.stpl index d778d633..1ef8994b 100755 --- a/install/ubuntu/13.10/templates/web/nginx/hosting.stpl +++ b/install/ubuntu/13.10/templates/web/nginx/hosting.stpl @@ -1,7 +1,6 @@ server { - listen %ip%:%proxy_ssl_port%; + listen %ip%:%proxy_ssl_port% ssl; server_name %domain_idn% %alias_idn%; - ssl on; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; error_log /var/log/%web_system%/domains/%domain%.error.log error; From cf2dc9ccbde6fb8fe841970326ba70f11957323a Mon Sep 17 00:00:00 2001 From: Anton Reutov Date: Thu, 28 Feb 2019 15:05:20 +0300 Subject: [PATCH 077/197] fix for the use of a deprecated directive in nginx --- install/ubuntu/13.10/templates/web/nginx/http2.stpl | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/install/ubuntu/13.10/templates/web/nginx/http2.stpl b/install/ubuntu/13.10/templates/web/nginx/http2.stpl index 72e72a90..f225becd 100644 --- a/install/ubuntu/13.10/templates/web/nginx/http2.stpl +++ b/install/ubuntu/13.10/templates/web/nginx/http2.stpl @@ -1,7 +1,6 @@ server { - listen %ip%:%proxy_ssl_port% http2; + listen %ip%:%proxy_ssl_port% ssl http2; server_name %domain_idn% %alias_idn%; - ssl on; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; error_log /var/log/%web_system%/domains/%domain%.error.log error; From c28167f37a0ca8b12e0df7acf3e19ccf4cbba499 Mon Sep 17 00:00:00 2001 From: Anton Reutov Date: Thu, 28 Feb 2019 15:05:24 +0300 Subject: [PATCH 078/197] fix for the use of a deprecated directive in nginx --- install/ubuntu/14.04/templates/web/nginx/caching.stpl | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/install/ubuntu/14.04/templates/web/nginx/caching.stpl b/install/ubuntu/14.04/templates/web/nginx/caching.stpl index 5e0e4064..e149b98b 100755 --- a/install/ubuntu/14.04/templates/web/nginx/caching.stpl +++ b/install/ubuntu/14.04/templates/web/nginx/caching.stpl @@ -1,7 +1,6 @@ server { - listen %ip%:%proxy_ssl_port%; + listen %ip%:%proxy_ssl_port% ssl; server_name %domain_idn% %alias_idn%; - ssl on; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; error_log /var/log/%web_system%/domains/%domain%.error.log error; From 1ede3c055c93c7233ffe6293c5a3b162dbe27b27 Mon Sep 17 00:00:00 2001 From: Anton Reutov Date: Thu, 28 Feb 2019 15:05:26 +0300 Subject: [PATCH 079/197] fix for the use of a deprecated directive in nginx --- install/ubuntu/14.04/templates/web/nginx/default.stpl | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/install/ubuntu/14.04/templates/web/nginx/default.stpl b/install/ubuntu/14.04/templates/web/nginx/default.stpl index fa538060..0e669b3d 100755 --- a/install/ubuntu/14.04/templates/web/nginx/default.stpl +++ b/install/ubuntu/14.04/templates/web/nginx/default.stpl @@ -1,7 +1,6 @@ server { - listen %ip%:%proxy_ssl_port%; + listen %ip%:%proxy_ssl_port% ssl; server_name %domain_idn% %alias_idn%; - ssl on; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; error_log /var/log/%web_system%/domains/%domain%.error.log error; From 8cbba0ed3ec3f78b1cc5c9cf11d344d5a82857a2 Mon Sep 17 00:00:00 2001 From: Anton Reutov Date: Thu, 28 Feb 2019 15:05:29 +0300 Subject: [PATCH 080/197] fix for the use of a deprecated directive in nginx --- install/ubuntu/14.04/templates/web/nginx/hosting.stpl | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/install/ubuntu/14.04/templates/web/nginx/hosting.stpl b/install/ubuntu/14.04/templates/web/nginx/hosting.stpl index d778d633..1ef8994b 100755 --- a/install/ubuntu/14.04/templates/web/nginx/hosting.stpl +++ b/install/ubuntu/14.04/templates/web/nginx/hosting.stpl @@ -1,7 +1,6 @@ server { - listen %ip%:%proxy_ssl_port%; + listen %ip%:%proxy_ssl_port% ssl; server_name %domain_idn% %alias_idn%; - ssl on; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; error_log /var/log/%web_system%/domains/%domain%.error.log error; From bbf745e0496bbb8eb4d4caad1baf34ed030ca6be Mon Sep 17 00:00:00 2001 From: Anton Reutov Date: Thu, 28 Feb 2019 15:05:31 +0300 Subject: [PATCH 081/197] fix for the use of a deprecated directive in nginx --- install/ubuntu/14.04/templates/web/nginx/http2.stpl | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/install/ubuntu/14.04/templates/web/nginx/http2.stpl b/install/ubuntu/14.04/templates/web/nginx/http2.stpl index 72e72a90..f225becd 100644 --- a/install/ubuntu/14.04/templates/web/nginx/http2.stpl +++ b/install/ubuntu/14.04/templates/web/nginx/http2.stpl @@ -1,7 +1,6 @@ server { - listen %ip%:%proxy_ssl_port% http2; + listen %ip%:%proxy_ssl_port% ssl http2; server_name %domain_idn% %alias_idn%; - ssl on; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; error_log /var/log/%web_system%/domains/%domain%.error.log error; From 5230c3d3b0dbd27c6785444f47134f2a9f38a038 Mon Sep 17 00:00:00 2001 From: Anton Reutov Date: Thu, 28 Feb 2019 15:05:35 +0300 Subject: [PATCH 082/197] fix for the use of a deprecated directive in nginx --- install/ubuntu/14.10/templates/web/nginx/caching.stpl | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/install/ubuntu/14.10/templates/web/nginx/caching.stpl b/install/ubuntu/14.10/templates/web/nginx/caching.stpl index 5e0e4064..e149b98b 100755 --- a/install/ubuntu/14.10/templates/web/nginx/caching.stpl +++ b/install/ubuntu/14.10/templates/web/nginx/caching.stpl @@ -1,7 +1,6 @@ server { - listen %ip%:%proxy_ssl_port%; + listen %ip%:%proxy_ssl_port% ssl; server_name %domain_idn% %alias_idn%; - ssl on; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; error_log /var/log/%web_system%/domains/%domain%.error.log error; From cd3ccf5370607dc5c1dd4cd23a88250f937d14ef Mon Sep 17 00:00:00 2001 From: Anton Reutov Date: Thu, 28 Feb 2019 15:05:38 +0300 Subject: [PATCH 083/197] fix for the use of a deprecated directive in nginx --- install/ubuntu/14.10/templates/web/nginx/default.stpl | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/install/ubuntu/14.10/templates/web/nginx/default.stpl b/install/ubuntu/14.10/templates/web/nginx/default.stpl index fa538060..0e669b3d 100755 --- a/install/ubuntu/14.10/templates/web/nginx/default.stpl +++ b/install/ubuntu/14.10/templates/web/nginx/default.stpl @@ -1,7 +1,6 @@ server { - listen %ip%:%proxy_ssl_port%; + listen %ip%:%proxy_ssl_port% ssl; server_name %domain_idn% %alias_idn%; - ssl on; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; error_log /var/log/%web_system%/domains/%domain%.error.log error; From a4b8ebcf885333179712c18fc7565e29b7d33fc7 Mon Sep 17 00:00:00 2001 From: Anton Reutov Date: Thu, 28 Feb 2019 15:05:41 +0300 Subject: [PATCH 084/197] fix for the use of a deprecated directive in nginx --- install/ubuntu/14.10/templates/web/nginx/hosting.stpl | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/install/ubuntu/14.10/templates/web/nginx/hosting.stpl b/install/ubuntu/14.10/templates/web/nginx/hosting.stpl index d778d633..1ef8994b 100755 --- a/install/ubuntu/14.10/templates/web/nginx/hosting.stpl +++ b/install/ubuntu/14.10/templates/web/nginx/hosting.stpl @@ -1,7 +1,6 @@ server { - listen %ip%:%proxy_ssl_port%; + listen %ip%:%proxy_ssl_port% ssl; server_name %domain_idn% %alias_idn%; - ssl on; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; error_log /var/log/%web_system%/domains/%domain%.error.log error; From 00ab9be534bb67669e2e30e8c21be348b253587a Mon Sep 17 00:00:00 2001 From: Anton Reutov Date: Thu, 28 Feb 2019 15:05:43 +0300 Subject: [PATCH 085/197] fix for the use of a deprecated directive in nginx --- install/ubuntu/14.10/templates/web/nginx/http2.stpl | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/install/ubuntu/14.10/templates/web/nginx/http2.stpl b/install/ubuntu/14.10/templates/web/nginx/http2.stpl index 72e72a90..f225becd 100644 --- a/install/ubuntu/14.10/templates/web/nginx/http2.stpl +++ b/install/ubuntu/14.10/templates/web/nginx/http2.stpl @@ -1,7 +1,6 @@ server { - listen %ip%:%proxy_ssl_port% http2; + listen %ip%:%proxy_ssl_port% ssl http2; server_name %domain_idn% %alias_idn%; - ssl on; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; error_log /var/log/%web_system%/domains/%domain%.error.log error; From 49ab4c345c4564fe79c10e2e3f76ddef8ed9d01d Mon Sep 17 00:00:00 2001 From: Anton Reutov Date: Thu, 28 Feb 2019 15:05:45 +0300 Subject: [PATCH 086/197] fix for the use of a deprecated directive in nginx --- install/ubuntu/12.04/templates/web/nginx/caching.stpl | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/install/ubuntu/12.04/templates/web/nginx/caching.stpl b/install/ubuntu/12.04/templates/web/nginx/caching.stpl index 5e0e4064..e149b98b 100755 --- a/install/ubuntu/12.04/templates/web/nginx/caching.stpl +++ b/install/ubuntu/12.04/templates/web/nginx/caching.stpl @@ -1,7 +1,6 @@ server { - listen %ip%:%proxy_ssl_port%; + listen %ip%:%proxy_ssl_port% ssl; server_name %domain_idn% %alias_idn%; - ssl on; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; error_log /var/log/%web_system%/domains/%domain%.error.log error; From 579ed37114cb23b3b83cbe9571acda09813d32ad Mon Sep 17 00:00:00 2001 From: Anton Reutov Date: Thu, 28 Feb 2019 15:05:48 +0300 Subject: [PATCH 087/197] fix for the use of a deprecated directive in nginx --- install/ubuntu/12.04/templates/web/nginx/default.stpl | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/install/ubuntu/12.04/templates/web/nginx/default.stpl b/install/ubuntu/12.04/templates/web/nginx/default.stpl index fa538060..0e669b3d 100755 --- a/install/ubuntu/12.04/templates/web/nginx/default.stpl +++ b/install/ubuntu/12.04/templates/web/nginx/default.stpl @@ -1,7 +1,6 @@ server { - listen %ip%:%proxy_ssl_port%; + listen %ip%:%proxy_ssl_port% ssl; server_name %domain_idn% %alias_idn%; - ssl on; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; error_log /var/log/%web_system%/domains/%domain%.error.log error; From c11a1b165bf578bd68c7198630a7206fce08f028 Mon Sep 17 00:00:00 2001 From: Anton Reutov Date: Thu, 28 Feb 2019 15:05:49 +0300 Subject: [PATCH 088/197] fix for the use of a deprecated directive in nginx --- install/ubuntu/12.04/templates/web/nginx/hosting.stpl | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/install/ubuntu/12.04/templates/web/nginx/hosting.stpl b/install/ubuntu/12.04/templates/web/nginx/hosting.stpl index d778d633..1ef8994b 100755 --- a/install/ubuntu/12.04/templates/web/nginx/hosting.stpl +++ b/install/ubuntu/12.04/templates/web/nginx/hosting.stpl @@ -1,7 +1,6 @@ server { - listen %ip%:%proxy_ssl_port%; + listen %ip%:%proxy_ssl_port% ssl; server_name %domain_idn% %alias_idn%; - ssl on; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; error_log /var/log/%web_system%/domains/%domain%.error.log error; From e39623308ef89e1c1173c33bb13898c94a53269b Mon Sep 17 00:00:00 2001 From: Anton Reutov Date: Thu, 28 Feb 2019 15:05:53 +0300 Subject: [PATCH 089/197] fix for the use of a deprecated directive in nginx --- install/ubuntu/12.04/templates/web/nginx/http2.stpl | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/install/ubuntu/12.04/templates/web/nginx/http2.stpl b/install/ubuntu/12.04/templates/web/nginx/http2.stpl index 72e72a90..f225becd 100644 --- a/install/ubuntu/12.04/templates/web/nginx/http2.stpl +++ b/install/ubuntu/12.04/templates/web/nginx/http2.stpl @@ -1,7 +1,6 @@ server { - listen %ip%:%proxy_ssl_port% http2; + listen %ip%:%proxy_ssl_port% ssl http2; server_name %domain_idn% %alias_idn%; - ssl on; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; error_log /var/log/%web_system%/domains/%domain%.error.log error; From 19bd87334bda2bc463f962e79c51b5924bb00950 Mon Sep 17 00:00:00 2001 From: Anton Reutov Date: Thu, 28 Feb 2019 15:14:51 +0300 Subject: [PATCH 090/197] fix for the use of a deprecated directive in nginx --- install/ubuntu/15.04/templates/web/nginx/caching.stpl | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/install/ubuntu/15.04/templates/web/nginx/caching.stpl b/install/ubuntu/15.04/templates/web/nginx/caching.stpl index 5e0e4064..e149b98b 100755 --- a/install/ubuntu/15.04/templates/web/nginx/caching.stpl +++ b/install/ubuntu/15.04/templates/web/nginx/caching.stpl @@ -1,7 +1,6 @@ server { - listen %ip%:%proxy_ssl_port%; + listen %ip%:%proxy_ssl_port% ssl; server_name %domain_idn% %alias_idn%; - ssl on; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; error_log /var/log/%web_system%/domains/%domain%.error.log error; From b1e826b0a64ebc1980fe315a1b8db92892b12bcc Mon Sep 17 00:00:00 2001 From: Anton Reutov Date: Thu, 28 Feb 2019 15:15:03 +0300 Subject: [PATCH 091/197] fix for the use of a deprecated directive in nginx --- install/ubuntu/15.04/templates/web/nginx/default.stpl | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/install/ubuntu/15.04/templates/web/nginx/default.stpl b/install/ubuntu/15.04/templates/web/nginx/default.stpl index fa538060..0e669b3d 100755 --- a/install/ubuntu/15.04/templates/web/nginx/default.stpl +++ b/install/ubuntu/15.04/templates/web/nginx/default.stpl @@ -1,7 +1,6 @@ server { - listen %ip%:%proxy_ssl_port%; + listen %ip%:%proxy_ssl_port% ssl; server_name %domain_idn% %alias_idn%; - ssl on; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; error_log /var/log/%web_system%/domains/%domain%.error.log error; From 4a04783d666475b59e973d4499f02565e0eb405b Mon Sep 17 00:00:00 2001 From: Anton Reutov Date: Thu, 28 Feb 2019 15:15:20 +0300 Subject: [PATCH 092/197] fix for the use of a deprecated directive in nginx --- install/ubuntu/15.04/templates/web/nginx/hosting.stpl | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/install/ubuntu/15.04/templates/web/nginx/hosting.stpl b/install/ubuntu/15.04/templates/web/nginx/hosting.stpl index d778d633..1ef8994b 100755 --- a/install/ubuntu/15.04/templates/web/nginx/hosting.stpl +++ b/install/ubuntu/15.04/templates/web/nginx/hosting.stpl @@ -1,7 +1,6 @@ server { - listen %ip%:%proxy_ssl_port%; + listen %ip%:%proxy_ssl_port% ssl; server_name %domain_idn% %alias_idn%; - ssl on; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; error_log /var/log/%web_system%/domains/%domain%.error.log error; From f85989fdbf9ea4902914951c57dfcc4f039ad825 Mon Sep 17 00:00:00 2001 From: Anton Reutov Date: Thu, 28 Feb 2019 15:18:03 +0300 Subject: [PATCH 093/197] fix for the use of a deprecated directive in nginx --- install/ubuntu/15.04/templates/web/nginx/http2.stpl | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/install/ubuntu/15.04/templates/web/nginx/http2.stpl b/install/ubuntu/15.04/templates/web/nginx/http2.stpl index 72e72a90..f225becd 100644 --- a/install/ubuntu/15.04/templates/web/nginx/http2.stpl +++ b/install/ubuntu/15.04/templates/web/nginx/http2.stpl @@ -1,7 +1,6 @@ server { - listen %ip%:%proxy_ssl_port% http2; + listen %ip%:%proxy_ssl_port% ssl http2; server_name %domain_idn% %alias_idn%; - ssl on; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; error_log /var/log/%web_system%/domains/%domain%.error.log error; From a90c85e6b5719a5b046ecbc59924cede3180a5f9 Mon Sep 17 00:00:00 2001 From: Anton Reutov Date: Thu, 28 Feb 2019 15:18:46 +0300 Subject: [PATCH 094/197] fix for the use of a deprecated directive in nginx --- install/ubuntu/15.10/templates/web/nginx/default.stpl | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/install/ubuntu/15.10/templates/web/nginx/default.stpl b/install/ubuntu/15.10/templates/web/nginx/default.stpl index fa538060..0e669b3d 100755 --- a/install/ubuntu/15.10/templates/web/nginx/default.stpl +++ b/install/ubuntu/15.10/templates/web/nginx/default.stpl @@ -1,7 +1,6 @@ server { - listen %ip%:%proxy_ssl_port%; + listen %ip%:%proxy_ssl_port% ssl; server_name %domain_idn% %alias_idn%; - ssl on; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; error_log /var/log/%web_system%/domains/%domain%.error.log error; From 470b88c764b5972b9424cac62054d4167ce3b314 Mon Sep 17 00:00:00 2001 From: Anton Reutov Date: Thu, 28 Feb 2019 15:19:32 +0300 Subject: [PATCH 095/197] fix for the use of a deprecated directive in nginx --- install/ubuntu/15.10/templates/web/nginx/caching.stpl | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/install/ubuntu/15.10/templates/web/nginx/caching.stpl b/install/ubuntu/15.10/templates/web/nginx/caching.stpl index 5e0e4064..e149b98b 100755 --- a/install/ubuntu/15.10/templates/web/nginx/caching.stpl +++ b/install/ubuntu/15.10/templates/web/nginx/caching.stpl @@ -1,7 +1,6 @@ server { - listen %ip%:%proxy_ssl_port%; + listen %ip%:%proxy_ssl_port% ssl; server_name %domain_idn% %alias_idn%; - ssl on; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; error_log /var/log/%web_system%/domains/%domain%.error.log error; From a38770a08108fcc3e609897f5cd4648094b2c46e Mon Sep 17 00:00:00 2001 From: Anton Reutov Date: Thu, 28 Feb 2019 15:19:47 +0300 Subject: [PATCH 096/197] fix for the use of a deprecated directive in nginx --- install/ubuntu/15.10/templates/web/nginx/hosting.stpl | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/install/ubuntu/15.10/templates/web/nginx/hosting.stpl b/install/ubuntu/15.10/templates/web/nginx/hosting.stpl index d778d633..1ef8994b 100755 --- a/install/ubuntu/15.10/templates/web/nginx/hosting.stpl +++ b/install/ubuntu/15.10/templates/web/nginx/hosting.stpl @@ -1,7 +1,6 @@ server { - listen %ip%:%proxy_ssl_port%; + listen %ip%:%proxy_ssl_port% ssl; server_name %domain_idn% %alias_idn%; - ssl on; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; error_log /var/log/%web_system%/domains/%domain%.error.log error; From c1d1f13a0449aacaa91f6c73ae71eb3aa789aacf Mon Sep 17 00:00:00 2001 From: Anton Reutov Date: Thu, 28 Feb 2019 15:20:06 +0300 Subject: [PATCH 097/197] fix for the use of a deprecated directive in nginx --- install/ubuntu/15.10/templates/web/nginx/http2.stpl | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/install/ubuntu/15.10/templates/web/nginx/http2.stpl b/install/ubuntu/15.10/templates/web/nginx/http2.stpl index 72e72a90..f225becd 100644 --- a/install/ubuntu/15.10/templates/web/nginx/http2.stpl +++ b/install/ubuntu/15.10/templates/web/nginx/http2.stpl @@ -1,7 +1,6 @@ server { - listen %ip%:%proxy_ssl_port% http2; + listen %ip%:%proxy_ssl_port% ssl http2; server_name %domain_idn% %alias_idn%; - ssl on; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; error_log /var/log/%web_system%/domains/%domain%.error.log error; From caf0890ca1df0eaab811e1939b2bd3a7fbe8a6a2 Mon Sep 17 00:00:00 2001 From: Anton Reutov Date: Thu, 28 Feb 2019 15:22:01 +0300 Subject: [PATCH 098/197] fix for the use of a deprecated directive in nginx --- install/ubuntu/16.10/templates/web/nginx/caching.stpl | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/install/ubuntu/16.10/templates/web/nginx/caching.stpl b/install/ubuntu/16.10/templates/web/nginx/caching.stpl index 5e0e4064..e149b98b 100755 --- a/install/ubuntu/16.10/templates/web/nginx/caching.stpl +++ b/install/ubuntu/16.10/templates/web/nginx/caching.stpl @@ -1,7 +1,6 @@ server { - listen %ip%:%proxy_ssl_port%; + listen %ip%:%proxy_ssl_port% ssl; server_name %domain_idn% %alias_idn%; - ssl on; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; error_log /var/log/%web_system%/domains/%domain%.error.log error; From eae7202f528b413b5fc0f0e513b095a43afa35ac Mon Sep 17 00:00:00 2001 From: Anton Reutov Date: Thu, 28 Feb 2019 15:22:09 +0300 Subject: [PATCH 099/197] fix for the use of a deprecated directive in nginx --- install/ubuntu/16.10/templates/web/nginx/default.stpl | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/install/ubuntu/16.10/templates/web/nginx/default.stpl b/install/ubuntu/16.10/templates/web/nginx/default.stpl index fa538060..0e669b3d 100755 --- a/install/ubuntu/16.10/templates/web/nginx/default.stpl +++ b/install/ubuntu/16.10/templates/web/nginx/default.stpl @@ -1,7 +1,6 @@ server { - listen %ip%:%proxy_ssl_port%; + listen %ip%:%proxy_ssl_port% ssl; server_name %domain_idn% %alias_idn%; - ssl on; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; error_log /var/log/%web_system%/domains/%domain%.error.log error; From 20027824cfcd632439e0087f7dcaac24bcb14ab7 Mon Sep 17 00:00:00 2001 From: Anton Reutov Date: Thu, 28 Feb 2019 15:22:17 +0300 Subject: [PATCH 100/197] fix for the use of a deprecated directive in nginx --- install/ubuntu/16.10/templates/web/nginx/hosting.stpl | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/install/ubuntu/16.10/templates/web/nginx/hosting.stpl b/install/ubuntu/16.10/templates/web/nginx/hosting.stpl index d778d633..1ef8994b 100755 --- a/install/ubuntu/16.10/templates/web/nginx/hosting.stpl +++ b/install/ubuntu/16.10/templates/web/nginx/hosting.stpl @@ -1,7 +1,6 @@ server { - listen %ip%:%proxy_ssl_port%; + listen %ip%:%proxy_ssl_port% ssl; server_name %domain_idn% %alias_idn%; - ssl on; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; error_log /var/log/%web_system%/domains/%domain%.error.log error; From d353421ff421becbd2c6bb11c1106a45a5faa230 Mon Sep 17 00:00:00 2001 From: Anton Reutov Date: Thu, 28 Feb 2019 15:22:28 +0300 Subject: [PATCH 101/197] fix for the use of a deprecated directive in nginx --- install/ubuntu/16.10/templates/web/nginx/http2.stpl | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/install/ubuntu/16.10/templates/web/nginx/http2.stpl b/install/ubuntu/16.10/templates/web/nginx/http2.stpl index 72e72a90..f225becd 100644 --- a/install/ubuntu/16.10/templates/web/nginx/http2.stpl +++ b/install/ubuntu/16.10/templates/web/nginx/http2.stpl @@ -1,7 +1,6 @@ server { - listen %ip%:%proxy_ssl_port% http2; + listen %ip%:%proxy_ssl_port% ssl http2; server_name %domain_idn% %alias_idn%; - ssl on; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; error_log /var/log/%web_system%/domains/%domain%.error.log error; From 4d5ecf05e73e8b2650c59d0dcdd8ea7d40df5014 Mon Sep 17 00:00:00 2001 From: Anton Reutov Date: Thu, 28 Feb 2019 15:23:46 +0300 Subject: [PATCH 102/197] fix for the use of a deprecated directive in nginx --- install/ubuntu/17.04/templates/web/nginx/caching.stpl | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/install/ubuntu/17.04/templates/web/nginx/caching.stpl b/install/ubuntu/17.04/templates/web/nginx/caching.stpl index 5e0e4064..e149b98b 100755 --- a/install/ubuntu/17.04/templates/web/nginx/caching.stpl +++ b/install/ubuntu/17.04/templates/web/nginx/caching.stpl @@ -1,7 +1,6 @@ server { - listen %ip%:%proxy_ssl_port%; + listen %ip%:%proxy_ssl_port% ssl; server_name %domain_idn% %alias_idn%; - ssl on; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; error_log /var/log/%web_system%/domains/%domain%.error.log error; From b3b1ec3c2e0a10997a1f6e57b8691800a14e447c Mon Sep 17 00:00:00 2001 From: Anton Reutov Date: Thu, 28 Feb 2019 15:23:50 +0300 Subject: [PATCH 103/197] fix for the use of a deprecated directive in nginx --- install/ubuntu/17.04/templates/web/nginx/default.stpl | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/install/ubuntu/17.04/templates/web/nginx/default.stpl b/install/ubuntu/17.04/templates/web/nginx/default.stpl index fa538060..0e669b3d 100755 --- a/install/ubuntu/17.04/templates/web/nginx/default.stpl +++ b/install/ubuntu/17.04/templates/web/nginx/default.stpl @@ -1,7 +1,6 @@ server { - listen %ip%:%proxy_ssl_port%; + listen %ip%:%proxy_ssl_port% ssl; server_name %domain_idn% %alias_idn%; - ssl on; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; error_log /var/log/%web_system%/domains/%domain%.error.log error; From 3912de3ed0454f3b67a56e60fef76ac87ffd9ad9 Mon Sep 17 00:00:00 2001 From: Anton Reutov Date: Thu, 28 Feb 2019 15:23:55 +0300 Subject: [PATCH 104/197] fix for the use of a deprecated directive in nginx --- install/ubuntu/17.04/templates/web/nginx/hosting.stpl | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/install/ubuntu/17.04/templates/web/nginx/hosting.stpl b/install/ubuntu/17.04/templates/web/nginx/hosting.stpl index d778d633..1ef8994b 100755 --- a/install/ubuntu/17.04/templates/web/nginx/hosting.stpl +++ b/install/ubuntu/17.04/templates/web/nginx/hosting.stpl @@ -1,7 +1,6 @@ server { - listen %ip%:%proxy_ssl_port%; + listen %ip%:%proxy_ssl_port% ssl; server_name %domain_idn% %alias_idn%; - ssl on; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; error_log /var/log/%web_system%/domains/%domain%.error.log error; From 12fdd9713e2ec43fd9cb049a93bcf9dd03cecec4 Mon Sep 17 00:00:00 2001 From: Anton Reutov Date: Thu, 28 Feb 2019 15:24:14 +0300 Subject: [PATCH 105/197] fix for the use of a deprecated directive in nginx --- install/ubuntu/17.04/templates/web/nginx/http2.stpl | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/install/ubuntu/17.04/templates/web/nginx/http2.stpl b/install/ubuntu/17.04/templates/web/nginx/http2.stpl index 72e72a90..f225becd 100644 --- a/install/ubuntu/17.04/templates/web/nginx/http2.stpl +++ b/install/ubuntu/17.04/templates/web/nginx/http2.stpl @@ -1,7 +1,6 @@ server { - listen %ip%:%proxy_ssl_port% http2; + listen %ip%:%proxy_ssl_port% ssl http2; server_name %domain_idn% %alias_idn%; - ssl on; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; error_log /var/log/%web_system%/domains/%domain%.error.log error; From b7a2728ab03cc5d9576ecd21ce74335fde16631e Mon Sep 17 00:00:00 2001 From: Anton Reutov Date: Thu, 28 Feb 2019 15:25:40 +0300 Subject: [PATCH 106/197] fix for the use of a deprecated directive in nginx --- install/ubuntu/17.10/templates/web/nginx/caching.stpl | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/install/ubuntu/17.10/templates/web/nginx/caching.stpl b/install/ubuntu/17.10/templates/web/nginx/caching.stpl index 5e0e4064..e149b98b 100755 --- a/install/ubuntu/17.10/templates/web/nginx/caching.stpl +++ b/install/ubuntu/17.10/templates/web/nginx/caching.stpl @@ -1,7 +1,6 @@ server { - listen %ip%:%proxy_ssl_port%; + listen %ip%:%proxy_ssl_port% ssl; server_name %domain_idn% %alias_idn%; - ssl on; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; error_log /var/log/%web_system%/domains/%domain%.error.log error; From 12bc7ab544c0ad4d69947f448203cc0b0f66fdc8 Mon Sep 17 00:00:00 2001 From: Anton Reutov Date: Thu, 28 Feb 2019 15:25:42 +0300 Subject: [PATCH 107/197] fix for the use of a deprecated directive in nginx --- install/ubuntu/17.10/templates/web/nginx/default.stpl | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/install/ubuntu/17.10/templates/web/nginx/default.stpl b/install/ubuntu/17.10/templates/web/nginx/default.stpl index fa538060..0e669b3d 100755 --- a/install/ubuntu/17.10/templates/web/nginx/default.stpl +++ b/install/ubuntu/17.10/templates/web/nginx/default.stpl @@ -1,7 +1,6 @@ server { - listen %ip%:%proxy_ssl_port%; + listen %ip%:%proxy_ssl_port% ssl; server_name %domain_idn% %alias_idn%; - ssl on; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; error_log /var/log/%web_system%/domains/%domain%.error.log error; From 452a7ad62efc881d86d3fec5cc7f9c35c6190c5c Mon Sep 17 00:00:00 2001 From: Anton Reutov Date: Thu, 28 Feb 2019 15:25:48 +0300 Subject: [PATCH 108/197] fix for the use of a deprecated directive in nginx --- install/ubuntu/17.10/templates/web/nginx/hosting.stpl | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/install/ubuntu/17.10/templates/web/nginx/hosting.stpl b/install/ubuntu/17.10/templates/web/nginx/hosting.stpl index d778d633..1ef8994b 100755 --- a/install/ubuntu/17.10/templates/web/nginx/hosting.stpl +++ b/install/ubuntu/17.10/templates/web/nginx/hosting.stpl @@ -1,7 +1,6 @@ server { - listen %ip%:%proxy_ssl_port%; + listen %ip%:%proxy_ssl_port% ssl; server_name %domain_idn% %alias_idn%; - ssl on; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; error_log /var/log/%web_system%/domains/%domain%.error.log error; From ae1ec05e6617fe2cabde5a09322de95d4aef20e9 Mon Sep 17 00:00:00 2001 From: Anton Reutov Date: Thu, 28 Feb 2019 15:25:54 +0300 Subject: [PATCH 109/197] fix for the use of a deprecated directive in nginx --- install/ubuntu/17.10/templates/web/nginx/http2.stpl | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/install/ubuntu/17.10/templates/web/nginx/http2.stpl b/install/ubuntu/17.10/templates/web/nginx/http2.stpl index 72e72a90..f225becd 100644 --- a/install/ubuntu/17.10/templates/web/nginx/http2.stpl +++ b/install/ubuntu/17.10/templates/web/nginx/http2.stpl @@ -1,7 +1,6 @@ server { - listen %ip%:%proxy_ssl_port% http2; + listen %ip%:%proxy_ssl_port% ssl http2; server_name %domain_idn% %alias_idn%; - ssl on; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; error_log /var/log/%web_system%/domains/%domain%.error.log error; From a7b54d60002f6ec79f0182bfc39705e5819a866b Mon Sep 17 00:00:00 2001 From: Serghey Rodin Date: Thu, 28 Feb 2019 23:47:07 +0200 Subject: [PATCH 110/197] Function to search avaiable SSL certificates that could be used as main cert --- bin/v-search-ssl-certificates | 97 +++++++++++++++++++++++++++++++++++ 1 file changed, 97 insertions(+) create mode 100755 bin/v-search-ssl-certificates diff --git a/bin/v-search-ssl-certificates b/bin/v-search-ssl-certificates new file mode 100755 index 00000000..5a5c74bf --- /dev/null +++ b/bin/v-search-ssl-certificates @@ -0,0 +1,97 @@ +#!/bin/bash +# info: search ssl certificates +# options: [FORMAT] +# +# The function to obtain the list of available ssl certificates. + + +#----------------------------------------------------------# +# Variable&Function # +#----------------------------------------------------------# + +# Argument definition +format=${1-shell} + +# Includes +source $VESTA/func/main.sh + +# JSON list function +json_list() { + IFS=$'\n' + i=1 + objects=$(echo "$search_cmd" |wc -l) + echo "{" + for str in $search_cmd; do + eval $str + echo -n ' "'$i'": { + "USER": "'$USER'", + "DOMAIN": "'$DOMAIN'" + }' + if [ "$i" -lt "$objects" ]; then + echo ',' + else + echo + fi + ((i++)) + done + echo '}' +} + +# SHELL list function +shell_list() { + IFS=$'\n' + echo "USER DOMAIN" + echo "---- ------" + for str in $search_cmd; do + eval $str + echo "$USER $DOMAIN" + done +} + +# PLAIN list function +plain_list() { + IFS=$'\n' + for str in $search_cmd; do + eval $str + echo -e "$USER\t$DOMAIN" + done +} + +# CSV list function +csv_list() { + IFS=$'\n' + echo "USER,DOMAIN" + for str in $search_cmd; do + eval $str + echo "$USER,$DOMAIN" + done +} + + +#----------------------------------------------------------# +# Verifications # +#----------------------------------------------------------# + + +#----------------------------------------------------------# +# Action # +#----------------------------------------------------------# + +search_cmd=$(grep "SSL='yes'" $VESTA/data/users/*/web.conf |\ + cut -f 1 -d ' ' |\ + sed -e "s|$VESTA/data/users/|USER='|" -e "s|/web.conf:|' |") + +# Listing data +case $format in + json) json_list ;; + plain) plain_list ;; + csv) csv_list ;; + shell) shell_list |column -t ;; +esac + + +#----------------------------------------------------------# +# Vesta # +#----------------------------------------------------------# + +exit From eb03d7bab2a27d847cd8b3856f8231c3d7247526 Mon Sep 17 00:00:00 2001 From: dpeca Date: Sat, 2 Mar 2019 23:24:02 +0100 Subject: [PATCH 111/197] Added unzip to Debian installer Needed for FileManager --- install/vst-install-debian.sh | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/install/vst-install-debian.sh b/install/vst-install-debian.sh index a7ea3da5..0741a6d6 100644 --- a/install/vst-install-debian.sh +++ b/install/vst-install-debian.sh @@ -29,7 +29,7 @@ if [ "$release" -eq 9 ]; then flex whois rssh git idn zip sudo bc ftp lsof ntpdate rrdtool quota e2fslibs bsdutils e2fsprogs curl imagemagick fail2ban dnsutils bsdmainutils cron vesta vesta-nginx vesta-php expect libmail-dkim-perl - unrar-free vim-common vesta-ioncube vesta-softaculous net-tools" + unrar-free vim-common vesta-ioncube vesta-softaculous net-tools unzip" elif [ "$release" -eq 8 ]; then software="nginx apache2 apache2-utils apache2.2-common apache2-suexec-custom libapache2-mod-ruid2 @@ -42,7 +42,7 @@ elif [ "$release" -eq 8 ]; then flex whois rssh git idn zip sudo bc ftp lsof ntpdate rrdtool quota e2fslibs bsdutils e2fsprogs curl imagemagick fail2ban dnsutils bsdmainutils cron vesta vesta-nginx vesta-php expect libmail-dkim-perl - unrar-free vim-common vesta-ioncube vesta-softaculous net-tools" + unrar-free vim-common vesta-ioncube vesta-softaculous net-tools unzip" else software="nginx apache2 apache2-utils apache2.2-common apache2-suexec-custom libapache2-mod-ruid2 @@ -55,7 +55,7 @@ else flex whois rssh git idn zip sudo bc ftp lsof ntpdate rrdtool quota e2fslibs bsdutils e2fsprogs curl imagemagick fail2ban dnsutils bsdmainutils cron vesta vesta-nginx vesta-php expect unrar-free - vim-common vesta-ioncube vesta-softaculous net-tools" + vim-common vesta-ioncube vesta-softaculous net-tools unzip" fi # Defining help function From c1b775443dd50b6db1babfa223b22d3b1c29129e Mon Sep 17 00:00:00 2001 From: Serghey Rodin Date: Sun, 3 Mar 2019 23:25:16 +0200 Subject: [PATCH 112/197] added scripts to copy web domain ssl to vesta and exim --- bin/v-copy-sys-mail-ssl | 89 ++++++++++++++++++++++++++++++++++++ bin/v-copy-sys-vesta-ssl | 97 ++++++++++++++++++++++++++++++++++++++++ 2 files changed, 186 insertions(+) create mode 100755 bin/v-copy-sys-mail-ssl create mode 100755 bin/v-copy-sys-vesta-ssl diff --git a/bin/v-copy-sys-mail-ssl b/bin/v-copy-sys-mail-ssl new file mode 100755 index 00000000..5b52a688 --- /dev/null +++ b/bin/v-copy-sys-mail-ssl @@ -0,0 +1,89 @@ +#!/bin/bash +# info: copy mail ssl certificate +# options: USER DOMAIN [RESTART] +# +# The function copies user domain SSL to mail SSL directory + + +#----------------------------------------------------------# +# Variable&Function # +#----------------------------------------------------------# + +# Argument definition +user=$1 +domain=$2 +restart=$3 + +# Includes +source $VESTA/func/main.sh +source $VESTA/func/domain.sh +source $VESTA/conf/vesta.conf + + +#----------------------------------------------------------# +# Verifications # +#----------------------------------------------------------# + +check_args '2' "$#" 'USER DOMAIN [RESTART]' +is_format_valid 'user' 'domain' +is_system_enabled "$WEB_SYSTEM" 'WEB_SYSTEM' +is_object_valid 'user' 'USER' "$user" +is_object_valid 'web' 'DOMAIN' "$domain" +is_object_value_exist 'web' 'DOMAIN' "$domain" '$SSL' + + +#----------------------------------------------------------# +# Action # +#----------------------------------------------------------# + +# Defining certificate location +dom_crt="/home/$user/conf/web/ssl.$domain.pem" +dom_key="/home/$user/conf/web/ssl.$domain.key" +vst_crt="$VESTA/ssl/mail.crt" +vst_key="$VESTA/ssl/mail.key" + +# Checking certificate +if [ ! -e "$dom_crt" ] || [ ! -e "$dom_key" ]; then + check_result $E_NOTEXIST "$domain certificate doesn't exist" +fi + +# Checking difference +diff $dom_crt $vst_crt >/dev/null 2>&1 +if [ $? -ne 0 ]; then + rm -f $vst_crt.old $vst_key.old + mv $vst_crt $vst_crt.old + mv $vst_key $vst_key.old + cp $dom_crt $vst_crt 2>/dev/null + cp $dom_key $vst_key 2>/dev/null + chown root:mail $vst_crt $vst_key +else + restart=no +fi + + +#----------------------------------------------------------# +# Vesta # +#----------------------------------------------------------# + +# Restarting services +if [ "$restart" != 'no' ]; then + if [ ! -z "$MAIL_SYSTEM" ]; then + $BIN/v-restart-service $MAIL_SYSTEM + fi + if [ ! -z "$IMAP_SYSTEM" ]; then + $BIN/v-restart-service $IMAP_SYSTEM + fi +fi + +# Updating vesta.conf +if [ -z "$(grep MAIL_CERTIFICATE $VESTA/conf/vesta.conf)" ]; then + echo "MAIL_CERTIFICATE='$user:$domain'" >> $VESTA/conf/vesta.conf +else + sed -i "s/MAIL_CERTIFICATE.*/MAIL_CERTIFICATE='$user:$domain'/g" \ + $VESTA/conf/vesta.conf +fi + +# Logging +log_event "$OK" "$ARGUMENTS" + +exit diff --git a/bin/v-copy-sys-vesta-ssl b/bin/v-copy-sys-vesta-ssl new file mode 100755 index 00000000..94a0cdfc --- /dev/null +++ b/bin/v-copy-sys-vesta-ssl @@ -0,0 +1,97 @@ +#!/bin/bash +# info: copy vesta ssl certificate +# options: USER DOMAIN [RESTART] +# +# The function copies user domain SSL to vesta SSL directory + + +#----------------------------------------------------------# +# Variable&Function # +#----------------------------------------------------------# + +# Argument definition +user=$1 +domain=$2 +restart=$3 + +# Includes +source $VESTA/func/main.sh +source $VESTA/func/domain.sh +source $VESTA/conf/vesta.conf + + +#----------------------------------------------------------# +# Verifications # +#----------------------------------------------------------# + +check_args '2' "$#" 'USER DOMAIN [RESTART]' +is_format_valid 'user' 'domain' +is_system_enabled "$WEB_SYSTEM" 'WEB_SYSTEM' +is_object_valid 'user' 'USER' "$user" +is_object_valid 'web' 'DOMAIN' "$domain" +is_object_value_exist 'web' 'DOMAIN' "$domain" '$SSL' + + +#----------------------------------------------------------# +# Action # +#----------------------------------------------------------# + +# Defining certificate location +dom_crt="/home/$user/conf/web/ssl.$domain.pem" +dom_key="/home/$user/conf/web/ssl.$domain.key" +vst_crt="$VESTA/ssl/certificate.crt" +vst_key="$VESTA/ssl/certificate.key" + +# Checking certificate +if [ ! -e "$dom_crt" ] || [ ! -e "$dom_key" ]; then + check_result $E_NOTEXIST "$domain certificate doesn't exist" +fi + +# Checking difference +diff $dom_crt $vst_crt >/dev/null 2>&1 +if [ $? -ne 0 ]; then + rm -f $vst_crt.old $vst_key.old + mv $vst_crt $vst_crt.old + mv $vst_key $vst_key.old + cp $dom_crt $vst_crt 2>/dev/null + cp $dom_key $vst_key 2>/dev/null + chown root:mail $vst_crt $vst_key +else + restart=no +fi + + +#----------------------------------------------------------# +# Vesta # +#----------------------------------------------------------# + +# Restarting services +if [ "$restart" != 'no' ]; then + if [ ! -z "$MAIL_SYSTEM" ]; then + $BIN/v-restart-service $MAIL_SYSTEM + fi + if [ ! -z "$IMAP_SYSTEM" ]; then + $BIN/v-restart-service $IMAP_SYSTEM + fi + if [ ! -z "$FTP_SYSTEM" ]; then + $BIN/v-restart-service "$FTP_SYSTEM" + fi + if [ -e "/var/run/vesta-nginx.pid" ]; then + kill -HUP $(cat /var/run/vesta-nginx.pid) + else + service vesta restart + fi +fi + +# Updating vesta.conf +if [ -z "$(grep VESTA_CERTIFICATE $VESTA/conf/vesta.conf)" ]; then + echo "VESTA_CERTIFICATE='$user:$domain'" >> $VESTA/conf/vesta.conf +else + sed -i "s/VESTA_CERTIFICATE.*/VESTA_CERTIFICATE='$user:$domain'/g" \ + $VESTA/conf/vesta.conf +fi + +# Logging +log_event "$OK" "$ARGUMENTS" + +exit From 2959165e1aecfbc8a10c9fa7a15744c3f2b375f8 Mon Sep 17 00:00:00 2001 From: myrevery <16082142+myrevery@users.noreply.github.com> Date: Mon, 11 Mar 2019 06:43:33 +0800 Subject: [PATCH 113/197] Update cn.php Refine some details. --- web/inc/i18n/cn.php | 46 ++++++++++++++++++++++----------------------- 1 file changed, 23 insertions(+), 23 deletions(-) diff --git a/web/inc/i18n/cn.php b/web/inc/i18n/cn.php index 62147871..ee9c9747 100644 --- a/web/inc/i18n/cn.php +++ b/web/inc/i18n/cn.php @@ -10,7 +10,7 @@ */ $LANG['cn'] = array( - 'Packages' => '预设方案', + 'Packages' => '用户方案', 'IP' => 'IP 地址', 'Graphs' => '资源图表', 'Statistics' => '统计信息', @@ -33,7 +33,7 @@ $LANG['cn'] = array( 'LOGIN' => '登录', 'RESET PASSWORD' => '重置密码', 'SEARCH' => '搜索', - 'PACKAGE' => '预设方案', + 'PACKAGE' => '用户方案', 'RRD' => '资源图表', 'STATS' => '统计信息', 'LOG' => '系统日志', @@ -102,7 +102,7 @@ $LANG['cn'] = array( 'open %s' => '打开 %s', 'download' => '下载', 'restore' => '恢复', - 'configure restore settings' => '配置恢复选项', + 'configure restore settings' => '配置恢复', 'stop' => '停止', 'start' => '启动', 'restart' => '重新启动', @@ -136,7 +136,7 @@ $LANG['cn'] = array( 'Editing Package' => '编辑方案', 'Adding IP address' => '添加IP地址', 'Editing IP Address' => '编辑IP地址', - 'Editing Backup Exclusions' => '配置排除的备份项目', + 'Editing Backup Exclusions' => '配置需排除备份的项目', 'Generating CSR' => '生成CSR', 'Listing' => '列出', 'Search Results' => '搜索结果', @@ -195,7 +195,7 @@ $LANG['cn'] = array( 'IP Addresses' => 'IP地址', 'Backups' => '备份', 'Backup System' => '备份系统', - 'backup exclusions' => '排除的备份项目', + 'backup exclusions' => '需排除备份的项目', 'template' => '模板', 'SSL Support' => '启用SSL', 'SSL Home Directory' => 'SSL站点主目录', @@ -211,7 +211,7 @@ $LANG['cn'] = array( 'TTL' => 'TTL', 'Expire' => '过期', 'Records' => '记录', - 'Serial' => 'Serial', + 'Serial' => '序号', 'Catchall email' => '未知收件人聚合邮箱', 'AntiVirus Support' => '防病毒支持', 'AntiSpam Support' => '防垃圾邮件支持', @@ -251,19 +251,19 @@ $LANG['cn'] = array( 'Owner' => '归属', 'Users' => '用户', 'Load Average' => '平均负载', - 'Memory Usage' => '内存用量', - 'APACHE2 Usage' => 'Apache2 用量', - 'HTTPD Usage' => 'HTTPD 用量', - 'NGINX Usage' => 'NGINX 用量', - 'MySQL Usage on localhost' => 'MySQL用量 (localhost)', - 'PostgreSQL Usage on localhost' => 'PostgreSQL用量 (localhost)', - 'Bandwidth Usage eth0' => '网络流量 (eth0)', - 'Bandwidth Usage eth1' => '网络流量 (eth1)', - 'Bandwidth Usage venet0' => '网络流量 (venet0)', - 'Bandwidth Usage venet1' => '网络流量 (venet1)', - 'Exim Usage' => 'Exim 用量', - 'FTP Usage' => 'FTP 用量', - 'SSH Usage' => 'SSH 用量', + 'Memory Usage' => '内存使用情况', + 'APACHE2 Usage' => 'Apache2 使用情况', + 'HTTPD Usage' => 'HTTPD 使用情况', + 'NGINX Usage' => 'NGINX 使用情况', + 'MySQL Usage on localhost' => 'MySQL 使用情况 (localhost)', + 'PostgreSQL Usage on localhost' => 'PostgreSQL 使用情况 (localhost)', + 'Bandwidth Usage eth0' => '网络使用情况 (eth0)', + 'Bandwidth Usage eth1' => '网络使用情况 (eth1)', + 'Bandwidth Usage venet0' => '网络使用情况 (venet0)', + 'Bandwidth Usage venet1' => '网络使用情况 (venet1)', + 'Exim Usage' => 'Exim 使用情况', + 'FTP Usage' => 'FTP 使用情况', + 'SSH Usage' => 'SSH 使用情况', 'reverse proxy' => '反向代理', 'web server' => 'Web服务', 'backend server' => '后端服务', //New Keyword for PHP-FPM in SERVER page. @@ -712,7 +712,7 @@ $LANG['cn'] = array( 'Disable and Cancel Licence' => '停用并取消许可', 'Licence Activated' => '许可已激活', 'Licence Deactivated' => '许可已停用', - 'Restrict users so that they cannot use SSH and access only their home directory.' => '限制用户,使他们通过 SSH 只能访问自己的主目录。', + 'Restrict users so that they cannot use SSH and access only their home directory.' => '限制用户,对他们禁用 SSH 且只能访问自己的主目录。', 'Browse, copy, edit, view, and retrieve all of your web domain files using fully featured File Manager.' => '功能全面的文件管理器,浏览,复制,编辑,查看和检索你的 Web 文件。', 'This is a commercial module, you would need to purchace license key to enable it.' => '这是商业模块,请购买许可密匙来启用它。', @@ -745,12 +745,12 @@ $LANG['cn'] = array( 'awstats' => 'AWStats', 'Vesta SSL' => 'Vesta SSL', - 'SUBJECT' => '颁发给', + 'SUBJECT' => '使用者', 'ALIASES' => '可选名称', - 'NOT_BEFORE' => '有效期从', + 'NOT_BEFORE' => '有效期自', 'NOT_AFTER' => '有效期至', 'SIGNATURE' => '签名算法', - 'PUB_KEY' => '公钥长度', + 'PUB_KEY' => '密钥大小', 'ISSUER' => '颁发者', 'Use server hostname' => '采用服务器主机名', From 8edf965375c912dd93230ab178dc52f2c653b10c Mon Sep 17 00:00:00 2001 From: Serghey Rodin Date: Thu, 14 Mar 2019 00:44:06 +0200 Subject: [PATCH 114/197] backend: user domain vesta ssl certificate support --- ...v-copy-sys-mail-ssl => v-add-sys-mail-ssl} | 23 ++- ...copy-sys-vesta-ssl => v-add-sys-vesta-ssl} | 6 +- bin/v-add-web-domain-ssl | 16 +++ bin/v-delete-sys-mail-ssl | 75 ++++++++++ bin/v-delete-sys-vesta-ssl | 37 +++++ bin/v-list-sys-config | 19 ++- bin/v-list-sys-mail-ssl | 135 ++++++++++++++++++ bin/v-search-ssl-certificates | 16 +-- 8 files changed, 307 insertions(+), 20 deletions(-) rename bin/{v-copy-sys-mail-ssl => v-add-sys-mail-ssl} (77%) rename bin/{v-copy-sys-vesta-ssl => v-add-sys-vesta-ssl} (93%) create mode 100755 bin/v-delete-sys-mail-ssl create mode 100755 bin/v-delete-sys-vesta-ssl create mode 100755 bin/v-list-sys-mail-ssl diff --git a/bin/v-copy-sys-mail-ssl b/bin/v-add-sys-mail-ssl similarity index 77% rename from bin/v-copy-sys-mail-ssl rename to bin/v-add-sys-mail-ssl index 5b52a688..1ebffdc3 100755 --- a/bin/v-copy-sys-mail-ssl +++ b/bin/v-add-sys-mail-ssl @@ -26,7 +26,7 @@ source $VESTA/conf/vesta.conf check_args '2' "$#" 'USER DOMAIN [RESTART]' is_format_valid 'user' 'domain' -is_system_enabled "$WEB_SYSTEM" 'WEB_SYSTEM' +is_system_enabled "$MAIL_SYSTEM" 'MAIL_SYSTEM' is_object_valid 'user' 'USER' "$user" is_object_valid 'web' 'DOMAIN' "$domain" is_object_value_exist 'web' 'DOMAIN' "$domain" '$SSL' @@ -51,8 +51,8 @@ fi diff $dom_crt $vst_crt >/dev/null 2>&1 if [ $? -ne 0 ]; then rm -f $vst_crt.old $vst_key.old - mv $vst_crt $vst_crt.old - mv $vst_key $vst_key.old + mv $vst_crt $vst_crt.old >/dev/null 2>&1 + mv $vst_key $vst_key.old >/dev/null 2>&1 cp $dom_crt $vst_crt 2>/dev/null cp $dom_key $vst_key 2>/dev/null chown root:mail $vst_crt $vst_key @@ -60,6 +60,23 @@ else restart=no fi +# Updating mail certificate +case $MAIL_SYSTEM in + exim) conf='/etc/exim/exim.conf';; + exim4) conf='/etc/exim4/exim4.conf.template';; +esac +if [ -e "$conf" ]; then + sed -e "s|^tls_certificate.*|tls_certificate = $vst_crt|" \ + -e "s|^tls_privatekey.*|tls_privatekey = $vst_key|" -i $conf +fi + +# Updating imap certificate +conf="/etc/dovecot/conf.d/10-ssl.conf" +if [ ! -z "$IMAP_SYSTEM" ] && [ -e "$conf" ]; then + sed -e "s|ssl_cert.*|ssl_cert = <$vst_crt|" \ + -e "s|ssl_key.*|ssl_key = <$vst_key|" -i $conf +fi + #----------------------------------------------------------# # Vesta # diff --git a/bin/v-copy-sys-vesta-ssl b/bin/v-add-sys-vesta-ssl similarity index 93% rename from bin/v-copy-sys-vesta-ssl rename to bin/v-add-sys-vesta-ssl index 94a0cdfc..32cd6c14 100755 --- a/bin/v-copy-sys-vesta-ssl +++ b/bin/v-add-sys-vesta-ssl @@ -1,5 +1,5 @@ #!/bin/bash -# info: copy vesta ssl certificate +# info: add vesta ssl certificate # options: USER DOMAIN [RESTART] # # The function copies user domain SSL to vesta SSL directory @@ -67,10 +67,10 @@ fi # Restarting services if [ "$restart" != 'no' ]; then - if [ ! -z "$MAIL_SYSTEM" ]; then + if [ ! -z "$MAIL_SYSTEM" ] && [ -z "$MAIL_CERTIFICATE" ]; then $BIN/v-restart-service $MAIL_SYSTEM fi - if [ ! -z "$IMAP_SYSTEM" ]; then + if [ ! -z "$IMAP_SYSTEM" ] && [ -z "$MAIL_CERTIFICATE" ]; then $BIN/v-restart-service $IMAP_SYSTEM fi if [ ! -z "$FTP_SYSTEM" ]; then diff --git a/bin/v-add-web-domain-ssl b/bin/v-add-web-domain-ssl index a006d072..d7a209f1 100755 --- a/bin/v-add-web-domain-ssl +++ b/bin/v-add-web-domain-ssl @@ -120,6 +120,22 @@ check_result $? "Web restart failed" >/dev/null $BIN/v-restart-proxy $restart check_result $? "Proxy restart failed" >/dev/null +# Updating system ssl dependencies +if [ -z "$VESTA_CERTIFICATE" ]; then + crt_user=$(echo "$VESTA_CERTIFICATE" |cut -f 1 -d :) + crt_domain=$(echo "$VESTA_CERTIFICATE" |cut -f 2 -d :) + if [ "$user" = "$crt_user" ] && [ "$domain" = "$crt_domain" ]; then + $BIN/v-add-sys-vesta-ssl $user $domain >/dev/null 2>&1 + fi +fi +if [ -z "$MAIL_CERTIFICATE" ]; then + crt_user=$(echo "$MAIL_CERTIFICATE" |cut -f 1 -d :) + crt_domain=$(echo "$MAIL_CERTIFICATE" |cut -f 2 -d :) + if [ "$user" = "$crt_user" ] && [ "$domain" = "$crt_domain" ]; then + $BIN/v-add-sys-mail-ssl $user $domain >/dev/null 2>&1 + fi +fi + if [ ! -z "$UPDATE_HOSTNAME_SSL" ] && [ "$UPDATE_HOSTNAME_SSL" = "yes" ]; then hostname=$(hostname) if [ "$hostname" = "$domain" ]; then diff --git a/bin/v-delete-sys-mail-ssl b/bin/v-delete-sys-mail-ssl new file mode 100755 index 00000000..06dab82b --- /dev/null +++ b/bin/v-delete-sys-mail-ssl @@ -0,0 +1,75 @@ +#!/bin/bash +# info: delete sys vesta user ssl certificate +# options: NONE +# +# The script disables user domain ssl synchronization + + +#----------------------------------------------------------# +# Variable & Function # +#----------------------------------------------------------# + +# Includes +source $VESTA/func/main.sh +source $VESTA/conf/vesta.conf + + +#----------------------------------------------------------# +# Verifications # +#----------------------------------------------------------# + + +#----------------------------------------------------------# +# Action # +#----------------------------------------------------------# + +vst_crt="$VESTA/ssl/certificate.crt" +vst_key="$VESTA/ssl/certificate.key" + +# Updating mail certificate +case $MAIL_SYSTEM in + exim) conf='/etc/exim/exim.conf';; + exim4) conf='/etc/exim4/exim4.conf.template';; +esac +if [ -e "$conf" ]; then + sed -e "s|^tls_certificate.*|tls_certificate = $vst_crt|" \ + -e "s|^tls_privatekey.*|tls_privatekey = $vst_key|" -i $conf +fi + +# Updating imap certificate +conf="/etc/dovecot/conf.d/10-ssl.conf" +if [ ! -z "$IMAP_SYSTEM" ] && [ -e "$conf" ]; then + sed -e "s|ssl_cert.*|ssl_cert = <$vst_crt|" \ + -e "s|ssl_key.*|ssl_key = <$vst_key|" -i $conf +fi + +# Moving old certificates +if [ -e "$VESTA/ssl/mail.crt" ]; then + mv -f $VESTA/ssl/mail.crt $VESTA/ssl/mail.crt.old +fi +if [ -e "VESTA/ssl/mail.key" ]; then + mv $VESTA/ssl/mail.key VESTA/ssl/mail.key.old +fi + +# Updating vesta.conf value +sed -i "/MAIL_CERTIFICATE=/ d" $VESTA/conf/vesta.conf + + +#----------------------------------------------------------# +# Vesta # +#----------------------------------------------------------# + +# Restarting services +if [ "$restart" != 'no' ]; then + if [ ! -z "$MAIL_SYSTEM" ]; then + $BIN/v-restart-service $MAIL_SYSTEM + fi + if [ ! -z "$IMAP_SYSTEM" ]; then + $BIN/v-restart-service $IMAP_SYSTEM + fi +fi + +# Logging +log_event "$OK" "$ARGUMENTS" + +exit diff --git a/bin/v-delete-sys-vesta-ssl b/bin/v-delete-sys-vesta-ssl new file mode 100755 index 00000000..e90f32b9 --- /dev/null +++ b/bin/v-delete-sys-vesta-ssl @@ -0,0 +1,37 @@ +#!/bin/bash +# info: delete sys vesta user ssl certificate +# options: NONE +# +# The script disables user domain ssl synchronization + + +#----------------------------------------------------------# +# Variable & Function # +#----------------------------------------------------------# + +# Includes +source $VESTA/func/main.sh +source $VESTA/conf/vesta.conf + + +#----------------------------------------------------------# +# Verifications # +#----------------------------------------------------------# + + +#----------------------------------------------------------# +# Action # +#----------------------------------------------------------# + +# Updating vesta.conf value +sed -i "/VESTA_CERTIFICATE=/ d" $VESTA/conf/vesta.conf + + +#----------------------------------------------------------# +# Vesta # +#----------------------------------------------------------# + +# Logging +log_event "$OK" "$ARGUMENTS" + +exit diff --git a/bin/v-list-sys-config b/bin/v-list-sys-config index 879c3ab3..7764af29 100755 --- a/bin/v-list-sys-config +++ b/bin/v-list-sys-config @@ -51,7 +51,9 @@ json_list() { "MAIL_URL": "'$MAIL_URL'", "DB_PMA_URL": "'$DB_PMA_URL'", "DB_PGA_URL": "'$DB_PGA_URL'", - "SOFTACULOUS": "'$SOFTACULOUS'" + "SOFTACULOUS": "'$SOFTACULOUS'", + "MAIL_CERTIFICATE": "'$MAIL_CERTIFICATE'", + "VESTA_CERTIFICATE": "'$VESTA_CERTIFICATE'" } }' } @@ -138,6 +140,12 @@ shell_list() { if [ ! -z "$LANGUAGE" ] && [ "$LANGUAGE" != 'en' ]; then echo "Language: $LANGUAGE" fi + if [ ! -z "$MAIL_CERTIFICATE" ]; then + echo "Mail SSL: $MAIL_CERTIFICATE" + fi + if [ ! -z "$VESTA_CERTIFICATE" ]; then + echo "Vesta SSL: $VESTA_CERTIFICATE" + fi echo "Version: $VERSION" } @@ -151,7 +159,8 @@ plain_list() { echo -ne "$CRON_SYSTEM\t$DISK_QUOTA\t$FIREWALL_SYSTEM\t" echo -ne "$FIREWALL_EXTENSION\t$FILEMANAGER_KEY\t$SFTPJAIL_KEY\t" echo -ne "$REPOSITORY\t$VERSION\t$LANGUAGE\t$BACKUP_GZIP\t$BACKUP\t" - echo -e "$MAIL_URL\t$DB_PMA_URL\t$DB_PGA_URL" + echo -ne "$MAIL_URL\t$DB_PMA_URL\t$DB_PGA_URL\t$MAIL_CERTIFICATE\t" + echo -e "$VESTA_CERTIFICATE" } @@ -165,7 +174,8 @@ csv_list() { echo -n "'CRON_SYSTEM','DISK_QUOTA','FIREWALL_SYSTEM'," echo -n "'FIREWALL_EXTENSION','FILEMANAGER_KEY','SFTPJAIL_KEY'," echo -n "'REPOSITORY','VERSION','LANGUAGE','BACKUP_GZIP','BACKUP'," - echo -n "'MAIL_URL','DB_PMA_URL','DB_PGA_URL'" + echo -n "'MAIL_URL','DB_PMA_URL','DB_PGA_URL', 'SOFTACULOUS'," + echo -n "'MAIL_CERTIFICATE','VESTA_CERTIFICATE'" echo echo -n "'$WEB_SYSTEM','$WEB_RGROUPS','$WEB_PORT','$WEB_SSL'," echo -n "'$WEB_SSL_PORT','$WEB_BACKEND','$PROXY_SYSTEM','$PROXY_PORT'," @@ -176,6 +186,7 @@ csv_list() { echo -n "'$FIREWALL_EXTENSION','$FILEMANAGER_KEY','$SFTPJAIL_KEY'," echo -n "'$REPOSITORY','$VERSION','$LANGUAGE','$BACKUP_GZIP','$BACKUP'," echo -n "'$MAIL_URL','$DB_PMA_URL','$DB_PGA_URL', '$SOFTACULOUS'" + echo -n "'$MAIL_CERTIFICATE','$VESTA_CERTIFICATE'" echo } @@ -187,7 +198,7 @@ csv_list() { # Listing data case $format in json) json_list ;; - plain) shell_list ;; + plain) plain_list ;; csv) csv_list ;; shell) shell_list ;; esac diff --git a/bin/v-list-sys-mail-ssl b/bin/v-list-sys-mail-ssl new file mode 100755 index 00000000..5da74e08 --- /dev/null +++ b/bin/v-list-sys-mail-ssl @@ -0,0 +1,135 @@ +#!/bin/bash +# info: list mail ssl certificate +# options: [FORMAT] +# +# The function of obtaining mail ssl files. + + +#----------------------------------------------------------# +# Variable&Function # +#----------------------------------------------------------# + +# Argument definition +format=${1-shell} + +# Includes +source $VESTA/func/main.sh + +# JSON list function +json_list() { + echo '{' + echo -e "\t\"MAIL\": {" + echo " \"CRT\": \"$crt\"," + echo " \"KEY\": \"$key\"," + echo " \"CA\": \"$ca\"," + echo " \"SUBJECT\": \"$subj\"," + echo " \"ALIASES\": \"$alt_dns\"," + echo " \"NOT_BEFORE\": \"$before\"," + echo " \"NOT_AFTER\": \"$after\"," + echo " \"SIGNATURE\": \"$signature\"," + echo " \"PUB_KEY\": \"$pub_key\"," + echo " \"ISSUER\": \"$issuer\"" + echo -e "\t}\n}" +} + +# SHELL list function +shell_list() { + if [ ! -z "$crt" ]; then + echo -e "$crt" + fi + if [ ! -z "$key" ]; then + echo -e "\n$key" + fi + if [ ! -z "$crt" ]; then + echo + echo + echo "SUBJECT: $subj" + if [ ! -z "$alt_dns" ]; then + echo "ALIASES: ${alt_dns//,/ }" + fi + echo "VALID FROM: $before" + echo "VALID TIL: $after" + echo "SIGNATURE: $signature" + echo "PUB_KEY: $pub_key" + echo "ISSUER: $issuer" + fi +} + +# PLAIN list function +plain_list() { + if [ ! -z "$crt" ]; then + echo -e "$crt" + fi + if [ ! -z "$key" ]; then + echo -e "\n$key" + fi + if [ ! -z "$ca" ]; then + echo -e "\n$ca" + fi + if [ ! -z "$crt" ]; then + echo "$subj" + echo "${alt_dns//,/ }" + echo "$before" + echo "$after" + echo "$signature" + echo "$pub_key" + echo "$issuer" + fi + +} + +# CSV list function +csv_list() { + echo -n "CRT,KEY,CA,SUBJECT,ALIASES,NOT_BEFORE,NOT_AFTER,SIGNATURE," + echo "PUB_KEY,ISSUER" + echo -n "\"$crt\",\"$key\",\"$ca\",\"$subj\",\"${alt_dns//,/ }\"," + echo "\"$before\",\"$after\",\"$signature\",\"$pub_key\",\"$issuer\"" +} + + +#----------------------------------------------------------# +# Verifications # +#----------------------------------------------------------# + + + +#----------------------------------------------------------# +# Action # +#----------------------------------------------------------# + +# Parsing SSL certificate +if [ ! -e "$VESTA/ssl/mail.crt" ] || [ ! -e "$VESTA/ssl/mail.key" ]; then + exit +fi + +crt=$(cat $VESTA/ssl/mail.crt |sed ':a;N;$!ba;s/\n/\\n/g') +key=$(cat $VESTA/ssl/mail.key |sed ':a;N;$!ba;s/\n/\\n/g') + + +# Parsing SSL certificate details without CA +info=$(openssl x509 -text -in $VESTA/ssl/mail.crt) +subj=$(echo "$info" |grep Subject: |cut -f 2 -d =) +before=$(echo "$info" |grep Before: |sed -e "s/.*Before: //") +after=$(echo "$info" |grep "After :" |sed -e "s/.*After : //") +signature=$(echo "$info" |grep "Algorithm:" |head -n1 ) +signature=$(echo "$signature"| sed -e "s/.*Algorithm: //") +pub_key=$(echo "$info" |grep Public-Key: |cut -f2 -d \( | tr -d \)) +issuer=$(echo "$info" |grep Issuer: |sed -e "s/.*Issuer: //") +alt_dns=$(echo "$info" |grep DNS |sed -e 's/DNS:/\n/g' |tr -d ',') +alt_dns=$(echo "$alt_dns" |tr -d ' ' |sed -e "/^$/d") +alt_dns=$(echo "$alt_dns" |sed -e ':a;N;$!ba;s/\n/,/g') + +# Listing data +case $format in + json) json_list ;; + plain) plain_list ;; + csv) csv_list ;; + shell) shell_list ;; +esac + + +#----------------------------------------------------------# +# Vesta # +#----------------------------------------------------------# + +exit diff --git a/bin/v-search-ssl-certificates b/bin/v-search-ssl-certificates index 5a5c74bf..b392e810 100755 --- a/bin/v-search-ssl-certificates +++ b/bin/v-search-ssl-certificates @@ -18,23 +18,19 @@ source $VESTA/func/main.sh # JSON list function json_list() { IFS=$'\n' - i=1 objects=$(echo "$search_cmd" |wc -l) - echo "{" + i=1 + echo '[' for str in $search_cmd; do eval $str - echo -n ' "'$i'": { - "USER": "'$USER'", - "DOMAIN": "'$DOMAIN'" - }' if [ "$i" -lt "$objects" ]; then - echo ',' + echo -e "\t\"$USER:$DOMAIN\"," else - echo + echo -e "\t\"$USER:$DOMAIN\"" fi - ((i++)) + (( ++i)) done - echo '}' + echo "]" } # SHELL list function From 80ebfc0daa96a8c82ad932390671d0f5cbc30bac Mon Sep 17 00:00:00 2001 From: Serghey Rodin Date: Thu, 14 Mar 2019 00:44:32 +0200 Subject: [PATCH 115/197] frontend: user domain vesta ssl certificate support --- web/edit/server/index.php | 171 ++++++++++++++++++++----- web/templates/admin/edit_server.html | 180 ++++++++++++++++++++++++--- 2 files changed, 302 insertions(+), 49 deletions(-) diff --git a/web/edit/server/index.php b/web/edit/server/index.php index a505e214..467596f8 100644 --- a/web/edit/server/index.php +++ b/web/edit/server/index.php @@ -78,20 +78,43 @@ foreach ($backup_types as $backup_type) { } } +// List ssl web domains +exec (VESTA_CMD."v-search-ssl-certificates json", $output, $return_var); +$v_ssl_domains = json_decode(implode('', $output), true); +//$v_vesta_certificate +unset($output); + // List ssl certificate info exec (VESTA_CMD."v-list-sys-vesta-ssl json", $output, $return_var); -$ssl_str = json_decode(implode('', $output), true); +$v_sys_ssl_str = json_decode(implode('', $output), true); unset($output); -$v_ssl_crt = $ssl_str['VESTA']['CRT']; -$v_ssl_key = $ssl_str['VESTA']['KEY']; -$v_ssl_ca = $ssl_str['VESTA']['CA']; -$v_ssl_subject = $ssl_str['VESTA']['SUBJECT']; -$v_ssl_aliases = $ssl_str['VESTA']['ALIASES']; -$v_ssl_not_before = $ssl_str['VESTA']['NOT_BEFORE']; -$v_ssl_not_after = $ssl_str['VESTA']['NOT_AFTER']; -$v_ssl_signature = $ssl_str['VESTA']['SIGNATURE']; -$v_ssl_pub_key = $ssl_str['VESTA']['PUB_KEY']; -$v_ssl_issuer = $ssl_str['VESTA']['ISSUER']; +$v_sys_ssl_crt = $v_sys_ssl_str['VESTA']['CRT']; +$v_sys_ssl_key = $v_sys_ssl_str['VESTA']['KEY']; +$v_sys_ssl_ca = $v_sys_ssl_str['VESTA']['CA']; +$v_sys_ssl_subject = $v_sys_ssl_str['VESTA']['SUBJECT']; +$v_sys_ssl_aliases = $v_sys_ssl_str['VESTA']['ALIASES']; +$v_sys_ssl_not_before = $v_sys_ssl_str['VESTA']['NOT_BEFORE']; +$v_sys_ssl_not_after = $v_sys_ssl_str['VESTA']['NOT_AFTER']; +$v_sys_ssl_signature = $v_sys_ssl_str['VESTA']['SIGNATURE']; +$v_sys_ssl_pub_key = $v_sys_ssl_str['VESTA']['PUB_KEY']; +$v_sys_ssl_issuer = $v_sys_ssl_str['VESTA']['ISSUER']; + +// List mail ssl certificate info +if (!empty($_SESSION['VESTA_CERTIFICATE'])); { + exec (VESTA_CMD."v-list-sys-mail-ssl json", $output, $return_var); + $v_mail_ssl_str = json_decode(implode('', $output), true); + unset($output); + $v_mail_ssl_crt = $v_mail_ssl_str['MAIL']['CRT']; + $v_mail_ssl_key = $v_mail_ssl_str['MAIL']['KEY']; + $v_mail_ssl_ca = $v_mail_ssl_str['MAIL']['CA']; + $v_mail_ssl_subject = $v_mail_ssl_str['MAIL']['SUBJECT']; + $v_mail_ssl_aliases = $v_mail_ssl_str['MAIL']['ALIASES']; + $v_mail_ssl_not_before = $v_mail_ssl_str['MAIL']['NOT_BEFORE']; + $v_mail_ssl_not_after = $v_mail_ssl_str['MAIL']['NOT_AFTER']; + $v_mail_ssl_signature = $v_mail_ssl_str['MAIL']['SIGNATURE']; + $v_mail_ssl_pub_key = $v_mail_ssl_str['MAIL']['PUB_KEY']; + $v_mail_ssl_issuer = $v_mail_ssl_str['MAIL']['ISSUER']; +} // Check POST request if (!empty($_POST['save'])) { @@ -193,6 +216,47 @@ if (!empty($_POST['save'])) { } } + + // Delete Mail Domain SSL certificate + if ((!isset($_POST['v_mail_ssl_domain_checkbox'])) && (!empty($_SESSION['MAIL_CERTIFICATE'])) && (empty($_SESSION['error_msg']))) { + unset($_SESSION['MAIL_CERTIFICATE']); + exec (VESTA_CMD."v-delete-sys-mail-ssl", $output, $return_var); + check_return_code($return_var,$output); + unset($output); + } + + // Updating Mail Domain SSL certificate + if ((isset($_POST['v_mail_ssl_domain_checkbox'])) && (isset($_POST['v_mail_ssl_domain'])) && (empty($_SESSION['error_msg']))) { + if ((!empty($_POST['v_mail_ssl_domain'])) && ($_POST['v_mail_ssl_domain'] != $_SESSION['MAIL_CERTIFICATE'])) { + $v_mail_ssl_str = explode(":", $_POST['v_mail_ssl_domain']); + $v_mail_ssl_user = escapeshellarg($v_mail_ssl_str[0]); + $v_mail_ssl_domain = escapeshellarg($v_mail_ssl_str[1]); + exec (VESTA_CMD."v-add-sys-mail-ssl ".$v_mail_ssl_user." ".$v_mail_ssl_domain, $output, $return_var); + check_return_code($return_var,$output); + unset($output); + unset($v_mail_ssl_str); + + if (empty($_SESSION['error_msg'])) { + $_SESSION['MAIL_CERTIFICATE'] = $_POST['v_mail_ssl_domain']; + + // List SSL certificate info + exec (VESTA_CMD."v-list-sys-mail-ssl json", $output, $return_var); + $v_mail_ssl_str = json_decode(implode('', $output), true); + unset($output); + $v_mail_ssl_crt = $v_mail_ssl_str['MAIL']['CRT']; + $v_mail_ssl_key = $v_mail_ssl_str['MAIL']['KEY']; + $v_mail_ssl_ca = $v_mail_ssl_str['MAIL']['CA']; + $v_mail_ssl_subject = $v_mail_ssl_str['MAIL']['SUBJECT']; + $v_mail_ssl_aliases = $v_mail_ssl_str['MAIL']['ALIASES']; + $v_mail_ssl_not_before = $v_mail_ssl_str['MAIL']['NOT_BEFORE']; + $v_mail_ssl_not_after = $v_mail_ssl_str['MAIL']['NOT_AFTER']; + $v_mail_ssl_signature = $v_mail_ssl_str['MAIL']['SIGNATURE']; + $v_mail_ssl_pub_key = $v_mail_ssl_str['MAIL']['PUB_KEY']; + $v_mail_ssl_issuer = $v_mail_ssl_str['MAIL']['ISSUER']; + } + } + } + // Update webmail url if (empty($_SESSION['error_msg'])) { if ($_POST['v_mail_url'] != $_SESSION['MAIL_URL']) { @@ -352,24 +416,67 @@ if (!empty($_POST['save'])) { } } + + + // Delete WEB Domain SSL certificate + if ((!isset($_POST['v_web_ssl_domain_checkbox'])) && (!empty($_SESSION['VESTA_CERTIFICATE'])) && (empty($_SESSION['error_msg']))) { + unset($_SESSION['VESTA_CERTIFICATE']); + exec (VESTA_CMD."v-delete-sys-vesta-ssl", $output, $return_var); + check_return_code($return_var,$output); + unset($output); + } + + // Updating WEB Domain SSL certificate + if ((isset($_POST['v_web_ssl_domain_checkbox'])) && (isset($_POST['v_web_ssl_domain'])) && (empty($_SESSION['error_msg']))) { + + if ((!empty($_POST['v_web_ssl_domain'])) && ($_POST['v_web_ssl_domain'] != $_SESSION['VESTA_CERTIFICATE'])) { + $v_web_ssl_str = explode(":", $_POST['v_web_ssl_domain']); + $v_web_ssl_user = escapeshellarg($v_web_ssl_str[0]); + $v_web_ssl_domain = escapeshellarg($v_web_ssl_str[1]); + exec (VESTA_CMD."v-add-sys-vesta-ssl ".$v_web_ssl_user." ".$v_web_ssl_domain, $output, $return_var); + check_return_code($return_var,$output); + unset($output); + + if (empty($_SESSION['error_msg'])) { + $_SESSION['VESTA_CERTIFICATE'] = $_POST['v_web_ssl_domain']; + + // List SSL certificate info + exec (VESTA_CMD."v-list-sys-vesta-ssl json", $output, $return_var); + $v_sys_ssl_str = json_decode(implode('', $output), true); + unset($output); + $v_sys_ssl_crt = $v_sys_ssl_str['VESTA']['CRT']; + $v_sys_ssl_key = $v_sys_ssl_str['VESTA']['KEY']; + $v_sys_ssl_ca = $v_sys_ssl_str['VESTA']['CA']; + $v_sys_ssl_subject = $v_sys_ssl_str['VESTA']['SUBJECT']; + $v_sys_ssl_aliases = $v_sys_ssl_str['VESTA']['ALIASES']; + $v_sys_ssl_not_before = $v_sys_ssl_str['VESTA']['NOT_BEFORE']; + $v_sys_ssl_not_after = $v_sys_ssl_str['VESTA']['NOT_AFTER']; + $v_sys_ssl_signature = $v_sys_ssl_str['VESTA']['SIGNATURE']; + $v_sys_ssl_pub_key = $v_sys_ssl_str['VESTA']['PUB_KEY']; + $v_sys_ssl_issuer = $v_sys_ssl_str['VESTA']['ISSUER']; + } + } + } + + // Update SSL certificate - if ((!empty($_POST['v_ssl_crt'])) && (empty($_SESSION['error_msg']))) { - if (($v_ssl_crt != str_replace("\r\n", "\n", $_POST['v_ssl_crt'])) || ($v_ssl_key != str_replace("\r\n", "\n", $_POST['v_ssl_key']))) { + if ((!empty($_POST['v_sys_ssl_crt'])) && (empty($_POST['v_web_ssl_domain'])) && (empty($_SESSION['error_msg']))) { + if (($v_sys_ssl_crt != str_replace("\r\n", "\n", $_POST['v_sys_ssl_crt'])) || ($v_sys_ssl_key != str_replace("\r\n", "\n", $_POST['v_sys_ssl_key']))) { exec ('mktemp -d', $mktemp_output, $return_var); $tmpdir = $mktemp_output[0]; // Certificate - if (!empty($_POST['v_ssl_crt'])) { + if (!empty($_POST['v_sys_ssl_crt'])) { $fp = fopen($tmpdir."/certificate.crt", 'w'); - fwrite($fp, str_replace("\r\n", "\n", $_POST['v_ssl_crt'])); + fwrite($fp, str_replace("\r\n", "\n", $_POST['v_sys_ssl_crt'])); fwrite($fp, "\n"); fclose($fp); } // Key - if (!empty($_POST['v_ssl_key'])) { + if (!empty($_POST['v_sys_ssl_key'])) { $fp = fopen($tmpdir."/certificate.key", 'w'); - fwrite($fp, str_replace("\r\n", "\n", $_POST['v_ssl_key'])); + fwrite($fp, str_replace("\r\n", "\n", $_POST['v_sys_ssl_key'])); fwrite($fp, "\n"); fclose($fp); } @@ -378,20 +485,22 @@ if (!empty($_POST['save'])) { check_return_code($return_var,$output); unset($output); - // List ssl certificate info - exec (VESTA_CMD."v-list-sys-vesta-ssl json", $output, $return_var); - $ssl_str = json_decode(implode('', $output), true); - unset($output); - $v_ssl_crt = $ssl_str['VESTA']['CRT']; - $v_ssl_key = $ssl_str['VESTA']['KEY']; - $v_ssl_ca = $ssl_str['VESTA']['CA']; - $v_ssl_subject = $ssl_str['VESTA']['SUBJECT']; - $v_ssl_aliases = $ssl_str['VESTA']['ALIASES']; - $v_ssl_not_before = $ssl_str['VESTA']['NOT_BEFORE']; - $v_ssl_not_after = $ssl_str['VESTA']['NOT_AFTER']; - $v_ssl_signature = $ssl_str['VESTA']['SIGNATURE']; - $v_ssl_pub_key = $ssl_str['VESTA']['PUB_KEY']; - $v_ssl_issuer = $ssl_str['VESTA']['ISSUER']; + if (empty($_SESSION['error_msg'])) { + // List ssl certificate info + exec (VESTA_CMD."v-list-sys-vesta-ssl json", $output, $return_var); + $v_sys_ssl_str = json_decode(implode('', $output), true); + unset($output); + $v_sys_ssl_crt = $v_sys_ssl_str['VESTA']['CRT']; + $v_sys_ssl_key = $v_sys_ssl_str['VESTA']['KEY']; + $v_sys_ssl_ca = $v_sys_ssl_str['VESTA']['CA']; + $v_sys_ssl_subject = $v_sys_ssl_str['VESTA']['SUBJECT']; + $v_sys_ssl_aliases = $v_sys_ssl_str['VESTA']['ALIASES']; + $v_sys_ssl_not_before = $v_sys_ssl_str['VESTA']['NOT_BEFORE']; + $v_sys_ssl_not_after = $v_sys_ssl_str['VESTA']['NOT_AFTER']; + $v_sys_ssl_signature = $v_sys_ssl_str['VESTA']['SIGNATURE']; + $v_sys_ssl_pub_key = $v_sys_ssl_str['VESTA']['PUB_KEY']; + $v_sys_ssl_issuer = $v_sys_ssl_str['VESTA']['ISSUER']; + } } } diff --git a/web/templates/admin/edit_server.html b/web/templates/admin/edit_server.html index 285a16c3..9de86222 100644 --- a/web/templates/admin/edit_server.html +++ b/web/templates/admin/edit_server.html @@ -280,13 +280,115 @@

