github/myvesta
1
0
Fork 0
mirror of https://github.com/myvesta/vesta synced 2025-08-14 18:49:21 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions

New vesta installer

Browse source
This commit is contained in:
Serghey Rodin 2015-10-21 20:10:00 +03:00
commit e892898874
1545 changed files with 59733 additions and 3626 deletions
Download patch file Download diff file Expand all files Collapse all files

30
install/rhel/5/GPG.txt Normal file
View file

@ -0,0 +1,30 @@
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1.4.5 (GNU/Linux)
mQGiBExUOVkRBACPJeB3bdrAggHlFpkaB1aRDXDz7clRg6jyEzdMYHhrniSyjhAH
+b53zE4iapCHFIamEG2Fa7zS2lSx7068AmqHsZK5jwmyhTVVYuTtbebj1C4Y5ToW
icHhy4ullB7qeDmAod6EY4YSx2kYO3dR/QLk5QM4lWuV/OLdXWTeoKiiYwCg0UAP
yUkBXgNcKXrFqoJelmG3JEMEAIYM7CGwVd47FsM1UCu56HNQPErxLoUPBUlAQFtx
OMOFDMEm7qH7ve8FgGGRL9oHF7mSJ3y7HgM1BF5MHkKz6FjDrT1U5+Lub6oI2e90
gfCMGlQAzUm9o+fijfbhKoEQ/xQRkUoqWEaf9zlFx1/4+NH+Qz/L8ZDTHvSLvUgt
HyZlA/916St5suAUugXu9PeLRVqboiHjhz0JWKneQEQ2QcTu8lhHsu/mZTWL9FYn
XwtiCJLZT8bpBSfl8Oeqhof1+sPgnv7t/LuKQ6JJmyJ46Sa453wfrs+xs32hKAe+
ZN0VGBmHe7NhuhW/LdM0KMMr/LHuJJJAgmt+XVHi2RFwsZvdMbQkVmVzdGEgUGFj
a2FnZXMgPGJ1aWxkZXJAdmVzdGFjcC5jb20+iGAEExECACAFAkxUOVkCGwMGCwkI
BwMCBBUCCAMEFgIDAQIeAQIXgAAKCRBbjeFzoXeCtp6dAKDQfeTPHi6hCgg4L+sx
LEjXvVdLOwCfe9yfr+en+uz6qst0QBT2cAwB+q+5Ag0ETFQ5bBAIAJYZa9pV9l/R
OUFgIvdJd1mvzJpRAXsRBBJc22WuOHp22Uj+lMKrJMTRQZvFBvk9s7Mb1/ACXrL4
vIbsKqXNAlVFp9kF1tKV2ejZ1MrJaQ4819bIkyG0lJzjl6u9lzJopF7ie00YHKC6
1rltLaevfFjUXq1DoYZBg42hT/SOj+3+2D0e9qcxeuxXbsjnvwtxxUkWcP/ftOSt
HsAAbM1YtwGl9+fZLWG9+WIKNOE9kp+h2ywZtFA4v/Ms2op7oZGAL7C95k1EgLrH
mOZ0B2oKOLctV1z9keWksPN/osyG7Mg8ljv8zF3XwQFqHOHRntDqSWoFBMvJBkNS
vtm6u5WyKd8ABAsH/0RbeWVA+JqpZ24Rl57XoDRPRzno0m0EnkJMXr22uBq1lPg8
VkadrGOshFXpM3Rho57f3U7fwKmShQXGEV7RHsWcxcfwOSKVJtI468sDuYXc2l1f
5nFo+rCtVh3BBq+JtZFKX0x53BesCT/M7l33Dfm9MDi34tEdPTPjumBIH1dowYdv
9/2HPlPp4NZte7gOO/VIAiS+jJ30aBn09t8duW5md7/rkOPIM5It05LGCLjb9hVm
R9zTwzw30fIrkeyWZdAbk76lH8u8j6PX30U6RRzb33+XIFR4ab3nlyqOQOpoTqyG
cs7B02sgBbyC+RG1EYfcelSEvLXkR8mjcqjs+MCISQQYEQIACQUCTFQ5bAIbDAAK
CRBbjeFzoXeCtlpcAKDLh59svtq/Gn99O9ZZw0nBjWv6sACfffDxPhCP1F852Jab
d8P1WGhr2Q8=
=Z1Jj
-----END PGP PUBLIC KEY BLOCK-----

502
install/rhel/5/clamav/clamd.conf Normal file
View file

@ -0,0 +1,502 @@
##
## Example config file for the Clam AV daemon
## Please read the clamd.conf(5) manual before editing this file.
##
# Comment or remove the line below.
#Example
# Uncomment this option to enable logging.
# LogFile must be writable for the user running daemon.
# A full path is required.
# Default: disabled
LogFile /var/log/clamav/clamd.log
# By default the log file is locked for writing - the lock protects against
# running clamd multiple times (if want to run another clamd, please
# copy the configuration file, change the LogFile variable, and run
# the daemon with --config-file option).
# This option disables log file locking.
# Default: no
#LogFileUnlock yes
# Maximum size of the log file.
# Value of 0 disables the limit.
# You may use 'M' or 'm' for megabytes (1M = 1m = 1048576 bytes)
# and 'K' or 'k' for kilobytes (1K = 1k = 1024 bytes). To specify the size
# in bytes just don't use modifiers.
# Default: 1M
LogFileMaxSize 0
# Log time with each message.
# Default: no
LogTime yes
# Also log clean files. Useful in debugging but drastically increases the
# log size.
# Default: no
#LogClean yes
# Use system logger (can work together with LogFile).
# Default: no
LogSyslog yes
# Specify the type of syslog messages - please refer to 'man syslog'
# for facility names.
# Default: LOG_LOCAL6
#LogFacility LOG_MAIL
# Enable verbose logging.
# Default: no
#LogVerbose yes
# Log additional information about the infected file, such as its
# size and hash, together with the virus name.
#ExtendedDetectionInfo yes
# This option allows you to save a process identifier of the listening
# daemon (main thread).
# Default: disabled
PidFile /var/run/clamav/clamd.pid
# Optional path to the global temporary directory.
# Default: system specific (usually /tmp or /var/tmp).
TemporaryDirectory /var/tmp
# Path to the database directory.
# Default: hardcoded (depends on installation options)
DatabaseDirectory /var/lib/clamav
# Only load the official signatures published by the ClamAV project.
# Default: no
#OfficialDatabaseOnly no
# The daemon can work in local mode, network mode or both.
# Due to security reasons we recommend the local mode.
# Path to a local socket file the daemon will listen on.
# Default: disabled (must be specified by a user)
LocalSocket /var/run/clamav/clamd.sock
# Sets the group ownership on the unix socket.
# Default: disabled (the primary group of the user running clamd)
#LocalSocketGroup virusgroup
# Sets the permissions on the unix socket to the specified mode.
# Default: disabled (socket is world accessible)
#LocalSocketMode 660
# Remove stale socket after unclean shutdown.
# Default: yes
FixStaleSocket yes
# TCP port address.
# Default: no
TCPSocket 3310
# TCP address.
# By default we bind to INADDR_ANY, probably not wise.
# Enable the following to provide some degree of protection
# from the outside world.
# Default: no
TCPAddr 127.0.0.1
# Maximum length the queue of pending connections may grow to.
# Default: 200
MaxConnectionQueueLength 30
# Clamd uses FTP-like protocol to receive data from remote clients.
# If you are using clamav-milter to balance load between remote clamd daemons
# on firewall servers you may need to tune the options below.
# Close the connection when the data size limit is exceeded.
# The value should match your MTA's limit for a maximum attachment size.
# Default: 25M
#StreamMaxLength 10M
# Limit port range.
# Default: 1024
#StreamMinPort 30000
# Default: 2048
#StreamMaxPort 32000
# Maximum number of threads running at the same time.
# Default: 10
MaxThreads 50
# Waiting for data from a client socket will timeout after this time (seconds).
# Default: 120
ReadTimeout 300
# This option specifies the time (in seconds) after which clamd should
# timeout if a client doesn't provide any initial command after connecting.
# Default: 5
#CommandReadTimeout 5
# This option specifies how long to wait (in miliseconds) if the send buffer is full.
# Keep this value low to prevent clamd hanging
#
# Default: 500
#SendBufTimeout 200
# Maximum number of queued items (including those being processed by MaxThreads threads)
# It is recommended to have this value at least twice MaxThreads if possible.
# WARNING: you shouldn't increase this too much to avoid running out of file descriptors,
# the following condition should hold:
# MaxThreads*MaxRecursion + (MaxQueue - MaxThreads) + 6< RLIMIT_NOFILE (usual max is 1024)
#
# Default: 100
#MaxQueue 200
# Waiting for a new job will timeout after this time (seconds).
# Default: 30
#IdleTimeout 60
# Don't scan files and directories matching regex
# This directive can be used multiple times
# Default: scan all
#ExcludePath ^/proc/
#ExcludePath ^/sys/
# Maximum depth directories are scanned at.
# Default: 15
#MaxDirectoryRecursion 20
# Follow directory symlinks.
# Default: no
#FollowDirectorySymlinks yes
# Follow regular file symlinks.
# Default: no
#FollowFileSymlinks yes
# Scan files and directories on other filesystems.
# Default: yes
#CrossFilesystems yes
# Perform a database check.
# Default: 600 (10 min)
#SelfCheck 600
# Execute a command when virus is found. In the command string %v will
# be replaced with the virus name.
# Default: no
#VirusEvent /usr/local/bin/send_sms 123456789 "VIRUS ALERT: %v"
# Run as another user (clamd must be started by root for this option to work)
# Default: don't drop privileges
User clam
# Initialize supplementary group access (clamd must be started by root).
# Default: no
AllowSupplementaryGroups yes
# Stop daemon when libclamav reports out of memory condition.
#ExitOnOOM yes
# Don't fork into background.
# Default: no
#Foreground yes
# Enable debug messages in libclamav.
# Default: no
#Debug yes
# Do not remove temporary files (for debug purposes).
# Default: no
#LeaveTemporaryFiles yes
# Detect Possibly Unwanted Applications.
# Default: no
#DetectPUA yes
# Exclude a specific PUA category. This directive can be used multiple times.
# See http://www.clamav.net/support/pua for the complete list of PUA
# categories.
# Default: Load all categories (if DetectPUA is activated)
#ExcludePUA NetTool
#ExcludePUA PWTool
# Only include a specific PUA category. This directive can be used multiple
# times.
# Default: Load all categories (if DetectPUA is activated)
#IncludePUA Spy
#IncludePUA Scanner
#IncludePUA RAT
# In some cases (eg. complex malware, exploits in graphic files, and others),
# ClamAV uses special algorithms to provide accurate detection. This option
# controls the algorithmic detection.
# Default: yes
#AlgorithmicDetection yes
##
## Executable files
##
# PE stands for Portable Executable - it's an executable file format used
# in all 32 and 64-bit versions of Windows operating systems. This option allows
# ClamAV to perform a deeper analysis of executable files and it's also
# required for decompression of popular executable packers such as UPX, FSG,
# and Petite. If you turn off this option, the original files will still be
# scanned, but without additional processing.
# Default: yes
ScanPE yes
# Executable and Linking Format is a standard format for UN*X executables.
# This option allows you to control the scanning of ELF files.
# If you turn off this option, the original files will still be scanned, but
# without additional processing.
# Default: yes
ScanELF yes
# With this option clamav will try to detect broken executables (both PE and
# ELF) and mark them as Broken.Executable.
# Default: no
DetectBrokenExecutables yes
##
## Documents
##
# This option enables scanning of OLE2 files, such as Microsoft Office
# documents and .msi files.
# If you turn off this option, the original files will still be scanned, but
# without additional processing.
# Default: yes
ScanOLE2 yes
# With this option enabled OLE2 files with VBA macros, which were not
# detected by signatures will be marked as "Heuristics.OLE2.ContainsMacros".
# Default: no
#OLE2BlockMacros no
# This option enables scanning within PDF files.
# If you turn off this option, the original files will still be scanned, but
# without decoding and additional processing.
# Default: yes
#ScanPDF yes
##
## Mail files
##
# Enable internal e-mail scanner.
# If you turn off this option, the original files will still be scanned, but
# without parsing individual messages/attachments.
# Default: yes
ScanMail yes
# Scan RFC1341 messages split over many emails.
# You will need to periodically clean up $TemporaryDirectory/clamav-partial directory.
# WARNING: This option may open your system to a DoS attack.
# Never use it on loaded servers.
# Default: no
#ScanPartialMessages yes
# With this option enabled ClamAV will try to detect phishing attempts by using
# signatures.
# Default: yes
#PhishingSignatures yes
# Scan URLs found in mails for phishing attempts using heuristics.
# Default: yes
#PhishingScanURLs yes
# Always block SSL mismatches in URLs, even if the URL isn't in the database.
# This can lead to false positives.
#
# Default: no
#PhishingAlwaysBlockSSLMismatch no
# Always block cloaked URLs, even if URL isn't in database.
# This can lead to false positives.
#
# Default: no
#PhishingAlwaysBlockCloak no
# Allow heuristic match to take precedence.
# When enabled, if a heuristic scan (such as phishingScan) detects
# a possible virus/phish it will stop scan immediately. Recommended, saves CPU
# scan-time.
# When disabled, virus/phish detected by heuristic scans will be reported only at
# the end of a scan. If an archive contains both a heuristically detected
# virus/phish, and a real malware, the real malware will be reported
#
# Keep this disabled if you intend to handle "*.Heuristics.*" viruses
# differently from "real" malware.
# If a non-heuristically-detected virus (signature-based) is found first,
# the scan is interrupted immediately, regardless of this config option.
#
# Default: no
#HeuristicScanPrecedence yes
##
## Data Loss Prevention (DLP)
##
# Enable the DLP module
# Default: No
#StructuredDataDetection yes
# This option sets the lowest number of Credit Card numbers found in a file
# to generate a detect.
# Default: 3
#StructuredMinCreditCardCount 5
# This option sets the lowest number of Social Security Numbers found
# in a file to generate a detect.
# Default: 3
#StructuredMinSSNCount 5
# With this option enabled the DLP module will search for valid
# SSNs formatted as xxx-yy-zzzz
# Default: yes
#StructuredSSNFormatNormal yes
# With this option enabled the DLP module will search for valid
# SSNs formatted as xxxyyzzzz
# Default: no
#StructuredSSNFormatStripped yes
##
## HTML
##
# Perform HTML normalisation and decryption of MS Script Encoder code.
# Default: yes
# If you turn off this option, the original files will still be scanned, but
# without additional processing.
#ScanHTML yes
##
## Archives
##
# ClamAV can scan within archives and compressed files.
# If you turn off this option, the original files will still be scanned, but
# without unpacking and additional processing.
# Default: yes
ScanArchive yes
# Mark encrypted archives as viruses (Encrypted.Zip, Encrypted.RAR).
# Default: no
ArchiveBlockEncrypted no
##
## Limits
##
# The options below protect your system against Denial of Service attacks
# using archive bombs.
# This option sets the maximum amount of data to be scanned for each input file.
# Archives and other containers are recursively extracted and scanned up to this
# value.
# Value of 0 disables the limit
# Note: disabling this limit or setting it too high may result in severe damage
# to the system.
# Default: 100M
#MaxScanSize 150M
# Files larger than this limit won't be scanned. Affects the input file itself
# as well as files contained inside it (when the input file is an archive, a
# document or some other kind of container).
# Value of 0 disables the limit.
# Note: disabling this limit or setting it too high may result in severe damage
# to the system.
# Default: 25M
#MaxFileSize 30M
# Nested archives are scanned recursively, e.g. if a Zip archive contains a RAR
# file, all files within it will also be scanned. This options specifies how
# deeply the process should be continued.
# Note: setting this limit too high may result in severe damage to the system.
# Default: 16
#MaxRecursion 10
# Number of files to be scanned within an archive, a document, or any other
# container file.
# Value of 0 disables the limit.
# Note: disabling this limit or setting it too high may result in severe damage
# to the system.
# Default: 10000
#MaxFiles 15000
##
## Clamuko settings
##
# Enable Clamuko. Dazuko must be configured and running. Clamuko supports
# both Dazuko (/dev/dazuko) and DazukoFS (/dev/dazukofs.ctrl). DazukoFS
# is the preferred option. For more information please visit www.dazuko.org
# Default: no
#ClamukoScanOnAccess yes
# The number of scanner threads that will be started (DazukoFS only).
# Having multiple scanner threads allows Clamuko to serve multiple
# processes simultaneously. This is particularly beneficial on SMP machines.
# Default: 3
#ClamukoScannerCount 3
# Don't scan files larger than ClamukoMaxFileSize
# Value of 0 disables the limit.
# Default: 5M
#ClamukoMaxFileSize 10M
# Set access mask for Clamuko (Dazuko only).
# Default: no
#ClamukoScanOnOpen yes
#ClamukoScanOnClose yes
#ClamukoScanOnExec yes
# Set the include paths (all files inside them will be scanned). You can have
# multiple ClamukoIncludePath directives but each directory must be added
# in a seperate line. (Dazuko only)
# Default: disabled
#ClamukoIncludePath /home
#ClamukoIncludePath /students
# Set the exclude paths. All subdirectories are also excluded. (Dazuko only)
# Default: disabled
#ClamukoExcludePath /home/bofh
# With this option you can whitelist specific UIDs. Processes with these UIDs
# will be able to access all files.
# This option can be used multiple times (one per line).
# Default: disabled
#ClamukoExcludeUID 0
# With this option enabled ClamAV will load bytecode from the database.
# It is highly recommended you keep this option on, otherwise you'll miss detections for many new viruses.
# Default: yes
#Bytecode yes
# Set bytecode security level.
# Possible values:
# None - no security at all, meant for debugging. DO NOT USE THIS ON PRODUCTION SYSTEMS
# This value is only available if clamav was built with --enable-debug!
# TrustSigned - trust bytecode loaded from signed .c[lv]d files,
# insert runtime safety checks for bytecode loaded from other sources
# Paranoid - don't trust any bytecode, insert runtime checks for all
# Recommended: TrustSigned, because bytecode in .cvd files already has these checks
# Note that by default only signed bytecode is loaded, currently you can only
# load unsigned bytecode in --enable-debug mode.
#
# Default: TrustSigned
#BytecodeSecurity TrustSigned
# Set bytecode timeout in miliseconds.
#
# Default: 5000
# BytecodeTimeout 1000

12
install/rhel/5/clamav/clamd.service Normal file
View file

@ -0,0 +1,12 @@
[Unit]
Description = clamd scanner (clamd) daemon
After = syslog.target nss-lookup.target network.target
[Service]
Type = simple
ExecStart = /usr/sbin/clamd -c /etc/clamd.conf --nofork=yes
Restart = on-failure
PrivateTmp = true
[Install]
WantedBy=multi-user.target

6
install/rhel/5/clamav/freshclam.conf Normal file
View file

@ -0,0 +1,6 @@
DatabaseDirectory /var/lib/clamav
UpdateLogFile /var/log/clamav/freshclam.log
LogSyslog yes
DatabaseOwner clam
DatabaseMirror db.ca.clamav.net
DatabaseMirror db.local.clamav.net

BIN
install/rhel/5/dovecot.tar.gz Normal file
View file

Binary file not shown.

