github/vesta
1
0
Fork 0
mirror of https://github.com/serghey-rodin/vesta.git synced 2025-08-22 22:34:05 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions

Merge 45614bc9f0 into 1bb5c62f5f

Browse source
This commit is contained in:
icez 2014-07-28 19:50:13 +00:00
commit d2f53bb694
2 changed files with 145 additions and 13 deletions
Download patch file Download diff file Expand all files Collapse all files

127
bin/v-change-server-ip Executable file
View file

@ -0,0 +1,127 @@
#!/bin/sh
#script to change ips on a VestaCP server.
#usage:
# $0 <oldip> <newip>
LOG=/var/log/vesta/system.log
MYUID=`/usr/bin/id -u`
if [ "$MYUID" != 0 ]; then
echo "You require Root Access to run this script";
exit 0;
fi
if [ $# != 2 ] && [ $# != 3 ]; then
echo "Usage:";
echo "$0 <oldip> <newip> [<file>]";
echo "you gave #$#: $0 $1 $2 $3";
exit 0;
fi
OLD_IP=$1
NEW_IP=$2
HAVE_HTTPD=1
HAVE_NGINX=1
DATE=`date '+%F %X'`
BIN=`echo $0 | awk -F/ '{print $NF}'`
log()
{
echo -e "$1";
echo -e "$1" >> $LOG;
}
swapfile()
{
if [ ! -e $1 ]; then
log "Cannot Find $1 to change the IPs. Skipping...";
return;
fi
TEMP="perl -pi -e 's/${OLD_IP}/${NEW_IP}/g' $1"
eval $TEMP;
log "$DATE $BIN $1\t: $OLD_IP -> $NEW_IP";
}
if [ $# = 3 ]; then
swapfile $3;
exit 0;
fi
IPFILE_OLD=/usr/local/vesta/data/ips/$OLD_IP
IPFILE_NEW=/usr/local/vesta/data/ips/$NEW_IP
if [ ! -e $IPFILE_OLD ]; then
echo -n "$IPFILE_OLD does not exist. Do you want to continue anyway? (y/n) : ";
read YESNO;
if [ "$YESNO" != "y" ]; then
exit 0;
fi
else
mv -f $IPFILE_OLD $IPFILE_NEW
log "$DATE $0 $IPFILE_OLD\t: $OLD_IP -> $NEW_IP";
fi
if [ "${HAVE_HTTPD}" -eq 1 ]; then
if [ -e /etc/httpd/conf.d/${OLD_IP}.conf ]; then
swapfile /etc/httpd/conf.d/${OLD_IP}.conf
mv -f /etc/httpd/conf.d/$OLD_IP.conf /etc/httpd/conf.d/${NEW_IP}.conf
fi
swapfile /etc/httpd/conf.d/mod_extract_forwarded.conf
fi
if [ "${HAVE_NGINX}" -eq 1 ]; then
if [ -e /etc/nginx/conf.d/${OLD_IP}.conf ]; then
swapfile /etc/nginx/conf.d/${OLD_IP}.conf
mv -f /etc/nginx/conf.d/$OLD_IP.conf /etc/nginx/conf.d/${NEW_IP}.conf
fi
fi
swapfile /etc/hosts
ULDDU=/usr/local/vesta/data/users
for i in `ls $ULDDU`; do
{
if [ ! -d $ULDDU/$i ]; then
continue;
fi
swapfile $ULDDU/$i/web.conf
swapfile $ULDDU/$i/dns.conf
for j in `ls $ULDDU/$i/dns/*.conf`; do
{
swapfile $j
};
done;
if [ "${HAVE_HTTPD}" -eq 1 ]; then
swapfile /home/$i/conf/web/httpd.conf
fi
if [ "${HAVE_NGINX}" -eq 1 ]; then
swapfile /home/$i/conf/web/nginx.conf
fi
for j in `ls /home/$i/conf/dns/*.db`; do
{
swapfile $j
};
done;
};
done;
#this is needed to update the serial in the db files.
if [ "${HAVE_HTTPD}" -eq 1 ]; then
service httpd restart
fi
if [ "${HAVE_NGINX}" -eq 1 ]; then
service nginx restart
fi
echo "*** Done swapping $OLD_IP to $NEW_IP ***";

31
install/rhel/exim.conf
View file

@ -6,12 +6,13 @@ SPAM_SCORE = 50
domainlist local_domains = dsearch;/etc/exim/domains/
domainlist relay_to_domains = dsearch;/etc/exim/domains/
hostlist auth_relay_hosts = *
hostlist relay_from_hosts = 127.0.0.1
hostlist whitelist = net-iplsearch;/etc/exim/white-blocks.conf
hostlist spammers = net-iplsearch;/etc/exim/spam-blocks.conf
no_local_from_check
untrusted_set_sender = *
acl_smtp_connect = acl_check_spammers
#acl_smtp_connect = acl_check_spammers
acl_smtp_mail = acl_check_mail
acl_smtp_rcpt = acl_check_rcpt
acl_smtp_data = acl_check_data
@ -26,8 +27,8 @@ av_scanner = clamd: /var/run/clamav/clamd.sock
.endif
tls_advertise_hosts = *
tls_certificate = /etc/pki/tls/certs/exim.pem
tls_privatekey = /etc/pki/tls/private/exim.pem
tls_certificate = /usr/local/vesta/ssl/certificate.crt
tls_privatekey = /usr/local/vesta/ssl/certificate.key
daemon_smtp_ports = 25 : 465 : 587 : 2525
tls_on_connect_ports = 465
@ -46,15 +47,6 @@ DKIM_PRIVATE_KEY = ${if exists{DKIM_FILE}{DKIM_FILE}{0}}
##########################################################################
begin acl
##########################################################################
acl_check_spammers:
accept hosts = +whitelist
drop message = Your host in blacklist on this server.
log_message = Host in blacklist
hosts = +spammers
deny message = rejected because $sender_host_address is in a black list at $dnslist_domain\\n$dnslist_text
dnslists = ${readfile {/etc/exim/dnsbl.conf}{:}}
accept
acl_check_mail:
deny
condition = ${if eq{$sender_helo_name}{}}
@ -86,6 +78,12 @@ acl_check_mail:
acl_check_rcpt:
accept hosts = :
accept hosts = +auth_relay_hosts
condition = ${if eq {$interface_port}{587} {yes}{no}}
endpass
message = relay not permitted, authentication required
authenticated = *
deny message = Restricted characters in address
domains = +local_domains
local_parts = ^[.] : ^.*[@%!/|]
@ -94,6 +92,13 @@ acl_check_rcpt:
domains = !+local_domains
local_parts = ^[./|] : ^.*[@%!] : ^.*/\\.\\./
drop message = Your host in blacklist on this server.
log_message = Host in blacklist
hosts = +spammers
deny message = rejected because $sender_host_address is in a black list at $dnslist_domain\\n$dnslist_text
dnslists = ${readfile {/etc/exim/dnsbl.conf}{:}}
require verify = sender
accept hosts = +relay_from_hosts
@ -306,7 +311,7 @@ local_spam_delivery:
delivery_date_add
envelope_to_add
return_path_add
directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim/domains/$domain/passwd}}}}/mail/$domain/$local_part/.Spam"
directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim/domains/$domain/passwd}}}}/mail/$domain/$local_part/.spam"
quota = ${extract{6}{:}{${lookup{$local_part}lsearch{/etc/exim/domains/$domain/passwd}}}}M
quota_directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim/domains/$domain/passwd}}}}/mail/$domain/$local_part"
quota_warn_threshold = 75%