    - + + + + + + + + + + + + + + + + + +
    + +
    + +

    +
    + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    + : + + +
    + : + + +
    + : + + +
    + : + + +
    + : + + +
    + : + + +
    + : + + +
    +
    + + - @@ -503,7 +605,8 @@ ">

    - + +     @@ -513,9 +616,10 @@ - + +
    - -
    + +
    @@ -580,13 +684,54 @@
    - +
    + + + + + + + @@ -604,7 +749,7 @@ @@ -615,16 +760,16 @@ : - + @@ -633,7 +778,7 @@ : @@ -641,7 +786,7 @@ : @@ -649,16 +794,15 @@ : - @@ -666,7 +810,7 @@ :
    + +
    + + + + + + + +
    + +
    + +

    +
    +
    @@ -594,7 +739,7 @@
    - +
    - +
    - +
    : - +
    - +
    - +
    - +
    : - +
    - +
    From 6a9b7d35078e3dd4aac13cd867fed4d9fe5c9146 Mon Sep 17 00:00:00 2001 From: Serghey Rodin Date: Thu, 14 Mar 2019 14:34:38 +0200 Subject: [PATCH 116/197] Use Web Domain SSL Certificate -> i18n --- web/inc/i18n/ar.php | 1 + web/inc/i18n/az.php | 1 + web/inc/i18n/bg.php | 1 + web/inc/i18n/bs.php | 1 + web/inc/i18n/cn.php | 1 + web/inc/i18n/cz.php | 1 + web/inc/i18n/da.php | 1 + web/inc/i18n/de.php | 1 + web/inc/i18n/el.php | 1 + web/inc/i18n/en.php | 1 + web/inc/i18n/es.php | 1 + web/inc/i18n/fa.php | 1 + web/inc/i18n/fi.php | 1 + web/inc/i18n/fr.php | 1 + web/inc/i18n/hu.php | 1 + web/inc/i18n/id.php | 1 + web/inc/i18n/it.php | 1 + web/inc/i18n/ja.php | 1 + web/inc/i18n/ka.php | 1 + web/inc/i18n/ko.php | 1 + web/inc/i18n/nl.php | 1 + web/inc/i18n/no.php | 1 + web/inc/i18n/pl.php | 1 + web/inc/i18n/pt-BR.php | 1 + web/inc/i18n/pt.php | 1 + web/inc/i18n/ro.php | 1 + web/inc/i18n/ru.php | 1 + web/inc/i18n/se.php | 1 + web/inc/i18n/sr.php | 1 + web/inc/i18n/th.php | 1 + web/inc/i18n/tr.php | 1 + web/inc/i18n/tw.php | 1 + web/inc/i18n/ua.php | 1 + web/inc/i18n/ur.php | 1 + web/inc/i18n/vi.php | 1 + 35 files changed, 35 insertions(+) diff --git a/web/inc/i18n/ar.php b/web/inc/i18n/ar.php index dd28828e..e50cfec7 100644 --- a/web/inc/i18n/ar.php +++ b/web/inc/i18n/ar.php @@ -560,6 +560,7 @@ $LANG['ar'] = array( 'MAIL Server' => 'مخدم البريد الالكتروني', 'Antivirus' => 'مضاد الفيروسات', 'AntiSpam' => 'مضاد البريد المزعج سبام', + 'Use Web Domain SSL Certificate' => 'Use Web Domain SSL Certificate', 'Webmail URL' => 'رابط WebMail', 'MySQL Support' => 'دعم MySQL', 'phpMyAdmin URL' => 'رابط phpMyAdmin', diff --git a/web/inc/i18n/az.php b/web/inc/i18n/az.php index de5a0352..715043a0 100644 --- a/web/inc/i18n/az.php +++ b/web/inc/i18n/az.php @@ -540,6 +540,7 @@ $LANG['az'] = array( 'MAIL Server' => 'MAIL Server', 'Antivirus' => 'Antivirus', 'AntiSpam' => 'AntiSpam', + 'Use Web Domain SSL Certificate' => 'Use Web Domain SSL Certificate', 'Webmail URL' => 'Vebmail URL', 'MySQL Support' => 'MySQL dəstək', 'phpMyAdmin URL' => 'phpMyAdmin URL', diff --git a/web/inc/i18n/bg.php b/web/inc/i18n/bg.php index 760b88c1..642e6cfa 100644 --- a/web/inc/i18n/bg.php +++ b/web/inc/i18n/bg.php @@ -553,6 +553,7 @@ $LANG['bg'] = array( 'MAIL Server' => 'Пощенски сървър', 'Antivirus' => 'Антивирус', 'AntiSpam' => 'Антиспам', + 'Use Web Domain SSL Certificate' => 'Use Web Domain SSL Certificate', 'Webmail URL' => 'Уебмейл адрес', 'MySQL Support' => 'MySQL поддръжкс', 'phpMyAdmin URL' => 'phpMyAdmin адрес', diff --git a/web/inc/i18n/bs.php b/web/inc/i18n/bs.php index 22d997e5..4e2f32e1 100644 --- a/web/inc/i18n/bs.php +++ b/web/inc/i18n/bs.php @@ -559,6 +559,7 @@ $LANG['bs'] = array( 'MAIL Server' => 'MAIL Server', 'Antivirus' => 'Antivirus', 'AntiSpam' => 'AntiSpam', + 'Use Web Domain SSL Certificate' => 'Use Web Domain SSL Certificate', 'Webmail URL' => 'Webmail URL', 'MySQL Support' => 'MySQL Support', 'phpMyAdmin URL' => 'phpMyAdmin URL', diff --git a/web/inc/i18n/cn.php b/web/inc/i18n/cn.php index ee9c9747..d2c96311 100644 --- a/web/inc/i18n/cn.php +++ b/web/inc/i18n/cn.php @@ -568,6 +568,7 @@ $LANG['cn'] = array( 'MAIL Server' => '邮箱服务器', 'Antivirus' => '防病毒引擎', 'AntiSpam' => '防垃圾邮件', + 'Use Web Domain SSL Certificate' => 'Use Web Domain SSL Certificate', 'Webmail URL' => '网页邮箱网址', 'MySQL Support' => 'MySQL 支持', 'phpMyAdmin URL' => '设置 phpMyAdmin 网址', diff --git a/web/inc/i18n/cz.php b/web/inc/i18n/cz.php index f9f291bf..9a0cac79 100644 --- a/web/inc/i18n/cz.php +++ b/web/inc/i18n/cz.php @@ -560,6 +560,7 @@ $LANG['cz'] = array( 'MAIL Server' => 'MAIL Server', 'Antivirus' => 'Antivirus', 'AntiSpam' => 'AntiSpam', + 'Use Web Domain SSL Certificate' => 'Use Web Domain SSL Certificate', 'Webmail URL' => 'Webmail URL', 'MySQL Support' => 'MySQL Support', 'phpMyAdmin URL' => 'phpMyAdmin URL', diff --git a/web/inc/i18n/da.php b/web/inc/i18n/da.php index 80e78a35..6e0fab72 100644 --- a/web/inc/i18n/da.php +++ b/web/inc/i18n/da.php @@ -561,6 +561,7 @@ $LANG['da'] = array( 'MAIL Server' => 'MAIL Server', 'Antivirus' => 'Antivirus', 'AntiSpam' => 'AntiSpam', + 'Use Web Domain SSL Certificate' => 'Use Web Domain SSL Certificate', 'Webmail URL' => 'Webmail URL', 'MySQL Support' => 'MySQL Support', 'phpMyAdmin URL' => 'phpMyAdmin URL', diff --git a/web/inc/i18n/de.php b/web/inc/i18n/de.php index e5ee45d0..17d1101f 100644 --- a/web/inc/i18n/de.php +++ b/web/inc/i18n/de.php @@ -559,6 +559,7 @@ $LANG['de'] = array( 'MAIL Server' => 'MAIL Server', 'Antivirus' => 'Antivirus', 'AntiSpam' => 'AntiSpam', + 'Use Web Domain SSL Certificate' => 'Use Web Domain SSL Certificate', 'Webmail URL' => 'Webmail URL', 'MySQL Support' => 'MySQL Support', 'phpMyAdmin URL' => 'phpMyAdmin URL', diff --git a/web/inc/i18n/el.php b/web/inc/i18n/el.php index 7e193523..bef89086 100644 --- a/web/inc/i18n/el.php +++ b/web/inc/i18n/el.php @@ -561,6 +561,7 @@ $LANG['el'] = array( 'MAIL Server' => 'MAIL Server', 'Antivirus' => 'Antivirus', 'AntiSpam' => 'AntiSpam', + 'Use Web Domain SSL Certificate' => 'Use Web Domain SSL Certificate', 'Webmail URL' => 'Webmail URL', 'MySQL Support' => 'MySQL Support', 'phpMyAdmin URL' => 'phpMyAdmin URL', diff --git a/web/inc/i18n/en.php b/web/inc/i18n/en.php index ed5c1f2e..d7ae290d 100644 --- a/web/inc/i18n/en.php +++ b/web/inc/i18n/en.php @@ -559,6 +559,7 @@ $LANG['en'] = array( 'MAIL Server' => 'MAIL Server', 'Antivirus' => 'Antivirus', 'AntiSpam' => 'AntiSpam', + 'Use Web Domain SSL Certificate' => 'Use Web Domain SSL Certificate', 'Webmail URL' => 'Webmail URL', 'MySQL Support' => 'MySQL Support', 'phpMyAdmin URL' => 'phpMyAdmin URL', diff --git a/web/inc/i18n/es.php b/web/inc/i18n/es.php index 212d78a2..12d3d29c 100644 --- a/web/inc/i18n/es.php +++ b/web/inc/i18n/es.php @@ -567,6 +567,7 @@ $LANG['es'] = array( 'MAIL Server' => 'Servidor de Correo', 'Antivirus' => 'Antivirus', 'AntiSpam' => 'AntiSpam', + 'Use Web Domain SSL Certificate' => 'Use Web Domain SSL Certificate', 'Webmail URL' => 'Webmail URL', 'MySQL Support' => 'Soportar MYSQL', 'phpMyAdmin URL' => 'phpMyAdmin URL', diff --git a/web/inc/i18n/fa.php b/web/inc/i18n/fa.php index 57295481..8355691a 100644 --- a/web/inc/i18n/fa.php +++ b/web/inc/i18n/fa.php @@ -543,6 +543,7 @@ $LANG['fa'] = array( 'MAIL Server' => 'سرور پستی', 'Antivirus' => 'ضد ویروس', 'AntiSpam' => 'ضد هرزنامه', + 'Use Web Domain SSL Certificate' => 'Use Web Domain SSL Certificate', 'Webmail URL' => 'نشانی وب میل', 'MySQL Support' => 'پشتیبانی MySQL', 'phpMyAdmin URL' => 'نشانی phpMyAdmin', diff --git a/web/inc/i18n/fi.php b/web/inc/i18n/fi.php index f2eddbab..951f8da3 100644 --- a/web/inc/i18n/fi.php +++ b/web/inc/i18n/fi.php @@ -561,6 +561,7 @@ $LANG['fi'] = array( 'MAIL Server' => 'MAIL-palvelin', 'Antivirus' => 'Antivirus', 'AntiSpam' => 'AntiSpam', + 'Use Web Domain SSL Certificate' => 'Use Web Domain SSL Certificate', 'Webmail URL' => 'Webmailin URL', 'MySQL Support' => 'MySQL Support', 'phpMyAdmin URL' => 'phpMyAdmin URL', diff --git a/web/inc/i18n/fr.php b/web/inc/i18n/fr.php index c57e6266..4e2e3144 100644 --- a/web/inc/i18n/fr.php +++ b/web/inc/i18n/fr.php @@ -559,6 +559,7 @@ $LANG['fr'] = array( 'MAIL Server' => 'MAIL Server', 'Antivirus' => 'Antivirus', 'AntiSpam' => 'AntiSpam', + 'Use Web Domain SSL Certificate' => 'Use Web Domain SSL Certificate', 'Webmail URL' => 'Webmail URL', 'MySQL Support' => 'MySQL Support', 'phpMyAdmin URL' => 'phpMyAdmin URL', diff --git a/web/inc/i18n/hu.php b/web/inc/i18n/hu.php index af461107..1c37f93f 100644 --- a/web/inc/i18n/hu.php +++ b/web/inc/i18n/hu.php @@ -563,6 +563,7 @@ $LANG['hu'] = array( 'MAIL Server' => 'MAIL Server', 'Antivirus' => 'Antivirus', 'AntiSpam' => 'AntiSpam', + 'Use Web Domain SSL Certificate' => 'Use Web Domain SSL Certificate', 'Webmail URL' => 'Webmail URL', 'MySQL Support' => 'MySQL Support', 'phpMyAdmin URL' => 'phpMyAdmin URL', diff --git a/web/inc/i18n/id.php b/web/inc/i18n/id.php index 1a55af74..4702b7cc 100644 --- a/web/inc/i18n/id.php +++ b/web/inc/i18n/id.php @@ -560,6 +560,7 @@ $LANG['id'] = array( 'MAIL Server' => 'MAIL Server', 'Antivirus' => 'Antivirus', 'AntiSpam' => 'AntiSpam', + 'Use Web Domain SSL Certificate' => 'Use Web Domain SSL Certificate', 'Webmail URL' => 'Webmail URL', 'MySQL Support' => 'MySQL Support', 'phpMyAdmin URL' => 'phpMyAdmin URL', diff --git a/web/inc/i18n/it.php b/web/inc/i18n/it.php index ec7a83d5..1e104c51 100644 --- a/web/inc/i18n/it.php +++ b/web/inc/i18n/it.php @@ -560,6 +560,7 @@ $LANG['it'] = array( 'MAIL Server' => 'MAIL Server', 'Antivirus' => 'Antivirus', 'AntiSpam' => 'AntiSpam', + 'Use Web Domain SSL Certificate' => 'Use Web Domain SSL Certificate', 'Webmail URL' => 'Webmail URL', 'MySQL Support' => 'MySQL Support', 'phpMyAdmin URL' => 'phpMyAdmin URL', diff --git a/web/inc/i18n/ja.php b/web/inc/i18n/ja.php index f2836948..a592fd7b 100644 --- a/web/inc/i18n/ja.php +++ b/web/inc/i18n/ja.php @@ -559,6 +559,7 @@ $LANG['ja'] = array( 'MAIL Server' => 'メールサーバー', 'Antivirus' => 'アンチウイルス', 'AntiSpam' => 'アンチスパム', + 'Use Web Domain SSL Certificate' => 'Use Web Domain SSL Certificate', 'Webmail URL' => 'ウェブメールのURL', 'MySQL Support' => 'MySQLのサポート', 'phpMyAdmin URL' => 'phpMyAdminのURL', diff --git a/web/inc/i18n/ka.php b/web/inc/i18n/ka.php index abbcb479..1512e06c 100644 --- a/web/inc/i18n/ka.php +++ b/web/inc/i18n/ka.php @@ -559,6 +559,7 @@ $LANG['ka'] = array( 'MAIL Server' => 'ელფოსტის სერვერი', 'Antivirus' => 'ანტივირუსი', 'AntiSpam' => 'ანტისპამი', + 'Use Web Domain SSL Certificate' => 'Use Web Domain SSL Certificate', 'Webmail URL' => 'ვებფოსტის URL', 'MySQL Support' => 'MySQL-ის მხარდაჭერა', 'phpMyAdmin URL' => 'phpMyAdmin-ის URL', diff --git a/web/inc/i18n/ko.php b/web/inc/i18n/ko.php index a032f265..1b09de25 100644 --- a/web/inc/i18n/ko.php +++ b/web/inc/i18n/ko.php @@ -559,6 +559,7 @@ $LANG['ko'] = array( 'MAIL Server' => 'MAIL 서버', 'Antivirus' => '바이러스 필터링', 'AntiSpam' => '스팸 필터링', + 'Use Web Domain SSL Certificate' => 'Use Web Domain SSL Certificate', 'Webmail URL' => '웹메일 주소', 'MySQL Support' => 'MySQL 지원', 'phpMyAdmin URL' => 'phpMyAdmin 주소', diff --git a/web/inc/i18n/nl.php b/web/inc/i18n/nl.php index fc86a88b..851fe46d 100644 --- a/web/inc/i18n/nl.php +++ b/web/inc/i18n/nl.php @@ -563,6 +563,7 @@ $LANG['nl'] = array( 'MAIL Server' => 'MAIL Server', 'Antivirus' => 'Antivirus', 'AntiSpam' => 'AntiSpam', + 'Use Web Domain SSL Certificate' => 'Use Web Domain SSL Certificate', 'Webmail URL' => 'Webmail URL', 'MySQL Support' => 'MySQL Support', 'phpMyAdmin URL' => 'phpMyAdmin URL', diff --git a/web/inc/i18n/no.php b/web/inc/i18n/no.php index 45c23f22..fe026f39 100644 --- a/web/inc/i18n/no.php +++ b/web/inc/i18n/no.php @@ -560,6 +560,7 @@ $LANG['no'] = array( 'MAIL Server' => 'MAIL Server', 'Antivirus' => 'Antivirus', 'AntiSpam' => 'AntiSpam', + 'Use Web Domain SSL Certificate' => 'Use Web Domain SSL Certificate', 'Webmail URL' => 'Webmail URL', 'MySQL Support' => 'MySQL Support', 'phpMyAdmin URL' => 'phpMyAdmin URL', diff --git a/web/inc/i18n/pl.php b/web/inc/i18n/pl.php index 23c8016c..e649a22c 100644 --- a/web/inc/i18n/pl.php +++ b/web/inc/i18n/pl.php @@ -560,6 +560,7 @@ $LANG['pl'] = array( 'MAIL Server' => 'MAIL Server', 'Antivirus' => 'Antivirus', 'AntiSpam' => 'AntiSpam', + 'Use Web Domain SSL Certificate' => 'Use Web Domain SSL Certificate', 'Webmail URL' => 'Webmail URL', 'MySQL Support' => 'MySQL Support', 'phpMyAdmin URL' => 'phpMyAdmin URL', diff --git a/web/inc/i18n/pt-BR.php b/web/inc/i18n/pt-BR.php index 686af900..303ae53f 100644 --- a/web/inc/i18n/pt-BR.php +++ b/web/inc/i18n/pt-BR.php @@ -559,6 +559,7 @@ $LANG['pt-BR'] = array( 'MAIL Server' => 'Servidor de E-MAIL', 'Antivirus' => 'Antivirus', 'AntiSpam' => 'AntiSpam', + 'Use Web Domain SSL Certificate' => 'Use Web Domain SSL Certificate', 'Webmail URL' => 'Webmail URL', 'MySQL Support' => 'Suporte MySQL', 'phpMyAdmin URL' => 'phpMyAdmin URL', diff --git a/web/inc/i18n/pt.php b/web/inc/i18n/pt.php index ec1eb670..02d3bf51 100644 --- a/web/inc/i18n/pt.php +++ b/web/inc/i18n/pt.php @@ -559,6 +559,7 @@ $LANG['pt'] = array( 'MAIL Server' => 'MAIL Server', 'Antivirus' => 'Antivirus', 'AntiSpam' => 'AntiSpam', + 'Use Web Domain SSL Certificate' => 'Use Web Domain SSL Certificate', 'Webmail URL' => 'Webmail URL', 'MySQL Support' => 'MySQL Support', 'phpMyAdmin URL' => 'phpMyAdmin URL', diff --git a/web/inc/i18n/ro.php b/web/inc/i18n/ro.php index 0a9e93e3..5b70f5d5 100644 --- a/web/inc/i18n/ro.php +++ b/web/inc/i18n/ro.php @@ -561,6 +561,7 @@ $LANG['ro'] = array( 'MAIL Server' => 'Server MAIL', 'Antivirus' => 'Antivirus', 'AntiSpam' => 'AntiSpam', + 'Use Web Domain SSL Certificate' => 'Foloseşte certificatul SSL din domeniul WEB', 'Webmail URL' => 'URL Webmail', 'MySQL Support' => 'Suport MySQL', 'phpMyAdmin URL' => 'URL phpMyAdmin', diff --git a/web/inc/i18n/ru.php b/web/inc/i18n/ru.php index a109056c..58829fad 100644 --- a/web/inc/i18n/ru.php +++ b/web/inc/i18n/ru.php @@ -561,6 +561,7 @@ $LANG['ru'] = array( 'MAIL Server' => 'MAIL Сервер', 'Antivirus' => 'Антивирус', 'AntiSpam' => 'АнтиСпам', + 'Use Web Domain SSL Certificate' => 'Использовать SSL сертификат веб домена', 'Webmail URL' => 'Webmail URL', 'MySQL Support' => 'Поддержка MySQL', 'phpMyAdmin URL' => 'phpMyAdmin URL', diff --git a/web/inc/i18n/se.php b/web/inc/i18n/se.php index 87bb1910..96c5af9c 100644 --- a/web/inc/i18n/se.php +++ b/web/inc/i18n/se.php @@ -559,6 +559,7 @@ $LANG['se'] = array( 'MAIL Server' => 'MAIL Server', 'Antivirus' => 'Antivirus', 'AntiSpam' => 'AntiSpam', + 'Use Web Domain SSL Certificate' => 'Use Web Domain SSL Certificate', 'Webmail URL' => 'Webmail URL', 'MySQL Support' => 'MySQL Support', 'phpMyAdmin URL' => 'phpMyAdmin URL', diff --git a/web/inc/i18n/sr.php b/web/inc/i18n/sr.php index dc1f315c..759ab6c9 100644 --- a/web/inc/i18n/sr.php +++ b/web/inc/i18n/sr.php @@ -559,6 +559,7 @@ $LANG['sr'] = array( 'MAIL Server' => 'MAIL Server', 'Antivirus' => 'Antivirus', 'AntiSpam' => 'AntiSpam', + 'Use Web Domain SSL Certificate' => 'Use Web Domain SSL Certificate', 'Webmail URL' => 'Webmail URL', 'MySQL Support' => 'MySQL podrška', 'phpMyAdmin URL' => 'phpMyAdmin URL', diff --git a/web/inc/i18n/th.php b/web/inc/i18n/th.php index 07beb85e..2878192f 100644 --- a/web/inc/i18n/th.php +++ b/web/inc/i18n/th.php @@ -562,6 +562,7 @@ $LANG['th'] = array( 'MAIL Server' => 'เซิร์ฟเวอร์เมล', 'Antivirus' => 'ป้องกันไวรัส', 'AntiSpam' => 'ป้องกันเมลขยะ', + 'Use Web Domain SSL Certificate' => 'Use Web Domain SSL Certificate', 'Webmail URL' => 'Webmail URL', 'MySQL Support' => 'สนับสนุน MySQL', 'phpMyAdmin URL' => 'phpMyAdmin URL', diff --git a/web/inc/i18n/tr.php b/web/inc/i18n/tr.php index 7f2875b9..a7fadc43 100644 --- a/web/inc/i18n/tr.php +++ b/web/inc/i18n/tr.php @@ -560,6 +560,7 @@ $LANG['tr'] = array( 'MAIL Server' => 'MAIL Server', 'Antivirus' => 'Antivirus', 'AntiSpam' => 'AntiSpam', + 'Use Web Domain SSL Certificate' => 'Use Web Domain SSL Certificate', 'Webmail URL' => 'Webmail URL', 'MySQL Support' => 'MySQL Support', 'phpMyAdmin URL' => 'phpMyAdmin URL', diff --git a/web/inc/i18n/tw.php b/web/inc/i18n/tw.php index d35cba4a..d421cf87 100644 --- a/web/inc/i18n/tw.php +++ b/web/inc/i18n/tw.php @@ -564,6 +564,7 @@ $LANG['tw'] = array( 'MAIL Server' => 'MAIL 伺服器', 'Antivirus' => '病毒防護', 'AntiSpam' => '垃圾郵件防護', + 'Use Web Domain SSL Certificate' => 'Use Web Domain SSL Certificate', 'Webmail URL' => 'Webmail 路徑', 'MySQL Support' => 'MySQL 支援', 'phpMyAdmin URL' => 'phpMyAdmin 路徑', diff --git a/web/inc/i18n/ua.php b/web/inc/i18n/ua.php index cf47496d..136cc73f 100644 --- a/web/inc/i18n/ua.php +++ b/web/inc/i18n/ua.php @@ -560,6 +560,7 @@ $LANG['ua'] = array( 'MAIL Server' => 'MAIL сервер', 'Antivirus' => 'Антивірус', 'AntiSpam' => 'АнтиСпам', + 'Use Web Domain SSL Certificate' => 'Використовувати SSL сертифікат веб домену', 'Webmail URL' => 'Webmail URL', 'MySQL Support' => 'Підтримка MySQL', 'phpMyAdmin URL' => 'phpMyAdmin URL', diff --git a/web/inc/i18n/ur.php b/web/inc/i18n/ur.php index d01a401d..960e5631 100644 --- a/web/inc/i18n/ur.php +++ b/web/inc/i18n/ur.php @@ -548,6 +548,7 @@ $LANG['ur'] = array( 'MAIL Server' => 'میل سرور', 'Antivirus' => 'اینٹی وائرس', 'AntiSpam' => 'اینٹی سپیم', + 'Use Web Domain SSL Certificate' => 'Use Web Domain SSL Certificate', 'Webmail URL' => 'ویب میل URL', 'MySQL Support' => 'ایس کیو ایل کی معاونت کی', 'phpMyAdmin URL' => 'phpMyAdmin کے یو آر ایل', diff --git a/web/inc/i18n/vi.php b/web/inc/i18n/vi.php index 40d40cbe..2de145b4 100644 --- a/web/inc/i18n/vi.php +++ b/web/inc/i18n/vi.php @@ -562,6 +562,7 @@ $LANG['vi'] = array( 'MAIL Server' => 'Máy chủ MAIL', 'Antivirus' => 'Trình diệt virus', 'AntiSpam' => 'Trình chống spam', + 'Use Web Domain SSL Certificate' => 'Use Web Domain SSL Certificate', 'Webmail URL' => 'Đường dẫn Webmail', 'MySQL Support' => 'Hỗ trợ MySQL', 'phpMyAdmin URL' => 'Đường dẫn phpMyAdmin', From 180d9101316db6f0d8c2e5f35949dc3f8567c05b Mon Sep 17 00:00:00 2001 From: Serghey Rodin Date: Thu, 14 Mar 2019 14:58:19 +0200 Subject: [PATCH 117/197] inverted trigger condition --- bin/v-add-web-domain-ssl | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/bin/v-add-web-domain-ssl b/bin/v-add-web-domain-ssl index d7a209f1..43e5cce3 100755 --- a/bin/v-add-web-domain-ssl +++ b/bin/v-add-web-domain-ssl @@ -121,14 +121,14 @@ $BIN/v-restart-proxy $restart check_result $? "Proxy restart failed" >/dev/null # Updating system ssl dependencies -if [ -z "$VESTA_CERTIFICATE" ]; then +if [ ! -z "$VESTA_CERTIFICATE" ]; then crt_user=$(echo "$VESTA_CERTIFICATE" |cut -f 1 -d :) crt_domain=$(echo "$VESTA_CERTIFICATE" |cut -f 2 -d :) if [ "$user" = "$crt_user" ] && [ "$domain" = "$crt_domain" ]; then $BIN/v-add-sys-vesta-ssl $user $domain >/dev/null 2>&1 fi fi -if [ -z "$MAIL_CERTIFICATE" ]; then +if [ ! -z "$MAIL_CERTIFICATE" ]; then crt_user=$(echo "$MAIL_CERTIFICATE" |cut -f 1 -d :) crt_domain=$(echo "$MAIL_CERTIFICATE" |cut -f 2 -d :) if [ "$user" = "$crt_user" ] && [ "$domain" = "$crt_domain" ]; then From 1f4080473504e50d4831afd8d2f6a9fea1e9cc7b Mon Sep 17 00:00:00 2001 From: pablobae Date: Thu, 14 Mar 2019 16:07:44 +0100 Subject: [PATCH 118/197] Update v-update-firewall Check sshcustom port is not needed anymore, because after merging pull 1819, the rules file already contains the ssh port correctly (it's not hardcoded anymore. Also, if these lines are not removed, we have change ssh port, and we try to add a new rule with port 22 (v-add-firewall-rule DROP 0.0.0.0/0 22 tcp ssh) , these lines will change port 22 to current ssh port on rules.conf file, and we will be blocked. --- bin/v-update-firewall | 5 ----- 1 file changed, 5 deletions(-) diff --git a/bin/v-update-firewall b/bin/v-update-firewall index da91acc8..46e2073a 100755 --- a/bin/v-update-firewall +++ b/bin/v-update-firewall @@ -51,11 +51,6 @@ if [ $? -ne 0 ]; then conntrack_ftp='no' fi -# Checking custom OpenSSH port -sshport=$(grep '^Port ' /etc/ssh/sshd_config | head -1 | cut -d ' ' -f 2) -if [[ "$sshport" =~ ^[0-9]+$ ]] && [ "$sshport" -ne "22" ]; then - sed -i "s/PORT='22'/PORT=\'$sshport\'/" $rules -fi # Creating temporary file tmp=$(mktemp) From aeee40865e51d52c3f190a678ec0393969175376 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Luka=20Paunovi=C4=87?= Date: Thu, 21 Mar 2019 16:50:29 +0100 Subject: [PATCH 119/197] Fixing blowfish_secret length (too short) phpMyAdmin "screams", we should be using length of 32 characters for blowfish_secret. --- install/vst-install-rhel.sh | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/install/vst-install-rhel.sh b/install/vst-install-rhel.sh index b7c2839e..7adee764 100755 --- a/install/vst-install-rhel.sh +++ b/install/vst-install-rhel.sh @@ -83,6 +83,9 @@ gen_pass() { echo "$PASS" } +# Defining 32 char blowfish_secret +blowfish_secret=`openssl rand -base64 32`; + # Defining return code check function check_result() { if [ $1 -ne 0 ]; then @@ -1043,7 +1046,7 @@ if [ "$mysql" = 'yes' ]; then cp -f $vestacp/pma/phpMyAdmin.conf /etc/httpd/conf.d/ fi cp -f $vestacp/pma/config.inc.conf /etc/phpMyAdmin/config.inc.php - sed -i "s/%blowfish_secret%/$(gen_pass)/g" /etc/phpMyAdmin/config.inc.php + sed -i "s/%blowfish_secret%/$blowfish_secret/g" /etc/phpMyAdmin/config.inc.php fi From 5d9265f84f062f0b685e3c2819ee5a45ae55cf9c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Luka=20Paunovi=C4=87?= Date: Thu, 21 Mar 2019 16:52:59 +0100 Subject: [PATCH 120/197] Fixing blowfish_secret length (too short) Fixing blowfish_secret length (too short) --- install/vst-install-amazon.sh | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/install/vst-install-amazon.sh b/install/vst-install-amazon.sh index 8dbdaa14..e23d9997 100644 --- a/install/vst-install-amazon.sh +++ b/install/vst-install-amazon.sh @@ -74,6 +74,9 @@ gen_pass() { echo "$PASS" } +# Defining 32 char blowfish_secret +blowfish_secret=`openssl rand -base64 32`; + # Defining return code check function check_result() { if [ $1 -ne 0 ]; then @@ -1023,7 +1026,7 @@ if [ "$mysql" = 'yes' ]; then cp -f $vestacp/pma/phpMyAdmin.conf /etc/httpd/conf.d/ fi cp -f $vestacp/pma/config.inc.conf /etc/phpMyAdmin/config.inc.php - sed -i "s/%blowfish_secret%/$(gen_pass)/g" /etc/phpMyAdmin/config.inc.php + sed -i "s/%blowfish_secret%/$blowfish_secret/g" /etc/phpMyAdmin/config.inc.php fi From a67674c1f2a0c86411aa7d36010190c3beb0522a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Luka=20Paunovi=C4=87?= Date: Thu, 21 Mar 2019 21:25:27 +0100 Subject: [PATCH 121/197] Fixed fixed --- install/vst-install-amazon.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/install/vst-install-amazon.sh b/install/vst-install-amazon.sh index e23d9997..2bae6418 100644 --- a/install/vst-install-amazon.sh +++ b/install/vst-install-amazon.sh @@ -1026,7 +1026,7 @@ if [ "$mysql" = 'yes' ]; then cp -f $vestacp/pma/phpMyAdmin.conf /etc/httpd/conf.d/ fi cp -f $vestacp/pma/config.inc.conf /etc/phpMyAdmin/config.inc.php - sed -i "s/%blowfish_secret%/$blowfish_secret/g" /etc/phpMyAdmin/config.inc.php + sed -i "s#%blowfish_secret#$blowfish_secret#g" /etc/phpMyAdmin/config.inc.php fi From 891dac76fcfff724909bebf8062c23b278a68998 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Luka=20Paunovi=C4=87?= Date: Thu, 21 Mar 2019 21:26:05 +0100 Subject: [PATCH 122/197] Update vst-install-rhel.sh --- install/vst-install-rhel.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/install/vst-install-rhel.sh b/install/vst-install-rhel.sh index 7adee764..f6147bbc 100755 --- a/install/vst-install-rhel.sh +++ b/install/vst-install-rhel.sh @@ -1046,7 +1046,7 @@ if [ "$mysql" = 'yes' ]; then cp -f $vestacp/pma/phpMyAdmin.conf /etc/httpd/conf.d/ fi cp -f $vestacp/pma/config.inc.conf /etc/phpMyAdmin/config.inc.php - sed -i "s/%blowfish_secret%/$blowfish_secret/g" /etc/phpMyAdmin/config.inc.php + sed -i "s#%blowfish_secret#$blowfish_secret#g" /etc/phpMyAdmin/config.inc.php fi From a420465b39c6fd8e3cd417dab3bec7eef4b07d2d Mon Sep 17 00:00:00 2001 From: Olgerdas Date: Wed, 27 Mar 2019 19:35:10 +0200 Subject: [PATCH 123/197] Remove \n from dkim txt output Some DNS providers (like cloudflare) do not allow in dkim txt record \n char. Fix is removing new line symbols (\n). --- bin/v-list-mail-domain-dkim-dns | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/bin/v-list-mail-domain-dkim-dns b/bin/v-list-mail-domain-dkim-dns index d7b3e2a6..8623089e 100755 --- a/bin/v-list-mail-domain-dkim-dns +++ b/bin/v-list-mail-domain-dkim-dns @@ -67,7 +67,7 @@ is_object_valid 'mail' 'DOMAIN' "$domain" # Parsing domain keys if [ -e "$USER_DATA/mail/$domain.pub" ]; then - pub=$(cat $USER_DATA/mail/$domain.pub |grep -v "KEY-----") + pub=$(cat $USER_DATA/mail/$domain.pub |grep -v "KEY-----" |tr -d "\n\r") pub=$(echo "$pub" |sed ':a;N;$!ba;s/\n/\\n/g') else pub="DKIM-SUPPORT-IS-NOT-ACTIVATED" From a181433231553ad101ee2ddd6e4b1eb2bbaa6f57 Mon Sep 17 00:00:00 2001 From: myrevery <16082142+myrevery@users.noreply.github.com> Date: Sun, 31 Mar 2019 05:50:02 +0800 Subject: [PATCH 124/197] Update cn.php Refine some details. Format code and translate new keywords. --- web/inc/i18n/cn.php | 662 ++++++++++++++++++++++---------------------- 1 file changed, 331 insertions(+), 331 deletions(-) diff --git a/web/inc/i18n/cn.php b/web/inc/i18n/cn.php index d2c96311..6b6b9d28 100644 --- a/web/inc/i18n/cn.php +++ b/web/inc/i18n/cn.php @@ -10,104 +10,104 @@ */ $LANG['cn'] = array( - 'Packages' => '用户方案', - 'IP' => 'IP 地址', - 'Graphs' => '资源图表', - 'Statistics' => '统计信息', - 'Log' => '系统日志', - 'Server' => '服务器', - 'Services' => '系统服务', + 'Packages' => '用户方案', + 'IP' => 'IP 地址', + 'Graphs' => '资源图表', + 'Statistics' => '统计信息', + 'Log' => '系统日志', + 'Server' => '服务器', + 'Services' => '系统服务', 'Firewall' => '防火墙', - 'Updates' => '系统更新', - 'Log in' => '登录', - 'Log out' => '登出', + 'Updates' => '系统更新', + 'Log in' => '登录', + 'Log out' => '登出', - 'USER' => '用户账户', - 'WEB' => 'Web 服务', - 'DNS' => 'DNS 服务', - 'MAIL' => '邮箱服务', - 'DB' => '数据库', - 'CRON' => '定时任务', - 'BACKUP' => '数据备份', + 'USER' => '用户账户', + 'WEB' => 'Web 服务', + 'DNS' => 'DNS 服务', + 'MAIL' => '邮箱服务', + 'DB' => '数据库', + 'CRON' => '定时任务', + 'BACKUP' => '数据备份', - 'LOGIN' => '登录', - 'RESET PASSWORD' => '重置密码', - 'SEARCH' => '搜索', - 'PACKAGE' => '用户方案', - 'RRD' => '资源图表', - 'STATS' => '统计信息', - 'LOG' => '系统日志', - 'UPDATES' => '系统更新', - 'FIREWALL' => '防火墙', - 'SERVER' => '服务器', - 'MEMORY' => '内存', - 'DISK' => '磁盘', - 'NETWORK' => '网络', - 'Web Log Manager' => 'Web 日志管理', + 'LOGIN' => '登录', + 'RESET PASSWORD' => '重置密码', + 'SEARCH' => '搜索', + 'PACKAGE' => '用户方案', + 'RRD' => '资源图表', + 'STATS' => '统计信息', + 'LOG' => '系统日志', + 'UPDATES' => '系统更新', + 'FIREWALL' => '防火墙', + 'SERVER' => '服务器', + 'MEMORY' => '内存', + 'DISK' => '磁盘', + 'NETWORK' => '网络', + 'Web Log Manager' => 'Web 日志管理', - 'no notifications' => '没有通知', + 'no notifications' => '没有通知', - 'Add User' => '添加用户', - 'Add Domain' => '添加域名', + 'Add User' => '添加用户', + 'Add Domain' => '添加域名', 'Add Web Domain' => '添加网站域名', - 'Add DNS Domain' => '添加DNS域名', - 'Add DNS Record' => '添加DNS记录', - 'Add Mail Domain' => '添加邮箱域名', - 'Add Mail Account' => '添加邮箱账户', - 'Add Database' => '添加数据库', - 'Add Cron Job' => '添加定时任务', - 'Create Backup' => '创建备份', - 'Configure' => '配置', - 'Restore All' => '全部恢复', - 'Add Package' => '添加方案', - 'Add IP' => '添加IP地址', + 'Add DNS Domain' => '添加DNS域名', + 'Add DNS Record' => '添加DNS记录', + 'Add Mail Domain' => '添加邮箱域名', + 'Add Mail Account' => '添加邮箱账户', + 'Add Database' => '添加数据库', + 'Add Cron Job' => '添加定时任务', + 'Create Backup' => '创建备份', + 'Configure' => '配置', + 'Restore All' => '全部恢复', + 'Add Package' => '添加方案', + 'Add IP' => '添加IP地址', 'Add Rule' => '添加规则', 'Ban IP Address' => '封锁IP地址', - 'Search' => '搜索', + 'Search' => '搜索', 'Add one more FTP Account' => '增加一个FTP账户', - 'Overall Statistics' => '整体统计信息', - 'Daily' => '按天', - 'Weekly' => '按周', - 'Monthly' => '按月', - 'Yearly' => '按年', - 'Add' => '添加', - 'Back' => '返回', - 'Save' => '保存', - 'Submit' => '提交', + 'Overall Statistics' => '整体统计信息', + 'Daily' => '按天', + 'Weekly' => '按周', + 'Monthly' => '按月', + 'Yearly' => '按年', + 'Add' => '添加', + 'Back' => '返回', + 'Save' => '保存', + 'Submit' => '提交', - 'toggle all' => '批量操作', - 'apply to selected' => '应用于选中项的操作', - 'rebuild' => '重建', - 'rebuild web' => '重建网站', - 'rebuild dns' => '重建DNS', - 'rebuild mail' => '重建邮箱', - 'rebuild db' => '重建数据库', - 'rebuild cron' => '重建定时任务', - 'update counters' => '更新计数器', - 'suspend' => '暂停', - 'unsuspend' => '解除暂停', - 'delete' => '删除', - 'show per user' => '按用户显示', - 'login as' => '登录至账户', - 'logout' => '登出', - 'edit' => '编辑', - 'open webstats' => '打开网站统计', - 'view logs' => '查看日志', - 'list records' => '列出 %s 条记录', - 'add record' => '添加记录', - 'list accounts' => '列出 %s 个账户', - 'add account' => '添加账户', - 'open webmail' => '打开网页邮箱', + 'toggle all' => '批量操作', + 'apply to selected' => '应用于选中项的操作', + 'rebuild' => '重建', + 'rebuild web' => '重建网站', + 'rebuild dns' => '重建DNS', + 'rebuild mail' => '重建邮箱', + 'rebuild db' => '重建数据库', + 'rebuild cron' => '重建定时任务', + 'update counters' => '更新计数器', + 'suspend' => '暂停', + 'unsuspend' => '解除暂停', + 'delete' => '删除', + 'show per user' => '按用户显示', + 'login as' => '登录至账户', + 'logout' => '登出', + 'edit' => '编辑', + 'open webstats' => '打开网站统计', + 'view logs' => '查看日志', + 'list records' => '列出 %s 条记录', + 'add record' => '添加记录', + 'list accounts' => '列出 %s 个账户', + 'add account' => '添加账户', + 'open webmail' => '打开网页邮箱', 'list fail2ban' => 'Fail2ban 封锁名单', - 'open %s' => '打开 %s', - 'download' => '下载', - 'restore' => '恢复', - 'configure restore settings' => '配置恢复', - 'stop' => '停止', - 'start' => '启动', - 'restart' => '重新启动', - 'update' => '更新', - 'generate' => '生成', + 'open %s' => '打开 %s', + 'download' => '下载', + 'restore' => '恢复', + 'configure restore settings' => '配置恢复', + 'stop' => '停止', + 'start' => '启动', + 'restart' => '重新启动', + 'update' => '更新', + 'generate' => '生成', 'Generate CSR' => '生成CSR', 'reread IP' => '重新读取IP', 'enable autoupdate' => '启用自动更新', @@ -116,41 +116,41 @@ $LANG['cn'] = array( 'turn off notifications' => '停用通知', 'configure' => '配置', - 'Adding User' => '添加用户', - 'Editing User' => '编辑用户', - 'Adding Domain' => '添加域名', - 'Editing Domain' => '编辑域名', - 'Adding DNS Domain' => '添加DNS域名', - 'Editing DNS Domain' => '编辑DNS域名', - 'Adding DNS Record' => '添加DNS记录', - 'Editing DNS Record' => '编辑DNS记录', - 'Adding Mail Domain' => '添加邮箱域名', - 'Editing Mail Domain' => '编辑邮箱域名', - 'Adding Mail Account' => '添加邮箱账户', - 'Editing Mail Account' => '编辑邮箱账户', - 'Adding database' => '添加数据库', - 'Editing Cron Job' => '编辑定时任务', - 'Adding Cron Job' => '添加定时任务', - 'Editing Database' => '编辑数据库', - 'Adding Package' => '添加方案', - 'Editing Package' => '编辑方案', - 'Adding IP address' => '添加IP地址', - 'Editing IP Address' => '编辑IP地址', + 'Adding User' => '添加用户', + 'Editing User' => '编辑用户', + 'Adding Domain' => '添加域名', + 'Editing Domain' => '编辑域名', + 'Adding DNS Domain' => '添加DNS域名', + 'Editing DNS Domain' => '编辑DNS域名', + 'Adding DNS Record' => '添加DNS记录', + 'Editing DNS Record' => '编辑DNS记录', + 'Adding Mail Domain' => '添加邮箱域名', + 'Editing Mail Domain' => '编辑邮箱域名', + 'Adding Mail Account' => '添加邮箱账户', + 'Editing Mail Account' => '编辑邮箱账户', + 'Adding database' => '添加数据库', + 'Editing Cron Job' => '编辑定时任务', + 'Adding Cron Job' => '添加定时任务', + 'Editing Database' => '编辑数据库', + 'Adding Package' => '添加方案', + 'Editing Package' => '编辑方案', + 'Adding IP address' => '添加IP地址', + 'Editing IP Address' => '编辑IP地址', 'Editing Backup Exclusions' => '配置需排除备份的项目', 'Generating CSR' => '生成CSR', - 'Listing' => '列出', - 'Search Results' => '搜索结果', + 'Listing' => '列出', + 'Search Results' => '搜索结果', 'Adding Firewall Rule' => '添加防火墙规则', 'Editing Firewall Rule' => '编辑防火墙规则', 'Adding IP Address to Banlist' => '添加IP至封锁名单', - 'active' => '正常', - 'spnd' => '暂停', - 'suspended' => '已暂停', - 'running' => '运行中', - 'stopped' => '已停止', - 'outdated' => '可升级新版本', - 'updated' => '已是最新版本', + 'active' => '正常', + 'spnd' => '暂停', + 'suspended' => '已暂停', + 'running' => '运行中', + 'stopped' => '已停止', + 'outdated' => '可升级新版本', + 'updated' => '已是最新版本', 'yes' => '是', 'no' => '否', @@ -185,13 +185,13 @@ $LANG['cn'] = array( 'per domain' => '每域名', 'DNS Domains' => 'DNS域名', 'DNS domains' => 'DNS域名', - 'DNS records' => 'DNS记录', + 'DNS records' => 'DNS记录', 'Name Servers' => 'DNS服务器', 'Mail Domains' => '邮箱域名', 'Mail Accounts' => '邮箱账户', 'Cron Jobs' => '定时任务', 'SSH Access' => 'SSH权限', - 'IP Address' => 'IP地址', + 'IP Address' => 'IP地址', 'IP Addresses' => 'IP地址', 'Backups' => '备份', 'Backup System' => '备份系统', @@ -199,19 +199,19 @@ $LANG['cn'] = array( 'template' => '模板', 'SSL Support' => '启用SSL', 'SSL Home Directory' => 'SSL站点主目录', - 'Lets Encrypt Support' => '采用 Let's Encrypt', - 'Lets Encrypt' => 'Let's Encrypt', + 'Lets Encrypt Support' => '采用 Let's Encrypt', + 'Lets Encrypt' => 'Let's Encrypt', 'Your certificate will be automatically issued in 5 minutes' => '证书将在5分钟内自动完成签发', 'Proxy Support' => '反向代理', 'Proxy Extensions' => '需代理的文件扩展名', 'Web Statistics' => '网站统计', 'Additional FTP Account' => '额外的FTP账户', - 'Path' => '路径', + 'Path' => '路径', 'SOA' => 'SOA', 'TTL' => 'TTL', 'Expire' => '过期', 'Records' => '记录', - 'Serial' => '序号', + 'Serial' => '序号', 'Catchall email' => '未知收件人聚合邮箱', 'AntiVirus Support' => '防病毒支持', 'AntiSpam Support' => '防垃圾邮件支持', @@ -221,16 +221,16 @@ $LANG['cn'] = array( 'Autoreply' => '自动回复', 'Forward to' => '转发到', 'Do not store forwarded mail' => '不保留已转发的邮件', - 'IMAP hostname' => 'IMAP 服务器', - 'IMAP port' => 'IMAP 端口', - 'IMAP security' => 'IMAP 安全性', - 'IMAP auth method' => 'IMAP 身份验证', - 'SMTP hostname' => 'SMTP 服务器', - 'SMTP port' => 'SMTP 端口', - 'SMTP security' => 'SMTP 安全性', - 'SMTP auth method' => 'SMTP 身份验证', - 'STARTTLS' => 'STARTTLS', - 'Normal password' => '普通密码', + 'IMAP hostname' => 'IMAP 服务器', + 'IMAP port' => 'IMAP 端口', + 'IMAP security' => 'IMAP 安全类型', + 'IMAP auth method' => 'IMAP 身份验证', + 'SMTP hostname' => 'SMTP 服务器', + 'SMTP port' => 'SMTP 端口', + 'SMTP security' => 'SMTP 安全类型', + 'SMTP auth method' => 'SMTP 身份验证', + 'STARTTLS' => 'STARTTLS', + 'Normal password' => '普通密码', 'database' => '数据库', 'User' => '用户名称', 'Host' => '主机', @@ -249,137 +249,137 @@ $LANG['cn'] = array( 'shared' => '共享', 'dedicated' => '独立', 'Owner' => '归属', - 'Users' => '用户', - 'Load Average' => '平均负载', - 'Memory Usage' => '内存使用情况', - 'APACHE2 Usage' => 'Apache2 使用情况', - 'HTTPD Usage' => 'HTTPD 使用情况', - 'NGINX Usage' => 'NGINX 使用情况', - 'MySQL Usage on localhost' => 'MySQL 使用情况 (localhost)', - 'PostgreSQL Usage on localhost' => 'PostgreSQL 使用情况 (localhost)', - 'Bandwidth Usage eth0' => '网络使用情况 (eth0)', - 'Bandwidth Usage eth1' => '网络使用情况 (eth1)', - 'Bandwidth Usage venet0' => '网络使用情况 (venet0)', - 'Bandwidth Usage venet1' => '网络使用情况 (venet1)', - 'Exim Usage' => 'Exim 使用情况', - 'FTP Usage' => 'FTP 使用情况', - 'SSH Usage' => 'SSH 使用情况', - 'reverse proxy' => '反向代理', - 'web server' => 'Web服务', + 'Users' => '用户', + 'Load Average' => '平均负载', + 'Memory Usage' => '内存使用情况', + 'APACHE2 Usage' => 'Apache2 使用情况', + 'HTTPD Usage' => 'HTTPD 使用情况', + 'NGINX Usage' => 'NGINX 使用情况', + 'MySQL Usage on localhost' => 'MySQL 使用情况 (localhost)', + 'PostgreSQL Usage on localhost' => 'PostgreSQL 使用情况 (localhost)', + 'Bandwidth Usage eth0' => '网络使用情况 (eth0)', + 'Bandwidth Usage eth1' => '网络使用情况 (eth1)', + 'Bandwidth Usage venet0' => '网络使用情况 (venet0)', + 'Bandwidth Usage venet1' => '网络使用情况 (venet1)', + 'Exim Usage' => 'Exim 使用情况', + 'FTP Usage' => 'FTP 使用情况', + 'SSH Usage' => 'SSH 使用情况', + 'reverse proxy' => '反向代理', + 'web server' => 'Web服务', 'backend server' => '后端服务', //New Keyword for PHP-FPM in SERVER page. - 'dns server' => 'DNS服务', - 'mail server' => '邮箱服务', - 'pop/imap server' => 'POP/IMAP服务', - 'email antivirus' => '邮箱防病毒', - 'email antispam' => '防垃圾邮件', - 'database server' => '数据库服务', - 'ftp server' => 'FTP服务', - 'job scheduler' => '执行定时任务', - 'firewall' => '防火墙服务', - 'brute-force monitor' => '防范暴力攻击', - 'CPU' => 'CPU', - 'Memory' => '内存', - 'Uptime' => '已运行时间', - 'core package' => '核心系统', - 'php interpreter' => 'PHP解释器', - 'internal web server' => '内部Web服务', - 'Version' => '版本', - 'Release' => '发布号', - 'Architecture' => '架构', - 'Object' => '对象', - 'Username' => '用户名称', - 'Password' => '密码', - 'Email' => '电子邮箱', - 'Package' => '方案', - 'Language' => '语言', - 'First Name' => '名字', - 'Last Name' => '姓氏', - 'Send login credentials to email address' => '将登录信息发送到邮箱', - 'Default Template' => '默认模板', - 'Default Name Servers' => '默认DNS服务器', - 'Domain' => '域名', - 'DNS Support' => 'DNS支持', - 'Mail Support' => '邮箱支持', - 'Advanced options' => '高级选项', - 'Basic options' => '基本选项', - 'Aliases' => '别名', - 'SSL Certificate' => 'SSL证书', - 'SSL Key' => 'SSL密钥', - 'SSL Certificate Authority / Intermediate' => 'CA证书或中级证书', + 'dns server' => 'DNS服务', + 'mail server' => '邮箱服务', + 'pop/imap server' => 'POP/IMAP服务', + 'email antivirus' => '邮箱防病毒', + 'email antispam' => '防垃圾邮件', + 'database server' => '数据库服务', + 'ftp server' => 'FTP服务', + 'job scheduler' => '执行定时任务', + 'firewall' => '防火墙服务', + 'brute-force monitor' => '防范暴力攻击', + 'CPU' => 'CPU', + 'Memory' => '内存', + 'Uptime' => '已运行时间', + 'core package' => '核心系统', + 'php interpreter' => 'PHP解释器', + 'internal web server' => '内部Web服务', + 'Version' => '版本', + 'Release' => '发布号', + 'Architecture' => '架构', + 'Object' => '对象', + 'Username' => '用户名称', + 'Password' => '密码', + 'Email' => '电子邮箱', + 'Package' => '方案', + 'Language' => '语言', + 'First Name' => '名字', + 'Last Name' => '姓氏', + 'Send login credentials to email address' => '将登录信息发送到邮箱', + 'Default Template' => '默认模板', + 'Default Name Servers' => '默认DNS服务器', + 'Domain' => '域名', + 'DNS Support' => 'DNS支持', + 'Mail Support' => '邮箱支持', + 'Advanced options' => '高级选项', + 'Basic options' => '基本选项', + 'Aliases' => '别名', + 'SSL Certificate' => 'SSL证书', + 'SSL Key' => 'SSL密钥', + 'SSL Certificate Authority / Intermediate' => 'CA证书或中级证书', 'SSL CSR' => 'SSL CSR', - 'optional' => '可选', + 'optional' => '可选', 'internal' => '内部', - 'Statistics Authorization' => '统计授权', - 'Statistics Auth' => '统计验证', - 'Account' => '账户', - 'Prefix will be automaticaly added to username' => '用户名称将会自动添加 %s 前缀', - 'Send FTP credentials to email' => '将FTP登录信息发送到邮箱', - 'Expiration Date' => '到期日期', - 'YYYY-MM-DD' => 'YYYY-MM-DD', - 'Name servers' => 'DNS服务器', - 'Record' => '记录', - 'IP or Value' => 'IP或值', - 'Priority' => '优先级', + 'Statistics Authorization' => '统计授权', + 'Statistics Auth' => '统计验证', + 'Account' => '账户', + 'Prefix will be automaticaly added to username' => '用户名称将会自动添加 %s 前缀', + 'Send FTP credentials to email' => '将FTP登录信息发送到邮箱', + 'Expiration Date' => '到期日期', + 'YYYY-MM-DD' => 'YYYY-MM-DD', + 'Name servers' => 'DNS服务器', + 'Record' => '记录', + 'IP or Value' => 'IP或值', + 'Priority' => '优先级', 'Record Number' => '记录编号', - 'in megabytes' => '以MB为单位', - 'Message' => '信息', - 'use local-part' => '采用 local-part', - 'one or more email addresses' => '一个或更多邮箱地址', - 'Prefix will be automaticaly added to database name and database user' => '数据库名及用户名将会自动添加 %s 前缀', - 'Database' => '数据库名称', - 'Type' => '类型', - 'Minute' => '分', - 'Command' => '指令', - 'Package Name' => '方案名称', - 'Netmask' => '子网掩码', - 'Interface' => '网络接口', - 'Shared' => '共享', - 'Assigned user' => '指定用户', - 'Assigned domain' => '指定域名', + 'in megabytes' => '以MB为单位', + 'Message' => '信息', + 'use local-part' => '使用域内部分', + 'one or more email addresses' => '一个或更多邮箱地址', + 'Prefix will be automaticaly added to database name and database user' => '数据库名及用户名将会自动添加 %s 前缀', + 'Database' => '数据库名称', + 'Type' => '类型', + 'Minute' => '分', + 'Command' => '指令', + 'Package Name' => '方案名称', + 'Netmask' => '子网掩码', + 'Interface' => '网络接口', + 'Shared' => '共享', + 'Assigned user' => '指定用户', + 'Assigned domain' => '指定域名', 'NAT IP association' => 'NAT IP 关联', - 'shell' => 'shell', - 'web domains' => '网站域名', - 'web aliases' => '网站别名', - 'dns records' => 'DNS记录', - 'mail domains' => '邮箱域名', - 'mail accounts' => '邮箱账户', - 'accounts' => '账户', - 'databases' => '数据库', - 'cron jobs' => '定时任务', - 'backups' => '备份', - 'quota' => '配额', - 'day of week' => '星期几', - 'cmd' => '指令', - 'users' => '用户', - 'domains' => '域名', - 'aliases' => '别名', - 'records' => '记录', - 'jobs' => '任务', - 'username' => '用户名称', - 'password' => '密码', - 'type' => '类型', - 'charset' => '编码', - 'domain' => '域名', - 'ip' => 'IP', - 'ip address' => 'IP地址', - 'IP address' => 'IP地址', - 'netmask' => '子网掩码', - 'interface' => '网络接口', - 'assigned user' => '指定用户', - 'ns1' => 'ns1', - 'ns2' => 'ns2', - 'user' => '用户', - 'email' => '邮箱', - 'first name' => '名字', - 'last name' => '姓氏', - 'account' => '账户', - 'ssl certificate' => 'SSL证书', - 'ssl key' => 'SSL密钥', - 'stats user password' => '统计用户账户密码', - 'stats username' => '统计用户名称', - 'stats password' => '统计密码', - 'ftp user password' => 'FTP用户账户密码', - 'ftp user' => 'FTP用户', + 'shell' => 'shell', + 'web domains' => '网站域名', + 'web aliases' => '网站别名', + 'dns records' => 'DNS记录', + 'mail domains' => '邮箱域名', + 'mail accounts' => '邮箱账户', + 'accounts' => '账户', + 'databases' => '数据库', + 'cron jobs' => '定时任务', + 'backups' => '备份', + 'quota' => '配额', + 'day of week' => '星期几', + 'cmd' => '指令', + 'users' => '用户', + 'domains' => '域名', + 'aliases' => '别名', + 'records' => '记录', + 'jobs' => '任务', + 'username' => '用户名称', + 'password' => '密码', + 'type' => '类型', + 'charset' => '编码', + 'domain' => '域名', + 'ip' => 'IP', + 'ip address' => 'IP地址', + 'IP address' => 'IP地址', + 'netmask' => '子网掩码', + 'interface' => '网络接口', + 'assigned user' => '指定用户', + 'ns1' => 'ns1', + 'ns2' => 'ns2', + 'user' => '用户', + 'email' => '邮箱', + 'first name' => '名字', + 'last name' => '姓氏', + 'account' => '账户', + 'ssl certificate' => 'SSL证书', + 'ssl key' => 'SSL密钥', + 'stats user password' => '统计用户账户密码', + 'stats username' => '统计用户名称', + 'stats password' => '统计密码', + 'ftp user password' => 'FTP用户账户密码', + 'ftp user' => 'FTP用户', 'Last 70 lines of %s.%s.log' => '%s.%s.log 的最后 70 行', 'AccessLog' => '访问日志', 'ErrorLog' => '错误日志', @@ -417,48 +417,48 @@ $LANG['cn'] = array( 'cron' => '任务', 'user dir' => '用户目录', - 'unlimited' => '无限', - '1 account' => '1 个账户', - '%s accounts' => '%s 个账户', - '1 domain' => '1 个域名', - '%s domains' => '%s 个域名', - '1 record' => '1 条记录', - '%s records' => '%s 条记录', - '1 mail account' => '1 个邮箱账户', - '%s mail accounts' => '%s 个邮箱账户', - '1 database' => '1 个数据库', - '%s databases' => '%s 个数据库', - '1 cron job' => '1 个任务', - '%s cron jobs' => '%s 个任务', - '1 archive' => '1 个存档', - '%s archives' => '%s 个存档', - '1 item' => '1 个项目', - '%s items' => '%s 个项目', - '1 package' => '1 个方案', - '%s packages' => '%s 个方案', - '1 IP address' => '1 个IP地址', - '%s IP addresses' => '%s 个IP地址', - '1 month' => '1 个月', - '%s months' => '%s 个月', - '1 log record' => '1 条日志记录', - '%s log records' => '%s 条日志记录', - '1 object' => '1 个对象', - '%s objects' => '%s 个对象', + 'unlimited' => '无限', + '1 account' => '1 个账户', + '%s accounts' => '%s 个账户', + '1 domain' => '1 个域名', + '%s domains' => '%s 个域名', + '1 record' => '1 条记录', + '%s records' => '%s 条记录', + '1 mail account' => '1 个邮箱账户', + '%s mail accounts' => '%s 个邮箱账户', + '1 database' => '1 个数据库', + '%s databases' => '%s 个数据库', + '1 cron job' => '1 个任务', + '%s cron jobs' => '%s 个任务', + '1 archive' => '1 个存档', + '%s archives' => '%s 个存档', + '1 item' => '1 个项目', + '%s items' => '%s 个项目', + '1 package' => '1 个方案', + '%s packages' => '%s 个方案', + '1 IP address' => '1 个IP地址', + '%s IP addresses' => '%s 个IP地址', + '1 month' => '1 个月', + '%s months' => '%s 个月', + '1 log record' => '1 条日志记录', + '%s log records' => '%s 条日志记录', + '1 object' => '1 个对象', + '%s objects' => '%s 个对象', 'no exclusions' => '没有被排除的项目', '1 rule' => '1 条规则', '%s rules' => '%s 条规则', 'There are no currently banned IP' => '目前没有被封锁的IP地址', - 'USER_CREATED_OK' => '用户 %s 已添加成功', - 'WEB_DOMAIN_CREATED_OK' => '网站域名 %s 已添加成功', - 'DNS_DOMAIN_CREATED_OK' => 'DNS域名 %s 已添加成功', - 'DNS_RECORD_CREATED_OK' => '记录 %s.%s 已添加成功', - 'MAIL_DOMAIN_CREATED_OK' => '邮箱域名 %s 已添加成功', - 'MAIL_ACCOUNT_CREATED_OK' => '邮箱账户 %s@%s 已添加成功', - 'DATABASE_CREATED_OK' => '数据库 %s 已添加成功', - 'CRON_CREATED_OK' => '定时任务已添加成功', - 'IP_CREATED_OK' => 'IP地址 %s 已添加成功', - 'PACKAGE_CREATED_OK' => '方案 %s 已添加成功', + 'USER_CREATED_OK' => '用户 %s 已添加成功', + 'WEB_DOMAIN_CREATED_OK' => '网站域名 %s 已添加成功', + 'DNS_DOMAIN_CREATED_OK' => 'DNS域名 %s 已添加成功', + 'DNS_RECORD_CREATED_OK' => '记录 %s.%s 已添加成功', + 'MAIL_DOMAIN_CREATED_OK' => '邮箱域名 %s 已添加成功', + 'MAIL_ACCOUNT_CREATED_OK' => '邮箱账户 %s@%s 已添加成功', + 'DATABASE_CREATED_OK' => '数据库 %s 已添加成功', + 'CRON_CREATED_OK' => '定时任务已添加成功', + 'IP_CREATED_OK' => 'IP地址 %s 已添加成功', + 'PACKAGE_CREATED_OK' => '方案 %s 已添加成功', 'SSL_GENERATED_OK' => 'SSL证书已生成成功', 'RULE_CREATED_OK' => '规则已创建成功', 'BANLIST_CREATED_OK' => 'IP地址已封锁成功', @@ -466,8 +466,8 @@ $LANG['cn'] = array( 'Autoupdate has been successfully disabled' => '自动更新已成功关闭', 'Cronjob email reporting has been successfully enabled' => '定时任务的电子邮件报告已成功启用', 'Cronjob email reporting has been successfully disabled' => '定时任务的电子邮件报告已成功关闭', - 'Changes has been saved.' => '已保存更改', - 'Confirmation' => '确认', + 'Changes has been saved.' => '已保存更改', + 'Confirmation' => '确认', 'DELETE_USER_CONFIRMATION' => '确定要删除用户 %s 吗?', 'SUSPEND_USER_CONFIRMATION' => '确定要暂停用户 %s 吗?', 'UNSUSPEND_USER_CONFIRMATION' => '确定要解除暂停用户 %s 吗?', @@ -486,31 +486,31 @@ $LANG['cn'] = array( 'DELETE_CRON_CONFIRMATION' => '确定要删除定时任务吗?', 'SUSPEND_CRON_CONFIRMATION' => '确定要暂停定时任务吗?', 'UNSUSPEND_CRON_CONFIRMATION' => '确定要解除暂停定时任务吗?', - 'DELETE_BACKUP_CONFIRMATION' => '确定要删除 %s 备份吗?', + 'DELETE_BACKUP_CONFIRMATION' => '确定要删除 %s 备份吗?', 'DELETE_EXCLUSION_CONFIRMATION' => '确定要删除 %s 例外吗?', - 'DELETE_PACKAGE_CONFIRMATION' => '确定要删除方案 %s 吗?', - 'DELETE_IP_CONFIRMATION' => '确定要删除IP地址 %s 吗?', + 'DELETE_PACKAGE_CONFIRMATION' => '确定要删除方案 %s 吗?', + 'DELETE_IP_CONFIRMATION' => '确定要删除IP地址 %s 吗?', 'DELETE_RULE_CONFIRMATION' => '确定要删除规则 #%s 吗?', 'SUSPEND_RULE_CONFIRMATION' => '确定要暂停规则 #%s 吗?', 'UNSUSPEND_RULE_CONFIRMATION' => '确定要解除暂停规则 #%s 吗?', 'LEAVE_PAGE_CONFIRMATION' => '确定要离开当前页吗?', 'RESTART_CONFIRMATION' => '确定要重新启动 %s 吗?', - 'Welcome' => '欢迎', - 'LOGGED_IN_AS' => '以 %s 的身份登录', - 'Error' => '错误', - 'Invalid username or password' => '无效的用户名称或密码', - 'Invalid username or code' => '无效的用户名称或验证码.', - 'Passwords not match' => '密码错误', - 'Please enter valid email address.' => '请输入正确的邮箱', - 'Field "%s" can not be blank.' => '"%s" 不能为空', - 'Password is too short.' => '密码太短 (至少为6个数字+字母)', - 'Error code:' => '错误代码: %s', - 'SERVICE_ACTION_FAILED' => '"%s" "%s" 失败', + 'Welcome' => '欢迎', + 'LOGGED_IN_AS' => '以 %s 的身份登录', + 'Error' => '错误', + 'Invalid username or password' => '无效的用户名称或密码', + 'Invalid username or code' => '无效的用户名称或验证码.', + 'Passwords not match' => '密码错误', + 'Please enter valid email address.' => '请输入正确的邮箱', + 'Field "%s" can not be blank.' => '"%s" 不能为空', + 'Password is too short.' => '密码太短 (至少为6个数字+字母)', + 'Error code:' => '错误代码: %s', + 'SERVICE_ACTION_FAILED' => '"%s" "%s" 失败', 'IP address is in use' => 'IP地址在使用中', - 'BACKUP_SCHEDULED' => '您的要求已加入队列中,备份完成后会以电子邮件通知您 ', - 'BACKUP_EXISTS' => '已经有一个备份正在执行,请等待备份完成后再操作', - 'RESTORE_SCHEDULED' => '您的要求已加入队列中,恢复完成后会以电子邮件通知您', - 'RESTORE_EXISTS' => '已经有一个恢复正在执行,请等待恢复完成后再操作', + 'BACKUP_SCHEDULED' => '您的要求已加入队列中,备份完成后会以电子邮件通知您 ', + 'BACKUP_EXISTS' => '已经有一个备份正在执行,请等待备份完成后再操作', + 'RESTORE_SCHEDULED' => '您的要求已加入队列中,恢复完成后会以电子邮件通知您', + 'RESTORE_EXISTS' => '已经有一个恢复正在执行,请等待恢复完成后再操作', 'WEB_EXCLUSIONS' => '输入域名,每行一个。要排除所有域名请使用 *。要排除特定目录使用以下格式: domain.com:public_html/cache:public_html/tmp', 'DNS_EXCLUSIONS' => '输入域名,每行一个。要排除所有域名请使用 *', @@ -519,27 +519,27 @@ $LANG['cn'] = array( 'CRON_EXCLUSIONS' => '要排除所有任务请使用 *', 'USER_EXCLUSIONS' => '输入目录名称,每行一个。要排除所有目录请使用 *', - 'Welcome to Vesta Control Panel' => '欢迎来到 Vesta 管理系统', - 'MAIL_FROM' => 'Vesta 管理系统 ', + 'Welcome to Vesta Control Panel' => '欢迎来到 Vesta 管理系统', + 'MAIL_FROM' => 'Vesta 管理系统 ', 'GREETINGS_GORDON_FREEMAN' => "您好, %s %s,\n", 'GREETINGS' => "您好,\n", 'ACCOUNT_READY' => "您的账户已创建成功,并可以开始使用了!\n\nhttps://%s/login/\n用户名称: %s\n密码: %s\n\n--\nVesta Control Panel\n", - 'FTP login credentials' => 'FTP 登录信息', + 'FTP login credentials' => 'FTP 登录信息', 'FTP_ACCOUNT_READY' => "FTP账户已创建成功,并可以开始使用了!\n\n主机名称: %s\n用户名称: %s_%s\n密码: %s\n\n--\nVesta Control Panel\n", - 'Database Credentials' => '数据库登录信息', + 'Database Credentials' => '数据库登录信息', 'DATABASE_READY' => "数据库已添加成功!\n\n数据库名称: %s\n用户名称: %s\n密码: %s\n%s\n\n--\nVesta Control Panel\n", - 'forgot password' => '忘记密码', - 'Confirm' => '确认', - 'New Password' => '新密码', - 'Confirm Password' => '确认密码', - 'Reset' => '重置', - 'Reset Code' => '重置代码', - 'RESET_NOTICE' => '', - 'RESET_CODE_SENT' => '密码重置代码已发送到您的邮箱
    ', - 'MAIL_RESET_SUBJECT' => '密码重置在 %s', + 'forgot password' => '忘记密码', + 'Confirm' => '确认', + 'New Password' => '新密码', + 'Confirm Password' => '确认密码', + 'Reset' => '重置', + 'Reset Code' => '重置代码', + 'RESET_NOTICE' => '', + 'RESET_CODE_SENT' => '密码重置代码已发送到您的邮箱
    ', + 'MAIL_RESET_SUBJECT' => '密码重置在 %s', 'PASSWORD_RESET_REQUEST' => '重置密码请点击链接:\nhttps://%s/reset/?action=confirm&user=%s&code=%s\n\n或者您可以到 https://%s/reset/?action=code&user=%s 输入密码重置代码:\n%s\n\n如果您没有要求重置密码,请忽略此邮件\n\n--\nVesta Control Panel\n', 'Jan' => '01月', @@ -568,7 +568,7 @@ $LANG['cn'] = array( 'MAIL Server' => '邮箱服务器', 'Antivirus' => '防病毒引擎', 'AntiSpam' => '防垃圾邮件', - 'Use Web Domain SSL Certificate' => 'Use Web Domain SSL Certificate', + 'Use Web Domain SSL Certificate' => '采用网站域名SSL证书', 'Webmail URL' => '网页邮箱网址', 'MySQL Support' => 'MySQL 支持', 'phpMyAdmin URL' => '设置 phpMyAdmin 网址', @@ -704,7 +704,7 @@ $LANG['cn'] = array( 'Add File to the Current Selection' => '将文件添加到当前选中区内', 'Select All Files' => '选择所有文件', 'shortcuts are inspired by magnificent GNU Midnight Commander file manager' => - '快捷键的灵感来自旖旎的 GNU Midnight Commander 文件管理器', + '快捷键的灵感来自旖旎的 GNU Midnight Commander 文件管理器', 'Licence Key' => '许可密匙', 'Enter License Key' => '输入许可密匙', @@ -755,7 +755,7 @@ $LANG['cn'] = array( 'ISSUER' => '颁发者', 'Use server hostname' => '采用服务器主机名', - 'Use domain hostname' => '采用域名', + 'Use domain hostname' => '采用账户所在域名', 'Use STARTTLS' => '采用 STARTTLS 加密', 'Use SSL / TLS' => '采用 SSL / TLS 加密', 'No encryption' => '不加密', From 8f2fdfb8d320fb75ba82cdb5ccd91c9c43d6d90c Mon Sep 17 00:00:00 2001 From: Anthony Rossbach Date: Mon, 8 Apr 2019 21:47:22 -0700 Subject: [PATCH 125/197] Fixes for dumps of large databases --- func/db.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/func/db.sh b/func/db.sh index d397dfec..30018065 100644 --- a/func/db.sh +++ b/func/db.sh @@ -55,14 +55,14 @@ mysql_query() { mysql_dump() { err="/tmp/e.mysql" - mysqldump --defaults-file=$mycnf --single-transaction -r $1 $2 2> $err + mysqldump --defaults-file=$mycnf --single-transaction --max_allowed_packet=100M -r $1 $2 2> $err if [ '0' -ne "$?" ]; then rm -rf $tmpdir if [ "$notify" != 'no' ]; then echo -e "Can't dump database $database\n$(cat $err)" |\ $SENDMAIL -s "$subj" $email fi - echo "Error: dump $database failed" + echo "Error: dump $database failed\n$(cat $err)" log_event "$E_DB" "$ARGUMENTS" exit $E_DB fi From a981ddb468603f571d765c00361765c882001824 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Steen=20Sch=C3=BCtt?= <6237359+SteenSchutt@users.noreply.github.com> Date: Wed, 10 Apr 2019 14:42:10 +0200 Subject: [PATCH 126/197] Prevent v-backup-user from excluding folders named logs further down the tree This change will fix issues with files like `public_html/wp-content/plugins/sitepress-multilingual-cms/classes/logs/interface-wpml-log.php` from being excluded, but still exclude the intended main logs directory. Fixes a semi-widespread issue with VestaCP and WPML. --- bin/v-backup-user | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/bin/v-backup-user b/bin/v-backup-user index 90a42b2e..2e81ada2 100755 --- a/bin/v-backup-user +++ b/bin/v-backup-user @@ -223,7 +223,7 @@ if [ ! -z "$WEB_SYSTEM" ] && [ "$WEB" != '*' ]; then exlusion=$(echo -e "$WEB" |tr ',' '\n' |grep "^$domain:") set -f fargs=() - fargs+=(--exclude='logs/*') + fargs+=(--exclude='./logs/*') if [ ! -z "$exlusion" ]; then xdirs="$(echo -e "$exlusion" |tr ':' '\n' |grep -v $domain)" for xpath in $xdirs; do From 3cbaab38bf8d2734f1fb969ce4b02fd46452ae67 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Luka=20Paunovi=C4=87?= Date: Thu, 11 Apr 2019 19:00:56 +0200 Subject: [PATCH 127/197] Fix for issue #1286 Fix for issue #1286 --- bin/v-change-sys-service-config | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/bin/v-change-sys-service-config b/bin/v-change-sys-service-config index 97c14a17..3d31d6b4 100755 --- a/bin/v-change-sys-service-config +++ b/bin/v-change-sys-service-config @@ -95,13 +95,21 @@ if [ "$update" = 'yes' ] && [ "$restart" != 'no' ]; then if [ "$service" = 'php' ]; then if [ "$WEB_SYSTEM" = "nginx" ]; then - service=$(ls /etc/init.d/php*fpm* |cut -f 4 -d / |sed -n 1p) + if [ $(ps --no-headers -o comm 1) == systemd ]; then + service=$(systemctl | grep -o -E "php.*fpm.*\.service") + service=${service//.service/} + else + service=$(ls /etc/init.d/php*fpm* |cut -f 4 -d /) + fi else service=$WEB_SYSTEM fi fi - service $service restart >/dev/null 2>&1 + for single_service in $service; do + service $single_service restart >/dev/null 2>&1 + done <<< "$service" + if [ $? -ne 0 ]; then for config in $dst; do cat $config.vst.back > $config From f0c328375f414662a203b4606d65983b7640160d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Luka=20Paunovi=C4=87?= Date: Thu, 11 Apr 2019 19:02:36 +0200 Subject: [PATCH 128/197] Update v-change-sys-service-config --- bin/v-change-sys-service-config | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/bin/v-change-sys-service-config b/bin/v-change-sys-service-config index 3d31d6b4..0500ecb9 100755 --- a/bin/v-change-sys-service-config +++ b/bin/v-change-sys-service-config @@ -97,7 +97,7 @@ if [ "$update" = 'yes' ] && [ "$restart" != 'no' ]; then if [ "$WEB_SYSTEM" = "nginx" ]; then if [ $(ps --no-headers -o comm 1) == systemd ]; then service=$(systemctl | grep -o -E "php.*fpm.*\.service") - service=${service//.service/} + service=${service//.service/} else service=$(ls /etc/init.d/php*fpm* |cut -f 4 -d /) fi From c28c5d29a3c61bc8110c11349e3f2309cd537cfa Mon Sep 17 00:00:00 2001 From: Serghey Rodin Date: Fri, 12 Apr 2019 17:20:45 +0300 Subject: [PATCH 129/197] setting content type to fix possible XSS attack vector --- web/file_manager/fm_api.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/web/file_manager/fm_api.php b/web/file_manager/fm_api.php index ac5faa3a..cf4eef82 100644 --- a/web/file_manager/fm_api.php +++ b/web/file_manager/fm_api.php @@ -1,8 +1,8 @@ Date: Mon, 15 Apr 2019 10:51:40 +0300 Subject: [PATCH 130/197] removing single quote from escapeshellarg calls --- web/edit/server/index.php | 8 ++++---- web/list/dns/index.php | 2 +- web/list/mail/index.php | 2 +- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/web/edit/server/index.php b/web/edit/server/index.php index 467596f8..defc0b7a 100644 --- a/web/edit/server/index.php +++ b/web/edit/server/index.php @@ -209,7 +209,7 @@ if (!empty($_POST['save'])) { // Update mysql pasword if (empty($_SESSION['error_msg'])) { if (!empty($_POST['v_mysql_password'])) { - exec (VESTA_CMD."v-change-database-host-password mysql localhost root '".escapeshellarg($_POST['v_mysql_password'])."'", $output, $return_var); + exec (VESTA_CMD."v-change-database-host-password mysql localhost root ".escapeshellarg($_POST['v_mysql_password']), $output, $return_var); check_return_code($return_var,$output); unset($output); $v_db_adv = 'yes'; @@ -260,7 +260,7 @@ if (!empty($_POST['save'])) { // Update webmail url if (empty($_SESSION['error_msg'])) { if ($_POST['v_mail_url'] != $_SESSION['MAIL_URL']) { - exec (VESTA_CMD."v-change-sys-config-value MAIL_URL '".escapeshellarg($_POST['v_mail_url'])."'", $output, $return_var); + exec (VESTA_CMD."v-change-sys-config-value MAIL_URL ".escapeshellarg($_POST['v_mail_url']), $output, $return_var); check_return_code($return_var,$output); unset($output); $v_mail_adv = 'yes'; @@ -270,7 +270,7 @@ if (!empty($_POST['save'])) { // Update phpMyAdmin url if (empty($_SESSION['error_msg'])) { if ($_POST['v_mysql_url'] != $_SESSION['DB_PMA_URL']) { - exec (VESTA_CMD."v-change-sys-config-value DB_PMA_URL '".escapeshellarg($_POST['v_mysql_url'])."'", $output, $return_var); + exec (VESTA_CMD."v-change-sys-config-value DB_PMA_URL ".escapeshellarg($_POST['v_mysql_url']), $output, $return_var); check_return_code($return_var,$output); unset($output); $v_db_adv = 'yes'; @@ -280,7 +280,7 @@ if (!empty($_POST['save'])) { // Update phpPgAdmin url if (empty($_SESSION['error_msg'])) { if ($_POST['v_pgsql_url'] != $_SESSION['DB_PGA_URL']) { - exec (VESTA_CMD."v-change-sys-config-value DB_PGA_URL '".escapeshellarg($_POST['v_pgsql_url'])."'", $output, $return_var); + exec (VESTA_CMD."v-change-sys-config-value DB_PGA_URL ".escapeshellarg($_POST['v_pgsql_url']), $output, $return_var); check_return_code($return_var,$output); unset($output); $v_db_adv = 'yes'; diff --git a/web/list/dns/index.php b/web/list/dns/index.php index df5b4a83..c98b8e47 100644 --- a/web/list/dns/index.php +++ b/web/list/dns/index.php @@ -14,7 +14,7 @@ if (empty($_GET['domain'])){ render_page($user, $TAB, 'list_dns'); } else { - exec (VESTA_CMD."v-list-dns-records '".$user."' '".escapeshellarg($_GET['domain'])."' 'json'", $output, $return_var); + exec (VESTA_CMD."v-list-dns-records ".$user." ".escapeshellarg($_GET['domain'])." json", $output, $return_var); $data = json_decode(implode('', $output), true); $data = array_reverse($data, true); unset($output); diff --git a/web/list/mail/index.php b/web/list/mail/index.php index 6b767768..56c42a73 100644 --- a/web/list/mail/index.php +++ b/web/list/mail/index.php @@ -14,7 +14,7 @@ if (empty($_GET['domain'])){ render_page($user, $TAB, 'list_mail'); } else { - exec (VESTA_CMD."v-list-mail-accounts '".$user."' '".escapeshellarg($_GET['domain'])."' json", $output, $return_var); + exec (VESTA_CMD."v-list-mail-accounts ".