github/vesta
1
0
Fork 0
mirror of https://github.com/serghey-rodin/vesta.git synced 2025-08-20 21:34:11 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions

Remove old VestaCP code, clean slate

Browse source
This commit is contained in:
Rafael G. Martins 2025-02-21 13:33:50 +11:00
commit 074a6d847a
4492 changed files with 0 additions and 335729 deletions
Download patch file Download diff file Expand all files Collapse all files

23
ISSUE_TEMPLATE.md
View file

@ -1,23 +0,0 @@
### Operating System (OS/VERSION):
Type here, e.g. CentOS 6
### VestaCP Version:
Type here, e.g. 3.14159
### Installed Software (what you got with the installer):
Type here, e.g. php-fpm, apache, nginx, mysql
### Steps to Reproduce:
Type here, e.g. install vesta and type rm -rf / --no-preserve-root
### Related Issues/Forum Threads:
Found anything that might be related to this? It might help us find the cause.
### Other Notes:
Anything else?

674
LICENSE
View file

@ -1,674 +0,0 @@
GNU GENERAL PUBLIC LICENSE
Version 3, 29 June 2007
Copyright (C) 2007 Free Software Foundation, Inc. <http://fsf.org/>
Everyone is permitted to copy and distribute verbatim copies
of this license document, but changing it is not allowed.
Preamble
The GNU General Public License is a free, copyleft license for
software and other kinds of works.
The licenses for most software and other practical works are designed
to take away your freedom to share and change the works. By contrast,
the GNU General Public License is intended to guarantee your freedom to
share and change all versions of a program--to make sure it remains free
software for all its users. We, the Free Software Foundation, use the
GNU General Public License for most of our software; it applies also to
any other work released this way by its authors. You can apply it to
your programs, too.
When we speak of free software, we are referring to freedom, not
price. Our General Public Licenses are designed to make sure that you
have the freedom to distribute copies of free software (and charge for
them if you wish), that you receive source code or can get it if you
want it, that you can change the software or use pieces of it in new
free programs, and that you know you can do these things.
To protect your rights, we need to prevent others from denying you
these rights or asking you to surrender the rights. Therefore, you have
certain responsibilities if you distribute copies of the software, or if
you modify it: responsibilities to respect the freedom of others.
For example, if you distribute copies of such a program, whether
gratis or for a fee, you must pass on to the recipients the same
freedoms that you received. You must make sure that they, too, receive
or can get the source code. And you must show them these terms so they
know their rights.
Developers that use the GNU GPL protect your rights with two steps:
(1) assert copyright on the software, and (2) offer you this License
giving you legal permission to copy, distribute and/or modify it.
For the developers' and authors' protection, the GPL clearly explains
that there is no warranty for this free software. For both users' and
authors' sake, the GPL requires that modified versions be marked as
changed, so that their problems will not be attributed erroneously to
authors of previous versions.
Some devices are designed to deny users access to install or run
modified versions of the software inside them, although the manufacturer
can do so. This is fundamentally incompatible with the aim of
protecting users' freedom to change the software. The systematic
pattern of such abuse occurs in the area of products for individuals to
use, which is precisely where it is most unacceptable. Therefore, we
have designed this version of the GPL to prohibit the practice for those
products. If such problems arise substantially in other domains, we
stand ready to extend this provision to those domains in future versions
of the GPL, as needed to protect the freedom of users.
Finally, every program is threatened constantly by software patents.
States should not allow patents to restrict development and use of
software on general-purpose computers, but in those that do, we wish to
avoid the special danger that patents applied to a free program could
make it effectively proprietary. To prevent this, the GPL assures that
patents cannot be used to render the program non-free.
The precise terms and conditions for copying, distribution and
modification follow.
TERMS AND CONDITIONS
0. Definitions.
"This License" refers to version 3 of the GNU General Public License.
"Copyright" also means copyright-like laws that apply to other kinds of
works, such as semiconductor masks.
"The Program" refers to any copyrightable work licensed under this
License. Each licensee is addressed as "you". "Licensees" and
"recipients" may be individuals or organizations.
To "modify" a work means to copy from or adapt all or part of the work
in a fashion requiring copyright permission, other than the making of an
exact copy. The resulting work is called a "modified version" of the
earlier work or a work "based on" the earlier work.
A "covered work" means either the unmodified Program or a work based
on the Program.
To "propagate" a work means to do anything with it that, without
permission, would make you directly or secondarily liable for
infringement under applicable copyright law, except executing it on a
computer or modifying a private copy. Propagation includes copying,
distribution (with or without modification), making available to the
public, and in some countries other activities as well.
To "convey" a work means any kind of propagation that enables other
parties to make or receive copies. Mere interaction with a user through
a computer network, with no transfer of a copy, is not conveying.
An interactive user interface displays "Appropriate Legal Notices"
to the extent that it includes a convenient and prominently visible
feature that (1) displays an appropriate copyright notice, and (2)
tells the user that there is no warranty for the work (except to the
extent that warranties are provided), that licensees may convey the
work under this License, and how to view a copy of this License. If
the interface presents a list of user commands or options, such as a
menu, a prominent item in the list meets this criterion.
1. Source Code.
The "source code" for a work means the preferred form of the work
for making modifications to it. "Object code" means any non-source
form of a work.
A "Standard Interface" means an interface that either is an official
standard defined by a recognized standards body, or, in the case of
interfaces specified for a particular programming language, one that
is widely used among developers working in that language.
The "System Libraries" of an executable work include anything, other
than the work as a whole, that (a) is included in the normal form of
packaging a Major Component, but which is not part of that Major
Component, and (b) serves only to enable use of the work with that
Major Component, or to implement a Standard Interface for which an
implementation is available to the public in source code form. A
"Major Component", in this context, means a major essential component
(kernel, window system, and so on) of the specific operating system
(if any) on which the executable work runs, or a compiler used to
produce the work, or an object code interpreter used to run it.
The "Corresponding Source" for a work in object code form means all
the source code needed to generate, install, and (for an executable
work) run the object code and to modify the work, including scripts to
control those activities. However, it does not include the work's
System Libraries, or general-purpose tools or generally available free
programs which are used unmodified in performing those activities but
which are not part of the work. For example, Corresponding Source
includes interface definition files associated with source files for
the work, and the source code for shared libraries and dynamically
linked subprograms that the work is specifically designed to require,
such as by intimate data communication or control flow between those
subprograms and other parts of the work.
The Corresponding Source need not include anything that users
can regenerate automatically from other parts of the Corresponding
Source.
The Corresponding Source for a work in source code form is that
same work.
2. Basic Permissions.
All rights granted under this License are granted for the term of
copyright on the Program, and are irrevocable provided the stated
conditions are met. This License explicitly affirms your unlimited
permission to run the unmodified Program. The output from running a
covered work is covered by this License only if the output, given its
content, constitutes a covered work. This License acknowledges your
rights of fair use or other equivalent, as provided by copyright law.
You may make, run and propagate covered works that you do not
convey, without conditions so long as your license otherwise remains
in force. You may convey covered works to others for the sole purpose
of having them make modifications exclusively for you, or provide you
with facilities for running those works, provided that you comply with
the terms of this License in conveying all material for which you do
not control copyright. Those thus making or running the covered works
for you must do so exclusively on your behalf, under your direction
and control, on terms that prohibit them from making any copies of
your copyrighted material outside their relationship with you.
Conveying under any other circumstances is permitted solely under
the conditions stated below. Sublicensing is not allowed; section 10
makes it unnecessary.
3. Protecting Users' Legal Rights From Anti-Circumvention Law.
No covered work shall be deemed part of an effective technological
measure under any applicable law fulfilling obligations under article
11 of the WIPO copyright treaty adopted on 20 December 1996, or
similar laws prohibiting or restricting circumvention of such
measures.
When you convey a covered work, you waive any legal power to forbid
circumvention of technological measures to the extent such circumvention
is effected by exercising rights under this License with respect to
the covered work, and you disclaim any intention to limit operation or
modification of the work as a means of enforcing, against the work's
users, your or third parties' legal rights to forbid circumvention of
technological measures.
4. Conveying Verbatim Copies.
You may convey verbatim copies of the Program's source code as you
receive it, in any medium, provided that you conspicuously and
appropriately publish on each copy an appropriate copyright notice;
keep intact all notices stating that this License and any
non-permissive terms added in accord with section 7 apply to the code;
keep intact all notices of the absence of any warranty; and give all
recipients a copy of this License along with the Program.
You may charge any price or no price for each copy that you convey,
and you may offer support or warranty protection for a fee.
5. Conveying Modified Source Versions.
You may convey a work based on the Program, or the modifications to
produce it from the Program, in the form of source code under the
terms of section 4, provided that you also meet all of these conditions:
a) The work must carry prominent notices stating that you modified
it, and giving a relevant date.
b) The work must carry prominent notices stating that it is
released under this License and any conditions added under section
7. This requirement modifies the requirement in section 4 to
"keep intact all notices".
c) You must license the entire work, as a whole, under this
License to anyone who comes into possession of a copy. This
License will therefore apply, along with any applicable section 7
additional terms, to the whole of the work, and all its parts,
regardless of how they are packaged. This License gives no
permission to license the work in any other way, but it does not
invalidate such permission if you have separately received it.
d) If the work has interactive user interfaces, each must display
Appropriate Legal Notices; however, if the Program has interactive
interfaces that do not display Appropriate Legal Notices, your
work need not make them do so.
A compilation of a covered work with other separate and independent
works, which are not by their nature extensions of the covered work,
and which are not combined with it such as to form a larger program,
in or on a volume of a storage or distribution medium, is called an
"aggregate" if the compilation and its resulting copyright are not
used to limit the access or legal rights of the compilation's users
beyond what the individual works permit. Inclusion of a covered work
in an aggregate does not cause this License to apply to the other
parts of the aggregate.
6. Conveying Non-Source Forms.
You may convey a covered work in object code form under the terms
of sections 4 and 5, provided that you also convey the
machine-readable Corresponding Source under the terms of this License,
in one of these ways:
a) Convey the object code in, or embodied in, a physical product
(including a physical distribution medium), accompanied by the
Corresponding Source fixed on a durable physical medium
customarily used for software interchange.
b) Convey the object code in, or embodied in, a physical product
(including a physical distribution medium), accompanied by a
written offer, valid for at least three years and valid for as
long as you offer spare parts or customer support for that product
model, to give anyone who possesses the object code either (1) a
copy of the Corresponding Source for all the software in the
product that is covered by this License, on a durable physical
medium customarily used for software interchange, for a price no
more than your reasonable cost of physically performing this
conveying of source, or (2) access to copy the
Corresponding Source from a network server at no charge.
c) Convey individual copies of the object code with a copy of the
written offer to provide the Corresponding Source. This
alternative is allowed only occasionally and noncommercially, and
only if you received the object code with such an offer, in accord
with subsection 6b.
d) Convey the object code by offering access from a designated
place (gratis or for a charge), and offer equivalent access to the
Corresponding Source in the same way through the same place at no
further charge. You need not require recipients to copy the
Corresponding Source along with the object code. If the place to
copy the object code is a network server, the Corresponding Source
may be on a different server (operated by you or a third party)
that supports equivalent copying facilities, provided you maintain
clear directions next to the object code saying where to find the
Corresponding Source. Regardless of what server hosts the
Corresponding Source, you remain obligated to ensure that it is
available for as long as needed to satisfy these requirements.
e) Convey the object code using peer-to-peer transmission, provided
you inform other peers where the object code and Corresponding
Source of the work are being offered to the general public at no
charge under subsection 6d.
A separable portion of the object code, whose source code is excluded
from the Corresponding Source as a System Library, need not be
included in conveying the object code work.
A "User Product" is either (1) a "consumer product", which means any
tangible personal property which is normally used for personal, family,
or household purposes, or (2) anything designed or sold for incorporation
into a dwelling. In determining whether a product is a consumer product,
doubtful cases shall be resolved in favor of coverage. For a particular
product received by a particular user, "normally used" refers to a
typical or common use of that class of product, regardless of the status
of the particular user or of the way in which the particular user
actually uses, or expects or is expected to use, the product. A product
is a consumer product regardless of whether the product has substantial
commercial, industrial or non-consumer uses, unless such uses represent
the only significant mode of use of the product.
"Installation Information" for a User Product means any methods,
procedures, authorization keys, or other information required to install
and execute modified versions of a covered work in that User Product from
a modified version of its Corresponding Source. The information must
suffice to ensure that the continued functioning of the modified object
code is in no case prevented or interfered with solely because
modification has been made.
If you convey an object code work under this section in, or with, or
specifically for use in, a User Product, and the conveying occurs as
part of a transaction in which the right of possession and use of the
User Product is transferred to the recipient in perpetuity or for a
fixed term (regardless of how the transaction is characterized), the
Corresponding Source conveyed under this section must be accompanied
by the Installation Information. But this requirement does not apply
if neither you nor any third party retains the ability to install
modified object code on the User Product (for example, the work has
been installed in ROM).
The requirement to provide Installation Information does not include a
requirement to continue to provide support service, warranty, or updates
for a work that has been modified or installed by the recipient, or for
the User Product in which it has been modified or installed. Access to a
network may be denied when the modification itself materially and
adversely affects the operation of the network or violates the rules and
protocols for communication across the network.
Corresponding Source conveyed, and Installation Information provided,
in accord with this section must be in a format that is publicly
documented (and with an implementation available to the public in
source code form), and must require no special password or key for
unpacking, reading or copying.
7. Additional Terms.
"Additional permissions" are terms that supplement the terms of this
License by making exceptions from one or more of its conditions.
Additional permissions that are applicable to the entire Program shall
be treated as though they were included in this License, to the extent
that they are valid under applicable law. If additional permissions
apply only to part of the Program, that part may be used separately
under those permissions, but the entire Program remains governed by
this License without regard to the additional permissions.
When you convey a copy of a covered work, you may at your option
remove any additional permissions from that copy, or from any part of
it. (Additional permissions may be written to require their own
removal in certain cases when you modify the work.) You may place
additional permissions on material, added by you to a covered work,
for which you have or can give appropriate copyright permission.
Notwithstanding any other provision of this License, for material you
add to a covered work, you may (if authorized by the copyright holders of
that material) supplement the terms of this License with terms:
a) Disclaiming warranty or limiting liability differently from the
terms of sections 15 and 16 of this License; or
b) Requiring preservation of specified reasonable legal notices or
author attributions in that material or in the Appropriate Legal
Notices displayed by works containing it; or
c) Prohibiting misrepresentation of the origin of that material, or
requiring that modified versions of such material be marked in
reasonable ways as different from the original version; or
d) Limiting the use for publicity purposes of names of licensors or
authors of the material; or
e) Declining to grant rights under trademark law for use of some
trade names, trademarks, or service marks; or
f) Requiring indemnification of licensors and authors of that
material by anyone who conveys the material (or modified versions of
it) with contractual assumptions of liability to the recipient, for
any liability that these contractual assumptions directly impose on
those licensors and authors.
All other non-permissive additional terms are considered "further
restrictions" within the meaning of section 10. If the Program as you
received it, or any part of it, contains a notice stating that it is
governed by this License along with a term that is a further
restriction, you may remove that term. If a license document contains
a further restriction but permits relicensing or conveying under this
License, you may add to a covered work material governed by the terms
of that license document, provided that the further restriction does
not survive such relicensing or conveying.
If you add terms to a covered work in accord with this section, you
must place, in the relevant source files, a statement of the
additional terms that apply to those files, or a notice indicating
where to find the applicable terms.
Additional terms, permissive or non-permissive, may be stated in the
form of a separately written license, or stated as exceptions;
the above requirements apply either way.
8. Termination.
You may not propagate or modify a covered work except as expressly
provided under this License. Any attempt otherwise to propagate or
modify it is void, and will automatically terminate your rights under
this License (including any patent licenses granted under the third
paragraph of section 11).
However, if you cease all violation of this License, then your
license from a particular copyright holder is reinstated (a)
provisionally, unless and until the copyright holder explicitly and
finally terminates your license, and (b) permanently, if the copyright
holder fails to notify you of the violation by some reasonable means
prior to 60 days after the cessation.
Moreover, your license from a particular copyright holder is
reinstated permanently if the copyright holder notifies you of the
violation by some reasonable means, this is the first time you have
received notice of violation of this License (for any work) from that
copyright holder, and you cure the violation prior to 30 days after
your receipt of the notice.
Termination of your rights under this section does not terminate the
licenses of parties who have received copies or rights from you under
this License. If your rights have been terminated and not permanently
reinstated, you do not qualify to receive new licenses for the same
material under section 10.
9. Acceptance Not Required for Having Copies.
You are not required to accept this License in order to receive or
run a copy of the Program. Ancillary propagation of a covered work
occurring solely as a consequence of using peer-to-peer transmission
to receive a copy likewise does not require acceptance. However,
nothing other than this License grants you permission to propagate or
modify any covered work. These actions infringe copyright if you do
not accept this License. Therefore, by modifying or propagating a
covered work, you indicate your acceptance of this License to do so.
10. Automatic Licensing of Downstream Recipients.
Each time you convey a covered work, the recipient automatically
receives a license from the original licensors, to run, modify and
propagate that work, subject to this License. You are not responsible
for enforcing compliance by third parties with this License.
An "entity transaction" is a transaction transferring control of an
organization, or substantially all assets of one, or subdividing an
organization, or merging organizations. If propagation of a covered
work results from an entity transaction, each party to that
transaction who receives a copy of the work also receives whatever
licenses to the work the party's predecessor in interest had or could
give under the previous paragraph, plus a right to possession of the
Corresponding Source of the work from the predecessor in interest, if
the predecessor has it or can get it with reasonable efforts.
You may not impose any further restrictions on the exercise of the
rights granted or affirmed under this License. For example, you may
not impose a license fee, royalty, or other charge for exercise of
rights granted under this License, and you may not initiate litigation
(including a cross-claim or counterclaim in a lawsuit) alleging that
any patent claim is infringed by making, using, selling, offering for
sale, or importing the Program or any portion of it.
11. Patents.
A "contributor" is a copyright holder who authorizes use under this
License of the Program or a work on which the Program is based. The
work thus licensed is called the contributor's "contributor version".
A contributor's "essential patent claims" are all patent claims
owned or controlled by the contributor, whether already acquired or
hereafter acquired, that would be infringed by some manner, permitted
by this License, of making, using, or selling its contributor version,
but do not include claims that would be infringed only as a
consequence of further modification of the contributor version. For
purposes of this definition, "control" includes the right to grant
patent sublicenses in a manner consistent with the requirements of
this License.
Each contributor grants you a non-exclusive, worldwide, royalty-free
patent license under the contributor's essential patent claims, to
make, use, sell, offer for sale, import and otherwise run, modify and
propagate the contents of its contributor version.
In the following three paragraphs, a "patent license" is any express
agreement or commitment, however denominated, not to enforce a patent
(such as an express permission to practice a patent or covenant not to
sue for patent infringement). To "grant" such a patent license to a
party means to make such an agreement or commitment not to enforce a
patent against the party.
If you convey a covered work, knowingly relying on a patent license,
and the Corresponding Source of the work is not available for anyone
to copy, free of charge and under the terms of this License, through a
publicly available network server or other readily accessible means,
then you must either (1) cause the Corresponding Source to be so
available, or (2) arrange to deprive yourself of the benefit of the
patent license for this particular work, or (3) arrange, in a manner
consistent with the requirements of this License, to extend the patent
license to downstream recipients. "Knowingly relying" means you have
actual knowledge that, but for the patent license, your conveying the
covered work in a country, or your recipient's use of the covered work
in a country, would infringe one or more identifiable patents in that
country that you have reason to believe are valid.
If, pursuant to or in connection with a single transaction or
arrangement, you convey, or propagate by procuring conveyance of, a
covered work, and grant a patent license to some of the parties
receiving the covered work authorizing them to use, propagate, modify
or convey a specific copy of the covered work, then the patent license
you grant is automatically extended to all recipients of the covered
work and works based on it.
A patent license is "discriminatory" if it does not include within
the scope of its coverage, prohibits the exercise of, or is
conditioned on the non-exercise of one or more of the rights that are
specifically granted under this License. You may not convey a covered
work if you are a party to an arrangement with a third party that is
in the business of distributing software, under which you make payment
to the third party based on the extent of your activity of conveying
the work, and under which the third party grants, to any of the
parties who would receive the covered work from you, a discriminatory
patent license (a) in connection with copies of the covered work
conveyed by you (or copies made from those copies), or (b) primarily
for and in connection with specific products or compilations that
contain the covered work, unless you entered into that arrangement,
or that patent license was granted, prior to 28 March 2007.
Nothing in this License shall be construed as excluding or limiting
any implied license or other defenses to infringement that may
otherwise be available to you under applicable patent law.
12. No Surrender of Others' Freedom.
If conditions are imposed on you (whether by court order, agreement or
otherwise) that contradict the conditions of this License, they do not
excuse you from the conditions of this License. If you cannot convey a
covered work so as to satisfy simultaneously your obligations under this
License and any other pertinent obligations, then as a consequence you may
not convey it at all. For example, if you agree to terms that obligate you
to collect a royalty for further conveying from those to whom you convey
the Program, the only way you could satisfy both those terms and this
License would be to refrain entirely from conveying the Program.
13. Use with the GNU Affero General Public License.
Notwithstanding any other provision of this License, you have
permission to link or combine any covered work with a work licensed
under version 3 of the GNU Affero General Public License into a single
combined work, and to convey the resulting work. The terms of this
License will continue to apply to the part which is the covered work,
but the special requirements of the GNU Affero General Public License,
section 13, concerning interaction through a network will apply to the
combination as such.
14. Revised Versions of this License.
The Free Software Foundation may publish revised and/or new versions of
the GNU General Public License from time to time. Such new versions will
be similar in spirit to the present version, but may differ in detail to
address new problems or concerns.
Each version is given a distinguishing version number. If the
Program specifies that a certain numbered version of the GNU General
Public License "or any later version" applies to it, you have the
option of following the terms and conditions either of that numbered
version or of any later version published by the Free Software
Foundation. If the Program does not specify a version number of the
GNU General Public License, you may choose any version ever published
by the Free Software Foundation.
If the Program specifies that a proxy can decide which future
versions of the GNU General Public License can be used, that proxy's
public statement of acceptance of a version permanently authorizes you
to choose that version for the Program.
Later license versions may give you additional or different
permissions. However, no additional obligations are imposed on any
author or copyright holder as a result of your choosing to follow a
later version.
15. Disclaimer of Warranty.
THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY
APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT
HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY
OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO,
THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM
IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF
ALL NECESSARY SERVICING, REPAIR OR CORRECTION.
16. Limitation of Liability.
IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS
THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY
GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE
USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF
DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD
PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS),
EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF
SUCH DAMAGES.
17. Interpretation of Sections 15 and 16.
If the disclaimer of warranty and limitation of liability provided
above cannot be given local legal effect according to their terms,
reviewing courts shall apply local law that most closely approximates
an absolute waiver of all civil liability in connection with the
Program, unless a warranty or assumption of liability accompanies a
copy of the Program in return for a fee.
END OF TERMS AND CONDITIONS
How to Apply These Terms to Your New Programs
If you develop a new program, and you want it to be of the greatest
possible use to the public, the best way to achieve this is to make it
free software which everyone can redistribute and change under these terms.
To do so, attach the following notices to the program. It is safest
to attach them to the start of each source file to most effectively
state the exclusion of warranty; and each file should have at least
the "copyright" line and a pointer to where the full notice is found.
<one line to give the program's name and a brief idea of what it does.>
Copyright (C) <year> <name of author>
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
Also add information on how to contact you by electronic and paper mail.
If the program does terminal interaction, make it output a short
notice like this when it starts in an interactive mode:
<program> Copyright (C) <year> <name of author>
This program comes with ABSOLUTELY NO WARRANTY; for details type `show w'.
This is free software, and you are welcome to redistribute it
under certain conditions; type `show c' for details.
The hypothetical commands `show w' and `show c' should show the appropriate
parts of the General Public License. Of course, your program's commands
might be different; for a GUI interface, you would use an "about box".
You should also get your employer (if you work as a programmer) or school,
if any, to sign a "copyright disclaimer" for the program, if necessary.
For more information on this, and how to apply and follow the GNU GPL, see
<http://www.gnu.org/licenses/>.
The GNU General Public License does not permit incorporating your program
into proprietary programs. If your program is a subroutine library, you
may consider it more useful to permit linking proprietary applications with
the library. If this is what you want to do, use the GNU Lesser General
Public License instead of this License. But first, please read
<http://www.gnu.org/philosophy/why-not-lgpl.html>.

66
bin/v-acknowledge-user-notification
View file

@ -1,66 +0,0 @@
#!/bin/bash
# info: update user notification
# options: USER NOTIFICATION
#
# The function updates user notification.
#----------------------------------------------------------#
# Variable&Function #
#----------------------------------------------------------#
# Argument definition
user=$1
nid=$2
# Includes
source $VESTA/func/main.sh
source $VESTA/conf/vesta.conf
#----------------------------------------------------------#
# Verifications #
#----------------------------------------------------------#
check_args '2' "$#" 'USER NOTIFICATION'
is_format_valid 'user' 'nid'
is_object_valid 'user' 'USER' "$user"
#----------------------------------------------------------#
# Action #
#----------------------------------------------------------#
# Updating notification
update_object_value 'notifications' 'NID' "$nid" '$ACK' 'yes' 2>/dev/null
# Checking last notification
if [ -e "$USER_DATA/notifications.conf" ]; then
if [ -z "$(grep NID= $USER_DATA/notifications.conf)" ]; then
notice='no'
fi
if [ -z "$(grep "ACK='no'" $USER_DATA/notifications.conf)" ]; then
notice='no'
fi
else
notice='no'
fi
#----------------------------------------------------------#
# Vesta #
#----------------------------------------------------------#
# Updating notification counter
if [ "$notice" = 'no' ]; then
if [ -z "$(grep NOTIFICATIONS $USER_DATA/user.conf)" ]; then
sed -i "s/^TIME/NOTIFICATIONS='no'\nTIME/g" $USER_DATA/user.conf
else
update_user_value "$user" '$NOTIFICATIONS' "no"
fi
fi
# Logging
log_event "$OK" "$ARGUMENTS"
exit

67
bin/v-activate-vesta-license
View file

@ -1,67 +0,0 @@
#!/bin/bash
# info: activate vesta license
# options: MODULE LICENSE
#
# The function activates and registers the vesta license
#----------------------------------------------------------#
# Variable&Function #
#----------------------------------------------------------#
# Argument definition
module=$(echo $1 | tr '[:lower:]' '[:upper:]')
license=$2
# Importing system environment
source /etc/profile
# Includes
source $VESTA/func/main.sh
source $VESTA/conf/vesta.conf
#----------------------------------------------------------#
# Verifications #
#----------------------------------------------------------#
# Checking arg number
check_args '2' "$#" 'MODULE LICENSE'
is_user_format_valid "$license" "license"
#----------------------------------------------------------#
# Action #
#----------------------------------------------------------#
# Activating license
v_host='https://vestacp.com/checkout'
answer=$(curl -s "$v_host/activate.php?licence_key=$license&module=$module")
check_result $? "cant' connect to vestacp.com " $E_CONNECT
# Checking server answer
if [[ "$answer" != '0' ]]; then
echo "Error: $module license $license is invalid"
exit $E_INVALID
fi
#----------------------------------------------------------#
# Vesta #
#----------------------------------------------------------#
# Updating vesta.conf
if [ -z "$(grep "${module}_KEY" $VESTA/conf/vesta.conf)" ]; then
echo "${module}_KEY='$license'" >> $VESTA/conf/vesta.conf
else
sed -i "s/${module}_KEY=.*/${module}_KEY='$license'/g" $VESTA/conf/vesta.conf
fi
# Activating sftpjail
if [ "$module" = 'SFTPJAIL' ]; then
setsid $BIN/v-add-sys-sftp-jail 2>/dev/null
fi
# Logging
log_event "$OK" "$ARGUMENTS"
exit

200
bin/v-add-backup-host
View file

@ -1,200 +0,0 @@
#!/bin/bash
# info: add backup host
# options: TYPE HOST USERNAME PASSWORD [PATH] [PORT]
#
# This function adds a backup host
#----------------------------------------------------------#
# Variable&Function #
#----------------------------------------------------------#
# Argument definition
type=$1
host=$2
user=$3
password=$4; HIDE=4
path=${5-/backup}
port=$6
# Includes
source $VESTA/func/main.sh
source $VESTA/conf/vesta.conf
# Defining ftp command function
ftpc() {
ftp -p -n $host $port <<EOF
quote USER $user
quote PASS $password
binary
$1
$2
$3
quit
EOF
}
# Defining sftp command function
sftpc() {
expect -f "-" <<EOF "$@"
set count 0
spawn /usr/bin/sftp -o StrictHostKeyChecking=no -o Port=$port $user@$host
expect {
"password:" {
send "$password\r"
exp_continue
}
-re "Couldn't|(.*)disconnect|(.*)stalled|(.*)not found" {
set count \$argc
set output "Disconnected."
set rc $E_FTP
exp_continue
}
-re ".*denied.*(publickey|password)." {
set output "Permission denied, wrong publickey or password."
set rc $E_CONNECT
}
"sftp>" {
if {\$count < \$argc} {
set arg [lindex \$argv \$count]
send "\$arg\r"
incr count
} else {
send "exit\r"
set output "Disconnected."
if {[info exists rc] != 1} {
set rc $OK
}
}
exp_continue
}
timeout {
set output "Connection timeout."
set rc $E_CONNECT
}
}
if {[info exists output] == 1} {
puts "\$output"
}
exit \$rc
EOF
}
#----------------------------------------------------------#
# Verifications #
#----------------------------------------------------------#
if [ "$type" != 'local' ];then
check_args '4' "$#" "TYPE HOST USERNAME PASSWORD [PATH] [PORT]"
is_format_valid 'user' 'host' 'path' 'port'
is_password_valid
if [ "$type" = 'sftp' ]; then
which expect >/dev/null 2>&1
check_result $? "expect command not found" $E_NOTEXIST
fi
host "$host" >/dev/null 2>&1
check_result $? "host connection failed" "$E_CONNECT"
fi
#----------------------------------------------------------#
# Action #
#----------------------------------------------------------#
# Checking network connection
if [ "$type" = 'ftp' ]; then
if [ -z $port ]; then
port=21
fi
fconn=$(ftpc 2>&1)
ferror=$(echo $fconn |\
grep -i -e failed -e error -e "can't" -e "not conn" -e "incorrect")
if [ ! -z "$ferror" ]; then
echo "Error: can't login to ftp $user@$host"
log_event "$E_CONNECT" "$ARGUMENTS"
exit $E_CONNECT
fi
# Checking write permissions
if [ -z $path ]; then
ftmpdir="vst.bK76A9SUkt"
else
ftpc "mkdir $path" > /dev/null 2>&1
ftmpdir="$path/vst.bK76A9SUkt"
fi
ftp_result=$(ftpc "mkdir $ftmpdir" "rm $ftmpdir"|grep -v Trying)
if [ ! -z "$ftp_result" ] ; then
echo "$ftp_result"
rm -rf $tmpdir
echo "Error: can't create $ftmpdir folder on the ftp"
log_event "$E_FTP" "$ARGUMENTS"
exit $E_FTP
fi
fi
if [ "$type" = 'sftp' ]; then
if [ -z $port ]; then
port=22
fi
if [ -z $path ]; then
sftmpdir="vst.bK76A9SUkt"
sftpc "mkdir $sftmpdir" "rmdir $sftmpdir" > /dev/null 2>&1
else
if sftpc "mkdir $path" > /dev/null 2>&1 ; then
sftmpdir="$path/vst.bK76A9SUkt"
sftpc "mkdir $sftmpdir" "rmdir $sftmpdir" > /dev/null 2>&1
else
sftmpdir="$path/vst.bK76A9SUkt"
sftpc "mkdir $sftmpdir" "rmdir $sftmpdir" > /dev/null 2>&1
fi
fi
rc=$?
if [[ "$rc" != 0 ]]; then
case $rc in
$E_CONNECT) echo "Error: can't login to sftp $user@$host";;
$E_FTP) echo "Error: can't create temp folder on the sftp host";;
esac
log_event "$rc" "$ARGUMENTS"
exit "$rc"
fi
fi
# Adding backup host
if [ $type != 'local' ]; then
time_n_date=$(date +'%T %F')
time=$(echo "$time_n_date" |cut -f 1 -d \ )
date=$(echo "$time_n_date" |cut -f 2 -d \ )
str="HOST='$host'\nUSERNAME='$user'\nPASSWORD='$password'"
str="$str\nBPATH='$path'\nPORT='$port'\nTIME='$time'\nDATE='$date'"
echo -e "$str" > $VESTA/conf/$type.backup.conf
chmod 660 $VESTA/conf/$type.backup.conf
fi
#----------------------------------------------------------#
# Vesta #
#----------------------------------------------------------#
# Update vesta.conf
if [ -z "$(grep BACKUP_SYSTEM $VESTA/conf/vesta.conf)" ]; then
echo "BACKUP_SYSTEM='$type'" >> $VESTA/conf/vesta.conf
else
bckp=$(echo "$BACKUP_SYSTEM,$type" |\
sed "s/,/\n/g"|\
sort -r -u |\
sed "/^$/d"|\
sed ':a;N;$!ba;s/\n/,/g')
sed -i "s/BACKUP_SYSTEM=.*/BACKUP_SYSTEM='$bckp'/g" $VESTA/conf/vesta.conf
fi
# Logging
log_event "$OK" "$ARGUMENTS"
exit

87
bin/v-add-cron-job
View file

@ -1,87 +0,0 @@
#!/bin/bash
# info: add cron job
# options: USER MIN HOUR DAY MONTH WDAY COMMAND [JOB] [RESTART]
#
# The function adds a job to cron daemon. When executing commands, any output
# is mailed to user's email if parameter REPORTS is set to 'yes'.
#----------------------------------------------------------#
# Variable&Function #
#----------------------------------------------------------#
# Argument definition
user=$1
min=$2
hour=$3
day=$4
month=$5
wday=$6
command=$(echo $7 |sed "s/'/%quote%/g")
job=$8
restart=$9
# Includes
source $VESTA/func/main.sh
source $VESTA/conf/vesta.conf
HIDE=7
#----------------------------------------------------------#
# Verifications #
#----------------------------------------------------------#
check_args '7' "$#" 'USER MIN HOUR DAY MONTH WDAY COMMAND [JOB] [RESTART]'
is_format_valid 'user' 'min' 'hour' 'day' 'month' 'wday' 'command'
is_system_enabled "$CRON_SYSTEM" 'CRON_SYSTEM'
is_object_valid 'user' 'USER' "$user"
is_object_unsuspended 'user' 'USER' "$user"
is_package_full 'CRON_JOBS'
get_next_cronjob
is_format_valid 'job'
is_object_new 'cron' 'JOB' "$job"
#----------------------------------------------------------#
# Action #
#----------------------------------------------------------#
# Generating timestamp
time_n_date=$(date +'%T %F')
time=$(echo "$time_n_date" |cut -f 1 -d \ )
date=$(echo "$time_n_date" |cut -f 2 -d \ )
# Concatenating cron string
str="JOB='$job' MIN='$min' HOUR='$hour' DAY='$day' MONTH='$month' WDAY='$wday'"
str="$str CMD='$command' SUSPENDED='no' TIME='$time' DATE='$date'"
# Adding to crontab
echo "$str" >> $VESTA/data/users/$user/cron.conf
# Changing permissions
chmod 660 $VESTA/data/users/$user/cron.conf
# Sort jobs by id number
sort_cron_jobs
# Sync cronjobs with system crond
sync_cron_jobs
#----------------------------------------------------------#
# Vesta #
#----------------------------------------------------------#
# Increasing cron value
increase_user_value $user '$U_CRON_JOBS'
# Restarting crond
$BIN/v-restart-cron
check_result $? "Cron restart failed" >/dev/null
# Logging
log_history "added cron job $job"
log_event "$OK" "$ARGUMENTS"
exit

43
bin/v-add-cron-letsencrypt-job
View file

@ -1,43 +0,0 @@
#!/bin/bash
# info: add letsencrypt cronjob
# options: NONE
#
# The script for enabling letsencrypt cronjob
#----------------------------------------------------------#
# Variable&Function #
#----------------------------------------------------------#
# Includes
source $VESTA/func/main.sh
source $VESTA/conf/vesta.conf
#----------------------------------------------------------#
# Verifications #
#----------------------------------------------------------#
is_system_enabled "$CRON_SYSTEM" 'CRON_SYSTEM'
#----------------------------------------------------------#
# Action #
#----------------------------------------------------------#
# Add cron job
cmd="sudo /usr/local/vesta/bin/v-update-sys-queue letsencrypt"
check_cron=$(grep "$cmd" $VESTA/data/users/admin/cron.conf 2> /dev/null)
if [ -z "$check_cron" ] && [ ! -z "$CRON_SYSTEM" ]; then
$BIN/v-add-cron-job admin '*/5' '*' '*' '*' '*' "$cmd"
fi
#----------------------------------------------------------#
# Vesta #
#----------------------------------------------------------#
# Logging
log_event "$OK" "$ARGUMENTS"
exit

55
bin/v-add-cron-reports
View file

@ -1,55 +0,0 @@
#!/bin/bash
# info: add cron reports
# options: user
#
# The script for enabling reports on cron tasks and administrative
# notifications.
#----------------------------------------------------------#
# Variable&Function #
#----------------------------------------------------------#
# Argument definition
user=$1
# Includes
source $VESTA/func/main.sh
source $VESTA/conf/vesta.conf
#----------------------------------------------------------#
# Verifications #
#----------------------------------------------------------#
check_args '1' "$#" 'USER'
is_format_valid 'user'
is_system_enabled "$CRON_SYSTEM" 'CRON_SYSTEM'
is_object_valid 'user' 'USER' "$user"
is_object_unsuspended 'user' 'USER' "$user"
#----------------------------------------------------------#
# Action #
#----------------------------------------------------------#
# Changing user report value
update_user_value "$user" '$CRON_REPORTS' 'yes'
# Sync system cron with user
sync_cron_jobs
#----------------------------------------------------------#
# Vesta #
#----------------------------------------------------------#
# Restart crond
$BIN/v-restart-cron
check_result $? "Cron restart failed" >/dev/null
# Logging
log_history "enabled cron reporting"
log_event "$OK" "$ARGUMENTS"
exit

43
bin/v-add-cron-restart-job
View file

@ -1,43 +0,0 @@
#!/bin/bash
# info: add cron reports
# options: NONE
#
# The script for enabling restart cron tasks
#----------------------------------------------------------#
# Variable&Function #
#----------------------------------------------------------#
# Includes
source $VESTA/func/main.sh
source $VESTA/conf/vesta.conf
#----------------------------------------------------------#
# Verifications #
#----------------------------------------------------------#
is_system_enabled "$CRON_SYSTEM" 'CRON_SYSTEM'
#----------------------------------------------------------#
# Action #
#----------------------------------------------------------#
# Add cron job
cmd="sudo /usr/local/vesta/bin/v-update-sys-queue restart"
check_cron=$(grep "$cmd" $VESTA/data/users/admin/cron.conf 2> /dev/null)
if [ -z "$check_cron" ] && [ ! -z "$CRON_SYSTEM" ]; then
$BIN/v-add-cron-job admin '*' '*' '*' '*' '*' "$cmd"
fi
#----------------------------------------------------------#
# Vesta #
#----------------------------------------------------------#
# Logging
log_event "$OK" "$ARGUMENTS"
exit

82
bin/v-add-cron-vesta-autoupdate
View file

@ -1,82 +0,0 @@
#!/bin/bash
# info: add cron job for vesta autoupdates
# options: NONE
#
# The function adds cronjob for vesta autoupdate.
#----------------------------------------------------------#
# Variable&Function #
#----------------------------------------------------------#
# Argument definition
user=admin
# Includes
source $VESTA/func/main.sh
source $VESTA/conf/vesta.conf
#----------------------------------------------------------#
# Verifications #
#----------------------------------------------------------#
is_system_enabled "$CRON_SYSTEM" 'CRON_SYSTEM'
is_package_full 'CRON_JOBS'
get_next_cronjob
check_cron=$(grep 'v-update-sys-vesta-all' $USER_DATA/cron.conf)
if [ ! -z "$check_cron" ]; then
exit
fi
#----------------------------------------------------------#
# Action #
#----------------------------------------------------------#
# Generating timestamp
time_n_date=$(date +'%T %F')
time=$(echo "$time_n_date" |cut -f 1 -d \ )
date=$(echo "$time_n_date" |cut -f 2 -d \ )
# Define time somewhere at night
min=$(generate_password '012345' '2')
hour=$(generate_password '1234567' '1')
day='*'
month='*'
wday='*'
command='sudo /usr/local/vesta/bin/v-update-sys-vesta-all'
# Concatenating cron string
str="JOB='$job' MIN='$min' HOUR='$hour' DAY='$day' MONTH='$month' WDAY='$wday'"
str="$str CMD='$command' SUSPENDED='no' TIME='$time' DATE='$date'"
# Adding to crontab
echo "$str" >> $VESTA/data/users/$user/cron.conf
# Chaning permissions
chmod 660 $VESTA/data/users/$user/cron.conf
# Sort jobs by id number
sort_cron_jobs
# Sync cronjobs with system crond
sync_cron_jobs
#----------------------------------------------------------#
# Vesta #
#----------------------------------------------------------#
# Increasing cron value
increase_user_value $user '$U_CRON_JOBS'
# Restarting crond
$BIN/v-restart-cron
check_result $? "Cron restart failed" >/dev/null
# Logging
log_history "added cron job $job"
log_event "$OK" "$ARGUMENTS"
exit

89
bin/v-add-database
View file

@ -1,89 +0,0 @@
#!/bin/bash
# info: add database
# options: USER DATABASE DBUSER DBPASS [TYPE] [HOST] [CHARSET]
#
# The function creates the database concatenating username and user_db.
# Supported types of databases you can get using v-list-sys-config script.
# If the host isn't stated and there are few hosts configured on the server,
# then the host will be defined by one of three algorithms. "First" will choose
# the first host in the list. "Random" will chose the host by a chance.
# "Weight" will distribute new database through hosts evenly. Algorithm and
# types of supported databases is designated in the main configuration file.
#----------------------------------------------------------#
# Variable&Function #
#----------------------------------------------------------#
# Argument definition
user=$1
database="$user"_"$2"
dbuser="$user"_"$3"
password=$4; HIDE=4
type=${5-mysql}
host=$6
charset=${7-UTF8}
charset=$(echo "$charset" |tr '[:lower:]' '[:upper:]')
# Includes
source $VESTA/func/main.sh
source $VESTA/func/db.sh
source $VESTA/conf/vesta.conf
#----------------------------------------------------------#
# Verifications #
#----------------------------------------------------------#
check_args '4' "$#" 'USER DATABASE DBUSER DBPASS [TYPE] [HOST] [CHARSET]'
is_format_valid 'user' 'database' 'dbuser' 'charset'
is_system_enabled "$DB_SYSTEM" 'DB_SYSTEM'
is_type_valid "$DB_SYSTEM" "$type"
is_object_valid 'user' 'USER' "$user"
is_object_unsuspended 'user' 'USER' "$user"
is_object_new 'db' 'DB' "$database"
get_next_dbhost
is_object_valid "../../../conf/$type" 'HOST' "$host"
is_object_unsuspended "../../../conf/$type" 'DBHOST' "$host"
#is_charset_valid
is_package_full 'DATABASES'
is_password_valid
dbpass="$password"
#----------------------------------------------------------#
# Action #
#----------------------------------------------------------#
# Switching on db type
case $type in
mysql) add_mysql_database ;;
pgsql) add_pgsql_database ;;
esac
#----------------------------------------------------------#
# Vesta #
#----------------------------------------------------------#
# Generating timestamp
time_n_date=$(date +'%T %F')
time=$(echo "$time_n_date" |cut -f 1 -d \ )
date=$(echo "$time_n_date" |cut -f 2 -d \ )
# Adding db to db conf
str="DB='$database' DBUSER='$dbuser' MD5='$md5' HOST='$host' TYPE='$type'"
str="$str CHARSET='$charset' U_DISK='0' SUSPENDED='no' TIME='$time'"
str="$str DATE='$date'"
echo "$str" >> $USER_DATA/db.conf
chmod 660 $USER_DATA/db.conf
# Increasing counters
increase_dbhost_values
increase_user_value "$user" '$U_DATABASES'
# Logging
log_history "added $type database $database"
log_event "$OK" "$ARGUMENTS"
exit

