From 7b19b4c6167453abb698c8b573acb3c4d618463d Mon Sep 17 00:00:00 2001 From: Serghey Rodin Date: Thu, 29 Nov 2012 00:52:23 +0200 Subject: [PATCH] importing installer and configuration files --- bin/v-update-sys-ip | 2 +- install/0.9.7/rhel/clamd.conf | 502 ++++++++++++++++ install/0.9.7/rhel/dnsbl.conf | 3 + install/0.9.7/rhel/dovecot.conf | 29 + .../0.9.7/rhel/dovecot/conf.d/10-auth.conf | 4 + .../0.9.7/rhel/dovecot/conf.d/10-logging.conf | 1 + .../0.9.7/rhel/dovecot/conf.d/10-mail.conf | 4 + .../0.9.7/rhel/dovecot/conf.d/10-master.conf | 29 + install/0.9.7/rhel/dovecot/conf.d/10-ssl.conf | 3 + .../0.9.7/rhel/dovecot/conf.d/20-imap.conf | 53 ++ .../0.9.7/rhel/dovecot/conf.d/20-pop3.conf | 86 +++ .../dovecot/conf.d/auth-passwdfile.conf.ext | 9 + install/0.9.7/rhel/dovecot/dovecot.conf | 4 + install/0.9.7/rhel/exim.conf | 313 ++++++++++ install/0.9.7/rhel/httpd-pma.conf | 39 ++ install/0.9.7/rhel/httpd-ssl.conf | 12 + install/0.9.7/rhel/httpd-status.conf | 7 + install/0.9.7/rhel/httpd-webmail.conf | 12 + install/0.9.7/rhel/httpd.conf | 256 ++++++++ install/0.9.7/rhel/httpd.log | 9 + install/0.9.7/rhel/mysql.cnf | 16 + install/0.9.7/rhel/named.conf | 13 + install/0.9.7/rhel/nginx-status.conf | 9 + install/0.9.7/rhel/nginx.conf | 78 +++ install/0.9.7/rhel/packages/default.pkg | 16 + install/0.9.7/rhel/packages/gainsboro.pkg | 16 + install/0.9.7/rhel/packages/palegreen.pkg | 16 + install/0.9.7/rhel/packages/slategrey.pkg | 16 + install/0.9.7/rhel/pg_hba.conf | 11 + install/0.9.7/rhel/pma.conf | 143 +++++ install/0.9.7/rhel/proftpd.conf | 27 + install/0.9.7/rhel/roundcube-db.conf | 66 +++ install/0.9.7/rhel/roundcube-main.conf | 293 ++++++++++ install/0.9.7/rhel/spam-blocks.conf | 0 install/0.9.7/rhel/sudoers.conf | 98 ++++ install/0.9.7/rhel/templates/dns/default.tpl | 9 + install/0.9.7/rhel/templates/dns/gmail.tpl | 14 + .../rhel/templates/web/apache_default.stpl | 45 ++ .../rhel/templates/web/apache_default.tpl | 39 ++ .../rhel/templates/web/apache_hosting.stpl | 49 ++ .../rhel/templates/web/apache_hosting.tpl | 43 ++ .../0.9.7/rhel/templates/web/apache_phpcgi.sh | 16 + .../rhel/templates/web/apache_phpcgi.stpl | 34 ++ .../rhel/templates/web/apache_phpcgi.tpl | 27 + .../rhel/templates/web/apache_phpfcgid.sh | 22 + .../rhel/templates/web/apache_phpfcgid.stpl | 35 ++ .../rhel/templates/web/apache_phpfcgid.tpl | 27 + install/0.9.7/rhel/templates/web/awstats.tpl | 133 +++++ .../rhel/templates/web/awstats_index.tpl | 10 + .../0.9.7/rhel/templates/web/awstats_nav.tpl | 23 + .../templates/web/email_reset_password.tpl | 25 + .../0.9.7/rhel/templates/web/ngingx.ip.tpl | 9 + .../rhel/templates/web/nginx_default.stpl | 36 ++ .../rhel/templates/web/nginx_default.tpl | 33 ++ .../web/skel/document_errors/403.html | 29 + .../web/skel/document_errors/404.html | 28 + .../web/skel/document_errors/50x.html | 29 + .../templates/web/skel/public_html/index.html | 26 + .../templates/web/skel/public_html/robots.txt | 3 + .../web/skel/public_shtml/index.html | 26 + .../web/skel/public_shtml/robots.txt | 3 + .../rhel/templates/web/suspend/.htaccess | 2 + .../rhel/templates/web/suspend/index.html | 27 + .../0.9.7/rhel/templates/web/webalizer.tpl | 110 ++++ install/0.9.7/rhel/vesta.log | 7 + install/0.9.7/rhel/vsftpd.conf | 15 + install/vst-install.sh | 549 ++++++++++++++++++ 67 files changed, 3677 insertions(+), 1 deletion(-) create mode 100644 install/0.9.7/rhel/clamd.conf create mode 100644 install/0.9.7/rhel/dnsbl.conf create mode 100644 install/0.9.7/rhel/dovecot.conf create mode 100644 install/0.9.7/rhel/dovecot/conf.d/10-auth.conf create mode 100644 install/0.9.7/rhel/dovecot/conf.d/10-logging.conf create mode 100644 install/0.9.7/rhel/dovecot/conf.d/10-mail.conf create mode 100644 install/0.9.7/rhel/dovecot/conf.d/10-master.conf create mode 100644 install/0.9.7/rhel/dovecot/conf.d/10-ssl.conf create mode 100644 install/0.9.7/rhel/dovecot/conf.d/20-imap.conf create mode 100644 install/0.9.7/rhel/dovecot/conf.d/20-pop3.conf create mode 100644 install/0.9.7/rhel/dovecot/conf.d/auth-passwdfile.conf.ext create mode 100644 install/0.9.7/rhel/dovecot/dovecot.conf create mode 100644 install/0.9.7/rhel/exim.conf create mode 100644 install/0.9.7/rhel/httpd-pma.conf create mode 100644 install/0.9.7/rhel/httpd-ssl.conf create mode 100644 install/0.9.7/rhel/httpd-status.conf create mode 100644 install/0.9.7/rhel/httpd-webmail.conf create mode 100644 install/0.9.7/rhel/httpd.conf create mode 100644 install/0.9.7/rhel/httpd.log create mode 100644 install/0.9.7/rhel/mysql.cnf create mode 100644 install/0.9.7/rhel/named.conf create mode 100644 install/0.9.7/rhel/nginx-status.conf create mode 100644 install/0.9.7/rhel/nginx.conf create mode 100644 install/0.9.7/rhel/packages/default.pkg create mode 100644 install/0.9.7/rhel/packages/gainsboro.pkg create mode 100644 install/0.9.7/rhel/packages/palegreen.pkg create mode 100644 install/0.9.7/rhel/packages/slategrey.pkg create mode 100644 install/0.9.7/rhel/pg_hba.conf create mode 100644 install/0.9.7/rhel/pma.conf create mode 100644 install/0.9.7/rhel/proftpd.conf create mode 100644 install/0.9.7/rhel/roundcube-db.conf create mode 100644 install/0.9.7/rhel/roundcube-main.conf create mode 100644 install/0.9.7/rhel/spam-blocks.conf create mode 100644 install/0.9.7/rhel/sudoers.conf create mode 100755 install/0.9.7/rhel/templates/dns/default.tpl create mode 100755 install/0.9.7/rhel/templates/dns/gmail.tpl create mode 100755 install/0.9.7/rhel/templates/web/apache_default.stpl create mode 100755 install/0.9.7/rhel/templates/web/apache_default.tpl create mode 100755 install/0.9.7/rhel/templates/web/apache_hosting.stpl create mode 100755 install/0.9.7/rhel/templates/web/apache_hosting.tpl create mode 100755 install/0.9.7/rhel/templates/web/apache_phpcgi.sh create mode 100755 install/0.9.7/rhel/templates/web/apache_phpcgi.stpl create mode 100755 install/0.9.7/rhel/templates/web/apache_phpcgi.tpl create mode 100755 install/0.9.7/rhel/templates/web/apache_phpfcgid.sh create mode 100755 install/0.9.7/rhel/templates/web/apache_phpfcgid.stpl create mode 100755 install/0.9.7/rhel/templates/web/apache_phpfcgid.tpl create mode 100755 install/0.9.7/rhel/templates/web/awstats.tpl create mode 100755 install/0.9.7/rhel/templates/web/awstats_index.tpl create mode 100755 install/0.9.7/rhel/templates/web/awstats_nav.tpl create mode 100755 install/0.9.7/rhel/templates/web/email_reset_password.tpl create mode 100755 install/0.9.7/rhel/templates/web/ngingx.ip.tpl create mode 100755 install/0.9.7/rhel/templates/web/nginx_default.stpl create mode 100755 install/0.9.7/rhel/templates/web/nginx_default.tpl create mode 100755 install/0.9.7/rhel/templates/web/skel/document_errors/403.html create mode 100755 install/0.9.7/rhel/templates/web/skel/document_errors/404.html create mode 100755 install/0.9.7/rhel/templates/web/skel/document_errors/50x.html create mode 100755 install/0.9.7/rhel/templates/web/skel/public_html/index.html create mode 100755 install/0.9.7/rhel/templates/web/skel/public_html/robots.txt create mode 100755 install/0.9.7/rhel/templates/web/skel/public_shtml/index.html create mode 100755 install/0.9.7/rhel/templates/web/skel/public_shtml/robots.txt create mode 100755 install/0.9.7/rhel/templates/web/suspend/.htaccess create mode 100755 install/0.9.7/rhel/templates/web/suspend/index.html create mode 100755 install/0.9.7/rhel/templates/web/webalizer.tpl create mode 100644 install/0.9.7/rhel/vesta.log create mode 100644 install/0.9.7/rhel/vsftpd.conf create mode 100644 install/vst-install.sh diff --git a/bin/v-update-sys-ip b/bin/v-update-sys-ip index 2aef51c6a..c34387e37 100755 --- a/bin/v-update-sys-ip +++ b/bin/v-update-sys-ip @@ -67,7 +67,7 @@ for ip in $ip_list; do # Creating startup script if [ ! -e "$iconf-$iface" ]; then - ip_add_startup + create_vesta_ip fi fi diff --git a/install/0.9.7/rhel/clamd.conf b/install/0.9.7/rhel/clamd.conf new file mode 100644 index 000000000..c215bcb98 --- /dev/null +++ b/install/0.9.7/rhel/clamd.conf @@ -0,0 +1,502 @@ +## +## Example config file for the Clam AV daemon +## Please read the clamd.conf(5) manual before editing this file. +## + + +# Comment or remove the line below. +#Example + +# Uncomment this option to enable logging. +# LogFile must be writable for the user running daemon. +# A full path is required. +# Default: disabled +LogFile /var/log/clamav/clamd.log + +# By default the log file is locked for writing - the lock protects against +# running clamd multiple times (if want to run another clamd, please +# copy the configuration file, change the LogFile variable, and run +# the daemon with --config-file option). +# This option disables log file locking. +# Default: no +#LogFileUnlock yes + +# Maximum size of the log file. +# Value of 0 disables the limit. +# You may use 'M' or 'm' for megabytes (1M = 1m = 1048576 bytes) +# and 'K' or 'k' for kilobytes (1K = 1k = 1024 bytes). To specify the size +# in bytes just don't use modifiers. +# Default: 1M +LogFileMaxSize 0 + +# Log time with each message. +# Default: no +LogTime yes + +# Also log clean files. Useful in debugging but drastically increases the +# log size. +# Default: no +#LogClean yes + +# Use system logger (can work together with LogFile). +# Default: no +LogSyslog yes + +# Specify the type of syslog messages - please refer to 'man syslog' +# for facility names. +# Default: LOG_LOCAL6 +#LogFacility LOG_MAIL + +# Enable verbose logging. +# Default: no +#LogVerbose yes + +# Log additional information about the infected file, such as its +# size and hash, together with the virus name. +#ExtendedDetectionInfo yes + +# This option allows you to save a process identifier of the listening +# daemon (main thread). +# Default: disabled +PidFile /var/run/clamav/clamd.pid + +# Optional path to the global temporary directory. +# Default: system specific (usually /tmp or /var/tmp). +TemporaryDirectory /var/tmp + +# Path to the database directory. +# Default: hardcoded (depends on installation options) +DatabaseDirectory /var/lib/clamav + +# Only load the official signatures published by the ClamAV project. +# Default: no +#OfficialDatabaseOnly no + +# The daemon can work in local mode, network mode or both. +# Due to security reasons we recommend the local mode. + +# Path to a local socket file the daemon will listen on. +# Default: disabled (must be specified by a user) +LocalSocket /var/run/clamav/clamd.sock + +# Sets the group ownership on the unix socket. +# Default: disabled (the primary group of the user running clamd) +#LocalSocketGroup virusgroup + +# Sets the permissions on the unix socket to the specified mode. +# Default: disabled (socket is world accessible) +#LocalSocketMode 660 + +# Remove stale socket after unclean shutdown. +# Default: yes +FixStaleSocket yes + +# TCP port address. +# Default: no +TCPSocket 3310 + +# TCP address. +# By default we bind to INADDR_ANY, probably not wise. +# Enable the following to provide some degree of protection +# from the outside world. +# Default: no +TCPAddr 127.0.0.1 + +# Maximum length the queue of pending connections may grow to. +# Default: 200 +MaxConnectionQueueLength 30 + +# Clamd uses FTP-like protocol to receive data from remote clients. +# If you are using clamav-milter to balance load between remote clamd daemons +# on firewall servers you may need to tune the options below. + +# Close the connection when the data size limit is exceeded. +# The value should match your MTA's limit for a maximum attachment size. +# Default: 25M +#StreamMaxLength 10M + +# Limit port range. +# Default: 1024 +#StreamMinPort 30000 +# Default: 2048 +#StreamMaxPort 32000 + +# Maximum number of threads running at the same time. +# Default: 10 +MaxThreads 50 + +# Waiting for data from a client socket will timeout after this time (seconds). +# Default: 120 +ReadTimeout 300 + +# This option specifies the time (in seconds) after which clamd should +# timeout if a client doesn't provide any initial command after connecting. +# Default: 5 +#CommandReadTimeout 5 + +# This option specifies how long to wait (in miliseconds) if the send buffer is full. +# Keep this value low to prevent clamd hanging +# +# Default: 500 +#SendBufTimeout 200 + +# Maximum number of queued items (including those being processed by MaxThreads threads) +# It is recommended to have this value at least twice MaxThreads if possible. +# WARNING: you shouldn't increase this too much to avoid running out of file descriptors, +# the following condition should hold: +# MaxThreads*MaxRecursion + (MaxQueue - MaxThreads) + 6< RLIMIT_NOFILE (usual max is 1024) +# +# Default: 100 +#MaxQueue 200 + +# Waiting for a new job will timeout after this time (seconds). +# Default: 30 +#IdleTimeout 60 + +# Don't scan files and directories matching regex +# This directive can be used multiple times +# Default: scan all +#ExcludePath ^/proc/ +#ExcludePath ^/sys/ + +# Maximum depth directories are scanned at. +# Default: 15 +#MaxDirectoryRecursion 20 + +# Follow directory symlinks. +# Default: no +#FollowDirectorySymlinks yes + +# Follow regular file symlinks. +# Default: no +#FollowFileSymlinks yes + +# Scan files and directories on other filesystems. +# Default: yes +#CrossFilesystems yes + +# Perform a database check. +# Default: 600 (10 min) +#SelfCheck 600 + +# Execute a command when virus is found. In the command string %v will +# be replaced with the virus name. +# Default: no +#VirusEvent /usr/local/bin/send_sms 123456789 "VIRUS ALERT: %v" + +# Run as another user (clamd must be started by root for this option to work) +# Default: don't drop privileges +User clam + +# Initialize supplementary group access (clamd must be started by root). +# Default: no +AllowSupplementaryGroups yes + +# Stop daemon when libclamav reports out of memory condition. +#ExitOnOOM yes + +# Don't fork into background. +# Default: no +#Foreground yes + +# Enable debug messages in libclamav. +# Default: no +#Debug yes + +# Do not remove temporary files (for debug purposes). +# Default: no +#LeaveTemporaryFiles yes + +# Detect Possibly Unwanted Applications. +# Default: no +#DetectPUA yes + +# Exclude a specific PUA category. This directive can be used multiple times. +# See http://www.clamav.net/support/pua for the complete list of PUA +# categories. +# Default: Load all categories (if DetectPUA is activated) +#ExcludePUA NetTool +#ExcludePUA PWTool + +# Only include a specific PUA category. This directive can be used multiple +# times. +# Default: Load all categories (if DetectPUA is activated) +#IncludePUA Spy +#IncludePUA Scanner +#IncludePUA RAT + +# In some cases (eg. complex malware, exploits in graphic files, and others), +# ClamAV uses special algorithms to provide accurate detection. This option +# controls the algorithmic detection. +# Default: yes +#AlgorithmicDetection yes + + +## +## Executable files +## + +# PE stands for Portable Executable - it's an executable file format used +# in all 32 and 64-bit versions of Windows operating systems. This option