$user." ".escapeshellarg($_GET['domain'])." json", $output, $return_var); $data = json_decode(implode('', $output), true); $data = array_reverse($data, true); unset($output); From 70319b6a94f08bcf22fe1227372cbaeeabf5e21b Mon Sep 17 00:00:00 2001 From: Serghey Rodin Date: Mon, 15 Apr 2019 13:33:09 +0300 Subject: [PATCH 131/197] full pma install --- install/rhel/7/pma/config.inc.conf | 119 ++++++++++++++++------------- install/vst-install-rhel.sh | 12 ++- 2 files changed, 73 insertions(+), 58 deletions(-) diff --git a/install/rhel/7/pma/config.inc.conf b/install/rhel/7/pma/config.inc.conf index 47ae207e..25097eca 100644 --- a/install/rhel/7/pma/config.inc.conf +++ b/install/rhel/7/pma/config.inc.conf @@ -4,24 +4,24 @@ * phpMyAdmin sample configuration, you can use it as base for * manual configuration. For easier setup you can use setup/ * - * All directives are explained in Documentation.html and on phpMyAdmin - * wiki . + * All directives are explained in documentation in the doc/ folder + * or at . * - * @package phpMyAdmin + * @package PhpMyAdmin */ -/* +/** * This is needed for cookie based authentication to encrypt password in - * cookie + * cookie. Needs to be 32 chars long. */ $cfg['blowfish_secret'] = '%blowfish_secret%'; /* YOU MUST FILL IN THIS FOR COOKIE AUTH! */ -/* +/** * Servers configuration */ $i = 0; -/* +/** * First server */ $i++; @@ -29,44 +29,57 @@ $i++; $cfg['Servers'][$i]['auth_type'] = 'cookie'; /* Server parameters */ $cfg['Servers'][$i]['host'] = 'localhost'; -$cfg['Servers'][$i]['connect_type'] = 'tcp'; $cfg['Servers'][$i]['compress'] = false; -/* Select mysqli if your server has it */ -$cfg['Servers'][$i]['extension'] = 'mysql'; $cfg['Servers'][$i]['AllowNoPassword'] = false; -/* +/** * phpMyAdmin configuration storage settings. */ /* User used to manipulate with storage */ -// $cfg['Servers'][$i]['controluser'] = 'pma'; -// $cfg['Servers'][$i]['controlpass'] = 'pmapass'; +$cfg['Servers'][$i]['controlhost'] = ''; +$cfg['Servers'][$i]['controlport'] = ''; +$cfg['Servers'][$i]['controluser'] = 'phpmyadmin'; +$cfg['Servers'][$i]['controlpass'] = '%phpmyadmin_pass%'; /* Storage database and tables */ -// $cfg['Servers'][$i]['pmadb'] = 'phpmyadmin'; -// $cfg['Servers'][$i]['bookmarktable'] = 'pma_bookmark'; -// $cfg['Servers'][$i]['relation'] = 'pma_relation'; -// $cfg['Servers'][$i]['table_info'] = 'pma_table_info'; -// $cfg['Servers'][$i]['table_coords'] = 'pma_table_coords'; -// $cfg['Servers'][$i]['pdf_pages'] = 'pma_pdf_pages'; -// $cfg['Servers'][$i]['column_info'] = 'pma_column_info'; -// $cfg['Servers'][$i]['history'] = 'pma_history'; -// $cfg['Servers'][$i]['tracking'] = 'pma_tracking'; -// $cfg['Servers'][$i]['designer_coords'] = 'pma_designer_coords'; -// $cfg['Servers'][$i]['userconfig'] = 'pma_userconfig'; -/* Contrib / Swekey authentication */ -// $cfg['Servers'][$i]['auth_swekey_config'] = '/etc/swekey-pma.conf'; +$cfg['Servers'][$i]['pmadb'] = 'phpmyadmin'; +$cfg['Servers'][$i]['bookmarktable'] = 'pma__bookmark'; +$cfg['Servers'][$i]['relation'] = 'pma__relation'; +$cfg['Servers'][$i]['table_info'] = 'pma__table_info'; +$cfg['Servers'][$i]['table_coords'] = 'pma__table_coords'; +$cfg['Servers'][$i]['pdf_pages'] = 'pma__pdf_pages'; +$cfg['Servers'][$i]['column_info'] = 'pma__column_info'; +$cfg['Servers'][$i]['history'] = 'pma__history'; +$cfg['Servers'][$i]['table_uiprefs'] = 'pma__table_uiprefs'; +$cfg['Servers'][$i]['tracking'] = 'pma__tracking'; +$cfg['Servers'][$i]['userconfig'] = 'pma__userconfig'; +$cfg['Servers'][$i]['recent'] = 'pma__recent'; +$cfg['Servers'][$i]['favorite'] = 'pma__favorite'; +$cfg['Servers'][$i]['users'] = 'pma__users'; +$cfg['Servers'][$i]['usergroups'] = 'pma__usergroups'; +$cfg['Servers'][$i]['navigationhiding'] = 'pma__navigationhiding'; +$cfg['Servers'][$i]['savedsearches'] = 'pma__savedsearches'; +$cfg['Servers'][$i]['central_columns'] = 'pma__central_columns'; +$cfg['Servers'][$i]['designer_settings'] = 'pma__designer_settings'; +$cfg['Servers'][$i]['export_templates'] = 'pma__export_templates'; -/* +/** * End of servers configuration */ -/* +/** * Directories for saving/loading files from server */ -$cfg['UploadDir'] = ''; -$cfg['SaveDir'] = ''; +$cfg['UploadDir'] = '/var/lib/phpMyAdmin/upload'; +$cfg['SaveDir'] = '/var/lib/phpMyAdmin/save'; + +/** + * Whether to display icons or text or both icons and text in table row + * action segment. Value can be either of 'icons', 'text' or 'both'. + * default = 'both' + */ +//$cfg['RowActionType'] = 'icons'; /** * Defines whether a user should be displayed a "show all (records)" @@ -78,25 +91,21 @@ $cfg['SaveDir'] = ''; /** * Number of rows displayed when browsing a result set. If the result * set contains more rows, "Previous" and "Next". - * default = 30 + * Possible values: 25, 50, 100, 250, 500 + * default = 25 */ //$cfg['MaxRows'] = 50; /** - * Use graphically less intense menu tabs - * default = false - */ -//$cfg['LightTabs'] = true; - -/** - * disallow editing of binary fields + * Disallow editing of binary fields * valid values are: - * false allow editing - * 'blob' allow editing except for BLOB fields - * 'all' disallow editing - * default = blob + * false allow editing + * 'blob' allow editing except for BLOB fields + * 'noblob' disallow editing except for BLOB fields + * 'all' disallow editing + * default = 'blob' */ -//$cfg['ProtectBinary'] = 'false'; +//$cfg['ProtectBinary'] = false; /** * Default language to use, if not browser-defined or user-defined @@ -107,12 +116,6 @@ $cfg['SaveDir'] = ''; //$cfg['DefaultLang'] = 'en'; //$cfg['DefaultLang'] = 'de'; -/** - * default display direction (horizontal|vertical|horizontalflipped) - */ -//$cfg['DefaultDisplay'] = 'vertical'; - - /** * How many columns should be used for table display of a database? * (a value larger than 1 results in some information being hidden) @@ -131,13 +134,21 @@ $cfg['SaveDir'] = ''; /** * When using DB-based query history, how many entries should be kept? - * * default = 25 */ //$cfg['QueryHistoryMax'] = 100; -/* - * You can find more configuration options in Documentation.html - * or here: http://wiki.phpmyadmin.net/pma/Config +/** + * Whether or not to query the user before sending the error report to + * the phpMyAdmin team when a JavaScript error occurs + * + * Available options + * ('ask' | 'always' | 'never') + * default = 'ask' + */ +//$cfg['SendErrorReports'] = 'always'; + +/** + * You can find more configuration options in the documentation + * in the doc/ folder or at . */ -?> diff --git a/install/vst-install-rhel.sh b/install/vst-install-rhel.sh index f6147bbc..8badeca8 100755 --- a/install/vst-install-rhel.sh +++ b/install/vst-install-rhel.sh @@ -83,9 +83,6 @@ gen_pass() { echo "$PASS" } -# Defining 32 char blowfish_secret -blowfish_secret=`openssl rand -base64 32`; - # Defining return code check function check_result() { if [ $1 -ne 0 ]; then @@ -1045,8 +1042,15 @@ if [ "$mysql" = 'yes' ]; then if [ "$apache" = 'yes' ]; then cp -f $vestacp/pma/phpMyAdmin.conf /etc/httpd/conf.d/ fi + mysql < /usr/share/phpMyAdmin/sql/create_tables.sql + p=$(gen_pass) + mysql -e "GRANT ALL ON phpmyadmin.* + TO phpmyadmin@localhost IDENTIFIED BY '$p'" cp -f $vestacp/pma/config.inc.conf /etc/phpMyAdmin/config.inc.php - sed -i "s#%blowfish_secret#$blowfish_secret#g" /etc/phpMyAdmin/config.inc.php + sed -i "s/%blowfish_secret%/$(gen_pass 32)/g" /etc/phpMyAdmin/config.inc.php + sed -i "s/%phpmyadmin_pass%/$p/g" /etc/phpMyAdmin/config.inc.php + chmod 777 /var/lib/phpMyAdmin/temp + chmod 777 /var/lib/phpMyAdmin/save fi From e674bf14fd401f419223f1dd06a6e381a3c188a2 Mon Sep 17 00:00:00 2001 From: Serghey Rodin Date: Mon, 15 Apr 2019 13:48:23 +0300 Subject: [PATCH 132/197] Release 0.9.8-24 --- src/deb/ioncube/control | 2 +- src/deb/nginx/control | 2 +- src/deb/php/control | 2 +- src/deb/vesta/control | 2 +- src/rpm/specs/vesta-ioncube.spec | 2 +- src/rpm/specs/vesta-nginx.spec | 2 +- src/rpm/specs/vesta.spec | 10 +++++++++- upd/add_notifications.sh | 3 +-- 8 files changed, 16 insertions(+), 9 deletions(-) diff --git a/src/deb/ioncube/control b/src/deb/ioncube/control index 9db6cc14..8b264b80 100644 --- a/src/deb/ioncube/control +++ b/src/deb/ioncube/control @@ -1,7 +1,7 @@ Source: vesta-ioncube Package: vesta-ioncube Priority: optional -Version: 0.9.8-23 +Version: 0.9.8-24 Section: admin Maintainer: Serghey Rodin Homepage: https://www.ioncube.com diff --git a/src/deb/nginx/control b/src/deb/nginx/control index 19ec8bbb..970f8dbe 100644 --- a/src/deb/nginx/control +++ b/src/deb/nginx/control @@ -1,7 +1,7 @@ Source: vesta-nginx Package: vesta-nginx Priority: optional -Version: 0.9.8-23 +Version: 0.9.8-24 Section: admin Maintainer: Serghey Rodin Homepage: http://vestacp.com diff --git a/src/deb/php/control b/src/deb/php/control index e8702027..3b8055de 100644 --- a/src/deb/php/control +++ b/src/deb/php/control @@ -1,7 +1,7 @@ Source: vesta-php Package: vesta-php Priority: optional -Version: 0.9.8-23 +Version: 0.9.8-24 Section: admin Maintainer: Serghey Rodin Homepage: http://vestacp.com diff --git a/src/deb/vesta/control b/src/deb/vesta/control index 9f83c2a6..3e7bdd64 100644 --- a/src/deb/vesta/control +++ b/src/deb/vesta/control @@ -1,7 +1,7 @@ Source: vesta Package: vesta Priority: optional -Version: 0.9.8-23 +Version: 0.9.8-24 Section: admin Maintainer: Serghey Rodin Homepage: http://vestacp.com diff --git a/src/rpm/specs/vesta-ioncube.spec b/src/rpm/specs/vesta-ioncube.spec index 54bb5cf4..4dbf3203 100644 --- a/src/rpm/specs/vesta-ioncube.spec +++ b/src/rpm/specs/vesta-ioncube.spec @@ -1,6 +1,6 @@ Name: vesta-ioncube Version: 0.9.8 -Release: 23 +Release: 24 Summary: ionCube Loader Group: System Environment/Base License: "Freely redistributable without restriction" diff --git a/src/rpm/specs/vesta-nginx.spec b/src/rpm/specs/vesta-nginx.spec index ca530cc1..8fb887c9 100644 --- a/src/rpm/specs/vesta-nginx.spec +++ b/src/rpm/specs/vesta-nginx.spec @@ -1,6 +1,6 @@ Name: vesta-nginx Version: 0.9.8 -Release: 23 +Release: 24 Summary: Vesta Control Panel Group: System Environment/Base License: BSD-like diff --git a/src/rpm/specs/vesta.spec b/src/rpm/specs/vesta.spec index 10830d15..d632cc55 100644 --- a/src/rpm/specs/vesta.spec +++ b/src/rpm/specs/vesta.spec @@ -1,6 +1,6 @@ Name: vesta Version: 0.9.8 -Release: 23 +Release: 24 Summary: Vesta Control Panel Group: System Environment/Base License: GPL @@ -68,6 +68,14 @@ fi %config(noreplace) %{_vestadir}/web/css/uploadify.css %changelog +* Mon Apr 18 2019 Serghey Rodin - 0.9.8-24 +- Bugfixes +- Security patches +- LEv2 +- Server LE +- i18n updates + + * Thu Oct 18 2018 Serghey Rodin - 0.9.8-23 - Security fixes diff --git a/upd/add_notifications.sh b/upd/add_notifications.sh index e55c0c74..4aecf68c 100755 --- a/upd/add_notifications.sh +++ b/upd/add_notifications.sh @@ -5,5 +5,4 @@ rm -f /usr/local/vesta/data/users/admin/notifications.conf /usr/local/vesta/bin/v-add-user-notification admin "File Manager" "Browse, copy, edit, view, and retrieve all your web domain files using a fully featured File Manager. Plugin is available for purchase." 'filemanager' /usr/local/vesta/bin/v-add-user-notification admin "Chroot SFTP" "If you want to have SFTP accounts that will be used only to transfer files (and not to SSH), you can purchase and enable SFTP Chroot" /usr/local/vesta/bin/v-add-user-notification admin "Softaculous" "Softaculous is one of the best Auto Installers and it is finally available" -/usr/local/vesta/bin/v-add-user-notification admin "Release 0.9.8-23" "We've made 1478 commits, fixed 29 bugs and merged 141 pull request. As always for more information please read release notes" - +/usr/local/vesta/bin/v-add-user-notification admin "Release 0.9.8-24" "This release is about stability and refinement. We added Let's Encrypt v2 support and added server certificate management tools. For more information please read release notes" From e1fb811caf73e5d8de49e3d2a0098a1afb0f647f Mon Sep 17 00:00:00 2001 From: Serghey Rodin Date: Mon, 15 Apr 2019 14:08:16 +0300 Subject: [PATCH 133/197] ubuntu 18.10 support --- install/ubuntu/18.10/apache2/apache2.conf | 94 ++ install/ubuntu/18.10/apache2/status.conf | 8 + install/ubuntu/18.10/bind/named.conf | 12 + install/ubuntu/18.10/clamav/clamd.conf | 61 ++ install/ubuntu/18.10/deb_signing.key | 30 + .../ubuntu/18.10/dovecot/conf.d/10-auth.conf | 4 + .../18.10/dovecot/conf.d/10-logging.conf | 1 + .../ubuntu/18.10/dovecot/conf.d/10-mail.conf | 9 + .../18.10/dovecot/conf.d/10-master.conf | 29 + .../ubuntu/18.10/dovecot/conf.d/10-ssl.conf | 5 + .../18.10/dovecot/conf.d/15-mailboxes.conf | 29 + .../ubuntu/18.10/dovecot/conf.d/20-imap.conf | 58 ++ .../ubuntu/18.10/dovecot/conf.d/20-pop3.conf | 91 ++ .../dovecot/conf.d/auth-passwdfile.conf.ext | 9 + install/ubuntu/18.10/dovecot/dovecot.conf | 4 + install/ubuntu/18.10/exim/dnsbl.conf | 2 + install/ubuntu/18.10/exim/exim4.conf.template | 382 ++++++++ install/ubuntu/18.10/exim/spam-blocks.conf | 0 .../ubuntu/18.10/fail2ban/action.d/vesta.conf | 9 + .../ubuntu/18.10/fail2ban/filter.d/vesta.conf | 10 + install/ubuntu/18.10/fail2ban/jail.local | 51 ++ install/ubuntu/18.10/firewall/ports.conf | 17 + install/ubuntu/18.10/firewall/rules.conf | 11 + install/ubuntu/18.10/logrotate/apache2 | 19 + install/ubuntu/18.10/logrotate/dovecot | 12 + install/ubuntu/18.10/logrotate/nginx | 13 + install/ubuntu/18.10/logrotate/vesta | 7 + install/ubuntu/18.10/mysql/my-large.cnf | 41 + install/ubuntu/18.10/mysql/my-medium.cnf | 40 + install/ubuntu/18.10/mysql/my-small.cnf | 40 + install/ubuntu/18.10/nginx/nginx.conf | 139 +++ install/ubuntu/18.10/nginx/phpmyadmin.inc | 18 + install/ubuntu/18.10/nginx/phppgadmin.inc | 11 + install/ubuntu/18.10/nginx/status.conf | 9 + install/ubuntu/18.10/nginx/webmail.inc | 15 + install/ubuntu/18.10/packages/default.pkg | 18 + install/ubuntu/18.10/packages/gainsboro.pkg | 18 + install/ubuntu/18.10/packages/palegreen.pkg | 18 + install/ubuntu/18.10/packages/slategrey.pkg | 18 + install/ubuntu/18.10/pga/config.inc.php | 159 ++++ install/ubuntu/18.10/pga/phppgadmin.conf | 31 + install/ubuntu/18.10/php-fpm/www.conf | 11 + install/ubuntu/18.10/pma/apache.conf | 42 + install/ubuntu/18.10/pma/config.inc.php | 146 +++ install/ubuntu/18.10/postgresql/pg_hba.conf | 11 + install/ubuntu/18.10/proftpd/proftpd.conf | 32 + install/ubuntu/18.10/roundcube/apache.conf | 40 + install/ubuntu/18.10/roundcube/config.inc.php | 33 + install/ubuntu/18.10/roundcube/db.inc.php | 66 ++ install/ubuntu/18.10/roundcube/main.inc.php | 850 ++++++++++++++++++ install/ubuntu/18.10/roundcube/vesta.php | 72 ++ install/ubuntu/18.10/sudo/admin | 8 + .../ubuntu/18.10/templates/dns/child-ns.tpl | 14 + .../ubuntu/18.10/templates/dns/default.tpl | 18 + install/ubuntu/18.10/templates/dns/gmail.tpl | 12 + .../18.10/templates/web/apache2/basedir.stpl | 44 + .../18.10/templates/web/apache2/basedir.tpl | 38 + .../18.10/templates/web/apache2/default.stpl | 43 + .../18.10/templates/web/apache2/default.tpl | 37 + .../18.10/templates/web/apache2/hosting.stpl | 49 + .../18.10/templates/web/apache2/hosting.tpl | 43 + .../18.10/templates/web/apache2/phpcgi.sh | 16 + .../18.10/templates/web/apache2/phpcgi.stpl | 38 + .../18.10/templates/web/apache2/phpcgi.tpl | 31 + .../18.10/templates/web/apache2/phpfcgid.sh | 22 + .../18.10/templates/web/apache2/phpfcgid.stpl | 39 + .../18.10/templates/web/apache2/phpfcgid.tpl | 31 + .../18.10/templates/web/awstats/awstats.tpl | 133 +++ .../18.10/templates/web/awstats/index.tpl | 10 + .../18.10/templates/web/awstats/nav.tpl | 23 + .../18.10/templates/web/nginx/caching.sh | 19 + .../18.10/templates/web/nginx/caching.stpl | 43 + .../18.10/templates/web/nginx/caching.tpl | 41 + .../18.10/templates/web/nginx/default.stpl | 35 + .../18.10/templates/web/nginx/default.tpl | 33 + .../18.10/templates/web/nginx/hosting.sh | 11 + .../18.10/templates/web/nginx/hosting.stpl | 37 + .../18.10/templates/web/nginx/hosting.tpl | 35 + .../18.10/templates/web/nginx/http2.stpl | 35 + .../18.10/templates/web/nginx/http2.tpl | 33 + .../web/nginx/php-fpm/cms_made_simple.stpl | 55 ++ .../web/nginx/php-fpm/cms_made_simple.tpl | 52 ++ .../web/nginx/php-fpm/codeigniter2.stpl | 60 ++ .../web/nginx/php-fpm/codeigniter2.tpl | 57 ++ .../web/nginx/php-fpm/codeigniter3.stpl | 55 ++ .../web/nginx/php-fpm/codeigniter3.tpl | 52 ++ .../web/nginx/php-fpm/datalife_engine.stpl | 126 +++ .../web/nginx/php-fpm/datalife_engine.tpl | 123 +++ .../templates/web/nginx/php-fpm/default.stpl | 54 ++ .../templates/web/nginx/php-fpm/default.tpl | 51 ++ .../templates/web/nginx/php-fpm/dokuwiki.stpl | 71 ++ .../templates/web/nginx/php-fpm/dokuwiki.tpl | 67 ++ .../templates/web/nginx/php-fpm/drupal6.stpl | 84 ++ .../templates/web/nginx/php-fpm/drupal6.tpl | 81 ++ .../templates/web/nginx/php-fpm/drupal7.stpl | 88 ++ .../templates/web/nginx/php-fpm/drupal7.tpl | 85 ++ .../templates/web/nginx/php-fpm/drupal8.stpl | 93 ++ .../templates/web/nginx/php-fpm/drupal8.tpl | 90 ++ .../templates/web/nginx/php-fpm/joomla.stpl | 62 ++ .../templates/web/nginx/php-fpm/joomla.tpl | 59 ++ .../templates/web/nginx/php-fpm/laravel.stpl | 55 ++ .../templates/web/nginx/php-fpm/laravel.tpl | 50 ++ .../templates/web/nginx/php-fpm/magento.stpl | 197 ++++ .../templates/web/nginx/php-fpm/magento.tpl | 194 ++++ .../templates/web/nginx/php-fpm/modx.stpl | 68 ++ .../templates/web/nginx/php-fpm/modx.tpl | 65 ++ .../templates/web/nginx/php-fpm/moodle.stpl | 89 ++ .../templates/web/nginx/php-fpm/moodle.tpl | 87 ++ .../templates/web/nginx/php-fpm/no-php.stpl | 46 + .../templates/web/nginx/php-fpm/no-php.tpl | 43 + .../templates/web/nginx/php-fpm/odoo.stpl | 69 ++ .../templates/web/nginx/php-fpm/odoo.tpl | 66 ++ .../templates/web/nginx/php-fpm/opencart.stpl | 58 ++ .../templates/web/nginx/php-fpm/opencart.tpl | 54 ++ .../templates/web/nginx/php-fpm/owncloud.stpl | 84 ++ .../templates/web/nginx/php-fpm/owncloud.tpl | 81 ++ .../templates/web/nginx/php-fpm/piwik.stpl | 72 ++ .../templates/web/nginx/php-fpm/piwik.tpl | 69 ++ .../templates/web/nginx/php-fpm/pyrocms.stpl | 65 ++ .../templates/web/nginx/php-fpm/pyrocms.tpl | 62 ++ .../templates/web/nginx/php-fpm/sendy.stpl | 88 ++ .../templates/web/nginx/php-fpm/sendy.tpl | 86 ++ .../web/nginx/php-fpm/wordpress.stpl | 54 ++ .../templates/web/nginx/php-fpm/wordpress.tpl | 51 ++ .../web/nginx/php-fpm/wordpress2.stpl | 66 ++ .../web/nginx/php-fpm/wordpress2.tpl | 63 ++ .../web/nginx/php-fpm/wordpress2_rewrite.stpl | 71 ++ .../web/nginx/php-fpm/wordpress2_rewrite.tpl | 67 ++ .../18.10/templates/web/nginx/proxy_ip.tpl | 9 + .../18.10/templates/web/php-fpm/default.tpl | 21 + .../18.10/templates/web/php-fpm/no-php.tpl | 20 + .../18.10/templates/web/php-fpm/socket.tpl | 24 + .../web/skel/document_errors/403.html | 29 + .../web/skel/document_errors/404.html | 28 + .../web/skel/document_errors/50x.html | 29 + .../templates/web/skel/public_html/index.html | 26 + .../templates/web/skel/public_html/robots.txt | 3 + .../web/skel/public_shtml/index.html | 26 + .../web/skel/public_shtml/robots.txt | 3 + .../18.10/templates/web/suspend/.htaccess | 2 + .../18.10/templates/web/suspend/index.html | 25 + .../templates/web/webalizer/webalizer.tpl | 110 +++ install/ubuntu/18.10/vsftpd/vsftpd.conf | 40 + 143 files changed, 7806 insertions(+) create mode 100644 install/ubuntu/18.10/apache2/apache2.conf create mode 100644 install/ubuntu/18.10/apache2/status.conf create mode 100644 install/ubuntu/18.10/bind/named.conf create mode 100644 install/ubuntu/18.10/clamav/clamd.conf create mode 100644 install/ubuntu/18.10/deb_signing.key create mode 100644 install/ubuntu/18.10/dovecot/conf.d/10-auth.conf create mode 100644 install/ubuntu/18.10/dovecot/conf.d/10-logging.conf create mode 100644 install/ubuntu/18.10/dovecot/conf.d/10-mail.conf create mode 100644 install/ubuntu/18.10/dovecot/conf.d/10-master.conf create mode 100644 install/ubuntu/18.10/dovecot/conf.d/10-ssl.conf create mode 100644 install/ubuntu/18.10/dovecot/conf.d/15-mailboxes.conf create mode 100644 install/ubuntu/18.10/dovecot/conf.d/20-imap.conf create mode 100644 install/ubuntu/18.10/dovecot/conf.d/20-pop3.conf create mode 100644 install/ubuntu/18.10/dovecot/conf.d/auth-passwdfile.conf.ext create mode 100644 install/ubuntu/18.10/dovecot/dovecot.conf create mode 100644 install/ubuntu/18.10/exim/dnsbl.conf create mode 100644 install/ubuntu/18.10/exim/exim4.conf.template create mode 100644 install/ubuntu/18.10/exim/spam-blocks.conf create mode 100644 install/ubuntu/18.10/fail2ban/action.d/vesta.conf create mode 100644 install/ubuntu/18.10/fail2ban/filter.d/vesta.conf create mode 100644 install/ubuntu/18.10/fail2ban/jail.local create mode 100644 install/ubuntu/18.10/firewall/ports.conf create mode 100644 install/ubuntu/18.10/firewall/rules.conf create mode 100644 install/ubuntu/18.10/logrotate/apache2 create mode 100644 install/ubuntu/18.10/logrotate/dovecot create mode 100644 install/ubuntu/18.10/logrotate/nginx create mode 100644 install/ubuntu/18.10/logrotate/vesta create mode 100644 install/ubuntu/18.10/mysql/my-large.cnf create mode 100644 install/ubuntu/18.10/mysql/my-medium.cnf create mode 100644 install/ubuntu/18.10/mysql/my-small.cnf create mode 100644 install/ubuntu/18.10/nginx/nginx.conf create mode 100644 install/ubuntu/18.10/nginx/phpmyadmin.inc create mode 100644 install/ubuntu/18.10/nginx/phppgadmin.inc create mode 100644 install/ubuntu/18.10/nginx/status.conf create mode 100644 install/ubuntu/18.10/nginx/webmail.inc create mode 100644 install/ubuntu/18.10/packages/default.pkg create mode 100644 install/ubuntu/18.10/packages/gainsboro.pkg create mode 100644 install/ubuntu/18.10/packages/palegreen.pkg create mode 100644 install/ubuntu/18.10/packages/slategrey.pkg create mode 100644 install/ubuntu/18.10/pga/config.inc.php create mode 100644 install/ubuntu/18.10/pga/phppgadmin.conf create mode 100644 install/ubuntu/18.10/php-fpm/www.conf create mode 100644 install/ubuntu/18.10/pma/apache.conf create mode 100644 install/ubuntu/18.10/pma/config.inc.php create mode 100644 install/ubuntu/18.10/postgresql/pg_hba.conf create mode 100644 install/ubuntu/18.10/proftpd/proftpd.conf create mode 100644 install/ubuntu/18.10/roundcube/apache.conf create mode 100644 install/ubuntu/18.10/roundcube/config.inc.php create mode 100644 install/ubuntu/18.10/roundcube/db.inc.php create mode 100644 install/ubuntu/18.10/roundcube/main.inc.php create mode 100644 install/ubuntu/18.10/roundcube/vesta.php create mode 100644 install/ubuntu/18.10/sudo/admin create mode 100755 install/ubuntu/18.10/templates/dns/child-ns.tpl create mode 100755 install/ubuntu/18.10/templates/dns/default.tpl create mode 100755 install/ubuntu/18.10/templates/dns/gmail.tpl create mode 100644 install/ubuntu/18.10/templates/web/apache2/basedir.stpl create mode 100644 install/ubuntu/18.10/templates/web/apache2/basedir.tpl create mode 100644 install/ubuntu/18.10/templates/web/apache2/default.stpl create mode 100644 install/ubuntu/18.10/templates/web/apache2/default.tpl create mode 100644 install/ubuntu/18.10/templates/web/apache2/hosting.stpl create mode 100644 install/ubuntu/18.10/templates/web/apache2/hosting.tpl create mode 100755 install/ubuntu/18.10/templates/web/apache2/phpcgi.sh create mode 100644 install/ubuntu/18.10/templates/web/apache2/phpcgi.stpl create mode 100644 install/ubuntu/18.10/templates/web/apache2/phpcgi.tpl create mode 100755 install/ubuntu/18.10/templates/web/apache2/phpfcgid.sh create mode 100644 install/ubuntu/18.10/templates/web/apache2/phpfcgid.stpl create mode 100644 install/ubuntu/18.10/templates/web/apache2/phpfcgid.tpl create mode 100755 install/ubuntu/18.10/templates/web/awstats/awstats.tpl create mode 100755 install/ubuntu/18.10/templates/web/awstats/index.tpl create mode 100755 install/ubuntu/18.10/templates/web/awstats/nav.tpl create mode 100755 install/ubuntu/18.10/templates/web/nginx/caching.sh create mode 100755 install/ubuntu/18.10/templates/web/nginx/caching.stpl create mode 100755 install/ubuntu/18.10/templates/web/nginx/caching.tpl create mode 100755 install/ubuntu/18.10/templates/web/nginx/default.stpl create mode 100755 install/ubuntu/18.10/templates/web/nginx/default.tpl create mode 100755 install/ubuntu/18.10/templates/web/nginx/hosting.sh create mode 100755 install/ubuntu/18.10/templates/web/nginx/hosting.stpl create mode 100755 install/ubuntu/18.10/templates/web/nginx/hosting.tpl create mode 100644 install/ubuntu/18.10/templates/web/nginx/http2.stpl create mode 100644 install/ubuntu/18.10/templates/web/nginx/http2.tpl create mode 100644 install/ubuntu/18.10/templates/web/nginx/php-fpm/cms_made_simple.stpl create mode 100644 install/ubuntu/18.10/templates/web/nginx/php-fpm/cms_made_simple.tpl create mode 100644 install/ubuntu/18.10/templates/web/nginx/php-fpm/codeigniter2.stpl create mode 100644 install/ubuntu/18.10/templates/web/nginx/php-fpm/codeigniter2.tpl create mode 100644 install/ubuntu/18.10/templates/web/nginx/php-fpm/codeigniter3.stpl create mode 100644 install/ubuntu/18.10/templates/web/nginx/php-fpm/codeigniter3.tpl create mode 100644 install/ubuntu/18.10/templates/web/nginx/php-fpm/datalife_engine.stpl create mode 100644 install/ubuntu/18.10/templates/web/nginx/php-fpm/datalife_engine.tpl create mode 100644 install/ubuntu/18.10/templates/web/nginx/php-fpm/default.stpl create mode 100644 install/ubuntu/18.10/templates/web/nginx/php-fpm/default.tpl create mode 100644 install/ubuntu/18.10/templates/web/nginx/php-fpm/dokuwiki.stpl create mode 100644 install/ubuntu/18.10/templates/web/nginx/php-fpm/dokuwiki.tpl create mode 100644 install/ubuntu/18.10/templates/web/nginx/php-fpm/drupal6.stpl create mode 100644 install/ubuntu/18.10/templates/web/nginx/php-fpm/drupal6.tpl create mode 100644 install/ubuntu/18.10/templates/web/nginx/php-fpm/drupal7.stpl create mode 100644 install/ubuntu/18.10/templates/web/nginx/php-fpm/drupal7.tpl create mode 100644 install/ubuntu/18.10/templates/web/nginx/php-fpm/drupal8.stpl create mode 100644 install/ubuntu/18.10/templates/web/nginx/php-fpm/drupal8.tpl create mode 100644 install/ubuntu/18.10/templates/web/nginx/php-fpm/joomla.stpl create mode 100644 install/ubuntu/18.10/templates/web/nginx/php-fpm/joomla.tpl create mode 100644 install/ubuntu/18.10/templates/web/nginx/php-fpm/laravel.stpl create mode 100644 install/ubuntu/18.10/templates/web/nginx/php-fpm/laravel.tpl create mode 100644 install/ubuntu/18.10/templates/web/nginx/php-fpm/magento.stpl create mode 100644 install/ubuntu/18.10/templates/web/nginx/php-fpm/magento.tpl create mode 100644 install/ubuntu/18.10/templates/web/nginx/php-fpm/modx.stpl create mode 100644 install/ubuntu/18.10/templates/web/nginx/php-fpm/modx.tpl create mode 100644 install/ubuntu/18.10/templates/web/nginx/php-fpm/moodle.stpl create mode 100644 install/ubuntu/18.10/templates/web/nginx/php-fpm/moodle.tpl create mode 100644 install/ubuntu/18.10/templates/web/nginx/php-fpm/no-php.stpl create mode 100644 install/ubuntu/18.10/templates/web/nginx/php-fpm/no-php.tpl create mode 100644 install/ubuntu/18.10/templates/web/nginx/php-fpm/odoo.stpl create mode 100644 install/ubuntu/18.10/templates/web/nginx/php-fpm/odoo.tpl create mode 100644 install/ubuntu/18.10/templates/web/nginx/php-fpm/opencart.stpl create mode 100644 install/ubuntu/18.10/templates/web/nginx/php-fpm/opencart.tpl create mode 100644 install/ubuntu/18.10/templates/web/nginx/php-fpm/owncloud.stpl create mode 100644 install/ubuntu/18.10/templates/web/nginx/php-fpm/owncloud.tpl create mode 100644 install/ubuntu/18.10/templates/web/nginx/php-fpm/piwik.stpl create mode 100644 install/ubuntu/18.10/templates/web/nginx/php-fpm/piwik.tpl create mode 100644 install/ubuntu/18.10/templates/web/nginx/php-fpm/pyrocms.stpl create mode 100644 install/ubuntu/18.10/templates/web/nginx/php-fpm/pyrocms.tpl create mode 100644 install/ubuntu/18.10/templates/web/nginx/php-fpm/sendy.stpl create mode 100644 install/ubuntu/18.10/templates/web/nginx/php-fpm/sendy.tpl create mode 100644 install/ubuntu/18.10/templates/web/nginx/php-fpm/wordpress.stpl create mode 100644 install/ubuntu/18.10/templates/web/nginx/php-fpm/wordpress.tpl create mode 100644 install/ubuntu/18.10/templates/web/nginx/php-fpm/wordpress2.stpl create mode 100644 install/ubuntu/18.10/templates/web/nginx/php-fpm/wordpress2.tpl create mode 100644 install/ubuntu/18.10/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl create mode 100644 install/ubuntu/18.10/templates/web/nginx/php-fpm/wordpress2_rewrite.tpl create mode 100755 install/ubuntu/18.10/templates/web/nginx/proxy_ip.tpl create mode 100644 install/ubuntu/18.10/templates/web/php-fpm/default.tpl create mode 100644 install/ubuntu/18.10/templates/web/php-fpm/no-php.tpl create mode 100644 install/ubuntu/18.10/templates/web/php-fpm/socket.tpl create mode 100755 install/ubuntu/18.10/templates/web/skel/document_errors/403.html create mode 100755 install/ubuntu/18.10/templates/web/skel/document_errors/404.html create mode 100755 install/ubuntu/18.10/templates/web/skel/document_errors/50x.html create mode 100755 install/ubuntu/18.10/templates/web/skel/public_html/index.html create mode 100755 install/ubuntu/18.10/templates/web/skel/public_html/robots.txt create mode 100755 install/ubuntu/18.10/templates/web/skel/public_shtml/index.html create mode 100755 install/ubuntu/18.10/templates/web/skel/public_shtml/robots.txt create mode 100755 install/ubuntu/18.10/templates/web/suspend/.htaccess create mode 100755 install/ubuntu/18.10/templates/web/suspend/index.html create mode 100755 install/ubuntu/18.10/templates/web/webalizer/webalizer.tpl create mode 100644 install/ubuntu/18.10/vsftpd/vsftpd.conf diff --git a/install/ubuntu/18.10/apache2/apache2.conf b/install/ubuntu/18.10/apache2/apache2.conf new file mode 100644 index 00000000..2756132a --- /dev/null +++ b/install/ubuntu/18.10/apache2/apache2.conf @@ -0,0 +1,94 @@ +# It is split into several files forming the configuration hierarchy outlined +# below, all located in the /etc/apache2/ directory: +# +# /etc/apache2/ +# |-- apache2.conf +# | `-- ports.conf +# |-- mods-enabled +# | |-- *.load +# | `-- *.conf +# |-- conf.d +# | `-- * + +# Global configuration +PidFile ${APACHE_PID_FILE} +Timeout 30 +KeepAlive Off +MaxKeepAliveRequests 100 +KeepAliveTimeout 10 + + + StartServers 8 + MinSpareServers 5 + MaxSpareServers 20 + ServerLimit 256 + MaxClients 200 + MaxRequestsPerChild 4000 + + + + StartServers 2 + MinSpareThreads 25 + MaxSpareThreads 75 + ThreadLimit 64 + ThreadsPerChild 25 + MaxClients 200 + MaxRequestsPerChild 4000 + + + + StartServers 2 + MinSpareThreads 25 + MaxSpareThreads 75 + ThreadLimit 64 + ThreadsPerChild 25 + MaxClients 200 + MaxRequestsPerChild 4000 + + +# These need to be set in /etc/apache2/envvars +User ${APACHE_RUN_USER} +Group ${APACHE_RUN_GROUP} +#User www-data +#Group www-data + +AccessFileName .htaccess + + + Order allow,deny + Deny from all + Satisfy all + + +DefaultType None +HostnameLookups Off + +ErrorLog ${APACHE_LOG_DIR}/error.log +LogLevel warn + +# Include module configuration: +Include mods-enabled/*.load +Include mods-enabled/*.conf + +# Include list of ports to listen on and which to use for name based vhosts +Include ports.conf + +LogFormat "%v:%p %h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined +LogFormat "%h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined +LogFormat "%h %l %u %t \"%r\" %>s %O" common +LogFormat "%{Referer}i -> %U" referer +LogFormat "%{User-agent}i" agent +LogFormat "%b" bytes + +Include conf.d/ + +# Include the virtual host configurations: +#Include sites-enabled/ + +ErrorDocument 403 /error/403.html +ErrorDocument 404 /error/404.html +ErrorDocument 500 /error/50x.html +ErrorDocument 501 /error/50x.html +ErrorDocument 502 /error/50x.html +ErrorDocument 503 /error/50x.html +ErrorDocument 506 /error/50x.html diff --git a/install/ubuntu/18.10/apache2/status.conf b/install/ubuntu/18.10/apache2/status.conf new file mode 100644 index 00000000..da9d9633 --- /dev/null +++ b/install/ubuntu/18.10/apache2/status.conf @@ -0,0 +1,8 @@ +Listen 127.0.0.1:8081 + + SetHandler server-status + Order deny,allow + Deny from all + Allow from 127.0.0.1 + Allow from all + diff --git a/install/ubuntu/18.10/bind/named.conf b/install/ubuntu/18.10/bind/named.conf new file mode 100644 index 00000000..ed6ece88 --- /dev/null +++ b/install/ubuntu/18.10/bind/named.conf @@ -0,0 +1,12 @@ +// This is the primary configuration file for the BIND DNS server named. +// +// Please read /usr/share/doc/bind9/README.Debian.gz for information on the +// structure of BIND configuration files in Debian, *BEFORE* you customize +// this configuration file. +// +// If you are just adding zones, please do that in /etc/bind/named.conf.local + +include "/etc/bind/named.conf.options"; +include "/etc/bind/named.conf.local"; +include "/etc/bind/named.conf.default-zones"; + diff --git a/install/ubuntu/18.10/clamav/clamd.conf b/install/ubuntu/18.10/clamav/clamd.conf new file mode 100644 index 00000000..4e04356e --- /dev/null +++ b/install/ubuntu/18.10/clamav/clamd.conf @@ -0,0 +1,61 @@ +#Automatically Generated by clamav-base postinst +#To reconfigure clamd run #dpkg-reconfigure clamav-base +#Please read /usr/share/doc/clamav-base/README.Debian.gz for details +LocalSocket /var/run/clamav/clamd.ctl +FixStaleSocket true +LocalSocketGroup clamav +LocalSocketMode 666 +# TemporaryDirectory is not set to its default /tmp here to make overriding +# the default with environment variables TMPDIR/TMP/TEMP possible +User clamav +# AllowSupplementaryGroups true +ScanMail true +ScanArchive true +ArchiveBlockEncrypted false +MaxDirectoryRecursion 15 +FollowDirectorySymlinks false +FollowFileSymlinks false +ReadTimeout 180 +MaxThreads 12 +MaxConnectionQueueLength 15 +LogSyslog false +LogFacility LOG_LOCAL6 +LogClean false +LogVerbose true +PidFile /var/run/clamav/clamd.pid +DatabaseDirectory /var/lib/clamav +SelfCheck 3600 +Foreground false +Debug false +ScanPE true +ScanOLE2 true +ScanHTML true +DetectBrokenExecutables false +ExitOnOOM false +LeaveTemporaryFiles false +AlgorithmicDetection true +ScanELF true +IdleTimeout 30 +PhishingSignatures true +PhishingScanURLs true +PhishingAlwaysBlockSSLMismatch false +PhishingAlwaysBlockCloak false +DetectPUA false +ScanPartialMessages false +HeuristicScanPrecedence false +StructuredDataDetection false +CommandReadTimeout 5 +SendBufTimeout 200 +MaxQueue 100 +ExtendedDetectionInfo true +OLE2BlockMacros false +StreamMaxLength 25M +LogFile /var/log/clamav/clamav.log +LogTime true +LogFileUnlock false +LogFileMaxSize 0 +Bytecode true +BytecodeSecurity TrustSigned +BytecodeTimeout 60000 +OfficialDatabaseOnly false +CrossFilesystems true diff --git a/install/ubuntu/18.10/deb_signing.key b/install/ubuntu/18.10/deb_signing.key new file mode 100644 index 00000000..2ad2db8b --- /dev/null +++ b/install/ubuntu/18.10/deb_signing.key @@ -0,0 +1,30 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- +Version: GnuPG v1.4.12 (GNU/Linux) + +mQENBFJIGbEBCAC8SHOOFo7iDTbnC2GhNZ+uBGCh226Dn1QPoFZNFM/DNakHZ6rD +G3wzr8++eKz4fJual/VLllE2N9XDPuxbozb3LLkcyY1WzJqtIXbXhFGQ/SuIeT+x +QY90XU6t2Ckze2c+zUniAWmJ8GSyVmXOoc9JxAQ1u47wvGXLzrjWXc8u8PNRYXuf +fZplTL+dFu9P0d6lP8FGsV+r9wXvvazpRTz3+H8PKrGCYT55ZQIEdG9Jgamylto2 +oVPFXkwGML+TLw6oeCIBuz2y2vtivphW4MJ3ifQjDj7k3n+DTIxfDFs8lB6VRhhY +2nMHCrcZC6U2mhmXmr6O4s1fu6irBVx05ejPABEBAAG0IFNlcmdoZXkgUm9kaW4g +PHNraWRAdmVzdGFjcC5jb20+iQE4BBMBAgAiBQJSSBmxAhsDBgsJCAcDAgYVCAIJ +CgsEFgIDAQIeAQIXgAAKCRBCxbITCh93FPdqB/93GjV9g+wBfeZYLHQK9MDU2wBb +VloYOJJae6IvYKYQVAJayD3PbHdpxrF8s9e23vdnmb9jKu6jX6oV54EIyqP2HPiN +QYc8wcea+eSHerznBixCtoQh8mtdWGFeN71zU/ig7L5qlOVF/EmxDVZTFUeivFxh +IV6qyBnktQKktE45585yKZyyLtfGoXA54DGK69OtJFh+wdkKEMmUXocMl7wUrxW6 +Cx2CuKeEXEgvwu8mRHQi3S3T9XP456qWEn5dWyMVcP660IzEuZfSJApZusNK7zG3 +WMy0/EuX7xHNY3mcNxTOUN1LsO7iHnhHD9+iKWJo9parGkMZzc92MpjDK/g7uQEN +BFJIGbEBCAC7k5QEA9WQM7E3ceNaeLMrA9lXfuzaNCcySq7ONdVAa5PxzbSKdHvz +QFoL1VFqBTYQ038lbil1XqnoM0zvIfAI3LcpS8sq92El/vPxp6jZh2Ari9Uw7x95 +k2cZMgI67g+zQMGdjVRA155nFQRCgg000xU4F7JA6+WsuLlVUmccsDv7YWJExMtC +YPxiuz5DFu8RALnw4Ckts+dbwsrcvUHhkm9b6RAsdCKjjRpUZjLgdltjH83gUVvt +i1YmdjjsVpt95dtsaG+ad852g/Rk8EdxNMkjPF6HLA67CLADP9wYaj80yPcPtylS +ycvPtcclVeHkFBRVM8xZpQd4iD19MWI1ABEBAAGJAR8EGAECAAkFAlJIGbECGwwA +CgkQQsWyEwofdxQ7tQgAhB0FwTs7L8Qr63DHC2yAnXVxgtTAY1/36CccNXVculyR ++EkLcwahms9AKhz7eQb+Mud+5vH0GRohLp2npgO38CjVUfIP5d+Y6dsthmrkF6p8 +XdV1dVK9vWX+i/YZSw/Mded30Cq4P2Yhq9EaemMT0rtli8lz2NnkZ9dFJZk1lzJC +CZmRpbjSNWqRU4f7qyh21lYk/OC/0XE8fh8CaO23TZ+6gBionoCztwb7NyC9OArN +qYlNnbmh9iNqdblykPS3bkjf34n2xyMgnIehNrM89tk8PY4UfNPhgT1TMD9W3Svq +ynNZvLuF/FIDwDeC1qcfjGbfDn9fXO/lMIIRooQYKQ== +=J2HJ +-----END PGP PUBLIC KEY BLOCK----- diff --git a/install/ubuntu/18.10/dovecot/conf.d/10-auth.conf b/install/ubuntu/18.10/dovecot/conf.d/10-auth.conf new file mode 100644 index 00000000..dfcc8311 --- /dev/null +++ b/install/ubuntu/18.10/dovecot/conf.d/10-auth.conf @@ -0,0 +1,4 @@ +disable_plaintext_auth = no +auth_verbose = yes +auth_mechanisms = plain login +!include auth-passwdfile.conf.ext diff --git a/install/ubuntu/18.10/dovecot/conf.d/10-logging.conf b/install/ubuntu/18.10/dovecot/conf.d/10-logging.conf new file mode 100644 index 00000000..a5f207d5 --- /dev/null +++ b/install/ubuntu/18.10/dovecot/conf.d/10-logging.conf @@ -0,0 +1 @@ +log_path = /var/log/dovecot.log diff --git a/install/ubuntu/18.10/dovecot/conf.d/10-mail.conf b/install/ubuntu/18.10/dovecot/conf.d/10-mail.conf new file mode 100644 index 00000000..7a20878a --- /dev/null +++ b/install/ubuntu/18.10/dovecot/conf.d/10-mail.conf @@ -0,0 +1,9 @@ +mail_privileged_group = mail +mail_access_groups = mail +mail_location = maildir:%h/mail/%d/%n +pop3_uidl_format = %08Xu%08Xv +namespace inbox { + inbox = yes +} +first_valid_uid = 1000 +mbox_write_locks = fcntl diff --git a/install/ubuntu/18.10/dovecot/conf.d/10-master.conf b/install/ubuntu/18.10/dovecot/conf.d/10-master.conf new file mode 100644 index 00000000..a75a9aaa --- /dev/null +++ b/install/ubuntu/18.10/dovecot/conf.d/10-master.conf @@ -0,0 +1,29 @@ +service imap-login { + inet_listener imap { + } + inet_listener imaps { + } +} + +service pop3-login { + inet_listener pop3 { + } + inet_listener pop3s { + } +} + + +service imap { +} + +service pop3 { +} + +service auth { + unix_listener auth-client { + group = mail + mode = 0660 + user = dovecot + } + user = dovecot +} diff --git a/install/ubuntu/18.10/dovecot/conf.d/10-ssl.conf b/install/ubuntu/18.10/dovecot/conf.d/10-ssl.conf new file mode 100644 index 00000000..24cbf3e2 --- /dev/null +++ b/install/ubuntu/18.10/dovecot/conf.d/10-ssl.conf @@ -0,0 +1,5 @@ +ssl = yes +ssl_protocols = !SSLv2 !SSLv3 + +ssl_cert = = 2.1.4) : %v.%u + # Dovecot v0.99.x : %v.%u + # tpop3d : %Mf + # + # Note that Outlook 2003 seems to have problems with %v.%u format which was + # Dovecot's default, so if you're building a new server it would be a good + # idea to change this. %08Xu%08Xv should be pretty fail-safe. + # + #pop3_uidl_format = %08Xu%08Xv + + # Permanently save UIDLs sent to POP3 clients, so pop3_uidl_format changes + # won't change those UIDLs. Currently this works only with Maildir. + #pop3_save_uidl = no + + # What to do about duplicate UIDLs if they exist? + # allow: Show duplicates to clients. + # rename: Append a temporary -2, -3, etc. counter after the UIDL. + #pop3_uidl_duplicates = allow + + # POP3 logout format string: + # %i - total number of bytes read from client + # %o - total number of bytes sent to client + # %t - number of TOP commands + # %p - number of bytes sent to client as a result of TOP command + # %r - number of RETR commands + # %b - number of bytes sent to client as a result of RETR command + # %d - number of deleted messages + # %m - number of messages (before deletion) + # %s - mailbox size in bytes (before deletion) + # %u - old/new UIDL hash. may help finding out if UIDLs changed unexpectedly + #pop3_logout_format = top=%t/%p, retr=%r/%b, del=%d/%m, size=%s + + # Maximum number of POP3 connections allowed for a user from each IP address. + # NOTE: The username is compared case-sensitively. + #mail_max_userip_connections = 10 + + # Space separated list of plugins to load (default is global mail_plugins). + #mail_plugins = $mail_plugins + + # Workarounds for various client bugs: + # outlook-no-nuls: + # Outlook and Outlook Express hang if mails contain NUL characters. + # This setting replaces them with 0x80 character. + # oe-ns-eoh: + # Outlook Express and Netscape Mail breaks if end of headers-line is + # missing. This option simply sends it if it's missing. + # The list is space-separated. + #pop3_client_workarounds = +} diff --git a/install/ubuntu/18.10/dovecot/conf.d/auth-passwdfile.conf.ext b/install/ubuntu/18.10/dovecot/conf.d/auth-passwdfile.conf.ext new file mode 100644 index 00000000..75e6e115 --- /dev/null +++ b/install/ubuntu/18.10/dovecot/conf.d/auth-passwdfile.conf.ext @@ -0,0 +1,9 @@ +passdb { + driver = passwd-file + args = scheme=MD5-CRYPT username_format=%n /etc/exim4/domains/%d/passwd +} + +userdb { + driver = passwd-file + args = username_format=%n /etc/exim4/domains/%d/passwd +} diff --git a/install/ubuntu/18.10/dovecot/dovecot.conf b/install/ubuntu/18.10/dovecot/dovecot.conf new file mode 100644 index 00000000..0a855351 --- /dev/null +++ b/install/ubuntu/18.10/dovecot/dovecot.conf @@ -0,0 +1,4 @@ +protocols = imap pop3 +listen = *, :: +base_dir = /var/run/dovecot/ +!include conf.d/*.conf diff --git a/install/ubuntu/18.10/exim/dnsbl.conf b/install/ubuntu/18.10/exim/dnsbl.conf new file mode 100644 index 00000000..5166b255 --- /dev/null +++ b/install/ubuntu/18.10/exim/dnsbl.conf @@ -0,0 +1,2 @@ +bl.spamcop.net +zen.spamhaus.org diff --git a/install/ubuntu/18.10/exim/exim4.conf.template b/install/ubuntu/18.10/exim/exim4.conf.template new file mode 100644 index 00000000..c904441f --- /dev/null +++ b/install/ubuntu/18.10/exim/exim4.conf.template @@ -0,0 +1,382 @@ +###################################################################### +# # +# Exim configuration file for Vesta Control Panel # +# # +###################################################################### + +#SPAMASSASSIN = yes +#SPAM_SCORE = 50 +#CLAMD = yes + +add_environment = <; PATH=/bin:/usr/bin +keep_environment = +disable_ipv6 = true + +domainlist local_domains = dsearch;/etc/exim4/domains/ +domainlist relay_to_domains = dsearch;/etc/exim4/domains/ +hostlist relay_from_hosts = 127.0.0.1 +hostlist whitelist = net-iplsearch;/etc/exim4/white-blocks.conf +hostlist spammers = net-iplsearch;/etc/exim4/spam-blocks.conf +no_local_from_check +untrusted_set_sender = * +acl_smtp_connect = acl_check_spammers +acl_smtp_mail = acl_check_mail +acl_smtp_rcpt = acl_check_rcpt +acl_smtp_data = acl_check_data +acl_smtp_mime = acl_check_mime + +.ifdef SPAMASSASSIN +spamd_address = 127.0.0.1 783 +.endif + +.ifdef CLAMD +av_scanner = clamd: /var/run/clamav/clamd.ctl +.endif + +tls_advertise_hosts = * +tls_certificate = /usr/local/vesta/ssl/certificate.crt +tls_privatekey = /usr/local/vesta/ssl/certificate.key + +daemon_smtp_ports = 25 : 465 : 587 : 2525 +tls_on_connect_ports = 465 +never_users = root +host_lookup = * +rfc1413_hosts = * +rfc1413_query_timeout = 5s +ignore_bounce_errors_after = 2d +timeout_frozen_after = 7d + +DKIM_DOMAIN = ${lc:${domain:$h_from:}} +DKIM_FILE = /etc/exim4/domains/${lc:${domain:$h_from:}}/dkim.pem +DKIM_PRIVATE_KEY = ${if exists{DKIM_FILE}{DKIM_FILE}{0}} + + + +###################################################################### +# ACL CONFIGURATION # +# Specifies access control lists for incoming SMTP mail # +###################################################################### +begin acl + +acl_check_spammers: + accept hosts = +whitelist + + drop message = Your host in blacklist on this server. + log_message = Host in blacklist + hosts = +spammers + + accept + + +acl_check_mail: + deny condition = ${if eq{$sender_helo_name}{}} + message = HELO required before MAIL + + drop message = Helo name contains a ip address (HELO was $sender_helo_name) and not is valid + condition = ${if match{$sender_helo_name}{\N((\d{1,3}[.-]\d{1,3}[.-]\d{1,3}[.-]\d{1,3})|([0-9a-f]{8})|([0-9A-F]{8}))\N}{yes}{no}} + condition = ${if match {${lookup dnsdb{>: defer_never,ptr=$sender_host_address}}\}{$sender_helo_name}{no}{yes}} + delay = 45s + + drop condition = ${if isip{$sender_helo_name}} + message = Access denied - Invalid HELO name (See RFC2821 4.1.3) + + drop condition = ${if eq{[$interface_address]}{$sender_helo_name}} + message = $interface_address is _my_ address + + accept + + +acl_check_rcpt: + accept hosts = : + + deny message = Restricted characters in address + domains = +local_domains + local_parts = ^[.] : ^.*[@%!/|] + + deny message = Restricted characters in address + domains = !+local_domains + local_parts = ^[./|] : ^.*[@%!] : ^.*/\\.\\./ + + require verify = sender + + accept hosts = +relay_from_hosts + control = submission + + accept authenticated = * + control = submission/domain= + + deny message = Rejected because $sender_host_address is in a black list at $dnslist_domain\n$dnslist_text + hosts = !+whitelist + dnslists = ${readfile {/etc/exim4/dnsbl.conf}{:}} + + require message = relay not permitted + domains = +local_domains : +relay_to_domains + + deny message = smtp auth required + sender_domains = +local_domains + !authenticated = * + + require verify = recipient + +.ifdef CLAMD + warn set acl_m0 = no + + warn condition = ${if exists {/etc/exim4/domains/$domain/antivirus}{yes}{no}} + set acl_m0 = yes +.endif + +.ifdef SPAMASSASSIN + warn set acl_m1 = no + + warn condition = ${if exists {/etc/exim4/domains/$domain/antispam}{yes}{no}} + set acl_m1 = yes +.endif + + accept + + +acl_check_data: +.ifdef CLAMD + deny message = Message contains a virus ($malware_name) and has been rejected + malware = * + condition = ${if eq{$acl_m0}{yes}{yes}{no}} +.endif + +.ifdef SPAMASSASSIN + warn !authenticated = * + hosts = !+relay_from_hosts + condition = ${if < {$message_size}{1024K}} + condition = ${if eq{$acl_m1}{yes}{yes}{no}} + spam = debian-spamd:true/defer_ok + add_header = X-Spam-Score: $spam_score_int + add_header = X-Spam-Bar: $spam_bar + add_header = X-Spam-Report: $spam_report + set acl_m2 = $spam_score_int + + warn condition = ${if !eq{$acl_m2}{} {yes}{no}} + condition = ${if >{$acl_m2}{SPAM_SCORE} {yes}{no}} + add_header = X-Spam-Status: Yes + message = SpamAssassin detected spam (from $sender_address to $recipients). +.endif + + accept + + +acl_check_mime: + deny message = Blacklisted file extension detected + condition = ${if match {${lc:$mime_filename}}{\N(\.ade|\.adp|\.bat|\.chm|\.cmd|\.com|\.cpl|\.exe|\.hta|\.ins|\.isp|\.jse|\.lib|\.lnk|\.mde|\.msc|\.msp|\.mst|\.pif|\.scr|\.sct|\.shb|\.sys|\.vb|\.vbe|\.vbs|\.vxd|\.wsc|\.wsf|\.wsh)$\N}{1}{0}} + + accept + + + +###################################################################### +# AUTHENTICATION CONFIGURATION # +###################################################################### +begin authenticators + +dovecot_plain: + driver = dovecot + public_name = PLAIN + server_socket = /var/run/dovecot/auth-client + server_set_id = $auth1 + +dovecot_login: + driver = dovecot + public_name = LOGIN + server_socket = /var/run/dovecot/auth-client + server_set_id = $auth1 + + + +###################################################################### +# ROUTERS CONFIGURATION # +# Specifies how addresses are handled # +###################################################################### +begin routers + +#smarthost: +# driver = manualroute +# domains = ! +local_domains +# transport = remote_smtp +# route_list = * smartrelay.vestacp.com +# no_more +# no_verify + +dnslookup: + driver = dnslookup + domains = !+local_domains + transport = remote_smtp + no_more + +userforward: + driver = redirect + check_local_user + file = $home/.forward + allow_filter + no_verify + no_expn + check_ancestor + file_transport = address_file + pipe_transport = address_pipe + reply_transport = address_reply + +procmail: + driver = accept + check_local_user + require_files = ${local_part}:+${home}/.procmailrc:/usr/bin/procmail + transport = procmail + no_verify + +autoreplay: + driver = accept + require_files = /etc/exim4/domains/$domain/autoreply.${local_part}.msg + condition = ${if exists{/etc/exim4/domains/$domain/autoreply.${local_part}.msg}{yes}{no}} + retry_use_local_part + transport = userautoreply + unseen + +aliases: + driver = redirect + headers_add = X-redirected: yes + data = ${extract{1}{:}{${lookup{$local_part@$domain}lsearch{/etc/exim4/domains/$domain/aliases}}}} + require_files = /etc/exim4/domains/$domain/aliases + redirect_router = dnslookup + pipe_transport = address_pipe + unseen + +localuser_fwd_only: + driver = accept + transport = devnull + condition = ${if exists{/etc/exim4/domains/$domain/fwd_only}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/fwd_only}{true}{false}}}} + +localuser_spam: + driver = accept + transport = local_spam_delivery + condition = ${if eq {${if match{$h_X-Spam-Status:}{\N^Yes\N}{yes}{no}}} {${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}{yes}{no_such_user}}}} + +localuser: + driver = accept + transport = local_delivery + condition = ${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}{true}{false}} + +catchall: + driver = redirect + headers_add = X-redirected: yes + require_files = /etc/exim4/domains/$domain/aliases + data = ${extract{1}{:}{${lookup{*@$domain}lsearch{/etc/exim4/domains/$domain/aliases}}}} + file_transport = local_delivery + redirect_router = dnslookup + +terminate_alias: + driver = accept + transport = devnull + condition = ${lookup{$local_part@$domain}lsearch{/etc/exim4/domains/$domain/aliases}{true}{false}} + + + +###################################################################### +# TRANSPORTS CONFIGURATION # +###################################################################### +begin transports + +remote_smtp: + driver = smtp + #helo_data = $sender_address_domain + dkim_domain = DKIM_DOMAIN + dkim_selector = mail + dkim_private_key = DKIM_PRIVATE_KEY + dkim_canon = relaxed + dkim_strict = 0 + +procmail: + driver = pipe + command = "/usr/bin/procmail -d $local_part" + return_path_add + delivery_date_add + envelope_to_add + user = $local_part + initgroups + return_output + +local_delivery: + driver = appendfile + maildir_format + maildir_use_size_file + user = ${extract{2}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}} + group = mail + create_directory + directory_mode = 770 + mode = 660 + use_lockfile = no + delivery_date_add + envelope_to_add + return_path_add + directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}/mail/$domain/$local_part" + quota = ${extract{6}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}M + quota_warn_threshold = 75% + +local_spam_delivery: + driver = appendfile + maildir_format + maildir_use_size_file + user = ${extract{2}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}} + group = mail + create_directory + directory_mode = 770 + mode = 660 + use_lockfile = no + delivery_date_add + envelope_to_add + return_path_add + directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}/mail/$domain/$local_part/.Spam" + quota = ${extract{6}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}M + quota_directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}/mail/$domain/$local_part" + quota_warn_threshold = 75% + +address_pipe: + driver = pipe + return_output + +address_file: + driver = appendfile + delivery_date_add + envelope_to_add + return_path_add + +address_reply: + driver = autoreply + +userautoreply: + driver = autoreply + file = /etc/exim4/domains/$domain/autoreply.${local_part}.msg + from = "${local_part}@${domain}" + headers = Content-Type: text/plain; charset=utf-8;\nContent-Transfer-Encoding: 8bit + subject = "${if def:h_Subject: {Autoreply: \"${rfc2047:$h_Subject:}\"} {Autoreply Message}}" + to = "${sender_address}" + +devnull: + driver = appendfile + file = /dev/null + + + +###################################################################### +# RETRY CONFIGURATION # +###################################################################### +begin retry + +# Address or Domain Error Retries +# ----------------- ----- ------- +* * F,2h,15m; G,16h,1h,1.5; F,4d,6h + + + +###################################################################### +# REWRITE CONFIGURATION # +###################################################################### +begin rewrite + + + +###################################################################### diff --git a/install/ubuntu/18.10/exim/spam-blocks.conf b/install/ubuntu/18.10/exim/spam-blocks.conf new file mode 100644 index 00000000..e69de29b diff --git a/install/ubuntu/18.10/fail2ban/action.d/vesta.conf b/install/ubuntu/18.10/fail2ban/action.d/vesta.conf new file mode 100644 index 00000000..0edfc349 --- /dev/null +++ b/install/ubuntu/18.10/fail2ban/action.d/vesta.conf @@ -0,0 +1,9 @@ +# Fail2Ban configuration file for vesta + +[Definition] + +actionstart = /usr/local/vesta/bin/v-add-firewall-chain +actionstop = /usr/local/vesta/bin/v-delete-firewall-chain +actioncheck = iptables -n -L INPUT | grep -q 'fail2ban-[ \t]' +actionban = /usr/local/vesta/bin/v-add-firewall-ban +actionunban = /usr/local/vesta/bin/v-delete-firewall-ban diff --git a/install/ubuntu/18.10/fail2ban/filter.d/vesta.conf b/install/ubuntu/18.10/fail2ban/filter.d/vesta.conf new file mode 100644 index 00000000..69670a56 --- /dev/null +++ b/install/ubuntu/18.10/fail2ban/filter.d/vesta.conf @@ -0,0 +1,10 @@ +# Fail2Ban filter for unsuccesfull Vesta authentication attempts +# + +[INCLUDES] +before = common.conf + +[Definition] +failregex = .* failed to login +ignoreregex = + diff --git a/install/ubuntu/18.10/fail2ban/jail.local b/install/ubuntu/18.10/fail2ban/jail.local new file mode 100644 index 00000000..013f81c4 --- /dev/null +++ b/install/ubuntu/18.10/fail2ban/jail.local @@ -0,0 +1,51 @@ +[DEFAULT] +ignoreip = 127.0.0.1/8 + +[ssh-iptables] +enabled = true +filter = sshd +action = vesta[name=SSH] +logpath = /var/log/auth.log +maxretry = 5 + +[vsftpd-iptables] +enabled = false +filter = vsftpd +action = vesta[name=FTP] +logpath = /var/log/vsftpd.log +maxretry = 5 + +[exim-iptables] +enabled = true +filter = exim +action = vesta[name=MAIL] +logpath = /var/log/exim4/mainlog +maxretry = 5 + +[dovecot-iptables] +enabled = true +filter = dovecot +action = vesta[name=MAIL] +logpath = /var/log/dovecot.log +maxretry = 5 + +[mysqld-iptables] +enabled = false +filter = mysqld-auth +action = vesta[name=DB] +logpath = /var/log/mysql.log +maxretry = 5 + +[vesta-iptables] +enabled = true +filter = vesta +action = vesta[name=VESTA] +logpath = /var/log/vesta/auth.log +maxretry = 5 + +[roundcube-auth] +enabled = false +filter = roundcube-auth +port = http,https +logpath = /var/log/roundcube/errors +maxretry = 5 diff --git a/install/ubuntu/18.10/firewall/ports.conf b/install/ubuntu/18.10/firewall/ports.conf new file mode 100644 index 00000000..b730d012 --- /dev/null +++ b/install/ubuntu/18.10/firewall/ports.conf @@ -0,0 +1,17 @@ +PROTOCOL='TCP' PORT='20' +PROTOCOL='TCP' PORT='21' +PROTOCOL='TCP' PORT='22' +PROTOCOL='TCP' PORT='25' +PROTOCOL='TCP' PORT='53' +PROTOCOL='UDP' PORT='53' +PROTOCOL='TCP' PORT='80' +PROTOCOL='TCP' PORT='443' +PROTOCOL='TCP' PORT='110' +PROTOCOL='UDP' PORT='123' +PROTOCOL='TCP' PORT='143' +PROTOCOL='TCP' PORT='3306' +PROTOCOL='TCP' PORT='5432' +PROTOCOL='TCP' PORT='8080' +PROTOCOL='TCP' PORT='8433' +PROTOCOL='TCP' PORT='8083' +PROTOCOL='TCP' PORT='12000:12100' diff --git a/install/ubuntu/18.10/firewall/rules.conf b/install/ubuntu/18.10/firewall/rules.conf new file mode 100644 index 00000000..fba98e1e --- /dev/null +++ b/install/ubuntu/18.10/firewall/rules.conf @@ -0,0 +1,11 @@ +RULE='1' ACTION='ACCEPT' PROTOCOL='ICMP' PORT='0' IP='0.0.0.0/0' COMMENT='PING' SUSPENDED='no' TIME='17:13:48' DATE='2014-09-16' +RULE='2' ACTION='ACCEPT' PROTOCOL='TCP' PORT='8083' IP='0.0.0.0/0' COMMENT='VESTA' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='3' ACTION='ACCEPT' PROTOCOL='TCP' PORT='3306,5432' IP='0.0.0.0/0' COMMENT='DB' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='4' ACTION='ACCEPT' PROTOCOL='TCP' PORT='143,993' IP='0.0.0.0/0' COMMENT='IMAP' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='5' ACTION='ACCEPT' PROTOCOL='TCP' PORT='110,995' IP='0.0.0.0/0' COMMENT='POP3' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='6' ACTION='ACCEPT' PROTOCOL='TCP' PORT='25,465,587,2525' IP='0.0.0.0/0' COMMENT='SMTP' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='7' ACTION='ACCEPT' PROTOCOL='TCP' PORT='53' IP='0.0.0.0/0' COMMENT='DNS' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='8' ACTION='ACCEPT' PROTOCOL='UDP' PORT='53' IP='0.0.0.0/0' COMMENT='DNS' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='9' ACTION='ACCEPT' PROTOCOL='TCP' PORT='21,12000-12100' IP='0.0.0.0/0' COMMENT='FTP' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='10' ACTION='ACCEPT' PROTOCOL='TCP' PORT='80,443' IP='0.0.0.0/0' COMMENT='WEB' SUSPENDED='no' TIME='17:04:27' DATE='2014-09-24' +RULE='11' ACTION='ACCEPT' PROTOCOL='TCP' PORT='22' IP='0.0.0.0/0' COMMENT='SSH' SUSPENDED='no' TIME='17:14:41' DATE='2014-09-16' diff --git a/install/ubuntu/18.10/logrotate/apache2 b/install/ubuntu/18.10/logrotate/apache2 new file mode 100644 index 00000000..27629d0d --- /dev/null +++ b/install/ubuntu/18.10/logrotate/apache2 @@ -0,0 +1,19 @@ +/var/log/apache2/*.log /var/log/apache2/domains/*log { + weekly + missingok + rotate 52 + compress + delaycompress + notifempty + create 640 root adm + sharedscripts + postrotate + /etc/init.d/apache2 reload > /dev/null || true + [ ! -f /var/run/nginx.pid ] || kill -USR1 `cat /var/run/nginx.pid` + endscript + prerotate + if [ -d /etc/logrotate.d/httpd-prerotate ]; then \ + run-parts /etc/logrotate.d/httpd-prerotate; \ + fi; \ + endscript +} diff --git a/install/ubuntu/18.10/logrotate/dovecot b/install/ubuntu/18.10/logrotate/dovecot new file mode 100644 index 00000000..ac4fd6e9 --- /dev/null +++ b/install/ubuntu/18.10/logrotate/dovecot @@ -0,0 +1,12 @@ +/var/log/dovecot*.log { + weekly + rotate 4 + missingok + notifempty + compress + delaycompress + sharedscripts + postrotate + doveadm log reopen + endscript +} diff --git a/install/ubuntu/18.10/logrotate/nginx b/install/ubuntu/18.10/logrotate/nginx new file mode 100644 index 00000000..d667f213 --- /dev/null +++ b/install/ubuntu/18.10/logrotate/nginx @@ -0,0 +1,13 @@ +/var/log/nginx/*log /var/log/nginx/domains/*log { + daily + missingok + rotate 52 + compress + delaycompress + notifempty + create 640 nginx adm + sharedscripts + postrotate + [ -f /var/run/nginx.pid ] && kill -USR1 `cat /var/run/nginx.pid` + endscript +} diff --git a/install/ubuntu/18.10/logrotate/vesta b/install/ubuntu/18.10/logrotate/vesta new file mode 100644 index 00000000..027a3439 --- /dev/null +++ b/install/ubuntu/18.10/logrotate/vesta @@ -0,0 +1,7 @@ +/usr/local/vesta/log/*.log { + missingok + notifempty + size 30k + yearly + create 0600 root root +} diff --git a/install/ubuntu/18.10/mysql/my-large.cnf b/install/ubuntu/18.10/mysql/my-large.cnf new file mode 100644 index 00000000..7201377c --- /dev/null +++ b/install/ubuntu/18.10/mysql/my-large.cnf @@ -0,0 +1,41 @@ +[client] +port=3306 +socket=/var/run/mysqld/mysqld.sock + +[mysqld_safe] +socket=/var/run/mysqld/mysqld.sock + +[mysqld] +user=mysql +pid-file=/var/run/mysqld/mysqld.pid +socket=/var/run/mysqld/mysqld.sock +port=3306 +basedir=/usr +datadir=/var/lib/mysql +tmpdir=/tmp +lc-messages-dir=/usr/share/mysql +log_error=/var/log/mysql/error.log + +symbolic-links=0 + +skip-external-locking +key_buffer_size = 256M +max_allowed_packet = 32M +table_open_cache = 256 +sort_buffer_size = 1M +read_buffer_size = 1M +read_rnd_buffer_size = 4M +myisam_sort_buffer_size = 64M +thread_cache_size = 8 +query_cache_size= 16M + +#innodb_use_native_aio = 0 +innodb_file_per_table + +max_connections=200 +max_user_connections=50 +wait_timeout=10 +interactive_timeout=50 +long_query_time=5 + +!includedir /etc/mysql/conf.d/ diff --git a/install/ubuntu/18.10/mysql/my-medium.cnf b/install/ubuntu/18.10/mysql/my-medium.cnf new file mode 100644 index 00000000..1c10ab9a --- /dev/null +++ b/install/ubuntu/18.10/mysql/my-medium.cnf @@ -0,0 +1,40 @@ +[client] +port=3306 +socket=/var/run/mysqld/mysqld.sock + +[mysqld_safe] +socket=/var/run/mysqld/mysqld.sock + +[mysqld] +user=mysql +pid-file=/var/run/mysqld/mysqld.pid +socket=/var/run/mysqld/mysqld.sock +port=3306 +basedir=/usr +datadir=/var/lib/mysql +tmpdir=/tmp +lc-messages-dir=/usr/share/mysql +log_error=/var/log/mysql/error.log + +symbolic-links=0 + +skip-external-locking +key_buffer_size = 16M +max_allowed_packet = 16M +table_open_cache = 64 +sort_buffer_size = 512K +net_buffer_length = 8K +read_buffer_size = 256K +read_rnd_buffer_size = 512K +myisam_sort_buffer_size = 8M + +#innodb_use_native_aio = 0 +innodb_file_per_table + +max_connections=70 +max_user_connections=30 +wait_timeout=10 +interactive_timeout=50 +long_query_time=5 + +!includedir /etc/mysql/conf.d/ diff --git a/install/ubuntu/18.10/mysql/my-small.cnf b/install/ubuntu/18.10/mysql/my-small.cnf new file mode 100644 index 00000000..26a80478 --- /dev/null +++ b/install/ubuntu/18.10/mysql/my-small.cnf @@ -0,0 +1,40 @@ +[client] +port=3306 +socket=/var/run/mysqld/mysqld.sock + +[mysqld_safe] +socket=/var/run/mysqld/mysqld.sock + +[mysqld] +user=mysql +pid-file=/var/run/mysqld/mysqld.pid +socket=/var/run/mysqld/mysqld.sock +port=3306 +basedir=/usr +datadir=/var/lib/mysql +tmpdir=/tmp +lc-messages-dir=/usr/share/mysql +log_error=/var/log/mysql/error.log + +symbolic-links=0 + +skip-external-locking +key_buffer_size = 16K +max_allowed_packet = 1M +table_open_cache = 4 +sort_buffer_size = 64K +read_buffer_size = 256K +read_rnd_buffer_size = 256K +net_buffer_length = 2K +thread_stack = 240K + +#innodb_use_native_aio = 0 +innodb_file_per_table + +max_connections=30 +max_user_connections=20 +wait_timeout=10 +interactive_timeout=50 +long_query_time=5 + +!includedir /etc/mysql/conf.d/ diff --git a/install/ubuntu/18.10/nginx/nginx.conf b/install/ubuntu/18.10/nginx/nginx.conf new file mode 100644 index 00000000..dc2cf1dd --- /dev/null +++ b/install/ubuntu/18.10/nginx/nginx.conf @@ -0,0 +1,139 @@ +# Server globals +user www-data; +worker_processes auto; +worker_rlimit_nofile 65535; +error_log /var/log/nginx/error.log; +pid /var/run/nginx.pid; + + +# Worker config +events { + worker_connections 1024; + use epoll; + multi_accept on; +} + + +http { + # Main settings + sendfile on; + tcp_nopush on; + tcp_nodelay on; + client_header_timeout 60s; + client_body_timeout 60s; + client_header_buffer_size 2k; + client_body_buffer_size 256k; + client_max_body_size 256m; + large_client_header_buffers 4 8k; + send_timeout 60s; + keepalive_timeout 30s; + reset_timedout_connection on; + server_tokens off; + server_name_in_redirect off; + server_names_hash_max_size 512; + server_names_hash_bucket_size 512; + + + # Log format + log_format main '$remote_addr - $remote_user [$time_local] $request ' + '"$status" $body_bytes_sent "$http_referer" ' + '"$http_user_agent" "$http_x_forwarded_for"'; + log_format bytes '$body_bytes_sent'; + #access_log /var/log/nginx/access.log main; + access_log off; + + + # Mime settings + include /etc/nginx/mime.types; + default_type application/octet-stream; + + + # Compression + gzip on; + gzip_vary on; + gzip_static on; + gzip_vary on; + gzip_comp_level 6; + gzip_min_length 1024; + gzip_buffers 16 8k; + gzip_types text/plain text/css text/javascript text/js text/xml application/json application/javascript application/x-javascript application/xml application/xml+rss application/x-font-ttf image/svg+xml font/opentype; + gzip_proxied any; + gzip_disable "MSIE [1-6]\."; + + # Proxy settings + proxy_redirect off; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_pass_header Set-Cookie; + proxy_buffers 32 4k; + proxy_connect_timeout 30s; + proxy_send_timeout 90s; + proxy_read_timeout 90s; + + + # Cloudflare https://www.cloudflare.com/ips + set_real_ip_from 103.21.244.0/22; + set_real_ip_from 103.22.200.0/22; + set_real_ip_from 103.31.4.0/22; + set_real_ip_from 104.16.0.0/12; + set_real_ip_from 108.162.192.0/18; + set_real_ip_from 131.0.72.0/22; + set_real_ip_from 141.101.64.0/18; + set_real_ip_from 162.158.0.0/15; + set_real_ip_from 172.64.0.0/13; + set_real_ip_from 173.245.48.0/20; + set_real_ip_from 188.114.96.0/20; + set_real_ip_from 190.93.240.0/20; + set_real_ip_from 197.234.240.0/22; + set_real_ip_from 198.41.128.0/17; + #set_real_ip_from 2400:cb00::/32; + #set_real_ip_from 2606:4700::/32; + #set_real_ip_from 2803:f800::/32; + #set_real_ip_from 2405:b500::/32; + #set_real_ip_from 2405:8100::/32; + #set_real_ip_from 2c0f:f248::/32; + #set_real_ip_from 2a06:98c0::/29; + real_ip_header CF-Connecting-IP; + + + # SSL PCI Compliance + ssl_session_cache shared:SSL:10m; + ssl_protocols TLSv1 TLSv1.1 TLSv1.2; + ssl_prefer_server_ciphers on; + ssl_ciphers "ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4"; + + + # Error pages + error_page 403 /error/403.html; + error_page 404 /error/404.html; + error_page 502 503 504 /error/50x.html; + + + # Cache settings + proxy_cache_path /var/cache/nginx levels=2 keys_zone=cache:10m inactive=60m max_size=1024m; + proxy_cache_key "$host$request_uri $cookie_user"; + proxy_temp_path /var/cache/nginx/temp; + proxy_ignore_headers Expires Cache-Control; + proxy_cache_use_stale error timeout invalid_header http_502; + proxy_cache_valid any 1d; + + + # Cache bypass + map $http_cookie $no_cache { + default 0; + ~SESS 1; + ~wordpress_logged_in 1; + } + + + # File cache settings + open_file_cache max=10000 inactive=30s; + open_file_cache_valid 60s; + open_file_cache_min_uses 2; + open_file_cache_errors off; + + + # Wildcard include + include /etc/nginx/conf.d/*.conf; +} diff --git a/install/ubuntu/18.10/nginx/phpmyadmin.inc b/install/ubuntu/18.10/nginx/phpmyadmin.inc new file mode 100644 index 00000000..1feb8546 --- /dev/null +++ b/install/ubuntu/18.10/nginx/phpmyadmin.inc @@ -0,0 +1,18 @@ +location /phpmyadmin { + alias /usr/share/phpmyadmin/; + + location ~ /(libraries|setup) { + return 404; + } + + location ~ ^/phpmyadmin/(.