mirror of
https://github.com/myvesta/vesta
synced 2025-08-14 02:28:05 -07:00
Merge branch 'master' of github.com:serghey-rodin/vesta
This commit is contained in:
Serghey Rodin
commit
e28fc98ea0
11 changed files with 62 additions and 34 deletions
|
|
@ -2,7 +2,7 @@
|
|||
# Internal variables
|
||||
HOMEDIR='/home'
|
||||
BACKUP='/backup'
|
||||
BACKUP_GZIP=5
|
||||
BACKUP_GZIP=9
|
||||
BACKUP_DISK_LIMIT=95
|
||||
BACKUP_LA_LIMIT=5
|
||||
RRD_STEP=300
|
||||
|
|
|
|||
|
|
@ -1,3 +1,5 @@
|
|||
ssl = yes
|
||||
ssl_protocols = !SSLv2 !SSLv3
|
||||
|
||||
ssl_cert = </usr/local/vesta/ssl/certificate.crt
|
||||
ssl_key = </usr/local/vesta/ssl/certificate.key
|
||||
|
|
|
|||
|
|
@ -2,3 +2,23 @@ protocols = imap pop3
|
|||
listen = *, ::
|
||||
base_dir = /var/run/dovecot/
|
||||
!include conf.d/*.conf
|
||||
|
||||
namespace {
|
||||
type = private
|
||||
separator = /
|
||||
prefix =
|
||||
inbox = yes
|
||||
|
||||
mailbox Sent {
|
||||
auto = subscribe
|
||||
special_use = \Sent
|
||||
}
|
||||
mailbox Drafts {
|
||||
auto = subscribe
|
||||
special_use = \Drafts
|
||||
}
|
||||
mailbox Trash {
|
||||
auto = subscribe
|
||||
special_use = \Trash
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -8,6 +8,7 @@
|
|||
#SPAM_SCORE = 50
|
||||
#CLAMD = yes
|
||||
|
||||
disable_ipv6 = true
|
||||
domainlist local_domains = dsearch;/etc/exim4/domains/
|
||||
domainlist relay_to_domains = dsearch;/etc/exim4/domains/
|
||||
hostlist relay_from_hosts = 127.0.0.1
|
||||
|
|
|
|||
|
|
@ -1,7 +1,8 @@
|
|||
# Server globals
|
||||
user www-data;
|
||||
worker_processes 2;
|
||||
error_log /var/log/nginx/error.log;
|
||||
worker_processes auto;
|
||||
worker_rlimit_nofile 65535;
|
||||
error_log /var/log/nginx/error.log crit;
|
||||
pid /var/run/nginx.pid;
|
||||
|
||||
|
||||
|
|
@ -9,6 +10,7 @@ pid /var/run/nginx.pid;
|
|||
events {
|
||||
worker_connections 1024;
|
||||
use epoll;
|
||||
multi_accept on;
|
||||
}
|
||||
|
||||
|
||||
|
|
@ -37,7 +39,7 @@ http {
|
|||
'"$status" $body_bytes_sent "$http_referer" '
|
||||
'"$http_user_agent" "$http_x_forwarded_for"';
|
||||
log_format bytes '$body_bytes_sent';
|
||||
#access_log /var/log/nginx/access.log main;
|
||||
#access_log /var/log/nginx/access.log main;
|
||||
access_log off;
|
||||
|
||||
|
||||
|
|
@ -51,9 +53,9 @@ http {
|
|||
gzip_comp_level 9;
|
||||
gzip_min_length 512;
|
||||
gzip_buffers 8 64k;
|
||||
gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript image/svg+xml application/x-font-ttf font/opentype;
|
||||
gzip_types text/plain text/css text/javascript text/js text/xml application/json application/javascript application/x-javascript application/xml application/xml+rss application/x-font-ttf image/svg+xml font/opentype;
|
||||
gzip_proxied any;
|
||||
|
||||
gzip_disable "MSIE [1-6]\.";
|
||||
|
||||
# Proxy settings
|
||||
proxy_redirect off;
|
||||
|
|
|
|||
|
|
@ -15,7 +15,7 @@ Alias /phpmyadmin /usr/share/phpmyadmin
|
|||
php_admin_flag allow_url_fopen Off
|
||||
php_value include_path .