allows +# ClamAV to perform a deeper analysis of executable files and it's also +# required for decompression of popular executable packers such as UPX, FSG, +# and Petite. If you turn off this option, the original files will still be +# scanned, but without additional processing. +# Default: yes +ScanPE yes + +# Executable and Linking Format is a standard format for UN*X executables. +# This option allows you to control the scanning of ELF files. +# If you turn off this option, the original files will still be scanned, but +# without additional processing. +# Default: yes +ScanELF yes + +# With this option clamav will try to detect broken executables (both PE and +# ELF) and mark them as Broken.Executable. +# Default: no +DetectBrokenExecutables yes + + +## +## Documents +## + +# This option enables scanning of OLE2 files, such as Microsoft Office +# documents and .msi files. +# If you turn off this option, the original files will still be scanned, but +# without additional processing. +# Default: yes +ScanOLE2 yes + + +# With this option enabled OLE2 files with VBA macros, which were not +# detected by signatures will be marked as "Heuristics.OLE2.ContainsMacros". +# Default: no +#OLE2BlockMacros no + +# This option enables scanning within PDF files. +# If you turn off this option, the original files will still be scanned, but +# without decoding and additional processing. +# Default: yes +#ScanPDF yes + + +## +## Mail files +## + +# Enable internal e-mail scanner. +# If you turn off this option, the original files will still be scanned, but +# without parsing individual messages/attachments. +# Default: yes +ScanMail yes + +# Scan RFC1341 messages split over many emails. +# You will need to periodically clean up $TemporaryDirectory/clamav-partial directory. +# WARNING: This option may open your system to a DoS attack. +# Never use it on loaded servers. +# Default: no +#ScanPartialMessages yes + + +# With this option enabled ClamAV will try to detect phishing attempts by using +# signatures. +# Default: yes +#PhishingSignatures yes + +# Scan URLs found in mails for phishing attempts using heuristics. +# Default: yes +#PhishingScanURLs yes + +# Always block SSL mismatches in URLs, even if the URL isn't in the database. +# This can lead to false positives. +# +# Default: no +#PhishingAlwaysBlockSSLMismatch no + +# Always block cloaked URLs, even if URL isn't in database. +# This can lead to false positives. +# +# Default: no +#PhishingAlwaysBlockCloak no + +# Allow heuristic match to take precedence. +# When enabled, if a heuristic scan (such as phishingScan) detects +# a possible virus/phish it will stop scan immediately. Recommended, saves CPU +# scan-time. +# When disabled, virus/phish detected by heuristic scans will be reported only at +# the end of a scan. If an archive contains both a heuristically detected +# virus/phish, and a real malware, the real malware will be reported +# +# Keep this disabled if you intend to handle "*.Heuristics.*" viruses +# differently from "real" malware. +# If a non-heuristically-detected virus (signature-based) is found first, +# the scan is interrupted immediately, regardless of this config option. +# +# Default: no +#HeuristicScanPrecedence yes + +## +## Data Loss Prevention (DLP) +## + +# Enable the DLP module +# Default: No +#StructuredDataDetection yes + +# This option sets the lowest number of Credit Card numbers found in a file +# to generate a detect. +# Default: 3 +#StructuredMinCreditCardCount 5 + +# This option sets the lowest number of Social Security Numbers found +# in a file to generate a detect. +# Default: 3 +#StructuredMinSSNCount 5 + +# With this option enabled the DLP module will search for valid +# SSNs formatted as xxx-yy-zzzz +# Default: yes +#StructuredSSNFormatNormal yes + +# With this option enabled the DLP module will search for valid +# SSNs formatted as xxxyyzzzz +# Default: no +#StructuredSSNFormatStripped yes + + +## +## HTML +## + +# Perform HTML normalisation and decryption of MS Script Encoder code. +# Default: yes +# If you turn off this option, the original files will still be scanned, but +# without additional processing. +#ScanHTML yes + + +## +## Archives +## + +# ClamAV can scan within archives and compressed files. +# If you turn off this option, the original files will still be scanned, but +# without unpacking and additional processing. +# Default: yes +ScanArchive yes + +# Mark encrypted archives as viruses (Encrypted.Zip, Encrypted.RAR). +# Default: no +ArchiveBlockEncrypted no + + +## +## Limits +## + +# The options below protect your system against Denial of Service attacks +# using archive bombs. + +# This option sets the maximum amount of data to be scanned for each input file. +# Archives and other containers are recursively extracted and scanned up to this +# value. +# Value of 0 disables the limit +# Note: disabling this limit or setting it too high may result in severe damage +# to the system. +# Default: 100M +#MaxScanSize 150M + +# Files larger than this limit won't be scanned. Affects the input file itself +# as well as files contained inside it (when the input file is an archive, a +# document or some other kind of container). +# Value of 0 disables the limit. +# Note: disabling this limit or setting it too high may result in severe damage +# to the system. +# Default: 25M +#MaxFileSize 30M + +# Nested archives are scanned recursively, e.g. if a Zip archive contains a RAR +# file, all files within it will also be scanned. This options specifies how +# deeply the process should be continued. +# Note: setting this limit too high may result in severe damage to the system. +# Default: 16 +#MaxRecursion 10 + +# Number of files to be scanned within an archive, a document, or any other +# container file. +# Value of 0 disables the limit. +# Note: disabling this limit or setting it too high may result in severe damage +# to the system. +# Default: 10000 +#MaxFiles 15000 + + +## +## Clamuko settings +## + +# Enable Clamuko. Dazuko must be configured and running. Clamuko supports +# both Dazuko (/dev/dazuko) and DazukoFS (/dev/dazukofs.ctrl). DazukoFS +# is the preferred option. For more information please visit www.dazuko.org +# Default: no +#ClamukoScanOnAccess yes + +# The number of scanner threads that will be started (DazukoFS only). +# Having multiple scanner threads allows Clamuko to serve multiple +# processes simultaneously. This is particularly beneficial on SMP machines. +# Default: 3 +#ClamukoScannerCount 3 + +# Don't scan files larger than ClamukoMaxFileSize +# Value of 0 disables the limit. +# Default: 5M +#ClamukoMaxFileSize 10M + +# Set access mask for Clamuko (Dazuko only). +# Default: no +#ClamukoScanOnOpen yes +#ClamukoScanOnClose yes +#ClamukoScanOnExec yes + +# Set the include paths (all files inside them will be scanned). You can have +# multiple ClamukoIncludePath directives but each directory must be added +# in a seperate line. (Dazuko only) +# Default: disabled +#ClamukoIncludePath /home +#ClamukoIncludePath /students + +# Set the exclude paths. All subdirectories are also excluded. (Dazuko only) +# Default: disabled +#ClamukoExcludePath /home/bofh + +# With this option you can whitelist specific UIDs. Processes with these UIDs +# will be able to access all files. +# This option can be used multiple times (one per line). +# Default: disabled +#ClamukoExcludeUID 0 + +# With this option enabled ClamAV will load bytecode from the database. +# It is highly recommended you keep this option on, otherwise you'll miss detections for many new viruses. +# Default: yes +#Bytecode yes + +# Set bytecode security level. +# Possible values: +# None - no security at all, meant for debugging. DO NOT USE THIS ON PRODUCTION SYSTEMS +# This value is only available if clamav was built with --enable-debug! +# TrustSigned - trust bytecode loaded from signed .c[lv]d files, +# insert runtime safety checks for bytecode loaded from other sources +# Paranoid - don't trust any bytecode, insert runtime checks for all +# Recommended: TrustSigned, because bytecode in .cvd files already has these checks +# Note that by default only signed bytecode is loaded, currently you can only +# load unsigned bytecode in --enable-debug mode. +# +# Default: TrustSigned +#BytecodeSecurity TrustSigned + +# Set bytecode timeout in miliseconds. +# +# Default: 5000 +# BytecodeTimeout 1000 diff --git a/install/0.9.7/rhel/dnsbl.conf b/install/0.9.7/rhel/dnsbl.conf new file mode 100644 index 000000000..767302252 --- /dev/null +++ b/install/0.9.7/rhel/dnsbl.conf @@ -0,0 +1,3 @@ +bl.spamcop.net +zen.spamhaus.org +dnsbl.sorbs.net diff --git a/install/0.9.7/rhel/dovecot.conf b/install/0.9.7/rhel/dovecot.conf new file mode 100644 index 000000000..c4b187b53 --- /dev/null +++ b/install/0.9.7/rhel/dovecot.conf @@ -0,0 +1,29 @@ +protocols = imap imaps pop3 pop3s +log_path = /var/log/dovecot.log +ssl_cert_file = /etc/pki/tls/certs/exim.pem +ssl_key_file = /etc/pki/tls/private/exim.pem + +disable_plaintext_auth = no +mail_location = maildir:%h/mail/%d/%n +umask = 0077 +pop3_uidl_format = %08Xu%08Xv +auth_verbose = yes +auth_username_format = %Lu + +auth default { + mechanisms = plain login + passdb passwd-file { + args = /etc/exim/domains/%d/passwd + } + + userdb passwd-file { + args = /etc/exim/domains/%d/passwd + } + + socket listen { + client { + path = /var/run/dovecot/auth-client + mode = 0666 + } + } +} diff --git a/install/0.9.7/rhel/dovecot/conf.d/10-auth.conf b/install/0.9.7/rhel/dovecot/conf.d/10-auth.conf new file mode 100644 index 000000000..920737b9e --- /dev/null +++ b/install/0.9.7/rhel/dovecot/conf.d/10-auth.conf @@ -0,0 +1,4 @@ +disable_plaintext_auth = no +auth_verbose = yes +!include auth-passwdfile.conf.ext + diff --git a/install/0.9.7/rhel/dovecot/conf.d/10-logging.conf b/install/0.9.7/rhel/dovecot/conf.d/10-logging.conf new file mode 100644 index 000000000..a5f207d51 --- /dev/null +++ b/install/0.9.7/rhel/dovecot/conf.d/10-logging.conf @@ -0,0 +1 @@ +log_path = /var/log/dovecot.log diff --git a/install/0.9.7/rhel/dovecot/conf.d/10-mail.conf b/install/0.9.7/rhel/dovecot/conf.d/10-mail.conf new file mode 100644 index 000000000..55313419e --- /dev/null +++ b/install/0.9.7/rhel/dovecot/conf.d/10-mail.conf @@ -0,0 +1,4 @@ +mail_privileged_group = mail +mail_access_groups = mail +mail_location = maildir:%h/mail/%d/%n +pop3_uidl_format = %08Xu%08Xv diff --git a/install/0.9.7/rhel/dovecot/conf.d/10-master.conf b/install/0.9.7/rhel/dovecot/conf.d/10-master.conf new file mode 100644 index 000000000..a75a9aaa4 --- /dev/null +++ b/install/0.9.7/rhel/dovecot/conf.d/10-master.conf @@ -0,0 +1,29 @@ +service imap-login { + inet_listener imap { + } + inet_listener imaps { + } +} + +service pop3-login { + inet_listener pop3 { + } + inet_listener pop3s { + } +} + + +service imap { +} + +service pop3 { +} + +service auth { + unix_listener auth-client { + group = mail + mode = 0660 + user = dovecot + } + user = dovecot +} diff --git a/install/0.9.7/rhel/dovecot/conf.d/10-ssl.conf b/install/0.9.7/rhel/dovecot/conf.d/10-ssl.conf new file mode 100644 index 000000000..aaf63255b --- /dev/null +++ b/install/0.9.7/rhel/dovecot/conf.d/10-ssl.conf @@ -0,0 +1,3 @@ +ssl = yes +ssl_cert = = 2.1.4) : %v.%u + # Dovecot v0.99.x : %v.%u + # tpop3d : %Mf + # + # Note that Outlook 2003 seems to have problems with %v.%u format which was + # Dovecot's default, so if you're building a new server it would be a good + # idea to change this. %08Xu%08Xv should be pretty fail-safe. + # + #pop3_uidl_format = %08Xu%08Xv + + # Permanently save UIDLs sent to POP3 clients, so pop3_uidl_format changes + # won't change those UIDLs. Currently this works only with Maildir. + #pop3_save_uidl = no + + # POP3 logout format string: + # %i - total number of bytes read from client + # %o - total number of bytes sent to client + # %t - number of TOP commands + # %p - number of bytes sent to client as a result of TOP command + # %r - number of RETR commands + # %b - number of bytes sent to client as a result of RETR command + # %d - number of deleted messages + # %m - number of messages (before deletion) + # %s - mailbox size in bytes (before deletion) + # %u - old/new UIDL hash. may help finding out if UIDLs changed unexpectedly + #pop3_logout_format = top=%t/%p, retr=%r/%b, del=%d/%m, size=%s + + # Maximum number of POP3 connections allowed for a user from each IP address. + # NOTE: The username is compared case-sensitively. + #mail_max_userip_connections = 3 + + # Space separated list of plugins to load (default is global mail_plugins). + #mail_plugins = $mail_plugins + + # Workarounds for various client bugs: + # outlook-no-nuls: + # Outlook and Outlook Express hang if mails contain NUL characters. + # This setting replaces them with 0x80 character. + # oe-ns-eoh: + # Outlook Express and Netscape Mail breaks if end of headers-line is + # missing. This option simply sends it if it's missing. + # The list is space-separated. + #pop3_client_workarounds = +} diff --git a/install/0.9.7/rhel/dovecot/conf.d/auth-passwdfile.conf.ext b/install/0.9.7/rhel/dovecot/conf.d/auth-passwdfile.conf.ext new file mode 100644 index 000000000..69ab3a5d9 --- /dev/null +++ b/install/0.9.7/rhel/dovecot/conf.d/auth-passwdfile.conf.ext @@ -0,0 +1,9 @@ +passdb { + driver = passwd-file + args = scheme=MD5-CRYPT username_format=%n /etc/exim/domains/%d/passwd +} + +userdb { + driver = passwd-file + args = username_format=%n /etc/exim/domains/%d/passwd +} diff --git a/install/0.9.7/rhel/dovecot/dovecot.conf b/install/0.9.7/rhel/dovecot/dovecot.conf new file mode 100644 index 000000000..0a8553510 --- /dev/null +++ b/install/0.9.7/rhel/dovecot/dovecot.conf @@ -0,0 +1,4 @@ +protocols = imap pop3 +listen = *, :: +base_dir = /var/run/dovecot/ +!include conf.d/*.conf diff --git a/install/0.9.7/rhel/exim.conf b/install/0.9.7/rhel/exim.conf new file mode 100644 index 000000000..ef19fefff --- /dev/null +++ b/install/0.9.7/rhel/exim.conf @@ -0,0 +1,313 @@ +########################################################################## +SPAMASSASSIN = yes +SPAM_SCORE = 10 +CLAMD = yes +########################################################################## + +domainlist local_domains = dsearch;/etc/exim/domains/ +domainlist relay_to_domains = dsearch;/etc/exim/domains/ +hostlist relay_from_hosts = 127.0.0.1 +hostlist spammers = net-iplsearch;/etc/exim/spam-blocks.conf + +acl_smtp_connect = acl_check_spammers +acl_smtp_mail = acl_check_mail +acl_smtp_rcpt = acl_check_rcpt +acl_smtp_data = acl_check_data +acl_smtp_mime = acl_check_mime + +.ifdef SPAMASSASSIN +spamd_address = 127.0.0.1 783 +.endif + +.ifdef CLAMD +av_scanner = clamd: /var/run/clamav/clamd.sock +.endif + +tls_advertise_hosts = * +tls_certificate = /etc/pki/tls/certs/exim.pem +tls_privatekey = /etc/pki/tls/private/exim.pem + +daemon_smtp_ports = 25 : 465 : 587 +tls_on_connect_ports = 465 +never_users = root +host_lookup = * +rfc1413_hosts = * +rfc1413_query_timeout = 5s +ignore_bounce_errors_after = 2d +timeout_frozen_after = 7d + +DKIM_DOMAIN = ${lc:${domain:$h_from:}} +DKIM_FILE = /etc/exim/domains/${lc:${domain:$h_from:}}/dkim.pem +DKIM_PRIVATE_KEY = ${if exists{DKIM_FILE}{DKIM_FILE}{0}} + +########################################################################## +begin acl +########################################################################## +acl_check_spammers: + drop message = Your host in blacklist on this server. + log_message = Host in blacklist + hosts = +spammers + deny message = rejected because $sender_host_address is in a black list at $dnslist_domain\\n$dnslist_text + dnslists = ${readfile {/etc/exim/dnsbl.conf}{:}} + accept + +acl_check_mail: + deny + condition = ${if eq{$sender_helo_name}{}} + message = HELO required before MAIL + drop + condition = ${if isip{$sender_helo_name}} + message = Access denied - Invalid HELO name (See RFC2821 4.1.3) + drop message = Helo name contains a ip address (HELO was $sender_helo_name) and not is valid + condition = ${if match{$sender_helo_name}{\N((\d{1,3}[.