*\.php)$ { + alias /usr/share/phpmyadmin/$1; + fastcgi_pass 127.0.0.1:9000; + fastcgi_index index.php; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $request_filename; + } + location ~* ^/phpmyadmin/(.+\.(jpg|jpeg|gif|css|png|js|ico|html|xml|txt))$ { + root /usr/share/; + } +} diff --git a/install/ubuntu/18.10/nginx/phppgadmin.inc b/install/ubuntu/18.10/nginx/phppgadmin.inc new file mode 100644 index 00000000..cd1e5806 --- /dev/null +++ b/install/ubuntu/18.10/nginx/phppgadmin.inc @@ -0,0 +1,11 @@ +location /phppgadmin { + alias /usr/share/phppgadmin/; + + location ~ ^/phppgadmin/(.*\.php)$ { + alias /usr/share/phppgadmin/$1; + fastcgi_pass 127.0.0.1:9000; + fastcgi_index index.php; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $request_filename; + } +} diff --git a/install/ubuntu/18.10/nginx/status.conf b/install/ubuntu/18.10/nginx/status.conf new file mode 100644 index 00000000..c0bcd069 --- /dev/null +++ b/install/ubuntu/18.10/nginx/status.conf @@ -0,0 +1,9 @@ +server { + listen 127.0.0.1:8084 default; + server_name _; + server_name_in_redirect off; + location / { + stub_status on; + access_log off; + } +} diff --git a/install/ubuntu/18.10/nginx/webmail.inc b/install/ubuntu/18.10/nginx/webmail.inc new file mode 100644 index 00000000..ad66895b --- /dev/null +++ b/install/ubuntu/18.10/nginx/webmail.inc @@ -0,0 +1,15 @@ +location /webmail { + alias /var/lib/roundcube/; + + location ~ /(config|temp|logs) { + return 404; + } + + location ~ ^/webmail/(.*\.php)$ { + alias /var/lib/roundcube/$1; + fastcgi_pass 127.0.0.1:9000; + fastcgi_index index.php; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $request_filename; + } +} diff --git a/install/ubuntu/18.10/packages/default.pkg b/install/ubuntu/18.10/packages/default.pkg new file mode 100644 index 00000000..c2a93574 --- /dev/null +++ b/install/ubuntu/18.10/packages/default.pkg @@ -0,0 +1,18 @@ +WEB_TEMPLATE='default' +PROXY_TEMPLATE='default' +DNS_TEMPLATE='default' +WEB_DOMAINS='100' +WEB_ALIASES='100' +DNS_DOMAINS='100' +DNS_RECORDS='100' +MAIL_DOMAINS='100' +MAIL_ACCOUNTS='100' +DATABASES='100' +CRON_JOBS='100' +DISK_QUOTA='unlimited' +BANDWIDTH='100000' +NS='ns1.domain.tld,ns2.domain.tld' +SHELL='nologin' +BACKUPS='3' +TIME='18:00:00' +DATE='2017-12-28' diff --git a/install/ubuntu/18.10/packages/gainsboro.pkg b/install/ubuntu/18.10/packages/gainsboro.pkg new file mode 100644 index 00000000..76d7dae2 --- /dev/null +++ b/install/ubuntu/18.10/packages/gainsboro.pkg @@ -0,0 +1,18 @@ +WEB_TEMPLATE='default' +PROXY_TEMPLATE='default' +DNS_TEMPLATE='default' +WEB_DOMAINS='10' +WEB_ALIASES='10' +DNS_DOMAINS='10' +DNS_RECORDS='10' +MAIL_DOMAINS='10' +MAIL_ACCOUNTS='10' +DATABASES='10' +CRON_JOBS='10' +DISK_QUOTA='10000' +BANDWIDTH='10000' +NS='ns1.domain.tld,ns2.domain.tld' +SHELL='nologin' +BACKUPS='1' +TIME='18:00:00' +DATE='2017-12-28' diff --git a/install/ubuntu/18.10/packages/palegreen.pkg b/install/ubuntu/18.10/packages/palegreen.pkg new file mode 100644 index 00000000..3db5fe57 --- /dev/null +++ b/install/ubuntu/18.10/packages/palegreen.pkg @@ -0,0 +1,18 @@ +WEB_TEMPLATE='hosting' +PROXY_TEMPLATE='hosting' +DNS_TEMPLATE='default' +WEB_DOMAINS='50' +WEB_ALIASES='50' +DNS_DOMAINS='50' +DNS_RECORDS='50' +MAIL_DOMAINS='50' +MAIL_ACCOUNTS='50' +DATABASES='50' +CRON_JOBS='50' +DISK_QUOTA='50000' +BANDWIDTH='50000' +NS='ns1.domain.tld,ns2.domain.tld' +SHELL='nologin' +BACKUPS='5' +TIME='18:00:00' +DATE='2017-12-28' diff --git a/install/ubuntu/18.10/packages/slategrey.pkg b/install/ubuntu/18.10/packages/slategrey.pkg new file mode 100644 index 00000000..d89e796f --- /dev/null +++ b/install/ubuntu/18.10/packages/slategrey.pkg @@ -0,0 +1,18 @@ +WEB_TEMPLATE='default' +PROXY_TEMPLATE='default' +DNS_TEMPLATE='default' +WEB_DOMAINS='100' +WEB_ALIASES='100' +DNS_DOMAINS='100' +DNS_RECORDS='100' +MAIL_DOMAINS='100' +MAIL_ACCOUNTS='100' +DATABASES='100' +CRON_JOBS='100' +DISK_QUOTA='10000' +BANDWIDTH='100000' +NS='ns1.domain.tld,ns2.domain.tld' +SHELL='nologin' +BACKUPS='3' +TIME='18:00:00' +DATE='2017-12-28' diff --git a/install/ubuntu/18.10/pga/config.inc.php b/install/ubuntu/18.10/pga/config.inc.php new file mode 100644 index 00000000..1eec9776 --- /dev/null +++ b/install/ubuntu/18.10/pga/config.inc.php @@ -0,0 +1,159 @@ + diff --git a/install/ubuntu/18.10/pga/phppgadmin.conf b/install/ubuntu/18.10/pga/phppgadmin.conf new file mode 100644 index 00000000..f39247d6 --- /dev/null +++ b/install/ubuntu/18.10/pga/phppgadmin.conf @@ -0,0 +1,31 @@ +Alias /phppgadmin /usr/share/phppgadmin + + + +DirectoryIndex index.php +AllowOverride None + +order deny,allow +deny from all +allow from 127.0.0.0/255.0.0.0 ::1/128 +allow from all + + + php_flag magic_quotes_gpc Off + php_flag track_vars On + php_value include_path . + + + + + AddType application/x-httpd-php .php + Action application/x-httpd-php /cgi-bin/php + + + AddType application/x-httpd-php .php + Action application/x-httpd-php /cgi-bin/php + + + + + diff --git a/install/ubuntu/18.10/php-fpm/www.conf b/install/ubuntu/18.10/php-fpm/www.conf new file mode 100644 index 00000000..3c87f33c --- /dev/null +++ b/install/ubuntu/18.10/php-fpm/www.conf @@ -0,0 +1,11 @@ +[www] +listen = 127.0.0.1:9000 +listen.allowed_clients = 127.0.0.1 + +user = www-data +group = www-data + +pm = ondemand +pm.max_children = 2 +pm.max_requests = 4000 +pm.process_idle_timeout = 10s diff --git a/install/ubuntu/18.10/pma/apache.conf b/install/ubuntu/18.10/pma/apache.conf new file mode 100644 index 00000000..4da6ce84 --- /dev/null +++ b/install/ubuntu/18.10/pma/apache.conf @@ -0,0 +1,42 @@ +# phpMyAdmin default Apache configuration + +Alias /phpmyadmin /usr/share/phpmyadmin + + + Options FollowSymLinks + DirectoryIndex index.php + + + AddType application/x-httpd-php .php + + php_flag magic_quotes_gpc Off + php_flag track_vars On + php_flag register_globals Off + php_admin_flag allow_url_fopen Off + php_value include_path . + php_admin_value upload_tmp_dir /var/lib/phpmyadmin/tmp + php_admin_value open_basedir /usr/share/phpmyadmin/:/etc/phpmyadmin/:/var/lib/phpmyadmin/:/usr/share/php/php-gettext:/usr/share/javascript/ + + + + +# Authorize for setup + + + AuthType Basic + AuthName "phpMyAdmin Setup" + AuthUserFile /etc/phpmyadmin/htpasswd.setup + + Require valid-user + + +# Disallow web access to directories that don't need it + + Order Deny,Allow + Deny from All + + + Order Deny,Allow + Deny from All + + diff --git a/install/ubuntu/18.10/pma/config.inc.php b/install/ubuntu/18.10/pma/config.inc.php new file mode 100644 index 00000000..a643a065 --- /dev/null +++ b/install/ubuntu/18.10/pma/config.inc.php @@ -0,0 +1,146 @@ + + VRootEngine on + VRootAlias /etc/security/pam_env.conf etc/security/pam_env.conf + + +AuthPAMConfig proftpd +AuthOrder mod_auth_pam.c* mod_auth_unix.c +UseReverseDNS off +User proftpd +Group nogroup +MaxInstances 20 +UseSendfile off +LogFormat default "%h %l %u %t \"%r\" %s %b" +LogFormat auth "%v [%P] %h %t \"%r\" %s" +ListOptions -a +RequireValidShell off +PassivePorts 12000 12100 + + + Umask 002 + IdentLookups off + AllowOverwrite yes + + AllowAll + + diff --git a/install/ubuntu/18.10/roundcube/apache.conf b/install/ubuntu/18.10/roundcube/apache.conf new file mode 100644 index 00000000..a0c87bcc --- /dev/null +++ b/install/ubuntu/18.10/roundcube/apache.conf @@ -0,0 +1,40 @@ +Alias /roundcube/program/js/tiny_mce/ /usr/share/tinymce/www/ +Alias /roundcube /var/lib/roundcube +Alias /webmail /var/lib/roundcube + +# Access to tinymce files + + Options Indexes MultiViews FollowSymLinks + AllowOverride None + Order allow,deny + allow from all + + + + Options +FollowSymLinks + # This is needed to parse /var/lib/roundcube/.htaccess. See its + # content before setting AllowOverride to None. + AllowOverride All + order allow,deny + allow from all + + +# Protecting basic directories: + + Options -FollowSymLinks + AllowOverride None + + + + Options -FollowSymLinks + AllowOverride None + Order allow,deny + Deny from all + + + + Options -FollowSymLinks + AllowOverride None + Order allow,deny + Deny from all + diff --git a/install/ubuntu/18.10/roundcube/config.inc.php b/install/ubuntu/18.10/roundcube/config.inc.php new file mode 100644 index 00000000..0c82b1bc --- /dev/null +++ b/install/ubuntu/18.10/roundcube/config.inc.php @@ -0,0 +1,33 @@ + diff --git a/install/ubuntu/18.10/roundcube/main.inc.php b/install/ubuntu/18.10/roundcube/main.inc.php new file mode 100644 index 00000000..32e0d473 --- /dev/null +++ b/install/ubuntu/18.10/roundcube/main.inc.php @@ -0,0 +1,850 @@ +/sendmail or to syslog +$rcmail_config['smtp_log'] = true; + +// Log successful logins to /userlogins or to syslog +$rcmail_config['log_logins'] = false; + +// Log session authentication errors to /session or to syslog +$rcmail_config['log_session'] = false; + +// Log SQL queries to /sql or to syslog +$rcmail_config['sql_debug'] = false; + +// Log IMAP conversation to /imap or to syslog +$rcmail_config['imap_debug'] = false; + +// Log LDAP conversation to /ldap or to syslog +$rcmail_config['ldap_debug'] = false; + +// Log SMTP conversation to /smtp or to syslog +$rcmail_config['smtp_debug'] = false; + +// ---------------------------------- +// IMAP +// ---------------------------------- + +// the mail host chosen to perform the log-in +// leave blank to show a textbox at login, give a list of hosts +// to display a pulldown menu or set one host as string. +// To use SSL/TLS connection, enter hostname with prefix ssl:// or tls:// +// Supported replacement variables: +// %n - http hostname ($_SERVER['SERVER_NAME']) +// %d - domain (http hostname without the first part) +// %s - domain name after the '@' from e-mail address provided at login screen +// For example %n = mail.domain.tld, %d = domain.tld +$rcmail_config['default_host'] = 'localhost'; + +// TCP port used for IMAP connections +$rcmail_config['default_port'] = 143; + +// IMAP AUTH type (DIGEST-MD5, CRAM-MD5, LOGIN, PLAIN or empty to use +// best server supported one) +$rcmail_config['imap_auth_type'] = null; + +// If you know your imap's folder delimiter, you can specify it here. +// Otherwise it will be determined automatically +$rcmail_config['imap_delimiter'] = null; + +// If IMAP server doesn't support NAMESPACE extension, but you're +// using shared folders or personal root folder is non-empty, you'll need to +// set these options. All can be strings or arrays of strings. +// Folders need to be ended with directory separator, e.g. "INBOX." +// (special directory "~" is an exception to this rule) +// These can be used also to overwrite server's namespaces +$rcmail_config['imap_ns_personal'] = null; +$rcmail_config['imap_ns_other'] = null; +$rcmail_config['imap_ns_shared'] = null; + +// By default IMAP capabilities are readed after connection to IMAP server +// In some cases, e.g. when using IMAP proxy, there's a need to refresh the list +// after login. Set to True if you've got this case. +$rcmail_config['imap_force_caps'] = false; + +// By default list of subscribed folders is determined using LIST-EXTENDED +// extension if available. Some servers (dovecot 1.x) returns wrong results +// for shared namespaces in this case. http://trac.roundcube.net/ticket/1486225 +// Enable this option to force LSUB command usage instead. +$rcmail_config['imap_force_lsub'] = false; + +// Some server configurations (e.g. Courier) doesn't list folders in all namespaces +// Enable this option to force listing of folders in all namespaces +$rcmail_config['imap_force_ns'] = false; + +// IMAP connection timeout, in seconds. Default: 0 (no limit) +$rcmail_config['imap_timeout'] = 0; + +// Optional IMAP authentication identifier to be used as authorization proxy +$rcmail_config['imap_auth_cid'] = null; + +// Optional IMAP authentication password to be used for imap_auth_cid +$rcmail_config['imap_auth_pw'] = null; + +// Type of IMAP indexes cache. Supported values: 'db', 'apc' and 'memcache'. +$rcmail_config['imap_cache'] = null; + +// Enables messages cache. Only 'db' cache is supported. +$rcmail_config['messages_cache'] = false; + + +// ---------------------------------- +// SMTP +// ---------------------------------- + +// SMTP server host (for sending mails). +// To use SSL/TLS connection, enter hostname with prefix ssl:// or tls:// +// If left blank, the PHP mail() function is used +// Supported replacement variables: +// %h - user's IMAP hostname +// %n - http hostname ($_SERVER['SERVER_NAME']) +// %d - domain (http hostname without the first part) +// %z - IMAP domain (IMAP hostname without the first part) +// For example %n = mail.domain.tld, %d = domain.tld +$rcmail_config['smtp_server'] = ''; + +// SMTP port (default is 25; use 587 for STARTTLS or 465 for the +// deprecated SSL over SMTP (aka SMTPS)) +$rcmail_config['smtp_port'] = 25; + +// SMTP username (if required) if you use %u as the username Roundcube +// will use the current username for login +$rcmail_config['smtp_user'] = ''; + +// SMTP password (if required) if you use %p as the password Roundcube +// will use the current user's password for login +$rcmail_config['smtp_pass'] = ''; + +// SMTP AUTH type (DIGEST-MD5, CRAM-MD5, LOGIN, PLAIN or empty to use +// best server supported one) +$rcmail_config['smtp_auth_type'] = ''; + +// Optional SMTP authentication identifier to be used as authorization proxy +$rcmail_config['smtp_auth_cid'] = null; + +// Optional SMTP authentication password to be used for smtp_auth_cid +$rcmail_config['smtp_auth_pw'] = null; + +// SMTP HELO host +// Hostname to give to the remote server for SMTP 'HELO' or 'EHLO' messages +// Leave this blank and you will get the server variable 'server_name' or +// localhost if that isn't defined. +$rcmail_config['smtp_helo_host'] = ''; + +// SMTP connection timeout, in seconds. Default: 0 (no limit) +$rcmail_config['smtp_timeout'] = 0; + +// ---------------------------------- +// SYSTEM +// ---------------------------------- +include_once("/etc/roundcube/debian-db-roundcube.php"); + + +// THIS OPTION WILL ALLOW THE INSTALLER TO RUN AND CAN EXPOSE SENSITIVE CONFIG DATA. +// ONLY ENABLE IT IF YOU'RE REALLY SURE WHAT YOU'RE DOING! +$rcmail_config['enable_installer'] = false; + +// provide an URL where a user can get support for this Roundcube installation +// PLEASE DO NOT LINK TO THE ROUNDCUBE.NET WEBSITE HERE! +$rcmail_config['support_url'] = ''; + +// replace Roundcube logo with this image +// specify an URL relative to the document root of this Roundcube installation +$rcmail_config['skin_logo'] = null; + +// automatically create a new Roundcube user when log-in the first time. +// a new user will be created once the IMAP login succeeds. +// set to false if only registered users can use this service +$rcmail_config['auto_create_user'] = true; + +// use this folder to store log files (must be writeable for apache user) +// This is used by the 'file' log driver. +$rcmail_config['log_dir'] = '/var/log/roundcube/'; + +// use this folder to store temp files (must be writeable for apache user) +$rcmail_config['temp_dir'] = '/tmp'; + +// lifetime of message cache +// possible units: s, m, h, d, w +$rcmail_config['message_cache_lifetime'] = '10d'; + +// enforce connections over https +// with this option enabled, all non-secure connections will be redirected. +// set the port for the ssl connection as value of this option if it differs from the default 443 +$rcmail_config['force_https'] = false; + +// tell PHP that it should work as under secure connection +// even if it doesn't recognize it as secure ($_SERVER['HTTPS'] is not set) +// e.g. when you're running Roundcube behind a https proxy +// this option is mutually exclusive to 'force_https' and only either one of them should be set to true. +$rcmail_config['use_https'] = false; + +// Allow browser-autocompletion on login form. +// 0 - disabled, 1 - username and host only, 2 - username, host, password +$rcmail_config['login_autocomplete'] = 0; + +// Forces conversion of logins to lower case. +// 0 - disabled, 1 - only domain part, 2 - domain and local part. +// If users authentication is not case-sensitive this must be enabled. +// After enabling it all user records need to be updated, e.g. with query: +// UPDATE users SET username = LOWER(username); +$rcmail_config['login_lc'] = 0; + +// Includes should be interpreted as PHP files +$rcmail_config['skin_include_php'] = false; + +// display software version on login screen +$rcmail_config['display_version'] = false; + +// Session lifetime in minutes +// must be greater than 'keep_alive'/60 +$rcmail_config['session_lifetime'] = 10; + +// session domain: .example.org +$rcmail_config['session_domain'] = ''; + +// session name. Default: 'roundcube_sessid' +$rcmail_config['session_name'] = null; + +// Backend to use for session storage. Can either be 'db' (default) or 'memcache' +// If set to memcache, a list of servers need to be specified in 'memcache_hosts' +// Make sure the Memcache extension (http://pecl.php.net/package/memcache) version >= 2.0.0 is installed +$rcmail_config['session_storage'] = 'db'; + +// Use these hosts for accessing memcached +// Define any number of hosts in the form of hostname:port or unix:///path/to/sock.file +$rcmail_config['memcache_hosts'] = null; // e.g. array( 'localhost:11211', '192.168.1.12:11211', 'unix:///var/tmp/memcached.sock' ); + +// check client IP in session athorization +$rcmail_config['ip_check'] = false; + +// check referer of incoming requests +$rcmail_config['referer_check'] = false; + +// X-Frame-Options HTTP header value sent to prevent from Clickjacking. +// Possible values: sameorigin|deny. Set to false in order to disable sending them +$rcmail_config['x_frame_options'] = 'sameorigin'; + +// this key is used to encrypt the users imap password which is stored +// in the session record (and the client cookie if remember password is enabled). +// please provide a string of exactly 24 chars. +$rcmail_config['des_key'] = 'vtIOjLZo9kffJoqzpSbm5r1r'; + +// Automatically add this domain to user names for login +// Only for IMAP servers that require full e-mail addresses for login +// Specify an array with 'host' => 'domain' values to support multiple hosts +// Supported replacement variables: +// %h - user's IMAP hostname +// %n - http hostname ($_SERVER['SERVER_NAME']) +// %d - domain (http hostname without the first part) +// %z - IMAP domain (IMAP hostname without the first part) +// For example %n = mail.domain.tld, %d = domain.tld +$rcmail_config['username_domain'] = ''; + +// This domain will be used to form e-mail addresses of new users +// Specify an array with 'host' => 'domain' values to support multiple hosts +// Supported replacement variables: +// %h - user's IMAP hostname +// %n - http hostname ($_SERVER['SERVER_NAME']) +// %d - domain (http hostname without the first part) +// %z - IMAP domain (IMAP hostname without the first part) +// For example %n = mail.domain.tld, %d = domain.tld +$rcmail_config['mail_domain'] = ''; + +// Password charset. +// Use it if your authentication backend doesn't support UTF-8. +// Defaults to ISO-8859-1 for backward compatibility +$rcmail_config['password_charset'] = 'ISO-8859-1'; + +// How many seconds must pass between emails sent by a user +$rcmail_config['sendmail_delay'] = 0; + +// Maximum number of recipients per message. Default: 0 (no limit) +$rcmail_config['max_recipients'] = 0; + +// Maximum allowednumber of members of an address group. Default: 0 (no limit) +// If 'max_recipients' is set this value should be less or equal +$rcmail_config['max_group_members'] = 0; + +// add this user-agent to message headers when sending +$rcmail_config['useragent'] = 'Roundcube Webmail'; + +// use this name to compose page titles +$rcmail_config['product_name'] = 'Roundcube Webmail'; + +// try to load host-specific configuration +// see http://trac.roundcube.net/wiki/Howto_Config for more details +$rcmail_config['include_host_config'] = false; + +// path to a text file which will be added to each sent message +// paths are relative to the Roundcube root folder +$rcmail_config['generic_message_footer'] = ''; + +// path to a text file which will be added to each sent HTML message +// paths are relative to the Roundcube root folder +$rcmail_config['generic_message_footer_html'] = ''; + +// add a received header to outgoing mails containing the creators IP and hostname +$rcmail_config['http_received_header'] = false; + +// Whether or not to encrypt the IP address and the host name +// these could, in some circles, be considered as sensitive information; +// however, for the administrator, these could be invaluable help +// when tracking down issues. +$rcmail_config['http_received_header_encrypt'] = false; + +// This string is used as a delimiter for message headers when sending +// a message via mail() function. Leave empty for auto-detection +$rcmail_config['mail_header_delimiter'] = NULL; + +// number of chars allowed for line when wrapping text. +// text wrapping is done when composing/sending messages +$rcmail_config['line_length'] = 72; + +// send plaintext messages as format=flowed +$rcmail_config['send_format_flowed'] = true; + +// don't allow these settings to be overriden by the user +$rcmail_config['dont_override'] = array(); + +// Set identities access level: +// 0 - many identities with possibility to edit all params +// 1 - many identities with possibility to edit all params but not email address +// 2 - one identity with possibility to edit all params +// 3 - one identity with possibility to edit all params but not email address +$rcmail_config['identities_level'] = 0; + +// Mimetypes supported by the browser. +// attachments of these types will open in a preview window +// either a comma-separated list or an array: 'text/plain,text/html,text/xml,image/jpeg,image/gif,image/png,application/pdf' +$rcmail_config['client_mimetypes'] = null; # null == default + +// mime magic database +$rcmail_config['mime_magic'] = null; + +// path to imagemagick identify binary +$rcmail_config['im_identify_path'] = null; + +// path to imagemagick convert binary +$rcmail_config['im_convert_path'] = null; + +// maximum size of uploaded contact photos in pixel +$rcmail_config['contact_photo_size'] = 160; + +// Enable DNS checking for e-mail address validation +$rcmail_config['email_dns_check'] = false; + +// ---------------------------------- +// PLUGINS +// ---------------------------------- + +// List of active plugins (in plugins/ directory) +$rcmail_config['plugins'] = array('password'); + +// ---------------------------------- +// USER INTERFACE +// ---------------------------------- + +// default messages sort column. Use empty value for default server's sorting, +// or 'arrival', 'date', 'subject', 'from', 'to', 'fromto', 'size', 'cc' +$rcmail_config['message_sort_col'] = ''; + +// default messages sort order +$rcmail_config['message_sort_order'] = 'DESC'; + +// These cols are shown in the message list. Available cols are: +// subject, from, to, fromto, cc, replyto, date, size, status, flag, attachment, 'priority' +$rcmail_config['list_cols'] = array('subject', 'status', 'fromto', 'date', 'size', 'flag', 'attachment'); + +// the default locale setting (leave empty for auto-detection) +// RFC1766 formatted language name like en_US, de_DE, de_CH, fr_FR, pt_BR +$rcmail_config['language'] = null; + +// use this format for date display (date or strftime format) +$rcmail_config['date_format'] = 'Y-m-d'; + +// give this choice of date formats to the user to select from +$rcmail_config['date_formats'] = array('Y-m-d', 'd-m-Y', 'Y/m/d', 'm/d/Y', 'd/m/Y', 'd.m.Y', 'j.n.Y'); + +// use this format for time display (date or strftime format) +$rcmail_config['time_format'] = 'H:i'; + +// give this choice of time formats to the user to select from +$rcmail_config['time_formats'] = array('G:i', 'H:i', 'g:i a', 'h:i A'); + +// use this format for short date display (derived from date_format and time_format) +$rcmail_config['date_short'] = 'D H:i'; + +// use this format for detailed date/time formatting (derived from date_format and time_format) +$rcmail_config['date_long'] = 'Y-m-d H:i'; + +// store draft message is this mailbox +// leave blank if draft messages should not be stored +// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP) +$rcmail_config['drafts_mbox'] = 'Drafts'; + +// store spam messages in this mailbox +// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP) +$rcmail_config['junk_mbox'] = 'Spam'; + +// store sent message is this mailbox +// leave blank if sent messages should not be stored +// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP) +$rcmail_config['sent_mbox'] = 'Sent'; + +// move messages to this folder when deleting them +// leave blank if they should be deleted directly +// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP) +$rcmail_config['trash_mbox'] = 'Trash'; + +// display these folders separately in the mailbox list. +// these folders will also be displayed with localized names +// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP) +$rcmail_config['default_folders'] = array('INBOX', 'Drafts', 'Sent', 'Spam', 'Trash'); +$rcmail_config['default_imap_folders'] = array('INBOX', 'Drafts', 'Sent', 'Spam', 'Trash'); + +// automatically create the above listed default folders on first login +$rcmail_config['create_default_folders'] = true; + +// protect the default folders from renames, deletes, and subscription changes +$rcmail_config['protect_default_folders'] = true; + +// if in your system 0 quota means no limit set this option to true +$rcmail_config['quota_zero_as_unlimited'] = true; + +// Make use of the built-in spell checker. It is based on GoogieSpell. +// Since Google only accepts connections over https your PHP installatation +// requires to be compiled with Open SSL support +$rcmail_config['enable_spellcheck'] = true; + +// Enables spellchecker exceptions dictionary. +// Setting it to 'shared' will make the dictionary shared by all users. +$rcmail_config['spellcheck_dictionary'] = false; + +// Set the spell checking engine. 'googie' is the default. 'pspell' is also available, +// but requires the Pspell extensions. When using Nox Spell Server, also set 'googie' here. +$rcmail_config['spellcheck_engine'] = 'googie'; + +// For a locally installed Nox Spell Server, please specify the URI to call it. +// Get Nox Spell Server from http://orangoo.com/labs/?page_id=72 +// Leave empty to use the Google spell checking service, what means +// that the message content will be sent to Google in order to check spelling +$rcmail_config['spellcheck_uri'] = ''; + +// These languages can be selected for spell checking. +// Configure as a PHP style hash array: array('en'=>'English', 'de'=>'Deutsch'); +// Leave empty for default set of available language. +$rcmail_config['spellcheck_languages'] = NULL; + +// Makes that words with all letters capitalized will be ignored (e.g. GOOGLE) +$rcmail_config['spellcheck_ignore_caps'] = false; + +// Makes that words with numbers will be ignored (e.g. g00gle) +$rcmail_config['spellcheck_ignore_nums'] = false; + +// Makes that words with symbols will be ignored (e.g. g@@gle) +$rcmail_config['spellcheck_ignore_syms'] = false; + +// Use this char/string to separate recipients when composing a new message +$rcmail_config['recipients_separator'] = ','; + +// don't let users set pagesize to more than this value if set +$rcmail_config['max_pagesize'] = 200; + +// Minimal value of user's 'keep_alive' setting (in seconds) +// Must be less than 'session_lifetime' +$rcmail_config['min_keep_alive'] = 60; + +// Enables files upload indicator. Requires APC installed and enabled apc.rfc1867 option. +// By default refresh time is set to 1 second. You can set this value to true +// or any integer value indicating number of seconds. +$rcmail_config['upload_progress'] = false; + +// Specifies for how many seconds the Undo button will be available +// after object delete action. Currently used with supporting address book sources. +// Setting it to 0, disables the feature. +$rcmail_config['undo_timeout'] = 0; + +// ---------------------------------- +// ADDRESSBOOK SETTINGS +// ---------------------------------- + +// This indicates which type of address book to use. Possible choises: +// 'sql' (default) and 'ldap'. +// If set to 'ldap' then it will look at using the first writable LDAP +// address book as the primary address book and it will not display the +// SQL address book in the 'Address Book' view. +$rcmail_config['address_book_type'] = 'sql'; + +// In order to enable public ldap search, configure an array like the Verisign +// example further below. if you would like to test, simply uncomment the example. +// Array key must contain only safe characters, ie. a-zA-Z0-9_ +$rcmail_config['ldap_public'] = array(); + +// If you are going to use LDAP for individual address books, you will need to +// set 'user_specific' to true and use the variables to generate the appropriate DNs to access it. +// +// The recommended directory structure for LDAP is to store all the address book entries +// under the users main entry, e.g.: +// +// o=root +// ou=people +// uid=user@domain +// mail=contact@contactdomain +// +// So the base_dn would be uid=%fu,ou=people,o=root +// The bind_dn would be the same as based_dn or some super user login. +/* + * example config for Verisign directory + * +$rcmail_config['ldap_public']['Verisign'] = array( + 'name' => 'Verisign.com', + // Replacement variables supported in host names: + // %h - user's IMAP hostname + // %n - http hostname ($_SERVER['SERVER_NAME']) + // %d - domain (http hostname without the first part) + // %z - IMAP domain (IMAP hostname without the first part) + // For example %n = mail.domain.tld, %d = domain.tld + 'hosts' => array('directory.verisign.com'), + 'port' => 389, + 'use_tls' => false, + 'ldap_version' => 3, // using LDAPv3 + 'user_specific' => false, // If true the base_dn, bind_dn and bind_pass default to the user's IMAP login. + // %fu - The full username provided, assumes the username is an email + // address, uses the username_domain value if not an email address. + // %u - The username prior to the '@'. + // %d - The domain name after the '@'. + // %dc - The domain name hierarchal string e.g. "dc=test,dc=domain,dc=com" + // %dn - DN found by ldap search when search_filter/search_base_dn are used + 'base_dn' => '', + 'bind_dn' => '', + 'bind_pass' => '', + // It's possible to bind for an individual address book + // The login name is used to search for the DN to bind with + 'search_base_dn' => '', + 'search_filter' => '', // e.g. '(&(objectClass=posixAccount)(uid=%u))' + // DN and password to bind as before searching for bind DN, if anonymous search is not allowed + 'search_bind_dn' => '', + 'search_bind_pw' => '', + // Default for %dn variable if search doesn't return DN value + 'search_dn_default' => '', + // Optional authentication identifier to be used as SASL authorization proxy + // bind_dn need to be empty + 'auth_cid' => '', + // SASL authentication method (for proxy auth), e.g. DIGEST-MD5 + 'auth_method' => '', + // Indicates if the addressbook shall be hidden from the list. + // With this option enabled you can still search/view contacts. + 'hidden' => false, + // Indicates if the addressbook shall not list contacts but only allows searching. + 'searchonly' => false, + // Indicates if we can write to the LDAP directory or not. + // If writable is true then these fields need to be populated: + // LDAP_Object_Classes, required_fields, LDAP_rdn + 'writable' => false, + // To create a new contact these are the object classes to specify + // (or any other classes you wish to use). + 'LDAP_Object_Classes' => array('top', 'inetOrgPerson'), + // The RDN field that is used for new entries, this field needs + // to be one of the search_fields, the base of base_dn is appended + // to the RDN to insert into the LDAP directory. + 'LDAP_rdn' => 'cn', + // The required fields needed to build a new contact as required by + // the object classes (can include additional fields not required by the object classes). + 'required_fields' => array('cn', 'sn', 'mail'), + 'search_fields' => array('mail', 'cn'), // fields to search in + // mapping of contact fields to directory attributes + // for every attribute one can specify the number of values (limit) allowed. + // default is 1, a wildcard * means unlimited + 'fieldmap' => array( + // Roundcube => LDAP:limit + 'name' => 'cn', + 'surname' => 'sn', + 'firstname' => 'givenName', + 'title' => 'title', + 'email' => 'mail:*', + 'phone:home' => 'homePhone', + 'phone:work' => 'telephoneNumber', + 'phone:mobile' => 'mobile', + 'phone:pager' => 'pager', + 'street' => 'street', + 'zipcode' => 'postalCode', + 'region' => 'st', + 'locality' => 'l', +// if you uncomment country, you need to modify 'sub_fields' above +// 'country' => 'c', + 'department' => 'departmentNumber', + 'notes' => 'description', +// these currently don't work: +// 'phone:workfax' => 'facsimileTelephoneNumber', +// 'photo' => 'jpegPhoto', +// 'organization' => 'o', +// 'manager' => 'manager', +// 'assistant' => 'secretary', + ), + // Map of contact sub-objects (attribute name => objectClass(es)), e.g. 'c' => 'country' + 'sub_fields' => array(), + 'sort' => 'cn', // The field to sort the listing by. + 'scope' => 'sub', // search mode: sub|base|list + 'filter' => '(objectClass=inetOrgPerson)', // used for basic listing (if not empty) and will be &'d with search queries. example: status=act + 'fuzzy_search' => true, // server allows wildcard search + 'vlv' => false, // Enable Virtual List View to more efficiently fetch paginated data (if server supports it) + 'numsub_filter' => '(objectClass=organizationalUnit)', // with VLV, we also use numSubOrdinates to query the total number of records. Set this filter to get all numSubOrdinates attributes for counting + 'sizelimit' => '0', // Enables you to limit the count of entries fetched. Setting this to 0 means no limit. + 'timelimit' => '0', // Sets the number of seconds how long is spend on the search. Setting this to 0 means no limit. + 'referrals' => true|false, // Sets the LDAP_OPT_REFERRALS option. Mostly used in multi-domain Active Directory setups + + // definition for contact groups (uncomment if no groups are supported) + // for the groups base_dn, the user replacements %fu, %u, $d and %dc work as for base_dn (see above) + // if the groups base_dn is empty, the contact base_dn is used for the groups as well + // -> in this case, assure that groups and contacts are separated due to the concernig filters! + 'groups' => array( + 'base_dn' => '', + 'scope' => 'sub', // search mode: sub|base|list + 'filter' => '(objectClass=groupOfNames)', + 'object_classes' => array("top", "groupOfNames"), + 'member_attr' => 'member', // name of the member attribute, e.g. uniqueMember + 'name_attr' => 'cn', // attribute to be used as group name + ), +); +*/ + +// An ordered array of the ids of the addressbooks that should be searched +// when populating address autocomplete fields server-side. ex: array('sql','Verisign'); +$rcmail_config['autocomplete_addressbooks'] = array('sql'); + +// The minimum number of characters required to be typed in an autocomplete field +// before address books will be searched. Most useful for LDAP directories that +// may need to do lengthy results building given overly-broad searches +$rcmail_config['autocomplete_min_length'] = 1; + +// Number of parallel autocomplete requests. +// If there's more than one address book, n parallel (async) requests will be created, +// where each request will search in one address book. By default (0), all address +// books are searched in one request. +$rcmail_config['autocomplete_threads'] = 0; + +// Max. numer of entries in autocomplete popup. Default: 15. +$rcmail_config['autocomplete_max'] = 15; + +// show address fields in this order +// available placeholders: {street}, {locality}, {zipcode}, {country}, {region} +$rcmail_config['address_template'] = '{street}
    {locality} {zipcode}
    {country} {region}'; + +// Matching mode for addressbook search (including autocompletion) +// 0 - partial (*abc*), default +// 1 - strict (abc) +// 2 - prefix (abc*) +// Note: For LDAP sources fuzzy_search must be enabled to use 'partial' or 'prefix' mode +$rcmail_config['addressbook_search_mode'] = 0; + +// ---------------------------------- +// USER PREFERENCES +// ---------------------------------- + +// Use this charset as fallback for message decoding +//$rcmail_config['default_charset'] = 'ISO-8859-1'; +$rcmail_config['default_charset'] = 'UTF-8'; + +// skin name: folder from skins/ +$rcmail_config['skin'] = 'larry'; + +// show up to X items in messages list view +$rcmail_config['mail_pagesize'] = 50; + +// show up to X items in contacts list view +$rcmail_config['addressbook_pagesize'] = 50; + +// sort contacts by this col (preferably either one of name, firstname, surname) +$rcmail_config['addressbook_sort_col'] = 'surname'; + +// the way how contact names are displayed in the list +// 0: display name +// 1: (prefix) firstname middlename surname (suffix) +// 2: (prefix) surname firstname middlename (suffix) +// 3: (prefix) surname, firstname middlename (suffix) +$rcmail_config['addressbook_name_listing'] = 0; + +// use this timezone to display date/time +// valid timezone identifers are listed here: php.net/manual/en/timezones.php +// 'auto' will use the browser's timezone settings +$rcmail_config['timezone'] = 'auto'; + +// prefer displaying HTML messages +$rcmail_config['prefer_html'] = true; + +// display remote inline images +// 0 - Never, always ask +// 1 - Ask if sender is not in address book +// 2 - Always show inline images +$rcmail_config['show_images'] = 0; + +// compose html formatted messages by default +// 0 - never, 1 - always, 2 - on reply to HTML message only +$rcmail_config['htmleditor'] = 0; + +// show pretty dates as standard +$rcmail_config['prettydate'] = true; + +// save compose message every 30 seconds +$rcmail_config['draft_autosave'] = 30; + +// default setting if preview pane is enabled +$rcmail_config['preview_pane'] = false; + +// Mark as read when viewed in preview pane (delay in seconds) +// Set to -1 if messages in preview pane should not be marked as read +$rcmail_config['preview_pane_mark_read'] = 0; + +// Clear Trash on logout +$rcmail_config['logout_purge'] = false; + +// Compact INBOX on logout +$rcmail_config['logout_expunge'] = false; + +// Display attached images below the message body +$rcmail_config['inline_images'] = true; + +// Encoding of long/non-ascii attachment names: +// 0 - Full RFC 2231 compatible +// 1 - RFC 2047 for 'name' and RFC 2231 for 'filename' parameter (Thunderbird's default) +// 2 - Full 2047 compatible +$rcmail_config['mime_param_folding'] = 1; + +// Set true if deleted messages should not be displayed +// This will make the application run slower +$rcmail_config['skip_deleted'] = false; + +// Set true to Mark deleted messages as read as well as deleted +// False means that a message's read status is not affected by marking it as deleted +$rcmail_config['read_when_deleted'] = true; + +// Set to true to never delete messages immediately +// Use 'Purge' to remove messages marked as deleted +$rcmail_config['flag_for_deletion'] = false; + +// Default interval for keep-alive/check-recent requests (in seconds) +// Must be greater than or equal to 'min_keep_alive' and less than 'session_lifetime' +$rcmail_config['keep_alive'] = 60; + +// If true all folders will be checked for recent messages +$rcmail_config['check_all_folders'] = false; + +// If true, after message delete/move, the next message will be displayed +$rcmail_config['display_next'] = false; + +// 0 - Do not expand threads +// 1 - Expand all threads automatically +// 2 - Expand only threads with unread messages +$rcmail_config['autoexpand_threads'] = 0; + +// When replying place cursor above original message (top posting) +$rcmail_config['top_posting'] = false; + +// When replying strip original signature from message +$rcmail_config['strip_existing_sig'] = true; + +// Show signature: +// 0 - Never +// 1 - Always +// 2 - New messages only +// 3 - Forwards and Replies only +$rcmail_config['show_sig'] = 1; + +// When replying or forwarding place sender's signature above existing message +$rcmail_config['sig_above'] = false; + +// Use MIME encoding (quoted-printable) for 8bit characters in message body +$rcmail_config['force_7bit'] = false; + +// Defaults of the search field configuration. +// The array can contain a per-folder list of header fields which should be considered when searching +// The entry with key '*' stands for all folders which do not have a specific list set. +// Please note that folder names should to be in sync with $rcmail_config['default_folders'] +$rcmail_config['search_mods'] = null; // Example: array('*' => array('subject'=>1, 'from'=>1), 'Sent' => array('subject'=>1, 'to'=>1)); + +// Defaults of the addressbook search field configuration. +$rcmail_config['addressbook_search_mods'] = null; // Example: array('name'=>1, 'firstname'=>1, 'surname'=>1, 'email'=>1, '*'=>1); + +// 'Delete always' +// This setting reflects if mail should be always deleted +// when moving to Trash fails. This is necessary in some setups +// when user is over quota and Trash is included in the quota. +$rcmail_config['delete_always'] = false; + +// Directly delete messages in Junk instead of moving to Trash +$rcmail_config['delete_junk'] = true; + +// Behavior if a received message requests a message delivery notification (read receipt) +// 0 = ask the user, 1 = send automatically, 2 = ignore (never send or ask) +// 3 = send automatically if sender is in addressbook, otherwise ask the user +// 4 = send automatically if sender is in addressbook, otherwise ignore +$rcmail_config['mdn_requests'] = 0; + +// Return receipt checkbox default state +$rcmail_config['mdn_default'] = 0; + +// Delivery Status Notification checkbox default state +$rcmail_config['dsn_default'] = 0; + +// Place replies in the folder of the message being replied to +$rcmail_config['reply_same_folder'] = false; + +// Sets default mode of Forward feature to "forward as attachment" +$rcmail_config['forward_attachment'] = false; + +// Defines address book (internal index) to which new contacts will be added +// By default it is the first writeable addressbook. +// Note: Use '0' for built-in address book. +$rcmail_config['default_addressbook'] = null; + +// Enables spell checking before sending a message. +$rcmail_config['spellcheck_before_send'] = false; + +// Skip alternative email addresses in autocompletion (show one address per contact) +$rcmail_config['autocomplete_single'] = false; + +// Default font for composed HTML message. +// Supported values: Andale Mono, Arial, Arial Black, Book Antiqua, Courier New, +// Georgia, Helvetica, Impact, Tahoma, Terminal, Times New Roman, Trebuchet MS, Verdana +$rcmail_config['default_font'] = ''; + +// end of config file diff --git a/install/ubuntu/18.10/roundcube/vesta.php b/install/ubuntu/18.10/roundcube/vesta.php new file mode 100644 index 00000000..b4a2a6b6 --- /dev/null +++ b/install/ubuntu/18.10/roundcube/vesta.php @@ -0,0 +1,72 @@ + + */ +class rcube_vesta_password { + function save($curpass, $passwd) + { + $rcmail = rcmail::get_instance(); + $vesta_host = $rcmail->config->get('password_vesta_host'); + + if (empty($vesta_host)) + { + $vesta_host = 'localhost'; + } + + $vesta_port = $rcmail->config->get('password_vesta_port'); + if (empty($vesta_port)) + { + $vesta_port = '8083'; + } + + $postvars = array( + 'email' => $_SESSION['username'], + 'password' => $curpass, + 'new' => $passwd + ); + + $postdata = http_build_query($postvars); + + $send = 'POST /reset/mail/ HTTP/1.1' . PHP_EOL; + $send .= 'Host: ' . $vesta_host . PHP_EOL; + $send .= 'User-Agent: PHP Script' . PHP_EOL; + $send .= 'Content-length: ' . strlen($postdata) . PHP_EOL; + $send .= 'Content-type: application/x-www-form-urlencoded' . PHP_EOL; + $send .= 'Connection: close' . PHP_EOL; + $send .= PHP_EOL; + $send .= $postdata . PHP_EOL . PHP_EOL; + + //$fp = fsockopen('ssl://' . $vesta_host, $vesta_port); + $errno = ""; + $errstr = ""; + $context = stream_context_create(); + $result = stream_context_set_option($context, 'ssl', 'verify_peer', false); + $result = stream_context_set_option($context, 'ssl', 'verify_peer_name', false); + $result = stream_context_set_option($context, 'ssl', 'verify_host', false); + $result = stream_context_set_option($context, 'ssl', 'allow_self_signed', true); + + $fp = stream_socket_client('ssl://' . $vesta_host . ':'.$vesta_port, $errno, $errstr, 60, STREAM_CLIENT_CONNECT, $context); + fputs($fp, $send); + $result = fread($fp, 2048); + fclose($fp); + + $fp = fopen("/tmp/roundcube.log", 'w'); + fwrite($fp, "test ok"); + fwrite($fp, "\n"); + fclose($fp); + + + if(strpos($result, 'ok') && !strpos($result, 'error')) + { + return PASSWORD_SUCCESS; + } + else { + return PASSWORD_ERROR; + } + + } +} \ No newline at end of file diff --git a/install/ubuntu/18.10/sudo/admin b/install/ubuntu/18.10/sudo/admin new file mode 100644 index 00000000..331fa1f2 --- /dev/null +++ b/install/ubuntu/18.10/sudo/admin @@ -0,0 +1,8 @@ +# Created by vesta installer +Defaults env_keep="VESTA" +Defaults:admin !syslog +Defaults:admin !requiretty +Defaults:root !requiretty + +# sudo is limited to vesta scripts +admin ALL=NOPASSWD:/usr/local/vesta/bin/* diff --git a/install/ubuntu/18.10/templates/dns/child-ns.tpl b/install/ubuntu/18.10/templates/dns/child-ns.tpl new file mode 100755 index 00000000..42c046e4 --- /dev/null +++ b/install/ubuntu/18.10/templates/dns/child-ns.tpl @@ -0,0 +1,14 @@ +ID='1' RECORD='@' TYPE='NS' PRIORITY='' VALUE='ns1.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='2' RECORD='@' TYPE='NS' PRIORITY='' VALUE='ns2.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='3' RECORD='@' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='4' RECORD='ns1' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='5' RECORD='ns2' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='6' RECORD='www' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='7' RECORD='ftp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='8' RECORD='mail' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='9' RECORD='smtp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='10' RECORD='pop' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='11' RECORD='imap' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='12' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='mail.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='13' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"v=spf1 a mx ip4:%ip% ~all"' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='14' RECORD='_dmarc' TYPE='TXT' PRIORITY='' VALUE='"v=DMARC1; p=none"' SUSPENDED='no' TIME='%time%' DATE='%date%' diff --git a/install/ubuntu/18.10/templates/dns/default.tpl b/install/ubuntu/18.10/templates/dns/default.tpl new file mode 100755 index 00000000..e0a37e62 --- /dev/null +++ b/install/ubuntu/18.10/templates/dns/default.tpl @@ -0,0 +1,18 @@ +ID='1' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns1%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='2' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns2%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='3' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns3%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='4' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns4%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='5' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns5%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='6' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns6%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='7' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns7%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='8' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns8%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='9' RECORD='@' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='10' RECORD='www' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='11' RECORD='ftp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='12' RECORD='mail' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='13' RECORD='smtp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='14' RECORD='pop' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='15' RECORD='imap' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='16' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='mail.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='17' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"v=spf1 a mx ip4:%ip% ~all"' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='18' RECORD='_dmarc' TYPE='TXT' PRIORITY='' VALUE='"v=DMARC1; p=none"' SUSPENDED='no' TIME='%time%' DATE='%date%' diff --git a/install/ubuntu/18.10/templates/dns/gmail.tpl b/install/ubuntu/18.10/templates/dns/gmail.tpl new file mode 100755 index 00000000..219c9d24 --- /dev/null +++ b/install/ubuntu/18.10/templates/dns/gmail.tpl @@ -0,0 +1,12 @@ +ID='1' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns1%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='2' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns2%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='3' RECORD='@' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='4' RECORD='ftp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='5' RECORD='localhost' TYPE='A' PRIORITY='' VALUE='127.0.0.1' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='6' RECORD='www' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='7' RECORD='@' TYPE='MX' PRIORITY='1' VALUE='ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='8' RECORD='@' TYPE='MX' PRIORITY='5' VALUE='ALT1.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='9' RECORD='@' TYPE='MX' PRIORITY='5' VALUE='ALT2.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='10' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='ALT3.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='11' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='ALT4.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='12' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"v=spf1 a mx ip4:%ip% include:_spf.google.com ~all"' SUSPENDED='no' TIME='%time%' DATE='%date%' diff --git a/install/ubuntu/18.10/templates/web/apache2/basedir.stpl b/install/ubuntu/18.10/templates/web/apache2/basedir.stpl new file mode 100644 index 00000000..d978d4c4 --- /dev/null +++ b/install/ubuntu/18.10/templates/web/apache2/basedir.stpl @@ -0,0 +1,44 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + SSLRequireSSL + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" + + + AllowOverride All + + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/18.10/templates/web/apache2/basedir.tpl b/install/ubuntu/18.10/templates/web/apache2/basedir.tpl new file mode 100644 index 00000000..96c94a1b --- /dev/null +++ b/install/ubuntu/18.10/templates/web/apache2/basedir.tpl @@ -0,0 +1,38 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" + + + AllowOverride All + + + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/18.10/templates/web/apache2/default.stpl b/install/ubuntu/18.10/templates/web/apache2/default.stpl new file mode 100644 index 00000000..ec34c279 --- /dev/null +++ b/install/ubuntu/18.10/templates/web/apache2/default.stpl @@ -0,0 +1,43 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + SSLRequireSSL + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + + + AllowOverride All + + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/18.10/templates/web/apache2/default.tpl b/install/ubuntu/18.10/templates/web/apache2/default.tpl new file mode 100644 index 00000000..3a227015 --- /dev/null +++ b/install/ubuntu/18.10/templates/web/apache2/default.tpl @@ -0,0 +1,37 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + + + AllowOverride All + + + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/18.10/templates/web/apache2/hosting.stpl b/install/ubuntu/18.10/templates/web/apache2/hosting.stpl new file mode 100644 index 00000000..8892072b --- /dev/null +++ b/install/ubuntu/18.10/templates/web/apache2/hosting.stpl @@ -0,0 +1,49 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + SSLRequireSSL + Options +Includes -Indexes +ExecCGI + php_admin_value upload_max_filesize 10M + php_admin_value max_execution_time 20 + php_admin_value post_max_size 8M + php_admin_value memory_limit 32M + php_admin_flag mysql.allow_persistent off + php_admin_flag safe_mode off + php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" + php_admin_value open_basedir %docroot%:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + + + AllowOverride All + + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/18.10/templates/web/apache2/hosting.tpl b/install/ubuntu/18.10/templates/web/apache2/hosting.tpl new file mode 100644 index 00000000..1eb26910 --- /dev/null +++ b/install/ubuntu/18.10/templates/web/apache2/hosting.tpl @@ -0,0 +1,43 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value upload_max_filesize 10M + php_admin_value max_execution_time 20 + php_admin_value post_max_size 8M + php_admin_value memory_limit 32M + php_admin_flag mysql.allow_persistent off + php_admin_flag safe_mode off + php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%" + php_admin_value open_basedir %docroot%:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + + + AllowOverride All + + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/18.10/templates/web/apache2/phpcgi.sh b/install/ubuntu/18.10/templates/web/apache2/phpcgi.sh new file mode 100755 index 00000000..6565e103 --- /dev/null +++ b/install/ubuntu/18.10/templates/web/apache2/phpcgi.sh @@ -0,0 +1,16 @@ +#!/bin/bash +# Adding php wrapper +user="$1" +domain="$2" +ip="$3" +home_dir="$4" +docroot="$5" + +wrapper_script='#!/usr/bin/php-cgi -cphp5-cgi.ini' +wrapper_file="$home_dir/$user/web/$domain/cgi-bin/php" + +echo "$wrapper_script" > $wrapper_file +chown $user:$user $wrapper_file +chmod -f 751 $wrapper_file + +exit 0 diff --git a/install/ubuntu/18.10/templates/web/apache2/phpcgi.stpl b/install/ubuntu/18.10/templates/web/apache2/phpcgi.stpl new file mode 100644 index 00000000..731355bc --- /dev/null +++ b/install/ubuntu/18.10/templates/web/apache2/phpcgi.stpl @@ -0,0 +1,38 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + SSLRequireSSL + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + Action phpcgi-script /cgi-bin/php + + SetHandler phpcgi-script + + + + AllowOverride All + + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/18.10/templates/web/apache2/phpcgi.tpl b/install/ubuntu/18.10/templates/web/apache2/phpcgi.tpl new file mode 100644 index 00000000..c6796d29 --- /dev/null +++ b/install/ubuntu/18.10/templates/web/apache2/phpcgi.tpl @@ -0,0 +1,31 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + Action phpcgi-script /cgi-bin/php + + SetHandler phpcgi-script + + + + AllowOverride All + + IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/18.10/templates/web/apache2/phpfcgid.sh b/install/ubuntu/18.10/templates/web/apache2/phpfcgid.sh new file mode 100755 index 00000000..e8058249 --- /dev/null +++ b/install/ubuntu/18.10/templates/web/apache2/phpfcgid.sh @@ -0,0 +1,22 @@ +#!/bin/bash +# Adding php wrapper +user="$1" +domain="$2" +ip="$3" +home_dir="$4" +docroot="$5" + +wrapper_script="#!/bin/sh +PHPRC=/usr/local/lib +export PHPRC +export PHP_FCGI_MAX_REQUESTS=1000 +export PHP_FCGI_CHILDREN=20 +exec /usr/bin/php-cgi +" +wrapper_file="$home_dir/$user/web/$domain/cgi-bin/fcgi-starter" + +echo "$wrapper_script" > $wrapper_file +chown $user:$user $wrapper_file +chmod -f 751 $wrapper_file + +exit 0 diff --git a/install/ubuntu/18.10/templates/web/apache2/phpfcgid.stpl b/install/ubuntu/18.10/templates/web/apache2/phpfcgid.stpl new file mode 100644 index 00000000..156c8a91 --- /dev/null +++ b/install/ubuntu/18.10/templates/web/apache2/phpfcgid.stpl @@ -0,0 +1,39 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + SSLRequireSSL + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + + SetHandler fcgid-script + + FCGIWrapper %home%/%user%/web/%domain%/cgi-bin/fcgi-starter .php + + + AllowOverride All + + php_admin_value open_basedir none + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/18.10/templates/web/apache2/phpfcgid.tpl b/install/ubuntu/18.10/templates/web/apache2/phpfcgid.tpl new file mode 100644 index 00000000..a4c01269 --- /dev/null +++ b/install/ubuntu/18.10/templates/web/apache2/phpfcgid.tpl @@ -0,0 +1,31 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %docroot%:%home%/%user%/tmp + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value session.save_path %home%/%user%/tmp + + SetHandler fcgid-script + + FCGIWrapper %home%/%user%/web/%domain%/cgi-bin/fcgi-starter .php + + + AllowOverride All + + IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/18.10/templates/web/awstats/awstats.tpl b/install/ubuntu/18.10/templates/web/awstats/awstats.tpl new file mode 100755 index 00000000..9a92e0fd --- /dev/null +++ b/install/ubuntu/18.10/templates/web/awstats/awstats.tpl @@ -0,0 +1,133 @@ +LogFile="/var/log/%web_system%/domains/%domain%.log" +LogType=W +LogFormat=1 +LogSeparator=" " +SiteDomain="%domain_idn%" +HostAliases="%alias_idn%" +DirData="%home%/%user%/web/%domain%/stats" +DirCgi="/vstats" +DirIcons="/vstats/icon" +AllowToUpdateStatsFromBrowser=0 +AllowFullYearView=2 +EnableLockForUpdate=1 +DNSStaticCacheFile="dnscache.txt" +DNSLastUpdateCacheFile="dnscachelastupdate.txt" +SkipDNSLookupFor="" +AllowAccessFromWebToAuthenticatedUsersOnly=0 +AllowAccessFromWebToFollowingAuthenticatedUsers="" +AllowAccessFromWebToFollowingIPAddresses="" +CreateDirDataIfNotExists=0 +BuildHistoryFormat=text +BuildReportFormat=html +SaveDatabaseFilesWithPermissionsForEveryone=0 +PurgeLogFile=0 +ArchiveLogRecords=0 +KeepBackupOfHistoricFiles=1 +DefaultFile="index.php index.html" +SkipHosts="127.0.0.1 +SkipUserAgents="" +SkipFiles="" +SkipReferrersBlackList="" +OnlyHosts="" +OnlyUserAgents="" +OnlyUsers="" +OnlyFiles="" +NotPageList="css js class gif jpg jpeg png bmp ico rss xml swf" +ValidHTTPCodes="200 304" +ValidSMTPCodes="1 250" +AuthenticatedUsersNotCaseSensitive=0 +URLNotCaseSensitive=0 +URLWithAnchor=0 +URLQuerySeparators="?;" +URLWithQuery=0 +URLWithQueryWithOnlyFollowingParameters="" +URLWithQueryWithoutFollowingParameters="" +URLReferrerWithQuery=0 +WarningMessages=1 +ErrorMessages="" +DebugMessages=0 +NbOfLinesForCorruptedLog=50 +WrapperScript="" +DecodeUA=0 +MiscTrackerUrl="/js/awstats_misc_tracker.js" +UseFramesWhenCGI=1 +DetailedReportsOnNewWindows=1 +Expires=3600 +MaxRowsInHTMLOutput=1000 +Lang="auto" +DirLang="./lang" +ShowMenu=1 +ShowSummary=UVPHB +ShowMonthStats=UVPHB +ShowDaysOfMonthStats=VPHB +ShowDaysOfWeekStats=PHB +ShowHoursStats=PHB +ShowDomainsStats=PHB +ShowHostsStats=PHBL +ShowAuthenticatedUsers=0 +ShowRobotsStats=HBL +ShowWormsStats=0 +ShowEMailSenders=0 +ShowEMailReceivers=0 +ShowSessionsStats=1 +ShowPagesStats=PBEX +ShowFileTypesStats=HB +ShowFileSizesStats=0 +ShowDownloadsStats=HB +ShowOSStats=1 +ShowBrowsersStats=1 +ShowScreenSizeStats=0 +ShowOriginStats=PH +ShowKeyphrasesStats=1 +ShowKeywordsStats=1 +ShowMiscStats=a +ShowHTTPErrorsStats=1 +ShowSMTPErrorsStats=0 +ShowClusterStats=0 +AddDataArrayMonthStats=1 +AddDataArrayShowDaysOfMonthStats=1 +AddDataArrayShowDaysOfWeekStats=1 +AddDataArrayShowHoursStats=1 +IncludeInternalLinksInOriginSection=0 +MaxNbOfDomain = 10 +MinHitDomain = 1 +MaxNbOfHostsShown = 10 +MinHitHost = 1 +MaxNbOfLoginShown = 10 +MinHitLogin = 1 +MaxNbOfRobotShown = 10 +MinHitRobot = 1 +MaxNbOfDownloadsShown = 10 +MinHitDownloads = 1 +MaxNbOfPageShown = 10 +MinHitFile = 1 +MaxNbOfOsShown = 10 +MinHitOs = 1 +MaxNbOfBrowsersShown = 10 +MinHitBrowser = 1 +MaxNbOfScreenSizesShown = 5 +MinHitScreenSize = 1 +MaxNbOfWindowSizesShown = 5 +MinHitWindowSize = 1 +MaxNbOfRefererShown = 10 +MinHitRefer = 1 +MaxNbOfKeyphrasesShown = 10 +MinHitKeyphrase = 1 +MaxNbOfKeywordsShown = 10 +MinHitKeyword = 1 +MaxNbOfEMailsShown = 20 +MinHitEMail = 1 +FirstDayOfWeek=0 +ShowFlagLinks="" +ShowLinksOnUrl=1 +UseHTTPSLinkForUrl="" +MaxLengthOfShownURL=64 +HTMLHeadSection="" +HTMLEndSection="" +MetaRobot=0 +Logo="awstats_logo6.png" +LogoLink="http://awstats.sourceforge.net" +BarWidth = 260 +BarHeight = 90 +StyleSheet="" +ExtraTrackedRowsLimit=500 diff --git a/install/ubuntu/18.10/templates/web/awstats/index.tpl b/install/ubuntu/18.10/templates/web/awstats/index.tpl new file mode 100755 index 00000000..9df9bb5c --- /dev/null +++ b/install/ubuntu/18.10/templates/web/awstats/index.tpl @@ -0,0 +1,10 @@ + + + + Awstats log analyzer + + + + + + diff --git a/install/ubuntu/18.10/templates/web/awstats/nav.tpl b/install/ubuntu/18.10/templates/web/awstats/nav.tpl new file mode 100755 index 00000000..f29bed68 --- /dev/null +++ b/install/ubuntu/18.10/templates/web/awstats/nav.tpl @@ -0,0 +1,23 @@ + + + Awstats navigation + + + + + + + + +