29
install/rhel/5/dovecot/dovecot.conf Normal file
View file

@ -0,0 +1,29 @@
protocols = imap imaps pop3 pop3s
log_path = /var/log/dovecot.log
ssl_cert_file = /usr/local/vesta/ssl/certificate.crt
ssl_key_file = /usr/local/vesta/ssl/certificate.key
disable_plaintext_auth = no
mail_location = maildir:%h/mail/%d/%n
umask = 0077
pop3_uidl_format = %08Xu%08Xv
auth_verbose = yes
auth_username_format = %Lu
auth default {
mechanisms = plain login
passdb passwd-file {
args = /etc/exim/domains/%d/passwd
}
userdb passwd-file {
args = /etc/exim/domains/%d/passwd
}
socket listen {
client {
path = /var/run/dovecot/auth-client
mode = 0666
}
}
}

BIN
install/rhel/5/epel-release.rpm Normal file
View file

Binary file not shown.

2
install/rhel/5/exim/dnsbl.conf Normal file
View file

@ -0,0 +1,2 @@
bl.spamcop.net
zen.spamhaus.org

384
install/rhel/5/exim/exim-smarthost.conf Normal file
View file

@ -0,0 +1,384 @@
######################################################################
# #
# Exim configuration file for Vesta Control Panel #
# #
######################################################################
#SPAMASSASSIN = yes
#SPAM_SCORE = 50
#CLAMD = yes
domainlist local_domains = dsearch;/etc/exim/domains/
domainlist relay_to_domains = dsearch;/etc/exim/domains/
hostlist relay_from_hosts = 127.0.0.1
hostlist whitelist = net-iplsearch;/etc/exim/white-blocks.conf
hostlist spammers = net-iplsearch;/etc/exim/spam-blocks.conf
no_local_from_check
untrusted_set_sender = *
acl_smtp_connect = acl_check_spammers
acl_smtp_mail = acl_check_mail
acl_smtp_rcpt = acl_check_rcpt
acl_smtp_data = acl_check_data
acl_smtp_mime = acl_check_mime
.ifdef SPAMASSASSIN
spamd_address = 127.0.0.1 783
.endif
.ifdef CLAMD
av_scanner = clamd: /var/run/clamav/clamd.sock
.endif
tls_advertise_hosts = *
tls_certificate = /etc/pki/tls/certs/exim.pem
tls_privatekey = /etc/pki/tls/private/exim.pem
daemon_smtp_ports = 25 : 465 : 587 : 2525
tls_on_connect_ports = 465
never_users = root
host_lookup = *
rfc1413_hosts = *
rfc1413_query_timeout = 5s
ignore_bounce_errors_after = 2d
timeout_frozen_after = 7d
DKIM_DOMAIN = ${lc:${domain:$h_from:}}
DKIM_FILE = /etc/exim/domains/${lc:${domain:$h_from:}}/dkim.pem
DKIM_PRIVATE_KEY = ${if exists{DKIM_FILE}{DKIM_FILE}{0}}
######################################################################
# ACL CONFIGURATION #
# Specifies access control lists for incoming SMTP mail #
######################################################################
begin acl
acl_check_spammers:
accept hosts = +whitelist
drop message = Your host in blacklist on this server.
log_message = Host in blacklist
hosts = +spammers
accept
acl_check_mail:
deny condition = ${if eq{$sender_helo_name}{}}
message = HELO required before MAIL
drop message = Helo name contains a ip address (HELO was $sender_helo_name) and not is valid
condition = ${if match{$sender_helo_name}{\N((\d{1,3}[.-]\d{1,3}[.-]\d{1,3}[.-]\d{1,3})|([0-9a-f]{8})|([0-9A-F]{8}))\N}{yes}{no}}
condition = ${if match {${lookup dnsdb{>: defer_never,ptr=$sender_host_address}}\}{$sender_helo_name}{no}{yes}}
delay = 45s
drop condition = ${if isip{$sender_helo_name}}
message = Access denied - Invalid HELO name (See RFC2821 4.1.3)
drop condition = ${if eq{[$interface_address]}{$sender_helo_name}}
message = $interface_address is _my_ address
accept
acl_check_rcpt:
accept hosts = :
deny message = Restricted characters in address
domains = +local_domains
local_parts = ^[.] : ^.*[@%!/|]
deny message = Restricted characters in address
domains = !+local_domains
local_parts = ^[./|] : ^.*[@%!] : ^.*/\\.\\./
require verify = sender
accept hosts = +relay_from_hosts
control = submission
accept authenticated = *
control = submission/domain=
deny message = Rejected because $sender_host_address is in a black list at $dnslist_domain\n$dnslist_text
hosts = !+whitelist
dnslists = ${readfile {/etc/exim/dnsbl.conf}{:}}
require message = relay not permitted
domains = +local_domains : +relay_to_domains
deny message = smtp auth requried
sender_domains = +local_domains
!authenticated = *
require verify = recipient
.ifdef CLAMD
warn set acl_m0 = no
warn condition = ${if exists {/etc/exim/domains/$domain/antivirus}{yes}{no}}
set acl_m0 = yes
.endif
.ifdef SPAMASSASSIN
warn set acl_m1 = no
warn condition = ${if exists {/etc/exim/domains/$domain/antispam}{yes}{no}}
set acl_m1 = yes
.endif
accept
acl_check_data:
.ifdef CLAMD
deny message = Message contains a virus ($malware_name) and has been rejected
malware = *
condition = ${if eq{$acl_m0}{yes}{yes}{no}}
.endif
.ifdef SPAMASSASSIN
warn !authenticated = *
hosts = !+relay_from_hosts
condition = ${if < {$message_size}{100K}}
condition = ${if eq{$acl_m1}{yes}{yes}{no}}
spam = nobody:true/defer_ok
add_header = X-Spam-Score: $spam_score_int
add_header = X-Spam-Bar: $spam_bar
add_header = X-Spam-Report: $spam_report
set acl_m2 = $spam_score_int
warn condition = ${if !eq{$acl_m2}{} {yes}{no}}
condition = ${if >{$acl_m2}{SPAM_SCORE} {yes}{no}}
add_header = X-Spam-Status: Yes
message = SpamAssassin detected spam (from $sender_address to $recipients).
.endif
accept
acl_check_mime:
deny message = Blacklisted file extension detected
condition = ${if match {${lc:$mime_filename}}{\N(\.ade|\.adp|\.bat|\.chm|\.cmd|\.com|\.cpl|\.exe|\.hta|\.ins|\.isp|\.jse|\.lib|\.lnk|\.mde|\.msc|\.msp|\.mst|\.pif|\.scr|\.sct|\.shb|\.sys|\.vb|\.vbe|\.vbs|\.vxd|\.wsc|\.wsf|\.wsh)$\N}{1}{0}}
accept
######################################################################
# AUTHENTICATION CONFIGURATION #
######################################################################
begin authenticators
login:
driver = plaintext
public_name = LOGIN
client_send = ": user@smartrelay.vestacp.com : p4sw0rd"
server_set_id = $auth1
dovecot_plain:
driver = dovecot
public_name = PLAIN
server_socket = /var/run/dovecot/auth-client
server_set_id = $auth1
dovecot_login:
driver = dovecot
public_name = LOGIN
server_socket = /var/run/dovecot/auth-client
server_set_id = $auth1
######################################################################
# ROUTERS CONFIGURATION #
# Specifies how addresses are handled #
######################################################################
begin routers
smarthost:
driver = manualroute
domains = ! +local_domains
transport = remote_smtp_auth
route_list = * smartrelay.vestacp.com
dnslookup:
driver = dnslookup
domains = !+local_domains
transport = remote_smtp
no_more
userforward:
driver = redirect
check_local_user
file = $home/.forward
allow_filter
no_verify
no_expn
check_ancestor
file_transport = address_file
pipe_transport = address_pipe
reply_transport = address_reply
procmail:
driver = accept
check_local_user
require_files = ${local_part}:+${home}/.procmailrc:/usr/bin/procmail
transport = procmail
no_verify
autoreplay:
driver = accept
require_files = /etc/exim/domains/$domain/autoreply.${local_part}.msg
condition = ${if exists{/etc/exim/domains/$domain/autoreply.${local_part}.msg}}{yes}{no}}
retry_use_local_part
transport = userautoreply
unseen
aliases:
driver = redirect
headers_add = X-redirected: yes
data = ${extract{1}{:}{${lookup{$local_part@$domain}lsearch{/etc/exim/domains/$domain/aliases}}}}
require_files = /etc/exim/domains/$domain/aliases
redirect_router = dnslookup
pipe_transport = address_pipe
unseen
localuser_fwd_only:
driver = accept
transport = devnull
condition = ${if exists{/etc/exim/domains/$domain/fwd_only}{${lookup{$local_part}lsearch{/etc/exim/domains/$domain/fwd_only}{true}{false}}}}
localuser_spam:
driver = accept
transport = local_spam_delivery
condition = ${if eq {${if match{$h_X-Spam-Status:}{\N^Yes\N}{yes}{no}}} {${lookup{$local_part}lsearch{/etc/exim/domains/$domain/passwd}{yes}{no_such_user}}}}
localuser:
driver = accept
transport = local_delivery
condition = ${lookup{$local_part}lsearch{/etc/exim/domains/$domain/passwd}{true}{false}}
catchall:
driver = redirect
headers_add = X-redirected: yes
require_files = /etc/exim/domains/$domain/aliases
data = ${extract{1}{:}{${lookup{*@$domain}lsearch{/etc/exim/domains/$domain/aliases}}}}
file_transport = local_delivery
redirect_router = dnslookup
terminate_alias:
driver = accept
transport = devnull
condition = ${lookup{$local_part@$domain}lsearch{/etc/exim/domains/$domain/aliases}{true}{false}}
######################################################################
# TRANSPORTS CONFIGURATION #
######################################################################
begin transports
remote_smtp:
driver = smtp
dkim_domain = DKIM_DOMAIN
dkim_selector = mail
dkim_private_key = DKIM_PRIVATE_KEY
dkim_canon = relaxed
dkim_strict = 0
remote_smtp_auth:
driver = smtp
hosts = smartrelay.vestacp.com
hosts_require_auth = smartrelay.vestacp.com
procmail:
driver = pipe
command = "/usr/bin/procmail -d $local_part"
return_path_add
delivery_date_add
envelope_to_add
user = $local_part
initgroups
return_output
local_delivery:
driver = appendfile
maildir_format
maildir_use_size_file
user = ${extract{2}{:}{${lookup{$local_part}lsearch{/etc/exim/domains/$domain/passwd}}}}
group = mail
create_directory
directory_mode = 770
mode = 660
use_lockfile = no
delivery_date_add
envelope_to_add
return_path_add
directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim/domains/$domain/passwd}}}}/mail/$domain/$local_part"
quota = ${extract{6}{:}{${lookup{$local_part}lsearch{/etc/exim/domains/$domain/passwd}}}}M
quota_warn_threshold = 75%
local_spam_delivery:
driver = appendfile
maildir_format
maildir_use_size_file
user = ${extract{2}{:}{${lookup{$local_part}lsearch{/etc/exim/domains/$domain/passwd}}}}
group = mail
create_directory
directory_mode = 770
mode = 660
use_lockfile = no
delivery_date_add
envelope_to_add
return_path_add
directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim/domains/$domain/passwd}}}}/mail/$domain/$local_part/.Spam"
quota = ${extract{6}{:}{${lookup{$local_part}lsearch{/etc/exim/domains/$domain/passwd}}}}M
quota_directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim/domains/$domain/passwd}}}}/mail/$domain/$local_part"
quota_warn_threshold = 75%
address_pipe:
driver = pipe
return_output
address_file:
driver = appendfile
delivery_date_add
envelope_to_add
return_path_add
address_reply:
driver = autoreply
userautoreply:
driver = autoreply
file = /etc/exim/domains/$domain/autoreply.${local_part}.msg
from = "${local_part}@${domain}"
subject = "${if def:h_Subject: {Autoreply: ${quote:${escape:$h_Subject:}}} {Autoreply Message}}"
to = "${sender_address}"
devnull:
driver = appendfile
file = /dev/null
######################################################################
# RETRY CONFIGURATION #
######################################################################
begin retry
# Address or Domain Error Retries
# ----------------- ----- -------
* * F,2h,15m; G,16h,1h,1.5; F,4d,6h
######################################################################
# REWRITE CONFIGURATION #
######################################################################
begin rewrite
######################################################################