|
||||
php_admin_value upload_tmp_dir /var/lib/phpmyadmin/tmp
|
||||
php_admin_value open_basedir /usr/share/phpmyadmin/:/etc/phpmyadmin/:/var/lib/phpmyadmin/:/usr/share/php/php-gettext
|
||||
php_admin_value open_basedir /usr/share/phpmyadmin/:/etc/phpmyadmin/:/var/lib/phpmyadmin/:/usr/share/php/php-gettext:/usr/share/javascript/
|
||||
</IfModule>
|
||||
|
||||
</Directory>
|
||||
|
|
|
|||
|
|
@ -448,7 +448,7 @@ $rcmail_config['create_default_folders'] = true;
|
|||
$rcmail_config['protect_default_folders'] = true;
|
||||
|
||||
// if in your system 0 quota means no limit set this option to true
|
||||
$rcmail_config['quota_zero_as_unlimited'] = false;
|
||||
$rcmail_config['quota_zero_as_unlimited'] = true;
|
||||
|
||||
// Make use of the built-in spell checker. It is based on GoogieSpell.
|
||||
// Since Google only accepts connections over https your PHP installatation
|
||||
|
|
@ -724,8 +724,8 @@ $rcmail_config['htmleditor'] = 0;
|
|||
// show pretty dates as standard
|
||||
$rcmail_config['prettydate'] = true;
|
||||
|
||||
// save compose message every 300 seconds (5min)
|
||||
$rcmail_config['draft_autosave'] = 300;
|
||||
// save compose message every 30 seconds
|
||||
$rcmail_config['draft_autosave'] = 30;
|
||||
|
||||
// default setting if preview pane is enabled
|
||||
$rcmail_config['preview_pane'] = false;
|
||||
|
|
|
|||
|
|
@ -9,3 +9,4 @@ ID='8' RECORD='pop' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time
|
|||
ID='9' RECORD='ftp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
|
||||
ID='10' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='mail.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
|
||||
ID='11' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"v=spf1 a mx ip4:%ip% ?all"' SUSPENDED='no' TIME='%time%' DATE='%date%'
|
||||
ID='12' RECORD='_dmarc' TYPE='TXT' PRIORITY='' VALUE='"v=DMARC1; p=none"' SUSPENDED='no' TIME='%time%' DATE='%date%'
|
||||
|
|
|
|||
|
|
@ -13,3 +13,4 @@ ID='12' RECORD='pop' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%tim
|
|||
ID='13' RECORD='ftp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
|
||||
ID='14' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='mail.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
|
||||
ID='15' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"v=spf1 a mx ip4:%ip% ?all"' SUSPENDED='no' TIME='%time%' DATE='%date%'
|
||||
ID='16' RECORD='_dmarc' TYPE='TXT' PRIORITY='' VALUE='"v=DMARC1; p=none"' SUSPENDED='no' TIME='%time%' DATE='%date%'
|
||||
|
|
|
|||
|
|
@ -17,10 +17,11 @@ tcp_wrappers=YES
|
|||
force_dot_files=YES
|
||||
ascii_upload_enable=YES
|
||||
ascii_download_enable=YES
|
||||
#allow_writable_chroot=YES
|
||||
allow_writeable_chroot=YES
|
||||
seccomp_sandbox=NO
|
||||
pasv_enable=YES
|
||||
pasv_max_port=12100
|
||||
pasv_min_port=12000
|
||||
pasv_max_port=12100
|
||||
max_per_ip=10
|
||||
max_clients=100
|
||||
use_localtime=YES
|
||||
|
|
|
|||
|
|
@ -273,7 +273,7 @@ fi
|
|||
# Brief Info #
|
||||
#----------------------------------------------------------#
|
||||
|
||||
