github/vesta
1
0
Fork 0
mirror of https://github.com/serghey-rodin/vesta.git synced 2025-08-20 21:34:11 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions

Merge branch 'master' of github.com:serghey-rodin/vesta

Browse source
This commit is contained in:
Serghey Rodin 2016-11-23 18:30:45 +02:00
commit e28fc98ea0
11 changed files with 62 additions and 34 deletions
Download patch file Download diff file Expand all files Collapse all files

2
func/main.sh
View file

@ -2,7 +2,7 @@
# Internal variables # Internal variables
HOMEDIR='/home' HOMEDIR='/home'
BACKUP='/backup' BACKUP='/backup'
BACKUP_GZIP=5 BACKUP_GZIP=9
BACKUP_DISK_LIMIT=95 BACKUP_DISK_LIMIT=95
BACKUP_LA_LIMIT=5 BACKUP_LA_LIMIT=5
RRD_STEP=300 RRD_STEP=300

2
install/ubuntu/16.04/dovecot/conf.d/10-ssl.conf
View file

@ -1,3 +1,5 @@
ssl = yes ssl = yes
ssl_protocols = !SSLv2 !SSLv3
ssl_cert = </usr/local/vesta/ssl/certificate.crt ssl_cert = </usr/local/vesta/ssl/certificate.crt
ssl_key = </usr/local/vesta/ssl/certificate.key ssl_key = </usr/local/vesta/ssl/certificate.key

20
install/ubuntu/16.04/dovecot/dovecot.conf
View file

@ -2,3 +2,23 @@ protocols = imap pop3
listen = *, :: listen = *, ::
base_dir = /var/run/dovecot/ base_dir = /var/run/dovecot/
!include conf.d/*.conf !include conf.d/*.conf
namespace {
type = private
separator = /
prefix =
inbox = yes
mailbox Sent {
auto = subscribe
special_use = \Sent
}
mailbox Drafts {
auto = subscribe
special_use = \Drafts
}
mailbox Trash {
auto = subscribe
special_use = \Trash
}
}

1
install/ubuntu/16.04/exim/exim4.conf.template
View file

@ -8,6 +8,7 @@
#SPAM_SCORE = 50 #SPAM_SCORE = 50
#CLAMD = yes #CLAMD = yes
disable_ipv6 = true
domainlist local_domains = dsearch;/etc/exim4/domains/ domainlist local_domains = dsearch;/etc/exim4/domains/
domainlist relay_to_domains = dsearch;/etc/exim4/domains/ domainlist relay_to_domains = dsearch;/etc/exim4/domains/
hostlist relay_from_hosts = 127.0.0.1 hostlist relay_from_hosts = 127.0.0.1

10
install/ubuntu/16.04/nginx/nginx.conf
View file

@ -1,7 +1,8 @@
# Server globals # Server globals
user www-data; user www-data;
worker_processes 2; worker_processes auto;
error_log /var/log/nginx/error.log; worker_rlimit_nofile 65535;
error_log /var/log/nginx/error.log crit;
pid /var/run/nginx.pid; pid /var/run/nginx.pid;
@ -9,6 +10,7 @@ pid /var/run/nginx.pid;
events { events {
worker_connections 1024; worker_connections 1024;
use epoll; use epoll;
multi_accept on;
} }
@ -51,9 +53,9 @@ http {
gzip_comp_level 9; gzip_comp_level 9;
gzip_min_length 512; gzip_min_length 512;
gzip_buffers 8 64k; gzip_buffers 8 64k;
gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript image/svg+xml application/x-font-ttf font/opentype; gzip_types text/plain text/css text/javascript text/js text/xml application/json application/javascript application/x-javascript application/xml application/xml+rss application/x-font-ttf image/svg+xml font/opentype;
gzip_proxied any; gzip_proxied any;
gzip_disable "MSIE [1-6]\.";
# Proxy settings # Proxy settings
proxy_redirect off; proxy_redirect off;

2
install/ubuntu/16.04/pma/apache.conf
View file

@ -15,7 +15,7 @@ Alias /phpmyadmin /usr/share/phpmyadmin
php_admin_flag allow_url_fopen Off php_admin_flag allow_url_fopen Off
php_value include_path . php_value include_path .
php_admin_value upload_tmp_dir /var/lib/phpmyadmin/tmp php_admin_value upload_tmp_dir /var/lib/phpmyadmin/tmp
php_admin_value open_basedir /usr/share/phpmyadmin/:/etc/phpmyadmin/:/var/lib/phpmyadmin/:/usr/share/php/php-gettext php_admin_value open_basedir /usr/share/phpmyadmin/:/etc/phpmyadmin/:/var/lib/phpmyadmin/:/usr/share/php/php-gettext:/usr/share/javascript/
</IfModule> </IfModule>
</Directory> </Directory>

6
install/ubuntu/16.04/roundcube/main.inc.php
View file

@ -448,7 +448,7 @@ $rcmail_config['create_default_folders'] = true;
$rcmail_config['protect_default_folders'] = true; $rcmail_config['protect_default_folders'] = true;
// if in your system 0 quota means no limit set this option to true // if in your system 0 quota means no limit set this option to true
$rcmail_config['quota_zero_as_unlimited'] = false; $rcmail_config['quota_zero_as_unlimited'] = true;
// Make use of the built-in spell checker. It is based on GoogieSpell. // Make use of the built-in spell checker. It is based on GoogieSpell.
// Since Google only accepts connections over https your PHP installatation // Since Google only accepts connections over https your PHP installatation
@ -724,8 +724,8 @@ $rcmail_config['htmleditor'] = 0;
// show pretty dates as standard // show pretty dates as standard
$rcmail_config['prettydate'] = true; $rcmail_config['prettydate'] = true;
// save compose message every 300 seconds (5min) // save compose message every 30 seconds
$rcmail_config['draft_autosave'] = 300; $rcmail_config['draft_autosave'] = 30;
// default setting if preview pane is enabled // default setting if preview pane is enabled
$rcmail_config['preview_pane'] = false; $rcmail_config['preview_pane'] = false;

1
install/ubuntu/16.04/templates/dns/child-ns.tpl
View file

@ -9,3 +9,4 @@ ID='8' RECORD='pop' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time
ID='9' RECORD='ftp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' ID='9' RECORD='ftp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
ID='10' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='mail.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%' ID='10' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='mail.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
ID='11' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"v=spf1 a mx ip4:%ip% ?all"' SUSPENDED='no' TIME='%time%' DATE='%date%' ID='11' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"v=spf1 a mx ip4:%ip% ?all"' SUSPENDED='no' TIME='%time%' DATE='%date%'
ID='12' RECORD='_dmarc' TYPE='TXT' PRIORITY='' VALUE='"v=DMARC1; p=none"' SUSPENDED='no' TIME='%time%' DATE='%date%'

1
install/ubuntu/16.04/templates/dns/default.tpl
View file

@ -13,3 +13,4 @@ ID='12' RECORD='pop' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%tim
ID='13' RECORD='ftp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%' ID='13' RECORD='ftp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
ID='14' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='mail.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%' ID='14' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='mail.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
ID='15' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"v=spf1 a mx ip4:%ip% ?all"' SUSPENDED='no' TIME='%time%' DATE='%date%' ID='15' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"v=spf1 a mx ip4:%ip% ?all"' SUSPENDED='no' TIME='%time%' DATE='%date%'
ID='16' RECORD='_dmarc' TYPE='TXT' PRIORITY='' VALUE='"v=DMARC1; p=none"' SUSPENDED='no' TIME='%time%' DATE='%date%'

5
install/ubuntu/16.04/vsftpd/vsftpd.conf
View file

@ -17,10 +17,11 @@ tcp_wrappers=YES
force_dot_files=YES force_dot_files=YES
ascii_upload_enable=YES ascii_upload_enable=YES
ascii_download_enable=YES ascii_download_enable=YES
#allow_writable_chroot=YES
allow_writeable_chroot=YES allow_writeable_chroot=YES
seccomp_sandbox=NO seccomp_sandbox=NO
pasv_enable=YES pasv_enable=YES
pasv_max_port=12100
pasv_min_port=12000 pasv_min_port=12000
pasv_max_port=12100
max_per_ip=10
max_clients=100
use_localtime=YES use_localtime=YES

42
install/vst-install-ubuntu.sh
View file

@ -273,7 +273,7 @@ fi
# Brief Info # # Brief Info #
#----------------------------------------------------------# #----------------------------------------------------------#
# Printing nice ascii aslogo # Printing nice ASCII logo
clear clear
echo echo
echo ' _| _| _|_|_|_| _|_|_| _|_|_|_|_| _|_|' echo ' _| _| _|_|_|_| _|_|_| _|_|_|_|_| _|_|'
@ -508,7 +508,7 @@ if [ "$release" = '16.04' ] && [ -e '/etc/init.d/mysql' ]; then
fi fi
# Backup vesta # Backup Vesta
service vesta stop > /dev/null 2>&1 service vesta stop > /dev/null 2>&1
cp -r $VESTA/* $vst_backups/vesta > /dev/null 2>&1 cp -r $VESTA/* $vst_backups/vesta > /dev/null 2>&1
apt-get -y remove vesta vesta-nginx vesta-php > /dev/null 2>&1 apt-get -y remove vesta vesta-nginx vesta-php > /dev/null 2>&1
@ -625,8 +625,8 @@ rm -f /etc/cron.d/awstats
# Set directory color # Set directory color
echo 'LS_COLORS="$LS_COLORS:di=00;33"' >> /etc/profile echo 'LS_COLORS="$LS_COLORS:di=00;33"' >> /etc/profile
# Register /sbin/nologin # Register /usr/sbin/nologin
echo "/sbin/nologin" >> /etc/shells echo "/usr/sbin/nologin" >> /etc/shells
# NTP Synchronization # NTP Synchronization
echo '#!/bin/sh' > /etc/cron.daily/ntpdate echo '#!/bin/sh' > /etc/cron.daily/ntpdate
@ -662,10 +662,10 @@ echo 'PATH=$PATH:'$VESTA'/bin' >> /root/.bash_profile
echo 'export PATH' >> /root/.bash_profile echo 'export PATH' >> /root/.bash_profile
source /root/.bash_profile source /root/.bash_profile
# Configuring logrotate for vesta logs # Configuring logrotate for Vesta logs
wget $vestacp/logrotate/vesta -O /etc/logrotate.d/vesta wget $vestacp/logrotate/vesta -O /etc/logrotate.d/vesta
# Buidling directory tree and creating some blank files for vesta # Buidling directory tree and creating some blank files for Vesta
mkdir -p $VESTA/conf $VESTA/log $VESTA/ssl $VESTA/data/ips \ mkdir -p $VESTA/conf $VESTA/log $VESTA/ssl $VESTA/data/ips \
$VESTA/data/queue $VESTA/data/users $VESTA/data/firewall \ $VESTA/data/queue $VESTA/data/users $VESTA/data/firewall \
$VESTA/data/sessions $VESTA/data/sessions
@ -681,12 +681,12 @@ ln -s $VESTA/log /var/log/vesta
chown admin:admin $VESTA/data/sessions chown admin:admin $VESTA/data/sessions
chmod 770 $VESTA/data/sessions chmod 770 $VESTA/data/sessions
# Generating vesta configuration # Generating Vesta configuration
rm -f $VESTA/conf/vesta.conf 2>/dev/null rm -f $VESTA/conf/vesta.conf 2>/dev/null
touch $VESTA/conf/vesta.conf touch $VESTA/conf/vesta.conf
chmod 660 $VESTA/conf/vesta.conf chmod 660 $VESTA/conf/vesta.conf
# WEB stack # Web stack
if [ "$apache" = 'yes' ] && [ "$nginx" = 'no' ] ; then if [ "$apache" = 'yes' ] && [ "$nginx" = 'no' ] ; then
echo "WEB_SYSTEM='apache2'" >> $VESTA/conf/vesta.conf echo "WEB_SYSTEM='apache2'" >> $VESTA/conf/vesta.conf
echo "WEB_RGROUPS='www-data'" >> $VESTA/conf/vesta.conf echo "WEB_RGROUPS='www-data'" >> $VESTA/conf/vesta.conf
@ -892,7 +892,7 @@ done
#----------------------------------------------------------# #----------------------------------------------------------#
# Configure VSFTPD # # Configure Vsftpd #
#----------------------------------------------------------# #----------------------------------------------------------#
if [ "$vsftpd" = 'yes' ]; then if [ "$vsftpd" = 'yes' ]; then
@ -929,14 +929,14 @@ if [ "$mysql" = 'yes' ]; then
mycnf="my-large.cnf" mycnf="my-large.cnf"
fi fi
# MySQL configuration # Configuring MySQL/MariaDB
wget $vestacp/mysql/$mycnf -O /etc/mysql/my.cnf wget $vestacp/mysql/$mycnf -O /etc/mysql/my.cnf
mysql_install_db mysql_install_db
update-rc.d mysql defaults update-rc.d mysql defaults
service mysql start service mysql start
check_result $? "mysql start failed" check_result $? "mysql start failed"
# Securing MySQL installation # Securing MySQL/MariaDB installation
mysqladmin -u root password $vpass mysqladmin -u root password $vpass
echo -e "[client]\npassword='$vpass'\n" > /root/.my.cnf echo -e "[client]\npassword='$vpass'\n" > /root/.my.cnf
chmod 600 /root/.my.cnf chmod 600 /root/.my.cnf
@ -1074,7 +1074,7 @@ fi
#----------------------------------------------------------# #----------------------------------------------------------#
# Configure RoundCube # # Configure Roundcube #
#----------------------------------------------------------# #----------------------------------------------------------#
if [ "$exim" = 'yes' ] && [ "$mysql" = 'yes' ]; then if [ "$exim" = 'yes' ] && [ "$mysql" = 'yes' ]; then
@ -1146,16 +1146,16 @@ if [ ! -z "$(grep ^admin: /etc/group)" ] && [ "$force" = 'yes' ]; then
groupdel admin > /dev/null 2>&1 groupdel admin > /dev/null 2>&1
fi fi
# Adding vesta account # Adding Vesta admin account
$VESTA/bin/v-add-user admin $vpass $email default System Administrator $VESTA/bin/v-add-user admin $vpass $email default System Administrator
check_result $? "can't create admin user" check_result $? "can't create admin user"
$VESTA/bin/v-change-user-shell admin bash $VESTA/bin/v-change-user-shell admin bash
$VESTA/bin/v-change-user-language admin $lang $VESTA/bin/v-change-user-language admin $lang
# Configuring system ips # Configuring system IPs
$VESTA/bin/v-update-sys-ip $VESTA/bin/v-update-sys-ip
# Get main ip # Get main IP
ip=$(ip addr|grep 'inet '|grep global|head -n1|awk '{print $2}'|cut -f1 -d/) ip=$(ip addr|grep 'inet '|grep global|head -n1|awk '{print $2}'|cut -f1 -d/)
# Firewall configuration # Firewall configuration
@ -1163,20 +1163,20 @@ if [ "$iptables" = 'yes' ]; then
$VESTA/bin/v-update-firewall $VESTA/bin/v-update-firewall
fi fi
# Get public ip # Get public IP
pub_ip=$(curl -s vestacp.com/what-is-my-ip/) pub_ip=$(curl -s vestacp.com/what-is-my-ip/)
if [ ! -z "$pub_ip" ] && [ "$pub_ip" != "$ip" ]; then if [ ! -z "$pub_ip" ] && [ "$pub_ip" != "$ip" ]; then
$VESTA/bin/v-change-sys-ip-nat $ip $pub_ip $VESTA/bin/v-change-sys-ip-nat $ip $pub_ip
ip=$pub_ip ip=$pub_ip
fi fi
# Configuring mysql host # Configuring MySQL host
if [ "$mysql" = 'yes' ]; then if [ "$mysql" = 'yes' ]; then
$VESTA/bin/v-add-database-host mysql localhost root $vpass $VESTA/bin/v-add-database-host mysql localhost root $vpass
$VESTA/bin/v-add-database admin default default $(gen_pass) mysql $VESTA/bin/v-add-database admin default default $(gen_pass) mysql
fi fi
# Configuring pgsql host # Configuring PostgreSQL host
if [ "$postgresql" = 'yes' ]; then if [ "$postgresql" = 'yes' ]; then
$VESTA/bin/v-add-database-host pgsql localhost postgres $vpass $VESTA/bin/v-add-database-host pgsql localhost postgres $vpass
$VESTA/bin/v-add-database admin db db $(gen_pass) pgsql $VESTA/bin/v-add-database admin db db $(gen_pass) pgsql
@ -1203,7 +1203,7 @@ command="sudo $VESTA/bin/v-update-sys-rrd"
$VESTA/bin/v-add-cron-job 'admin' '*/5' '*' '*' '*' '*' "$command" $VESTA/bin/v-add-cron-job 'admin' '*/5' '*' '*' '*' '*' "$command"
service cron restart service cron restart
# Building inititall rrd images # Building initital rrd images
$VESTA/bin/v-update-sys-rrd $VESTA/bin/v-update-sys-rrd
# Enabling file system quota # Enabling file system quota
@ -1211,7 +1211,7 @@ if [ "$quota" = 'yes' ]; then
$VESTA/bin/v-add-sys-quota $VESTA/bin/v-add-sys-quota
fi fi
# Starting vesta service # Starting Vesta service
update-rc.d vesta defaults update-rc.d vesta defaults
service vesta start service vesta start
check_result $? "vesta start failed" check_result $? "vesta start failed"
@ -1231,7 +1231,7 @@ $VESTA/bin/v-add-cron-vesta-autoupdate
# Sending install notification to vestacp.com # Sending install notification to vestacp.com
wget vestacp.com/notify/?$codename -O /dev/null -q wget vestacp.com/notify/?$codename -O /dev/null -q
# Comparing hostname and ip # Comparing hostname and IP
host_ip=$(host $servername| head -n 1 | awk '{print $NF}') host_ip=$(host $servername| head -n 1 | awk '{print $NF}')
if [ "$host_ip" = "$ip" ]; then if [ "$host_ip" = "$ip" ]; then
ip="$servername" ip="$servername"