    vesta
    + +
    +
    + + diff --git a/install/ubuntu/18.10/templates/web/nginx/caching.sh b/install/ubuntu/18.10/templates/web/nginx/caching.sh new file mode 100755 index 00000000..09d8efe7 --- /dev/null +++ b/install/ubuntu/18.10/templates/web/nginx/caching.sh @@ -0,0 +1,19 @@ +#!/bin/bash + +user=$1 +domain=$2 +ip=$3 +home=$4 +docroot=$5 + +str="proxy_cache_path /var/cache/nginx/$domain levels=2" +str="$str keys_zone=$domain:10m inactive=60m max_size=512m;" +conf='/etc/nginx/conf.d/01_caching_pool.conf' +if [ -e "$conf" ]; then + if [ -z "$(grep "=${domain}:" $conf)" ]; then + echo "$str" >> $conf + fi +else + echo "$str" >> $conf +fi + diff --git a/install/ubuntu/18.10/templates/web/nginx/caching.stpl b/install/ubuntu/18.10/templates/web/nginx/caching.stpl new file mode 100755 index 00000000..e149b98b --- /dev/null +++ b/install/ubuntu/18.10/templates/web/nginx/caching.stpl @@ -0,0 +1,43 @@ +server { + listen %ip%:%proxy_ssl_port% ssl; + server_name %domain_idn% %alias_idn%; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass https://%ip%:%web_ssl_port%; + + proxy_cache cache; + proxy_cache_valid 15m; + proxy_cache_valid 404 1m; + proxy_no_cache $no_cache; + proxy_cache_bypass $no_cache; + proxy_cache_bypass $cookie_session $http_x_update; + + location ~* ^.+\.(%proxy_extentions%)$ { + proxy_cache off; + root %sdocroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass https://%ip%:%web_ssl_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.10/templates/web/nginx/caching.tpl b/install/ubuntu/18.10/templates/web/nginx/caching.tpl new file mode 100755 index 00000000..36761b65 --- /dev/null +++ b/install/ubuntu/18.10/templates/web/nginx/caching.tpl @@ -0,0 +1,41 @@ +server { + listen %ip%:%proxy_port%; + server_name %domain_idn% %alias_idn%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass http://%ip%:%web_port%; + + proxy_cache cache; + proxy_cache_valid 15m; + proxy_cache_valid 404 1m; + proxy_no_cache $no_cache; + proxy_cache_bypass $no_cache; + proxy_cache_bypass $cookie_session $http_x_update; + + location ~* ^.+\.(%proxy_extentions%)$ { + proxy_cache off; + root %docroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass http://%ip%:%web_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.10/templates/web/nginx/default.stpl b/install/ubuntu/18.10/templates/web/nginx/default.stpl new file mode 100755 index 00000000..0e669b3d --- /dev/null +++ b/install/ubuntu/18.10/templates/web/nginx/default.stpl @@ -0,0 +1,35 @@ +server { + listen %ip%:%proxy_ssl_port% ssl; + server_name %domain_idn% %alias_idn%; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass https://%ip%:%web_ssl_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %sdocroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass https://%ip%:%web_ssl_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} + diff --git a/install/ubuntu/18.10/templates/web/nginx/default.tpl b/install/ubuntu/18.10/templates/web/nginx/default.tpl new file mode 100755 index 00000000..4d5c774b --- /dev/null +++ b/install/ubuntu/18.10/templates/web/nginx/default.tpl @@ -0,0 +1,33 @@ +server { + listen %ip%:%proxy_port%; + server_name %domain_idn% %alias_idn%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass http://%ip%:%web_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %docroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass http://%ip%:%web_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} + diff --git a/install/ubuntu/18.10/templates/web/nginx/hosting.sh b/install/ubuntu/18.10/templates/web/nginx/hosting.sh new file mode 100755 index 00000000..eeed37ef --- /dev/null +++ b/install/ubuntu/18.10/templates/web/nginx/hosting.sh @@ -0,0 +1,11 @@ +#!/bin/bash +# Changing public_html permission +user="$1" +domain="$2" +ip="$3" +home_dir="$4" +docroot="$5" + +chmod 755 $docroot + +exit 0 diff --git a/install/ubuntu/18.10/templates/web/nginx/hosting.stpl b/install/ubuntu/18.10/templates/web/nginx/hosting.stpl new file mode 100755 index 00000000..1ef8994b --- /dev/null +++ b/install/ubuntu/18.10/templates/web/nginx/hosting.stpl @@ -0,0 +1,37 @@ +server { + listen %ip%:%proxy_ssl_port% ssl; + server_name %domain_idn% %alias_idn%; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass https://%ip%:%web_ssl_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %sdocroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass https://%ip%:%web_ssl_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + disable_symlinks if_not_owner from=%docroot%; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} + diff --git a/install/ubuntu/18.10/templates/web/nginx/hosting.tpl b/install/ubuntu/18.10/templates/web/nginx/hosting.tpl new file mode 100755 index 00000000..15961c95 --- /dev/null +++ b/install/ubuntu/18.10/templates/web/nginx/hosting.tpl @@ -0,0 +1,35 @@ +server { + listen %ip%:%proxy_port%; + server_name %domain_idn% %alias_idn%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass http://%ip%:%web_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %docroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass http://%ip%:%web_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + disable_symlinks if_not_owner from=%docroot%; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} + diff --git a/install/ubuntu/18.10/templates/web/nginx/http2.stpl b/install/ubuntu/18.10/templates/web/nginx/http2.stpl new file mode 100644 index 00000000..f225becd --- /dev/null +++ b/install/ubuntu/18.10/templates/web/nginx/http2.stpl @@ -0,0 +1,35 @@ +server { + listen %ip%:%proxy_ssl_port% ssl http2; + server_name %domain_idn% %alias_idn%; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass https://%ip%:%web_ssl_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %sdocroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass https://%ip%:%web_ssl_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} + diff --git a/install/ubuntu/18.10/templates/web/nginx/http2.tpl b/install/ubuntu/18.10/templates/web/nginx/http2.tpl new file mode 100644 index 00000000..4d5c774b --- /dev/null +++ b/install/ubuntu/18.10/templates/web/nginx/http2.tpl @@ -0,0 +1,33 @@ +server { + listen %ip%:%proxy_port%; + server_name %domain_idn% %alias_idn%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass http://%ip%:%web_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %docroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass http://%ip%:%web_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} + diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/cms_made_simple.stpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/cms_made_simple.stpl new file mode 100644 index 00000000..003e9180 --- /dev/null +++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/cms_made_simple.stpl @@ -0,0 +1,55 @@ +server { + listen %ip%:%web_ssl_port% ssl; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php?page=$request_uri; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/cms_made_simple.tpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/cms_made_simple.tpl new file mode 100644 index 00000000..f9e90393 --- /dev/null +++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/cms_made_simple.tpl @@ -0,0 +1,52 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php?page=$request_uri; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/codeigniter2.stpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/codeigniter2.stpl new file mode 100644 index 00000000..51f1f408 --- /dev/null +++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/codeigniter2.stpl @@ -0,0 +1,60 @@ +server { + listen %ip%:%web_ssl_port% ssl; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location = /index.php { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME /var/www/html/ci$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location ~ \.php$ { + return 444; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/codeigniter2.tpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/codeigniter2.tpl new file mode 100644 index 00000000..d2422be2 --- /dev/null +++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/codeigniter2.tpl @@ -0,0 +1,57 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location = /index.php { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME /var/www/html/ci$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location ~ \.php$ { + return 444; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/codeigniter3.stpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/codeigniter3.stpl new file mode 100644 index 00000000..e8dd8bf6 --- /dev/null +++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/codeigniter3.stpl @@ -0,0 +1,55 @@ +server { + listen %ip%:%web_ssl_port% ssl; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/codeigniter3.tpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/codeigniter3.tpl new file mode 100644 index 00000000..54f81b99 --- /dev/null +++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/codeigniter3.tpl @@ -0,0 +1,52 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/datalife_engine.stpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/datalife_engine.stpl new file mode 100644 index 00000000..96495ee8 --- /dev/null +++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/datalife_engine.stpl @@ -0,0 +1,126 @@ +server { + listen %ip%:%web_ssl_port% ssl; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + rewrite "^/page/([0-9]+)(/?)$" /index.php?cstart=$1 last; + + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&cstart=$5&news_name=$6&seourl=$6 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/print:page,([0-9]+),(.*).html(/?)+$" /engine/print.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_name=$4&seourl=$4 last; + + rewrite "^/([^.]+)/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$4&news_page=$2&cstart=$3&seourl=$5&seocat=$1 last; + rewrite "^/([^.]+)/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$2&seourl=$4&seocat=$1 last; + rewrite "^/([^.]+)/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$2&newsid=$3&seourl=$4&seocat=$1 last; + rewrite "^/([^.]+)/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&seourl=$3&seocat=$1 last; + + rewrite "^/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$1&cstart=$2&seourl=$4 last; + rewrite "^/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&news_page=$1&seourl=$3 last; + rewrite "^/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$1&newsid=$2&seourl=$3 last; + rewrite "^/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$1&seourl=$2 last; + + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2&day=$3 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&day=$3&cstart=$4 last; + + rewrite "^/([0-9]{4})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2 last; + rewrite "^/([0-9]{4})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&cstart=$3 last; + + rewrite "^/([0-9]{4})(/?)+$" /index.php?year=$1 last; + rewrite "^/([0-9]{4})/page/([0-9]+)(/?)+$" /index.php?year=$1&cstart=$2 last; + + rewrite "^/tags/([^/]*)(/?)+$" /index.php?do=tags&tag=$1 last; + rewrite "^/tags/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=tags&tag=$1&cstart=$2 last; + + rewrite "^/xfsearch/([^/]*)(/?)+$" /index.php?do=xfsearch&xf=$1 last; + rewrite "^/xfsearch/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=xfsearch&xf=$1&cstart=$2 last; + + rewrite "^/user/([^/]*)/rss.xml$" /engine/rss.php?subaction=allnews&user=$1 last; + rewrite "^/user/([^/]*)(/?)+$" /index.php?subaction=userinfo&user=$1 last; + rewrite "^/user/([^/]*)/page/([0-9]+)(/?)+$" /index.php?subaction=userinfo&user=$1&cstart=$2 last; + rewrite "^/user/([^/]*)/news(/?)+$" /index.php?subaction=allnews&user=$1 last; + rewrite "^/user/([^/]*)/news/page/([0-9]+)(/?)+$" /index.php?subaction=allnews&user=$1&cstart=$2 last; + rewrite "^/user/([^/]*)/news/rss.xml(/?)+$" /engine/rss.php?subaction=allnews&user=$1 last; + + rewrite "^/lastnews(/?)+$" /index.php?do=lastnews last; + rewrite "^/lastnews/page/([0-9]+)(/?)+$" /index.php?do=lastnews&cstart=$1 last; + + rewrite "^/catalog/([^/]*)/rss.xml$" /engine/rss.php?catalog=$1 last; + rewrite "^/catalog/([^/]*)(/?)+$" /index.php?catalog=$1 last; + rewrite "^/catalog/([^/]*)/page/([0-9]+)(/?)+$" /index.php?catalog=$1&cstart=$2 last; + + rewrite "^/newposts(/?)+$" /index.php?subaction=newposts last; + rewrite "^/newposts/page/([0-9]+)(/?)+$" /index.php?subaction=newposts&cstart=$1 last; + + rewrite "^/favorites(/?)+$" /index.php?do=favorites last; + rewrite "^/favorites/page/([0-9]+)(/?)+$" /index.php?do=favorites&cstart=$1 last; + + rewrite "^/rules.html$" /index.php?do=rules last; + rewrite "^/statistics.html$" /index.php?do=stats last; + rewrite "^/addnews.html$" /index.php?do=addnews last; + rewrite "^/rss.xml$" /engine/rss.php last; + rewrite "^/sitemap.xml$" /uploads/sitemap.xml last; + + if (!-d $request_filename) { + rewrite "^/([^.]+)/page/([0-9]+)(/?)+$" /index.php?do=cat&category=$1&cstart=$2 last; + rewrite "^/([^.]+)/?$" /index.php?do=cat&category=$1 last; + } + + if (!-f $request_filename) { + rewrite "^/([^.]+)/rss.xml$" /engine/rss.php?do=cat&category=$1 last; + rewrite "^/page,([0-9]+),([^/]+).html$" /index.php?do=static&page=$2&news_page=$1 last; + rewrite "^/print:([^/]+).html$" /engine/print.php?do=static&page=$1 last; + } + + if (!-f $request_filename) { + rewrite "^/([^/]+).html$" /index.php?do=static&page=$1 last; + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/datalife_engine.tpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/datalife_engine.tpl new file mode 100644 index 00000000..3ea45347 --- /dev/null +++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/datalife_engine.tpl @@ -0,0 +1,123 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + rewrite "^/page/([0-9]+)(/?)$" /index.php?cstart=$1 last; + + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&cstart=$5&news_name=$6&seourl=$6 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/print:page,([0-9]+),(.*).html(/?)+$" /engine/print.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_name=$4&seourl=$4 last; + + rewrite "^/([^.]+)/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$4&news_page=$2&cstart=$3&seourl=$5&seocat=$1 last; + rewrite "^/([^.]+)/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$2&seourl=$4&seocat=$1 last; + rewrite "^/([^.]+)/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$2&newsid=$3&seourl=$4&seocat=$1 last; + rewrite "^/([^.]+)/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&seourl=$3&seocat=$1 last; + + rewrite "^/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$1&cstart=$2&seourl=$4 last; + rewrite "^/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&news_page=$1&seourl=$3 last; + rewrite "^/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$1&newsid=$2&seourl=$3 last; + rewrite "^/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$1&seourl=$2 last; + + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2&day=$3 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&day=$3&cstart=$4 last; + + rewrite "^/([0-9]{4})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2 last; + rewrite "^/([0-9]{4})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&cstart=$3 last; + + rewrite "^/([0-9]{4})(/?)+$" /index.php?year=$1 last; + rewrite "^/([0-9]{4})/page/([0-9]+)(/?)+$" /index.php?year=$1&cstart=$2 last; + + rewrite "^/tags/([^/]*)(/?)+$" /index.php?do=tags&tag=$1 last; + rewrite "^/tags/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=tags&tag=$1&cstart=$2 last; + + rewrite "^/xfsearch/([^/]*)(/?)+$" /index.php?do=xfsearch&xf=$1 last; + rewrite "^/xfsearch/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=xfsearch&xf=$1&cstart=$2 last; + + rewrite "^/user/([^/]*)/rss.xml$" /engine/rss.php?subaction=allnews&user=$1 last; + rewrite "^/user/([^/]*)(/?)+$" /index.php?subaction=userinfo&user=$1 last; + rewrite "^/user/([^/]*)/page/([0-9]+)(/?)+$" /index.php?subaction=userinfo&user=$1&cstart=$2 last; + rewrite "^/user/([^/]*)/news(/?)+$" /index.php?subaction=allnews&user=$1 last; + rewrite "^/user/([^/]*)/news/page/([0-9]+)(/?)+$" /index.php?subaction=allnews&user=$1&cstart=$2 last; + rewrite "^/user/([^/]*)/news/rss.xml(/?)+$" /engine/rss.php?subaction=allnews&user=$1 last; + + rewrite "^/lastnews(/?)+$" /index.php?do=lastnews last; + rewrite "^/lastnews/page/([0-9]+)(/?)+$" /index.php?do=lastnews&cstart=$1 last; + + rewrite "^/catalog/([^/]*)/rss.xml$" /engine/rss.php?catalog=$1 last; + rewrite "^/catalog/([^/]*)(/?)+$" /index.php?catalog=$1 last; + rewrite "^/catalog/([^/]*)/page/([0-9]+)(/?)+$" /index.php?catalog=$1&cstart=$2 last; + + rewrite "^/newposts(/?)+$" /index.php?subaction=newposts last; + rewrite "^/newposts/page/([0-9]+)(/?)+$" /index.php?subaction=newposts&cstart=$1 last; + + rewrite "^/favorites(/?)+$" /index.php?do=favorites last; + rewrite "^/favorites/page/([0-9]+)(/?)+$" /index.php?do=favorites&cstart=$1 last; + + rewrite "^/rules.html$" /index.php?do=rules last; + rewrite "^/statistics.html$" /index.php?do=stats last; + rewrite "^/addnews.html$" /index.php?do=addnews last; + rewrite "^/rss.xml$" /engine/rss.php last; + rewrite "^/sitemap.xml$" /uploads/sitemap.xml last; + + if (!-d $request_filename) { + rewrite "^/([^.]+)/page/([0-9]+)(/?)+$" /index.php?do=cat&category=$1&cstart=$2 last; + rewrite "^/([^.]+)/?$" /index.php?do=cat&category=$1 last; + } + + if (!-f $request_filename) { + rewrite "^/([^.]+)/rss.xml$" /engine/rss.php?do=cat&category=$1 last; + rewrite "^/page,([0-9]+),([^/]+).html$" /index.php?do=static&page=$2&news_page=$1 last; + rewrite "^/print:([^/]+).html$" /engine/print.php?do=static&page=$1 last; + } + + if (!-f $request_filename) { + rewrite "^/([^/]+).html$" /index.php?do=static&page=$1 last; + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/default.stpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/default.stpl new file mode 100644 index 00000000..38de83d2 --- /dev/null +++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/default.stpl @@ -0,0 +1,54 @@ +server { + listen %ip%:%web_ssl_port% ssl; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/default.tpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/default.tpl new file mode 100644 index 00000000..a8909efb --- /dev/null +++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/default.tpl @@ -0,0 +1,51 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/dokuwiki.stpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/dokuwiki.stpl new file mode 100644 index 00000000..c9387bfb --- /dev/null +++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/dokuwiki.stpl @@ -0,0 +1,71 @@ +server { + listen %ip%:%web_ssl_port% ssl; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + index doku.php; + try_files $uri $uri/ @dokuwiki; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location ~ ^/lib.*\.(gif|png|ico|jpg)$ { + expires 30d; + } + + location ^~ /conf/ { return 403; } + location ^~ /data/ { return 403; } + + location @dokuwiki { + rewrite ^/_media/(.*) /lib/exe/fetch.php?media=$1 last; + rewrite ^/_detail/(.*) /lib/exe/detail.php?media=$1 last; + rewrite ^/_export/([^/]+)/(.*) /doku.php?do=export_$1&id=$2 last; + rewrite ^/(.*) /doku.php?id=$1 last; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/dokuwiki.tpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/dokuwiki.tpl new file mode 100644 index 00000000..0a9a75ed --- /dev/null +++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/dokuwiki.tpl @@ -0,0 +1,67 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + index doku.php; + try_files $uri $uri/ @dokuwiki; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location ~ ^/lib.*\.(gif|png|ico|jpg)$ { + expires 30d; + } + + location ^~ /conf/ { return 403; } + location ^~ /data/ { return 403; } + location @dokuwiki { + rewrite ^/_media/(.*) /lib/exe/fetch.php?media=$1 last; + rewrite ^/_detail/(.*) /lib/exe/detail.php?media=$1 last; + rewrite ^/_export/([^/]+)/(.*) /doku.php?do=export_$1&id=$2 last; + rewrite ^/(.*) /doku.php?id=$1 last; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/drupal6.stpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/drupal6.stpl new file mode 100644 index 00000000..6b20ba9d --- /dev/null +++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/drupal6.stpl @@ -0,0 +1,84 @@ +server { + listen %ip%:%web_ssl_port% ssl; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + try_files $uri @rewrite; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ ^/sites/.*/files/imagecache/ { + try_files $uri @rewrite; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/drupal6.tpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/drupal6.tpl new file mode 100644 index 00000000..0ae7568b --- /dev/null +++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/drupal6.tpl @@ -0,0 +1,81 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + try_files $uri @rewrite; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ ^/sites/.*/files/imagecache/ { + try_files $uri @rewrite; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/drupal7.stpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/drupal7.stpl new file mode 100644 index 00000000..041ebba0 --- /dev/null +++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/drupal7.stpl @@ -0,0 +1,88 @@ +server { + listen %ip%:%web_ssl_port% ssl; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + try_files $uri /index.php?$query_string; + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } + + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/drupal7.tpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/drupal7.tpl new file mode 100644 index 00000000..6b41f319 --- /dev/null +++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/drupal7.tpl @@ -0,0 +1,85 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + try_files $uri /index.php?$query_string; + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } + + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/drupal8.stpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/drupal8.stpl new file mode 100644 index 00000000..231d9441 --- /dev/null +++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/drupal8.stpl @@ -0,0 +1,93 @@ +server { + listen %ip%:%web_ssl_port% ssl; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + location ~ /vendor/.*\.php$ { + deny all; + return 404; + } + + try_files $uri /index.php?$query_string; + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } + + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/drupal8.tpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/drupal8.tpl new file mode 100644 index 00000000..452aa9e6 --- /dev/null +++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/drupal8.tpl @@ -0,0 +1,90 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location / { + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + location ~ ^/sites/.*/private/ { + return 403; + } + + location ~ ^/sites/[^/]+/files/.*\.php$ { + deny all; + } + + location ~ /vendor/.*\.php$ { + deny all; + return 404; + } + + try_files $uri /index.php?$query_string; + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } + + location ~ ^(/[a-z\-]+)?/system/files/ { + try_files $uri /index.php?$query_string; + } + + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + try_files $uri @rewrite; + expires max; + log_not_found off; + } + + location ~ '\.php$|^/update.php' { + fastcgi_split_path_info ^(.+?\.php)(|/.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/joomla.stpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/joomla.stpl new file mode 100644 index 00000000..886b586e --- /dev/null +++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/joomla.stpl @@ -0,0 +1,62 @@ +server { + listen %ip%:%web_ssl_port% ssl; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + # deny running scripts inside writable directories + location ~* /(images|cache|media|logs|tmp)/.*\.(php|pl|py|jsp|asp|sh|cgi)$ { + return 403; + error_page 403 /403_error.html; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/joomla.tpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/joomla.tpl new file mode 100644 index 00000000..91b7a8f1 --- /dev/null +++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/joomla.tpl @@ -0,0 +1,59 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + # deny running scripts inside writable directories + location ~* /(images|cache|media|logs|tmp)/.*\.(php|pl|py|jsp|asp|sh|cgi)$ { + return 403; + error_page 403 /403_error.html; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/laravel.stpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/laravel.stpl new file mode 100644 index 00000000..8e6e8774 --- /dev/null +++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/laravel.stpl @@ -0,0 +1,55 @@ +server { + listen %ip%:%web_ssl_port% ssl; + server_name %domain_idn% %alias_idn%; + root %sdocroot%/public; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php?$query_string; + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/laravel.tpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/laravel.tpl new file mode 100644 index 00000000..d14b0173 --- /dev/null +++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/laravel.tpl @@ -0,0 +1,50 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%/public; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + location / { + try_files $uri $uri/ /index.php?$query_string; + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/magento.stpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/magento.stpl new file mode 100644 index 00000000..5d05ea72 --- /dev/null +++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/magento.stpl @@ -0,0 +1,197 @@ +server { + listen %ip%:%web_ssl_port% ssl; + server_name %domain_idn% %alias_idn%; + + root %sdocroot%/pub; + index index.php; + autoindex off; + charset UTF-8; + error_page 404 403 = /errors/404.php; + add_header "X-UA-Compatible" "IE=Edge"; + + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + # PHP entry point for setup application + location ~* ^/setup($|/) { + root %sdocroot%; + + location ~ ^/setup/index.php { + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + + location ~ ^/setup/(?!pub/). { + deny all; + } + + location ~ ^/setup/pub/ { + add_header X-Frame-Options "SAMEORIGIN"; + } + } + + # PHP entry point for update application + location ~* ^/update($|/) { + root %sdocroot%; + + location ~ ^/update/index.php { + fastcgi_split_path_info ^(/update/index.php)(/.+)$; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param PATH_INFO $fastcgi_path_info; + include /etc/nginx/fastcgi_params; + } + + # Deny everything but index.php + location ~ ^/update/(?!pub/). { + deny all; + } + + location ~ ^/update/pub/ { + add_header X-Frame-Options "SAMEORIGIN"; + } + } + + location / { + try_files $uri $uri/ /index.php?$args; + } + + location /pub/ { + location ~ ^/pub/media/(downloadable|customer|import|theme_customization/.*\.xml) { + deny all; + } + + alias %sdocroot%/pub/; + add_header X-Frame-Options "SAMEORIGIN"; + } + + location /static/ { + # Uncomment the following line in production mode + # expires max; + + # Remove signature of the static files that is used to overcome the browser cache + location ~ ^/static/version { + rewrite ^/static/(version\d*/)?(.*)$ /static/$2 last; + } + + location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ { + add_header Cache-Control "public"; + add_header X-Frame-Options "SAMEORIGIN"; + expires +1y; + + if (!-f $request_filename) { + rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last; + } + } + + location ~* \.(zip|gz|gzip|bz2|csv|xml)$ { + add_header Cache-Control "no-store"; + add_header X-Frame-Options "SAMEORIGIN"; + expires off; + + if (!-f $request_filename) { + rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last; + } + } + + if (!-f $request_filename) { + rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last; + } + + add_header X-Frame-Options "SAMEORIGIN"; + } + + location /media/ { + try_files $uri $uri/ /get.php?$args; + + location ~ ^/media/theme_customization/.*\.xml { + deny all; + } + + location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ { + add_header Cache-Control "public"; + add_header X-Frame-Options "SAMEORIGIN"; + expires +1y; + try_files $uri $uri/ /get.php?$args; + } + + location ~* \.(zip|gz|gzip|bz2|csv|xml)$ { + add_header Cache-Control "no-store"; + add_header X-Frame-Options "SAMEORIGIN"; + expires off; + try_files $uri $uri/ /get.php?$args; + } + + add_header X-Frame-Options "SAMEORIGIN"; + } + + location /media/customer/ { + deny all; + } + + location /media/downloadable/ { + deny all; + } + + location /media/import/ { + deny all; + } + + # PHP entry point for main application + location ~ (index|get|static|report|404|503)\.php$ { + try_files $uri =404; + + fastcgi_pass %backend_lsnr%; + fastcgi_buffers 1024 4k; + fastcgi_read_timeout 600s; + fastcgi_connect_timeout 600s; + + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + + gzip on; + gzip_disable "msie6"; + + gzip_comp_level 6; + gzip_min_length 1100; + gzip_buffers 16 8k; + gzip_proxied any; + gzip_types + text/plain + text/css + text/js + text/xml + text/javascript + application/javascript + application/x-javascript + application/json + application/xml + application/xml+rss + image/svg+xml; + gzip_vary on; + + # Banned locations (only reached if the earlier PHP entry point regexes don't match) + location ~* (\.php$|\.htaccess$|\.git) { + deny all; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/magento.tpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/magento.tpl new file mode 100644 index 00000000..3f292fff --- /dev/null +++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/magento.tpl @@ -0,0 +1,194 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + + root %docroot%/pub; + index index.php; + autoindex off; + charset UTF-8; + error_page 404 403 = /errors/404.php; + add_header "X-UA-Compatible" "IE=Edge"; + + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + # PHP entry point for setup application + location ~* ^/setup($|/) { + root %docroot%; + + location ~ ^/setup/index.php { + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + + location ~ ^/setup/(?!pub/). { + deny all; + } + + location ~ ^/setup/pub/ { + add_header X-Frame-Options "SAMEORIGIN"; + } + } + + # PHP entry point for update application + location ~* ^/update($|/) { + root %docroot%; + + location ~ ^/update/index.php { + fastcgi_split_path_info ^(/update/index.php)(/.+)$; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param PATH_INFO $fastcgi_path_info; + include /etc/nginx/fastcgi_params; + } + + # Deny everything but index.php + location ~ ^/update/(?!pub/). { + deny all; + } + + location ~ ^/update/pub/ { + add_header X-Frame-Options "SAMEORIGIN"; + } + } + + location / { + try_files $uri $uri/ /index.php?$args; + } + + location /pub/ { + location ~ ^/pub/media/(downloadable|customer|import|theme_customization/.*\.xml) { + deny all; + } + + alias %docroot%/pub/; + add_header X-Frame-Options "SAMEORIGIN"; + } + + location /static/ { + # Uncomment the following line in production mode + # expires max; + + # Remove signature of the static files that is used to overcome the browser cache + location ~ ^/static/version { + rewrite ^/static/(version\d*/)?(.*)$ /static/$2 last; + } + + location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ { + add_header Cache-Control "public"; + add_header X-Frame-Options "SAMEORIGIN"; + expires +1y; + + if (!-f $request_filename) { + rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last; + } + } + + location ~* \.(zip|gz|gzip|bz2|csv|xml)$ { + add_header Cache-Control "no-store"; + add_header X-Frame-Options "SAMEORIGIN"; + expires off; + + if (!-f $request_filename) { + rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last; + } + } + + if (!-f $request_filename) { + rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last; + } + + add_header X-Frame-Options "SAMEORIGIN"; + } + + location /media/ { + try_files $uri $uri/ /get.php?$args; + + location ~ ^/media/theme_customization/.*\.xml { + deny all; + } + + location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ { + add_header Cache-Control "public"; + add_header X-Frame-Options "SAMEORIGIN"; + expires +1y; + try_files $uri $uri/ /get.php?$args; + } + + location ~* \.(zip|gz|gzip|bz2|csv|xml)$ { + add_header Cache-Control "no-store"; + add_header X-Frame-Options "SAMEORIGIN"; + expires off; + try_files $uri $uri/ /get.php?$args; + } + + add_header X-Frame-Options "SAMEORIGIN"; + } + + location /media/customer/ { + deny all; + } + + location /media/downloadable/ { + deny all; + } + + location /media/import/ { + deny all; + } + + # PHP entry point for main application + location ~ (index|get|static|report|404|503)\.php$ { + try_files $uri =404; + + fastcgi_pass %backend_lsnr%; + fastcgi_buffers 1024 4k; + fastcgi_read_timeout 600s; + fastcgi_connect_timeout 600s; + + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + + gzip on; + gzip_disable "msie6"; + + gzip_comp_level 6; + gzip_min_length 1100; + gzip_buffers 16 8k; + gzip_proxied any; + gzip_types + text/plain + text/css + text/js + text/xml + text/javascript + application/javascript + application/x-javascript + application/json + application/xml + application/xml+rss + image/svg+xml; + gzip_vary on; + + # Banned locations (only reached if the earlier PHP entry point regexes don't match) + location ~* (\.php$|\.htaccess$|\.git) { + deny all; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/modx.stpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/modx.stpl new file mode 100644 index 00000000..23ce8eb8 --- /dev/null +++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/modx.stpl @@ -0,0 +1,68 @@ +server { + listen %ip%:%web_ssl_port% ssl; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; +# if you need to rewrite www to non-www uncomment bellow +# if ($host != '%domain%' ) { +# rewrite ^/(.*)$ https://%domain%/$1 permanent; +# } + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ @rewrite; + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + } + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location ~ \.php$ { + try_files $uri =404; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $request_filename; + include /etc/nginx/fastcgi_params; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/modx.tpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/modx.tpl new file mode 100644 index 00000000..342d3ecf --- /dev/null +++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/modx.tpl @@ -0,0 +1,65 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; +# if you need to rewrite www to non-www uncomment bellow +# if ($host != '%domain%' ) { +# rewrite ^/(.*)$ http://%domain%/$1 permanent; +# } + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ @rewrite; + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + } + location @rewrite { + rewrite ^/(.*)$ /index.php?q=$1; + } + + location ~ \.php$ { + try_files $uri =404; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $request_filename; + include /etc/nginx/fastcgi_params; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/moodle.stpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/moodle.stpl new file mode 100644 index 00000000..10629c65 --- /dev/null +++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/moodle.stpl @@ -0,0 +1,89 @@ +server { + listen %ip%:%web_ssl_port% ssl; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + rewrite ^/(.*\.php)(/)(.*)$ /$1?file=/$3 last; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~* \.(txt|log)$ { + allow 192.168.0.0/16; + deny all; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + # No no for private + location ~ ^/sites/.*/private/ { + return 403; + } + + # Block access to "hidden" files and directories whose names begin with a + # period. This includes directories used by version control systems such + # as Subversion or Git to store control files. + location ~ (^|/)\. { + return 403; + } + + location / { + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $request_filename; + fastcgi_intercept_errors on; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/moodle.tpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/moodle.tpl new file mode 100644 index 00000000..c20ba648 --- /dev/null +++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/moodle.tpl @@ -0,0 +1,87 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + rewrite ^/(.*\.php)(/)(.*)$ /$1?file=/$3 last; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + # Very rarely should these ever be accessed outside of your lan + location ~* \.(txt|log)$ { + allow 192.168.0.0/16; + deny all; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + # No no for private + location ~ ^/sites/.*/private/ { + return 403; + } + + # Block access to "hidden" files and directories whose names begin with a + # period. This includes directories used by version control systems such + # as Subversion or Git to store control files. + location ~ (^|/)\. { + return 403; + } + + location / { + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $request_filename; + fastcgi_intercept_errors on; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/no-php.stpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/no-php.stpl new file mode 100644 index 00000000..7b3aff96 --- /dev/null +++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/no-php.stpl @@ -0,0 +1,46 @@ +server { + listen %ip%:%web_ssl_port% ssl; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + types { + text/html html htm shtml php php5; + } + + location / { + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/no-php.tpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/no-php.tpl new file mode 100644 index 00000000..7ff8aa1d --- /dev/null +++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/no-php.tpl @@ -0,0 +1,43 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + types { + text/html html htm shtml php php5; + } + + location / { + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/odoo.stpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/odoo.stpl new file mode 100644 index 00000000..223eb97a --- /dev/null +++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/odoo.stpl @@ -0,0 +1,69 @@ +server { + listen %ip%:%web_ssl_port% ssl; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504; + proxy_redirect off; + + proxy_set_header X-Forwarded-Host $host; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_set_header X-Real-IP $remote_addr; + + proxy_connect_timeout 720; + proxy_send_timeout 720; + proxy_read_timeout 720; + send_timeout 720; + + # Allow "Well-Known URIs" as per RFC 5785 + location ~* ^/.well-known/ { + allow all; + } + + location / { + proxy_pass http://127.0.0.1:8069; + } + + location /longpolling { + proxy_pass http://127.0.0.1:8072; + } + + location ~* /web/static/ { + proxy_cache_valid 200 60m; + proxy_buffering on; + expires 864000; + proxy_pass http://127.0.0.1:8069; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/odoo.tpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/odoo.tpl new file mode 100644 index 00000000..b1240aae --- /dev/null +++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/odoo.tpl @@ -0,0 +1,66 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504; + proxy_redirect off; + + proxy_set_header X-Forwarded-Host $host; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_set_header X-Real-IP $remote_addr; + + proxy_connect_timeout 720; + proxy_send_timeout 720; + proxy_read_timeout 720; + send_timeout 720; + + # Allow "Well-Known URIs" as per RFC 5785 + location ~* ^/.well-known/ { + allow all; + } + + location / { + proxy_pass http://127.0.0.1:8069; + } + + location /longpolling { + proxy_pass http://127.0.0.1:8072; + } + + location ~* /web/static/ { + proxy_cache_valid 200 60m; + proxy_buffering on; + expires 864000; + proxy_pass http://127.0.0.1:8069; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/opencart.stpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/opencart.stpl new file mode 100644 index 00000000..5b6e55e8 --- /dev/null +++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/opencart.stpl @@ -0,0 +1,58 @@ +server { + listen %ip%:%web_ssl_port% ssl; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ @opencart; + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + location @opencart { + rewrite ^/(.+)$ /index.php?_route_=$1 last; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/opencart.tpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/opencart.tpl new file mode 100644 index 00000000..d0a9060b --- /dev/null +++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/opencart.tpl @@ -0,0 +1,54 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + location / { + try_files $uri $uri/ @opencart; + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + location @opencart { + rewrite ^/(.+)$ /index.php?_route_=$1 last; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/owncloud.stpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/owncloud.stpl new file mode 100644 index 00000000..b43fdc75 --- /dev/null +++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/owncloud.stpl @@ -0,0 +1,84 @@ +server { + listen %ip%:%web_ssl_port% ssl; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect; + rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect; + rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect; + + error_page 403 = /core/templates/403.php; + error_page 404 = /core/templates/404.php; + + location ~ ^/(?:\.htaccess|data|config|db_structure\.xml|README){ + deny all; + } + + location / { + # The following 2 rules are only needed with webfinger + rewrite ^/.well-known/host-meta /public.php?service=host-meta last; + rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last; + rewrite ^/.well-known/carddav /remote.php/carddav/ redirect; + rewrite ^/.well-known/caldav /remote.php/caldav/ redirect; + rewrite ^(/core/doc/[^\/]+/)$ $1/index.html; + try_files $uri $uri/ /index.php; + + location ~ \.php(?:$|/) { + fastcgi_split_path_info ^(.+\.php)(/.+)$; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param PATH_INFO $fastcgi_path_info; + #fastcgi_param HTTPS on; + fastcgi_pass %backend_lsnr%; + } + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + # Some basic cache-control for static files to be sent to the browser + add_header Pragma public; + add_header Cache-Control "public, must-revalidate, proxy-revalidate"; + } + + #error_page 403 /error/404.html; + #error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/owncloud.tpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/owncloud.tpl new file mode 100644 index 00000000..e3ec31de --- /dev/null +++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/owncloud.tpl @@ -0,0 +1,81 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect; + rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect; + rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect; + + error_page 403 = /core/templates/403.php; + error_page 404 = /core/templates/404.php; + + location ~ ^/(?:\.htaccess|data|config|db_structure\.xml|README){ + deny all; + } + + location / { + # The following 2 rules are only needed with webfinger + rewrite ^/.well-known/host-meta /public.php?service=host-meta last; + rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last; + rewrite ^/.well-known/carddav /remote.php/carddav/ redirect; + rewrite ^/.well-known/caldav /remote.php/caldav/ redirect; + rewrite ^(/core/doc/[^\/]+/)$ $1/index.html; + try_files $uri $uri/ /index.php; + + location ~ \.php(?:$|/) { + fastcgi_split_path_info ^(.+\.php)(/.+)$; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param PATH_INFO $fastcgi_path_info; + #fastcgi_param HTTPS on; + fastcgi_pass %backend_lsnr%; + } + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + # Some basic cache-control for static files to be sent to the browser + add_header Pragma public; + add_header Cache-Control "public, must-revalidate, proxy-revalidate"; + } + + #error_page 403 /error/404.html; + #error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/piwik.stpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/piwik.stpl new file mode 100644 index 00000000..0a4a412f --- /dev/null +++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/piwik.stpl @@ -0,0 +1,72 @@ +server { + listen %ip%:%web_ssl_port% ssl; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + try_files /favicon.ico =204; + } + + location / { + try_files $uri /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + valid_referers none blocked %domain_idn% %alias_idn%; + if ($invalid_referer) { + return 444; + } + expires max; + } + + location ~* ^/(?:index|piwik)\.php$ { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + # Any other attempt to access PHP files returns a 404. + location ~* ^.+\.php$ { + return 404; + } + + # Return a 404 for all text files. + location ~* ^/(?:README|LICENSE[^.]*|LEGALNOTICE)(?:\.txt)*$ { + return 404; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/piwik.tpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/piwik.tpl new file mode 100644 index 00000000..f94fb7de --- /dev/null +++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/piwik.tpl @@ -0,0 +1,69 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + try_files /favicon.ico =204; + } + + location / { + try_files $uri /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + valid_referers none blocked %domain_idn% %alias_idn%; + if ($invalid_referer) { + return 444; + } + expires max; + } + + location ~* ^/(?:index|piwik)\.php$ { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + # Any other attempt to access PHP files returns a 404. + location ~* ^.+\.php$ { + return 404; + } + + # Return a 404 for all text files. + location ~* ^/(?:README|LICENSE[^.]*|LEGALNOTICE)(?:\.txt)*$ { + return 404; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/pyrocms.stpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/pyrocms.stpl new file mode 100644 index 00000000..c9f91854 --- /dev/null +++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/pyrocms.stpl @@ -0,0 +1,65 @@ +server { + listen %ip%:%web_ssl_port% ssl; + server_name %domain_idn% %alias_idn%; + root %sdocroot%/public; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location /installer { + try_files $uri $uri/ /installer/index.php?$query_string; + } + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location = /robots.txt { access_log off; log_not_found off; } + location = /favicon.ico { access_log off; log_not_found off; } + location ~ /\. { access_log off; log_not_found off; deny all; } + location ~ ~$ { access_log off; log_not_found off; deny all; } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/pyrocms.tpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/pyrocms.tpl new file mode 100644 index 00000000..297fe0e8 --- /dev/null +++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/pyrocms.tpl @@ -0,0 +1,62 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%/public; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location /installer { + try_files $uri $uri/ /installer/index.php?$query_string; + } + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location = /robots.txt { access_log off; log_not_found off; } + location = /favicon.ico { access_log off; log_not_found off; } + location ~ /\. { access_log off; log_not_found off; deny all; } + location ~ ~$ { access_log off; log_not_found off; deny all; } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/sendy.stpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/sendy.stpl new file mode 100644 index 00000000..0b351000 --- /dev/null +++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/sendy.stpl @@ -0,0 +1,88 @@ +server { + listen %ip%:%web_ssl_port% ssl http2; + server_name %domain_idn% %alias_idn%; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~* "/\.(htaccess|htpasswd|git|svn|DS_Store)$" { + deny all; + } + + location ~ /(readme.html|license.txt) { + deny all; + } + + if (!-f $request_filename){ + rewrite ^/([a-zA-Z0-9-]+)$ /$1.php last; + } + + location / { + try_files $uri $uri/ /index.php?$args; + location ~* ^.+\.(ogg|ogv|svg|svgz|swf|eot|otf|woff|mov|mp3|mp4|webm|flv|ttf|rss|atom|jpg|jpeg|gif|png|ico|bmp|mid|midi|wav|rtf|css|js|jar|pdf)$ { + expires 1d; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + try_files $uri =404; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + + location /l/ { + rewrite ^/l/([a-zA-Z0-9/]+)$ /l.php?i=$1 last; + } + + location /t/ { + rewrite ^/t/([a-zA-Z0-9/]+)$ /t.php?i=$1 last; + } + + location /w/ { + rewrite ^/w/([a-zA-Z0-9/]+)$ /w.php?i=$1 last; + } + + location /unsubscribe/ { + rewrite ^/unsubscribe/(.*)$ /unsubscribe.php?i=$1 last; + } + + location /subscribe/ { + rewrite ^/subscribe/(.*)$ /subscribe.php?i=$1 last; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/web/%domain%/stats/auth.conf*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/sendy.tpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/sendy.tpl new file mode 100644 index 00000000..b27b427d --- /dev/null +++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/sendy.tpl @@ -0,0 +1,86 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~* "/\.(htaccess|htpasswd|git|svn|DS_Store)$" { + deny all; + } + + location ~ /(readme.html|license.txt) { + deny all; + } + + if (!-f $request_filename){ + rewrite ^/([a-zA-Z0-9-]+)$ /$1.php last; + } + + location / { + try_files $uri $uri/ /index.php?$args; + location ~* ^.+\.(ogg|ogv|svg|svgz|swf|eot|otf|woff|mov|mp3|mp4|webm|flv|ttf|rss|atom|jpg|jpeg|gif|png|ico|bmp|mid|midi|wav|rtf|css|js|jar|pdf)$ { + expires 1d; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + try_files $uri =404; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + + location /l/ { + rewrite ^/l/([a-zA-Z0-9/]+)$ /l.php?i=$1 last; + } + + location /t/ { + rewrite ^/t/([a-zA-Z0-9/]+)$ /t.php?i=$1 last; + } + + location /w/ { + rewrite ^/w/([a-zA-Z0-9/]+)$ /w.php?i=$1 last; + } + + location /unsubscribe/ { + rewrite ^/unsubscribe/(.*)$ /unsubscribe.php?i=$1 last; + } + + location /subscribe/ { + rewrite ^/subscribe/(.*)$ /subscribe.php?i=$1 last; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/web/%domain%/stats/auth.conf*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/wordpress.stpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/wordpress.stpl new file mode 100644 index 00000000..38de83d2 --- /dev/null +++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/wordpress.stpl @@ -0,0 +1,54 @@ +server { + listen %ip%:%web_ssl_port% ssl; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/wordpress.tpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/wordpress.tpl new file mode 100644 index 00000000..a8909efb --- /dev/null +++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/wordpress.tpl @@ -0,0 +1,51 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/wordpress2.stpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/wordpress2.stpl new file mode 100644 index 00000000..39cce361 --- /dev/null +++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/wordpress2.stpl @@ -0,0 +1,66 @@ +server { + listen %ip%:%web_ssl_port% ssl; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/wordpress2.tpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/wordpress2.tpl new file mode 100644 index 00000000..bccb8b3d --- /dev/null +++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/wordpress2.tpl @@ -0,0 +1,63 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/conf/web/%domain%.auth*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl new file mode 100644 index 00000000..264ca01a --- /dev/null +++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/wordpress2_rewrite.stpl @@ -0,0 +1,71 @@ +server { + listen %ip%:%web_ssl_port% ssl; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ /index.php?$args; + + if (!-e $request_filename) + { + rewrite ^(.+)$ /index.php?q=$1 last; + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/web/%domain%/stats/auth.conf*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain_idn%.conf*; +} diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/wordpress2_rewrite.tpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/wordpress2_rewrite.tpl new file mode 100644 index 00000000..39e366b7 --- /dev/null +++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/wordpress2_rewrite.tpl @@ -0,0 +1,67 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ /index.php?$args; + + if (!-e $request_filename) + { + rewrite ^(.+)$ /index.php?q=$1 last; + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/web/%domain%/stats/auth.conf*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain_idn%.conf*; +} diff --git a/install/ubuntu/18.10/templates/web/nginx/proxy_ip.tpl b/install/ubuntu/18.10/templates/web/nginx/proxy_ip.tpl new file mode 100755 index 00000000..ae195617 --- /dev/null +++ b/install/ubuntu/18.10/templates/web/nginx/proxy_ip.tpl @@ -0,0 +1,9 @@ +server { + listen %ip%:%proxy_port% default; + server_name _; + #access_log /var/log/nginx/%ip%.log main; + location / { + proxy_pass http://%ip%:%web_port%; + } +} + diff --git a/install/ubuntu/18.10/templates/web/php-fpm/default.tpl b/install/ubuntu/18.10/templates/web/php-fpm/default.tpl new file mode 100644 index 00000000..209e1e43 --- /dev/null +++ b/install/ubuntu/18.10/templates/web/php-fpm/default.tpl @@ -0,0 +1,21 @@ +[%backend%] +listen = 127.0.0.1:%backend_port% +listen.allowed_clients = 127.0.0.1 + +user = %user% +group = %user% + +pm = ondemand +pm.max_children = 4 +pm.max_requests = 4000 +pm.process_idle_timeout = 10s +pm.status_path = /status + +php_admin_value[upload_tmp_dir] = /home/%user%/tmp +php_admin_value[session.save_path] = /home/%user%/tmp + +env[HOSTNAME] = $HOSTNAME +env[PATH] = /usr/local/bin:/usr/bin:/bin +env[TMP] = /home/%user%/tmp +env[TMPDIR] = /home/%user%/tmp +env[TEMP] = /home/%user%/tmp diff --git a/install/ubuntu/18.10/templates/web/php-fpm/no-php.tpl b/install/ubuntu/18.10/templates/web/php-fpm/no-php.tpl new file mode 100644 index 00000000..047c33ed --- /dev/null +++ b/install/ubuntu/18.10/templates/web/php-fpm/no-php.tpl @@ -0,0 +1,20 @@ +;[%backend%] +;listen = /dev/null + +;user = %user% +;group = %user% + +;listen.owner = %user% +;listen.group = www-data + +;pm = ondemand +;pm.max_children = 4 +;pm.max_requests = 4000 +;pm.process_idle_timeout = 10s +;pm.status_path = /status + +;env[HOSTNAME] = $HOSTNAME +;env[PATH] = /usr/local/bin:/usr/bin:/bin +;env[TMP] = /home/%user%/tmp +;env[TMPDIR] = /home/%user%/tmp +;env[TEMP] = /home/%user%/tmp diff --git a/install/ubuntu/18.10/templates/web/php-fpm/socket.tpl b/install/ubuntu/18.10/templates/web/php-fpm/socket.tpl new file mode 100644 index 00000000..a0151084 --- /dev/null +++ b/install/ubuntu/18.10/templates/web/php-fpm/socket.tpl @@ -0,0 +1,24 @@ +[%backend%] +listen = /var/run/php/%backend%.sock +listen.allowed_clients = 127.0.0.1 + +user = %user% +group = %user% + +listen.owner = %user% +listen.group = www-data + +pm = ondemand +pm.max_children = 4 +pm.max_requests = 4000 +pm.process_idle_timeout = 10s +pm.status_path = /status + +php_admin_value[upload_tmp_dir] = /home/%user%/tmp +php_admin_value[session.save_path] = /home/%user%/tmp + +env[HOSTNAME] = $HOSTNAME +env[PATH] = /usr/local/bin:/usr/bin:/bin +env[TMP] = /home/%user%/tmp +env[TMPDIR] = /home/%user%/tmp +env[TEMP] = /home/%user%/tmp diff --git a/install/ubuntu/18.10/templates/web/skel/document_errors/403.html b/install/ubuntu/18.10/templates/web/skel/document_errors/403.html new file mode 100755 index 00000000..9c3f6baa --- /dev/null +++ b/install/ubuntu/18.10/templates/web/skel/document_errors/403.html @@ -0,0 +1,29 @@ + + + 403 — Forbidden + + + + + + +