376
install/rhel/5/exim/exim.conf Normal file
View file

@ -0,0 +1,376 @@
######################################################################
# #
# Exim configuration file for Vesta Control Panel #
# #
######################################################################
#SPAMASSASSIN = yes
#SPAM_SCORE = 50
#CLAMD = yes
domainlist local_domains = dsearch;/etc/exim/domains/
domainlist relay_to_domains = dsearch;/etc/exim/domains/
hostlist relay_from_hosts = 127.0.0.1
hostlist whitelist = net-iplsearch;/etc/exim/white-blocks.conf
hostlist spammers = net-iplsearch;/etc/exim/spam-blocks.conf
no_local_from_check
untrusted_set_sender = *
acl_smtp_connect = acl_check_spammers
acl_smtp_mail = acl_check_mail
acl_smtp_rcpt = acl_check_rcpt
acl_smtp_data = acl_check_data
acl_smtp_mime = acl_check_mime
.ifdef SPAMASSASSIN
spamd_address = 127.0.0.1 783
.endif
.ifdef CLAMD
av_scanner = clamd: /var/run/clamav/clamd.sock
.endif
tls_advertise_hosts = *
tls_certificate = /usr/local/vesta/ssl/certificate.crt
tls_privatekey = /usr/local/vesta/ssl/certificate.key
daemon_smtp_ports = 25 : 465 : 587 : 2525
tls_on_connect_ports = 465
never_users = root
host_lookup = *
rfc1413_hosts = *
rfc1413_query_timeout = 5s
ignore_bounce_errors_after = 2d
timeout_frozen_after = 7d
DKIM_DOMAIN = ${lc:${domain:$h_from:}}
DKIM_FILE = /etc/exim/domains/${lc:${domain:$h_from:}}/dkim.pem
DKIM_PRIVATE_KEY = ${if exists{DKIM_FILE}{DKIM_FILE}{0}}
######################################################################
# ACL CONFIGURATION #
# Specifies access control lists for incoming SMTP mail #
######################################################################
begin acl
acl_check_spammers:
accept hosts = +whitelist
drop message = Your host in blacklist on this server.
log_message = Host in blacklist
hosts = +spammers
accept
acl_check_mail:
deny condition = ${if eq{$sender_helo_name}{}}
message = HELO required before MAIL
drop message = Helo name contains a ip address (HELO was $sender_helo_name) and not is valid
condition = ${if match{$sender_helo_name}{\N((\d{1,3}[.-]\d{1,3}[.-]\d{1,3}[.-]\d{1,3})|([0-9a-f]{8})|([0-9A-F]{8}))\N}{yes}{no}}
condition = ${if match {${lookup dnsdb{>: defer_never,ptr=$sender_host_address}}\}{$sender_helo_name}{no}{yes}}
delay = 45s
drop condition = ${if isip{$sender_helo_name}}
message = Access denied - Invalid HELO name (See RFC2821 4.1.3)
drop condition = ${if eq{[$interface_address]}{$sender_helo_name}}
message = $interface_address is _my_ address
accept
acl_check_rcpt:
accept hosts = :
deny message = Restricted characters in address
domains = +local_domains
local_parts = ^[.] : ^.*[@%!/|]
deny message = Restricted characters in address
domains = !+local_domains
local_parts = ^[./|] : ^.*[@%!] : ^.*/\\.\\./
require verify = sender
accept hosts = +relay_from_hosts
control = submission
accept authenticated = *
control = submission/domain=
deny message = Rejected because $sender_host_address is in a black list at $dnslist_domain\n$dnslist_text
hosts = !+whitelist
dnslists = ${readfile {/etc/exim/dnsbl.conf}{:}}
require message = relay not permitted
domains = +local_domains : +relay_to_domains
deny message = smtp auth requried
sender_domains = +local_domains
!authenticated = *
require verify = recipient
.ifdef CLAMD
warn set acl_m0 = no
warn condition = ${if exists {/etc/exim/domains/$domain/antivirus}{yes}{no}}
set acl_m0 = yes
.endif
.ifdef SPAMASSASSIN
warn set acl_m1 = no
warn condition = ${if exists {/etc/exim/domains/$domain/antispam}{yes}{no}}
set acl_m1 = yes
.endif
accept
acl_check_data:
.ifdef CLAMD
deny message = Message contains a virus ($malware_name) and has been rejected
malware = *
condition = ${if eq{$acl_m0}{yes}{yes}{no}}
.endif
.ifdef SPAMASSASSIN
warn !authenticated = *
hosts = !+relay_from_hosts
condition = ${if < {$message_size}{100K}}
condition = ${if eq{$acl_m1}{yes}{yes}{no}}
spam = nobody:true/defer_ok
add_header = X-Spam-Score: $spam_score_int
add_header = X-Spam-Bar: $spam_bar
add_header = X-Spam-Report: $spam_report
set acl_m2 = $spam_score_int
warn condition = ${if !eq{$acl_m2}{} {yes}{no}}
condition = ${if >{$acl_m2}{SPAM_SCORE} {yes}{no}}
add_header = X-Spam-Status: Yes
message = SpamAssassin detected spam (from $sender_address to $recipients).
.endif
accept
acl_check_mime:
deny message = Blacklisted file extension detected
condition = ${if match {${lc:$mime_filename}}{\N(\.ade|\.adp|\.bat|\.chm|\.cmd|\.com|\.cpl|\.exe|\.hta|\.ins|\.isp|\.jse|\.lib|\.lnk|\.mde|\.msc|\.msp|\.mst|\.pif|\.scr|\.sct|\.shb|\.sys|\.vb|\.vbe|\.vbs|\.vxd|\.wsc|\.wsf|\.wsh)$\N}{1}{0}}
accept
######################################################################
# AUTHENTICATION CONFIGURATION #
######################################################################
begin authenticators
dovecot_plain:
driver = dovecot
public_name = PLAIN
server_socket = /var/run/dovecot/auth-client
server_set_id = $auth1
dovecot_login:
driver = dovecot
public_name = LOGIN
server_socket = /var/run/dovecot/auth-client
server_set_id = $auth1
######################################################################
# ROUTERS CONFIGURATION #
# Specifies how addresses are handled #
######################################################################
begin routers
#smarthost:
# driver = manualroute
# domains = ! +local_domains
# transport = remote_smtp
# route_list = * smartrelay.vestacp.com
# no_more
# no_verify
dnslookup:
driver = dnslookup
domains = !+local_domains
transport = remote_smtp
no_more
userforward:
driver = redirect
check_local_user
file = $home/.forward
allow_filter
no_verify
no_expn
check_ancestor
file_transport = address_file
pipe_transport = address_pipe
reply_transport = address_reply
procmail:
driver = accept
check_local_user
require_files = ${local_part}:+${home}/.procmailrc:/usr/bin/procmail
transport = procmail
no_verify
autoreplay:
driver = accept
require_files = /etc/exim/domains/$domain/autoreply.${local_part}.msg
condition = ${if exists{/etc/exim/domains/$domain/autoreply.${local_part}.msg}}{yes}{no}}
retry_use_local_part
transport = userautoreply
unseen
aliases:
driver = redirect
headers_add = X-redirected: yes
data = ${extract{1}{:}{${lookup{$local_part@$domain}lsearch{/etc/exim/domains/$domain/aliases}}}}
require_files = /etc/exim/domains/$domain/aliases
redirect_router = dnslookup
pipe_transport = address_pipe
unseen
localuser_fwd_only:
driver = accept
transport = devnull
condition = ${if exists{/etc/exim/domains/$domain/fwd_only}{${lookup{$local_part}lsearch{/etc/exim/domains/$domain/fwd_only}{true}{false}}}}
localuser_spam:
driver = accept
transport = local_spam_delivery
condition = ${if eq {${if match{$h_X-Spam-Status:}{\N^Yes\N}{yes}{no}}} {${lookup{$local_part}lsearch{/etc/exim/domains/$domain/passwd}{yes}{no_such_user}}}}
localuser:
driver = accept
transport = local_delivery
condition = ${lookup{$local_part}lsearch{/etc/exim/domains/$domain/passwd}{true}{false}}
catchall:
driver = redirect
headers_add = X-redirected: yes
require_files = /etc/exim/domains/$domain/aliases
data = ${extract{1}{:}{${lookup{*@$domain}lsearch{/etc/exim/domains/$domain/aliases}}}}
file_transport = local_delivery
redirect_router = dnslookup
terminate_alias:
driver = accept
transport = devnull
condition = ${lookup{$local_part@$domain}lsearch{/etc/exim/domains/$domain/aliases}{true}{false}}
######################################################################
# TRANSPORTS CONFIGURATION #
######################################################################
begin transports
remote_smtp:
driver = smtp
#helo_data = $sender_address_domain
dkim_domain = DKIM_DOMAIN
dkim_selector = mail
dkim_private_key = DKIM_PRIVATE_KEY
dkim_canon = relaxed
dkim_strict = 0
procmail:
driver = pipe
command = "/usr/bin/procmail -d $local_part"
return_path_add
delivery_date_add
envelope_to_add
user = $local_part
initgroups
return_output
local_delivery:
driver = appendfile
maildir_format
maildir_use_size_file
user = ${extract{2}{:}{${lookup{$local_part}lsearch{/etc/exim/domains/$domain/passwd}}}}
group = mail
create_directory
directory_mode = 770
mode = 660
use_lockfile = no
delivery_date_add
envelope_to_add
return_path_add
directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim/domains/$domain/passwd}}}}/mail/$domain/$local_part"
quota = ${extract{6}{:}{${lookup{$local_part}lsearch{/etc/exim/domains/$domain/passwd}}}}M
quota_warn_threshold = 75%
local_spam_delivery:
driver = appendfile
maildir_format
maildir_use_size_file
user = ${extract{2}{:}{${lookup{$local_part}lsearch{/etc/exim/domains/$domain/passwd}}}}
group = mail
create_directory
directory_mode = 770
mode = 660
use_lockfile = no
delivery_date_add
envelope_to_add
return_path_add
directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim/domains/$domain/passwd}}}}/mail/$domain/$local_part/.Spam"
quota = ${extract{6}{:}{${lookup{$local_part}lsearch{/etc/exim/domains/$domain/passwd}}}}M
quota_directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim/domains/$domain/passwd}}}}/mail/$domain/$local_part"
quota_warn_threshold = 75%
address_pipe:
driver = pipe
return_output
address_file:
driver = appendfile
delivery_date_add
envelope_to_add
return_path_add
address_reply:
driver = autoreply
userautoreply:
driver = autoreply
file = /etc/exim/domains/$domain/autoreply.${local_part}.msg
from = "${local_part}@${domain}"
subject = "${if def:h_Subject: {Autoreply: ${quote:${escape:$h_Subject:}}} {Autoreply Message}}"
to = "${sender_address}"
devnull:
driver = appendfile
file = /dev/null
######################################################################
# RETRY CONFIGURATION #
######################################################################
begin retry
# Address or Domain Error Retries
# ----------------- ----- -------
* * F,2h,15m; G,16h,1h,1.5; F,4d,6h
######################################################################
# REWRITE CONFIGURATION #
######################################################################
begin rewrite
######################################################################

0
install/rhel/5/exim/spam-blocks.conf Normal file
View file

BIN
install/rhel/5/fail2ban.tar.gz Normal file
View file

Binary file not shown.

10
install/rhel/5/fail2ban/fail2ban.action.conf Normal file
View file

@ -0,0 +1,10 @@
# Fail2Ban configuration file for vesta
[Definition]
actionstart = /usr/local/vesta/bin/v-add-firewall-chain <name>
actionstop = /usr/local/vesta/bin/v-delete-firewall-chain <name>
actioncheck = iptables -n -L INPUT | grep -q 'fail2ban-<name>[ \t]'
actionban = /usr/local/vesta/bin/v-add-firewall-ban <ip> <name>
actionunban = /usr/local/vesta/bin/v-delete-firewall-ban <ip> <name>

10
install/rhel/5/fail2ban/fail2ban.filter.conf Normal file
View file

@ -0,0 +1,10 @@
# Fail2Ban filter for unsuccesfull Vesta authentication attempts
#
[INCLUDES]
before = common.conf
[Definition]
failregex = .* <HOST> failed to login
ignoreregex =

39
install/rhel/5/fail2ban/fail2ban.jail.conf Normal file
View file

@ -0,0 +1,39 @@
[ssh-iptables]
enabled = true
filter = sshd
action = vesta[name=SSH]
logpath = /var/log/secure
maxretry = 5
[vsftpd-iptables]
enabled = false
filter = vsftpd
action = vesta[name=FTP]
logpath = /var/log/vsftpd.log
maxretry = 5
[exim-iptables]
enabled = true
filter = exim
action = vesta[name=MAIL]
logpath = /var/log/exim/main.log
[dovecot-iptables]
enabled = true
filter = dovecot
action = vesta[name=MAIL]
logpath = /var/log/dovecot.log
[mysqld-iptables]
enabled = false
filter = mysqld-auth
action = vesta[name=DB]
logpath = /var/log/mysqld.log
maxretry = 5
[vesta-iptables]
enabled = true
filter = vesta
action = vesta[name=VESTA]
logpath = /var/log/vesta/auth.log
maxretry = 5

BIN
install/rhel/5/firewall.tar.gz Normal file
View file

Binary file not shown.

16
install/rhel/5/firewall/ports.conf Normal file
View file

@ -0,0 +1,16 @@
PROTOCOL='TCP' PORT='20'
PROTOCOL='TCP' PORT='21'
PROTOCOL='TCP' PORT='22'
PROTOCOL='TCP' PORT='25'
PROTOCOL='UDP' PORT='53'
PROTOCOL='TCP' PORT='80'
PROTOCOL='TCP' PORT='443'
PROTOCOL='TCP' PORT='110'
PROTOCOL='UDP' PORT='123'
PROTOCOL='TCP' PORT='143'
PROTOCOL='TCP' PORT='3306'
PROTOCOL='TCP' PORT='5432'
PROTOCOL='TCP' PORT='8080'
PROTOCOL='TCP' PORT='8433'
PROTOCOL='TCP' PORT='8083'
PROTOCOL='TCP' PORT='12000:12100'

10
install/rhel/5/firewall/rules.conf Normal file
View file

@ -0,0 +1,10 @@
RULE='1' ACTION='ACCEPT' PROTOCOL='ICMP' PORT='0' IP='0.0.0.0/0' COMMENT='PING' SUSPENDED='no' TIME='17:13:48' DATE='2014-09-16'
RULE='2' ACTION='ACCEPT' PROTOCOL='TCP' PORT='8083' IP='0.0.0.0/0' COMMENT='VESTA' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25'
RULE='3' ACTION='ACCEPT' PROTOCOL='TCP' PORT='3306,5432' IP='0.0.0.0/0' COMMENT='DB' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25'
RULE='4' ACTION='ACCEPT' PROTOCOL='TCP' PORT='143,993' IP='0.0.0.0/0' COMMENT='IMAP' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25'
RULE='5' ACTION='ACCEPT' PROTOCOL='TCP' PORT='110,995' IP='0.0.0.0/0' COMMENT='POP3' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25'
RULE='6' ACTION='ACCEPT' PROTOCOL='TCP' PORT='25,465,587,2525' IP='0.0.0.0/0' COMMENT='SMTP' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25'
RULE='7' ACTION='ACCEPT' PROTOCOL='UDP' PORT='53' IP='0.0.0.0/0' COMMENT='DNS' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25'
RULE='8' ACTION='ACCEPT' PROTOCOL='TCP' PORT='21,12000-12100' IP='0.0.0.0/0' COMMENT='FTP' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25'
RULE='9' ACTION='ACCEPT' PROTOCOL='TCP' PORT='80,443' IP='0.0.0.0/0' COMMENT='WEB' SUSPENDED='no' TIME='17:04:27' DATE='2014-09-24'
RULE='10' ACTION='ACCEPT' PROTOCOL='TCP' PORT='22' IP='0.0.0.0/0' COMMENT='SSH' SUSPENDED='no' TIME='17:14:41' DATE='2014-09-16'

256
install/rhel/5/httpd/httpd.conf Normal file
View file

@ -0,0 +1,256 @@
ServerTokens OS
ServerRoot "/etc/httpd"
PidFile run/httpd.pid
Timeout 30
KeepAlive Off
MaxKeepAliveRequests 100
KeepAliveTimeout 10
<IfModule prefork.c>
StartServers 8
MinSpareServers 5
MaxSpareServers 20
ServerLimit 256
MaxClients 200
MaxRequestsPerChild 4000
</IfModule>
<IfModule worker.c>
StartServers 2
MaxClients 200
MinSpareThreads 25
MaxSpareThreads 75
ThreadsPerChild 25
MaxRequestsPerChild 4000
</IfModule>
<IfModule itk.c>
StartServers 8
MinSpareServers 5
MaxSpareServers 20
ServerLimit 256
MaxClients 256
MaxRequestsPerChild 4000
</IfModule>
LoadModule auth_basic_module modules/mod_auth_basic.so
LoadModule auth_digest_module modules/mod_auth_digest.so
LoadModule authn_file_module modules/mod_authn_file.so
LoadModule authn_alias_module modules/mod_authn_alias.so
LoadModule authn_anon_module modules/mod_authn_anon.so
#LoadModule authn_dbm_module modules/mod_authn_dbm.so
LoadModule authn_default_module modules/mod_authn_default.so
LoadModule authz_host_module modules/mod_authz_host.so
LoadModule authz_user_module modules/mod_authz_user.so
LoadModule authz_owner_module modules/mod_authz_owner.so
LoadModule authz_groupfile_module modules/mod_authz_groupfile.so
#LoadModule authz_dbm_module modules/mod_authz_dbm.so
LoadModule authz_default_module modules/mod_authz_default.so
#LoadModule ldap_module modules/mod_ldap.so
#LoadModule authnz_ldap_module modules/mod_authnz_ldap.so
LoadModule include_module modules/mod_include.so
LoadModule log_config_module modules/mod_log_config.so
LoadModule logio_module modules/mod_logio.so
LoadModule env_module modules/mod_env.so
LoadModule ext_filter_module modules/mod_ext_filter.so
LoadModule mime_magic_module modules/mod_mime_magic.so
LoadModule expires_module modules/mod_expires.so
LoadModule deflate_module modules/mod_deflate.so
LoadModule headers_module modules/mod_headers.so
LoadModule usertrack_module modules/mod_usertrack.so
LoadModule setenvif_module modules/mod_setenvif.so
LoadModule mime_module modules/mod_mime.so
LoadModule dav_module modules/mod_dav.so
LoadModule status_module modules/mod_status.so
LoadModule autoindex_module modules/mod_autoindex.so
#LoadModule info_module modules/mod_info.so
#LoadModule dav_fs_module modules/mod_dav_fs.so
LoadModule vhost_alias_module modules/mod_vhost_alias.so
LoadModule negotiation_module modules/mod_negotiation.so
LoadModule dir_module modules/mod_dir.so
LoadModule actions_module modules/mod_actions.so
#LoadModule speling_module modules/mod_speling.so
#LoadModule userdir_module modules/mod_userdir.so
LoadModule alias_module modules/mod_alias.so
LoadModule rewrite_module modules/mod_rewrite.so
LoadModule proxy_module modules/mod_proxy.so
#LoadModule proxy_balancer_module modules/mod_proxy_balancer.so
#LoadModule proxy_ftp_module modules/mod_proxy_ftp.so
#LoadModule proxy_http_module modules/mod_proxy_http.so
#LoadModule proxy_connect_module modules/mod_proxy_connect.so
LoadModule cache_module modules/mod_cache.so
LoadModule suexec_module modules/mod_suexec.so
#LoadModule disk_cache_module modules/mod_disk_cache.so
#LoadModule file_cache_module modules/mod_file_cache.so
#LoadModule mem_cache_module modules/mod_mem_cache.so
LoadModule cgi_module modules/mod_cgi.so
LoadModule version_module modules/mod_version.so
Include conf.d/*.conf
ExtendedStatus On
User apache
Group apache
ServerAdmin root@localhost
UseCanonicalName Off
DocumentRoot "/var/www/html"
<Directory />
Options SymLinksIfOwnerMatch
AllowOverride None
</Directory>
<Directory "/var/www/html">
Options Indexes SymLinksIfOwnerMatch
AllowOverride None
Order allow,deny
Allow from all
</Directory>
<IfModule mod_userdir.c>
UserDir public_html
</IfModule>
DirectoryIndex index.php index.htm index.html
AccessFileName .htaccess
<Files ~ "^\.ht">
Order allow,deny
Deny from all
</Files>
TypesConfig /etc/mime.types
DefaultType text/plain
<IfModule mod_mime_magic.c>
MIMEMagicFile conf/magic
</IfModule>
HostnameLookups Off
ErrorLog logs/error_log
LogLevel warn
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %b" common
LogFormat "%{Referer}i -> %U" referer
LogFormat "%{User-agent}i" agent
LogFormat "%b" bytes
CustomLog logs/access_log combined
ServerSignature On
Alias /icons/ "/var/www/icons/"
<Directory "/var/www/icons">
Options Indexes MultiViews
AllowOverride None
Order allow,deny
Allow from all
</Directory>
<Directory "/var/www/html">
AllowOverride None
Order allow,deny
Allow from all
</Directory>
ScriptAlias /cgi-bin/ "/var/www/cgi-bin/"
<Directory "/var/www/cgi-bin">
AllowOverride None
Options ExecCGI
Order allow,deny
Allow from all
</Directory>
IndexOptions FancyIndexing VersionSort NameWidth=* HTMLTable
AddIconByEncoding (CMP,/icons/compressed.gif) x-compress x-gzip
AddIconByType (TXT,/icons/text.gif) text/*
AddIconByType (IMG,/icons/image2.gif) image/*
AddIconByType (SND,/icons/sound2.gif) audio/*
AddIconByType (VID,/icons/movie.gif) video/*
AddIcon /icons/binary.gif .bin .exe
AddIcon /icons/binhex.gif .hqx
AddIcon /icons/tar.gif .tar
AddIcon /icons/world2.gif .wrl .wrl.gz .vrml .vrm .iv
AddIcon /icons/compressed.gif .Z .z .tgz .gz .zip
AddIcon /icons/a.gif .ps .ai .eps
AddIcon /icons/layout.gif .html .shtml .htm .pdf
AddIcon /icons/text.gif .txt
AddIcon /icons/c.gif .c
AddIcon /icons/p.gif .pl .py
AddIcon /icons/f.gif .for
AddIcon /icons/dvi.gif .dvi
AddIcon /icons/uuencoded.gif .uu
AddIcon /icons/script.gif .conf .sh .shar .csh .ksh .tcl
AddIcon /icons/tex.gif .tex
AddIcon /icons/bomb.gif core
AddIcon /icons/back.gif ..
AddIcon /icons/hand.right.gif README
AddIcon /icons/folder.gif ^^DIRECTORY^^
AddIcon /icons/blank.gif ^^BLANKICON^^
DefaultIcon /icons/unknown.gif
ReadmeName README.html
HeaderName HEADER.html
IndexIgnore .??* *~ *# HEADER* README* RCS CVS *,v *,t
AddLanguage ca .ca
AddLanguage cs .cz .cs
AddLanguage da .dk
AddLanguage de .de
AddLanguage el .el
AddLanguage en .en
AddLanguage eo .eo
AddLanguage es .es
AddLanguage et .et
AddLanguage fr .fr
AddLanguage he .he
AddLanguage hr .hr
AddLanguage it .it
AddLanguage ja .ja
AddLanguage ko .ko
AddLanguage ltz .ltz
AddLanguage nl .nl
AddLanguage nn .nn
AddLanguage no .no
AddLanguage pl .po
AddLanguage pt .pt
AddLanguage pt-BR .pt-br
AddLanguage ru .ru
AddLanguage sv .sv
AddLanguage zh-CN .zh-cn
AddLanguage zh-TW .zh-tw
LanguagePriority en ca cs da de el eo es et fr he hr it ja ko ltz nl nn no pl pt pt-BR ru sv zh-CN zh-TW
ForceLanguagePriority Prefer Fallback
AddDefaultCharset UTF-8
AddType application/x-compress .Z
AddType application/x-gzip .gz .tgz
AddType image/x-icon .ico
AddType text/html .shtml
AddOutputFilter INCLUDES .shtml
ErrorDocument 403 /error/403.html
ErrorDocument 404 /error/404.html
ErrorDocument 500 /error/50x.html
ErrorDocument 501 /error/50x.html
ErrorDocument 502 /error/50x.html
ErrorDocument 503 /error/50x.html
ErrorDocument 506 /error/50x.html
BrowserMatch "Mozilla/2" nokeepalive
BrowserMatch "MSIE 4\.0b2;" nokeepalive downgrade-1.0 force-response-1.0
BrowserMatch "RealPlayer 4\.0" force-response-1.0
BrowserMatch "Java/1\.0" force-response-1.0
BrowserMatch "JDK/1\.0" force-response-1.0
BrowserMatch "Microsoft Data Access Internet Publishing Provider" redirect-carefully
BrowserMatch "MS FrontPage" redirect-carefully
BrowserMatch "^WebDrive" redirect-carefully
BrowserMatch "^WebDAVFS/1.[0123]" redirect-carefully
BrowserMatch "^gnome-vfs/1.0" redirect-carefully
BrowserMatch "^XML Spy" redirect-carefully
BrowserMatch "^Dreamweaver-WebDAV-SCM1" redirect-carefully