119
bin/v-add-database-host
View file

@ -1,119 +0,0 @@
#!/bin/bash
# info: add new database server
# options: TYPE HOST DBUSER DBPASS [MAX_DB] [CHARSETS] [TEMPLATE]
#
# The function add new database server to the server pool. It supports local
# and remote database servers, which is useful for clusters. By adding a host
# you can set limit for number of databases on a host. Template parameter is
# used only for PostgreSQL and has an default value "template1". You can read
# more about templates in official PostgreSQL documentation.
#----------------------------------------------------------#
# Variable&Function #
#----------------------------------------------------------#
# Argument definition
type=$1
host=$2
dbuser=$3
password=$4; HIDE=4
max_db=${6-500}
charsets=${7-UTF8,LATIN1,WIN1250,WIN1251,WIN1252,WIN1256,WIN1258,KOI8}
template=${8-template1}
# Includes
source $VESTA/func/main.sh
source $VESTA/func/db.sh
source $VESTA/conf/vesta.conf
is_mysql_host_alive() {
mycnf=$(mktemp)
echo "[client]">$mycnf
echo "host='$HOST'" >> $mycnf
echo "user='$USER'" >> $mycnf
echo "password='$PASSWORD'" >> $mycnf
chmod 600 $mycnf
mysql --defaults-file=$mycnf -e 'SELECT VERSION()' >/dev/null 2>&1
rm $mycnf
if [ '0' -ne "$?" ]; then
echo "Error: MySQL connection to $host failed"
log_event "$E_CONNECT" "$ARGUMENTS"
exit $E_CONNECT
fi
}
is_pgsql_host_alive() {
export PGPASSWORD="$dbpass"
psql -h $host -U $dbuser -c "SELECT VERSION()" > /dev/null 2>&1
if [ '0' -ne "$?" ]; then
echo "Error: PostgreSQL connection to $host failed"
log_event "$E_CONNECT" "$ARGUMENTS"
exit $E_CONNECT
fi
}
#----------------------------------------------------------#
# Verifications #
#----------------------------------------------------------#
args_usage='TYPE HOST DBUSER DBPASS [MAX_DB] [CHARSETS] [TPL]'
check_args '4' "$#" "$args_usage"
is_format_valid 'host' 'dbuser' 'max_db' 'charsets' 'template'
#is_system_enabled "$DB_SYSTEM" 'DB_SYSTEM'
#is_type_valid "$DB_SYSTEM" "$type"
is_dbhost_new
is_password_valid
dbpass="$password"
case $type in
mysql) is_mysql_host_alive ;;
pgsql) is_pgsql_host_alive ;;
esac
#----------------------------------------------------------#
# Action #
#----------------------------------------------------------#
# Generating timestamp
time_n_date=$(date +'%T %F')
time=$(echo "$time_n_date" |cut -f 1 -d \ )
date=$(echo "$time_n_date" |cut -f 2 -d \ )
# Concatenating db host string
case $type in
mysql) str="HOST='$host' USER='$dbuser' PASSWORD='$dbpass'";
str="$str CHARSETS='$charsets' MAX_DB='$max_db' U_SYS_USERS=''";
str="$str U_DB_BASES='0' SUSPENDED='no' TIME='$time' DATE='$date'";;
pgsql) str="HOST='$host' USER='$dbuser' PASSWORD='$dbpass'";
str="$str CHARSETS='$charsets' TPL='$template' MAX_DB='$max_db'";
str="$str U_SYS_USERS='' U_DB_BASES='0' SUSPENDED='no'";
str="$str TIME='$time' DATE='$date'";;
esac
#----------------------------------------------------------#
# Vesta #
#----------------------------------------------------------#
# Adding host to conf
echo "$str" >> $VESTA/conf/$type.conf
chmod 660 $VESTA/conf/$type.conf
# Updating vesta.conf
if [ -z "$(grep DB_SYSTEM $VESTA/conf/vesta.conf)" ]; then
echo "DB_SYSTEM='$type'" >> $VESTA/conf/vesta.conf
else
db=$(echo "$DB_SYSTEM,$type" |\
sed "s/,/\n/g"|\
sort -r -u |\
sed "/^$/d"|\
sed ':a;N;$!ba;s/\n/,/g')
sed -i "s/DB_SYSTEM=.*/DB_SYSTEM='$db'/g" $VESTA/conf/vesta.conf
fi
# Logging
log_event "$OK" "$ARGUMENTS"
exit

207
bin/v-add-dns-domain
View file

@ -1,207 +0,0 @@
#!/bin/bash
# info: add dns domain
# options: USER DOMAIN IP [NS1] [NS2] [NS3] [..] [NS8] [RESTART]
#
# The function adds DNS zone with records defined in the template. If the exp
# argument isn't stated, the expiration date value will be set to next year.
# The soa argument is responsible for the relevant record. By default the first
# user's NS server is used. TTL is set as common for the zone and for all of
# its records with a default value of 14400 seconds.
#----------------------------------------------------------#
# Variable&Function #
#----------------------------------------------------------#
# Argument definition
user=$1
domain=$2
ip=$3
ns1=$4
ns2=$5
ns3=$6
ns4=$7
ns5=$8
ns6=$9
ns7=${10}
ns8=${11}
restart=${12}
# Includes
source $VESTA/func/main.sh
source $VESTA/func/domain.sh
source $VESTA/conf/vesta.conf
# Additional argument formatting
format_domain
format_domain_idn
#----------------------------------------------------------#
# Verifications #
#----------------------------------------------------------#
check_args '3' "$#" 'USER DOMAIN IP [NS1] [NS2] [NS3] [..] [NS8] [RESTART]'
is_format_valid 'user' 'domain' 'ip'
is_system_enabled "$DNS_SYSTEM" 'DNS_SYSTEM'
is_object_valid 'user' 'USER' "$user"
is_object_unsuspended 'user' 'USER' "$user"
is_domain_new 'dns' "$domain"
is_package_full 'DNS_DOMAINS'
template=$(get_user_value '$DNS_TEMPLATE')
is_dns_template_valid $template
if [ ! -z "$ns1" ]; then
ns1=$(echo $4 |sed -e 's/\.*$//g' -e 's/^\.*//g')
is_format_valid 'ns1'
fi
if [ ! -z "$ns2" ]; then
ns2=$(echo $5 |sed -e 's/\.*$//g' -e 's/^\.*//g')
is_format_valid 'ns2'
fi
if [ ! -z "$ns3" ]; then
ns3=$(echo $6 |sed -e 's/\.*$//g' -e 's/^\.*//g')
is_format_valid 'ns3'
fi
if [ ! -z "$ns4" ]; then
ns4=$(echo $7 |sed -e 's/\.*$//g' -e 's/^\.*//g')
is_format_valid 'ns4'
fi
if [ ! -z "$ns5" ]; then
ns5=$(echo $8 |sed -e 's/\.*$//g' -e 's/^\.*//g')
is_format_valid 'ns5'
fi
if [ ! -z "$ns6" ]; then
ns6=$(echo $9 |sed -e 's/\.*$//g' -e 's/^\.*//g')
is_format_valid 'ns6'
fi
if [ ! -z "$ns7" ]; then
ns7=$(echo ${10} |sed -e 's/\.*$//g' -e 's/^\.*//g')
is_format_valid 'ns7'
fi
if [ ! -z "$ns8" ]; then
ns8=$(echo ${11} |sed -e 's/\.*$//g' -e 's/^\.*//g')
is_format_valid 'ns8'
fi
#----------------------------------------------------------#
# Action #
#----------------------------------------------------------#
# Defining NS variables
if [ -z $ns2 ]; then
i=1
ns=$(get_user_value '$NS')
for nameserver in ${ns//,/ };do
eval ns$i=$nameserver
(( ++i))
done
fi
soa="$ns1"
exp=$(date +%F -d "+ 1 year")
serial=$(date +'%Y%m%d01')
ttl=14400
# Reading template
template_data=$(cat $DNSTPL/$template.tpl)
# Deleting unused nameservers
if [ -z "$ns3" ]; then
template_data=$(echo "$template_data" |grep -v %ns3%)
fi
if [ -z "$ns4" ]; then
template_data=$(echo "$template_data" |grep -v %ns4%)
fi
if [ -z "$ns5" ]; then
template_data=$(echo "$template_data" |grep -v %ns5%)
fi
if [ -z "$ns6" ]; then
template_data=$(echo "$template_data" |grep -v %ns6%)
fi
if [ -z "$ns7" ]; then
template_data=$(echo "$template_data" |grep -v %ns7%)
fi
if [ -z "$ns8" ]; then
template_data=$(echo "$template_data" |grep -v %ns8%)
fi
# Generating timestamp
time_n_date=$(date +'%T %F')
time=$(echo "$time_n_date" |cut -f 1 -d \ )
date=$(echo "$time_n_date" |cut -f 2 -d \ )
# Adding dns zone to the user config
echo "$template_data" |\
sed -e "s/%ip%/$ip/g" \
-e "s/%domain_idn%/$domain_idn/g" \
-e "s/%domain%/$domain/g" \
-e "s/%ns1%/$ns1/g" \
-e "s/%ns2%/$ns2/g" \
-e "s/%ns3%/$ns3/g" \
-e "s/%ns4%/$ns4/g" \
-e "s/%ns5%/$ns5/g" \
-e "s/%ns6%/$ns6/g" \
-e "s/%ns7%/$ns7/g" \
-e "s/%ns8%/$ns8/g" \
-e "s/%time%/$time/g" \
-e "s/%date%/$date/g" > $USER_DATA/dns/$domain.conf
chmod 660 $USER_DATA/dns/$domain.conf
records="$(wc -l $USER_DATA/dns/$domain.conf |cut -f 1 -d ' ')"
# Adding dns.conf record
dns_rec="DOMAIN='$domain' IP='$ip' TPL='$template' TTL='$ttl' EXP='$exp'"
dns_rec="$dns_rec SOA='$soa' SERIAL='$serial' SRC='' RECORDS='$records'"
dns_rec="$dns_rec SUSPENDED='no' TIME='$time' DATE='$date'"
echo "$dns_rec" >> $USER_DATA/dns.conf
chmod 660 $USER_DATA/dns.conf
# Creating system configs
if [[ "$DNS_SYSTEM" =~ named|bind ]]; then
if [ -e '/etc/named.conf' ]; then
dns_conf='/etc/named.conf'
dns_group='named'
else
dns_conf='/etc/bind/named.conf'
dns_group='bind'
fi
# Adding zone in named.conf
named="zone \"$domain_idn\" {type master; file"
named="$named \"$HOMEDIR/$user/conf/dns/$domain.db\";};"
echo "$named" >> $dns_conf
# Updating domain dns zone
update_domain_zone
# Changing permissions
chmod 640 $HOMEDIR/$user/conf/dns/$domain.db
chown root:$dns_group $HOMEDIR/$user/conf/dns/$domain.db
fi
# Updating dns-cluster queue
if [ ! -z "$DNS_CLUSTER" ]; then
cmd="$BIN/v-add-remote-dns-domain $user $domain yes"
echo "$cmd" >> $VESTA/data/queue/dns-cluster.pipe
fi
#----------------------------------------------------------#
# Vesta #
#----------------------------------------------------------#
# Increasing domain value
increase_user_value "$user" '$U_DNS_DOMAINS'
increase_user_value "$user" '$U_DNS_RECORDS' "$records"
# Restart named
$BIN/v-restart-dns $restart
check_result $? "DNS restart failed"
# Logging
log_history "added dns domain $domain"
log_event "$OK" "$ARGUMENTS"
exit

85
bin/v-add-dns-on-web-alias
View file

@ -1,85 +0,0 @@
#!/bin/bash
# info: add dns domain or dns record after web domain alias
# options: USER ALIAS IP [RESTART]
#
# The function adds dns domain or dns record based on web domain alias.
#----------------------------------------------------------#
# Variable&Function #
#----------------------------------------------------------#
# Argument definition
user=$1
alias=$2
ip=$3
restart=$4
# Includes
source $VESTA/func/main.sh
source $VESTA/func/domain.sh
source $VESTA/conf/vesta.conf
#----------------------------------------------------------#
# Verifications #
#----------------------------------------------------------#
check_args '3' "$#" 'USER ALIAS IP [RESTART]'
is_format_valid 'user' 'alias' 'ip'
is_system_enabled "$DNS_SYSTEM" 'DNS_SYSTEM'
is_object_valid 'user' 'USER' "$user"
is_object_unsuspended 'user' 'USER' "$user"
if [ -e "$USER_DATA/dns/$alias.conf" ]; then
exit
fi
#----------------------------------------------------------#
# Action #
#----------------------------------------------------------#
# Logging
log_event "$OK" "$ARGUMENTS"
# Define additional vars
sub_domain=$(echo "$alias" |awk -F '.' '{print $1}')
top_domain=$(echo "$alias" |sed -e "s/^$sub_domain.//")
domain_lvl=$(echo "$alias" |grep -o "\." |wc -l)
# Adding second level domain
if [ "$domain_lvl" -eq 1 ] || [ "${#top_domain}" -le '6' ]; then
$BIN/v-add-dns-domain \
$user $alias $ip '' '' '' '' '' '' '' '' $restart >> /dev/null
exit
fi
# Adding top-level domain and then its sub
$BIN/v-add-dns-domain $user $top_domain $ip '' '' '' '' '' '' '' '' $restart >> /dev/null
# Checking top-level domain
if [ ! -e "$USER_DATA/dns/$top_domain.conf" ]; then
exit
fi
# Checking subdomain record
if [ "$sub_domain" == '*' ]; then
check_record=$(grep -w "RECORD='\*'" $USER_DATA/dns/$top_domain.conf)
else
check_record=$(grep -w "RECORD='$sub_domain'" $USER_DATA/dns/$top_domain.conf)
fi
# Adding subdomain record
if [ -z "$check_record" ]; then
$BIN/v-add-dns-record \
$user $top_domain "$sub_domain" A $ip '' '' $restart >> /dev/null
fi
#----------------------------------------------------------#
# Vesta #
#----------------------------------------------------------#
# No logging
exit

134
bin/v-add-dns-record
View file

@ -1,134 +0,0 @@
#!/bin/bash
# info: add dns record
# options: USER DOMAIN RECORD TYPE VALUE [PRIORITY] [ID] [RESTART]
#
# The call is used for adding new DNS record. Complex records of TXT, MX and
# SRV types can be used by a filling in the 'value' argument. The function also
# gets an id parameter for definition of certain record identifier or for the
# regulation of records.
#----------------------------------------------------------#
# Variable&Function #
#----------------------------------------------------------#
# Argument definition
user=$1
domain=$2
domain_idn=$2
record=$(idn -t --quiet -u "$3" )
record=$(echo "$record" | tr '[:upper:]' '[:lower:]')
rtype=$(echo "$4"| tr '[:lower:]' '[:upper:]')
dvalue=$(idn -t --quiet -u "$5" )
priority=$6
id=$7
restart=$8
if [ -z "$priority" ]; then
priority=10
fi
# Includes
source $VESTA/func/main.sh
source $VESTA/func/domain.sh
source $VESTA/conf/vesta.conf
# Null priority for none MX/SRV records
if [ "$rtype" != 'MX' ] && [ "$rtype" != 'SRV' ]; then
priority=''
fi
# Add trailing dot at the end of NS/CNAME/MX/PTR/SRV record
if [[ $rtype =~ NS|CNAME|MX|PTR|SRV ]]; then
trailing_dot=$(echo $dvalue | grep "\.$")
if [ -z "$trailing_dot" ]; then
dvalue="$dvalue."
fi
fi
if [ $rtype != "CAA" ]; then
dvalue=${dvalue//\"/}
if [[ "$dvalue" =~ [\;[:space:]] ]]; then
dvalue='"'"$dvalue"'"'
fi
fi
# Additional argument formatting
format_domain
format_domain_idn
# TODO: $domain_idn not used in this script - maybe $domain should be converted to $doman_idn ?
#----------------------------------------------------------#
# Verifications #
#----------------------------------------------------------#
check_args '5' "$#" 'USER DOMAIN RECORD TYPE VALUE [PRIORITY] [ID] [RESTART]'
is_format_valid 'user' 'domain' 'record' 'rtype' 'dvalue'
is_system_enabled "$DNS_SYSTEM" 'DNS_SYSTEM'
is_object_valid 'user' 'USER' "$user"
is_object_unsuspended 'user' 'USER' "$user"
is_object_valid 'dns' 'DOMAIN' "$domain"
is_object_unsuspended 'dns' 'DOMAIN' "$domain"
is_package_full 'DNS_RECORDS'
get_next_dnsrecord
is_format_valid 'id'
is_object_new "dns/$domain" 'ID' "$id"
is_dns_fqnd "$rtype" "$dvalue"
is_dns_nameserver_valid "$domain" "$rtype" "$dvalue"
#----------------------------------------------------------#
# Action #
#----------------------------------------------------------#
# Generating timestamp
time_n_date=$(date +'%T %F')
time=$(echo "$time_n_date" |cut -f 1 -d \ )
date=$(echo "$time_n_date" |cut -f 2 -d \ )
# Adding record
zone="$USER_DATA/dns/$domain.conf"
dns_rec="ID='$id' RECORD='$record' TYPE='$rtype' PRIORITY='$priority'"
dns_rec="$dns_rec VALUE='$dvalue' SUSPENDED='no' TIME='$time' DATE='$date'"
echo "$dns_rec" >> $zone
chmod 660 $zone
# Sorting records
sort_dns_records
# Updating zone
if [[ "$DNS_SYSTEM" =~ named|bind ]]; then
update_domain_serial
update_domain_zone
fi
# Updating dns-cluster queue
if [ ! -z "$DNS_CLUSTER" ]; then
# Check for first sync
dlock=$(grep "domain $user $domain" $VESTA/data/queue/dns-cluster.pipe)
if [ -z "$dlock" ]; then
cmd="$BIN/v-add-remote-dns-record $user $domain $id"
echo "$cmd" >> $VESTA/data/queue/dns-cluster.pipe
fi
fi
#----------------------------------------------------------#
# Vesta #
#----------------------------------------------------------#
# Update counters
records="$(wc -l $USER_DATA/dns/$domain.conf | cut -f1 -d ' ')"
update_object_value 'dns' 'DOMAIN' "$domain" '$RECORDS' "$records"
increase_user_value "$user" '$U_DNS_RECORDS'
# Restart named
$BIN/v-restart-dns $restart
check_result $? $E_RESTART 'dns failed to restart'
# Logging
log_history "added $rtype dns record $record for $domain"
log_event "$OK" "$ARGUMENTS"
exit

81
bin/v-add-domain
View file

@ -1,81 +0,0 @@
#!/bin/bash
# info: add web/dns/mail domain
# options: USER DOMAIN [IP] [RESTART]
#
# The function adds web/dns/mail domain to a server.
#----------------------------------------------------------#
# Variable&Function #
#----------------------------------------------------------#
# Argument definition
user=$1
domain=$2
ip=$3
restart="${4-yes}"
# Includes
source $VESTA/func/main.sh
source $VESTA/func/ip.sh
source $VESTA/conf/vesta.conf
#----------------------------------------------------------#
# Verifications #
#----------------------------------------------------------#
check_args '2' "$#" 'USER DOMAIN [IP] [RESTART]'
is_format_valid 'user' 'domain'
if [ ! -z "$ip" ] ; then
is_format_valid 'ip'
fi
is_object_valid 'user' 'USER' "$user"
is_object_unsuspended 'user' 'USER' "$user"
#----------------------------------------------------------#
# Action #
#----------------------------------------------------------#
# Get ip if it wasn't defined
if [ -z "$ip" ]; then
get_user_ip
if [ -z "$ip" ]; then
check_result $E_NOTEXIST "no avaiable IP address"
fi
fi
# Working on web domain
if [ ! -z "$WEB_SYSTEM" ]; then
$BIN/v-add-web-domain $user $domain $ip 'no'
check_result $? "can't add web domain" >/dev/null
fi
# Working on DNS domain
if [ ! -z "$DNS_SYSTEM" ]; then
$BIN/v-add-dns-domain $user $domain $ip "" "" "" "" "" '' '' '' 'no'
check_result $? "can't add dns domain" >/dev/null
fi
# Working on mail domain
if [ ! -z "$MAIL_SYSTEM" ]; then
$BIN/v-add-mail-domain $user $domain
check_result $? "can't add mail domain" >/dev/null
fi
# Restarting services
$BIN/v-restart-web $restart
check_result $? "can't restart web" > /dev/null
$BIN/v-restart-proxy $restart
check_result $? "can't restart proxy" > /dev/null
$BIN/v-restart-dns $restart
check_result $? "can't restart dns" > /dev/null
#----------------------------------------------------------#
# Vesta #
#----------------------------------------------------------#
exit

83
bin/v-add-firewall-ban
View file

@ -1,83 +0,0 @@
#!/bin/bash
# info: add firewall blocking rule
# options: IP CHAIN
#
# The function adds new blocking rule to system firewall
#----------------------------------------------------------#
# Variable&Function #
#----------------------------------------------------------#
# Importing system variables
source /etc/profile
# Argument definition
ip=$1
chain=$(echo $2|tr '[:lower:]' '[:upper:]')
# Defining absolute path for iptables and modprobe
iptables="/sbin/iptables"
# Includes
source $VESTA/func/main.sh
source $VESTA/conf/vesta.conf
#----------------------------------------------------------#
# Verifications #
#----------------------------------------------------------#
check_args '2' "$#" 'IP CHAIN'
is_format_valid 'ip' 'chain'
is_system_enabled "$FIREWALL_SYSTEM" 'FIREWALL_SYSTEM'
#----------------------------------------------------------#
# Action #
#----------------------------------------------------------#
# Checking server ip
if [ -e "$VESTA/data/ips/$ip" ] || [ "$ip" = '127.0.0.1' ]; then
exit
fi
# Checking ip exclusions
excludes="$VESTA/data/firewall/excludes.conf"
check_excludes=$(grep "^$ip$" $excludes 2>/dev/null)
if [ ! -z "$check_excludes" ]; then
exit
fi
# Checking ip in banlist
conf="$VESTA/data/firewall/banlist.conf"
check_ip=$(grep "IP='$ip' CHAIN='$chain'" $conf 2>/dev/null)
if [ ! -z "$check_ip" ]; then
exit
fi
# Adding chain
$BIN/v-add-firewall-chain $chain
# Generating timestamp
time_n_date=$(date +'%T %F')
time=$(echo "$time_n_date" |cut -f 1 -d \ )
date=$(echo "$time_n_date" |cut -f 2 -d \ )
# Adding ip to banlist
echo "IP='$ip' CHAIN='$chain' TIME='$time' DATE='$date'" >> $conf
$iptables -I fail2ban-$chain 1 -s $ip \
-j REJECT --reject-with icmp-port-unreachable 2>/dev/null
# Changing permissions
chmod 660 $conf
#----------------------------------------------------------#
# Vesta #
#----------------------------------------------------------#
# Logging
log_event "$OK" "$ARGUMENTS"
exit

98
bin/v-add-firewall-chain
View file

@ -1,98 +0,0 @@
#!/bin/bash
# info: add firewall chain
# options: CHAIN [PORT] [PROTOCOL] [PROTOCOL]
#
# The function adds new rule to system firewall
#----------------------------------------------------------#
# Variable&Function #
#----------------------------------------------------------#
# Importing system variables
source /etc/profile
# Argument definition
chain=$(echo $1 | tr '[:lower:]' '[:upper:]')
port=$2
protocol=${4-TCP}
protocol=$(echo $protocol|tr '[:lower:]' '[:upper:]')
# Defining absolute path to iptables
iptables="/sbin/iptables"
# Get vesta port by reading nginx.conf
vestaport=$(grep 'listen' $VESTA/nginx/conf/nginx.conf | awk '{print $2}' | sed "s|;||")
if [ -z "$vestaport" ]; then
vestaport=8083
fi
# Includes
source $VESTA/func/main.sh
source $VESTA/conf/vesta.conf
#----------------------------------------------------------#
# Verifications #
#----------------------------------------------------------#
check_args '1' "$#" 'CHAIN [PORT] [PROTOCOL]'
is_format_valid 'chain'
is_system_enabled "$FIREWALL_SYSTEM" 'FIREWALL_SYSTEM'
#----------------------------------------------------------#
# Action #
#----------------------------------------------------------#
# Checking known chains
case $chain in
SSH) # Get ssh port by reading ssh config file.
sshport=$(grep '^Port ' /etc/ssh/sshd_config | head -1 | cut -d ' ' -f 2)
if [ -z "$sshport" ]; then
sshport=22
fi
port=$sshport;
protocol=TCP ;;
FTP) port=21; protocol=TCP ;;
MAIL) port='25,465,587,2525,110,995,143,993'; protocol=TCP ;;
DNS) port=53; protocol=UDP ;;
WEB) port='80,443'; protocol=TCP ;;
DB) port='3306,5432'; protocol=TCP ;;
VESTA) port=$vestaport; protocol=TCP ;;
*) check_args '2' "$#" 'CHAIN PORT' ;;
esac
# Adding chain
$iptables -N fail2ban-$chain 2>/dev/null
if [ $? -eq 0 ]; then
$iptables -A fail2ban-$chain -j RETURN
# Adding multiport module
if [[ "$port" =~ ,|-|: ]] ; then
port_str="-m multiport --dports $port"
else
port_str="--dport $port"
fi
$iptables -I INPUT -p $protocol $port_str -j fail2ban-$chain
fi
# Preserving chain
chains=$VESTA/data/firewall/chains.conf
check_chain=$(grep "CHAIN='$chain'" $chains 2>/dev/null)
if [ -z "$check_chain" ]; then
echo "CHAIN='$chain' PORT='$port' PROTOCOL='$protocol'" >> $chains
fi
# Changing permissions
chmod 660 $chains
#----------------------------------------------------------#
# Vesta #
#----------------------------------------------------------#
# Logging
log_event "$OK" "$ARGUMENTS"
exit

94
bin/v-add-firewall-rule
View file

@ -1,94 +0,0 @@
#!/bin/bash
# info: add firewall rule
# options: ACTION IP PORT [PROTOCOL] [COMMENT] [RULE]
#
# The function adds new rule to system firewall
#----------------------------------------------------------#
# Variable&Function #
#----------------------------------------------------------#
# Importing system variables
source /etc/profile
# Argument definition
action=$(echo $1|tr '[:lower:]' '[:upper:]')
ip=$2
port_ext=$3
protocol=${4-TCP}
protocol=$(echo $protocol|tr '[:lower:]' '[:upper:]')
comment=$5
rule=$6
# Includes
source $VESTA/func/main.sh
source $VESTA/conf/vesta.conf
# Get next firewall rule id
get_next_fw_rule() {
if [ -z "$rule" ]; then
curr_str=$(grep "RULE=" $VESTA/data/firewall/rules.conf |\
cut -f 2 -d \' | sort -n | tail -n1)
rule="$((curr_str +1))"
fi
}
sort_fw_rules() {
cat $VESTA/data/firewall/rules.conf |\
sort -n -k 2 -t \' > $VESTA/data/firewall/rules.conf.tmp
mv -f $VESTA/data/firewall/rules.conf.tmp \
$VESTA/data/firewall/rules.conf
}
#----------------------------------------------------------#
# Verifications #
#----------------------------------------------------------#
check_args '3' "$#" 'ACTION IP PORT [PROTOCOL] [COMMENT] [RULE]'
is_format_valid 'action' 'protocol' 'port_ext' 'ip'
is_system_enabled "$FIREWALL_SYSTEM" 'FIREWALL_SYSTEM'
get_next_fw_rule
is_format_valid 'rule'
is_object_new '../../data/firewall/rules' 'RULE' "$rule"
if [ ! -z "$comment" ]; then
is_format_valid 'comment'
fi
#----------------------------------------------------------#
# Action #
#----------------------------------------------------------#
# Generating timestamp
time_n_date=$(date +'%T %F')
time=$(echo "$time_n_date" |cut -f 1 -d \ )
date=$(echo "$time_n_date" |cut -f 2 -d \ )
# Concatenating rule
str="RULE='$rule' ACTION='$action' PROTOCOL='$protocol' PORT='$port_ext'"
str="$str IP='$ip' COMMENT='$comment' SUSPENDED='no'"
str="$str TIME='$time' DATE='$date'"
# Adding to config
echo "$str" >> $VESTA/data/firewall/rules.conf
# Changing permissions
chmod 660 $VESTA/data/firewall/rules.conf
# Sorting firewall rules by id number
sort_fw_rules
# Updating system firewall
$BIN/v-update-firewall
#----------------------------------------------------------#
# Vesta #
#----------------------------------------------------------#
# Logging
log_event "$OK" "$ARGUMENTS"
exit

76
bin/v-add-fs-archive
View file

@ -1,76 +0,0 @@
#!/bin/bash
# info: archive directory
# options: USER ARCHIVE SOURCE
#
# The function creates tar archive
user=$1
archive=$2
src0=$3
# Checking arguments
if [ -z "$src0" ]; then
echo "Usage: USER ARCHIVE FILE [FILE_2] [FILE_3] [FILE ...]"
exit 1
fi
# Checking vesta user
if [ ! -e "$VESTA/data/users/$user" ]; then
echo "Error: vesta user $user doesn't exist"
exit 3
fi
# Checking user homedir
homedir=$(grep "^$user:" /etc/passwd |cut -f 6 -d :)
if [ -z $homedir ]; then
echo "Error: user home directory doesn't exist"
exit 12
fi
# Checking archive
if [ -e "$archive" ]; then
echo "Error: archive already exist $archive"
exit 1
fi
# Checking source path
IFS=$'\n'
i=1
for src in $*; do
if [ "$i" -gt 2 ]; then
rpath=$(readlink -f "$src")
if [ -z "$(echo $rpath |egrep "^/tmp|^$homedir")" ]; then
echo "Error: invalid source path $src"
exit 1
fi
fi
((i++))
done
i=1
for src in $*; do
if [ "$i" -gt 2 ]; then
# Deleting leading home path
src=$(echo "$src"| sed -e "s|/home/$user/||")
# Creating tar.gz archive
sudo -u $user tar -rf "${archive/.gz/}" -C /home/$user $src >\
/dev/null 2>&1
if [ "$?" -ne 0 ]; then
echo "Error: archive $archive was not created"
exit 3
fi
fi
((i++))
done
# Checking gzip
if [[ "$archive" =~ \.gz$ ]]; then
sudo -u $user gzip "${archive/.gz/}" >/dev/null 2>&1
if [ "$?" -ne 0 ]; then
echo "Error: archive $archive was not gziped"
exit 3
fi
fi
exit

44
bin/v-add-fs-directory
View file

@ -1,44 +0,0 @@
#!/bin/bash
# info: add directory
# options: USER DIRECTORY
#
# The function creates new directory on the file system
user=$1
dst_dir=$2
# Checking arguments
if [ -z "$dst_dir" ]; then
echo "Usage: USER DIRECTORY"
exit 1
fi
# Checking vesta user
if [ ! -e "$VESTA/data/users/$user" ]; then
echo "Error: vesta user $user doesn't exist"
exit 3
fi
# Checking user homedir
homedir=$(grep "^$user:" /etc/passwd | cut -f 6 -d :)
if [ -z $homedir ]; then
echo "Error: user home directory doesn't exist"
exit 12
fi
# Checking destination path
rpath=$(readlink -f "$dst_dir")
if [ -z "$(echo $rpath |egrep "^/tmp|^$homedir")" ]; then
echo "Error: invalid destination path $dst_dir"
exit 2
fi
# Adding directory
sudo -u $user mkdir -p "$dst_dir" >/dev/null 2>&1
if [ $? -ne 0 ]; then
echo "Error: directory $dst_dir was not created"
exit 3
fi
# Extiging
exit

44
bin/v-add-fs-file
View file

@ -1,44 +0,0 @@
#!/bin/bash
# info: add file
# options: USER FILE
#
# The function creates new files on file system
user=$1
dst_file=$2
# Checking arguments
if [ -z "$dst_file" ]; then
echo "Usage: USER FILE"
exit 1
fi
# Checking vesta user
if [ ! -e "$VESTA/data/users/$user" ]; then
echo "Error: vesta user $user doesn't exist"
exit 3
fi
# Checking user homedir
homedir=$(grep "^$user:" /etc/passwd | cut -f 6 -d :)
if [ -z $homedir ]; then
echo "Error: user home directory doesn't exist"
exit 12
fi
# Checking destination path
rpath=$(readlink -f "$dst_file")
if [ -z "$(echo $rpath |egrep "^/tmp|^$homedir")" ]; then
echo "Error: invalid destination path $dst_dir"
exit 2
fi
# Creating file
sudo -u $user touch "$dst_file" >/dev/null 2>&1
if [ $? -ne 0 ]; then
echo "Error: file $dst_file was not created"
exit 3
fi
# Exiting
exit