    %domain%

    + +

    403

    +

    Forbidden

    +
    + Unfortunately, you do not have permission to view this +
    + + + diff --git a/install/ubuntu/18.10/templates/web/skel/document_errors/404.html b/install/ubuntu/18.10/templates/web/skel/document_errors/404.html new file mode 100755 index 00000000..2cee7708 --- /dev/null +++ b/install/ubuntu/18.10/templates/web/skel/document_errors/404.html @@ -0,0 +1,28 @@ + + + 404 — Not Found + + + + + + +

    %domain%

    +

    404

    +

    Page Not Found

    +
    + It seems that the page you were trying to reach does not exist anymore, or maybe it has just moved. + You can start again from the home or go back to previous page. +
    + + diff --git a/install/ubuntu/18.10/templates/web/skel/document_errors/50x.html b/install/ubuntu/18.10/templates/web/skel/document_errors/50x.html new file mode 100755 index 00000000..85ba648b --- /dev/null +++ b/install/ubuntu/18.10/templates/web/skel/document_errors/50x.html @@ -0,0 +1,29 @@ + + + 500 — Internal Sever Error + + + + + + +

    %domain%

    + +

    500

    +

    Internal Server Error

    +
    + Sorry, something went wrong :( +
    + + + diff --git a/install/ubuntu/18.10/templates/web/skel/public_html/index.html b/install/ubuntu/18.10/templates/web/skel/public_html/index.html new file mode 100755 index 00000000..4f5bb724 --- /dev/null +++ b/install/ubuntu/18.10/templates/web/skel/public_html/index.html @@ -0,0 +1,26 @@ + + + %domain% — Coming Soon + + + + + + +

    %domain%

    + + + + + diff --git a/install/ubuntu/18.10/templates/web/skel/public_html/robots.txt b/install/ubuntu/18.10/templates/web/skel/public_html/robots.txt new file mode 100755 index 00000000..00ee83dc --- /dev/null +++ b/install/ubuntu/18.10/templates/web/skel/public_html/robots.txt @@ -0,0 +1,3 @@ +# vestacp autogenerated robots.txt +User-agent: * +Crawl-delay: 10 diff --git a/install/ubuntu/18.10/templates/web/skel/public_shtml/index.html b/install/ubuntu/18.10/templates/web/skel/public_shtml/index.html new file mode 100755 index 00000000..4f5bb724 --- /dev/null +++ b/install/ubuntu/18.10/templates/web/skel/public_shtml/index.html @@ -0,0 +1,26 @@ + + + %domain% — Coming Soon + + + + + + +

    %domain%

    + + + + + diff --git a/install/ubuntu/18.10/templates/web/skel/public_shtml/robots.txt b/install/ubuntu/18.10/templates/web/skel/public_shtml/robots.txt new file mode 100755 index 00000000..00ee83dc --- /dev/null +++ b/install/ubuntu/18.10/templates/web/skel/public_shtml/robots.txt @@ -0,0 +1,3 @@ +# vestacp autogenerated robots.txt +User-agent: * +Crawl-delay: 10 diff --git a/install/ubuntu/18.10/templates/web/suspend/.htaccess b/install/ubuntu/18.10/templates/web/suspend/.htaccess new file mode 100755 index 00000000..5a6df83f --- /dev/null +++ b/install/ubuntu/18.10/templates/web/suspend/.htaccess @@ -0,0 +1,2 @@ +ErrorDocument 403 /index.html +ErrorDocument 404 /index.html diff --git a/install/ubuntu/18.10/templates/web/suspend/index.html b/install/ubuntu/18.10/templates/web/suspend/index.html new file mode 100755 index 00000000..f2d04e1f --- /dev/null +++ b/install/ubuntu/18.10/templates/web/suspend/index.html @@ -0,0 +1,25 @@ + + + Website Suspended + + + + + +

    SUSPENDED

    +

    This website has been suspended.