8
install/rhel/5/httpd/ruid2.conf Normal file
View file

@ -0,0 +1,8 @@
LoadModule ruid2_module modules/mod_ruid2.so
<IfModule mod_ruid2.c>
RMode config
RDefaultUidGid apache apache
RUidGid apache apache
RGroups apache
</IfModule>

12
install/rhel/5/httpd/ssl.conf Normal file
View file

@ -0,0 +1,12 @@
LoadModule ssl_module modules/mod_ssl.so
AddType application/x-x509-ca-cert .crt
AddType application/x-pkcs7-crl .crl
SSLPassPhraseDialog builtin
SSLSessionCache shmcb:/var/cache/mod_ssl/scache(512000)
SSLSessionCacheTimeout 300
SSLMutex default
SSLRandomSeed startup file:/dev/urandom 256
SSLRandomSeed connect builtin
SSLCryptoDevice builtin

7
install/rhel/5/httpd/status.conf Normal file
View file

@ -0,0 +1,7 @@
Listen 127.0.0.1:8081
<Location /server-status>
SetHandler server-status
Order deny,allow
Deny from all
Allow from 127.0.0.1
</Location>

10
install/rhel/5/logrotate/httpd Normal file
View file

@ -0,0 +1,10 @@
/var/log/httpd/*log /var/log/httpd/domains/*log {
missingok
notifempty
compress
sharedscripts
postrotate
/sbin/service httpd reload > /dev/null 2>/dev/null || true
[ ! -f /var/run/nginx.pid ] || kill -USR1 `cat /var/run/nginx.pid`
endscript
}

12
install/rhel/5/logrotate/nginx Normal file
View file

@ -0,0 +1,12 @@
/var/log/nginx/*log /var/log/nginx/domains/*log {
create 0644 nginx nginx
daily
rotate 10
missingok
notifempty
compress
sharedscripts
postrotate
[ -f /var/run/nginx.pid ] && kill -USR1 `cat /var/run/nginx.pid`
endscript
}

7
install/rhel/5/logrotate/vesta Normal file
View file

@ -0,0 +1,7 @@
/usr/local/vesta/log/*.log {
missingok
notifempty
size 30k
yearly
create 0600 root root
}

38
install/rhel/5/mariadb/my-large.cnf Normal file
View file

@ -0,0 +1,38 @@
[mysqld]
datadir=/var/lib/mysql
socket=/var/lib/mysql/mysql.sock
symbolic-links=0
skip-external-locking
key_buffer_size = 256M
max_allowed_packet = 32M
table_open_cache = 256
sort_buffer_size = 1M
read_buffer_size = 1M
read_rnd_buffer_size = 4M
myisam_sort_buffer_size = 64M
thread_cache_size = 8
query_cache_size= 16M
thread_concurrency = 8
#innodb_use_native_aio = 0
innodb_file_per_table
max_connections=200
max_user_connections=50
wait_timeout=10
interactive_timeout=50
long_query_time=5
#slow_query_log=1
#slow_query_log_file=/var/log/mysql-slow-queries.log
[mysqld_safe]
log-error=/var/log/mariadb/mariadb.log
pid-file=/var/run/mariadb/mariadb.pid
#
# include all files from the config directory
#
!includedir /etc/my.cnf.d

37
install/rhel/5/mariadb/my-medium.cnf Normal file
View file

@ -0,0 +1,37 @@
[mysqld]
datadir=/var/lib/mysql
socket=/var/lib/mysql/mysql.sock
symbolic-links=0
skip-external-locking
key_buffer_size = 16M
max_allowed_packet = 16M
table_open_cache = 64
sort_buffer_size = 512K
net_buffer_length = 8K
read_buffer_size = 256K
read_rnd_buffer_size = 512K
myisam_sort_buffer_size = 8M
#innodb_use_native_aio = 0
innodb_file_per_table
max_connections=70
max_user_connections=30
wait_timeout=10
interactive_timeout=50
long_query_time=5
#slow_query_log=1
#slow_query_log_file=/var/log/mysql-slow-queries.log
[mysqld_safe]
log-error=/var/log/mariadb/mariadb.log
pid-file=/var/run/mariadb/mariadb.pid
#
# include all files from the config directory
#
!includedir /etc/my.cnf.d

35
install/rhel/5/mariadb/my-small.cnf Normal file
View file

@ -0,0 +1,35 @@
[mysqld]
datadir=/var/lib/mysql
socket=/var/lib/mysql/mysql.sock
symbolic-links=0
skip-external-locking
key_buffer_size = 32K
max_allowed_packet = 8M
table_open_cache = 4
sort_buffer_size = 128K
read_buffer_size = 256K
read_rnd_buffer_size = 256K
net_buffer_length = 2K
thread_stack = 240K
#innodb_use_native_aio = 0
innodb_file_per_table
max_connections=50
max_user_connections=25
wait_timeout=10
interactive_timeout=50
long_query_time=5
#slow_query_log=1
#slow_query_log_file=/var/log/mysql-slow-queries.log
[mysqld_safe]
log-error=/var/log/mariadb/mariadb.log
pid-file=/var/run/mariadb/mariadb.pid
#
# include all files from the config directory
#
!includedir /etc/my.cnf.d

3
install/rhel/5/monit/clamd.conf Normal file
View file

@ -0,0 +1,3 @@
check process clamd with pidfile /var/run/clamav/clamd.pid
start program = "/etc/init.d/clamd start"
stop program = "/etc/init.d/clamd stop"

3
install/rhel/5/monit/dovecot.conf Normal file
View file

@ -0,0 +1,3 @@
check process dovecot with pidfile /var/run/dovecot/master.pid
start program = "/etc/init.d/dovecot start"
stop program = "/etc/init.d/dovecot stop"

3
install/rhel/5/monit/exim.conf Normal file
View file

@ -0,0 +1,3 @@
check process exim with pidfile /var/run/exim.pid
start program = "/etc/init.d/exim start"
stop program = "/etc/init.d/exim stop"

3
install/rhel/5/monit/httpd.conf Normal file
View file

@ -0,0 +1,3 @@
check process httpd with pidfile /var/run/httpd/httpd.pid
start program = "/etc/init.d/httpd start"
stop program = "/etc/init.d/httpd stop"

3
install/rhel/5/monit/mysql.conf Normal file
View file

@ -0,0 +1,3 @@
check process mysql with pidfile /var/run/mysqld/mysqld.pid
start program = "/etc/init.d/mysqld start"
stop program = "/etc/init.d/mysqld stop"

3
install/rhel/5/monit/nginx.conf Normal file
View file

@ -0,0 +1,3 @@
check process nginx with pidfile /var/run/nginx.pid
start program = "/etc/init.d/nginx start"
stop program = "/etc/init.d/nginx stop"

3
install/rhel/5/monit/spamassassin.conf Normal file
View file

@ -0,0 +1,3 @@
check process spamassassin with pidfile /var/run/spamd.pid
start program = "/etc/init.d/spamassassin start"
stop program = "/etc/init.d/spamassassin stop"

3
install/rhel/5/monit/sshd.conf Normal file
View file

@ -0,0 +1,3 @@
check process sshd with pidfile /var/run/sshd.pid
start program = "/etc/init.d/sshd start"
stop program = "/etc/init.d/sshd stop"

3
install/rhel/5/monit/vesta-nginx.conf Normal file
View file

@ -0,0 +1,3 @@
check process vesta-nginx with pidfile /var/run/vesta-nginx.pid
start program = "/etc/init.d/vesta start"
stop program = "/etc/init.d/vesta stop"

3
install/rhel/5/monit/vesta-php.conf Normal file
View file

@ -0,0 +1,3 @@
check process vesta-php with pidfile /var/run/vesta-php.pid
start program = "/etc/init.d/vesta start"
stop program = "/etc/init.d/vesta stop"

38
install/rhel/5/mysqld/my-large.cnf Normal file
View file

@ -0,0 +1,38 @@
[mysqld]
datadir=/var/lib/mysql
socket=/var/lib/mysql/mysql.sock
symbolic-links=0
skip-external-locking
key_buffer_size = 256M
max_allowed_packet = 32M
table_open_cache = 256
sort_buffer_size = 1M
read_buffer_size = 1M
read_rnd_buffer_size = 4M
myisam_sort_buffer_size = 64M
thread_cache_size = 8
query_cache_size= 16M
thread_concurrency = 8
#innodb_use_native_aio = 0
innodb_file_per_table
max_connections=200
max_user_connections=50
wait_timeout=10
interactive_timeout=50
long_query_time=5
#slow_query_log=1
#slow_query_log_file=/var/log/mysql-slow-queries.log
[mysqld_safe]
log-error=/var/log/mysqld.log
pid-file=/var/run/mysqld/mysqld.pid
#
# include all files from the config directory
#
!includedir /etc/my.cnf.d

37
install/rhel/5/mysqld/my-medium.cnf Normal file
View file

@ -0,0 +1,37 @@
[mysqld]
datadir=/var/lib/mysql
socket=/var/lib/mysql/mysql.sock
symbolic-links=0
skip-external-locking
key_buffer_size = 16M
max_allowed_packet = 16M
table_open_cache = 64
sort_buffer_size = 512K
net_buffer_length = 8K
read_buffer_size = 256K
read_rnd_buffer_size = 512K
myisam_sort_buffer_size = 8M
#innodb_use_native_aio = 0
innodb_file_per_table
max_connections=70
max_user_connections=30
wait_timeout=10
interactive_timeout=50
long_query_time=5
#slow_query_log=1
#slow_query_log_file=/var/log/mysql-slow-queries.log
[mysqld_safe]
log-error=/var/log/mysqld.log
pid-file=/var/run/mysqld/mysqld.pid
#
# include all files from the config directory
#
!includedir /etc/my.cnf.d

35
install/rhel/5/mysqld/my-small.cnf Normal file
View file

@ -0,0 +1,35 @@
[mysqld]
datadir=/var/lib/mysql
socket=/var/lib/mysql/mysql.sock
symbolic-links=0
skip-external-locking
key_buffer_size = 32K
max_allowed_packet = 8M
table_open_cache = 4
sort_buffer_size = 128K
read_buffer_size = 256K
read_rnd_buffer_size = 256K
net_buffer_length = 2K
thread_stack = 240K
#innodb_use_native_aio = 0
innodb_file_per_table
max_connections=50
max_user_connections=25
wait_timeout=10
interactive_timeout=50
long_query_time=5
#slow_query_log=1
#slow_query_log_file=/var/log/mysql-slow-queries.log
[mysqld_safe]
log-error=/var/log/mysqld.log
pid-file=/var/run/mysqld/mysqld.pid
#
# include all files from the config directory
#
!includedir /etc/my.cnf.d

13
install/rhel/5/named/named.conf Normal file
View file

@ -0,0 +1,13 @@
options {
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
pid-file "/var/run/named/named.pid";
statistics-file "/var/named/data/named_stats.txt";
version "get lost";
allow-transfer {"none";};
recursion no;
};
include "/etc/rndc.key";

101
install/rhel/5/nginx/nginx.conf Normal file
View file

@ -0,0 +1,101 @@
# Server globals
user nginx;
worker_processes 2;
error_log /var/log/nginx/error.log;
pid /var/run/nginx.pid;
# Worker config
events {
worker_connections 1024;
use epoll;
}
http {
# Main settings
sendfile on;
tcp_nopush on;
tcp_nodelay on;
client_header_timeout 1m;
client_body_timeout 1m;
client_header_buffer_size 2k;
client_body_buffer_size 256k;
client_max_body_size 100m;
large_client_header_buffers 4 8k;
send_timeout 30;
keepalive_timeout 60 60;
reset_timedout_connection on;
server_tokens off;
server_name_in_redirect off;
server_names_hash_max_size 512;
server_names_hash_bucket_size 512;
# Log format
log_format main '$remote_addr - $remote_user [$time_local] $request '
'"$status" $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
log_format bytes '$body_bytes_sent';
#access_log /var/log/nginx/access.log main;
access_log off;
# Mime settings
include /etc/nginx/mime.types;
default_type application/octet-stream;
# Compression
gzip on;
gzip_comp_level 9;
gzip_min_length 512;
gzip_buffers 8 64k;
gzip_types text/plain text/css text/javascript
application/x-javascript;
gzip_proxied any;
# Proxy settings
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass_header Set-Cookie;
proxy_connect_timeout 90;
proxy_send_timeout 90;
proxy_read_timeout 90;
proxy_buffers 32 4k;
# SSL PCI Compliance
ssl_session_cache shared:SSL:10m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers "ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4";
# Error pages
error_page 403 /error/403.html;
error_page 404 /error/404.html;
error_page 502 503 504 /error/50x.html;
# Cache
proxy_cache_path /var/cache/nginx levels=2 keys_zone=cache:10m inactive=60m max_size=512m;
proxy_temp_path /var/cache/nginx/temp;
proxy_cache_key "$host$request_uri $cookie_user";
proxy_ignore_headers Expires Cache-Control;
proxy_cache_use_stale error timeout invalid_header http_502;
proxy_cache_valid any 3d;
map $http_cookie $no_cache {
default 0;
~SESS 1;
~wordpress_logged_in 1;
}
# Wildcard include
include /etc/nginx/conf.d/*.conf;
}

15
install/rhel/5/nginx/phpmyadmin.inc Normal file
View file

@ -0,0 +1,15 @@
location /phpmyadmin {
alias /usr/share/phpMyAdmin/;
location ~ /(libraries|setup) {
return 404;
}
location ~ ^/phpmyadmin/(.*\.php)$ {
alias /usr/share/phpMyAdmin/$1;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $request_filename;
}
}

11
install/rhel/5/nginx/phppgadmin.inc Normal file
View file

@ -0,0 +1,11 @@
location /phppgadmin {
alias /usr/share/phpPgAdmin/;
location ~ ^/phppgadmin/(.*\.php)$ {
alias /usr/share/phpPgAdmin/$1;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $request_filename;
}
}

9
install/rhel/5/nginx/status.conf Normal file
View file

@ -0,0 +1,9 @@
server {
listen 127.0.0.1:8084 default;
server_name _;
server_name_in_redirect off;
location / {
stub_status on;
access_log off;
}
}

15
install/rhel/5/nginx/webmail.inc Normal file
View file

@ -0,0 +1,15 @@
location /webmail {
alias /usr/share/roundcubemail/;
location ~ /(config|temp|logs) {
return 404;
}
location ~ ^/webmail/(.*\.php)$ {
alias /usr/share/roundcubemail/$1;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $request_filename;
}
}

BIN
install/rhel/5/packages.tar.gz Normal file
View file

Binary file not shown.