-]\d{1,3}[.-]\d{1,3}[.-]\d{1,3})|([0-9a-f]{8})|([0-9A-F]{8}))\N}{yes}{no}} + condition = ${if match {${lookup dnsdb{>: defer_never,ptr=$sender_host_address}}\}{$sender_helo_name}{no}{yes}} + delay = 45s + drop + condition = ${if match{$sender_helo_name}{\N^\[\N}{no}{yes}} + condition = ${if match{$sender_helo_name}{\N\.\N}{no}{yes}} + message = Access denied - Invalid HELO name (See RFC2821 4.1.1.1) + drop + condition = ${if isip{$sender_helo_name}} + message = Access denied - Invalid HELO name (See RFC2821 4.1.3) + drop + condition = ${if match{$sender_helo_name}{\N\.$\N}} + message = Access denied - Invalid HELO name (See RFC2821 4.1.1.1) +# drop message = "REJECTED - Bad HELO - Host impersonating [$sender_helo_name]" +# condition = ${if match{$sender_helo_name}{$primary_hostname}} + drop condition = ${if eq{[$interface_address]}{$sender_helo_name}} + message = $interface_address is _my_ address + accept + + +acl_check_rcpt: + accept hosts = : + deny message = Restricted characters in address + domains = +local_domains + local_parts = ^[.] : ^.*[@%!/|] + deny message = Restricted characters in address + domains = !+local_domains + local_parts = ^[./|] : ^.*[@%!] : ^.*/\\.\\./ + accept hosts = +relay_from_hosts + control = submission + accept local_parts = postmaster + domains = +local_domains + require verify = sender + accept authenticated = * + control = submission/domain= + require message = relay not permitted + domains = +local_domains : +relay_to_domains + require verify = recipient +.ifdef CLAMD + warn set acl_m0 = no + warn condition = ${if exists {/etc/exim/domains/$domain/antivirus}{yes}{no}} + set acl_m0 = yes +.endif +.ifdef SPAMASSASSIN + warn set acl_m1 = no + warn condition = ${if exists {/etc/exim/domains/$domain/antispam}{yes}{no}} + set acl_m1 = yes +.endif + accept + + +acl_check_data: +.ifdef CLAMD + deny message = Message contains a virus ($malware_name) and has been rejected + malware = * + condition = ${if eq{$acl_m0}{yes}{yes}{no}} +.endif + +.ifdef SPAMASSASSIN + warn + !authenticated = * + hosts = !+relay_from_hosts + condition = ${if < {$message_size}{100K}} + condition = ${if eq{$acl_m1}{yes}{yes}{no}} + spam = nobody:true/defer_ok + add_header = X-Spam-Score: $spam_score_int + add_header = X-Spam-Bar: $spam_bar + add_header = X-Spam-Report: $spam_report + set acl_m2 = $spam_score_int + warn + condition = ${if !eq{$acl_m2}{} {yes}{no}} + condition = ${if >{$acl_m2}{SPAM_SCORE} {yes}{no}} + add_header = X-Spam-Status: Yes + message = SpamAssassin detected spam (from $sender_address to $recipients). +.endif + accept + + +acl_check_mime: + deny message = Blacklisted file extension detected + condition = ${if match {${lc:$mime_filename}}{\N(\.ade|\.adp|\.bat|\.chm|\.cmd|\.com|\.cpl|\.exe|\.hta|\.ins|\.isp|\.jse|\.lib|\.lnk|\.mde|\.msc|\.msp|\.mst|\.pif|\.scr|\.sct|\.shb|\.sys|\.vb|\.vbe|\.vbs|\.vxd|\.wsc|\.wsf|\.wsh)$\N}{1}{0}} + accept + +########################################################################## +begin authenticators +########################################################################## +dovecot_plain: + driver = dovecot + public_name = PLAIN + server_socket = /var/run/dovecot/auth-client + server_set_id = $auth1 + +dovecot_login: + driver = dovecot + public_name = LOGIN + server_socket = /var/run/dovecot/auth-client + server_set_id = $auth1 + +########################################################################## +begin routers +########################################################################## +dnslookup: + driver = dnslookup + domains = ! +local_domains + transport = remote_smtp +# ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8 + no_more + +system_aliases: + driver = redirect + allow_fail + allow_defer + data = ${lookup{$local_part}lsearch{/etc/aliases}} + file_transport = address_file + pipe_transport = address_pipe + +userforward: + driver = redirect + check_local_user + file = $home/.forward + allow_filter + no_verify + no_expn + check_ancestor + file_transport = address_file + pipe_transport = address_pipe + reply_transport = address_reply + +procmail: + driver = accept + check_local_user + require_files = ${local_part}:+${home}/.procmailrc:/usr/bin/procmail + transport = procmail + no_verify + +autoreplay: + driver = accept + require_files = /etc/exim/domains/$domain/autoreply.${local_part}.msg + condition = ${if exists{/etc/exim/domains/$domain/autoreply.${local_part}.msg}}{yes}{no}} + retry_use_local_part + transport = userautoreply + unseen + +aliases: + driver = redirect + headers_add = X-redirected: yes + data = ${extract{1}{:}{${lookup{$local_part@$domain}lsearch{/etc/exim/domains/$domain/aliases}}}} + require_files = /etc/exim/domains/$domain/aliases + redirect_router = dnslookup + pipe_transport = address_pipe + unseen + +localuser_spam: + driver = accept + transport = local_spam_delivery + condition = ${if eq {${if match{$h_X-Spam-Status:}{\N^Yes\N}{yes}{no}}} {${lookup{$local_part}lsearch{/etc/exim/domains/$domain/passwd}{yes}{no_such_user}}}} + +localuser: + driver = accept + transport = local_delivery + condition = ${lookup{$local_part}lsearch{/etc/exim/domains/$domain/passwd}{true}{false}} + +catchall: + driver = redirect + headers_add = X-redirected: yes + require_files = /etc/exim/domains/$domain/aliases + data = ${extract{1}{:}{${lookup{*@$domain}lsearch{/etc/exim/domains/$domain/aliases}}}} + file_transport = local_delivery + redirect_router = dnslookup + + +########################################################################## +begin transports +########################################################################## +remote_smtp: + driver = smtp + dkim_domain = DKIM_DOMAIN + dkim_selector = mail + dkim_private_key = DKIM_PRIVATE_KEY + dkim_canon = relaxed + dkim_strict = 0 + +procmail: + driver = pipe + command = "/usr/bin/procmail -d $local_part" + return_path_add + delivery_date_add + envelope_to_add + user = $local_part + initgroups + return_output + +local_delivery: + driver = appendfile + maildir_format + maildir_use_size_file + user = ${extract{2}{:}{${lookup{$local_part}lsearch{/etc/exim/domains/$domain/passwd}}}} + group = mail + create_directory + directory_mode = 770 + mode = 660 + use_lockfile = no + delivery_date_add + envelope_to_add + return_path_add + directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim/domains/$domain/passwd}}}}/mail/$domain/$local_part" + quota = ${extract{6}{:}{${lookup{$local_part}lsearch{/etc/exim/domains/$domain/passwd}}}}M + quota_warn_threshold = 75% + +local_spam_delivery: + driver = appendfile + maildir_format + maildir_use_size_file + user = ${extract{2}{:}{${lookup{$local_part}lsearch{/etc/exim/domains/$domain/passwd}}}} + group = mail + create_directory + directory_mode = 770 + mode = 660 + use_lockfile = no + delivery_date_add + envelope_to_add + return_path_add + directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim/domains/$domain/passwd}}}}/mail/$domain/$local_part/.spam" + quota = ${extract{6}{:}{${lookup{$local_part}lsearch{/etc/exim/domains/$domain/passwd}}}}M + quota_directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim/domains/$domain/passwd}}}}/mail/$domain/$local_part" + quota_warn_threshold = 75% + +address_pipe: + driver = pipe + return_output + +address_file: + driver = appendfile + delivery_date_add + envelope_to_add + return_path_add + +address_reply: + driver = autoreply + +userautoreply: + driver = autoreply + file = /etc/exim/domains/$domain/autoreply.${local_part}.msg + from = "${local_part}@${domain}" + subject = "${if def:h_Subject: {Autoreply: ${quote:${escape:$h_Subject:}}} {Autoreply Message}}" + to = "${sender_address}" + +########################################################################## +begin retry +* * F,2h,15m; G,16h,1h,1.5; F,4d,6h +########################################################################## +begin rewrite diff --git a/install/0.9.7/rhel/httpd-pma.conf b/install/0.9.7/rhel/httpd-pma.conf new file mode 100644 index 000000000..0049ef2b7 --- /dev/null +++ b/install/0.9.7/rhel/httpd-pma.conf @@ -0,0 +1,39 @@ +# phpMyAdmin - Web based MySQL browser written in php +# +# Allows only localhost by default +# +# But allowing phpMyAdmin to anyone other than localhost should be considered +# dangerous unless properly secured by SSL + +Alias /phpMyAdmin /usr/share/phpMyAdmin +Alias /phpmyadmin /usr/share/phpMyAdmin + + + Order Deny,Allow + Deny from All + Allow from All + + + + Order Deny,Allow + Deny from All + Allow from All + + +# This directory does not require access over HTTP - taken from the original +# phpMyAdmin upstream tarball +# + + Order Deny,Allow + Deny from All + Allow from None + + +# This configuration prevents mod_security at phpMyAdmin directories from +# filtering SQL etc. This may break your mod_security implementation. +# +# +# +# SecRuleInheritance Off +# +# diff --git a/install/0.9.7/rhel/httpd-ssl.conf b/install/0.9.7/rhel/httpd-ssl.conf new file mode 100644 index 000000000..6835e420b --- /dev/null +++ b/install/0.9.7/rhel/httpd-ssl.conf @@ -0,0 +1,12 @@ +LoadModule ssl_module modules/mod_ssl.so + +AddType application/x-x509-ca-cert .crt +AddType application/x-pkcs7-crl .crl + +SSLPassPhraseDialog builtin +SSLSessionCache shmcb:/var/cache/mod_ssl/scache(512000) +SSLSessionCacheTimeout 300 +SSLMutex default +SSLRandomSeed startup file:/dev/urandom 256 +SSLRandomSeed connect builtin +SSLCryptoDevice builtin diff --git a/install/0.9.7/rhel/httpd-status.conf b/install/0.9.7/rhel/httpd-status.conf new file mode 100644 index 000000000..a1b8e39a2 --- /dev/null +++ b/install/0.9.7/rhel/httpd-status.conf @@ -0,0 +1,7 @@ +Listen 127.0.0.1:8081 + + SetHandler server-status + Order deny,allow + Deny from all + Allow from all + diff --git a/install/0.9.7/rhel/httpd-webmail.conf b/install/0.9.7/rhel/httpd-webmail.conf new file mode 100644 index 000000000..3fbcd9971 --- /dev/null +++ b/install/0.9.7/rhel/httpd-webmail.conf @@ -0,0 +1,12 @@ +# +# Round Cube Webmail is a browser-based multilingual IMAP client +# + +Alias /roundcubemail /usr/share/roundcubemail +Alias /webmail /usr/share/roundcubemail + + + Order Deny,Allow + Deny from all + Allow from all + diff --git a/install/0.9.7/rhel/httpd.conf b/install/0.9.7/rhel/httpd.conf new file mode 100644 index 000000000..21a513835 --- /dev/null +++ b/install/0.9.7/rhel/httpd.conf @@ -0,0 +1,256 @@ +ServerTokens OS +ServerRoot "/etc/httpd" +PidFile run/httpd.pid +Timeout 30 +KeepAlive Off +MaxKeepAliveRequests 100 +KeepAliveTimeout 10 + + + StartServers 8 + MinSpareServers 5 + MaxSpareServers 20 + ServerLimit 256 + MaxClients 200 + MaxRequestsPerChild 4000 + + + + StartServers 2 + MaxClients 200 + MinSpareThreads 25 + MaxSpareThreads 75 + ThreadsPerChild 25 + MaxRequestsPerChild 4000 + + + + StartServers 8 + MinSpareServers 5 + MaxSpareServers 20 + ServerLimit 256 + MaxClients 256 + MaxRequestsPerChild 4000 + + +LoadModule auth_basic_module modules/mod_auth_basic.so +LoadModule auth_digest_module modules/mod_auth_digest.so +LoadModule authn_file_module modules/mod_authn_file.so +LoadModule authn_alias_module modules/mod_authn_alias.so +LoadModule authn_anon_module modules/mod_authn_anon.so +#LoadModule authn_dbm_module modules/mod_authn_dbm.so +LoadModule authn_default_module modules/mod_authn_default.so +LoadModule authz_host_module modules/mod_authz_host.so +LoadModule authz_user_module modules/mod_authz_user.so +LoadModule authz_owner_module modules/mod_authz_owner.so +LoadModule authz_groupfile_module modules/mod_authz_groupfile.so +#LoadModule authz_dbm_module modules/mod_authz_dbm.so +LoadModule authz_default_module modules/mod_authz_default.so +#LoadModule ldap_module modules/mod_ldap.so +#LoadModule authnz_ldap_module modules/mod_authnz_ldap.so +LoadModule include_module modules/mod_include.so +LoadModule log_config_module modules/mod_log_config.so +LoadModule logio_module modules/mod_logio.so +LoadModule env_module modules/mod_env.so +LoadModule ext_filter_module modules/mod_ext_filter.so +LoadModule mime_magic_module modules/mod_mime_magic.so +LoadModule expires_module modules/mod_expires.so +LoadModule deflate_module modules/mod_deflate.so +LoadModule headers_module modules/mod_headers.so +LoadModule usertrack_module modules/mod_usertrack.so +LoadModule setenvif_module modules/mod_setenvif.so +LoadModule mime_module modules/mod_mime.so +LoadModule dav_module modules/mod_dav.so +LoadModule status_module modules/mod_status.so +LoadModule autoindex_module modules/mod_autoindex.so +#LoadModule info_module modules/mod_info.so +#LoadModule dav_fs_module modules/mod_dav_fs.so +LoadModule vhost_alias_module modules/mod_vhost_alias.so +LoadModule negotiation_module modules/mod_negotiation.so +LoadModule dir_module modules/mod_dir.so +LoadModule actions_module modules/mod_actions.so +#LoadModule speling_module modules/mod_speling.so +#LoadModule userdir_module modules/mod_userdir.so +LoadModule alias_module modules/mod_alias.so +LoadModule rewrite_module modules/mod_rewrite.so +LoadModule proxy_module modules/mod_proxy.so +#LoadModule proxy_balancer_module modules/mod_proxy_balancer.so +#LoadModule proxy_ftp_module modules/mod_proxy_ftp.so +#LoadModule proxy_http_module modules/mod_proxy_http.so +#LoadModule proxy_connect_module modules/mod_proxy_connect.so +LoadModule cache_module modules/mod_cache.so +LoadModule suexec_module modules/mod_suexec.so +#LoadModule disk_cache_module modules/mod_disk_cache.so +#LoadModule file_cache_module modules/mod_file_cache.so +#LoadModule mem_cache_module modules/mod_mem_cache.so +LoadModule cgi_module modules/mod_cgi.so +LoadModule version_module modules/mod_version.so + +Include conf.d/*.conf + +ExtendedStatus On + +User apache +Group apache + +ServerAdmin root@localhost +UseCanonicalName Off +DocumentRoot "/var/www/html" + + Options FollowSymLinks + AllowOverride None + + + + Options Indexes FollowSymLinks + AllowOverride None + Order allow,deny + Allow from all + + + + UserDir public_html + + +DirectoryIndex index.php index.htm index.html + +AccessFileName .htaccess + + Order allow,deny + Deny from all + +TypesConfig /etc/mime.types + +DefaultType text/plain + + + MIMEMagicFile conf/magic + + +HostnameLookups Off + +ErrorLog logs/error_log +LogLevel warn + +LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined +LogFormat "%h %l %u %t \"%r\" %>s %b" common +LogFormat "%{Referer}i -> %U" referer +LogFormat "%{User-agent}i" agent +LogFormat "%b" bytes +CustomLog logs/access_log combined + +ServerSignature On + +Alias /icons/ "/var/www/icons/" + + + Options Indexes MultiViews + AllowOverride None + Order allow,deny + Allow from all + + + + AllowOverride None + Order allow,deny + Allow from all + + +ScriptAlias /cgi-bin/ "/var/www/cgi-bin/" + + + AllowOverride None + Options ExecCGI + Order allow,deny + Allow from all + + +IndexOptions FancyIndexing VersionSort NameWidth=* HTMLTable + +AddIconByEncoding (CMP,/icons/compressed.gif) x-compress x-gzip +AddIconByType (TXT,/icons/text.gif) text/* +AddIconByType (IMG,/icons/image2.gif) image/* +AddIconByType (SND,/icons/sound2.gif) audio/* +AddIconByType (VID,/icons/movie.gif) video/* +AddIcon /icons/binary.gif .bin .exe +AddIcon /icons/binhex.gif .hqx +AddIcon /icons/tar.gif .tar +AddIcon /icons/world2.gif .wrl .wrl.gz .vrml .vrm .iv +AddIcon /icons/compressed.gif .Z .z .tgz .gz .zip +AddIcon /icons/a.gif .ps .ai .eps +AddIcon /icons/layout.gif .html .shtml .htm .pdf +AddIcon /icons/text.gif .txt +AddIcon /icons/c.gif .c +AddIcon /icons/p.gif .pl .py +AddIcon /icons/f.gif .for +AddIcon /icons/dvi.gif .dvi +AddIcon /icons/uuencoded.gif .uu +AddIcon /icons/script.gif .conf .sh .shar .csh .ksh .tcl +AddIcon /icons/tex.gif .tex +AddIcon /icons/bomb.gif core +AddIcon /icons/back.gif .. +AddIcon /icons/hand.right.gif README +AddIcon /icons/folder.gif ^^DIRECTORY^^ +AddIcon /icons/blank.gif ^^BLANKICON^^ +DefaultIcon /icons/unknown.gif +ReadmeName README.html +HeaderName HEADER.html +IndexIgnore .??