    +
    + Please contact the technical support department. +
    + + diff --git a/install/ubuntu/18.10/templates/web/webalizer/webalizer.tpl b/install/ubuntu/18.10/templates/web/webalizer/webalizer.tpl new file mode 100755 index 00000000..068adcfb --- /dev/null +++ b/install/ubuntu/18.10/templates/web/webalizer/webalizer.tpl @@ -0,0 +1,110 @@ +HostName %domain_idn% +LogFile /var/log/%web_system%/domains/%domain%.log +OutputDir %home%/%user%/web/%domain%/stats +HistoryName %home%/%user%/web/%domain%/stats/%domain%.hist +Incremental yes +IncrementalName %home%/%user%/web/%domain%/stats/%domain%.current +PageType htm* +PageType cgi +PageType php +PageType shtml +DNSCache /var/lib/webalizer/dns_cache.db +DNSChildren 10 +Quiet yes +FoldSeqErr yes +IndexAlias index.php +HideURL *.gif +HideURL *.GIF +HideURL *.jpg +HideURL *.JPG +HideURL *.png +HideURL *.PNG +HideURL *.ra +SearchEngine abcsearch. terms= +SearchEngine alexa. q= +SearchEngine alltheweb. q= +SearchEngine alltheweb. query= +SearchEngine alot. q= +SearchEngine altavista. q= +SearchEngine aolsearch. query= +SearchEngine aport.ru r= +SearchEngine ask. q= +SearchEngine atlas.cz q= +SearchEngine bbc. q= +SearchEngine bing. q= +SearchEngine blingo. q= +SearchEngine blogs.yandex.ru text= +SearchEngine btopenworld query= +SearchEngine buscador.ya.com q= +SearchEngine busca. q= +SearchEngine business. query= +SearchEngine centrum.cz q= +SearchEngine chiff. q= +SearchEngine clusty. query= +SearchEngine comcast. q= +SearchEngine crawler. q= +SearchEngine cuil. q= +SearchEngine dmoz. search= +SearchEngine dogpile.com q= +SearchEngine dpxml qkw= +SearchEngine eureka. searchword= +SearchEngine euroseek. string= +SearchEngine exalead. q= +SearchEngine excite search= +SearchEngine ezilon. q= +SearchEngine fastbrowsersearch. q= +SearchEngine feedster.com q= +SearchEngine fireball.de q= +SearchEngine fireball. keyword= +SearchEngine freeserve. q= +SearchEngine gigablast. q= +SearchEngine gogo.ru q= +SearchEngine go.mail.ru q= +SearchEngine google. q= +SearchEngine hakia. q= +SearchEngine hotbot. query= +SearchEngine infoseek. qt= +SearchEngine iwon searchfor= +SearchEngine ixquick.com query= +SearchEngine joeant. keywords= +SearchEngine jyxo.cz s= +SearchEngine looksmart. key= +SearchEngine lycos. query= +SearchEngine mamma. q= +SearchEngine metacrawler q= +SearchEngine msn. MT= +SearchEngine msxml qkw= +SearchEngine mysearch. searchfor= +SearchEngine mywebsearch. searchfor= +SearchEngine netscape. q= +SearchEngine nigma.ru q= +SearchEngine northernlight. qr= +SearchEngine ntlworld. q= +SearchEngine orange. q= +SearchEngine overture. Keywords= +SearchEngine punto.ru text= +SearchEngine rambler. keyword= +SearchEngine search.aol. q= +SearchEngine search.babylon. q= +SearchEngine search.centrum. phrase= +SearchEngine search.conduit. q= +SearchEngine search.earthlink q= +SearchEngine search.icq. q= +SearchEngine search.live.com q= +SearchEngine search.rambler.ru words= +SearchEngine search.winamp. q= +SearchEngine searchy. q= +SearchEngine seznam.cz w= +SearchEngine snap. query= +SearchEngine teoma. q= +SearchEngine teradex.com q= +SearchEngine ukplus key= +SearchEngine verizon. q= +SearchEngine virginmedia. q= +SearchEngine voila. rdata= +SearchEngine webcrawler searchText= +SearchEngine web.search.naver. query= +SearchEngine wisenut q= +SearchEngine yahoo. p= +SearchEngine yandex. text= +SearchEngine yodao. q= diff --git a/install/ubuntu/18.10/vsftpd/vsftpd.conf b/install/ubuntu/18.10/vsftpd/vsftpd.conf new file mode 100644 index 00000000..75e0104f --- /dev/null +++ b/install/ubuntu/18.10/vsftpd/vsftpd.conf @@ -0,0 +1,40 @@ +anonymous_enable=NO +local_enable=YES +write_enable=YES +local_umask=022 +anon_umask=022 +anon_upload_enable=NO +dirmessage_enable=YES +xferlog_enable=YES +connect_from_port_20=YES +xferlog_std_format=YES +dual_log_enable=YES +chroot_local_user=YES +listen=YES +pam_service_name=vsftpd +userlist_enable=NO +tcp_wrappers=YES +force_dot_files=YES +ascii_upload_enable=YES +ascii_download_enable=YES +allow_writeable_chroot=YES +seccomp_sandbox=NO +pasv_enable=YES +pasv_promiscuous=YES +pasv_min_port=12000 +pasv_max_port=12100 +max_per_ip=10 +max_clients=100 +use_localtime=YES +utf8_filesystem=YES +ssl_enable=YES +allow_anon_ssl=NO +require_ssl_reuse=NO +ssl_ciphers=HIGH +ssl_tlsv1=YES +ssl_sslv2=NO +ssl_sslv3=NO +force_local_data_ssl=NO +force_local_logins_ssl=NO +rsa_cert_file=/usr/local/vesta/ssl/certificate.crt +rsa_private_key_file=/usr/local/vesta/ssl/certificate.key From 703a66eb5723bf306e7090cae981461e52df60a8 Mon Sep 17 00:00:00 2001 From: Serghey Rodin Date: Mon, 15 Apr 2019 21:00:12 +0300 Subject: [PATCH 134/197] gzip_vary duplicate --- install/ubuntu/18.04/nginx/nginx.conf | 1 - install/ubuntu/18.10/nginx/nginx.conf | 1 - 2 files changed, 2 deletions(-) diff --git a/install/ubuntu/18.04/nginx/nginx.conf b/install/ubuntu/18.04/nginx/nginx.conf index dc2cf1dd..790aee49 100644 --- a/install/ubuntu/18.04/nginx/nginx.conf +++ b/install/ubuntu/18.04/nginx/nginx.conf @@ -50,7 +50,6 @@ http { # Compression gzip on; - gzip_vary on; gzip_static on; gzip_vary on; gzip_comp_level 6; diff --git a/install/ubuntu/18.10/nginx/nginx.conf b/install/ubuntu/18.10/nginx/nginx.conf index dc2cf1dd..790aee49 100644 --- a/install/ubuntu/18.10/nginx/nginx.conf +++ b/install/ubuntu/18.10/nginx/nginx.conf @@ -50,7 +50,6 @@ http { # Compression gzip on; - gzip_vary on; gzip_static on; gzip_vary on; gzip_comp_level 6; From 483c4b943b9a37b819fd1e45ee2e1132f7f5804b Mon Sep 17 00:00:00 2001 From: noogen Date: Mon, 15 Apr 2019 17:29:31 -0500 Subject: [PATCH 135/197] fix typo and allow user to login on pgsql restore --- func/rebuild.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/func/rebuild.sh b/func/rebuild.sh index 9a1c0f47..352b9083 100644 --- a/func/rebuild.sh +++ b/func/rebuild.sh @@ -600,7 +600,7 @@ rebuild_pgsql_database() { exit $E_CONNECT fi - query="CREATE ROLE $DBUSER" + query="CREATE ROLE $DBUSER WITH LOGIN" psql -h $HOST -U $USER -c "$query" > /dev/null 2>&1 query="UPDATE pg_authid SET rolpassword='$MD5' WHERE rolname='$DBUSER'" @@ -617,7 +617,7 @@ rebuild_pgsql_database() { query="GRANT ALL PRIVILEGES ON DATABASE $DB TO $DBUSER" psql -h $HOST -U $USER -c "$query" > /dev/null 2>&1 - query="GRANT CONNECT ON DATABASE template1 to $dbuser" + query="GRANT CONNECT ON DATABASE template1 to $DBUSER" psql -h $HOST -U $USER -c "$query" > /dev/null 2>&1 } From bef5f876189674531d3380eab6d6d66c68d51df8 Mon Sep 17 00:00:00 2001 From: Serghey Rodin Date: Tue, 16 Apr 2019 12:16:03 +0300 Subject: [PATCH 136/197] version up --- src/rpm/specs/vesta-php.spec | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/rpm/specs/vesta-php.spec b/src/rpm/specs/vesta-php.spec index fe5aded9..336e1e77 100644 --- a/src/rpm/specs/vesta-php.spec +++ b/src/rpm/specs/vesta-php.spec @@ -1,6 +1,6 @@ Name: vesta-php Version: 0.9.8 -Release: 23 +Release: 24 Summary: Vesta Control Panel Group: System Environment/Base License: GPL From 425e9f248383adda226114dd3f64c2d23480be01 Mon Sep 17 00:00:00 2001 From: Serghey Rodin Date: Tue, 16 Apr 2019 12:53:58 +0300 Subject: [PATCH 137/197] 18$ instead of 21$ --- web/templates/admin/edit_server.html | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/web/templates/admin/edit_server.html b/web/templates/admin/edit_server.html index 9de86222..59683b6d 100644 --- a/web/templates/admin/edit_server.html +++ b/web/templates/admin/edit_server.html @@ -934,7 +934,7 @@ '.__('Buy Licence').' 3$/'.__('month').'
  • - '.__('Buy Lifetime License').' 21$ + '.__('Buy Lifetime License').' 18$
    • 2Checkout.com Inc. (Ohio, USA) is a payment facilitator for goods and services provided by vestacp.com.'; From 25706abfb30e5b01d6fb604a78df5d2d4da8a7b4 Mon Sep 17 00:00:00 2001 From: Serghey Rodin Date: Wed, 17 Apr 2019 23:28:40 +0300 Subject: [PATCH 138/197] replaced rdomain with domain variable --- bin/v-add-letsencrypt-domain | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/bin/v-add-letsencrypt-domain b/bin/v-add-letsencrypt-domain index 56026b9b..edcf6ae2 100755 --- a/bin/v-add-letsencrypt-domain +++ b/bin/v-add-letsencrypt-domain @@ -163,7 +163,7 @@ for auth in $authz; do check_result $? "Proxy restart failed" >/dev/null else - well_known="$HOMEDIR/$user/web/$rdomain/public_html/.well-known" + well_known="$HOMEDIR/$user/web/$domain/public_html/.well-known" acme_challenge="$well_known/acme-challenge" mkdir -p $acme_challenge echo "$token.$THUMB" > $acme_challenge/$token From 82b635f8da921a6d3aa914ea0765e5b974022284 Mon Sep 17 00:00:00 2001 From: Serghey Rodin Date: Thu, 18 Apr 2019 15:03:03 +0300 Subject: [PATCH 139/197] Print the file name for each match --- bin/v-search-ssl-certificates | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/bin/v-search-ssl-certificates b/bin/v-search-ssl-certificates index b392e810..c9208830 100755 --- a/bin/v-search-ssl-certificates +++ b/bin/v-search-ssl-certificates @@ -73,7 +73,7 @@ csv_list() { # Action # #----------------------------------------------------------# -search_cmd=$(grep "SSL='yes'" $VESTA/data/users/*/web.conf |\ +search_cmd=$(grep -H "SSL='yes'" $VESTA/data/users/*/web.conf |\ cut -f 1 -d ' ' |\ sed -e "s|$VESTA/data/users/|USER='|" -e "s|/web.conf:|' |") From 35df8ba980a87c9c9a6342fd10ab617933e2f583 Mon Sep 17 00:00:00 2001 From: Serghey Rodin Date: Sat, 20 Apr 2019 00:08:37 +0300 Subject: [PATCH 140/197] Jessie backports --- install/vst-install-debian.sh | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/install/vst-install-debian.sh b/install/vst-install-debian.sh index 0741a6d6..bf7b3c22 100644 --- a/install/vst-install-debian.sh +++ b/install/vst-install-debian.sh @@ -478,6 +478,17 @@ echo "deb http://$RHOST/$codename/ $codename vesta" > $apt/vesta.list wget $CHOST/deb_signing.key -O deb_signing.key apt-key add deb_signing.key +# Installing jessie backports +if [ "$release" -eq 8 ]; then + if [ ! -e /etc/apt/apt.conf ]; then + echo 'Acquire::Check-Valid-Until "false";' >> /etc/apt/apt.conf + fi + if [ ! -e /etc/apt/sources.list.d/backports.list ]; then + echo "deb http://archive.debian.org/debian jessie-backports main" >\ + /etc/apt/sources.list.d/vesta.list + fi +fi + #----------------------------------------------------------# # Backup # From af37f5cbefe1a971a9b3d2a5c9b0e18488c2de37 Mon Sep 17 00:00:00 2001 From: Serghey Rodin Date: Sat, 20 Apr 2019 03:06:59 +0300 Subject: [PATCH 141/197] fix backport apt name --- install/vst-install-debian.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/install/vst-install-debian.sh b/install/vst-install-debian.sh index bf7b3c22..468ec28f 100644 --- a/install/vst-install-debian.sh +++ b/install/vst-install-debian.sh @@ -485,7 +485,7 @@ if [ "$release" -eq 8 ]; then fi if [ ! -e /etc/apt/sources.list.d/backports.list ]; then echo "deb http://archive.debian.org/debian jessie-backports main" >\ - /etc/apt/sources.list.d/vesta.list + /etc/apt/sources.list.d/backports.list fi fi From 97a3b4004774a9066a71ad48fd6c1774b878ac40 Mon Sep 17 00:00:00 2001 From: moucho <1095644+moucho@users.noreply.github.com> Date: Sat, 20 Apr 2019 13:47:38 +0200 Subject: [PATCH 142/197] Spanish translation update --- web/inc/i18n/es.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/web/inc/i18n/es.php b/web/inc/i18n/es.php index 12d3d29c..b6718528 100644 --- a/web/inc/i18n/es.php +++ b/web/inc/i18n/es.php @@ -567,7 +567,7 @@ $LANG['es'] = array( 'MAIL Server' => 'Servidor de Correo', 'Antivirus' => 'Antivirus', 'AntiSpam' => 'AntiSpam', - 'Use Web Domain SSL Certificate' => 'Use Web Domain SSL Certificate', + 'Use Web Domain SSL Certificate' => 'Usar el Cerfificado SSL de la Web', 'Webmail URL' => 'Webmail URL', 'MySQL Support' => 'Soportar MYSQL', 'phpMyAdmin URL' => 'phpMyAdmin URL', From 7603cdea7a5c9441c434e654a0c99ef49b51400c Mon Sep 17 00:00:00 2001 From: Sergio Date: Sun, 21 Apr 2019 00:11:36 +0200 Subject: [PATCH 143/197] Add the validation of the CSRF token. It is missing in some cases when it is sent by GET or POST. --- web/add/cron/autoupdate/index.php | 6 ++++++ web/add/cron/reports/index.php | 6 ++++++ web/add/firewall/banlist/index.php | 6 ++++++ web/delete/cron/autoupdate/index.php | 6 ++++++ web/delete/cron/reports/index.php | 6 ++++++ web/restart/service/index.php | 6 ++++++ web/restart/system/index.php | 6 ++++++ web/templates/admin/list_services.html | 2 +- web/update/vesta/index.php | 6 ++++++ 9 files changed, 49 insertions(+), 1 deletion(-) diff --git a/web/add/cron/autoupdate/index.php b/web/add/cron/autoupdate/index.php index 53d50c05..90854d9b 100644 --- a/web/add/cron/autoupdate/index.php +++ b/web/add/cron/autoupdate/index.php @@ -5,6 +5,12 @@ ob_start(); session_start(); include($_SERVER['DOCUMENT_ROOT']."/inc/main.php"); +// Check token +if ((!isset($_GET['token'])) || ($_SESSION['token'] != $_GET['token'])) { + header('location: /login/'); + exit(); +} + if ($_SESSION['user'] == 'admin') { exec (VESTA_CMD."v-add-cron-vesta-autoupdate", $output, $return_var); $_SESSION['error_msg'] = __('Autoupdate has been successfully enabled'); diff --git a/web/add/cron/reports/index.php b/web/add/cron/reports/index.php index 4b0424e3..197c5760 100644 --- a/web/add/cron/reports/index.php +++ b/web/add/cron/reports/index.php @@ -5,6 +5,12 @@ ob_start(); session_start(); include($_SERVER['DOCUMENT_ROOT']."/inc/main.php"); +// Check token +if ((!isset($_GET['token'])) || ($_SESSION['token'] != $_GET['token'])) { + header('location: /login/'); + exit(); +} + exec (VESTA_CMD."v-add-cron-reports ".$user, $output, $return_var); $_SESSION['error_msg'] = __('Cronjob email reporting has been successfully enabled'); unset($output); diff --git a/web/add/firewall/banlist/index.php b/web/add/firewall/banlist/index.php index 774421e6..a9f616a2 100644 --- a/web/add/firewall/banlist/index.php +++ b/web/add/firewall/banlist/index.php @@ -15,6 +15,12 @@ if ($_SESSION['user'] != 'admin') { // Check POST request if (!empty($_POST['ok'])) { + // Check token + if ((!isset($_POST['token'])) || ($_SESSION['token'] != $_POST['token'])) { + header('location: /login/'); + exit(); + } + // Check empty fields if (empty($_POST['v_chain'])) $errors[] = __('banlist'); if (empty($_POST['v_ip'])) $errors[] = __('ip address'); diff --git a/web/delete/cron/autoupdate/index.php b/web/delete/cron/autoupdate/index.php index ad670ef0..a58064c0 100644 --- a/web/delete/cron/autoupdate/index.php +++ b/web/delete/cron/autoupdate/index.php @@ -5,6 +5,12 @@ ob_start(); session_start(); include($_SERVER['DOCUMENT_ROOT']."/inc/main.php"); +// Check token +if ((!isset($_GET['token'])) || ($_SESSION['token'] != $_GET['token'])) { + header('location: /login/'); + exit(); +} + if ($_SESSION['user'] == 'admin') { exec (VESTA_CMD."v-delete-cron-vesta-autoupdate", $output, $return_var); $_SESSION['error_msg'] = __('Autoupdate has been successfully disabled'); diff --git a/web/delete/cron/reports/index.php b/web/delete/cron/reports/index.php index af7df20f..10d422a8 100644 --- a/web/delete/cron/reports/index.php +++ b/web/delete/cron/reports/index.php @@ -5,6 +5,12 @@ ob_start(); session_start(); include($_SERVER['DOCUMENT_ROOT']."/inc/main.php"); +// Check token +if ((!isset($_GET['token'])) || ($_SESSION['token'] != $_GET['token'])) { + header('location: /login/'); + exit(); +} + exec (VESTA_CMD."v-delete-cron-reports ".$user, $output, $return_var); $_SESSION['error_msg'] = __('Cronjob email reporting has been successfully disabled'); unset($output); diff --git a/web/restart/service/index.php b/web/restart/service/index.php index 5f42e5e5..eb07e856 100644 --- a/web/restart/service/index.php +++ b/web/restart/service/index.php @@ -5,6 +5,12 @@ ob_start(); session_start(); include($_SERVER['DOCUMENT_ROOT']."/inc/main.php"); +// Check token +if ((!isset($_GET['token'])) || ($_SESSION['token'] != $_GET['token'])) { + header('location: /login/'); + exit(); +} + if ($_SESSION['user'] == 'admin') { if (!empty($_GET['srv'])) { if ($_GET['srv'] == 'iptables') { diff --git a/web/restart/system/index.php b/web/restart/system/index.php index 4facc5a5..4e09745e 100644 --- a/web/restart/system/index.php +++ b/web/restart/system/index.php @@ -5,6 +5,12 @@ ob_start(); session_start(); include($_SERVER['DOCUMENT_ROOT']."/inc/main.php"); +// Check token +if ((!isset($_GET['token'])) || ($_SESSION['token'] != $_GET['token'])) { + header('location: /login/'); + exit(); +} + if ($_SESSION['user'] == 'admin') { if (!empty($_GET['hostname'])) { exec (VESTA_CMD."v-restart-system yes", $output, $return_var); diff --git a/web/templates/admin/list_services.html b/web/templates/admin/list_services.html index 346370e6..6012d2a3 100644 --- a/web/templates/admin/list_services.html +++ b/web/templates/admin/list_services.html @@ -54,7 +54,7 @@
     ↵
    -
     R
    +
     R
    diff --git a/web/update/vesta/index.php b/web/update/vesta/index.php index a025c7bf..fa7ca2c4 100644 --- a/web/update/vesta/index.php +++ b/web/update/vesta/index.php @@ -5,6 +5,12 @@ ob_start(); session_start(); include($_SERVER['DOCUMENT_ROOT']."/inc/main.php"); +// Check token +if ((!isset($_GET['token'])) || ($_SESSION['token'] != $_GET['token'])) { + header('location: /login/'); + exit(); +} + if ($_SESSION['user'] == 'admin') { if (!empty($_GET['pkg'])) { $v_pkg = escapeshellarg($_GET['pkg']); From 0831a198b86a4760e83c0eaec78d84bab7098e6c Mon Sep 17 00:00:00 2001 From: Sergio Date: Sun, 21 Apr 2019 01:51:29 +0200 Subject: [PATCH 144/197] Fixed several Command Injection. --- web/edit/db/index.php | 2 ++ web/edit/mail/index.php | 7 +++++-- web/edit/web/index.php | 6 ++++-- 3 files changed, 11 insertions(+), 4 deletions(-) diff --git a/web/edit/db/index.php b/web/edit/db/index.php index 21d394f0..763717bc 100644 --- a/web/edit/db/index.php +++ b/web/edit/db/index.php @@ -42,6 +42,8 @@ if ( $v_suspended == 'yes' ) { $v_status = 'active'; } +$v_database = escapeshellarg($_GET['database']); + // Check POST request if (!empty($_POST['save'])) { $v_username = $user; diff --git a/web/edit/mail/index.php b/web/edit/mail/index.php index 6c673118..6424e3ab 100644 --- a/web/edit/mail/index.php +++ b/web/edit/mail/index.php @@ -70,6 +70,9 @@ if ((!empty($_GET['domain'])) && (!empty($_GET['account']))) { $v_date = $data[$v_account]['DATE']; $v_time = $data[$v_account]['TIME']; + $v_domain = escapeshellarg($_GET['domain']); + $v_account = escapeshellarg($_GET['account']); + // Parse autoreply if ( $v_autoreply == 'yes' ) { exec (VESTA_CMD."v-list-mail-account-autoreply ".$user." '".$v_domain."' '".$v_account."' json", $output, $return_var); @@ -228,7 +231,7 @@ if ((!empty($_POST['save'])) && (!empty($_GET['domain'])) && (!empty($_GET['acco $result = array_diff($valiases, $aliases); foreach ($result as $alias) { if ((empty($_SESSION['error_msg'])) && (!empty($alias))) { - exec (VESTA_CMD."v-delete-mail-account-alias ".$v_username." ".$v_domain." ".$v_account." '".$alias."'", $output, $return_var); + exec (VESTA_CMD."v-delete-mail-account-alias ".$v_username." ".$v_domain." ".$v_account." '".escapeshellarg($alias)."'", $output, $return_var); check_return_code($return_var,$output); unset($output); } @@ -254,7 +257,7 @@ if ((!empty($_POST['save'])) && (!empty($_GET['domain'])) && (!empty($_GET['acco $result = array_diff($vfwd, $fwd); foreach ($result as $forward) { if ((empty($_SESSION['error_msg'])) && (!empty($forward))) { - exec (VESTA_CMD."v-delete-mail-account-forward ".$v_username." ".$v_domain." ".$v_account." '".$forward."'", $output, $return_var); + exec (VESTA_CMD."v-delete-mail-account-forward ".$v_username." ".$v_domain." ".$v_account." '".escapeshellarg($forward)."'", $output, $return_var); check_return_code($return_var,$output); unset($output); } diff --git a/web/edit/web/index.php b/web/edit/web/index.php index edf29e9d..a1d2d70b 100644 --- a/web/edit/web/index.php +++ b/web/edit/web/index.php @@ -36,7 +36,7 @@ $v_cgi = $data[$v_domain]['CGI']; $v_elog = $data[$v_domain]['ELOG']; $v_ssl = $data[$v_domain]['SSL']; if (!empty($v_ssl)) { - exec (VESTA_CMD."v-list-web-domain-ssl ".$user." '".$v_domain."' json", $output, $return_var); + exec (VESTA_CMD."v-list-web-domain-ssl ".$user." '".escapeshellarg($v_domain)."' json", $output, $return_var); $ssl_str = json_decode(implode('', $output), true); unset($output); $v_ssl_crt = $ssl_str[$v_domain]['CRT']; @@ -129,6 +129,7 @@ if (!empty($_POST['save'])) { exec (VESTA_CMD."v-list-dns-domain ".$v_username." ".$v_domain." json", $output, $return_var); unset($output); if ($return_var == 0 ) { + $v_ip = escapeshellarg($_POST['v_ip']); exec (VESTA_CMD."v-change-dns-domain-ip ".$v_username." ".$v_domain." ".$v_ip." 'no'", $output, $return_var); check_return_code($return_var,$output); unset($output); @@ -142,6 +143,7 @@ if (!empty($_POST['save'])) { exec (VESTA_CMD."v-list-dns-domain ".$v_username." '".$v_alias."' json", $output, $return_var); unset($output); if ($return_var == 0 ) { + $v_ip = escapeshellarg($_POST['v_ip']); exec (VESTA_CMD."v-change-dns-domain-ip ".$v_username." '".$v_alias."' ".$v_ip, $output, $return_var); check_return_code($return_var,$output); unset($output); @@ -367,7 +369,7 @@ if (!empty($_POST['save'])) { // Add Lets Encrypt support if ((!empty($_POST['v_ssl'])) && ( $v_letsencrypt == 'no' ) && (!empty($_POST['v_letsencrypt'])) && empty($_SESSION['error_msg'])) { $l_aliases = str_replace("\n", ',', $v_aliases); - exec (VESTA_CMD."v-add-letsencrypt-domain ".$user." ".$v_domain." '".$l_aliases."' 'no'", $output, $return_var); + exec (VESTA_CMD."v-add-letsencrypt-domain ".$user." ".$v_domain." '".escapeshellarg($l_aliases)."' 'no'", $output, $return_var); check_return_code($return_var,$output); unset($output); $v_letsencrypt = 'yes'; From 7226a8991f7908825c869f78231107370cb05b21 Mon Sep 17 00:00:00 2001 From: Sergio Date: Sun, 21 Apr 2019 02:18:24 +0200 Subject: [PATCH 145/197] Fix some XSS. --- web/list/directory/index.php | 4 ++-- web/templates/admin/list_dns_rec.html | 4 ++-- web/templates/admin/list_mail_acc.html | 6 +++--- web/templates/user/list_mail_acc.html | 4 ++-- 4 files changed, 9 insertions(+), 9 deletions(-) diff --git a/web/list/directory/index.php b/web/list/directory/index.php index 737e19db..12919b14 100644 --- a/web/list/directory/index.php +++ b/web/list/directory/index.php @@ -24,8 +24,8 @@ if (empty($panel)) { $panel = json_decode(implode('', $output), true); } -$path_a = !empty($_REQUEST['dir_a']) ? $_REQUEST['dir_a'] : ''; -$path_b = !empty($_REQUEST['dir_b']) ? $_REQUEST['dir_b'] : ''; +$path_a = !empty($_REQUEST['dir_a']) ? htmlentities($_REQUEST['dir_a']) : ''; +$path_b = !empty($_REQUEST['dir_b']) ? htmlentities($_REQUEST['dir_b']) : ''; $GLOBAL_JS = ''; $GLOBAL_JS .= ''; $GLOBAL_JS .= ''; diff --git a/web/templates/admin/list_dns_rec.html b/web/templates/admin/list_dns_rec.html index a74b8574..24f28103 100644 --- a/web/templates/admin/list_dns_rec.html +++ b/web/templates/admin/list_dns_rec.html @@ -74,11 +74,11 @@ v_unit_id="" v_section="dns_rec">
    -
     ↵
    +
     ↵
    - + diff --git a/web/templates/admin/list_mail_acc.html b/web/templates/admin/list_mail_acc.html index 5433d732..13495ff6 100644 --- a/web/templates/admin/list_mail_acc.html +++ b/web/templates/admin/list_mail_acc.html @@ -90,11 +90,11 @@ sort-star="
    -
     ↵
    +
     ↵
    - + @@ -104,7 +104,7 @@ sort-star=" - + diff --git a/web/templates/user/list_mail_acc.html b/web/templates/user/list_mail_acc.html index c7334fa1..8c5ef567 100644 --- a/web/templates/user/list_mail_acc.html +++ b/web/templates/user/list_mail_acc.html @@ -88,11 +88,11 @@ sort-star="
    -
     ↵
    +
     ↵
    - + From 0713570b87bab57d0f163fce553a54894aa45e13 Mon Sep 17 00:00:00 2001 From: moucho <1095644+moucho@users.noreply.github.com> Date: Sun, 21 Apr 2019 18:28:34 +0200 Subject: [PATCH 146/197] Fix Let's Encrypt for IDN domains --- bin/v-add-letsencrypt-domain | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) diff --git a/bin/v-add-letsencrypt-domain b/bin/v-add-letsencrypt-domain index edcf6ae2..001f71e9 100755 --- a/bin/v-add-letsencrypt-domain +++ b/bin/v-add-letsencrypt-domain @@ -22,6 +22,14 @@ source $VESTA/func/main.sh source $VESTA/func/domain.sh source $VESTA/conf/vesta.conf +# Additional argument formatting +format_identifier_idn() { + identifier_idn=$identifier + if [[ "$identifier_idn" = *[![:ascii:]]* ]]; then + identifier_idn=$(idn -t --quiet -a $identifier_idn) + fi +} + # encode base64 encode_base64() { cat |base64 |tr '+/' '-_' |tr -d '\r\n=' @@ -109,7 +117,8 @@ fi url="$API/acme/new-order" payload='{"identifiers":[' for identifier in $(echo $domain,$aliases |tr ',' '\n' |sort -u); do - payload=$payload'{"type":"dns","value":"'$identifier'"},' + format_identifier_idn + payload=$payload'{"type":"dns","value":"'$identifier_idn'"},' done payload=$(echo "$payload"|sed "s/,$//") payload=$payload']}' @@ -209,7 +218,7 @@ done ssl_dir=$($BIN/v-generate-ssl-cert "$domain" "info@$domain" "US" "California"\ "San Francisco" "Vesta" "IT" "$aliases" |tail -n1 |awk '{print $2}') -# Sedning CSR to finalize order / STEP 6 +# Sending CSR to finalize order / STEP 6 csr=$(openssl req -in $ssl_dir/$domain.csr -outform DER |encode_base64) payload='{"csr":"'$csr'"}' answer=$(query_le_v2 "$finalize" "$payload" "$nonce") From 5df4dc819f1fbf7051d7f97701beb08c282a15e4 Mon Sep 17 00:00:00 2001 From: moucho <1095644+moucho@users.noreply.github.com> Date: Mon, 22 Apr 2019 14:47:32 +0200 Subject: [PATCH 147/197] Updated Spanish translation --- web/inc/i18n/es.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/web/inc/i18n/es.php b/web/inc/i18n/es.php index b6718528..6e5ce352 100644 --- a/web/inc/i18n/es.php +++ b/web/inc/i18n/es.php @@ -567,7 +567,7 @@ $LANG['es'] = array( 'MAIL Server' => 'Servidor de Correo', 'Antivirus' => 'Antivirus', 'AntiSpam' => 'AntiSpam', - 'Use Web Domain SSL Certificate' => 'Usar el Cerfificado SSL de la Web', + 'Use Web Domain SSL Certificate' => 'Utilizar el certificado SSL de un dominio', 'Webmail URL' => 'Webmail URL', 'MySQL Support' => 'Soportar MYSQL', 'phpMyAdmin URL' => 'phpMyAdmin URL', From f492c1ee2a344c01aa55642b80efc1aec3d37a95 Mon Sep 17 00:00:00 2001 From: Skull Writter <7103685+skullwritter@users.noreply.github.com> Date: Tue, 23 Apr 2019 14:11:31 +0000 Subject: [PATCH 148/197] correcting wildcat check if alias is the letsencrypt wildcard domain, if not, make the normal checks --- bin/v-add-letsencrypt-domain | 16 +++++++++------- 1 file changed, 9 insertions(+), 7 deletions(-) diff --git a/bin/v-add-letsencrypt-domain b/bin/v-add-letsencrypt-domain index edcf6ae2..86faaa3a 100755 --- a/bin/v-add-letsencrypt-domain +++ b/bin/v-add-letsencrypt-domain @@ -62,13 +62,15 @@ is_object_unsuspended 'user' 'USER' "$user" is_object_valid 'web' 'DOMAIN' "$domain" is_object_unsuspended 'web' 'DOMAIN' "$domain" get_domain_values 'web' -for alias in $(echo "$aliases" |tr ',' '\n' |sort -u); do - check_alias="$(echo $ALIAS |tr ',' '\n' |grep ^$alias$)" - if [ -z "$check_alias" ]; then - check_result $E_NOTEXIST "domain alias $alias doesn't exist" - fi -done - +# check if alias is the letsencrypt wildcard domain, if not, make the normal checks +if [[ "$aliases" != "*.$domain" ]]; then + for alias in $(echo "$aliases" |tr ',' '\n' |sort -u); do + check_alias="$(echo $ALIAS |tr ',' '\n' |grep ^$alias$)" + if [ -z "$check_alias" ]; then + check_result $E_NOTEXIST "domain alias $alias doesn't exist" + fi + done +fi; #----------------------------------------------------------# # Action # From a62095aa13bce52a1ebe56ed39c3e5df7767a326 Mon Sep 17 00:00:00 2001 From: Maksim Usmanov | Maks Date: Sun, 28 Apr 2019 15:57:49 +0200 Subject: [PATCH 149/197] Fix Nginx exclusion This fix 706 in bugs.vesta and #1820 ( same issue ) --- install/vst-install-rhel.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/install/vst-install-rhel.sh b/install/vst-install-rhel.sh index 8badeca8..4ea5154c 100755 --- a/install/vst-install-rhel.sh +++ b/install/vst-install-rhel.sh @@ -19,10 +19,10 @@ codename="${os}_$release" vestacp="$VESTA/install/$VERSION/$release" # Defining software pack for all distros -software="awstats bc bind bind-libs bind-utils clamav-server clamav-update +software="nginx awstats bc bind bind-libs bind-utils clamav-server clamav-update curl dovecot e2fsprogs exim expect fail2ban flex freetype ftp GeoIP httpd ImageMagick iptables-services jwhois lsof mailx mariadb mariadb-server mc - mod_fcgid mod_ruid2 mod_ssl net-tools nginx ntp openssh-clients pcre php + mod_fcgid mod_ruid2 mod_ssl net-tools ntp openssh-clients pcre php php-bcmath php-cli php-common php-fpm php-gd php-imap php-mbstring php-mcrypt phpMyAdmin php-mysql php-pdo phpPgAdmin php-pgsql php-soap php-tidy php-xml php-xmlrpc postgresql postgresql-contrib From 3acd2281699fcaede439da0687d64586525a15a1 Mon Sep 17 00:00:00 2001 From: Maksim Usmanov | Maks Date: Sun, 28 Apr 2019 16:03:54 +0200 Subject: [PATCH 150/197] Fix for nginx exclude There are some ways to fix this First put nginx at the beginig or modify this line software=$(echo "$software" | sed -e "s/^nginx//") Replacing it by this one: software=$(echo "$software" | sed -e "s/nginx//") Or by this: software=$(echo "$software" | sed -e "s/ nginx//") --- install/vst-install-ubuntu.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/install/vst-install-ubuntu.sh b/install/vst-install-ubuntu.sh index f66407c3..bf00f768 100755 --- a/install/vst-install-ubuntu.sh +++ b/install/vst-install-ubuntu.sh @@ -19,12 +19,12 @@ codename="$(lsb_release -s -c)" vestacp="$VESTA/install/$VERSION/$release" # Defining software pack for all distros -software="apache2 apache2.2-common apache2-suexec-custom apache2-utils +software="nginx apache2 apache2.2-common apache2-suexec-custom apache2-utils apparmor-utils awstats bc bind9 bsdmainutils bsdutils clamav-daemon cron curl dnsutils dovecot-imapd dovecot-pop3d e2fslibs e2fsprogs exim4 exim4-daemon-heavy expect fail2ban flex ftp git idn imagemagick libapache2-mod-fcgid libapache2-mod-php libapache2-mod-rpaf - libapache2-mod-ruid2 lsof mc mysql-client mysql-common mysql-server nginx + libapache2-mod-ruid2 lsof mc mysql-client mysql-common mysql-server ntpdate php-cgi php-common php-curl php-fpm phpmyadmin php-mysql phppgadmin php-pgsql postgresql postgresql-contrib proftpd-basic quota roundcube-core roundcube-mysql roundcube-plugins rrdtool rssh spamassassin From f50d8b7d844e4d19c9af5616d8ed1a9c1a9b6baf Mon Sep 17 00:00:00 2001 From: Serghey Rodin Date: Wed, 8 May 2019 22:47:30 +0300 Subject: [PATCH 151/197] added port 654321 to run openssl key-pair test --- func/domain.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/func/domain.sh b/func/domain.sh index 84a7c177..5c3bd946 100644 --- a/func/domain.sh +++ b/func/domain.sh @@ -339,7 +339,7 @@ is_web_domain_cert_valid() { check_result $E_FORBIDEN "SSL Key is protected (remove pass_phrase)" fi - openssl s_server -quiet -cert $ssl_dir/$domain.crt \ + openssl s_server -port 654321 -quiet -cert $ssl_dir/$domain.crt \ -key $ssl_dir/$domain.key >> /dev/null 2>&1 & pid=$! sleep 0.5 From d563dcd12b6ae90739e45fc512cbac51771e225c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Pawe=C5=82=20Suder?= Date: Tue, 14 May 2019 08:59:43 +0200 Subject: [PATCH 152/197] Fix update of SSL for LetsEncrypt certs Due to missing /g in sed for parsing aliases from certificate SAN field there was an issue with doubled alias which is also common name of issued certficiate. --- bin/v-update-letsencrypt-ssl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/bin/v-update-letsencrypt-ssl b/bin/v-update-letsencrypt-ssl index 4dd1fcc0..61cc2544 100755 --- a/bin/v-update-letsencrypt-ssl +++ b/bin/v-update-letsencrypt-ssl @@ -41,7 +41,7 @@ for user in $($BIN/v-list-users plain |cut -f 1); do fi ((lecounter++)) aliases=$(echo "$crt_data" |grep DNS:) - aliases=$(echo "$aliases" |sed -e "s/DNS://g" -e "s/,//") + aliases=$(echo "$aliases" |sed -e "s/DNS://g" -e "s/,//g") aliases=$(echo "$aliases" |tr ' ' '\n' |sed "/^$/d") aliases=$(echo "$aliases" |grep -v "^$domain$") aliases=$(echo "$aliases" |sed -e ':a;N;$!ba;s/\n/,/g') From d856c1e080e9c17c3dd84fc9248ac1b3bd816edd Mon Sep 17 00:00:00 2001 From: noogen Date: Tue, 14 May 2019 03:38:36 -0500 Subject: [PATCH 153/197] fix typo of extra L issue #1509 --- bin/v-update-sys-rrd-pgsql | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/bin/v-update-sys-rrd-pgsql b/bin/v-update-sys-rrd-pgsql index 6e15c9e8..de2fec8f 100755 --- a/bin/v-update-sys-rrd-pgsql +++ b/bin/v-update-sys-rrd-pgsql @@ -85,7 +85,7 @@ for host in $hosts; do # Parsing data q='SELECT SUM(xact_commit + xact_rollback), SUM(numbackends) FROM pg_stat_database;' - status=$($sql plsql -d postgres -c "$q" 2>/dev/null); code="$?" + status=$($sql psql -d postgres -c "$q" 2>/dev/null); code="$?" if [ '0' -ne "$code" ]; then active=0 slow=0 From d24f68a370747d241aa8612cee38f37a13fe3499 Mon Sep 17 00:00:00 2001 From: Christian Oder Date: Wed, 15 May 2019 17:07:53 +0200 Subject: [PATCH 154/197] v-backup-user: Properly fix userdata backup exclusions So far, no exclusions have been accounted for as fargs has not been passed. Rework the logic for fargs parsing based on domain exclusions and pass fargs to the tar command. Also add --anchored based on 37c69b8f4cd087d8d406ab3de766ad11564b978b --- bin/v-backup-user | 14 +++++++++----- 1 file changed, 9 insertions(+), 5 deletions(-) diff --git a/bin/v-backup-user b/bin/v-backup-user index 2797c132..f9fcf6f5 100755 --- a/bin/v-backup-user +++ b/bin/v-backup-user @@ -460,11 +460,15 @@ if [ "$USER" != '*' ]; then fi fargs=() for xpath in $(echo "$USER" |tr ',' '\n'); do - fargs+=(-not) - fargs+=(-path) - fargs+=("./$xpath*") - echo "$(date "+%F %T") excluding directory $xpath" |\ + if [ -d "$xpath" ]; then + fargs+=(--exclude=$xpath/*) + echo "$(date "+%F %T") excluding directory $xpath" |\ tee -a $BACKUP/$user.log + else + echo "$(date "+%F %T") excluding file $xpath" |\ + tee -a $BACKUP/$user.log + fargs+=(--exclude=$xpath) + fi done IFS=$'\n' @@ -479,7 +483,7 @@ if [ "$USER" != '*' ]; then echo -e "$(date "+%F %T") adding $udir" |tee -a $BACKUP/$user.log # Backup files and dirs - tar -cpf- $udir |gzip -$BACKUP_GZIP - > $tmpdir/user_dir/$udir.tar.gz + tar --anchored -cpf- ${fargs[@]} $udir |gzip -$BACKUP_GZIP - > $tmpdir/user_dir/$udir.tar.gz fi done set +f From a78c7ffc9275ec16afb426d090aee935151669e8 Mon Sep 17 00:00:00 2001 From: Chris Mills Date: Fri, 17 May 2019 09:49:58 +0100 Subject: [PATCH 155/197] Renewal of cert not removing domain from alias list --- bin/v-update-letsencrypt-ssl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/bin/v-update-letsencrypt-ssl b/bin/v-update-letsencrypt-ssl index 61cc2544..4e8aec80 100755 --- a/bin/v-update-letsencrypt-ssl +++ b/bin/v-update-letsencrypt-ssl @@ -43,7 +43,7 @@ for user in $($BIN/v-list-users plain |cut -f 1); do aliases=$(echo "$crt_data" |grep DNS:) aliases=$(echo "$aliases" |sed -e "s/DNS://g" -e "s/,//g") aliases=$(echo "$aliases" |tr ' ' '\n' |sed "/^$/d") - aliases=$(echo "$aliases" |grep -v "^$domain$") + aliases=$(echo "$aliases" |grep -v "^$domain,$") aliases=$(echo "$aliases" |sed -e ':a;N;$!ba;s/\n/,/g') msg=$($BIN/v-add-letsencrypt-domain $user $domain $aliases) if [ $? -ne 0 ]; then From a716a3f2cb9490ffe3eaedbbf2ba132975a46b49 Mon Sep 17 00:00:00 2001 From: Roman Date: Wed, 22 May 2019 20:10:15 +0300 Subject: [PATCH 156/197] Fix v-unsuspend-mail-account Fix 'Malformed value "unlimitedM"' after unsuspend mail account --- bin/v-unsuspend-mail-account | 3 +++ 1 file changed, 3 insertions(+) diff --git a/bin/v-unsuspend-mail-account b/bin/v-unsuspend-mail-account index 314c13bc..57e54af5 100755 --- a/bin/v-unsuspend-mail-account +++ b/bin/v-unsuspend-mail-account @@ -48,6 +48,9 @@ is_object_suspended "mail/$domain" 'ACCOUNT' "$account" if [[ "$MAIL_SYSTEM" =~ exim ]]; then md5=$(get_object_value "mail/$domain" 'ACCOUNT' "$account" '$MD5') quota=$(get_object_value "mail/$domain" 'ACCOUNT' "$account" '$QUOTA') + if [ "$quota" = 'unlimited' ]; then + quota=0 + fi sed -i "/^$account:/d" $HOMEDIR/$user/conf/mail/$domain/passwd str="$account:$md5:$user:mail::$HOMEDIR/$user:$quota" echo $str >> $HOMEDIR/$user/conf/mail/$domain/passwd From a6d498e7e2088cc5d3b1d88cbcbea6a739d02ef1 Mon Sep 17 00:00:00 2001 From: Serghey Rodin Date: Thu, 23 May 2019 00:12:42 +0300 Subject: [PATCH 157/197] added net-tools package for ifconfig command --- install/vst-install-ubuntu.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/install/vst-install-ubuntu.sh b/install/vst-install-ubuntu.sh index bf00f768..653f7fc1 100755 --- a/install/vst-install-ubuntu.sh +++ b/install/vst-install-ubuntu.sh @@ -29,7 +29,7 @@ software="nginx apache2 apache2.2-common apache2-suexec-custom apache2-utils phppgadmin php-pgsql postgresql postgresql-contrib proftpd-basic quota roundcube-core roundcube-mysql roundcube-plugins rrdtool rssh spamassassin sudo vesta vesta-ioncube vesta-nginx vesta-php vesta-softaculous - vim-common vsftpd webalizer whois zip" + vim-common vsftpd webalizer whois zip net-tools" # Fix for old releases if [[ ${release:0:2} -lt 16 ]]; then From 9bceb0162259331ea320ced14b9cdff0c3dada81 Mon Sep 17 00:00:00 2001 From: Chris Mills Date: Thu, 6 Jun 2019 06:07:44 +0100 Subject: [PATCH 158/197] Switched to egrep to support optional comma in renewal --- bin/v-update-letsencrypt-ssl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/bin/v-update-letsencrypt-ssl b/bin/v-update-letsencrypt-ssl index 4e8aec80..459b9879 100755 --- a/bin/v-update-letsencrypt-ssl +++ b/bin/v-update-letsencrypt-ssl @@ -43,7 +43,7 @@ for user in $($BIN/v-list-users plain |cut -f 1); do aliases=$(echo "$crt_data" |grep DNS:) aliases=$(echo "$aliases" |sed -e "s/DNS://g" -e "s/,//g") aliases=$(echo "$aliases" |tr ' ' '\n' |sed "/^$/d") - aliases=$(echo "$aliases" |grep -v "^$domain,$") + aliases=$(echo "$aliases" |egrep -v "^$domain,?$") aliases=$(echo "$aliases" |sed -e ':a;N;$!ba;s/\n/,/g') msg=$($BIN/v-add-letsencrypt-domain $user $domain $aliases) if [ $? -ne 0 ]; then From a6028ee4e91451946f041cedc8368a88a0747aa2 Mon Sep 17 00:00:00 2001 From: myrevery <16082142+myrevery@users.noreply.github.com> Date: Mon, 10 Jun 2019 16:10:32 +0800 Subject: [PATCH 159/197] Update cn.php Refine some details. --- web/inc/i18n/cn.php | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/web/inc/i18n/cn.php b/web/inc/i18n/cn.php index 6b6b9d28..903afa60 100644 --- a/web/inc/i18n/cn.php +++ b/web/inc/i18n/cn.php @@ -261,6 +261,8 @@ $LANG['cn'] = array( 'Bandwidth Usage eth1' => '网络使用情况 (eth1)', 'Bandwidth Usage venet0' => '网络使用情况 (venet0)', 'Bandwidth Usage venet1' => '网络使用情况 (venet1)', + 'Bandwidth Usage docker0' => '网络使用情况 (docker0)', + 'Bandwidth Usage docker1' => '网络使用情况 (docker1)', 'Exim Usage' => 'Exim 使用情况', 'FTP Usage' => 'FTP 使用情况', 'SSH Usage' => 'SSH 使用情况', @@ -305,7 +307,7 @@ $LANG['cn'] = array( 'Aliases' => '别名', 'SSL Certificate' => 'SSL证书', 'SSL Key' => 'SSL密钥', - 'SSL Certificate Authority / Intermediate' => 'CA证书或中级证书', + 'SSL Certificate Authority / Intermediate' => 'SSL CA证书 / 中级证书', 'SSL CSR' => 'SSL CSR', 'optional' => '可选', 'internal' => '内部', @@ -386,7 +388,7 @@ $LANG['cn'] = array( 'Download AccessLog' => '下载访问日志', 'Download ErrorLog' => '下载错误日志', 'Country' => '国家地区', - '2 letter code' => '采用 ISO 3166-1 二位代码 如: 中国CN / 美国US', + '2 letter code' => '采用 ISO 3166-1 α-2 二位代码 如: 中国CN / 美国US', 'State / Province' => '州 / 省级', 'City / Locality' => '市 / 地区', 'Organization' => '组织名称', @@ -704,7 +706,7 @@ $LANG['cn'] = array( 'Add File to the Current Selection' => '将文件添加到当前选中区内', 'Select All Files' => '选择所有文件', 'shortcuts are inspired by magnificent GNU Midnight Commander file manager' => - '快捷键的灵感来自旖旎的 GNU Midnight Commander 文件管理器', + '快捷键的灵感来自华丽的 GNU Midnight Commander 文件管理器', 'Licence Key' => '许可密匙', 'Enter License Key' => '输入许可密匙', From 0b0bcf6b157c3e1b70cfd9a026845837282cf324 Mon Sep 17 00:00:00 2001 From: darkworks Date: Thu, 20 Jun 2019 23:11:23 +0500 Subject: [PATCH 160/197] Use Web Domain SSL Certificate -> ur.php updated ur.php translation --- web/inc/i18n/ur.php | 25 ++++++++++++++++++++++++- 1 file changed, 24 insertions(+), 1 deletion(-) diff --git a/web/inc/i18n/ur.php b/web/inc/i18n/ur.php index 960e5631..2c95e821 100644 --- a/web/inc/i18n/ur.php +++ b/web/inc/i18n/ur.php @@ -70,6 +70,7 @@ $LANG['ur'] = array( 'Back' => 'پیچھے', 'Save' => 'محفوظ کریں', 'Submit' => 'جمع', + 'toggle all' => 'تمام ٹاگل', 'apply to selected' => 'منتخب شدہ پر لاگو', 'rebuild' => 'تعمیر نو', @@ -108,6 +109,7 @@ $LANG['ur'] = array( 'enable autoupdate' => 'آٹو اپ ڈیٹ کو چالو', 'disable autoupdate' => 'غیر فعال آٹو اپ ڈیٹ', 'configure' => 'ترتیب دے', + 'Adding User' => 'شامل کرنے صارف', 'Editing User' => 'ترمیم صارف', 'Adding Domain' => 'ڈومین کو شامل کرنے سے', @@ -135,6 +137,7 @@ $LANG['ur'] = array( 'Adding Firewall Rule' => 'فصیل اصول کو شامل کرنے سے', 'Editing Firewall Rule' => 'ترمیم فصیل اصول', 'Adding IP Address to Banlist' => 'Banlist کرنے IP ایڈریس کو شامل کرنے سے', + 'active' => 'فعال', 'spnd' => 'معطل', 'suspended' => 'معطل', @@ -142,6 +145,7 @@ $LANG['ur'] = array( 'stopped' => 'بند کر دیا', 'outdated' => 'فرسودہ', 'updated' => 'اپ ڈیٹ', + 'yes' => 'جی ہاں', 'no' => 'نہیں', 'none' => 'کوئی بھی', @@ -392,14 +396,17 @@ $LANG['ur'] = array( 'FTP' => 'FTP', 'VESTA' => 'Vesta کی', 'Add one more Name Server' => 'ایک اور نام سرور شامل کریں', + 'web domain' => 'ویب ڈومین', 'dns domain' => 'DNS ڈومین', 'dns record' => 'DNS ریکارڈ', 'mail domain' => 'میل ڈومین', 'mail account' => 'میل اکاؤنٹ', 'cron job' => 'کرون کام', + 'cron' => 'کرون', 'user dir' => 'صارف دیر', + 'unlimited' => 'لامحدود', '1 account' => '1 اکاؤنٹ', '%s accounts' => '٪s کے اکاؤنٹس', @@ -494,12 +501,14 @@ $LANG['ur'] = array( 'BACKUP_EXISTS' => 'ایک موجودہ بیک اپ کو پہلے ہی چل رہا ہے. کہ بیک اپ کو ختم کرنے کے لئے براہ کرم انتظار کریں.', 'RESTORE_SCHEDULED' => 'ٹاسک قطار میں شامل کیا گیا ہے. جب آپ کو بحال مکمل کیا گیا ہے آپ کو ایک ای میل کی اطلاع وصول کریں گے.', 'RESTORE_EXISTS' => 'ایک موجودہ بحالی کا کام پہلے سے ہی چل رہا ہے. جو اسے دوبارہ شروع کرنے سے پہلے ختم کرنے کے لئے براہ کرم انتظار کریں.', + 'WEB_EXCLUSIONS' => 'قسم ڈومین کا نام ہے، ایک فی لائن. تمام ڈومینز استعمال کرتے خارج کرنے کے *. شکل مندرجہ ذیل مخصوص dirs استعمال کو خارج کرنے کے لئے: domain.com:public_html/cache:public_html/tmp', 'DNS_EXCLUSIONS' => 'قسم ڈومین کا نام ہے، ایک فی لائن. تمام ڈومینز استعمال کرتے خارج کرنے کے *', 'MAIL_EXCLUSIONS' => 'قسم ڈومین کا نام ہے، ایک فی لائن. تمام ڈومینز استعمال کرتے خارج کرنے کے *. شکل مندرجہ ذیل مخصوص اکاؤنٹس کے استعمال کو خارج کرنے کے لئے: domain.com:info:support:postmaster', 'DB_EXCLUSIONS' => 'مکمل ڈیٹا بیس کا نام ٹائپ کریں، فی لائن ایک. تمام ڈیٹا بیس کا استعمال کرتے خارج کرنے کے *', 'CRON_EXCLUSIONS' => 'تمام ملازمتوں کا استعمال کرتے خارج کرنے کے *', 'USER_EXCLUSIONS' => 'قسم ڈائریکٹری کا نام ہے، ایک فی لائن. تمام dirs استعمال کرتے exlude کرنے *', + 'Welcome to Vesta Control Panel' => 'Vesta کی کنٹرول پینل میں خوش آمدید', 'MAIL_FROM' => ' Vesta کی کنٹرول پینل ', 'GREETINGS_GORDON_FREEMAN' => "ہیلو, %s %s,\n", @@ -535,6 +544,7 @@ $LANG['ur'] = array( 'Oct' => 'اکتوبر', 'Nov' => 'نومبر', 'Dec' => 'دسمبر', + 'Configuring Server' => 'ترتیب سرور', 'Hostname' => 'میزبان کا نام', 'Time Zone' => 'ٹائم زون', @@ -548,7 +558,7 @@ $LANG['ur'] = array( 'MAIL Server' => 'میل سرور', 'Antivirus' => 'اینٹی وائرس', 'AntiSpam' => 'اینٹی سپیم', - 'Use Web Domain SSL Certificate' => 'Use Web Domain SSL Certificate', + 'Use Web Domain SSL Certificate' => 'ایس ایس ایل ویب ڈومین سرٹیفکیٹ کااستعمال کریں', 'Webmail URL' => 'ویب میل URL', 'MySQL Support' => 'ایس کیو ایل کی معاونت کی', 'phpMyAdmin URL' => 'phpMyAdmin کے یو آر ایل', @@ -572,11 +582,14 @@ $LANG['ur'] = array( 'Backup Migration Manager' => 'بیک اپ مائیگریشن مینیجر', 'FileManager' => 'فائل مینیجر', 'show: CPU / MEM / NET / DISK' => 'دکھائیں: CPU / MEM / NET / ڈسک', + 'sort by' => 'بہ ترتیب', 'Date' => 'تاریخ', 'Starred' => 'ستارے کے نشان', 'Name' => 'نام', + 'save to favorites' => 'پسندیدہ میں محفوظ کریں', + 'File Manager' => 'فائل منیجر', 'size' => 'سائز', 'date' => 'تاریخ', @@ -639,6 +652,7 @@ $LANG['ur'] = array( 'read by others' => 'دوسروں کی طرف سے پڑھا', 'write by others' => 'دوسروں کی طرف سے لکھ', 'execute/search by others' => 'پھانسی دوسروں کی طرف سے / تلاش', + 'Shortcuts' => 'شارٹ کٹ', 'Add New object' => 'نیا اعتراض شامل کریں', 'Save Form' => 'فارم محفوظ کریں', @@ -657,6 +671,7 @@ $LANG['ur'] = array( 'Enter focused element' => 'مرکوز عنصر درج', 'Move up through elements list' => 'عناصر فہرست کے ذریعے اوپر منتقل کریں', 'Move down through elements list' => 'عناصر فہرست کے ذریعے نیچے لے جائیں', + 'Upload' => 'اپ لوڈ کریں', 'New File' => 'نئی فائل', 'New Folder' => 'نیا فولڈر', @@ -680,6 +695,7 @@ $LANG['ur'] = array( 'Select All Files' => 'تمام فائلوں کو منتخب', 'shortcuts are inspired by magnificent GNU Midnight Commander file manager' => '.فائل مینیجر Midnight Commander شارٹ کٹ شاندار GNU سے متاثر ہیں', + 'Licence Key' => 'لائسنس کلید', 'Enter License Key' => 'لائسنس کلید درج کریں', 'Buy Licence' => 'ابھی لائسنس', @@ -690,6 +706,7 @@ $LANG['ur'] = array( 'Restrict users so that they cannot use SSH and access only their home directory.' => 'وہ SSH اور رسائی صرف ان کے گھر کی ڈائریکٹری کا استعمال نہیں کر سکتے ہیں تاکہ صارفین کو محدود کریں.', 'Browse, copy, edit, view, and retrieve all of your web domain files using fully featured File Manager.' => 'براؤز کریں، کاپی، ترمیم، دیکھیں، اور مکمل طور پر نمایاں فائل مینیجر کا استعمال کرتے ہوئے آپ کی ویب ڈومین فائلوں کی تمام بازیافت.', 'This is a commercial module, you would need to purchace license key to enable it.' => 'یہ ایک تجارتی ماڈیول ہے، آپ اسے چالو کرنے کے لئے لائسنس کی چابی purchace کرنے کی ضرورت گا.', + 'Minutes' => 'منٹس', 'Hourly' => 'گھنٹہ وار', 'Run Command' => 'چلائیں کمان', @@ -714,8 +731,10 @@ $LANG['ur'] = array( 'every two minutes' => 'ہر دو منٹ', 'every' => 'ہر کوئی', 'Generate' => 'بنائیں', + 'webalizer' => 'webalizer', 'awstats' => 'awstats', + 'Vesta SSL' => 'Vesta کی SSL', 'SUBJECT' => 'مضمون', 'ALIASES' => 'عرفیتیں', @@ -724,14 +743,18 @@ $LANG['ur'] = array( 'SIGNATURE' => 'دستخط', 'PUB_KEY' => 'PUB_KEY', 'ISSUER' => 'ISSUER', + 'Use server hostname' => 'سرور استعمال میزبان نام', 'Use domain hostname' => 'ڈومین کا استعمال میزبان نام', 'Use STARTTLS' => 'STARTTLS استعمال', 'Use SSL' => 'SSL استعمال کریں', 'No encryption' => 'کوئی خفیہ کاری', 'Do not use encryption' => 'خفیہ کاری کا استعمال نہ کریں', + 'maximum characters length, including prefix' => 'زیادہ سے زیادہ ٪s کو حروف لمبائی، سابقہ سم', + 'Email Credentials' => 'ای میل کی سند', + '%s rule' => 'قواعد %s', 'MainDomain' => 'اہم ڈومین', 'SubDomain' => 'ذیلی ڈومین', From 0829d631c99e05347a29169acb42dad0085e8b11 Mon Sep 17 00:00:00 2001 From: Timo Stramann <21283057+TimoStramann@users.noreply.github.com> Date: Thu, 4 Jul 2019 02:47:02 +0200 Subject: [PATCH 161/197] vBulletin 5 template based on default stpl --- .../web/nginx/php-fpm/vbulletin5.stpl | 105 ++++++++++++++++++ 1 file changed, 105 insertions(+) create mode 100644 install/debian/9/templates/web/nginx/php-fpm/vbulletin5.stpl diff --git a/install/debian/9/templates/web/nginx/php-fpm/vbulletin5.stpl b/install/debian/9/templates/web/nginx/php-fpm/vbulletin5.stpl new file mode 100644 index 00000000..eebb3e42 --- /dev/null +++ b/install/debian/9/templates/web/nginx/php-fpm/vbulletin5.stpl @@ -0,0 +1,105 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + # legacy css being handled separate for performance + location = /css\.php { + rewrite ^ /core/css.php break; + } + + # make install available from presentation + location ^~ /install { + rewrite ^/install/ /core/install/ break; + } + + # any request to not existing item gets redirected through routestring + location / { + if (!-f $request_filename) { + rewrite ^/(.*)$ /index.php?routestring=$1 last; + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + } + + # make admincp available from presentation + location ^~ /admincp { + if (!-f $request_filename) { + rewrite ^/admincp/(.*)$ /index.php?routestring=admincp/$1 last; + } + } + + # process any php scripts, not found gets redirected through routestring + location ~ \.php$ { + # handles legacy scripts + if (!-f $request_filename) { + rewrite ^/(.*)$ /index.php?routestring=$1 break; + } + + fastcgi_split_path_info ^(.+\.php)(.*)$; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include fastcgi_params; + fastcgi_param QUERY_STRING $query_string; + fastcgi_param REQUEST_METHOD $request_method; + fastcgi_param CONTENT_TYPE $content_type; + fastcgi_param CONTENT_LENGTH $content_length; + fastcgi_intercept_errors on; + fastcgi_ignore_client_abort off; + fastcgi_connect_timeout 60; + fastcgi_send_timeout 180; + fastcgi_read_timeout 180; + fastcgi_buffers 256 16k; + fastcgi_buffer_size 32k; + fastcgi_temp_file_write_size 256k; + + include /etc/nginx/fastcgi_params; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/web/%domain%/stats/auth.conf*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain_idn%.conf*; +} From de51aa46926399ea26b72b89dd0db67db2c99786 Mon Sep 17 00:00:00 2001 From: Timo Stramann <21283057+TimoStramann@users.noreply.github.com> Date: Thu, 4 Jul 2019 02:52:16 +0200 Subject: [PATCH 162/197] vBulletin 5 template based on default tpl --- .../web/nginx/php-fpm/vbulletin5.tpl | 100 ++++++++++++++++++ 1 file changed, 100 insertions(+) create mode 100644 install/debian/9/templates/web/nginx/php-fpm/vbulletin5.tpl diff --git a/install/debian/9/templates/web/nginx/php-fpm/vbulletin5.tpl b/install/debian/9/templates/web/nginx/php-fpm/vbulletin5.tpl new file mode 100644 index 00000000..2c5c9988 --- /dev/null +++ b/install/debian/9/templates/web/nginx/php-fpm/vbulletin5.tpl @@ -0,0 +1,100 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + # legacy css being handled separate for performance + location = /css\.php { + rewrite ^ /core/css.php break; + } + + # make install available from presentation + location ^~ /install { + rewrite ^/install/ /core/install/ break; + } + + # any request to not existing item gets redirected through routestring + location / { + if (!-f $request_filename) { + rewrite ^/(.*)$ /index.php?routestring=$1 last; + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + } + + # make admincp available from presentation + location ^~ /admincp { + if (!-f $request_filename) { + rewrite ^/admincp/(.*)$ /index.php?routestring=admincp/$1 last; + } + } + + # process any php scripts, not found gets redirected through routestring + location ~ \.php$ { + # handles legacy scripts + if (!-f $request_filename) { + rewrite ^/(.*)$ /index.php?routestring=$1 break; + } + + fastcgi_split_path_info ^(.+\.php)(.*)$; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include fastcgi_params; + fastcgi_param QUERY_STRING $query_string; + fastcgi_param REQUEST_METHOD $request_method; + fastcgi_param CONTENT_TYPE $content_type; + fastcgi_param CONTENT_LENGTH $content_length; + fastcgi_intercept_errors on; + fastcgi_ignore_client_abort off; + fastcgi_connect_timeout 60; + fastcgi_send_timeout 180; + fastcgi_read_timeout 180; + fastcgi_buffers 256 16k; + fastcgi_buffer_size 32k; + fastcgi_temp_file_write_size 256k; + + include /etc/nginx/fastcgi_params; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/web/%domain%/stats/auth.conf*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain_idn%.conf*; +} From 8d83d0235e2ee44b9613559cce792b1985b2c3f1 Mon Sep 17 00:00:00 2001 From: Timo Stramann <21283057+TimoStramann@users.noreply.github.com> Date: Thu, 4 Jul 2019 02:53:03 +0200 Subject: [PATCH 163/197] vBulletin 5 template based on default tpl --- .../web/nginx/php-fpm/vbulletin5.tpl | 100 ++++++++++++++++++ 1 file changed, 100 insertions(+) create mode 100644 install/ubuntu/18.04/templates/web/nginx/php-fpm/vbulletin5.tpl diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/vbulletin5.tpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/vbulletin5.tpl new file mode 100644 index 00000000..2c5c9988 --- /dev/null +++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/vbulletin5.tpl @@ -0,0 +1,100 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + # legacy css being handled separate for performance + location = /css\.php { + rewrite ^ /core/css.php break; + } + + # make install available from presentation + location ^~ /install { + rewrite ^/install/ /core/install/ break; + } + + # any request to not existing item gets redirected through routestring + location / { + if (!-f $request_filename) { + rewrite ^/(.*)$ /index.php?routestring=$1 last; + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + } + + # make admincp available from presentation + location ^~ /admincp { + if (!-f $request_filename) { + rewrite ^/admincp/(.*)$ /index.php?routestring=admincp/$1 last; + } + } + + # process any php scripts, not found gets redirected through routestring + location ~ \.php$ { + # handles legacy scripts + if (!-f $request_filename) { + rewrite ^/(.*)$ /index.php?routestring=$1 break; + } + + fastcgi_split_path_info ^(.+\.php)(.*)$; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include fastcgi_params; + fastcgi_param QUERY_STRING $query_string; + fastcgi_param REQUEST_METHOD $request_method; + fastcgi_param CONTENT_TYPE $content_type; + fastcgi_param CONTENT_LENGTH $content_length; + fastcgi_intercept_errors on; + fastcgi_ignore_client_abort off; + fastcgi_connect_timeout 60; + fastcgi_send_timeout 180; + fastcgi_read_timeout 180; + fastcgi_buffers 256 16k; + fastcgi_buffer_size 32k; + fastcgi_temp_file_write_size 256k; + + include /etc/nginx/fastcgi_params; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/web/%domain%/stats/auth.conf*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain_idn%.conf*; +} From ef36a47ce0f7f605a96eae588cdc69223241d3b1 Mon Sep 17 00:00:00 2001 From: Timo Stramann <21283057+TimoStramann@users.noreply.github.com> Date: Thu, 4 Jul 2019 02:53:49 +0200 Subject: [PATCH 164/197] vBulletin 5 template based on default stpl --- .../web/nginx/php-fpm/vbulletin5.stpl | 105 ++++++++++++++++++ 1 file changed, 105 insertions(+) create mode 100644 install/ubuntu/18.04/templates/web/nginx/php-fpm/vbulletin5.stpl diff --git a/install/ubuntu/18.04/templates/web/nginx/php-fpm/vbulletin5.stpl b/install/ubuntu/18.04/templates/web/nginx/php-fpm/vbulletin5.stpl new file mode 100644 index 00000000..eebb3e42 --- /dev/null +++ b/install/ubuntu/18.04/templates/web/nginx/php-fpm/vbulletin5.stpl @@ -0,0 +1,105 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + # legacy css being handled separate for performance + location = /css\.php { + rewrite ^ /core/css.php break; + } + + # make install available from presentation + location ^~ /install { + rewrite ^/install/ /core/install/ break; + } + + # any request to not existing item gets redirected through routestring + location / { + if (!-f $request_filename) { + rewrite ^/(.*)$ /index.php?routestring=$1 last; + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + } + + # make admincp available from presentation + location ^~ /admincp { + if (!-f $request_filename) { + rewrite ^/admincp/(.*)$ /index.php?routestring=admincp/$1 last; + } + } + + # process any php scripts, not found gets redirected through routestring + location ~ \.php$ { + # handles legacy scripts + if (!-f $request_filename) { + rewrite ^/(.*)$ /index.php?routestring=$1 break; + } + + fastcgi_split_path_info ^(.+\.php)(.*)$; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include fastcgi_params; + fastcgi_param QUERY_STRING $query_string; + fastcgi_param REQUEST_METHOD $request_method; + fastcgi_param CONTENT_TYPE $content_type; + fastcgi_param CONTENT_LENGTH $content_length; + fastcgi_intercept_errors on; + fastcgi_ignore_client_abort off; + fastcgi_connect_timeout 60; + fastcgi_send_timeout 180; + fastcgi_read_timeout 180; + fastcgi_buffers 256 16k; + fastcgi_buffer_size 32k; + fastcgi_temp_file_write_size 256k; + + include /etc/nginx/fastcgi_params; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/web/%domain%/stats/auth.conf*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain_idn%.conf*; +} From 81842cc878157d10d61e5cae5a2e8a26f9906df9 Mon Sep 17 00:00:00 2001 From: Timo Stramann <21283057+TimoStramann@users.noreply.github.com> Date: Thu, 4 Jul 2019 02:55:10 +0200 Subject: [PATCH 165/197] vBulletin 5 template based on default tpl --- .../web/nginx/php-fpm/vbulletin5.tpl | 100 ++++++++++++++++++ 1 file changed, 100 insertions(+) create mode 100644 install/ubuntu/18.10/templates/web/nginx/php-fpm/vbulletin5.tpl diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/vbulletin5.tpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/vbulletin5.tpl new file mode 100644 index 00000000..2c5c9988 --- /dev/null +++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/vbulletin5.tpl @@ -0,0 +1,100 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + # legacy css being handled separate for performance + location = /css\.php { + rewrite ^ /core/css.php break; + } + + # make install available from presentation + location ^~ /install { + rewrite ^/install/ /core/install/ break; + } + + # any request to not existing item gets redirected through routestring + location / { + if (!-f $request_filename) { + rewrite ^/(.*)$ /index.php?routestring=$1 last; + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + } + + # make admincp available from presentation + location ^~ /admincp { + if (!-f $request_filename) { + rewrite ^/admincp/(.*)$ /index.php?routestring=admincp/$1 last; + } + } + + # process any php scripts, not found gets redirected through routestring + location ~ \.php$ { + # handles legacy scripts + if (!-f $request_filename) { + rewrite ^/(.*)$ /index.php?routestring=$1 break; + } + + fastcgi_split_path_info ^(.+\.php)(.*)$; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include fastcgi_params; + fastcgi_param QUERY_STRING $query_string; + fastcgi_param REQUEST_METHOD $request_method; + fastcgi_param CONTENT_TYPE $content_type; + fastcgi_param CONTENT_LENGTH $content_length; + fastcgi_intercept_errors on; + fastcgi_ignore_client_abort off; + fastcgi_connect_timeout 60; + fastcgi_send_timeout 180; + fastcgi_read_timeout 180; + fastcgi_buffers 256 16k; + fastcgi_buffer_size 32k; + fastcgi_temp_file_write_size 256k; + + include /etc/nginx/fastcgi_params; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/web/%domain%/stats/auth.conf*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain_idn%.conf*; +} From ce6640010bc9fd6f1adef0b40b3643610152a9d8 Mon Sep 17 00:00:00 2001 From: Timo Stramann <21283057+TimoStramann@users.noreply.github.com> Date: Thu, 4 Jul 2019 02:55:47 +0200 Subject: [PATCH 166/197] vBulletin 5 template based on default tpl --- .../web/nginx/php-fpm/vbulletin5.stpl | 105 ++++++++++++++++++ 1 file changed, 105 insertions(+) create mode 100644 install/ubuntu/18.10/templates/web/nginx/php-fpm/vbulletin5.stpl diff --git a/install/ubuntu/18.10/templates/web/nginx/php-fpm/vbulletin5.stpl b/install/ubuntu/18.10/templates/web/nginx/php-fpm/vbulletin5.stpl new file mode 100644 index 00000000..eebb3e42 --- /dev/null +++ b/install/ubuntu/18.10/templates/web/nginx/php-fpm/vbulletin5.stpl @@ -0,0 +1,105 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + # legacy css being handled separate for performance + location = /css\.php { + rewrite ^ /core/css.php break; + } + + # make install available from presentation + location ^~ /install { + rewrite ^/install/ /core/install/ break; + } + + # any request to not existing item gets redirected through routestring + location / { + if (!-f $request_filename) { + rewrite ^/(.*)$ /index.php?routestring=$1 last; + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + } + + # make admincp available from presentation + location ^~ /admincp { + if (!-f $request_filename) { + rewrite ^/admincp/(.*)$ /index.php?routestring=admincp/$1 last; + } + } + + # process any php scripts, not found gets redirected through routestring + location ~ \.php$ { + # handles legacy scripts + if (!-f $request_filename) { + rewrite ^/(.*)$ /index.php?routestring=$1 break; + } + + fastcgi_split_path_info ^(.+\.php)(.*)$; + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include fastcgi_params; + fastcgi_param QUERY_STRING $query_string; + fastcgi_param REQUEST_METHOD $request_method; + fastcgi_param CONTENT_TYPE $content_type; + fastcgi_param CONTENT_LENGTH $content_length; + fastcgi_intercept_errors on; + fastcgi_ignore_client_abort off; + fastcgi_connect_timeout 60; + fastcgi_send_timeout 180; + fastcgi_read_timeout 180; + fastcgi_buffers 256 16k; + fastcgi_buffer_size 32k; + fastcgi_temp_file_write_size 256k; + + include /etc/nginx/fastcgi_params; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + location /vstats/ { + alias %home%/%user%/web/%domain%/stats/; + include %home%/%user%/web/%domain%/stats/auth.conf*; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain_idn%.conf*; +} From 9c42ce85de30cc0615092689e37043576518b071 Mon Sep 17 00:00:00 2001 From: myrevery <16082142+myrevery@users.noreply.github.com> Date: Mon, 15 Jul 2019 06:17:02 -0700 Subject: [PATCH 167/197] Update cn.php Refine some details. --- web/inc/i18n/cn.