399
bin/v-add-letsencrypt-domain
View file

@ -1,399 +0,0 @@
#!/bin/bash
# info: check letsencrypt domain
# options: USER DOMAIN [ALIASES]
#
# The function check and validates domain with Let's Encript
#----------------------------------------------------------#
# Variable&Function #
#----------------------------------------------------------#
# Argument definition
user=$1
domain=$2
aliases=$3
# LE API
API='https://acme-v02.api.letsencrypt.org'
# Includes
source $VESTA/func/main.sh
source $VESTA/func/domain.sh
source $VESTA/conf/vesta.conf
# Additional argument formatting
format_identifier_idn() {
identifier_idn=$identifier
if [[ "$identifier_idn" = *[![:ascii:]]* ]]; then
identifier_idn=$(idn -t --quiet -a $identifier_idn)
fi
}
# encode base64
encode_base64() {
cat |base64 |tr '+/' '-_' |tr -d '\r\n='
}
# Let's Encrypt v2 curl function
query_le_v2() {
protected='{"nonce": "'$3'",'
protected=''$protected' "url": "'$1'",'
protected=''$protected' "alg": "RS256", "kid": "'$KID'"}'
content="Content-Type: application/jose+json"
payload_=$(echo -n "$2" |encode_base64)
protected_=$(echo -n "$protected" |encode_base64)
signature_=$(printf "%s" "$protected_.$payload_" |\
openssl dgst -sha256 -binary -sign $USER_DATA/ssl/user.key |\
encode_base64)
post_data='{"protected":"'"$protected_"'",'
post_data=$post_data'"payload":"'"$payload_"'",'
post_data=$post_data'"signature":"'"$signature_"'"}'
# Save http response to file passed as "$4" arg or print to stdout if not provided
# http response headers are always sent to stdout
local save_to_file=${4:-"/dev/stdout"}
curl --silent --dump-header /dev/stdout --data "$post_data" "$1" --header "$content" --output "$save_to_file"
}
#----------------------------------------------------------#
# Verifications #
#----------------------------------------------------------#
check_args '2' "$#" 'USER DOMAIN [ALIASES]'
is_format_valid 'user' 'domain' 'aliases'
is_system_enabled "$WEB_SYSTEM" 'WEB_SYSTEM'
is_object_valid 'user' 'USER' "$user"
is_object_unsuspended 'user' 'USER' "$user"
is_object_valid 'web' 'DOMAIN' "$domain"
is_object_unsuspended 'web' 'DOMAIN' "$domain"
get_domain_values 'web'
echo "-----------------------------------------------------------------------------------" >> /usr/local/vesta/log/letsencrypt.log
echo "[$(date)] : v-add-letsencrypt-domain $domain [$aliases]" >> /usr/local/vesta/log/letsencrypt.log
# check if alias is the letsencrypt wildcard domain, if not, make the normal checks
if [[ "$aliases" != "*.$domain" ]]; then
for alias in $(echo "$aliases" |tr ',' '\n' |sort -u); do
check_alias="$(echo $ALIAS |tr ',' '\n' |grep ^$alias$)"
if [ -z "$check_alias" ]; then
echo "[$(date)] : EXIT=domain alias $alias doesn't exist" >> /usr/local/vesta/log/letsencrypt.log
check_result $E_NOTEXIST "domain alias $alias doesn't exist"
fi
done
fi;
#----------------------------------------------------------#
# Action #
#----------------------------------------------------------#
# Registering LetsEncrypt user account
echo "[$(date)] : v-add-letsencrypt-user $user" >> /usr/local/vesta/log/letsencrypt.log
$BIN/v-add-letsencrypt-user $user
echo "[$(date)] : result: $?" >> /usr/local/vesta/log/letsencrypt.log
if [ "$?" -ne 0 ]; then
touch $VESTA/data/queue/letsencrypt.pipe
sed -i "/ $domain /d" $VESTA/data/queue/letsencrypt.pipe
send_notice "LETSENCRYPT" "Account registration failed"
echo "[$(date)] : EXIT=LE account registration" >> /usr/local/vesta/log/letsencrypt.log
check_result $E_CONNECT "LE account registration" >/dev/null
fi
# Parsing LetsEncrypt account data
source $USER_DATA/ssl/le.conf
# Checking wildcard alias
if [ "$aliases" = "*.$domain" ]; then
echo "[$(date)] : Checking wildcard alias" >> /usr/local/vesta/log/letsencrypt.log
wildcard='yes'
proto="dns-01"
if [ ! -e "$VESTA/data/users/$user/dns/$domain.conf" ]; then
echo "[$(date)] : EXIT=DNS domain $domain doesn't exist" >> /usr/local/vesta/log/letsencrypt.log
check_result $E_NOTEXIST "DNS domain $domain doesn't exist"
fi
else
proto="http-01"
fi
# Requesting nonce / STEP 1
echo "[$(date)] : --- Requesting nonce / STEP 1 ---" >> /usr/local/vesta/log/letsencrypt.log
echo "[$(date)] : curl -s -I \"$API/directory\"" >> /usr/local/vesta/log/letsencrypt.log
answer=$(curl -s -I "$API/directory")
echo "[$(date)] : answer=$answer" >> /usr/local/vesta/log/letsencrypt.log
nonce=$(echo "$answer" |grep -i nonce |cut -f2 -d \ |tr -d '\r\n')
echo "[$(date)] : nonce=$nonce" >> /usr/local/vesta/log/letsencrypt.log
status=$(echo "$answer"|grep HTTP/ |tail -n1 |cut -f 2 -d ' ')
echo "[$(date)] : status=$status" >> /usr/local/vesta/log/letsencrypt.log
if [[ "$status" -ne 200 ]]; then
echo "[$(date)] : EXIT=Let's Encrypt nonce request status $status" >> /usr/local/vesta/log/letsencrypt.log
check_result $E_CONNECT "Let's Encrypt nonce request status $status"
fi
# Placing new order / STEP 2
echo "[$(date)] : --- Placing new order / STEP 2 ---" >> /usr/local/vesta/log/letsencrypt.log
url="$API/acme/new-order"
payload='{"identifiers":['
for identifier in $(echo $domain,$aliases |tr ',' '\n' |sort -u); do
format_identifier_idn
payload=$payload'{"type":"dns","value":"'$identifier_idn'"},'
done
payload=$(echo "$payload"|sed "s/,$//")
payload=$payload']}'
echo "[$(date)] : payload=$payload" >> /usr/local/vesta/log/letsencrypt.log
echo "[$(date)] : query_le_v2 \"$url\" \"$payload\" \"$nonce\"" >> /usr/local/vesta/log/letsencrypt.log
answer=$(query_le_v2 "$url" "$payload" "$nonce")
echo "[$(date)] : answer=$answer" >> /usr/local/vesta/log/letsencrypt.log
nonce=$(echo "$answer" |grep -i nonce |cut -f2 -d \ |tr -d '\r\n')
echo "[$(date)] : nonce=$nonce" >> /usr/local/vesta/log/letsencrypt.log
authz=$(echo "$answer" |grep "acme/authz" |cut -f2 -d '"')
echo "[$(date)] : authz=$authz" >> /usr/local/vesta/log/letsencrypt.log
finalize=$(echo "$answer" |grep 'finalize":' |cut -f4 -d '"')
echo "[$(date)] : finalize=$finalize" >> /usr/local/vesta/log/letsencrypt.log
status=$(echo "$answer" |grep HTTP/ |tail -n1 |cut -f2 -d ' ')
echo "[$(date)] : status=$status" >> /usr/local/vesta/log/letsencrypt.log
if [[ "$status" -ne 201 ]]; then
echo "[$(date)] : EXIT=Let's Encrypt new auth status $status" >> /usr/local/vesta/log/letsencrypt.log
check_result $E_CONNECT "Let's Encrypt new auth status $status"
fi
# Requesting authorization token / STEP 3
echo "[$(date)] : --- Requesting authorization token / STEP 3 ---" >> /usr/local/vesta/log/letsencrypt.log
for auth in $authz; do
payload=''
echo "[$(date)] : for auth=$auth" >> /usr/local/vesta/log/letsencrypt.log
echo "[$(date)] : query_le_v2 \"$auth\" \"$payload\" \"$nonce\"" >> /usr/local/vesta/log/letsencrypt.log
answer=$(query_le_v2 "$auth" "$payload" "$nonce")
echo "[$(date)] : answer=$answer" >> /usr/local/vesta/log/letsencrypt.log
url=$(echo "$answer" |grep -A3 $proto |grep url |cut -f 4 -d \")
echo "[$(date)] : url=$url" >> /usr/local/vesta/log/letsencrypt.log
token=$(echo "$answer" |grep -A3 $proto |grep token |cut -f 4 -d \")
echo "[$(date)] : token=$token" >> /usr/local/vesta/log/letsencrypt.log
nonce=$(echo "$answer" |grep -i nonce |cut -f2 -d \ |tr -d '\r\n')
echo "[$(date)] : nonce=$nonce" >> /usr/local/vesta/log/letsencrypt.log
status=$(echo "$answer"|grep HTTP/ |tail -n1 |cut -f 2 -d ' ')
echo "[$(date)] : status=$status" >> /usr/local/vesta/log/letsencrypt.log
if [[ "$status" -ne 200 ]]; then
echo "[$(date)] : EXIT=Let's Encrypt acme/authz bad status $status" >> /usr/local/vesta/log/letsencrypt.log
check_result $E_CONNECT "Let's Encrypt acme/authz bad status $status"
fi
# Configuring challenge / STEP 4
echo "[$(date)] : --- Configuring challenge / STEP 4 ---" >> /usr/local/vesta/log/letsencrypt.log
echo "[$(date)] : wildcard=$wildcard" >> /usr/local/vesta/log/letsencrypt.log
if [ "$wildcard" = 'yes' ]; then
record=$(printf "%s" "$token.$THUMB" |\
openssl dgst -sha256 -binary |encode_base64)
old_records=$($BIN/v-list-dns-records $user $domain plain|grep 'TXT')
old_records=$(echo "$old_records" |grep _acme-challenge |cut -f 1)
for old_record in $old_records; do
$BIN/v-delete-dns-record "$user" "$domain" "$old_record"
done
$BIN/v-add-dns-record "$user" "$domain" "_acme-challenge" "TXT" "$record"
exitstatus=$?
echo "[$(date)] : v-add-dns-record \"$user\" \"$domain\" \"_acme-challenge\" \"TXT\" \"$record\"" >> /usr/local/vesta/log/letsencrypt.log
if [ "$exitstatus" -ne 0 ]; then
echo "[$(date)] : EXIT=DNS _acme-challenge record wasn't created" >> /usr/local/vesta/log/letsencrypt.log
fi
check_result $exitstatus "DNS _acme-challenge record wasn't created"
else
if [ "$WEB_SYSTEM" = 'nginx' ] || [ ! -z "$PROXY_SYSTEM" ]; then
if [ -f "/usr/local/vesta/web/inc/nginx_proxy" ]; then
# if vesta is behind main nginx
well_known="$HOMEDIR/$user/web/$domain/public_html/.well-known"
acme_challenge="$well_known/acme-challenge"
mkdir -p $acme_challenge
echo "$token.$THUMB" > $acme_challenge/$token
echo "[$(date)] : in $acme_challenge/$token we put: $token.$THUMB" >> /usr/local/vesta/log/letsencrypt.log
chown -R $user:$user $well_known
else
# default nginx method
conf="$HOMEDIR/$user/conf/web/nginx.$domain.conf_letsencrypt"
sconf="$HOMEDIR/$user/conf/web/snginx.$domain.conf_letsencrypt"
# if [ ! -e "$conf" ]; then
echo 'location ~ "^/\.well-known/acme-challenge/(.*)$" {' \
> $conf
echo ' default_type text/plain;' >> $conf
echo ' return 200 "$1.'$THUMB'";' >> $conf
echo '}' >> $conf
# fi
echo "[$(date)] : in $conf we put: $THUMB" >> /usr/local/vesta/log/letsencrypt.log
if [ ! -e "$sconf" ]; then
ln -s "$conf" "$sconf"
fi
echo "[$(date)] : v-restart-proxy" >> /usr/local/vesta/log/letsencrypt.log
$BIN/v-restart-proxy
if [ -z "$PROXY_SYSTEM" ]; then
# apache-less variant
echo "[$(date)] : v-restart-web" >> /usr/local/vesta/log/letsencrypt.log
$BIN/v-restart-web
fi
exitstatus=$?
if [ "$exitstatus" -ne 0 ]; then
echo "[$(date)] : EXIT=Proxy restart failed = $exitstatus" >> /usr/local/vesta/log/letsencrypt.log
fi
check_result $exitstatus "Proxy restart failed" >/dev/null
fi
else
well_known="$HOMEDIR/$user/web/$domain/public_html/.well-known"
acme_challenge="$well_known/acme-challenge"
mkdir -p $acme_challenge
echo "$token.$THUMB" > $acme_challenge/$token
chown -R $user:$user $well_known
echo "[$(date)] : in $acme_challenge/$token we put: $token.$THUMB" >> /usr/local/vesta/log/letsencrypt.log
# $BIN/v-restart-web
# check_result $? "Web restart failed" >/dev/null
fi
fi
# Requesting ACME validation / STEP 5
echo "[$(date)] : --- Requesting ACME validation / STEP 5 ---" >> /usr/local/vesta/log/letsencrypt.log
validation_check=$(echo "$answer" |grep '"valid"')
echo "[$(date)] : validation_check=$validation_check" >> /usr/local/vesta/log/letsencrypt.log
if [[ ! -z "$validation_check" ]]; then
validation='valid'
else
validation='pending'
fi
# Doing pol check on status
i=1
while [ "$validation" = 'pending' ]; do
echo "[$(date)] : - Doing pol check on status" >> /usr/local/vesta/log/letsencrypt.log
payload='{}'
echo "[$(date)] : query_le_v2 \"$url\" \"$payload\" \"$nonce\"" >> /usr/local/vesta/log/letsencrypt.log
answer=$(query_le_v2 "$url" "$payload" "$nonce")
echo "[$(date)] : answer=$answer" >> /usr/local/vesta/log/letsencrypt.log
validation=$(echo "$answer"|grep -A1 $proto |tail -n1|cut -f4 -d \")
echo "[$(date)] : validation=$validation" >> /usr/local/vesta/log/letsencrypt.log
nonce=$(echo "$answer" |grep -i nonce |cut -f2 -d \ |tr -d '\r\n')
echo "[$(date)] : nonce=$nonce" >> /usr/local/vesta/log/letsencrypt.log
status=$(echo "$answer"|grep HTTP/ |tail -n1 |cut -f 2 -d ' ')
echo "[$(date)] : status=$status" >> /usr/local/vesta/log/letsencrypt.log
if [[ "$status" -ne 200 ]]; then
echo "[$(date)] : EXIT=Let's Encrypt validation status $status" >> /usr/local/vesta/log/letsencrypt.log
check_result $E_CONNECT "Let's Encrypt validation status $status"
fi
i=$((i + 1))
if [ "$i" -gt 10 ]; then
echo "[$(date)] : EXIT=Let's Encrypt domain validation timeout" >> /usr/local/vesta/log/letsencrypt.log
check_result $E_CONNECT "Let's Encrypt domain validation timeout"
fi
sleeping=$((i*2))
echo "[$(date)] : sleep $sleeping (i=$i)" >> /usr/local/vesta/log/letsencrypt.log
sleep $sleeping
done
if [ "$validation" = 'invalid' ]; then
echo "[$(date)] : EXIT=Let's Encrypt domain verification failed" >> /usr/local/vesta/log/letsencrypt.log
check_result $E_CONNECT "Let's Encrypt domain verification failed"
fi
done
# Generating new ssl certificate
ssl_dir=$($BIN/v-generate-ssl-cert "$domain" "info@$domain" "US" "California"\
"San Francisco" "Vesta" "IT" "$aliases" |tail -n1 |awk '{print $2}')
# Sending CSR to finalize order / STEP 6
echo "[$(date)] : --- Sending CSR to finalize order / STEP 6 ---" >> /usr/local/vesta/log/letsencrypt.log
csr=$(openssl req -in $ssl_dir/$domain.csr -outform DER |encode_base64)
payload='{"csr":"'$csr'"}'
echo "[$(date)] : query_le_v2 \"$finalize\" \"$payload\" \"$nonce\"" >> /usr/local/vesta/log/letsencrypt.log
answer=$(query_le_v2 "$finalize" "$payload" "$nonce")
echo "[$(date)] : answer=$answer" >> /usr/local/vesta/log/letsencrypt.log
nonce=$(echo "$answer" |grep -i nonce |cut -f2 -d \ |tr -d '\r\n')
echo "[$(date)] : nonce=$nonce" >> /usr/local/vesta/log/letsencrypt.log
status=$(echo "$answer"|grep HTTP/ |tail -n1 |cut -f 2 -d ' ')
echo "[$(date)] : status=$status" >> /usr/local/vesta/log/letsencrypt.log
certificate=$(echo "$answer"|grep 'certificate":' |cut -f4 -d '"')
echo "[$(date)] : certificate=$certificate" >> /usr/local/vesta/log/letsencrypt.log
if [[ "$status" -ne 200 ]]; then
echo "[$(date)] : EXIT=Let's Encrypt finalize bad status $status" >> /usr/local/vesta/log/letsencrypt.log
check_result $E_CONNECT "Let's Encrypt finalize bad status $status"
fi
# Downloading signed certificate / STEP 7
echo "[$(date)] : --- Downloading signed certificate / STEP 7 ---" >> /usr/local/vesta/log/letsencrypt.log
echo "[$(date)] : query_le_v2 \"$certificate\" \"\" \"$nonce\"" >> /usr/local/vesta/log/letsencrypt.log
answer=$(query_le_v2 "$certificate" "" "$nonce" "$ssl_dir/$domain.pem")
echo "[$(date)] : answer=$answer" >> /usr/local/vesta/log/letsencrypt.log
status=$(echo "$answer"|grep HTTP/ |tail -n1 |cut -f 2 -d ' ')
echo "[$(date)] : status=$status" >> /usr/local/vesta/log/letsencrypt.log
if [[ "$status" -ne 200 ]]; then
[ -d "$ssl_dir" ] && rm -rf "$ssl_dir"
echo "[$(date)] : EXIT=Let's Encrypt downloading signed cert failed status: $status" >> /usr/local/vesta/log/letsencrypt.log
check_result $E_NOTEXIST "Let's Encrypt downloading signed cert failed status: $status"
fi
# Splitting up downloaded pem
# echo "[$(date)] : - Splitting up downloaded pem" >> /usr/local/vesta/log/letsencrypt.log
crt_end=$(grep -n 'END CERTIFICATE' $ssl_dir/$domain.pem |head -n1 |cut -f1 -d:)
# echo "[$(date)] : crt_end=$crt_end" >> /usr/local/vesta/log/letsencrypt.log
head -n $crt_end $ssl_dir/$domain.pem > $ssl_dir/$domain.crt
pem_lines=$(wc -l $ssl_dir/$domain.pem |cut -f 1 -d ' ')
# echo "[$(date)] : pem_lines=$pem_lines" >> /usr/local/vesta/log/letsencrypt.log
ca_end=$(grep -n 'BEGIN CERTIFICATE' $ssl_dir/$domain.pem |tail -n1 |cut -f 1 -d :)
# echo "[$(date)] : ca_end=$ca_end" >> /usr/local/vesta/log/letsencrypt.log
ca_end=$(( pem_lines - crt_end + 1 ))
# echo "[$(date)] : ca_end=$ca_end" >> /usr/local/vesta/log/letsencrypt.log
tail -n $ca_end $ssl_dir/$domain.pem > $ssl_dir/$domain.ca
# Temporary fix for double "END CERTIFICATE"
if [[ $(head -n 1 $ssl_dir/$domain.ca) = "-----END CERTIFICATE-----" ]]; then
sed -i '1,2d' $ssl_dir/$domain.ca
fi
# Adding SSL
ssl_home=$(search_objects 'web' 'LETSENCRYPT' 'yes' 'SSL_HOME')
$BIN/v-delete-web-domain-ssl $user $domain >/dev/null 2>&1
echo "[$(date)] : v-add-web-domain-ssl $user $domain $ssl_dir $ssl_home" >> /usr/local/vesta/log/letsencrypt.log
$BIN/v-add-web-domain-ssl $user $domain $ssl_dir $ssl_home
exitstatus=$?
echo "[$(date)] : v-add-web-domain-ssl status: $exitstatus" >> /usr/local/vesta/log/letsencrypt.log
if [ "$exitstatus" -ne '0' ]; then
touch $VESTA/data/queue/letsencrypt.pipe
sed -i "/ $domain /d" $VESTA/data/queue/letsencrypt.pipe
echo "[$(date)] : EXIT=$domain certificate installation failed" >> /usr/local/vesta/log/letsencrypt.log
send_notice 'LETSENCRYPT' "$domain certificate installation failed"
check_result $exitstatus "SSL install" >/dev/null
fi
# Adding LE autorenew cronjob
if [ -z "$(grep v-update-lets $VESTA/data/users/admin/cron.conf)" ]; then
min=$(generate_password '012345' '2')
hour=$(generate_password '1234567' '1')
cmd="sudo $BIN/v-update-letsencrypt-ssl"
$BIN/v-add-cron-job admin "$min" "$hour" '*' '*' '*' "$cmd" > /dev/null
fi
# Updating letsencrypt key
if [ -z "$LETSENCRYPT" ]; then
add_object_key "web" 'DOMAIN' "$domain" 'LETSENCRYPT' 'FTP_USER'
fi
update_object_value 'web' 'DOMAIN' "$domain" '$LETSENCRYPT' 'yes'
reset_web_counter "$user" "$domain" 'LETSENCRYPT_FAIL_COUNT'
#----------------------------------------------------------#
# Vesta #
#----------------------------------------------------------#
# Deleteing task from queue
touch $VESTA/data/queue/letsencrypt.pipe
sed -i "/ $domain /d" $VESTA/data/queue/letsencrypt.pipe
# Notifying user
send_notice 'LETSENCRYPT' "$domain SSL has been installed successfully"
echo "[$(date)] : EXIT=***** $domain SSL has been installed successfully *****" >> /usr/local/vesta/log/letsencrypt.log
# Logging
log_event "$OK" "$ARGUMENTS"
exit

141
bin/v-add-letsencrypt-user
View file

@ -1,141 +0,0 @@
#!/bin/bash
# info: register letsencrypt user account
# options: USER
#
# The function creates and register LetsEncript account
#----------------------------------------------------------#
# Variable&Function #
#----------------------------------------------------------#
# Argument definition
user=$1
# LE API
API='https://acme-v02.api.letsencrypt.org'
# Includes
source $VESTA/func/main.sh
source $VESTA/conf/vesta.conf
# encode base64
encode_base64() {
cat |base64 |tr '+/' '-_' |tr -d '\r\n='
}
# Let's Encrypt v2 curl function
query_le_v2() {
protected='{"nonce": "'$3'",'
protected=''$protected' "url": "'$1'",'
protected=''$protected' "alg": "RS256", "jwk": '$jwk'}'
content="Content-Type: application/jose+json"
payload_=$(echo -n "$2" |encode_base64)
protected_=$(echo -n "$protected" |encode_base64)
signature_=$(printf "%s" "$protected_.$payload_" |\
openssl dgst -sha256 -binary -sign $USER_DATA/ssl/user.key |\
encode_base64)
post_data='{"protected":"'"$protected_"'",'
post_data=$post_data'"payload":"'"$payload_"'",'
post_data=$post_data'"signature":"'"$signature_"'"}'
curl -s -i -d "$post_data" "$1" -H "$content"
}
#----------------------------------------------------------#
# Verifications #
#----------------------------------------------------------#
check_args '1' "$#" 'USER'
is_format_valid 'user'
is_object_valid 'user' 'USER' "$user"
if [ -e "$USER_DATA/ssl/le.conf" ]; then
source "$USER_DATA/ssl/le.conf"
fi
if [ ! -z "$KID" ]; then
exit
fi
#----------------------------------------------------------#
# Action #
#----------------------------------------------------------#
# Defining user email
if [[ -z "$EMAIL" ]]; then
EMAIL=$(get_user_value '$CONTACT')
fi
# Defining user agreement
agreement=''
# Generating user key
KEY="$USER_DATA/ssl/user.key"
if [ ! -e "$KEY" ]; then
openssl genrsa -out $KEY 4096 >/dev/null 2>&1
chmod 600 $KEY
fi
# Defining key exponent
if [ -z "$EXPONENT" ]; then
EXPONENT=$(openssl pkey -inform pem -in "$KEY" -noout -text_pub |\
grep Exponent: |cut -f 2 -d '(' |cut -f 1 -d ')' |sed -e 's/x//' |\
xxd -r -p |encode_base64)
fi
# Defining key modulus
if [ -z "$MODULUS" ]; then
MODULUS=$(openssl rsa -in "$KEY" -modulus -noout |\
sed -e 's/^Modulus=//' |xxd -r -p |encode_base64)
fi
# Defining JWK
jwk='{"e":"'$EXPONENT'","kty":"RSA","n":"'"$MODULUS"'"}'
# Defining key thumbnail
if [ -z "$THUMB" ]; then
THUMB="$(echo -n "$jwk" |openssl dgst -sha256 -binary |encode_base64)"
fi
# Requesting ACME nonce
nonce=$(curl -s -I "$API/directory" |grep -i nonce |cut -f2 -d\ |tr -d '\r\n')
# Creating ACME account
url="$API/acme/new-acct"
payload='{"termsOfServiceAgreed": true}'
answer=$(query_le_v2 "$url" "$payload" "$nonce")
kid=$(echo "$answer" |grep -i location: |cut -f2 -d ' '|tr -d '\r')
# Checking answer status
status=$(echo "$answer" |grep HTTP/ |tail -n1 |cut -f2 -d ' ')
if [[ "${status:0:2}" -ne "20" ]]; then
check_result $E_CONNECT "Let's Encrypt acc registration failed $status"
fi
#----------------------------------------------------------#
# Vesta #
#----------------------------------------------------------#
# Adding le.conf
if [ ! -e "$USER_DATA/ssl/le.conf" ]; then
echo "EXPONENT='$EXPONENT'" > $USER_DATA/ssl/le.conf
echo "MODULUS='$MODULUS'" >> $USER_DATA/ssl/le.conf
echo "THUMB='$THUMB'" >> $USER_DATA/ssl/le.conf
echo "EMAIL='$EMAIL'" >> $USER_DATA/ssl/le.conf
echo "KID='$kid'" >> $USER_DATA/ssl/le.conf
chmod 660 $USER_DATA/ssl/le.conf
else
sed -i '/^KID=/d' $USER_DATA/ssl/le.conf
echo "KID='$kid'" >> $USER_DATA/ssl/le.conf
fi
# Logging
log_event "$OK" "$ARGUMENTS"
exit

95
bin/v-add-mail-account
View file

@ -1,95 +0,0 @@
#!/bin/bash
# info: add mail domain account
# options: USER DOMAIN ACCOUNT PASSWORD [QUOTA]
#
# The function add new email account.
#----------------------------------------------------------#
# Variable&Function #
#----------------------------------------------------------#
# Argument definition
user=$1
domain=$2
account=$3
password=$4; HIDE=4
quota=${5-unlimited}
# Includes
source $VESTA/func/main.sh
source $VESTA/func/domain.sh
source $VESTA/conf/vesta.conf
# Additional argument formatting
if [[ "$account" =~ [[:upper:]] ]]; then
account=$(echo "$account" |tr '[:upper:]' '[:lower:]')
fi
#----------------------------------------------------------#
# Verifications #
#----------------------------------------------------------#
check_args '4' "$#" 'USER DOMAIN ACCOUNT PASSWORD [QUOTA]'
is_format_valid 'user' 'domain' 'account'
if [ "$quota" != 'unlimited' ]; then
is_format_valid 'quota'
fi
is_system_enabled "$MAIL_SYSTEM" 'MAIL_SYSTEM'
is_object_valid 'user' 'USER' "$user"
is_object_unsuspended 'user' 'USER' "$user"
is_object_valid 'mail' 'DOMAIN' "$domain"
is_object_unsuspended 'mail' 'DOMAIN' "$domain"
is_package_full 'MAIL_ACCOUNTS'
is_mail_new "$account"
is_password_valid
#----------------------------------------------------------#
# Action #
#----------------------------------------------------------#
# Generating hashed password
salt=$(generate_password "$PW_MATRIX" "8")
md5="{MD5}$($BIN/v-generate-password-hash md5 $salt <<<$password)"
# Adding account info into password file
if [[ "$MAIL_SYSTEM" =~ exim ]]; then
if [ "$quota" = 'unlimited' ]; then
quota='0'
fi
str="$account:$md5:$user:mail::$HOMEDIR/$user:$quota"
echo $str >> $HOMEDIR/$user/conf/mail/$domain/passwd
fi
#----------------------------------------------------------#
# Vesta #
#----------------------------------------------------------#
# Generating timestamp
time_n_date=$(date +'%T %F')
time=$(echo "$time_n_date" |cut -f 1 -d \ )
date=$(echo "$time_n_date" |cut -f 2 -d \ )
if [[ "$quota" -eq '0' ]]; then
quota='unlimited'
fi
str="ACCOUNT='$account' ALIAS='' AUTOREPLY='no' FWD='' FWD_ONLY=''"
str="$str MD5='$md5' QUOTA='$quota' U_DISK='0' SUSPENDED='no'"
str="$str TIME='$time' DATE='$date'"
echo "$str" >> $USER_DATA/mail/$domain.conf
chmod 660 $USER_DATA/mail/$domain.conf
# Increase mail accounts counter
accounts=$(wc -l $USER_DATA/mail/$domain.conf | cut -f 1 -d ' ')
increase_user_value "$user" '$U_MAIL_ACCOUNTS'
update_object_value 'mail' 'DOMAIN' "$domain" '$ACCOUNTS' "$accounts"
# Logging
log_history "added mail account $account@$domain"
log_event "$OK" "$ARGUMENTS"
exit

74
bin/v-add-mail-account-alias
View file

@ -1,74 +0,0 @@
#!/bin/bash
# info: add mail account alias aka nickname
# options: USER DOMAIN ACCOUNT ALIAS
#
# The function add new email alias.
#----------------------------------------------------------#
# Variable&Function #
#----------------------------------------------------------#
# Argument definition
user=$1
domain=$2
domain_idn=$2
account=$3
malias=$4
# Includes
source $VESTA/func/main.sh
source $VESTA/func/domain.sh
source $VESTA/conf/vesta.conf
# Additional argument formatting
format_domain
format_domain_idn
# TODO: $domain_idn not used in this script - maybe $domain should be converted to $doman_idn ?
#----------------------------------------------------------#
# Verifications #
#----------------------------------------------------------#
check_args '4' "$#" 'USER DOMAIN ACCOUNT ALIAS'
is_format_valid 'user' 'domain' 'account' 'malias'
is_system_enabled "$MAIL_SYSTEM" 'MAIL_SYSTEM'
is_object_valid 'user' 'USER' "$user"
is_object_unsuspended 'user' 'USER' "$user"
is_object_valid 'mail' 'DOMAIN' "$domain"
is_object_unsuspended 'mail' 'DOMAIN' "$domain"
is_object_valid "mail/$domain" 'ACCOUNT' "$account"
is_object_unsuspended "mail/$domain" 'ACCOUNT' "$account"
is_mail_new "$malias"
#----------------------------------------------------------#
# Action #
#----------------------------------------------------------#
# Adding exim alias
if [[ "$MAIL_SYSTEM" =~ exim ]]; then
str="$malias@$domain_idn:$account@$domain_idn"
echo "$str" >> $HOMEDIR/$user/conf/mail/$domain/aliases
fi
#----------------------------------------------------------#
# Vesta #
#----------------------------------------------------------#
# Adding vesta alias
aliases=$(get_object_value "mail/$domain" 'ACCOUNT' "$account" '$ALIAS')
if [ -z "$aliases" ]; then
aliases="$malias"
else
aliases="$aliases,$malias"
fi
update_object_value "mail/$domain" 'ACCOUNT' "$account" '$ALIAS' "$aliases"
# Logging
log_history "added alias $malias to $account@$domain "
log_event "$OK" "$ARGUMENTS"
exit

79
bin/v-add-mail-account-autoreply
View file

@ -1,79 +0,0 @@
#!/bin/bash
# info: add mail account autoreply message
# options: USER DOMAIN ACCOUNT MESSAGE
#
# The function add new email account.
#----------------------------------------------------------#
# Variable&Function #
#----------------------------------------------------------#
# Argument definition
user=$1
domain=$2
domain_idn=$2
account=$3
autoreply=$4
# Includes
source $VESTA/func/main.sh
source $VESTA/func/domain.sh
source $VESTA/conf/vesta.conf
# Define mail user
if [ "$MAIL_SYSTEM" = 'exim4' ]; then
MAIL_USER=Debian-exim
else
MAIL_USER=exim
fi
# Additional argument formatting
format_domain
format_domain_idn
# TODO: $domain_idn not used in this script - maybe $domain should be converted to $doman_idn ?
#----------------------------------------------------------#
# Verifications #
#----------------------------------------------------------#
check_args '4' "$#" 'USER DOMAIN ACCOUNT MESSAGE'
is_format_valid 'user' 'domain' 'account' 'autoreply'
is_system_enabled "$MAIL_SYSTEM" 'MAIL_SYSTEM'
is_object_valid 'user' 'USER' "$user"
is_object_unsuspended 'user' 'USER' "$user"
is_object_valid 'mail' 'DOMAIN' "$domain"
is_object_unsuspended 'mail' 'DOMAIN' "$domain"
is_object_valid "mail/$domain" 'ACCOUNT' "$account"
is_object_unsuspended "mail/$domain" 'ACCOUNT' "$account"
# is_object_value_empty "mail/$domain" 'ACCOUNT' "$account" '$AUTOREPLY'
#----------------------------------------------------------#
# Action #
#----------------------------------------------------------#
# Adding exim autoreply
if [[ "$MAIL_SYSTEM" =~ exim ]]; then
msg="$HOMEDIR/$user/conf/mail/$domain/autoreply.$account.msg"
echo -e "$autoreply" > $msg
chown $MAIL_USER:mail $msg
chmod 660 $msg
fi
#----------------------------------------------------------#
# Vesta #
#----------------------------------------------------------#
# Adding autoreply message
echo -e "$autoreply" > $USER_DATA/mail/$account@$domain.msg
chmod 660 $USER_DATA/mail/$account@$domain.msg
update_object_value "mail/$domain" 'ACCOUNT' "$account" '$AUTOREPLY' 'yes'
# Logging
log_history "added autoreply message on $account@$domain"
log_event "$OK" "$ARGUMENTS"
exit

79
bin/v-add-mail-account-forward
View file

@ -1,79 +0,0 @@
#!/bin/bash
# info: add mail account forward address
# options: USER DOMAIN ACCOUNT FORWARD
#
# The function add new email account.
#----------------------------------------------------------#
# Variable&Function #
#----------------------------------------------------------#
# Argument definition
user=$1
domain=$2
domain_idn=$2
account=$3
forward=$4
# Includes
source $VESTA/func/main.sh
source $VESTA/func/domain.sh
source $VESTA/conf/vesta.conf
# Additional argument formatting
format_domain
format_domain_idn
#----------------------------------------------------------#
# Verifications #
#----------------------------------------------------------#
check_args '4' "$#" 'USER DOMAIN ACCOUNT FORWARD'
is_format_valid 'user' 'domain' 'account' 'forward'
is_system_enabled "$MAIL_SYSTEM" 'MAIL_SYSTEM'
is_object_valid 'user' 'USER' "$user"
is_object_unsuspended 'user' 'USER' "$user"
is_object_valid 'mail' 'DOMAIN' "$domain"
is_object_unsuspended 'mail' 'DOMAIN' "$domain"
is_object_valid "mail/$domain" 'ACCOUNT' "$account"
is_object_unsuspended "mail/$domain" 'ACCOUNT' "$account"
fwd=$(get_object_value "mail/$domain" 'ACCOUNT' "$account" '$FWD')
if [ ! -z "$(echo $fwd | grep -w $forward)" ]; then
echo "Error: forward $forward exists"
log_event "$E_EXISTS $ARGUMENTS"
exit $E_EXISTS
fi
#----------------------------------------------------------#
# Action #
#----------------------------------------------------------#
# Define fwd string
if [ -z "$fwd" ]; then
fwd="$forward"
else
fwd="$fwd,$forward"
fi
# Adding forward to exim
if [[ "$MAIL_SYSTEM" =~ exim ]]; then
sed -i "/^$account@$domain_idn:/ d" $HOMEDIR/$user/conf/mail/$domain/aliases
echo "$account@$domain_idn:$fwd" >> $HOMEDIR/$user/conf/mail/$domain/aliases
fi
#----------------------------------------------------------#
# Vesta #
#----------------------------------------------------------#
# Updating config
update_object_value "mail/$domain" 'ACCOUNT' "$account" '$FWD' "$fwd"
# Logging
log_history "added forwarding from $account@$domain to $forward"
log_event "$OK" "$ARGUMENTS"
exit

80
bin/v-add-mail-account-fwd-only
View file

@ -1,80 +0,0 @@
#!/bin/bash
# info: add mail account forward-only flag
# options: USER DOMAIN ACCOUNT
#
# The function adds fwd-only flag
#----------------------------------------------------------#
# Variable&Function #
#----------------------------------------------------------#
# Argument definition
user=$1
domain=$2
domain_idn=$2
account=$3
# Includes
source $VESTA/func/main.sh
source $VESTA/func/domain.sh
source $VESTA/conf/vesta.conf
# Define mail user
if [ "$MAIL_SYSTEM" = 'exim4' ]; then
MAIL_USER=Debian-exim
else
MAIL_USER=exim
fi
# Additional argument formatting
format_domain
format_domain_idn
# TODO: $domain_idn not used in this script - maybe $domain should be converted to $doman_idn ?
#----------------------------------------------------------#
# Verifications #
#----------------------------------------------------------#
check_args '3' "$#" 'USER DOMAIN ACCOUNT'
is_format_valid 'user' 'domain' 'account'
is_system_enabled "$MAIL_SYSTEM" 'MAIL_SYSTEM'
is_object_valid 'user' 'USER' "$user"
is_object_unsuspended 'user' 'USER' "$user"
is_object_valid 'mail' 'DOMAIN' "$domain"
is_object_unsuspended 'mail' 'DOMAIN' "$domain"
is_object_valid "mail/$domain" 'ACCOUNT' "$account"
is_object_unsuspended "mail/$domain" 'ACCOUNT' "$account"
fwd=$(get_object_value "mail/$domain" 'ACCOUNT' "$account" '$FWD')
if [ -z "$fwd" ]; then
echo "Error: forward doesn't exist"
log_event "$E_NOTEXIST $ARGUMENTS"
exit $E_NOTEXIST
fi
#----------------------------------------------------------#
# Action #
#----------------------------------------------------------#
# Adding account to fwd_only
if [[ "$MAIL_SYSTEM" =~ exim ]]; then
echo "$account" >> $HOMEDIR/$user/conf/mail/$domain/fwd_only
chown -R $MAIL_USER:mail $HOMEDIR/$user/conf/mail/$domain/fwd_only
fi
#----------------------------------------------------------#
# Vesta #
#----------------------------------------------------------#
# Updating config
add_object_key "mail/$domain" 'ACCOUNT' "$account" 'FWD_ONLY' 'MD5'
update_object_value "mail/$domain" 'ACCOUNT' "$account" '$FWD_ONLY' "yes"
# Logging
log_history "added fwd_only flag for $account@$domain"
log_event "$OK" "$ARGUMENTS"
exit

146
bin/v-add-mail-domain
View file

@ -1,146 +0,0 @@
#!/bin/bash
# info: add mail domain
# options: USER DOMAIN [ANTISPAM] [ANTIVIRUS] [DKIM] [DKIM_SIZE]
#
# The function adds MAIL domain.
#----------------------------------------------------------#
# Variable&Function #
#----------------------------------------------------------#
# Argument definition
user=$1
domain=$2
antispam=${3-yes}
antivirus=${4-yes}
dkim=${5-yes}
dkim_size=${6-1024}
# Includes
source $VESTA/func/main.sh
source $VESTA/func/domain.sh
source $VESTA/conf/vesta.conf
# Define mail user
if [ "$MAIL_SYSTEM" = 'exim4' ]; then
MAIL_USER=Debian-exim
else
MAIL_USER=exim
fi
# Additional argument formatting
format_domain
format_domain_idn
#----------------------------------------------------------#
# Verifications #
#----------------------------------------------------------#
check_args '2' "$#" 'USER DOMAIN [ANTISPAM] [ANTIVIRUS] [DKIM] [DKIM_SIZE]'
is_format_valid 'user' 'domain' 'antispam' 'antivirus' 'dkim' 'dkim_size'
is_system_enabled "$MAIL_SYSTEM" 'MAIL_SYSTEM'
is_object_valid 'user' 'USER' "$user"
is_object_unsuspended 'user' 'USER' "$user"
is_domain_new 'mail' "$domain"
is_package_full 'MAIL_DOMAINS'
is_dir_symlink $HOMEDIR/$user/mail
#----------------------------------------------------------#
# Action #
#----------------------------------------------------------#
# Generating timestamp
time_n_date=$(date +'%T %F')
time=$(echo "$time_n_date" |cut -f 1 -d \ )
date=$(echo "$time_n_date" |cut -f 2 -d \ )
# Adding domain to mail.conf
s="DOMAIN='$domain' ANTIVIRUS='$antivirus' ANTISPAM='$antispam' DKIM='$dkim'"
s="$s CATCHALL='' ACCOUNTS='0' U_DISK='0' SUSPENDED='no' TIME='$time'"
s="$s DATE='$date'"
echo $s >> $USER_DATA/mail.conf
touch $USER_DATA/mail/$domain.conf
# Generating DKIM keys
if [ "$dkim" = 'yes' ]; then
openssl genrsa -out $USER_DATA/mail/$domain.pem $dkim_size &>/dev/null
openssl rsa -pubout -in $USER_DATA/mail/$domain.pem \
-out $USER_DATA/mail/$domain.pub &>/dev/null
fi
# Set permissions
chmod 660 $USER_DATA/mail/$domain.*
chmod 660 $USER_DATA/mail.conf
# Building exim configs
if [[ "$MAIL_SYSTEM" =~ exim ]]; then
mkdir $HOMEDIR/$user/conf/mail/$domain
mkdir $HOMEDIR/$user/mail/$domain_idn
touch $HOMEDIR/$user/conf/mail/$domain/aliases
touch $HOMEDIR/$user/conf/mail/$domain/passwd
touch $HOMEDIR/$user/conf/mail/$domain/fwd_only
ln -s $HOMEDIR/$user/conf/mail/$domain \
/etc/$MAIL_SYSTEM/domains/$domain_idn
# Adding antispam protection
if [ "$antispam" = 'yes' ]; then
touch $HOMEDIR/$user/conf/mail/$domain/antispam
fi
# Adding antivirus protection
if [ "$antivirus" = 'yes' ]; then
touch $HOMEDIR/$user/conf/mail/$domain/antivirus
fi
# Adding dkim support
if [ "$dkim" = 'yes' ]; then
cp -f $USER_DATA/mail/$domain.pem \
$HOMEDIR/$user/conf/mail/$domain/dkim.pem
fi
# Set permission
chmod 771 $HOMEDIR/$user/conf/mail/$domain
chmod 660 $HOMEDIR/$user/conf/mail/$domain/*
chmod 771 /etc/$MAIL_SYSTEM/domains/$domain_idn
chmod 770 $HOMEDIR/$user/mail/$domain_idn
# Set ownership
chown -R $MAIL_USER:mail $HOMEDIR/$user/conf/mail/$domain
chown -R dovecot:mail $HOMEDIR/$user/conf/mail/$domain/passwd
chown $user:mail $HOMEDIR/$user/mail/$domain_idn
fi
# Adding dkim dns records
if [ ! -z "$DNS_SYSTEM" ] && [ "$dkim" = 'yes' ]; then
check_dns_domain=$(is_object_valid 'dns' 'DOMAIN' "$domain")
if [ "$?" -eq 0 ]; then
p=$(cat $USER_DATA/mail/$domain.pub|grep -v ' KEY---'|tr -d '\n')
record='_domainkey'
policy="\"t=y; o=~;\""
$BIN/v-add-dns-record $user $domain $record TXT "$policy" '' '' 'no'
record='mail._domainkey'
selector="\"v=DKIM1\; k=rsa\; p=$p\""
$BIN/v-add-dns-record $user $domain $record TXT "$selector"
fi
fi
#----------------------------------------------------------#
# Vesta #
#----------------------------------------------------------#
# Increasing domain value
increase_user_value "$user" '$U_MAIL_DOMAINS'
if [ "$dkim" = 'yes' ]; then
increase_user_value "$user" '$U_MAIL_DKMI'
fi
# Logging
log_history "added mail domain $domain"
log_event "$OK" "$ARGUMENTS"
exit

63
bin/v-add-mail-domain-antispam
View file

@ -1,63 +0,0 @@
#!/bin/bash
# info: add mail domain antispam support
# options: USER DOMAIN
#
# The function enables spamassasin for incoming emails.
#----------------------------------------------------------#
# Variable&Function #
#----------------------------------------------------------#
# Argument definition
user=$1
domain=$2
domain_idn=$2
# Includes
source $VESTA/func/main.sh
source $VESTA/func/domain.sh
source $VESTA/conf/vesta.conf
# Additional argument formatting
format_domain
format_domain_idn
# TODO: $domain_idn not used in this script - maybe $domain should be converted to $doman_idn ?
#----------------------------------------------------------#
# Verifications #
#----------------------------------------------------------#
check_args '2' "$#" 'USER DOMAIN'
is_format_valid 'user' 'domain'
is_system_enabled "$MAIL_SYSTEM" 'MAIL_SYSTEM'
is_object_valid 'user' 'USER' "$user"
is_object_unsuspended 'user' 'USER' "$user"
is_object_valid 'mail' 'DOMAIN' "$domain"
is_object_unsuspended 'mail' 'DOMAIN' "$domain"
is_object_value_empty 'mail' 'DOMAIN' "$domain" '$ANTISPAM'
#----------------------------------------------------------#
# Action #
#----------------------------------------------------------#
# Adding antispam flag
if [[ "$MAIL_SYSTEM" =~ exim ]]; then
touch $HOMEDIR/$user/conf/mail/$domain/antispam
fi
#----------------------------------------------------------#
# Vesta #
#----------------------------------------------------------#
# Adding antispam in config
update_object_value 'mail' 'DOMAIN' "$domain" '$ANTISPAM' 'yes'
# Logging
log_history "enabled antispam on $domain"
log_event "$OK" "$ARGUMENTS"
exit

63
bin/v-add-mail-domain-antivirus
View file

@ -1,63 +0,0 @@
#!/bin/bash
# info: add mail domain antivirus support
# options: USER DOMAIN
#
# The function enables clamav scan for incoming emails.
#----------------------------------------------------------#
# Variable&Function #
#----------------------------------------------------------#
# Argument definition
user=$1
domain=$2
domain_idn=$2
# Includes
source $VESTA/func/main.sh
source $VESTA/func/domain.sh
source $VESTA/conf/vesta.conf
# Additional argument formatting
format_domain
format_domain_idn
# TODO: $domain_idn not used in this script - maybe $domain should be converted to $doman_idn ?
#----------------------------------------------------------#
# Verifications #
#----------------------------------------------------------#
check_args '2' "$#" 'USER DOMAIN'
is_format_valid 'user' 'domain'
is_system_enabled "$MAIL_SYSTEM" 'MAIL_SYSTEM'
is_object_valid 'user' 'USER' "$user"
is_object_unsuspended 'user' 'USER' "$user"
is_object_valid 'mail' 'DOMAIN' "$domain"
is_object_unsuspended 'mail' 'DOMAIN' "$domain"
is_object_value_empty 'mail' 'DOMAIN' "$domain" '$ANTIVIRUS'
#----------------------------------------------------------#
# Action #
#----------------------------------------------------------#
# Adding antivirus flag
if [[ "$MAIL_SYSTEM" =~ exim ]]; then
touch $HOMEDIR/$user/conf/mail/$domain/antivirus
fi
#----------------------------------------------------------#
# Vesta #
#----------------------------------------------------------#
# Adding antivirus in config
update_object_value 'mail' 'DOMAIN' "$domain" '$ANTIVIRUS' 'yes'
# Logging
log_history "enabled antivirus on $domain"
log_event "$OK" "$ARGUMENTS"
exit

64
bin/v-add-mail-domain-catchall
View file

@ -1,64 +0,0 @@
#!/bin/bash
# info: add mail domain catchall account
# options: USER DOMAIN EMAIL
#
# The function enables catchall account for incoming emails.
#----------------------------------------------------------#
# Variable&Function #
#----------------------------------------------------------#
# Argument definition
user=$1
domain=$2
domain_idn=$2
email="$3"
# Includes
source $VESTA/func/main.sh
source $VESTA/func/domain.sh
source $VESTA/conf/vesta.conf
# Additional argument formatting
format_domain
format_domain_idn
#----------------------------------------------------------#
# Verifications #
#----------------------------------------------------------#
check_args '3' "$#" 'USER DOMAIN EMAIL'
is_format_valid 'user' 'domain' 'email'
is_system_enabled "$MAIL_SYSTEM" 'MAIL_SYSTEM'
is_object_valid 'user' 'USER' "$user"
is_object_unsuspended 'user' 'USER' "$user"
is_object_valid 'mail' 'DOMAIN' "$domain"
is_object_unsuspended 'mail' 'DOMAIN' "$domain"
is_object_value_empty 'mail' 'DOMAIN' "$domain" '$CATCHALL'
#----------------------------------------------------------#
# Action #
#----------------------------------------------------------#
# Adding catchall alias
if [[ "$MAIL_SYSTEM" =~ exim ]]; then
sed -i "/*@$domain_idn:/d" $HOMEDIR/$user/conf/mail/$domain/aliases
echo "*@$domain_idn:$email" >> $HOMEDIR/$user/conf/mail/$domain/aliases
fi
#----------------------------------------------------------#
# Vesta #
#----------------------------------------------------------#
# Adding antispam in config
update_object_value 'mail' 'DOMAIN' "$domain" '$CATCHALL' "$email"
# Logging
log_history "added $email as catchall email for $domain"
log_event "$OK" "$ARGUMENTS"
exit

92
bin/v-add-mail-domain-dkim
View file

@ -1,92 +0,0 @@
#!/bin/bash
# info: add mail domain dkim support
# options: USER DOMAIN [DKIM_SIZE]
#
# The function adds DKIM signature to outgoing domain emails.
#----------------------------------------------------------#
# Variable&Function #
#----------------------------------------------------------#
# Argument definition
user=$1
domain=$2
domain_idn=$2
dkim_size=${3-1024}
# Includes
source $VESTA/func/main.sh
source $VESTA/func/domain.sh
source $VESTA/conf/vesta.conf
# Define mail user
if [ "$MAIL_SYSTEM" = 'exim4' ]; then
MAIL_USER=Debian-exim
else
MAIL_USER=exim
fi
# Additional argument formatting
format_domain
format_domain_idn
# TODO: $domain_idn not used in this script - maybe $domain should be converted to $doman_idn ?
#----------------------------------------------------------#
# Verifications #
#----------------------------------------------------------#
check_args '2' "$#" 'USER DOMAIN [DKIM_SIZE]'
is_format_valid 'user' 'domain' 'dkim_size'
is_system_enabled "$MAIL_SYSTEM" 'MAIL_SYSTEM'
is_object_valid 'user' 'USER' "$user"
is_object_unsuspended 'user' 'USER' "$user"
is_object_valid 'mail' 'DOMAIN' "$domain"
is_object_unsuspended 'mail' 'DOMAIN' "$domain"
is_object_value_empty 'mail' 'DOMAIN' "$domain" '$DKIM'
#----------------------------------------------------------#
# Action #
#----------------------------------------------------------#
# Generating dkim
openssl genrsa -out $USER_DATA/mail/$domain.pem $dkim_size &>/dev/null
openssl rsa -pubout -in $USER_DATA/mail/$domain.pem \
-out $USER_DATA/mail/$domain.pub &>/dev/null
chmod 660 $USER_DATA/mail/$domain.*
# Adding dkim keys
if [[ "$MAIL_SYSTEM" =~ exim ]]; then
cp $USER_DATA/mail/$domain.pem $HOMEDIR/$user/conf/mail/$domain/dkim.pem
chown $MAIL_USER:mail $HOMEDIR/$user/conf/mail/$domain/dkim.pem
chmod 660 $HOMEDIR/$user/conf/mail/$domain/dkim.pem
fi
# Adding dns records
if [ ! -z "$DNS_SYSTEM" ] && [ -e "$USER_DATA/dns/$domain.conf" ]; then
p=$(cat $USER_DATA/mail/$domain.pub |grep -v ' KEY---' |tr -d '\n')
record="_domainkey"
policy="\"t=y; o=~;\""
$BIN/v-add-dns-record $user $domain $record TXT "$policy" '' '' 'no'
record="mail._domainkey"
selector="\"v=DKIM1\; k=rsa\; p=$p\""
$BIN/v-add-dns-record $user $domain $record TXT "$selector"
fi
#----------------------------------------------------------#
# Vesta #
#----------------------------------------------------------#
# Adding dkim in config
update_object_value 'mail' 'DOMAIN' "$domain" '$DKIM' 'yes'
increase_user_value "$user" '$U_MAIL_DKIM'
# Logging
log_history "enabled DKIM support for $domain"
log_event "$OK" "$ARGUMENTS"
exit