* *~ *# HEADER* README* RCS CVS *,v *,t +AddLanguage ca .ca +AddLanguage cs .cz .cs +AddLanguage da .dk +AddLanguage de .de +AddLanguage el .el +AddLanguage en .en +AddLanguage eo .eo +AddLanguage es .es +AddLanguage et .et +AddLanguage fr .fr +AddLanguage he .he +AddLanguage hr .hr +AddLanguage it .it +AddLanguage ja .ja +AddLanguage ko .ko +AddLanguage ltz .ltz +AddLanguage nl .nl +AddLanguage nn .nn +AddLanguage no .no +AddLanguage pl .po +AddLanguage pt .pt +AddLanguage pt-BR .pt-br +AddLanguage ru .ru +AddLanguage sv .sv +AddLanguage zh-CN .zh-cn +AddLanguage zh-TW .zh-tw +LanguagePriority en ca cs da de el eo es et fr he hr it ja ko ltz nl nn no pl pt pt-BR ru sv zh-CN zh-TW +ForceLanguagePriority Prefer Fallback + +AddDefaultCharset UTF-8 + +AddType application/x-compress .Z +AddType application/x-gzip .gz .tgz +AddType image/x-icon .ico + +AddType text/html .shtml +AddOutputFilter INCLUDES .shtml + +ErrorDocument 403 /error/403.html +ErrorDocument 404 /error/404.html +ErrorDocument 500 /error/50x.html +ErrorDocument 501 /error/50x.html +ErrorDocument 502 /error/50x.html +ErrorDocument 503 /error/50x.html +ErrorDocument 506 /error/50x.html + +BrowserMatch "Mozilla/2" nokeepalive +BrowserMatch "MSIE 4\.0b2;" nokeepalive downgrade-1.0 force-response-1.0 +BrowserMatch "RealPlayer 4\.0" force-response-1.0 +BrowserMatch "Java/1\.0" force-response-1.0 +BrowserMatch "JDK/1\.0" force-response-1.0 +BrowserMatch "Microsoft Data Access Internet Publishing Provider" redirect-carefully +BrowserMatch "MS FrontPage" redirect-carefully +BrowserMatch "^WebDrive" redirect-carefully +BrowserMatch "^WebDAVFS/1.[0123]" redirect-carefully +BrowserMatch "^gnome-vfs/1.0" redirect-carefully +BrowserMatch "^XML Spy" redirect-carefully +BrowserMatch "^Dreamweaver-WebDAV-SCM1" redirect-carefully diff --git a/install/0.9.7/rhel/httpd.log b/install/0.9.7/rhel/httpd.log new file mode 100644 index 000000000..6c2762344 --- /dev/null +++ b/install/0.9.7/rhel/httpd.log @@ -0,0 +1,9 @@ +/var/log/httpd/domains/*log /var/log/httpd/domains/*log { + missingok + notifempty + sharedscripts + postrotate + /sbin/service httpd reload > /dev/null 2>/dev/null || true + [ ! -f /var/run/nginx.pid ] || kill -USR1 `cat /var/run/nginx.pid` + endscript +} diff --git a/install/0.9.7/rhel/mysql.cnf b/install/0.9.7/rhel/mysql.cnf new file mode 100644 index 000000000..32297b033 --- /dev/null +++ b/install/0.9.7/rhel/mysql.cnf @@ -0,0 +1,16 @@ +[mysqld] +datadir=/var/lib/mysql +socket=/var/lib/mysql/mysql.sock +user=mysql +symbolic-links=0 +max_connections=200 +max_user_connections=30 +wait_timeout=30 +interactive_timeout=50 +long_query_time=5 +#log-queries-not-using-indexes +#log-slow-queries=/var/log/mysql/log-slow-queries.log + +[mysqld_safe] +log-error=/var/log/mysqld.log +pid-file=/var/run/mysqld/mysqld.pid diff --git a/install/0.9.7/rhel/named.conf b/install/0.9.7/rhel/named.conf new file mode 100644 index 000000000..472bd829b --- /dev/null +++ b/install/0.9.7/rhel/named.conf @@ -0,0 +1,13 @@ +options { + directory "/var/named"; + dump-file "/var/named/data/cache_dump.db"; + pid-file "/var/run/named/named.pid"; + statistics-file "/var/named/data/named_stats.txt"; + version "get lost"; + allow-transfer {"none";}; + recursion no; + +}; + +include "/etc/rndc.key"; + diff --git a/install/0.9.7/rhel/nginx-status.conf b/install/0.9.7/rhel/nginx-status.conf new file mode 100644 index 000000000..c0bcd0691 --- /dev/null +++ b/install/0.9.7/rhel/nginx-status.conf @@ -0,0 +1,9 @@ +server { + listen 127.0.0.1:8084 default; + server_name _; + server_name_in_redirect off; + location / { + stub_status on; + access_log off; + } +} diff --git a/install/0.9.7/rhel/nginx.conf b/install/0.9.7/rhel/nginx.conf new file mode 100644 index 000000000..aad9cdeb1 --- /dev/null +++ b/install/0.9.7/rhel/nginx.conf @@ -0,0 +1,78 @@ +# Server globals +user nginx; +worker_processes 2; +error_log /var/log/nginx/error.log; +pid /var/run/nginx.pid; + + +# Worker config +events { + worker_connections 1024; + use epoll; +} + + +http { + # Main settings + sendfile on; + tcp_nopush on; + tcp_nodelay on; + client_header_timeout 1m; + client_body_timeout 1m; + client_header_buffer_size 2k; + client_body_buffer_size 256k; + client_max_body_size 100m; + large_client_header_buffers 4 8k; + send_timeout 30; + keepalive_timeout 60 60; + reset_timedout_connection on; + server_tokens off; + server_name_in_redirect off; + server_names_hash_max_size 512; + server_names_hash_bucket_size 512; + + + # Log format + log_format main '$remote_addr - $remote_user [$time_local] $request ' + '"$status" $body_bytes_sent "$http_referer" ' + '"$http_user_agent" "$http_x_forwarded_for"'; + log_format bytes '$body_bytes_sent'; + access_log /var/log/nginx/access.log main; + + + # Mime settings + include /etc/nginx/mime.types; + default_type application/octet-stream; + + + # Compression + gzip on; + gzip_comp_level 9; + gzip_min_length 512; + gzip_buffers 8 64k; + gzip_types text/plain text/css text/javascript + application/x-javascript; + gzip_proxied any; + + + # Proxy settings + proxy_redirect off; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_pass_header Set-Cookie; + proxy_connect_timeout 90; + proxy_send_timeout 90; + proxy_read_timeout 90; + proxy_buffers 32 4k; + + + # Error pages + error_page 403 /error/403.html; + error_page 404 /error/404.html; + error_page 502 503 504 /error/50x.html; + + + # Wildcard include + include /etc/nginx/conf.d/*.conf; +} diff --git a/install/0.9.7/rhel/packages/default.pkg b/install/0.9.7/rhel/packages/default.pkg new file mode 100644 index 000000000..314370d4a --- /dev/null +++ b/install/0.9.7/rhel/packages/default.pkg @@ -0,0 +1,16 @@ +TEMPLATE='default' +WEB_DOMAINS='100' +WEB_ALIASES='100' +DNS_DOMAINS='100' +DNS_RECORDS='100' +MAIL_DOMAINS='100' +MAIL_ACCOUNTS='100' +DATABASES='100' +CRON_JOBS='100' +DISK_QUOTA='10000' +BANDWIDTH='100000' +NS='ns1.localhost,ns2.localhost' +SHELL='nologin' +BACKUPS='3' +TIME='11:46:50' +DATE='2012-09-26' diff --git a/install/0.9.7/rhel/packages/gainsboro.pkg b/install/0.9.7/rhel/packages/gainsboro.pkg new file mode 100644 index 000000000..e7d4402ed --- /dev/null +++ b/install/0.9.7/rhel/packages/gainsboro.pkg @@ -0,0 +1,16 @@ +TEMPLATE='default' +WEB_DOMAINS='10' +WEB_ALIASES='10' +DNS_DOMAINS='10' +DNS_RECORDS='10' +MAIL_DOMAINS='10' +MAIL_ACCOUNTS='10' +DATABASES='10' +CRON_JOBS='10' +DISK_QUOTA='10000' +BANDWIDTH='10000' +NS='ns1.localhost,ns2.localhost' +SHELL='nologin' +BACKUPS='1' +TIME='11:31:30' +DATE='2012-07-26' diff --git a/install/0.9.7/rhel/packages/palegreen.pkg b/install/0.9.7/rhel/packages/palegreen.pkg new file mode 100644 index 000000000..6ef5ba989 --- /dev/null +++ b/install/0.9.7/rhel/packages/palegreen.pkg @@ -0,0 +1,16 @@ +TEMPLATE='hosting' +WEB_DOMAINS='50' +WEB_ALIASES='50' +DNS_DOMAINS='50' +DNS_RECORDS='50' +MAIL_DOMAINS='50' +MAIL_ACCOUNTS='50' +DATABASES='50' +CRON_JOBS='50' +DISK_QUOTA='50000' +BANDWIDTH='50000' +NS='ns1.localhost,ns2.localhost' +SHELL='nologin' +BACKUPS='5' +TIME='11:31:31' +DATE='2012-07-26' diff --git a/install/0.9.7/rhel/packages/slategrey.pkg b/install/0.9.7/rhel/packages/slategrey.pkg new file mode 100644 index 000000000..104027511 --- /dev/null +++ b/install/0.9.7/rhel/packages/slategrey.pkg @@ -0,0 +1,16 @@ +TEMPLATE='default' +WEB_DOMAINS='100' +WEB_ALIASES='100' +DNS_DOMAINS='100' +DNS_RECORDS='100' +MAIL_DOMAINS='100' +MAIL_ACCOUNTS='100' +DATABASES='100' +CRON_JOBS='100' +DISK_QUOTA='10000' +BANDWIDTH='100000' +NS='ns1.localhost,ns2.localhost' +SHELL='nologin' +BACKUPS='3' +TIME='12:39:13' +DATE='2012-09-20' diff --git a/install/0.9.7/rhel/pg_hba.conf b/install/0.9.7/rhel/pg_hba.conf new file mode 100644 index 000000000..1ba43941b --- /dev/null +++ b/install/0.9.7/rhel/pg_hba.conf @@ -0,0 +1,11 @@ +# "local" is for Unix domain socket connections only +local all all ident + +# IPv4 local connections: +host all all 127.0.0.1/32 md5 + +# IPv6 local connections: +host all all ::1/128 md5 + +# Others +host all all 0.0.0.0/0 md5 diff --git a/install/0.9.7/rhel/pma.conf b/install/0.9.7/rhel/pma.conf new file mode 100644 index 000000000..47ae207e4 --- /dev/null +++ b/install/0.9.7/rhel/pma.conf @@ -0,0 +1,143 @@ +. + * + * @package phpMyAdmin + */ + +/* + * This is needed for cookie based authentication to encrypt password in + * cookie + */ +$cfg['blowfish_secret'] = '%blowfish_secret%'; /* YOU MUST FILL IN THIS FOR COOKIE AUTH! */ + +/* + * Servers configuration + */ +$i = 0; + +/* + * First server + */ +$i++; +/* Authentication type */ +$cfg['Servers'][$i]['auth_type'] = 'cookie'; +/* Server parameters */ +$cfg['Servers'][$i]['host'] = 'localhost'; +$cfg['Servers'][$i]['connect_type'] = 'tcp'; +$cfg['Servers'][$i]['compress'] = false; +/* Select mysqli if your server has it */ +$cfg['Servers'][$i]['extension'] = 'mysql'; +$cfg['Servers'][$i]['AllowNoPassword'] = false; + +/* + * phpMyAdmin configuration storage settings. + */ + +/* User used to manipulate with storage */ +// $cfg['Servers'][$i]['controluser'] = 'pma'; +// $cfg['Servers'][$i]['controlpass'] = 'pmapass'; + +/* Storage database and tables */ +// $cfg['Servers'][$i]['pmadb'] = 'phpmyadmin'; +// $cfg['Servers'][$i]['bookmarktable'] = 'pma_bookmark'; +// $cfg['Servers'][$i]['relation'] = 'pma_relation'; +// $cfg['Servers'][$i]['table_info'] = 'pma_table_info'; +// $cfg['Servers'][$i]['table_coords'] = 'pma_table_coords'; +// $cfg['Servers'][$i]['pdf_pages'] = 'pma_pdf_pages'; +// $cfg['Servers'][$i]['column_info'] = 'pma_column_info'; +// $cfg['Servers'][$i]['history'] = 'pma_history'; +// $cfg['Servers'][$i]['tracking'] = 'pma_tracking'; +// $cfg['Servers'][$i]['designer_coords'] = 'pma_designer_coords'; +// $cfg['Servers'][$i]['userconfig'] = 'pma_userconfig'; +/* Contrib / Swekey authentication */ +// $cfg['Servers'][$i]['auth_swekey_config'] = '/etc/swekey-pma.conf'; + +/* + * End of servers configuration + */ + +/* + * Directories for saving/loading files from server + */ +$cfg['UploadDir'] = ''; +$cfg['SaveDir'] = ''; + +/** + * Defines whether a user should be displayed a "show all (records)" + * button in browse mode or not. + * default = false + */ +//$cfg['ShowAll'] = true; + +/** + * Number of rows displayed when browsing a result set. If the result + * set contains more rows, "Previous" and "Next". + * default = 30 + */ +//$cfg['MaxRows'] = 50; + +/** + * Use graphically less intense menu tabs + * default = false + */ +//$cfg['LightTabs'] = true; + +/** + * disallow editing of binary fields + * valid values are: + * false allow editing + * 'blob' allow editing except for BLOB fields + * 'all' disallow editing + * default = blob + */ +//$cfg['ProtectBinary'] = 'false'; + +/** + * Default language to use, if not browser-defined or user-defined + * (you find all languages in the locale folder) + * uncomment the desired line: + * default = 'en' + */ +//$cfg['DefaultLang'] = 'en'; +//$cfg['DefaultLang'] = 'de'; + +/** + * default display direction (horizontal|vertical|horizontalflipped) + */ +//$cfg['DefaultDisplay'] = 'vertical'; + + +/** + * How many columns should be used for table display of a database? + * (a value larger than 1 results in some information being hidden) + * default = 1 + */ +//$cfg['PropertiesNumColumns'] = 2; + +/** + * Set to true if you want DB-based query history.If false, this utilizes + * JS-routines to display query history (lost by window close) + * + * This requires configuration storage enabled, see above. + * default = false + */ +//$cfg['QueryHistoryDB'] = true; + +/** + * When using DB-based query history, how many entries should be kept? + * + * default = 25 + */ +//$cfg['QueryHistoryMax'] = 100; + +/* + * You can find more configuration options in Documentation.html + * or here: http://wiki.phpmyadmin.net/pma/Config + */ +?> diff --git a/install/0.9.7/rhel/proftpd.conf b/install/0.9.7/rhel/proftpd.conf new file mode 100644 index 000000000..923d4fbb9 --- /dev/null +++ b/install/0.9.7/rhel/proftpd.conf @@ -0,0 +1,27 @@ +ServerName "FTP" +ServerIdent on "FTP Server ready." +ServerAdmin root@localhost +DefaultServer on +VRootEngine on +DefaultRoot ~ !adm +VRootAlias etc/security/pam_env.conf /etc/security/pam_env.conf +AuthPAMConfig proftpd +AuthOrder mod_auth_pam.c* mod_auth_unix.c +UseReverseDNS off +User nobody +Group nobody +MaxInstances 20 +UseSendfile off +LogFormat default "%h %l %u %t \"%r\" %s %b" +LogFormat auth "%v [%P] %h %t \"%r\" %s" +ListOptions -a +RequireValidShell off + + + Umask 002 + IdentLookups off + AllowOverwrite yes + + AllowAll + + diff --git a/install/0.9.7/rhel/roundcube-db.conf b/install/0.9.7/rhel/roundcube-db.conf new file mode 100644 index 000000000..5268a3091 --- /dev/null +++ b/install/0.9.7/rhel/roundcube-db.conf @@ -0,0 +1,66 @@ + diff --git a/install/0.9.7/rhel/roundcube-main.conf b/install/0.9.7/rhel/roundcube-main.conf new file mode 100644 index 000000000..c5bf5b754 --- /dev/null +++ b/install/0.9.7/rhel/roundcube-main.conf @@ -0,0 +1,293 @@ + 'domain' values to support multiple hosts +$rcmail_config['username_domain'] = ''; + +// This domain will be used to form e-mail addresses of new users +// Specify an array with 'host' => 'domain' values to support multiple hosts +$rcmail_config['mail_domain'] = ''; + +// Path to a virtuser table file to resolve user names and e-mail addresses +$rcmail_config['virtuser_file'] = ''; + +// Query to resolve user names and e-mail addresses from the database +// %u will be replaced with the current username for login. +// The query should select the user's e-mail address as first col +$rcmail_config['virtuser_query'] = ''; + +// use this host for sending mails. +// to use SSL connection, set ssl://smtp.host.com +// if left blank, the PHP mail() function is used +$rcmail_config['smtp_server'] = ''; + +// SMTP port (default is 25; 465 for SSL) +$rcmail_config['smtp_port'] = 25; + +// SMTP username (if required) if you use %u as the username RoundCube +// will use the current username for login +$rcmail_config['smtp_user'] = ''; + +// SMTP password (if required) if you use %p as the password RoundCube +// will use the current user's password for login +$rcmail_config['smtp_pass'] = ''; + +// SMTP AUTH type (DIGEST-MD5, CRAM-MD5, LOGIN, PLAIN or empty to use +// best server supported one) +$rcmail_config['smtp_auth_type'] = ''; + +// SMTP HELO host +// Hostname to give to the remote server for SMTP 'HELO' or 'EHLO' messages +// Leave this blank and you will get the server variable 'server_name' or +// localhost if that isn't defined. +$rcmail_config['smtp_helo_host'] = ''; + +// Log sent messages +$rcmail_config['smtp_log'] = TRUE; + +// these cols are shown in the message list +// available cols are: subject, from, to, cc, replyto, date, size, encoding +$rcmail_config['list_cols'] = array('subject', 'from', 'date', 'size'); + +// relative path to the skin folder +$rcmail_config['skin_path'] = 'skins/default/'; + +// includes should be interpreted as PHP files +$rcmail_config['skin_include_php'] = FALSE; + +// use this folder to store temp files (must be writebale for apache user) +$rcmail_config['temp_dir'] = '${_tmppath}'; + +// use this folder to store log files (must be writebale for apache user) +$rcmail_config['log_dir'] = '%{_logdir}/roundcubemail/'; + +// session lifetime in minutes +$rcmail_config['session_lifetime'] = 10; + +// check client IP in session athorization +$rcmail_config['ip_check'] = false; + +// Use an additional frequently changing cookie to athenticate user sessions. +// There have been problems reported with this feature. +$rcmail_config['double_auth'] = false; + +// this key is used to encrypt the users imap password which is stored +// in the session record (and the client cookie if remember password is enabled). +// please provide a string of exactly 24 chars. +$rcmail_config['des_key'] = 'RA2OSY7IuUYRgLHA3Mhw1XOi'; + +// the default locale setting +$rcmail_config['locale_string'] = 'en'; + +// use this format for short date display +$rcmail_config['date_short'] = 'D H:i'; + +// use this format for detailed date/time formatting +$rcmail_config['date_long'] = 'd.m.Y H:i'; + +// use this format for today's date display +$rcmail_config['date_today'] = 'H:i'; + +// add this user-agent to message headers when sending +$rcmail_config['useragent'] = 'RoundCube Webmail/0.1'; + +// use this name to compose page titles +$rcmail_config['product_name'] = 'RoundCube Webmail'; + +// only list folders within this path +$rcmail_config['imap_root'] = ''; + +// store draft message is this mailbox +// leave blank if draft messages should not be stored +$rcmail_config['drafts_mbox'] = 'Drafts'; + +// store spam messages in this mailbox +$rcmail_config['junk_mbox'] = 'Junk'; + +// store sent message is this mailbox +// leave blank if sent messages should not be stored +$rcmail_config['sent_mbox'] = 'Sent'; + +// move messages to this folder when deleting them +// leave blank if they should be deleted directly +$rcmail_config['trash_mbox'] = 'Trash'; + +// display these folders separately in the mailbox list. +// these folders will also be displayed with localized names +$rcmail_config['default_imap_folders'] = array('INBOX', 'Drafts', 'Sent', 'Junk', 'Trash'); + +// automatically create the above listed default folders on login +$rcmail_config['create_default_folders'] = FALSE; + +// protect the default folders from renames, deletes, and subscription changes +$rcmail_config['protect_default_folders'] = TRUE; + +// Set TRUE if deleted messages should not be displayed +// This will make the application run slower +$rcmail_config['skip_deleted'] = FALSE; + +// Set true to Mark deleted messages as read as well as deleted +// False means that a message's read status is not affected by marking it as deleted +$rcmail_config['read_when_deleted'] = TRUE; + +// When a Trash folder is not present and a message is deleted, flag +// the message for deletion rather than deleting it immediately. Setting this to +// false causes deleted messages to be permanantly removed if there is no Trash folder +$rcmail_config['flag_for_deletion'] = TRUE; + +// Behavior if a received message requests a message delivery notification (read receipt) +// 0 = ask the user, 1 = send automatically, 2 = ignore (never send or ask) +$rcmail_config['mdn_requests'] = 0; + +// Use this charset as fallback for message decoding +$rcmail_config['default_charset'] = 'ISO-8859-1'; + +// Make use of the built-in spell checker. It is based on GoogieSpell. +// Since Google only accepts connections over https your PHP installatation +// requires to be compiled with Open SSL support +$rcmail_config['enable_spellcheck'] = TRUE; + +// For a locally installed Nox Spell Server, please specify the URI to call it. +// Get Nox Spell Server from http://orangoo.com/labs/?page_id=72 +// Leave empty to use the Google spell checking service, what means +// that the message content will be sent to Google in order to check spelling +$rcmail_config['spellcheck_uri'] = ''; + +// These languages can be selected for spell checking. +// Configure as a PHP style hash array: array('en'=>'English', 'de'=>'Deutsch'); +// Leave empty for default set of Google spell check languages +$rcmail_config['spellcheck_languages'] = NULL; + +// path to a text file which will be added to each sent message +// paths are relative to the RoundCube root folder +$rcmail_config['generic_message_footer'] = ''; + +// add a received header to outgoing mails containing the creators IP and hostname +$rcmail_config['http_received_header'] = false; + +// this string is used as a delimiter for message headers when sending +// leave empty for auto-detection +$rcmail_config['mail_header_delimiter'] = NULL; + +// session domain: .example.org +$rcmail_config['session_domain'] = ''; + +// in order to enable public ldap search, create a config array +// like the Verisign example below. if you would like to test, +// simply uncomment the Verisign example. +/** + * example config for Verisign directory + * + * $rcmail_config['ldap_public']['Verisign'] = array( + * 'name' => 'Verisign.com', + * 'hosts' => array('directory.verisign.com'), + * 'port' => 389, + * 'base_dn' => '', + * 'bind_dn' => '', + * 'bind_pass' => '', + * 'ldap_version' => 3, // using LDAPv3 + * 'search_fields' => array('mail', 'cn'), // fields to search in + * 'name_field' => 'cn', // this field represents the contact's name + * 'email_field' => 'mail', // this field represents the contact's e-mail + * 'surname_field' => 'sn', // this field represents the contact's last name + * 'firstname_field' => 'gn', // this field represents the contact's first name + * 'scope' => 'sub', // search mode: sub|base|list + * 'filter' => '', // used for basic listing (if not empty) and will be &'d with search queries. example: status=act + * 'fuzzy_search' => true); // server allows wildcard search + */ + +// don't allow these settings to be overriden by the user +$rcmail_config['dont_override'] = array(); + +// list of configuration option names that need to be available in Javascript. +$rcmail_config['javascript_config'] = array('read_when_deleted', 'flag_for_deletion'); + +// try to load host-specific configuration +$rcmail_config['include_host_config'] = false; + +// THIS OPTION WILL ALLOW THE INSTALLER TO RUN AND CAN EXPOSE SENSITIVE CONFIG DATA. +// ONLY ENABLE IT IF YOU'RE REALLY SURE WHAT YOU'RE DOING! +$rcmail_config['enable_installer'] = false; + + +/***** these settings can be overwritten by user's preferences *****/ + +// show up to X items in list view +$rcmail_config['pagesize'] = 40; + +// use this timezone to display date/time +$rcmail_config['timezone'] = intval(date('O'))/100 - date('I'); + +// is daylight saving On? +$rcmail_config['dst_active'] = (bool)date('I'); + +// prefer displaying HTML messages +$rcmail_config['prefer_html'] = TRUE; + +// compose html formatted messages by default +$rcmail_config['htmleditor'] = FALSE; + +// show pretty dates as standard +$rcmail_config['prettydate'] = TRUE; + +// default sort col +$rcmail_config['message_sort_col'] = 'date'; + +// default sort order +$rcmail_config['message_sort_order'] = 'DESC'; + +// save compose message every 300 seconds (5min) +$rcmail_config['draft_autosave'] = 300; + +// default setting if preview pane is enabled +$rcmail_config['preview_pane'] = FALSE; + +// don't let users set pagesize to more than this value if set +$rcmail_config['max_pagesize'] = 200; + +// mime magic database +$rcmail_config['mime_magic'] = '/usr/share/misc/magic'; + +// end of config file +?> diff --git a/install/0.9.7/rhel/spam-blocks.conf b/install/0.9.7/rhel/spam-blocks.conf new file mode 100644 index 000000000..e69de29bb diff --git a/install/0.9.7/rhel/sudoers.conf b/install/0.9.7/rhel/sudoers.conf new file mode 100644 index 000000000..a3f38d006 --- /dev/null +++ b/install/0.9.7/rhel/sudoers.conf @@ -0,0 +1,98 @@ +## Sudoers allows particular users to run various commands as +## the root user, without needing the root password. +## +## Examples are provided at the bottom of the file for collections +## of related commands, which can then be delegated out to particular +## users or groups. +## +## This file must be edited with the 'visudo' command. + +## Host Aliases +## Groups of machines. You may prefer to use hostnames (perhap using +## wildcards for entire domains) or IP addresses instead. +# Host_Alias FILESERVERS = fs1, fs2 +# Host_Alias MAILSERVERS = smtp, smtp2 + +## User Aliases +## These aren't often necessary, as you can use regular groups +## (ie, from files, LDAP, NIS, etc) in this file - just use %groupname +## rather than USERALIAS +# User_Alias ADMINS = jsmith, mikem + + +## Command Aliases +## These are groups of related commands... + +## Networking +#Cmnd_Alias NETWORKING = /sbin/route, /sbin/ifconfig, /bin/ping, /sbin/dhclient, /usr/bin/net, /sbin/iptables, /usr/bin/rfcomm, /usr/bin/wvdial, /sbin/iwconfig, /sbin/mii-tool + +## Installation and management of software +#Cmnd_Alias SOFTWARE = /bin/rpm, /usr/bin/up2date, /usr/bin/yum + +## Services +#Cmnd_Alias SERVICES = /sbin/service, /sbin/chkconfig + +## Updating the locate database +#Cmnd_Alias LOCATE = /usr/bin/updatedb + +## Storage +#Cmnd_Alias STORAGE = /sbin/fdisk, /sbin/sfdisk, /sbin/parted, /sbin/partprobe, /bin/mount, /bin/umount + +## Delegating permissions +#Cmnd_Alias DELEGATING = /usr/sbin/visudo, /bin/chown, /bin/chmod, /bin/chgrp + +## Processes +#Cmnd_Alias PROCESSES = /bin/nice, /bin/kill, /usr/bin/kill, /usr/bin/killall + +## Drivers +#Cmnd_Alias DRIVERS = /sbin/modprobe + +# Defaults specification + +# +# Disable "ssh hostname sudo ", because it will show the password in clear. +# You have to run "ssh -t hostname sudo ". +# +#Defaults requiretty + +Defaults env_reset +Defaults env_keep = "COLORS DISPLAY HOSTNAME HISTSIZE INPUTRC KDEDIR \ + LS_COLORS MAIL PS1 PS2 QTDIR USERNAME \ + LANG LC_ADDRESS LC_CTYPE LC_COLLATE LC_IDENTIFICATION \ + LC_MEASUREMENT LC_MESSAGES LC_MONETARY LC_NAME LC_NUMERIC \ + LC_PAPER LC_TELEPHONE LC_TIME LC_ALL LANGUAGE LINGUAS \ + _XKB_CHARSET XAUTHORITY VESTA" + + +# Disable syslog loggging +Defaults !syslog + +## Next comes the main part: which users can run what software on +## which machines (the sudoers file can be shared between multiple +## systems). +## Syntax: +## +## user MACHINE=COMMANDS +## +## The COMMANDS section may have other options added to it. +## +## Allow root to run any commands anywhere +root ALL=(ALL) ALL + +## Allows members of the 'sys' group to run networking, software, +## service management apps and more. +# %sys ALL = NETWORKING, SOFTWARE, SERVICES, STORAGE, DELEGATING, PROCESSES, LOCATE, DRIVERS + +## Allows people in group wheel to run all commands +# %wheel ALL=(ALL) ALL + +## Same thing without a password +# %wheel ALL=(ALL) NOPASSWD: ALL + +## Allows members of the users group to mount and unmount the +## cdrom as root +# %users ALL=/sbin/mount /mnt/cdrom, /sbin/umount /mnt/cdrom + +## Allows members of the users group to shutdown this system +# %users localhost=/sbin/shutdown -h now +admin ALL=NOPASSWD:/usr/local/vesta/bin/* diff --git a/install/0.9.7/rhel/templates/dns/default.tpl b/install/0.9.7/rhel/templates/dns/default.tpl new file mode 100755 index 000000000..6d19ccca9 --- /dev/null +++ b/install/0.9.7/rhel/templates/dns/default.tpl @@ -0,0 +1,9 @@ +ID='1' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns1%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='2' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns2%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='3' RECORD='@' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='4' RECORD='mail' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='5' RECORD='www' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='6' RECORD='pop' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='7' RECORD='ftp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='8' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='mail' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='9' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"v=spf1 a mx ip4:%ip% ?all"' SUSPENDED='no' TIME='%time%' DATE='%date%' diff --git a/install/0.9.7/rhel/templates/dns/gmail.tpl b/install/0.9.7/rhel/templates/dns/gmail.tpl new file mode 100755 index 000000000..950cfa456 --- /dev/null +++ b/install/0.9.7/rhel/templates/dns/gmail.tpl @@ -0,0 +1,14 @@ +ID='1' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns1%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='2' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns2%.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='3' RECORD='@' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='4' RECORD='ftp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='5' RECORD='localhost' TYPE='A' PRIORITY='' VALUE='127.0.0.1' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='6' RECORD='mail' TYPE='CNAME' PRIORITY='' VALUE='ghs.google.com.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='7' RECORD='pop' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='8' RECORD='www' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='9' RECORD='@' TYPE='MX' PRIORITY='1' VALUE='ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='10' RECORD='@' TYPE='MX' PRIORITY='5' VALUE='ALT1.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='11' RECORD='@' TYPE='MX' PRIORITY='5' VALUE='ALT2.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='12' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='ASPMX2.GOOGLEMAIL.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='13' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='ASPMX3.GOOGLEMAIL.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%' +ID='14' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"v=spf1 a mx ip4:%ip% ?all"' SUSPENDED='no' TIME='%time%' DATE='%date%' diff --git a/install/0.9.7/rhel/templates/web/apache_default.stpl b/install/0.9.7/rhel/templates/web/apache_default.stpl new file mode 100755 index 000000000..a461b4c78 --- /dev/null +++ b/install/0.9.7/rhel/templates/web/apache_default.stpl @@ -0,0 +1,45 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + %cgi%ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + SuexecUserGroup %user% %group% + CustomLog /var/log/httpd/domains/%domain%.bytes bytes + CustomLog /var/log/httpd/domains/%domain%.log combined + %elog%ErrorLog /var/log/httpd/domains/%domain%.error.log + + AllowOverride All + SSLRequireSSL + Options +Includes -Indexes %cgi_option% + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_flag safe_mode off + php_admin_value session.save_path %home%/%user%/tmp + php_admin_value sendmail_path '/usr/sbin/sendmail -t -i -f %email%' + + + AllowOverride All + + php_admin_value open_basedir none + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + + RMode config + RUidGid %user% %group% + RGroups apache + + + AssignUserID %user% %group% + + + Include %home%/%user%/conf/shttpd.%domain%.conf* + + + diff --git a/install/0.9.7/rhel/templates/web/apache_default.tpl b/install/0.9.7/rhel/templates/web/apache_default.tpl new file mode 100755 index 000000000..db2fa53b5 --- /dev/null +++ b/install/0.9.7/rhel/templates/web/apache_default.tpl @@ -0,0 +1,39 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + %cgi%ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + SuexecUserGroup %user% %group% + CustomLog /var/log/httpd/domains/%domain%.bytes bytes + CustomLog /var/log/httpd/domains/%domain%.log combined + %elog%ErrorLog /var/log/httpd/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes %cgi_option% + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_flag safe_mode off + php_admin_value session.save_path %home%/%user%/tmp + php_admin_value sendmail_path '/usr/sbin/sendmail -t -i -f %email%' + + + AllowOverride All + + php_admin_value open_basedir none + + + RMode config + RUidGid %user% %group% + RGroups apache + + + AssignUserID %user% %group% + + + Include %home%/%user%/conf/httpd.%domain%.conf* + + + diff --git a/install/0.9.7/rhel/templates/web/apache_hosting.stpl b/install/0.9.7/rhel/templates/web/apache_hosting.stpl new file mode 100755 index 000000000..c57ea7318 --- /dev/null +++ b/install/0.9.7/rhel/templates/web/apache_hosting.stpl @@ -0,0 +1,49 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + %cgi%ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + SuexecUserGroup %user% %group% + CustomLog /var/log/httpd/domains/%domain%.bytes bytes + CustomLog /var/log/httpd/domains/%domain%.log combined + %elog%ErrorLog /var/log/httpd/domains/%domain%.error.log + + AllowOverride AuthConfig FileInfo Indexes Limit + SSLRequireSSL + Options +Includes -Indexes %cgi_option% + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value upload_max_filesize 10M + php_admin_value max_execution_time 20 + php_admin_value post_max_size 8M + php_admin_value memory_limit 32M + php_admin_flag mysql.allow_persistent off + php_admin_flag safe_mode off + php_admin_value session.save_path %home%/%user%/tmp + php_admin_value sendmail_path '/usr/sbin/sendmail -t -i -f %email%' + + + AllowOverride All + + php_admin_value open_basedir %home%/%user%/web:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share/roundcubemail/:/usr/share/phpMyAdmin + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + RMode config + RUidGid %user% %group% + RGroups apache + + + AssignUserID %user% %group% + + + Include %home%/%user%/conf/shttpd.%domain%.conf* + + + diff --git a/install/0.9.7/rhel/templates/web/apache_hosting.tpl b/install/0.9.7/rhel/templates/web/apache_hosting.tpl new file mode 100755 index 000000000..d607a4279 --- /dev/null +++ b/install/0.9.7/rhel/templates/web/apache_hosting.tpl @@ -0,0 +1,43 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + %cgi%ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + SuexecUserGroup %user% %group% + CustomLog /var/log/httpd/domains/%domain%.bytes bytes + CustomLog /var/log/httpd/domains/%domain%.log combined + %elog%ErrorLog /var/log/httpd/domains/%domain%.error.log + + AllowOverride AuthConfig FileInfo Indexes Limit + Options +Includes -Indexes %cgi_option% + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value upload_max_filesize 10M + php_admin_value max_execution_time 20 + php_admin_value post_max_size 8M + php_admin_value memory_limit 32M + php_admin_flag mysql.allow_persistent off + php_admin_flag safe_mode off + php_admin_value session.save_path %home%/%user%/tmp + php_admin_value sendmail_path '/usr/sbin/sendmail -t -i -f %email%' + + + AllowOverride All + + php_admin_value open_basedir %home%/%user%/web:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share/roundcubemail/:/usr/share/phpMyAdmin + + RMode config + RUidGid %user% %group% + RGroups apache + + + AssignUserID %user% %group% + + + Include %home%/%user%/conf/httpd.%domain%.conf* + + + diff --git a/install/0.9.7/rhel/templates/web/apache_phpcgi.sh b/install/0.9.7/rhel/templates/web/apache_phpcgi.sh new file mode 100755 index 000000000..6565e103d --- /dev/null +++ b/install/0.9.7/rhel/templates/web/apache_phpcgi.sh @@ -0,0 +1,16 @@ +#!/bin/bash +# Adding php wrapper +user="$1" +domain="$2" +ip="$3" +home_dir="$4" +docroot="$5" + +wrapper_script='#!/usr/bin/php-cgi -cphp5-cgi.ini' +wrapper_file="$home_dir/$user/web/$domain/cgi-bin/php" + +echo "$wrapper_script" > $wrapper_file +chown $user:$user $wrapper_file +chmod -f 751 $wrapper_file + +exit 0 diff --git a/install/0.9.7/rhel/templates/web/apache_phpcgi.stpl b/install/0.9.7/rhel/templates/web/apache_phpcgi.stpl new file mode 100755 index 000000000..a6488328b --- /dev/null +++ b/install/0.9.7/rhel/templates/web/apache_phpcgi.stpl @@ -0,0 +1,34 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + %cgi%ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + SuexecUserGroup %user% %group% + CustomLog /var/log/httpd/domains/%domain%.bytes bytes + CustomLog /var/log/httpd/domains/%domain%.log combined + %elog%ErrorLog /var/log/httpd/domains/%domain%.error.log + + AllowOverride AuthConfig FileInfo Indexes Limit + SSLRequireSSL + Options +Includes -Indexes %cgi_option% + php_admin_flag engine off + Action phpcgi-script /cgi-bin/php + AddHandler phpcgi-script .php + + + AllowOverride All + + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + Include %home%/%user%/conf/shttpd.%domain%.conf* + + + diff --git a/install/0.9.7/rhel/templates/web/apache_phpcgi.tpl b/install/0.9.7/rhel/templates/web/apache_phpcgi.tpl new file mode 100755 index 000000000..b9b34c8b1 --- /dev/null +++ b/install/0.9.7/rhel/templates/web/apache_phpcgi.tpl @@ -0,0 +1,27 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + %cgi%ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + SuexecUserGroup %user% %group% + CustomLog /var/log/httpd/domains/%domain%.bytes bytes + CustomLog /var/log/httpd/domains/%domain%.log combined + %elog%ErrorLog /var/log/httpd/domains/%domain%.error.log + + AllowOverride AuthConfig FileInfo Indexes Limit + Options +Includes -Indexes %cgi_option% + php_admin_flag engine off + Action phpcgi-script /cgi-bin/php + AddHandler phpcgi-script .php + + + AllowOverride All + + Include %home%/%user%/conf/httpd.%domain%.conf* + + + diff --git a/install/0.9.7/rhel/templates/web/apache_phpfcgid.sh b/install/0.9.7/rhel/templates/web/apache_phpfcgid.sh new file mode 100755 index 000000000..d044d3f16 --- /dev/null +++ b/install/0.9.7/rhel/templates/web/apache_phpfcgid.sh @@ -0,0 +1,22 @@ +#!/bin/bash +# Adding php wrapper +user="$1" +domain="$2" +ip="$3" +home_dir="$4" +docroot="$5" + +wrapper_script="#!/bin/sh +PHPRC=/etc/ +export PHPRC +export PHP_FCGI_MAX_REQUESTS=1000 +export PHP_FCGI_CHILDREN=8 +exec /usr/bin/php-cgi +" +wrapper_file="$home_dir/$user/web/$domain/cgi-bin/fcgi-starter" + +echo "$wrapper_script" > $wrapper_file +chown $user:$user $wrapper_file +chmod -f 751 $wrapper_file + +exit 0 diff --git a/install/0.9.7/rhel/templates/web/apache_phpfcgid.stpl b/install/0.9.7/rhel/templates/web/apache_phpfcgid.stpl new file mode 100755 index 000000000..243f8efed --- /dev/null +++ b/install/0.9.7/rhel/templates/web/apache_phpfcgid.stpl @@ -0,0 +1,35 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + %cgi%ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + SuexecUserGroup %user% %group% + CustomLog /var/log/httpd/domains/%domain%.bytes bytes + CustomLog /var/log/httpd/domains/%domain%.log combined + %elog%ErrorLog /var/log/httpd/domains/%domain%.error.log + + AllowOverride AuthConfig FileInfo Indexes Limit + SSLRequireSSL + Options +Includes -Indexes %cgi_option% + php_admin_flag engine off + AddHandler fcgid-script .php + FCGIWrapper %home%/%user%/web/%domain%/cgi-bin/fcgi-starter .php + + + AllowOverride All + + php_admin_value open_basedir none + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + Include %home%/%user%/conf/shttpd.%domain%.conf* + + + diff --git a/install/0.9.7/rhel/templates/web/apache_phpfcgid.tpl b/install/0.9.7/rhel/templates/web/apache_phpfcgid.tpl new file mode 100755 index 000000000..0bae204dc --- /dev/null +++ b/install/0.9.7/rhel/templates/web/apache_phpfcgid.tpl @@ -0,0 +1,27 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + %cgi%ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + SuexecUserGroup %user% %group% + CustomLog /var/log/httpd/domains/%domain%.bytes bytes + CustomLog /var/log/httpd/domains/%domain%.log combined + %elog%ErrorLog /var/log/httpd/domains/%domain%.error.log + + AllowOverride AuthConfig FileInfo Indexes Limit + Options +Includes -Indexes %cgi_option% + php_admin_flag engine off + AddHandler fcgid-script .php + FCGIWrapper %home%/%user%/web/%domain%/cgi-bin/fcgi-starter .php + + + AllowOverride All + + Include %home%/%user%/conf/httpd.%domain%.conf* + + + diff --git a/install/0.9.7/rhel/templates/web/awstats.tpl b/install/0.9.7/rhel/templates/web/awstats.tpl new file mode 100755 index 000000000..274c5ed3f --- /dev/null +++ b/install/0.9.7/rhel/templates/web/awstats.tpl @@ -0,0 +1,133 @@ +LogFile="/var/log/httpd/domains/%domain%.log" +LogType=W +LogFormat=1 +LogSeparator=" " +SiteDomain="%domain_idn%" +HostAliases="%alias_idn%" +DirData="%home%/%user%/web/%domain%/stats" +DirCgi="/vstats" +DirIcons="/vstats/icon" +AllowToUpdateStatsFromBrowser=0 +AllowFullYearView=2 +EnableLockForUpdate=1 +DNSStaticCacheFile="dnscache.txt" +DNSLastUpdateCacheFile="dnscachelastupdate.txt" +SkipDNSLookupFor="" +AllowAccessFromWebToAuthenticatedUsersOnly=0 +AllowAccessFromWebToFollowingAuthenticatedUsers="" +AllowAccessFromWebToFollowingIPAddresses="" +CreateDirDataIfNotExists=0 +BuildHistoryFormat=text +BuildReportFormat=html +SaveDatabaseFilesWithPermissionsForEveryone=0 +PurgeLogFile=0 +ArchiveLogRecords=0 +KeepBackupOfHistoricFiles=1 +DefaultFile="index.php index.html" +SkipHosts="127.0.0.1 +SkipUserAgents="" +SkipFiles="" +SkipReferrersBlackList="" +OnlyHosts="" +OnlyUserAgents="" +OnlyUsers="" +OnlyFiles="" +NotPageList="css js class gif jpg jpeg png bmp ico rss xml swf" +ValidHTTPCodes="200 304" +ValidSMTPCodes="1 250" +AuthenticatedUsersNotCaseSensitive=0 +URLNotCaseSensitive=0 +URLWithAnchor=0 +URLQuerySeparators="?;" +URLWithQuery=0 +URLWithQueryWithOnlyFollowingParameters="" +URLWithQueryWithoutFollowingParameters="" +URLReferrerWithQuery=0 +WarningMessages=1 +ErrorMessages="" +DebugMessages=0 +NbOfLinesForCorruptedLog=50 +WrapperScript="" +DecodeUA=0 +MiscTrackerUrl="/js/awstats_misc_tracker.js" +UseFramesWhenCGI=1 +DetailedReportsOnNewWindows=1 +Expires=3600 +MaxRowsInHTMLOutput=1000 +Lang="auto" +DirLang="./lang" +ShowMenu=1 +ShowSummary=UVPHB +ShowMonthStats=UVPHB +ShowDaysOfMonthStats=VPHB +ShowDaysOfWeekStats=PHB +ShowHoursStats=PHB +ShowDomainsStats=PHB +ShowHostsStats=PHBL +ShowAuthenticatedUsers=0 +ShowRobotsStats=HBL +ShowWormsStats=0 +ShowEMailSenders=0 +ShowEMailReceivers=0 +ShowSessionsStats=1 +ShowPagesStats=PBEX +ShowFileTypesStats=HB +ShowFileSizesStats=0 +ShowDownloadsStats=HB +ShowOSStats=1 +ShowBrowsersStats=1 +ShowScreenSizeStats=0 +ShowOriginStats=PH +ShowKeyphrasesStats=1 +ShowKeywordsStats=1 +ShowMiscStats=a +ShowHTTPErrorsStats=1 +ShowSMTPErrorsStats=0 +ShowClusterStats=0 +AddDataArrayMonthStats=1 +AddDataArrayShowDaysOfMonthStats=1 +AddDataArrayShowDaysOfWeekStats=1 +AddDataArrayShowHoursStats=1 +IncludeInternalLinksInOriginSection=0 +MaxNbOfDomain = 10 +MinHitDomain = 1 +MaxNbOfHostsShown = 10 +MinHitHost = 1 +MaxNbOfLoginShown = 10 +MinHitLogin = 1 +MaxNbOfRobotShown = 10 +MinHitRobot = 1 +MaxNbOfDownloadsShown = 10 +MinHitDownloads = 1 +MaxNbOfPageShown = 10 +MinHitFile = 1 +MaxNbOfOsShown = 10 +MinHitOs = 1 +MaxNbOfBrowsersShown = 10 +MinHitBrowser = 1 +MaxNbOfScreenSizesShown = 5 +MinHitScreenSize = 1 +MaxNbOfWindowSizesShown = 5 +MinHitWindowSize = 1 +MaxNbOfRefererShown = 10 +MinHitRefer = 1 +MaxNbOfKeyphrasesShown = 10 +MinHitKeyphrase = 1 +MaxNbOfKeywordsShown = 10 +MinHitKeyword = 1 +MaxNbOfEMailsShown = 20 +MinHitEMail = 1 +FirstDayOfWeek=0 +ShowFlagLinks="" +ShowLinksOnUrl=1 +UseHTTPSLinkForUrl="" +MaxLengthOfShownURL=64 +HTMLHeadSection="" +HTMLEndSection="" +MetaRobot=0 +Logo="awstats_logo6.png" +LogoLink="http://awstats.sourceforge.net" +BarWidth = 260 +BarHeight = 90 +StyleSheet="" +ExtraTrackedRowsLimit=500 diff --git a/install/0.9.7/rhel/templates/web/awstats_index.tpl b/install/0.9.7/rhel/templates/web/awstats_index.tpl new file mode 100755 index 000000000..9df9bb5cb --- /dev/null +++ b/install/0.9.7/rhel/templates/web/awstats_index.tpl @@ -0,0 +1,10 @@ + + + + Awstats log analyzer + + + + + + diff --git a/install/0.9.7/rhel/templates/web/awstats_nav.tpl b/install/0.9.7/rhel/templates/web/awstats_nav.tpl new file mode 100755 index 000000000..f29bed68b --- /dev/null +++ b/install/0.9.7/rhel/templates/web/awstats_nav.tpl @@ -0,0 +1,23 @@ + + + Awstats navigation + + + + + + + + +
vesta
+ +
+
+ + diff --git a/install/0.9.7/rhel/templates/web/email_reset_password.tpl b/install/0.9.7/rhel/templates/web/email_reset_password.tpl new file mode 100755 index 000000000..0e1161fa6 --- /dev/null +++ b/install/0.9.7/rhel/templates/web/email_reset_password.tpl @@ -0,0 +1,25 @@ +
+ + Twitter + +
+

+ Vesta received a request to reset the password for your account %FIRSTNAME% %LASTNAME% (%LOGIN%)? +

+

+ If you want to reset your password, click on the link below (or copy and paste the URL into your browser):
+ +

+

+ If you don't want to reset your password, please ignore this message. + Your password will not be reset. + If you have any concerns, please contact us at support@vestacp.com. +

+

+ VestaCP +

+

+ Please do not reply to this message; it was sent from an unmonitored email address. +

+
+
diff --git a/install/0.9.7/rhel/templates/web/ngingx.ip.tpl b/install/0.9.7/rhel/templates/web/ngingx.ip.tpl new file mode 100755 index 000000000..ae1956173 --- /dev/null +++ b/install/0.9.7/rhel/templates/web/ngingx.ip.tpl @@ -0,0 +1,9 @@ +server { + listen %ip%:%proxy_port% default; + server_name _; + #access_log /var/log/nginx/%ip%.log main; + location / { + proxy_pass http://%ip%:%web_port%; + } +} + diff --git a/install/0.9.7/rhel/templates/web/nginx_default.stpl b/install/0.9.7/rhel/templates/web/nginx_default.stpl new file mode 100755 index 000000000..2af431341 --- /dev/null +++ b/install/0.9.7/rhel/templates/web/nginx_default.stpl @@ -0,0 +1,36 @@ +server { + listen %ip%:%proxy_ssl_port%; + server_name %domain_idn% %alias_idn%; + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + %elog%error_log /var/log/httpd/domains/%domain%.error.log error; + + location / { + proxy_pass https://%ip%:%web_ssl_port%; + location ~* ^.+\.(%nginx_extentions%)$ { + root %sdocroot%; + access_log /var/log/httpd/domains/%domain%.log combined; + access_log /var/log/httpd/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass https://%ip%:%web_ssl_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/snginx.%domain%.conf*; +} + diff --git a/install/0.9.7/rhel/templates/web/nginx_default.tpl b/install/0.9.7/rhel/templates/web/nginx_default.tpl new file mode 100755 index 000000000..a3535419a --- /dev/null +++ b/install/0.9.7/rhel/templates/web/nginx_default.tpl @@ -0,0 +1,33 @@ +server { + listen %ip%:%proxy_port%; + server_name %domain_idn% %alias_idn%; + %elog%error_log /var/log/httpd/domains/%domain%.error.log error; + + location / { + proxy_pass http://%ip%:%web_port%; + location ~* ^.+\.(%nginx_extentions%)$ { + root %docroot%; + access_log /var/log/httpd/domains/%domain%.log combined; + access_log /var/log/httpd/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass http://%ip%:%web_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/nginx.%domain%.conf*; +} + diff --git a/install/0.9.7/rhel/templates/web/skel/document_errors/403.html b/install/0.9.7/rhel/templates/web/skel/document_errors/403.html new file mode 100755 index 000000000..9c3f6baab --- /dev/null +++ b/install/0.9.7/rhel/templates/web/skel/document_errors/403.html @@ -0,0 +1,29 @@ + + + 403 — Forbidden + + + + + + +

%domain%

+ +

403

+

Forbidden

+
+ Unfortunately, you do not have permission to view this +
+ + + diff --git a/install/0.9.7/rhel/templates/web/skel/document_errors/404.html b/install/0.9.7/rhel/templates/web/skel/document_errors/404.html new file mode 100755 index 000000000..2cee77084 --- /dev/null +++ b/install/0.9.7/rhel/templates/web/skel/document_errors/404.html @@ -0,0 +1,28 @@ + + + 404 — Not Found + + + + + + +

%domain%

+

404

+

Page Not Found

+
+ It seems that the page you were trying to reach does not exist anymore, or maybe it has just moved. + You can start again from the home or go back to previous page. +
+ + diff --git a/install/0.9.7/rhel/templates/web/skel/document_errors/50x.html b/install/0.9.7/rhel/templates/web/skel/document_errors/50x.html new file mode 100755 index 000000000..85ba648b7 --- /dev/null +++ b/install/0.9.7/rhel/templates/web/skel/document_errors/50x.html @@ -0,0 +1,29 @@ + + + 500 — Internal Sever Error + + + + + + +

%domain%

+ +

500

+

Internal Server Error

+
+ Sorry, something went wrong :( +
+ + + diff --git a/install/0.9.7/rhel/templates/web/skel/public_html/index.html b/install/0.9.7/rhel/templates/web/skel/public_html/index.html new file mode 100755 index 000000000..4f5bb7244 --- /dev/null +++ b/install/0.9.7/rhel/templates/web/skel/public_html/index.html @@ -0,0 +1,26 @@ + + + %domain% — Coming Soon + + + + + + +

%domain%

+
+ Powered by VESTA +
+ + + + diff --git a/install/0.9.7/rhel/templates/web/skel/public_html/robots.txt b/install/0.9.7/rhel/templates/web/skel/public_html/robots.txt new file mode 100755 index 000000000..00ee83dcf --- /dev/null +++ b/install/0.9.7/rhel/templates/web/skel/public_html/robots.txt @@ -0,0 +1,3 @@ +# vestacp autogenerated robots.txt +User-agent: * +Crawl-delay: 10 diff --git a/install/0.9.7/rhel/templates/web/skel/public_shtml/index.html b/install/0.9.7/rhel/templates/web/skel/public_shtml/index.html new file mode 100755 index 000000000..4f5bb7244 --- /dev/null +++ b/install/0.9.7/rhel/templates/web/skel/public_shtml/index.html @@ -0,0 +1,26 @@ + + + %domain% — Coming Soon + + + + + + +

%domain%

+
+ Powered by VESTA +
+ + + + diff --git a/install/0.9.7/rhel/templates/web/skel/public_shtml/robots.txt b/install/0.9.7/rhel/templates/web/skel/public_shtml/robots.txt new file mode 100755 index 000000000..00ee83dcf --- /dev/null +++ b/install/0.9.7/rhel/templates/web/skel/public_shtml/robots.txt @@ -0,0 +1,3 @@ +# vestacp autogenerated robots.txt +User-agent: * +Crawl-delay: 10 diff --git a/install/0.9.7/rhel/templates/web/suspend/.htaccess b/install/0.9.7/rhel/templates/web/suspend/.htaccess new file mode 100755 index 000000000..5a6df83fb --- /dev/null +++ b/install/0.9.7/rhel/templates/web/suspend/.htaccess @@ -0,0 +1,2 @@ +ErrorDocument 403 /index.html +ErrorDocument 404 /index.html diff --git a/install/0.9.7/rhel/templates/web/suspend/index.html b/install/0.9.7/rhel/templates/web/suspend/index.html new file mode 100755 index 000000000..d5d299077 --- /dev/null +++ b/install/0.9.7/rhel/templates/web/suspend/index.html @@ -0,0 +1,27 @@ + + + SUSPEND + + + + + + +

SUSPEND

+

Your site has been suspended

+
+ Please contact technical support departament. +
+ + + diff --git a/install/0.9.7/rhel/templates/web/webalizer.tpl b/install/0.9.7/rhel/templates/web/webalizer.tpl new file mode 100755 index 000000000..2e4fee3f8 --- /dev/null +++ b/install/0.9.7/rhel/templates/web/webalizer.tpl @@ -0,0 +1,110 @@ +HostName %domain_idn% +LogFile /var/log/httpd/domains/%domain%.log +OutputDir %home%/%user%/web/%domain%/stats +HistoryName %home%/%user%/web/%domain%/stats/%domain%.hist +Incremental yes +IncrementalName %home%/%user%/web/%domain%/stats/%domain%.current +PageType htm* +PageType cgi +PageType php +PageType shtml +DNSCache /var/lib/webalizer/dns_cache.db +DNSChildren 10 +Quiet yes +FoldSeqErr yes +IndexAlias index.php +HideURL *.gif +HideURL *.GIF +HideURL *.jpg +HideURL *.JPG +HideURL *.png +HideURL *.PNG +HideURL *.ra +SearchEngine abcsearch. terms= +SearchEngine alexa. q= +SearchEngine alltheweb. q= +SearchEngine alltheweb. query= +SearchEngine alot. q= +SearchEngine altavista. q= +SearchEngine aolsearch. query= +SearchEngine aport.ru r= +SearchEngine ask. q= +SearchEngine atlas.cz q= +SearchEngine bbc. q= +SearchEngine bing. q= +SearchEngine blingo. q= +SearchEngine blogs.yandex.ru text= +SearchEngine btopenworld query= +SearchEngine buscador.ya.com q= +SearchEngine busca. q= +SearchEngine business. query= +SearchEngine centrum.cz q= +SearchEngine chiff. q= +SearchEngine clusty. query= +SearchEngine comcast. q= +SearchEngine crawler. q= +SearchEngine cuil. q= +SearchEngine dmoz. search= +SearchEngine dogpile.com q= +SearchEngine dpxml qkw= +SearchEngine eureka. searchword= +SearchEngine euroseek. string= +SearchEngine exalead. q= +SearchEngine excite search= +SearchEngine ezilon. q= +SearchEngine fastbrowsersearch. q= +SearchEngine feedster.com q= +SearchEngine fireball.de q= +SearchEngine fireball. keyword= +SearchEngine freeserve. q= +SearchEngine gigablast. q= +SearchEngine gogo.ru q= +SearchEngine go.mail.ru q= +SearchEngine google. q= +SearchEngine hakia. q= +SearchEngine hotbot. query= +SearchEngine infoseek. qt= +SearchEngine iwon searchfor= +SearchEngine ixquick.com query= +SearchEngine joeant. keywords= +SearchEngine jyxo.cz s= +SearchEngine looksmart. key= +SearchEngine lycos. query= +SearchEngine mamma. q= +SearchEngine metacrawler q= +SearchEngine msn. MT= +SearchEngine msxml qkw= +SearchEngine mysearch. searchfor= +SearchEngine mywebsearch. searchfor= +SearchEngine netscape. q= +SearchEngine nigma.ru q= +SearchEngine northernlight. qr= +SearchEngine ntlworld. q= +SearchEngine orange. q= +SearchEngine overture. Keywords= +SearchEngine punto.ru text= +SearchEngine rambler. keyword= +SearchEngine search.aol. q= +SearchEngine search.babylon. q= +SearchEngine search.centrum. phrase= +SearchEngine search.conduit. q= +SearchEngine search.earthlink q= +SearchEngine search.icq. q= +SearchEngine search.live.com q= +SearchEngine search.rambler.ru words= +SearchEngine search.winamp. q= +SearchEngine searchy. q= +SearchEngine seznam.cz w= +SearchEngine snap. query= +SearchEngine teoma. q= +SearchEngine teradex.com q= +SearchEngine ukplus key= +SearchEngine verizon. q= +SearchEngine virginmedia. q= +SearchEngine voila. rdata= +SearchEngine webcrawler searchText= +SearchEngine web.search.naver. query= +SearchEngine wisenut q= +SearchEngine yahoo. p= +SearchEngine yandex. text= +SearchEngine yodao. q= diff --git a/install/0.9.7/rhel/vesta.log b/install/0.9.7/rhel/vesta.log new file mode 100644 index 000000000..027a34396 --- /dev/null +++ b/install/0.9.7/rhel/vesta.log @@ -0,0 +1,7 @@ +/usr/local/vesta/log/*.log { + missingok + notifempty + size 30k + yearly + create 0600 root root +} diff --git a/install/0.9.7/rhel/vsftpd.conf b/install/0.9.7/rhel/vsftpd.conf new file mode 100644 index 000000000..ac5c36b33 --- /dev/null +++ b/install/0.9.7/rhel/vsftpd.conf @@ -0,0 +1,15 @@ +anonymous_enable=NO +local_enable=YES +write_enable=YES +local_umask=002 +anon_upload_enable=NO +dirmessage_enable=YES +xferlog_enable=YES +connect_from_port_20=YES +xferlog_std_format=YES +chroot_local_user=YES +listen=YES +pam_service_name=vsftpd +userlist_enable=YES +tcp_wrappers=YES +force_dot_files=YES diff --git a/install/vst-install.sh b/install/vst-install.sh new file mode 100644 index 000000000..169c76c5a --- /dev/null +++ b/install/vst-install.sh @@ -0,0 +1,549 @@ +#!/bin/bash +# Vesta installer + +# Define Variables +email=$1 +RHOST='r.vestacp.com' +CHOST='c.vestacp.com' + +REPO='cmmnt' +VERSION='0.9.7' +YUM_REPO='/etc/yum.repos.d/vesta.repo' +arch=$(uname -i) + +rpms="nginx httpd httpd-devel.$arch mod_ssl mod_ruid2 mod_extract_forwarded + webalizer awstats mysql mysql-server php php-bcmath php-cli php-common + php-devel.$arch php-gd php-imap php-mbstring php-mcrypt php-mysql + php-pdo php-soap php-tidy php-xml php-xmlrpc phpMyAdmin exim dovecot + clamd spamassassin roundcubemail bind bind-utils bind-libs vsftpd + rrdtool vesta vesta-nginx vesta-php" + +# Am I root? +if [ "x$(id -u)" != 'x0' ]; then + echo 'Error: this script can only be executed by root' + exit 1 +fi + +# Check supported version +if [ ! -e '/etc/redhat-release' ]; then + echo 'Error: sorry, we currently support RHEL and CentOS only' + exit 1 +fi + +os=$(cut -f 1 -d ' ' /etc/redhat-release) +if [ $os != 'CentOS' ] && [ $os != 'Red' ]; then + echo 'Error: sorry, we currently support RHEL and CentOS only' +fi +release=$(grep -o "[0-9]" /etc/redhat-release |head -n1) + +# Are you sure ? +if [ -z $1 ]; then + echo + echo + echo + echo + echo + echo ' ***********************************************************' + echo + echo ' _| _| _|_|_|_| _|_|_| _|_|_|_|_| _|_| ' + echo ' _| _| _| _| _| _| _| ' + echo ' _| _| _|_|_| _|_| _| _|_|_|_| ' + echo ' _| _| _| _| _| _| _| ' + echo ' _| _|_|_|_| _|_|_| _| _| _| ' + echo + echo + echo + echo + echo + echo + echo + echo + echo ' ***********************************************************' + echo + echo + read -n 1 -p 'Do you want to install Vesta Control Panel? [y/n]): ' answer + if [ "$answer" != 'y' ] && [ "$answer" != 'Y' ]; then + echo 'Goodbye' + exit 1 + fi + echo + + # Check email + read -p 'Please enter valid email address: ' email +fi + +# Validate email +local_part=$(echo $email | cut -s -f1 -d\@) +remote_host=$(echo $email | cut -s -f2 -d\@) +mx_failed=1 +if [ ! -z "$remote_host" ] && [ ! -z "$local_part" ]; then + /usr/bin/host -t mx "$remote_host" &> /dev/null + mx_failed="$?" +fi + +if [ "$mx_failed" -eq 1 ]; then + echo "Error: email $email is not valid" + exit 1 +fi + +echo +echo +echo +echo +echo 'Installation will take about 15 minutes ...' +echo +sleep 2 + +# Check wget +if [ ! -e '/usr/bin/wget' ]; then + yum -y install wget + if [ $? -ne 0 ]; then + echo "Error: can't install wget" + exit 1 + fi +fi + +# Check repo availability +wget "$RHOST/$REPO/vesta.conf" -O /dev/null +if [ $? -ne 0 ]; then + echo "Error: no access to $REPO repository" + exit 1 +fi + +# Check installed packages +tmpfile=$(mktemp -p /tmp) +rpm -qa > $tmpfile +for rpm in $rpms; do + if [ ! -z "$(grep ^$rpm. $tmpfile)" ]; then + conflicts="$rpm $conflicts" + fi +done +rm -f $tmpfile + +if [ ! -z "$conflicts" ]; then + echo + echo '!!! !!! !!! !!! !!! !!! !!! !!! !!! !!! !!! !!! !!! !!! !!! !!! !!!' + echo + echo 'Following rpm packages aleady installed:' + echo "$conflicts" + echo + echo + echo 'It is recommended to remove them before proceeding.' + echo '!!! !!! !!! !!! !!! !!! !!! !!! !!! !!! !!! !!! !!! !!! !!! !!! !!!' + echo + read -n 1 -p 'Do you really want to continue? [y/n]: ' answer + if [ "$answer" != 'y' ] && [ "$answer" != 'Y' ]; then + exit 1 + fi + echo + echo "Ok, let's try..." + sleep 1 +fi + +# Password generator +gen_pass() { + MATRIX='0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz' + LENGTH=10 + while [ ${n:=1} -le $LENGTH ]; do + PASS="$PASS${MATRIX:$(($RANDOM%${#MATRIX})):1}" + let n+=1 + done + echo "$PASS" +} + +# Update system +yum -y update + +# Return code check +if [ $? -ne 0 ]; then + echo 'Error: yum update failed' + exit 1 +fi + +# Install additional packages +yum -y install screen mc libpng libjpeg curl curl libmcrypt \ + libmcrypt mhash mhash freetype openssl flex libxml2 \ + ImageMagick sqlite sqlite GeoIP GeoIP-data GeoIP pcre pcre \ + sudo bc mailx lsof ntp + +# Return code check +if [ $? -ne 0 ]; then + echo 'Error: yum install failed' + exit 1 +fi + +# Install EPEL repo +if [ ! -e '/etc/yum.repos.d/epel.repo' ]; then + if [ "$release" -eq '5' ]; then + epel="5/i386/epel-release-5-4.noarch.rpm" + fi + + if [ "$release" -eq '6' ]; then + epel="6/i386/epel-release-6-7.noarch.rpm" + fi + + rpm -ivh http://dl.fedoraproject.org/pub/epel/$epel + if [ $? -ne 0 ]; then + echo "Error: can't install EPEL repository" + exit 1 + fi +fi + +# Install remi repo +if [ ! -e '/etc/yum.repos.d/remi.repo' ]; then + if [ "$release" -eq '5' ]; then + remi="remi-release-5.rpm" + fi + + if [ "$release" -eq '6' ]; then + remi="remi-release-6.rpm" + fi + + rpm -ivh http://rpms.famillecollet.com/enterprise/$remi + if [ $? -ne 0 ]; then + echo "Error: can't install remi repository" + exit 1 + fi +fi + +# Install vesta repo +echo "[vesta] +name=Vesta - $REPO +baseurl=http://$RHOST/$REPO/$release/\$basearch/ +enabled=1 +gpgcheck=1 +gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-VESTA" > $YUM_REPO +wget $CHOST/GPG.txt -O /etc/pki/rpm-gpg/RPM-GPG-KEY-VESTA + +# Checking if old MySQL stuff exists +if [ -e '/var/lib/mysql' ]; then + mv -f /var/lib/mysql /var/lib/mysql_old +fi +if [ -e '/etc/my.cnf' ]; then + mv -f /etc/my.cnf /etc/my.cnf_old +fi +if [ -e '/root/.my.cnf' ]; then + mv -f /root/.my.cnf +fi + +# Vesta packages +yum -y --enablerepo=remi install $rpms + +# Return code check +if [ $? -ne 0 ]; then + echo 'Error: yum install failed' + exit 1 +fi + +# Configuring run levels +chkconfig iptables off +if [ -e /etc/init.d/sendmail ]; then + chkconfig sendmail off +fi +if [ -e /etc/init.d/postfix ]; then + chkconfig postfix off +fi +chkconfig vesta on +chkconfig httpd on +chkconfig nginx on +chkconfig mysqld on +chkconfig vsftpd on +chkconfig named on +chkconfig exim on +chkconfig clamd on +chkconfig spamassassin on +chkconfig dovecot on + +# Make dirs more visible +echo 'LS_COLORS="$LS_COLORS:di=00;33"' >> /etc/profile + +# Vesta does not support SELINUX for now +if [ -e '/etc/sysconfig/selinux' ]; then + sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/sysconfig/selinux + setenforce 0 +fi +if [ -e '/etc/selinux/config' ]; then + sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config + setenforce 0 +fi + +# Vesta use own webalizer routine +rm -f /etc/cron.daily/00webalizer + +# NTP Synchronization +echo '#!/bin/sh' > /etc/cron.daily/ntpdate +echo '/sbin/ntpdate -s pool.ntp.org' >> /etc/cron.daily/ntpdate +chmod 775 /etc/cron.daily/ntpdate +/sbin/ntpdate -s pool.ntp.org + +# Vesta Environment +echo "export VESTA='/usr/local/vesta'" > /etc/profile.d/vesta.sh +chmod 755 /etc/profile.d/vesta.sh +source /etc/profile.d/vesta.sh +echo 'PATH=$PATH:/usr/local/vesta/bin' >> /root/.bash_profile +echo 'export PATH' >> /root/.bash_profile +source /root/.bash_profile +mkdir -p $VESTA/conf +mkdir -p $VESTA/log +mkdir -p $VESTA/data +mkdir -p $VESTA/ssl +chmod 770 $VESTA/conf + +wget $RHOST/$REPO/vesta.conf -O $VESTA/conf/vesta.conf +wget $CHOST/$VERSION/sudoers.conf -O /etc/sudoers +wget $CHOST/$VERSION/vesta.log -O /etc/logrotate.d/vesta + +sed -i "s/umask 022/umask 002/g" /etc/profile + +# Create backup directory +adduser backup +ln -s /home/backup /backup +chmod a+x /backup + +# Configuring data templates +cd /usr/local/vesta/data +mkdir ips +mkdir queue +mkdir users +touch queue/backup.pipe +touch queue/disk.pipe +touch queue/webstats.pipe +touch queue/restart.pipe +touch queue/traffic.pipe +chmod 750 users +chmod 750 ips +chmod -R 750 queue +wget $CHOST/$VERSION/packages.tar.gz -O packages.tar.gz +tar -xzf packages.tar.gz +rm -f packages.tar.gz +cd /usr/local/vesta/data +wget $CHOST/$VERSION/templates.tar.gz -O templates.tar.gz +tar -xzf templates.tar.gz +rm -f templates.tar.gz +chmod -R 755 /usr/local/vesta/data/templates + +cp templates/web/skel/public_html/index.html /var/www/html/ +sed -i 's/%domain%/It worked!/g' /var/www/html/index.html + +# Configuring ssl keys +cd /usr/local/vesta/ssl +wget $CHOST/$VERSION/certificate.crt -O certificate.crt +wget $CHOST/$VERSION/certificate.key -O certificate.key + +# Adding admin user +vpass=$(gen_pass) +$VESTA/bin/v-add-user admin $vpass $email default System Administrator +if [ $? -ne 0 ]; then + echo "Error: can't create admin user" + exit 1 +fi + +# Set shell +$VESTA/bin/v-change-user-shell admin bash + +# Apache +wget $CHOST/$VERSION/httpd.conf -O /etc/httpd/conf/httpd.conf +wget $CHOST/$VERSION/httpd-status.conf -O /etc/httpd/conf.d/status.conf +wget $CHOST/$VERSION/httpd-ssl.conf -O /etc/httpd/conf.d/ssl.conf +wget $CHOST/$VERSION/httpd.log -O /etc/logrotate.d/httpd +echo "MEFaccept 127.0.0.1" >> /etc/httpd/conf.d/mod_extract_forwarded.conf +echo > /etc/httpd/conf.d/proxy_ajp.conf +echo > /etc/httpd/conf.d/vesta.conf +touch /var/log/httpd/access_log +touch /var/log/httpd/error_log +touch /var/log/httpd/suexec.log +mkdir -p /var/log/httpd/domains +chmod a+x /var/log/httpd +chmod 640 /var/log/httpd/access_log +chmod 640 /var/log/httpd/error_log +chmod 640 /var/log/httpd/suexec.log +chmod 751 /var/log/httpd/domains + +# Nginx +wget $CHOST/$VERSION/nginx.conf -O /etc/nginx/nginx.conf +wget $CHOST/$VERSION/nginx-status.conf -O /etc/nginx/conf.d/status.conf +rm -f /etc/nginx/conf.d/default.conf +rm -f /etc/nginx/conf.d/example_ssl.conf +touch /etc/nginx/conf.d/vesta_ip.conf +touch /etc/nginx/conf.d/vesta_users.conf + +# VsFTP +wget $CHOST/$VERSION/vsftpd.conf -O /etc/vsftpd/vsftpd.conf + +# MySQL +mpass=$(gen_pass) +wget $CHOST/$VERSION/mysql.cnf -O /etc/my.cnf +service mysqld start +mysqladmin -u root password $mpass +echo -e "[client]\npassword='$mpass'\n" >/root/.my.cnf +$VESTA/bin/v-add-database-server mysql localhost 3306 root $mpass +$VESTA/bin/v-add-database admin default default $(gen_pass) mysql + +# Bind +wget $CHOST/$VERSION/named.conf -O /etc/named.conf +chown root:named /etc/named.conf +chmod 640 /etc/named.conf + +# Exim +wget $CHOST/$VERSION/exim.conf -O /etc/exim/exim.conf +wget $CHOST/$VERSION/dnsbl.conf -O /etc/exim/dnsbl.conf +wget $CHOST/$VERSION/spam-blocks.conf -O /etc/exim/spam-blocks.conf +wget $CHOST/$VERSION/clamd.conf -O /etc/clamd.conf +mkdir /etc/exim/domains +chmod 640 /etc/exim/exim.conf +gpasswd -a clam exim +gpasswd -a exim mail +gpasswd -a clam mail +gpasswd -a dovecot mail +/usr/bin/freshclam + +# Dovecot config +if [ "$release" -eq '5' ]; then + wget $CHOST/$VERSION/dovecot.conf -O /etc/dovecot.conf +else + wget $CHOST/$VERSION/dovecot.tar.gz -O /etc/dovecot.tar.gz + rm -rf /etc/dovecot + cd /etc/ + tar -xzf dovecot.tar.gz + rm -f dovecot.tar.gz +fi + +# PMA +wget $CHOST/$VERSION/httpd-pma.conf -O /etc/httpd/conf.d/phpMyAdmin.conf +wget $CHOST/$VERSION/pma.conf -O /etc/phpMyAdmin/config.inc.php +sed -i "s/%blowfish_secret%/$(gen_pass)/g" /etc/phpMyAdmin/config.inc.php + +# Roundcube setup +wget $CHOST/$VERSION/httpd-webmail.conf -O /etc/httpd/conf.d/roundcubemail.conf +wget $CHOST/$VERSION/roundcube-main.conf -O /etc/roundcubemail/main.inc.php +wget $CHOST/$VERSION/roundcube-db.conf -O /etc/roundcubemail/db.inc.php + +r="$(gen_pass)" +mysql -e "CREATE DATABASE roundcube" +mysql -e "GRANT ALL ON roundcube.* TO roundcube@localhost IDENTIFIED BY '$r'" +sed -i "s/%password%/$r/g" /etc/roundcubemail/db.inc.php +mysql roundcube < /usr/share/doc/roundcubemail-*/SQL/mysql.initial.sql + +# Configuring ip +$VESTA/bin/v-update-sys-ip + +# Get main ip +main_ip=$(ifconfig |grep 'inet addr:' |grep -v 127.0.0.1 |head -n1 |\ + cut -f2 -d: | cut -f1 -d ' ') + +# Add default web domain on main ip +$VESTA/bin/v-add-web-domain admin default.domain $main_ip + +# Add default dns domain on main ip +$VESTA/bin/v-add-dns-domain admin default.domain $main_ip + +# Add default mail domain +$VESTA/bin/v-add-mail-domain admin default.domain + +# Configuring crond +command='sudo /usr/local/vesta/bin/v-update-sys-queue disk' +$VESTA/bin/v-add-cron-job 'admin' '15' '02' '*' '*' '*' "$command" +command='sudo /usr/local/vesta/bin/v-update-sys-queue traffic' +$VESTA/bin/v-add-cron-job 'admin' '10' '00' '*' '*' '*' "$command" +command='sudo /usr/local/vesta/bin/v-update-sys-queue webstats' +$VESTA/bin/v-add-cron-job 'admin' '30' '03' '*' '*' '*' "$command" +command='sudo /usr/local/vesta/bin/v-update-sys-queue backup' +$VESTA/bin/v-add-cron-job 'admin' '*/30' '*' '*' '*' '*' "$command" +command='sudo /usr/local/vesta/bin/v-backup-users' +$VESTA/bin/v-add-cron-job 'admin' '10' '05' '*' '*' '*' "$command" +command='sudo /usr/local/vesta/bin/v-update-user-stats' +$VESTA/bin/v-add-cron-job 'admin' '20' '00' '01' '*' '*' "$command" +command='sudo /usr/local/vesta/bin/v-update-sys-rrd' +$VESTA/bin/v-add-cron-job 'admin' '*/5' '*' '*' '*' '*' "$command" + +# Creating symlink +ln -s /usr/local/vesta/log /var/log/vesta + +# Stop unused services +services='iptables sendmail postfix' +for srv in $services; do + service $srv status > /dev/null + if [ $? -eq 0 ]; then + service $srv stop + fi +done + +# Start system service +services='vesta httpd nginx vsftpd exim dovecot clamd spamassassin named crond' +for srv in $services; do + service $srv status > /dev/null + if [ $? -gt 0 ]; then + service $srv start + else + service $srv restart + fi +done + +# Change sendmail client +rm -f /etc/alternatives/mta +ln -s /usr/sbin/sendmail.exim /etc/alternatives/mta + +# Build inititall rrd images +$VESTA/bin/v-update-sys-rrd + +# Send notification to vestacp.com +wget vestacp.com/notify/?$REPO -O /dev/null + +# Get server ip +vst_ip=$(wget vestacp.com/what-is-my-ip/ -O - 2>/dev/null) +if [ -z "$vst_ip" ]; then + vst_ip=$main_ip +fi + +# Send email +echo -e "Congratulations, you have just successfully installed \ +the Vesta Control Panel + +You can login in Vesta with following credentials: + username: admin + password: $vpass + https://$vst_ip:8083 + +We hope that you enjoy your installation of Vesta. Please \ +feel free to contact us anytime if you have any questions. +Thank you. + +-- +Sincerely yours +vestacp.com team +" > $tmpfile + +cat $tmpfile | mail -s "Vesta Control Panel" $email +rm -f $tmpfile + +# Congrats +echo +echo +echo ' ***********************************************************' +echo +echo ' _| _| _|_|_|_| _|_|_| _|_|_|_|_| _|_| ' +echo ' _| _| _| _| _| _| _| ' +echo ' _| _| _|_|_| _|_| _| _|_|_|_| ' +echo ' _| _| _| _| _| _| _| ' +echo ' _| _|_|_|_| _|_|_| _| _| _| ' +echo +echo ' Congratulations, you have just successfully installed' +echo ' the Vesta Control Panel!' +echo +echo ' Now you can login in Vesta with following credentials:' +echo ' username: admin' +echo " password: $vpass" +echo " https://$vst_ip:8083/" +echo +echo +echo ' Thank you for using our product.' +echo +echo ' ***********************************************************' +echo +echo + +# Tricky way to get new PATH variable +cd +bash + +# EOF