19
install/rhel/5/packages/default.pkg Normal file
View file

@ -0,0 +1,19 @@
WEB_TEMPLATE='default'
BACKEND_TEMPLATE='default'
PROXY_TEMPLATE='default'
DNS_TEMPLATE='default'
WEB_DOMAINS='100'
WEB_ALIASES='100'
DNS_DOMAINS='100'
DNS_RECORDS='100'
MAIL_DOMAINS='100'
MAIL_ACCOUNTS='100'
DATABASES='100'
CRON_JOBS='100'
DISK_QUOTA='10000'
BANDWIDTH='100000'
NS='ns1.localhost.ltd,ns2.localhost.ltd'
SHELL='nologin'
BACKUPS='3'
TIME='11:46:50'
DATE='2015-06-05'

19
install/rhel/5/packages/gainsboro.pkg Normal file
View file

@ -0,0 +1,19 @@
WEB_TEMPLATE='default'
BACKEND_TEMPLATE='default'
PROXY_TEMPLATE='default'
DNS_TEMPLATE='default'
WEB_DOMAINS='10'
WEB_ALIASES='10'
DNS_DOMAINS='10'
DNS_RECORDS='10'
MAIL_DOMAINS='10'
MAIL_ACCOUNTS='10'
DATABASES='10'
CRON_JOBS='10'
DISK_QUOTA='10000'
BANDWIDTH='10000'
NS='ns1.localhost.ltd,ns2.localhost.ltd'
SHELL='nologin'
BACKUPS='1'
TIME='11:31:30'
DATE='2015-06-05'

19
install/rhel/5/packages/palegreen.pkg Normal file
View file

@ -0,0 +1,19 @@
WEB_TEMPLATE='hosting'
BACKEND_TEMPLATE='default'
PROXY_TEMPLATE='hosting'
DNS_TEMPLATE='default'
WEB_DOMAINS='50'
WEB_ALIASES='50'
DNS_DOMAINS='50'
DNS_RECORDS='50'
MAIL_DOMAINS='50'
MAIL_ACCOUNTS='50'
DATABASES='50'
CRON_JOBS='50'
DISK_QUOTA='50000'
BANDWIDTH='50000'
NS='ns1.localhost.ltd,ns2.localhost.ltd'
SHELL='nologin'
BACKUPS='5'
TIME='07:49:47'
DATE='2015-06-05'

19
install/rhel/5/packages/slategrey.pkg Normal file
View file

@ -0,0 +1,19 @@
WEB_TEMPLATE='default'
BACKEND_TEMPLATE='default'
PROXY_TEMPLATE='default'
DNS_TEMPLATE='default'
WEB_DOMAINS='100'
WEB_ALIASES='100'
DNS_DOMAINS='100'
DNS_RECORDS='100'
MAIL_DOMAINS='100'
MAIL_ACCOUNTS='100'
DATABASES='100'
CRON_JOBS='100'
DISK_QUOTA='10000'
BANDWIDTH='100000'
NS='ns1.localhost.ltd,ns2.localhost.ltd'
SHELL='nologin'
BACKUPS='3'
TIME='12:39:13'
DATE='2015-06-05'

159
install/rhel/5/pga/config.inc.php Normal file
View file

@ -0,0 +1,159 @@
<?php
/**
* Central phpPgAdmin configuration. As a user you may modify the
* settings here for your particular configuration.
*
* $Id: config.inc.php-dist,v 1.55 2008/02/18 21:10:31 xzilla Exp $
*/
// An example server. Create as many of these as you wish,
// indexed from zero upwards.
// Display name for the server on the login screen
$conf['servers'][0]['desc'] = 'PostgreSQL';
// Hostname or IP address for server. Use '' for UNIX domain socket.
// use 'localhost' for TCP/IP connection on this computer
$conf['servers'][0]['host'] = 'localhost';
// Database port on server (5432 is the PostgreSQL default)
$conf['servers'][0]['port'] = 5432;
// Database SSL mode
// Possible options: disable, allow, prefer, require
// To require SSL on older servers use option: legacy
// To ignore the SSL mode, use option: unspecified
$conf['servers'][0]['sslmode'] = 'allow';
// Change the default database only if you cannot connect to template1.
// For a PostgreSQL 8.1+ server, you can set this to 'postgres'.
$conf['servers'][0]['defaultdb'] = 'template1';
// Specify the path to the database dump utilities for this server.
// You can set these to '' if no dumper is available.
$conf['servers'][0]['pg_dump_path'] = '/usr/bin/pg_dump';
$conf['servers'][0]['pg_dumpall_path'] = '/usr/bin/pg_dumpall';
// Slony (www.slony.info) support?
$conf['servers'][0]['slony_support'] = false;
// Specify the path to the Slony SQL scripts (where slony1_base.sql is located, etc.)
// No trailing slash.
$conf['servers'][0]['slony_sql'] = '/usr/share/pgsql';
// Example for a second server (PostgreSQL for Windows)
//$conf['servers'][1]['desc'] = 'Test Server';
//$conf['servers'][1]['host'] = '127.0.0.1';
//$conf['servers'][1]['port'] = 5432;
//$conf['servers'][1]['sslmode'] = 'allow';
//$conf['servers'][1]['defaultdb'] = 'template1';
//$conf['servers'][1]['pg_dump_path'] = 'C:\\Program Files\\PostgreSQL\\8.0\\bin\\pg_dump.exe';
//$conf['servers'][1]['pg_dumpall_path'] = 'C:\\Program Files\\PostgreSQL\\8.0\\bin\\pg_dumpall.exe';
//$conf['servers'][1]['slony_support'] = false;
//$conf['servers'][1]['slony_sql'] = 'C:\\Program Files\\PostgreSQL\\8.0\\share';
// Example of groups definition.
// Groups allow administrators to logicaly group servers together under group nodes in the left browser tree
//
// The group '0' description
//$conf['srv_groups'][0]['desc'] = 'group one';
//
// Add here servers indexes belonging to the group '0' seperated by comma
//$conf['srv_groups'][0]['servers'] = '0,1,2';
//
// A server can belong to multi groups
//$conf['srv_groups'][1]['desc'] = 'group two';
//$conf['srv_groups'][1]['servers'] = '3,1';
// Default language. E.g.: 'english', 'polish', etc. See lang/ directory
// for all possibilities. If you specify 'auto' (the default) it will use
// your browser preference.
$conf['default_lang'] = 'auto';
// AutoComplete uses AJAX interaction to list foreign key values
// on insert fields. It currently only works on single column
// foreign keys. You can choose one of the following values:
// 'default on' enables AutoComplete and turns it on by default.
// 'default off' enables AutoComplete but turns it off by default.
// 'disable' disables AutoComplete.
$conf['autocomplete'] = 'default on';
// If extra login security is true, then logins via phpPgAdmin with no
// password or certain usernames (pgsql, postgres, root, administrator)
// will be denied. Only set this false once you have read the FAQ and
// understand how to change PostgreSQL's pg_hba.conf to enable
// passworded local connections.
$conf['extra_login_security'] = true;
// Only show owned databases?
// Note: This will simply hide other databases in the list - this does
// not in any way prevent your users from seeing other database by
// other means. (e.g. Run 'SELECT * FROM pg_database' in the SQL area.)
$conf['owned_only'] = false;
// Display comments on objects? Comments are a good way of documenting
// a database, but they do take up space in the interface.
$conf['show_comments'] = true;
// Display "advanced" objects? Setting this to true will show
// aggregates, types, operators, operator classes, conversions,
// languages and casts in phpPgAdmin. These objects are rarely
// administered and can clutter the interface.
$conf['show_advanced'] = false;
// Display "system" objects?
$conf['show_system'] = false;
// Display reports feature? For this feature to work, you must
// install the reports database as explained in the INSTALL file.
$conf['show_reports'] = true;
// Database and table for reports
$conf['reports_db'] = 'phppgadmin';
$conf['reports_schema'] = 'public';
$conf['reports_table'] = 'ppa_reports';
// Only show owned reports?
// Note: This does not prevent people from accessing other reports by
// other means.
$conf['owned_reports_only'] = false;
// Minimum length users can set their password to.
$conf['min_password_length'] = 1;
// Width of the left frame in pixels (object browser)
$conf['left_width'] = 200;
// Which look & feel theme to use
$conf['theme'] = 'default';
// Show OIDs when browsing tables?
$conf['show_oids'] = false;
// Max rows to show on a page when browsing record sets
$conf['max_rows'] = 30;
// Max chars of each field to display by default in browse mode
$conf['max_chars'] = 50;
// Send XHTML strict headers?
$conf['use_xhtml_strict'] = false;
// Base URL for PostgreSQL documentation.
// '%s', if present, will be replaced with the PostgreSQL version
// (e.g. 8.4 )
$conf['help_base'] = 'http://www.postgresql.org/docs/%s/interactive/';
// Configuration for ajax scripts
// Time in seconds. If set to 0, refreshing data using ajax will be disabled (locks and activity pages)
$conf['ajax_refresh'] = 3;
/*****************************************
* Don't modify anything below this line *
*****************************************/
$conf['version'] = 19;
?>

14
install/rhel/5/pga/phpPgAdmin.conf Normal file
View file

@ -0,0 +1,14 @@
#
# This configuration file maps the phpPgAdmin directory into the URL space.
# By default this application is only accessible from the local host.
#
Alias /phpPgAdmin /usr/share/phpPgAdmin
Alias /phppgadmin /usr/share/phpPgAdmin
<Location /phpPgAdmin>
Order deny,allow
Deny from all
Allow from 127.0.0.1
Allow from all
</Location>

10
install/rhel/5/php-fpm/www.conf Normal file
View file

@ -0,0 +1,10 @@
[www]
listen = 127.0.0.1:9000
listen.allowed_clients = 127.0.0.1
user = apache
group = apache
pm = dynamic
pm.max_children = 50
pm.start_servers = 5
pm.min_spare_servers = 3
pm.max_spare_servers = 35

143
install/rhel/5/pma/config.inc.conf Normal file
View file

@ -0,0 +1,143 @@
<?php
/* vim: set expandtab sw=4 ts=4 sts=4: */
/**
* phpMyAdmin sample configuration, you can use it as base for
* manual configuration. For easier setup you can use setup/
*
* All directives are explained in Documentation.html and on phpMyAdmin
* wiki <http://wiki.phpmyadmin.net>.
*
* @package phpMyAdmin
*/
/*
* This is needed for cookie based authentication to encrypt password in
* cookie
*/
$cfg['blowfish_secret'] = '%blowfish_secret%'; /* YOU MUST FILL IN THIS FOR COOKIE AUTH! */
/*
* Servers configuration
*/
$i = 0;
/*
* First server
*/
$i++;
/* Authentication type */
$cfg['Servers'][$i]['auth_type'] = 'cookie';
/* Server parameters */
$cfg['Servers'][$i]['host'] = 'localhost';
$cfg['Servers'][$i]['connect_type'] = 'tcp';
$cfg['Servers'][$i]['compress'] = false;
/* Select mysqli if your server has it */
$cfg['Servers'][$i]['extension'] = 'mysql';
$cfg['Servers'][$i]['AllowNoPassword'] = false;
/*
* phpMyAdmin configuration storage settings.
*/
/* User used to manipulate with storage */
// $cfg['Servers'][$i]['controluser'] = 'pma';
// $cfg['Servers'][$i]['controlpass'] = 'pmapass';
/* Storage database and tables */
// $cfg['Servers'][$i]['pmadb'] = 'phpmyadmin';
// $cfg['Servers'][$i]['bookmarktable'] = 'pma_bookmark';
// $cfg['Servers'][$i]['relation'] = 'pma_relation';
// $cfg['Servers'][$i]['table_info'] = 'pma_table_info';
// $cfg['Servers'][$i]['table_coords'] = 'pma_table_coords';
// $cfg['Servers'][$i]['pdf_pages'] = 'pma_pdf_pages';
// $cfg['Servers'][$i]['column_info'] = 'pma_column_info';
// $cfg['Servers'][$i]['history'] = 'pma_history';
// $cfg['Servers'][$i]['tracking'] = 'pma_tracking';
// $cfg['Servers'][$i]['designer_coords'] = 'pma_designer_coords';
// $cfg['Servers'][$i]['userconfig'] = 'pma_userconfig';
/* Contrib / Swekey authentication */
// $cfg['Servers'][$i]['auth_swekey_config'] = '/etc/swekey-pma.conf';
/*
* End of servers configuration
*/
/*
* Directories for saving/loading files from server
*/
$cfg['UploadDir'] = '';
$cfg['SaveDir'] = '';
/**
* Defines whether a user should be displayed a "show all (records)"
* button in browse mode or not.
* default = false
*/
//$cfg['ShowAll'] = true;
/**
* Number of rows displayed when browsing a result set. If the result
* set contains more rows, "Previous" and "Next".
* default = 30
*/
//$cfg['MaxRows'] = 50;
/**
* Use graphically less intense menu tabs
* default = false
*/
//$cfg['LightTabs'] = true;
/**
* disallow editing of binary fields
* valid values are:
* false allow editing
* 'blob' allow editing except for BLOB fields
* 'all' disallow editing
* default = blob
*/
//$cfg['ProtectBinary'] = 'false';
/**
* Default language to use, if not browser-defined or user-defined
* (you find all languages in the locale folder)
* uncomment the desired line:
* default = 'en'
*/
//$cfg['DefaultLang'] = 'en';
//$cfg['DefaultLang'] = 'de';
/**
* default display direction (horizontal|vertical|horizontalflipped)
*/
//$cfg['DefaultDisplay'] = 'vertical';
/**
* How many columns should be used for table display of a database?
* (a value larger than 1 results in some information being hidden)
* default = 1
*/
//$cfg['PropertiesNumColumns'] = 2;
/**
* Set to true if you want DB-based query history.If false, this utilizes
* JS-routines to display query history (lost by window close)
*
* This requires configuration storage enabled, see above.
* default = false
*/
//$cfg['QueryHistoryDB'] = true;
/**
* When using DB-based query history, how many entries should be kept?
*
* default = 25
*/
//$cfg['QueryHistoryMax'] = 100;
/*
* You can find more configuration options in Documentation.html
* or here: http://wiki.phpmyadmin.net/pma/Config
*/
?>

39
install/rhel/5/pma/phpMyAdmin.conf Normal file
View file

@ -0,0 +1,39 @@
# phpMyAdmin - Web based MySQL browser written in php
#
# Allows only localhost by default
#
# But allowing phpMyAdmin to anyone other than localhost should be considered
# dangerous unless properly secured by SSL
Alias /phpMyAdmin /usr/share/phpMyAdmin
Alias /phpmyadmin /usr/share/phpMyAdmin
<Directory /usr/share/phpMyAdmin/>
Order Deny,Allow
Deny from All
Allow from All
</Directory>
<Directory /usr/share/phpMyAdmin/scripts/>
Order Deny,Allow
Deny from All
Allow from All
</Directory>
# This directory does not require access over HTTP - taken from the original
# phpMyAdmin upstream tarball
#
<Directory /usr/share/phpMyAdmin/libraries/>
Order Deny,Allow
Deny from All
Allow from None
</Directory>
# This configuration prevents mod_security at phpMyAdmin directories from
# filtering SQL etc. This may break your mod_security implementation.
#
#<IfModule mod_security.c>
# <Directory /usr/share/phpMyAdmin/>
# SecRuleInheritance Off
# </Directory>
#</IfModule>

11
install/rhel/5/postgresql/pg_hba.conf Normal file
View file

@ -0,0 +1,11 @@
# "local" is for Unix domain socket connections only
local all all md5
# IPv4 local connections:
host all all 127.0.0.1/32 md5
# IPv6 local connections:
host all all ::1/128 md5
# Others
host all all 0.0.0.0/0 md5

27
install/rhel/5/proftpd/proftpd.conf Normal file
View file

@ -0,0 +1,27 @@
ServerName "FTP"
ServerIdent on "FTP Server ready."
ServerAdmin root@localhost
DefaultServer on
VRootEngine on
DefaultRoot ~ !adm
AuthPAMConfig proftpd
AuthOrder mod_auth_pam.c* mod_auth_unix.c
UseReverseDNS off
User nobody
Group nobody
MaxInstances 20
UseSendfile off
LogFormat default "%h %l %u %t \"%r\" %s %b"
LogFormat auth "%v [%P] %h %t \"%r\" %s"
ListOptions -a
RequireValidShell off
PassivePorts 12000 12100
<Global>
Umask 002
IdentLookups off
AllowOverwrite yes
<Limit ALL SITE_CHMOD>
AllowAll
</Limit>
</Global>

BIN
install/rhel/5/remi-release.rpm Normal file
View file

Binary file not shown.