91
bin/v-add-remote-dns-domain
View file

@ -1,91 +0,0 @@
#!/bin/bash
# info: add remote dns domain
# options: USER DOMAIN [FLUSH]
#
# The function synchronize dns domain with the remote server.
#----------------------------------------------------------#
# Variable&Function #
#----------------------------------------------------------#
# Argument definition
user=$1
domain=$2
flush=$3
# Includes
source $VESTA/func/main.sh
source $VESTA/func/remote.sh
source $VESTA/conf/vesta.conf
#----------------------------------------------------------#
# Verifications #
#----------------------------------------------------------#
check_args '2' "$#" 'USER DOMAIN [FLUSH]'
is_format_valid 'user' 'domain'
is_system_enabled "$DNS_CLUSTER" 'DNS_CLUSTER'
is_procces_running
remote_dns_health_check
#----------------------------------------------------------#
# Action #
#----------------------------------------------------------#
# Parsing domain record
str=$(grep "DOMAIN='$domain'" $USER_DATA/dns.conf 2>/dev/null)
if [ -z "$str" ]; then
pipe="$VESTA/data/queue/dns-cluster.pipe"
queue_str=$(grep -n "$SCRIPT $1 $2 " $pipe |cut -f1 -d: |head -n1)
if [ ! -z "$queue_str" ]; then
sed -i "$queue_str d" $pipe
fi
exit
fi
IFS=$'\n'
for cluster in $(grep "SUSPENDED='no'" $VESTA/conf/dns-cluster.conf); do
# Parsing remote dns host parameters
eval $cluster
# Parsing domain parameters
eval $str
# Syncing domain data
cluster_cmd v-insert-dns-domain $DNS_USER "$str" $HOSTNAME $flush 'no'
check_result $? "$HOST connection failed" $E_CONNECT
# Syncing domain records
tmp_file="/tmp/vst-sync.$DOMAIN"
cluster_file $USER_DATA/dns/$DOMAIN.conf $tmp_file
check_result $? "$HOST connection failed" $E_CONNECT
# Inserting synced records
cluster_cmd v-insert-dns-records $DNS_USER $DOMAIN $tmp_file 'no'
check_result $? "$HOST connection failed" $E_CONNECT
# Rebuilding dns zone
cluster_cmd v-rebuild-dns-domain $DNS_USER $domain 'yes' 'no'
check_result $? "$HOST connection failed" $E_CONNECT
done
#----------------------------------------------------------#
# Vesta #
#----------------------------------------------------------#
# Updating pipe
rm -f $tmpfile
pipe="$VESTA/data/queue/dns-cluster.pipe"
str=$(grep -n "$SCRIPT $1 $2 " $pipe | cut -f1 -d: | head -n1)
if [ ! -z "$str" ]; then
sed -i "$str d" $pipe
fi
exit

93
bin/v-add-remote-dns-host
View file

@ -1,93 +0,0 @@
#!/bin/bash
# info: add new remote dns host
# options: HOST PORT USER PASSWORD [TYPE] [DNS_USER]
#
# The function adds remote dns server to the dns cluster.
#----------------------------------------------------------#
# Variable&Function #
#----------------------------------------------------------#
# Argument definition
host=$1
HOST=$host
port=$2
PORT=$port
user=$3
USER=$user
password=$4; HIDE=4
PASSWORD=$password
type=${5-api}
TYPE="$type"
dns_user=${6-dns-cluster}
DNS_USER=$dns_user
# Includes
source $VESTA/func/main.sh
source $VESTA/func/remote.sh
source $VESTA/conf/vesta.conf
#----------------------------------------------------------#
# Verifications #
#----------------------------------------------------------#
args_usage='HOST PORT USER PASSWORD [TYPE] [DNS_USER]'
check_args '4' "$#" "$args_usage"
is_format_valid 'host' 'port' 'user' 'type' 'dns_user'
is_system_enabled "$DNS_SYSTEM" 'DNS_SYSTEM'
is_password_valid
is_dnshost_new
is_dnshost_alive
#----------------------------------------------------------#
# Action #
#----------------------------------------------------------#
# Generating timestamp
time_n_date=$(date +'%T %F')
time=$(echo "$time_n_date" |cut -f 1 -d \ )
date=$(echo "$time_n_date" |cut -f 2 -d \ )
# Concatentating dns host string
str="HOST='$host' PORT='$port' USER='$user' PASSWORD='$password'"
str="$str DNS_USER='$dns_user' TYPE='$type' SUSPENDED='no'"
str="$str TIME='$time' DATE='$date'"
# Adding host to dns-cluster.conf
echo "$str" >> $VESTA/conf/dns-cluster.conf
chmod 660 $VESTA/conf/dns-cluster.conf
# Enabling DNS_CLUSTER
if [ -z "$(grep DNS_CLUSTER $VESTA/conf/vesta.conf)" ]; then
sed -i "s/^STATS_/DNS_CLUSTER='yes'\nSTATS_/g" $VESTA/conf/vesta.conf
else
sed -i "s/DNS_CLUSTER=.*/DNS_CLUSTER='yes'/g" $VESTA/conf/vesta.conf
fi
# Enabling remote dns-cluster queue
cluster_cmd v-add-cron-restart-job
check_result $? "$HOST connection failed" $E_CONNECT
# Syncing all domains
$BIN/v-sync-dns-cluster $host
check_result $? "$HOST sync failed" $E_CONNECT
#----------------------------------------------------------#
# Vesta #
#----------------------------------------------------------#
# Adding local dns-cluster cron job
cmd="sudo /usr/local/vesta/bin/v-update-sys-queue dns-cluster"
check_cron=$(grep "$cmd" $VESTA/data/users/admin/cron.conf 2> /dev/null)
if [ -z "$check_cron" ] && [ ! -z "$CRON_SYSTEM" ]; then
$BIN/v-add-cron-job admin '*/5' '*' '*' '*' '*' "$cmd"
fi
# Logging
log_event "$OK" "$ARGUMENTS"
exit

85
bin/v-add-remote-dns-record
View file

@ -1,85 +0,0 @@
#!/bin/bash
# info: add remote dns domain record
# options: USER DOMAIN ID
#
# The function synchronize dns domain with the remote server.
#----------------------------------------------------------#
# Variable&Function #
#----------------------------------------------------------#
# Argument definition
user=$1
domain=$2
id=$3
# Includes
source $VESTA/func/main.sh
source $VESTA/func/remote.sh
source $VESTA/conf/vesta.conf
#----------------------------------------------------------#
# Verifications #
#----------------------------------------------------------#
check_args '3' "$#" 'USER DOMAIN ID'
is_format_valid 'user' 'domain' 'id'
is_system_enabled "$DNS_CLUSTER" 'DNS_CLUSTER'
is_object_valid 'user' 'USER' "$user"
is_object_valid 'dns' 'DOMAIN' "$domain"
is_procces_running
remote_dns_health_check
#----------------------------------------------------------#
# Action #
#----------------------------------------------------------#
# Parsing record
str=$(grep "ID='$id'" $USER_DATA/dns/$domain.conf)
if [ -z "$str" ]; then
pipe="$VESTA/data/queue/dns-cluster.pipe"
queue_str=$(grep -n "$SCRIPT $1 $2 $3$" $pipe | cut -f1 -d: | head -n1)
if [ ! -z "$queue_str" ]; then
sed -i "$queue_str d" $pipe
fi
exit
fi
IFS=$'\n'
for cluster in $(grep "SUSPENDED='no'" $VESTA/conf/dns-cluster.conf); do
# Parsing remote host parameters
eval $cluster
# Syncing serial
str=$(grep "DOMAIN='$domain'" $USER_DATA/dns.conf)
cluster_cmd v-insert-dns-domain $DNS_USER "$str" $HOSTNAME 'domain' 'no'
check_result $? "$HOST connection failed (soa sync)" $E_CONNECT
# Syncing record
str=$(grep "ID='$id'" $USER_DATA/dns/$domain.conf | sed 's/"/\\"/g')
cluster_cmd v-insert-dns-record $DNS_USER $domain "$str" 'no'
check_result $? "$HOST connection failed (record sync)" $E_CONNECT
# Rebuilding dns zone
cluster_cmd v-rebuild-dns-domain $DNS_USER $domain 'yes' 'no'
check_result $? "$HOST connection failed (rebuild)" $E_CONNECT
done
#----------------------------------------------------------#
# Vesta #
#----------------------------------------------------------#
# Updating pipe
pipe="$VESTA/data/queue/dns-cluster.pipe"
str=$(grep -n "$SCRIPT $1 $2 $3$" $pipe | cut -f1 -d: | head -n1)
if [ ! -z "$str" ]; then
sed -i "$str d" $pipe
fi
exit

57
bin/v-add-sys-firewall
View file

@ -1,57 +0,0 @@
#!/bin/bash
# info: add system firewall
# options: NONE
#
# The script enables firewall
#----------------------------------------------------------#
# Variable&Function #
#----------------------------------------------------------#
# Includes
source $VESTA/func/main.sh
source $VESTA/conf/vesta.conf
#----------------------------------------------------------#
# Verifications #
#----------------------------------------------------------#
if [ "$FIREWALL_SYSTEM" = 'iptables' ]; then
exit
fi
#----------------------------------------------------------#
# Action #
#----------------------------------------------------------#
# Adding firewall directory
mkdir -p $VESTA/data/firewall/
# Adding default ruleset
if [ ! -e "$VESTA/data/firewall/rules.conf" ]; then
cp $VESTA/install/rhel/7/* $VESTA/data/firewall/
fi
# Updating FIREWAL_SYSTEM value
if [ -z "$(grep FIREWALL_SYSTEM $VESTA/conf/vesta.conf)" ]; then
echo "FIREWALL_SYSTEM='iptables'" >> $VESTA/conf/vesta.conf
else
sed -i "s/FIREWALL_SYSTEM.*/FIREWALL_SYSTEM='iptables'/g" \
$VESTA/conf/vesta.conf
fi
# Updating firewall rules
$BIN/v-update-firewall
#----------------------------------------------------------#
# Vesta #
#----------------------------------------------------------#
# Logging
log_event "$OK" "$ARGUMENTS"
exit

194
bin/v-add-sys-ip
View file

@ -1,194 +0,0 @@
#!/bin/bash
# info: add system ip address
# options: IP NETMASK [INTERFACE] [USER] [IP_STATUS] [IP_NAME] [NAT_IP]
#
# The function adds ip address into a system. It also creates rc scripts. You
# can specify ip name which will be used as root domain for temporary aliases.
# For example, if you set a1.myhosting.com as name, each new domain created on
# this ip will automatically receive alias $domain.a1.myhosting.com. Of course
# you must have wildcard record *.a1.myhosting.com pointed to ip. This feature
# is very handy when customer wants to test domain before dns migration.
#----------------------------------------------------------#
# Variable&Function #
#----------------------------------------------------------#
# Argument definition
ip=${1// /}
netmask=$2
interface="${3-eth0}"
user="${4-admin}"
ip_status="${5-shared}"
ip_name=$6
nat_ip=$7
# Includes
source $VESTA/func/main.sh
source $VESTA/func/ip.sh
source $VESTA/func/domain.sh
source $VESTA/conf/vesta.conf
#----------------------------------------------------------#
# Verifications #
#----------------------------------------------------------#
check_args '2' "$#" 'IP NETMASK [INTERFACE] [USER] [STATUS] [NAME] [NATED_IP]'
is_format_valid 'ip' 'netmask' 'interface' 'user' 'ip_status'
is_ip_free
is_object_valid 'user' 'USER' "$user"
is_object_unsuspended 'user' 'USER' "$user"
if [ ! -z "$ip_name" ] ; then
is_format_valid 'ip_name'
fi
if [ ! -z "$nat_ip" ] ; then
is_format_valid 'nat_ip'
fi
#----------------------------------------------------------#
# Action #
#----------------------------------------------------------#
iface=$(get_ip_iface)
cidr=$(convert_netmask $netmask)
broadcast=$(get_broadcast $ip $netmask)
sys_ip_check=$(/sbin/ip addr | grep "$ip")
if [ -z "$sys_ip_check" ]; then
# Adding sys ip
/sbin/ip addr add $ip/$cidr dev $interface \
broadcast $broadcast label $iface
# Adding RHEL/CentOS/Fedora/Amazon startup script
if [ -d "/etc/sysconfig" ]; then
sys_ip="# Added by vesta"
sys_ip="$sys_ip\nDEVICE=$iface"
sys_ip="$sys_ip\nBOOTPROTO=static"
sys_ip="$sys_ip\nONBOOT=yes"
sys_ip="$sys_ip\nIPADDR=$ip"
sys_ip="$sys_ip\nNETMASK=$netmask"
echo -e $sys_ip > /etc/sysconfig/network-scripts/ifcfg-$iface
fi
# Adding Debian/Ubuntu startup script
if [ -e "/etc/debian_version" ]; then
sys_ip="\n# Added by vesta"
sys_ip="$sys_ip\nauto $iface"
sys_ip="$sys_ip\niface $iface inet static"
sys_ip="$sys_ip\naddress $ip"
sys_ip="$sys_ip\nnetmask $netmask"
echo -e $sys_ip >> /etc/network/interfaces
fi
fi
# Generating timestamp
time_n_date=$(date +'%T %F')
time=$(echo "$time_n_date" |cut -f 1 -d \ )
date=$(echo "$time_n_date" |cut -f 2 -d \ )
# Adding vesta ip
echo "OWNER='$user'
STATUS='$ip_status'
NAME='$ip_name'
U_SYS_USERS=''
U_WEB_DOMAINS='0'
INTERFACE='$interface'
NETMASK='$netmask'
NAT='$nat_ip'
TIME='$time'
DATE='$date'" > $VESTA/data/ips/$ip
chmod 660 $VESTA/data/ips/$ip
# WEB support
if [ ! -z "$WEB_SYSTEM" ]; then
web_conf="/etc/$WEB_SYSTEM/conf.d/$ip.conf"
rm -f $web_conf
if [ "$WEB_SYSTEM" = 'httpd' ] || [ "$WEB_SYSTEM" = 'apache2' ]; then
if [ -z "$(/usr/sbin/apachectl -v | grep Apache/2.4)" ]; then
echo "NameVirtualHost $ip:$WEB_PORT" > $web_conf
fi
echo "Listen $ip:$WEB_PORT" >> $web_conf
fi
if [ "$WEB_SSL" = 'mod_ssl' ]; then
if [ -z "$(/usr/sbin/apachectl -v | grep Apache/2.4)" ]; then
echo "NameVirtualHost $ip:$WEB_SSL_PORT" >> $web_conf
fi
echo "Listen $ip:$WEB_SSL_PORT" >> $web_conf
fi
fi
# Proxy support
if [ ! -z "$PROXY_SYSTEM" ]; then
cat $WEBTPL/$PROXY_SYSTEM/proxy_ip.tpl |\
sed -e "s/%ip%/$ip/g" \
-e "s/%web_port%/$WEB_PORT/g" \
-e "s/%proxy_port%/$PROXY_PORT/g" \
> /etc/$PROXY_SYSTEM/conf.d/$ip.conf
# mod_extract_forwarded
fw_conf="/etc/$WEB_SYSTEM/conf.d/mod_extract_forwarded.conf"
if [ -e "$fw_conf" ]; then
ips=$(grep 'MEFaccept ' $fw_conf | grep -v '#' | head -n1)
sed -i "s/$ips/$ips $ip/g" $fw_conf
fi
# mod_rpaf
rpaf_conf="/etc/$WEB_SYSTEM/mods-enabled/rpaf.conf"
if [ -e "$rpaf_conf" ]; then
rpaf_str=$(grep RPAFproxy_ips $rpaf_conf)
rpaf_str="$rpaf_str $ip"
sed -i "s/.*RPAFproxy_ips.*/$rpaf_str/" $rpaf_conf
fi
#mod_remoteip
remoteip_conf="/etc/$WEB_SYSTEM/mods-enabled/remoteip.conf"
if [ -e "$remoteip_conf" ]; then
if [ $( grep -ic "$ip" $remoteip_conf ) -eq 0 ]; then
sed -i "s/<\/IfModule>/RemoteIPInternalProxy $ip\n<\/IfModule>/g" $remoteip_conf
fi
fi
fi
#----------------------------------------------------------#
# Vesta #
#----------------------------------------------------------#
# Updating user counters
increase_user_value "$user" '$IP_OWNED'
if [ "$user" = 'admin' ]; then
if [ "$ip_status" = 'shared' ]; then
for user in $(ls $VESTA/data/users); do
increase_user_value "$user" '$IP_AVAIL'
done
else
increase_user_value 'admin' '$IP_AVAIL'
fi
else
increase_user_value "$user" '$IP_AVAIL'
increase_user_value 'admin' '$IP_AVAIL'
fi
# Restarting web server
$BIN/v-restart-web
check_result $? "Web restart failed" >/dev/null
# Restarting proxy server
if [ ! -z "$PROXY_SYSTEM" ]; then
$BIN/v-restart-proxy
check_result $? "Proxy restart failed" >/dev/null
fi
# Restarting firewall
if [ ! -z "$FIREWALL_SYSTEM" ]; then
$BIN/v-update-firewall
fi
# Logging
log_history "added system ip address $ip" '' 'admin'
log_event "$OK" "$ARGUMENTS"
exit

106
bin/v-add-sys-mail-ssl
View file

@ -1,106 +0,0 @@
#!/bin/bash
# info: copy mail ssl certificate
# options: USER DOMAIN [RESTART]
#
# The function copies user domain SSL to mail SSL directory
#----------------------------------------------------------#
# Variable&Function #
#----------------------------------------------------------#
# Argument definition
user=$1
domain=$2
restart=$3
# Includes
source $VESTA/func/main.sh
source $VESTA/func/domain.sh
source $VESTA/conf/vesta.conf
#----------------------------------------------------------#
# Verifications #
#----------------------------------------------------------#
check_args '2' "$#" 'USER DOMAIN [RESTART]'
is_format_valid 'user' 'domain'
is_system_enabled "$MAIL_SYSTEM" 'MAIL_SYSTEM'
is_object_valid 'user' 'USER' "$user"
is_object_valid 'web' 'DOMAIN' "$domain"
is_object_value_exist 'web' 'DOMAIN' "$domain" '$SSL'
#----------------------------------------------------------#
# Action #
#----------------------------------------------------------#
# Defining certificate location
dom_crt="/home/$user/conf/web/ssl.$domain.pem"
dom_key="/home/$user/conf/web/ssl.$domain.key"
vst_crt="$VESTA/ssl/mail.crt"
vst_key="$VESTA/ssl/mail.key"
# Checking certificate
if [ ! -e "$dom_crt" ] || [ ! -e "$dom_key" ]; then
check_result $E_NOTEXIST "$domain certificate doesn't exist"
fi
# Checking difference
diff $dom_crt $vst_crt >/dev/null 2>&1
if [ $? -ne 0 ]; then
rm -f $vst_crt.old $vst_key.old
mv $vst_crt $vst_crt.old >/dev/null 2>&1
mv $vst_key $vst_key.old >/dev/null 2>&1
cp $dom_crt $vst_crt 2>/dev/null
cp $dom_key $vst_key 2>/dev/null
chown root:mail $vst_crt $vst_key
else
restart=no
fi
# Updating mail certificate
case $MAIL_SYSTEM in
exim) conf='/etc/exim/exim.conf';;
exim4) conf='/etc/exim4/exim4.conf.template';;
esac
if [ -e "$conf" ]; then
sed -e "s|^tls_certificate.*|tls_certificate = $vst_crt|" \
-e "s|^tls_privatekey.*|tls_privatekey = $vst_key|" -i $conf
fi
# Updating imap certificate
conf="/etc/dovecot/conf.d/10-ssl.conf"
if [ ! -z "$IMAP_SYSTEM" ] && [ -e "$conf" ]; then
sed -e "s|ssl_cert.*|ssl_cert = <$vst_crt|" \
-e "s|ssl_key.*|ssl_key = <$vst_key|" -i $conf
fi
#----------------------------------------------------------#
# Vesta #
#----------------------------------------------------------#
# Restarting services
if [ "$restart" != 'no' ]; then
if [ ! -z "$MAIL_SYSTEM" ]; then
$BIN/v-restart-service $MAIL_SYSTEM
fi
if [ ! -z "$IMAP_SYSTEM" ]; then
$BIN/v-restart-service $IMAP_SYSTEM
fi
fi
# Updating vesta.conf
if [ -z "$(grep MAIL_CERTIFICATE $VESTA/conf/vesta.conf)" ]; then
echo "MAIL_CERTIFICATE='$user:$domain'" >> $VESTA/conf/vesta.conf
else
sed -i "s/MAIL_CERTIFICATE.*/MAIL_CERTIFICATE='$user:$domain'/g" \
$VESTA/conf/vesta.conf
fi
# Logging
log_event "$OK" "$ARGUMENTS"
exit

90
bin/v-add-sys-quota
View file

@ -1,90 +0,0 @@
#!/bin/bash
# info: add system quota
# options: NONE
#
# The script enables filesystem quota on /home partition
#----------------------------------------------------------#
# Variable & Function #
#----------------------------------------------------------#
# Includes
source $VESTA/func/main.sh
source $VESTA/conf/vesta.conf
#----------------------------------------------------------#
# Verifications #
#----------------------------------------------------------#
# Checking quota package
quota=$(which --skip-alias --skip-functions quota 2>/dev/null)
if [ $? -ne 0 ]; then
if [ -d "/etc/sysconfig" ]; then
yum -y install quota >/dev/null 2>&1
check_result $? "quota package installation failed" $E_UPDATE
else
export DEBIAN_FRONTEND=noninteractive
apt-get -y install quota >/dev/null 2>&1
check_result $? "quota package installation failed" $E_UPDATE
fi
fi
#----------------------------------------------------------#
# Action #
#----------------------------------------------------------#
# Adding group and user quota on /home partition
mnt=$(df -P /home | awk '{print $6}' | tail -n1)
lnr=$(cat -n /etc/fstab | grep -v "#" | awk '{print $1,$3}' | grep "$mnt$" | cut -f 1 -d ' ')
opt=$(sed -n ${lnr}p /etc/fstab | awk '{print $4}')
fnd='usrquota\|grpquota\|usrjquota=aquota.user\|grpjquota=aquota.group\|jqfmt=vfsv0'
if [ $(echo $opt | tr ',' '\n' | grep -x $fnd | wc -l) -ne 5 ]; then
old=$(echo $(echo $opt | tr ',' '\n' | grep -v 'usrquota\|grpquota\|usrjquota=\|grpjquota=\|jqfmt=') | tr ' ' ',')
new='usrquota,grpquota,usrjquota=aquota.user,grpjquota=aquota.group,jqfmt=vfsv0'
sed -i "$lnr s/$opt/$old,$new/" /etc/fstab
mount -o remount $mnt
fi
# Adding v2 group and user quota index
if [ ! -e "$mnt/aquota.user" ] || [ ! -e "$mnt/aquota.group" ]; then
quotacheck -avcugm >/dev/null 2>&1
fi
# Adding quotacheck on reboot
touch /forcequotacheck
# Adding cron job
echo '#!/bin/bash' > /etc/cron.daily/quotacheck
echo 'touch /forcequotacheck' >> /etc/cron.daily/quotacheck
chmod a+x /etc/cron.daily/quotacheck
# Enabling group and user quota
if [ ! -z "$(quotaon -pa | grep " $mnt " | grep 'user\|group' | grep 'is off')" ]; then
quotaon -v $mnt
check_result $? "quota can't be enabled in $mnt" $E_DISK
fi
# Updating vesta.conf value
if [ -z "$(grep DISK_QUOTA $VESTA/conf/vesta.conf)" ]; then
echo "DISK_QUOTA='yes'" >> $VESTA/conf/vesta.conf
else
sed -i "s/DISK_QUOTA=.*/DISK_QUOTA='yes'/g" $VESTA/conf/vesta.conf
fi
# Rebuilding user quota
for user in $(ls $VESTA/data/users); do
$BIN/v-update-user-quota $user
done
#----------------------------------------------------------#
# Vesta #
#----------------------------------------------------------#
# Logging
log_event "$OK" "$ARGUMENTS"
exit

106
bin/v-add-sys-sftp-jail
View file

@ -1,106 +0,0 @@
#!/bin/bash
# info: add system sftp jail
# options: NONE
#
# The script enables sftp jailed environment
#----------------------------------------------------------#
# Variable&Function #
#----------------------------------------------------------#
# Importing system environment as we run this script
# mostly by cron which do not read it by itself
source /etc/profile
# Includes
source $VESTA/func/main.sh
source $VESTA/conf/vesta.conf
#----------------------------------------------------------#
# Verifications #
#----------------------------------------------------------#
if [ -z "$SFTPJAIL_KEY" ]; then
exit
fi
#----------------------------------------------------------#
# Action #
#----------------------------------------------------------#
# Checking sshd directives
config='/etc/ssh/sshd_config'
sftp_n=$(grep -n "Subsystem.*sftp" $config |grep -v internal |grep -v ":#")
sftp_i=$(grep -n "Subsystem.*sftp" $config |grep internal |grep -v ":#")
# Disabling normal sftp
if [ ! -z "$sftp_n" ]; then
fline=$(echo $sftp_n |cut -f 1 -d :)
sed -i "${fline}s/Subsystem.*sftp/#Subsystem sftp/" $config
restart='yes'
fi
# Enabling jailed sftp
if [ -z "$sftp_i" ]; then
echo " " >> $config
echo "Subsystem sftp internal-sftp" >> $config
echo "Match Group sftp-only" >> $config
echo "ChrootDirectory /chroot/%u" >> $config
echo " AllowTCPForwarding no" >> $config
echo " X11Forwarding no" >> $config
echo " ForceCommand internal-sftp" >> $config
restart='yes'
fi
# Validating opensshd config
if [ "$restart" = 'yes' ]; then
subj="OpenSSH restart failed"
email=$(grep CONTACT $VESTA/data/users/admin/user.conf |cut -f 2 -d \')
/usr/sbin/sshd -t >/dev/null 2>&1
if [ "$?" -ne 0 ]; then
mail_text="OpenSSH can not be restarted. Please check config:
\n\n$(/usr/sbin/sshd -t)"
echo -e "$mail_text" |$SENDMAIL -s "$subj" $email
else
service ssh restart >/dev/null 2>&1
service sshd restart >/dev/null 2>&1
fi
fi
# Adding sftp group
groupadd sftp-only 2>/dev/null
# Checking users
shells="rssh|nologin"
for user in $(grep "$HOMEDIR" /etc/passwd |egrep "$shells" |cut -f 1 -d:); do
$BIN/v-add-user-sftp-jail $user
done
# Adding v-add-sys-sftp-jail to startup
if [ -e "/etc/rc.local" ]; then
check_sftp=$(grep $0 /etc/rc.local)
check_exit=$(grep ^exit /etc/rc.local)
if [ -z "$check_sftp" ]; then
if [ -z "$check_exit" ]; then
echo "$BIN/v-add-sys-sftp-jail" >> /etc/rc.local
else
sed -i "s|^exit|$BIN/v-add-sys-sftp-jail\nexit|" /etc/rc.local
fi
fi
chmod +x /etc/rc.local
else
echo "$BIN/v-add-sys-sftp-jail" > /etc/rc.local
chmod +x /etc/rc.local
fi
#----------------------------------------------------------#
# Vesta #
#----------------------------------------------------------#
# Logging
log_event "$OK" "$ARGUMENTS"
exit

97
bin/v-add-sys-vesta-ssl
View file

@ -1,97 +0,0 @@
#!/bin/bash
# info: add vesta ssl certificate
# options: USER DOMAIN [RESTART]
#
# The function copies user domain SSL to vesta SSL directory
#----------------------------------------------------------#
# Variable&Function #
#----------------------------------------------------------#
# Argument definition
user=$1
domain=$2
restart=$3
# Includes
source $VESTA/func/main.sh
source $VESTA/func/domain.sh
source $VESTA/conf/vesta.conf
#----------------------------------------------------------#
# Verifications #
#----------------------------------------------------------#
check_args '2' "$#" 'USER DOMAIN [RESTART]'
is_format_valid 'user' 'domain'
is_system_enabled "$WEB_SYSTEM" 'WEB_SYSTEM'
is_object_valid 'user' 'USER' "$user"
is_object_valid 'web' 'DOMAIN' "$domain"
is_object_value_exist 'web' 'DOMAIN' "$domain" '$SSL'
#----------------------------------------------------------#
# Action #
#----------------------------------------------------------#
# Defining certificate location
dom_crt="/home/$user/conf/web/ssl.$domain.pem"
dom_key="/home/$user/conf/web/ssl.$domain.key"
vst_crt="$VESTA/ssl/certificate.crt"
vst_key="$VESTA/ssl/certificate.key"
# Checking certificate
if [ ! -e "$dom_crt" ] || [ ! -e "$dom_key" ]; then
check_result $E_NOTEXIST "$domain certificate doesn't exist"
fi
# Checking difference
diff $dom_crt $vst_crt >/dev/null 2>&1
if [ $? -ne 0 ]; then
rm -f $vst_crt.old $vst_key.old
mv $vst_crt $vst_crt.old
mv $vst_key $vst_key.old
cp $dom_crt $vst_crt 2>/dev/null
cp $dom_key $vst_key 2>/dev/null
chown root:mail $vst_crt $vst_key
else
restart=no
fi
#----------------------------------------------------------#
# Vesta #
#----------------------------------------------------------#
# Restarting services
if [ "$restart" != 'no' ]; then
if [ ! -z "$MAIL_SYSTEM" ] && [ -z "$MAIL_CERTIFICATE" ]; then
$BIN/v-restart-service $MAIL_SYSTEM
fi
if [ ! -z "$IMAP_SYSTEM" ] && [ -z "$MAIL_CERTIFICATE" ]; then
$BIN/v-restart-service $IMAP_SYSTEM
fi
if [ ! -z "$FTP_SYSTEM" ]; then
$BIN/v-restart-service "$FTP_SYSTEM"
fi
if [ -e "/var/run/vesta-nginx.pid" ]; then
kill -HUP $(cat /var/run/vesta-nginx.pid)
else
service vesta restart
fi
fi
# Updating vesta.conf
if [ -z "$(grep VESTA_CERTIFICATE $VESTA/conf/vesta.conf)" ]; then
echo "VESTA_CERTIFICATE='$user:$domain'" >> $VESTA/conf/vesta.conf
else
sed -i "s/VESTA_CERTIFICATE.*/VESTA_CERTIFICATE='$user:$domain'/g" \
$VESTA/conf/vesta.conf
fi
# Logging
log_event "$OK" "$ARGUMENTS"
exit

215
bin/v-add-user
View file

@ -1,215 +0,0 @@
#!/bin/bash
# info: add system user
# options: USER PASSWORD EMAIL [PACKAGE] [FNAME] [LNAME]
#
# The function creates new user account.
#----------------------------------------------------------#
# Variable&Function #
#----------------------------------------------------------#
# Argument definition
user=$1
password=$2; HIDE=2
email=$3
package=${4-default}
fname=$5
lname=$6
# Includes
source $VESTA/func/main.sh
source $VESTA/conf/vesta.conf
is_user_free() {
check_sysuser=$(cut -f 1 -d : /etc/passwd | grep "^$user$" )
if [ ! -z "$check_sysuser" ] || [ -e "$USER_DATA" ]; then
check_result $E_EXISTS "user $user exists"
fi
}
#----------------------------------------------------------#
# Verifications #
#----------------------------------------------------------#
check_args '3' "$#" 'USER PASSWORD EMAIL [PACKAGE] [FNAME] [LNAME]'
is_format_valid 'user' 'email' 'package'
if [ ! -z "$fname" ]; then
is_format_valid 'fname' 'lname'
fi
is_user_free "$user"
is_password_valid
is_package_valid
#----------------------------------------------------------#
# Action #
#----------------------------------------------------------#
# Parsing package data
pkg_data=$(cat $VESTA/data/packages/$package.pkg |egrep -v "TIME|DATE")
# Checking shell
shell_conf=$(echo "$pkg_data" | grep 'SHELL' | cut -f 2 -d \')
shell=$(grep -w "$shell_conf" /etc/shells |head -n1)
# Adding user
/usr/sbin/useradd "$user" -s "$shell" -c "$email" -m -d "$HOMEDIR/$user"
check_result $? "user creation failed" $E_INVALID
# Adding password
echo "$user:$password" | /usr/sbin/chpasswd
# Building directory tree
mkdir $HOMEDIR/$user/conf
if [ ! -z "$WEB_SYSTEM" ]; then
mkdir $HOMEDIR/$user/conf/web $HOMEDIR/$user/web $HOMEDIR/$user/tmp
chmod 751 $HOMEDIR/$user/conf/web
chmod 700 $HOMEDIR/$user/tmp
chown $user:$user $HOMEDIR/$user/web $HOMEDIR/$user/tmp
fi
if [ ! -z "$MAIL_SYSTEM" ]; then
mkdir $HOMEDIR/$user/conf/mail $HOMEDIR/$user/mail
chmod 751 $HOMEDIR/$user/mail
chmod 755 $HOMEDIR/$user/conf/mail
fi
if [ ! -z "$DNS_SYSTEM" ]; then
mkdir $HOMEDIR/$user/conf/dns
chmod 751 $HOMEDIR/$user/conf/dns
fi
# Set permissions
chmod a+x $HOMEDIR/$user
chattr +i $HOMEDIR/$user/conf
#----------------------------------------------------------#
# Vesta #
#----------------------------------------------------------#
# Adding user dir
mkdir -p $USER_DATA/ssl $USER_DATA/dns $USER_DATA/mail
# Creating configuration files and pipes
touch $USER_DATA/backup.conf \
$USER_DATA/history.log \
$USER_DATA/stats.log \
$USER_DATA/web.conf \
$USER_DATA/dns.conf \
$USER_DATA/mail.conf \
$USER_DATA/db.conf \
$USER_DATA/cron.conf
chmod 770 $USER_DATA \
$USER_DATA/ssl \
$USER_DATA/dns \
$USER_DATA/mail
chmod 660 $USER_DATA/backup.conf \
$USER_DATA/history.log \
$USER_DATA/stats.log \
$USER_DATA/web.conf \
$USER_DATA/dns.conf \
$USER_DATA/mail.conf \
$USER_DATA/db.conf \
$USER_DATA/cron.conf
# Updating queue pipes
echo "$BIN/v-update-user-disk $user" >> $VESTA/data/queue/disk.pipe
if [ ! -z "$WEB_SYSTEM" ]; then
echo "$BIN/v-update-web-domains-traff $user" \
>> $VESTA/data/queue/traffic.pipe
echo "$BIN/v-update-web-domains-disk $user" >> $VESTA/data/queue/disk.pipe
fi
if [ ! -z "$MAIL_SYSTEM" ]; then
echo "$BIN/v-update-mail-domains-disk $user" >> $VESTA/data/queue/disk.pipe
fi
if [ ! -z "$DB_SYSTEM" ]; then
echo "$BIN/v-update-databases-disk $user" >> $VESTA/data/queue/disk.pipe
fi
# Generating timestamp
time_n_date=$(date +'%T %F')
time=$(echo "$time_n_date" |cut -f 1 -d \ )
date=$(echo "$time_n_date" |cut -f 2 -d \ )
# Filling user config
if [ "$user" != 'admin' ]; then
ip_avail=$($BIN/v-list-user-ips admin plain |grep -w shared|wc -l)
u_users=0
else
ip_avail=0
u_users=1
fi
echo "FNAME='$fname'
LNAME='$lname'
PACKAGE='$package'
$pkg_data
CONTACT='$email'
CRON_REPORTS='yes'
MD5='$(awk -v user=$user -F : 'user == $1 {print $2}' /etc/shadow)'
RKEY='$(generate_password)'
SUSPENDED='no'
SUSPENDED_USERS='0'
SUSPENDED_WEB='0'
SUSPENDED_DNS='0'
SUSPENDED_MAIL='0'
SUSPENDED_DB='0'
SUSPENDED_CRON='0'
IP_AVAIL='$ip_avail'
IP_OWNED='0'
U_USERS='$u_users'
U_DISK='0'
U_DISK_DIRS='0'
U_DISK_WEB='0'
U_DISK_MAIL='0'
U_DISK_DB='0'
U_BANDWIDTH='0'
U_WEB_DOMAINS='0'
U_WEB_SSL='0'
U_WEB_ALIASES='0'
U_DNS_DOMAINS='0'
U_DNS_RECORDS='0'
U_MAIL_DOMAINS='0'
U_MAIL_DKIM='0'
U_MAIL_ACCOUNTS='0'
U_DATABASES='0'
U_CRON_JOBS='0'
U_BACKUPS='0'
LANGUAGE=''
NOTIFICATIONS='no'
TIME='$time'
DATE='$date'" > $USER_DATA/user.conf
chmod 660 $USER_DATA/user.conf
# Updating quota
if [ "$DISK_QUOTA" = 'yes' ]; then
$BIN/v-update-user-quota "$user"
fi
# Updating admin counter
if [ "$user" != 'admin' ]; then
increase_user_value 'admin' '$U_USERS'
fi
# Run template trigger
if [ -x "$VESTA/data/packages/$package.sh" ]; then
$VESTA/data/packages/$package.sh "$user" "$email" "$fname" "$lname"
fi
# Adding jailed sftp env
if [ ! -z "$SFTPJAIL_KEY" ]; then
$BIN/v-add-user-sftp-jail $user
fi
# Logging
log_history "added system user $user" '' 'admin'
log_event "$OK" "$ARGUMENTS"
exit

125
bin/v-add-user-favourites
View file

@ -1,125 +0,0 @@
#!/bin/bash
# info: adding user favourites
# options: USER SYSTEM OBJECT
#
# The function adds object to users favourites
#----------------------------------------------------------#
# Variable&Function #
#----------------------------------------------------------#
# Argument definition
user=$1
system=$(echo "$2" |tr '[:lower:]' '[:upper:]')
object=$3
email=$3
id=$3
# Includes
source $VESTA/func/main.sh
source $VESTA/conf/vesta.conf
#----------------------------------------------------------#
# Verifications #
#----------------------------------------------------------#
check_args '3' "$#" 'USER SYSTEM OBJECT'
is_format_valid 'user' 'system'
case $system in
MAIL_ACC) is_format_valid 'email' ;;
CRON) is_format_valid 'id' ;;
DNS_REC) is_format_valid 'id' ;;
*) is_format_valid 'object'
esac
is_object_valid 'user' 'USER' "$user"
is_object_unsuspended 'user' 'USER' "$user"
# Checking system
case $system in
USER) check='ok' ;;
WEB) check='ok' ;;
DNS) check='ok' ;;
DNS_REC) check='ok' ;;
MAIL) check='ok' ;;
MAIL_ACC) check='ok' ;;
DB) check='ok' ;;
CRON) check='ok' ;;
BACKUP) check='ok' ;;
IP) check='ok' ;;
PACKAGE) check='ok' ;;
FIREWALL) check='ok' ;;
*) check_args '2' '0' 'USER SYSTEM OBJECT'
esac
#----------------------------------------------------------#
# Action #
#----------------------------------------------------------#
# Flushing vars
USER=''
WEB=''
DNS=''
DNS_REC=''
MAIL=''
MAIL_ACC=''
DB=''
CRON=''
BACKUP=''
IP=''
PACKAGE=''
FIREWALL=''
# Creating config just in case
touch $USER_DATA/favourites.conf
# Reading current values
source $USER_DATA/favourites.conf
# Assigning current system value
eval value=\$$system
# Checking if object is new
check_fav=$(echo "$value" |tr ',' '\n'| grep "^$object$")
if [ ! -z "$check_fav" ]; then
exit 0
fi
# Adding object to favorites
if [ -z "$value" ]; then
value="$object"
else
value="$value,$object"
fi
# Updating sytem
eval $system=$value
# Updating user favorites
echo "USER='$USER'
WEB='$WEB'
DNS='$DNS'
DNS_REC='$DNS_REC'
MAIL='$MAIL'
MAIL_ACC='$MAIL_ACC'
DB='$DB'
CRON='$CRON'
BACKUP='$BACKUP'
IP='$IP'
PACKAGE='$PACKAGE'
FIREWALL='$FIREWALL'" > $USER_DATA/favourites.conf
# Changing file permission
chmod 640 $USER_DATA/favourites.conf
#----------------------------------------------------------#
# Vesta #
#----------------------------------------------------------#
# Logging
log_history "added starred $object in $system listing"
log_event "$OK" "$ARGUMENTS"
exit

76
bin/v-add-user-notification
View file

@ -1,76 +0,0 @@
#!/bin/bash
# info: add user notification
# options: USER TOPIC NOTICE [TYPE]
#
# The function adds user notification.
#----------------------------------------------------------#
# Variable&Function #
#----------------------------------------------------------#
# Argument definition
user=$1
topic=$(echo $2 |sed "s/'/%quote%/g")
notice=$(echo $3 |sed "s/'/%quote%/g")
type=$4
# Includes
source $VESTA/func/main.sh
source $VESTA/conf/vesta.conf
#----------------------------------------------------------#
# Verifications #
#----------------------------------------------------------#
check_args '2' "$#" 'USER TOPIC NOTICE [TYPE]'
is_format_valid 'user' 'topic' 'notice'
is_object_valid 'user' 'USER' "$user"
#----------------------------------------------------------#
# Action #
#----------------------------------------------------------#
# Defining notification id
if [ -e "$USER_DATA/notifications.conf" ]; then
nid=$(grep "NID=" $USER_DATA/notifications.conf |cut -f 2 -d \')
nid=$(echo "$nid" |sort -n |tail -n1)
if [ ! -z "$nid" ]; then
nid="$((nid +1))"
else
nid=1
fi
else
nid=1
fi
# Generating timestamp
time_n_date=$(date +'%T %F')
time=$(echo "$time_n_date" |cut -f 1 -d \ )
date=$(echo "$time_n_date" |cut -f 2 -d \ )
# Concatenating string
str="NID='$nid' TOPIC='$topic' NOTICE='$notice' TYPE='$type'"
str="$str ACK='no' TIME='$time' DATE='$date'"
# Adding to config
echo "$str" >> $USER_DATA/notifications.conf
# Changing permissions
chmod 660 $USER_DATA/notifications.conf
#----------------------------------------------------------#
# Vesta #
#----------------------------------------------------------#
# Updating notification counter
if [ -z "$(grep NOTIFICATIONS $USER_DATA/user.conf)" ]; then
sed -i "s/^TIME/NOTIFICATIONS='yes'\nTIME/g" $USER_DATA/user.conf
else
update_user_value "$user" '$NOTIFICATIONS' "yes"
fi
exit

102
bin/v-add-user-package
View file

@ -1,102 +0,0 @@
#!/bin/bash
# info: adding user package
# options: PKG_DIR PACKAGE [REWRITE]
#
# The function adds new user package to the system.
#----------------------------------------------------------#
# Variable&Function #
#----------------------------------------------------------#
# Argument definition
pkg_dir=$1
package=$2
rewrite=$3
# Includes
source $VESTA/func/main.sh
source $VESTA/conf/vesta.conf
# Functions
is_package_new() {
if [ -e "$VESTA/data/packages/$package.pkg" ]; then
echo "Error: package $package already exists."
log_event "$E_EXISTS" "$ARGUMENTS"
exit $E_EXISTS
fi
}
is_package_consistent() {
source $pkg_dir/$package.pkg
if [ "$WEB_DOMAINS" != 'unlimited' ]; then
is_int_format_valid $WEB_DOMAINS 'WEB_DOMAINS'
fi
if [ "$WEB_ALIASES" != 'unlimited' ]; then
is_int_format_valid $WEB_ALIASES 'WEB_ALIASES'
fi
if [ "$DNS_DOMAINS" != 'unlimited' ]; then
is_int_format_valid $DNS_DOMAINS 'DNS_DOMAINS'
fi
if [ "$DNS_RECORDS" != 'unlimited' ]; then
is_int_format_valid $DNS_RECORDS 'DNS_RECORDS'
fi
if [ "$MAIL_DOMAINS" != 'unlimited' ]; then
is_int_format_valid $MAIL_DOMAINS 'MAIL_DOMAINS'
fi
if [ "$MAIL_ACCOUNTS" != 'unlimited' ]; then
is_int_format_valid $MAIL_ACCOUNTS 'MAIL_ACCOUNTS'
fi
if [ "$DATABASES" != 'unlimited' ]; then
is_int_format_valid $DATABASES 'DATABASES'
fi
if [ "$CRON_JOBS" != 'unlimited' ]; then
is_int_format_valid $CRON_JOBS 'CRON_JOBS'
fi
if [ "$DISK_QUOTA" != 'unlimited' ]; then
is_int_format_valid $DISK_QUOTA 'DISK_QUOTA'
fi
if [ "$BANDWIDTH" != 'unlimited' ]; then
is_int_format_valid $BANDWIDTH 'BANDWIDTH'
fi
if [ "$BACKUPS" != 'unlimited' ]; then
is_int_format_valid $BACKUPS 'BACKUPS'
fi
is_format_valid_shell $SHELL
}
#----------------------------------------------------------#
# Verifications #
#----------------------------------------------------------#
check_args '2' "$#" 'PKG_DIR PACKAGE' 'rewrite'
is_format_valid 'pkg_dir' 'package'
if [ "$rewrite" != 'yes' ]; then
is_package_new
fi
is_package_valid "$pkg_dir"
is_package_consistent
#----------------------------------------------------------#
# Action #
#----------------------------------------------------------#
cp -f $pkg_dir/$package.pkg $VESTA/data/packages/
chmod 644 $VESTA/data/packages/$package.pkg
#----------------------------------------------------------#
# Vesta #
#----------------------------------------------------------#
# Logging
if [ "$rewrite" != 'yes' ]; then
log_history "added user package $package" '' 'admin'
else
log_history "updated user package $package" '' 'admin'
fi
log_event "$OK" "$ARGUMENTS"
exit

66
bin/v-add-user-sftp-jail
View file

@ -1,66 +0,0 @@
#!/bin/bash
# info: add user sftp jail
# options: USER
#
# The script enables sftp jailed environment
#----------------------------------------------------------#
# Variable&Function #
#----------------------------------------------------------#
# Argument definition
user=$1
# Includes
source $VESTA/func/main.sh
source $VESTA/conf/vesta.conf
#----------------------------------------------------------#
# Verifications #
#----------------------------------------------------------#
check_args '1' "$#" 'USER'
is_format_valid 'user'
if [ -z "$SFTPJAIL_KEY" ]; then
exit
fi
user_str=$(grep "^$user:" /etc/passwd |egrep "rssh|nologin")
if [ -z "$user_str" ]; then
exit
fi
#----------------------------------------------------------#
# Action #
#----------------------------------------------------------#
# Defining user homedir
home="$(echo $user_str |cut -f 6 -d :)"
# Adding chroot directory
if [ ! -d "/chroot/$user/$home" ]; then
mkdir -p /chroot/$user/$home
chmod 750 /chroot/$user
chmod 775 /chroot/$user/$home
chown root:sftp-only /chroot/$user
chown $user:sftp-only /chroot/$user/$home
fi
# Adding user to sftp group
usermod -a -G sftp-only $user
# Mouting home directory
if [ -z "$(mount |grep /chroot/$user/$home)" ]; then
mount -o bind $home /chroot/$user/$home/
fi
#----------------------------------------------------------#
# Vesta #
#----------------------------------------------------------#
# Logging
log_event "$OK" "$ARGUMENTS"
exit

133
bin/v-add-vesta-softaculous
View file

@ -1,133 +0,0 @@
#!/bin/bash
# info: add vesta softaculous
# options: [TYPE]
#
# The script enables softaculous plugin
#----------------------------------------------------------#
# Variable&Function #
#----------------------------------------------------------#
TYPE=$1
# Includes
source /etc/profile
source $VESTA/func/main.sh
source $VESTA/conf/vesta.conf
#----------------------------------------------------------#
# Verifications #
#----------------------------------------------------------#
if [ "$TYPE" = 'WEB' ]; then
if [ ! -e "$VESTA/softaculous" ] && [ ! -e "$VESTA/ioncube" ]; then
$BIN/v-schedule-vesta-softaculous
exit
fi
else
cmd="v-add-vesta-softaculous"
check_cron=$(grep "$cmd" $VESTA/data/users/admin/cron.conf 2> /dev/null)
if [ ! -z "$check_cron" ]; then
eval $check_cron
$BIN/v-delete-cron-job admin $JOB
fi
fi
if [ "$SOFTACULOUS" = 'yes' ]; then
exit
fi
#----------------------------------------------------------#
# Action #
#----------------------------------------------------------#
# Cleaning yum cache
if [ -d "/etc/sysconfig" ]; then
yum -q clean all
yum="yum -q -y --noplugins --disablerepo=* --enablerepo=vesta"
else
export DEBIAN_FRONTEND=noninteractive
apt-get update -o Dir::Etc::sourcelist="sources.list.d/vesta.list" \
-o Dir::Etc::sourceparts="-" -o APT::Get::List-Cleanup="0" -qq
fi
# Updating php pacakge
if [ -z "$($VESTA/php/bin/php -v|grep 'PHP 5.6')" ]; then
if [ -d "/etc/sysconfig" ]; then
$yum -y update vesta-php
check_result $? "vesta-php package upgrade failed" $E_UPDATE
else
apt-get -y install vesta-php
check_result $? "vesta-php package upgrade failed" $E_UPDATE
fi
fi
# Adding vesta-ioncube package
if [ -d "/etc/sysconfig" ]; then
rpm -q vesta-ioncube >/dev/null 2>&1
if [ $? -ne 0 ]; then
$yum -y install vesta-ioncube >/dev/null 2>&1
check_result $? "vesta-ioncube package installation failed" $E_UPDATE
fi
else
dpkg -l vesta-ioncube |grep ^ii >/dev/null 2>&1
if [ $? -ne 0 ]; then
apt-get -y install vesta-ioncube >/dev/null 2>&1
check_result $? "vesta-ioncube package installation failed" $E_UPDATE
fi
fi
# Adding vesta-softaculous package
if [ -d "/etc/sysconfig" ]; then
rpm -q vesta-softaculous >/dev/null 2>&1
if [ $? -ne 0 ]; then
$yum -y install vesta-softaculous >/dev/null 2>&1
check_result $? "vesta-softaculous package installation failed" $E_UPDATE
fi
else
dpkg -l vesta-softaculous |grep ^ii >/dev/null 2>&1
if [ $? -ne 0 ]; then
apt-get -y install vesta-softaculous >/dev/null 2>&1
check_result $? "vesta-softaculous package installation failed" $E_UPDATE
fi
fi
# Installing softaculous
if [ ! -e "$VESTA/softaculous/vst_installed" ]; then
mkdir -p /var/softaculous
chown -R admin:admin /var/softaculous
cd $VESTA/softaculous
wget -q http://c.vestacp.com/3rdparty/softaculous_install.inc
$VESTA/php/bin/php softaculous_install.inc
check_result $? "vesta-softaculous package installation failed" $E_UPDATE
touch $VESTA/softaculous/vst_installed
fi
# Enabling symlink
if [ -e "$VESTA/disabled_plugins/softaculous" ]; then
if [ ! -e "$VESTA/web/softaculous" ]; then
mv $VESTA/disabled_plugins/softaculous $VESTA/web/softaculous
fi
fi
# Updating SOFTACULOUS value
if [ -z "$(grep SOFTACULOUS $VESTA/conf/vesta.conf)" ]; then
echo "SOFTACULOUS='yes'" >> $VESTA/conf/vesta.conf
else
sed -i "s/SOFTACULOUS.*/SOFTACULOUS='yes'/g" \
$VESTA/conf/vesta.conf
fi
#----------------------------------------------------------#
# Vesta #
#----------------------------------------------------------#
# Logging
log_event "$OK" "$ARGUMENTS"
exit

181
bin/v-add-web-domain
View file

@ -1,181 +0,0 @@
#!/bin/bash
# info: add web domain
# options: USER DOMAIN [IP] [ALIASES] [PROXY_EXTENSIONS] [RESTART]
#
# The function adds virtual host to a server. In cases when ip is
# undefined in the script, "default" template will be used. The alias of
# www.domain.tld type will be automatically assigned to the domain unless
# "none" is transmited as argument. If ip have associated dns name, this
# domain will also get the alias domain-tpl.$ipname. An alias with the ip
# name is useful during the site testing while dns isn't moved to server yet.
#----------------------------------------------------------#
# Variable&Function #
#----------------------------------------------------------#
# Argument definition
user=$1
domain=$2
domain_idn=$2
ip=$3
restart=$4 # will be moved to the end soon
aliases=$5
proxy_ext=$6
# Includes
source $VESTA/func/main.sh
source $VESTA/func/domain.sh
source $VESTA/func/ip.sh
source $VESTA/conf/vesta.conf
# Additional argument formatting
format_domain
format_domain_idn
format_aliases
#----------------------------------------------------------#
# Verifications #
#----------------------------------------------------------#
is_system_enabled "$WEB_SYSTEM" 'WEB_SYSTEM'
check_args '2' "$#" 'USER DOMAIN [IP] [RESTART] [ALIASES] [PROXY_EXTENSIONS]'
is_format_valid 'user' 'domain' 'aliases' 'ip' 'proxy_ext'
is_object_valid 'user' 'USER' "$user"
is_object_unsuspended 'user' 'USER' "$user"
is_package_full 'WEB_DOMAINS' 'WEB_ALIASES'
is_domain_new 'web' "$domain,$aliases"
is_dir_symlink $HOMEDIR/$user/web
if_dir_exists $HOMEDIR/$user/web/$domain
is_dir_symlink $HOMEDIR/$user/web/$domain
if [ ! -z "$ip" ]; then
is_ip_valid "$ip" "$user"
else
get_user_ip
fi
#----------------------------------------------------------#
# Action #
#----------------------------------------------------------#
# Reading user values
source $USER_DATA/user.conf
# Creating domain directories
sudo -u $user mkdir -p $HOMEDIR/$user/web/$domain \
$HOMEDIR/$user/web/$domain/public_html \
$HOMEDIR/$user/web/$domain/public_shtml \
$HOMEDIR/$user/web/$domain/document_errors \
$HOMEDIR/$user/web/$domain/cgi-bin \
$HOMEDIR/$user/web/$domain/private \
$HOMEDIR/$user/web/$domain/stats \
$HOMEDIR/$user/web/$domain/logs
# Creating domain logs
touch /var/log/$WEB_SYSTEM/domains/$domain.bytes \
/var/log/$WEB_SYSTEM/domains/$domain.log \
/var/log/$WEB_SYSTEM/domains/$domain.error.log
ln -f -s /var/log/$WEB_SYSTEM/domains/$domain.*log \
$HOMEDIR/$user/web/$domain/logs/
# Adding domain skeleton
sudo -u $user cp -r $WEBTPL/skel/* $HOMEDIR/$user/web/$domain/ >/dev/null 2>&1
for file in $(find "$HOMEDIR/$user/web/$domain/" -type f); do
sed -i "s/%domain%/$domain/g" $file
done
# Changing file owner & permission
chown -R $user:$user $HOMEDIR/$user/web/$domain
chown root:$user /var/log/$WEB_SYSTEM/domains/$domain.* $conf
chmod 640 /var/log/$WEB_SYSTEM/domains/$domain.*
sudo -u $user chmod 751 $HOMEDIR/$user/web/$domain $HOMEDIR/$user/web/$domain/*
sudo -u $user chmod 551 $HOMEDIR/$user/web/$domain/stats $HOMEDIR/$user/web/$domain/logs
sudo -u $user chmod 644 $HOMEDIR/$user/web/$domain/public_*html/*.*
# Addding PHP-FPM backend
if [ ! -z "$WEB_BACKEND" ]; then
if [ -z "$BACKEND_TEMPLATE" ]; then
BACKEND_TEMPLATE='default'
if [ -z "$(grep BACKEND_TEMPLATE $USER_DATA/user.conf)" ]; then
sed -i "s/^DNS_TEMPL/BACKEND_TEMPLATE='default'\nDNS_TEMPL/g" \
$USER_DATA/user.conf
else
update_user_value "$user" '$BACKEND_TEMPLATE' "default"
fi
fi
$BIN/v-add-web-domain-backend "$user" "$domain" $BACKEND_TEMPLATE
check_result $? "Backend error" >/dev/null
fi
# Preparing domain aliases
if [ "$aliases" = 'none' ]; then
ALIAS=''
else
ALIAS="www.$domain"
if [ -z "$aliases" ]; then
ALIAS="www.$domain"
else
ALIAS="$aliases"
fi
ip_alias=$(get_ip_alias $domain)
if [ ! -z "$ip_alias" ]; then
ALIAS="$ALIAS,$ip_alias"
fi
fi
# Preparing domain variables
prepare_web_domain_values
# Adding web server config
add_web_config "$WEB_SYSTEM" "$WEB_TEMPLATE.tpl"
# Adding proxy config
if [ ! -z "$PROXY_SYSTEM" ]; then
PROXY_EXT="$proxy_ext"
if [ -z "$proxy_ext" ]; then
PROXY_EXT="jpg,jpeg,gif,png,ico,svg,css,zip,tgz,gz,rar,bz2,doc,xls"
PROXY_EXT="$PROXY_EXT,exe,pdf,ppt,txt,odt,ods,odp,odf,tar,wav,bmp"
PROXY_EXT="$PROXY_EXT,rtf,js,mp3,avi,mpeg,flv,html,htm"
fi
add_web_config "$PROXY_SYSTEM" "$PROXY_TEMPLATE.tpl"
fi
#----------------------------------------------------------#
# Vesta #
#----------------------------------------------------------#
# Increasing counters
increase_ip_value "$local_ip"
increase_user_value "$user" '$U_WEB_DOMAINS'
increase_user_value "$user" '$U_WEB_ALIASES' "$alias_number"
# Generating timestamp
time_n_date=$(date +'%T %F')
time=$(echo "$time_n_date" |cut -f 1 -d \ )
date=$(echo "$time_n_date" |cut -f 2 -d \ )
# Adding domain in web.conf
echo "DOMAIN='$domain' IP='$ip' IP6='' ALIAS='$ALIAS' TPL='$WEB_TEMPLATE'\
SSL='no' SSL_HOME='same' LETSENCRYPT='no' FTP_USER='' FTP_MD5=''\
BACKEND='$BACKEND_TEMPLATE' PROXY='$PROXY_TEMPLATE' PROXY_EXT='$PROXY_EXT'\
STATS='' STATS_USER='' STATS_CRYPT='' U_DISK='0' U_BANDWIDTH='0'\
SUSPENDED='no' TIME='$time' DATE='$date'" >> $USER_DATA/web.conf
# Restarting web server
$BIN/v-restart-web $restart
check_result $? "Web restart failed" >/dev/null
# Restarting proxy server
$BIN/v-restart-proxy $restart
check_result $? "Proxy restart failed" >/dev/null
# Logging
log_history "added web domain $domain"
log_event "$OK" "$ARGUMENTS"
exit

103
bin/v-add-web-domain-alias
View file

@ -1,103 +0,0 @@
#!/bin/bash
# info: add web domain alias
# options: USER DOMAIN ALIASES [RESTART]
#
# The call is intended for adding aliases to a domain (it is also called
# "domain parking"). The function supports wildcards *.domain.tpl.
#----------------------------------------------------------#
# Variable&Function #
#----------------------------------------------------------#
# Argument definition
user=$1
domain=$2
domain_idn=$2
aliases=$3
restart="$4"
# Includes
source $VESTA/func/main.sh
source $VESTA/func/domain.sh
source $VESTA/func/ip.sh
source $VESTA/conf/vesta.conf
# Additional argument formatting
format_domain
format_domain_idn
# TODO: $domain_idn not used in this script - maybe $domain should be converted to $doman_idn ?
format_aliases
#----------------------------------------------------------#
# Verifications #
#----------------------------------------------------------#
check_args '3' "$#" 'USER DOMAIN ALIASES [RESTART]'
is_format_valid 'user' 'domain' 'dom_alias'
is_system_enabled "$WEB_SYSTEM" 'WEB_SYSTEM'
is_object_valid 'user' 'USER' "$user"
is_object_unsuspended 'user' 'USER' "$user"
is_object_valid 'web' 'DOMAIN' "$domain"
is_object_unsuspended 'web' 'DOMAIN' "$domain"
is_domain_new 'web' "$aliases"
is_package_full 'WEB_ALIASES'
#----------------------------------------------------------#
# Action #
#----------------------------------------------------------#
# Parsing domain values
get_domain_values 'web'
# Preparing domain values for the template substitution
local_ip=$(get_real_ip $IP)
if [ -z "$ALIAS" ]; then
ALIAS="$aliases"
else
ALIAS="$ALIAS,$aliases"
fi
prepare_web_domain_values
# Rebuilding vhost
del_web_config "$WEB_SYSTEM" "$TPL.tpl"
add_web_config "$WEB_SYSTEM" "$TPL.tpl"
if [ "$SSL" = 'yes' ]; then
del_web_config "$WEB_SYSTEM" "$TPL.stpl"
add_web_config "$WEB_SYSTEM" "$TPL.stpl"
fi
# Rebuilding proxy configuration
if [ ! -z "$PROXY_SYSTEM" ] && [ ! -z "$PROXY" ]; then
del_web_config "$PROXY_SYSTEM" "$PROXY.tpl"
add_web_config "$PROXY_SYSTEM" "$PROXY.tpl"
if [ "$SSL" = 'yes' ]; then
del_web_config "$PROXY_SYSTEM" "$PROXY.stpl"
add_web_config "$PROXY_SYSTEM" "$PROXY.stpl"
fi
fi
#----------------------------------------------------------#
# Vesta #
#----------------------------------------------------------#
# Adding new alias
update_object_value 'web' 'DOMAIN' "$domain" '$ALIAS' "$ALIAS"
increase_user_value "$user" '$U_WEB_ALIASES'
# Restarting web server
$BIN/v-restart-web $restart
check_result $? "Web restart failed" >/dev/null
# Restarting proxy server
$BIN/v-restart-proxy $restart
check_result $? "Proxy restart failed" >/dev/null
log_history "added $aliases for $domain"
log_event "$OK" "$ARGUMENTS"
exit

77
bin/v-add-web-domain-backend
View file

@ -1,77 +0,0 @@
#!/bin/bash
# info: add web domain backend
# options: USER DOMAIN [TEMPLATE] [RESTART]
#
# The call is used for adding web backend configuration.
#----------------------------------------------------------#
# Variable&Function #
#----------------------------------------------------------#
# Argument definition
user=$1
domain=$2
template=${3-default}
restart=$4
# Includes
source $VESTA/func/main.sh
source $VESTA/func/domain.sh
source $VESTA/conf/vesta.conf
#----------------------------------------------------------#
# Verifications #
#----------------------------------------------------------#
check_args '2' "$#" 'USER DOMAIN [TEMPLATE] [RESTART]'
is_system_enabled "$WEB_BACKEND" 'WEB_BACKEND'
is_object_valid 'user' 'USER' "$user"
is_object_unsuspended 'user' 'USER' "$user"
is_backend_template_valid "$template"
#----------------------------------------------------------#
# Action #
#----------------------------------------------------------#
# Defining pool directory
prepare_web_backend
# Checking backend configuration
if [ -e "$pool/$backend_type.conf" ]; then
exit
fi
# Allocating backend port
backend_port=9000
ports=$(grep listen $pool/* 2>/dev/null |grep -o :[0-9].*)
ports=$(echo "$ports" |sed "s/://" |sort -n)
for port in $ports; do
if [ "$backend_port" -eq "$port" ]; then
backend_port=$((backend_port + 1))
fi
done
# Adding backend config
cat $WEBTPL/$WEB_BACKEND/$template.tpl |\
sed -e "s|%backend_port%|$backend_port|" \
-e "s|%user%|$user|g"\
-e "s|%domain%|$domain|g"\
-e "s|%backend%|$backend_type|g" > $pool/$backend_type.conf
#----------------------------------------------------------#
# Vesta #
#----------------------------------------------------------#
# Restart backend server
$BIN/v-restart-web-backend $restart
check_result $? "Web backend restart failed" >/dev/null
# Logging
log_history "added $WEB_BACKEND backend configuration for $domain"
log_event "$OK" "$ARGUMENTS"
exit

126
bin/v-add-web-domain-ftp
View file

@ -1,126 +0,0 @@
#!/bin/bash
# info: add ftp account for web domain.
# options: USER DOMAIN FTP_USER FTP_PASSWORD [FTP_PATH]
#
# The function creates additional ftp account for web domain.
#----------------------------------------------------------#
# Variable&Function #
#----------------------------------------------------------#
# Argument definition
user=$1
domain=$2
domain_idn=$2
ftp_user=${1}_${3}
password=$4; HIDE=4
ftp_path=$5
# Includes
source $VESTA/func/main.sh
source $VESTA/func/domain.sh
source $VESTA/conf/vesta.conf
# Additional argument formatting
format_domain
format_domain_idn
# TODO: $domain_idn not used in this script - maybe $domain should be converted to $doman_idn ?
#----------------------------------------------------------#
# Verifications #
#----------------------------------------------------------#
check_args '4' "$#" 'USER DOMAIN FTP_USER FTP_PASSWORD [FTP_PATH]'
is_format_valid 'user' 'domain' 'ftp_user'
is_system_enabled "$WEB_SYSTEM" 'WEB_SYSTEM'
is_object_valid 'user' 'USER' "$user"
is_object_unsuspended 'user' 'USER' "$user"
is_object_valid 'web' 'DOMAIN' "$domain"
is_object_unsuspended 'web' 'DOMAIN' "$domain"
check_ftp_user=$(grep "^$ftp_user:" /etc/passwd)
if [ ! -z "$check_ftp_user" ] && [ "$FTP_USER" != "$ftp_user" ]; then
echo "Error: ftp user $ftp_user already exists"
log_event "$E_EXISTS" "$ARGUMENTS"
exit $E_EXISTS
fi
is_password_valid
#----------------------------------------------------------#
# Action #
#----------------------------------------------------------#
# Get domain values
get_domain_values 'web'
# Defining ftp user shell
shell=$(which nologin)
if [ ! -z "$FTP_SHELL" ]; then
shell=$FTP_SHELL
fi
# Defining path
if [ -z "$ftp_path" ]; then
ftp_path_a="$HOMEDIR/$user/web/$domain"
else
# Validating absolute path
ftp_path_a=$(readlink -f "$HOMEDIR/$user/web/$domain/$ftp_path")
if [ -z "$(echo $ftp_path_a |grep $HOMEDIR/$user/web/$domain)" ]; then
echo "Error: absolute path $ftp_path_a is invalid"
log_event "$E_INVALID" "$ARGUMENTS"
exit $E_INVALID
fi
# Creating ftp user home directory
if [ ! -e "$ftp_path_a" ]; then
mkdir -p $ftp_path_a
chown $user:$user "$ftp_path_a"
chmod 751 "$ftp_path_a"
fi
fi
# Adding ftp user
/usr/sbin/useradd $ftp_user \
-s $shell \
-o -u $(id -u $user) \
-g $(id -g $user) \
-M -d "$ftp_path_a" > /dev/null 2>&1
# Set ftp user password
echo "$ftp_user:$password" | /usr/sbin/chpasswd
ftp_md5=$(awk -v user=$ftp_user -F : 'user == $1 {print $2}' /etc/shadow)
# Adding jailed sftp env
if [ ! -z "$SFTPJAIL_KEY" ]; then
$BIN/v-add-user-sftp-jail $ftp_user
fi
#----------------------------------------------------------#
# Vesta #
#----------------------------------------------------------#
# Transforming absolute path to relative
ftp_path_r=$(echo $ftp_path_a |sed "s%$HOMEDIR/$user/web/$domain%%")
# Concatenating ftp variables
if [ ! -z "$FTP_USER" ]; then
ftp_user="$FTP_USER:$ftp_user"
ftp_md5="$FTP_MD5:$ftp_md5"
ftp_path="$FTP_PATH:$ftp_path_r"
fi
# Adding new key into web.conf
add_object_key "web" 'DOMAIN' "$domain" 'FTP_PATH' 'PROXY'
# Updating config
update_object_value 'web' 'DOMAIN' "$domain" '$FTP_USER' "$ftp_user"
update_object_value 'web' 'DOMAIN' "$domain" '$FTP_MD5' "$ftp_md5"
update_object_value 'web' 'DOMAIN' "$domain" '$FTP_PATH' "$ftp_path"
# Logging
log_history "added ftp account ${1}_${3}@$domain"
log_event "$OK" "$ARGUMENTS"
exit

115
bin/v-add-web-domain-httpauth
View file

@ -1,115 +0,0 @@
#!/bin/bash
# info: add password protection for web domain
# options: USER DOMAIN AUTH_USER AUTH_PASSWORD [RESTART]
#
# The call is used for securing web domain with http auth
#----------------------------------------------------------#
# Variable&Function #
#----------------------------------------------------------#
# Argument definition
user=$1
domain=$2
auth_user=$3
password=$4; HIDE=4
restart=${5-yes}
# Includes
source $VESTA/func/main.sh
source $VESTA/func/domain.sh
source $VESTA/conf/vesta.conf
# Defining htpasswd file
htaccess="$HOMEDIR/$user/conf/web/$WEB_SYSTEM.$domain.conf_htaccess"
htpasswd="$HOMEDIR/$user/conf/web/$WEB_SYSTEM.$domain.htpasswd"
shtaccess="$HOMEDIR/$user/conf/web/s$WEB_SYSTEM.$domain.conf_htaccess"
shtpasswd="$HOMEDIR/$user/conf/web/s$WEB_SYSTEM.$domain.htpasswd"
docroot="$HOMEDIR/$user/web/$domain/public_html"
#----------------------------------------------------------#
# Verifications #
#----------------------------------------------------------#
check_args '4' "$#" 'USER DOMAIN AUTH_USER AUTH_PASSWORD [RESTART]'
is_format_valid 'user' 'domain'
is_system_enabled "$WEB_SYSTEM" 'WEB_SYSTEM'
is_object_valid 'user' 'USER' "$user"
is_object_unsuspended 'user' 'USER' "$user"
is_object_valid 'web' 'DOMAIN' "$domain"
is_object_unsuspended 'web' 'DOMAIN' "$domain"
is_password_valid
get_domain_values 'web'
if [ ! -z "$(echo "$AUTH_USER" |tr : '\n' |grep ^$auth_user$)" ]; then
echo "Error: auth user $auth_user already exists"
log_event "$E_EXISTS" "$ARGUMENTS"
exit $E_EXISTS
fi
#----------------------------------------------------------#
# Action #
#----------------------------------------------------------#
# Adding htaccess password protection
if [ ! -e "$htaccess" ]; then
if [ "$WEB_SYSTEM" != 'nginx' ]; then
echo "<Directory $docroot>" > $htaccess
echo " AuthUserFile $htpasswd" >> $htaccess
echo " AuthName \"$domain access\"" >> $htaccess
echo " AuthType Basic" >> $htaccess
echo " Require valid-user" >> $htaccess
echo "</Directory>" >> $htaccess
else
echo "auth_basic \"$domain password access\";" > $htaccess
echo "auth_basic_user_file $htpasswd;" >> $htaccess
fi
restart_required='yes'
fi
# Adding httpasswd user
auth_hash=$($BIN/v-generate-password-hash htpasswd htpasswd $password)
touch $htpasswd
chmod 640 $htpasswd $htaccess
chgrp $user $htpasswd $htaccess
sed -i "/^$auth_user:/d" $htpasswd
echo "$auth_user:$auth_hash" >> $htpasswd
# Symbolic link for secure web templates
if [ ! -L $shtpasswd ]; then
ln -s $htpasswd $shtpasswd
fi
if [ ! -L $shtaccess ]; then
ln -s $htaccess $shtaccess
fi
# Restarting web server
if [ "$restart" != 'no' ] && [ "$restart_required" = 'yes' ]; then
$BIN/v-restart-web
fi
#----------------------------------------------------------#
# Vesta #
#----------------------------------------------------------#
# Preparing web.conf keys
if [ ! -z "$AUTH_USER" ]; then
auth_user="$AUTH_USER:$auth_user"
auth_hash="$AUTH_HASH:$auth_hash"
else
# Adding new key into web.conf
add_object_key "web" 'DOMAIN' "$domain" 'AUTH_USER' 'U_DISK'
add_object_key "web" 'DOMAIN' "$domain" 'AUTH_HASH' 'U_DISK'
fi
# Updating config
update_object_value 'web' 'DOMAIN' "$domain" '$AUTH_USER' "$auth_user"
update_object_value 'web' 'DOMAIN' "$domain" '$AUTH_HASH' "$auth_hash"
# Logging
log_history "added http auth user $httpauth_user on $domain"
log_event "$OK" "$ARGUMENTS"
exit

81
bin/v-add-web-domain-proxy
View file

@ -1,81 +0,0 @@
#!/bin/bash
# info: add webdomain proxy support
# options: USER DOMAIN [TEMPLATE] [EXTENTIONS] [RESTART]
#
# The function enables proxy support for a domain. This can significantly
# improve website speed.
#----------------------------------------------------------#
# Variable&Function #
#----------------------------------------------------------#
# Argument definition
user=$1
domain=$2
template=$3
default_extentions="jpg,jpeg,gif,png,ico,svg,css,zip,tgz,gz,rar,bz2,doc,xls,\
exe,pdf,ppt,txt,odt,ods,odp,odf,tar,wav,bmp,rtf,js,mp3,avi,mpeg,flv,html,htm"
extentions=${4-$default_extentions}
restart="$5"
# Includes
source $VESTA/func/main.sh
source $VESTA/func/domain.sh
source $VESTA/func/ip.sh
source $VESTA/conf/vesta.conf
#----------------------------------------------------------#
# Verifications #
#----------------------------------------------------------#
check_args '2' "$#" 'USER DOMAIN [TEMPLATE] [EXTENTIONS] [RESTART]'
is_format_valid 'user' 'domain' 'extentions'
is_system_enabled "$PROXY_SYSTEM" 'PROXY_SYSTEM'
is_object_valid 'user' 'USER' "$user"
is_object_unsuspended 'user' 'USER' "$user"
is_object_valid 'web' 'DOMAIN' "$domain"
is_object_unsuspended 'web' 'DOMAIN' "$domain"
is_object_value_empty 'web' 'DOMAIN' "$domain" '$PROXY'
if [ -z $template ]; then
template=$(get_user_value '$PROXY_TEMPLATE')
fi
is_proxy_template_valid $template
#----------------------------------------------------------#
# Action #
#----------------------------------------------------------#
# Defining domain parameters
get_domain_values 'web'
prepare_web_domain_values
local_ip=$(get_real_ip $IP)
# Preparing domain values for the template substitution
PROXY_EXT="$extentions"
add_web_config "$PROXY_SYSTEM" "$template.tpl"
# Adding proxy for ssl
if [ "$SSL" = 'yes' ]; then
add_web_config "$PROXY_SYSTEM" "$template.stpl"
fi
#----------------------------------------------------------#
# Vesta #
#----------------------------------------------------------#
# Update config
update_object_value 'web' 'DOMAIN' "$domain" '$PROXY' "$template"
update_object_value 'web' 'DOMAIN' "$domain" '$PROXY_EXT' "$extentions"
# Restarting web server
$BIN/v-restart-proxy $restart
check_result $? "Proxy restart failed" >/dev/null
log_history "enabled proxy support for $domain"
log_event "$OK" "$ARGUMENTS"
exit

156
bin/v-add-web-domain-ssl
View file

@ -1,156 +0,0 @@
#!/bin/bash
# info: adding ssl for domain
# options: USER DOMAIN SSL_DIR [SSL_HOME] [RESTART]
#
# The function turns on SSL support for a domain. Parameter ssl_dir is a path
# to directory where 2 or 3 ssl files can be found. Certificate file
# domain.tld.crt and its key domain.tld.key are mandatory. Certificate
# authority domain.tld.ca file is optional. If home directory parameter
# (ssl_home) is not set, https domain uses public_shtml as separate
# documentroot directory.
#----------------------------------------------------------#
# Variable&Function #
#----------------------------------------------------------#
# Argument definition
user=$1
domain=$2
ssl_dir=$3
ssl_home=${4-same}
restart="$5"
# Additional argument formatting
if [[ "$domain" =~ [[:upper:]] ]]; then
domain=$(echo "$domain" |tr '[:upper:]' '[:lower:]')
fi
if [[ "$domain" =~ ^www\..* ]]; then
domain=$(echo "$domain" |sed -e "s/^www.//")
fi
if [[ "$domain" =~ .*\.$ ]]; then
domain=$(echo "$domain" |sed -e "s/\.$//")
fi
domain=$(idn -t --quiet -u "$domain" )
domain_idn=$(idn -t --quiet -a "$domain")
# Includes
source $VESTA/func/main.sh
source $VESTA/func/domain.sh
source $VESTA/func/ip.sh
source $VESTA/conf/vesta.conf
# Additional argument formatting
format_domain
format_domain_idn
#----------------------------------------------------------#
# Verifications #
#----------------------------------------------------------#
check_args '3' "$#" 'USER DOMAIN SSL_DIR [SSL_HOME] [RESTART]'
is_format_valid 'user' 'domain' 'ssl_dir'
is_system_enabled "$WEB_SYSTEM" 'WEB_SYSTEM'
is_system_enabled "$WEB_SSL" 'SSL_SUPPORT'
is_object_valid 'user' 'USER' "$user"
is_object_unsuspended 'user' 'USER' "$user"
is_object_valid 'web' 'DOMAIN' "$domain"
is_object_unsuspended 'web' 'DOMAIN' "$domain"
is_object_value_empty 'web' 'DOMAIN' "$domain" '$SSL'
is_web_domain_cert_valid
#----------------------------------------------------------#
# Action #
#----------------------------------------------------------#
# Adding certificate to user data directory
cp -f $ssl_dir/$domain.crt $USER_DATA/ssl/$domain.crt
cp -f $ssl_dir/$domain.key $USER_DATA/ssl/$domain.key
cp -f $ssl_dir/$domain.crt $USER_DATA/ssl/$domain.pem
if [ -e "$ssl_dir/$domain.ca" ]; then
cp -f $ssl_dir/$domain.ca $USER_DATA/ssl/$domain.ca
echo >> $USER_DATA/ssl/$domain.pem
cat $USER_DATA/ssl/$domain.ca >> $USER_DATA/ssl/$domain.pem
fi
chmod 660 $USER_DATA/ssl/$domain.*
# Adding certificate to user dir
cp -f $USER_DATA/ssl/$domain.crt $HOMEDIR/$user/conf/web/ssl.$domain.crt
cp -f $USER_DATA/ssl/$domain.key $HOMEDIR/$user/conf/web/ssl.$domain.key
cp -f $USER_DATA/ssl/$domain.pem $HOMEDIR/$user/conf/web/ssl.$domain.pem
if [ -e "$USER_DATA/ssl/$domain.ca" ]; then
cp -f $USER_DATA/ssl/$domain.ca $HOMEDIR/$user/conf/web/ssl.$domain.ca
fi
# Parsing domain values
get_domain_values 'web'
local_ip=$(get_real_ip $IP)
# Preparing domain values for the template substitution
SSL_HOME="$ssl_home"
prepare_web_domain_values
# Adding domain to the web config
add_web_config "$WEB_SYSTEM" "$TPL.stpl"
# Checking proxy config
if [ ! -z "$PROXY_SYSTEM" ] && [ ! -z "$PROXY" ]; then
add_web_config "$PROXY_SYSTEM" "$PROXY.stpl"
fi
#----------------------------------------------------------#
# Vesta #
#----------------------------------------------------------#
# Increasing domain value
increase_user_value "$user" '$U_WEB_SSL'
# Adding ssl values
update_object_value 'web' 'DOMAIN' "$domain" '$SSL_HOME' "$SSL_HOME"
update_object_value 'web' 'DOMAIN' "$domain" '$SSL' "yes"
# Restarting web server
$BIN/v-restart-web $restart
check_result $? "Web restart failed" >/dev/null
$BIN/v-restart-proxy $restart
check_result $? "Proxy restart failed" >/dev/null
# Updating system ssl dependencies
if [ ! -z "$VESTA_CERTIFICATE" ]; then
crt_user=$(echo "$VESTA_CERTIFICATE" |cut -f 1 -d :)
crt_domain=$(echo "$VESTA_CERTIFICATE" |cut -f 2 -d :)
if [ "$user" = "$crt_user" ] && [ "$domain" = "$crt_domain" ]; then
$BIN/v-add-sys-vesta-ssl $user $domain >/dev/null 2>&1
fi
fi
if [ ! -z "$MAIL_CERTIFICATE" ]; then
crt_user=$(echo "$MAIL_CERTIFICATE" |cut -f 1 -d :)
crt_domain=$(echo "$MAIL_CERTIFICATE" |cut -f 2 -d :)
if [ "$user" = "$crt_user" ] && [ "$domain" = "$crt_domain" ]; then
$BIN/v-add-sys-mail-ssl $user $domain >/dev/null 2>&1
fi
fi
if [ ! -z "$UPDATE_HOSTNAME_SSL" ] && [ "$UPDATE_HOSTNAME_SSL" = "yes" ]; then
hostname=$(hostname)
if [ "$hostname" = "$domain" ]; then
$BIN/v-update-host-certificate $user $domain
fi
fi
UPDATE_SSL_SCRIPT=''
source $VESTA/conf/vesta.conf
if [ ! -z "$UPDATE_SSL_SCRIPT" ]; then
eval "$UPDATE_SSL_SCRIPT $user $domain"
fi
# Logging
log_history "enabled ssl support for $domain"
log_event "$OK" "$ARGUMENTS"
exit

100
bin/v-add-web-domain-stats
View file

@ -1,100 +0,0 @@
#!/bin/bash
# info: add log analyzer to generate domain statitics
# options: USER DOMAIN TYPE
#
# The call is used for enabling log analyzer system to a domain. At this time
# two types of these system is supported - awstats and webalizer. For viewing
# the domain statistics use http://domain.tld/vstats/ link. Access this page
# is not protected by default. If you want to secure it with passwords you
# should use v-add-web-domain_stat_auth script.
#----------------------------------------------------------#
# Variable&Function #
#----------------------------------------------------------#
# Argument definition
user=$1
domain=$2
domain_idn=$2
type=$3
# Includes
source $VESTA/func/main.sh
source $VESTA/func/domain.sh
source $VESTA/conf/vesta.conf
# Additional argument formatting
format_domain
format_domain_idn
#----------------------------------------------------------#
# Verifications #
#----------------------------------------------------------#
check_args '3' "$#" 'USER DOMAIN TYPE'
is_format_valid 'user' 'domain'
is_system_enabled "$WEB_SYSTEM" 'WEB_SYSTEM'
is_type_valid "$STATS_SYSTEM" "$type"
is_object_valid 'user' 'USER' "$user" "$user"
is_object_unsuspended 'user' 'USER' "$user"
is_object_valid 'web' 'DOMAIN' "$domain"
is_object_unsuspended 'web' 'DOMAIN' "$domain"
is_object_value_empty 'web' 'DOMAIN' "$domain" '$STATS'
#----------------------------------------------------------#
# Action #
#----------------------------------------------------------#
# Parse aliases
get_domain_values 'web'
# Adding statistic config
prepare_web_domain_values
cat $WEBTPL/$type/$type.tpl |\
sed -e "s|%ip%|$ip|g" \
-e "s|%web_port%|$WEB_PORT|g" \
-e "s|%web_system%|$WEB_SYSTEM|g" \
-e "s|%web_ssl_port%|$WEB_SSL_PORT|g" \
-e "s|%rgroups%|$WEB_RGROUPs|g" \
-e "s|%proxy_system%|$PROXY_SYSTEM|g" \
-e "s|%proxy_port%|$PROXY_PORT|g" \
-e "s|%proxy_ssl_port%|$PROXY_SSL_PORT|g" \
-e "s|%domain_idn%|$domain_idn|g" \
-e "s|%domain%|$domain|g" \
-e "s|%user%|$user|g" \
-e "s|%home%|$HOMEDIR|g" \
-e "s|%alias%|${aliases//,/ }|g" \
-e "s|%alias_idn%|${aliases_idn//,/ }|g" \
> $HOMEDIR/$user/conf/web/$type.$domain.conf
if [ "$type" == 'awstats' ]; then
rm -f /etc/awstats/$type.$domain_idn.conf
ln -s $HOMEDIR/$user/conf/web/$type.$domain.conf \
/etc/awstats/$type.$domain_idn.conf
else
mkdir -p /var/lib/webalizer
fi
#----------------------------------------------------------#
# Vesta #
#----------------------------------------------------------#
# Schedule statistic processing
echo "$BIN/v-update-web-domain-stat $user $domain" >> \
$VESTA/data/queue/webstats.pipe
# Update config
update_object_value 'web' 'DOMAIN' "$domain" '$STATS' "$type"
# Logging
log_history "enabled web log analyzer for $domain"
log_event "$OK" "$ARGUMENTS"
# Build stats
exec $BIN/v-update-web-domain-stat $user $domain
exit

82
bin/v-add-web-domain-stats-user
View file

@ -1,82 +0,0 @@
#!/bin/bash
# info: add password protection to web domain statistics
# options: USER DOMAIN STATS_USER STATS_PASSWORD [RESTART]
#
# The call is used for securing the web statistics page.
#----------------------------------------------------------#
# Variable&Function #
#----------------------------------------------------------#
# Argument definition
user=$1
domain=$2
stats_user=$3
password=$4; HIDE=4
restart=$5
# Includes
source $VESTA/func/main.sh
source $VESTA/func/domain.sh
source $VESTA/conf/vesta.conf
#----------------------------------------------------------#
# Verifications #
#----------------------------------------------------------#
check_args '4' "$#" 'USER DOMAIN STATS_USER STATS_PASS [RESTART]'
is_format_valid 'user' 'domain' 'stats_user'
is_system_enabled "$WEB_SYSTEM" 'WEB_SYSTEM'
is_object_valid 'user' 'USER' "$user"
is_object_unsuspended 'user' 'USER' "$user"
is_object_valid 'web' 'DOMAIN' "$domain"
is_object_unsuspended 'web' 'DOMAIN' "$domain"
is_password_valid
#----------------------------------------------------------#
# Action #
#----------------------------------------------------------#
# Defining statistic dir
stats_dir="$HOMEDIR/$user/web/$domain/stats"
conf_dir="$HOMEDIR/$user/conf/web"
# Adding htaccess file
if [ "$WEB_SYSTEM" = 'nginx' ]; then
echo "auth_basic \"Web Statistics\";" > $conf_dir/$domain.auth
echo "auth_basic_user_file $stats_dir/.htpasswd;" >> $conf_dir/$domain.auth
else
echo "AuthUserFile $stats_dir/.htpasswd" > $stats_dir/.htaccess
echo "AuthName \"Web Statistics\"" >> $stats_dir/.htaccess
echo "AuthType Basic" >> $stats_dir/.htaccess
echo "Require valid-user" >> $stats_dir/.htaccess
fi
# Generating htaccess user and password
salt=$(generate_password "$PW_MATRIX" "8")
stats_pass=$($BIN/v-generate-password-hash md5 $salt $password)
echo "$stats_user:$stats_pass" > $stats_dir/.htpasswd
#----------------------------------------------------------#
# Vesta #
#----------------------------------------------------------#
# Adding stats user in config
update_object_value 'web' 'DOMAIN' "$domain" '$STATS_USER' "$stats_user"
update_object_value 'web' 'DOMAIN' "$domain" '$STATS_CRYPT' "$stats_pass"
# Restarting web server
if [ "$WEB_SYSTEM" = 'nginx' ]; then
$BIN/v-restart-web $restart
check_result $? "Web restart failed" >/dev/null
fi
# Logging
log_history "added password protection for web stats on $domain"
log_event "$OK" "$ARGUMENTS"
exit

942
bin/v-backup-user
View file

@ -1,942 +0,0 @@
#!/bin/bash
# info: backup system user with all its objects
# options: USER NOTIFY
#
# The call is used for backing up user with all its domains and databases.
#----------------------------------------------------------#
# Variable&Function #
#----------------------------------------------------------#
# Importing system variables
source /etc/profile
# Argument definition
user=$1
notify=${2-no}
# Includes
source $VESTA/func/main.sh
source $VESTA/func/domain.sh
source $VESTA/func/db.sh
source $VESTA/conf/vesta.conf
#----------------------------------------------------------#
# Verifications #
#----------------------------------------------------------#
check_args '1' "$#" 'USER [NOTIFY]'
is_format_valid 'user'
is_system_enabled "$BACKUP_SYSTEM" 'BACKUP_SYSTEM'
is_object_valid 'user' 'USER' "$user"
is_object_unsuspended 'user' 'USER' "$user"
is_backup_enabled
#----------------------------------------------------------#
# Action #
#----------------------------------------------------------#
# Set backup directory if undefined
if [ -z "$BACKUP" ]; then
BACKUP=/backup
fi
mkdir -p $BACKUP
# Get current time
start_time=$(date '+%s')
# Set notification email and subject
subj="$user → backup failed"
email=$(grep CONTACT $VESTA/data/users/admin/user.conf |cut -f 2 -d \')
# Checking load average
la=$(cat /proc/loadavg |cut -f 1 -d ' ' |cut -f 1 -d '.')
i=0
while [ "$la" -ge "$BACKUP_LA_LIMIT" ]; do
echo -e "$(date "+%F %T") Load Average $la"
sleep 60
if [ "$i" -ge "15" ]; then
la_error="LoadAverage $la is above threshold"
echo "$la_error" |$SENDMAIL -s "$subj" $email $notify
sed -i "/ $user /d" $VESTA/data/queue/backup.pipe
check_result $E_LA "$la_error"
fi
la=$(cat /proc/loadavg |cut -f 1 -d ' ' |cut -f 1 -d '.')
(( ++i))
done
if [ -z "$BACKUP_TEMP" ]; then
BACKUP_TEMP=$BACKUP
fi
# Creating temporary directory
tmpdir=$(mktemp -p $BACKUP_TEMP -d)
if [ "$?" -ne 0 ]; then
echo "Can't create tmp dir $tmpdir" |$SENDMAIL -s "$subj" $email $notify
check_result $E_NOTEXIST "can't create tmp dir"
fi
# Backup sys configs
echo "-- SYSTEM --" |tee $BACKUP/$user.log
mkdir $tmpdir/vesta
echo -e "$(date "+%F %T") $user.conf" |tee -a $BACKUP/$user.log
cp -r $USER_DATA/user.conf $tmpdir/vesta/
cp -r $USER_DATA/ssl $tmpdir/vesta/
if [ -e "$USER_DATA/stats.log" ]; then
echo -e "$(date "+%F %T") stats.log" |tee -a $BACKUP/$user.log
cp -r $USER_DATA/stats.log $tmpdir/vesta/
fi
if [ -e "$USER_DATA/history.log" ]; then
echo -e "$(date "+%F %T") history.log" |tee -a $BACKUP/$user.log
cp -r $USER_DATA/history.log $tmpdir/vesta/
fi
if [ -e "$USER_DATA/backup-excludes.conf" ]; then
echo -e "$(date "+%F %T") backup-excludes.conf" |tee -a $BACKUP/$user.log
cp -r $USER_DATA/backup-excludes.conf $tmpdir/vesta/
fi
# Backup PAM
mkdir $tmpdir/pam
echo -e "$(date "+%F %T") pam" |tee -a $BACKUP/$user.log
grep "^$user:" /etc/passwd > $tmpdir/pam/passwd
grep "^$user:" /etc/shadow > $tmpdir/pam/shadow
grep "^$user:" /etc/group > $tmpdir/pam/group
echo
# Parsing excludes
if [ -e "$USER_DATA/backup-excludes.conf" ]; then
source $USER_DATA/backup-excludes.conf
fi
# WEB domains
if [ ! -z "$WEB_SYSTEM" ] && [ "$WEB" != '*' ]; then
echo -e "\n-- WEB --" |tee -a $BACKUP/$user.log
mkdir $tmpdir/web/
# Parsing domain exclusions
conf="$USER_DATA/web.conf"
for domain in $(search_objects 'web' 'SUSPENDED' "*" 'DOMAIN'); do
exclusion=$(echo -e "$WEB" |tr ',' '\n' |grep "^$domain$")
if [ -z "$exclusion" ]; then
web_list="$web_list $domain"
else
echo "$(date "+%F %T") excluding $domain"|tee -a $BACKUP/$user.log
fi
done
web_list=$(echo "$web_list" |sed -e "s/ */\ /g" -e "s/^ //")
i=0
for domain in $web_list; do
((i ++))
echo -e "$(date "+%F %T") $domain" |tee -a $BACKUP/$user.log
mkdir -p $tmpdir/web/$domain/conf
mkdir -p $tmpdir/web/$domain/vesta
# Get domain variables
domain_idn=$domain
format_domain_idn
get_domain_values 'web'
# Backup web.conf
cd $tmpdir/web/$domain/
conf="$USER_DATA/web.conf"
grep "DOMAIN='$domain'" $conf > vesta/web.conf
# Backup vhost config
conf=$HOMEDIR/$user/conf/web/$domain.$WEB_SYSTEM.conf
if [ -e "$conf" ]; then
cp $conf conf/$WEB_SYSTEM.conf
else
# old style configs
tpl_file="$WEBTPL/$WEB_SYSTEM/$WEB_BACKEND/$TPL.tpl"
conf="$HOMEDIR/$user/conf/web/$WEB_SYSTEM.conf"
get_web_config_lines $tpl_file $conf
sed -n "$top_line,$bottom_line p" $conf > conf/$WEB_SYSTEM.conf
fi
# Backup ssl vhost
if [ "$SSL" = 'yes' ]; then
conf=$HOMEDIR/$user/conf/web/$domain.$WEB_SYSTEM.ssl.conf
if [ -e "$conf" ]; then
cp $conf conf/$WEB_SYSTEM.ssl.conf
else
tpl_file="$WEBTPL/$WEB_SYSTEM/$WEB_BACKEND/$TPL.stpl"
conf="$HOMEDIR/$user/conf/web/s$WEB_SYSTEM.conf"
get_web_config_lines $tpl_file $conf
sed -n "$top_line,$bottom_line p" $conf > \
conf/s$WEB_SYSTEM.conf
fi
fi
# Backup proxy config
if [ ! -z "$PROXY_SYSTEM" ] && [ ! -z "$PROXY" ]; then
conf=$HOMEDIR/$user/conf/web/$domain.$PROXY_SYSTEM.conf
if [ -e "$conf" ]; then
cp $conf conf/$PROXY_SYSTEM.conf
else
tpl_file="$WEBTPL/$PROXY_SYSTEM/$PROXY.tpl"
conf="$HOMEDIR/$user/conf/web/$PROXY_SYSTEM.conf"
get_web_config_lines $tpl_file $conf
sed -n "$top_line,$bottom_line p" $conf > \
conf/$PROXY_SYSTEM.conf
fi
fi
# Backup ssl proxy config
if [ ! -z "$PROXY_SYSTEM" ] && [ "$SSL" = 'yes' ]; then
conf=$HOMEDIR/$user/conf/web/$domain.$PROXY_SYSTEM.ssl.conf
if [ -e "$conf" ]; then
cp $conf conf/$PROXY_SYSTEM.ssl.conf
else
tpl_file="$WEBTPL/$PROXY_SYSTEM/$PROXY.stpl"
conf="$HOMEDIR/$user/conf/web/s$PROXY_SYSTEM.conf"
get_web_config_lines $tpl_file $conf
sed -n "$top_line,$bottom_line p" $conf >\
conf/s$PROXY_SYSTEM.conf
fi
fi
# Backup custom config / backup LE config
for sconfig in $(ls $HOMEDIR/$user/conf/web/|grep ".$domain.conf"); do
cp $HOMEDIR/$user/conf/web/$sconfig conf/
done
# Backup ssl certificates
if [ "$SSL" = 'yes' ] ; then
cp $HOMEDIR/$user/conf/web/ssl.$domain.* conf/
cp $USER_DATA/ssl/$domain.* vesta/
fi
# Changin dir to documentroot
cd $HOMEDIR/$user/web/$domain
# Define exclude arguments
exlusion=$(echo -e "$WEB" |tr ',' '\n' |grep "^$domain:")
set -f
fargs=()
fargs+=(--exclude='./logs/*')
if [ ! -z "$exlusion" ]; then
xdirs="$(echo -e "$exlusion" |tr ':' '\n' |grep -v $domain)"
for xpath in $xdirs; do
if [ -d "$xpath" ]; then
fargs+=(--exclude=$xpath/*)
echo "$(date "+%F %T") excluding directory $xpath"
msg="$msg\n$(date "+%F %T") excluding directory $xpath"
else
echo "$(date "+%F %T") excluding file $xpath"
msg="$msg\n$(date "+%F %T") excluding file $xpath"
fargs+=(--exclude=$xpath)
fi
done
fi
set +f
# Backup files
tar --anchored -cpf- ${fargs[@]} * |gzip -$BACKUP_GZIP - > $tmpdir/web/$domain/domain_data.tar.gz
done
# Print total
if [ "$i" -eq 1 ]; then
echo -e "$(date "+%F %T") *** $i domain ***" |tee -a $BACKUP/$user.log
else
echo -e "$(date "+%F %T") *** $i domains ***"|tee -a $BACKUP/$user.log
fi
fi
# DNS domains
if [ ! -z "$DNS_SYSTEM" ] && [ "$DNS" != '*' ]; then
echo -e "\n-- DNS --" |tee -a $BACKUP/$user.log
mkdir $tmpdir/dns/
# Parsing domain exclusions
for domain in $(search_objects 'dns' 'SUSPENDED' "*" 'DOMAIN'); do
exclusion=$(echo "$DNS" |tr ',' '\n' |grep "^$domain$")
if [ -z "$exclusion" ]; then
dns_list="$dns_list $domain"
else
echo "$(date "+%F %T") excluding $domain"
msg="$msg\n$(date "+%F %T") excluding $domain"
fi
done
dns_list=$(echo "$dns_list" |sed -e "s/ */\ /g" -e "s/^ //")
i=0
for domain in $dns_list; do
((i ++))
echo -e "$(date "+%F %T") $domain" |tee -a $BACKUP/$user.log
# Building directory tree
mkdir -p $tmpdir/dns/$domain/conf
mkdir -p $tmpdir/dns/$domain/vesta
# Backup dns.conf
cd $tmpdir/dns/$domain/
conf="$USER_DATA/dns.conf"
grep "DOMAIN='$domain'" $conf > vesta/dns.conf
# Backup dns recods
cp $USER_DATA/dns/$domain.conf vesta/$domain.conf
if [ "$DNS_SYSTEM" != 'remote' ]; then
cp $HOMEDIR/$user/conf/dns/$domain.db conf/$domain.db
fi
done
# Print total
if [ "$i" -eq 1 ]; then
echo -e "$(date "+%F %T") *** $i domain ***" |tee -a $BACKUP/$user.log
else
echo -e "$(date "+%F %T") *** $i domains ***"|tee -a $BACKUP/$user.log
fi
fi
# Mail domains
if [ ! -z "$MAIL_SYSTEM" ] && [ "$MAIL" != '*' ]; then
echo -e "\n-- MAIL --" |tee -a $BACKUP/$user.log
mkdir $tmpdir/mail/
# Parsing domain exclusions
conf="$USER_DATA/mail.conf"
for domain in $(search_objects 'mail' 'SUSPENDED' "*" 'DOMAIN'); do
check_exl=$(echo "$MAIL" |tr ',' '\n' |grep "^$domain$")
if [ -z "$check_exl" ]; then
mail_list="$mail_list $domain"
else
echo "$(date "+%F %T") excluding $domain"|tee -a $BACKUP/$user.log
fi
done
mail_list=$(echo "$mail_list" |sed -e "s/ */\ /g" -e "s/^ //")
i=0
for domain in $mail_list; do
((i ++))
echo -e "$(date "+%F %T") $domain" |tee -a $BACKUP/$user.log
mkdir -p $tmpdir/mail/$domain/conf
mkdir -p $tmpdir/mail/$domain/vesta
domain_idn=$domain
format_domain_idn
# Backup exim config
if [[ "$MAIL_SYSTEM" =~ exim ]]; then
cd $tmpdir/mail/$domain/
cp $HOMEDIR/$user/conf/mail/$domain/* conf/
fi
# Backup mail.conf
conf="$USER_DATA/mail.conf"
grep "DOMAIN='$domain'" $conf > vesta/mail.conf
cp $USER_DATA/mail/$domain.* vesta/
if [ ! -z "$(ls $USER_DATA/mail/|grep *@$domain)" ]; then
cp $USER_DATA/mail/*@$domain.* vesta/
fi
# Backup emails
cd $HOMEDIR/$user/mail/$domain_idn
accounts=()
for account in $(ls); do
exclusion=$(echo "$MAIL" |tr ',' '\n' |grep "$domain:")
exclusion=$(echo "$exclusion" |tr ':' '\n' |grep "^$account$")
# Checking exlusions
if [ -z "$exclusion" ] && [[ "$MAIL_SYSTEM" =~ exim ]]; then
accounts+=($account)
else
echo "$(date "+%F %T") excluding mail account $account" |\
tee -a $BACKUP/$user.log
fi
done
# Compress archive
if [ ${#accounts[@]} -gt 0 ]; then
tar -cpf- ${accounts[@]} |gzip -$BACKUP_GZIP - > $tmpdir/mail/$domain/accounts.tar.gz
fi
done
# Print total
if [ "$i" -eq 1 ]; then
echo -e "$(date "+%F %T") *** $i domain ***" |tee -a $BACKUP/$user.log
else
echo -e "$(date "+%F %T") *** $i domains ***"|tee -a $BACKUP/$user.log
fi
fi
# Databases
if [ ! -z "$DB_SYSTEM" ] && [ "$DB" != '*' ]; then
echo -e "\n-- DB --" |tee -a $BACKUP/$user.log
mkdir $tmpdir/db/
# Parsing database exclusions
for database in $(search_objects 'db' 'SUSPENDED' "*" 'DB'); do
exclusion=$(echo "$DB" |tr ',' '\n' |grep "^$database$")
if [ -z "$exclusion" ]; then
db_list="$db_list $database"
else
echo "$(date "+%F %T") excluding $database" |\
tee -a $BACKUP/$user.log
fi
done
i=0
conf="$USER_DATA/db.conf"
db_list=$(echo "$db_list" |sed -e "s/ */\ /g" -e "s/^ //")
for database in $db_list; do
((i ++))
get_database_values
echo -e "$(date "+%F %T") $database ($TYPE)" |tee -a $BACKUP/$user.log
mkdir -p $tmpdir/db/$database/conf
mkdir -p $tmpdir/db/$database/vesta
cd $tmpdir/db/$database/
grep "DB='$database'" $conf > vesta/db.conf
dump="$tmpdir/db/$database/$database.$TYPE.sql"
dumpgz="$tmpdir/db/$database/$database.$TYPE.sql.gz"
grants="$tmpdir/db/$database/conf/$database.$TYPE.$DBUSER"
if [ ! -f "$dumpgz" ]; then
case $TYPE in
mysql) dump_mysql_database ;;
pgsql) dump_pgsql_database ;;
esac
# Compress dump
gzip -$BACKUP_GZIP $dump
fi
done
# Print total
if [ "$i" -eq 1 ]; then
echo -e "$(date "+%F %T") *** $i database ***" |\
tee -a $BACKUP/$user.log
else
echo -e "$(date "+%F %T") *** $i databases ***"|\
tee -a $BACKUP/$user.log
fi
fi
# Cron jobs
if [ ! -z "$CRON_SYSTEM" ] && [ "$CRON" != '*' ]; then
echo -e "\n-- CRON --" |tee -a $BACKUP/$user.log
mkdir $tmpdir/cron/
# Backup cron.conf
cp $USER_DATA/cron.conf $tmpdir/cron/
cron_record=$(wc -l $USER_DATA/cron.conf|cut -f 1 -d ' ')
if [ -e "/var/spool/cron/$user" ]; then
cron_list="$cron_record"
cp /var/spool/cron/$user $tmpdir/cron/
fi
# Print total
if [ "$cron_record" -eq 1 ]; then
echo -e "$(date "+%F %T") *** $cron_record job ***" |\
tee -a $BACKUP/$user.log
else
echo -e "$(date "+%F %T") *** $cron_record jobs ***" |\
tee -a $BACKUP/$user.log
fi
fi
# User Directories
if [ "$USER" != '*' ]; then
echo -e "\n-- User Dir --" |tee -a $BACKUP/$user.log
mkdir $tmpdir/user_dir
cd $HOMEDIR/$user
# Parsing directory exlusions
USER=''
if [ -e "$USER_DATA/backup-excludes.conf" ]; then
source $USER_DATA/backup-excludes.conf
fi
fargs=()
for xpath in $(echo "$USER" |tr ',' '\n'); do
if [ -d "$xpath" ]; then
fargs+=(--exclude=$xpath/*)
echo "$(date "+%F %T") excluding directory $xpath" |\
tee -a $BACKUP/$user.log
else
echo "$(date "+%F %T") excluding file $xpath" |\
tee -a $BACKUP/$user.log
fargs+=(--exclude=$xpath)
fi
done
IFS=$'\n'
set -f
i=0
for udir in $(ls -a |egrep -v "^conf$|^web$|^dns$|^mail$|^\.\.$|^\.$"); do
exclusion=$(echo "$USER" |tr ',' '\n' |grep "^$udir$")
if [ -z "$exclusion" ]; then
((i ++))
udir_str=$(echo "$udir" |sed -e "s|'|\\\'|g")
udir_list="$udir_list $udir_str"
echo -e "$(date "+%F %T") adding $udir" |tee -a $BACKUP/$user.log
# Backup files and dirs
tar --anchored -cpf- ${fargs[@]} $udir |gzip -$BACKUP_GZIP - > $tmpdir/user_dir/$udir.tar.gz
fi
done
set +f
udir_list=$(echo "$udir_list" |sed -e "s/ */\ /g" -e "s/^ //")
# Print total
if [ "$i" -eq 1 ]; then
echo -e "$(date "+%F %T") *** $i user directory ***" |\
tee -a $BACKUP/$user.log
else
echo -e "$(date "+%F %T") *** $i directories ***" |\
tee -a $BACKUP/$user.log
fi
fi
# Get backup size
size="$(du -shm $tmpdir |cut -f 1)"
# Get current time
end_time=$(date '+%s')
time_n_date=$(date +'%T %F')
time=$(echo "$time_n_date" |cut -f 1 -d \ )
date=$(echo "$time_n_date" |cut -f 2 -d \ )
backup_new_date=$(date +"%Y-%m-%d_%H-%M-%S")
# Defining local storage function
local_backup(){
rm -f $BACKUP/$user.$backup_new_date.tar
# Checking retention
backup_list=$(ls -lrt $BACKUP/ |awk '{print $9}' |grep "^$user\." | grep ".tar")
backups_count=$(echo "$backup_list" |wc -l)
if [ "$BACKUPS" -le "$backups_count" ]; then
backups_rm_number=$((backups_count - BACKUPS + 1))
# Removing old backup
for backup in $(echo "$backup_list" |head -n $backups_rm_number); do
backup_date=$(echo $backup |sed -e "s/$user.//" -e "s/.tar$//")
echo -e "$(date "+%F %T") Rotated: $backup_date" |\
tee -a $BACKUP/$user.log
rm -f $BACKUP/$backup
done
fi
# Checking disk space
disk_usage=$(df $BACKUP |tail -n1 |tr ' ' '\n' |grep % |cut -f 1 -d %)
if [ "$disk_usage" -ge "$BACKUP_DISK_LIMIT" ]; then
rm -rf $tmpdir
rm -f $BACKUP/$user.log
sed -i "/ $user /d" $VESTA/data/queue/backup.pipe
echo "Not enough disk space" |$SENDMAIL -s "$subj" $email $notify
check_result "$E_DISK" "Not enough dsk space"
fi
# Creating final tarball
cd $tmpdir
tar -cf $BACKUP/$user.$backup_new_date.tar .
chmod 640 $BACKUP/$user.$backup_new_date.tar
chown admin:$user $BACKUP/$user.$backup_new_date.tar
localbackup='yes'
echo -e "$(date "+%F %T") Local: $BACKUP/$user.$backup_new_date.tar" |\
tee -a $BACKUP/$user.log
}
# Defining ftp command function
ftpc() {
/usr/bin/ftp -np $HOST $PORT <<EOF
quote USER $USERNAME
quote PASS $PASSWORD
binary
$1
$2
$3
quit
EOF
}
# Defining ftp storage function
ftp_backup() {
# Checking config
if [ ! -e "$VESTA/conf/ftp.backup.conf" ]; then
error="ftp.backup.conf doesn't exist"
rm -rf $tmpdir
rm -f $BACKUP/$user.log
echo "$error" |$SENDMAIL -s "$subj" $email $notify
sed -i "/ $user /d" $VESTA/data/queue/backup.pipe
check_result "$E_NOTEXIST" "$error"
fi
# Parse config
source $VESTA/conf/ftp.backup.conf
# Set default port
if [ -z "$(grep 'PORT=' $VESTA/conf/ftp.backup.conf)" ]; then
PORT='21'
fi
# Checking variables
if [ -z "$HOST" ] || [ -z "$USERNAME" ] || [ -z "$PASSWORD" ]; then
error="Can't parse ftp backup configuration"
rm -rf $tmpdir
rm -f $BACKUP/$user.log
echo "$error" |$SENDMAIL -s "$subj" $email $notify
sed -i "/ $user /d" $VESTA/data/queue/backup.pipe
check_result "$E_PARSING" "$error"
fi
# Debug info
echo -e "$(date "+%F %T") Remote: ftp://$HOST/$BPATH/$user.$backup_new_date.tar"
# Checking ftp connection
fconn=$(ftpc)
ferror=$(echo $fconn |grep -i -e failed -e error -e "Can't" -e "not conn")
if [ ! -z "$ferror" ]; then
error="Error: can't login to ftp ftp://$USERNAME@$HOST"
rm -rf $tmpdir
rm -f $BACKUP/$user.log
echo "$error" |$SENDMAIL -s "$subj" $email $notify
sed -i "/ $user /d" $VESTA/data/queue/backup.pipe
check_result "$E_CONNECT" "$error"
fi
# Check ftp permissions
if [ -z $BPATH ]; then
ftmpdir="vst.bK76A9SUkt"
else
ftpc "mkdir $BPATH" > /dev/null 2>&1
ftmpdir="$BPATH/vst.bK76A9SUkt"
fi
ftpc "mkdir $ftmpdir" "rm $ftmpdir"
ftp_result=$(ftpc "mkdir $ftmpdir" "rm $ftmpdir" |grep -v Trying)
if [ ! -z "$ftp_result" ] ; then
error="Can't create ftp backup folder ftp://$HOST$BPATH"
rm -rf $tmpdir
rm -f $BACKUP/$user.log
echo "$error" |$SENDMAIL -s "$subj" $email $notify
sed -i "/ $user /d" $VESTA/data/queue/backup.pipe
check_result "$E_FTP" "$error"
fi
# Checking retention
if [ -z $BPATH ]; then
backup_list=$(ftpc "ls" |awk '{print $9}' |grep "^$user\.")
else
backup_list=$(ftpc "cd $BPATH" "ls" |awk '{print $9}' |grep "^$user\.")
fi
backups_count=$(echo "$backup_list" |wc -l)
if [ "$backups_count" -ge "$BACKUPS" ]; then
backups_rm_number=$((backups_count - BACKUPS + 1))
for backup in $(echo "$backup_list" |head -n $backups_rm_number); do
backup_date=$(echo $backup |sed -e "s/$user.//" -e "s/.tar$//")
echo -e "$(date "+%F %T") Rotated ftp backup: $backup_date" |\
tee -a $BACKUP/$user.log
if [ -z $BPATH ]; then
ftpc "delete $backup"
else
ftpc "cd $BPATH" "delete $backup"
fi
done
fi
# Uploading backup archive
if [ "$localbackup" = 'yes' ]; then
cd $BACKUP
if [ -z $BPATH ]; then
ftpc "put $user.$backup_new_date.tar"
else
ftpc "cd $BPATH" "put $user.$backup_new_date.tar"
fi
else
cd $tmpdir
tar -cf $BACKUP/$user.$backup_new_date.tar .
cd $BACKUP/
if [ -z $BPATH ]; then
ftpc "put $user.$backup_new_date.tar"
else
ftpc "cd $BPATH" "put $user.$backup_new_date.tar"
fi
rm -f $user.$backup_new_date.tar
fi
}
# sftp command function
sftpc() {
expect -f "-" <<EOF "$@"
set timeout 60
set count 0
spawn /usr/bin/sftp -o StrictHostKeyChecking=no \
-o Port=$PORT $USERNAME@$HOST
expect {
"password:" {
send "$PASSWORD\r"
exp_continue
}
-re "Couldn't|(.*)disconnect|(.*)stalled|(.*)not found" {
set count \$argc
set output "Disconnected."
set rc $E_FTP
exp_continue
}
-re ".*denied.*(publickey|password)." {
set output "Permission denied, wrong publickey or password."
set rc $E_CONNECT
}
-re "\[0-9]*%" {
exp_continue
}
"sftp>" {
if {\$count < \$argc} {
set arg [lindex \$argv \$count]
send "\$arg\r"
incr count
} else {
send "exit\r"
set output "Disconnected."
if {[info exists rc] != 1} {
set rc $OK
}
}
exp_continue
}
timeout {
set output "Connection timeout."
set rc $E_CONNECT
}
}
if {[info exists output] == 1} {
puts "\$output"
}
exit \$rc
EOF
}
sftp_backup() {
# Checking config
if [ ! -e "$VESTA/conf/sftp.backup.conf" ]; then
error="Can't open sftp.backup.conf"
rm -rf $tmpdir
rm -f $BACKUP/$user.log
echo "$error" |$SENDMAIL -s "$subj" $email $notify
sed -i "/ $user /d" $VESTA/data/queue/backup.pipe
check_result "$E_NOTEXIST" "$error"
fi
# Parse config
source $VESTA/conf/sftp.backup.conf
# Set default port
if [ -z "$(grep 'PORT=' $VESTA/conf/sftp.backup.conf)" ]; then
PORT='22'
fi
# Checking variables
if [ -z "$HOST" ] || [ -z "$USERNAME" ] || [ -z "$PASSWORD" ]; then
error="Can't parse sftp backup configuration"
rm -rf $tmpdir
rm -f $BACKUP/$user.log
echo "$error" |$SENDMAIL -s "$subj" $email $notify
sed -i "/ $user /d" $VESTA/data/queue/backup.pipe
check_result "$E_PARSING" "$error"
fi
# Debug info
echo -e "$(date "+%F %T") Remote: sftp://$HOST/$BPATH/$user.$backup_new_date.tar" |\
tee -a $BACKUP/$user.log
# Checking network connection and write permissions
if [ -z $BPATH ]; then
sftmpdir="vst.bK76A9SUkt"
else
sftmpdir="$BPATH/vst.bK76A9SUkt"
fi
sftpc "mkdir $BPATH" > /dev/null 2>&1
sftpc "mkdir $sftmpdir" "rmdir $sftmpdir" > /dev/null 2>&1
rc=$?
if [[ "$rc" != 0 ]]; then
case $rc in
$E_CONNECT) error="Can't login to sftp host $HOST" ;;
$E_FTP) error="Can't create temp folder on sftp $HOST" ;;
esac
rm -rf $tmpdir
rm -f $BACKUP/$user.log
echo "$error" |$SENDMAIL -s "$subj" $email $notify
sed -i "/ $user /d" $VESTA/data/queue/backup.pipe
check_result "$rc" "$error"
fi
# Checking retention
if [ -z $BPATH ]; then
backup_list=$(sftpc "ls -l" |awk '{print $9}'|grep "^$user\.")
else
backup_list=$(sftpc "cd $BPATH" "ls -l" |awk '{print $9}'|grep "^$user\.")
fi
backups_count=$(echo "$backup_list" |wc -l)
if [ "$backups_count" -ge "$BACKUPS" ]; then
backups_rm_number=$((backups_count - BACKUPS + 1))
for backup in $(echo "$backup_list" |head -n $backups_rm_number); do
backup_date=$(echo $backup |sed -e "s/$user.//" -e "s/.tar.*$//")
echo -e "$(date "+%F %T") Rotated sftp backup: $backup_date" |\
tee -a $BACKUP/$user.log
if [ -z $BPATH ]; then
sftpc "rm $backup" > /dev/null 2>&1
else
sftpc "cd $BPATH" "rm $backup" > /dev/null 2>&1
fi
done
fi
# Uploading backup archive
echo "$(date "+%F %T") Uploading $user.$backup_new_date.tar"|tee -a $BACKUP/$user.log
if [ "$localbackup" = 'yes' ]; then
cd $BACKUP
if [ -z $BPATH ]; then
sftpc "put $user.$backup_new_date.tar" "chmod 0600 $user.$backup_new_date.tar" > /dev/null 2>&1
else
sftpc "cd $BPATH" "put $user.$backup_new_date.tar" "chmod 0600 $user.$backup_new_date.tar" > /dev/null 2>&1
fi
else
cd $tmpdir
tar -cf $BACKUP/$user.$backup_new_date.tar .
cd $BACKUP/
if [ -z $BPATH ]; then
sftpc "put $user.$backup_new_date.tar" "chmod 0600 $user.$backup_new_date.tar" > /dev/null 2>&1
else
sftpc "cd $BPATH" "put $user.$backup_new_date.tar" "chmod 0600 $user.$backup_new_date.tar" > /dev/null 2>&1
fi
rm -f $user.$backup_new_date.tar
fi
}
google_backup() {
# Defining google settings
source $VESTA/conf/google.backup.conf
gsutil="$VESTA/3rdparty/gsutil/gsutil"
export BOTO_CONFIG="$VESTA/conf/.google.backup.boto"
# Debug info
echo -e "$(date "+%F %T") Remote: gs://$BUCKET/$BPATH/$user.$backup_new_date.tar"
# Checking retention
backup_list=$(${gsutil} ls gs://$BUCKET/$BPATH/$user.* 2>/dev/null)
backups_count=$(echo "$backup_list" |wc -l)
if [ "$backups_count" -ge "$BACKUPS" ]; then
backups_rm_number=$((backups_count - BACKUPS))
for backup in $(echo "$backup_list" |head -n $backups_rm_number); do
echo -e "$(date "+%F %T") Rotated gcp backup: $backup"
$gsutil rm $backup > /dev/null 2>&1
done
fi
# Uploading backup archive
echo -e "$(date "+%F %T") Uploading $user.$backup_new_date.tar ..."
if [ "$localbackup" = 'yes' ]; then
cd $BACKUP
${gsutil} cp $user.$backup_new_date.tar gs://$BUCKET/$BPATH/ > /dev/null 2>&1
else
cd $tmpdir
tar -cf $BACKUP/$user.$backup_new_date.tar .
cd $BACKUP/
${gsutil} cp $user.$backup_new_date.tar gs://$BUCKET/$BPATH/ > /dev/null 2>&1
rc=$?
rm -f $user.$backup_new_date.tar
if [ "$rc" -ne 0 ]; then
check_result "$E_CONNECT" "gsutil failed to upload $user.$backup_new_date.tar"
fi
fi
}
echo -e "\n-- SUMMARY --" |tee -a $BACKUP/$user.log
# Switching on backup system types
for backup_type in $(echo -e "${BACKUP_SYSTEM//,/\\n}"); do
case $backup_type in
local) local_backup ;;
ftp) ftp_backup ;;
sftp) sftp_backup ;;
google) google_backup ;;
esac
done
# Removing tmpdir
rm -rf $tmpdir
# Calculation run time
run_time=$((end_time - start_time))
run_time=$((run_time / 60))
current_time=$(date "+%T")
if [ "$run_time" -lt 1 ]; then
run_time=1
fi
min=minutes
if [ "$run_time" -eq 1 ]; then
min=minute
fi
echo "$(date "+%F %T") Size: $size MB" |tee -a $BACKUP/$user.log
echo "$(date "+%F %T") Runtime: $run_time $min" |tee -a $BACKUP/$user.log
#----------------------------------------------------------#
# Vesta #
#----------------------------------------------------------#
# Removing duplicate
touch $USER_DATA/backup.conf
sed -i "/$user.$backup_new_date.tar/d" $USER_DATA/backup.conf
# Registering new backup
backup_str="BACKUP='$user.$backup_new_date.tar'"
backup_str="$backup_str TYPE='$BACKUP_SYSTEM' SIZE='$size'"
backup_str="$backup_str WEB='${web_list// /,}'"
backup_str="$backup_str DNS='${dns_list// /,}'"
backup_str="$backup_str MAIL='${mail_list// /,}'"
backup_str="$backup_str DB='${db_list// /,}'"
backup_str="$backup_str CRON='$cron_list'"
backup_str="$backup_str UDIR='${udir_list// /,}'"
backup_str="$backup_str RUNTIME='$run_time' TIME='$time' DATE='$date'"
echo "$backup_str" >> $USER_DATA/backup.conf
# Removing old backups
tail -n $BACKUPS $USER_DATA/backup.conf > $USER_DATA/backup.conf_
mv -f $USER_DATA/backup.conf_ $USER_DATA/backup.conf
chmod 660 $USER_DATA/backup.conf
# Deleting task from queue
sed -i "/v-backup-user $user /d" $VESTA/data/queue/backup.pipe
U_BACKUPS=$(grep BACKUP $USER_DATA/backup.conf |wc -l)
update_user_value "$user" '$U_BACKUPS' "$U_BACKUPS"
# Send notification
if [ -e "$BACKUP/$user.log" ]; then
cd $BACKUP
subj="$user → backup has been completed"
email=$(get_user_value '$CONTACT')
cat $BACKUP/$user.log |$SENDMAIL -s "$subj" $email $notify
rm $BACKUP/$user.log
fi
# Logging
log_event "$OK" "$ARGUMENTS"
exit

52
bin/v-backup-users
View file

@ -1,52 +0,0 @@
#!/bin/bash
# info: backup all users
# options: NONE
#
# The function backups all system users.
#----------------------------------------------------------#
# Variable&Function #
#----------------------------------------------------------#
# Importing system environment as we run this script
# mostly by cron which not read it by itself
source /etc/profile
# Includes
source $VESTA/func/main.sh
source $VESTA/conf/vesta.conf
#----------------------------------------------------------#
# Action #
#----------------------------------------------------------#
$BIN/v-check-vesta-license >/dev/null
if [ -z "$BACKUP_SYSTEM" ]; then
exit
fi
for user in $(grep '@' /etc/passwd |cut -f1 -d:); do
if [ ! -f "$VESTA/data/users/$user/user.conf" ]; then
continue;
fi
check_suspend=$(grep "SUSPENDED='no'" $VESTA/data/users/$user/user.conf)
log=$VESTA/log/backup.log
if [ ! -z "$check_suspend" ]; then
echo -e "================================" >> $log
echo -e "$user" >> $log
echo -e "--------------------------------\n" >> $log
$BIN/v-backup-user $user >> $log 2>&1
echo -e "\n--------------------------------\n\n" >> $log
fi
done
#----------------------------------------------------------#
# Vesta #
#----------------------------------------------------------#
# No Logging
#log_event "$OK" "$ARGUMENTS"
exit

80
bin/v-change-cron-job
View file

@ -1,80 +0,0 @@
#!/bin/bash
# info: change cron job
# options: USER JOB MIN HOUR DAY MONTH WDAY COMMAND
#
# The function is used for changing existing job. It fully replace job
# parameters with new one but with same id.
#----------------------------------------------------------#
# Variable&Function #
#----------------------------------------------------------#
# Argument definition
user=$1
job=$2
min=$3
hour=$4
day=$5
month=$6
wday=$7
command=$8
# Includes
source $VESTA/func/main.sh
source $VESTA/conf/vesta.conf
#----------------------------------------------------------#
# Verifications #
#----------------------------------------------------------#
check_args '7' "$#" 'USER JOB MIN HOUR DAY MONTH WDAY COMMAND'
is_format_valid 'user' 'job' 'min' 'hour' 'day' 'month' 'wday' 'command'
is_system_enabled "$CRON_SYSTEM" 'CRON_SYSTEM'
is_object_valid 'user' 'USER' "$user"
is_object_unsuspended 'user' 'USER' "$user"
is_object_valid 'cron' 'JOB' "$job"
is_object_unsuspended 'cron' 'JOB' "$job"
#----------------------------------------------------------#
# Action #
#----------------------------------------------------------#
# Generating timestamp
time_n_date=$(date +'%T %F')
time=$(echo "$time_n_date" |cut -f 1 -d \ )
date=$(echo "$time_n_date" |cut -f 2 -d \ )
# Concatenating cron string
command=$(echo $command | sed -e "s/'/%quote%/g")
str="JOB='$job' MIN='$min' HOUR='$hour' DAY='$day' MONTH='$month' WDAY='$wday'"
str="$str CMD='$command' SUSPENDED='no' TIME='$time' DATE='$date'"
# Deleting old job
sed -i "/JOB='$job' /d" $USER_DATA/cron.conf
# Adding new
echo "$str" >> $USER_DATA/cron.conf
# Sorting jobs by id
sort_cron_jobs
# Sync system cron with user
sync_cron_jobs
#----------------------------------------------------------#
# Vesta #
#----------------------------------------------------------#
# Restarting crond
$BIN/v-restart-cron
check_result $? "Cron restart failed" >/dev/null
# Logging
log_history "changed cron job $job"
log_event "$OK" "$ARGUMENTS"
exit

68
bin/v-change-database-host-password
View file

@ -1,68 +0,0 @@
#!/bin/bash
# info: change database server password
# options: TYPE HOST USER PASSWORD
#
# The function changes database server password.
#----------------------------------------------------------#
# Variable&Function #
#----------------------------------------------------------#
# Argument definition
type=$1
host=$2
dbuser=$3
password=$4; HIDE=4
# Includes
source $VESTA/func/main.sh
source $VESTA/func/db.sh
source $VESTA/conf/vesta.conf
#----------------------------------------------------------#
# Verifications #
#----------------------------------------------------------#
args_usage='TYPE HOST DBUSER DBPASS'
check_args '4' "$#" "$args_usage"
is_format_valid 'host' 'dbuser'
is_object_valid "../../conf/$type" 'HOST' "$host"
dbpass="$password"
#----------------------------------------------------------#
# Action #
#----------------------------------------------------------#
# Define email
email=$(grep CONTACT $VESTA/data/users/admin/user.conf |cut -f2 -d \')
subj="v-change-database-host-password $*"
case $type in
mysql) mysql_connect $host;
query="USE mysql; UPDATE user SET"
query="$query password=PASSWORD('$dbpass')"
query="$query WHERE User='$dbuser';"
query="$query FLUSH PRIVILEGES;"
mysql_query "$query" ;
if [ "$dbuser" == "root" ]; then
echo -e "[client]\npassword='$dbpass'\n" > /root/.my.cnf
chmod 600 /root/.my.cnf
fi;;
pgsql) echo "TBD" >/dev/null;;
esac
update_object_value "../../conf/$type" 'HOST' "$host" '$USER' "$dbuser"
update_object_value "../../conf/$type" 'HOST' "$host" '$PASSWORD' "$dbpass"
#----------------------------------------------------------#
# Vesta #
#----------------------------------------------------------#
# Logging
log_event "$OK" "$ARGUMENTS"
exit

124
bin/v-change-database-owner
View file

@ -1,124 +0,0 @@
#!/bin/bash
# info: change database owner
# options: DATABASE USER
#
# The function for changing database owner.
#----------------------------------------------------------#
# Variable&Function #
#----------------------------------------------------------#
# Argument definition
database=$1
user=$2
# Includes
source $VESTA/func/main.sh
source $VESTA/func/db.sh
source $VESTA/func/rebuild.sh
source $VESTA/conf/vesta.conf
#----------------------------------------------------------#
# Verifications #
#----------------------------------------------------------#
check_args '2' "$#" 'DATABASE USER'
is_format_valid 'database' 'user'
is_system_enabled "$DB_SYSTEM" 'DB_SYSTEM'
is_object_valid 'user' 'USER' "$user"
is_object_unsuspended 'user' 'USER' "$user"
# Check owner existance
owner=$(echo $database | cut -f 1 -d '_')
if [ ! -e "$VESTA/data/users/$owner" ]; then
echo "Error: database owner doesn't exist"
log_event "$E_NOTEXIST" "$ARGUMENTS"
exit $E_NOTEXIST
fi
# Check if owner is the same as the dst user
if [ "$owner" = "$user" ]; then
exit
fi
# Check db existance
db_data=$(grep "DB='$database'" $VESTA/data/users/$owner/db.conf)
if [ -z "$db_data" ]; then
echo "Error: database $database doesn't exist"
log_event "$E_NOTEXIST" "$ARGUMENTS"
exit $E_NOTEXIST
fi
# Check if datbase name is uniq
new_db=$(echo $database | sed "s/^${owner}_/${user}_/")
check_db=$(grep "DB='$new_db'" $VESTA/data/users/$user/db.conf)
if [ ! -z "$check_db" ]; then
echo "Error: $new_db database exists"
log_event "$E_EXISTS" "$ARGUMENTS"
exit $E_EXISTS
fi
#----------------------------------------------------------#
# Action #
#----------------------------------------------------------#
# Creating temporary directory
tmpdir=$(mktemp -p $BACKUP -d)
if [ "$?" -ne 0 ]; then
echo "Error: can't create $tmpdir"
log_event "$E_NOTEXIST" "$ARGUMENTS"
exit $E_NOTEXIST
fi
# Suspend database
$BIN/v-suspend-database $owner $database > /dev/null 2>&1
# Dump database
eval $db_data
dump="$tmpdir/$database.$TYPE.sql"
grants="$tmpdir/$database.$TYPE.$DBUSER"
case $TYPE in
mysql) dump_mysql_database ;;
pgsql) dump_pgsql_database ;;
esac
# Import configuration
db_data=$(echo "$db_data" | sed "s/'${owner}_/'${user}_/g")
echo "$db_data" >> $VESTA/data/users/$user/db.conf
eval $db_data
# Unsuspend db
$BIN/v-unsuspend-database $user $new_db > /dev/null 2>&1
# Rebuild databases
$BIN/v-rebuild-databases $user
# Import dump
case $TYPE in
mysql) import_mysql_database $dump ;;
pgsql) import_pgsql_database $dump ;;
esac
# Deleting tmpdir
rm -rf $tmpdir
# Remove old database
$BIN/v-unsuspend-database $owner $database > /dev/null 2>&1
$BIN/v-delete-database $owner $database > /dev/null 2>&1
# Update counters
$BIN/v-update-user-counters $owner
$BIN/v-update-user-counters $user
#----------------------------------------------------------#
# Vesta #
#----------------------------------------------------------#
# Logging
log_event "$OK" "$ARGUMENTS"
exit

61
bin/v-change-database-password
View file

@ -1,61 +0,0 @@
#!/bin/bash
# info: change database password
# options: USER DATABASE DBPASS
#
# The function for changing database user password to a database. It uses the
# full name of database as argument.
#----------------------------------------------------------#
# Variable&Function #
#----------------------------------------------------------#
# Argument definition
user=$1
database=$2
password=$3; HIDE=3
# Includes
source $VESTA/func/main.sh
source $VESTA/func/db.sh
source $VESTA/conf/vesta.conf
#----------------------------------------------------------#
# Verifications #
#----------------------------------------------------------#
check_args '3' "$#" 'USER DATABASE DBPASS'
is_format_valid 'user' 'database'
is_system_enabled "$DB_SYSTEM" 'DB_SYSTEM'
is_object_valid 'user' 'USER' "$user"
is_object_unsuspended 'user' 'USER' "$user"
is_object_valid 'db' 'DB' "$database"
is_object_unsuspended 'db' 'DB' "$database"
is_password_valid
dbpass="$password"
#----------------------------------------------------------#
# Action #
#----------------------------------------------------------#
# Get database values
get_database_values
case $TYPE in
mysql) change_mysql_password ;;
pgsql) change_pgsql_password ;;
esac
#----------------------------------------------------------#
# Vesta #
#----------------------------------------------------------#
# Update config value
update_object_value 'db' 'DB' "$database" '$MD5' "$md5"
# Logging
log_history "changed $database database password"
log_event "$OK" "$ARGUMENTS"
exit

91
bin/v-change-database-user
View file

@ -1,91 +0,0 @@
#!/bin/bash
# info: change database username
# options: USER DATABASE DBUSER [DBPASS]
#
# The function for changing database user. It uses the
#----------------------------------------------------------#
# Variable&Function #
#----------------------------------------------------------#
# Argument definition
user=$1
database=$2
dbuser="$user"_"$3"
password=$4; HIDE=4
# Includes
source $VESTA/func/main.sh
source $VESTA/func/db.sh
source $VESTA/func/rebuild.sh
source $VESTA/conf/vesta.conf
#----------------------------------------------------------#
# Verifications #
#----------------------------------------------------------#
check_args '3' "$#" 'USER DATABASE DBUSER [DBPASS]'
is_format_valid 'user' 'database' 'dbuser'
is_system_enabled "$DB_SYSTEM" 'DB_SYSTEM'
is_object_valid 'user' 'USER' "$user"
is_object_unsuspended 'user' 'USER' "$user"
is_object_valid 'db' 'DB' "$database"
is_object_unsuspended 'db' 'DB' "$database"
is_password_valid
dbpass="$password"
#----------------------------------------------------------#
# Action #
#----------------------------------------------------------#
# Compare old and new user
old_dbuser=$(get_object_value 'db' 'DB' "$database" '$DBUSER')
if [ "$old_dbuser" = "$dbuser" ]; then
exit
fi
# Set new dbuser
update_object_value 'db' 'DB' "$database" '$DBUSER' "$dbuser"
# Get database values
get_database_values
# Rebuild datbase
case $TYPE in
mysql) rebuild_mysql_database ;;
pgsql) rebuild_pgsql_database ;;
esac
# Change password
if [ ! -z "$dbpass" ]; then
case $TYPE in
mysql) change_mysql_password ;;
pgsql) change_pgsql_password ;;
esac
# Update config value
update_object_value 'db' 'DB' "$database" '$MD5' "$md5"
fi
# Remove old user
check_old_dbuser=$(grep "DBUSER='$old_dbuser'" $USER_DATA/db.conf)
if [ -z "$check_old_dbuser" ]; then
case $TYPE in
mysql) delete_mysql_user ;;
pgsql) delete_pgsql_user ;;
esac
fi
#----------------------------------------------------------#
# Vesta #
#----------------------------------------------------------#
# Logging
log_history "changed $database database user to $dbuser"
log_event "$OK" "$ARGUMENTS"
exit

68
bin/v-change-dns-domain-exp
View file

@ -1,68 +0,0 @@
#!/bin/bash
# info: change dns domain expiration date
# options: USER DOMAIN EXP
#
# The function of changing the term of expiration domain's registration. The
# serial number will be refreshed automatically during update.
#----------------------------------------------------------#
# Variable&Function #
#----------------------------------------------------------#
# Argument definition
user=$1
domain=$2
domain_idn=$2
exp=$3
# Includes
source $VESTA/func/main.sh
source $VESTA/conf/vesta.conf
# Additional argument formatting
format_domain
format_domain_idn
# TODO: $domain_idn not used in this script - maybe $domain should be converted to $doman_idn ?
#----------------------------------------------------------#
# Verifications #
#----------------------------------------------------------#
check_args '3' "$#" 'USER DOMAIN EXP'
is_format_valid 'user' 'domain' 'exp'
is_system_enabled "$DNS_SYSTEM" 'DNS_SYSTEM'
is_object_valid 'user' 'USER' "$user"
is_object_unsuspended 'user' 'USER' "$user"
is_object_valid 'dns' 'DOMAIN' "$domain"
is_object_unsuspended 'dns' 'DOMAIN' "$domain"
#----------------------------------------------------------#
# Action #
#----------------------------------------------------------#
# Changing exp
update_object_value 'dns' 'DOMAIN' "$domain" '$EXP' "$exp"
# Updating dns-cluster queue
if [ ! -z "$DNS_CLUSTER" ]; then
# Check for first sync
dlock=$(grep "domain $user $domain" $VESTA/data/queue/dns-cluster.pipe)
if [ -z "$dlock" ]; then
cmd="$BIN/v-change-remote-dns-domain-exp $user $domain $exp"
echo "$cmd" >> $VESTA/data/queue/dns-cluster.pipe
fi
fi
#----------------------------------------------------------#
# Vesta #
#----------------------------------------------------------#
# Logging
log_history "changed whois expiration date for $domain"
log_event "$OK" "$ARGUMENTS"
exit

86
bin/v-change-dns-domain-ip
View file

@ -1,86 +0,0 @@
#!/bin/bash
# info: change dns domain ip address
# options: USER DOMAIN IP
#
# The function for changing the main ip of DNS zone.
#----------------------------------------------------------#
# Variable&Function #
#----------------------------------------------------------#
# Argument definition
user=$1
domain=$2
domain_idn=$2
ip=$3
restart=$4
# Includes
source $VESTA/func/main.sh
source $VESTA/func/domain.sh
source $VESTA/conf/vesta.conf
# Additional argument formatting
format_domain
format_domain_idn
# TODO: $domain_idn not used in this script - maybe $domain should be converted to $doman_idn ?
#----------------------------------------------------------#
# Verifications #
#----------------------------------------------------------#
check_args '3' "$#" 'USER DOMAIN IP'
is_format_valid 'user' 'domain' 'ip'
is_system_enabled "$DNS_SYSTEM" 'DNS_SYSTEM'
is_object_valid 'user' 'USER' "$user"
is_object_unsuspended 'user' 'USER' "$user"
is_object_valid 'dns' 'DOMAIN' "$domain"
is_object_unsuspended 'dns' 'DOMAIN' "$domain"
#----------------------------------------------------------#
# Action #
#----------------------------------------------------------#
# Get old ip
get_domain_values 'dns'
old=$IP
# Changing ip
update_object_value 'dns' 'DOMAIN' "$domain" '$IP' "$ip"
# Changing records
sed -i "s/$old/$ip/g" $USER_DATA/dns/$domain.conf
# Updating zone
if [[ "$DNS_SYSTEM" =~ named|bind ]]; then
update_domain_serial
update_domain_zone
fi
# Updating dns-cluster queue
if [ ! -z "$DNS_CLUSTER" ]; then
# Check for first sync
dlock=$(grep "domain $user $domain" $VESTA/data/queue/dns-cluster.pipe)
if [ -z "$dlock" ]; then
cmd="$BIN/v-add-remote-dns-domain $user $domain domain yes"
echo "$cmd" >> $VESTA/data/queue/dns-cluster.pipe
fi
fi
#----------------------------------------------------------#
# Vesta #
#----------------------------------------------------------#
# Restarting named
$BIN/v-restart-dns $restart
check_result $? "DNS restart failed" >/dev/null
# Logging
log_history "changed dns ip for $domain to $ip"
log_event "$OK" "$ARGUMENTS"
exit

80
bin/v-change-dns-domain-soa
View file

@ -1,80 +0,0 @@
#!/bin/bash
# info: change dns domain soa record
# options: USER DOMAIN SOA
#
# The function for changing SOA record. This type of records can not be
# modified by v-change-dns-record call.
#----------------------------------------------------------#
# Variable&Function #
#----------------------------------------------------------#
# Argument definition
user=$1
domain=$2
domain_idn=$2
soa=$(echo $3 | sed -e 's/\.*$//g' -e 's/^\.*//g')
restart=$4
# Includes
source $VESTA/func/main.sh
source $VESTA/func/domain.sh
source $VESTA/conf/vesta.conf
# Additional argument formatting
format_domain
format_domain_idn
# TODO: $domain_idn not used in this script - maybe $domain should be converted to $doman_idn ?
#----------------------------------------------------------#
# Verifications #
#----------------------------------------------------------#
check_args '3' "$#" 'USER DOMAIN SOA'
is_format_valid 'user' 'domain' 'soa'
is_system_enabled "$DNS_SYSTEM" 'DNS_SYSTEM'
is_object_valid 'user' 'USER' "$user"
is_object_unsuspended 'user' 'USER' "$user"
is_object_valid 'dns' 'DOMAIN' "$domain"
is_object_unsuspended 'dns' 'DOMAIN' "$domain"
#----------------------------------------------------------#
# Action #
#----------------------------------------------------------#
# Changing soa
update_object_value 'dns' 'DOMAIN' "$domain" '$SOA' "$soa"
# Updating zone
if [[ "$DNS_SYSTEM" =~ named|bind ]]; then
update_domain_serial
update_domain_zone
fi
# Updating dns-cluster queue
if [ ! -z "$DNS_CLUSTER" ]; then
# Check for first sync
dlock=$(grep "domain $user $domain" $VESTA/data/queue/dns-cluster.pipe)
if [ -z "$dlock" ]; then
cmd="$BIN/v-change-remote-dns-domain-soa $user $domain $soa"
echo "$cmd" >> $VESTA/data/queue/dns-cluster.pipe
fi
fi
#----------------------------------------------------------#
# Vesta #
#----------------------------------------------------------#
# Restarting named
$BIN/v-restart-dns $restart
check_result $? "DNS restart failed" >/dev/null
# Logging
log_history "changed soa record for $domain to $soa"
log_event "$OK" "$ARGUMENTS"
exit

131
bin/v-change-dns-domain-tpl
View file

@ -1,131 +0,0 @@
#!/bin/bash
# info: change dns domain template
# options: USER DOMAIN TEMPLATE [RESTART]
#
# The function for changing the template of records. By updating old records
# will be removed and new records will be generated in accordance with
# parameters of new template.
#----------------------------------------------------------#
# Variable&Function #
#----------------------------------------------------------#
# Argument definition
user=$1
domain=$2
domain_idn=$2
template=$3
restart=$4
# Includes
source $VESTA/func/main.sh
source $VESTA/func/domain.sh
source $VESTA/conf/vesta.conf
# Additional argument formatting
format_domain
format_domain_idn
#----------------------------------------------------------#
# Verifications #
#----------------------------------------------------------#
check_args '3' "$#" 'USER DOMAIN TEMPLATE [RESTART]'
is_format_valid 'user' 'domain' 'template'
is_system_enabled "$DNS_SYSTEM" 'DNS_SYSTEM'
is_object_valid 'user' 'USER' "$user"
is_object_unsuspended 'user' 'USER' "$user"
is_object_valid 'dns' 'DOMAIN' "$domain"
is_object_unsuspended 'dns' 'DOMAIN' "$domain"
is_dns_template_valid "$template"
#----------------------------------------------------------#
# Action #
#----------------------------------------------------------#
# Defining variables
get_domain_values 'dns'
i=1
ns=$(get_user_value '$NS')
for nameserver in ${ns//,/ };do
eval ns$i=$nameserver
(( ++i))
done
# Reading template
template_data=$(cat $DNSTPL/$template.tpl)
# Deleting unused nameservers
if [ -z "$ns3" ]; then
template_data=$(echo "$template_data" |grep -v %ns3%)
fi
if [ -z "$ns4" ]; then
template_data=$(echo "$template_data" |grep -v %ns4%)
fi
if [ -z "$ns5" ]; then
template_data=$(echo "$template_data" |grep -v %ns5%)
fi
if [ -z "$ns6" ]; then
template_data=$(echo "$template_data" |grep -v %ns6%)
fi
if [ -z "$ns7" ]; then
template_data=$(echo "$template_data" |grep -v %ns7%)
fi
if [ -z "$ns8" ]; then
template_data=$(echo "$template_data" |grep -v %ns8%)
fi
# Changing tpl
echo "$template_data" |\
sed -e "s/%ip%/$IP/g" \
-e "s/%domain_idn%/$domain_idn/g" \
-e "s/%domain%/$domain/g" \
-e "s/%ns1%/$ns1/g" \
-e "s/%ns2%/$ns2/g" \
-e "s/%ns3%/$ns3/g" \
-e "s/%ns4%/$ns4/g" \
-e "s/%ns5%/$ns5/g" \
-e "s/%ns6%/$ns6/g" \
-e "s/%ns7%/$ns7/g" \
-e "s/%ns8%/$ns8/g" \
-e "s/%time%/$TIME/g" \
-e "s/%date%/$DATE/g" > $USER_DATA/dns/$domain.conf
records="$(wc -l $USER_DATA/dns/$domain.conf |cut -f 1 -d ' ')"
# Updating zone
if [[ "$DNS_SYSTEM" =~ named|bind ]]; then
update_domain_serial
update_domain_zone
fi
# Updating dns-cluster queue
if [ ! -z "$DNS_CLUSTER" ]; then
# Check for first sync
dlock=$(grep "domain $user $domain" $VESTA/data/queue/dns-cluster.pipe)
if [ -z "$dlock" ]; then
cmd="$BIN/v-add-remote-dns-domain $user $domain domain"
echo "$cmd" >> $VESTA/data/queue/dns-cluster.pipe
fi
fi
#----------------------------------------------------------#
# Vesta #
#----------------------------------------------------------#
# Updating vesta config
update_object_value 'dns' 'DOMAIN' "$domain" '$TPL' "$template"
update_object_value 'dns' 'DOMAIN' "$domain" '$RECORDS' "$records"
# Restarting named
$BIN/v-restart-dns $restart
check_result $? "DNS restart failed" >/dev/null
# Logging
log_history "changed dns template for $domain to $template" '' 'admin'
log_event "$OK" "$ARGUMENTS"
exit

79
bin/v-change-dns-domain-ttl
View file

@ -1,79 +0,0 @@
#!/bin/bash
# info: change dns domain ttl
# options: USER DOMAIN TTL
#
# The function for changing the time to live TTL parameter for all records.
#----------------------------------------------------------#
# Variable&Function #
#----------------------------------------------------------#
# Argument definition
user=$1
domain=$2
domain_idn=$2
ttl=$3
restart=$4
# Includes
source $VESTA/func/main.sh
source $VESTA/func/domain.sh
source $VESTA/conf/vesta.conf
# Additional argument formatting
format_domain
format_domain_idn
# TODO: $domain_idn not used in this script - maybe $domain should be converted to $doman_idn ?
#----------------------------------------------------------#
# Verifications #
#----------------------------------------------------------#
check_args '3' "$#" 'USER DOMAIN TTL'
is_format_valid 'user' 'domain' 'ttl'
is_system_enabled "$DNS_SYSTEM" 'DNS_SYSTEM'
is_object_valid 'user' 'USER' "$user"
is_object_unsuspended 'user' 'USER' "$user"
is_object_valid 'dns' 'DOMAIN' "$domain"
is_object_unsuspended 'dns' 'DOMAIN' "$domain"
#----------------------------------------------------------#
# Action #
#----------------------------------------------------------#
# Changing ttl
update_object_value 'dns' 'DOMAIN' "$domain" '$TTL' "$ttl"
# Updating zone
if [[ "$DNS_SYSTEM" =~ named|bind ]]; then
update_domain_serial
update_domain_zone
fi
# Updating dns-cluster queue
if [ ! -z "$DNS_CLUSTER" ]; then
# Check for first sync
dlock=$(grep "domain $user $domain" $VESTA/data/queue/dns-cluster.pipe)
if [ -z "$dlock" ]; then
cmd="$BIN/v-change-remote-dns-domain-ttl $user $domain $ttl"
echo "$cmd" >> $VESTA/data/queue/dns-cluster.pipe
fi
fi
#----------------------------------------------------------#
# Vesta #
#----------------------------------------------------------#
# Restarting named
$BIN/v-restart-dns $restart
check_result $? "DNS restart failed" >/dev/null
# Logging
log_history "changed TTL for $domain to $ttl"
log_event "$OK" "$ARGUMENTS"
exit

116
bin/v-change-dns-record
View file

@ -1,116 +0,0 @@
#!/bin/bash
# info: change dns domain record
# options: USER DOMAIN ID VALUE [PRIORITY] [RESTART]
#
# The function for changing DNS record.
#----------------------------------------------------------#
# Variable&Function #
#----------------------------------------------------------#
# Argument definition
user=$1
domain=$2
domain_idn=$2
id=$3
dvalue=$(idn -t --quiet -u "$4" )
priority=$5
restart=$6
# Includes
source $VESTA/func/main.sh
source $VESTA/func/domain.sh
source $VESTA/conf/vesta.conf
# Additional argument formatting
format_domain
format_domain_idn
# TODO: $domain_idn not used in this script - maybe $domain should be converted to $doman_idn ?
#----------------------------------------------------------#
# Verifications #
#----------------------------------------------------------#
check_args '4' "$#" 'USER DOMAIN ID VALUE [PRIORITY] [RESTART]'
is_format_valid 'user' 'domain' 'id' 'dvalue'
is_system_enabled "$DNS_SYSTEM" 'DNS_SYSTEM'
is_object_valid 'user' 'USER' "$user"
is_object_unsuspended 'user' 'USER' "$user"
is_object_valid 'dns' 'DOMAIN' "$domain"
is_object_unsuspended 'dns' 'DOMAIN' "$domain"
is_object_valid "dns/$domain" 'ID' "$id"
#----------------------------------------------------------#
# Action #
#----------------------------------------------------------#
# Parsing domain config
line=$(grep "ID='$id'" $USER_DATA/dns/$domain.conf)
eval $line
# Null priority for none MX/SRV records
if [ "$TYPE" != 'MX' ] && [ "$TYPE" != 'SRV' ]; then
priority=''
fi
# Add trailing dot at the end of NS/CNAME/MX/PTR/SRV record
if [[ $TYPE =~ NS|CNAME|MX|PTR|SRV ]]; then
trailing_dot=$(echo $dvalue | grep "\.$")
if [ -z $trailing_dot ]; then
dvalue="$dvalue."
fi
fi
# Additional verifications
is_dns_fqnd "$TYPE" "$dvalue"
is_dns_nameserver_valid "$domain" "$TYPE" "$dvalue"
# Deleting old record
sed -i "/^ID='$id'/d" $USER_DATA/dns/$domain.conf
# Generating timestamp
time_n_date=$(date +'%T %F')
time=$(echo "$time_n_date" |cut -f 1 -d \ )
date=$(echo "$time_n_date" |cut -f 2 -d \ )
# Adding record
dns_rec="ID='$id' RECORD='$RECORD' TYPE='$TYPE' PRIORITY='$priority'"
dns_rec="$dns_rec VALUE='$dvalue' SUSPENDED='no' TIME='$time' DATE='$date'"
echo "$dns_rec" >> $USER_DATA/dns/$domain.conf
# Sorting records
sort_dns_records
# Updating zone
if [[ "$DNS_SYSTEM" =~ named|bind ]]; then
update_domain_serial
update_domain_zone
fi
# Updating dns-cluster queue
if [ ! -z "$DNS_CLUSTER" ]; then
# Check for first sync
dlock=$(grep "domain $user $domain" $VESTA/data/queue/dns-cluster.pipe)
if [ -z "$dlock" ]; then
cmd="$BIN/v-add-remote-dns-domain $user $domain records"
echo "$cmd" >> $VESTA/data/queue/dns-cluster.pipe
fi
fi
#----------------------------------------------------------#
# Vesta #
#----------------------------------------------------------#
# Restarting named
$BIN/v-restart-dns $restart
check_result $? "DNS restart failed" >/dev/null
# Logging
log_history "changed dns record on $domain to $dvalue"
log_event "$OK" "$ARGUMENTS"
exit

85
bin/v-change-dns-record-id
View file

@ -1,85 +0,0 @@
#!/bin/bash
# info: change dns domain record id
# options: USER DOMAIN ID NEWID [RESTART]
#
# The function for changing internal record id.
#----------------------------------------------------------#
# Variable&Function #
#----------------------------------------------------------#
# Argument definition
user=$1
domain=$2
domain_idn=$2
id=$3
newid=$4
restart=$5
# Includes
source $VESTA/func/main.sh
source $VESTA/func/domain.sh
source $VESTA/conf/vesta.conf
# Additional argument formatting
format_domain
format_domain_idn
# TODO: $domain_idn not used in this script - maybe $domain should be converted to $doman_idn ?
#----------------------------------------------------------#
# Verifications #
#----------------------------------------------------------#
check_args '4' "$#" 'USER DOMAIN ID NEWID [RESTART]'
is_format_valid 'user' 'domain' 'id' 'newid'
is_system_enabled "$DNS_SYSTEM" 'DNS_SYSTEM'
is_object_valid 'user' 'USER' "$user"
is_object_unsuspended 'user' 'USER' "$user"
is_object_valid 'dns' 'DOMAIN' "$domain"
is_object_unsuspended 'dns' 'DOMAIN' "$domain"
is_object_valid "dns/$domain" 'ID' "$id"
is_object_new "dns/$domain" 'ID' "$newid"
#----------------------------------------------------------#
# Action #
#----------------------------------------------------------#
# Change id
sed -i "s/^ID='$id'/ID='$newid'/" $USER_DATA/dns/$domain.conf
# Sorting records
sort_dns_records
# Updating zone
if [[ "$DNS_SYSTEM" =~ named|bind ]]; then
update_domain_serial
update_domain_zone
fi
# Updating dns-cluster queue
if [ ! -z "$DNS_CLUSTER" ]; then
# Check for first sync
dlock=$(grep "domain $user $domain" $VESTA/data/queue/dns-cluster.pipe)
if [ -z "$dlock" ]; then
cmd="$BIN/v-add-remote-dns-domain $user $domain records"
echo "$cmd" >> $VESTA/data/queue/dns-cluster.pipe
fi
fi
#----------------------------------------------------------#
# Vesta #
#----------------------------------------------------------#
# Restarting named
$BIN/v-restart-dns $restart
check_result $? "DNS restart failed" >/dev/null
# Logging
log_history "changed dns record id on $domain"
log_event "$OK" "$ARGUMENTS"
exit

177
bin/v-change-domain-owner
View file

@ -1,177 +0,0 @@
#!/bin/bash
# info: change domain owner
# options: DOMAIN USER
#
# The function of changing domain ownership.
#----------------------------------------------------------#
# Variable&Function #
#----------------------------------------------------------#
# Argument definition
domain=$1
user=$2
# Includes
source $VESTA/func/ip.sh
source $VESTA/func/main.sh
source $VESTA/conf/vesta.conf
#----------------------------------------------------------#
# Verifications #
#----------------------------------------------------------#
check_args '2' "$#" 'DOMAIN USER'
is_format_valid 'domain' 'user'
is_object_valid 'user' 'USER' "$user"
is_object_unsuspended 'user' 'USER' "$user"
owner=$($BIN/v-search-domain-owner $domain)
if [ -z "$owner" ]; then
check_result $E_NOTEXIST "domain $domain doesn't exist"
fi
if [ "$owner" = "$user" ]; then
exit
fi
#----------------------------------------------------------#
# Action #
#----------------------------------------------------------#
# WEB domain
web_data=$(grep "DOMAIN='$domain'" $VESTA/data/users/$owner/web.conf)
if [ ! -z "$web_data" ]; then
$BIN/v-suspend-web-domain $owner $domain >> /dev/null 2>&1
eval $web_data
# Change IP
if [ ! -z "$ip" ]; then
web_data=$(echo "$web_data" | sed "s/IP='$IP'/IP='$ip'/")
fi
# Check SSL
if [ "$SSL" = 'yes' ]; then
ssl_crt=$VESTA/data/users/$owner/ssl/$domain.crt
ssl_key=$VESTA/data/users/$owner/ssl/$domain.key
ssl_ca=$VESTA/data/users/$owner/ssl/$domain.ca
ssl_pem=$VESTA/data/users/$owner/ssl/$domain.pem
mv $ssl_crt $VESTA/data/users/$user/ssl/
mv $ssl_key $VESTA/data/users/$user/ssl/
mv $ssl_ca $VESTA/data/users/$user/ssl/ >> /dev/null 2>&1
mv $ssl_pem $VESTA/data/users/$user/ssl/ >> /dev/null 2>&1
rm -f $HOMEDIR/$owner/conf/web/ssl.$domain.*
fi
# Check ftp user account
if [ ! -z "$FTP_USER" ]; then
/usr/sbin/userdel -f $FTP_USER >> /dev/null 2>&1
old_str="FTP_USER='$FTP_USER'"
new_str=$(echo "$old_str" | sed "s/${owner}_/${user}_/")
web_data=$(echo "$web_data" | sed "s/$old_str/$new_str/")
fi
# Move config
sed -i "/DOMAIN='$domain'/d" $VESTA/data/users/$owner/web.conf
echo "$web_data" >> $VESTA/data/users/$user/web.conf
# Move data
mv $HOMEDIR/$owner/web/$domain $HOMEDIR/$user/web/
# Change ownership
find $HOMEDIR/$user/web/$domain -user $owner \
-exec chown -h $user:$user {} \;
# Rebuild config
$BIN/v-unsuspend-web-domain $user $domain no >> /dev/null 2>&1
$BIN/v-rebuild-web-domains $owner no
$BIN/v-rebuild-web-domains $user
fi
# DNS domain
dns_data=$(grep "DOMAIN='$domain'" $VESTA/data/users/$owner/dns.conf)
if [ ! -z "$dns_data" ]; then
eval $dns_data
# Change IP
if [ ! -z "$ip" ]; then
dns_data=$(echo "$dns_data" | sed "s/IP='$IP'/IP='$ip'/")
sed -i "s/$IP/$ip/g" $VESTA/data/users/$owner/dns/$domain.conf
fi
# Move config
sed -i "/DOMAIN='$domain'/d" $VESTA/data/users/$owner/dns.conf
echo "$dns_data" >> $VESTA/data/users/$user/dns.conf
# Move dns records
mv $VESTA/data/users/$owner/dns/$domain.conf \
$VESTA/data/users/$user/dns/
# Rebuild config
$BIN/v-unsuspend-dns-domain $user $domain no >> /dev/null 2>&1
$BIN/v-rebuild-dns-domains $owner no
$BIN/v-rebuild-dns-domains $user
# Resync dns cluster
if [ ! -z "$DNS_CLUSTER" ]; then
v-sync-dns-cluster
fi
fi
# MAIL domain
mail_data=$(grep "DOMAIN='$domain'" $VESTA/data/users/$owner/mail.conf)
if [ ! -z "$mail_data" ]; then
# Move config
sed -i "/DOMAIN='$domain'/d" $VESTA/data/users/$owner/mail.conf
echo "$mail_data" >> $VESTA/data/users/$user/mail.conf
mv -f $VESTA/data/users/$owner/mail/$domain.conf \
$VESTA/data/users/$user/mail/
# Move DKIM
if [ -e "$VESTA/data/users/$owner/mail/$domain.pem" ]; then
mv -f $VESTA/data/users/$owner/mail/$domain.pem \
$VESTA/data/users/$user/mail/
mv -f $VESTA/data/users/$owner/mail/$domain.pub \
$VESTA/data/users/$user/mail/
fi
# Move data
mv $HOMEDIR/$owner/mail/$domain $HOMEDIR/$user/mail/
# Change ownership
find $HOMEDIR/$user/mail/$domain -user $owner \
-exec chown -h $user {} \;
# Rebuild config
$BIN/v-unsuspend-mail-domain $user $domain no >> /dev/null 2>&1
$BIN/v-rebuild-mail-domains $owner no
$BIN/v-rebuild-mail-domains $user
# Checking exim username for later chowning
exim_user="exim";
check_exim_username=$(grep -c '^Debian-exim:' /etc/passwd)
if [ "$check_exim_username" -eq 1 ]; then
exim_user="Debian-exim"
fi
# Chowning mail conf files to exim user
if [ -d "$HOMEDIR/$user/conf/mail/$domain" ]; then
find $HOMEDIR/$user/conf/mail/$domain -user root \
-exec chown $exim_user {} \;
fi
fi
# Update counters
$BIN/v-update-user-counters $owner
$BIN/v-update-user-counters $user
#----------------------------------------------------------#
# Vesta #
#----------------------------------------------------------#
# Logging
log_event "$OK" "$ARGUMENTS"
exit

85
bin/v-change-firewall-rule
View file

@ -1,85 +0,0 @@
#!/bin/bash
# info: change firewall rule
# options: RULE ACTION IP PORT [PROTOCOL] [COMMENT]
#
# The function is used for changing existing firewall rule.
# It fully replace rule with new one but keeps same id.
#----------------------------------------------------------#
# Variable&Function #
#----------------------------------------------------------#
# Importing system variables
source /etc/profile
# Argument definition
rule=$1
action=$(echo $2|tr '[:lower:]' '[:upper:]')
ip=$3
port_ext=$4
protocol=${5-TCP}
protocol=$(echo $protocol|tr '[:lower:]' '[:upper:]')
comment=$6
# Includes
source $VESTA/func/main.sh
source $VESTA/conf/vesta.conf
# Sort function
sort_fw_rules() {
cat $VESTA/data/firewall/rules.conf |\
sort -n -k 2 -t \' > $VESTA/data/firewall/rules.conf.tmp
mv -f $VESTA/data/firewall/rules.conf.tmp \
$VESTA/data/firewall/rules.conf
}
#----------------------------------------------------------#
# Verifications #
#----------------------------------------------------------#
check_args '5' "$#" 'RULE ACTION IP PORT [PROTOCOL] [COMMENT]'
is_format_valid 'rule' 'action' 'protocol' 'port_ext' 'ip'
if [ ! -z "$comment" ]; then
is_format_valid 'comment'
fi
is_system_enabled "$FIREWALL_SYSTEM" 'FIREWALL_SYSTEM'
is_object_valid '../../data/firewall/rules' 'RULE' "$rule"
#----------------------------------------------------------#
# Action #
#----------------------------------------------------------#
# Generating timestamp
time_n_date=$(date +'%T %F')
time=$(echo "$time_n_date" |cut -f 1 -d \ )
date=$(echo "$time_n_date" |cut -f 2 -d \ )
# Concatenating firewall rule
str="RULE='$rule' ACTION='$action' PROTOCOL='$protocol' PORT='$port_ext'"
str="$str IP='$ip' COMMENT='$comment' SUSPENDED='no'"
str="$str TIME='$time' DATE='$date'"
# Deleting old rule
sed -i "/RULE='$rule' /d" $VESTA/data/firewall/rules.conf
# Adding new
echo "$str" >> $VESTA/data/firewall/rules.conf
# Sorting firewall rules by id number
sort_fw_rules
# Updating system firewall
$BIN/v-update-firewall
#----------------------------------------------------------#
# Vesta #
#----------------------------------------------------------#
# Logging
log_event "$OK" "$ARGUMENTS"
exit

51
bin/v-change-fs-file-permission
View file

@ -1,51 +0,0 @@
#!/bin/bash
# info: change file permission
# options: USER FILE PERMISSIONS
#
# The function changes file access permissions on the file system
user=$1
src_file=$2
permissions=$3
# Checking arguments
if [ -z "$permissions" ]; then
echo "Usage: USER FILE PERMISSIONS"
exit 1
fi
# Checking vesta user
if [ ! -e "$VESTA/data/users/$user" ]; then
echo "Error: vesta user $user doesn't exist"
exit 3
fi
# Checking user homedir
homedir=$(grep "^$user:" /etc/passwd | cut -f 6 -d :)
if [ -z $homedir ]; then
echo "Error: user home directory doesn't exist"
exit 12
fi
# Checking source file
if [ ! -fe "$src_file" ]; then
echo "Error: source file doesn't exist $src_file"
exit 3
fi
# Checking source path
rpath=$(readlink -f "$src_file")
if [ -z "$(echo $rpath |egrep "^/tmp|^$homedir")" ]; then
echo "Error: invalid source path $src_file"
exit 2
fi
# Changing file permissions
sudo -u $user chmod -R $permissions "$src_file" >/dev/null 2>&1
if [ $? -ne 0 ]; then
echo "Error: access permission on $src_file was not changed"
exit 3
fi
# Exiting
exit

75
bin/v-change-mail-account-password
View file

@ -1,75 +0,0 @@
#!/bin/bash
# info: change mail account password
# options: USER DOMAIN ACCOUNT PASSWORD
#
# The function changes email account password.
#----------------------------------------------------------#
# Variable&Function #
#----------------------------------------------------------#
# Argument definition
user=$1
domain=$2
domain_idn=$2
account=$3
password=$4; HIDE=4
# Includes
source $VESTA/func/main.sh
source $VESTA/func/domain.sh
source $VESTA/conf/vesta.conf
# Additional argument formatting
format_domain
format_domain_idn
# TODO: $domain_idn not used in this script - maybe $domain should be converted to $doman_idn ?
#----------------------------------------------------------#
# Verifications #
#----------------------------------------------------------#
check_args '4' "$#" 'USER DOMAIN ACCOUNT PASSWORD'
is_format_valid 'user' 'domain' 'account'
is_system_enabled "$MAIL_SYSTEM" 'MAIL_SYSTEM'
is_object_valid 'user' 'USER' "$user"
is_object_unsuspended 'user' 'USER' "$user"
is_object_valid 'mail' 'DOMAIN' "$domain"
is_object_unsuspended 'mail' 'DOMAIN' "$domain"
is_object_valid "mail/$domain" 'ACCOUNT' "$account"
is_object_unsuspended "mail/$domain" 'ACCOUNT' "$account"
is_password_valid
#----------------------------------------------------------#
# Action #
#----------------------------------------------------------#
# Generating hashed password
salt=$(generate_password "$PW_MATRIX" "8")
md5="{MD5}$($BIN/v-generate-password-hash md5 $salt <<<$password)"
if [[ "$MAIL_SYSTEM" =~ exim ]]; then
quota=$(grep $account $VESTA/data/users/${user}/mail/${domain}.conf)
quota=$(echo $quota | awk '{ print $7 }' | sed -e "s/'//g" )
quota=$(echo $quota | cut -d "=" -f 2 | sed -e "s/unlimited/0/g")
sed -i "/^$account:/d" $HOMEDIR/$user/conf/mail/$domain/passwd
str="$account:$md5:$user:mail::$HOMEDIR/$user:${quota}M"
echo $str >> $HOMEDIR/$user/conf/mail/$domain/passwd
fi
#----------------------------------------------------------#
# Vesta #
#----------------------------------------------------------#
# Update md5
update_object_value "mail/$domain" 'ACCOUNT' "$account" '$MD5' "$md5"
# Logging
log_history "changed password for $account@$domain"
log_event "$OK" "$ARGUMENTS"
exit

78
bin/v-change-mail-account-quota
View file

@ -1,78 +0,0 @@
#!/bin/bash
# info: change mail account quota
# options: USER DOMAIN ACCOUNT QUOTA
#
# The function changes email account disk quota.
#----------------------------------------------------------#
# Variable&Function #
#----------------------------------------------------------#
# Argument definition
user=$1
domain=$2
domain_idn=$2
account=$3
quota=$4
# Includes
source $VESTA/func/main.sh
source $VESTA/func/domain.sh
source $VESTA/conf/vesta.conf
# Additional argument formatting
format_domain
format_domain_idn
# TODO: $domain_idn not used in this script - maybe $domain should be converted to $doman_idn ?
#----------------------------------------------------------#
# Verifications #
#----------------------------------------------------------#
check_args '4' "$#" 'USER DOMAIN ACCOUNT QUOTA'
is_format_valid 'user' 'domain' 'account'
if [ "$quota" != 'unlimited' ]; then
is_format_valid 'quota'
fi
is_system_enabled "$MAIL_SYSTEM" 'MAIL_SYSTEM'
is_object_valid 'user' 'USER' "$user"
is_object_unsuspended 'user' 'USER' "$user"
is_object_valid 'mail' 'DOMAIN' "$domain"
is_object_unsuspended 'mail' 'DOMAIN' "$domain"
is_object_valid "mail/$domain" 'ACCOUNT' "$account"
is_object_unsuspended "mail/$domain" 'ACCOUNT' "$account"
#----------------------------------------------------------#
# Action #
#----------------------------------------------------------#
md5=$(get_object_value "mail/$domain" 'ACCOUNT' "$account" '$MD5')
if [[ "$MAIL_SYSTEM" =~ exim ]]; then
if [ "$quota" = 'unlimited' ]; then
quota=0
fi
sed -i "/^$account:/d" $HOMEDIR/$user/conf/mail/$domain/passwd
str="$account:$md5:$user:mail::$HOMEDIR/$user:$quota"
echo $str >> $HOMEDIR/$user/conf/mail/$domain/passwd
fi
#----------------------------------------------------------#
# Vesta #
#----------------------------------------------------------#
if [[ "$quota" -eq 0 ]]; then
quota='unlimited'
fi
# Update quota
update_object_value "mail/$domain" 'ACCOUNT' "$account" '$QUOTA' "$quota"
# Logging
log_history "changed mail quota for $account@$domain to $quota"
log_event "$OK" "$ARGUMENTS"
exit

63
bin/v-change-mail-domain-catchall
View file

@ -1,63 +0,0 @@
#!/bin/bash
# info: change mail domain catchall email
# options: USER DOMAIN EMAIL
#
# The function changes mail domain catchall.
#----------------------------------------------------------#
# Variable&Function #
#----------------------------------------------------------#
# Argument definition
user=$1
domain=$2
domain_idn=$2
email=$3
# Includes
source $VESTA/func/main.sh
source $VESTA/func/domain.sh
source $VESTA/conf/vesta.conf
# Additional argument formatting
format_domain
format_domain_idn
#----------------------------------------------------------#
# Verifications #
#----------------------------------------------------------#
check_args '3' "$#" 'USER DOMAIN EMAIL'
is_format_valid 'user' 'domain' 'email'
is_system_enabled "$MAIL_SYSTEM" 'MAIL_SYSTEM'
is_object_valid 'user' 'USER' "$user"
is_object_unsuspended 'user' 'USER' "$user"
is_object_valid 'mail' 'DOMAIN' "$domain"
is_object_unsuspended 'mail' 'DOMAIN' "$domain"
#----------------------------------------------------------#
# Action #
#----------------------------------------------------------#
# Change cathcall alias
if [[ "$MAIL_SYSTEM" =~ exim ]]; then
sed -i "/*@$domain_idn:/d" $HOMEDIR/$user/conf/mail/$domain/aliases
echo "*@$domain_idn:$email" >> $HOMEDIR/$user/conf/mail/$domain/aliases
fi
#----------------------------------------------------------#
# Vesta #
#----------------------------------------------------------#
# Change catchall in config
update_object_value 'mail' 'DOMAIN' "$domain" '$CATCHALL' "$email"
# Logging
log_history "changed catchall email for $domain to $email"
log_event "$OK" "$ARGUMENTS"
exit

64
bin/v-change-remote-dns-domain-exp
View file

@ -1,64 +0,0 @@
#!/bin/bash
# info: change remote dns domain expiration date
# options: USER DOMAIN
#
# The function synchronize dns domain with the remote server.
#----------------------------------------------------------#
# Variable&Function #
#----------------------------------------------------------#
# Argument definition
user=$1
domain=$2
# Includes
source $VESTA/func/main.sh
source $VESTA/func/remote.sh
source $VESTA/conf/vesta.conf
#----------------------------------------------------------#
# Verifications #
#----------------------------------------------------------#
check_args '2' "$#" 'USER DOMAIN'
is_format_valid 'user' 'domain'
is_system_enabled "$DNS_CLUSTER" 'DNS_CLUSTER'
is_object_valid 'user' 'USER' "$user"
is_object_valid 'dns' 'DOMAIN' "$domain"
is_procces_running
remote_dns_health_check
#----------------------------------------------------------#
# Action #
#----------------------------------------------------------#
IFS=$'\n'
for cluster in $(grep "SUSPENDED='no'" $VESTA/conf/dns-cluster.conf); do
# Parsing remote host parameters
eval $cluster
# Syncing domain
str=$(grep "DOMAIN='$domain'" $USER_DATA/dns.conf)
cluster_cmd v-insert-dns-domain $DNS_USER "$str" $HOSTNAME 'no'
check_result $? "$HOST connection failed (exp insert)" $E_CONNECT
done
#----------------------------------------------------------#
# Vesta #
#----------------------------------------------------------#
# Updating pipe
pipe="$VESTA/data/queue/dns-cluster.pipe"
str=$(grep -n "$SCRIPT $1 $2 $3$" $pipe | cut -f1 -d: | head -n1)
if [ ! -z "$str" ]; then
sed -i "$str d" $pipe
fi
exit

68
bin/v-change-remote-dns-domain-soa
View file

@ -1,68 +0,0 @@
#!/bin/bash
# info: change remote dns domain SOA
# options: USER DOMAIN
#
# The function synchronize dns domain with the remote server.
#----------------------------------------------------------#
# Variable&Function #
#----------------------------------------------------------#
# Argument definition
user=$1
domain=$2
# Includes
source $VESTA/func/main.sh
source $VESTA/func/remote.sh
source $VESTA/conf/vesta.conf
#----------------------------------------------------------#
# Verifications #
#----------------------------------------------------------#
check_args '2' "$#" 'USER DOMAIN'
is_format_valid 'user' 'domain'
is_system_enabled "$DNS_CLUSTER" 'DNS_CLUSTER'
is_object_valid 'user' 'USER' "$user"
is_object_valid 'dns' 'DOMAIN' "$domain"
is_procces_running
remote_dns_health_check
#----------------------------------------------------------#
# Action #
#----------------------------------------------------------#
IFS=$'\n'
for cluster in $(grep "SUSPENDED='no'" $VESTA/conf/dns-cluster.conf); do
# Parsing remote host parameters
eval $cluster
# Syncing SOA
str=$(grep "DOMAIN='$domain'" $USER_DATA/dns.conf)
cluster_cmd v-insert-dns-domain $DNS_USER "$str" $HOSTNAME 'domain' 'no'
check_result $? "$HOST connection failed (sync)" $E_CONNECT
# Rebuilding dns zone
cluster_cmd v-rebuild-dns-domain $DNS_USER $domain 'yes' 'no'
check_result $? "$HOST connection failed (rebuild)" $E_CONNECT
done
#----------------------------------------------------------#
# Vesta #
#----------------------------------------------------------#
# Updating pipe
pipe="$VESTA/data/queue/dns-cluster.pipe"
str=$(grep -n "$SCRIPT $1 $2 $3$" $pipe | cut -f1 -d: | head -n1)
if [ ! -z "$str" ]; then
sed -i "$str d" $pipe
fi
exit

68
bin/v-change-remote-dns-domain-ttl
View file

@ -1,68 +0,0 @@
#!/bin/bash
# info: change remote dns domain TTL
# options: USER DOMAIN
#
# The function synchronize dns domain with the remote server.
#----------------------------------------------------------#
# Variable&Function #
#----------------------------------------------------------#
# Argument definition
user=$1
domain=$2
# Includes
source $VESTA/func/main.sh
source $VESTA/func/remote.sh
source $VESTA/conf/vesta.conf
#----------------------------------------------------------#
# Verifications #
#----------------------------------------------------------#
check_args '2' "$#" 'USER DOMAIN'
is_format_valid 'user' 'domain'
is_system_enabled "$DNS_CLUSTER" 'DNS_CLUSTER'
is_object_valid 'user' 'USER' "$user"
is_object_valid 'dns' 'DOMAIN' "$domain"
is_procces_running
remote_dns_health_check
#----------------------------------------------------------#
# Action #
#----------------------------------------------------------#
IFS=$'\n'
for cluster in $(grep "SUSPENDED='no'" $VESTA/conf/dns-cluster.conf); do
# Parsing remote host parameters
eval $cluster
# Syncing TTL
str=$(grep "DOMAIN='$domain'" $USER_DATA/dns.conf)
cluster_cmd v-insert-dns-domain $DNS_USER "$str" $HOSTNAME 'domain' 'no'
check_result $? "$HOST connection failed (sync)" $E_CONNECT
# Rebuilding dns zone
cluster_cmd v-rebuild-dns-domain $DNS_USER $domain 'yes' 'no'
check_result $? "$HOST connection failed (rebuild)" $E_CONNECT
done
#----------------------------------------------------------#
# Vesta #
#----------------------------------------------------------#
# Updating pipe
pipe="$VESTA/data/queue/dns-cluster.pipe"
str=$(grep -n "$SCRIPT $1 $2 $3$" $pipe | cut -f1 -d: | head -n1)
if [ ! -z "$str" ]; then
sed -i "$str d" $pipe
fi
exit

58
bin/v-change-sys-config-value
View file

@ -1,58 +0,0 @@
#!/bin/bash
# info: change sysconfig value
# options: KEY VALUE
#
# The function is for changing main config settings such as COMPANY_NAME or
# COMPANY_EMAIL and so on.
#----------------------------------------------------------#
# Variable&Function #
#----------------------------------------------------------#
# Argument definition
key=$(echo "$1" | tr '[:lower:]' '[:upper:]' )
value=$2
# Includes
source $VESTA/func/main.sh
source $VESTA/conf/vesta.conf
PATH="$PATH:/usr/local/sbin:/sbin:/usr/sbin:/root/bin"
#----------------------------------------------------------#
# Verifications #
#----------------------------------------------------------#
check_args '2' "$#" 'KEY VALUE'
is_format_valid 'key'
format_no_quotes "$value" 'value'
#----------------------------------------------------------#
# Action #
#----------------------------------------------------------#
# Updating conf
check_ckey=$(grep "^$key='" $VESTA/conf/vesta.conf)
if [ -z "$check_ckey" ]; then
echo "$key='$value'" >> $VESTA/conf/vesta.conf
else
sed -i "s|$key=.*|$key='$value'|g" $VESTA/conf/vesta.conf
fi
if [ "$key" = "BACKUP" ] && [ "$value" != '/backup' ]; then
rm /backup
ln -s $value /backup
fi
#----------------------------------------------------------#
# Vesta #
#----------------------------------------------------------#
# Logging
log_event "$OK" "$ARGUMENTS"
exit

55
bin/v-change-sys-hostname
View file

@ -1,55 +0,0 @@
#!/bin/bash
# info: change hostname
# options: HOSTNAME
#
# The function for changing system hostname.
#----------------------------------------------------------#
# Variable&Function #
#----------------------------------------------------------#
# Argument definition
domain=$1
# Includes
source $VESTA/func/main.sh
source $VESTA/conf/vesta.conf
#----------------------------------------------------------#
# Verifications #
#----------------------------------------------------------#
check_args '1' "$#" 'HOSTNAME'
is_format_valid 'domain'
#----------------------------------------------------------#
# Action #
#----------------------------------------------------------#
hostname $domain
if [ -d "/etc/sysconfig" ]; then
# RHEL/CentOS/Amazon
touch /etc/sysconfig/network
if [ -z "$(grep HOSTNAME /etc/sysconfig/network)" ]; then
echo "HOSTNAME='$domain'" >> /etc/sysconfig/network
else
sed -i "s/HOSTNAME=.*/HOSTNAME='$domain'/" /etc/sysconfig/network
fi
else
# Debian/Ubuntu
echo "$domain" > /etc/hostname
fi
#----------------------------------------------------------#
# Vesta #
#----------------------------------------------------------#
# Logging
log_event "$OK" "$ARGUMENTS"
exit

48
bin/v-change-sys-ip-name
View file

@ -1,48 +0,0 @@
#!/bin/bash
# info: change ip name
# options: IP NAME
#
# The function for changing dns domain associated with ip.
#----------------------------------------------------------#
# Variable&Function #
#----------------------------------------------------------#
# Argument definition
ip=$1
ip_name=$2
# Includes
source $VESTA/func/main.sh
source $VESTA/func/ip.sh
source $VESTA/conf/vesta.conf
#----------------------------------------------------------#
# Verifications #
#----------------------------------------------------------#
check_args '2' "$#" 'IP IP_NAME'
is_format_valid 'ip'
is_format_valid 'ip_name'
is_ip_valid "$ip"
#----------------------------------------------------------#
# Action #
#----------------------------------------------------------#
# Changing ip name
update_ip_value '$NAME' "$ip_name"
#----------------------------------------------------------#
# Vesta #
#----------------------------------------------------------#
# Logging
log_history "changed associated dns on $ip to $ip_name" '' 'admin'
log_event "$OK" "$ARGUMENTS"
exit

107
bin/v-change-sys-ip-nat
View file

@ -1,107 +0,0 @@
#!/bin/bash
# info: change ip nat address
# options: IP NAT_IP [RESTART]
#
# The function for changing nat ip associated with ip.
#----------------------------------------------------------#
# Variable&Function #
#----------------------------------------------------------#
# Argument definition
ip=$1
nat_ip=$2
restart=$3
# Includes
source $VESTA/func/main.sh
source $VESTA/func/ip.sh
source $VESTA/conf/vesta.conf
#----------------------------------------------------------#
# Verifications #
#----------------------------------------------------------#
check_args '2' "$#" 'IP NAT_IP [RESTART]'
is_format_valid 'ip'
is_format_valid 'nat_ip'
is_ip_valid "$ip"
#----------------------------------------------------------#
# Action #
#----------------------------------------------------------#
# Updating IP
if [ -z "$(grep NAT= $VESTA/data/ips/$ip)" ]; then
sed -i "s/^TIME/NAT='$nat_ip'\nTIME/g" $VESTA/data/ips/$ip
old=''
new=$nat_ip
else
old=$(get_ip_value '$NAT')
new=$nat_ip
sed -i "s/NAT=.*/NAT='$new'/" $VESTA/data/ips/$ip
if [ -z "$nat_ip" ]; then
new=$ip
fi
fi
# Updating WEB configs
if [ ! -z "$old" ] && [ ! -z "$WEB_SYSTEM" ]; then
sed -i "s/$old/$new/" $VESTA/data/users/*/web.conf
for user in $(ls $VESTA/data/users/); do
$BIN/v-rebuild-web-domains $user no
done
$BIN/v-restart-dns $restart
fi
# Updating DNS configs
if [ ! -z "$old" ] && [ ! -z "$DNS_SYSTEM" ]; then
sed -i "s/$old/$new/" $VESTA/data/users/*/dns.conf
sed -i "s/$old/$new/" $VESTA/data/users/*/dns/*.conf
for user in $(ls $VESTA/data/users/); do
$BIN/v-rebuild-dns-domains $user no
done
$BIN/v-restart-dns $restart
fi
# Updating FTP
if [ ! -z "$old" ] && [ ! -z "$FTP_SYSTEM" ]; then
conf=$(find /etc -name $FTP_SYSTEM.conf)
if [ -e "$conf" ]; then
sed -i "s/$old/$new/g" $conf
if [ "$FTP_SYSTEM" = 'vsftpd' ]; then
check_pasv=$(grep pasv_address $conf)
if [ -z "$check_pasv" ] && [ ! -z "$nat_ip" ]; then
echo "pasv_address=$nat_ip" >> $conf
fi
if [ ! -z "$check_pasv" ] && [ -z "$nat_ip" ]; then
sed -i "/pasv_address/d" $conf
fi
if [ ! -z "$check_pasv" ] && [ ! -z "$nat_ip" ]; then
sed -i "s/pasv_address=.*/pasv_address='$nat_ip'/g" $conf
fi
fi
fi
$BIN/v-restart-ftp $restart
fi
# Updating firewall
if [ ! -z "$old" ] && [ ! -z "$FIREWALL_SYSTEM" ]; then
sed -i "s/$old/$new/g" $VESTA/data/firewall/*.conf
$BIN/v-update-firewall
fi
#----------------------------------------------------------#
# Vesta #
#----------------------------------------------------------#
# Logging
log_history "changed associated nat address on $ip to $nat_ip" '' 'admin'
log_event "$OK" "$ARGUMENTS"
exit

81
bin/v-change-sys-ip-owner
View file

@ -1,81 +0,0 @@
#!/bin/bash
# info: change ip owner
# options: IP USER
#
# The function of changing ip address ownership.
#----------------------------------------------------------#
# Variable&Function #
#----------------------------------------------------------#
# Argument definition
ip=$1
user=$2
# Includes
source $VESTA/func/ip.sh
source $VESTA/func/main.sh
source $VESTA/conf/vesta.conf
#----------------------------------------------------------#
# Verifications #
#----------------------------------------------------------#
check_args '2' "$#" 'IP USER'
is_format_valid 'ip' 'user'
is_object_valid 'user' 'USER' "$user"
is_object_unsuspended 'user' 'USER' "$user"
is_ip_valid "$ip"
is_ip_key_empty '$U_WEB_DOMAINS'
is_ip_key_empty '$U_SYS_USERS'
#----------------------------------------------------------#
# Action #
#----------------------------------------------------------#
# Changing ip owner
ip_owner=$(get_ip_value '$OWNER')
if [ "$ip_owner" != "$user" ]; then
ip_status="$(get_ip_value '$STATUS')"
update_ip_value '$OWNER' "$user"
decrease_user_value "$ip_owner" '$IP_OWNED'
if [ "$ip_owner" = 'admin' ]; then
if [ "$ip_status" = 'shared' ]; then
for vesta_user in $(ls $VESTA/data/users); do
decrease_user_value "$vesta_user" '$IP_AVAIL'
done
else
decrease_user_value 'admin' '$IP_AVAIL'
fi
else
decrease_user_value "$ip_owner" '$IP_AVAIL'
decrease_user_value 'admin' '$IP_AVAIL'
fi
increase_user_value "$user" '$IP_OWNED'
if [ "$user" = 'admin' ]; then
if [ "$ip_status" = 'shared' ]; then
for user in $(ls $VESTA/data/users); do
increase_user_value "$user" '$IP_AVAIL'
done
else
increase_user_value 'admin' '$IP_AVAIL'
fi
else
increase_user_value "$user" '$IP_AVAIL'
increase_user_value 'admin' '$IP_AVAIL'
fi
fi
#----------------------------------------------------------#
# Vesta #
#----------------------------------------------------------#
# Logging
log_history "changed owner of $ip to $user" '' 'admin'
log_event "$OK" "$ARGUMENTS"
exit

56
bin/v-change-sys-ip-status
View file

@ -1,56 +0,0 @@
#!/bin/bash
# info: change ip status
# options: IP IP_STATUS
#
# The function of changing an ip address's status.
#----------------------------------------------------------#
# Variable&Function #
#----------------------------------------------------------#
# Argument definition
ip=$1
ip_status=$2
# Includes
source $VESTA/func/main.sh
source $VESTA/func/ip.sh
source $VESTA/conf/vesta.conf
#----------------------------------------------------------#
# Verifications #
#----------------------------------------------------------#
check_args '2' "$#" 'IP IP_STATUS'
is_format_valid 'ip' 'ip_status'
is_ip_valid "$ip"
if [ "$ip_status" = "$(get_ip_value '$STATUS')" ]; then
check_result "$E_EXISTS" "status $ip_status is already set"
fi
web_domains=$(get_ip_value '$U_WEB_DOMAINS')
sys_user=$(get_ip_value '$U_SYS_USERS')
ip_owner=$(get_ip_value '$OWNER')
if [ "$web_domains" -ne '0' ] && [ "$sys_user" != "$ip_owner" ]; then
check_result "$E_INUSE" "ip $ip is used"
fi
#----------------------------------------------------------#
# Action #
#----------------------------------------------------------#
# Changing ip name
update_ip_value '$STATUS' "$ip_status"
#----------------------------------------------------------#
# Vesta #
#----------------------------------------------------------#
# Logging
log_history "changed $ip status to $ip_status" '' 'admin'
log_event "$OK" "$ARGUMENTS"
exit

57
bin/v-change-sys-language
View file

@ -1,57 +0,0 @@
#!/bin/bash
# info: change sys language
# options: LANGUAGE
#
# The function for changing system language.
#----------------------------------------------------------#
# Variable&Function #
#----------------------------------------------------------#
# Argument definition
language=$1
# Includes
source $VESTA/func/main.sh
source $VESTA/conf/vesta.conf
is_language_valid() {
if [ ! -e "$VESTA/web/inc/i18n/$language.php" ]; then
echo "Error: language file $language doesn't exist"
log_event "$E_NOTEXIST $ARGUMENTS"
exit $E_NOTEXIST
fi
}
#----------------------------------------------------------#
# Verifications #
#----------------------------------------------------------#
check_args '1' "$#" 'LANGUAGE'
is_format_valid 'language'
is_language_valid $language
#----------------------------------------------------------#
# Action #
#----------------------------------------------------------#
# Change language
if [ -z "$(grep LANGUAGE $VESTA/conf/vesta.conf)" ]; then
echo "LANGUAGE='$language'" >> $VESTA/conf/vesta.conf
else
sed -i "s/LANGUAGE=.*/LANGUAGE='$language'/g" $VESTA/conf/vesta.conf
fi
#----------------------------------------------------------#
# Vesta #
#----------------------------------------------------------#
# Logging
log_event "$OK" "$ARGUMENTS"
exit

131
bin/v-change-sys-service-config
View file

@ -1,131 +0,0 @@
#!/bin/bash
# info: change service config
# options: CONFIG SERVICE [RESTART]
#
# The function for changing service confguration.
#----------------------------------------------------------#
# Variable&Function #
#----------------------------------------------------------#
# Argument definition
src=$1
service=$2
restart=$3
echo "$0 $*" >/tmp/t.log
# Includes
source $VESTA/func/main.sh
source $VESTA/conf/vesta.conf
#----------------------------------------------------------#
# Verifications #
#----------------------------------------------------------#
check_args '2' "$#" 'CONFIG SERVICE [RESTART]'
if [ ! -e "$src" ]; then
check_result "$E_NOTEXIST" "$src config doesn't exist"
fi
#----------------------------------------------------------#
# Action #
#----------------------------------------------------------#
# Defining dst config path
case $service in
nginx) dst='/etc/nginx/nginx.conf';;
httpd) dst='/etc/httpd/conf/httpd.conf';;
apache2) dst='/etc/apache2/apache2.conf';;
exim) dst='/etc/exim/exim.conf';;
exim4) dst='/etc/exim4/exim4.conf.template';;
vsftpd) dst=$(find /etc/vsftpd* -name 'vsftpd.conf');;
proftpd) dst=$(find /etc/proftpd* -name 'proftpd.conf');;
php) dst=$(find /etc/php* -name php.ini);;
mysql) dst=$(find /etc/my* -name my.cnf);;
mysqld) dst=$(find /etc/my* -name my.cnf);;
mariadb) dst=$(find /etc/my* -name my.cnf);;
postgresql) dst=$($BIN/v-list-sys-pgsql-config plain |cut -f 1);;
postgresql-hba) dst=$($BIN/v-list-sys-pgsql-config plain |cut -f 2);;
dovecot) dst=$(find /etc/dovecot* -name dovecot.conf);;
dovecot-1) dst='/etc/dovecot/conf.d/10-auth.conf';;
dovecot-2) dst='/etc/dovecot/conf.d/10-logging.conf';;
dovecot-3) dst='/etc/dovecot/conf.d/10-mail.conf';;
dovecot-4) dst='/etc/dovecot/conf.d/10-master.conf';;
dovecot-5) dst='/etc/dovecot/conf.d/10-ssl.conf';;
dovecot-6) dst='/etc/dovecot/conf.d/20-imap.conf';;
dovecot-7) dst='/etc/dovecot/conf.d/20-pop3.conf';;
dovecot-8) dst='/etc/dovecot/conf.d/auth-passwdfile.conf.ext';;
named) dst='/etc/named.conf';;
bind9) dst='/etc/bind/named.conf';;
bind9-opt) dst='/etc/bind/named.conf.options';;
spamd) dst=$($BIN/v-list-sys-spamd-config plain);;
spamassassin) dst=$($BIN/v-list-sys-spamd-config plain);;
clamd) dst=$($BIN/v-list-sys-clamd-config plain);;
clamd.scan) dst=$($BIN/v-list-sys-clamd-config plain);;
cron) dst='/etc/crontab';;
crond) dst='/etc/crontab';;
fail2ban) dst='/etc/fail2ban/jail.local';;
*) check_result $E_NOTEXIST "service $service doesn't exist"
esac
# Checking config path
for config in $dst; do
if [ ! -e "$config" ]; then
check_result $E_NOTEXIST "$service config doesn't exist"
fi
done
# Checking diff between src and dst configs
for config in $dst; do
diff -q $src $config >/dev/null
if [ $? -ne 0 ]; then
cp $config $config.vst.back
cp $src $config
update="yes"
fi
done
# Restarting service
if [ "$update" = 'yes' ] && [ "$restart" != 'no' ]; then
if [[ "$service" =~ - ]]; then
service=$(echo ${service%-*})
fi
if [ "$service" = 'php' ]; then
if [ "$WEB_SYSTEM" = "nginx" ]; then
if [ $(ps --no-headers -o comm 1) == systemd ]; then
service=$(systemctl | grep -o -E "php.*fpm.*\.service")
service=${service//.service/}
else
service=$(ls /etc/init.d/php*fpm* |cut -f 4 -d /)
fi
else
service=$WEB_SYSTEM
fi
fi
for single_service in $service; do
service $single_service restart >/dev/null 2>&1
done <<< "$service"
if [ $? -ne 0 ]; then
for config in $dst; do
cat $config.vst.back > $config
rm -f $config.vst.back
done
check_result $E_RESTART "$service failed to start with new config"
fi
fi
#----------------------------------------------------------#
# Vesta #
#----------------------------------------------------------#
# Logging
log_event "$OK" "$ARGUMENTS"
exit

72
bin/v-change-sys-timezone
View file

@ -1,72 +0,0 @@
#!/bin/bash
# info: change system timezone
# options: TIMEZONE
#
# The function for changing system timezone.
#----------------------------------------------------------#
# Variable&Function #
#----------------------------------------------------------#
# Argument definition
timezone=$1
# Includes
source $VESTA/func/main.sh
source $VESTA/conf/vesta.conf
is_timezone_valid() {
if [ ! -e "/usr/share/zoneinfo/$timezone" ]; then
echo "Error: tz file $timezone doesn't exist"
log_event $E_NOTEXIST "$ARGUMENTS"
exit $E_NOTEXIST
fi
}
#----------------------------------------------------------#
# Verifications #
#----------------------------------------------------------#
check_args '1' "$#" 'TIMEZONE'
is_timezone_valid
#----------------------------------------------------------#
# Action #
#----------------------------------------------------------#
# Changing system timezone
which timedatectls >/dev/null 2>&1
if [ "$?" -eq 0 ]; then
timedatectl set-timezone $timezone
else
if [ -e "/etc/sysconfig/clock" ]; then
sed -i "s/ZONE.*//" /etc/sysconfig/clock
echo "ZONE=\"$timezone\"" >> /etc/sysconfig/clock
fi
if [ -e "/etc/timezone" ]; then
echo "$timezone" > /etc/timezone
fi
rm -f /etc/localtime
ln -sf /usr/share/zoneinfo/$timezone /etc/localtime
fi
# Chaning php timezone
if [ ! -z "$WEB_SYSTEM" ]; then
for conf in $(find /etc/php* -name php.ini); do
sed -i "s|;date.timezone =|date.timezone =|" $conf
sed -i "s|date.timezone =.*|date.timezone = $timezone|" $conf
done
fi
#----------------------------------------------------------#
# Vesta #
#----------------------------------------------------------#
# Logging
log_event "$OK" "$ARGUMENTS"
exit

77
bin/v-change-sys-vesta-ssl
View file

@ -1,77 +0,0 @@
#!/bin/bash
# info: change vesta ssl certificate
# options: SSL_DIR [RESTART]
#
# The function changes vesta SSL certificate and the key.
#----------------------------------------------------------#
# Variable&Function #
#----------------------------------------------------------#
# Argument definition
domain='certificate'
ssl_dir=$1
restart=$2
# Includes
source $VESTA/func/main.sh
source $VESTA/func/domain.sh
source $VESTA/conf/vesta.conf
#----------------------------------------------------------#
# Verifications #
#----------------------------------------------------------#
check_args '1' "$#" 'SSL_DIR [RESTART]'
is_format_valid 'ssl_dir'
#----------------------------------------------------------#
# Action #
#----------------------------------------------------------#
# Checking new certificate
certificate=$(cat $ssl_dir/$domain.crt |grep -n END)
certificate_count=$(echo "$certificate" |wc -l)
if [ "$certificate_count" -gt 1 ]; then
crt_end=$(echo "$certificate" |head -n1 |cut -f 1 -d :)
crt_lines=$(wc -l $ssl_dir/$domain.crt |cut -f1 -d ' ')
pem_begin=$((crt_lines - crt_end))
mv $ssl_dir/$domain.crt $ssl_dir/$domain.crt_full
head -n $crt_end $ssl_dir/$domain.crt_full > $ssl_dir/$domain.crt
tail -n $pem_begin $ssl_dir/$domain.crt_full > $ssl_dir/$domain.ca
is_web_domain_cert_valid
mv -f $ssl_dir/$domain.crt_full $ssl_dir/$domain.crt
rm -f $ssl_dir/$domain.ca
else
is_web_domain_cert_valid
fi
# Moving old certificate
mv $VESTA/ssl/certificate.crt $VESTA/ssl/certificate.crt.back
mv $VESTA/ssl/certificate.key $VESTA/ssl/certificate.key.back
# Adding new certificate
cp -f $ssl_dir/certificate.crt $VESTA/ssl/certificate.crt
cp -f $ssl_dir/certificate.key $VESTA/ssl/certificate.key
#----------------------------------------------------------#
# Vesta #
#----------------------------------------------------------#
# Restarting web server
if [ "$restart" != 'no' ]; then
kill -HUP $(cat /var/run/vesta-nginx.pid)
$BIN/v-restart-mail
if [ ! -z "$IMAP_SYSTEM" ]; then
v-restart-service "$IMAP_SYSTEM"
fi
fi
# Logging
log_event "$OK" "$ARGUMENTS"
exit

54
bin/v-change-user-contact
View file

@ -1,54 +0,0 @@
#!/bin/bash
# info: change user contact email
# options: USER EMAIL
#
# The function for changing of e-mail associated with a certain user.
#----------------------------------------------------------#
# Variable&Function #
#----------------------------------------------------------#
# Argument definition
user=$1
email=$2
# Includes
source $VESTA/func/main.sh
source $VESTA/conf/vesta.conf
#----------------------------------------------------------#
# Verifications #
#----------------------------------------------------------#
check_args '2' "$#" 'USER EMAIL'
is_format_valid 'user' 'email'
is_object_valid 'user' 'USER' "$user"
is_object_unsuspended 'user' 'USER' "$user"
#----------------------------------------------------------#
# Action #
#----------------------------------------------------------#
# Changing user contact email
old_email=$(get_user_value '$CONTACT')
update_user_value "$user" '$CONTACT' "$email"
pw_str=$(grep -n "^$user:" /etc/passwd)
str=$(echo "$pw_str" | cut -f 1 -d :)
sed -i "$str s/$old_email/$email/g" /etc/passwd
# Update crontab email
$BIN/v-rebuild-cron-jobs $user > /dev/null 2>&1
#----------------------------------------------------------#
# Vesta #
#----------------------------------------------------------#
# Logging
log_history "changed contact email to $email"
log_event "$OK" "$ARGUMENTS"
exit

66
bin/v-change-user-language
View file

@ -1,66 +0,0 @@
#!/bin/bash
# info: change user language
# options: USER LANGUAGE
#
# The function for changing language.
#----------------------------------------------------------#
# Variable&Function #
#----------------------------------------------------------#
# Argument definition
user=$1
language=$2
# Includes
source $VESTA/func/main.sh
source $VESTA/conf/vesta.conf
is_language_valid() {
if ! [[ "$1" =~ ^[[:alnum:]_-]+$ ]]; then
echo "Error: language $1 is not valid"
log_event "$E_INVALID" "$ARGUMENTS"
exit $E_INVALID
fi
if [ ! -e "$VESTA/web/inc/i18n/$1.php" ]; then
echo "Error: language $1 doesn't exist"
log_event "$E_NOTEXIST" "$ARGUMENTS"
exit $E_NOTEXIST
fi
}
#----------------------------------------------------------#
# Verifications #
#----------------------------------------------------------#
check_args '2' "$#" 'USER LANGUAGE'
is_format_valid 'user' 'language'
is_object_valid 'user' 'USER' "$user"
is_object_unsuspended 'user' 'USER' "$user"
is_language_valid $language
#----------------------------------------------------------#
# Action #
#----------------------------------------------------------#
# Change language
if [ -z "$(grep LANGUAGE $USER_DATA/user.conf)" ]; then
sed -i "s/^TIME/LANGUAGE='$language'\nTIME/g" $USER_DATA/user.conf
else
update_user_value "$user" '$LANGUAGE' "$language"
fi
#----------------------------------------------------------#
# Vesta #
#----------------------------------------------------------#
# Logging
log_history "changed language to $language"
log_event "$OK" "$ARGUMENTS"
exit

53
bin/v-change-user-name
View file

@ -1,53 +0,0 @@
#!/bin/bash
# info: change user full name
# options: USER FNAME LNAME
#
# The function allow to change user's full name.
#----------------------------------------------------------#
# Variable&Function #
#----------------------------------------------------------#
# Argument definition
user=$1
fname=$2
lname=$3
# Includes
source $VESTA/func/main.sh
source $VESTA/conf/vesta.conf
#----------------------------------------------------------#
# Verifications #
#----------------------------------------------------------#
check_args '3' "$#" 'USER FNAME LNAME'
is_format_valid 'user' 'fname' 'lname'
is_object_valid 'user' 'USER' "$user"
is_object_unsuspended 'user' 'USER' "$user"
#----------------------------------------------------------#
# Action #
#----------------------------------------------------------#
# Get old values
old_fname=$(get_user_value '$FNAME')
old_lname=$(get_user_value '$LNAME')
# Changing ns values
update_user_value "$user" '$FNAME' "$fname"
update_user_value "$user" '$LNAME' "$lname"
#----------------------------------------------------------#
# Vesta #
#----------------------------------------------------------#
# Logging
log_history "changed user name to $fname $lname"
log_event "$OK" "$ARGUMENTS"
exit

85
bin/v-change-user-ns
View file

@ -1,85 +0,0 @@
#!/bin/bash
# info: change user nameservers
# options: USER NS1 NS2 [NS3] [NS4] [NS5] [NS6] [NS7] [NS8]
#
# The function for changing default nameservers for specific user.
#----------------------------------------------------------#
# Variable&Function #
#----------------------------------------------------------#
# Argument definition
user=$1
ns1=$(echo $2 | sed -e 's/\.*$//g' -e 's/^\.*//g')
ns2=$(echo $3 | sed -e 's/\.*$//g' -e 's/^\.*//g')
ns3=$(echo $4 | sed -e 's/\.*$//g' -e 's/^\.*//g')
ns4=$(echo $5 | sed -e 's/\.*$//g' -e 's/^\.*//g')
ns5=$(echo $6 | sed -e 's/\.*$//g' -e 's/^\.*//g')
ns6=$(echo $7 | sed -e 's/\.*$//g' -e 's/^\.*//g')
ns7=$(echo $8 | sed -e 's/\.*$//g' -e 's/^\.*//g')
ns8=$(echo $9 | sed -e 's/\.*$//g' -e 's/^\.*//g')
# Includes
source $VESTA/func/main.sh
source $VESTA/conf/vesta.conf
#----------------------------------------------------------#
# Verifications #
#----------------------------------------------------------#
# Checking args
check_args '3' "$#" 'USER NS1 NS2 [NS3] [NS4] [NS5] [NS6] [NS7] [NS8]'
# Checking argument format
is_format_valid 'user' 'ns1' 'ns2'
if [ ! -z "$ns3" ]; then
ns3=$(echo $4 | sed -e 's/\.*$//g' -e 's/^\.*//g')
is_format_valid 'ns3'
fi
if [ ! -z "$ns4" ]; then
ns4=$(echo $5 | sed -e 's/\.*$//g' -e 's/^\.*//g')
is_format_valid 'ns4'
fi
if [ ! -z "$ns5" ]; then
ns5=$(echo $6 | sed -e 's/\.*$//g' -e 's/^\.*//g')
is_format_valid 'ns5'
fi
if [ ! -z "$ns6" ]; then
ns6=$(echo $7 | sed -e 's/\.*$//g' -e 's/^\.*//g')
is_format_valid 'ns6'
fi
if [ ! -z "$ns7" ]; then
ns7=$(echo $8 | sed -e 's/\.*$//g' -e 's/^\.*//g')
is_format_valid 'ns7'
fi
if [ ! -z "$ns8" ]; then
ns8=$(echo $9 | sed -e 's/\.*$//g' -e 's/^\.*//g')
is_format_valid 'ns8'
fi
is_object_valid 'user' 'USER' "$user"
is_object_unsuspended 'user' 'USER' "$user"
#----------------------------------------------------------#
# Action #
#----------------------------------------------------------#
# Merging values
ns="$ns1,$ns2,$ns3,$ns4,$ns5,$ns6,$ns7,$ns8"
ns=$(echo "$ns" | sed -e "s/,,//g" -e "s/,$//")
# Changing ns values
update_user_value "$user" '$NS' "$ns"
#----------------------------------------------------------#
# Vesta #
#----------------------------------------------------------#
# Logging
log_history "updated nameservers $ns1 $ns2 $ns3 $ns4 $ns5 $ns6 $ns7 $ns8"
log_event "$OK" "$ARGUMENTS"
exit

194
bin/v-change-user-package
View file

@ -1,194 +0,0 @@
#!/bin/bash
# info: change user package
# options: USER PACKAGE [FORCE]
#
# The function changes user's hosting package.
#----------------------------------------------------------#
# Variable&Function #
#----------------------------------------------------------#
# Argument definition
user=$1
package=$2
force=$3
# Includes
source $VESTA/func/main.sh
source $VESTA/func/domain.sh
source $VESTA/conf/vesta.conf
is_package_avalable() {
source $USER_DATA/user.conf
WEB_DOMAINS='0'
DATABASES='0'
MAIL_DOMAINS='0'
DNS_DOMAINS='0'
DISK_QUOTA='0'
BANDWIDTH='0'
pkg_data=$(cat $VESTA/data/packages/$package.pkg| egrep -v "TIME|DATE")
IFS=$'\n'
for str in $pkg_data; do
key=$(echo $str |cut -f 1 -d =)
value=$(echo $str |cut -f 2 -d \')
eval $key="$value"
done
# Checking usage agains package limits
if [ "$WEB_DOMAINS" != 'unlimited' ]; then
if [ "$WEB_DOMAINS" -lt "$U_WEB_DOMAINS" ]; then
check_result $E_LIMIT "Package doesn't cover WEB_DOMAIN usage"
fi
fi
if [ "$DNS_DOMAINS" != 'unlimited' ]; then
if [ "$DNS_DOMAINS" -lt "$U_DNS_DOMAINS" ]; then
check_result $E_LIMIT "Package doesn't cover DNS_DOMAIN usage"
fi
fi
if [ "$MAIL_DOMAINS" != 'unlimited' ]; then
if [ "$MAIL_DOMAINS" -lt "$U_MAIL_DOMAINS" ]; then
check_result $E_LIMIT "Package doesn't cover MAIL_DOMAIN usage"
fi
fi
if [ "$DATABASES" != 'unlimited' ]; then
if [ "$DATABASES" -lt "$U_DATABASES" ]; then
check_result $E_LIMIT "Package doesn't cover DATABASE usage"
fi
fi
if [ "$CRON_JOBS" != 'unlimited' ]; then
if [ "$CRON_JOBS" -lt "$U_CRON_JOBS" ]; then
check_result $E_LIMIT "Package doesn't cover CRON usage"
fi
fi
if [ "$DISK_QUOTA" != 'unlimited' ]; then
if [ "$DISK_QUOTA" -lt "$U_DISK" ]; then
check_result $E_LIMIT "Package doesn't cover DISK usage"
fi
fi
if [ "$BANDWIDTH" != 'unlimited' ]; then
if [ "$BANDWIDTH" -lt "$U_BANDWIDTH" ]; then
check_result $E_LIMIT "Package doesn't cover BANDWIDTH usage"
fi
fi
# Checking templates
is_web_template_valid $WEB_TEMPLATE
is_dns_template_valid $DNS_TEMPLATE
is_proxy_template_valid $PROXY_TEMPLATE
}
change_user_package() {
source $USER_DATA/user.conf
pkg_data=$(cat $VESTA/data/packages/$package.pkg| egrep -v "TIME|DATE")
IFS=$'\n'
for str in $pkg_data; do
key=$(echo $str |cut -f 1 -d =)
value=$(echo $str |cut -f 2 -d \')
eval $key="$value"
done
echo "FNAME='$FNAME'
LNAME='$LNAME'
PACKAGE='$package'
WEB_TEMPLATE='$WEB_TEMPLATE'
PROXY_TEMPLATE='$PROXY_TEMPLATE'
DNS_TEMPLATE='$DNS_TEMPLATE'
WEB_DOMAINS='$WEB_DOMAINS'
WEB_ALIASES='$WEB_ALIASES'
DNS_DOMAINS='$DNS_DOMAINS'
DNS_RECORDS='$DNS_RECORDS'
MAIL_DOMAINS='$MAIL_DOMAINS'
MAIL_ACCOUNTS='$MAIL_ACCOUNTS'
DATABASES='$DATABASES'
CRON_JOBS='$CRON_JOBS'
DISK_QUOTA='$DISK_QUOTA'
BANDWIDTH='$BANDWIDTH'
NS='$NS'
SHELL='$SHELL'
BACKUPS='$BACKUPS'
CONTACT='$CONTACT'
CRON_REPORTS='$CRON_REPORTS'
MD5='$MD5'
RKEY='$RKEY'
SUSPENDED='$SUSPENDED'
SUSPENDED_USERS='$SUSPENDED_USERS'
SUSPENDED_WEB='$SUSPENDED_WEB'
SUSPENDED_DNS='$SUSPENDED_DNS'
SUSPENDED_MAIL='$SUSPENDED_MAIL'
SUSPENDED_DB='$SUSPENDED_DB'
SUSPENDED_CRON='$SUSPENDED_CRON'
IP_AVAIL='$IP_AVAIL'
IP_OWNED='$IP_OWNED'
U_USERS='$U_USERS'
U_DISK='$U_DISK'
U_DISK_DIRS='$U_DISK_DIRS'
U_DISK_WEB='$U_DISK_WEB'
U_DISK_MAIL='$U_DISK_MAIL'
U_DISK_DB='$U_DISK_DB'
U_BANDWIDTH='$U_BANDWIDTH'
U_WEB_DOMAINS='$U_WEB_DOMAINS'
U_WEB_SSL='$U_WEB_SSL'
U_WEB_ALIASES='$U_WEB_ALIASES'
U_DNS_DOMAINS='$U_DNS_DOMAINS'
U_DNS_RECORDS='$U_DNS_RECORDS'
U_MAIL_DOMAINS='$U_MAIL_DOMAINS'
U_MAIL_DKIM='$U_MAIL_DKIM'
U_MAIL_ACCOUNTS='$U_MAIL_ACCOUNTS'
U_DATABASES='$U_DATABASES'
U_CRON_JOBS='$U_CRON_JOBS'
U_BACKUPS='$U_BACKUPS'
LANGUAGE='$LANGUAGE'
NOTIFICATIONS='$NOTIFICATIONS'
TIME='$TIME'
DATE='$DATE'" > $USER_DATA/user.conf
}
#----------------------------------------------------------#
# Verifications #
#----------------------------------------------------------#
check_args '2' "$#" 'USER PACKAGE [FORCE]'
is_format_valid 'user' 'package'
is_object_valid 'user' 'USER' "$user"
is_package_valid
if [ "$force" != 'yes' ];then
is_package_avalable
fi
#----------------------------------------------------------#
# Action #
#----------------------------------------------------------#
# Changing user package
change_user_package
# Update user shell
shell_conf=$(echo "$pkg_data" |grep 'SHELL' |cut -f 2 -d \')
shell=$(grep -w "$shell_conf" /etc/shells |head -n1)
/usr/bin/chsh -s "$shell" "$user" &>/dev/null
# Run template trigger
if [ -x "$VESTA/data/packages/$package.sh" ]; then
$VESTA/data/packages/$package.sh "$user" "$CONTACT" "$FNAME" "$LNAME"
fi
# Update disk quota
source $VESTA/conf/vesta.conf
if [ "$DISK_QUOTA" = 'yes' ]; then
$BIN/v-update-user-quota $user
fi
#----------------------------------------------------------#
# Vesta #
#----------------------------------------------------------#
# Logging
log_history "changed $user package to $package" '' 'admin'
log_event "$OK" "$ARGUMENTS"
exit

64
bin/v-change-user-password
View file

@ -1,64 +0,0 @@
#!/bin/bash
# info: change user password
# options: USER PASSWORD
#
# The function changes user's password and updates RKEY value.
#----------------------------------------------------------#
# Variable&Function #
#----------------------------------------------------------#
# Argument definition
user=$1
password=$2; HIDE=2
# Importing system enviroment as we run this script
# mostly by cron wich not read it by itself
source /etc/profile
# Includes
source $VESTA/func/main.sh
source $VESTA/conf/vesta.conf
#----------------------------------------------------------#
# Verifications #
#----------------------------------------------------------#
if [ "$user" = "root" ]; then
check_result $E_FORBIDEN "Changing root password is forbiden"
fi
check_args '2' "$#" 'USER PASSWORD'
is_format_valid 'user'
is_object_valid 'user' 'USER' "$user"
is_object_unsuspended 'user' 'USER' "$user"
is_password_valid
#----------------------------------------------------------#
# Action #
#----------------------------------------------------------#
# Changing user password
echo "$user:$password" | /usr/sbin/chpasswd
md5=$(awk -v user=$user -F : 'user == $1 {print $2}' /etc/shadow)
if [ "$user" = 'admin' ] && [ -e "$VESTA/web/reset.admin" ]; then
rm -f $VESTA/web/reset.admin
fi
#----------------------------------------------------------#
# Vesta #
#----------------------------------------------------------#
# Changing RKEY value
update_user_value "$user" '$RKEY' "$(generate_password)"
update_user_value "$user" '$MD5' "$md5"
# Logging
log_history "changed password"
log_event "$OK" "$ARGUMENTS"
exit

63
bin/v-change-user-shell
View file

@ -1,63 +0,0 @@
#!/bin/bash
# info: change user shell
# options: USER SHELL
#
# The function changes system shell of a user. Shell gives ability to use ssh.
#----------------------------------------------------------#
# Variable&Function #
#----------------------------------------------------------#
# Argument definition
user=$1
shell=$2
# Includes
source $VESTA/func/main.sh
source $VESTA/conf/vesta.conf
#----------------------------------------------------------#
# Verifications #
#----------------------------------------------------------#
check_args '2' "$#" 'USER SHELL'
is_format_valid 'user' 'shell'
is_object_valid 'user' 'USER' "$user"
is_object_unsuspended 'user' 'USER' "$user"
#----------------------------------------------------------#
# Action #
#----------------------------------------------------------#
# Get shell full path
shell_path=$(grep -w "$shell" /etc/shells | head -n1)
# Changing passwd file
/usr/bin/chsh -s "$shell_path" "$user" >/dev/null 2>&1
shell=$(basename $shell_path)
# Adding jailed sftp env
if [ ! -z "$SFTPJAIL_KEY" ]; then
if [[ "$shell" =~ nologin ]] || [[ "$shell" =~ rssh ]]; then
$BIN/v-add-user-sftp-jail $user >/dev/null 2>&1
else
$BIN/v-delete-user-sftp-jail $user >/dev/null 2>&1
fi
fi
#----------------------------------------------------------#
# Vesta #
#----------------------------------------------------------#
# Changing user shell
update_user_value "$user" '$SHELL' "$shell"
# Logging
log_history "changed $user shell to $shell" '' 'admin'
log_event "$OK" "$ARGUMENTS"
exit

56
bin/v-change-user-template
View file

@ -1,56 +0,0 @@
#!/bin/bash
# info: change user default template
# options: USER TYPE TEMPLATE
#
# The function changes default user web template.
#----------------------------------------------------------#
# Variable&Function #
#----------------------------------------------------------#
# Argument definition
user=$1
type=$(echo "$2" | tr '[:lower:]' '[:upper:]')
template=$3
# Includes
source $VESTA/func/main.sh
source $VESTA/func/domain.sh
source $VESTA/conf/vesta.conf
#----------------------------------------------------------#
# Verifications #
#----------------------------------------------------------#
check_args '3' "$#" 'USER TYPE TEMPLATE'
is_format_valid 'user' 'template'
is_object_valid 'user' 'USER' "$user"
is_object_unsuspended 'user' 'USER' "$user"
#----------------------------------------------------------#
# Action #
#----------------------------------------------------------#
case $type in
WEB) is_web_template_valid $template;
update_user_value "$user" '$WEB_TEMPLATE' "$template";;
PROXY) is_proxy_template_valid $template;
update_user_value "$user" '$PROXY_TEMPLATE' "$template";;
DNS) is_dns_template_valid $template;
update_user_value "$user" '$DNS_TEMPLATE' "$template";;
*) check_args '1' '0' 'USER TYPE TEMPLATE'
esac
#----------------------------------------------------------#
# Vesta #
#----------------------------------------------------------#
# Logging
log_history "changed $type template to $template"
log_event "$OK" "$ARGUMENTS"
exit

60
bin/v-change-vesta-port
View file

@ -1,60 +0,0 @@
#!/bin/bash
# info: change vesta port
# options: port
#
# Function will change vesta port
#----------------------------------------------------------#
# Variable&Function #
#----------------------------------------------------------#
# Argument definition
port=$1
if [ -z "$VESTA" ]; then
VESTA="/usr/local/vesta"
fi
# Get current vesta port by reading nginx.conf
oldport=$(grep 'listen' $VESTA/nginx/conf/nginx.conf | awk '{print $2}' | sed "s|;||")
if [ -z "$oldport" ]; then
oldport=8083
fi
# Includes
source $VESTA/func/main.sh
#----------------------------------------------------------#
# Verifications #
#----------------------------------------------------------#
# Checking permissions
if [ "$(id -u)" != '0' ]; then
check_result $E_FORBIDEN "You must be root to execute this script"
fi
check_args '1' "$#" 'PORT'
is_int_format_valid "$port" 'port number'
#----------------------------------------------------------#
# Action #
#----------------------------------------------------------#
sed -i "s|$oldport;|$port;|g" $VESTA/nginx/conf/nginx.conf
if [ -f "/etc/roundcube/plugins/password/config.inc.php" ]; then
sed -i "s|'$oldport'|'$port'|g" /etc/roundcube/plugins/password/config.inc.php
fi
sed -i "s|'$oldport'|'$port'|g" $VESTA/data/firewall/rules.conf
$VESTA/bin/v-update-firewall
systemctl restart fail2ban.service
sed -i "s| $oldport | $port |g" /etc/iptables.rules
systemctl restart vesta
#----------------------------------------------------------#
# Vesta #
#----------------------------------------------------------#
# Logging
log_event "$OK" "$ARGUMENTS"
exit 0;

Some files were not shown because too many files have changed in this diff Show more