# Printing nice ascii aslogo
|
||||
# Printing nice ASCII logo
|
||||
clear
|
||||
echo
|
||||
echo ' _| _| _|_|_|_| _|_|_| _|_|_|_|_| _|_|'
|
||||
|
|
@ -508,7 +508,7 @@ if [ "$release" = '16.04' ] && [ -e '/etc/init.d/mysql' ]; then
|
|||
fi
|
||||
|
||||
|
||||
# Backup vesta
|
||||
# Backup Vesta
|
||||
service vesta stop > /dev/null 2>&1
|
||||
cp -r $VESTA/* $vst_backups/vesta > /dev/null 2>&1
|
||||
apt-get -y remove vesta vesta-nginx vesta-php > /dev/null 2>&1
|
||||
|
|
@ -607,7 +607,7 @@ chmod a+x /usr/sbin/policy-rc.d
|
|||
apt-get -y install $software
|
||||
check_result $? "apt-get install failed"
|
||||
|
||||
# Restore policy
|
||||
# Restore policy
|
||||
rm -f /usr/sbin/policy-rc.d
|
||||
|
||||
|
||||
|
|
@ -625,8 +625,8 @@ rm -f /etc/cron.d/awstats
|
|||
# Set directory color
|
||||
echo 'LS_COLORS="$LS_COLORS:di=00;33"' >> /etc/profile
|
||||
|
||||
# Register /sbin/nologin
|
||||
echo "/sbin/nologin" >> /etc/shells
|
||||
# Register /usr/sbin/nologin
|
||||
echo "/usr/sbin/nologin" >> /etc/shells
|
||||
|
||||
# NTP Synchronization
|
||||
echo '#!/bin/sh' > /etc/cron.daily/ntpdate
|
||||
|
|
@ -662,10 +662,10 @@ echo 'PATH=$PATH:'$VESTA'/bin' >> /root/.bash_profile
|
|||
echo 'export PATH' >> /root/.bash_profile
|
||||
source /root/.bash_profile
|
||||
|
||||
# Configuring logrotate for vesta logs
|
||||
# Configuring logrotate for Vesta logs
|
||||
wget $vestacp/logrotate/vesta -O /etc/logrotate.d/vesta
|
||||
|
||||
# Buidling directory tree and creating some blank files for vesta
|
||||
# Buidling directory tree and creating some blank files for Vesta
|
||||
mkdir -p $VESTA/conf $VESTA/log $VESTA/ssl $VESTA/data/ips \
|
||||
$VESTA/data/queue $VESTA/data/users $VESTA/data/firewall \
|
||||
$VESTA/data/sessions
|
||||
|
|
@ -681,12 +681,12 @@ ln -s $VESTA/log /var/log/vesta
|
|||
chown admin:admin $VESTA/data/sessions
|
||||
chmod 770 $VESTA/data/sessions
|
||||
|
||||
# Generating vesta configuration
|
||||
# Generating Vesta configuration
|
||||
rm -f $VESTA/conf/vesta.conf 2>/dev/null
|
||||
touch $VESTA/conf/vesta.conf
|
||||
chmod 660 $VESTA/conf/vesta.conf
|
||||
|
||||
# WEB stack
|
||||
# Web stack
|
||||
if [ "$apache" = 'yes' ] && [ "$nginx" = 'no' ] ; then
|
||||
echo "WEB_SYSTEM='apache2'" >> $VESTA/conf/vesta.conf
|
||||
echo "WEB_RGROUPS='www-data'" >> $VESTA/conf/vesta.conf
|
||||
|
|
@ -892,7 +892,7 @@ done
|
|||
|
||||
|
||||
#----------------------------------------------------------#
|
||||
# Configure VSFTPD #
|
||||
# Configure Vsftpd #
|
||||
#----------------------------------------------------------#
|
||||
|
||||
if [ "$vsftpd" = 'yes' ]; then
|
||||
|
|
@ -929,14 +929,14 @@ if [ "$mysql" = 'yes' ]; then
|
|||
mycnf="my-large.cnf"
|
||||
fi
|
||||
|
||||
# MySQL configuration
|
||||
# Configuring MySQL/MariaDB
|
||||
wget $vestacp/mysql/$mycnf -O /etc/mysql/my.cnf
|
||||
mysql_install_db
|
||||
update-rc.d mysql defaults
|
||||
service mysql start
|
||||
check_result $? "mysql start failed"
|
||||
|
||||
# Securing MySQL installation
|
||||
# Securing MySQL/MariaDB installation
|
||||