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/web/inc/i18n/cn.php b/web/inc/i18n/cn.php index 903afa60..dd39bc10 100644 --- a/web/inc/i18n/cn.php +++ b/web/inc/i18n/cn.php @@ -98,7 +98,7 @@ $LANG['cn'] = array( 'list accounts' => '列出 %s 个账户', 'add account' => '添加账户', 'open webmail' => '打开网页邮箱', - 'list fail2ban' => 'Fail2ban 封锁名单', + 'list fail2ban' => 'Fail2ban 封锁列表', 'open %s' => '打开 %s', 'download' => '下载', 'restore' => '恢复', @@ -142,7 +142,7 @@ $LANG['cn'] = array( 'Search Results' => '搜索结果', 'Adding Firewall Rule' => '添加防火墙规则', 'Editing Firewall Rule' => '编辑防火墙规则', - 'Adding IP Address to Banlist' => '添加IP至封锁名单', + 'Adding IP Address to Banlist' => '添加IP至封锁列表', 'active' => '正常', 'spnd' => '暂停', @@ -765,5 +765,5 @@ $LANG['cn'] = array( 'maximum characters length, including prefix' => '包含前缀最多 %s 个字符', - 'Email Credentials' => '电子邮件证书', + 'Email Credentials' => '电子邮件凭据', ); From d74ac9980a2cbfcebc145e86fe4d26ed85b9a7bc Mon Sep 17 00:00:00 2001 From: Dmitry Bannik Date: Sat, 20 Jul 2019 02:36:30 +0300 Subject: [PATCH 168/197] fixed add sftp server backup --- bin/v-add-backup-host | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/bin/v-add-backup-host b/bin/v-add-backup-host index 4e727229..bccaa03e 100755 --- a/bin/v-add-backup-host +++ b/bin/v-add-backup-host @@ -38,8 +38,7 @@ EOF sftpc() { expect -f "-" < Date: Mon, 22 Jul 2019 16:55:55 +0300 Subject: [PATCH 169/197] rfc2324 partial support: any attempt to brew coffee with a teapot should result in the error code 418 - I'm a teapot --- func/main.sh | 1 + 1 file changed, 1 insertion(+) diff --git a/func/main.sh b/func/main.sh index 94505606..d0b26d5e 100644 --- a/func/main.sh +++ b/func/main.sh @@ -35,6 +35,7 @@ E_DB=17 E_RRD=18 E_UPDATE=19 E_RESTART=20 +E_TEAPOT=418 # Event string for logger for ((I=1; I <= $# ; I++)); do From dbb8b8c6745233bf3af52f301e8d58e21920ac40 Mon Sep 17 00:00:00 2001 From: Sergey Kovalets Date: Fri, 26 Jul 2019 02:23:40 +0300 Subject: [PATCH 170/197] Create vsftpd.conf --- install/rhel/8/vsftpd/vsftpd.conf | 40 +++++++++++++++++++++++++++++++ 1 file changed, 40 insertions(+) create mode 100644 install/rhel/8/vsftpd/vsftpd.conf diff --git a/install/rhel/8/vsftpd/vsftpd.conf b/install/rhel/8/vsftpd/vsftpd.conf new file mode 100644 index 00000000..75e0104f --- /dev/null +++ b/install/rhel/8/vsftpd/vsftpd.conf @@ -0,0 +1,40 @@ +anonymous_enable=NO +local_enable=YES +write_enable=YES +local_umask=022 +anon_umask=022 +anon_upload_enable=NO +dirmessage_enable=YES +xferlog_enable=YES +connect_from_port_20=YES +xferlog_std_format=YES +dual_log_enable=YES +chroot_local_user=YES +listen=YES +pam_service_name=vsftpd +userlist_enable=NO +tcp_wrappers=YES +force_dot_files=YES +ascii_upload_enable=YES +ascii_download_enable=YES +allow_writeable_chroot=YES +seccomp_sandbox=NO +pasv_enable=YES +pasv_promiscuous=YES +pasv_min_port=12000 +pasv_max_port=12100 +max_per_ip=10 +max_clients=100 +use_localtime=YES +utf8_filesystem=YES +ssl_enable=YES +allow_anon_ssl=NO +require_ssl_reuse=NO +ssl_ciphers=HIGH +ssl_tlsv1=YES +ssl_sslv2=NO +ssl_sslv3=NO +force_local_data_ssl=NO +force_local_logins_ssl=NO +rsa_cert_file=/usr/local/vesta/ssl/certificate.crt +rsa_private_key_file=/usr/local/vesta/ssl/certificate.key From bb44f4197b4e5de219bc00197f89517c7e92bc2a Mon Sep 17 00:00:00 2001 From: Serghey Rodin Date: Tue, 30 Jul 2019 18:32:30 +0300 Subject: [PATCH 171/197] hardering user validation --- func/main.sh | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/func/main.sh b/func/main.sh index d0b26d5e..edbaa664 100644 --- a/func/main.sh +++ b/func/main.sh @@ -213,7 +213,8 @@ is_object_new() { # Check if object is valid is_object_valid() { if [ $2 = 'USER' ]; then - if [ ! -d "$VESTA/data/users/$3" ]; then + user_vst_dir=$(basename $3) + if [ ! -d "$VESTA/data/users/$user_vst_dir" ]; then check_result $E_NOTEXIST "$1 $3 doesn't exist" fi else From c9bf443c6aaa8ea684d459e83cfd9a7af9b58828 Mon Sep 17 00:00:00 2001 From: Serghey Rodin Date: Wed, 31 Jul 2019 00:46:04 +0300 Subject: [PATCH 172/197] added user format valdation --- bin/v-delete-user-favourites | 2 ++ bin/v-list-dns-domain | 1 + bin/v-list-letsencrypt-user | 1 + bin/v-list-mail-domain-dkim-dns | 1 + bin/v-list-user | 1 + bin/v-list-user-backup | 1 + bin/v-list-user-stats | 1 + bin/v-list-web-domain | 1 + bin/v-list-web-domain-ssl | 1 + bin/v-list-web-domains | 1 + 10 files changed, 11 insertions(+) diff --git a/bin/v-delete-user-favourites b/bin/v-delete-user-favourites index 374fa430..28a8dd97 100755 --- a/bin/v-delete-user-favourites +++ b/bin/v-delete-user-favourites @@ -32,6 +32,8 @@ case $system in DNS_REC) is_format_valid 'id' ;; *) is_format_valid 'object' esac + +is_format_valid 'user' is_object_valid 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user" diff --git a/bin/v-list-dns-domain b/bin/v-list-dns-domain index f72943f9..c9c3f1ea 100755 --- a/bin/v-list-dns-domain +++ b/bin/v-list-dns-domain @@ -71,6 +71,7 @@ csv_list() { #----------------------------------------------------------# check_args '2' "$#" 'USER DOMAIN [FORMAT]' +is_format_valid 'user' 'domain' is_object_valid 'user' 'USER' "$user" is_object_valid 'dns' 'DOMAIN' "$domain" diff --git a/bin/v-list-letsencrypt-user b/bin/v-list-letsencrypt-user index 6289ecba..f6e2c774 100755 --- a/bin/v-list-letsencrypt-user +++ b/bin/v-list-letsencrypt-user @@ -56,6 +56,7 @@ csv_list() { #----------------------------------------------------------# check_args '1' "$#" 'USER [FORMAT]' +is_format_valid 'user' is_object_valid 'user' 'USER' "$user" if [ ! -e "$USER_DATA/ssl/le.conf" ]; then check_result $E_NOTEXIST "LetsEncrypt user account doesn't exist" diff --git a/bin/v-list-mail-domain-dkim-dns b/bin/v-list-mail-domain-dkim-dns index 8623089e..d9f9d5ba 100755 --- a/bin/v-list-mail-domain-dkim-dns +++ b/bin/v-list-mail-domain-dkim-dns @@ -57,6 +57,7 @@ csv_list() { #----------------------------------------------------------# check_args '2' "$#" 'USER DOMAIN [FORMAT]' +is_format_valid 'user' 'domain' is_object_valid 'user' 'USER' "$user" is_object_valid 'mail' 'DOMAIN' "$domain" diff --git a/bin/v-list-user b/bin/v-list-user index 05649f91..57b48bb3 100755 --- a/bin/v-list-user +++ b/bin/v-list-user @@ -154,6 +154,7 @@ csv_list() { #----------------------------------------------------------# check_args '1' "$#" 'USER [FORMAT]' +is_format_valid 'user' is_object_valid 'user' 'USER' "$user" diff --git a/bin/v-list-user-backup b/bin/v-list-user-backup index 2e0a98d0..8ee8a41b 100755 --- a/bin/v-list-user-backup +++ b/bin/v-list-user-backup @@ -75,6 +75,7 @@ csv_list() { #----------------------------------------------------------# check_args '2' "$#" 'USER BACKUP [FORMAT]' +is_format_valid 'user' is_object_valid 'user' 'USER' "$user" is_object_valid 'backup' 'BACKUP' "$backup" diff --git a/bin/v-list-user-stats b/bin/v-list-user-stats index 11b867af..0fa7dc90 100755 --- a/bin/v-list-user-stats +++ b/bin/v-list-user-stats @@ -115,6 +115,7 @@ csv_list() { #----------------------------------------------------------# check_args '1' "$#" 'USER [FORMAT]' +is_format_valid 'user' is_object_valid 'user' 'USER' "$user" diff --git a/bin/v-list-web-domain b/bin/v-list-web-domain index e0f9492c..7e33a4ab 100755 --- a/bin/v-list-web-domain +++ b/bin/v-list-web-domain @@ -110,6 +110,7 @@ csv_list() { #----------------------------------------------------------# check_args '2' "$#" 'USER DOMAIN [FORMAT]' +is_format_valid 'user' 'domain' is_object_valid 'user' 'USER' "$user" is_object_valid 'web' 'DOMAIN' "$domain" diff --git a/bin/v-list-web-domain-ssl b/bin/v-list-web-domain-ssl index 99fd5cf8..d637cf89 100755 --- a/bin/v-list-web-domain-ssl +++ b/bin/v-list-web-domain-ssl @@ -98,6 +98,7 @@ csv_list() { #----------------------------------------------------------# check_args '2' "$#" 'USER DOMAIN [FORMAT]' +is_format_valid 'user' 'domain' is_object_valid 'user' 'USER' "$user" is_object_valid 'web' 'DOMAIN' "$domain" diff --git a/bin/v-list-web-domains b/bin/v-list-web-domains index a31199fa..23de5fb4 100755 --- a/bin/v-list-web-domains +++ b/bin/v-list-web-domains @@ -100,6 +100,7 @@ csv_list() { #----------------------------------------------------------# check_args '1' "$#" 'USER [FORMAT]' +is_format_valid 'user' is_object_valid 'user' 'USER' "$user" From b17b4b205df0c01dada54d9684cfaa94b924064a Mon Sep 17 00:00:00 2001 From: Serghey Rodin Date: Wed, 7 Aug 2019 18:46:40 +0300 Subject: [PATCH 173/197] removed unnecessary single quotes for security reasons / thanks to Andrea Cardaci --- web/add/ip/index.php | 6 ++-- web/add/web/index.php | 10 +++---- web/edit/backup/exclusions/index.php | 2 +- web/edit/cron/index.php | 2 +- web/edit/db/index.php | 2 +- web/edit/dns/index.php | 12 ++++---- web/edit/firewall/index.php | 2 +- web/edit/ip/index.php | 8 ++--- web/edit/mail/index.php | 8 ++--- web/edit/package/index.php | 6 ++-- web/edit/server/index.php | 10 +++---- web/edit/web/index.php | 45 +++++++++++++++------------- web/list/stats/index.php | 2 +- web/reset/mail/index.php | 10 +++---- web/upload/UploadHandler.php | 2 +- 15 files changed, 65 insertions(+), 62 deletions(-) diff --git a/web/add/ip/index.php b/web/add/ip/index.php index 8746ed08..73f56b38 100644 --- a/web/add/ip/index.php +++ b/web/add/ip/index.php @@ -57,7 +57,7 @@ if (!empty($_POST['ok'])) { // Add IP if (empty($_SESSION['error_msg'])) { - exec (VESTA_CMD."v-add-sys-ip ".$v_ip." ".$v_netmask." ".$v_interface." ".$v_owner." '".$ip_status."' ".$v_name." ".$v_nat, $output, $return_var); + exec (VESTA_CMD."v-add-sys-ip ".$v_ip." ".$v_netmask." ".$v_interface." ".$v_owner." ".$ip_status." ".$v_name." ".$v_nat, $output, $return_var); check_return_code($return_var,$output); unset($output); $v_owner = $_POST['v_owner']; @@ -75,12 +75,12 @@ if (!empty($_POST['ok'])) { } // List network interfaces -exec (VESTA_CMD."v-list-sys-interfaces 'json'", $output, $return_var); +exec (VESTA_CMD."v-list-sys-interfaces json", $output, $return_var); $interfaces = json_decode(implode('', $output), true); unset($output); // List users -exec (VESTA_CMD."v-list-sys-users 'json'", $output, $return_var); +exec (VESTA_CMD."v-list-sys-users json", $output, $return_var); $users = json_decode(implode('', $output), true); unset($output); diff --git a/web/add/web/index.php b/web/add/web/index.php index e6448c91..d77b8f40 100644 --- a/web/add/web/index.php +++ b/web/add/web/index.php @@ -118,7 +118,7 @@ if (!empty($_POST['ok'])) { // Add web domain if (empty($_SESSION['error_msg'])) { - exec (VESTA_CMD."v-add-web-domain ".$user." ".$v_domain." ".$v_ip." 'no' ".$aliases." ".$proxy_ext, $output, $return_var); + exec (VESTA_CMD."v-add-web-domain ".$user." ".$v_domain." ".$v_ip." no ".$aliases." ".$proxy_ext, $output, $return_var); check_return_code($return_var,$output); unset($output); $domain_added = empty($_SESSION['error_msg']); @@ -126,7 +126,7 @@ if (!empty($_POST['ok'])) { // Add DNS domain if (($_POST['v_dns'] == 'on') && (empty($_SESSION['error_msg']))) { - exec (VESTA_CMD."v-add-dns-domain ".$user." ".$v_domain." ".$v_public_ip." '' '' '' '' '' '' '' '' 'no'", $output, $return_var); + exec (VESTA_CMD."v-add-dns-domain ".$user." ".$v_domain." ".$v_public_ip." '' '' '' '' '' '' '' '' no", $output, $return_var); check_return_code($return_var,$output); unset($output); } @@ -136,7 +136,7 @@ if (!empty($_POST['ok'])) { foreach ($aliases_arr as $alias) { if ($alias != "www.".$_POST['v_domain']) { $alias = escapeshellarg($alias); - exec (VESTA_CMD."v-add-dns-on-web-alias ".$user." ".$alias." ".$v_ip." 'no'", $output, $return_var); + exec (VESTA_CMD."v-add-dns-on-web-alias ".$user." ".$alias." ".$v_ip." no", $output, $return_var); check_return_code($return_var,$output); unset($output); } @@ -153,7 +153,7 @@ if (!empty($_POST['ok'])) { // Delete proxy support if ((!empty($_SESSION['PROXY_SYSTEM'])) && ($_POST['v_proxy'] == 'off') && (empty($_SESSION['error_msg']))) { $ext = escapeshellarg($ext); - exec (VESTA_CMD."v-delete-web-domain-proxy ".$user." ".$v_domain." 'no'", $output, $return_var); + exec (VESTA_CMD."v-delete-web-domain-proxy ".$user." ".$v_domain." no", $output, $return_var); check_return_code($return_var,$output); unset($output); } @@ -195,7 +195,7 @@ if (!empty($_POST['ok'])) { } $v_ssl_home = escapeshellarg($_POST['v_ssl_home']); - exec (VESTA_CMD."v-add-web-domain-ssl ".$user." ".$v_domain." ".$tmpdir." ".$v_ssl_home." 'no'", $output, $return_var); + exec (VESTA_CMD."v-add-web-domain-ssl ".$user." ".$v_domain." ".$tmpdir." ".$v_ssl_home." no", $output, $return_var); check_return_code($return_var,$output); unset($output); } diff --git a/web/edit/backup/exclusions/index.php b/web/edit/backup/exclusions/index.php index bbbb4b3e..f4b854b0 100644 --- a/web/edit/backup/exclusions/index.php +++ b/web/edit/backup/exclusions/index.php @@ -12,7 +12,7 @@ if (($_SESSION['user'] == 'admin') && (!empty($_GET['user']))) { } // List backup exclustions -exec (VESTA_CMD."v-list-user-backup-exclusions ".$user." 'json'", $output, $return_var); +exec (VESTA_CMD."v-list-user-backup-exclusions ".$user." json", $output, $return_var); check_return_code($return_var,$output); $data = json_decode(implode('', $output), true); unset($output); diff --git a/web/edit/cron/index.php b/web/edit/cron/index.php index 3d8e9922..9f7ffb34 100644 --- a/web/edit/cron/index.php +++ b/web/edit/cron/index.php @@ -20,7 +20,7 @@ if (empty($_GET['job'])) { // List cron job $v_job = escapeshellarg($_GET['job']); -exec (VESTA_CMD."v-list-cron-job ".$user." ".$v_job." 'json'", $output, $return_var); +exec (VESTA_CMD."v-list-cron-job ".$user." ".$v_job." json", $output, $return_var); check_return_code($return_var,$output); $data = json_decode(implode('', $output), true); diff --git a/web/edit/db/index.php b/web/edit/db/index.php index 763717bc..232f6322 100644 --- a/web/edit/db/index.php +++ b/web/edit/db/index.php @@ -20,7 +20,7 @@ if (($_SESSION['user'] == 'admin') && (!empty($_GET['user']))) { // List datbase $v_database = escapeshellarg($_GET['database']); -exec (VESTA_CMD."v-list-database ".$user." ".$v_database." 'json'", $output, $return_var); +exec (VESTA_CMD."v-list-database ".$user." ".$v_database." json", $output, $return_var); check_return_code($return_var,$output); $data = json_decode(implode('', $output), true); unset($output); diff --git a/web/edit/dns/index.php b/web/edit/dns/index.php index 3c2e1e5c..b8cbc4db 100644 --- a/web/edit/dns/index.php +++ b/web/edit/dns/index.php @@ -52,7 +52,7 @@ if ((!empty($_GET['domain'])) && (empty($_GET['record_id']))) { if ((!empty($_GET['domain'])) && (!empty($_GET['record_id']))) { $v_domain = escapeshellarg($_GET['domain']); $v_record_id = escapeshellarg($_GET['record_id']); - exec (VESTA_CMD."v-list-dns-records ".$user." ".$v_domain." 'json'", $output, $return_var); + exec (VESTA_CMD."v-list-dns-records ".$user." ".$v_domain." json", $output, $return_var); check_return_code($return_var,$output); $data = json_decode(implode('', $output), true); unset($output); @@ -88,7 +88,7 @@ if ((!empty($_POST['save'])) && (!empty($_GET['domain'])) && (empty($_GET['recor // Change domain IP if (($v_ip != $_POST['v_ip']) && (empty($_SESSION['error_msg']))) { $v_ip = escapeshellarg($_POST['v_ip']); - exec (VESTA_CMD."v-change-dns-domain-ip ".$v_username." ".$v_domain." ".$v_ip." 'no'", $output, $return_var); + exec (VESTA_CMD."v-change-dns-domain-ip ".$v_username." ".$v_domain." ".$v_ip." no", $output, $return_var); check_return_code($return_var,$output); $restart_dns = 'yes'; unset($output); @@ -97,7 +97,7 @@ if ((!empty($_POST['save'])) && (!empty($_GET['domain'])) && (empty($_GET['recor // Change domain template if (($v_template != $_POST['v_template']) && (empty($_SESSION['error_msg']))) { $v_template = escapeshellarg($_POST['v_template']); - exec (VESTA_CMD."v-change-dns-domain-tpl ".$v_username." ".$v_domain." ".$v_template." 'no'", $output, $return_var); + exec (VESTA_CMD."v-change-dns-domain-tpl ".$v_username." ".$v_domain." ".$v_template." no", $output, $return_var); check_return_code($return_var,$output); unset($output); $restart_dns = 'yes'; @@ -106,7 +106,7 @@ if ((!empty($_POST['save'])) && (!empty($_GET['domain'])) && (empty($_GET['recor // Change SOA record if (($v_soa != $_POST['v_soa']) && (empty($_SESSION['error_msg']))) { $v_soa = escapeshellarg($_POST['v_soa']); - exec (VESTA_CMD."v-change-dns-domain-soa ".$v_username." ".$v_domain." ".$v_soa." 'no'", $output, $return_var); + exec (VESTA_CMD."v-change-dns-domain-soa ".$v_username." ".$v_domain." ".$v_soa." no", $output, $return_var); check_return_code($return_var,$output); unset($output); $restart_dns = 'yes'; @@ -115,7 +115,7 @@ if ((!empty($_POST['save'])) && (!empty($_GET['domain'])) && (empty($_GET['recor // Change expiriation date if (($v_exp != $_POST['v_exp']) && (empty($_SESSION['error_msg']))) { $v_exp = escapeshellarg($_POST['v_exp']); - exec (VESTA_CMD."v-change-dns-domain-exp ".$v_username." ".$v_domain." ".$v_exp." 'no'", $output, $return_var); + exec (VESTA_CMD."v-change-dns-domain-exp ".$v_username." ".$v_domain." ".$v_exp." no", $output, $return_var); check_return_code($return_var,$output); unset($output); } @@ -123,7 +123,7 @@ if ((!empty($_POST['save'])) && (!empty($_GET['domain'])) && (empty($_GET['recor // Change domain ttl if (($v_ttl != $_POST['v_ttl']) && (empty($_SESSION['error_msg']))) { $v_ttl = escapeshellarg($_POST['v_ttl']); - exec (VESTA_CMD."v-change-dns-domain-ttl ".$v_username." ".$v_domain." ".$v_ttl." 'no'", $output, $return_var); + exec (VESTA_CMD."v-change-dns-domain-ttl ".$v_username." ".$v_domain." ".$v_ttl." no", $output, $return_var); check_return_code($return_var,$output); unset($output); $restart_dns = 'yes'; diff --git a/web/edit/firewall/index.php b/web/edit/firewall/index.php index 18b4be4c..67e039d4 100644 --- a/web/edit/firewall/index.php +++ b/web/edit/firewall/index.php @@ -20,7 +20,7 @@ if (empty($_GET['rule'])) { // List rule $v_rule = escapeshellarg($_GET['rule']); -exec (VESTA_CMD."v-list-firewall-rule ".$v_rule." 'json'", $output, $return_var); +exec (VESTA_CMD."v-list-firewall-rule ".$v_rule." json", $output, $return_var); check_return_code($return_var,$output); $data = json_decode(implode('', $output), true); unset($output); diff --git a/web/edit/ip/index.php b/web/edit/ip/index.php index b9eaa581..c7ec6d7a 100644 --- a/web/edit/ip/index.php +++ b/web/edit/ip/index.php @@ -20,7 +20,7 @@ if (empty($_GET['ip'])) { // List ip $v_ip = escapeshellarg($_GET['ip']); -exec (VESTA_CMD."v-list-sys-ip ".$v_ip." 'json'", $output, $return_var); +exec (VESTA_CMD."v-list-sys-ip ".$v_ip." json", $output, $return_var); check_return_code($return_var,$output); $data = json_decode(implode('', $output), true); unset($output); @@ -45,7 +45,7 @@ if ( $v_suspended == 'yes' ) { } // List users -exec (VESTA_CMD."v-list-sys-users 'json'", $output, $return_var); +exec (VESTA_CMD."v-list-sys-users json", $output, $return_var); $users = json_decode(implode('', $output), true); unset($output); @@ -55,13 +55,13 @@ if (!empty($_POST['save'])) { // Change Status if (($v_ipstatus == 'shared') && (empty($_POST['v_shared'])) && (empty($_SESSION['error_msg']))) { - exec (VESTA_CMD."v-change-sys-ip-status ".$v_ip." 'dedicated'", $output, $return_var); + exec (VESTA_CMD."v-change-sys-ip-status ".$v_ip." dedicated", $output, $return_var); check_return_code($return_var,$output); unset($output); $v_dedicated = 'yes'; } if (($v_ipstatus == 'dedicated') && (!empty($_POST['v_shared'])) && (empty($_SESSION['error_msg']))) { - exec (VESTA_CMD."v-change-sys-ip-status ".$v_ip." 'shared'", $output, $return_var); + exec (VESTA_CMD."v-change-sys-ip-status ".$v_ip." shared", $output, $return_var); check_return_code($return_var,$output); unset($output); unset($v_dedicated); diff --git a/web/edit/mail/index.php b/web/edit/mail/index.php index 6424e3ab..e4451fc5 100644 --- a/web/edit/mail/index.php +++ b/web/edit/mail/index.php @@ -45,7 +45,7 @@ if ((!empty($_GET['domain'])) && (empty($_GET['account']))) { if ((!empty($_GET['domain'])) && (!empty($_GET['account']))) { $v_domain = escapeshellarg($_GET['domain']); $v_account = escapeshellarg($_GET['account']); - exec (VESTA_CMD."v-list-mail-account ".$user." ".$v_domain." ".$v_account." 'json'", $output, $return_var); + exec (VESTA_CMD."v-list-mail-account ".$user." ".$v_domain." ".$v_account." json", $output, $return_var); $data = json_decode(implode('', $output), true); unset($output); @@ -75,7 +75,7 @@ if ((!empty($_GET['domain'])) && (!empty($_GET['account']))) { // Parse autoreply if ( $v_autoreply == 'yes' ) { - exec (VESTA_CMD."v-list-mail-account-autoreply ".$user." '".$v_domain."' '".$v_account."' json", $output, $return_var); + exec (VESTA_CMD."v-list-mail-account-autoreply ".$user." ".$v_domain." ".$v_account." json", $output, $return_var); $autoreply_str = json_decode(implode('', $output), true); unset($output); $v_autoreply_message = $autoreply_str[$v_account]['MSG']; @@ -231,7 +231,7 @@ if ((!empty($_POST['save'])) && (!empty($_GET['domain'])) && (!empty($_GET['acco $result = array_diff($valiases, $aliases); foreach ($result as $alias) { if ((empty($_SESSION['error_msg'])) && (!empty($alias))) { - exec (VESTA_CMD."v-delete-mail-account-alias ".$v_username." ".$v_domain." ".$v_account." '".escapeshellarg($alias)."'", $output, $return_var); + exec (VESTA_CMD."v-delete-mail-account-alias ".$v_username." ".$v_domain." ".$v_account." ".escapeshellarg($alias), $output, $return_var); check_return_code($return_var,$output); unset($output); } @@ -257,7 +257,7 @@ if ((!empty($_POST['save'])) && (!empty($_GET['domain'])) && (!empty($_GET['acco $result = array_diff($vfwd, $fwd); foreach ($result as $forward) { if ((empty($_SESSION['error_msg'])) && (!empty($forward))) { - exec (VESTA_CMD."v-delete-mail-account-forward ".$v_username." ".$v_domain." ".$v_account." '".escapeshellarg($forward)."'", $output, $return_var); + exec (VESTA_CMD."v-delete-mail-account-forward ".$v_username." ".$v_domain." ".$v_account." ".escapeshellarg($forward), $output, $return_var); check_return_code($return_var,$output); unset($output); } diff --git a/web/edit/package/index.php b/web/edit/package/index.php index 763bfdf4..e8d4eddc 100644 --- a/web/edit/package/index.php +++ b/web/edit/package/index.php @@ -22,7 +22,7 @@ if (empty($_GET['package'])) { // List package $v_package = escapeshellarg($_GET['package']); -exec (VESTA_CMD."v-list-user-package ".$v_package." 'json'", $output, $return_var); +exec (VESTA_CMD."v-list-user-package ".$v_package." json", $output, $return_var); $data = json_decode(implode('', $output), true); unset($output); @@ -203,7 +203,7 @@ if (!empty($_POST['save'])) { fclose($fp); // Save changes - exec (VESTA_CMD."v-add-user-package ".$tmpdir." ".$v_package." 'yes'", $output, $return_var); + exec (VESTA_CMD."v-add-user-package ".$tmpdir." ".$v_package." yes", $output, $return_var); check_return_code($return_var,$output); unset($output); @@ -212,7 +212,7 @@ if (!empty($_POST['save'])) { unset($output); // Propogate new package - exec (VESTA_CMD."v-update-user-package ".$v_package." 'json'", $output, $return_var); + exec (VESTA_CMD."v-update-user-package ".$v_package." json", $output, $return_var); check_return_code($return_var,$output); unset($output); diff --git a/web/edit/server/index.php b/web/edit/server/index.php index defc0b7a..0743ab17 100644 --- a/web/edit/server/index.php +++ b/web/edit/server/index.php @@ -339,7 +339,7 @@ if (!empty($_POST['save'])) { $v_backup_username = escapeshellarg($_POST['v_backup_username']); $v_backup_password = escapeshellarg($_POST['v_backup_password']); $v_backup_bpath = escapeshellarg($_POST['v_backup_bpath']); - exec (VESTA_CMD."v-add-backup-host '". $v_backup_type ."' '". $v_backup_host ."' '". $v_backup_username ."' '". $v_backup_password ."' '". $v_backup_bpath ."'", $output, $return_var); + exec (VESTA_CMD."v-add-backup-host ".$v_backup_type." ".$v_backup_host ." ".$v_backup_username." ".$v_backup_password." ".$v_backup_bpath, $output, $return_var); check_return_code($return_var,$output); unset($output); if (empty($_SESSION['error_msg'])) $v_backup_host = $_POST['v_backup_host']; @@ -356,7 +356,7 @@ if (!empty($_POST['save'])) { // Change remote backup host type if (empty($_SESSION['error_msg'])) { if ((!empty($_POST['v_backup_host'])) && ($_POST['v_backup_type'] != $v_backup_type)) { - exec (VESTA_CMD."v-delete-backup-host '". $v_backup_type ."'", $output, $return_var); + exec (VESTA_CMD."v-delete-backup-host ". $v_backup_type, $output, $return_var); unset($output); $v_backup_host = escapeshellarg($_POST['v_backup_host']); @@ -364,7 +364,7 @@ if (!empty($_POST['save'])) { $v_backup_username = escapeshellarg($_POST['v_backup_username']); $v_backup_password = escapeshellarg($_POST['v_backup_password']); $v_backup_bpath = escapeshellarg($_POST['v_backup_bpath']); - exec (VESTA_CMD."v-add-backup-host '". $v_backup_type ."' '". $v_backup_host ."' '". $v_backup_username ."' '". $v_backup_password ."' '". $v_backup_bpath ."'", $output, $return_var); + exec (VESTA_CMD."v-add-backup-host ".$v_backup_type." ".$v_backup_host." ".$v_backup_username." ".$v_backup_password." ".$v_backup_bpath, $output, $return_var); check_return_code($return_var,$output); unset($output); if (empty($_SESSION['error_msg'])) $v_backup_host = $_POST['v_backup_host']; @@ -386,7 +386,7 @@ if (!empty($_POST['save'])) { $v_backup_username = escapeshellarg($_POST['v_backup_username']); $v_backup_password = escapeshellarg($_POST['v_backup_password']); $v_backup_bpath = escapeshellarg($_POST['v_backup_bpath']); - exec (VESTA_CMD."v-add-backup-host '". $v_backup_type ."' '". $v_backup_host ."' '". $v_backup_username ."' '". $v_backup_password ."' '". $v_backup_bpath ."'", $output, $return_var); + exec (VESTA_CMD."v-add-backup-host ".$v_backup_type." ".$v_backup_host." ".$v_backup_username." ".$v_backup_password." ".$v_backup_bpath, $output, $return_var); check_return_code($return_var,$output); unset($output); if (empty($_SESSION['error_msg'])) $v_backup_host = $_POST['v_backup_host']; @@ -403,7 +403,7 @@ if (!empty($_POST['save'])) { // Delete remote backup host if (empty($_SESSION['error_msg'])) { if ((empty($_POST['v_backup_host'])) && (!empty($v_backup_host))) { - exec (VESTA_CMD."v-delete-backup-host '". $v_backup_type ."'", $output, $return_var); + exec (VESTA_CMD."v-delete-backup-host ". $v_backup_type, $output, $return_var); check_return_code($return_var,$output); unset($output); if (empty($_SESSION['error_msg'])) $v_backup_host = ''; diff --git a/web/edit/web/index.php b/web/edit/web/index.php index a1d2d70b..6c703e7d 100644 --- a/web/edit/web/index.php +++ b/web/edit/web/index.php @@ -36,7 +36,7 @@ $v_cgi = $data[$v_domain]['CGI']; $v_elog = $data[$v_domain]['ELOG']; $v_ssl = $data[$v_domain]['SSL']; if (!empty($v_ssl)) { - exec (VESTA_CMD."v-list-web-domain-ssl ".$user." '".escapeshellarg($v_domain)."' json", $output, $return_var); + exec (VESTA_CMD."v-list-web-domain-ssl ".$user." ".escapeshellarg($v_domain)." json", $output, $return_var); $ssl_str = json_decode(implode('', $output), true); unset($output); $v_ssl_crt = $ssl_str[$v_domain]['CRT']; @@ -117,7 +117,7 @@ if (!empty($_POST['save'])) { // Change web domain IP if (($v_ip != $_POST['v_ip']) && (empty($_SESSION['error_msg']))) { $v_ip = escapeshellarg($_POST['v_ip']); - exec (VESTA_CMD."v-change-web-domain-ip ".$v_username." ".$v_domain." ".$v_ip." 'no'", $output, $return_var); + exec (VESTA_CMD."v-change-web-domain-ip ".$v_username." ".$v_domain." ".$v_ip." no", $output, $return_var); check_return_code($return_var,$output); $restart_web = 'yes'; $restart_proxy = 'yes'; @@ -130,7 +130,7 @@ if (!empty($_POST['save'])) { unset($output); if ($return_var == 0 ) { $v_ip = escapeshellarg($_POST['v_ip']); - exec (VESTA_CMD."v-change-dns-domain-ip ".$v_username." ".$v_domain." ".$v_ip." 'no'", $output, $return_var); + exec (VESTA_CMD."v-change-dns-domain-ip ".$v_username." ".$v_domain." ".$v_ip." no", $output, $return_var); check_return_code($return_var,$output); unset($output); $restart_dns = 'yes'; @@ -140,11 +140,12 @@ if (!empty($_POST['save'])) { // Change dns ip for each alias if (($v_ip != $_POST['v_ip']) && (empty($_SESSION['error_msg']))) { foreach($valiases as $v_alias ){ - exec (VESTA_CMD."v-list-dns-domain ".$v_username." '".$v_alias."' json", $output, $return_var); + $v_alias = escapeshellarg($v_alias); + exec (VESTA_CMD."v-list-dns-domain ".$v_username." ".$v_alias." json", $output, $return_var); unset($output); if ($return_var == 0 ) { $v_ip = escapeshellarg($_POST['v_ip']); - exec (VESTA_CMD."v-change-dns-domain-ip ".$v_username." '".$v_alias."' ".$v_ip, $output, $return_var); + exec (VESTA_CMD."v-change-dns-domain-ip ".$v_username." ".$v_alias." ".$v_ip, $output, $return_var); check_return_code($return_var,$output); unset($output); $restart_dns = 'yes'; @@ -155,7 +156,7 @@ if (!empty($_POST['save'])) { // Change template (admin only) if (($v_template != $_POST['v_template']) && ( $_SESSION['user'] == 'admin') && (empty($_SESSION['error_msg']))) { $v_template = escapeshellarg($_POST['v_template']); - exec (VESTA_CMD."v-change-web-domain-tpl ".$v_username." ".$v_domain." ".$v_template." 'no'", $output, $return_var); + exec (VESTA_CMD."v-change-web-domain-tpl ".$v_username." ".$v_domain." ".$v_template." no", $output, $return_var); check_return_code($return_var,$output); unset($output); $restart_web = 'yes'; @@ -175,7 +176,8 @@ if (!empty($_POST['save'])) { $restart_web = 'yes'; $restart_proxy = 'yes'; $v_template = escapeshellarg($_POST['v_template']); - exec (VESTA_CMD."v-delete-web-domain-alias ".$v_username." ".$v_domain." '".$alias."' 'no'", $output, $return_var); + $alias = escapeshellarg($alias); + exec (VESTA_CMD."v-delete-web-domain-alias ".$v_username." ".$v_domain." ".$alias." no", $output, $return_var); check_return_code($return_var,$output); unset($output); @@ -183,7 +185,7 @@ if (!empty($_POST['save'])) { exec (VESTA_CMD."v-list-dns-domain ".$v_username." ".$v_domain, $output, $return_var); unset($output); if ($return_var == 0) { - exec (VESTA_CMD."v-delete-dns-on-web-alias ".$v_username." ".$v_domain." '".$alias."' 'no'", $output, $return_var); + exec (VESTA_CMD."v-delete-dns-on-web-alias ".$v_username." ".$v_domain." ".$alias." no", $output, $return_var); check_return_code($return_var,$output); unset($output); $restart_dns = 'yes'; @@ -198,14 +200,15 @@ if (!empty($_POST['save'])) { $restart_web = 'yes'; $restart_proxy = 'yes'; $v_template = escapeshellarg($_POST['v_template']); - exec (VESTA_CMD."v-add-web-domain-alias ".$v_username." ".$v_domain." ".escapeshellarg($alias)." 'no'", $output, $return_var); + $alias = escapeshellarg($alias); + exec (VESTA_CMD."v-add-web-domain-alias ".$v_username." ".$v_domain." ".$alias." no", $output, $return_var); check_return_code($return_var,$output); unset($output); if (empty($_SESSION['error_msg'])) { exec (VESTA_CMD."v-list-dns-domain ".$v_username." ".$v_domain, $output, $return_var); unset($output); if ($return_var == 0) { - exec (VESTA_CMD."v-add-dns-on-web-alias ".$v_username." ".escapeshellarg($alias)." ".$v_ip." no", $output, $return_var); + exec (VESTA_CMD."v-add-dns-on-web-alias ".$v_username." ".$alias." ".$v_ip." no", $output, $return_var); check_return_code($return_var,$output); unset($output); $restart_dns = 'yes'; @@ -225,7 +228,7 @@ if (!empty($_POST['save'])) { // Delete proxy support if ((!empty($_SESSION['PROXY_SYSTEM'])) && (!empty($v_proxy)) && (empty($_POST['v_proxy'])) && (empty($_SESSION['error_msg']))) { - exec (VESTA_CMD."v-delete-web-domain-proxy ".$v_username." ".$v_domain." 'no'", $output, $return_var); + exec (VESTA_CMD."v-delete-web-domain-proxy ".$v_username." ".$v_domain." no", $output, $return_var); check_return_code($return_var,$output); unset($output); unset($v_proxy); @@ -242,7 +245,7 @@ if (!empty($_POST['save'])) { if (( $v_proxy_template != $_POST['v_proxy_template']) || ($v_proxy_ext != $ext)) { $ext = str_replace(', ', ",", $ext); if (!empty($_POST['v_proxy_template'])) $v_proxy_template = $_POST['v_proxy_template']; - exec (VESTA_CMD."v-change-web-domain-proxy-tpl ".$v_username." ".$v_domain." ".escapeshellarg($v_proxy_template)." ".escapeshellarg($ext)." 'no'", $output, $return_var); + exec (VESTA_CMD."v-change-web-domain-proxy-tpl ".$v_username." ".$v_domain." ".escapeshellarg($v_proxy_template)." ".escapeshellarg($ext)." no", $output, $return_var); check_return_code($return_var,$output); $v_proxy_ext = str_replace(',', ', ', $ext); unset($output); @@ -261,7 +264,7 @@ if (!empty($_POST['save'])) { $ext = str_replace(' ', ",", $ext); $v_proxy_ext = str_replace(',', ', ', $ext); } - exec (VESTA_CMD."v-add-web-domain-proxy ".$v_username." ".$v_domain." ".escapeshellarg($v_proxy_template)." ".escapeshellarg($ext)." 'no'", $output, $return_var); + exec (VESTA_CMD."v-add-web-domain-proxy ".$v_username." ".$v_domain." ".escapeshellarg($v_proxy_template)." ".escapeshellarg($ext)." no", $output, $return_var); check_return_code($return_var,$output); unset($output); $restart_proxy = 'yes'; @@ -271,7 +274,7 @@ if (!empty($_POST['save'])) { if (( $v_ssl == 'yes') && (!empty($_POST['v_ssl'])) && (empty($_SESSION['error_msg']))) { if ( $v_ssl_home != $_POST['v_ssl_home'] ) { $v_ssl_home = escapeshellarg($_POST['v_ssl_home']); - exec (VESTA_CMD."v-change-web-domain-sslhome ".$user." ".$v_domain." ".$v_ssl_home." 'no'", $output, $return_var); + exec (VESTA_CMD."v-change-web-domain-sslhome ".$user." ".$v_domain." ".$v_ssl_home." no", $output, $return_var); check_return_code($return_var,$output); $v_ssl_home = $_POST['v_ssl_home']; $restart_web = 'yes'; @@ -310,13 +313,13 @@ if (!empty($_POST['save'])) { fclose($fp); } - exec (VESTA_CMD."v-change-web-domain-sslcert ".$user." ".$v_domain." ".$tmpdir." 'no'", $output, $return_var); + exec (VESTA_CMD."v-change-web-domain-sslcert ".$user." ".$v_domain." ".$tmpdir." no", $output, $return_var); check_return_code($return_var,$output); unset($output); $restart_web = 'yes'; $restart_proxy = 'yes'; - exec (VESTA_CMD."v-list-web-domain-ssl ".$user." '".$v_domain."' json", $output, $return_var); + exec (VESTA_CMD."v-list-web-domain-ssl ".$user." ".$v_domain." json", $output, $return_var); $ssl_str = json_decode(implode('', $output), true); unset($output); $v_ssl_crt = $ssl_str[$v_domain]['CRT']; @@ -340,7 +343,7 @@ if (!empty($_POST['save'])) { // Delete Lets Encrypt support if (( $v_letsencrypt == 'yes' ) && (empty($_POST['v_letsencrypt'])) && (empty($_SESSION['error_msg']))) { - exec (VESTA_CMD."v-delete-letsencrypt-domain ".$user." ".$v_domain." 'no'", $output, $return_var); + exec (VESTA_CMD."v-delete-letsencrypt-domain ".$user." ".$v_domain." no", $output, $return_var); check_return_code($return_var,$output); unset($output); $v_ssl_crt = ''; @@ -355,7 +358,7 @@ if (!empty($_POST['save'])) { // Delete SSL certificate if (( $v_ssl == 'yes' ) && (empty($_POST['v_ssl'])) && (empty($_SESSION['error_msg']))) { - exec (VESTA_CMD."v-delete-web-domain-ssl ".$v_username." ".$v_domain." 'no'", $output, $return_var); + exec (VESTA_CMD."v-delete-web-domain-ssl ".$v_username." ".$v_domain." no", $output, $return_var); check_return_code($return_var,$output); unset($output); $v_ssl_crt = ''; @@ -369,7 +372,7 @@ if (!empty($_POST['save'])) { // Add Lets Encrypt support if ((!empty($_POST['v_ssl'])) && ( $v_letsencrypt == 'no' ) && (!empty($_POST['v_letsencrypt'])) && empty($_SESSION['error_msg'])) { $l_aliases = str_replace("\n", ',', $v_aliases); - exec (VESTA_CMD."v-add-letsencrypt-domain ".$user." ".$v_domain." '".escapeshellarg($l_aliases)."' 'no'", $output, $return_var); + exec (VESTA_CMD."v-add-letsencrypt-domain ".$user." ".$v_domain." ".escapeshellarg($l_aliases)." no", $output, $return_var); check_return_code($return_var,$output); unset($output); $v_letsencrypt = 'yes'; @@ -417,14 +420,14 @@ if (!empty($_POST['save'])) { fwrite($fp, str_replace("\r\n", "\n", $_POST['v_ssl_ca'])); fclose($fp); } - exec (VESTA_CMD."v-add-web-domain-ssl ".$user." ".$v_domain." ".$tmpdir." ".$v_ssl_home." 'no'", $output, $return_var); + exec (VESTA_CMD."v-add-web-domain-ssl ".$user." ".$v_domain." ".$tmpdir." ".$v_ssl_home." no", $output, $return_var); check_return_code($return_var,$output); unset($output); $v_ssl = 'yes'; $restart_web = 'yes'; $restart_proxy = 'yes'; - exec (VESTA_CMD."v-list-web-domain-ssl ".$user." '".$v_domain."' json", $output, $return_var); + exec (VESTA_CMD."v-list-web-domain-ssl ".$user." ".$v_domain." json", $output, $return_var); $ssl_str = json_decode(implode('', $output), true); unset($output); $v_ssl_crt = $ssl_str[$_POST['v_domain']]['CRT']; diff --git a/web/list/stats/index.php b/web/list/stats/index.php index c758705a..3c730632 100644 --- a/web/list/stats/index.php +++ b/web/list/stats/index.php @@ -20,7 +20,7 @@ if ($user == 'admin') { unset($output); } - exec (VESTA_CMD."v-list-sys-users 'json'", $output, $return_var); + exec (VESTA_CMD."v-list-sys-users json", $output, $return_var); $users = json_decode(implode('', $output), true); unset($output); } else { diff --git a/web/reset/mail/index.php b/web/reset/mail/index.php index 5350f9b9..2e7d8c72 100644 --- a/web/reset/mail/index.php +++ b/web/reset/mail/index.php @@ -124,15 +124,15 @@ if ((!empty($_POST['email'])) && (!empty($_POST['password'])) && (!empty($_POST[ $v_password = $_POST['password']; // Get domain owner - exec (VESTA_CMD."v-search-domain-owner ".$v_domain." 'mail'", $output, $return_var); - if ($return_var == 0) { - $v_user = $output[0]; + exec (VESTA_CMD."v-search-domain-owner ".$v_domain." mail", $output, $return_var); + if (($return_var == 0) && (!empty($output[0]))) { + $v_user = escapeshellarg($output[0]); } unset($output); // Get current md5 hash if (!empty($v_user)) { - exec (VESTA_CMD."v-get-mail-account-value '".$v_user."' ".$v_domain." ".$v_account." 'md5'", $output, $return_var); + exec (VESTA_CMD."v-get-mail-account-value ".$v_user." ".$v_domain." ".$v_account." md5", $output, $return_var); if ($return_var == 0) { $v_hash = $output[0]; } @@ -151,7 +151,7 @@ if ((!empty($_POST['email'])) && (!empty($_POST['password'])) && (!empty($_POST[ $fp = fopen($v_new_password, "w"); fwrite($fp, $_POST['new']."\n"); fclose($fp); - exec (VESTA_CMD."v-change-mail-account-password '".$v_user."' ".$v_domain." ".$v_account." ".$v_new_password, $output, $return_var); + exec (VESTA_CMD."v-change-mail-account-password ".$v_user." ".$v_domain." ".$v_account." ".$v_new_password, $output, $return_var); if ($return_var == 0) { echo "ok"; exit; diff --git a/web/upload/UploadHandler.php b/web/upload/UploadHandler.php index a5e0b07c..aedd747c 100755 --- a/web/upload/UploadHandler.php +++ b/web/upload/UploadHandler.php @@ -1118,7 +1118,7 @@ class UploadHandler $file->size > $this->get_file_size($file_path); if ($uploaded_file && is_uploaded_file($uploaded_file)) { chmod($uploaded_file, 0644); - exec (VESTA_CMD . "v-copy-fs-file ". USERNAME ." {$uploaded_file} '{$file_path}'", $output, $return_var); + exec (VESTA_CMD . "v-copy-fs-file ". USERNAME ." ".$uploaded_file." ".escapeshellarg($file_path), $output, $return_var); $error = check_return_code($return_var, $output); if ($return_var != 0) { $file->error = 'Error while saving file '; From 1a02521f76e9c9f31e195555e7519ef614f6fed6 Mon Sep 17 00:00:00 2001 From: Serghey Rodin Date: Thu, 8 Aug 2019 14:13:35 +0300 Subject: [PATCH 174/197] Resolved merge conflict with tmp dir. --- install/rhel/7/pma/config.inc.conf | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/install/rhel/7/pma/config.inc.conf b/install/rhel/7/pma/config.inc.conf index 25097eca..8f3e0a7b 100644 --- a/install/rhel/7/pma/config.inc.conf +++ b/install/rhel/7/pma/config.inc.conf @@ -74,6 +74,13 @@ $cfg['Servers'][$i]['export_templates'] = 'pma__export_templates'; $cfg['UploadDir'] = '/var/lib/phpMyAdmin/upload'; $cfg['SaveDir'] = '/var/lib/phpMyAdmin/save'; +/* + * Temp dir for faster beahivour + * +*/ +$cfg['TempDir'] = '/tmp'; + + /** * Whether to display icons or text or both icons and text in table row * action segment. Value can be either of 'icons', 'text' or 'both'. From 3e2178bb6ecfe14660bed47659de7cf23e1deed3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Luka=20Paunovi=C4=87?= Date: Thu, 21 Mar 2019 18:14:19 +0100 Subject: [PATCH 175/197] Update config.inc.conf --- install/rhel/6/pma/config.inc.conf | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/install/rhel/6/pma/config.inc.conf b/install/rhel/6/pma/config.inc.conf index 47ae207e..3b636258 100644 --- a/install/rhel/6/pma/config.inc.conf +++ b/install/rhel/6/pma/config.inc.conf @@ -16,6 +16,12 @@ */ $cfg['blowfish_secret'] = '%blowfish_secret%'; /* YOU MUST FILL IN THIS FOR COOKIE AUTH! */ +/* + * Temp dir for faster beahivour + * +*/ +$cfg['TempDir'] = '/tmp'; + /* * Servers configuration */ From 880496962a3bb094b21dea92a1f6b5b2e2bfe59e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Luka=20Paunovi=C4=87?= Date: Thu, 21 Mar 2019 18:14:38 +0100 Subject: [PATCH 176/197] Update config.inc.conf --- install/rhel/6/pma/config.inc.conf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/install/rhel/6/pma/config.inc.conf b/install/rhel/6/pma/config.inc.conf index 3b636258..f7584089 100644 --- a/install/rhel/6/pma/config.inc.conf +++ b/install/rhel/6/pma/config.inc.conf @@ -19,7 +19,7 @@ $cfg['blowfish_secret'] = '%blowfish_secret%'; /* YOU MUST FILL IN THIS FOR COOK /* * Temp dir for faster beahivour * -*/ + */ $cfg['TempDir'] = '/tmp'; /* From a745eb02d8e6b0719f538c8504128ec70d617390 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Luka=20Paunovi=C4=87?= Date: Thu, 21 Mar 2019 18:14:51 +0100 Subject: [PATCH 177/197] Update config.inc.conf --- install/rhel/7/pma/config.inc.conf | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/install/rhel/7/pma/config.inc.conf b/install/rhel/7/pma/config.inc.conf index 8f3e0a7b..d2ab6946 100644 --- a/install/rhel/7/pma/config.inc.conf +++ b/install/rhel/7/pma/config.inc.conf @@ -16,7 +16,17 @@ */ $cfg['blowfish_secret'] = '%blowfish_secret%'; /* YOU MUST FILL IN THIS FOR COOKIE AUTH! */ +<<<<<<< HEAD /** +======= +/* + * Temp dir for faster beahivour + * + */ +$cfg['TempDir'] = '/tmp'; + +/* +>>>>>>> Update config.inc.conf * Servers configuration */ $i = 0; From cb8cd40b1306648a4bbde9bbb60654de50e44203 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Luka=20Paunovi=C4=87?= Date: Thu, 21 Mar 2019 18:15:09 +0100 Subject: [PATCH 178/197] Update config.inc.conf --- install/rhel/5/pma/config.inc.conf | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/install/rhel/5/pma/config.inc.conf b/install/rhel/5/pma/config.inc.conf index 47ae207e..f7584089 100644 --- a/install/rhel/5/pma/config.inc.conf +++ b/install/rhel/5/pma/config.inc.conf @@ -16,6 +16,12 @@ */ $cfg['blowfish_secret'] = '%blowfish_secret%'; /* YOU MUST FILL IN THIS FOR COOKIE AUTH! */ +/* + * Temp dir for faster beahivour + * + */ +$cfg['TempDir'] = '/tmp'; + /* * Servers configuration */ From 57fb5a759fe6cf8e877f8e7da5b506049a4cdfa1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Luka=20Paunovi=C4=87?= Date: Thu, 21 Mar 2019 18:17:10 +0100 Subject: [PATCH 179/197] Update config.inc.php --- install/debian/7/pma/config.inc.php | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/install/debian/7/pma/config.inc.php b/install/debian/7/pma/config.inc.php index a643a065..4b6a3a6b 100644 --- a/install/debian/7/pma/config.inc.php +++ b/install/debian/7/pma/config.inc.php @@ -137,6 +137,13 @@ if (!empty($dbname)) { $cfg['UploadDir'] = ''; $cfg['SaveDir'] = ''; +/* + * Temp dir for faster beahivour + * + */ +$cfg['TempDir'] = '/tmp'; + + /* Support additional configurations */ foreach (glob('/etc/phpmyadmin/conf.d/*.php') as $filename) { From fe6f93fabae947b2066e1e645a6e962c6ff43a9b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Luka=20Paunovi=C4=87?= Date: Thu, 21 Mar 2019 18:17:29 +0100 Subject: [PATCH 180/197] Update config.inc.php --- install/debian/8/pma/config.inc.php | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/install/debian/8/pma/config.inc.php b/install/debian/8/pma/config.inc.php index eafc6d67..a3803697 100644 --- a/install/debian/8/pma/config.inc.php +++ b/install/debian/8/pma/config.inc.php @@ -137,6 +137,13 @@ if (!empty($dbname)) { $cfg['UploadDir'] = ''; $cfg['SaveDir'] = ''; +/* + * Temp dir for faster beahivour + * + */ +$cfg['TempDir'] = '/tmp'; + + /* Support additional configurations */ foreach (glob('/etc/phpmyadmin/conf.d/*.php') as $filename) { From 7f8313b48fa9ccfd30731016e7c321feaf6fa3b1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Luka=20Paunovi=C4=87?= Date: Thu, 21 Mar 2019 18:17:37 +0100 Subject: [PATCH 181/197] Update config.inc.php --- install/debian/9/pma/config.inc.php | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/install/debian/9/pma/config.inc.php b/install/debian/9/pma/config.inc.php index eafc6d67..a3803697 100644 --- a/install/debian/9/pma/config.inc.php +++ b/install/debian/9/pma/config.inc.php @@ -137,6 +137,13 @@ if (!empty($dbname)) { $cfg['UploadDir'] = ''; $cfg['SaveDir'] = ''; +/* + * Temp dir for faster beahivour + * + */ +$cfg['TempDir'] = '/tmp'; + + /* Support additional configurations */ foreach (glob('/etc/phpmyadmin/conf.d/*.php') as $filename) { From bebd854b6052f2511b895698ba2e11e07f8762dd Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Luka=20Paunovi=C4=87?= Date: Thu, 21 Mar 2019 18:18:08 +0100 Subject: [PATCH 182/197] Update config.inc.php --- install/ubuntu/18.04/pma/config.inc.php | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/install/ubuntu/18.04/pma/config.inc.php b/install/ubuntu/18.04/pma/config.inc.php index a643a065..36093369 100644 --- a/install/ubuntu/18.04/pma/config.inc.php +++ b/install/ubuntu/18.04/pma/config.inc.php @@ -137,6 +137,12 @@ if (!empty($dbname)) { $cfg['UploadDir'] = ''; $cfg['SaveDir'] = ''; +/* + * Temp dir for faster beahivour + * + */ +$cfg['TempDir'] = '/tmp'; + /* Support additional configurations */ foreach (glob('/etc/phpmyadmin/conf.d/*.php') as $filename) { From 0d66d22150741ae0c9ef70cf8f4a2470783446c2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Luka=20Paunovi=C4=87?= Date: Thu, 21 Mar 2019 18:18:39 +0100 Subject: [PATCH 183/197] Update config.inc.php --- install/ubuntu/17.10/pma/config.inc.php | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/install/ubuntu/17.10/pma/config.inc.php b/install/ubuntu/17.10/pma/config.inc.php index a643a065..36093369 100644 --- a/install/ubuntu/17.10/pma/config.inc.php +++ b/install/ubuntu/17.10/pma/config.inc.php @@ -137,6 +137,12 @@ if (!empty($dbname)) { $cfg['UploadDir'] = ''; $cfg['SaveDir'] = ''; +/* + * Temp dir for faster beahivour + * + */ +$cfg['TempDir'] = '/tmp'; + /* Support additional configurations */ foreach (glob('/etc/phpmyadmin/conf.d/*.php') as $filename) { From ed8d38228bc7c7de0651cee30d742f28c22c061b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Luka=20Paunovi=C4=87?= Date: Thu, 21 Mar 2019 18:18:59 +0100 Subject: [PATCH 184/197] Update config.inc.php --- install/ubuntu/17.04/pma/config.inc.php | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/install/ubuntu/17.04/pma/config.inc.php b/install/ubuntu/17.04/pma/config.inc.php index a643a065..36093369 100644 --- a/install/ubuntu/17.04/pma/config.inc.php +++ b/install/ubuntu/17.04/pma/config.inc.php @@ -137,6 +137,12 @@ if (!empty($dbname)) { $cfg['UploadDir'] = ''; $cfg['SaveDir'] = ''; +/* + * Temp dir for faster beahivour + * + */ +$cfg['TempDir'] = '/tmp'; + /* Support additional configurations */ foreach (glob('/etc/phpmyadmin/conf.d/*.php') as $filename) { From c83a925c9accb5872fd7c64a5a87857c10f12ae7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Luka=20Paunovi=C4=87?= Date: Thu, 21 Mar 2019 18:19:17 +0100 Subject: [PATCH 185/197] Update config.inc.php --- install/ubuntu/16.10/pma/config.inc.php | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/install/ubuntu/16.10/pma/config.inc.php b/install/ubuntu/16.10/pma/config.inc.php index a643a065..36093369 100644 --- a/install/ubuntu/16.10/pma/config.inc.php +++ b/install/ubuntu/16.10/pma/config.inc.php @@ -137,6 +137,12 @@ if (!empty($dbname)) { $cfg['UploadDir'] = ''; $cfg['SaveDir'] = ''; +/* + * Temp dir for faster beahivour + * + */ +$cfg['TempDir'] = '/tmp'; + /* Support additional configurations */ foreach (glob('/etc/phpmyadmin/conf.d/*.php') as $filename) { From aa8ba1aff1418f98bff0d5e1b109eb49a4715855 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Luka=20Paunovi=C4=87?= Date: Thu, 21 Mar 2019 18:19:40 +0100 Subject: [PATCH 186/197] Update config.inc.php --- install/ubuntu/16.04/pma/config.inc.php | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/install/ubuntu/16.04/pma/config.inc.php b/install/ubuntu/16.04/pma/config.inc.php index d8a903e4..fb131d65 100644 --- a/install/ubuntu/16.04/pma/config.inc.php +++ b/install/ubuntu/16.04/pma/config.inc.php @@ -139,6 +139,12 @@ if (!empty($dbname)) { $cfg['UploadDir'] = ''; $cfg['SaveDir'] = ''; +/* + * Temp dir for faster beahivour + * + */ +$cfg['TempDir'] = '/tmp'; + /* Support additional configurations */ foreach (glob('/etc/phpmyadmin/conf.d/*.php') as $filename) { From 8d3473c914a9a9719cd9f57c1dd87655488aba89 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Luka=20Paunovi=C4=87?= Date: Thu, 21 Mar 2019 18:20:08 +0100 Subject: [PATCH 187/197] Update config.inc.php --- install/ubuntu/15.10/pma/config.inc.php | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/install/ubuntu/15.10/pma/config.inc.php b/install/ubuntu/15.10/pma/config.inc.php index a643a065..36093369 100644 --- a/install/ubuntu/15.10/pma/config.inc.php +++ b/install/ubuntu/15.10/pma/config.inc.php @@ -137,6 +137,12 @@ if (!empty($dbname)) { $cfg['UploadDir'] = ''; $cfg['SaveDir'] = ''; +/* + * Temp dir for faster beahivour + * + */ +$cfg['TempDir'] = '/tmp'; + /* Support additional configurations */ foreach (glob('/etc/phpmyadmin/conf.d/*.php') as $filename) { From ea2f42e6892436b6dd39bfaf861740b43a23bb1e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Luka=20Paunovi=C4=87?= Date: Thu, 21 Mar 2019 18:20:21 +0100 Subject: [PATCH 188/197] Update config.inc.php --- install/ubuntu/15.04/pma/config.inc.php | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/install/ubuntu/15.04/pma/config.inc.php b/install/ubuntu/15.04/pma/config.inc.php index a643a065..36093369 100644 --- a/install/ubuntu/15.04/pma/config.inc.php +++ b/install/ubuntu/15.04/pma/config.inc.php @@ -137,6 +137,12 @@ if (!empty($dbname)) { $cfg['UploadDir'] = ''; $cfg['SaveDir'] = ''; +/* + * Temp dir for faster beahivour + * + */ +$cfg['TempDir'] = '/tmp'; + /* Support additional configurations */ foreach (glob('/etc/phpmyadmin/conf.d/*.php') as $filename) { From 9ab4927ec2d33b46ce143a3659bd0fbcb70cfadd Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Luka=20Paunovi=C4=87?= Date: Thu, 21 Mar 2019 18:20:34 +0100 Subject: [PATCH 189/197] Update config.inc.php --- install/ubuntu/14.10/pma/config.inc.php | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/install/ubuntu/14.10/pma/config.inc.php b/install/ubuntu/14.10/pma/config.inc.php index a643a065..36093369 100644 --- a/install/ubuntu/14.10/pma/config.inc.php +++ b/install/ubuntu/14.10/pma/config.inc.php @@ -137,6 +137,12 @@ if (!empty($dbname)) { $cfg['UploadDir'] = ''; $cfg['SaveDir'] = ''; +/* + * Temp dir for faster beahivour + * + */ +$cfg['TempDir'] = '/tmp'; + /* Support additional configurations */ foreach (glob('/etc/phpmyadmin/conf.d/*.php') as $filename) { From f23697217b69f66bd0c69550c4228bb9c7dc3568 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Luka=20Paunovi=C4=87?= Date: Thu, 21 Mar 2019 18:20:46 +0100 Subject: [PATCH 190/197] Update config.inc.php --- install/ubuntu/14.04/pma/config.inc.php | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/install/ubuntu/14.04/pma/config.inc.php b/install/ubuntu/14.04/pma/config.inc.php index a643a065..36093369 100644 --- a/install/ubuntu/14.04/pma/config.inc.php +++ b/install/ubuntu/14.04/pma/config.inc.php @@ -137,6 +137,12 @@ if (!empty($dbname)) { $cfg['UploadDir'] = ''; $cfg['SaveDir'] = ''; +/* + * Temp dir for faster beahivour + * + */ +$cfg['TempDir'] = '/tmp'; + /* Support additional configurations */ foreach (glob('/etc/phpmyadmin/conf.d/*.php') as $filename) { From 6d09433447900c306e332c2b13f8b6df89e7675b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Luka=20Paunovi=C4=87?= Date: Thu, 21 Mar 2019 18:20:59 +0100 Subject: [PATCH 191/197] Update config.inc.php --- install/ubuntu/13.10/pma/config.inc.php | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/install/ubuntu/13.10/pma/config.inc.php b/install/ubuntu/13.10/pma/config.inc.php index a643a065..36093369 100644 --- a/install/ubuntu/13.10/pma/config.inc.php +++ b/install/ubuntu/13.10/pma/config.inc.php @@ -137,6 +137,12 @@ if (!empty($dbname)) { $cfg['UploadDir'] = ''; $cfg['SaveDir'] = ''; +/* + * Temp dir for faster beahivour + * + */ +$cfg['TempDir'] = '/tmp'; + /* Support additional configurations */ foreach (glob('/etc/phpmyadmin/conf.d/*.php') as $filename) { From b16e9b1d4db5637f2393d8e15fdcd3742f85dad2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Luka=20Paunovi=C4=87?= Date: Thu, 21 Mar 2019 18:21:09 +0100 Subject: [PATCH 192/197] Update config.inc.php --- install/ubuntu/13.04/pma/config.inc.php | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/install/ubuntu/13.04/pma/config.inc.php b/install/ubuntu/13.04/pma/config.inc.php index a643a065..36093369 100644 --- a/install/ubuntu/13.04/pma/config.inc.php +++ b/install/ubuntu/13.04/pma/config.inc.php @@ -137,6 +137,12 @@ if (!empty($dbname)) { $cfg['UploadDir'] = ''; $cfg['SaveDir'] = ''; +/* + * Temp dir for faster beahivour + * + */ +$cfg['TempDir'] = '/tmp'; + /* Support additional configurations */ foreach (glob('/etc/phpmyadmin/conf.d/*.php') as $filename) { From 25e66d471e8e1385b152ef645e07a323b37d07d8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Luka=20Paunovi=C4=87?= Date: Thu, 21 Mar 2019 18:21:22 +0100 Subject: [PATCH 193/197] Update config.inc.php --- install/ubuntu/12.10/pma/config.inc.php | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/install/ubuntu/12.10/pma/config.inc.php b/install/ubuntu/12.10/pma/config.inc.php index a643a065..36093369 100644 --- a/install/ubuntu/12.10/pma/config.inc.php +++ b/install/ubuntu/12.10/pma/config.inc.php @@ -137,6 +137,12 @@ if (!empty($dbname)) { $cfg['UploadDir'] = ''; $cfg['SaveDir'] = ''; +/* + * Temp dir for faster beahivour + * + */ +$cfg['TempDir'] = '/tmp'; + /* Support additional configurations */ foreach (glob('/etc/phpmyadmin/conf.d/*.php') as $filename) { From 02955ddb479802d468e1290832773602ad2f1aa8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Luka=20Paunovi=C4=87?= Date: Thu, 21 Mar 2019 18:21:35 +0100 Subject: [PATCH 194/197] Update config.inc.php --- install/ubuntu/12.04/pma/config.inc.php | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/install/ubuntu/12.04/pma/config.inc.php b/install/ubuntu/12.04/pma/config.inc.php index a643a065..36093369 100644 --- a/install/ubuntu/12.04/pma/config.inc.php +++ b/install/ubuntu/12.04/pma/config.inc.php @@ -137,6 +137,12 @@ if (!empty($dbname)) { $cfg['UploadDir'] = ''; $cfg['SaveDir'] = ''; +/* + * Temp dir for faster beahivour + * + */ +$cfg['TempDir'] = '/tmp'; + /* Support additional configurations */ foreach (glob('/etc/phpmyadmin/conf.d/*.php') as $filename) { From 8728f4b00d77b2395ce2199f06858ad1f5bef390 Mon Sep 17 00:00:00 2001 From: Serghey Rodin Date: Thu, 8 Aug 2019 14:20:35 +0300 Subject: [PATCH 195/197] deleted merge artifacts --- install/rhel/7/pma/config.inc.conf | 2 -- 1 file changed, 2 deletions(-) diff --git a/install/rhel/7/pma/config.inc.conf b/install/rhel/7/pma/config.inc.conf index d2ab6946..1a65fd6c 100644 --- a/install/rhel/7/pma/config.inc.conf +++ b/install/rhel/7/pma/config.inc.conf @@ -16,7 +16,6 @@ */ $cfg['blowfish_secret'] = '%blowfish_secret%'; /* YOU MUST FILL IN THIS FOR COOKIE AUTH! */ -<<<<<<< HEAD /** ======= /* @@ -26,7 +25,6 @@ $cfg['blowfish_secret'] = '%blowfish_secret%'; /* YOU MUST FILL IN THIS FOR COOK $cfg['TempDir'] = '/tmp'; /* ->>>>>>> Update config.inc.conf * Servers configuration */ $i = 0; From 743476ad73e4cd3b6efc4be61ed190d5f8dfc28d Mon Sep 17 00:00:00 2001 From: Serghey Rodin Date: Thu, 8 Aug 2019 18:39:56 +0300 Subject: [PATCH 196/197] added sudo call for directory creation and restore --- bin/v-add-web-domain | 4 ++-- bin/v-restore-user | 28 ++++++++++++++++++---------- func/rebuild.sh | 5 +++-- 3 files changed, 23 insertions(+), 14 deletions(-) diff --git a/bin/v-add-web-domain b/bin/v-add-web-domain index 2846242c..8a71cc9f 100755 --- a/bin/v-add-web-domain +++ b/bin/v-add-web-domain @@ -63,7 +63,7 @@ fi source $USER_DATA/user.conf # Creating domain directories -mkdir -p $HOMEDIR/$user/web/$domain \ +sudo -u $user mkdir -p $HOMEDIR/$user/web/$domain \ $HOMEDIR/$user/web/$domain/public_html \ $HOMEDIR/$user/web/$domain/public_shtml \ $HOMEDIR/$user/web/$domain/document_errors \ @@ -80,7 +80,7 @@ ln -f -s /var/log/$WEB_SYSTEM/domains/$domain.*log \ $HOMEDIR/$user/web/$domain/logs/ # Adding domain skeleton -cp -r $WEBTPL/skel/* $HOMEDIR/$user/web/$domain/ >/dev/null 2>&1 +sudo -u $user cp -r $WEBTPL/skel/* $HOMEDIR/$user/web/$domain/ >/dev/null 2>&1 for file in $(find "$HOMEDIR/$user/web/$domain/" -type f); do sed -i "s/%domain%/$domain/g" $file done diff --git a/bin/v-restore-user b/bin/v-restore-user index 55e29e18..bd3d86bb 100755 --- a/bin/v-restore-user +++ b/bin/v-restore-user @@ -406,15 +406,21 @@ if [ "$web" != 'no' ] && [ ! -z "$WEB_SYSTEM" ]; then fi # Restoring web domain data - tar -xzpf $tmpdir/web/$domain/domain_data.tar.gz \ - -C $HOMEDIR/$user/web/$domain/ - if [ "$?" -ne 0 ]; then - rm -rf $tmpdir - error="can't unpack $domain data tarball" - echo "$error" |$SENDMAIL -s "$subj" $email $notify - sed -i "/ $user /d" $VESTA/data/queue/backup.pipe - check_result "$E_PARSING" "$error" + chown $user $tmpdir + chmod u+w $HOMEDIR/$user/web/$domain + sudo -u $user tar -xzpf $tmpdir/web/$domain/domain_data.tar.gz \ + -C $HOMEDIR/$user/web/$domain/ --exclude=logs/* \ + 2> $HOMEDIR/$user/web/$domain/restore_errors.log + if [ -e "$HOMEDIR/$user/web/$domain/restore_errors.log" ]; then + chown $user:$user $HOMEDIR/$user/web/$domain/restore_errors.log fi + #if [ "$?" -ne 0 ]; then + # rm -rf $tmpdir + # error="can't unpack $domain data tarball" + # echo "$error" |$SENDMAIL -s "$subj" $email $notify + # sed -i "/ $user /d" $VESTA/data/queue/backup.pipe + # check_result "$E_PARSING" "$error" + #fi # Applying Fix for tar < 1.24 find $HOMEDIR/$user/web/$domain -type d \ @@ -586,13 +592,15 @@ if [ "$mail" != 'no' ] && [ ! -z "$MAIL_SYSTEM" ]; then # Rebuilding mail config rebuild_mail_domain_conf - + domain_idn=$domain format_domain_idn # Restoring emails if [ -e "$tmpdir/mail/$domain/accounts.tar.gz" ]; then - tar -xzpf $tmpdir/mail/$domain/accounts.tar.gz \ + chown $user $tmpdir + chmod u+w $HOMEDIR/$user/mail/$domain_idn + sudo -u $user tar -xzpf $tmpdir/mail/$domain/accounts.tar.gz \ -C $HOMEDIR/$user/mail/$domain_idn/ if [ "$?" -ne 0 ]; then rm -rf $tmpdir diff --git a/func/rebuild.sh b/func/rebuild.sh index 352b9083..cf743d65 100644 --- a/func/rebuild.sh +++ b/func/rebuild.sh @@ -152,7 +152,7 @@ rebuild_web_domain_conf() { prepare_web_domain_values # Rebuilding domain directories - mkdir -p $HOMEDIR/$user/web/$domain \ + sudo -u $user mkdir -p $HOMEDIR/$user/web/$domain \ $HOMEDIR/$user/web/$domain/public_html \ $HOMEDIR/$user/web/$domain/public_shtml \ $HOMEDIR/$user/web/$domain/document_errors \ @@ -178,7 +178,8 @@ rebuild_web_domain_conf() { # Propagating html skeleton if [ ! -e "$WEBTPL/skel/document_errors/" ]; then - cp -r $WEBTPL/skel/document_errors/ $HOMEDIR/$user/web/$domain/ + sudo -u $user cp -r $WEBTPL/skel/document_errors/ \ + $HOMEDIR/$user/web/$domain/ fi # Set folder permissions From 26c0d3c3f267e4356c3bc1c1691a786bb1f4dac0 Mon Sep 17 00:00:00 2001 From: Serghey Rodin Date: Thu, 8 Aug 2019 19:59:21 +0300 Subject: [PATCH 197/197] fixed delimiter format for plain output --- bin/v-delete-mail-domain | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/bin/v-delete-mail-domain b/bin/v-delete-mail-domain index f3541edb..ee727aa9 100755 --- a/bin/v-delete-mail-domain +++ b/bin/v-delete-mail-domain @@ -56,7 +56,7 @@ fi # Deleting dkim dns record if [ "$DKIM" = 'yes' ] && [ -e "$USER_DATA/dns/$domain.conf" ]; then records=$($BIN/v-list-dns-records $user $domain plain) - dkim_records=$(echo "$records" |grep -w '_domainkey' | cut -f 1 -d ' ') + dkim_records=$(echo "$records" |grep -w '_domainkey' |cut -f 1) for id in $dkim_records; do $BIN/v-delete-dns-record $user $domain $id done