33
install/rhel/5/roundcube/config.inc.php Normal file
View file

@ -0,0 +1,33 @@
<?php
// Password Plugin options
// -----------------------
// A driver to use for password change. Default: "sql".
// See README file for list of supported driver names.
$rcmail_config['password_driver'] = 'vesta';
// Require the new password to be a certain length.
// set to blank to allow passwords of any length
$rcmail_config['password_minimum_length'] = 6;
// Require the new password to contain a letter and punctuation character
// Change to false to remove this check.
$rcmail_config['password_require_nonalpha'] = false;
// Enables logging of password changes into logs/password
$rcmail_config['password_log'] = false;
// Comma-separated list of login exceptions for which password change
// will be not available (no Password tab in Settings)
$rcmail_config['password_login_exceptions'] = null;
// By default domains in variables are using unicode.
// Enable this option to use punycoded names
$rcmail_config['password_idn_ascii'] = false;
// Vesta Driver options
// -----------------------
// Control Panel host
$rcmail_config['password_vesta_host'] = 'localhost';
$rcmail_config['password_vesta_port'] = '8083';

66
install/rhel/5/roundcube/db.inc.php Normal file
View file

@ -0,0 +1,66 @@
<?php
/*
+-----------------------------------------------------------------------+
| Configuration file for database access |
| |
| This file is part of the RoundCube Webmail client |
| Copyright (C) 2005-2008, RoundCube Dev. - Switzerland |
| Licensed under the GNU GPL |
| |
+-----------------------------------------------------------------------+
*/
$rcmail_config = array();
// PEAR database DSN for read/write operations
// format is db_provider://user:password@host/database
$rcmail_config['db_dsnw'] = 'mysql://roundcube:%password%@localhost/roundcube';
// postgres example: 'pgsql://roundcube:pass@localhost/roundcubemail';
// PEAR database DSN for read only operations (if empty write database will be used)
// useful for database replication
$rcmail_config['db_dsnr'] = '';
// database backend to use (only db or mdb2 are supported)
//$rcmail_config['db_backend'] = 'mdb2';
// maximum length of a query in bytes
$rcmail_config['db_max_length'] = 512000; // 500K
// use persistent db-connections
// beware this will not "always" work as expected
// see: http://www.php.net/manual/en/features.persistent-connections.php
$rcmail_config['db_persistent'] = FALSE;
// you can define specific table names used to store webmail data
$rcmail_config['db_table_users'] = 'users';
$rcmail_config['db_table_identities'] = 'identities';
$rcmail_config['db_table_contacts'] = 'contacts';
$rcmail_config['db_table_session'] = 'session';
$rcmail_config['db_table_cache'] = 'cache';
$rcmail_config['db_table_messages'] = 'messages';
// you can define specific sequence names used in PostgreSQL
$rcmail_config['db_sequence_users'] = 'user_ids';
$rcmail_config['db_sequence_identities'] = 'identity_ids';
$rcmail_config['db_sequence_contacts'] = 'contact_ids';
$rcmail_config['db_sequence_cache'] = 'cache_ids';
$rcmail_config['db_sequence_messages'] = 'message_ids';
// end db config file
?>

40
install/rhel/5/roundcube/main.inc.php Normal file
View file

@ -0,0 +1,40 @@
<?php
$config = array();
$config['db_dsnw'] = 'mysql://roundcube:%password%@localhost/roundcube';
$config['default_host'] = 'localhost';
$config['smtp_server'] = '';
$config['smtp_port'] = 25;
$config['smtp_user'] = '';
$config['smtp_pass'] = '';
$config['support_url'] = '';
$rcmail_config['log_dir'] = '/var/log/roundcubemail/';
$rcmail_config['temp_dir'] = '/tmp';
$rcmail_config['force_https'] = false;
$rcmail_config['use_https'] = false;
$rcmail_config['login_autocomplete'] = 0;
$rcmail_config['drafts_mbox'] = 'Drafts';
$rcmail_config['junk_mbox'] = 'Spam';
$rcmail_config['sent_mbox'] = 'Sent';
$rcmail_config['trash_mbox'] = 'Trash';
$rcmail_config['default_folders'] = array('INBOX', 'Drafts', 'Sent', 'Spam', 'Trash');
$rcmail_config['create_default_folders'] = true;
$rcmail_config['protect_default_folders'] = true;
$rcmail_config['enable_spellcheck'] = true;
$rcmail_config['spellcheck_dictionary'] = false;
$rcmail_config['spellcheck_engine'] = 'googie';
$rcmail_config['default_charset'] = 'UTF-8';
$rcmail_config['delete_junk'] = true;
$config['product_name'] = 'Roundcube Webmail';
$config['des_key'] = 'rcmail-!24ByteDESkey*Str';
$config['plugins'] = array(
'archive',
'zipdownload',
'password',
);
$config['skin'] = 'larry';

12
install/rhel/5/roundcube/roundcubemail.conf Normal file
View file

@ -0,0 +1,12 @@
#
# Round Cube Webmail is a browser-based multilingual IMAP client
#
Alias /roundcubemail /usr/share/roundcubemail
Alias /webmail /usr/share/roundcubemail
<Directory /usr/share/roundcubemail/>
Order Deny,Allow
Deny from all
Allow from all
</Directory>

59
install/rhel/5/roundcube/vesta.php Normal file
View file

@ -0,0 +1,59 @@
<?php
/**
* Vesta Control Panel Password Driver
*
* @version 1.0
* @author Serghey Rodin <skid@vestacp.com>
*/
class rcube_vesta_password
{
function save($curpass, $passwd)
{
$rcmail = rcmail::get_instance();
$vesta_host = $rcmail->config->get('password_vesta_host');
if (empty($vesta_host))
{
$vesta_host = 'localhost';
}
$vesta_port = $rcmail->config->get('password_vesta_port');
if (empty($vesta_port))
{
$vesta_port = '8083';
}
$postvars = array(
'email' => $_SESSION['username'],
'password' => $curpass,
'new' => $passwd
);
$postdata = http_build_query($postvars);
$send = 'POST /reset/mail/ HTTP/1.1' . PHP_EOL;
$send .= 'Host: ' . $vesta_host . PHP_EOL;
$send .= 'User-Agent: PHP Script' . PHP_EOL;
$send .= 'Content-length: ' . strlen($postdata) . PHP_EOL;
$send .= 'Content-type: application/x-www-form-urlencoded' . PHP_EOL;
$send .= 'Connection: close' . PHP_EOL;
$send .= PHP_EOL;
$send .= $postdata . PHP_EOL . PHP_EOL;
$fp = fsockopen('ssl://' . $vesta_host, $vesta_port);
fputs($fp, $send);
$result = fread($fp, 2048);
fclose($fp);
if(strpos($result, 'ok') && !strpos($result, 'error'))
{
return PASSWORD_SUCCESS;
}
else {
return PASSWORD_ERROR;
}
}
}

7
install/rhel/5/sudo/admin Normal file
View file

@ -0,0 +1,7 @@
# Created by vesta installer
Defaults env_keep="VESTA"
Defaults:admin !syslog
Defaults:admin !requiretty
admin ALL=(ALL) ALL
admin ALL=NOPASSWD:/usr/local/vesta/bin/*

BIN
install/rhel/5/templates.tar.gz Normal file
View file

Binary file not shown.

11
install/rhel/5/templates/dns/child-ns.tpl Executable file
View file

@ -0,0 +1,11 @@
ID='1' RECORD='@' TYPE='NS' PRIORITY='' VALUE='ns1.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
ID='2' RECORD='@' TYPE='NS' PRIORITY='' VALUE='ns2.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
ID='3' RECORD='@' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
ID='4' RECORD='ns1' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
ID='5' RECORD='ns2' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
ID='6' RECORD='mail' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
ID='7' RECORD='www' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
ID='8' RECORD='pop' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
ID='9' RECORD='ftp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
ID='10' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='mail.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
ID='11' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"v=spf1 a mx ip4:%ip% ?all"' SUSPENDED='no' TIME='%time%' DATE='%date%'

9
install/rhel/5/templates/dns/default.tpl Executable file
View file

@ -0,0 +1,9 @@
ID='1' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns1%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
ID='2' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns2%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
ID='3' RECORD='@' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
ID='4' RECORD='mail' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
ID='5' RECORD='www' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
ID='6' RECORD='pop' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
ID='7' RECORD='ftp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
ID='8' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='mail.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
ID='9' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"v=spf1 a mx ip4:%ip% ?all"' SUSPENDED='no' TIME='%time%' DATE='%date%'

14
install/rhel/5/templates/dns/gmail.tpl Executable file
View file

@ -0,0 +1,14 @@
ID='1' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns1%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
ID='2' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns2%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
ID='3' RECORD='@' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
ID='4' RECORD='ftp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
ID='5' RECORD='localhost' TYPE='A' PRIORITY='' VALUE='127.0.0.1' SUSPENDED='no' TIME='%time%' DATE='%date%'
ID='6' RECORD='mail' TYPE='CNAME' PRIORITY='' VALUE='ghs.google.com.' SUSPENDED='no' TIME='%time%' DATE='%date%'
ID='7' RECORD='pop' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
ID='8' RECORD='www' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
ID='9' RECORD='@' TYPE='MX' PRIORITY='1' VALUE='ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%'
ID='10' RECORD='@' TYPE='MX' PRIORITY='5' VALUE='ALT1.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%'
ID='11' RECORD='@' TYPE='MX' PRIORITY='5' VALUE='ALT2.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%'
ID='12' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='ASPMX2.GOOGLEMAIL.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%'
ID='13' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='ASPMX3.GOOGLEMAIL.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%'
ID='14' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"v=spf1 a mx ip4:%ip% ?all"' SUSPENDED='no' TIME='%time%' DATE='%date%'

133
install/rhel/5/templates/web/awstats/awstats.tpl Executable file
View file

@ -0,0 +1,133 @@
LogFile="/var/log/%web_system%/domains/%domain%.log"
LogType=W
LogFormat=1
LogSeparator=" "
SiteDomain="%domain_idn%"
HostAliases="%alias_idn%"
DirData="%home%/%user%/web/%domain%/stats"
DirCgi="/vstats"
DirIcons="/vstats/icon"
AllowToUpdateStatsFromBrowser=0
AllowFullYearView=2
EnableLockForUpdate=1
DNSStaticCacheFile="dnscache.txt"
DNSLastUpdateCacheFile="dnscachelastupdate.txt"
SkipDNSLookupFor=""
AllowAccessFromWebToAuthenticatedUsersOnly=0
AllowAccessFromWebToFollowingAuthenticatedUsers=""
AllowAccessFromWebToFollowingIPAddresses=""
CreateDirDataIfNotExists=0
BuildHistoryFormat=text
BuildReportFormat=html
SaveDatabaseFilesWithPermissionsForEveryone=0
PurgeLogFile=0
ArchiveLogRecords=0
KeepBackupOfHistoricFiles=1
DefaultFile="index.php index.html"
SkipHosts="127.0.0.1
SkipUserAgents=""
SkipFiles=""
SkipReferrersBlackList=""
OnlyHosts=""
OnlyUserAgents=""
OnlyUsers=""
OnlyFiles=""
NotPageList="css js class gif jpg jpeg png bmp ico rss xml swf"
ValidHTTPCodes="200 304"
ValidSMTPCodes="1 250"
AuthenticatedUsersNotCaseSensitive=0
URLNotCaseSensitive=0
URLWithAnchor=0
URLQuerySeparators="?;"
URLWithQuery=0
URLWithQueryWithOnlyFollowingParameters=""
URLWithQueryWithoutFollowingParameters=""
URLReferrerWithQuery=0
WarningMessages=1
ErrorMessages=""
DebugMessages=0
NbOfLinesForCorruptedLog=50
WrapperScript=""
DecodeUA=0
MiscTrackerUrl="/js/awstats_misc_tracker.js"
UseFramesWhenCGI=1
DetailedReportsOnNewWindows=1
Expires=3600
MaxRowsInHTMLOutput=1000
Lang="auto"
DirLang="./lang"
ShowMenu=1
ShowSummary=UVPHB
ShowMonthStats=UVPHB
ShowDaysOfMonthStats=VPHB
ShowDaysOfWeekStats=PHB
ShowHoursStats=PHB
ShowDomainsStats=PHB
ShowHostsStats=PHBL
ShowAuthenticatedUsers=0
ShowRobotsStats=HBL
ShowWormsStats=0
ShowEMailSenders=0
ShowEMailReceivers=0
ShowSessionsStats=1
ShowPagesStats=PBEX
ShowFileTypesStats=HB
ShowFileSizesStats=0
ShowDownloadsStats=HB
ShowOSStats=1
ShowBrowsersStats=1
ShowScreenSizeStats=0
ShowOriginStats=PH
ShowKeyphrasesStats=1
ShowKeywordsStats=1
ShowMiscStats=a
ShowHTTPErrorsStats=1
ShowSMTPErrorsStats=0
ShowClusterStats=0
AddDataArrayMonthStats=1
AddDataArrayShowDaysOfMonthStats=1
AddDataArrayShowDaysOfWeekStats=1
AddDataArrayShowHoursStats=1
IncludeInternalLinksInOriginSection=0
MaxNbOfDomain = 10
MinHitDomain = 1
MaxNbOfHostsShown = 10
MinHitHost = 1
MaxNbOfLoginShown = 10
MinHitLogin = 1
MaxNbOfRobotShown = 10
MinHitRobot = 1
MaxNbOfDownloadsShown = 10
MinHitDownloads = 1
MaxNbOfPageShown = 10
MinHitFile = 1
MaxNbOfOsShown = 10
MinHitOs = 1
MaxNbOfBrowsersShown = 10
MinHitBrowser = 1
MaxNbOfScreenSizesShown = 5
MinHitScreenSize = 1
MaxNbOfWindowSizesShown = 5
MinHitWindowSize = 1
MaxNbOfRefererShown = 10
MinHitRefer = 1
MaxNbOfKeyphrasesShown = 10
MinHitKeyphrase = 1
MaxNbOfKeywordsShown = 10
MinHitKeyword = 1
MaxNbOfEMailsShown = 20
MinHitEMail = 1
FirstDayOfWeek=0
ShowFlagLinks=""
ShowLinksOnUrl=1
UseHTTPSLinkForUrl=""
MaxLengthOfShownURL=64
HTMLHeadSection=""
HTMLEndSection=""
MetaRobot=0
Logo="awstats_logo6.png"
LogoLink="http://awstats.sourceforge.net"
BarWidth = 260
BarHeight = 90
StyleSheet=""
ExtraTrackedRowsLimit=500

10
install/rhel/5/templates/web/awstats/index.tpl Executable file
View file

@ -0,0 +1,10 @@
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<title>Awstats log analyzer </title>
</head>
<frameset rows="60,*" cols="*">
<frame src="nav.html" name="nav" scrolling="no" noresize>
<frame src="%month%/index.html" name="stats">
</frameset>
</html>

23
install/rhel/5/templates/web/awstats/nav.tpl Executable file
View file

@ -0,0 +1,23 @@
<html>
<head>
<title>Awstats navigation</title>
<script language="javascript">
function change() {
top.stats.location= document.period.select.value + '/';
}
</script>
</head>
<body>
<table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr>
<td><img src="logo.png" alt="vesta"></td>
<td><form name="period" action="" method="get">
<select name="select" ONCHANGE="change()">
%select_month%
</select>
</form>
</td>
</tr>
</table>
</body>
</html>

41
install/rhel/5/templates/web/httpd/basedir.stpl Executable file
View file

@ -0,0 +1,41 @@
<VirtualHost %ip%:%web_ssl_port%>
ServerName %domain_idn%
%alias_string%
ServerAdmin %email%
DocumentRoot %sdocroot%
ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/
Alias /vstats/ %home%/%user%/web/%domain%/stats/
Alias /error/ %home%/%user%/web/%domain%/document_errors/
#SuexecUserGroup %user% %group%
CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes
CustomLog /var/log/%web_system%/domains/%domain%.log combined
ErrorLog /var/log/%web_system%/domains/%domain%.error.log
<Directory %sdocroot%>
AllowOverride All
SSLRequireSSL
Options +Includes -Indexes +ExecCGI
php_admin_value open_basedir %docroot%
</Directory>
<Directory %home%/%user%/web/%domain%/stats>
AllowOverride All
</Directory>
SSLEngine on
SSLVerifyClient none
SSLCertificateFile %ssl_crt%
SSLCertificateKeyFile %ssl_key%
%ssl_ca_str%SSLCertificateChainFile %ssl_ca%
<IfModule mod_ruid2.c>
RMode config
RUidGid %user% %group%
RGroups apache
</IfModule>
<IfModule itk.c>
AssignUserID %user% %group%
</IfModule>
Include %home%/%user%/conf/web/s%web_system%.%domain%.conf*
</VirtualHost>

35
install/rhel/5/templates/web/httpd/basedir.tpl Executable file
View file

@ -0,0 +1,35 @@
<VirtualHost %ip%:%web_port%>
ServerName %domain_idn%
%alias_string%
ServerAdmin %email%
DocumentRoot %docroot%
ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/
Alias /vstats/ %home%/%user%/web/%domain%/stats/
Alias /error/ %home%/%user%/web/%domain%/document_errors/
#SuexecUserGroup %user% %group%
CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes
CustomLog /var/log/%web_system%/domains/%domain%.log combined
ErrorLog /var/log/%web_system%/domains/%domain%.error.log
<Directory %docroot%>
AllowOverride All
Options +Includes -Indexes +ExecCGI
php_admin_value open_basedir %docroot%
</Directory>
<Directory %home%/%user%/web/%domain%/stats>
AllowOverride All
</Directory>
<IfModule mod_ruid2.c>
RMode config
RUidGid %user% %group%
RGroups apache
</IfModule>
<IfModule itk.c>
AssignUserID %user% %group%
</IfModule>
Include %home%/%user%/conf/web/%web_system%.%domain%.conf*
</VirtualHost>

40
install/rhel/5/templates/web/httpd/default.stpl Executable file
View file

@ -0,0 +1,40 @@
<VirtualHost %ip%:%web_ssl_port%>
ServerName %domain_idn%
%alias_string%
ServerAdmin %email%
DocumentRoot %sdocroot%
ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/
Alias /vstats/ %home%/%user%/web/%domain%/stats/
Alias /error/ %home%/%user%/web/%domain%/document_errors/
#SuexecUserGroup %user% %group%
CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes
CustomLog /var/log/%web_system%/domains/%domain%.log combined
ErrorLog /var/log/%web_system%/domains/%domain%.error.log
<Directory %sdocroot%>
AllowOverride All
SSLRequireSSL
Options +Includes -Indexes +ExecCGI
</Directory>
<Directory %home%/%user%/web/%domain%/stats>
AllowOverride All
</Directory>
SSLEngine on
SSLVerifyClient none
SSLCertificateFile %ssl_crt%
SSLCertificateKeyFile %ssl_key%
%ssl_ca_str%SSLCertificateChainFile %ssl_ca%
<IfModule mod_ruid2.c>
RMode config
RUidGid %user% %group%
RGroups apache
</IfModule>
<IfModule itk.c>
AssignUserID %user% %group%
</IfModule>
Include %home%/%user%/conf/web/s%web_system%.%domain%.conf*
</VirtualHost>

34
install/rhel/5/templates/web/httpd/default.tpl Executable file
View file

@ -0,0 +1,34 @@
<VirtualHost %ip%:%web_port%>
ServerName %domain_idn%
%alias_string%
ServerAdmin %email%
DocumentRoot %docroot%
ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/
Alias /vstats/ %home%/%user%/web/%domain%/stats/
Alias /error/ %home%/%user%/web/%domain%/document_errors/
#SuexecUserGroup %user% %group%
CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes
CustomLog /var/log/%web_system%/domains/%domain%.log combined
ErrorLog /var/log/%web_system%/domains/%domain%.error.log
<Directory %docroot%>
AllowOverride All
Options +Includes -Indexes +ExecCGI
</Directory>
<Directory %home%/%user%/web/%domain%/stats>
AllowOverride All
</Directory>
<IfModule mod_ruid2.c>
RMode config
RUidGid %user% %group%
RGroups apache
</IfModule>
<IfModule itk.c>
AssignUserID %user% %group%
</IfModule>
Include %home%/%user%/conf/web/%web_system%.%domain%.conf*
</VirtualHost>

49
install/rhel/5/templates/web/httpd/hosting.stpl Executable file
View file

@ -0,0 +1,49 @@
<VirtualHost %ip%:%web_ssl_port%>
ServerName %domain_idn%
%alias_string%
ServerAdmin %email%
DocumentRoot %sdocroot%
ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/
Alias /vstats/ %home%/%user%/web/%domain%/stats/
Alias /error/ %home%/%user%/web/%domain%/document_errors/
#SuexecUserGroup %user% %group%
CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes
CustomLog /var/log/%web_system%/domains/%domain%.log combined
ErrorLog /var/log/%web_system%/domains/%domain%.error.log
<Directory %sdocroot%>
AllowOverride All
SSLRequireSSL
Options +Includes -Indexes +ExecCGI
php_admin_value upload_tmp_dir %home%/%user%/tmp
php_admin_value upload_max_filesize 10M
php_admin_value max_execution_time 20
php_admin_value post_max_size 8M
php_admin_value memory_limit 32M
php_admin_flag mysql.allow_persistent off
php_admin_flag safe_mode off
php_admin_value session.save_path %home%/%user%/tmp
php_admin_value sendmail_path '/usr/sbin/sendmail -t -i -f %email%'
</Directory>
<Directory %home%/%user%/web/%domain%/stats>
AllowOverride All
</Directory>
php_admin_value open_basedir %home%/%user%/web:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube
SSLEngine on
SSLVerifyClient none
SSLCertificateFile %ssl_crt%
SSLCertificateKeyFile %ssl_key%
%ssl_ca_str%SSLCertificateChainFile %ssl_ca%
<IfModule mod_ruid2.c>
RMode config
RUidGid %user% %group%
RGroups apache
</IfModule>
<IfModule itk.c>
AssignUserID %user% %group%
</IfModule>
Include %home%/%user%/conf/web/s%web_system%.%domain%.conf*
</VirtualHost>

43
install/rhel/5/templates/web/httpd/hosting.tpl Executable file
View file

@ -0,0 +1,43 @@
<VirtualHost %ip%:%web_port%>
ServerName %domain_idn%
%alias_string%
ServerAdmin %email%
DocumentRoot %docroot%
ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/
Alias /vstats/ %home%/%user%/web/%domain%/stats/
Alias /error/ %home%/%user%/web/%domain%/document_errors/
#SuexecUserGroup %user% %group%
CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes
CustomLog /var/log/%web_system%/domains/%domain%.log combined
ErrorLog /var/log/%web_system%/domains/%domain%.error.log
<Directory %docroot%>
AllowOverride All
Options +Includes -Indexes +ExecCGI
php_admin_value upload_tmp_dir %home%/%user%/tmp
php_admin_value upload_max_filesize 10M
php_admin_value max_execution_time 20
php_admin_value post_max_size 8M
php_admin_value memory_limit 32M
php_admin_flag mysql.allow_persistent off
php_admin_flag safe_mode off
php_admin_value session.save_path %home%/%user%/tmp
php_admin_value sendmail_path '/usr/sbin/sendmail -t -i -f %email%'
</Directory>
<Directory %home%/%user%/web/%domain%/stats>
AllowOverride All
</Directory>
php_admin_value open_basedir %home%/%user%/web:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube
<IfModule mod_ruid2.c>
RMode config
RUidGid %user% %group%
RGroups apache
</IfModule>
<IfModule itk.c>
AssignUserID %user% %group%
</IfModule>
Include %home%/%user%/conf/web/%web_system%.%domain%.conf*
</VirtualHost>

16
install/rhel/5/templates/web/httpd/phpcgi.sh Executable file
View file

@ -0,0 +1,16 @@
#!/bin/bash
# Adding php wrapper
user="$1"
domain="$2"
ip="$3"
home_dir="$4"
docroot="$5"
wrapper_script='#!/usr/bin/php-cgi -cphp5-cgi.ini'
wrapper_file="$home_dir/$user/web/$domain/cgi-bin/php"
echo "$wrapper_script" > $wrapper_file
chown $user:$user $wrapper_file
chmod -f 751 $wrapper_file
exit 0

35
install/rhel/5/templates/web/httpd/phpcgi.stpl Executable file
View file

@ -0,0 +1,35 @@
<VirtualHost %ip%:%web_ssl_port%>
ServerName %domain_idn%
%alias_string%
ServerAdmin %email%
DocumentRoot %sdocroot%
ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/
Alias /vstats/ %home%/%user%/web/%domain%/stats/
Alias /error/ %home%/%user%/web/%domain%/document_errors/
SuexecUserGroup %user% %group%
CustomLog /var/log/httpd/domains/%domain%.bytes bytes
CustomLog /var/log/httpd/domains/%domain%.log combined
ErrorLog /var/log/httpd/domains/%domain%.error.log
<Directory %sdocroot%>
SSLRequireSSL
AllowOverride All
Options +Includes -Indexes +ExecCGI
Action phpcgi-script /cgi-bin/php
<Files *.php>
SetHandler phpcgi-script
</Files>
</Directory>
<Directory %home%/%user%/web/%domain%/stats>
AllowOverride All
</Directory>
SSLEngine on
SSLVerifyClient none
SSLCertificateFile %ssl_crt%
SSLCertificateKeyFile %ssl_key%
%ssl_ca_str%SSLCertificateChainFile %ssl_ca%
Include %home%/%user%/conf/web/shttpd.%domain%.conf*
</VirtualHost>

28
install/rhel/5/templates/web/httpd/phpcgi.tpl Executable file
View file

@ -0,0 +1,28 @@
<VirtualHost %ip%:%web_port%>
ServerName %domain_idn%
%alias_string%
ServerAdmin %email%
DocumentRoot %docroot%
ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/
Alias /vstats/ %home%/%user%/web/%domain%/stats/
Alias /error/ %home%/%user%/web/%domain%/document_errors/
SuexecUserGroup %user% %group%
CustomLog /var/log/httpd/domains/%domain%.bytes bytes
CustomLog /var/log/httpd/domains/%domain%.log combined
ErrorLog /var/log/httpd/domains/%domain%.error.log
<Directory %docroot%>
AllowOverride All
Options +Includes -Indexes +ExecCGI
Action phpcgi-script /cgi-bin/php
<Files *.php>
SetHandler phpcgi-script
</Files>
</Directory>
<Directory %home%/%user%/web/%domain%/stats>
AllowOverride All
</Directory>
Include %home%/%user%/conf/web/httpd.%domain%.conf*
</VirtualHost>

22
install/rhel/5/templates/web/httpd/phpfcgid.sh Executable file
View file

@ -0,0 +1,22 @@
#!/bin/bash
# Adding php wrapper
user="$1"
domain="$2"
ip="$3"
home_dir="$4"
docroot="$5"
wrapper_script="#!/bin/sh
PHPRC=/usr/local/lib
export PHPRC
export PHP_FCGI_MAX_REQUESTS=1000
export PHP_FCGI_CHILDREN=20
exec /usr/bin/php-cgi
"
wrapper_file="$home_dir/$user/web/$domain/cgi-bin/fcgi-starter"
echo "$wrapper_script" > $wrapper_file
chown $user:$user $wrapper_file
chmod -f 751 $wrapper_file
exit 0

36
install/rhel/5/templates/web/httpd/phpfcgid.stpl Executable file
View file

@ -0,0 +1,36 @@
<VirtualHost %ip%:%web_ssl_port%>
ServerName %domain_idn%
%alias_string%
ServerAdmin %email%
DocumentRoot %sdocroot%
ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/
Alias /vstats/ %home%/%user%/web/%domain%/stats/
Alias /error/ %home%/%user%/web/%domain%/document_errors/
SuexecUserGroup %user% %group%
CustomLog /var/log/httpd/domains/%domain%.bytes bytes
CustomLog /var/log/httpd/domains/%domain%.log combined
ErrorLog /var/log/httpd/domains/%domain%.error.log
<Directory %sdocroot%>
SSLRequireSSL
AllowOverride All
Options +Includes -Indexes +ExecCGI
<Files *.php>
SetHandler fcgid-script
</Files>
FCGIWrapper %home%/%user%/web/%domain%/cgi-bin/fcgi-starter .php
</Directory>
<Directory %home%/%user%/web/%domain%/stats>
AllowOverride All
</Directory>
php_admin_value open_basedir none
SSLEngine on
SSLVerifyClient none
SSLCertificateFile %ssl_crt%
SSLCertificateKeyFile %ssl_key%
%ssl_ca_str%SSLCertificateChainFile %ssl_ca%
Include %home%/%user%/conf/web/shttpd.%domain%.conf*
</VirtualHost>

28
install/rhel/5/templates/web/httpd/phpfcgid.tpl Executable file
View file

@ -0,0 +1,28 @@
<VirtualHost %ip%:%web_port%>
ServerName %domain_idn%
%alias_string%
ServerAdmin %email%
DocumentRoot %docroot%
ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/
Alias /vstats/ %home%/%user%/web/%domain%/stats/
Alias /error/ %home%/%user%/web/%domain%/document_errors/
SuexecUserGroup %user% %group%
CustomLog /var/log/httpd/domains/%domain%.bytes bytes
CustomLog /var/log/httpd/domains/%domain%.log combined
ErrorLog /var/log/httpd/domains/%domain%.error.log
<Directory %docroot%>
AllowOverride All
Options +Includes -Indexes +ExecCGI
<Files *.php>
SetHandler fcgid-script
</Files>
FCGIWrapper %home%/%user%/web/%domain%/cgi-bin/fcgi-starter .php
</Directory>
<Directory %home%/%user%/web/%domain%/stats>
AllowOverride All
</Directory>
Include %home%/%user%/conf/web/httpd.%domain%.conf*
</VirtualHost>

12
install/rhel/5/templates/web/nginx/caching.sh Executable file
View file

@ -0,0 +1,12 @@
#!/bin/bash
user=$1
domain=$2
ip=$3
home=$4
docroot=$5
str="proxy_cache_path /var/cache/nginx/$domain levels=2"
str="$str keys_zone=$domain:10m inactive=60m max_size=512m;"
echo "$str" >> /etc/nginx/conf.d/01_caching_pool.conf

44
install/rhel/5/templates/web/nginx/caching.stpl Executable file
View file

@ -0,0 +1,44 @@
server {
listen %ip%:%proxy_ssl_port%;
server_name %domain_idn% %alias_idn%;
ssl on;
ssl_certificate %ssl_pem%;
ssl_certificate_key %ssl_key%;
error_log /var/log/%web_system%/domains/%domain%.error.log error;
location / {
proxy_pass http://%ip%:%web_port%;
proxy_cache %domain%;
proxy_cache_valid 15m;
proxy_cache_valid 404 1m;
proxy_no_cache $no_cache;
proxy_cache_bypass $no_cache;
proxy_cache_bypass $cookie_session $http_x_update;
location ~* ^.+\.(%proxy_extentions%)$ {
proxy_cache off;
root %docroot%;
access_log /var/log/%web_system%/domains/%domain%.log combined;
access_log /var/log/%web_system%/domains/%domain%.bytes bytes;
expires max;
try_files $uri @fallback;
}
}
location /error/ {
alias %home%/%user%/web/%domain%/document_errors/;
}
location @fallback {
proxy_pass http://%ip%:%web_port%;
}
location ~ /\.ht {return 404;}
location ~ /\.svn/ {return 404;}
location ~ /\.git/ {return 404;}
location ~ /\.hg/ {return 404;}
location ~ /\.bzr/ {return 404;}
include %home%/%user%/conf/web/nginx.%domain%.conf*;
}

41
install/rhel/5/templates/web/nginx/caching.tpl Executable file
View file

@ -0,0 +1,41 @@
server {
listen %ip%:%proxy_port%;
server_name %domain_idn% %alias_idn%;
error_log /var/log/%web_system%/domains/%domain%.error.log error;
location / {
proxy_pass http://%ip%:%web_port%;
proxy_cache %domain%;
proxy_cache_valid 15m;
proxy_cache_valid 404 1m;
proxy_no_cache $no_cache;
proxy_cache_bypass $no_cache;
proxy_cache_bypass $cookie_session $http_x_update;
location ~* ^.+\.(%proxy_extentions%)$ {
proxy_cache off;
root %docroot%;
access_log /var/log/%web_system%/domains/%domain%.log combined;
access_log /var/log/%web_system%/domains/%domain%.bytes bytes;
expires max;
try_files $uri @fallback;
}
}
location /error/ {
alias %home%/%user%/web/%domain%/document_errors/;
}
location @fallback {
proxy_pass http://%ip%:%web_port%;
}
location ~ /\.ht {return 404;}
location ~ /\.svn/ {return 404;}
location ~ /\.git/ {return 404;}
location ~ /\.hg/ {return 404;}
location ~ /\.bzr/ {return 404;}
include %home%/%user%/conf/web/nginx.%domain%.conf*;
}

36
install/rhel/5/templates/web/nginx/default.stpl Executable file
View file

@ -0,0 +1,36 @@
server {
listen %ip%:%proxy_ssl_port%;
server_name %domain_idn% %alias_idn%;
ssl on;
ssl_certificate %ssl_pem%;
ssl_certificate_key %ssl_key%;
error_log /var/log/httpd/domains/%domain%.error.log error;
location / {
proxy_pass https://%ip%:%web_ssl_port%;
location ~* ^.+\.(%proxy_extentions%)$ {
root %sdocroot%;
access_log /var/log/httpd/domains/%domain%.log combined;
access_log /var/log/httpd/domains/%domain%.bytes bytes;
expires max;
try_files $uri @fallback;
}
}
location /error/ {
alias %home%/%user%/web/%domain%/document_errors/;
}
location @fallback {
proxy_pass https://%ip%:%web_ssl_port%;
}
location ~ /\.ht {return 404;}
location ~ /\.svn/ {return 404;}
location ~ /\.git/ {return 404;}
location ~ /\.hg/ {return 404;}
location ~ /\.bzr/ {return 404;}
include %home%/%user%/conf/web/snginx.%domain%.conf*;
}

33
install/rhel/5/templates/web/nginx/default.tpl Executable file
View file

@ -0,0 +1,33 @@
server {
listen %ip%:%proxy_port%;
server_name %domain_idn% %alias_idn%;
error_log /var/log/httpd/domains/%domain%.error.log error;
location / {
proxy_pass http://%ip%:%web_port%;
location ~* ^.+\.(%proxy_extentions%)$ {
root %docroot%;
access_log /var/log/httpd/domains/%domain%.log combined;
access_log /var/log/httpd/domains/%domain%.bytes bytes;
expires max;
try_files $uri @fallback;
}
}
location /error/ {
alias %home%/%user%/web/%domain%/document_errors/;
}
location @fallback {
proxy_pass http://%ip%:%web_port%;
}
location ~ /\.ht {return 404;}
location ~ /\.svn/ {return 404;}
location ~ /\.git/ {return 404;}
location ~ /\.hg/ {return 404;}
location ~ /\.bzr/ {return 404;}
include %home%/%user%/conf/web/nginx.%domain%.conf*;
}

11
install/rhel/5/templates/web/nginx/hosting.sh Executable file
View file

@ -0,0 +1,11 @@
#!/bin/bash
# Changing public_html permission
user="$1"
domain="$2"
ip="$3"
home_dir="$4"
docroot="$5"
chmod 755 $docroot
exit 0

38
install/rhel/5/templates/web/nginx/hosting.stpl Executable file
View file

@ -0,0 +1,38 @@
server {
listen %ip%:%proxy_ssl_port%;
server_name %domain_idn% %alias_idn%;
ssl on;
ssl_certificate %ssl_pem%;
ssl_certificate_key %ssl_key%;
error_log /var/log/httpd/domains/%domain%.error.log error;
location / {
proxy_pass https://%ip%:%web_ssl_port%;
location ~* ^.+\.(%proxy_extentions%)$ {
root %sdocroot%;
access_log /var/log/httpd/domains/%domain%.log combined;
access_log /var/log/httpd/domains/%domain%.bytes bytes;
expires max;
try_files $uri @fallback;
}
}
location /error/ {
alias %home%/%user%/web/%domain%/document_errors/;
}
location @fallback {
proxy_pass https://%ip%:%web_ssl_port%;
}
location ~ /\.ht {return 404;}
location ~ /\.svn/ {return 404;}
location ~ /\.git/ {return 404;}
location ~ /\.hg/ {return 404;}
location ~ /\.bzr/ {return 404;}
disable_symlinks if_not_owner from=%docroot%;
include %home%/%user%/conf/web/snginx.%domain%.conf*;
}

35
install/rhel/5/templates/web/nginx/hosting.tpl Executable file
View file

@ -0,0 +1,35 @@
server {
listen %ip%:%proxy_port%;
server_name %domain_idn% %alias_idn%;
error_log /var/log/httpd/domains/%domain%.error.log error;
location / {
proxy_pass http://%ip%:%web_port%;
location ~* ^.+\.(%proxy_extentions%)$ {
root %docroot%;
access_log /var/log/httpd/domains/%domain%.log combined;
access_log /var/log/httpd/domains/%domain%.bytes bytes;
expires max;
try_files $uri @fallback;
}
}
location /error/ {
alias %home%/%user%/web/%domain%/document_errors/;
}
location @fallback {
proxy_pass http://%ip%:%web_port%;
}
location ~ /\.ht {return 404;}
location ~ /\.svn/ {return 404;}
location ~ /\.git/ {return 404;}
location ~ /\.hg/ {return 404;}
location ~ /\.bzr/ {return 404;}
disable_symlinks if_not_owner from=%docroot%;
include %home%/%user%/conf/web/nginx.%domain%.conf*;
}

51
install/rhel/5/templates/web/nginx/php-fpm/cms_made_simple.stpl Normal file
View file

@ -0,0 +1,51 @@
server {
listen %ip%:%web_ssl_port%;
server_name %domain_idn% %alias_idn%;
root %docroot%;
index index.php index.html index.htm;
access_log /var/log/nginx/domains/%domain%.log combined;
access_log /var/log/nginx/domains/%domain%.bytes bytes;
error_log /var/log/nginx/domains/%domain%.error.log error;
ssl on;
ssl_certificate %ssl_pem%;
ssl_certificate_key %ssl_key%;
location / {
try_files $uri $uri/ /index.php?page=$request_uri;
location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
expires max;
}
location ~ [^/]\.php(/|$) {
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
if (!-f $document_root$fastcgi_script_name) {
return 404;
}
fastcgi_pass %backend_lsnr%;
fastcgi_index index.php;
include /etc/nginx/fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
}
}
error_page 403 /error/404.html;
error_page 404 /error/404.html;
error_page 500 502 503 504 /error/50x.html;
location /error/ {
alias %home%/%user%/web/%domain%/document_errors/;
}
location ~* "/\.(htaccess|htpasswd)$" {
deny all;
return 404;
}
include /etc/nginx/conf.d/phpmyadmin.inc*;
include /etc/nginx/conf.d/phppgadmin.inc*;
include /etc/nginx/conf.d/webmail.inc*;
include %home%/%user%/conf/web/nginx.%domain%.conf*;
}

47
install/rhel/5/templates/web/nginx/php-fpm/cms_made_simple.tpl Normal file
View file

@ -0,0 +1,47 @@
server {
listen %ip%:%web_port%;
server_name %domain_idn% %alias_idn%;
root %docroot%;
index index.php index.html index.htm;
access_log /var/log/nginx/domains/%domain%.log combined;
access_log /var/log/nginx/domains/%domain%.bytes bytes;
error_log /var/log/nginx/domains/%domain%.error.log error;
location / {
try_files $uri $uri/ /index.php?page=$request_uri;
location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
expires max;
}
location ~ [^/]\.php(/|$) {
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
if (!-f $document_root$fastcgi_script_name) {
return 404;
}
fastcgi_pass %backend_lsnr%;
fastcgi_index index.php;
include /etc/nginx/fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
}
}
error_page 403 /error/404.html;
error_page 404 /error/404.html;
error_page 500 502 503 504 /error/50x.html;
location /error/ {
alias %home%/%user%/web/%domain%/document_errors/;
}
location ~* "/\.(htaccess|htpasswd)$" {
deny all;
return 404;
}
include /etc/nginx/conf.d/phpmyadmin.inc*;
include /etc/nginx/conf.d/phppgadmin.inc*;
include /etc/nginx/conf.d/webmail.inc*;
include %home%/%user%/conf/web/nginx.%domain%.conf*;
}

56
install/rhel/5/templates/web/nginx/php-fpm/codeigniter2.stpl Normal file
View file

@ -0,0 +1,56 @@
server {
listen %ip%:%web_ssl_port%;
server_name %domain_idn% %alias_idn%;
root %docroot%;
index index.php index.html index.htm;
access_log /var/log/nginx/domains/%domain%.log combined;
access_log /var/log/nginx/domains/%domain%.bytes bytes;
error_log /var/log/nginx/domains/%domain%.error.log error;
ssl on;
ssl_certificate %ssl_pem%;
ssl_certificate_key %ssl_key%;
location / {
try_files $uri $uri/ /index.php;
location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
expires max;
}
location = /index.php {
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
if (!-f $document_root$fastcgi_script_name) {
return 404;
}
fastcgi_pass %backend_lsnr%;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /var/www/html/ci$fastcgi_script_name;
include /etc/nginx/fastcgi_params;
}
}
location ~ \.php$ {
return 444;
}
error_page 403 /error/404.html;
error_page 404 /error/404.html;
error_page 500 502 503 504 /error/50x.html;
location /error/ {
alias %home%/%user%/web/%domain%/document_errors/;
}
location ~* "/\.(htaccess|htpasswd)$" {
deny all;
return 404;
}
include /etc/nginx/conf.d/phpmyadmin.inc*;
include /etc/nginx/conf.d/phppgadmin.inc*;
include /etc/nginx/conf.d/webmail.inc*;
include %home%/%user%/conf/web/nginx.%domain%.conf*;
}

52
install/rhel/5/templates/web/nginx/php-fpm/codeigniter2.tpl Normal file
View file

@ -0,0 +1,52 @@
server {
listen %ip%:%web_port%;
server_name %domain_idn% %alias_idn%;
root %docroot%;
index index.php index.html index.htm;
access_log /var/log/nginx/domains/%domain%.log combined;
access_log /var/log/nginx/domains/%domain%.bytes bytes;
error_log /var/log/nginx/domains/%domain%.error.log error;
location / {
try_files $uri $uri/ /index.php;
location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
expires max;
}
location = /index.php {
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
if (!-f $document_root$fastcgi_script_name) {
return 404;
}
fastcgi_pass %backend_lsnr%;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /var/www/html/ci$fastcgi_script_name;
include /etc/nginx/fastcgi_params;
}
}
location ~ \.php$ {
return 444;
}
error_page 403 /error/404.html;
error_page 404 /error/404.html;
error_page 500 502 503 504 /error/50x.html;
location /error/ {
alias %home%/%user%/web/%domain%/document_errors/;
}
location ~* "/\.(htaccess|htpasswd)$" {
deny all;
return 404;
}
include /etc/nginx/conf.d/phpmyadmin.inc*;
include /etc/nginx/conf.d/phppgadmin.inc*;
include /etc/nginx/conf.d/webmail.inc*;
include %home%/%user%/conf/web/nginx.%domain%.conf*;
}

51
install/rhel/5/templates/web/nginx/php-fpm/codeigniter3.stpl Normal file
View file

@ -0,0 +1,51 @@
server {
listen %ip%:%web_ssl_port%;
server_name %domain_idn% %alias_idn%;
root %docroot%;
index index.php index.html index.htm;
access_log /var/log/nginx/domains/%domain%.log combined;
access_log /var/log/nginx/domains/%domain%.bytes bytes;
error_log /var/log/nginx/domains/%domain%.error.log error;
ssl on;
ssl_certificate %ssl_pem%;
ssl_certificate_key %ssl_key%;
location / {
try_files $uri $uri/ /index.php;
location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
expires max;
}
location ~ [^/]\.php(/|$) {
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
if (!-f $document_root$fastcgi_script_name) {
return 404;
}
fastcgi_pass %backend_lsnr%;
fastcgi_index index.php;
include /etc/nginx/fastcgi_params;
}
}
error_page 403 /error/404.html;
error_page 404 /error/404.html;
error_page 500 502 503 504 /error/50x.html;
location /error/ {
alias %home%/%user%/web/%domain%/document_errors/;
}
location ~* "/\.(htaccess|htpasswd)$" {
deny all;
return 404;
}
include /etc/nginx/conf.d/phpmyadmin.inc*;
include /etc/nginx/conf.d/phppgadmin.inc*;
include /etc/nginx/conf.d/webmail.inc*;
include %home%/%user%/conf/web/nginx.%domain%.conf*;
}

47
install/rhel/5/templates/web/nginx/php-fpm/codeigniter3.tpl Normal file
View file

@ -0,0 +1,47 @@
server {
listen %ip%:%web_port%;
server_name %domain_idn% %alias_idn%;
root %docroot%;
index index.php index.html index.htm;
access_log /var/log/nginx/domains/%domain%.log combined;
access_log /var/log/nginx/domains/%domain%.bytes bytes;
error_log /var/log/nginx/domains/%domain%.error.log error;
location / {
try_files $uri $uri/ /index.php;
location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
expires max;
}
location ~ [^/]\.php(/|$) {
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
if (!-f $document_root$fastcgi_script_name) {
return 404;
}
fastcgi_pass %backend_lsnr%;
fastcgi_index index.php;
include /etc/nginx/fastcgi_params;
}
}
error_page 403 /error/404.html;
error_page 404 /error/404.html;
error_page 500 502 503 504 /error/50x.html;
location /error/ {
alias %home%/%user%/web/%domain%/document_errors/;
}
location ~* "/\.(htaccess|htpasswd)$" {
deny all;
return 404;
}
include /etc/nginx/conf.d/phpmyadmin.inc*;
include /etc/nginx/conf.d/phppgadmin.inc*;
include /etc/nginx/conf.d/webmail.inc*;
include %home%/%user%/conf/web/nginx.%domain%.conf*;
}

122
install/rhel/5/templates/web/nginx/php-fpm/datalife_engine.stpl Normal file
View file

@ -0,0 +1,122 @@
server {
listen %ip%:%web_ssl_port%;
server_name %domain_idn% %alias_idn%;
root %docroot%;
index index.php index.html index.htm;
access_log /var/log/nginx/domains/%domain%.log combined;
access_log /var/log/nginx/domains/%domain%.bytes bytes;
error_log /var/log/nginx/domains/%domain%.error.log error;
ssl on;
ssl_certificate %ssl_pem%;
ssl_certificate_key %ssl_key%;
location / {
rewrite "^/page/([0-9]+)(/?)$" /index.php?cstart=$1 last;
rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&cstart=$5&news_name=$6&seourl=$6 last;
rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last;
rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/print:page,([0-9]+),(.*).html(/?)+$" /engine/print.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last;
rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_name=$4&seourl=$4 last;
rewrite "^/([^.]+)/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$4&news_page=$2&cstart=$3&seourl=$5&seocat=$1 last;
rewrite "^/([^.]+)/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$2&seourl=$4&seocat=$1 last;
rewrite "^/([^.]+)/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$2&newsid=$3&seourl=$4&seocat=$1 last;
rewrite "^/([^.]+)/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&seourl=$3&seocat=$1 last;
rewrite "^/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$1&cstart=$2&seourl=$4 last;
rewrite "^/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&news_page=$1&seourl=$3 last;
rewrite "^/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$1&newsid=$2&seourl=$3 last;
rewrite "^/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$1&seourl=$2 last;
rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2&day=$3 last;
rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&day=$3&cstart=$4 last;
rewrite "^/([0-9]{4})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2 last;
rewrite "^/([0-9]{4})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&cstart=$3 last;
rewrite "^/([0-9]{4})(/?)+$" /index.php?year=$1 last;
rewrite "^/([0-9]{4})/page/([0-9]+)(/?)+$" /index.php?year=$1&cstart=$2 last;
rewrite "^/tags/([^/]*)(/?)+$" /index.php?do=tags&tag=$1 last;
rewrite "^/tags/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=tags&tag=$1&cstart=$2 last;
rewrite "^/xfsearch/([^/]*)(/?)+$" /index.php?do=xfsearch&xf=$1 last;
rewrite "^/xfsearch/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=xfsearch&xf=$1&cstart=$2 last;
rewrite "^/user/([^/]*)/rss.xml$" /engine/rss.php?subaction=allnews&user=$1 last;
rewrite "^/user/([^/]*)(/?)+$" /index.php?subaction=userinfo&user=$1 last;
rewrite "^/user/([^/]*)/page/([0-9]+)(/?)+$" /index.php?subaction=userinfo&user=$1&cstart=$2 last;
rewrite "^/user/([^/]*)/news(/?)+$" /index.php?subaction=allnews&user=$1 last;
rewrite "^/user/([^/]*)/news/page/([0-9]+)(/?)+$" /index.php?subaction=allnews&user=$1&cstart=$2 last;
rewrite "^/user/([^/]*)/news/rss.xml(/?)+$" /engine/rss.php?subaction=allnews&user=$1 last;
rewrite "^/lastnews(/?)+$" /index.php?do=lastnews last;
rewrite "^/lastnews/page/([0-9]+)(/?)+$" /index.php?do=lastnews&cstart=$1 last;
rewrite "^/catalog/([^/]*)/rss.xml$" /engine/rss.php?catalog=$1 last;
rewrite "^/catalog/([^/]*)(/?)+$" /index.php?catalog=$1 last;
rewrite "^/catalog/([^/]*)/page/([0-9]+)(/?)+$" /index.php?catalog=$1&cstart=$2 last;
rewrite "^/newposts(/?)+$" /index.php?subaction=newposts last;
rewrite "^/newposts/page/([0-9]+)(/?)+$" /index.php?subaction=newposts&cstart=$1 last;
rewrite "^/favorites(/?)+$" /index.php?do=favorites last;
rewrite "^/favorites/page/([0-9]+)(/?)+$" /index.php?do=favorites&cstart=$1 last;
rewrite "^/rules.html$" /index.php?do=rules last;
rewrite "^/statistics.html$" /index.php?do=stats last;
rewrite "^/addnews.html$" /index.php?do=addnews last;
rewrite "^/rss.xml$" /engine/rss.php last;
rewrite "^/sitemap.xml$" /uploads/sitemap.xml last;
if (!-d $request_filename) {
rewrite "^/([^.]+)/page/([0-9]+)(/?)+$" /index.php?do=cat&category=$1&cstart=$2 last;
rewrite "^/([^.]+)/?$" /index.php?do=cat&category=$1 last;
}
if (!-f $request_filename) {
rewrite "^/([^.]+)/rss.xml$" /engine/rss.php?do=cat&category=$1 last;
rewrite "^/page,([0-9]+),([^/]+).html$" /index.php?do=static&page=$2&news_page=$1 last;
rewrite "^/print:([^/]+).html$" /engine/print.php?do=static&page=$1 last;
}
if (!-f $request_filename) {
rewrite "^/([^/]+).html$" /index.php?do=static&page=$1 last;
}
location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
expires max;
}
location ~ [^/]\.php(/|$) {
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
if (!-f $document_root$fastcgi_script_name) {
return 404;
}
fastcgi_pass %backend_lsnr%;
fastcgi_index index.php;
include /etc/nginx/fastcgi_params;
}
}
error_page 403 /error/404.html;
error_page 404 /error/404.html;
error_page 500 502 503 504 /error/50x.html;
location /error/ {
alias %home%/%user%/web/%domain%/document_errors/;
}
location ~* "/\.(htaccess|htpasswd)$" {
deny all;
return 404;
}
include /etc/nginx/conf.d/phpmyadmin.inc*;
include /etc/nginx/conf.d/phppgadmin.inc*;
include /etc/nginx/conf.d/webmail.inc*;
include %home%/%user%/conf/web/nginx.%domain%.conf*;
}

Some files were not shown because too many files have changed in this diff Show more