mysqladmin -u root password $vpass
|
||||
echo -e "[client]\npassword='$vpass'\n" > /root/.my.cnf
|
||||
chmod 600 /root/.my.cnf
|
||||
|
|
@ -1074,7 +1074,7 @@ fi
|
|||
|
||||
|
||||
#----------------------------------------------------------#
|
||||
# Configure RoundCube #
|
||||
# Configure Roundcube #
|
||||
#----------------------------------------------------------#
|
||||
|
||||
if [ "$exim" = 'yes' ] && [ "$mysql" = 'yes' ]; then
|
||||
|
|
@ -1146,16 +1146,16 @@ if [ ! -z "$(grep ^admin: /etc/group)" ] && [ "$force" = 'yes' ]; then
|
|||
groupdel admin > /dev/null 2>&1
|
||||
fi
|
||||
|
||||
# Adding vesta account
|
||||
# Adding Vesta admin account
|
||||
$VESTA/bin/v-add-user admin $vpass $email default System Administrator
|
||||
check_result $? "can't create admin user"
|
||||
$VESTA/bin/v-change-user-shell admin bash
|
||||
$VESTA/bin/v-change-user-language admin $lang
|
||||
|
||||
# Configuring system ips
|
||||
# Configuring system IPs
|
||||
$VESTA/bin/v-update-sys-ip
|
||||
|
||||
# Get main ip
|
||||
# Get main IP
|
||||
ip=$(ip addr|grep 'inet '|grep global|head -n1|awk '{print $2}'|cut -f1 -d/)
|
||||
|
||||
# Firewall configuration
|
||||
|
|
@ -1163,20 +1163,20 @@ if [ "$iptables" = 'yes' ]; then
|
|||
$VESTA/bin/v-update-firewall
|
||||
fi
|
||||
|
||||
# Get public ip
|
||||
# Get public IP
|
||||
pub_ip=$(curl -s vestacp.com/what-is-my-ip/)
|
||||
if [ ! -z "$pub_ip" ] && [ "$pub_ip" != "$ip" ]; then
|
||||
$VESTA/bin/v-change-sys-ip-nat $ip $pub_ip
|
||||
ip=$pub_ip
|
||||
fi
|
||||
|
||||
# Configuring mysql host
|
||||
# Configuring MySQL host
|
||||
if [ "$mysql" = 'yes' ]; then
|
||||
$VESTA/bin/v-add-database-host mysql localhost root $vpass
|
||||
$VESTA/bin/v-add-database admin default default $(gen_pass) mysql
|
||||
fi
|
||||
|
||||
# Configuring pgsql host
|
||||
# Configuring PostgreSQL host
|
||||
if [ "$postgresql" = 'yes' ]; then
|
||||
$VESTA/bin/v-add-database-host pgsql localhost postgres $vpass
|
||||
$VESTA/bin/v-add-database admin db db $(gen_pass) pgsql
|
||||
|
|
@ -1203,7 +1203,7 @@ command="sudo $VESTA/bin/v-update-sys-rrd"
|
|||
$VESTA/bin/v-add-cron-job 'admin' '*/5' '*' '*' '*' '*' "$command"
|
||||
service cron restart
|
||||
|
||||
# Building inititall rrd images
|
||||
# Building initital rrd images
|
||||
$VESTA/bin/v-update-sys-rrd
|
||||
|
||||
# Enabling file system quota
|
||||
|
|
@ -1211,7 +1211,7 @@ if [ "$quota" = 'yes' ]; then
|
|||
$VESTA/bin/v-add-sys-quota
|
||||
fi
|
||||
|
||||
# Starting vesta service
|
||||
# Starting Vesta service
|
||||
update-rc.d vesta defaults
|
||||
service vesta start
|
||||
check_result $? "vesta start failed"
|
||||
|
|
@ -1231,7 +1231,7 @@ $VESTA/bin/v-add-cron-vesta-autoupdate
|
|||
# Sending install notification to vestacp.com
|
||||
wget vestacp.com/notify/?$codename -O /dev/null -q
|
||||
|
||||
# Comparing hostname and ip
|
||||
# Comparing hostname and IP
|
||||
host_ip=$(host $servername| head -n 1 | awk '{print $NF}')
|
||||
if [ "$host_ip" = "$ip" ]; then
|
||||
ip="$servername"
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue