From e89289887414398e112e1128254dd7e11a3aa812 Mon Sep 17 00:00:00 2001 From: Serghey Rodin Date: Wed, 21 Oct 2015 20:10:00 +0300 Subject: [PATCH] New vesta installer --- install/debian/{ => 7/apache2}/apache2.conf | 0 .../apache2/status.conf} | 0 install/debian/{ => 7/bind}/named.conf | 0 install/debian/{ => 7/clamav}/clamd.conf | 0 install/debian/7/deb_signing.key | 30 + install/debian/7/dovecot.tar.gz | Bin 0 -> 3487 bytes .../{ => 7}/dovecot/conf.d/10-auth.conf | 0 .../{ => 7}/dovecot/conf.d/10-logging.conf | 0 .../{ => 7}/dovecot/conf.d/10-mail.conf | 0 .../{ => 7}/dovecot/conf.d/10-master.conf | 0 .../debian/{ => 7}/dovecot/conf.d/10-ssl.conf | 0 .../{ => 7}/dovecot/conf.d/20-imap.conf | 0 .../{ => 7}/dovecot/conf.d/20-pop3.conf | 0 .../dovecot/conf.d/auth-passwdfile.conf.ext | 0 .../{ubuntu => debian/7/dovecot}/dovecot.conf | 0 install/debian/{ => 7/exim}/dnsbl.conf | 0 .../debian/{ => 7/exim}/exim4.conf.template | 2 +- install/debian/{ => 7/exim}/spam-blocks.conf | 0 install/debian/7/fail2ban.tar.gz | Bin 0 -> 721 bytes install/debian/7/fail2ban/action.d/vesta.conf | 9 + .../fail2ban/filter.d/vesta.conf} | 0 install/debian/7/fail2ban/jail.local | 39 + install/debian/7/firewall.tar.gz | Bin 0 -> 540 bytes install/debian/{ => 7}/firewall/ports.conf | 2 +- install/debian/{ => 7}/firewall/rules.conf | 2 +- .../{apache2.log => 7/logrotate/apache2} | 0 install/debian/7/logrotate/nginx | 13 + .../debian/{vesta.log => 7/logrotate/vesta} | 0 install/debian/7/mysql/my-large.cnf | 42 + .../my.cnf => debian/7/mysql/my-medium.cnf} | 25 +- install/debian/7/mysql/my-small.cnf | 40 + install/debian/{ => 7/nginx}/nginx.conf | 0 install/debian/7/nginx/phpmyadmin.inc | 15 + install/debian/7/nginx/phppgadmin.inc | 11 + .../nginx/status.conf} | 0 install/debian/7/nginx/webmail.inc | 15 + install/debian/7/packages.tar.gz | Bin 0 -> 562 bytes install/debian/{ => 7}/packages/default.pkg | 0 install/debian/{ => 7}/packages/gainsboro.pkg | 0 install/debian/{ => 7}/packages/palegreen.pkg | 0 install/debian/{ => 7}/packages/slategrey.pkg | 0 .../debian/{pga.conf => 7/pga/config.inc.php} | 0 .../pga/phppgadmin.conf} | 0 .../{apache2-pma.conf => 7/pma/apache.conf} | 0 .../debian/{pma.conf => 7/pma/config.inc.php} | 0 install/debian/{ => 7/postgresql}/pg_hba.conf | 0 .../{ubuntu => debian/7/proftpd}/proftpd.conf | 0 .../roundcube/apache.conf} | 0 .../roundcube/config.inc.php} | 0 .../roundcube/db.inc.php} | 0 .../roundcube/main.inc.php} | 0 .../roundcube/vesta.php} | 0 .../{sudoers.admin.conf => 7/sudo/admin} | 4 + install/debian/7/templates.tar.gz | Bin 0 -> 12831 bytes .../debian/{ => 7}/templates/dns/child-ns.tpl | 0 install/debian/7/templates/dns/default.tpl | 9 + .../debian/{ => 7}/templates/dns/gmail.tpl | 0 .../templates/web/apache2/basedir.stpl | 4 +- .../7}/templates/web/apache2/basedir.tpl | 4 +- .../templates/web/apache2/default.stpl | 0 .../{ => 7}/templates/web/apache2/default.tpl | 0 .../templates/web/apache2/hosting.stpl | 0 .../{ => 7}/templates/web/apache2/hosting.tpl | 0 .../{ => 7}/templates/web/apache2/phpcgi.sh | 0 .../{ => 7}/templates/web/apache2/phpcgi.stpl | 0 .../{ => 7}/templates/web/apache2/phpcgi.tpl | 0 .../{ => 7}/templates/web/apache2/phpfcgid.sh | 0 .../templates/web/apache2/phpfcgid.stpl | 0 .../templates/web/apache2/phpfcgid.tpl | 0 .../{ => 7}/templates/web/awstats/awstats.tpl | 0 .../{ => 7}/templates/web/awstats/index.tpl | 0 .../{ => 7}/templates/web/awstats/nav.tpl | 0 .../{ => 7}/templates/web/nginx/caching.stpl | 0 .../{ => 7}/templates/web/nginx/caching.tpl | 0 .../{ => 7}/templates/web/nginx/default.stpl | 0 .../{ => 7}/templates/web/nginx/default.tpl | 0 .../{ => 7}/templates/web/nginx/hosting.sh | 0 .../{ => 7}/templates/web/nginx/hosting.stpl | 0 .../{ => 7}/templates/web/nginx/hosting.tpl | 0 .../web/nginx/php5-fpm/cms_made_simple.stpl | 51 + .../web/nginx/php5-fpm/cms_made_simple.tpl | 47 + .../web/nginx/php5-fpm/codeigniter2.stpl | 56 + .../web/nginx/php5-fpm/codeigniter2.tpl | 52 + .../web/nginx/php5-fpm/codeigniter3.stpl | 51 + .../web/nginx/php5-fpm/codeigniter3.tpl | 47 + .../web/nginx/php5-fpm/datalife_engine.stpl | 122 ++ .../web/nginx/php5-fpm/datalife_engine.tpl | 118 ++ .../templates/web/nginx/php5-fpm/default.stpl | 50 + .../templates/web/nginx/php5-fpm/default.tpl | 46 + .../web/nginx/php5-fpm/dokuwiki.stpl | 67 + .../templates/web/nginx/php5-fpm/dokuwiki.tpl | 62 + .../templates/web/nginx/php5-fpm/drupal.stpl | 101 + .../7/templates/web/nginx/php5-fpm/drupal.tpl | 98 + .../templates/web/nginx/php5-fpm/joomla.stpl | 58 + .../7/templates/web/nginx/php5-fpm/joomla.tpl | 54 + .../web/nginx/php5-fpm/owncloud.stpl | 80 + .../templates/web/nginx/php5-fpm/owncloud.tpl | 76 + .../7/templates/web/nginx/php5-fpm/piwik.stpl | 68 + .../7/templates/web/nginx/php5-fpm/piwik.tpl | 64 + .../templates/web/nginx/php5-fpm/pyrocms.stpl | 61 + .../templates/web/nginx/php5-fpm/pyrocms.tpl | 57 + .../web/nginx/php5-fpm/wordpress.stpl | 50 + .../web/nginx/php5-fpm/wordpress.tpl | 46 + .../web/nginx/php5-fpm/wordpress2.stpl | 62 + .../web/nginx/php5-fpm/wordpress2.tpl | 58 + .../7/templates/web/nginx/php5-fpm/www.conf | 10 + .../{ => 7}/templates/web/nginx/proxy_ip.tpl | 0 .../7/templates/web/php5-fpm/default.tpl | 18 + .../7/templates/web/php5-fpm/no-php.tpl | 13 + .../7/templates/web/php5-fpm/socket.tpl | 21 + .../web/skel/document_errors/403.html | 29 + .../web/skel/document_errors/404.html | 28 + .../web/skel/document_errors/50x.html | 29 + .../templates/web/skel/public_html/index.html | 0 .../templates/web/skel/public_html/robots.txt | 0 .../web/skel/public_shtml/index.html | 0 .../web/skel/public_shtml/robots.txt | 0 .../{ => 7}/templates/web/suspend/.htaccess | 0 .../debian/7/templates/web/suspend/index.html | 27 + .../templates/web/webalizer/webalizer.tpl | 0 install/debian/{ => 7/vsftpd}/vsftpd.conf | 0 .../{ubuntu => debian/8/apache2}/apache2.conf | 1 - .../8/apache2/status.conf} | 0 install/{ubuntu => debian/8/bind}/named.conf | 0 .../{ubuntu => debian/8/clamav}/clamd.conf | 0 install/debian/8/deb_signing.key | 30 + install/debian/8/dovecot.tar.gz | Bin 0 -> 3487 bytes .../8}/dovecot/conf.d/10-auth.conf | 0 .../8}/dovecot/conf.d/10-logging.conf | 0 .../8}/dovecot/conf.d/10-mail.conf | 0 .../8}/dovecot/conf.d/10-master.conf | 0 .../8}/dovecot/conf.d/10-ssl.conf | 0 install/debian/8/dovecot/conf.d/20-imap.conf | 58 + .../8}/dovecot/conf.d/20-pop3.conf | 0 .../dovecot/conf.d/auth-passwdfile.conf.ext | 0 install/debian/8/dovecot/dovecot.conf | 4 + install/{rhel => debian/8/exim}/dnsbl.conf | 0 .../8/exim}/exim4.conf.template | 2 +- .../{rhel => debian/8/exim}/spam-blocks.conf | 0 install/debian/8/fail2ban.tar.gz | Bin 0 -> 721 bytes install/debian/8/fail2ban/action.d/vesta.conf | 9 + .../8/fail2ban/filter.d/vesta.conf} | 0 install/debian/8/fail2ban/jail.local | 39 + install/debian/8/firewall.tar.gz | Bin 0 -> 540 bytes .../{rhel => debian/8}/firewall/ports.conf | 2 +- .../{rhel => debian/8}/firewall/rules.conf | 2 +- .../8/logrotate/apache2} | 0 install/debian/8/logrotate/nginx | 13 + .../vesta.log => debian/8/logrotate/vesta} | 0 install/debian/8/mysql/my-large.cnf | 42 + .../debian/{my.cnf => 8/mysql/my-medium.cnf} | 25 +- install/debian/8/mysql/my-small.cnf | 40 + install/{rhel => debian/8/nginx}/nginx.conf | 4 +- install/debian/8/nginx/phpmyadmin.inc | 15 + install/debian/8/nginx/phppgadmin.inc | 11 + .../8/nginx/status.conf} | 0 install/debian/8/nginx/webmail.inc | 15 + install/debian/8/packages.tar.gz | Bin 0 -> 562 bytes .../{rhel => debian/8}/packages/default.pkg | 0 .../{rhel => debian/8}/packages/gainsboro.pkg | 0 .../{rhel => debian/8}/packages/palegreen.pkg | 0 .../{rhel => debian/8}/packages/slategrey.pkg | 0 .../pga.conf => debian/8/pga/config.inc.php} | 0 .../8/pga/phppgadmin.conf} | 0 install/debian/8/php5-fpm/www.conf | 10 + .../8/pma/apache.conf} | 2 +- .../pma.conf => debian/8/pma/config.inc.php} | 0 .../{rhel => debian/8/postgresql}/pg_hba.conf | 0 install/debian/8/proftpd/proftpd.conf | 32 + .../8/roundcube/apache.conf} | 0 .../8/roundcube/config.inc.php} | 0 .../8/roundcube/db.inc.php} | 0 .../8/roundcube/main.inc.php} | 3 + .../8/roundcube/vesta.php} | 0 .../8/sudo/admin} | 4 + install/debian/8/templates.tar.gz | Bin 0 -> 12935 bytes .../8}/templates/dns/child-ns.tpl | 0 .../debian/{ => 8}/templates/dns/default.tpl | 0 .../8}/templates/dns/gmail.tpl | 0 .../8/templates/web/apache2/basedir.stpl | 41 + .../8/templates/web/apache2/basedir.tpl | 35 + .../8/templates/web/apache2/default.stpl | 40 + .../8/templates/web/apache2/default.tpl | 34 + .../8}/templates/web/apache2/hosting.stpl | 2 +- .../8}/templates/web/apache2/hosting.tpl | 2 +- .../8/templates/web/apache2}/phpcgi.sh | 0 .../8}/templates/web/apache2/phpcgi.stpl | 2 +- .../8}/templates/web/apache2/phpcgi.tpl | 2 +- .../8/templates/web/apache2}/phpfcgid.sh | 0 .../8}/templates/web/apache2/phpfcgid.stpl | 2 +- .../8}/templates/web/apache2/phpfcgid.tpl | 2 +- .../8}/templates/web/awstats/awstats.tpl | 0 .../8}/templates/web/awstats/index.tpl | 0 .../8}/templates/web/awstats/nav.tpl | 0 .../debian/8/templates/web/nginx/caching.sh | 12 + .../8}/templates/web/nginx/caching.stpl | 0 .../8}/templates/web/nginx/caching.tpl | 0 .../8}/templates/web/nginx/default.stpl | 0 .../8}/templates/web/nginx/default.tpl | 0 .../8}/templates/web/nginx/hosting.sh | 0 .../8}/templates/web/nginx/hosting.stpl | 0 .../8}/templates/web/nginx/hosting.tpl | 0 .../web/nginx/php5-fpm/cms_made_simple.stpl | 51 + .../web/nginx/php5-fpm/cms_made_simple.tpl | 47 + .../web/nginx/php5-fpm/codeigniter2.stpl | 56 + .../web/nginx/php5-fpm/codeigniter2.tpl | 52 + .../web/nginx/php5-fpm/codeigniter3.stpl | 51 + .../web/nginx/php5-fpm/codeigniter3.tpl | 47 + .../web/nginx/php5-fpm/datalife_engine.stpl | 122 ++ .../web/nginx/php5-fpm/datalife_engine.tpl | 118 ++ .../templates/web/nginx/php5-fpm/default.stpl | 50 + .../templates/web/nginx/php5-fpm/default.tpl | 46 + .../web/nginx/php5-fpm/dokuwiki.stpl | 67 + .../templates/web/nginx/php5-fpm/dokuwiki.tpl | 62 + .../templates/web/nginx/php5-fpm/drupal.stpl | 101 + .../8/templates/web/nginx/php5-fpm/drupal.tpl | 98 + .../templates/web/nginx/php5-fpm/joomla.stpl | 58 + .../8/templates/web/nginx/php5-fpm/joomla.tpl | 54 + .../web/nginx/php5-fpm/owncloud.stpl | 80 + .../templates/web/nginx/php5-fpm/owncloud.tpl | 76 + .../8/templates/web/nginx/php5-fpm/piwik.stpl | 68 + .../8/templates/web/nginx/php5-fpm/piwik.tpl | 64 + .../templates/web/nginx/php5-fpm/pyrocms.stpl | 61 + .../templates/web/nginx/php5-fpm/pyrocms.tpl | 57 + .../web/nginx/php5-fpm/wordpress.stpl | 50 + .../web/nginx/php5-fpm/wordpress.tpl | 46 + .../web/nginx/php5-fpm/wordpress2.stpl | 62 + .../web/nginx/php5-fpm/wordpress2.tpl | 58 + .../8}/templates/web/nginx/proxy_ip.tpl | 0 .../8/templates/web/php5-fpm/default.tpl | 18 + .../8/templates/web/php5-fpm/no-php.tpl | 13 + .../8/templates/web/php5-fpm/socket.tpl | 21 + .../web/skel/document_errors/403.html | 29 + .../web/skel/document_errors/404.html | 28 + .../web/skel/document_errors/50x.html | 29 + .../templates/web/skel/public_html/index.html | 0 .../templates/web/skel/public_html/robots.txt | 0 .../web/skel/public_shtml/index.html | 0 .../web/skel/public_shtml/robots.txt | 0 .../8}/templates/web/suspend/.htaccess | 0 .../debian/8/templates/web/suspend/index.html | 27 + .../8}/templates/web/webalizer/webalizer.tpl | 0 .../{ubuntu => debian/8/vsftpd}/vsftpd.conf | 2 +- install/debian/apache2.readme.txt | 11 - install/debian/certificate.crt | 22 - install/debian/certificate.key | 27 - install/debian/dovecot.conf | 28 - install/debian/freshclam.conf | 27 - install/debian/nginx.readme.txt | 11 - install/debian/sudoers.conf | 32 - install/debian/vesta.conf | 24 - install/debian/whmcs-module.php | 359 ---- install/rhel/5/GPG.txt | 30 + install/rhel/{ => 5/clamav}/clamd.conf | 0 install/rhel/5/clamav/clamd.service | 12 + install/rhel/{ => 5/clamav}/freshclam.conf | 0 install/rhel/5/dovecot.tar.gz | Bin 0 -> 439 bytes install/rhel/{ => 5/dovecot}/dovecot.conf | 4 +- install/rhel/5/epel-release.rpm | Bin 0 -> 12232 bytes install/{ubuntu => rhel/5/exim}/dnsbl.conf | 0 install/rhel/{ => 5/exim}/exim-smarthost.conf | 0 install/rhel/{ => 5/exim}/exim.conf | 2 +- .../{ubuntu => rhel/5/exim}/spam-blocks.conf | 0 install/rhel/5/fail2ban.tar.gz | Bin 0 -> 727 bytes .../5/fail2ban}/fail2ban.action.conf | 0 .../5/fail2ban}/fail2ban.filter.conf | 0 .../5/fail2ban}/fail2ban.jail.conf | 0 install/rhel/5/firewall.tar.gz | Bin 0 -> 540 bytes .../{ubuntu => rhel/5}/firewall/ports.conf | 2 +- .../{ubuntu => rhel/5}/firewall/rules.conf | 2 +- install/rhel/{ => 5/httpd}/httpd.conf | 0 install/rhel/5/httpd/ruid2.conf | 8 + .../rhel/{httpd-ssl.conf => 5/httpd/ssl.conf} | 0 .../httpd/status.conf} | 0 install/rhel/{httpd.log => 5/logrotate/httpd} | 0 install/rhel/5/logrotate/nginx | 12 + .../vesta.log => rhel/5/logrotate/vesta} | 0 install/rhel/5/mariadb/my-large.cnf | 38 + install/rhel/5/mariadb/my-medium.cnf | 37 + install/rhel/5/mariadb/my-small.cnf | 35 + install/rhel/{ => 5}/monit/clamd.conf | 0 install/rhel/{ => 5}/monit/dovecot.conf | 0 install/rhel/{ => 5}/monit/exim.conf | 0 install/rhel/{ => 5}/monit/httpd.conf | 0 install/rhel/{ => 5}/monit/mysql.conf | 0 install/rhel/{ => 5}/monit/nginx.conf | 0 install/rhel/{ => 5}/monit/spamassassin.conf | 0 install/rhel/{ => 5}/monit/sshd.conf | 0 install/rhel/{ => 5}/monit/vesta-nginx.conf | 0 install/rhel/{ => 5}/monit/vesta-php.conf | 0 install/rhel/5/mysqld/my-large.cnf | 38 + install/rhel/5/mysqld/my-medium.cnf | 37 + install/rhel/5/mysqld/my-small.cnf | 35 + install/rhel/{ => 5/named}/named.conf | 0 install/rhel/5/nginx/nginx.conf | 101 + install/rhel/5/nginx/phpmyadmin.inc | 15 + install/rhel/5/nginx/phppgadmin.inc | 11 + .../5/nginx/status.conf} | 0 install/rhel/5/nginx/webmail.inc | 15 + install/rhel/5/packages.tar.gz | Bin 0 -> 552 bytes install/rhel/5/packages/default.pkg | 19 + install/rhel/5/packages/gainsboro.pkg | 19 + install/rhel/5/packages/palegreen.pkg | 19 + install/rhel/5/packages/slategrey.pkg | 19 + .../pga.conf => rhel/5/pga/config.inc.php} | 0 .../{httpd-pga.conf => 5/pga/phpPgAdmin.conf} | 0 install/rhel/5/php-fpm/www.conf | 10 + .../rhel/{pma.conf => 5/pma/config.inc.conf} | 0 .../{httpd-pma.conf => 5/pma/phpMyAdmin.conf} | 6 - install/rhel/5/postgresql/pg_hba.conf | 11 + install/rhel/{ => 5/proftpd}/proftpd.conf | 0 install/rhel/5/remi-release.rpm | Bin 0 -> 5450 bytes .../5/roundcube/config.inc.php} | 0 .../5/roundcube/db.inc.php} | 0 install/rhel/5/roundcube/main.inc.php | 40 + .../roundcube/roundcubemail.conf} | 12 +- .../roundcube/vesta.php} | 0 .../sudoers.admin.conf => rhel/5/sudo/admin} | 4 + install/rhel/5/templates.tar.gz | Bin 0 -> 12995 bytes .../5}/templates/dns/child-ns.tpl | 0 install/rhel/5/templates/dns/default.tpl | 9 + .../5}/templates/dns/gmail.tpl | 2 +- .../5}/templates/web/awstats/awstats.tpl | 0 .../5}/templates/web/awstats/index.tpl | 0 .../5}/templates/web/awstats/nav.tpl | 0 .../{ => 5}/templates/web/httpd/basedir.stpl | 4 +- .../{ => 5}/templates/web/httpd/basedir.tpl | 4 +- .../{ => 5}/templates/web/httpd/default.stpl | 0 .../{ => 5}/templates/web/httpd/default.tpl | 0 .../{ => 5}/templates/web/httpd/hosting.stpl | 0 .../{ => 5}/templates/web/httpd/hosting.tpl | 0 .../5/templates/web/httpd}/phpcgi.sh | 0 .../{ => 5}/templates/web/httpd/phpcgi.stpl | 0 .../{ => 5}/templates/web/httpd/phpcgi.tpl | 0 .../5/templates/web/httpd}/phpfcgid.sh | 0 .../{ => 5}/templates/web/httpd/phpfcgid.stpl | 0 .../{ => 5}/templates/web/httpd/phpfcgid.tpl | 0 install/rhel/5/templates/web/nginx/caching.sh | 12 + .../rhel/5/templates/web/nginx/caching.stpl | 44 + .../rhel/5/templates/web/nginx/caching.tpl | 41 + .../{ => 5}/templates/web/nginx/default.stpl | 0 .../{ => 5}/templates/web/nginx/default.tpl | 0 .../5}/templates/web/nginx/hosting.sh | 0 .../{ => 5}/templates/web/nginx/hosting.stpl | 0 .../{ => 5}/templates/web/nginx/hosting.tpl | 0 .../web/nginx/php-fpm/cms_made_simple.stpl | 51 + .../web/nginx/php-fpm/cms_made_simple.tpl | 47 + .../web/nginx/php-fpm/codeigniter2.stpl | 56 + .../web/nginx/php-fpm/codeigniter2.tpl | 52 + .../web/nginx/php-fpm/codeigniter3.stpl | 51 + .../web/nginx/php-fpm/codeigniter3.tpl | 47 + .../web/nginx/php-fpm/datalife_engine.stpl | 122 ++ .../web/nginx/php-fpm/datalife_engine.tpl | 118 ++ .../templates/web/nginx/php-fpm/default.stpl | 50 + .../5/templates/web/nginx/php-fpm/default.tpl | 46 + .../templates/web/nginx/php-fpm/dokuwiki.stpl | 67 + .../templates/web/nginx/php-fpm/dokuwiki.tpl | 62 + .../5/templates/web/nginx/php-fpm/drupal.stpl | 101 + .../5/templates/web/nginx/php-fpm/drupal.tpl | 98 + .../5/templates/web/nginx/php-fpm/joomla.stpl | 58 + .../5/templates/web/nginx/php-fpm/joomla.tpl | 54 + .../templates/web/nginx/php-fpm/owncloud.stpl | 80 + .../templates/web/nginx/php-fpm/owncloud.tpl | 76 + .../5/templates/web/nginx/php-fpm/piwik.stpl | 68 + .../5/templates/web/nginx/php-fpm/piwik.tpl | 64 + .../templates/web/nginx/php-fpm/pyrocms.stpl | 61 + .../5/templates/web/nginx/php-fpm/pyrocms.tpl | 57 + .../web/nginx/php-fpm/wordpress.stpl | 50 + .../templates/web/nginx/php-fpm/wordpress.tpl | 46 + .../web/nginx/php-fpm/wordpress2.stpl | 62 + .../web/nginx/php-fpm/wordpress2.tpl | 58 + .../5}/templates/web/nginx/proxy_ip.tpl | 0 .../rhel/5/templates/web/php-fpm/default.tpl | 18 + .../rhel/5/templates/web/php-fpm/no-php.tpl | 13 + .../rhel/5/templates/web/php-fpm/socket.tpl | 21 + .../web/skel/document_errors/403.html | 0 .../web/skel/document_errors/404.html | 0 .../web/skel/document_errors/50x.html | 0 .../templates/web/skel/public_html/index.html | 0 .../templates/web/skel/public_html/robots.txt | 0 .../web/skel/public_shtml/index.html | 0 .../web/skel/public_shtml/robots.txt | 0 .../5}/templates/web/suspend/.htaccess | 0 .../5}/templates/web/suspend/index.html | 0 .../5}/templates/web/webalizer/webalizer.tpl | 0 install/rhel/{ => 5/vsftpd}/vsftpd.conf | 0 install/rhel/5/wsgi/httpd.tar.gz | Bin 0 -> 1311 bytes install/rhel/5/wsgi/httpd/wsgi.sh | 33 + install/rhel/5/wsgi/httpd/wsgi.stpl | 49 + install/rhel/5/wsgi/httpd/wsgi.tpl | 44 + install/rhel/6/GPG.txt | 30 + install/rhel/6/clamav/clamd.conf | 502 +++++ install/rhel/6/clamav/clamd.service | 12 + install/rhel/6/clamav/freshclam.conf | 6 + install/rhel/6/dovecot.tar.gz | Bin 0 -> 2640 bytes .../6}/dovecot/conf.d/10-auth.conf | 0 .../6}/dovecot/conf.d/10-logging.conf | 0 .../6}/dovecot/conf.d/10-mail.conf | 0 .../6}/dovecot/conf.d/10-master.conf | 0 install/rhel/6/dovecot/conf.d/10-ssl.conf | 3 + .../rhel/{ => 6}/dovecot/conf.d/20-imap.conf | 0 .../rhel/{ => 6}/dovecot/conf.d/20-pop3.conf | 0 .../dovecot/conf.d/auth-passwdfile.conf.ext | 0 install/rhel/{ => 6}/dovecot/dovecot.conf | 0 install/rhel/6/epel-release.rpm | Bin 0 -> 14540 bytes install/rhel/6/exim/dnsbl.conf | 2 + install/rhel/6/exim/exim-smarthost.conf | 384 ++++ install/rhel/6/exim/exim.conf | 376 ++++ install/rhel/6/exim/spam-blocks.conf | 0 install/rhel/6/fail2ban.tar.gz | Bin 0 -> 727 bytes .../{ => 6/fail2ban}/fail2ban.action.conf | 0 install/rhel/6/fail2ban/fail2ban.filter.conf | 10 + .../rhel/{ => 6/fail2ban}/fail2ban.jail.conf | 0 install/rhel/6/firewall.tar.gz | Bin 0 -> 540 bytes install/rhel/6/firewall/ports.conf | 16 + install/rhel/6/firewall/rules.conf | 10 + install/rhel/6/httpd/httpd.conf | 256 +++ install/rhel/6/httpd/ruid2.conf | 8 + install/rhel/6/httpd/ssl.conf | 12 + install/rhel/6/httpd/status.conf | 7 + install/rhel/6/logrotate/httpd | 10 + install/rhel/6/logrotate/nginx | 12 + install/rhel/6/logrotate/vesta | 7 + install/rhel/6/mariadb/my-large.cnf | 38 + install/rhel/6/mariadb/my-medium.cnf | 37 + install/rhel/6/mariadb/my-small.cnf | 35 + install/rhel/6/mysqld/my-large.cnf | 38 + install/rhel/6/mysqld/my-medium.cnf | 37 + install/rhel/6/mysqld/my-small.cnf | 35 + install/rhel/6/named/named.conf | 13 + install/rhel/6/nginx/nginx.conf | 101 + install/rhel/6/nginx/phpmyadmin.inc | 15 + install/rhel/6/nginx/phppgadmin.inc | 11 + install/rhel/6/nginx/status.conf | 9 + install/rhel/6/nginx/webmail.inc | 15 + install/rhel/6/packages.tar.gz | Bin 0 -> 552 bytes install/rhel/6/packages/default.pkg | 19 + install/rhel/6/packages/gainsboro.pkg | 19 + install/rhel/6/packages/palegreen.pkg | 19 + install/rhel/6/packages/slategrey.pkg | 19 + install/rhel/6/pga/config.inc.php | 159 ++ install/rhel/6/pga/phpPgAdmin.conf | 14 + install/rhel/6/php-fpm/www.conf | 10 + install/rhel/6/pma/config.inc.conf | 143 ++ install/rhel/6/pma/phpMyAdmin.conf | 39 + .../{ubuntu => rhel/6/postgresql}/pg_hba.conf | 0 .../{debian => rhel/6/proftpd}/proftpd.conf | 7 +- install/rhel/6/remi-release.rpm | Bin 0 -> 5688 bytes install/rhel/6/roundcube/config.inc.php | 33 + install/rhel/6/roundcube/db.inc.php | 66 + install/rhel/6/roundcube/main.inc.php | 40 + install/rhel/6/roundcube/roundcubemail.conf | 12 + install/rhel/6/roundcube/vesta.php | 59 + install/rhel/6/sudo/admin | 7 + install/rhel/6/templates.tar.gz | Bin 0 -> 12998 bytes install/rhel/6/templates/dns/child-ns.tpl | 11 + install/rhel/6/templates/dns/default.tpl | 9 + install/rhel/6/templates/dns/gmail.tpl | 14 + .../rhel/6/templates/web/awstats/awstats.tpl | 133 ++ .../rhel/6/templates/web/awstats/index.tpl | 10 + install/rhel/6/templates/web/awstats/nav.tpl | 23 + .../6/templates/web/httpd}/basedir.stpl | 6 +- .../6/templates/web/httpd}/basedir.tpl | 6 +- .../6/templates/web/httpd}/default.stpl | 2 +- .../6/templates/web/httpd}/default.tpl | 2 +- .../rhel/6/templates/web/httpd/hosting.stpl | 49 + .../rhel/6/templates/web/httpd/hosting.tpl | 43 + install/rhel/6/templates/web/httpd/phpcgi.sh | 16 + .../rhel/6/templates/web/httpd/phpcgi.stpl | 35 + install/rhel/6/templates/web/httpd/phpcgi.tpl | 28 + .../rhel/6/templates/web/httpd/phpfcgid.sh | 22 + .../rhel/6/templates/web/httpd/phpfcgid.stpl | 36 + .../rhel/6/templates/web/httpd/phpfcgid.tpl | 28 + install/rhel/6/templates/web/nginx/caching.sh | 12 + .../rhel/6/templates/web/nginx/caching.stpl | 44 + .../rhel/6/templates/web/nginx/caching.tpl | 41 + .../rhel/6/templates/web/nginx/default.stpl | 36 + .../rhel/6/templates/web/nginx/default.tpl | 33 + install/rhel/6/templates/web/nginx/hosting.sh | 11 + .../rhel/6/templates/web/nginx/hosting.stpl | 38 + .../rhel/6/templates/web/nginx/hosting.tpl | 35 + .../web/nginx/php-fpm/cms_made_simple.stpl | 51 + .../web/nginx/php-fpm/cms_made_simple.tpl | 47 + .../web/nginx/php-fpm/codeigniter2.stpl | 56 + .../web/nginx/php-fpm/codeigniter2.tpl | 52 + .../web/nginx/php-fpm/codeigniter3.stpl | 51 + .../web/nginx/php-fpm/codeigniter3.tpl | 47 + .../web/nginx/php-fpm/datalife_engine.stpl | 122 ++ .../web/nginx/php-fpm/datalife_engine.tpl | 118 ++ .../templates/web/nginx/php-fpm/default.stpl | 50 + .../6/templates/web/nginx/php-fpm/default.tpl | 46 + .../templates/web/nginx/php-fpm/dokuwiki.stpl | 67 + .../templates/web/nginx/php-fpm/dokuwiki.tpl | 62 + .../6/templates/web/nginx/php-fpm/drupal.stpl | 101 + .../6/templates/web/nginx/php-fpm/drupal.tpl | 98 + .../6/templates/web/nginx/php-fpm/joomla.stpl | 58 + .../6/templates/web/nginx/php-fpm/joomla.tpl | 54 + .../templates/web/nginx/php-fpm/owncloud.stpl | 80 + .../templates/web/nginx/php-fpm/owncloud.tpl | 76 + .../6/templates/web/nginx/php-fpm/piwik.stpl | 68 + .../6/templates/web/nginx/php-fpm/piwik.tpl | 64 + .../templates/web/nginx/php-fpm/pyrocms.stpl | 61 + .../6/templates/web/nginx/php-fpm/pyrocms.tpl | 57 + .../web/nginx/php-fpm/wordpress.stpl | 50 + .../templates/web/nginx/php-fpm/wordpress.tpl | 46 + .../web/nginx/php-fpm/wordpress2.stpl | 62 + .../web/nginx/php-fpm/wordpress2.tpl | 58 + .../rhel/6/templates/web/nginx/proxy_ip.tpl | 9 + .../rhel/6/templates/web/php-fpm/default.tpl | 18 + .../rhel/6/templates/web/php-fpm/no-php.tpl | 13 + .../rhel/6/templates/web/php-fpm/socket.tpl | 21 + .../web/skel/document_errors/403.html | 0 .../web/skel/document_errors/404.html | 0 .../web/skel/document_errors/50x.html | 0 .../templates/web/skel/public_html/index.html | 26 + .../templates/web/skel/public_html/robots.txt | 3 + .../web/skel/public_shtml/index.html | 26 + .../web/skel/public_shtml/robots.txt | 3 + .../rhel/6/templates/web/suspend/.htaccess | 2 + .../{ => 6}/templates/web/suspend/index.html | 0 .../6/templates/web/webalizer/webalizer.tpl | 110 ++ install/rhel/6/vsftpd/vsftpd.conf | 21 + install/rhel/6/wsgi/httpd.tar.gz | Bin 0 -> 1311 bytes install/rhel/6/wsgi/httpd/wsgi.sh | 33 + install/rhel/6/wsgi/httpd/wsgi.stpl | 49 + install/rhel/6/wsgi/httpd/wsgi.tpl | 44 + install/rhel/7/GPG.txt | 30 + install/rhel/7/clamav/clamd.conf | 502 +++++ install/rhel/7/clamav/clamd.service | 12 + install/rhel/7/clamav/freshclam.conf | 6 + install/rhel/7/dovecot.tar.gz | Bin 0 -> 2640 bytes install/rhel/7/dovecot/conf.d/10-auth.conf | 4 + install/rhel/7/dovecot/conf.d/10-logging.conf | 1 + install/rhel/7/dovecot/conf.d/10-mail.conf | 4 + install/rhel/7/dovecot/conf.d/10-master.conf | 29 + install/rhel/7/dovecot/conf.d/10-ssl.conf | 3 + .../7}/dovecot/conf.d/20-imap.conf | 0 install/rhel/7/dovecot/conf.d/20-pop3.conf | 86 + .../7/dovecot/conf.d/auth-passwdfile.conf.ext | 9 + install/rhel/7/dovecot/dovecot.conf | 4 + install/rhel/7/epel-release.rpm | Bin 0 -> 14524 bytes install/rhel/7/exim/dnsbl.conf | 2 + install/rhel/7/exim/exim-smarthost.conf | 384 ++++ install/rhel/7/exim/exim.conf | 376 ++++ install/rhel/7/exim/spam-blocks.conf | 0 install/rhel/7/fail2ban.tar.gz | Bin 0 -> 727 bytes .../7/fail2ban}/fail2ban.action.conf | 0 install/rhel/7/fail2ban/fail2ban.filter.conf | 10 + .../7/fail2ban}/fail2ban.jail.conf | 0 install/rhel/7/firewall.tar.gz | Bin 0 -> 540 bytes install/rhel/7/firewall/ports.conf | 16 + install/rhel/7/firewall/rules.conf | 10 + install/rhel/7/httpd/httpd.conf | 58 + install/rhel/7/httpd/ruid2.conf | 8 + install/rhel/7/httpd/ssl.conf | 6 + install/rhel/7/httpd/status.conf | 7 + install/rhel/7/logrotate/httpd | 10 + install/rhel/7/logrotate/nginx | 12 + install/rhel/7/logrotate/vesta | 7 + install/rhel/7/mariadb/my-large.cnf | 38 + install/rhel/7/mariadb/my-medium.cnf | 37 + install/rhel/7/mariadb/my-small.cnf | 35 + install/rhel/7/monit/clamd.conf | 3 + install/rhel/7/monit/dovecot.conf | 3 + install/rhel/7/monit/exim.conf | 3 + install/rhel/7/monit/httpd.conf | 3 + install/rhel/7/monit/mysql.conf | 3 + install/rhel/7/monit/nginx.conf | 3 + install/rhel/7/monit/spamassassin.conf | 3 + install/rhel/7/monit/sshd.conf | 3 + install/rhel/7/monit/vesta-nginx.conf | 3 + install/rhel/7/monit/vesta-php.conf | 3 + install/rhel/7/mysqld/my-large.cnf | 38 + install/rhel/7/mysqld/my-medium.cnf | 37 + install/rhel/7/mysqld/my-small.cnf | 35 + install/rhel/7/named/named.conf | 13 + install/rhel/7/nginx/nginx.conf | 101 + install/rhel/7/nginx/phpmyadmin.inc | 15 + install/rhel/7/nginx/phppgadmin.inc | 11 + install/rhel/7/nginx/status.conf | 9 + install/rhel/7/nginx/webmail.inc | 15 + install/rhel/7/packages.tar.gz | Bin 0 -> 552 bytes install/rhel/7/packages/default.pkg | 19 + install/rhel/7/packages/gainsboro.pkg | 19 + install/rhel/7/packages/palegreen.pkg | 19 + install/rhel/7/packages/slategrey.pkg | 19 + install/rhel/7/pga/config.inc.php | 159 ++ install/rhel/7/pga/phpPgAdmin.conf | 14 + install/rhel/7/php-fpm/www.conf | 10 + install/rhel/7/pma/config.inc.conf | 143 ++ install/rhel/7/pma/phpMyAdmin.conf | 39 + install/rhel/7/postgresql/pg_hba.conf | 11 + install/rhel/7/proftpd/proftpd.conf | 32 + install/rhel/7/remi-release.rpm | Bin 0 -> 5764 bytes install/rhel/7/roundcube/config.inc.php | 33 + install/rhel/7/roundcube/db.inc.php | 66 + install/rhel/7/roundcube/main.inc.php | 40 + install/rhel/7/roundcube/roundcubemail.conf | 12 + install/rhel/7/roundcube/vesta.php | 59 + install/rhel/7/sudo/admin | 7 + install/rhel/7/templates.tar.gz | Bin 0 -> 12995 bytes install/rhel/7/templates/dns/child-ns.tpl | 11 + .../rhel/{ => 7}/templates/dns/default.tpl | 0 install/rhel/7/templates/dns/gmail.tpl | 14 + .../rhel/7/templates/web/awstats/awstats.tpl | 133 ++ .../rhel/7/templates/web/awstats/index.tpl | 10 + install/rhel/7/templates/web/awstats/nav.tpl | 23 + .../rhel/7/templates/web/httpd/basedir.stpl | 41 + .../rhel/7/templates/web/httpd/basedir.tpl | 35 + .../rhel/7/templates/web/httpd/default.stpl | 40 + .../rhel/7/templates/web/httpd/default.tpl | 34 + .../rhel/7/templates/web/httpd/hosting.stpl | 49 + .../rhel/7/templates/web/httpd/hosting.tpl | 43 + install/rhel/7/templates/web/httpd/phpcgi.sh | 16 + .../rhel/7/templates/web/httpd/phpcgi.stpl | 35 + install/rhel/7/templates/web/httpd/phpcgi.tpl | 28 + .../rhel/7/templates/web/httpd/phpfcgid.sh | 22 + .../rhel/7/templates/web/httpd/phpfcgid.stpl | 36 + .../rhel/7/templates/web/httpd/phpfcgid.tpl | 28 + install/rhel/7/templates/web/nginx/caching.sh | 12 + .../rhel/7/templates/web/nginx/caching.stpl | 44 + .../rhel/7/templates/web/nginx/caching.tpl | 41 + .../rhel/7/templates/web/nginx/default.stpl | 36 + .../rhel/7/templates/web/nginx/default.tpl | 33 + install/rhel/7/templates/web/nginx/hosting.sh | 11 + .../rhel/7/templates/web/nginx/hosting.stpl | 38 + .../rhel/7/templates/web/nginx/hosting.tpl | 35 + .../web/nginx/php-fpm/cms_made_simple.stpl | 51 + .../web/nginx/php-fpm/cms_made_simple.tpl | 47 + .../web/nginx/php-fpm/codeigniter2.stpl | 56 + .../web/nginx/php-fpm/codeigniter2.tpl | 52 + .../web/nginx/php-fpm/codeigniter3.stpl | 51 + .../web/nginx/php-fpm/codeigniter3.tpl | 47 + .../web/nginx/php-fpm/datalife_engine.stpl | 122 ++ .../web/nginx/php-fpm/datalife_engine.tpl | 118 ++ .../templates/web/nginx/php-fpm/default.stpl | 50 + .../7/templates/web/nginx/php-fpm/default.tpl | 46 + .../templates/web/nginx/php-fpm/dokuwiki.stpl | 67 + .../templates/web/nginx/php-fpm/dokuwiki.tpl | 62 + .../7/templates/web/nginx/php-fpm/drupal.stpl | 101 + .../7/templates/web/nginx/php-fpm/drupal.tpl | 98 + .../7/templates/web/nginx/php-fpm/joomla.stpl | 58 + .../7/templates/web/nginx/php-fpm/joomla.tpl | 54 + .../templates/web/nginx/php-fpm/owncloud.stpl | 80 + .../templates/web/nginx/php-fpm/owncloud.tpl | 76 + .../7/templates/web/nginx/php-fpm/piwik.stpl | 68 + .../7/templates/web/nginx/php-fpm/piwik.tpl | 64 + .../templates/web/nginx/php-fpm/pyrocms.stpl | 61 + .../7/templates/web/nginx/php-fpm/pyrocms.tpl | 57 + .../web/nginx/php-fpm/wordpress.stpl | 50 + .../templates/web/nginx/php-fpm/wordpress.tpl | 46 + .../web/nginx/php-fpm/wordpress2.stpl | 62 + .../web/nginx/php-fpm/wordpress2.tpl | 58 + .../rhel/7/templates/web/nginx/proxy_ip.tpl | 9 + .../rhel/7/templates/web/php-fpm/default.tpl | 18 + .../rhel/7/templates/web/php-fpm/no-php.tpl | 13 + .../rhel/7/templates/web/php-fpm/socket.tpl | 21 + .../web/skel/document_errors/403.html | 0 .../web/skel/document_errors/404.html | 0 .../web/skel/document_errors/50x.html | 0 .../templates/web/skel/public_html/index.html | 26 + .../templates/web/skel/public_html/robots.txt | 3 + .../web/skel/public_shtml/index.html | 26 + .../web/skel/public_shtml/robots.txt | 3 + .../rhel/7/templates/web/suspend/.htaccess | 2 + .../7}/templates/web/suspend/index.html | 0 .../7/templates/web/webalizer/webalizer.tpl | 110 ++ install/rhel/7/vsftpd/vsftpd.conf | 22 + install/rhel/7/wsgi/httpd.tar.gz | Bin 0 -> 1311 bytes install/rhel/7/wsgi/httpd/wsgi.sh | 33 + install/rhel/7/wsgi/httpd/wsgi.stpl | 49 + install/rhel/7/wsgi/httpd/wsgi.tpl | 44 + install/rhel/apc.ini | 70 - install/rhel/dovecot/conf.d/10-ssl.conf | 3 - install/rhel/mysql-512.cnf | 35 - install/rhel/mysql.cnf | 19 - install/rhel/sudoers.conf | 99 - install/rhel/vesta.conf | 24 - install/rhel/whmcs-module.php | 359 ---- install/ubuntu/12.04/apache2/apache2.conf | 86 + install/ubuntu/12.04/apache2/status.conf | 8 + install/ubuntu/12.04/bind/named.conf | 12 + install/ubuntu/12.04/clamav/clamd.conf | 61 + install/ubuntu/12.04/deb_signing.key | 30 + install/ubuntu/12.04/dovecot.tar.gz | Bin 0 -> 3487 bytes .../ubuntu/12.04/dovecot/conf.d/10-auth.conf | 4 + .../12.04/dovecot/conf.d/10-logging.conf | 1 + .../ubuntu/12.04/dovecot/conf.d/10-mail.conf | 4 + .../12.04/dovecot/conf.d/10-master.conf | 29 + .../ubuntu/12.04/dovecot/conf.d/10-ssl.conf | 3 + .../ubuntu/12.04/dovecot/conf.d/20-imap.conf | 58 + .../ubuntu/12.04/dovecot/conf.d/20-pop3.conf | 91 + .../dovecot/conf.d/auth-passwdfile.conf.ext | 9 + install/ubuntu/12.04/dovecot/dovecot.conf | 4 + install/ubuntu/12.04/exim/dnsbl.conf | 2 + install/ubuntu/12.04/exim/exim4.conf.template | 377 ++++ install/ubuntu/12.04/exim/spam-blocks.conf | 0 install/ubuntu/12.04/fail2ban.tar.gz | Bin 0 -> 721 bytes .../ubuntu/12.04/fail2ban/action.d/vesta.conf | 9 + .../ubuntu/12.04/fail2ban/filter.d/vesta.conf | 10 + install/ubuntu/12.04/fail2ban/jail.local | 39 + install/ubuntu/12.04/firewall.tar.gz | Bin 0 -> 540 bytes install/ubuntu/12.04/firewall/ports.conf | 16 + install/ubuntu/12.04/firewall/rules.conf | 10 + install/ubuntu/12.04/logrotate/apache2 | 19 + install/ubuntu/12.04/logrotate/nginx | 13 + install/ubuntu/12.04/logrotate/vesta | 7 + install/ubuntu/12.04/mysql/my-large.cnf | 42 + install/ubuntu/12.04/mysql/my-medium.cnf | 40 + install/ubuntu/12.04/mysql/my-small.cnf | 40 + install/ubuntu/{ => 12.04/nginx}/nginx.conf | 2 +- install/ubuntu/12.04/nginx/phpmyadmin.inc | 15 + install/ubuntu/12.04/nginx/phppgadmin.inc | 11 + install/ubuntu/12.04/nginx/status.conf | 9 + install/ubuntu/12.04/nginx/webmail.inc | 15 + install/ubuntu/12.04/packages.tar.gz | Bin 0 -> 562 bytes .../ubuntu/{ => 12.04}/packages/default.pkg | 0 .../ubuntu/{ => 12.04}/packages/gainsboro.pkg | 0 .../ubuntu/{ => 12.04}/packages/palegreen.pkg | 0 .../ubuntu/{ => 12.04}/packages/slategrey.pkg | 0 install/ubuntu/12.04/pga/config.inc.php | 159 ++ install/ubuntu/12.04/pga/phppgadmin.conf | 31 + install/ubuntu/12.04/php5-fpm/www.conf | 10 + install/ubuntu/12.04/pma/apache.conf | 42 + install/ubuntu/12.04/pma/config.inc.php | 146 ++ install/ubuntu/12.04/postgresql/pg_hba.conf | 11 + install/ubuntu/12.04/proftpd/proftpd.conf | 32 + install/ubuntu/12.04/roundcube/apache.conf | 40 + install/ubuntu/12.04/roundcube/config.inc.php | 33 + install/ubuntu/12.04/roundcube/db.inc.php | 66 + .../roundcube/main.inc.php} | 3 + install/ubuntu/12.04/roundcube/vesta.php | 62 + install/ubuntu/12.04/sudo/admin | 7 + install/ubuntu/12.04/templates.tar.gz | Bin 0 -> 12935 bytes .../ubuntu/12.04/templates/dns/child-ns.tpl | 11 + .../ubuntu/12.04/templates/dns/default.tpl | 9 + install/ubuntu/12.04/templates/dns/gmail.tpl | 14 + .../12.04/templates/web/apache2/basedir.stpl | 41 + .../12.04/templates/web/apache2/basedir.tpl | 35 + .../12.04/templates/web/apache2/default.stpl | 40 + .../12.04/templates/web/apache2/default.tpl | 34 + .../12.04/templates/web/apache2/hosting.stpl | 49 + .../12.04/templates/web/apache2/hosting.tpl | 43 + .../12.04/templates/web/apache2/phpcgi.sh | 16 + .../12.04/templates/web/apache2/phpcgi.stpl | 35 + .../12.04/templates/web/apache2/phpcgi.tpl | 28 + .../12.04/templates/web/apache2/phpfcgid.sh | 22 + .../12.04/templates/web/apache2/phpfcgid.stpl | 36 + .../12.04/templates/web/apache2/phpfcgid.tpl | 28 + .../12.04/templates/web/awstats/awstats.tpl | 133 ++ .../12.04/templates/web/awstats/index.tpl | 10 + .../12.04/templates/web/awstats/nav.tpl | 23 + .../12.04/templates/web/nginx/caching.sh | 12 + .../templates/web/nginx/caching.stpl | 0 .../templates/web/nginx/caching.tpl | 2 +- .../12.04/templates/web/nginx/default.stpl | 36 + .../12.04/templates/web/nginx/default.tpl | 33 + .../12.04/templates/web/nginx/hosting.sh | 11 + .../12.04/templates/web/nginx/hosting.stpl | 38 + .../12.04/templates/web/nginx/hosting.tpl | 35 + .../web/nginx/php5-fpm/cms_made_simple.stpl | 51 + .../web/nginx/php5-fpm/cms_made_simple.tpl | 47 + .../web/nginx/php5-fpm/codeigniter2.stpl | 56 + .../web/nginx/php5-fpm/codeigniter2.tpl | 52 + .../web/nginx/php5-fpm/codeigniter3.stpl | 51 + .../web/nginx/php5-fpm/codeigniter3.tpl | 47 + .../web/nginx/php5-fpm/datalife_engine.stpl | 122 ++ .../web/nginx/php5-fpm/datalife_engine.tpl | 118 ++ .../templates/web/nginx/php5-fpm/default.stpl | 50 + .../templates/web/nginx/php5-fpm/default.tpl | 46 + .../web/nginx/php5-fpm/dokuwiki.stpl | 67 + .../templates/web/nginx/php5-fpm/dokuwiki.tpl | 62 + .../templates/web/nginx/php5-fpm/drupal.stpl | 101 + .../templates/web/nginx/php5-fpm/drupal.tpl | 98 + .../templates/web/nginx/php5-fpm/joomla.stpl | 58 + .../templates/web/nginx/php5-fpm/joomla.tpl | 54 + .../web/nginx/php5-fpm/owncloud.stpl | 80 + .../templates/web/nginx/php5-fpm/owncloud.tpl | 76 + .../templates/web/nginx/php5-fpm/piwik.stpl | 68 + .../templates/web/nginx/php5-fpm/piwik.tpl | 64 + .../templates/web/nginx/php5-fpm/pyrocms.stpl | 61 + .../templates/web/nginx/php5-fpm/pyrocms.tpl | 57 + .../web/nginx/php5-fpm/wordpress.stpl | 50 + .../web/nginx/php5-fpm/wordpress.tpl | 46 + .../web/nginx/php5-fpm/wordpress2.stpl | 62 + .../web/nginx/php5-fpm/wordpress2.tpl | 58 + .../12.04/templates/web/nginx/proxy_ip.tpl | 9 + .../12.04/templates/web/php5-fpm/default.tpl | 18 + .../12.04/templates/web/php5-fpm/no-php.tpl | 13 + .../12.04/templates/web/php5-fpm/socket.tpl | 21 + .../web/skel/document_errors/403.html | 29 + .../web/skel/document_errors/404.html | 28 + .../web/skel/document_errors/50x.html | 29 + .../templates/web/skel/public_html/index.html | 26 + .../templates/web/skel/public_html/robots.txt | 3 + .../web/skel/public_shtml/index.html | 26 + .../web/skel/public_shtml/robots.txt | 3 + .../12.04/templates/web/suspend/.htaccess | 2 + .../12.04/templates/web/suspend/index.html | 27 + .../templates/web/webalizer/webalizer.tpl | 110 ++ install/ubuntu/12.04/vsftpd/vsftpd.conf | 24 + install/ubuntu/12.10/apache2/apache2.conf | 86 + install/ubuntu/12.10/apache2/status.conf | 8 + install/ubuntu/12.10/bind/named.conf | 12 + install/ubuntu/12.10/clamav/clamd.conf | 61 + install/ubuntu/12.10/deb_signing.key | 30 + install/ubuntu/12.10/dovecot.tar.gz | Bin 0 -> 3487 bytes .../ubuntu/12.10/dovecot/conf.d/10-auth.conf | 4 + .../12.10/dovecot/conf.d/10-logging.conf | 1 + .../ubuntu/12.10/dovecot/conf.d/10-mail.conf | 4 + .../12.10/dovecot/conf.d/10-master.conf | 29 + .../ubuntu/12.10/dovecot/conf.d/10-ssl.conf | 3 + .../ubuntu/12.10/dovecot/conf.d/20-imap.conf | 58 + .../ubuntu/12.10/dovecot/conf.d/20-pop3.conf | 91 + .../dovecot/conf.d/auth-passwdfile.conf.ext | 9 + install/ubuntu/12.10/dovecot/dovecot.conf | 4 + install/ubuntu/12.10/exim/dnsbl.conf | 2 + install/ubuntu/12.10/exim/exim4.conf.template | 377 ++++ install/ubuntu/12.10/exim/spam-blocks.conf | 0 install/ubuntu/12.10/fail2ban.tar.gz | Bin 0 -> 721 bytes .../ubuntu/12.10/fail2ban/action.d/vesta.conf | 9 + .../ubuntu/12.10/fail2ban/filter.d/vesta.conf | 10 + install/ubuntu/12.10/fail2ban/jail.local | 39 + install/ubuntu/12.10/firewall.tar.gz | Bin 0 -> 540 bytes install/ubuntu/12.10/firewall/ports.conf | 16 + install/ubuntu/12.10/firewall/rules.conf | 10 + install/ubuntu/12.10/logrotate/apache2 | 19 + install/ubuntu/12.10/logrotate/nginx | 13 + install/ubuntu/12.10/logrotate/vesta | 7 + install/ubuntu/12.10/mysql/my-large.cnf | 42 + install/ubuntu/12.10/mysql/my-medium.cnf | 40 + install/ubuntu/12.10/mysql/my-small.cnf | 40 + install/ubuntu/12.10/nginx/nginx.conf | 124 ++ install/ubuntu/12.10/nginx/phpmyadmin.inc | 15 + install/ubuntu/12.10/nginx/phppgadmin.inc | 11 + install/ubuntu/12.10/nginx/status.conf | 9 + install/ubuntu/12.10/nginx/webmail.inc | 15 + install/ubuntu/12.10/packages.tar.gz | Bin 0 -> 562 bytes install/ubuntu/12.10/packages/default.pkg | 18 + install/ubuntu/12.10/packages/gainsboro.pkg | 18 + install/ubuntu/12.10/packages/palegreen.pkg | 18 + install/ubuntu/12.10/packages/slategrey.pkg | 18 + install/ubuntu/12.10/pga/config.inc.php | 159 ++ install/ubuntu/12.10/pga/phppgadmin.conf | 31 + install/ubuntu/12.10/php5-fpm/www.conf | 10 + install/ubuntu/12.10/pma/apache.conf | 42 + install/ubuntu/12.10/pma/config.inc.php | 146 ++ install/ubuntu/12.10/postgresql/pg_hba.conf | 11 + install/ubuntu/12.10/proftpd/proftpd.conf | 32 + install/ubuntu/12.10/roundcube/apache.conf | 40 + install/ubuntu/12.10/roundcube/config.inc.php | 33 + install/ubuntu/12.10/roundcube/db.inc.php | 66 + install/ubuntu/12.10/roundcube/main.inc.php | 850 ++++++++ install/ubuntu/12.10/roundcube/vesta.php | 62 + install/ubuntu/12.10/sudo/admin | 7 + install/ubuntu/12.10/templates.tar.gz | Bin 0 -> 12935 bytes .../ubuntu/12.10/templates/dns/child-ns.tpl | 11 + .../ubuntu/12.10/templates/dns/default.tpl | 9 + install/ubuntu/12.10/templates/dns/gmail.tpl | 14 + .../12.10/templates/web/apache2/basedir.stpl | 41 + .../12.10/templates/web/apache2/basedir.tpl | 35 + .../12.10/templates/web/apache2/default.stpl | 40 + .../12.10/templates/web/apache2/default.tpl | 34 + .../12.10/templates/web/apache2/hosting.stpl | 49 + .../12.10/templates/web/apache2/hosting.tpl | 43 + .../12.10/templates/web/apache2/phpcgi.sh | 16 + .../12.10/templates/web/apache2/phpcgi.stpl | 35 + .../12.10/templates/web/apache2/phpcgi.tpl | 28 + .../12.10/templates/web/apache2/phpfcgid.sh | 22 + .../12.10/templates/web/apache2/phpfcgid.stpl | 36 + .../12.10/templates/web/apache2/phpfcgid.tpl | 28 + .../12.10/templates/web/awstats/awstats.tpl | 133 ++ .../12.10/templates/web/awstats/index.tpl | 10 + .../12.10/templates/web/awstats/nav.tpl | 23 + .../12.10/templates/web/nginx/caching.sh | 12 + .../12.10/templates/web/nginx/caching.stpl | 44 + .../12.10/templates/web/nginx/caching.tpl | 41 + .../12.10/templates/web/nginx/default.stpl | 36 + .../12.10/templates/web/nginx/default.tpl | 33 + .../12.10/templates/web/nginx/hosting.sh | 11 + .../12.10/templates/web/nginx/hosting.stpl | 38 + .../12.10/templates/web/nginx/hosting.tpl | 35 + .../web/nginx/php5-fpm/cms_made_simple.stpl | 51 + .../web/nginx/php5-fpm/cms_made_simple.tpl | 47 + .../web/nginx/php5-fpm/codeigniter2.stpl | 56 + .../web/nginx/php5-fpm/codeigniter2.tpl | 52 + .../web/nginx/php5-fpm/codeigniter3.stpl | 51 + .../web/nginx/php5-fpm/codeigniter3.tpl | 47 + .../web/nginx/php5-fpm/datalife_engine.stpl | 122 ++ .../web/nginx/php5-fpm/datalife_engine.tpl | 118 ++ .../templates/web/nginx/php5-fpm/default.stpl | 50 + .../templates/web/nginx/php5-fpm/default.tpl | 46 + .../web/nginx/php5-fpm/dokuwiki.stpl | 67 + .../templates/web/nginx/php5-fpm/dokuwiki.tpl | 62 + .../templates/web/nginx/php5-fpm/drupal.stpl | 101 + .../templates/web/nginx/php5-fpm/drupal.tpl | 98 + .../templates/web/nginx/php5-fpm/joomla.stpl | 58 + .../templates/web/nginx/php5-fpm/joomla.tpl | 54 + .../web/nginx/php5-fpm/owncloud.stpl | 80 + .../templates/web/nginx/php5-fpm/owncloud.tpl | 76 + .../templates/web/nginx/php5-fpm/piwik.stpl | 68 + .../templates/web/nginx/php5-fpm/piwik.tpl | 64 + .../templates/web/nginx/php5-fpm/pyrocms.stpl | 61 + .../templates/web/nginx/php5-fpm/pyrocms.tpl | 57 + .../web/nginx/php5-fpm/wordpress.stpl | 50 + .../web/nginx/php5-fpm/wordpress.tpl | 46 + .../web/nginx/php5-fpm/wordpress2.stpl | 62 + .../web/nginx/php5-fpm/wordpress2.tpl | 58 + .../12.10/templates/web/nginx/proxy_ip.tpl | 9 + .../12.10/templates/web/php5-fpm/default.tpl | 18 + .../12.10/templates/web/php5-fpm/no-php.tpl | 13 + .../12.10/templates/web/php5-fpm/socket.tpl | 21 + .../web/skel/document_errors/403.html | 29 + .../web/skel/document_errors/404.html | 28 + .../web/skel/document_errors/50x.html | 29 + .../templates/web/skel/public_html/index.html | 26 + .../templates/web/skel/public_html/robots.txt | 3 + .../web/skel/public_shtml/index.html | 26 + .../web/skel/public_shtml/robots.txt | 3 + .../12.10/templates/web/suspend/.htaccess | 2 + .../12.10/templates/web/suspend/index.html | 27 + .../templates/web/webalizer/webalizer.tpl | 110 ++ install/ubuntu/12.10/vsftpd/vsftpd.conf | 24 + install/ubuntu/13.04/apache2/apache2.conf | 86 + install/ubuntu/13.04/apache2/status.conf | 8 + install/ubuntu/13.04/bind/named.conf | 12 + install/ubuntu/13.04/clamav/clamd.conf | 61 + install/ubuntu/13.04/deb_signing.key | 30 + install/ubuntu/13.04/dovecot.tar.gz | Bin 0 -> 3487 bytes .../ubuntu/13.04/dovecot/conf.d/10-auth.conf | 4 + .../13.04/dovecot/conf.d/10-logging.conf | 1 + .../ubuntu/13.04/dovecot/conf.d/10-mail.conf | 4 + .../13.04/dovecot/conf.d/10-master.conf | 29 + .../ubuntu/13.04/dovecot/conf.d/10-ssl.conf | 3 + .../ubuntu/13.04/dovecot/conf.d/20-imap.conf | 58 + .../ubuntu/13.04/dovecot/conf.d/20-pop3.conf | 91 + .../dovecot/conf.d/auth-passwdfile.conf.ext | 9 + install/ubuntu/13.04/dovecot/dovecot.conf | 4 + install/ubuntu/13.04/exim/dnsbl.conf | 2 + install/ubuntu/13.04/exim/exim4.conf.template | 377 ++++ install/ubuntu/13.04/exim/spam-blocks.conf | 0 install/ubuntu/13.04/fail2ban.tar.gz | Bin 0 -> 721 bytes .../ubuntu/13.04/fail2ban/action.d/vesta.conf | 9 + .../ubuntu/13.04/fail2ban/filter.d/vesta.conf | 10 + install/ubuntu/13.04/fail2ban/jail.local | 39 + install/ubuntu/13.04/firewall.tar.gz | Bin 0 -> 540 bytes install/ubuntu/13.04/firewall/ports.conf | 16 + install/ubuntu/13.04/firewall/rules.conf | 10 + install/ubuntu/13.04/logrotate/apache2 | 19 + install/ubuntu/13.04/logrotate/nginx | 13 + install/ubuntu/13.04/logrotate/vesta | 7 + install/ubuntu/13.04/mysql/my-large.cnf | 42 + install/ubuntu/13.04/mysql/my-medium.cnf | 40 + install/ubuntu/13.04/mysql/my-small.cnf | 40 + install/ubuntu/13.04/nginx/nginx.conf | 124 ++ install/ubuntu/13.04/nginx/phpmyadmin.inc | 15 + install/ubuntu/13.04/nginx/phppgadmin.inc | 11 + install/ubuntu/13.04/nginx/status.conf | 9 + install/ubuntu/13.04/nginx/webmail.inc | 15 + install/ubuntu/13.04/packages.tar.gz | Bin 0 -> 562 bytes install/ubuntu/13.04/packages/default.pkg | 18 + install/ubuntu/13.04/packages/gainsboro.pkg | 18 + install/ubuntu/13.04/packages/palegreen.pkg | 18 + install/ubuntu/13.04/packages/slategrey.pkg | 18 + install/ubuntu/13.04/pga/config.inc.php | 159 ++ install/ubuntu/13.04/pga/phppgadmin.conf | 31 + install/ubuntu/13.04/php5-fpm/www.conf | 10 + install/ubuntu/13.04/pma/apache.conf | 42 + install/ubuntu/13.04/pma/config.inc.php | 146 ++ install/ubuntu/13.04/postgresql/pg_hba.conf | 11 + install/ubuntu/13.04/proftpd/proftpd.conf | 32 + install/ubuntu/13.04/roundcube/apache.conf | 40 + install/ubuntu/13.04/roundcube/config.inc.php | 33 + install/ubuntu/13.04/roundcube/db.inc.php | 66 + install/ubuntu/13.04/roundcube/main.inc.php | 850 ++++++++ install/ubuntu/13.04/roundcube/vesta.php | 62 + install/ubuntu/13.04/sudo/admin | 7 + install/ubuntu/13.04/templates.tar.gz | Bin 0 -> 12935 bytes .../ubuntu/13.04/templates/dns/child-ns.tpl | 11 + .../ubuntu/13.04/templates/dns/default.tpl | 9 + install/ubuntu/13.04/templates/dns/gmail.tpl | 14 + .../13.04/templates/web/apache2/basedir.stpl | 41 + .../13.04/templates/web/apache2/basedir.tpl | 35 + .../13.04/templates/web/apache2/default.stpl | 40 + .../13.04/templates/web/apache2/default.tpl | 34 + .../13.04/templates/web/apache2/hosting.stpl | 49 + .../13.04/templates/web/apache2/hosting.tpl | 43 + .../13.04/templates/web/apache2/phpcgi.sh | 16 + .../13.04/templates/web/apache2/phpcgi.stpl | 35 + .../13.04/templates/web/apache2/phpcgi.tpl | 28 + .../13.04/templates/web/apache2/phpfcgid.sh | 22 + .../13.04/templates/web/apache2/phpfcgid.stpl | 36 + .../13.04/templates/web/apache2/phpfcgid.tpl | 28 + .../13.04/templates/web/awstats/awstats.tpl | 133 ++ .../13.04/templates/web/awstats/index.tpl | 10 + .../13.04/templates/web/awstats/nav.tpl | 23 + .../13.04/templates/web/nginx/caching.sh | 12 + .../13.04/templates/web/nginx/caching.stpl | 44 + .../13.04/templates/web/nginx/caching.tpl | 41 + .../13.04/templates/web/nginx/default.stpl | 36 + .../13.04/templates/web/nginx/default.tpl | 33 + .../13.04/templates/web/nginx/hosting.sh | 11 + .../13.04/templates/web/nginx/hosting.stpl | 38 + .../13.04/templates/web/nginx/hosting.tpl | 35 + .../web/nginx/php5-fpm/cms_made_simple.stpl | 51 + .../web/nginx/php5-fpm/cms_made_simple.tpl | 47 + .../web/nginx/php5-fpm/codeigniter2.stpl | 56 + .../web/nginx/php5-fpm/codeigniter2.tpl | 52 + .../web/nginx/php5-fpm/codeigniter3.stpl | 51 + .../web/nginx/php5-fpm/codeigniter3.tpl | 47 + .../web/nginx/php5-fpm/datalife_engine.stpl | 122 ++ .../web/nginx/php5-fpm/datalife_engine.tpl | 118 ++ .../templates/web/nginx/php5-fpm/default.stpl | 50 + .../templates/web/nginx/php5-fpm/default.tpl | 46 + .../web/nginx/php5-fpm/dokuwiki.stpl | 67 + .../templates/web/nginx/php5-fpm/dokuwiki.tpl | 62 + .../templates/web/nginx/php5-fpm/drupal.stpl | 101 + .../templates/web/nginx/php5-fpm/drupal.tpl | 98 + .../templates/web/nginx/php5-fpm/joomla.stpl | 58 + .../templates/web/nginx/php5-fpm/joomla.tpl | 54 + .../web/nginx/php5-fpm/owncloud.stpl | 80 + .../templates/web/nginx/php5-fpm/owncloud.tpl | 76 + .../templates/web/nginx/php5-fpm/piwik.stpl | 68 + .../templates/web/nginx/php5-fpm/piwik.tpl | 64 + .../templates/web/nginx/php5-fpm/pyrocms.stpl | 61 + .../templates/web/nginx/php5-fpm/pyrocms.tpl | 57 + .../web/nginx/php5-fpm/wordpress.stpl | 50 + .../web/nginx/php5-fpm/wordpress.tpl | 46 + .../web/nginx/php5-fpm/wordpress2.stpl | 62 + .../web/nginx/php5-fpm/wordpress2.tpl | 58 + .../13.04/templates/web/nginx/proxy_ip.tpl | 9 + .../13.04/templates/web/php5-fpm/default.tpl | 18 + .../13.04/templates/web/php5-fpm/no-php.tpl | 13 + .../13.04/templates/web/php5-fpm/socket.tpl | 21 + .../web/skel/document_errors/403.html | 29 + .../web/skel/document_errors/404.html | 28 + .../web/skel/document_errors/50x.html | 29 + .../templates/web/skel/public_html/index.html | 26 + .../templates/web/skel/public_html/robots.txt | 3 + .../web/skel/public_shtml/index.html | 26 + .../web/skel/public_shtml/robots.txt | 3 + .../13.04/templates/web/suspend/.htaccess | 2 + .../13.04/templates/web/suspend/index.html | 27 + .../templates/web/webalizer/webalizer.tpl | 110 ++ install/ubuntu/13.04/vsftpd/vsftpd.conf | 24 + install/ubuntu/13.10/apache2/apache2.conf | 86 + install/ubuntu/13.10/apache2/status.conf | 8 + install/ubuntu/13.10/bind/named.conf | 12 + install/ubuntu/13.10/clamav/clamd.conf | 61 + install/ubuntu/13.10/deb_signing.key | 30 + install/ubuntu/13.10/dovecot.tar.gz | Bin 0 -> 3487 bytes .../ubuntu/13.10/dovecot/conf.d/10-auth.conf | 4 + .../13.10/dovecot/conf.d/10-logging.conf | 1 + .../ubuntu/13.10/dovecot/conf.d/10-mail.conf | 4 + .../13.10/dovecot/conf.d/10-master.conf | 29 + .../ubuntu/13.10/dovecot/conf.d/10-ssl.conf | 3 + .../ubuntu/13.10/dovecot/conf.d/20-imap.conf | 58 + .../ubuntu/13.10/dovecot/conf.d/20-pop3.conf | 91 + .../dovecot/conf.d/auth-passwdfile.conf.ext | 9 + install/ubuntu/13.10/dovecot/dovecot.conf | 4 + install/ubuntu/13.10/exim/dnsbl.conf | 2 + install/ubuntu/13.10/exim/exim4.conf.template | 377 ++++ install/ubuntu/13.10/exim/spam-blocks.conf | 0 install/ubuntu/13.10/fail2ban.tar.gz | Bin 0 -> 721 bytes .../ubuntu/13.10/fail2ban/action.d/vesta.conf | 9 + .../ubuntu/13.10/fail2ban/filter.d/vesta.conf | 10 + install/ubuntu/13.10/fail2ban/jail.local | 39 + install/ubuntu/13.10/firewall.tar.gz | Bin 0 -> 540 bytes install/ubuntu/13.10/firewall/ports.conf | 16 + install/ubuntu/13.10/firewall/rules.conf | 10 + install/ubuntu/13.10/logrotate/apache2 | 19 + install/ubuntu/13.10/logrotate/nginx | 13 + install/ubuntu/13.10/logrotate/vesta | 7 + install/ubuntu/13.10/mysql/my-large.cnf | 42 + install/ubuntu/13.10/mysql/my-medium.cnf | 40 + install/ubuntu/13.10/mysql/my-small.cnf | 40 + install/ubuntu/13.10/nginx/nginx.conf | 124 ++ install/ubuntu/13.10/nginx/phpmyadmin.inc | 15 + install/ubuntu/13.10/nginx/phppgadmin.inc | 11 + install/ubuntu/13.10/nginx/status.conf | 9 + install/ubuntu/13.10/nginx/webmail.inc | 15 + install/ubuntu/13.10/packages.tar.gz | Bin 0 -> 562 bytes install/ubuntu/13.10/packages/default.pkg | 18 + install/ubuntu/13.10/packages/gainsboro.pkg | 18 + install/ubuntu/13.10/packages/palegreen.pkg | 18 + install/ubuntu/13.10/packages/slategrey.pkg | 18 + install/ubuntu/13.10/pga/config.inc.php | 159 ++ install/ubuntu/13.10/pga/phppgadmin.conf | 31 + install/ubuntu/13.10/php5-fpm/www.conf | 10 + install/ubuntu/13.10/pma/apache.conf | 42 + install/ubuntu/13.10/pma/config.inc.php | 146 ++ install/ubuntu/13.10/postgresql/pg_hba.conf | 11 + install/ubuntu/13.10/proftpd/proftpd.conf | 32 + install/ubuntu/13.10/roundcube/apache.conf | 40 + install/ubuntu/13.10/roundcube/config.inc.php | 33 + install/ubuntu/13.10/roundcube/db.inc.php | 66 + install/ubuntu/13.10/roundcube/main.inc.php | 850 ++++++++ install/ubuntu/13.10/roundcube/vesta.php | 62 + install/ubuntu/13.10/sudo/admin | 7 + install/ubuntu/13.10/templates.tar.gz | Bin 0 -> 12935 bytes .../ubuntu/13.10/templates/dns/child-ns.tpl | 11 + .../ubuntu/13.10/templates/dns/default.tpl | 9 + install/ubuntu/13.10/templates/dns/gmail.tpl | 14 + .../13.10/templates/web/apache2/basedir.stpl | 41 + .../13.10/templates/web/apache2/basedir.tpl | 35 + .../13.10/templates/web/apache2/default.stpl | 40 + .../13.10/templates/web/apache2/default.tpl | 34 + .../13.10/templates/web/apache2/hosting.stpl | 49 + .../13.10/templates/web/apache2/hosting.tpl | 43 + .../13.10/templates/web/apache2/phpcgi.sh | 16 + .../13.10/templates/web/apache2/phpcgi.stpl | 35 + .../13.10/templates/web/apache2/phpcgi.tpl | 28 + .../13.10/templates/web/apache2/phpfcgid.sh | 22 + .../13.10/templates/web/apache2/phpfcgid.stpl | 36 + .../13.10/templates/web/apache2/phpfcgid.tpl | 28 + .../13.10/templates/web/awstats/awstats.tpl | 133 ++ .../13.10/templates/web/awstats/index.tpl | 10 + .../13.10/templates/web/awstats/nav.tpl | 23 + .../13.10/templates/web/nginx/caching.sh | 12 + .../13.10/templates/web/nginx/caching.stpl | 44 + .../13.10/templates/web/nginx/caching.tpl | 41 + .../13.10/templates/web/nginx/default.stpl | 36 + .../13.10/templates/web/nginx/default.tpl | 33 + .../13.10/templates/web/nginx/hosting.sh | 11 + .../13.10/templates/web/nginx/hosting.stpl | 38 + .../13.10/templates/web/nginx/hosting.tpl | 35 + .../web/nginx/php5-fpm/cms_made_simple.stpl | 51 + .../web/nginx/php5-fpm/cms_made_simple.tpl | 47 + .../web/nginx/php5-fpm/codeigniter2.stpl | 56 + .../web/nginx/php5-fpm/codeigniter2.tpl | 52 + .../web/nginx/php5-fpm/codeigniter3.stpl | 51 + .../web/nginx/php5-fpm/codeigniter3.tpl | 47 + .../web/nginx/php5-fpm/datalife_engine.stpl | 122 ++ .../web/nginx/php5-fpm/datalife_engine.tpl | 118 ++ .../templates/web/nginx/php5-fpm/default.stpl | 50 + .../templates/web/nginx/php5-fpm/default.tpl | 46 + .../web/nginx/php5-fpm/dokuwiki.stpl | 67 + .../templates/web/nginx/php5-fpm/dokuwiki.tpl | 62 + .../templates/web/nginx/php5-fpm/drupal.stpl | 101 + .../templates/web/nginx/php5-fpm/drupal.tpl | 98 + .../templates/web/nginx/php5-fpm/joomla.stpl | 58 + .../templates/web/nginx/php5-fpm/joomla.tpl | 54 + .../web/nginx/php5-fpm/owncloud.stpl | 80 + .../templates/web/nginx/php5-fpm/owncloud.tpl | 76 + .../templates/web/nginx/php5-fpm/piwik.stpl | 68 + .../templates/web/nginx/php5-fpm/piwik.tpl | 64 + .../templates/web/nginx/php5-fpm/pyrocms.stpl | 61 + .../templates/web/nginx/php5-fpm/pyrocms.tpl | 57 + .../web/nginx/php5-fpm/wordpress.stpl | 50 + .../web/nginx/php5-fpm/wordpress.tpl | 46 + .../web/nginx/php5-fpm/wordpress2.stpl | 62 + .../web/nginx/php5-fpm/wordpress2.tpl | 58 + .../13.10/templates/web/nginx/proxy_ip.tpl | 9 + .../13.10/templates/web/php5-fpm/default.tpl | 18 + .../13.10/templates/web/php5-fpm/no-php.tpl | 13 + .../13.10/templates/web/php5-fpm/socket.tpl | 21 + .../web/skel/document_errors/403.html | 29 + .../web/skel/document_errors/404.html | 28 + .../web/skel/document_errors/50x.html | 29 + .../templates/web/skel/public_html/index.html | 26 + .../templates/web/skel/public_html/robots.txt | 3 + .../web/skel/public_shtml/index.html | 26 + .../web/skel/public_shtml/robots.txt | 3 + .../13.10/templates/web/suspend/.htaccess | 2 + .../13.10/templates/web/suspend/index.html | 27 + .../templates/web/webalizer/webalizer.tpl | 110 ++ install/ubuntu/13.10/vsftpd/vsftpd.conf | 24 + install/ubuntu/14.04/apache2/apache2.conf | 86 + install/ubuntu/14.04/apache2/status.conf | 8 + install/ubuntu/14.04/bind/named.conf | 12 + install/ubuntu/14.04/clamav/clamd.conf | 61 + install/ubuntu/14.04/deb_signing.key | 30 + install/ubuntu/14.04/dovecot.tar.gz | Bin 0 -> 3487 bytes .../ubuntu/14.04/dovecot/conf.d/10-auth.conf | 4 + .../14.04/dovecot/conf.d/10-logging.conf | 1 + .../ubuntu/14.04/dovecot/conf.d/10-mail.conf | 4 + .../14.04/dovecot/conf.d/10-master.conf | 29 + .../ubuntu/14.04/dovecot/conf.d/10-ssl.conf | 3 + .../ubuntu/14.04/dovecot/conf.d/20-imap.conf | 58 + .../ubuntu/14.04/dovecot/conf.d/20-pop3.conf | 91 + .../dovecot/conf.d/auth-passwdfile.conf.ext | 9 + install/ubuntu/14.04/dovecot/dovecot.conf | 4 + install/ubuntu/14.04/exim/dnsbl.conf | 2 + install/ubuntu/14.04/exim/exim4.conf.template | 377 ++++ install/ubuntu/14.04/exim/spam-blocks.conf | 0 install/ubuntu/14.04/fail2ban.tar.gz | Bin 0 -> 721 bytes .../ubuntu/14.04/fail2ban/action.d/vesta.conf | 9 + .../ubuntu/14.04/fail2ban/filter.d/vesta.conf | 10 + install/ubuntu/14.04/fail2ban/jail.local | 39 + install/ubuntu/14.04/firewall.tar.gz | Bin 0 -> 540 bytes install/ubuntu/14.04/firewall/ports.conf | 16 + install/ubuntu/14.04/firewall/rules.conf | 10 + install/ubuntu/14.04/logrotate/apache2 | 19 + install/ubuntu/14.04/logrotate/nginx | 13 + install/ubuntu/14.04/logrotate/vesta | 7 + install/ubuntu/14.04/mysql/my-large.cnf | 42 + install/ubuntu/14.04/mysql/my-medium.cnf | 40 + install/ubuntu/14.04/mysql/my-small.cnf | 40 + install/ubuntu/14.04/nginx/nginx.conf | 124 ++ install/ubuntu/14.04/nginx/phpmyadmin.inc | 15 + install/ubuntu/14.04/nginx/phppgadmin.inc | 11 + install/ubuntu/14.04/nginx/status.conf | 9 + install/ubuntu/14.04/nginx/webmail.inc | 15 + install/ubuntu/14.04/packages.tar.gz | Bin 0 -> 562 bytes install/ubuntu/14.04/packages/default.pkg | 18 + install/ubuntu/14.04/packages/gainsboro.pkg | 18 + install/ubuntu/14.04/packages/palegreen.pkg | 18 + install/ubuntu/14.04/packages/slategrey.pkg | 18 + install/ubuntu/14.04/pga/config.inc.php | 159 ++ install/ubuntu/14.04/pga/phppgadmin.conf | 31 + install/ubuntu/14.04/php5-fpm/www.conf | 10 + install/ubuntu/14.04/pma/apache.conf | 42 + install/ubuntu/14.04/pma/config.inc.php | 146 ++ install/ubuntu/14.04/postgresql/pg_hba.conf | 11 + install/ubuntu/14.04/proftpd/proftpd.conf | 32 + install/ubuntu/14.04/roundcube/apache.conf | 40 + install/ubuntu/14.04/roundcube/config.inc.php | 33 + install/ubuntu/14.04/roundcube/db.inc.php | 66 + install/ubuntu/14.04/roundcube/main.inc.php | 850 ++++++++ install/ubuntu/14.04/roundcube/vesta.php | 62 + install/ubuntu/14.04/sudo/admin | 7 + install/ubuntu/14.04/templates.tar.gz | Bin 0 -> 12935 bytes .../ubuntu/14.04/templates/dns/child-ns.tpl | 11 + .../ubuntu/14.04/templates/dns/default.tpl | 9 + install/ubuntu/14.04/templates/dns/gmail.tpl | 14 + .../14.04/templates/web/apache2/basedir.stpl | 41 + .../14.04/templates/web/apache2/basedir.tpl | 35 + .../14.04/templates/web/apache2/default.stpl | 40 + .../14.04/templates/web/apache2/default.tpl | 34 + .../14.04/templates/web/apache2/hosting.stpl | 49 + .../14.04/templates/web/apache2/hosting.tpl | 43 + .../14.04/templates/web/apache2/phpcgi.sh | 16 + .../14.04/templates/web/apache2/phpcgi.stpl | 35 + .../14.04/templates/web/apache2/phpcgi.tpl | 28 + .../14.04/templates/web/apache2/phpfcgid.sh | 22 + .../14.04/templates/web/apache2/phpfcgid.stpl | 36 + .../14.04/templates/web/apache2/phpfcgid.tpl | 28 + .../14.04/templates/web/awstats/awstats.tpl | 133 ++ .../14.04/templates/web/awstats/index.tpl | 10 + .../14.04/templates/web/awstats/nav.tpl | 23 + .../14.04/templates/web/nginx/caching.sh | 12 + .../14.04/templates/web/nginx/caching.stpl | 44 + .../14.04/templates/web/nginx/caching.tpl | 41 + .../14.04/templates/web/nginx/default.stpl | 36 + .../14.04/templates/web/nginx/default.tpl | 33 + .../14.04/templates/web/nginx/hosting.sh | 11 + .../14.04/templates/web/nginx/hosting.stpl | 38 + .../14.04/templates/web/nginx/hosting.tpl | 35 + .../web/nginx/php5-fpm/cms_made_simple.stpl | 51 + .../web/nginx/php5-fpm/cms_made_simple.tpl | 47 + .../web/nginx/php5-fpm/codeigniter2.stpl | 56 + .../web/nginx/php5-fpm/codeigniter2.tpl | 52 + .../web/nginx/php5-fpm/codeigniter3.stpl | 51 + .../web/nginx/php5-fpm/codeigniter3.tpl | 47 + .../web/nginx/php5-fpm/datalife_engine.stpl | 122 ++ .../web/nginx/php5-fpm/datalife_engine.tpl | 118 ++ .../templates/web/nginx/php5-fpm/default.stpl | 50 + .../templates/web/nginx/php5-fpm/default.tpl | 46 + .../web/nginx/php5-fpm/dokuwiki.stpl | 67 + .../templates/web/nginx/php5-fpm/dokuwiki.tpl | 62 + .../templates/web/nginx/php5-fpm/drupal.stpl | 101 + .../templates/web/nginx/php5-fpm/drupal.tpl | 98 + .../templates/web/nginx/php5-fpm/joomla.stpl | 58 + .../templates/web/nginx/php5-fpm/joomla.tpl | 54 + .../web/nginx/php5-fpm/owncloud.stpl | 80 + .../templates/web/nginx/php5-fpm/owncloud.tpl | 76 + .../templates/web/nginx/php5-fpm/piwik.stpl | 68 + .../templates/web/nginx/php5-fpm/piwik.tpl | 64 + .../templates/web/nginx/php5-fpm/pyrocms.stpl | 61 + .../templates/web/nginx/php5-fpm/pyrocms.tpl | 57 + .../web/nginx/php5-fpm/wordpress.stpl | 50 + .../web/nginx/php5-fpm/wordpress.tpl | 46 + .../web/nginx/php5-fpm/wordpress2.stpl | 62 + .../web/nginx/php5-fpm/wordpress2.tpl | 58 + .../14.04/templates/web/nginx/proxy_ip.tpl | 9 + .../14.04/templates/web/php5-fpm/default.tpl | 18 + .../14.04/templates/web/php5-fpm/no-php.tpl | 13 + .../14.04/templates/web/php5-fpm/socket.tpl | 21 + .../web/skel/document_errors/403.html | 29 + .../web/skel/document_errors/404.html | 28 + .../web/skel/document_errors/50x.html | 29 + .../templates/web/skel/public_html/index.html | 26 + .../templates/web/skel/public_html/robots.txt | 3 + .../web/skel/public_shtml/index.html | 26 + .../web/skel/public_shtml/robots.txt | 3 + .../14.04/templates/web/suspend/.htaccess | 2 + .../14.04/templates/web/suspend/index.html | 27 + .../templates/web/webalizer/webalizer.tpl | 110 ++ install/ubuntu/14.04/vsftpd/vsftpd.conf | 24 + install/ubuntu/14.10/apache2/apache2.conf | 86 + install/ubuntu/14.10/apache2/status.conf | 8 + install/ubuntu/14.10/bind/named.conf | 12 + install/ubuntu/14.10/clamav/clamd.conf | 61 + install/ubuntu/14.10/deb_signing.key | 30 + install/ubuntu/14.10/dovecot.tar.gz | Bin 0 -> 3487 bytes .../ubuntu/14.10/dovecot/conf.d/10-auth.conf | 4 + .../14.10/dovecot/conf.d/10-logging.conf | 1 + .../ubuntu/14.10/dovecot/conf.d/10-mail.conf | 4 + .../14.10/dovecot/conf.d/10-master.conf | 29 + .../ubuntu/14.10/dovecot/conf.d/10-ssl.conf | 3 + .../ubuntu/14.10/dovecot/conf.d/20-imap.conf | 58 + .../ubuntu/14.10/dovecot/conf.d/20-pop3.conf | 91 + .../dovecot/conf.d/auth-passwdfile.conf.ext | 9 + install/ubuntu/14.10/dovecot/dovecot.conf | 4 + install/ubuntu/14.10/exim/dnsbl.conf | 2 + install/ubuntu/14.10/exim/exim4.conf.template | 377 ++++ install/ubuntu/14.10/exim/spam-blocks.conf | 0 install/ubuntu/14.10/fail2ban.tar.gz | Bin 0 -> 721 bytes .../ubuntu/14.10/fail2ban/action.d/vesta.conf | 9 + .../ubuntu/14.10/fail2ban/filter.d/vesta.conf | 10 + install/ubuntu/14.10/fail2ban/jail.local | 39 + install/ubuntu/14.10/firewall.tar.gz | Bin 0 -> 540 bytes install/ubuntu/14.10/firewall/ports.conf | 16 + install/ubuntu/14.10/firewall/rules.conf | 10 + install/ubuntu/14.10/logrotate/apache2 | 19 + install/ubuntu/14.10/logrotate/nginx | 13 + install/ubuntu/14.10/logrotate/vesta | 7 + install/ubuntu/14.10/mysql/my-large.cnf | 42 + install/ubuntu/14.10/mysql/my-medium.cnf | 40 + install/ubuntu/14.10/mysql/my-small.cnf | 40 + install/ubuntu/14.10/nginx/nginx.conf | 124 ++ install/ubuntu/14.10/nginx/phpmyadmin.inc | 15 + install/ubuntu/14.10/nginx/phppgadmin.inc | 11 + install/ubuntu/14.10/nginx/status.conf | 9 + install/ubuntu/14.10/nginx/webmail.inc | 15 + install/ubuntu/14.10/packages.tar.gz | Bin 0 -> 562 bytes install/ubuntu/14.10/packages/default.pkg | 18 + install/ubuntu/14.10/packages/gainsboro.pkg | 18 + install/ubuntu/14.10/packages/palegreen.pkg | 18 + install/ubuntu/14.10/packages/slategrey.pkg | 18 + install/ubuntu/14.10/pga/config.inc.php | 159 ++ install/ubuntu/14.10/pga/phppgadmin.conf | 31 + install/ubuntu/14.10/php5-fpm/www.conf | 10 + install/ubuntu/14.10/pma/apache.conf | 42 + install/ubuntu/14.10/pma/config.inc.php | 146 ++ install/ubuntu/14.10/postgresql/pg_hba.conf | 11 + install/ubuntu/14.10/proftpd/proftpd.conf | 32 + install/ubuntu/14.10/roundcube/apache.conf | 40 + install/ubuntu/14.10/roundcube/config.inc.php | 33 + install/ubuntu/14.10/roundcube/db.inc.php | 66 + install/ubuntu/14.10/roundcube/main.inc.php | 850 ++++++++ install/ubuntu/14.10/roundcube/vesta.php | 62 + install/ubuntu/14.10/sudo/admin | 7 + install/ubuntu/14.10/templates.tar.gz | Bin 0 -> 12935 bytes .../ubuntu/14.10/templates/dns/child-ns.tpl | 11 + .../ubuntu/14.10/templates/dns/default.tpl | 9 + install/ubuntu/14.10/templates/dns/gmail.tpl | 14 + .../14.10/templates/web/apache2/basedir.stpl | 41 + .../14.10/templates/web/apache2/basedir.tpl | 35 + .../14.10/templates/web/apache2/default.stpl | 40 + .../14.10/templates/web/apache2/default.tpl | 34 + .../14.10/templates/web/apache2/hosting.stpl | 49 + .../14.10/templates/web/apache2/hosting.tpl | 43 + .../14.10/templates/web/apache2/phpcgi.sh | 16 + .../14.10/templates/web/apache2/phpcgi.stpl | 35 + .../14.10/templates/web/apache2/phpcgi.tpl | 28 + .../14.10/templates/web/apache2/phpfcgid.sh | 22 + .../14.10/templates/web/apache2/phpfcgid.stpl | 36 + .../14.10/templates/web/apache2/phpfcgid.tpl | 28 + .../14.10/templates/web/awstats/awstats.tpl | 133 ++ .../14.10/templates/web/awstats/index.tpl | 10 + .../14.10/templates/web/awstats/nav.tpl | 23 + .../14.10/templates/web/nginx/caching.sh | 12 + .../14.10/templates/web/nginx/caching.stpl | 44 + .../14.10/templates/web/nginx/caching.tpl | 41 + .../14.10/templates/web/nginx/default.stpl | 36 + .../14.10/templates/web/nginx/default.tpl | 33 + .../14.10/templates/web/nginx/hosting.sh | 11 + .../14.10/templates/web/nginx/hosting.stpl | 38 + .../14.10/templates/web/nginx/hosting.tpl | 35 + .../web/nginx/php5-fpm/cms_made_simple.stpl | 51 + .../web/nginx/php5-fpm/cms_made_simple.tpl | 47 + .../web/nginx/php5-fpm/codeigniter2.stpl | 56 + .../web/nginx/php5-fpm/codeigniter2.tpl | 52 + .../web/nginx/php5-fpm/codeigniter3.stpl | 51 + .../web/nginx/php5-fpm/codeigniter3.tpl | 47 + .../web/nginx/php5-fpm/datalife_engine.stpl | 122 ++ .../web/nginx/php5-fpm/datalife_engine.tpl | 118 ++ .../templates/web/nginx/php5-fpm/default.stpl | 50 + .../templates/web/nginx/php5-fpm/default.tpl | 46 + .../web/nginx/php5-fpm/dokuwiki.stpl | 67 + .../templates/web/nginx/php5-fpm/dokuwiki.tpl | 62 + .../templates/web/nginx/php5-fpm/drupal.stpl | 101 + .../templates/web/nginx/php5-fpm/drupal.tpl | 98 + .../templates/web/nginx/php5-fpm/joomla.stpl | 58 + .../templates/web/nginx/php5-fpm/joomla.tpl | 54 + .../web/nginx/php5-fpm/owncloud.stpl | 80 + .../templates/web/nginx/php5-fpm/owncloud.tpl | 76 + .../templates/web/nginx/php5-fpm/piwik.stpl | 68 + .../templates/web/nginx/php5-fpm/piwik.tpl | 64 + .../templates/web/nginx/php5-fpm/pyrocms.stpl | 61 + .../templates/web/nginx/php5-fpm/pyrocms.tpl | 57 + .../web/nginx/php5-fpm/wordpress.stpl | 50 + .../web/nginx/php5-fpm/wordpress.tpl | 46 + .../web/nginx/php5-fpm/wordpress2.stpl | 62 + .../web/nginx/php5-fpm/wordpress2.tpl | 58 + .../14.10/templates/web/nginx/proxy_ip.tpl | 9 + .../14.10/templates/web/php5-fpm/default.tpl | 18 + .../14.10/templates/web/php5-fpm/no-php.tpl | 13 + .../14.10/templates/web/php5-fpm/socket.tpl | 21 + .../web/skel/document_errors/403.html | 29 + .../web/skel/document_errors/404.html | 28 + .../web/skel/document_errors/50x.html | 29 + .../templates/web/skel/public_html/index.html | 26 + .../templates/web/skel/public_html/robots.txt | 3 + .../web/skel/public_shtml/index.html | 26 + .../web/skel/public_shtml/robots.txt | 3 + .../14.10/templates/web/suspend/.htaccess | 2 + .../14.10/templates/web/suspend/index.html | 27 + .../templates/web/webalizer/webalizer.tpl | 110 ++ install/ubuntu/14.10/vsftpd/vsftpd.conf | 24 + install/ubuntu/15.04/apache2/apache2.conf | 86 + install/ubuntu/15.04/apache2/status.conf | 8 + install/ubuntu/15.04/bind/named.conf | 12 + install/ubuntu/15.04/clamav/clamd.conf | 61 + install/ubuntu/15.04/deb_signing.key | 30 + install/ubuntu/15.04/dovecot.tar.gz | Bin 0 -> 3487 bytes .../ubuntu/15.04/dovecot/conf.d/10-auth.conf | 4 + .../15.04/dovecot/conf.d/10-logging.conf | 1 + .../ubuntu/15.04/dovecot/conf.d/10-mail.conf | 4 + .../15.04/dovecot/conf.d/10-master.conf | 29 + .../ubuntu/15.04/dovecot/conf.d/10-ssl.conf | 3 + .../ubuntu/15.04/dovecot/conf.d/20-imap.conf | 58 + .../ubuntu/15.04/dovecot/conf.d/20-pop3.conf | 91 + .../dovecot/conf.d/auth-passwdfile.conf.ext | 9 + install/ubuntu/15.04/dovecot/dovecot.conf | 4 + install/ubuntu/15.04/exim/dnsbl.conf | 2 + install/ubuntu/15.04/exim/exim4.conf.template | 377 ++++ install/ubuntu/15.04/exim/spam-blocks.conf | 0 install/ubuntu/15.04/fail2ban.tar.gz | Bin 0 -> 721 bytes .../ubuntu/15.04/fail2ban/action.d/vesta.conf | 9 + .../ubuntu/15.04/fail2ban/filter.d/vesta.conf | 10 + install/ubuntu/15.04/fail2ban/jail.local | 39 + install/ubuntu/15.04/firewall.tar.gz | Bin 0 -> 540 bytes install/ubuntu/15.04/firewall/ports.conf | 16 + install/ubuntu/15.04/firewall/rules.conf | 10 + install/ubuntu/15.04/logrotate/apache2 | 19 + install/ubuntu/15.04/logrotate/nginx | 13 + install/ubuntu/15.04/logrotate/vesta | 7 + install/ubuntu/15.04/mysql/my-large.cnf | 42 + install/ubuntu/15.04/mysql/my-medium.cnf | 40 + install/ubuntu/15.04/mysql/my-small.cnf | 40 + install/ubuntu/15.04/nginx/nginx.conf | 124 ++ install/ubuntu/15.04/nginx/phpmyadmin.inc | 15 + install/ubuntu/15.04/nginx/phppgadmin.inc | 11 + install/ubuntu/15.04/nginx/status.conf | 9 + install/ubuntu/15.04/nginx/webmail.inc | 15 + install/ubuntu/15.04/packages.tar.gz | Bin 0 -> 562 bytes install/ubuntu/15.04/packages/default.pkg | 18 + install/ubuntu/15.04/packages/gainsboro.pkg | 18 + install/ubuntu/15.04/packages/palegreen.pkg | 18 + install/ubuntu/15.04/packages/slategrey.pkg | 18 + install/ubuntu/15.04/pga/config.inc.php | 159 ++ install/ubuntu/15.04/pga/phppgadmin.conf | 31 + install/ubuntu/15.04/php5-fpm/www.conf | 10 + install/ubuntu/15.04/pma/apache.conf | 42 + install/ubuntu/15.04/pma/config.inc.php | 146 ++ install/ubuntu/15.04/postgresql/pg_hba.conf | 11 + install/ubuntu/15.04/proftpd/proftpd.conf | 32 + install/ubuntu/15.04/roundcube/apache.conf | 40 + install/ubuntu/15.04/roundcube/config.inc.php | 33 + install/ubuntu/15.04/roundcube/db.inc.php | 66 + install/ubuntu/15.04/roundcube/main.inc.php | 850 ++++++++ install/ubuntu/15.04/roundcube/vesta.php | 62 + install/ubuntu/15.04/sudo/admin | 7 + install/ubuntu/15.04/templates.tar.gz | Bin 0 -> 12935 bytes .../ubuntu/15.04/templates/dns/child-ns.tpl | 11 + .../{ => 15.04}/templates/dns/default.tpl | 0 install/ubuntu/15.04/templates/dns/gmail.tpl | 14 + .../15.04/templates/web/apache2/basedir.stpl | 41 + .../15.04/templates/web/apache2/basedir.tpl | 35 + .../15.04/templates/web/apache2/default.stpl | 40 + .../15.04/templates/web/apache2/default.tpl | 34 + .../15.04/templates/web/apache2/hosting.stpl | 49 + .../15.04/templates/web/apache2/hosting.tpl | 43 + .../15.04/templates/web/apache2/phpcgi.sh | 16 + .../15.04/templates/web/apache2/phpcgi.stpl | 35 + .../15.04/templates/web/apache2/phpcgi.tpl | 28 + .../15.04/templates/web/apache2/phpfcgid.sh | 22 + .../15.04/templates/web/apache2/phpfcgid.stpl | 36 + .../15.04/templates/web/apache2/phpfcgid.tpl | 28 + .../15.04/templates/web/awstats/awstats.tpl | 133 ++ .../15.04/templates/web/awstats/index.tpl | 10 + .../15.04/templates/web/awstats/nav.tpl | 23 + .../15.04/templates/web/nginx/caching.sh | 12 + .../15.04/templates/web/nginx/caching.stpl | 44 + .../15.04/templates/web/nginx/caching.tpl | 41 + .../15.04/templates/web/nginx/default.stpl | 36 + .../15.04/templates/web/nginx/default.tpl | 33 + .../15.04/templates/web/nginx/hosting.sh | 11 + .../15.04/templates/web/nginx/hosting.stpl | 38 + .../15.04/templates/web/nginx/hosting.tpl | 35 + .../web/nginx/php5-fpm/cms_made_simple.stpl | 51 + .../web/nginx/php5-fpm/cms_made_simple.tpl | 47 + .../web/nginx/php5-fpm/codeigniter2.stpl | 56 + .../web/nginx/php5-fpm/codeigniter2.tpl | 52 + .../web/nginx/php5-fpm/codeigniter3.stpl | 51 + .../web/nginx/php5-fpm/codeigniter3.tpl | 47 + .../web/nginx/php5-fpm/datalife_engine.stpl | 122 ++ .../web/nginx/php5-fpm/datalife_engine.tpl | 118 ++ .../templates/web/nginx/php5-fpm/default.stpl | 50 + .../templates/web/nginx/php5-fpm/default.tpl | 46 + .../web/nginx/php5-fpm/dokuwiki.stpl | 67 + .../templates/web/nginx/php5-fpm/dokuwiki.tpl | 62 + .../templates/web/nginx/php5-fpm/drupal.stpl | 101 + .../templates/web/nginx/php5-fpm/drupal.tpl | 98 + .../templates/web/nginx/php5-fpm/joomla.stpl | 58 + .../templates/web/nginx/php5-fpm/joomla.tpl | 54 + .../web/nginx/php5-fpm/owncloud.stpl | 80 + .../templates/web/nginx/php5-fpm/owncloud.tpl | 76 + .../templates/web/nginx/php5-fpm/piwik.stpl | 68 + .../templates/web/nginx/php5-fpm/piwik.tpl | 64 + .../templates/web/nginx/php5-fpm/pyrocms.stpl | 61 + .../templates/web/nginx/php5-fpm/pyrocms.tpl | 57 + .../web/nginx/php5-fpm/wordpress.stpl | 50 + .../web/nginx/php5-fpm/wordpress.tpl | 46 + .../web/nginx/php5-fpm/wordpress2.stpl | 62 + .../web/nginx/php5-fpm/wordpress2.tpl | 58 + .../15.04/templates/web/nginx/proxy_ip.tpl | 9 + .../15.04/templates/web/php5-fpm/default.tpl | 18 + .../15.04/templates/web/php5-fpm/no-php.tpl | 13 + .../15.04/templates/web/php5-fpm/socket.tpl | 21 + .../web/skel/document_errors/403.html | 29 + .../web/skel/document_errors/404.html | 28 + .../web/skel/document_errors/50x.html | 29 + .../templates/web/skel/public_html/index.html | 26 + .../templates/web/skel/public_html/robots.txt | 3 + .../web/skel/public_shtml/index.html | 26 + .../web/skel/public_shtml/robots.txt | 3 + .../15.04/templates/web/suspend/.htaccess | 2 + .../15.04/templates/web/suspend/index.html | 27 + .../templates/web/webalizer/webalizer.tpl | 110 ++ install/ubuntu/15.04/vsftpd/vsftpd.conf | 24 + install/ubuntu/apache2.readme.txt | 11 - install/ubuntu/certificate.crt | 22 - install/ubuntu/certificate.key | 27 - install/ubuntu/freshclam.conf | 27 - install/ubuntu/nginx.readme.txt | 11 - install/ubuntu/sudoers.vestacp.conf | 1 - install/ubuntu/vesta.conf | 24 - install/ubuntu/whmcs-module.php | 359 ---- install/vst-install-debian.sh | 1517 +++++++++------ install/vst-install-rhel.sh | 1715 ++++++++++------- install/vst-install-ubuntu.sh | 1525 +++++++++------ install/vst-install.sh | 8 +- 1545 files changed, 59733 insertions(+), 3626 deletions(-) rename install/debian/{ => 7/apache2}/apache2.conf (100%) rename install/debian/{apache2-status.conf => 7/apache2/status.conf} (100%) rename install/debian/{ => 7/bind}/named.conf (100%) rename install/debian/{ => 7/clamav}/clamd.conf (100%) create mode 100644 install/debian/7/deb_signing.key create mode 100644 install/debian/7/dovecot.tar.gz rename install/debian/{ => 7}/dovecot/conf.d/10-auth.conf (100%) rename install/debian/{ => 7}/dovecot/conf.d/10-logging.conf (100%) rename install/debian/{ => 7}/dovecot/conf.d/10-mail.conf (100%) rename install/debian/{ => 7}/dovecot/conf.d/10-master.conf (100%) rename install/debian/{ => 7}/dovecot/conf.d/10-ssl.conf (100%) rename install/debian/{ => 7}/dovecot/conf.d/20-imap.conf (100%) rename install/debian/{ => 7}/dovecot/conf.d/20-pop3.conf (100%) rename install/debian/{ => 7}/dovecot/conf.d/auth-passwdfile.conf.ext (100%) rename install/{ubuntu => debian/7/dovecot}/dovecot.conf (100%) rename install/debian/{ => 7/exim}/dnsbl.conf (100%) rename install/debian/{ => 7/exim}/exim4.conf.template (99%) rename install/debian/{ => 7/exim}/spam-blocks.conf (100%) create mode 100644 install/debian/7/fail2ban.tar.gz create mode 100644 install/debian/7/fail2ban/action.d/vesta.conf rename install/debian/{fail2ban.filter.conf => 7/fail2ban/filter.d/vesta.conf} (100%) create mode 100644 install/debian/7/fail2ban/jail.local create mode 100644 install/debian/7/firewall.tar.gz rename install/debian/{ => 7}/firewall/ports.conf (93%) rename install/debian/{ => 7}/firewall/rules.conf (89%) rename install/debian/{apache2.log => 7/logrotate/apache2} (100%) create mode 100644 install/debian/7/logrotate/nginx rename install/debian/{vesta.log => 7/logrotate/vesta} (100%) create mode 100644 install/debian/7/mysql/my-large.cnf rename install/{ubuntu/my.cnf => debian/7/mysql/my-medium.cnf} (59%) create mode 100644 install/debian/7/mysql/my-small.cnf rename install/debian/{ => 7/nginx}/nginx.conf (100%) create mode 100644 install/debian/7/nginx/phpmyadmin.inc create mode 100644 install/debian/7/nginx/phppgadmin.inc rename install/debian/{nginx-status.conf => 7/nginx/status.conf} (100%) create mode 100644 install/debian/7/nginx/webmail.inc create mode 100644 install/debian/7/packages.tar.gz rename install/debian/{ => 7}/packages/default.pkg (100%) rename install/debian/{ => 7}/packages/gainsboro.pkg (100%) rename install/debian/{ => 7}/packages/palegreen.pkg (100%) rename install/debian/{ => 7}/packages/slategrey.pkg (100%) rename install/debian/{pga.conf => 7/pga/config.inc.php} (100%) rename install/debian/{apache2-pga.conf => 7/pga/phppgadmin.conf} (100%) rename install/debian/{apache2-pma.conf => 7/pma/apache.conf} (100%) rename install/debian/{pma.conf => 7/pma/config.inc.php} (100%) rename install/debian/{ => 7/postgresql}/pg_hba.conf (100%) rename install/{ubuntu => debian/7/proftpd}/proftpd.conf (100%) rename install/debian/{apache2-webmail.conf => 7/roundcube/apache.conf} (100%) rename install/debian/{roundcube-pw.conf => 7/roundcube/config.inc.php} (100%) rename install/debian/{roundcube-db.conf => 7/roundcube/db.inc.php} (100%) rename install/debian/{roundcube-main.conf => 7/roundcube/main.inc.php} (100%) rename install/debian/{roundcube-driver.php => 7/roundcube/vesta.php} (100%) rename install/debian/{sudoers.admin.conf => 7/sudo/admin} (56%) create mode 100644 install/debian/7/templates.tar.gz rename install/debian/{ => 7}/templates/dns/child-ns.tpl (100%) create mode 100755 install/debian/7/templates/dns/default.tpl rename install/debian/{ => 7}/templates/dns/gmail.tpl (100%) rename install/debian/{ => 7}/templates/web/apache2/basedir.stpl (86%) rename install/{ubuntu => debian/7}/templates/web/apache2/basedir.tpl (84%) rename install/debian/{ => 7}/templates/web/apache2/default.stpl (100%) rename install/debian/{ => 7}/templates/web/apache2/default.tpl (100%) rename install/debian/{ => 7}/templates/web/apache2/hosting.stpl (100%) rename install/debian/{ => 7}/templates/web/apache2/hosting.tpl (100%) rename install/debian/{ => 7}/templates/web/apache2/phpcgi.sh (100%) rename install/debian/{ => 7}/templates/web/apache2/phpcgi.stpl (100%) rename install/debian/{ => 7}/templates/web/apache2/phpcgi.tpl (100%) rename install/debian/{ => 7}/templates/web/apache2/phpfcgid.sh (100%) rename install/debian/{ => 7}/templates/web/apache2/phpfcgid.stpl (100%) rename install/debian/{ => 7}/templates/web/apache2/phpfcgid.tpl (100%) rename install/debian/{ => 7}/templates/web/awstats/awstats.tpl (100%) rename install/debian/{ => 7}/templates/web/awstats/index.tpl (100%) rename install/debian/{ => 7}/templates/web/awstats/nav.tpl (100%) rename install/debian/{ => 7}/templates/web/nginx/caching.stpl (100%) rename install/debian/{ => 7}/templates/web/nginx/caching.tpl (100%) rename install/debian/{ => 7}/templates/web/nginx/default.stpl (100%) rename install/debian/{ => 7}/templates/web/nginx/default.tpl (100%) rename install/debian/{ => 7}/templates/web/nginx/hosting.sh (100%) rename install/debian/{ => 7}/templates/web/nginx/hosting.stpl (100%) rename install/debian/{ => 7}/templates/web/nginx/hosting.tpl (100%) create mode 100644 install/debian/7/templates/web/nginx/php5-fpm/cms_made_simple.stpl create mode 100644 install/debian/7/templates/web/nginx/php5-fpm/cms_made_simple.tpl create mode 100644 install/debian/7/templates/web/nginx/php5-fpm/codeigniter2.stpl create mode 100644 install/debian/7/templates/web/nginx/php5-fpm/codeigniter2.tpl create mode 100644 install/debian/7/templates/web/nginx/php5-fpm/codeigniter3.stpl create mode 100644 install/debian/7/templates/web/nginx/php5-fpm/codeigniter3.tpl create mode 100644 install/debian/7/templates/web/nginx/php5-fpm/datalife_engine.stpl create mode 100644 install/debian/7/templates/web/nginx/php5-fpm/datalife_engine.tpl create mode 100644 install/debian/7/templates/web/nginx/php5-fpm/default.stpl create mode 100644 install/debian/7/templates/web/nginx/php5-fpm/default.tpl create mode 100644 install/debian/7/templates/web/nginx/php5-fpm/dokuwiki.stpl create mode 100644 install/debian/7/templates/web/nginx/php5-fpm/dokuwiki.tpl create mode 100644 install/debian/7/templates/web/nginx/php5-fpm/drupal.stpl create mode 100644 install/debian/7/templates/web/nginx/php5-fpm/drupal.tpl create mode 100644 install/debian/7/templates/web/nginx/php5-fpm/joomla.stpl create mode 100644 install/debian/7/templates/web/nginx/php5-fpm/joomla.tpl create mode 100644 install/debian/7/templates/web/nginx/php5-fpm/owncloud.stpl create mode 100644 install/debian/7/templates/web/nginx/php5-fpm/owncloud.tpl create mode 100644 install/debian/7/templates/web/nginx/php5-fpm/piwik.stpl create mode 100644 install/debian/7/templates/web/nginx/php5-fpm/piwik.tpl create mode 100644 install/debian/7/templates/web/nginx/php5-fpm/pyrocms.stpl create mode 100644 install/debian/7/templates/web/nginx/php5-fpm/pyrocms.tpl create mode 100644 install/debian/7/templates/web/nginx/php5-fpm/wordpress.stpl create mode 100644 install/debian/7/templates/web/nginx/php5-fpm/wordpress.tpl create mode 100644 install/debian/7/templates/web/nginx/php5-fpm/wordpress2.stpl create mode 100644 install/debian/7/templates/web/nginx/php5-fpm/wordpress2.tpl create mode 100644 install/debian/7/templates/web/nginx/php5-fpm/www.conf rename install/debian/{ => 7}/templates/web/nginx/proxy_ip.tpl (100%) create mode 100644 install/debian/7/templates/web/php5-fpm/default.tpl create mode 100644 install/debian/7/templates/web/php5-fpm/no-php.tpl create mode 100644 install/debian/7/templates/web/php5-fpm/socket.tpl create mode 100755 install/debian/7/templates/web/skel/document_errors/403.html create mode 100755 install/debian/7/templates/web/skel/document_errors/404.html create mode 100755 install/debian/7/templates/web/skel/document_errors/50x.html rename install/debian/{ => 7}/templates/web/skel/public_html/index.html (100%) rename install/debian/{ => 7}/templates/web/skel/public_html/robots.txt (100%) rename install/debian/{ => 7}/templates/web/skel/public_shtml/index.html (100%) rename install/debian/{ => 7}/templates/web/skel/public_shtml/robots.txt (100%) rename install/debian/{ => 7}/templates/web/suspend/.htaccess (100%) create mode 100755 install/debian/7/templates/web/suspend/index.html rename install/debian/{ => 7}/templates/web/webalizer/webalizer.tpl (100%) rename install/debian/{ => 7/vsftpd}/vsftpd.conf (100%) rename install/{ubuntu => debian/8/apache2}/apache2.conf (98%) rename install/{ubuntu/apache2-status.conf => debian/8/apache2/status.conf} (100%) rename install/{ubuntu => debian/8/bind}/named.conf (100%) rename install/{ubuntu => debian/8/clamav}/clamd.conf (100%) create mode 100644 install/debian/8/deb_signing.key create mode 100644 install/debian/8/dovecot.tar.gz rename install/{rhel => debian/8}/dovecot/conf.d/10-auth.conf (100%) rename install/{rhel => debian/8}/dovecot/conf.d/10-logging.conf (100%) rename install/{rhel => debian/8}/dovecot/conf.d/10-mail.conf (100%) rename install/{rhel => debian/8}/dovecot/conf.d/10-master.conf (100%) rename install/{ubuntu => debian/8}/dovecot/conf.d/10-ssl.conf (100%) create mode 100644 install/debian/8/dovecot/conf.d/20-imap.conf rename install/{ubuntu => debian/8}/dovecot/conf.d/20-pop3.conf (100%) rename install/{ubuntu => debian/8}/dovecot/conf.d/auth-passwdfile.conf.ext (100%) create mode 100644 install/debian/8/dovecot/dovecot.conf rename install/{rhel => debian/8/exim}/dnsbl.conf (100%) rename install/{ubuntu => debian/8/exim}/exim4.conf.template (99%) rename install/{rhel => debian/8/exim}/spam-blocks.conf (100%) create mode 100644 install/debian/8/fail2ban.tar.gz create mode 100644 install/debian/8/fail2ban/action.d/vesta.conf rename install/{rhel/fail2ban.filter.conf => debian/8/fail2ban/filter.d/vesta.conf} (100%) create mode 100644 install/debian/8/fail2ban/jail.local create mode 100644 install/debian/8/firewall.tar.gz rename install/{rhel => debian/8}/firewall/ports.conf (93%) rename install/{rhel => debian/8}/firewall/rules.conf (89%) rename install/{ubuntu/apache2.log => debian/8/logrotate/apache2} (100%) create mode 100644 install/debian/8/logrotate/nginx rename install/{rhel/vesta.log => debian/8/logrotate/vesta} (100%) create mode 100644 install/debian/8/mysql/my-large.cnf rename install/debian/{my.cnf => 8/mysql/my-medium.cnf} (59%) create mode 100644 install/debian/8/mysql/my-small.cnf rename install/{rhel => debian/8/nginx}/nginx.conf (99%) create mode 100644 install/debian/8/nginx/phpmyadmin.inc create mode 100644 install/debian/8/nginx/phppgadmin.inc rename install/{rhel/nginx-status.conf => debian/8/nginx/status.conf} (100%) create mode 100644 install/debian/8/nginx/webmail.inc create mode 100644 install/debian/8/packages.tar.gz rename install/{rhel => debian/8}/packages/default.pkg (100%) rename install/{rhel => debian/8}/packages/gainsboro.pkg (100%) rename install/{rhel => debian/8}/packages/palegreen.pkg (100%) rename install/{rhel => debian/8}/packages/slategrey.pkg (100%) rename install/{rhel/pga.conf => debian/8/pga/config.inc.php} (100%) rename install/{ubuntu/apache2-pga.conf => debian/8/pga/phppgadmin.conf} (100%) create mode 100644 install/debian/8/php5-fpm/www.conf rename install/{ubuntu/apache2-pma.conf => debian/8/pma/apache.conf} (92%) rename install/{ubuntu/pma.conf => debian/8/pma/config.inc.php} (100%) rename install/{rhel => debian/8/postgresql}/pg_hba.conf (100%) create mode 100644 install/debian/8/proftpd/proftpd.conf rename install/{ubuntu/apache2-webmail.conf => debian/8/roundcube/apache.conf} (100%) rename install/{rhel/roundcube-pw.conf => debian/8/roundcube/config.inc.php} (100%) rename install/{rhel/roundcube-db.conf => debian/8/roundcube/db.inc.php} (100%) rename install/{rhel/roundcube-main.conf => debian/8/roundcube/main.inc.php} (99%) rename install/{ubuntu/roundcube-driver.php => debian/8/roundcube/vesta.php} (100%) rename install/{rhel/sudoers.admin.conf => debian/8/sudo/admin} (56%) create mode 100644 install/debian/8/templates.tar.gz rename install/{rhel => debian/8}/templates/dns/child-ns.tpl (100%) rename install/debian/{ => 8}/templates/dns/default.tpl (100%) rename install/{rhel => debian/8}/templates/dns/gmail.tpl (100%) create mode 100755 install/debian/8/templates/web/apache2/basedir.stpl create mode 100755 install/debian/8/templates/web/apache2/basedir.tpl create mode 100755 install/debian/8/templates/web/apache2/default.stpl create mode 100755 install/debian/8/templates/web/apache2/default.tpl rename install/{ubuntu => debian/8}/templates/web/apache2/hosting.stpl (96%) rename install/{ubuntu => debian/8}/templates/web/apache2/hosting.tpl (95%) rename install/{rhel/templates/web/httpd => debian/8/templates/web/apache2}/phpcgi.sh (100%) rename install/{ubuntu => debian/8}/templates/web/apache2/phpcgi.stpl (93%) rename install/{ubuntu => debian/8}/templates/web/apache2/phpcgi.tpl (92%) rename install/{rhel/templates/web/httpd => debian/8/templates/web/apache2}/phpfcgid.sh (100%) rename install/{ubuntu => debian/8}/templates/web/apache2/phpfcgid.stpl (94%) rename install/{ubuntu => debian/8}/templates/web/apache2/phpfcgid.tpl (92%) rename install/{rhel => debian/8}/templates/web/awstats/awstats.tpl (100%) rename install/{rhel => debian/8}/templates/web/awstats/index.tpl (100%) rename install/{rhel => debian/8}/templates/web/awstats/nav.tpl (100%) create mode 100755 install/debian/8/templates/web/nginx/caching.sh rename install/{rhel => debian/8}/templates/web/nginx/caching.stpl (100%) rename install/{rhel => debian/8}/templates/web/nginx/caching.tpl (100%) rename install/{ubuntu => debian/8}/templates/web/nginx/default.stpl (100%) rename install/{ubuntu => debian/8}/templates/web/nginx/default.tpl (100%) rename install/{rhel => debian/8}/templates/web/nginx/hosting.sh (100%) rename install/{ubuntu => debian/8}/templates/web/nginx/hosting.stpl (100%) rename install/{ubuntu => debian/8}/templates/web/nginx/hosting.tpl (100%) create mode 100644 install/debian/8/templates/web/nginx/php5-fpm/cms_made_simple.stpl create mode 100644 install/debian/8/templates/web/nginx/php5-fpm/cms_made_simple.tpl create mode 100644 install/debian/8/templates/web/nginx/php5-fpm/codeigniter2.stpl create mode 100644 install/debian/8/templates/web/nginx/php5-fpm/codeigniter2.tpl create mode 100644 install/debian/8/templates/web/nginx/php5-fpm/codeigniter3.stpl create mode 100644 install/debian/8/templates/web/nginx/php5-fpm/codeigniter3.tpl create mode 100644 install/debian/8/templates/web/nginx/php5-fpm/datalife_engine.stpl create mode 100644 install/debian/8/templates/web/nginx/php5-fpm/datalife_engine.tpl create mode 100644 install/debian/8/templates/web/nginx/php5-fpm/default.stpl create mode 100644 install/debian/8/templates/web/nginx/php5-fpm/default.tpl create mode 100644 install/debian/8/templates/web/nginx/php5-fpm/dokuwiki.stpl create mode 100644 install/debian/8/templates/web/nginx/php5-fpm/dokuwiki.tpl create mode 100644 install/debian/8/templates/web/nginx/php5-fpm/drupal.stpl create mode 100644 install/debian/8/templates/web/nginx/php5-fpm/drupal.tpl create mode 100644 install/debian/8/templates/web/nginx/php5-fpm/joomla.stpl create mode 100644 install/debian/8/templates/web/nginx/php5-fpm/joomla.tpl create mode 100644 install/debian/8/templates/web/nginx/php5-fpm/owncloud.stpl create mode 100644 install/debian/8/templates/web/nginx/php5-fpm/owncloud.tpl create mode 100644 install/debian/8/templates/web/nginx/php5-fpm/piwik.stpl create mode 100644 install/debian/8/templates/web/nginx/php5-fpm/piwik.tpl create mode 100644 install/debian/8/templates/web/nginx/php5-fpm/pyrocms.stpl create mode 100644 install/debian/8/templates/web/nginx/php5-fpm/pyrocms.tpl create mode 100644 install/debian/8/templates/web/nginx/php5-fpm/wordpress.stpl create mode 100644 install/debian/8/templates/web/nginx/php5-fpm/wordpress.tpl create mode 100644 install/debian/8/templates/web/nginx/php5-fpm/wordpress2.stpl create mode 100644 install/debian/8/templates/web/nginx/php5-fpm/wordpress2.tpl rename install/{rhel => debian/8}/templates/web/nginx/proxy_ip.tpl (100%) create mode 100644 install/debian/8/templates/web/php5-fpm/default.tpl create mode 100644 install/debian/8/templates/web/php5-fpm/no-php.tpl create mode 100644 install/debian/8/templates/web/php5-fpm/socket.tpl create mode 100755 install/debian/8/templates/web/skel/document_errors/403.html create mode 100755 install/debian/8/templates/web/skel/document_errors/404.html create mode 100755 install/debian/8/templates/web/skel/document_errors/50x.html rename install/{rhel => debian/8}/templates/web/skel/public_html/index.html (100%) rename install/{rhel => debian/8}/templates/web/skel/public_html/robots.txt (100%) rename install/{rhel => debian/8}/templates/web/skel/public_shtml/index.html (100%) rename install/{rhel => debian/8}/templates/web/skel/public_shtml/robots.txt (100%) rename install/{rhel => debian/8}/templates/web/suspend/.htaccess (100%) create mode 100755 install/debian/8/templates/web/suspend/index.html rename install/{rhel => debian/8}/templates/web/webalizer/webalizer.tpl (100%) rename install/{ubuntu => debian/8/vsftpd}/vsftpd.conf (100%) delete mode 100644 install/debian/apache2.readme.txt delete mode 100644 install/debian/certificate.crt delete mode 100644 install/debian/certificate.key delete mode 100644 install/debian/dovecot.conf delete mode 100644 install/debian/freshclam.conf delete mode 100644 install/debian/nginx.readme.txt delete mode 100644 install/debian/sudoers.conf delete mode 100644 install/debian/vesta.conf delete mode 100644 install/debian/whmcs-module.php create mode 100644 install/rhel/5/GPG.txt rename install/rhel/{ => 5/clamav}/clamd.conf (100%) create mode 100644 install/rhel/5/clamav/clamd.service rename install/rhel/{ => 5/clamav}/freshclam.conf (100%) create mode 100644 install/rhel/5/dovecot.tar.gz rename install/rhel/{ => 5/dovecot}/dovecot.conf (83%) create mode 100644 install/rhel/5/epel-release.rpm rename install/{ubuntu => rhel/5/exim}/dnsbl.conf (100%) rename install/rhel/{ => 5/exim}/exim-smarthost.conf (100%) rename install/rhel/{ => 5/exim}/exim.conf (99%) rename install/{ubuntu => rhel/5/exim}/spam-blocks.conf (100%) create mode 100644 install/rhel/5/fail2ban.tar.gz rename install/{debian => rhel/5/fail2ban}/fail2ban.action.conf (100%) rename install/{ubuntu => rhel/5/fail2ban}/fail2ban.filter.conf (100%) rename install/{debian => rhel/5/fail2ban}/fail2ban.jail.conf (100%) create mode 100644 install/rhel/5/firewall.tar.gz rename install/{ubuntu => rhel/5}/firewall/ports.conf (93%) rename install/{ubuntu => rhel/5}/firewall/rules.conf (89%) rename install/rhel/{ => 5/httpd}/httpd.conf (100%) create mode 100644 install/rhel/5/httpd/ruid2.conf rename install/rhel/{httpd-ssl.conf => 5/httpd/ssl.conf} (100%) rename install/rhel/{httpd-status.conf => 5/httpd/status.conf} (100%) rename install/rhel/{httpd.log => 5/logrotate/httpd} (100%) create mode 100644 install/rhel/5/logrotate/nginx rename install/{ubuntu/vesta.log => rhel/5/logrotate/vesta} (100%) create mode 100644 install/rhel/5/mariadb/my-large.cnf create mode 100644 install/rhel/5/mariadb/my-medium.cnf create mode 100644 install/rhel/5/mariadb/my-small.cnf rename install/rhel/{ => 5}/monit/clamd.conf (100%) rename install/rhel/{ => 5}/monit/dovecot.conf (100%) rename install/rhel/{ => 5}/monit/exim.conf (100%) rename install/rhel/{ => 5}/monit/httpd.conf (100%) rename install/rhel/{ => 5}/monit/mysql.conf (100%) rename install/rhel/{ => 5}/monit/nginx.conf (100%) rename install/rhel/{ => 5}/monit/spamassassin.conf (100%) rename install/rhel/{ => 5}/monit/sshd.conf (100%) rename install/rhel/{ => 5}/monit/vesta-nginx.conf (100%) rename install/rhel/{ => 5}/monit/vesta-php.conf (100%) create mode 100644 install/rhel/5/mysqld/my-large.cnf create mode 100644 install/rhel/5/mysqld/my-medium.cnf create mode 100644 install/rhel/5/mysqld/my-small.cnf rename install/rhel/{ => 5/named}/named.conf (100%) create mode 100644 install/rhel/5/nginx/nginx.conf create mode 100644 install/rhel/5/nginx/phpmyadmin.inc create mode 100644 install/rhel/5/nginx/phppgadmin.inc rename install/{ubuntu/nginx-status.conf => rhel/5/nginx/status.conf} (100%) create mode 100644 install/rhel/5/nginx/webmail.inc create mode 100644 install/rhel/5/packages.tar.gz create mode 100644 install/rhel/5/packages/default.pkg create mode 100644 install/rhel/5/packages/gainsboro.pkg create mode 100644 install/rhel/5/packages/palegreen.pkg create mode 100644 install/rhel/5/packages/slategrey.pkg rename install/{ubuntu/pga.conf => rhel/5/pga/config.inc.php} (100%) rename install/rhel/{httpd-pga.conf => 5/pga/phpPgAdmin.conf} (100%) create mode 100644 install/rhel/5/php-fpm/www.conf rename install/rhel/{pma.conf => 5/pma/config.inc.conf} (100%) rename install/rhel/{httpd-pma.conf => 5/pma/phpMyAdmin.conf} (89%) create mode 100644 install/rhel/5/postgresql/pg_hba.conf rename install/rhel/{ => 5/proftpd}/proftpd.conf (100%) create mode 100644 install/rhel/5/remi-release.rpm rename install/{ubuntu/roundcube-pw.conf => rhel/5/roundcube/config.inc.php} (100%) rename install/{ubuntu/roundcube-db.conf => rhel/5/roundcube/db.inc.php} (100%) create mode 100644 install/rhel/5/roundcube/main.inc.php rename install/rhel/{httpd-webmail.conf => 5/roundcube/roundcubemail.conf} (53%) rename install/rhel/{roundcube-driver.php => 5/roundcube/vesta.php} (100%) rename install/{ubuntu/sudoers.admin.conf => rhel/5/sudo/admin} (56%) create mode 100644 install/rhel/5/templates.tar.gz rename install/{ubuntu => rhel/5}/templates/dns/child-ns.tpl (100%) create mode 100755 install/rhel/5/templates/dns/default.tpl rename install/{ubuntu => rhel/5}/templates/dns/gmail.tpl (90%) rename install/{ubuntu => rhel/5}/templates/web/awstats/awstats.tpl (100%) rename install/{ubuntu => rhel/5}/templates/web/awstats/index.tpl (100%) rename install/{ubuntu => rhel/5}/templates/web/awstats/nav.tpl (100%) rename install/rhel/{ => 5}/templates/web/httpd/basedir.stpl (86%) rename install/rhel/{ => 5}/templates/web/httpd/basedir.tpl (84%) rename install/rhel/{ => 5}/templates/web/httpd/default.stpl (100%) rename install/rhel/{ => 5}/templates/web/httpd/default.tpl (100%) rename install/rhel/{ => 5}/templates/web/httpd/hosting.stpl (100%) rename install/rhel/{ => 5}/templates/web/httpd/hosting.tpl (100%) rename install/{ubuntu/templates/web/apache2 => rhel/5/templates/web/httpd}/phpcgi.sh (100%) rename install/rhel/{ => 5}/templates/web/httpd/phpcgi.stpl (100%) rename install/rhel/{ => 5}/templates/web/httpd/phpcgi.tpl (100%) rename install/{ubuntu/templates/web/apache2 => rhel/5/templates/web/httpd}/phpfcgid.sh (100%) rename install/rhel/{ => 5}/templates/web/httpd/phpfcgid.stpl (100%) rename install/rhel/{ => 5}/templates/web/httpd/phpfcgid.tpl (100%) create mode 100755 install/rhel/5/templates/web/nginx/caching.sh create mode 100755 install/rhel/5/templates/web/nginx/caching.stpl create mode 100755 install/rhel/5/templates/web/nginx/caching.tpl rename install/rhel/{ => 5}/templates/web/nginx/default.stpl (100%) rename install/rhel/{ => 5}/templates/web/nginx/default.tpl (100%) rename install/{ubuntu => rhel/5}/templates/web/nginx/hosting.sh (100%) rename install/rhel/{ => 5}/templates/web/nginx/hosting.stpl (100%) rename install/rhel/{ => 5}/templates/web/nginx/hosting.tpl (100%) create mode 100644 install/rhel/5/templates/web/nginx/php-fpm/cms_made_simple.stpl create mode 100644 install/rhel/5/templates/web/nginx/php-fpm/cms_made_simple.tpl create mode 100644 install/rhel/5/templates/web/nginx/php-fpm/codeigniter2.stpl create mode 100644 install/rhel/5/templates/web/nginx/php-fpm/codeigniter2.tpl create mode 100644 install/rhel/5/templates/web/nginx/php-fpm/codeigniter3.stpl create mode 100644 install/rhel/5/templates/web/nginx/php-fpm/codeigniter3.tpl create mode 100644 install/rhel/5/templates/web/nginx/php-fpm/datalife_engine.stpl create mode 100644 install/rhel/5/templates/web/nginx/php-fpm/datalife_engine.tpl create mode 100644 install/rhel/5/templates/web/nginx/php-fpm/default.stpl create mode 100644 install/rhel/5/templates/web/nginx/php-fpm/default.tpl create mode 100644 install/rhel/5/templates/web/nginx/php-fpm/dokuwiki.stpl create mode 100644 install/rhel/5/templates/web/nginx/php-fpm/dokuwiki.tpl create mode 100644 install/rhel/5/templates/web/nginx/php-fpm/drupal.stpl create mode 100644 install/rhel/5/templates/web/nginx/php-fpm/drupal.tpl create mode 100644 install/rhel/5/templates/web/nginx/php-fpm/joomla.stpl create mode 100644 install/rhel/5/templates/web/nginx/php-fpm/joomla.tpl create mode 100644 install/rhel/5/templates/web/nginx/php-fpm/owncloud.stpl create mode 100644 install/rhel/5/templates/web/nginx/php-fpm/owncloud.tpl create mode 100644 install/rhel/5/templates/web/nginx/php-fpm/piwik.stpl create mode 100644 install/rhel/5/templates/web/nginx/php-fpm/piwik.tpl create mode 100644 install/rhel/5/templates/web/nginx/php-fpm/pyrocms.stpl create mode 100644 install/rhel/5/templates/web/nginx/php-fpm/pyrocms.tpl create mode 100644 install/rhel/5/templates/web/nginx/php-fpm/wordpress.stpl create mode 100644 install/rhel/5/templates/web/nginx/php-fpm/wordpress.tpl create mode 100644 install/rhel/5/templates/web/nginx/php-fpm/wordpress2.stpl create mode 100644 install/rhel/5/templates/web/nginx/php-fpm/wordpress2.tpl rename install/{ubuntu => rhel/5}/templates/web/nginx/proxy_ip.tpl (100%) create mode 100644 install/rhel/5/templates/web/php-fpm/default.tpl create mode 100644 install/rhel/5/templates/web/php-fpm/no-php.tpl create mode 100644 install/rhel/5/templates/web/php-fpm/socket.tpl rename install/{debian => rhel/5}/templates/web/skel/document_errors/403.html (100%) rename install/{debian => rhel/5}/templates/web/skel/document_errors/404.html (100%) rename install/{debian => rhel/5}/templates/web/skel/document_errors/50x.html (100%) rename install/{ubuntu => rhel/5}/templates/web/skel/public_html/index.html (100%) rename install/{ubuntu => rhel/5}/templates/web/skel/public_html/robots.txt (100%) rename install/{ubuntu => rhel/5}/templates/web/skel/public_shtml/index.html (100%) rename install/{ubuntu => rhel/5}/templates/web/skel/public_shtml/robots.txt (100%) rename install/{ubuntu => rhel/5}/templates/web/suspend/.htaccess (100%) rename install/{debian => rhel/5}/templates/web/suspend/index.html (100%) rename install/{ubuntu => rhel/5}/templates/web/webalizer/webalizer.tpl (100%) rename install/rhel/{ => 5/vsftpd}/vsftpd.conf (100%) create mode 100644 install/rhel/5/wsgi/httpd.tar.gz create mode 100755 install/rhel/5/wsgi/httpd/wsgi.sh create mode 100755 install/rhel/5/wsgi/httpd/wsgi.stpl create mode 100644 install/rhel/5/wsgi/httpd/wsgi.tpl create mode 100644 install/rhel/6/GPG.txt create mode 100644 install/rhel/6/clamav/clamd.conf create mode 100644 install/rhel/6/clamav/clamd.service create mode 100644 install/rhel/6/clamav/freshclam.conf create mode 100644 install/rhel/6/dovecot.tar.gz rename install/{ubuntu => rhel/6}/dovecot/conf.d/10-auth.conf (100%) rename install/{ubuntu => rhel/6}/dovecot/conf.d/10-logging.conf (100%) rename install/{ubuntu => rhel/6}/dovecot/conf.d/10-mail.conf (100%) rename install/{ubuntu => rhel/6}/dovecot/conf.d/10-master.conf (100%) create mode 100644 install/rhel/6/dovecot/conf.d/10-ssl.conf rename install/rhel/{ => 6}/dovecot/conf.d/20-imap.conf (100%) rename install/rhel/{ => 6}/dovecot/conf.d/20-pop3.conf (100%) rename install/rhel/{ => 6}/dovecot/conf.d/auth-passwdfile.conf.ext (100%) rename install/rhel/{ => 6}/dovecot/dovecot.conf (100%) create mode 100644 install/rhel/6/epel-release.rpm create mode 100644 install/rhel/6/exim/dnsbl.conf create mode 100644 install/rhel/6/exim/exim-smarthost.conf create mode 100644 install/rhel/6/exim/exim.conf create mode 100644 install/rhel/6/exim/spam-blocks.conf create mode 100644 install/rhel/6/fail2ban.tar.gz rename install/rhel/{ => 6/fail2ban}/fail2ban.action.conf (100%) create mode 100644 install/rhel/6/fail2ban/fail2ban.filter.conf rename install/rhel/{ => 6/fail2ban}/fail2ban.jail.conf (100%) create mode 100644 install/rhel/6/firewall.tar.gz create mode 100644 install/rhel/6/firewall/ports.conf create mode 100644 install/rhel/6/firewall/rules.conf create mode 100644 install/rhel/6/httpd/httpd.conf create mode 100644 install/rhel/6/httpd/ruid2.conf create mode 100644 install/rhel/6/httpd/ssl.conf create mode 100644 install/rhel/6/httpd/status.conf create mode 100644 install/rhel/6/logrotate/httpd create mode 100644 install/rhel/6/logrotate/nginx create mode 100644 install/rhel/6/logrotate/vesta create mode 100644 install/rhel/6/mariadb/my-large.cnf create mode 100644 install/rhel/6/mariadb/my-medium.cnf create mode 100644 install/rhel/6/mariadb/my-small.cnf create mode 100644 install/rhel/6/mysqld/my-large.cnf create mode 100644 install/rhel/6/mysqld/my-medium.cnf create mode 100644 install/rhel/6/mysqld/my-small.cnf create mode 100644 install/rhel/6/named/named.conf create mode 100644 install/rhel/6/nginx/nginx.conf create mode 100644 install/rhel/6/nginx/phpmyadmin.inc create mode 100644 install/rhel/6/nginx/phppgadmin.inc create mode 100644 install/rhel/6/nginx/status.conf create mode 100644 install/rhel/6/nginx/webmail.inc create mode 100644 install/rhel/6/packages.tar.gz create mode 100644 install/rhel/6/packages/default.pkg create mode 100644 install/rhel/6/packages/gainsboro.pkg create mode 100644 install/rhel/6/packages/palegreen.pkg create mode 100644 install/rhel/6/packages/slategrey.pkg create mode 100644 install/rhel/6/pga/config.inc.php create mode 100644 install/rhel/6/pga/phpPgAdmin.conf create mode 100644 install/rhel/6/php-fpm/www.conf create mode 100644 install/rhel/6/pma/config.inc.conf create mode 100644 install/rhel/6/pma/phpMyAdmin.conf rename install/{ubuntu => rhel/6/postgresql}/pg_hba.conf (100%) rename install/{debian => rhel/6/proftpd}/proftpd.conf (84%) create mode 100644 install/rhel/6/remi-release.rpm create mode 100644 install/rhel/6/roundcube/config.inc.php create mode 100644 install/rhel/6/roundcube/db.inc.php create mode 100644 install/rhel/6/roundcube/main.inc.php create mode 100644 install/rhel/6/roundcube/roundcubemail.conf create mode 100644 install/rhel/6/roundcube/vesta.php create mode 100644 install/rhel/6/sudo/admin create mode 100644 install/rhel/6/templates.tar.gz create mode 100755 install/rhel/6/templates/dns/child-ns.tpl create mode 100755 install/rhel/6/templates/dns/default.tpl create mode 100755 install/rhel/6/templates/dns/gmail.tpl create mode 100755 install/rhel/6/templates/web/awstats/awstats.tpl create mode 100755 install/rhel/6/templates/web/awstats/index.tpl create mode 100755 install/rhel/6/templates/web/awstats/nav.tpl rename install/{ubuntu/templates/web/apache2 => rhel/6/templates/web/httpd}/basedir.stpl (85%) rename install/{debian/templates/web/apache2 => rhel/6/templates/web/httpd}/basedir.tpl (82%) rename install/{ubuntu/templates/web/apache2 => rhel/6/templates/web/httpd}/default.stpl (97%) rename install/{ubuntu/templates/web/apache2 => rhel/6/templates/web/httpd}/default.tpl (97%) create mode 100755 install/rhel/6/templates/web/httpd/hosting.stpl create mode 100755 install/rhel/6/templates/web/httpd/hosting.tpl create mode 100755 install/rhel/6/templates/web/httpd/phpcgi.sh create mode 100755 install/rhel/6/templates/web/httpd/phpcgi.stpl create mode 100755 install/rhel/6/templates/web/httpd/phpcgi.tpl create mode 100755 install/rhel/6/templates/web/httpd/phpfcgid.sh create mode 100755 install/rhel/6/templates/web/httpd/phpfcgid.stpl create mode 100755 install/rhel/6/templates/web/httpd/phpfcgid.tpl create mode 100755 install/rhel/6/templates/web/nginx/caching.sh create mode 100755 install/rhel/6/templates/web/nginx/caching.stpl create mode 100755 install/rhel/6/templates/web/nginx/caching.tpl create mode 100755 install/rhel/6/templates/web/nginx/default.stpl create mode 100755 install/rhel/6/templates/web/nginx/default.tpl create mode 100755 install/rhel/6/templates/web/nginx/hosting.sh create mode 100755 install/rhel/6/templates/web/nginx/hosting.stpl create mode 100755 install/rhel/6/templates/web/nginx/hosting.tpl create mode 100644 install/rhel/6/templates/web/nginx/php-fpm/cms_made_simple.stpl create mode 100644 install/rhel/6/templates/web/nginx/php-fpm/cms_made_simple.tpl create mode 100644 install/rhel/6/templates/web/nginx/php-fpm/codeigniter2.stpl create mode 100644 install/rhel/6/templates/web/nginx/php-fpm/codeigniter2.tpl create mode 100644 install/rhel/6/templates/web/nginx/php-fpm/codeigniter3.stpl create mode 100644 install/rhel/6/templates/web/nginx/php-fpm/codeigniter3.tpl create mode 100644 install/rhel/6/templates/web/nginx/php-fpm/datalife_engine.stpl create mode 100644 install/rhel/6/templates/web/nginx/php-fpm/datalife_engine.tpl create mode 100644 install/rhel/6/templates/web/nginx/php-fpm/default.stpl create mode 100644 install/rhel/6/templates/web/nginx/php-fpm/default.tpl create mode 100644 install/rhel/6/templates/web/nginx/php-fpm/dokuwiki.stpl create mode 100644 install/rhel/6/templates/web/nginx/php-fpm/dokuwiki.tpl create mode 100644 install/rhel/6/templates/web/nginx/php-fpm/drupal.stpl create mode 100644 install/rhel/6/templates/web/nginx/php-fpm/drupal.tpl create mode 100644 install/rhel/6/templates/web/nginx/php-fpm/joomla.stpl create mode 100644 install/rhel/6/templates/web/nginx/php-fpm/joomla.tpl create mode 100644 install/rhel/6/templates/web/nginx/php-fpm/owncloud.stpl create mode 100644 install/rhel/6/templates/web/nginx/php-fpm/owncloud.tpl create mode 100644 install/rhel/6/templates/web/nginx/php-fpm/piwik.stpl create mode 100644 install/rhel/6/templates/web/nginx/php-fpm/piwik.tpl create mode 100644 install/rhel/6/templates/web/nginx/php-fpm/pyrocms.stpl create mode 100644 install/rhel/6/templates/web/nginx/php-fpm/pyrocms.tpl create mode 100644 install/rhel/6/templates/web/nginx/php-fpm/wordpress.stpl create mode 100644 install/rhel/6/templates/web/nginx/php-fpm/wordpress.tpl create mode 100644 install/rhel/6/templates/web/nginx/php-fpm/wordpress2.stpl create mode 100644 install/rhel/6/templates/web/nginx/php-fpm/wordpress2.tpl create mode 100755 install/rhel/6/templates/web/nginx/proxy_ip.tpl create mode 100644 install/rhel/6/templates/web/php-fpm/default.tpl create mode 100644 install/rhel/6/templates/web/php-fpm/no-php.tpl create mode 100644 install/rhel/6/templates/web/php-fpm/socket.tpl rename install/rhel/{ => 6}/templates/web/skel/document_errors/403.html (100%) rename install/rhel/{ => 6}/templates/web/skel/document_errors/404.html (100%) rename install/rhel/{ => 6}/templates/web/skel/document_errors/50x.html (100%) create mode 100755 install/rhel/6/templates/web/skel/public_html/index.html create mode 100755 install/rhel/6/templates/web/skel/public_html/robots.txt create mode 100755 install/rhel/6/templates/web/skel/public_shtml/index.html create mode 100755 install/rhel/6/templates/web/skel/public_shtml/robots.txt create mode 100755 install/rhel/6/templates/web/suspend/.htaccess rename install/rhel/{ => 6}/templates/web/suspend/index.html (100%) create mode 100755 install/rhel/6/templates/web/webalizer/webalizer.tpl create mode 100644 install/rhel/6/vsftpd/vsftpd.conf create mode 100644 install/rhel/6/wsgi/httpd.tar.gz create mode 100755 install/rhel/6/wsgi/httpd/wsgi.sh create mode 100755 install/rhel/6/wsgi/httpd/wsgi.stpl create mode 100644 install/rhel/6/wsgi/httpd/wsgi.tpl create mode 100644 install/rhel/7/GPG.txt create mode 100644 install/rhel/7/clamav/clamd.conf create mode 100644 install/rhel/7/clamav/clamd.service create mode 100644 install/rhel/7/clamav/freshclam.conf create mode 100644 install/rhel/7/dovecot.tar.gz create mode 100644 install/rhel/7/dovecot/conf.d/10-auth.conf create mode 100644 install/rhel/7/dovecot/conf.d/10-logging.conf create mode 100644 install/rhel/7/dovecot/conf.d/10-mail.conf create mode 100644 install/rhel/7/dovecot/conf.d/10-master.conf create mode 100644 install/rhel/7/dovecot/conf.d/10-ssl.conf rename install/{ubuntu => rhel/7}/dovecot/conf.d/20-imap.conf (100%) create mode 100644 install/rhel/7/dovecot/conf.d/20-pop3.conf create mode 100644 install/rhel/7/dovecot/conf.d/auth-passwdfile.conf.ext create mode 100644 install/rhel/7/dovecot/dovecot.conf create mode 100644 install/rhel/7/epel-release.rpm create mode 100644 install/rhel/7/exim/dnsbl.conf create mode 100644 install/rhel/7/exim/exim-smarthost.conf create mode 100644 install/rhel/7/exim/exim.conf create mode 100644 install/rhel/7/exim/spam-blocks.conf create mode 100644 install/rhel/7/fail2ban.tar.gz rename install/{ubuntu => rhel/7/fail2ban}/fail2ban.action.conf (100%) create mode 100644 install/rhel/7/fail2ban/fail2ban.filter.conf rename install/{ubuntu => rhel/7/fail2ban}/fail2ban.jail.conf (100%) create mode 100644 install/rhel/7/firewall.tar.gz create mode 100644 install/rhel/7/firewall/ports.conf create mode 100644 install/rhel/7/firewall/rules.conf create mode 100644 install/rhel/7/httpd/httpd.conf create mode 100644 install/rhel/7/httpd/ruid2.conf create mode 100644 install/rhel/7/httpd/ssl.conf create mode 100644 install/rhel/7/httpd/status.conf create mode 100644 install/rhel/7/logrotate/httpd create mode 100644 install/rhel/7/logrotate/nginx create mode 100644 install/rhel/7/logrotate/vesta create mode 100644 install/rhel/7/mariadb/my-large.cnf create mode 100644 install/rhel/7/mariadb/my-medium.cnf create mode 100644 install/rhel/7/mariadb/my-small.cnf create mode 100644 install/rhel/7/monit/clamd.conf create mode 100644 install/rhel/7/monit/dovecot.conf create mode 100644 install/rhel/7/monit/exim.conf create mode 100644 install/rhel/7/monit/httpd.conf create mode 100644 install/rhel/7/monit/mysql.conf create mode 100644 install/rhel/7/monit/nginx.conf create mode 100644 install/rhel/7/monit/spamassassin.conf create mode 100644 install/rhel/7/monit/sshd.conf create mode 100644 install/rhel/7/monit/vesta-nginx.conf create mode 100644 install/rhel/7/monit/vesta-php.conf create mode 100644 install/rhel/7/mysqld/my-large.cnf create mode 100644 install/rhel/7/mysqld/my-medium.cnf create mode 100644 install/rhel/7/mysqld/my-small.cnf create mode 100644 install/rhel/7/named/named.conf create mode 100644 install/rhel/7/nginx/nginx.conf create mode 100644 install/rhel/7/nginx/phpmyadmin.inc create mode 100644 install/rhel/7/nginx/phppgadmin.inc create mode 100644 install/rhel/7/nginx/status.conf create mode 100644 install/rhel/7/nginx/webmail.inc create mode 100644 install/rhel/7/packages.tar.gz create mode 100644 install/rhel/7/packages/default.pkg create mode 100644 install/rhel/7/packages/gainsboro.pkg create mode 100644 install/rhel/7/packages/palegreen.pkg create mode 100644 install/rhel/7/packages/slategrey.pkg create mode 100644 install/rhel/7/pga/config.inc.php create mode 100644 install/rhel/7/pga/phpPgAdmin.conf create mode 100644 install/rhel/7/php-fpm/www.conf create mode 100644 install/rhel/7/pma/config.inc.conf create mode 100644 install/rhel/7/pma/phpMyAdmin.conf create mode 100644 install/rhel/7/postgresql/pg_hba.conf create mode 100644 install/rhel/7/proftpd/proftpd.conf create mode 100644 install/rhel/7/remi-release.rpm create mode 100644 install/rhel/7/roundcube/config.inc.php create mode 100644 install/rhel/7/roundcube/db.inc.php create mode 100644 install/rhel/7/roundcube/main.inc.php create mode 100644 install/rhel/7/roundcube/roundcubemail.conf create mode 100644 install/rhel/7/roundcube/vesta.php create mode 100644 install/rhel/7/sudo/admin create mode 100644 install/rhel/7/templates.tar.gz create mode 100755 install/rhel/7/templates/dns/child-ns.tpl rename install/rhel/{ => 7}/templates/dns/default.tpl (100%) create mode 100755 install/rhel/7/templates/dns/gmail.tpl create mode 100755 install/rhel/7/templates/web/awstats/awstats.tpl create mode 100755 install/rhel/7/templates/web/awstats/index.tpl create mode 100755 install/rhel/7/templates/web/awstats/nav.tpl create mode 100755 install/rhel/7/templates/web/httpd/basedir.stpl create mode 100755 install/rhel/7/templates/web/httpd/basedir.tpl create mode 100755 install/rhel/7/templates/web/httpd/default.stpl create mode 100755 install/rhel/7/templates/web/httpd/default.tpl create mode 100755 install/rhel/7/templates/web/httpd/hosting.stpl create mode 100755 install/rhel/7/templates/web/httpd/hosting.tpl create mode 100755 install/rhel/7/templates/web/httpd/phpcgi.sh create mode 100755 install/rhel/7/templates/web/httpd/phpcgi.stpl create mode 100755 install/rhel/7/templates/web/httpd/phpcgi.tpl create mode 100755 install/rhel/7/templates/web/httpd/phpfcgid.sh create mode 100755 install/rhel/7/templates/web/httpd/phpfcgid.stpl create mode 100755 install/rhel/7/templates/web/httpd/phpfcgid.tpl create mode 100755 install/rhel/7/templates/web/nginx/caching.sh create mode 100755 install/rhel/7/templates/web/nginx/caching.stpl create mode 100755 install/rhel/7/templates/web/nginx/caching.tpl create mode 100755 install/rhel/7/templates/web/nginx/default.stpl create mode 100755 install/rhel/7/templates/web/nginx/default.tpl create mode 100755 install/rhel/7/templates/web/nginx/hosting.sh create mode 100755 install/rhel/7/templates/web/nginx/hosting.stpl create mode 100755 install/rhel/7/templates/web/nginx/hosting.tpl create mode 100644 install/rhel/7/templates/web/nginx/php-fpm/cms_made_simple.stpl create mode 100644 install/rhel/7/templates/web/nginx/php-fpm/cms_made_simple.tpl create mode 100644 install/rhel/7/templates/web/nginx/php-fpm/codeigniter2.stpl create mode 100644 install/rhel/7/templates/web/nginx/php-fpm/codeigniter2.tpl create mode 100644 install/rhel/7/templates/web/nginx/php-fpm/codeigniter3.stpl create mode 100644 install/rhel/7/templates/web/nginx/php-fpm/codeigniter3.tpl create mode 100644 install/rhel/7/templates/web/nginx/php-fpm/datalife_engine.stpl create mode 100644 install/rhel/7/templates/web/nginx/php-fpm/datalife_engine.tpl create mode 100644 install/rhel/7/templates/web/nginx/php-fpm/default.stpl create mode 100644 install/rhel/7/templates/web/nginx/php-fpm/default.tpl create mode 100644 install/rhel/7/templates/web/nginx/php-fpm/dokuwiki.stpl create mode 100644 install/rhel/7/templates/web/nginx/php-fpm/dokuwiki.tpl create mode 100644 install/rhel/7/templates/web/nginx/php-fpm/drupal.stpl create mode 100644 install/rhel/7/templates/web/nginx/php-fpm/drupal.tpl create mode 100644 install/rhel/7/templates/web/nginx/php-fpm/joomla.stpl create mode 100644 install/rhel/7/templates/web/nginx/php-fpm/joomla.tpl create mode 100644 install/rhel/7/templates/web/nginx/php-fpm/owncloud.stpl create mode 100644 install/rhel/7/templates/web/nginx/php-fpm/owncloud.tpl create mode 100644 install/rhel/7/templates/web/nginx/php-fpm/piwik.stpl create mode 100644 install/rhel/7/templates/web/nginx/php-fpm/piwik.tpl create mode 100644 install/rhel/7/templates/web/nginx/php-fpm/pyrocms.stpl create mode 100644 install/rhel/7/templates/web/nginx/php-fpm/pyrocms.tpl create mode 100644 install/rhel/7/templates/web/nginx/php-fpm/wordpress.stpl create mode 100644 install/rhel/7/templates/web/nginx/php-fpm/wordpress.tpl create mode 100644 install/rhel/7/templates/web/nginx/php-fpm/wordpress2.stpl create mode 100644 install/rhel/7/templates/web/nginx/php-fpm/wordpress2.tpl create mode 100755 install/rhel/7/templates/web/nginx/proxy_ip.tpl create mode 100644 install/rhel/7/templates/web/php-fpm/default.tpl create mode 100644 install/rhel/7/templates/web/php-fpm/no-php.tpl create mode 100644 install/rhel/7/templates/web/php-fpm/socket.tpl rename install/{ubuntu => rhel/7}/templates/web/skel/document_errors/403.html (100%) rename install/{ubuntu => rhel/7}/templates/web/skel/document_errors/404.html (100%) rename install/{ubuntu => rhel/7}/templates/web/skel/document_errors/50x.html (100%) create mode 100755 install/rhel/7/templates/web/skel/public_html/index.html create mode 100755 install/rhel/7/templates/web/skel/public_html/robots.txt create mode 100755 install/rhel/7/templates/web/skel/public_shtml/index.html create mode 100755 install/rhel/7/templates/web/skel/public_shtml/robots.txt create mode 100755 install/rhel/7/templates/web/suspend/.htaccess rename install/{ubuntu => rhel/7}/templates/web/suspend/index.html (100%) create mode 100755 install/rhel/7/templates/web/webalizer/webalizer.tpl create mode 100644 install/rhel/7/vsftpd/vsftpd.conf create mode 100644 install/rhel/7/wsgi/httpd.tar.gz create mode 100755 install/rhel/7/wsgi/httpd/wsgi.sh create mode 100755 install/rhel/7/wsgi/httpd/wsgi.stpl create mode 100644 install/rhel/7/wsgi/httpd/wsgi.tpl delete mode 100644 install/rhel/apc.ini delete mode 100644 install/rhel/dovecot/conf.d/10-ssl.conf delete mode 100644 install/rhel/mysql-512.cnf delete mode 100644 install/rhel/mysql.cnf delete mode 100644 install/rhel/sudoers.conf delete mode 100644 install/rhel/vesta.conf delete mode 100644 install/rhel/whmcs-module.php create mode 100644 install/ubuntu/12.04/apache2/apache2.conf create mode 100644 install/ubuntu/12.04/apache2/status.conf create mode 100644 install/ubuntu/12.04/bind/named.conf create mode 100644 install/ubuntu/12.04/clamav/clamd.conf create mode 100644 install/ubuntu/12.04/deb_signing.key create mode 100644 install/ubuntu/12.04/dovecot.tar.gz create mode 100644 install/ubuntu/12.04/dovecot/conf.d/10-auth.conf create mode 100644 install/ubuntu/12.04/dovecot/conf.d/10-logging.conf create mode 100644 install/ubuntu/12.04/dovecot/conf.d/10-mail.conf create mode 100644 install/ubuntu/12.04/dovecot/conf.d/10-master.conf create mode 100644 install/ubuntu/12.04/dovecot/conf.d/10-ssl.conf create mode 100644 install/ubuntu/12.04/dovecot/conf.d/20-imap.conf create mode 100644 install/ubuntu/12.04/dovecot/conf.d/20-pop3.conf create mode 100644 install/ubuntu/12.04/dovecot/conf.d/auth-passwdfile.conf.ext create mode 100644 install/ubuntu/12.04/dovecot/dovecot.conf create mode 100644 install/ubuntu/12.04/exim/dnsbl.conf create mode 100644 install/ubuntu/12.04/exim/exim4.conf.template create mode 100644 install/ubuntu/12.04/exim/spam-blocks.conf create mode 100644 install/ubuntu/12.04/fail2ban.tar.gz create mode 100644 install/ubuntu/12.04/fail2ban/action.d/vesta.conf create mode 100644 install/ubuntu/12.04/fail2ban/filter.d/vesta.conf create mode 100644 install/ubuntu/12.04/fail2ban/jail.local create mode 100644 install/ubuntu/12.04/firewall.tar.gz create mode 100644 install/ubuntu/12.04/firewall/ports.conf create mode 100644 install/ubuntu/12.04/firewall/rules.conf create mode 100644 install/ubuntu/12.04/logrotate/apache2 create mode 100644 install/ubuntu/12.04/logrotate/nginx create mode 100644 install/ubuntu/12.04/logrotate/vesta create mode 100644 install/ubuntu/12.04/mysql/my-large.cnf create mode 100644 install/ubuntu/12.04/mysql/my-medium.cnf create mode 100644 install/ubuntu/12.04/mysql/my-small.cnf rename install/ubuntu/{ => 12.04/nginx}/nginx.conf (99%) create mode 100644 install/ubuntu/12.04/nginx/phpmyadmin.inc create mode 100644 install/ubuntu/12.04/nginx/phppgadmin.inc create mode 100644 install/ubuntu/12.04/nginx/status.conf create mode 100644 install/ubuntu/12.04/nginx/webmail.inc create mode 100644 install/ubuntu/12.04/packages.tar.gz rename install/ubuntu/{ => 12.04}/packages/default.pkg (100%) rename install/ubuntu/{ => 12.04}/packages/gainsboro.pkg (100%) rename install/ubuntu/{ => 12.04}/packages/palegreen.pkg (100%) rename install/ubuntu/{ => 12.04}/packages/slategrey.pkg (100%) create mode 100644 install/ubuntu/12.04/pga/config.inc.php create mode 100644 install/ubuntu/12.04/pga/phppgadmin.conf create mode 100644 install/ubuntu/12.04/php5-fpm/www.conf create mode 100644 install/ubuntu/12.04/pma/apache.conf create mode 100644 install/ubuntu/12.04/pma/config.inc.php create mode 100644 install/ubuntu/12.04/postgresql/pg_hba.conf create mode 100644 install/ubuntu/12.04/proftpd/proftpd.conf create mode 100644 install/ubuntu/12.04/roundcube/apache.conf create mode 100644 install/ubuntu/12.04/roundcube/config.inc.php create mode 100644 install/ubuntu/12.04/roundcube/db.inc.php rename install/ubuntu/{roundcube-main.conf => 12.04/roundcube/main.inc.php} (99%) create mode 100644 install/ubuntu/12.04/roundcube/vesta.php create mode 100644 install/ubuntu/12.04/sudo/admin create mode 100644 install/ubuntu/12.04/templates.tar.gz create mode 100755 install/ubuntu/12.04/templates/dns/child-ns.tpl create mode 100755 install/ubuntu/12.04/templates/dns/default.tpl create mode 100755 install/ubuntu/12.04/templates/dns/gmail.tpl create mode 100755 install/ubuntu/12.04/templates/web/apache2/basedir.stpl create mode 100755 install/ubuntu/12.04/templates/web/apache2/basedir.tpl create mode 100755 install/ubuntu/12.04/templates/web/apache2/default.stpl create mode 100755 install/ubuntu/12.04/templates/web/apache2/default.tpl create mode 100755 install/ubuntu/12.04/templates/web/apache2/hosting.stpl create mode 100755 install/ubuntu/12.04/templates/web/apache2/hosting.tpl create mode 100755 install/ubuntu/12.04/templates/web/apache2/phpcgi.sh create mode 100755 install/ubuntu/12.04/templates/web/apache2/phpcgi.stpl create mode 100755 install/ubuntu/12.04/templates/web/apache2/phpcgi.tpl create mode 100755 install/ubuntu/12.04/templates/web/apache2/phpfcgid.sh create mode 100755 install/ubuntu/12.04/templates/web/apache2/phpfcgid.stpl create mode 100755 install/ubuntu/12.04/templates/web/apache2/phpfcgid.tpl create mode 100755 install/ubuntu/12.04/templates/web/awstats/awstats.tpl create mode 100755 install/ubuntu/12.04/templates/web/awstats/index.tpl create mode 100755 install/ubuntu/12.04/templates/web/awstats/nav.tpl create mode 100755 install/ubuntu/12.04/templates/web/nginx/caching.sh rename install/ubuntu/{ => 12.04}/templates/web/nginx/caching.stpl (100%) rename install/ubuntu/{ => 12.04}/templates/web/nginx/caching.tpl (95%) create mode 100755 install/ubuntu/12.04/templates/web/nginx/default.stpl create mode 100755 install/ubuntu/12.04/templates/web/nginx/default.tpl create mode 100755 install/ubuntu/12.04/templates/web/nginx/hosting.sh create mode 100755 install/ubuntu/12.04/templates/web/nginx/hosting.stpl create mode 100755 install/ubuntu/12.04/templates/web/nginx/hosting.tpl create mode 100644 install/ubuntu/12.04/templates/web/nginx/php5-fpm/cms_made_simple.stpl create mode 100644 install/ubuntu/12.04/templates/web/nginx/php5-fpm/cms_made_simple.tpl create mode 100644 install/ubuntu/12.04/templates/web/nginx/php5-fpm/codeigniter2.stpl create mode 100644 install/ubuntu/12.04/templates/web/nginx/php5-fpm/codeigniter2.tpl create mode 100644 install/ubuntu/12.04/templates/web/nginx/php5-fpm/codeigniter3.stpl create mode 100644 install/ubuntu/12.04/templates/web/nginx/php5-fpm/codeigniter3.tpl create mode 100644 install/ubuntu/12.04/templates/web/nginx/php5-fpm/datalife_engine.stpl create mode 100644 install/ubuntu/12.04/templates/web/nginx/php5-fpm/datalife_engine.tpl create mode 100644 install/ubuntu/12.04/templates/web/nginx/php5-fpm/default.stpl create mode 100644 install/ubuntu/12.04/templates/web/nginx/php5-fpm/default.tpl create mode 100644 install/ubuntu/12.04/templates/web/nginx/php5-fpm/dokuwiki.stpl create mode 100644 install/ubuntu/12.04/templates/web/nginx/php5-fpm/dokuwiki.tpl create mode 100644 install/ubuntu/12.04/templates/web/nginx/php5-fpm/drupal.stpl create mode 100644 install/ubuntu/12.04/templates/web/nginx/php5-fpm/drupal.tpl create mode 100644 install/ubuntu/12.04/templates/web/nginx/php5-fpm/joomla.stpl create mode 100644 install/ubuntu/12.04/templates/web/nginx/php5-fpm/joomla.tpl create mode 100644 install/ubuntu/12.04/templates/web/nginx/php5-fpm/owncloud.stpl create mode 100644 install/ubuntu/12.04/templates/web/nginx/php5-fpm/owncloud.tpl create mode 100644 install/ubuntu/12.04/templates/web/nginx/php5-fpm/piwik.stpl create mode 100644 install/ubuntu/12.04/templates/web/nginx/php5-fpm/piwik.tpl create mode 100644 install/ubuntu/12.04/templates/web/nginx/php5-fpm/pyrocms.stpl create mode 100644 install/ubuntu/12.04/templates/web/nginx/php5-fpm/pyrocms.tpl create mode 100644 install/ubuntu/12.04/templates/web/nginx/php5-fpm/wordpress.stpl create mode 100644 install/ubuntu/12.04/templates/web/nginx/php5-fpm/wordpress.tpl create mode 100644 install/ubuntu/12.04/templates/web/nginx/php5-fpm/wordpress2.stpl create mode 100644 install/ubuntu/12.04/templates/web/nginx/php5-fpm/wordpress2.tpl create mode 100755 install/ubuntu/12.04/templates/web/nginx/proxy_ip.tpl create mode 100644 install/ubuntu/12.04/templates/web/php5-fpm/default.tpl create mode 100644 install/ubuntu/12.04/templates/web/php5-fpm/no-php.tpl create mode 100644 install/ubuntu/12.04/templates/web/php5-fpm/socket.tpl create mode 100755 install/ubuntu/12.04/templates/web/skel/document_errors/403.html create mode 100755 install/ubuntu/12.04/templates/web/skel/document_errors/404.html create mode 100755 install/ubuntu/12.04/templates/web/skel/document_errors/50x.html create mode 100755 install/ubuntu/12.04/templates/web/skel/public_html/index.html create mode 100755 install/ubuntu/12.04/templates/web/skel/public_html/robots.txt create mode 100755 install/ubuntu/12.04/templates/web/skel/public_shtml/index.html create mode 100755 install/ubuntu/12.04/templates/web/skel/public_shtml/robots.txt create mode 100755 install/ubuntu/12.04/templates/web/suspend/.htaccess create mode 100755 install/ubuntu/12.04/templates/web/suspend/index.html create mode 100755 install/ubuntu/12.04/templates/web/webalizer/webalizer.tpl create mode 100644 install/ubuntu/12.04/vsftpd/vsftpd.conf create mode 100644 install/ubuntu/12.10/apache2/apache2.conf create mode 100644 install/ubuntu/12.10/apache2/status.conf create mode 100644 install/ubuntu/12.10/bind/named.conf create mode 100644 install/ubuntu/12.10/clamav/clamd.conf create mode 100644 install/ubuntu/12.10/deb_signing.key create mode 100644 install/ubuntu/12.10/dovecot.tar.gz create mode 100644 install/ubuntu/12.10/dovecot/conf.d/10-auth.conf create mode 100644 install/ubuntu/12.10/dovecot/conf.d/10-logging.conf create mode 100644 install/ubuntu/12.10/dovecot/conf.d/10-mail.conf create mode 100644 install/ubuntu/12.10/dovecot/conf.d/10-master.conf create mode 100644 install/ubuntu/12.10/dovecot/conf.d/10-ssl.conf create mode 100644 install/ubuntu/12.10/dovecot/conf.d/20-imap.conf create mode 100644 install/ubuntu/12.10/dovecot/conf.d/20-pop3.conf create mode 100644 install/ubuntu/12.10/dovecot/conf.d/auth-passwdfile.conf.ext create mode 100644 install/ubuntu/12.10/dovecot/dovecot.conf create mode 100644 install/ubuntu/12.10/exim/dnsbl.conf create mode 100644 install/ubuntu/12.10/exim/exim4.conf.template create mode 100644 install/ubuntu/12.10/exim/spam-blocks.conf create mode 100644 install/ubuntu/12.10/fail2ban.tar.gz create mode 100644 install/ubuntu/12.10/fail2ban/action.d/vesta.conf create mode 100644 install/ubuntu/12.10/fail2ban/filter.d/vesta.conf create mode 100644 install/ubuntu/12.10/fail2ban/jail.local create mode 100644 install/ubuntu/12.10/firewall.tar.gz create mode 100644 install/ubuntu/12.10/firewall/ports.conf create mode 100644 install/ubuntu/12.10/firewall/rules.conf create mode 100644 install/ubuntu/12.10/logrotate/apache2 create mode 100644 install/ubuntu/12.10/logrotate/nginx create mode 100644 install/ubuntu/12.10/logrotate/vesta create mode 100644 install/ubuntu/12.10/mysql/my-large.cnf create mode 100644 install/ubuntu/12.10/mysql/my-medium.cnf create mode 100644 install/ubuntu/12.10/mysql/my-small.cnf create mode 100644 install/ubuntu/12.10/nginx/nginx.conf create mode 100644 install/ubuntu/12.10/nginx/phpmyadmin.inc create mode 100644 install/ubuntu/12.10/nginx/phppgadmin.inc create mode 100644 install/ubuntu/12.10/nginx/status.conf create mode 100644 install/ubuntu/12.10/nginx/webmail.inc create mode 100644 install/ubuntu/12.10/packages.tar.gz create mode 100644 install/ubuntu/12.10/packages/default.pkg create mode 100644 install/ubuntu/12.10/packages/gainsboro.pkg create mode 100644 install/ubuntu/12.10/packages/palegreen.pkg create mode 100644 install/ubuntu/12.10/packages/slategrey.pkg create mode 100644 install/ubuntu/12.10/pga/config.inc.php create mode 100644 install/ubuntu/12.10/pga/phppgadmin.conf create mode 100644 install/ubuntu/12.10/php5-fpm/www.conf create mode 100644 install/ubuntu/12.10/pma/apache.conf create mode 100644 install/ubuntu/12.10/pma/config.inc.php create mode 100644 install/ubuntu/12.10/postgresql/pg_hba.conf create mode 100644 install/ubuntu/12.10/proftpd/proftpd.conf create mode 100644 install/ubuntu/12.10/roundcube/apache.conf create mode 100644 install/ubuntu/12.10/roundcube/config.inc.php create mode 100644 install/ubuntu/12.10/roundcube/db.inc.php create mode 100644 install/ubuntu/12.10/roundcube/main.inc.php create mode 100644 install/ubuntu/12.10/roundcube/vesta.php create mode 100644 install/ubuntu/12.10/sudo/admin create mode 100644 install/ubuntu/12.10/templates.tar.gz create mode 100755 install/ubuntu/12.10/templates/dns/child-ns.tpl create mode 100755 install/ubuntu/12.10/templates/dns/default.tpl create mode 100755 install/ubuntu/12.10/templates/dns/gmail.tpl create mode 100755 install/ubuntu/12.10/templates/web/apache2/basedir.stpl create mode 100755 install/ubuntu/12.10/templates/web/apache2/basedir.tpl create mode 100755 install/ubuntu/12.10/templates/web/apache2/default.stpl create mode 100755 install/ubuntu/12.10/templates/web/apache2/default.tpl create mode 100755 install/ubuntu/12.10/templates/web/apache2/hosting.stpl create mode 100755 install/ubuntu/12.10/templates/web/apache2/hosting.tpl create mode 100755 install/ubuntu/12.10/templates/web/apache2/phpcgi.sh create mode 100755 install/ubuntu/12.10/templates/web/apache2/phpcgi.stpl create mode 100755 install/ubuntu/12.10/templates/web/apache2/phpcgi.tpl create mode 100755 install/ubuntu/12.10/templates/web/apache2/phpfcgid.sh create mode 100755 install/ubuntu/12.10/templates/web/apache2/phpfcgid.stpl create mode 100755 install/ubuntu/12.10/templates/web/apache2/phpfcgid.tpl create mode 100755 install/ubuntu/12.10/templates/web/awstats/awstats.tpl create mode 100755 install/ubuntu/12.10/templates/web/awstats/index.tpl create mode 100755 install/ubuntu/12.10/templates/web/awstats/nav.tpl create mode 100755 install/ubuntu/12.10/templates/web/nginx/caching.sh create mode 100755 install/ubuntu/12.10/templates/web/nginx/caching.stpl create mode 100755 install/ubuntu/12.10/templates/web/nginx/caching.tpl create mode 100755 install/ubuntu/12.10/templates/web/nginx/default.stpl create mode 100755 install/ubuntu/12.10/templates/web/nginx/default.tpl create mode 100755 install/ubuntu/12.10/templates/web/nginx/hosting.sh create mode 100755 install/ubuntu/12.10/templates/web/nginx/hosting.stpl create mode 100755 install/ubuntu/12.10/templates/web/nginx/hosting.tpl create mode 100644 install/ubuntu/12.10/templates/web/nginx/php5-fpm/cms_made_simple.stpl create mode 100644 install/ubuntu/12.10/templates/web/nginx/php5-fpm/cms_made_simple.tpl create mode 100644 install/ubuntu/12.10/templates/web/nginx/php5-fpm/codeigniter2.stpl create mode 100644 install/ubuntu/12.10/templates/web/nginx/php5-fpm/codeigniter2.tpl create mode 100644 install/ubuntu/12.10/templates/web/nginx/php5-fpm/codeigniter3.stpl create mode 100644 install/ubuntu/12.10/templates/web/nginx/php5-fpm/codeigniter3.tpl create mode 100644 install/ubuntu/12.10/templates/web/nginx/php5-fpm/datalife_engine.stpl create mode 100644 install/ubuntu/12.10/templates/web/nginx/php5-fpm/datalife_engine.tpl create mode 100644 install/ubuntu/12.10/templates/web/nginx/php5-fpm/default.stpl create mode 100644 install/ubuntu/12.10/templates/web/nginx/php5-fpm/default.tpl create mode 100644 install/ubuntu/12.10/templates/web/nginx/php5-fpm/dokuwiki.stpl create mode 100644 install/ubuntu/12.10/templates/web/nginx/php5-fpm/dokuwiki.tpl create mode 100644 install/ubuntu/12.10/templates/web/nginx/php5-fpm/drupal.stpl create mode 100644 install/ubuntu/12.10/templates/web/nginx/php5-fpm/drupal.tpl create mode 100644 install/ubuntu/12.10/templates/web/nginx/php5-fpm/joomla.stpl create mode 100644 install/ubuntu/12.10/templates/web/nginx/php5-fpm/joomla.tpl create mode 100644 install/ubuntu/12.10/templates/web/nginx/php5-fpm/owncloud.stpl create mode 100644 install/ubuntu/12.10/templates/web/nginx/php5-fpm/owncloud.tpl create mode 100644 install/ubuntu/12.10/templates/web/nginx/php5-fpm/piwik.stpl create mode 100644 install/ubuntu/12.10/templates/web/nginx/php5-fpm/piwik.tpl create mode 100644 install/ubuntu/12.10/templates/web/nginx/php5-fpm/pyrocms.stpl create mode 100644 install/ubuntu/12.10/templates/web/nginx/php5-fpm/pyrocms.tpl create mode 100644 install/ubuntu/12.10/templates/web/nginx/php5-fpm/wordpress.stpl create mode 100644 install/ubuntu/12.10/templates/web/nginx/php5-fpm/wordpress.tpl create mode 100644 install/ubuntu/12.10/templates/web/nginx/php5-fpm/wordpress2.stpl create mode 100644 install/ubuntu/12.10/templates/web/nginx/php5-fpm/wordpress2.tpl create mode 100755 install/ubuntu/12.10/templates/web/nginx/proxy_ip.tpl create mode 100644 install/ubuntu/12.10/templates/web/php5-fpm/default.tpl create mode 100644 install/ubuntu/12.10/templates/web/php5-fpm/no-php.tpl create mode 100644 install/ubuntu/12.10/templates/web/php5-fpm/socket.tpl create mode 100755 install/ubuntu/12.10/templates/web/skel/document_errors/403.html create mode 100755 install/ubuntu/12.10/templates/web/skel/document_errors/404.html create mode 100755 install/ubuntu/12.10/templates/web/skel/document_errors/50x.html create mode 100755 install/ubuntu/12.10/templates/web/skel/public_html/index.html create mode 100755 install/ubuntu/12.10/templates/web/skel/public_html/robots.txt create mode 100755 install/ubuntu/12.10/templates/web/skel/public_shtml/index.html create mode 100755 install/ubuntu/12.10/templates/web/skel/public_shtml/robots.txt create mode 100755 install/ubuntu/12.10/templates/web/suspend/.htaccess create mode 100755 install/ubuntu/12.10/templates/web/suspend/index.html create mode 100755 install/ubuntu/12.10/templates/web/webalizer/webalizer.tpl create mode 100644 install/ubuntu/12.10/vsftpd/vsftpd.conf create mode 100644 install/ubuntu/13.04/apache2/apache2.conf create mode 100644 install/ubuntu/13.04/apache2/status.conf create mode 100644 install/ubuntu/13.04/bind/named.conf create mode 100644 install/ubuntu/13.04/clamav/clamd.conf create mode 100644 install/ubuntu/13.04/deb_signing.key create mode 100644 install/ubuntu/13.04/dovecot.tar.gz create mode 100644 install/ubuntu/13.04/dovecot/conf.d/10-auth.conf create mode 100644 install/ubuntu/13.04/dovecot/conf.d/10-logging.conf create mode 100644 install/ubuntu/13.04/dovecot/conf.d/10-mail.conf create mode 100644 install/ubuntu/13.04/dovecot/conf.d/10-master.conf create mode 100644 install/ubuntu/13.04/dovecot/conf.d/10-ssl.conf create mode 100644 install/ubuntu/13.04/dovecot/conf.d/20-imap.conf create mode 100644 install/ubuntu/13.04/dovecot/conf.d/20-pop3.conf create mode 100644 install/ubuntu/13.04/dovecot/conf.d/auth-passwdfile.conf.ext create mode 100644 install/ubuntu/13.04/dovecot/dovecot.conf create mode 100644 install/ubuntu/13.04/exim/dnsbl.conf create mode 100644 install/ubuntu/13.04/exim/exim4.conf.template create mode 100644 install/ubuntu/13.04/exim/spam-blocks.conf create mode 100644 install/ubuntu/13.04/fail2ban.tar.gz create mode 100644 install/ubuntu/13.04/fail2ban/action.d/vesta.conf create mode 100644 install/ubuntu/13.04/fail2ban/filter.d/vesta.conf create mode 100644 install/ubuntu/13.04/fail2ban/jail.local create mode 100644 install/ubuntu/13.04/firewall.tar.gz create mode 100644 install/ubuntu/13.04/firewall/ports.conf create mode 100644 install/ubuntu/13.04/firewall/rules.conf create mode 100644 install/ubuntu/13.04/logrotate/apache2 create mode 100644 install/ubuntu/13.04/logrotate/nginx create mode 100644 install/ubuntu/13.04/logrotate/vesta create mode 100644 install/ubuntu/13.04/mysql/my-large.cnf create mode 100644 install/ubuntu/13.04/mysql/my-medium.cnf create mode 100644 install/ubuntu/13.04/mysql/my-small.cnf create mode 100644 install/ubuntu/13.04/nginx/nginx.conf create mode 100644 install/ubuntu/13.04/nginx/phpmyadmin.inc create mode 100644 install/ubuntu/13.04/nginx/phppgadmin.inc create mode 100644 install/ubuntu/13.04/nginx/status.conf create mode 100644 install/ubuntu/13.04/nginx/webmail.inc create mode 100644 install/ubuntu/13.04/packages.tar.gz create mode 100644 install/ubuntu/13.04/packages/default.pkg create mode 100644 install/ubuntu/13.04/packages/gainsboro.pkg create mode 100644 install/ubuntu/13.04/packages/palegreen.pkg create mode 100644 install/ubuntu/13.04/packages/slategrey.pkg create mode 100644 install/ubuntu/13.04/pga/config.inc.php create mode 100644 install/ubuntu/13.04/pga/phppgadmin.conf create mode 100644 install/ubuntu/13.04/php5-fpm/www.conf create mode 100644 install/ubuntu/13.04/pma/apache.conf create mode 100644 install/ubuntu/13.04/pma/config.inc.php create mode 100644 install/ubuntu/13.04/postgresql/pg_hba.conf create mode 100644 install/ubuntu/13.04/proftpd/proftpd.conf create mode 100644 install/ubuntu/13.04/roundcube/apache.conf create mode 100644 install/ubuntu/13.04/roundcube/config.inc.php create mode 100644 install/ubuntu/13.04/roundcube/db.inc.php create mode 100644 install/ubuntu/13.04/roundcube/main.inc.php create mode 100644 install/ubuntu/13.04/roundcube/vesta.php create mode 100644 install/ubuntu/13.04/sudo/admin create mode 100644 install/ubuntu/13.04/templates.tar.gz create mode 100755 install/ubuntu/13.04/templates/dns/child-ns.tpl create mode 100755 install/ubuntu/13.04/templates/dns/default.tpl create mode 100755 install/ubuntu/13.04/templates/dns/gmail.tpl create mode 100755 install/ubuntu/13.04/templates/web/apache2/basedir.stpl create mode 100755 install/ubuntu/13.04/templates/web/apache2/basedir.tpl create mode 100755 install/ubuntu/13.04/templates/web/apache2/default.stpl create mode 100755 install/ubuntu/13.04/templates/web/apache2/default.tpl create mode 100755 install/ubuntu/13.04/templates/web/apache2/hosting.stpl create mode 100755 install/ubuntu/13.04/templates/web/apache2/hosting.tpl create mode 100755 install/ubuntu/13.04/templates/web/apache2/phpcgi.sh create mode 100755 install/ubuntu/13.04/templates/web/apache2/phpcgi.stpl create mode 100755 install/ubuntu/13.04/templates/web/apache2/phpcgi.tpl create mode 100755 install/ubuntu/13.04/templates/web/apache2/phpfcgid.sh create mode 100755 install/ubuntu/13.04/templates/web/apache2/phpfcgid.stpl create mode 100755 install/ubuntu/13.04/templates/web/apache2/phpfcgid.tpl create mode 100755 install/ubuntu/13.04/templates/web/awstats/awstats.tpl create mode 100755 install/ubuntu/13.04/templates/web/awstats/index.tpl create mode 100755 install/ubuntu/13.04/templates/web/awstats/nav.tpl create mode 100755 install/ubuntu/13.04/templates/web/nginx/caching.sh create mode 100755 install/ubuntu/13.04/templates/web/nginx/caching.stpl create mode 100755 install/ubuntu/13.04/templates/web/nginx/caching.tpl create mode 100755 install/ubuntu/13.04/templates/web/nginx/default.stpl create mode 100755 install/ubuntu/13.04/templates/web/nginx/default.tpl create mode 100755 install/ubuntu/13.04/templates/web/nginx/hosting.sh create mode 100755 install/ubuntu/13.04/templates/web/nginx/hosting.stpl create mode 100755 install/ubuntu/13.04/templates/web/nginx/hosting.tpl create mode 100644 install/ubuntu/13.04/templates/web/nginx/php5-fpm/cms_made_simple.stpl create mode 100644 install/ubuntu/13.04/templates/web/nginx/php5-fpm/cms_made_simple.tpl create mode 100644 install/ubuntu/13.04/templates/web/nginx/php5-fpm/codeigniter2.stpl create mode 100644 install/ubuntu/13.04/templates/web/nginx/php5-fpm/codeigniter2.tpl create mode 100644 install/ubuntu/13.04/templates/web/nginx/php5-fpm/codeigniter3.stpl create mode 100644 install/ubuntu/13.04/templates/web/nginx/php5-fpm/codeigniter3.tpl create mode 100644 install/ubuntu/13.04/templates/web/nginx/php5-fpm/datalife_engine.stpl create mode 100644 install/ubuntu/13.04/templates/web/nginx/php5-fpm/datalife_engine.tpl create mode 100644 install/ubuntu/13.04/templates/web/nginx/php5-fpm/default.stpl create mode 100644 install/ubuntu/13.04/templates/web/nginx/php5-fpm/default.tpl create mode 100644 install/ubuntu/13.04/templates/web/nginx/php5-fpm/dokuwiki.stpl create mode 100644 install/ubuntu/13.04/templates/web/nginx/php5-fpm/dokuwiki.tpl create mode 100644 install/ubuntu/13.04/templates/web/nginx/php5-fpm/drupal.stpl create mode 100644 install/ubuntu/13.04/templates/web/nginx/php5-fpm/drupal.tpl create mode 100644 install/ubuntu/13.04/templates/web/nginx/php5-fpm/joomla.stpl create mode 100644 install/ubuntu/13.04/templates/web/nginx/php5-fpm/joomla.tpl create mode 100644 install/ubuntu/13.04/templates/web/nginx/php5-fpm/owncloud.stpl create mode 100644 install/ubuntu/13.04/templates/web/nginx/php5-fpm/owncloud.tpl create mode 100644 install/ubuntu/13.04/templates/web/nginx/php5-fpm/piwik.stpl create mode 100644 install/ubuntu/13.04/templates/web/nginx/php5-fpm/piwik.tpl create mode 100644 install/ubuntu/13.04/templates/web/nginx/php5-fpm/pyrocms.stpl create mode 100644 install/ubuntu/13.04/templates/web/nginx/php5-fpm/pyrocms.tpl create mode 100644 install/ubuntu/13.04/templates/web/nginx/php5-fpm/wordpress.stpl create mode 100644 install/ubuntu/13.04/templates/web/nginx/php5-fpm/wordpress.tpl create mode 100644 install/ubuntu/13.04/templates/web/nginx/php5-fpm/wordpress2.stpl create mode 100644 install/ubuntu/13.04/templates/web/nginx/php5-fpm/wordpress2.tpl create mode 100755 install/ubuntu/13.04/templates/web/nginx/proxy_ip.tpl create mode 100644 install/ubuntu/13.04/templates/web/php5-fpm/default.tpl create mode 100644 install/ubuntu/13.04/templates/web/php5-fpm/no-php.tpl create mode 100644 install/ubuntu/13.04/templates/web/php5-fpm/socket.tpl create mode 100755 install/ubuntu/13.04/templates/web/skel/document_errors/403.html create mode 100755 install/ubuntu/13.04/templates/web/skel/document_errors/404.html create mode 100755 install/ubuntu/13.04/templates/web/skel/document_errors/50x.html create mode 100755 install/ubuntu/13.04/templates/web/skel/public_html/index.html create mode 100755 install/ubuntu/13.04/templates/web/skel/public_html/robots.txt create mode 100755 install/ubuntu/13.04/templates/web/skel/public_shtml/index.html create mode 100755 install/ubuntu/13.04/templates/web/skel/public_shtml/robots.txt create mode 100755 install/ubuntu/13.04/templates/web/suspend/.htaccess create mode 100755 install/ubuntu/13.04/templates/web/suspend/index.html create mode 100755 install/ubuntu/13.04/templates/web/webalizer/webalizer.tpl create mode 100644 install/ubuntu/13.04/vsftpd/vsftpd.conf create mode 100644 install/ubuntu/13.10/apache2/apache2.conf create mode 100644 install/ubuntu/13.10/apache2/status.conf create mode 100644 install/ubuntu/13.10/bind/named.conf create mode 100644 install/ubuntu/13.10/clamav/clamd.conf create mode 100644 install/ubuntu/13.10/deb_signing.key create mode 100644 install/ubuntu/13.10/dovecot.tar.gz create mode 100644 install/ubuntu/13.10/dovecot/conf.d/10-auth.conf create mode 100644 install/ubuntu/13.10/dovecot/conf.d/10-logging.conf create mode 100644 install/ubuntu/13.10/dovecot/conf.d/10-mail.conf create mode 100644 install/ubuntu/13.10/dovecot/conf.d/10-master.conf create mode 100644 install/ubuntu/13.10/dovecot/conf.d/10-ssl.conf create mode 100644 install/ubuntu/13.10/dovecot/conf.d/20-imap.conf create mode 100644 install/ubuntu/13.10/dovecot/conf.d/20-pop3.conf create mode 100644 install/ubuntu/13.10/dovecot/conf.d/auth-passwdfile.conf.ext create mode 100644 install/ubuntu/13.10/dovecot/dovecot.conf create mode 100644 install/ubuntu/13.10/exim/dnsbl.conf create mode 100644 install/ubuntu/13.10/exim/exim4.conf.template create mode 100644 install/ubuntu/13.10/exim/spam-blocks.conf create mode 100644 install/ubuntu/13.10/fail2ban.tar.gz create mode 100644 install/ubuntu/13.10/fail2ban/action.d/vesta.conf create mode 100644 install/ubuntu/13.10/fail2ban/filter.d/vesta.conf create mode 100644 install/ubuntu/13.10/fail2ban/jail.local create mode 100644 install/ubuntu/13.10/firewall.tar.gz create mode 100644 install/ubuntu/13.10/firewall/ports.conf create mode 100644 install/ubuntu/13.10/firewall/rules.conf create mode 100644 install/ubuntu/13.10/logrotate/apache2 create mode 100644 install/ubuntu/13.10/logrotate/nginx create mode 100644 install/ubuntu/13.10/logrotate/vesta create mode 100644 install/ubuntu/13.10/mysql/my-large.cnf create mode 100644 install/ubuntu/13.10/mysql/my-medium.cnf create mode 100644 install/ubuntu/13.10/mysql/my-small.cnf create mode 100644 install/ubuntu/13.10/nginx/nginx.conf create mode 100644 install/ubuntu/13.10/nginx/phpmyadmin.inc create mode 100644 install/ubuntu/13.10/nginx/phppgadmin.inc create mode 100644 install/ubuntu/13.10/nginx/status.conf create mode 100644 install/ubuntu/13.10/nginx/webmail.inc create mode 100644 install/ubuntu/13.10/packages.tar.gz create mode 100644 install/ubuntu/13.10/packages/default.pkg create mode 100644 install/ubuntu/13.10/packages/gainsboro.pkg create mode 100644 install/ubuntu/13.10/packages/palegreen.pkg create mode 100644 install/ubuntu/13.10/packages/slategrey.pkg create mode 100644 install/ubuntu/13.10/pga/config.inc.php create mode 100644 install/ubuntu/13.10/pga/phppgadmin.conf create mode 100644 install/ubuntu/13.10/php5-fpm/www.conf create mode 100644 install/ubuntu/13.10/pma/apache.conf create mode 100644 install/ubuntu/13.10/pma/config.inc.php create mode 100644 install/ubuntu/13.10/postgresql/pg_hba.conf create mode 100644 install/ubuntu/13.10/proftpd/proftpd.conf create mode 100644 install/ubuntu/13.10/roundcube/apache.conf create mode 100644 install/ubuntu/13.10/roundcube/config.inc.php create mode 100644 install/ubuntu/13.10/roundcube/db.inc.php create mode 100644 install/ubuntu/13.10/roundcube/main.inc.php create mode 100644 install/ubuntu/13.10/roundcube/vesta.php create mode 100644 install/ubuntu/13.10/sudo/admin create mode 100644 install/ubuntu/13.10/templates.tar.gz create mode 100755 install/ubuntu/13.10/templates/dns/child-ns.tpl create mode 100755 install/ubuntu/13.10/templates/dns/default.tpl create mode 100755 install/ubuntu/13.10/templates/dns/gmail.tpl create mode 100755 install/ubuntu/13.10/templates/web/apache2/basedir.stpl create mode 100755 install/ubuntu/13.10/templates/web/apache2/basedir.tpl create mode 100755 install/ubuntu/13.10/templates/web/apache2/default.stpl create mode 100755 install/ubuntu/13.10/templates/web/apache2/default.tpl create mode 100755 install/ubuntu/13.10/templates/web/apache2/hosting.stpl create mode 100755 install/ubuntu/13.10/templates/web/apache2/hosting.tpl create mode 100755 install/ubuntu/13.10/templates/web/apache2/phpcgi.sh create mode 100755 install/ubuntu/13.10/templates/web/apache2/phpcgi.stpl create mode 100755 install/ubuntu/13.10/templates/web/apache2/phpcgi.tpl create mode 100755 install/ubuntu/13.10/templates/web/apache2/phpfcgid.sh create mode 100755 install/ubuntu/13.10/templates/web/apache2/phpfcgid.stpl create mode 100755 install/ubuntu/13.10/templates/web/apache2/phpfcgid.tpl create mode 100755 install/ubuntu/13.10/templates/web/awstats/awstats.tpl create mode 100755 install/ubuntu/13.10/templates/web/awstats/index.tpl create mode 100755 install/ubuntu/13.10/templates/web/awstats/nav.tpl create mode 100755 install/ubuntu/13.10/templates/web/nginx/caching.sh create mode 100755 install/ubuntu/13.10/templates/web/nginx/caching.stpl create mode 100755 install/ubuntu/13.10/templates/web/nginx/caching.tpl create mode 100755 install/ubuntu/13.10/templates/web/nginx/default.stpl create mode 100755 install/ubuntu/13.10/templates/web/nginx/default.tpl create mode 100755 install/ubuntu/13.10/templates/web/nginx/hosting.sh create mode 100755 install/ubuntu/13.10/templates/web/nginx/hosting.stpl create mode 100755 install/ubuntu/13.10/templates/web/nginx/hosting.tpl create mode 100644 install/ubuntu/13.10/templates/web/nginx/php5-fpm/cms_made_simple.stpl create mode 100644 install/ubuntu/13.10/templates/web/nginx/php5-fpm/cms_made_simple.tpl create mode 100644 install/ubuntu/13.10/templates/web/nginx/php5-fpm/codeigniter2.stpl create mode 100644 install/ubuntu/13.10/templates/web/nginx/php5-fpm/codeigniter2.tpl create mode 100644 install/ubuntu/13.10/templates/web/nginx/php5-fpm/codeigniter3.stpl create mode 100644 install/ubuntu/13.10/templates/web/nginx/php5-fpm/codeigniter3.tpl create mode 100644 install/ubuntu/13.10/templates/web/nginx/php5-fpm/datalife_engine.stpl create mode 100644 install/ubuntu/13.10/templates/web/nginx/php5-fpm/datalife_engine.tpl create mode 100644 install/ubuntu/13.10/templates/web/nginx/php5-fpm/default.stpl create mode 100644 install/ubuntu/13.10/templates/web/nginx/php5-fpm/default.tpl create mode 100644 install/ubuntu/13.10/templates/web/nginx/php5-fpm/dokuwiki.stpl create mode 100644 install/ubuntu/13.10/templates/web/nginx/php5-fpm/dokuwiki.tpl create mode 100644 install/ubuntu/13.10/templates/web/nginx/php5-fpm/drupal.stpl create mode 100644 install/ubuntu/13.10/templates/web/nginx/php5-fpm/drupal.tpl create mode 100644 install/ubuntu/13.10/templates/web/nginx/php5-fpm/joomla.stpl create mode 100644 install/ubuntu/13.10/templates/web/nginx/php5-fpm/joomla.tpl create mode 100644 install/ubuntu/13.10/templates/web/nginx/php5-fpm/owncloud.stpl create mode 100644 install/ubuntu/13.10/templates/web/nginx/php5-fpm/owncloud.tpl create mode 100644 install/ubuntu/13.10/templates/web/nginx/php5-fpm/piwik.stpl create mode 100644 install/ubuntu/13.10/templates/web/nginx/php5-fpm/piwik.tpl create mode 100644 install/ubuntu/13.10/templates/web/nginx/php5-fpm/pyrocms.stpl create mode 100644 install/ubuntu/13.10/templates/web/nginx/php5-fpm/pyrocms.tpl create mode 100644 install/ubuntu/13.10/templates/web/nginx/php5-fpm/wordpress.stpl create mode 100644 install/ubuntu/13.10/templates/web/nginx/php5-fpm/wordpress.tpl create mode 100644 install/ubuntu/13.10/templates/web/nginx/php5-fpm/wordpress2.stpl create mode 100644 install/ubuntu/13.10/templates/web/nginx/php5-fpm/wordpress2.tpl create mode 100755 install/ubuntu/13.10/templates/web/nginx/proxy_ip.tpl create mode 100644 install/ubuntu/13.10/templates/web/php5-fpm/default.tpl create mode 100644 install/ubuntu/13.10/templates/web/php5-fpm/no-php.tpl create mode 100644 install/ubuntu/13.10/templates/web/php5-fpm/socket.tpl create mode 100755 install/ubuntu/13.10/templates/web/skel/document_errors/403.html create mode 100755 install/ubuntu/13.10/templates/web/skel/document_errors/404.html create mode 100755 install/ubuntu/13.10/templates/web/skel/document_errors/50x.html create mode 100755 install/ubuntu/13.10/templates/web/skel/public_html/index.html create mode 100755 install/ubuntu/13.10/templates/web/skel/public_html/robots.txt create mode 100755 install/ubuntu/13.10/templates/web/skel/public_shtml/index.html create mode 100755 install/ubuntu/13.10/templates/web/skel/public_shtml/robots.txt create mode 100755 install/ubuntu/13.10/templates/web/suspend/.htaccess create mode 100755 install/ubuntu/13.10/templates/web/suspend/index.html create mode 100755 install/ubuntu/13.10/templates/web/webalizer/webalizer.tpl create mode 100644 install/ubuntu/13.10/vsftpd/vsftpd.conf create mode 100644 install/ubuntu/14.04/apache2/apache2.conf create mode 100644 install/ubuntu/14.04/apache2/status.conf create mode 100644 install/ubuntu/14.04/bind/named.conf create mode 100644 install/ubuntu/14.04/clamav/clamd.conf create mode 100644 install/ubuntu/14.04/deb_signing.key create mode 100644 install/ubuntu/14.04/dovecot.tar.gz create mode 100644 install/ubuntu/14.04/dovecot/conf.d/10-auth.conf create mode 100644 install/ubuntu/14.04/dovecot/conf.d/10-logging.conf create mode 100644 install/ubuntu/14.04/dovecot/conf.d/10-mail.conf create mode 100644 install/ubuntu/14.04/dovecot/conf.d/10-master.conf create mode 100644 install/ubuntu/14.04/dovecot/conf.d/10-ssl.conf create mode 100644 install/ubuntu/14.04/dovecot/conf.d/20-imap.conf create mode 100644 install/ubuntu/14.04/dovecot/conf.d/20-pop3.conf create mode 100644 install/ubuntu/14.04/dovecot/conf.d/auth-passwdfile.conf.ext create mode 100644 install/ubuntu/14.04/dovecot/dovecot.conf create mode 100644 install/ubuntu/14.04/exim/dnsbl.conf create mode 100644 install/ubuntu/14.04/exim/exim4.conf.template create mode 100644 install/ubuntu/14.04/exim/spam-blocks.conf create mode 100644 install/ubuntu/14.04/fail2ban.tar.gz create mode 100644 install/ubuntu/14.04/fail2ban/action.d/vesta.conf create mode 100644 install/ubuntu/14.04/fail2ban/filter.d/vesta.conf create mode 100644 install/ubuntu/14.04/fail2ban/jail.local create mode 100644 install/ubuntu/14.04/firewall.tar.gz create mode 100644 install/ubuntu/14.04/firewall/ports.conf create mode 100644 install/ubuntu/14.04/firewall/rules.conf create mode 100644 install/ubuntu/14.04/logrotate/apache2 create mode 100644 install/ubuntu/14.04/logrotate/nginx create mode 100644 install/ubuntu/14.04/logrotate/vesta create mode 100644 install/ubuntu/14.04/mysql/my-large.cnf create mode 100644 install/ubuntu/14.04/mysql/my-medium.cnf create mode 100644 install/ubuntu/14.04/mysql/my-small.cnf create mode 100644 install/ubuntu/14.04/nginx/nginx.conf create mode 100644 install/ubuntu/14.04/nginx/phpmyadmin.inc create mode 100644 install/ubuntu/14.04/nginx/phppgadmin.inc create mode 100644 install/ubuntu/14.04/nginx/status.conf create mode 100644 install/ubuntu/14.04/nginx/webmail.inc create mode 100644 install/ubuntu/14.04/packages.tar.gz create mode 100644 install/ubuntu/14.04/packages/default.pkg create mode 100644 install/ubuntu/14.04/packages/gainsboro.pkg create mode 100644 install/ubuntu/14.04/packages/palegreen.pkg create mode 100644 install/ubuntu/14.04/packages/slategrey.pkg create mode 100644 install/ubuntu/14.04/pga/config.inc.php create mode 100644 install/ubuntu/14.04/pga/phppgadmin.conf create mode 100644 install/ubuntu/14.04/php5-fpm/www.conf create mode 100644 install/ubuntu/14.04/pma/apache.conf create mode 100644 install/ubuntu/14.04/pma/config.inc.php create mode 100644 install/ubuntu/14.04/postgresql/pg_hba.conf create mode 100644 install/ubuntu/14.04/proftpd/proftpd.conf create mode 100644 install/ubuntu/14.04/roundcube/apache.conf create mode 100644 install/ubuntu/14.04/roundcube/config.inc.php create mode 100644 install/ubuntu/14.04/roundcube/db.inc.php create mode 100644 install/ubuntu/14.04/roundcube/main.inc.php create mode 100644 install/ubuntu/14.04/roundcube/vesta.php create mode 100644 install/ubuntu/14.04/sudo/admin create mode 100644 install/ubuntu/14.04/templates.tar.gz create mode 100755 install/ubuntu/14.04/templates/dns/child-ns.tpl create mode 100755 install/ubuntu/14.04/templates/dns/default.tpl create mode 100755 install/ubuntu/14.04/templates/dns/gmail.tpl create mode 100755 install/ubuntu/14.04/templates/web/apache2/basedir.stpl create mode 100755 install/ubuntu/14.04/templates/web/apache2/basedir.tpl create mode 100755 install/ubuntu/14.04/templates/web/apache2/default.stpl create mode 100755 install/ubuntu/14.04/templates/web/apache2/default.tpl create mode 100755 install/ubuntu/14.04/templates/web/apache2/hosting.stpl create mode 100755 install/ubuntu/14.04/templates/web/apache2/hosting.tpl create mode 100755 install/ubuntu/14.04/templates/web/apache2/phpcgi.sh create mode 100755 install/ubuntu/14.04/templates/web/apache2/phpcgi.stpl create mode 100755 install/ubuntu/14.04/templates/web/apache2/phpcgi.tpl create mode 100755 install/ubuntu/14.04/templates/web/apache2/phpfcgid.sh create mode 100755 install/ubuntu/14.04/templates/web/apache2/phpfcgid.stpl create mode 100755 install/ubuntu/14.04/templates/web/apache2/phpfcgid.tpl create mode 100755 install/ubuntu/14.04/templates/web/awstats/awstats.tpl create mode 100755 install/ubuntu/14.04/templates/web/awstats/index.tpl create mode 100755 install/ubuntu/14.04/templates/web/awstats/nav.tpl create mode 100755 install/ubuntu/14.04/templates/web/nginx/caching.sh create mode 100755 install/ubuntu/14.04/templates/web/nginx/caching.stpl create mode 100755 install/ubuntu/14.04/templates/web/nginx/caching.tpl create mode 100755 install/ubuntu/14.04/templates/web/nginx/default.stpl create mode 100755 install/ubuntu/14.04/templates/web/nginx/default.tpl create mode 100755 install/ubuntu/14.04/templates/web/nginx/hosting.sh create mode 100755 install/ubuntu/14.04/templates/web/nginx/hosting.stpl create mode 100755 install/ubuntu/14.04/templates/web/nginx/hosting.tpl create mode 100644 install/ubuntu/14.04/templates/web/nginx/php5-fpm/cms_made_simple.stpl create mode 100644 install/ubuntu/14.04/templates/web/nginx/php5-fpm/cms_made_simple.tpl create mode 100644 install/ubuntu/14.04/templates/web/nginx/php5-fpm/codeigniter2.stpl create mode 100644 install/ubuntu/14.04/templates/web/nginx/php5-fpm/codeigniter2.tpl create mode 100644 install/ubuntu/14.04/templates/web/nginx/php5-fpm/codeigniter3.stpl create mode 100644 install/ubuntu/14.04/templates/web/nginx/php5-fpm/codeigniter3.tpl create mode 100644 install/ubuntu/14.04/templates/web/nginx/php5-fpm/datalife_engine.stpl create mode 100644 install/ubuntu/14.04/templates/web/nginx/php5-fpm/datalife_engine.tpl create mode 100644 install/ubuntu/14.04/templates/web/nginx/php5-fpm/default.stpl create mode 100644 install/ubuntu/14.04/templates/web/nginx/php5-fpm/default.tpl create mode 100644 install/ubuntu/14.04/templates/web/nginx/php5-fpm/dokuwiki.stpl create mode 100644 install/ubuntu/14.04/templates/web/nginx/php5-fpm/dokuwiki.tpl create mode 100644 install/ubuntu/14.04/templates/web/nginx/php5-fpm/drupal.stpl create mode 100644 install/ubuntu/14.04/templates/web/nginx/php5-fpm/drupal.tpl create mode 100644 install/ubuntu/14.04/templates/web/nginx/php5-fpm/joomla.stpl create mode 100644 install/ubuntu/14.04/templates/web/nginx/php5-fpm/joomla.tpl create mode 100644 install/ubuntu/14.04/templates/web/nginx/php5-fpm/owncloud.stpl create mode 100644 install/ubuntu/14.04/templates/web/nginx/php5-fpm/owncloud.tpl create mode 100644 install/ubuntu/14.04/templates/web/nginx/php5-fpm/piwik.stpl create mode 100644 install/ubuntu/14.04/templates/web/nginx/php5-fpm/piwik.tpl create mode 100644 install/ubuntu/14.04/templates/web/nginx/php5-fpm/pyrocms.stpl create mode 100644 install/ubuntu/14.04/templates/web/nginx/php5-fpm/pyrocms.tpl create mode 100644 install/ubuntu/14.04/templates/web/nginx/php5-fpm/wordpress.stpl create mode 100644 install/ubuntu/14.04/templates/web/nginx/php5-fpm/wordpress.tpl create mode 100644 install/ubuntu/14.04/templates/web/nginx/php5-fpm/wordpress2.stpl create mode 100644 install/ubuntu/14.04/templates/web/nginx/php5-fpm/wordpress2.tpl create mode 100755 install/ubuntu/14.04/templates/web/nginx/proxy_ip.tpl create mode 100644 install/ubuntu/14.04/templates/web/php5-fpm/default.tpl create mode 100644 install/ubuntu/14.04/templates/web/php5-fpm/no-php.tpl create mode 100644 install/ubuntu/14.04/templates/web/php5-fpm/socket.tpl create mode 100755 install/ubuntu/14.04/templates/web/skel/document_errors/403.html create mode 100755 install/ubuntu/14.04/templates/web/skel/document_errors/404.html create mode 100755 install/ubuntu/14.04/templates/web/skel/document_errors/50x.html create mode 100755 install/ubuntu/14.04/templates/web/skel/public_html/index.html create mode 100755 install/ubuntu/14.04/templates/web/skel/public_html/robots.txt create mode 100755 install/ubuntu/14.04/templates/web/skel/public_shtml/index.html create mode 100755 install/ubuntu/14.04/templates/web/skel/public_shtml/robots.txt create mode 100755 install/ubuntu/14.04/templates/web/suspend/.htaccess create mode 100755 install/ubuntu/14.04/templates/web/suspend/index.html create mode 100755 install/ubuntu/14.04/templates/web/webalizer/webalizer.tpl create mode 100644 install/ubuntu/14.04/vsftpd/vsftpd.conf create mode 100644 install/ubuntu/14.10/apache2/apache2.conf create mode 100644 install/ubuntu/14.10/apache2/status.conf create mode 100644 install/ubuntu/14.10/bind/named.conf create mode 100644 install/ubuntu/14.10/clamav/clamd.conf create mode 100644 install/ubuntu/14.10/deb_signing.key create mode 100644 install/ubuntu/14.10/dovecot.tar.gz create mode 100644 install/ubuntu/14.10/dovecot/conf.d/10-auth.conf create mode 100644 install/ubuntu/14.10/dovecot/conf.d/10-logging.conf create mode 100644 install/ubuntu/14.10/dovecot/conf.d/10-mail.conf create mode 100644 install/ubuntu/14.10/dovecot/conf.d/10-master.conf create mode 100644 install/ubuntu/14.10/dovecot/conf.d/10-ssl.conf create mode 100644 install/ubuntu/14.10/dovecot/conf.d/20-imap.conf create mode 100644 install/ubuntu/14.10/dovecot/conf.d/20-pop3.conf create mode 100644 install/ubuntu/14.10/dovecot/conf.d/auth-passwdfile.conf.ext create mode 100644 install/ubuntu/14.10/dovecot/dovecot.conf create mode 100644 install/ubuntu/14.10/exim/dnsbl.conf create mode 100644 install/ubuntu/14.10/exim/exim4.conf.template create mode 100644 install/ubuntu/14.10/exim/spam-blocks.conf create mode 100644 install/ubuntu/14.10/fail2ban.tar.gz create mode 100644 install/ubuntu/14.10/fail2ban/action.d/vesta.conf create mode 100644 install/ubuntu/14.10/fail2ban/filter.d/vesta.conf create mode 100644 install/ubuntu/14.10/fail2ban/jail.local create mode 100644 install/ubuntu/14.10/firewall.tar.gz create mode 100644 install/ubuntu/14.10/firewall/ports.conf create mode 100644 install/ubuntu/14.10/firewall/rules.conf create mode 100644 install/ubuntu/14.10/logrotate/apache2 create mode 100644 install/ubuntu/14.10/logrotate/nginx create mode 100644 install/ubuntu/14.10/logrotate/vesta create mode 100644 install/ubuntu/14.10/mysql/my-large.cnf create mode 100644 install/ubuntu/14.10/mysql/my-medium.cnf create mode 100644 install/ubuntu/14.10/mysql/my-small.cnf create mode 100644 install/ubuntu/14.10/nginx/nginx.conf create mode 100644 install/ubuntu/14.10/nginx/phpmyadmin.inc create mode 100644 install/ubuntu/14.10/nginx/phppgadmin.inc create mode 100644 install/ubuntu/14.10/nginx/status.conf create mode 100644 install/ubuntu/14.10/nginx/webmail.inc create mode 100644 install/ubuntu/14.10/packages.tar.gz create mode 100644 install/ubuntu/14.10/packages/default.pkg create mode 100644 install/ubuntu/14.10/packages/gainsboro.pkg create mode 100644 install/ubuntu/14.10/packages/palegreen.pkg create mode 100644 install/ubuntu/14.10/packages/slategrey.pkg create mode 100644 install/ubuntu/14.10/pga/config.inc.php create mode 100644 install/ubuntu/14.10/pga/phppgadmin.conf create mode 100644 install/ubuntu/14.10/php5-fpm/www.conf create mode 100644 install/ubuntu/14.10/pma/apache.conf create mode 100644 install/ubuntu/14.10/pma/config.inc.php create mode 100644 install/ubuntu/14.10/postgresql/pg_hba.conf create mode 100644 install/ubuntu/14.10/proftpd/proftpd.conf create mode 100644 install/ubuntu/14.10/roundcube/apache.conf create mode 100644 install/ubuntu/14.10/roundcube/config.inc.php create mode 100644 install/ubuntu/14.10/roundcube/db.inc.php create mode 100644 install/ubuntu/14.10/roundcube/main.inc.php create mode 100644 install/ubuntu/14.10/roundcube/vesta.php create mode 100644 install/ubuntu/14.10/sudo/admin create mode 100644 install/ubuntu/14.10/templates.tar.gz create mode 100755 install/ubuntu/14.10/templates/dns/child-ns.tpl create mode 100755 install/ubuntu/14.10/templates/dns/default.tpl create mode 100755 install/ubuntu/14.10/templates/dns/gmail.tpl create mode 100755 install/ubuntu/14.10/templates/web/apache2/basedir.stpl create mode 100755 install/ubuntu/14.10/templates/web/apache2/basedir.tpl create mode 100755 install/ubuntu/14.10/templates/web/apache2/default.stpl create mode 100755 install/ubuntu/14.10/templates/web/apache2/default.tpl create mode 100755 install/ubuntu/14.10/templates/web/apache2/hosting.stpl create mode 100755 install/ubuntu/14.10/templates/web/apache2/hosting.tpl create mode 100755 install/ubuntu/14.10/templates/web/apache2/phpcgi.sh create mode 100755 install/ubuntu/14.10/templates/web/apache2/phpcgi.stpl create mode 100755 install/ubuntu/14.10/templates/web/apache2/phpcgi.tpl create mode 100755 install/ubuntu/14.10/templates/web/apache2/phpfcgid.sh create mode 100755 install/ubuntu/14.10/templates/web/apache2/phpfcgid.stpl create mode 100755 install/ubuntu/14.10/templates/web/apache2/phpfcgid.tpl create mode 100755 install/ubuntu/14.10/templates/web/awstats/awstats.tpl create mode 100755 install/ubuntu/14.10/templates/web/awstats/index.tpl create mode 100755 install/ubuntu/14.10/templates/web/awstats/nav.tpl create mode 100755 install/ubuntu/14.10/templates/web/nginx/caching.sh create mode 100755 install/ubuntu/14.10/templates/web/nginx/caching.stpl create mode 100755 install/ubuntu/14.10/templates/web/nginx/caching.tpl create mode 100755 install/ubuntu/14.10/templates/web/nginx/default.stpl create mode 100755 install/ubuntu/14.10/templates/web/nginx/default.tpl create mode 100755 install/ubuntu/14.10/templates/web/nginx/hosting.sh create mode 100755 install/ubuntu/14.10/templates/web/nginx/hosting.stpl create mode 100755 install/ubuntu/14.10/templates/web/nginx/hosting.tpl create mode 100644 install/ubuntu/14.10/templates/web/nginx/php5-fpm/cms_made_simple.stpl create mode 100644 install/ubuntu/14.10/templates/web/nginx/php5-fpm/cms_made_simple.tpl create mode 100644 install/ubuntu/14.10/templates/web/nginx/php5-fpm/codeigniter2.stpl create mode 100644 install/ubuntu/14.10/templates/web/nginx/php5-fpm/codeigniter2.tpl create mode 100644 install/ubuntu/14.10/templates/web/nginx/php5-fpm/codeigniter3.stpl create mode 100644 install/ubuntu/14.10/templates/web/nginx/php5-fpm/codeigniter3.tpl create mode 100644 install/ubuntu/14.10/templates/web/nginx/php5-fpm/datalife_engine.stpl create mode 100644 install/ubuntu/14.10/templates/web/nginx/php5-fpm/datalife_engine.tpl create mode 100644 install/ubuntu/14.10/templates/web/nginx/php5-fpm/default.stpl create mode 100644 install/ubuntu/14.10/templates/web/nginx/php5-fpm/default.tpl create mode 100644 install/ubuntu/14.10/templates/web/nginx/php5-fpm/dokuwiki.stpl create mode 100644 install/ubuntu/14.10/templates/web/nginx/php5-fpm/dokuwiki.tpl create mode 100644 install/ubuntu/14.10/templates/web/nginx/php5-fpm/drupal.stpl create mode 100644 install/ubuntu/14.10/templates/web/nginx/php5-fpm/drupal.tpl create mode 100644 install/ubuntu/14.10/templates/web/nginx/php5-fpm/joomla.stpl create mode 100644 install/ubuntu/14.10/templates/web/nginx/php5-fpm/joomla.tpl create mode 100644 install/ubuntu/14.10/templates/web/nginx/php5-fpm/owncloud.stpl create mode 100644 install/ubuntu/14.10/templates/web/nginx/php5-fpm/owncloud.tpl create mode 100644 install/ubuntu/14.10/templates/web/nginx/php5-fpm/piwik.stpl create mode 100644 install/ubuntu/14.10/templates/web/nginx/php5-fpm/piwik.tpl create mode 100644 install/ubuntu/14.10/templates/web/nginx/php5-fpm/pyrocms.stpl create mode 100644 install/ubuntu/14.10/templates/web/nginx/php5-fpm/pyrocms.tpl create mode 100644 install/ubuntu/14.10/templates/web/nginx/php5-fpm/wordpress.stpl create mode 100644 install/ubuntu/14.10/templates/web/nginx/php5-fpm/wordpress.tpl create mode 100644 install/ubuntu/14.10/templates/web/nginx/php5-fpm/wordpress2.stpl create mode 100644 install/ubuntu/14.10/templates/web/nginx/php5-fpm/wordpress2.tpl create mode 100755 install/ubuntu/14.10/templates/web/nginx/proxy_ip.tpl create mode 100644 install/ubuntu/14.10/templates/web/php5-fpm/default.tpl create mode 100644 install/ubuntu/14.10/templates/web/php5-fpm/no-php.tpl create mode 100644 install/ubuntu/14.10/templates/web/php5-fpm/socket.tpl create mode 100755 install/ubuntu/14.10/templates/web/skel/document_errors/403.html create mode 100755 install/ubuntu/14.10/templates/web/skel/document_errors/404.html create mode 100755 install/ubuntu/14.10/templates/web/skel/document_errors/50x.html create mode 100755 install/ubuntu/14.10/templates/web/skel/public_html/index.html create mode 100755 install/ubuntu/14.10/templates/web/skel/public_html/robots.txt create mode 100755 install/ubuntu/14.10/templates/web/skel/public_shtml/index.html create mode 100755 install/ubuntu/14.10/templates/web/skel/public_shtml/robots.txt create mode 100755 install/ubuntu/14.10/templates/web/suspend/.htaccess create mode 100755 install/ubuntu/14.10/templates/web/suspend/index.html create mode 100755 install/ubuntu/14.10/templates/web/webalizer/webalizer.tpl create mode 100644 install/ubuntu/14.10/vsftpd/vsftpd.conf create mode 100644 install/ubuntu/15.04/apache2/apache2.conf create mode 100644 install/ubuntu/15.04/apache2/status.conf create mode 100644 install/ubuntu/15.04/bind/named.conf create mode 100644 install/ubuntu/15.04/clamav/clamd.conf create mode 100644 install/ubuntu/15.04/deb_signing.key create mode 100644 install/ubuntu/15.04/dovecot.tar.gz create mode 100644 install/ubuntu/15.04/dovecot/conf.d/10-auth.conf create mode 100644 install/ubuntu/15.04/dovecot/conf.d/10-logging.conf create mode 100644 install/ubuntu/15.04/dovecot/conf.d/10-mail.conf create mode 100644 install/ubuntu/15.04/dovecot/conf.d/10-master.conf create mode 100644 install/ubuntu/15.04/dovecot/conf.d/10-ssl.conf create mode 100644 install/ubuntu/15.04/dovecot/conf.d/20-imap.conf create mode 100644 install/ubuntu/15.04/dovecot/conf.d/20-pop3.conf create mode 100644 install/ubuntu/15.04/dovecot/conf.d/auth-passwdfile.conf.ext create mode 100644 install/ubuntu/15.04/dovecot/dovecot.conf create mode 100644 install/ubuntu/15.04/exim/dnsbl.conf create mode 100644 install/ubuntu/15.04/exim/exim4.conf.template create mode 100644 install/ubuntu/15.04/exim/spam-blocks.conf create mode 100644 install/ubuntu/15.04/fail2ban.tar.gz create mode 100644 install/ubuntu/15.04/fail2ban/action.d/vesta.conf create mode 100644 install/ubuntu/15.04/fail2ban/filter.d/vesta.conf create mode 100644 install/ubuntu/15.04/fail2ban/jail.local create mode 100644 install/ubuntu/15.04/firewall.tar.gz create mode 100644 install/ubuntu/15.04/firewall/ports.conf create mode 100644 install/ubuntu/15.04/firewall/rules.conf create mode 100644 install/ubuntu/15.04/logrotate/apache2 create mode 100644 install/ubuntu/15.04/logrotate/nginx create mode 100644 install/ubuntu/15.04/logrotate/vesta create mode 100644 install/ubuntu/15.04/mysql/my-large.cnf create mode 100644 install/ubuntu/15.04/mysql/my-medium.cnf create mode 100644 install/ubuntu/15.04/mysql/my-small.cnf create mode 100644 install/ubuntu/15.04/nginx/nginx.conf create mode 100644 install/ubuntu/15.04/nginx/phpmyadmin.inc create mode 100644 install/ubuntu/15.04/nginx/phppgadmin.inc create mode 100644 install/ubuntu/15.04/nginx/status.conf create mode 100644 install/ubuntu/15.04/nginx/webmail.inc create mode 100644 install/ubuntu/15.04/packages.tar.gz create mode 100644 install/ubuntu/15.04/packages/default.pkg create mode 100644 install/ubuntu/15.04/packages/gainsboro.pkg create mode 100644 install/ubuntu/15.04/packages/palegreen.pkg create mode 100644 install/ubuntu/15.04/packages/slategrey.pkg create mode 100644 install/ubuntu/15.04/pga/config.inc.php create mode 100644 install/ubuntu/15.04/pga/phppgadmin.conf create mode 100644 install/ubuntu/15.04/php5-fpm/www.conf create mode 100644 install/ubuntu/15.04/pma/apache.conf create mode 100644 install/ubuntu/15.04/pma/config.inc.php create mode 100644 install/ubuntu/15.04/postgresql/pg_hba.conf create mode 100644 install/ubuntu/15.04/proftpd/proftpd.conf create mode 100644 install/ubuntu/15.04/roundcube/apache.conf create mode 100644 install/ubuntu/15.04/roundcube/config.inc.php create mode 100644 install/ubuntu/15.04/roundcube/db.inc.php create mode 100644 install/ubuntu/15.04/roundcube/main.inc.php create mode 100644 install/ubuntu/15.04/roundcube/vesta.php create mode 100644 install/ubuntu/15.04/sudo/admin create mode 100644 install/ubuntu/15.04/templates.tar.gz create mode 100755 install/ubuntu/15.04/templates/dns/child-ns.tpl rename install/ubuntu/{ => 15.04}/templates/dns/default.tpl (100%) create mode 100755 install/ubuntu/15.04/templates/dns/gmail.tpl create mode 100755 install/ubuntu/15.04/templates/web/apache2/basedir.stpl create mode 100755 install/ubuntu/15.04/templates/web/apache2/basedir.tpl create mode 100755 install/ubuntu/15.04/templates/web/apache2/default.stpl create mode 100755 install/ubuntu/15.04/templates/web/apache2/default.tpl create mode 100755 install/ubuntu/15.04/templates/web/apache2/hosting.stpl create mode 100755 install/ubuntu/15.04/templates/web/apache2/hosting.tpl create mode 100755 install/ubuntu/15.04/templates/web/apache2/phpcgi.sh create mode 100755 install/ubuntu/15.04/templates/web/apache2/phpcgi.stpl create mode 100755 install/ubuntu/15.04/templates/web/apache2/phpcgi.tpl create mode 100755 install/ubuntu/15.04/templates/web/apache2/phpfcgid.sh create mode 100755 install/ubuntu/15.04/templates/web/apache2/phpfcgid.stpl create mode 100755 install/ubuntu/15.04/templates/web/apache2/phpfcgid.tpl create mode 100755 install/ubuntu/15.04/templates/web/awstats/awstats.tpl create mode 100755 install/ubuntu/15.04/templates/web/awstats/index.tpl create mode 100755 install/ubuntu/15.04/templates/web/awstats/nav.tpl create mode 100755 install/ubuntu/15.04/templates/web/nginx/caching.sh create mode 100755 install/ubuntu/15.04/templates/web/nginx/caching.stpl create mode 100755 install/ubuntu/15.04/templates/web/nginx/caching.tpl create mode 100755 install/ubuntu/15.04/templates/web/nginx/default.stpl create mode 100755 install/ubuntu/15.04/templates/web/nginx/default.tpl create mode 100755 install/ubuntu/15.04/templates/web/nginx/hosting.sh create mode 100755 install/ubuntu/15.04/templates/web/nginx/hosting.stpl create mode 100755 install/ubuntu/15.04/templates/web/nginx/hosting.tpl create mode 100644 install/ubuntu/15.04/templates/web/nginx/php5-fpm/cms_made_simple.stpl create mode 100644 install/ubuntu/15.04/templates/web/nginx/php5-fpm/cms_made_simple.tpl create mode 100644 install/ubuntu/15.04/templates/web/nginx/php5-fpm/codeigniter2.stpl create mode 100644 install/ubuntu/15.04/templates/web/nginx/php5-fpm/codeigniter2.tpl create mode 100644 install/ubuntu/15.04/templates/web/nginx/php5-fpm/codeigniter3.stpl create mode 100644 install/ubuntu/15.04/templates/web/nginx/php5-fpm/codeigniter3.tpl create mode 100644 install/ubuntu/15.04/templates/web/nginx/php5-fpm/datalife_engine.stpl create mode 100644 install/ubuntu/15.04/templates/web/nginx/php5-fpm/datalife_engine.tpl create mode 100644 install/ubuntu/15.04/templates/web/nginx/php5-fpm/default.stpl create mode 100644 install/ubuntu/15.04/templates/web/nginx/php5-fpm/default.tpl create mode 100644 install/ubuntu/15.04/templates/web/nginx/php5-fpm/dokuwiki.stpl create mode 100644 install/ubuntu/15.04/templates/web/nginx/php5-fpm/dokuwiki.tpl create mode 100644 install/ubuntu/15.04/templates/web/nginx/php5-fpm/drupal.stpl create mode 100644 install/ubuntu/15.04/templates/web/nginx/php5-fpm/drupal.tpl create mode 100644 install/ubuntu/15.04/templates/web/nginx/php5-fpm/joomla.stpl create mode 100644 install/ubuntu/15.04/templates/web/nginx/php5-fpm/joomla.tpl create mode 100644 install/ubuntu/15.04/templates/web/nginx/php5-fpm/owncloud.stpl create mode 100644 install/ubuntu/15.04/templates/web/nginx/php5-fpm/owncloud.tpl create mode 100644 install/ubuntu/15.04/templates/web/nginx/php5-fpm/piwik.stpl create mode 100644 install/ubuntu/15.04/templates/web/nginx/php5-fpm/piwik.tpl create mode 100644 install/ubuntu/15.04/templates/web/nginx/php5-fpm/pyrocms.stpl create mode 100644 install/ubuntu/15.04/templates/web/nginx/php5-fpm/pyrocms.tpl create mode 100644 install/ubuntu/15.04/templates/web/nginx/php5-fpm/wordpress.stpl create mode 100644 install/ubuntu/15.04/templates/web/nginx/php5-fpm/wordpress.tpl create mode 100644 install/ubuntu/15.04/templates/web/nginx/php5-fpm/wordpress2.stpl create mode 100644 install/ubuntu/15.04/templates/web/nginx/php5-fpm/wordpress2.tpl create mode 100755 install/ubuntu/15.04/templates/web/nginx/proxy_ip.tpl create mode 100644 install/ubuntu/15.04/templates/web/php5-fpm/default.tpl create mode 100644 install/ubuntu/15.04/templates/web/php5-fpm/no-php.tpl create mode 100644 install/ubuntu/15.04/templates/web/php5-fpm/socket.tpl create mode 100755 install/ubuntu/15.04/templates/web/skel/document_errors/403.html create mode 100755 install/ubuntu/15.04/templates/web/skel/document_errors/404.html create mode 100755 install/ubuntu/15.04/templates/web/skel/document_errors/50x.html create mode 100755 install/ubuntu/15.04/templates/web/skel/public_html/index.html create mode 100755 install/ubuntu/15.04/templates/web/skel/public_html/robots.txt create mode 100755 install/ubuntu/15.04/templates/web/skel/public_shtml/index.html create mode 100755 install/ubuntu/15.04/templates/web/skel/public_shtml/robots.txt create mode 100755 install/ubuntu/15.04/templates/web/suspend/.htaccess create mode 100755 install/ubuntu/15.04/templates/web/suspend/index.html create mode 100755 install/ubuntu/15.04/templates/web/webalizer/webalizer.tpl create mode 100644 install/ubuntu/15.04/vsftpd/vsftpd.conf delete mode 100644 install/ubuntu/apache2.readme.txt delete mode 100644 install/ubuntu/certificate.crt delete mode 100644 install/ubuntu/certificate.key delete mode 100644 install/ubuntu/freshclam.conf delete mode 100644 install/ubuntu/nginx.readme.txt delete mode 100644 install/ubuntu/sudoers.vestacp.conf delete mode 100644 install/ubuntu/vesta.conf delete mode 100644 install/ubuntu/whmcs-module.php mode change 100644 => 100755 install/vst-install-debian.sh mode change 100644 => 100755 install/vst-install-rhel.sh mode change 100644 => 100755 install/vst-install-ubuntu.sh mode change 100644 => 100755 install/vst-install.sh diff --git a/install/debian/apache2.conf b/install/debian/7/apache2/apache2.conf similarity index 100% rename from install/debian/apache2.conf rename to install/debian/7/apache2/apache2.conf diff --git a/install/debian/apache2-status.conf b/install/debian/7/apache2/status.conf similarity index 100% rename from install/debian/apache2-status.conf rename to install/debian/7/apache2/status.conf diff --git a/install/debian/named.conf b/install/debian/7/bind/named.conf similarity index 100% rename from install/debian/named.conf rename to install/debian/7/bind/named.conf diff --git a/install/debian/clamd.conf b/install/debian/7/clamav/clamd.conf similarity index 100% rename from install/debian/clamd.conf rename to install/debian/7/clamav/clamd.conf diff --git a/install/debian/7/deb_signing.key b/install/debian/7/deb_signing.key new file mode 100644 index 000000000..2ad2db8bc --- /dev/null +++ b/install/debian/7/deb_signing.key @@ -0,0 +1,30 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- +Version: GnuPG v1.4.12 (GNU/Linux) + +mQENBFJIGbEBCAC8SHOOFo7iDTbnC2GhNZ+uBGCh226Dn1QPoFZNFM/DNakHZ6rD +G3wzr8++eKz4fJual/VLllE2N9XDPuxbozb3LLkcyY1WzJqtIXbXhFGQ/SuIeT+x +QY90XU6t2Ckze2c+zUniAWmJ8GSyVmXOoc9JxAQ1u47wvGXLzrjWXc8u8PNRYXuf +fZplTL+dFu9P0d6lP8FGsV+r9wXvvazpRTz3+H8PKrGCYT55ZQIEdG9Jgamylto2 +oVPFXkwGML+TLw6oeCIBuz2y2vtivphW4MJ3ifQjDj7k3n+DTIxfDFs8lB6VRhhY +2nMHCrcZC6U2mhmXmr6O4s1fu6irBVx05ejPABEBAAG0IFNlcmdoZXkgUm9kaW4g +PHNraWRAdmVzdGFjcC5jb20+iQE4BBMBAgAiBQJSSBmxAhsDBgsJCAcDAgYVCAIJ +CgsEFgIDAQIeAQIXgAAKCRBCxbITCh93FPdqB/93GjV9g+wBfeZYLHQK9MDU2wBb +VloYOJJae6IvYKYQVAJayD3PbHdpxrF8s9e23vdnmb9jKu6jX6oV54EIyqP2HPiN +QYc8wcea+eSHerznBixCtoQh8mtdWGFeN71zU/ig7L5qlOVF/EmxDVZTFUeivFxh +IV6qyBnktQKktE45585yKZyyLtfGoXA54DGK69OtJFh+wdkKEMmUXocMl7wUrxW6 +Cx2CuKeEXEgvwu8mRHQi3S3T9XP456qWEn5dWyMVcP660IzEuZfSJApZusNK7zG3 +WMy0/EuX7xHNY3mcNxTOUN1LsO7iHnhHD9+iKWJo9parGkMZzc92MpjDK/g7uQEN +BFJIGbEBCAC7k5QEA9WQM7E3ceNaeLMrA9lXfuzaNCcySq7ONdVAa5PxzbSKdHvz +QFoL1VFqBTYQ038lbil1XqnoM0zvIfAI3LcpS8sq92El/vPxp6jZh2Ari9Uw7x95 +k2cZMgI67g+zQMGdjVRA155nFQRCgg000xU4F7JA6+WsuLlVUmccsDv7YWJExMtC +YPxiuz5DFu8RALnw4Ckts+dbwsrcvUHhkm9b6RAsdCKjjRpUZjLgdltjH83gUVvt +i1YmdjjsVpt95dtsaG+ad852g/Rk8EdxNMkjPF6HLA67CLADP9wYaj80yPcPtylS +ycvPtcclVeHkFBRVM8xZpQd4iD19MWI1ABEBAAGJAR8EGAECAAkFAlJIGbECGwwA +CgkQQsWyEwofdxQ7tQgAhB0FwTs7L8Qr63DHC2yAnXVxgtTAY1/36CccNXVculyR ++EkLcwahms9AKhz7eQb+Mud+5vH0GRohLp2npgO38CjVUfIP5d+Y6dsthmrkF6p8 +XdV1dVK9vWX+i/YZSw/Mded30Cq4P2Yhq9EaemMT0rtli8lz2NnkZ9dFJZk1lzJC +CZmRpbjSNWqRU4f7qyh21lYk/OC/0XE8fh8CaO23TZ+6gBionoCztwb7NyC9OArN +qYlNnbmh9iNqdblykPS3bkjf34n2xyMgnIehNrM89tk8PY4UfNPhgT1TMD9W3Svq +ynNZvLuF/FIDwDeC1qcfjGbfDn9fXO/lMIIRooQYKQ== +=J2HJ +-----END PGP PUBLIC KEY BLOCK----- diff --git a/install/debian/7/dovecot.tar.gz b/install/debian/7/dovecot.tar.gz new file mode 100644 index 0000000000000000000000000000000000000000..bfabaa030981d087ea4ccd8c7b86cc4d7ab1b7c6 GIT binary patch literal 3487 zcmV;Q4Pf#giwFRAz^+vQ1MM4YZyPrJESWH#l7u_ru?rTWOchsOV;5PJCsTFqMF@1q7J z@8Lu8?+=Fk(NVY80r~evgQH6Rj{$e&-|I9Jo%CDy^^@&^0v-(pACmu3uh#|ncRQo* z(dY>0bqAx~@CoaDG73Hde{=aieOi0^lwDn3^_fjXAZIdQR-~y^a|aq$g|DKQfwbnIX+x!UC0o24+8Ev1e?6`TyF z8`vq$jB@adI3@)oZi~NBA63I*Z>0~uk2KT zaHU4N^Mslf!x4zfNM=3)9v~#FmW9FwMovM>Qqk&A2kn)-mF@3y zG_7=ebDkGV094j@@Vs@0BEc@7@e)9w1lqm6#<#5dEoiE=m z@xRQ?I@Os$l_|q95)Rz0FPp%ZgQ-R*OzH}@2pfc;P;nNeTnTN9qnvI`X4%2lW7cbR zTm3_iDcc$Smm3}Aqsvx4A-9-ir}foWtu?zhA>BPnKH=r8;MprpW)8}EnWd=Ptk>xv zZ$wNMvfvPJARK}+#op!#f3DIl7_7MUF_H+{N8OxpIBtVkjrIw0*#{pt%}|=4)|}#i zlK@)fN@oy7fK{B$wRYhG42V-$TW~dZzNkgA$Vec}F7ibQ_$LtX40NJt`OMjEVY}## zC!XAK34ym>0Rsw56(X|5!=mP(gHmL#q$xf~(P8ePbmY17uP8?-2-eo4Yq8S|{0ePC z{%@rXcpy}2$J3Wi&9@E*NtxUUBtI;i4*_q;ryATy&))c2YhFE=mCZghykWlY>c z$`*4-IYg9zGgoBu+J$PTs?J72mMO7@v=QizHl?Ho^Q6trYBp`MA?apM!Dq&&Fw%;NZ>9uNV(Q;Ji1D zSC=o5I^LcO}XbK_ij~ctOc^?0jNp{bgsnFkh!dQ`x4_i~A(yWFTp;L}~+`2=c6K z3cll({3CicV6e|ZnwY%i*D{1yLZ+?e{=TLY6c|SC1fzpMzDZJI%5L+?v>Mfe#D|AM zu{H~_Ze62e^kh|%!fz>Q2_H!3659BJZVC(0Vjnu9`FU}gzn7>vr-tO$G^OH$ojEgYPB34n)nCN z6_up>=y0fnu2v=w9^ctv_X*FyQ{qy%dak!9@p03;bsS}E4*n(qZ-c&>9>6_P!1vB* z)S>Sb1jo$Vh9~sS!@r29x^Mp=wK=--Pv-z0vj5JYQ`rBokM&>pe^A-~V*p5dl5jAb zF>6B()Q0bEuM;i!{MS(O3O)$;`#>Hz_&+?N{?F*Bvj4{b*Z-lK^uDrs5Xa-jP|B-A`z+-YdcF%DyCW+}{uQ7yN8dB=smp0>#5MR`=XA`_M|@&2rY zZx3;qcSKw<4eRNIXYWR9hn<^w7Q@ziSccrYPi2Y|VUpNm!WeDfdNYG$fi5R_OuDV& z%!xY>ILFc8_Cq&nkN@v}qb4?dwsIDU?QXGzCXef~UH4_fOVB_gLqVlFBKY*=>g4(P z#re%UtS=?NLD9nMx$84TnP5{vXD0pJ|6<>@c0hzQWe!47Af$v-WgUAoa7#{glGpk@ zZ>{epa?OlGyuBkz|5C-&D zX>62B5bhh91xMVx7HNLb_;K4>S8Csx=x_yj>G+sP zYoJHLc3^{Pi~pL%ck9}<&CEpGF9Nl;%!vsdCTDtnY_DI_P0mWP6p-FC77Gq+7U;;R z_qKx!=CJW^E-!^5;+v)tDti>M$qK zMmnu|b$NMJAVUeBetUNMT~T|z0-^}BogfM`fY)aDoF=l zFMF--Ve4Me$(NX7#5m<475cGv?HcmvADsJ6x3wm4@D{7`xTjg;lm*- zO4=y45Y&e@WBcuWP~+K5uALR;b!oED-5MP=oo!)vr2}oHT*3-gpQ8UohXrhNy=W@A zO9iGU!=1fKT!?HoZPJScC9TDy{`g8;5kWx8UpoLTy10Jxob*!`{qijf$TcD#4)2si z-J1<%o&tptmg1?o0}&FNOl~vk2qPa!kx-KhTyrBfzd5u2ed#}{;xeAy8rjP#r?n6>GmN1 zKk8Tc|KkA4I-F8o9~!x&5|@*I6BPg+L!OMPYXh(-F@E`C*gSpx?&_vUSADuQt}E6S zY0wss9}n802Ct!PyB@Y3I;_;;l3%siZ^!+)`S@pr`}IF-qfdMNf6)HB!~UK3e+O6w ztnB|00Hh7}wt@T_K1~8)@ZR)wJF{2{40zOD3Sdwh2HQC3(oTpACZz?pV)Lu!!@SBw z|A=tk{xJo3)cPOT|IxPo-|4&hUuFM~0-?0@@^2DxEC#I83ANGaO)LB~fhax2m$#gg zphvO5S5~BrF;vq+Mye+;{o z{XYh{IxZyRV5V~sPIh|ZG{}QMSnCGt&Iktl)V+-F-%UQQFWUGKQ}ep2ef*u%&wca? zo^0(u@A-b(%-;do|L7z3-|zbT|ESaL;O{>N_>;iO{vQGI_8wX`b@3Y9jdImf(k0Apn?i2sGx!hDyX1>3M#0ef(kxA N{0}P55eWcL004dY&`|&Y literal 0 HcmV?d00001 diff --git a/install/debian/dovecot/conf.d/10-auth.conf b/install/debian/7/dovecot/conf.d/10-auth.conf similarity index 100% rename from install/debian/dovecot/conf.d/10-auth.conf rename to install/debian/7/dovecot/conf.d/10-auth.conf diff --git a/install/debian/dovecot/conf.d/10-logging.conf b/install/debian/7/dovecot/conf.d/10-logging.conf similarity index 100% rename from install/debian/dovecot/conf.d/10-logging.conf rename to install/debian/7/dovecot/conf.d/10-logging.conf diff --git a/install/debian/dovecot/conf.d/10-mail.conf b/install/debian/7/dovecot/conf.d/10-mail.conf similarity index 100% rename from install/debian/dovecot/conf.d/10-mail.conf rename to install/debian/7/dovecot/conf.d/10-mail.conf diff --git a/install/debian/dovecot/conf.d/10-master.conf b/install/debian/7/dovecot/conf.d/10-master.conf similarity index 100% rename from install/debian/dovecot/conf.d/10-master.conf rename to install/debian/7/dovecot/conf.d/10-master.conf diff --git a/install/debian/dovecot/conf.d/10-ssl.conf b/install/debian/7/dovecot/conf.d/10-ssl.conf similarity index 100% rename from install/debian/dovecot/conf.d/10-ssl.conf rename to install/debian/7/dovecot/conf.d/10-ssl.conf diff --git a/install/debian/dovecot/conf.d/20-imap.conf b/install/debian/7/dovecot/conf.d/20-imap.conf similarity index 100% rename from install/debian/dovecot/conf.d/20-imap.conf rename to install/debian/7/dovecot/conf.d/20-imap.conf diff --git a/install/debian/dovecot/conf.d/20-pop3.conf b/install/debian/7/dovecot/conf.d/20-pop3.conf similarity index 100% rename from install/debian/dovecot/conf.d/20-pop3.conf rename to install/debian/7/dovecot/conf.d/20-pop3.conf diff --git a/install/debian/dovecot/conf.d/auth-passwdfile.conf.ext b/install/debian/7/dovecot/conf.d/auth-passwdfile.conf.ext similarity index 100% rename from install/debian/dovecot/conf.d/auth-passwdfile.conf.ext rename to install/debian/7/dovecot/conf.d/auth-passwdfile.conf.ext diff --git a/install/ubuntu/dovecot.conf b/install/debian/7/dovecot/dovecot.conf similarity index 100% rename from install/ubuntu/dovecot.conf rename to install/debian/7/dovecot/dovecot.conf diff --git a/install/debian/dnsbl.conf b/install/debian/7/exim/dnsbl.conf similarity index 100% rename from install/debian/dnsbl.conf rename to install/debian/7/exim/dnsbl.conf diff --git a/install/debian/exim4.conf.template b/install/debian/7/exim/exim4.conf.template similarity index 99% rename from install/debian/exim4.conf.template rename to install/debian/7/exim/exim4.conf.template index 64cd03fca..742f0409e 100644 --- a/install/debian/exim4.conf.template +++ b/install/debian/7/exim/exim4.conf.template @@ -108,7 +108,7 @@ acl_check_rcpt: require message = relay not permitted domains = +local_domains : +relay_to_domains - deny message = smtp auth required + deny message = smtp auth requried sender_domains = +local_domains !authenticated = * diff --git a/install/debian/spam-blocks.conf b/install/debian/7/exim/spam-blocks.conf similarity index 100% rename from install/debian/spam-blocks.conf rename to install/debian/7/exim/spam-blocks.conf diff --git a/install/debian/7/fail2ban.tar.gz b/install/debian/7/fail2ban.tar.gz new file mode 100644 index 0000000000000000000000000000000000000000..628545b6b12d83a4dfcf4529b41f62792c228c85 GIT binary patch literal 721 zcmV;?0xta@iwFR?P)1Y$1MQbhZ{jczhB^CJjMPJ=l>#Ira4D7AZL1=&Z6#&~ zz`KruB3xbg09_DCMo>VRAaZ-;y)^U@ z_5_W1em^5}=Uk3M(j5%0M~Fp}7>lVIYRqubkoOIoiK#qP6BOckLPYW;2OWgmSsIAg zuZ|mFmaYUYjJJfo8s1fhF1)IOlQ|75La(j33(9U0btUMJvtIut>QYeUVmCrexr&Qi zKbjFQ61zkzP2U-?^r{!(!l(3+?Yga{u}aaFy}dZE-rC%=GOfyYm&N9W)k}T291PDY z*P0t`IZ}uIjJ_-j{V$SH_dlT#cu)PeEcx8DI+m&H|328vfBu=(y@&@N72}Qi-)t}U ze|i14JEpGxd*KMK)CoAp98}8bBuj9v%2KQe1W{6IHF7UVKsi-oBUDPa+B%^mI!l#A z%iggR=`rPvnSp)Z2xvn7V8#q@Dyt%#D2+c|xJU7JZ=WzC$g2~0Q{w%WGdx!uFgO@} z=-u4i58*FN5)y;)2*=Nd+$g+V_$fxmCp11?eTVGz8P->^KFOi;zxe)( z;(T!ZH#>H&|F+iuy|9`8{p-KwZ0f&dYyIB`OZs27=SuT4o@Sm$(ja3D9@K#V)prvv zs8^H+ECdN-k)k768hSV1`}Y@@gAp1N=}x2^dQlk4c0wJawc4RhTtX&fF0G*c4Nk6a z2g6fPkL6zl5rJ&(DMxg| +actionstop = /usr/local/vesta/bin/v-delete-firewall-chain +actioncheck = iptables -n -L INPUT | grep -q 'fail2ban-[ \t]' +actionban = /usr/local/vesta/bin/v-add-firewall-ban +actionunban = /usr/local/vesta/bin/v-delete-firewall-ban diff --git a/install/debian/fail2ban.filter.conf b/install/debian/7/fail2ban/filter.d/vesta.conf similarity index 100% rename from install/debian/fail2ban.filter.conf rename to install/debian/7/fail2ban/filter.d/vesta.conf diff --git a/install/debian/7/fail2ban/jail.local b/install/debian/7/fail2ban/jail.local new file mode 100644 index 000000000..eccea0685 --- /dev/null +++ b/install/debian/7/fail2ban/jail.local @@ -0,0 +1,39 @@ +[ssh-iptables] +enabled = true +filter = sshd +action = vesta[name=SSH] +logpath = /var/log/auth.log +maxretry = 5 + +[vsftpd-iptables] +enabled = false +filter = vsftpd +action = vesta[name=FTP] +logpath = /var/log/vsftpd.log +maxretry = 5 + +[exim-iptables] +enabled = true +filter = exim +action = vesta[name=MAIL] +logpath = /var/log/exim4/mainlog + +[dovecot-iptables] +enabled = true +filter = dovecot +action = vesta[name=MAIL] +logpath = /var/log/dovecot.log + +[mysqld-iptables] +enabled = false +filter = mysqld-auth +action = vesta[name=DB] +logpath = /var/log/mysql.log +maxretry = 5 + +[vesta-iptables] +enabled = true +filter = vesta +action = vesta[name=VESTA] +logpath = /var/log/vesta/auth.log +maxretry = 5 diff --git a/install/debian/7/firewall.tar.gz b/install/debian/7/firewall.tar.gz new file mode 100644 index 0000000000000000000000000000000000000000..e8556008077364323d7d6b6934e7a2cf7a734983 GIT binary patch literal 540 zcmV+%0^|K3iwFQ5XyQ}=1MQVdkJ>O4Mzij(@XnhsKo&*MSlh#7(1g=&0&FEG%?Me6ampuO4>y-_`!)kpP&FT0Pj|*j)GSV93 zG0u%P9?@5H>Ue&9TJ8w(mS4U;YbU>kw!5dto6pc!`1H`piz?!Qs? zZ2zTY(j)A}O)l`C?|(Hfn=&r%X0(YbN~&_+%&1`W&E*1z3IZzVUki(*D`*Kk5kQkG z1wFz!17_g@d9ch)G0;wCGL8I9sNtr~X-yEB=^d3PuoC0XT$oBik3eT~aJ zPYYM7vf@1@^`frQB1w}O-E1jovb=r04Y>?eKuHocY1?18ny~4FyPO>aM4!NUUOmFePy(-1M3SddTi>v8NVjB&*t=IgAYbgkDfmmx*FWy-yM^~-2uA1 z`-8QZ4$iCJUfZClsXi!k+gGp^gsj(jT}WJxQ(W4?Rswg^FKlTCd%;5d=XH e1VIo4K@bE%5ClOG1VIqwGCu%8Tmj4gC;$K)2?m1z literal 0 HcmV?d00001 diff --git a/install/debian/firewall/ports.conf b/install/debian/7/firewall/ports.conf similarity index 93% rename from install/debian/firewall/ports.conf rename to install/debian/7/firewall/ports.conf index e970f91de..a6ef4dae5 100644 --- a/install/debian/firewall/ports.conf +++ b/install/debian/7/firewall/ports.conf @@ -11,6 +11,6 @@ PROTOCOL='TCP' PORT='143' PROTOCOL='TCP' PORT='3306' PROTOCOL='TCP' PORT='5432' PROTOCOL='TCP' PORT='8080' -PROTOCOL='TCP' PORT='8443' +PROTOCOL='TCP' PORT='8433' PROTOCOL='TCP' PORT='8083' PROTOCOL='TCP' PORT='12000:12100' diff --git a/install/debian/firewall/rules.conf b/install/debian/7/firewall/rules.conf similarity index 89% rename from install/debian/firewall/rules.conf rename to install/debian/7/firewall/rules.conf index 60136e1a5..956c2e1d9 100644 --- a/install/debian/firewall/rules.conf +++ b/install/debian/7/firewall/rules.conf @@ -1,6 +1,6 @@ RULE='1' ACTION='ACCEPT' PROTOCOL='ICMP' PORT='0' IP='0.0.0.0/0' COMMENT='PING' SUSPENDED='no' TIME='17:13:48' DATE='2014-09-16' RULE='2' ACTION='ACCEPT' PROTOCOL='TCP' PORT='8083' IP='0.0.0.0/0' COMMENT='VESTA' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' -RULE='3' ACTION='ACCEPT' PROTOCOL='TCP' PORT='3306,5432' IP='127.0.0.1/32' COMMENT='DB' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='3' ACTION='ACCEPT' PROTOCOL='TCP' PORT='3306,5432' IP='0.0.0.0/0' COMMENT='DB' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' RULE='4' ACTION='ACCEPT' PROTOCOL='TCP' PORT='143,993' IP='0.0.0.0/0' COMMENT='IMAP' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' RULE='5' ACTION='ACCEPT' PROTOCOL='TCP' PORT='110,995' IP='0.0.0.0/0' COMMENT='POP3' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' RULE='6' ACTION='ACCEPT' PROTOCOL='TCP' PORT='25,465,587,2525' IP='0.0.0.0/0' COMMENT='SMTP' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' diff --git a/install/debian/apache2.log b/install/debian/7/logrotate/apache2 similarity index 100% rename from install/debian/apache2.log rename to install/debian/7/logrotate/apache2 diff --git a/install/debian/7/logrotate/nginx b/install/debian/7/logrotate/nginx new file mode 100644 index 000000000..d667f2135 --- /dev/null +++ b/install/debian/7/logrotate/nginx @@ -0,0 +1,13 @@ +/var/log/nginx/*log /var/log/nginx/domains/*log { + daily + missingok + rotate 52 + compress + delaycompress + notifempty + create 640 nginx adm + sharedscripts + postrotate + [ -f /var/run/nginx.pid ] && kill -USR1 `cat /var/run/nginx.pid` + endscript +} diff --git a/install/debian/vesta.log b/install/debian/7/logrotate/vesta similarity index 100% rename from install/debian/vesta.log rename to install/debian/7/logrotate/vesta diff --git a/install/debian/7/mysql/my-large.cnf b/install/debian/7/mysql/my-large.cnf new file mode 100644 index 000000000..d0bab3907 --- /dev/null +++ b/install/debian/7/mysql/my-large.cnf @@ -0,0 +1,42 @@ +[client] +port=3306 +socket=/var/run/mysqld/mysqld.sock + +[mysqld_safe] +socket=/var/run/mysqld/mysqld.sock + +[mysqld] +user=mysql +pid-file=/var/run/mysqld/mysqld.pid +socket=/var/run/mysqld/mysqld.sock +port=3306 +basedir=/usr +datadir=/var/lib/mysql +tmpdir=/tmp +lc-messages-dir=/usr/share/mysql +log_error=/var/log/mysql/error.log + +symbolic-links=0 + +skip-external-locking +key_buffer_size = 256M +max_allowed_packet = 32M +table_open_cache = 256 +sort_buffer_size = 1M +read_buffer_size = 1M +read_rnd_buffer_size = 4M +myisam_sort_buffer_size = 64M +thread_cache_size = 8 +query_cache_size= 16M +thread_concurrency = 8 + +#innodb_use_native_aio = 0 +innodb_file_per_table + +max_connections=200 +max_user_connections=50 +wait_timeout=10 +interactive_timeout=50 +long_query_time=5 + +!includedir /etc/mysql/conf.d/ diff --git a/install/ubuntu/my.cnf b/install/debian/7/mysql/my-medium.cnf similarity index 59% rename from install/ubuntu/my.cnf rename to install/debian/7/mysql/my-medium.cnf index 1b5ff1d24..1c10ab9a6 100644 --- a/install/ubuntu/my.cnf +++ b/install/debian/7/mysql/my-medium.cnf @@ -15,11 +15,26 @@ datadir=/var/lib/mysql tmpdir=/tmp lc-messages-dir=/usr/share/mysql log_error=/var/log/mysql/error.log -max_connections=200 -max_user_connections=30 -wait_timeout=30 -interactive_timeout=50 -long_query_time=5 + +symbolic-links=0 + +skip-external-locking +key_buffer_size = 16M +max_allowed_packet = 16M +table_open_cache = 64 +sort_buffer_size = 512K +net_buffer_length = 8K +read_buffer_size = 256K +read_rnd_buffer_size = 512K +myisam_sort_buffer_size = 8M + +#innodb_use_native_aio = 0 innodb_file_per_table +max_connections=70 +max_user_connections=30 +wait_timeout=10 +interactive_timeout=50 +long_query_time=5 + !includedir /etc/mysql/conf.d/ diff --git a/install/debian/7/mysql/my-small.cnf b/install/debian/7/mysql/my-small.cnf new file mode 100644 index 000000000..26a804781 --- /dev/null +++ b/install/debian/7/mysql/my-small.cnf @@ -0,0 +1,40 @@ +[client] +port=3306 +socket=/var/run/mysqld/mysqld.sock + +[mysqld_safe] +socket=/var/run/mysqld/mysqld.sock + +[mysqld] +user=mysql +pid-file=/var/run/mysqld/mysqld.pid +socket=/var/run/mysqld/mysqld.sock +port=3306 +basedir=/usr +datadir=/var/lib/mysql +tmpdir=/tmp +lc-messages-dir=/usr/share/mysql +log_error=/var/log/mysql/error.log + +symbolic-links=0 + +skip-external-locking +key_buffer_size = 16K +max_allowed_packet = 1M +table_open_cache = 4 +sort_buffer_size = 64K +read_buffer_size = 256K +read_rnd_buffer_size = 256K +net_buffer_length = 2K +thread_stack = 240K + +#innodb_use_native_aio = 0 +innodb_file_per_table + +max_connections=30 +max_user_connections=20 +wait_timeout=10 +interactive_timeout=50 +long_query_time=5 + +!includedir /etc/mysql/conf.d/ diff --git a/install/debian/nginx.conf b/install/debian/7/nginx/nginx.conf similarity index 100% rename from install/debian/nginx.conf rename to install/debian/7/nginx/nginx.conf diff --git a/install/debian/7/nginx/phpmyadmin.inc b/install/debian/7/nginx/phpmyadmin.inc new file mode 100644 index 000000000..d70ca3e3c --- /dev/null +++ b/install/debian/7/nginx/phpmyadmin.inc @@ -0,0 +1,15 @@ +location /phpmyadmin { + alias /usr/share/phpmyadmin/; + + location ~ /(libraries|setup) { + return 404; + } + + location ~ ^/phpmyadmin/(.*\.php)$ { + alias /usr/share/phpmyadmin/$1; + fastcgi_pass 127.0.0.1:9000; + fastcgi_index index.php; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $request_filename; + } +} diff --git a/install/debian/7/nginx/phppgadmin.inc b/install/debian/7/nginx/phppgadmin.inc new file mode 100644 index 000000000..cd1e5806b --- /dev/null +++ b/install/debian/7/nginx/phppgadmin.inc @@ -0,0 +1,11 @@ +location /phppgadmin { + alias /usr/share/phppgadmin/; + + location ~ ^/phppgadmin/(.*\.php)$ { + alias /usr/share/phppgadmin/$1; + fastcgi_pass 127.0.0.1:9000; + fastcgi_index index.php; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $request_filename; + } +} diff --git a/install/debian/nginx-status.conf b/install/debian/7/nginx/status.conf similarity index 100% rename from install/debian/nginx-status.conf rename to install/debian/7/nginx/status.conf diff --git a/install/debian/7/nginx/webmail.inc b/install/debian/7/nginx/webmail.inc new file mode 100644 index 000000000..ad66895bc --- /dev/null +++ b/install/debian/7/nginx/webmail.inc @@ -0,0 +1,15 @@ +location /webmail { + alias /var/lib/roundcube/; + + location ~ /(config|temp|logs) { + return 404; + } + + location ~ ^/webmail/(.*\.php)$ { + alias /var/lib/roundcube/$1; + fastcgi_pass 127.0.0.1:9000; + fastcgi_index index.php; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $request_filename; + } +} diff --git a/install/debian/7/packages.tar.gz b/install/debian/7/packages.tar.gz new file mode 100644 index 0000000000000000000000000000000000000000..4b778dadce20a61f03a8ca920ec81c55a8730fee GIT binary patch literal 562 zcmV-20?qv&iwFRHoJ3Lp1MQYgkD5>vhFSY7+_9e37(#VaFxE7E(hXh3fdi2rFJZkFya3gX^b)n zVXSCG>M9q!r;?X63%1>^6fD25GP?9(Zs8i zm#eSAOO(kSvCYUG8}`JzlNGcp7>;dtR#6ZOYcoV)W|{76R22A_Q=gJo4AXSy6Mw(T z@QvYNS99i079ZTgdF&uH#Hm!H2Tkno>k1^mATb^lABoBo#r=lG9NGXU~REdk0(83B2vo&kr_ zAp~{{4=IqJS7Kl{UdaJ`lmmICl^~$|AizYY10B;!5Re`k^vG)ug3|w@mF?UAH~v$N z5%B*SfdB3Ik9DT%#Rp2&fAy{S9|r3<{gP~x+kO96-v30?!2fG-8UK&;KeGQw{$uw~ zsNXQZA^ut3x1l|*XixdCp}qF{wFdwI0000000000000000RC})0(q@EkpL(F05R`!!o9z5YmQ^3JNm zkni-pXb-2hgSW98PgO?UyoEjTQxkIx`tiI=YRTP1)+L*i`#c#Vle8Zwn5&FMBxSka!-Ypm)e(#<>~GQEF})cNR1u+8cVi~Yip z2Htn5#H^+Rl1fvnXlqRJ->P(2Qvp6B9hgP@y4Kb`+Aqtx_z|3EVxI~jY9I<(URu`> z`(OZ*4VW(q*7r}>Bj;zU+qnUGj85ihkDzoCOzOM1`}=tN``jM(U9fo@ig$*ZEia=9 zDhi}@w)eAHZ}HW|vB$+xmN8SD9t&>&L%68lU=yr_Z0Ee|W^T=rlo?Lv;OYrdXZ)ou zny4D*+s;mBn41ueyb2erko~Ix9(nOSqLqm+B8d&|$KXCAM05jXLa+XHxZq`6;dD=mANl~eJ{ZaK=RZ%DHO16)MXV9rUd<5Z30(2 ztQjuxowFO-&+7NUB)j&TpqG_ex^?%4WWeIsa5a=YUE>w}N$wm-UjrsrS~8wnL*>tN zuY!l{+={ejw#EJR`waIA0|K)DR<7To=~H&_F=zBYyX-9Ro%{OAhp*tL>IpFSMuHf6HWYG=?w^M&U1%>EBgrZO;VV5-axcD00dcSoE)Z}1+s9d5j7sV z7cVN6a%qp*11tOo0WG84w-IgI2xRR~}o%wCkKEx1-2r1xz^bwIVJb9O8oYQzExH|LOa>|6UgTy%pknnsxm~eF> zJ=v3z!0Gz6^UUH%`F8<<09ZtYxAV=paQT*u{zam9ibS7>c;QSrX<&HYnKvZA%bZH1 z&!!5!O#&_S1NV{6!K0WZd?ftRv-FBqvcFIoSDM#}&RKzj>xpb63GRmxyqwfB@;P-*Z}ANr{v526pIeg@kf>zV9*?)W+`7sKCx z>{g}z+e?e+j0xfT3PTQY_5s`0$<(9f_I3Rd`!zm_sQwRLg{K5zn)fH=Yw*6PNot5Y zoSqcL_N?~99uWQtS{k+CZBH@ZLEVBZcrv}001|gHN8IZ8GvRNsxzh7z*D99pwn{O! z90cZ5ZoSY(ieYY-%EgSwyw;zXPXt3is(cU^@T5YJv(vQl{f`;&KNq2_EJV(M@*Zxow1>v!=%G3}qbzyjT;#+yFA1H595sDH zg5fq!?gsvC=UZNu=e!S385a4wq6?*8)XsG6koW-<&OKf^oLttyoJ%#LGIX?ef&Vno6-(D zjYYk!(9+*aDbgZ@T6Y<4_FLz%A@_`l&PL1xoiPmw3+J`@>btq4a1*X1x2?~l)2E$% z)d$l=m~tmgmi{Y#XrG!zV}|I6lE#R4nyq~WTBgyiWTwPe{8TmaSS9dl7Z3Y13a|K& z`ru9+-jnf**Ju)DLH>jepj9Ps35e7u|mXjH_T;DH${9|%Khpp=5+d?;2 z2(R4x4vpIugPL)J#uh6~Dp5e+hrDvGi;mPOuN_*E&)d)|wT8>R7qCmaTR{onZIOH> z{}4TugtRm*`u;YCLllq|&9>!O>iSr}_Ex9f=MLI2%a|zEx|NNIu##BQ&S4H{b z-XD^o_d{BQR|h6X?sjZRri9-@k7fJM_C(H_vEXsIX!WFjDvfqiWM{E_85wVF*VW@u z7w%VYFYUZAK&d0vm9rD_%{S zF=40YmlIBFr52{$JwvWcsEHD{Brbn3;Cc>1(V1gR!D?S z@hpNz13lZ`mm1U@9jXl|3(j>jhCo)Ff?P+!5`R~b;N6Sx$3l)I^-VRc+5SYm-Wmo0 zud~LHfT1E%8w;!|^cA!V16P;9K+Fllpo&va&(kH!!!W}GF0j*m~fwJ53 zPL}V$E^RshSH*-iplk)mS%CNJMqK&bj`2-J_^|&(Dq$D3iuQGb>%&3F1h0r0(mC^` z3XWs@eVVTP-1qp@Gk-2Z^qaPX&(36=LfJdx!JPsl9hbMY(fUVs43SdVGY2BWCa>VM zWAOehXwhW?W^40i$X4sL)>EI51fBmcIBRC{3EbKXpY`Wa?Ecy0p`W@OM zsCop-E)F#4W#s_eHpkE8y1y2HvgAN^SLmfMg!pC`g|uQEhE1^w$l6Y>X9B!UF77yh zw&EC&J`c^){pAMZ$AIQJ!#nM$q#vs!sStnzk9YBUxaA%IuNMlk>H1HAVblWU@Um}m( z4$QBu!<$J+JZY#y-(3-*I^I&`its zaL=7>o~vfFka119tov%dc2g}_sV>_46~t{|II4d$3eg&*?s)j(w}>vvv}%y}j!s21 z2Q$^57$Pk7c`IJ!Dyod~W5&B>u2=g-8*cezy}e>L)ZZT^TM?rVK`noPB26~s0}#`H zKuAiA16tsZUsQ!q{eHcQrwP9tW)er)JTz)M^t}F(>Ue14`_Tmywc?YFPk|VCKlxed@rSWujl3x4R>Z5|#&J4YejA$JDzrSNg+t}~iVVHRqPAAja93^(kFhE9;zuY5i z+UN!IWZnZbX!U^D96*z`>`>eeW$qdz1OsG-f#VG)A^z+s4Dj0@@f5Q;th;qo$@Cnc zIS$q7=bJWb=pl&6>1XT`5PJs&*YrN@g6#%B5bAe#b~um>Rx=X{pw>I}$}jv`QAUgR zu*z8mtn|r&0N;%+YqFymOEP1gt(;s^eR4w*!l#(bkO`Tr%ro5G@h5p~h-toH4FDtk zvkYMOn!nUl+=7}b4F-N-L4Z(lQBlB?IDrCG2We?v)gZ6XQM7z=c@BowmEJ&*S&~6d zi5y*iLh=8x{{33h8;0`ee|Y_m@4=+{d{y^GA9OqgYPwC}>mT^1mKnX%df@m| zmmwn1a!O8vHDd@4AUznTn#)z*ypT+5|H;)Ov~kI4^EDV6h{9n&j?ps;62wP0-AV{^ za>AR(>)&J#6QC3e*bk*x7nxGpAU7lKADR)0H#{6S5ef1{`T6D(_~B*?3)e(A?;T1j zKmD`zs!4W&A}OKt4;B(62|dyxr};gxUjSod+#D*nMOI|ZyqKCs#A!7!gqA(#_@xi) zOFEna?x+4c=ow9fHJYs)>;x`ZM1}9{`1d2+SG<-4Ut!*NjuAc^1s_|(eKlP^q)KRb z+epDRg&PtX-%J9r)(>|ALpFjk4Takn&I|#@Ch-e_q_c8gp@VW>|LWjdgSHGt)!z9` zuu&zp{-j?if=YBn;?M+0(eIZTqoKns%u7-TrlmNNZQoEM0FUfLW7TtyW^TQcq<{Ew!S z+=s{9rhBt9$pXTPGeo;^5a|k#&ndkzsSjTQ663bqG&LWhDf!JXyP;oEDjDsN(w;$# zYgAWgeNtC$WaGo2j#BX(pxF&r)-np0rVGyhb;gx0A0^{R^@y(Wd%w@Iy^rjfcE0x# zVV~7veupd|@S&YKpoflaSEqv6;Pmi;@0Ibp;@!V5 zfYlFvDA(k7)6Pepln5?C%;wXdo_Ir320&rXxoDxsM#i}$kkn;T$Z_2+<=*M?y$oGublZQ|6TW3Gg9EL=Jo^jXdRz=|WZN()`bh)Dzn{jJCH_t-CFqo)x9 zCVA|P4<*Y988YcvactcKtJ}_9Pr0!}Id@LrBV_~)wU!?&Yuq2}>dQtJJ|^MpF3bl$ z#R!VM_u&Z?XIV%nIKo9&m!}99FvmruBI5NO#F@~386ayT$2$2)O1UZ?nLrU?Oq}j1 zAOG@?I>T{Sg7`-$XPx-3a(VqiEqm1SFQRg?A7mT!)hzWe`d_G$Yboq)wv2xb3yRJ8 zey)5on40lXW1|cYt$p$}04~o8=vPGv{0+aOkK!d!ovY_VH!MKt%uhhnLn>~sA_U-! zk-avg-2_@cJ$-xweVreM0eG>^iuQA6Rs@S%t(IgTo{Y4D$aGra9VUq6c0ACogT|cY z=bgU@sXPsjyx;qUV6}fILD?`eP0Y?RL)!TG80xw*ZLbby{lN%hw_gEH*NUFN*|mVf zyBfsD{|Nj+;!kTt)YV(`p{g6&WRq(vjAB=$o=QPp`uDV_lTxirwEqqRUXA zSr2!dv`P;btq!t(^Dl!S4SnO7+VhzUr;cz3bwI8CE9Bb}sL7=R_UF?ND!|9!-|PmpWKOsMUK@;cfJJK&(&?X< z!huyopzq533ZLGt!b{WtN2lk#B+sw?U8bjRFwbVaTmaT;G4U5{quI0ob3}yY4EVE6 zG`j$!D<}EbE?BvE)UOUJU#f?c+ZeYcng2^y(llvntTM_yUYh)xYa?hG z8I>+t{NfexeT`z|CdA-m(~K{mV2D1SBiqU02=J>ZPnQ2=^gHx`v~()>J(n0W5{zLm z>y|k*JiJ2sQMPP(UVel#`!E$Cfs*^f`Pd(VSm%JKYdK(Crvvb0PACUVmA8mRF)$Hz zgD=Wn-WrYKV4YN$%epr}iH5rtFb@TEgL2y7S2CA2bBOjgGtseFJPh4lTXKkKr+jX6 z%shLzO90_WWFz`ngtG}=c;Q?7Uf0%(@$k&sJmj6@h|~QBoi`LV>2R|qTr6PcInVm7 z)mttNbk~`43Hsg~B?Po<4rNLdk>mou*MOSd|MG(JfqE@*1D>p3N^K?{SMYTzA#PSq z`Frlkzc5OFC7}FFn&k2BjVqKI*ex5j;Pzt474l1czG4s&=ks$J+{eaXC}tBR)+pfX zAW;;P7vO!z#u_*EYu_nrvV4Hraj?cxQr2-d7?&~Iu!L}X)k5d#4XJB2FJ|m98{=cl zM1$fwpKx#>!3n`Z2osq;52rXkv6qU$ic{KYmRGoI$nzWW z0g*2o_uaU5ZRK6=^JYCvM<`1@*!KZ5!3`}!uCx6_KY_XC@S^@{iab=Me-4k%wcd9l zKUL~Z@SjW!Bk8iN<&eFpE3!SDH&gxH zcKtbzeB@FJ95OKhzH5{my8}_H`1^~4gGx%4Vk@i9jMn={lDB?u67(`(5qHE-aMXg3 z{}zwx@sY+o-(J`(Wfo&TEMyPbi4Sq|ly z8Tuc703uJo-g(7IA$+I`mi347+jqo%fge9;y^n@&JJ0kZIz{zHiM@&YF0XC2I5)it zf=!rbD`{krF6|1-Blj2@R7uB2G}c?`Tf8YuExGW9p$5fbFSq)#-- zmk${^uH<-IczQgr(tvqparf*lrVeV+gPs)HzHU#&CIs9}cLZ(WaQvWO+O>3;qU3+` z7RyulepC#CzD`D8?n{lk(SIS6!2zk&<@{0qr@lK15&#&;pN`q9+s_A+ix)hT{5V8| zinXa&r6hOk3#Ae5r>b)7#a$WzRE79YMueJw@iV&C& zk_XF^8<3BTVrAf$6I}-FH57v2d{K%NMt)9D6@B&kOsBxN2wPN6AjEJntjZbUUg? z{5C~$jEb}KAxuAM*%xacBiyui>%MJ3c9x(xWXzA!5AT#aWsaj?qdV;QI!ZRoFG<)d zWjj5YGMJcL+B;MaRX|s)Ozy$vy2wG8Ek;Mss{8#-Q9<0$54;m{oI!F+x~Mn0DEDmp z!;A<4?EBu2_|H*UrZaBT>J&$n$p(jLcw6jkmCr>)0-VPSF{N+lI+ExN4CFHT@8&k= z83Vg&4E!w=-t3JNf33$m)(LVHh54DmdsJqTZ0|oZmCH`%M9{VPU?_P}l3a1_Fk4Z- zkmslh5S*Of;WDsREbuG{)NyEvGJMgI_pVN{2Nbirh)%(SP}NP3df5E=2jJ2o>jA`E z;8?t8xKQPR!M@rqEcEiKG9mn!Nuq&%Nvkf|URWMFJ$t@J|!S@P%wAsS_y}lEgRv^Veo_KBWevPiq<__|9 zQAgM8KI3cFP3s;-d~d7{9!Vm-LE9$+?dyyy67f~|$#cbL{ayBtX(C0^dPzL+1dRq!L$M3=F_<6N!4{DEk-IQkAIN=*9|gB%)A2(ul0fL zuN}|QeM!>7%BiBpK@EzX*JuJYyZo+=}!Rn}Y#ak%e zi}@Lz0nI*mKr2qt1x~Kk!<#VDXeWhb%l)xX7lsCt!ShtF(iZY4m9RHinJH4`7FTdn zA4iwO1hX<;UzsYG_Z1ZvzJWZQx3n9M-X~-Jo>jFTUzYg#*WO@8Y&)uT(E)oxNtpN3 zc92q?Fb;bJs~8>3Kl>iFu4JBf=}hI8%v56BB5I(i>&zBbcP7GC_qAEk1%vgpD9(WU zrpq6LSm=o-K{qAw;a&IL2<599=%u#jG8Tga!5JRHl|zrxjMNeB@d5XdfNUgp&s;rG zJXm;hPp@*NBE|4`Dr{xemxDji@Sn+)mxtcP!V^ekQT6(;)}OU5Ck3>0&@$CSToLvw zKwF;XRZx(wyHkE3;L|sB;i@hhruCeZ|NXur`DGb*){KBc}M)S9I&$u5rox35|1bO6`YEyGS-}!V_JFFWEX#Q;P z4fqy8tWlwm^H$+vpep|f3Ywnn#p8zyvy`CT`LWc7uD0ccQWUt@g%bauaF6o!=dGa) zy#Kcg$j~hqqC5c@WGw+z1*uQs7I3J|m*I_a#PD_$^BzSrOugS-)Qmk4QVKQ%*uuM9 zw?{11`e_80%0ynlg;20oXKEur>;|avYL3CcspqN>f~$vSdCC4N56}LkEKu<500hLi z1zajZ$%lYRI5 zrMwA7N6{{vC~v7S&Z34f`aL5b(Jr)q+1v%=l_L3H+bcJZsMI>gTYgCgPYsV}3L3=S z&)&EQ>7Gd09_z)XOO5=5ofK~?;k_R;>OHJ4)-QFw{k`gn8?VlFtaaQ=;OsW@1x+{o zW9nx!otiee1-)vTyc5MMh>OPhBgAYE1@CVYu0oH+Q}biq!Z@_1R_`j~3YdYmStK}t}` z)$3aG%>(v!KF&`NOm5gCG;}3tf}%)8NV3SA_tPUSgXB8ugt`S-E>e$tOuCQYG0YEI z8IbGTbx*ruK;1MGD9!1u7ONBg6kL!#*;3$eRUf1J!83fzEb7z0YKff0OIGnVq&(RD z;0TdYjtO0tXzjXHpSb-Ky;mRjj)OP0HQdX1>kJNmBd<-vf|Z^vU_8`AZ9OuDp01pM zpKJJAFwHM=TxhIBLv2A}o&nmB7RvCzo=e@tFu(7+4up=rtEX@5GhtvV>IaA z%echXr@Hx5x@*JeH}Oi!e$b~KFfOvr#RtT>1?WMTF7zZ#swlsKBXv7} z3_I`N#FrL)f}K1ZO7&VCcz$09HRmUP$e`Hq?jE~o1k%4~6A2L8b~FO#%Y~q{FSVqo zcj^E6HtB#Yq<~YCdi@9VnecrT35#+zCQO3Mqom}RZtv@`(OHJ7xW_z-8-*PbPIPV` z@i`NG_JB4SBx(E%b)alX%3MHw|12id=gkcR*;#)>5xM$o-vP=klr-urY5z-)JZQ|y45%8_85 z_s8V@ff{pmr+Av5@wfV-C|N6pywTDYtgvI?{`wHbHVrHzGM%X(^e%(-M2tefT`ea52^EZnBB=7{KSUPT{5G$kbN-7X|6mNzt zAJ4xS(n_C#9@+mZAo_nN%PFJI;rX(byhx&_44F_~ENFziJdmbSCGfacvw3GE8GY)j zM6G7316mJ&c?XLpAOY~?l|B`ZH;0D9A;Y615F&A05cN`YET@2h)*lh7?G{7`z`fS4 zI9woUFKE-D6>@gx>n{Q<+s*tJrp~Zm#X>+k@L=2}yZcj&C&Sy*y6pk4WA}!|f#$xM z8A&!FbunjJLK+D^+21FXhB5ZGV$pOHrB~@57z*;_{p9YwD8W0@{5-lTEA~cI0Z5({ z1+)i{PuYPiq%(>lH~Ht5i9R#5#;#~%@qmZD?m)#K2c$Nt*Shs1`f1?73Z^a91k+u7 zVdvQGM+}0wv-CmE|(qs}NwjKAvY1sKl&*jqoqxY0P_Q=rZ23uPPZYkbxYe;VI7x03c z2d|2&9dE0&x>sL?Ygrj4x19C5kzz-6QftYh%GsIm%Zdv0gFL!hGOQzw8o71B2$UHU z_rbeI44)|-zN2jG5A)-1A2e`E?ZBpJJDka1pDVbb_1(I8Kpj z`)#^a4RGl>U_MWTXZ5LA&4^|-YQ7bGIv&)2FtnYbJNabEYB4$J53=jGC);_#wiv+l z=M-L4JdFa8dOvJzSB}E&A3jYOWYFUpaT!hZX{KUX_f9fzwkTbHcmL+;J`)bUh6ekX z)&5oR|I7Ec`{t`dHNA~5Wa5{|{Mqv+FW zUD0`JhjJgwkmWuTyo)p>#qQ5xRV&W|xvFPmW!uiQK=aT~HF&pN7_C3{>jkATyxvP? zfUxV{{;QFGS4q1`XM7OM7r5YsmBqwF{F8e~qiAf6;FD~B$ZHN{H=Atcr4Gbj1x*HU z9|MbaiBRqLiNLbyHQ-Z^Y!N{pR#{M?O;%a|yx<}jhsNH$grpTI6ZegMZ7qs_C^%c& zIK;Atao&`jP93oy^C*WhLq&l>mXbGQhVw#&&XYa}$<#?+PX(tJZbQ+q5H>%eh(T9k zI~|^X{@nReR?(0`kV8Uq)u#~rGtzhutv8YyO`JZ=%$`#hP6??a?L8eB1vOOtLpK)! zokN*(jfSDqfWV7Y(2`njv3q>!#`jFFEW^()YQ0i;q%R41A*%509V6zqmB5M7<}H^9 z4vV?Vy^PF~l{!u^EjuoCPPlr?P!9}G-qW#~7Mw|b!ma63T-Omu9IdihGwT12 zfz?Z_ORD;vj(*u0f5cUN&9$zHbo7}v3n56TvAt~xO?oZ;Chb9POvUfNSqHvV5ufCz zlk|Go+pYLFOODWXaVNL!-Bw=2=r{1^id*pH$0499>@Uoho+_*YbRL_F6i#jOEHTDSXQoB2}={^9C?z$DPkj`_u|MVx~4a^h+d?7sT z>FiKz5(@eXV)~&u4ET;ef;`sGWfcC4$y67yY5 zUrCYQ>%m_q|52!X-2F!}^%sd6_pCs@;vT|_(OY;AF%UNg?z8k8fy(@`Gx2bA3CVSL zIErdNNCQ_52W}T5ren7KUX~xUuH#BymZX}%tJkp;GrJDR%F(Jyz5{I4-{Nf|9zd7d zFieQV)^mRT)At9EHHrT{?6|MzhE<_GqFV&-7iXWG-|AFt&P9{ivwyiU zoSi-2pO2Z5Fwi$|XXj3?N{SGL5 zG*)ZVmuu5|N`uO!3~NZ*w&IJrUW^Mm@ZF-%inKT+){Rki*fWZEXgZx^6}}gf*2&Fa z@-vCqO4QU!+n5d6U}>FcxwotD4Lr1bGq1*pJ`H&O5zZgX4pG49o7+#fv#DOm-xLhB zzo_DS^fFNi$o_>*Sf+c;IrUN`3?=ZQfzsv zOx?jgxjnVQS>#e9RmPW#q2GfGc6R_ z&=IIPg7+yDV~TZ0D~GDFTap_mbffYUj9!H)x)CB+h2_^+7;dEWqN=SucgVoq@4wZ} z6*i5PPTxzxOtwX4c~PeLFHIe+`%h!#fMZ%?p6JEGLeK$bb)TuVJa^dEcXVgScyBIq zk{Sxuj>+7T zcooDzu*3BP4alkF2AZEI>NO`L>F7J<*{W=<^J34w-zmM8Z=3c-Kn6Br8q5t3Bipkz zdRWJJ5*H865M^5(wrz;M{fLgyOU@uS8=endG*u+O_!`Skew)r9`-5=w?OT|1W5)TN z=_ua;o=TQ(Q~TE}UCaR2Xg|-3T!$v0HT8*nQl)cQ`2uKu#RH0P3UA5dN1^l!pPKsG z9GIn7CB`R0fW z`M4iz|3B~SL{^M2MY$B7UocDm!_crhpXEedHmKe5oWIZS_I%8bCeHH$)OO^F_%NfGl$3dw71^weThahs}OAZ_p{DLrC`7_LLX+#i}%fIsxXnD<%Ie{7WgBG!N zz#~CG;jWGcy9(q9N8zAb4e~sn{iS9LcvmkB2J;FRpM;BNm>i|gavp)+Jfz0M5T4>@ zLe3to>W%6`2#JNL%2s#%`Z%Vpg5UDdOZDcz?>N!fj)^;)BmI{~H5*^M-S-f8)j1Q~ z`BEWf{@_A6!b&KFAvC8ai_1E@>u{mlOp5Lp{^2Sc%<6Zi>sOLXN-(pg$&3c@(`qJ- zJ_?_1!nyCg=D`8Yj4(@D>1*&2jGiV)d&{dB`c!4XX zfQHXhP!P(s__2>eN3QQ)j;uh4)89#FxprvYfA5;Tc=!erhyF+SwIOl<{U!?&|DRBNZ-TYncp2!x!f$wM znH0(=%I)~7zv^imq-d(?v~_T5Vkmd_^TvI~nXmTIgx){FZ|-w8R2(N|?j3acgHQX5I!Xm4LzJ^8SGzE_5wZH&F5XI~PkxgVkzM4R z4mmq-eU_fD7}Dk-#8@J}M1;*FVaB2lWh{83^US1w^>4pwWtQoZ30GWqt%#xD&wE$k^)R~5weV(|IcP<*SMM= zdW`DZsR9uVU=qKcT5zFE$0=i_{isL9p33I6+xH0+b@jV*gQ# z|7CAUjkw8@oh1{o`i=a5w>G9XJU{Q!a9 z0>!j=CO#$i}zz&3w;NYAB*_6cB7gz*A?2b_Cu10ZW2-x{_d zpgiQm9hd{p@e;ni=D&T#i=q3DJMFeGEv3Bbk^=KifB(LfL3hik<*3FvW-7+F;>L%U zcu3%wboY+@vWW_-AVytUaochB~Y&rjh z!LN!ux|-i4Ntd1<7&pUTM{uvdgW^M8#@5U|YL!YdY^ytI+vrS7q$AV8s})@)Hg=&O zT(yqtee(w+9F%{)kf)!xyLKJaI?8>0Ax8&_VU8_FZ7_ZxH(ZF5eN`EUp-Nag=y|OCRKw}IUJ+BI0fe6$v6AC${ zy$5COg0!T}fMlql7+9Qj>e1r|F3Qj=bKOOgvxM ztqzAPb!7yv`ZWIl`M2dEG%!GqRTy(>EUr%1PhJrP9^ld%4y$WeBYX(*`bbNS|uXkRK`d)1XD90n}F&~;@6(Hfo_}?rFeX_z1$DU?UX2l?nOba z@o5Q{%s*D`25blMe*#<5&slGegIbIlAnbkwINgjo$|g%EYMco2zMpXX$1r()O({lq zbvTG>wLO*|N z?6d9Z7Lpw(F$EDTL{3QLLnvk$vAmh)5lQ&R5@?^8Z*!__>NZ$z8z0zZ!#Fe6vz{^! zQN(M#tCvmJ?9O8bC_d{@9PCOuSziqrc);{@`j(U6yMSJ;AYr@SYsA1MN#-CK} z{`|l|zmq@N6G6CkT1iDbb@tHga;1#wr?tU>9|N}9{N@5h@i|rpsvF8_hsnX+o?J=i zgmKeY8{9du8PjfnNp;`_WuFGE;2F*LqI;-E;-4QJ++R|rE1#39w AllowOverride All diff --git a/install/ubuntu/templates/web/apache2/basedir.tpl b/install/debian/7/templates/web/apache2/basedir.tpl similarity index 84% rename from install/ubuntu/templates/web/apache2/basedir.tpl rename to install/debian/7/templates/web/apache2/basedir.tpl index c24b12796..07ec38c98 100755 --- a/install/ubuntu/templates/web/apache2/basedir.tpl +++ b/install/debian/7/templates/web/apache2/basedir.tpl @@ -14,9 +14,7 @@ AllowOverride All Options +Includes -Indexes +ExecCGI - php_admin_value open_basedir %docroot%:%home%/%user%/tmp - php_admin_value upload_tmp_dir %home%/%user%/tmp - php_admin_value session.save_path %home%/%user%/tmp + php_admin_value open_basedir %docroot% AllowOverride All diff --git a/install/debian/templates/web/apache2/default.stpl b/install/debian/7/templates/web/apache2/default.stpl similarity index 100% rename from install/debian/templates/web/apache2/default.stpl rename to install/debian/7/templates/web/apache2/default.stpl diff --git a/install/debian/templates/web/apache2/default.tpl b/install/debian/7/templates/web/apache2/default.tpl similarity index 100% rename from install/debian/templates/web/apache2/default.tpl rename to install/debian/7/templates/web/apache2/default.tpl diff --git a/install/debian/templates/web/apache2/hosting.stpl b/install/debian/7/templates/web/apache2/hosting.stpl similarity index 100% rename from install/debian/templates/web/apache2/hosting.stpl rename to install/debian/7/templates/web/apache2/hosting.stpl diff --git a/install/debian/templates/web/apache2/hosting.tpl b/install/debian/7/templates/web/apache2/hosting.tpl similarity index 100% rename from install/debian/templates/web/apache2/hosting.tpl rename to install/debian/7/templates/web/apache2/hosting.tpl diff --git a/install/debian/templates/web/apache2/phpcgi.sh b/install/debian/7/templates/web/apache2/phpcgi.sh similarity index 100% rename from install/debian/templates/web/apache2/phpcgi.sh rename to install/debian/7/templates/web/apache2/phpcgi.sh diff --git a/install/debian/templates/web/apache2/phpcgi.stpl b/install/debian/7/templates/web/apache2/phpcgi.stpl similarity index 100% rename from install/debian/templates/web/apache2/phpcgi.stpl rename to install/debian/7/templates/web/apache2/phpcgi.stpl diff --git a/install/debian/templates/web/apache2/phpcgi.tpl b/install/debian/7/templates/web/apache2/phpcgi.tpl similarity index 100% rename from install/debian/templates/web/apache2/phpcgi.tpl rename to install/debian/7/templates/web/apache2/phpcgi.tpl diff --git a/install/debian/templates/web/apache2/phpfcgid.sh b/install/debian/7/templates/web/apache2/phpfcgid.sh similarity index 100% rename from install/debian/templates/web/apache2/phpfcgid.sh rename to install/debian/7/templates/web/apache2/phpfcgid.sh diff --git a/install/debian/templates/web/apache2/phpfcgid.stpl b/install/debian/7/templates/web/apache2/phpfcgid.stpl similarity index 100% rename from install/debian/templates/web/apache2/phpfcgid.stpl rename to install/debian/7/templates/web/apache2/phpfcgid.stpl diff --git a/install/debian/templates/web/apache2/phpfcgid.tpl b/install/debian/7/templates/web/apache2/phpfcgid.tpl similarity index 100% rename from install/debian/templates/web/apache2/phpfcgid.tpl rename to install/debian/7/templates/web/apache2/phpfcgid.tpl diff --git a/install/debian/templates/web/awstats/awstats.tpl b/install/debian/7/templates/web/awstats/awstats.tpl similarity index 100% rename from install/debian/templates/web/awstats/awstats.tpl rename to install/debian/7/templates/web/awstats/awstats.tpl diff --git a/install/debian/templates/web/awstats/index.tpl b/install/debian/7/templates/web/awstats/index.tpl similarity index 100% rename from install/debian/templates/web/awstats/index.tpl rename to install/debian/7/templates/web/awstats/index.tpl diff --git a/install/debian/templates/web/awstats/nav.tpl b/install/debian/7/templates/web/awstats/nav.tpl similarity index 100% rename from install/debian/templates/web/awstats/nav.tpl rename to install/debian/7/templates/web/awstats/nav.tpl diff --git a/install/debian/templates/web/nginx/caching.stpl b/install/debian/7/templates/web/nginx/caching.stpl similarity index 100% rename from install/debian/templates/web/nginx/caching.stpl rename to install/debian/7/templates/web/nginx/caching.stpl diff --git a/install/debian/templates/web/nginx/caching.tpl b/install/debian/7/templates/web/nginx/caching.tpl similarity index 100% rename from install/debian/templates/web/nginx/caching.tpl rename to install/debian/7/templates/web/nginx/caching.tpl diff --git a/install/debian/templates/web/nginx/default.stpl b/install/debian/7/templates/web/nginx/default.stpl similarity index 100% rename from install/debian/templates/web/nginx/default.stpl rename to install/debian/7/templates/web/nginx/default.stpl diff --git a/install/debian/templates/web/nginx/default.tpl b/install/debian/7/templates/web/nginx/default.tpl similarity index 100% rename from install/debian/templates/web/nginx/default.tpl rename to install/debian/7/templates/web/nginx/default.tpl diff --git a/install/debian/templates/web/nginx/hosting.sh b/install/debian/7/templates/web/nginx/hosting.sh similarity index 100% rename from install/debian/templates/web/nginx/hosting.sh rename to install/debian/7/templates/web/nginx/hosting.sh diff --git a/install/debian/templates/web/nginx/hosting.stpl b/install/debian/7/templates/web/nginx/hosting.stpl similarity index 100% rename from install/debian/templates/web/nginx/hosting.stpl rename to install/debian/7/templates/web/nginx/hosting.stpl diff --git a/install/debian/templates/web/nginx/hosting.tpl b/install/debian/7/templates/web/nginx/hosting.tpl similarity index 100% rename from install/debian/templates/web/nginx/hosting.tpl rename to install/debian/7/templates/web/nginx/hosting.tpl diff --git a/install/debian/7/templates/web/nginx/php5-fpm/cms_made_simple.stpl b/install/debian/7/templates/web/nginx/php5-fpm/cms_made_simple.stpl new file mode 100644 index 000000000..01d82b603 --- /dev/null +++ b/install/debian/7/templates/web/nginx/php5-fpm/cms_made_simple.stpl @@ -0,0 +1,51 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php?page=$request_uri; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/7/templates/web/nginx/php5-fpm/cms_made_simple.tpl b/install/debian/7/templates/web/nginx/php5-fpm/cms_made_simple.tpl new file mode 100644 index 000000000..af452d19f --- /dev/null +++ b/install/debian/7/templates/web/nginx/php5-fpm/cms_made_simple.tpl @@ -0,0 +1,47 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php?page=$request_uri; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/7/templates/web/nginx/php5-fpm/codeigniter2.stpl b/install/debian/7/templates/web/nginx/php5-fpm/codeigniter2.stpl new file mode 100644 index 000000000..a592a652d --- /dev/null +++ b/install/debian/7/templates/web/nginx/php5-fpm/codeigniter2.stpl @@ -0,0 +1,56 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location = /index.php { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME /var/www/html/ci$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location ~ \.php$ { + return 444; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/7/templates/web/nginx/php5-fpm/codeigniter2.tpl b/install/debian/7/templates/web/nginx/php5-fpm/codeigniter2.tpl new file mode 100644 index 000000000..9b955aa6a --- /dev/null +++ b/install/debian/7/templates/web/nginx/php5-fpm/codeigniter2.tpl @@ -0,0 +1,52 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location = /index.php { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME /var/www/html/ci$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location ~ \.php$ { + return 444; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/7/templates/web/nginx/php5-fpm/codeigniter3.stpl b/install/debian/7/templates/web/nginx/php5-fpm/codeigniter3.stpl new file mode 100644 index 000000000..4d330d34f --- /dev/null +++ b/install/debian/7/templates/web/nginx/php5-fpm/codeigniter3.stpl @@ -0,0 +1,51 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/7/templates/web/nginx/php5-fpm/codeigniter3.tpl b/install/debian/7/templates/web/nginx/php5-fpm/codeigniter3.tpl new file mode 100644 index 000000000..1f446e5d3 --- /dev/null +++ b/install/debian/7/templates/web/nginx/php5-fpm/codeigniter3.tpl @@ -0,0 +1,47 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/7/templates/web/nginx/php5-fpm/datalife_engine.stpl b/install/debian/7/templates/web/nginx/php5-fpm/datalife_engine.stpl new file mode 100644 index 000000000..d1b5bcd24 --- /dev/null +++ b/install/debian/7/templates/web/nginx/php5-fpm/datalife_engine.stpl @@ -0,0 +1,122 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + rewrite "^/page/([0-9]+)(/?)$" /index.php?cstart=$1 last; + + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&cstart=$5&news_name=$6&seourl=$6 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/print:page,([0-9]+),(.*).html(/?)+$" /engine/print.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_name=$4&seourl=$4 last; + + rewrite "^/([^.]+)/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$4&news_page=$2&cstart=$3&seourl=$5&seocat=$1 last; + rewrite "^/([^.]+)/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$2&seourl=$4&seocat=$1 last; + rewrite "^/([^.]+)/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$2&newsid=$3&seourl=$4&seocat=$1 last; + rewrite "^/([^.]+)/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&seourl=$3&seocat=$1 last; + + rewrite "^/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$1&cstart=$2&seourl=$4 last; + rewrite "^/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&news_page=$1&seourl=$3 last; + rewrite "^/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$1&newsid=$2&seourl=$3 last; + rewrite "^/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$1&seourl=$2 last; + + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2&day=$3 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&day=$3&cstart=$4 last; + + rewrite "^/([0-9]{4})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2 last; + rewrite "^/([0-9]{4})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&cstart=$3 last; + + rewrite "^/([0-9]{4})(/?)+$" /index.php?year=$1 last; + rewrite "^/([0-9]{4})/page/([0-9]+)(/?)+$" /index.php?year=$1&cstart=$2 last; + + rewrite "^/tags/([^/]*)(/?)+$" /index.php?do=tags&tag=$1 last; + rewrite "^/tags/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=tags&tag=$1&cstart=$2 last; + + rewrite "^/xfsearch/([^/]*)(/?)+$" /index.php?do=xfsearch&xf=$1 last; + rewrite "^/xfsearch/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=xfsearch&xf=$1&cstart=$2 last; + + rewrite "^/user/([^/]*)/rss.xml$" /engine/rss.php?subaction=allnews&user=$1 last; + rewrite "^/user/([^/]*)(/?)+$" /index.php?subaction=userinfo&user=$1 last; + rewrite "^/user/([^/]*)/page/([0-9]+)(/?)+$" /index.php?subaction=userinfo&user=$1&cstart=$2 last; + rewrite "^/user/([^/]*)/news(/?)+$" /index.php?subaction=allnews&user=$1 last; + rewrite "^/user/([^/]*)/news/page/([0-9]+)(/?)+$" /index.php?subaction=allnews&user=$1&cstart=$2 last; + rewrite "^/user/([^/]*)/news/rss.xml(/?)+$" /engine/rss.php?subaction=allnews&user=$1 last; + + rewrite "^/lastnews(/?)+$" /index.php?do=lastnews last; + rewrite "^/lastnews/page/([0-9]+)(/?)+$" /index.php?do=lastnews&cstart=$1 last; + + rewrite "^/catalog/([^/]*)/rss.xml$" /engine/rss.php?catalog=$1 last; + rewrite "^/catalog/([^/]*)(/?)+$" /index.php?catalog=$1 last; + rewrite "^/catalog/([^/]*)/page/([0-9]+)(/?)+$" /index.php?catalog=$1&cstart=$2 last; + + rewrite "^/newposts(/?)+$" /index.php?subaction=newposts last; + rewrite "^/newposts/page/([0-9]+)(/?)+$" /index.php?subaction=newposts&cstart=$1 last; + + rewrite "^/favorites(/?)+$" /index.php?do=favorites last; + rewrite "^/favorites/page/([0-9]+)(/?)+$" /index.php?do=favorites&cstart=$1 last; + + rewrite "^/rules.html$" /index.php?do=rules last; + rewrite "^/statistics.html$" /index.php?do=stats last; + rewrite "^/addnews.html$" /index.php?do=addnews last; + rewrite "^/rss.xml$" /engine/rss.php last; + rewrite "^/sitemap.xml$" /uploads/sitemap.xml last; + + if (!-d $request_filename) { + rewrite "^/([^.]+)/page/([0-9]+)(/?)+$" /index.php?do=cat&category=$1&cstart=$2 last; + rewrite "^/([^.]+)/?$" /index.php?do=cat&category=$1 last; + } + + if (!-f $request_filename) { + rewrite "^/([^.]+)/rss.xml$" /engine/rss.php?do=cat&category=$1 last; + rewrite "^/page,([0-9]+),([^/]+).html$" /index.php?do=static&page=$2&news_page=$1 last; + rewrite "^/print:([^/]+).html$" /engine/print.php?do=static&page=$1 last; + } + + if (!-f $request_filename) { + rewrite "^/([^/]+).html$" /index.php?do=static&page=$1 last; + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/7/templates/web/nginx/php5-fpm/datalife_engine.tpl b/install/debian/7/templates/web/nginx/php5-fpm/datalife_engine.tpl new file mode 100644 index 000000000..ff33c2325 --- /dev/null +++ b/install/debian/7/templates/web/nginx/php5-fpm/datalife_engine.tpl @@ -0,0 +1,118 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + rewrite "^/page/([0-9]+)(/?)$" /index.php?cstart=$1 last; + + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&cstart=$5&news_name=$6&seourl=$6 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/print:page,([0-9]+),(.*).html(/?)+$" /engine/print.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_name=$4&seourl=$4 last; + + rewrite "^/([^.]+)/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$4&news_page=$2&cstart=$3&seourl=$5&seocat=$1 last; + rewrite "^/([^.]+)/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$2&seourl=$4&seocat=$1 last; + rewrite "^/([^.]+)/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$2&newsid=$3&seourl=$4&seocat=$1 last; + rewrite "^/([^.]+)/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&seourl=$3&seocat=$1 last; + + rewrite "^/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$1&cstart=$2&seourl=$4 last; + rewrite "^/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&news_page=$1&seourl=$3 last; + rewrite "^/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$1&newsid=$2&seourl=$3 last; + rewrite "^/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$1&seourl=$2 last; + + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2&day=$3 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&day=$3&cstart=$4 last; + + rewrite "^/([0-9]{4})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2 last; + rewrite "^/([0-9]{4})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&cstart=$3 last; + + rewrite "^/([0-9]{4})(/?)+$" /index.php?year=$1 last; + rewrite "^/([0-9]{4})/page/([0-9]+)(/?)+$" /index.php?year=$1&cstart=$2 last; + + rewrite "^/tags/([^/]*)(/?)+$" /index.php?do=tags&tag=$1 last; + rewrite "^/tags/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=tags&tag=$1&cstart=$2 last; + + rewrite "^/xfsearch/([^/]*)(/?)+$" /index.php?do=xfsearch&xf=$1 last; + rewrite "^/xfsearch/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=xfsearch&xf=$1&cstart=$2 last; + + rewrite "^/user/([^/]*)/rss.xml$" /engine/rss.php?subaction=allnews&user=$1 last; + rewrite "^/user/([^/]*)(/?)+$" /index.php?subaction=userinfo&user=$1 last; + rewrite "^/user/([^/]*)/page/([0-9]+)(/?)+$" /index.php?subaction=userinfo&user=$1&cstart=$2 last; + rewrite "^/user/([^/]*)/news(/?)+$" /index.php?subaction=allnews&user=$1 last; + rewrite "^/user/([^/]*)/news/page/([0-9]+)(/?)+$" /index.php?subaction=allnews&user=$1&cstart=$2 last; + rewrite "^/user/([^/]*)/news/rss.xml(/?)+$" /engine/rss.php?subaction=allnews&user=$1 last; + + rewrite "^/lastnews(/?)+$" /index.php?do=lastnews last; + rewrite "^/lastnews/page/([0-9]+)(/?)+$" /index.php?do=lastnews&cstart=$1 last; + + rewrite "^/catalog/([^/]*)/rss.xml$" /engine/rss.php?catalog=$1 last; + rewrite "^/catalog/([^/]*)(/?)+$" /index.php?catalog=$1 last; + rewrite "^/catalog/([^/]*)/page/([0-9]+)(/?)+$" /index.php?catalog=$1&cstart=$2 last; + + rewrite "^/newposts(/?)+$" /index.php?subaction=newposts last; + rewrite "^/newposts/page/([0-9]+)(/?)+$" /index.php?subaction=newposts&cstart=$1 last; + + rewrite "^/favorites(/?)+$" /index.php?do=favorites last; + rewrite "^/favorites/page/([0-9]+)(/?)+$" /index.php?do=favorites&cstart=$1 last; + + rewrite "^/rules.html$" /index.php?do=rules last; + rewrite "^/statistics.html$" /index.php?do=stats last; + rewrite "^/addnews.html$" /index.php?do=addnews last; + rewrite "^/rss.xml$" /engine/rss.php last; + rewrite "^/sitemap.xml$" /uploads/sitemap.xml last; + + if (!-d $request_filename) { + rewrite "^/([^.]+)/page/([0-9]+)(/?)+$" /index.php?do=cat&category=$1&cstart=$2 last; + rewrite "^/([^.]+)/?$" /index.php?do=cat&category=$1 last; + } + + if (!-f $request_filename) { + rewrite "^/([^.]+)/rss.xml$" /engine/rss.php?do=cat&category=$1 last; + rewrite "^/page,([0-9]+),([^/]+).html$" /index.php?do=static&page=$2&news_page=$1 last; + rewrite "^/print:([^/]+).html$" /engine/print.php?do=static&page=$1 last; + } + + if (!-f $request_filename) { + rewrite "^/([^/]+).html$" /index.php?do=static&page=$1 last; + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/7/templates/web/nginx/php5-fpm/default.stpl b/install/debian/7/templates/web/nginx/php5-fpm/default.stpl new file mode 100644 index 000000000..a68c99861 --- /dev/null +++ b/install/debian/7/templates/web/nginx/php5-fpm/default.stpl @@ -0,0 +1,50 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/debian/7/templates/web/nginx/php5-fpm/default.tpl b/install/debian/7/templates/web/nginx/php5-fpm/default.tpl new file mode 100644 index 000000000..b143e53ba --- /dev/null +++ b/install/debian/7/templates/web/nginx/php5-fpm/default.tpl @@ -0,0 +1,46 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/7/templates/web/nginx/php5-fpm/dokuwiki.stpl b/install/debian/7/templates/web/nginx/php5-fpm/dokuwiki.stpl new file mode 100644 index 000000000..27483cd8c --- /dev/null +++ b/install/debian/7/templates/web/nginx/php5-fpm/dokuwiki.stpl @@ -0,0 +1,67 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + index doku.php; + try_files $uri $uri/ @dokuwiki; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location ^~ /lib/ { + expires 30d; + } + + location ^~ /conf/ { return 403; } + location ^~ /data/ { return 403; } + + location @dokuwiki { + rewrite ^/_media/(.*) /lib/exe/fetch.php?media=$1 last; + rewrite ^/_detail/(.*) /lib/exe/detail.php?media=$1 last; + rewrite ^/_export/([^/]+)/(.*) /doku.php?do=export_$1&id=$2 last; + rewrite ^/(.*) /doku.php?id=$1 last; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/7/templates/web/nginx/php5-fpm/dokuwiki.tpl b/install/debian/7/templates/web/nginx/php5-fpm/dokuwiki.tpl new file mode 100644 index 000000000..31647c9ff --- /dev/null +++ b/install/debian/7/templates/web/nginx/php5-fpm/dokuwiki.tpl @@ -0,0 +1,62 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + index doku.php; + try_files $uri $uri/ @dokuwiki; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location ^~ /lib/ { + expires 30d; + } + + location ^~ /conf/ { return 403; } + location ^~ /data/ { return 403; } + location @dokuwiki { + rewrite ^/_media/(.*) /lib/exe/fetch.php?media=$1 last; + rewrite ^/_detail/(.*) /lib/exe/detail.php?media=$1 last; + rewrite ^/_export/([^/]+)/(.*) /doku.php?do=export_$1&id=$2 last; + rewrite ^/(.*) /doku.php?id=$1 last; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/7/templates/web/nginx/php5-fpm/drupal.stpl b/install/debian/7/templates/web/nginx/php5-fpm/drupal.stpl new file mode 100644 index 000000000..9a5484396 --- /dev/null +++ b/install/debian/7/templates/web/nginx/php5-fpm/drupal.stpl @@ -0,0 +1,101 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~* \.(txt|log)$ { + allow 192.168.0.0/16; + deny all; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + # No no for private + location ~ ^/sites/.*/private/ { + return 403; + } + + # Block access to "hidden" files and directories whose names begin with a + # period. This includes directories used by version control systems such + # as Subversion or Git to store control files. + location ~ (^|/)\. { + return 403; + } + + location / { + try_files $uri @rewrite; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $request_filename; + fastcgi_intercept_errors on; + include /etc/nginx/fastcgi_params; + } + } + + location @rewrite { + # You have 2 options here + # For D7 and above: + # Clean URLs are handled in drupal_environment_initialize(). + rewrite ^ /index.php; + + # For Drupal 6 and bwlow: + # Some modules enforce no slash (/) at the end of the URL + # Else this rewrite block wouldn't be needed (GlobalRedirect) + #rewrite ^/(.*)$ /index.php?q=$1; + } + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/7/templates/web/nginx/php5-fpm/drupal.tpl b/install/debian/7/templates/web/nginx/php5-fpm/drupal.tpl new file mode 100644 index 000000000..417762c18 --- /dev/null +++ b/install/debian/7/templates/web/nginx/php5-fpm/drupal.tpl @@ -0,0 +1,98 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + # Very rarely should these ever be accessed outside of your lan + location ~* \.(txt|log)$ { + allow 192.168.0.0/16; + deny all; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + # No no for private + location ~ ^/sites/.*/private/ { + return 403; + } + + # Block access to "hidden" files and directories whose names begin with a + # period. This includes directories used by version control systems such + # as Subversion or Git to store control files. + location ~ (^|/)\. { + return 403; + } + + location / { + try_files $uri @rewrite; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $request_filename; + fastcgi_intercept_errors on; + include /etc/nginx/fastcgi_params; + } + } + + location @rewrite { + # You have 2 options here + # For D7 and above: + # Clean URLs are handled in drupal_environment_initialize(). + rewrite ^ /index.php; + + # For Drupal 6 and bwlow: + # Some modules enforce no slash (/) at the end of the URL + # Else this rewrite block wouldn't be needed (GlobalRedirect) + #rewrite ^/(.*)$ /index.php?q=$1; + } + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/7/templates/web/nginx/php5-fpm/joomla.stpl b/install/debian/7/templates/web/nginx/php5-fpm/joomla.stpl new file mode 100644 index 000000000..235a01216 --- /dev/null +++ b/install/debian/7/templates/web/nginx/php5-fpm/joomla.stpl @@ -0,0 +1,58 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + # deny running scripts inside writable directories + location ~* /(images|cache|media|logs|tmp)/.*\.(php|pl|py|jsp|asp|sh|cgi)$ { + return 403; + error_page 403 /403_error.html; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/7/templates/web/nginx/php5-fpm/joomla.tpl b/install/debian/7/templates/web/nginx/php5-fpm/joomla.tpl new file mode 100644 index 000000000..997c268de --- /dev/null +++ b/install/debian/7/templates/web/nginx/php5-fpm/joomla.tpl @@ -0,0 +1,54 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + # deny running scripts inside writable directories + location ~* /(images|cache|media|logs|tmp)/.*\.(php|pl|py|jsp|asp|sh|cgi)$ { + return 403; + error_page 403 /403_error.html; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/7/templates/web/nginx/php5-fpm/owncloud.stpl b/install/debian/7/templates/web/nginx/php5-fpm/owncloud.stpl new file mode 100644 index 000000000..8311ca43f --- /dev/null +++ b/install/debian/7/templates/web/nginx/php5-fpm/owncloud.stpl @@ -0,0 +1,80 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect; + rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect; + rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect; + + error_page 403 = /core/templates/403.php; + error_page 404 = /core/templates/404.php; + + location ~ ^/(?:\.htaccess|data|config|db_structure\.xml|README){ + deny all; + } + + location / { + # The following 2 rules are only needed with webfinger + rewrite ^/.well-known/host-meta /public.php?service=host-meta last; + rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last; + rewrite ^/.well-known/carddav /remote.php/carddav/ redirect; + rewrite ^/.well-known/caldav /remote.php/caldav/ redirect; + rewrite ^(/core/doc/[^\/]+/)$ $1/index.html; + try_files $uri $uri/ /index.php; + + location ~ \.php(?:$|/) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param PATH_INFO $fastcgi_path_info; + #fastcgi_param HTTPS on; + fastcgi_pass %backend_lsnr%; + } + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + # Some basic cache-control for static files to be sent to the browser + add_header Pragma public; + add_header Cache-Control "public, must-revalidate, proxy-revalidate"; + } + + #error_page 403 /error/404.html; + #error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/7/templates/web/nginx/php5-fpm/owncloud.tpl b/install/debian/7/templates/web/nginx/php5-fpm/owncloud.tpl new file mode 100644 index 000000000..57cac2f85 --- /dev/null +++ b/install/debian/7/templates/web/nginx/php5-fpm/owncloud.tpl @@ -0,0 +1,76 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect; + rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect; + rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect; + + error_page 403 = /core/templates/403.php; + error_page 404 = /core/templates/404.php; + + location ~ ^/(?:\.htaccess|data|config|db_structure\.xml|README){ + deny all; + } + + location / { + # The following 2 rules are only needed with webfinger + rewrite ^/.well-known/host-meta /public.php?service=host-meta last; + rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last; + rewrite ^/.well-known/carddav /remote.php/carddav/ redirect; + rewrite ^/.well-known/caldav /remote.php/caldav/ redirect; + rewrite ^(/core/doc/[^\/]+/)$ $1/index.html; + try_files $uri $uri/ /index.php; + + location ~ \.php(?:$|/) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param PATH_INFO $fastcgi_path_info; + #fastcgi_param HTTPS on; + fastcgi_pass %backend_lsnr%; + } + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + # Some basic cache-control for static files to be sent to the browser + add_header Pragma public; + add_header Cache-Control "public, must-revalidate, proxy-revalidate"; + } + + #error_page 403 /error/404.html; + #error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/7/templates/web/nginx/php5-fpm/piwik.stpl b/install/debian/7/templates/web/nginx/php5-fpm/piwik.stpl new file mode 100644 index 000000000..c53af4011 --- /dev/null +++ b/install/debian/7/templates/web/nginx/php5-fpm/piwik.stpl @@ -0,0 +1,68 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + try_files /favicon.ico =204; + } + + location / { + try_files $uri /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + valid_referers none blocked %domain_idn% %alias_idn%; + if ($invalid_referer) { + return 444; + } + expires max; + } + + location ~* ^/(?:index|piwik)\.php$ { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + # Any other attempt to access PHP files returns a 404. + location ~* ^.+\.php$ { + return 404; + } + + # Return a 404 for all text files. + location ~* ^/(?:README|LICENSE[^.]*|LEGALNOTICE)(?:\.txt)*$ { + return 404; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/7/templates/web/nginx/php5-fpm/piwik.tpl b/install/debian/7/templates/web/nginx/php5-fpm/piwik.tpl new file mode 100644 index 000000000..6b4a94a68 --- /dev/null +++ b/install/debian/7/templates/web/nginx/php5-fpm/piwik.tpl @@ -0,0 +1,64 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + try_files /favicon.ico =204; + } + + location / { + try_files $uri /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + valid_referers none blocked %domain_idn% %alias_idn%; + if ($invalid_referer) { + return 444; + } + expires max; + } + + location ~* ^/(?:index|piwik)\.php$ { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + # Any other attempt to access PHP files returns a 404. + location ~* ^.+\.php$ { + return 404; + } + + # Return a 404 for all text files. + location ~* ^/(?:README|LICENSE[^.]*|LEGALNOTICE)(?:\.txt)*$ { + return 404; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/7/templates/web/nginx/php5-fpm/pyrocms.stpl b/install/debian/7/templates/web/nginx/php5-fpm/pyrocms.stpl new file mode 100644 index 000000000..a6fc67556 --- /dev/null +++ b/install/debian/7/templates/web/nginx/php5-fpm/pyrocms.stpl @@ -0,0 +1,61 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location /installer { + try_files $uri $uri/ /installer/index.php; + } + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location = /robots.txt { access_log off; log_not_found off; } + location = /favicon.ico { access_log off; log_not_found off; } + location ~ /\. { access_log off; log_not_found off; deny all; } + location ~ ~$ { access_log off; log_not_found off; deny all; } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/7/templates/web/nginx/php5-fpm/pyrocms.tpl b/install/debian/7/templates/web/nginx/php5-fpm/pyrocms.tpl new file mode 100644 index 000000000..68b378efd --- /dev/null +++ b/install/debian/7/templates/web/nginx/php5-fpm/pyrocms.tpl @@ -0,0 +1,57 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location /installer { + try_files $uri $uri/ /installer/index.php; + } + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location = /robots.txt { access_log off; log_not_found off; } + location = /favicon.ico { access_log off; log_not_found off; } + location ~ /\. { access_log off; log_not_found off; deny all; } + location ~ ~$ { access_log off; log_not_found off; deny all; } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/7/templates/web/nginx/php5-fpm/wordpress.stpl b/install/debian/7/templates/web/nginx/php5-fpm/wordpress.stpl new file mode 100644 index 000000000..910c28b69 --- /dev/null +++ b/install/debian/7/templates/web/nginx/php5-fpm/wordpress.stpl @@ -0,0 +1,50 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/7/templates/web/nginx/php5-fpm/wordpress.tpl b/install/debian/7/templates/web/nginx/php5-fpm/wordpress.tpl new file mode 100644 index 000000000..b143e53ba --- /dev/null +++ b/install/debian/7/templates/web/nginx/php5-fpm/wordpress.tpl @@ -0,0 +1,46 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/7/templates/web/nginx/php5-fpm/wordpress2.stpl b/install/debian/7/templates/web/nginx/php5-fpm/wordpress2.stpl new file mode 100644 index 000000000..2822f8754 --- /dev/null +++ b/install/debian/7/templates/web/nginx/php5-fpm/wordpress2.stpl @@ -0,0 +1,62 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/7/templates/web/nginx/php5-fpm/wordpress2.tpl b/install/debian/7/templates/web/nginx/php5-fpm/wordpress2.tpl new file mode 100644 index 000000000..37b8be305 --- /dev/null +++ b/install/debian/7/templates/web/nginx/php5-fpm/wordpress2.tpl @@ -0,0 +1,58 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/7/templates/web/nginx/php5-fpm/www.conf b/install/debian/7/templates/web/nginx/php5-fpm/www.conf new file mode 100644 index 000000000..d046bceef --- /dev/null +++ b/install/debian/7/templates/web/nginx/php5-fpm/www.conf @@ -0,0 +1,10 @@ +[www] +listen = 127.0.0.1:9000 +listen.allowed_clients = 127.0.0.1 +user = www-data +group = www-data +pm = dynamic +pm.max_children = 50 +pm.start_servers = 5 +pm.min_spare_servers = 3 +pm.max_spare_servers = 35 diff --git a/install/debian/templates/web/nginx/proxy_ip.tpl b/install/debian/7/templates/web/nginx/proxy_ip.tpl similarity index 100% rename from install/debian/templates/web/nginx/proxy_ip.tpl rename to install/debian/7/templates/web/nginx/proxy_ip.tpl diff --git a/install/debian/7/templates/web/php5-fpm/default.tpl b/install/debian/7/templates/web/php5-fpm/default.tpl new file mode 100644 index 000000000..44ccf7a42 --- /dev/null +++ b/install/debian/7/templates/web/php5-fpm/default.tpl @@ -0,0 +1,18 @@ +[%backend%] +listen = 127.0.0.1:%backend_port% +listen.allowed_clients = 127.0.0.1 + +user = %user% +group = %user% + +pm = dynamic +pm.max_children = 50 +pm.start_servers = 3 +pm.min_spare_servers = 2 +pm.max_spare_servers = 10 + +env[HOSTNAME] = $HOSTNAME +env[PATH] = /usr/local/bin:/usr/bin:/bin +env[TMP] = /tmp +env[TMPDIR] = /tmp +env[TEMP] = /tmp diff --git a/install/debian/7/templates/web/php5-fpm/no-php.tpl b/install/debian/7/templates/web/php5-fpm/no-php.tpl new file mode 100644 index 000000000..89487d5f5 --- /dev/null +++ b/install/debian/7/templates/web/php5-fpm/no-php.tpl @@ -0,0 +1,13 @@ +#[%backend%] +#user = %user% +#group = %user% +#listen = /dev/null + +#listen.owner = %user% +#listen.group = nginx + +#pm = dynamic +#pm.max_children = 50 +#pm.start_servers = 3 +#pm.min_spare_servers = 2 +#pm.max_spare_servers = 10 diff --git a/install/debian/7/templates/web/php5-fpm/socket.tpl b/install/debian/7/templates/web/php5-fpm/socket.tpl new file mode 100644 index 000000000..f0513da3e --- /dev/null +++ b/install/debian/7/templates/web/php5-fpm/socket.tpl @@ -0,0 +1,21 @@ +[%backend%] +listen = /var/run/php5-%backend%.sock +listen.allowed_clients = 127.0.0.1 + +user = %user% +group = %user% + +listen.owner = %user% +listen.group = nginx + +pm = dynamic +pm.max_children = 50 +pm.start_servers = 3 +pm.min_spare_servers = 2 +pm.max_spare_servers = 10 + +env[HOSTNAME] = $HOSTNAME +env[PATH] = /usr/local/bin:/usr/bin:/bin +env[TMP] = /tmp +env[TMPDIR] = /tmp +env[TEMP] = /tmp diff --git a/install/debian/7/templates/web/skel/document_errors/403.html b/install/debian/7/templates/web/skel/document_errors/403.html new file mode 100755 index 000000000..9c3f6baab --- /dev/null +++ b/install/debian/7/templates/web/skel/document_errors/403.html @@ -0,0 +1,29 @@ + + + 403 — Forbidden + + + + + + +

%domain%

+ +

403

+

Forbidden

+
+ Unfortunately, you do not have permission to view this +
+ + + diff --git a/install/debian/7/templates/web/skel/document_errors/404.html b/install/debian/7/templates/web/skel/document_errors/404.html new file mode 100755 index 000000000..2cee77084 --- /dev/null +++ b/install/debian/7/templates/web/skel/document_errors/404.html @@ -0,0 +1,28 @@ + + + 404 — Not Found + + + + + + +

%domain%

+

404

+

Page Not Found

+
+ It seems that the page you were trying to reach does not exist anymore, or maybe it has just moved. + You can start again from the home or go back to previous page. +
+ + diff --git a/install/debian/7/templates/web/skel/document_errors/50x.html b/install/debian/7/templates/web/skel/document_errors/50x.html new file mode 100755 index 000000000..85ba648b7 --- /dev/null +++ b/install/debian/7/templates/web/skel/document_errors/50x.html @@ -0,0 +1,29 @@ + + + 500 — Internal Sever Error + + + + + + +

%domain%

+ +

500

+

Internal Server Error

+
+ Sorry, something went wrong :( +
+ + + diff --git a/install/debian/templates/web/skel/public_html/index.html b/install/debian/7/templates/web/skel/public_html/index.html similarity index 100% rename from install/debian/templates/web/skel/public_html/index.html rename to install/debian/7/templates/web/skel/public_html/index.html diff --git a/install/debian/templates/web/skel/public_html/robots.txt b/install/debian/7/templates/web/skel/public_html/robots.txt similarity index 100% rename from install/debian/templates/web/skel/public_html/robots.txt rename to install/debian/7/templates/web/skel/public_html/robots.txt diff --git a/install/debian/templates/web/skel/public_shtml/index.html b/install/debian/7/templates/web/skel/public_shtml/index.html similarity index 100% rename from install/debian/templates/web/skel/public_shtml/index.html rename to install/debian/7/templates/web/skel/public_shtml/index.html diff --git a/install/debian/templates/web/skel/public_shtml/robots.txt b/install/debian/7/templates/web/skel/public_shtml/robots.txt similarity index 100% rename from install/debian/templates/web/skel/public_shtml/robots.txt rename to install/debian/7/templates/web/skel/public_shtml/robots.txt diff --git a/install/debian/templates/web/suspend/.htaccess b/install/debian/7/templates/web/suspend/.htaccess similarity index 100% rename from install/debian/templates/web/suspend/.htaccess rename to install/debian/7/templates/web/suspend/.htaccess diff --git a/install/debian/7/templates/web/suspend/index.html b/install/debian/7/templates/web/suspend/index.html new file mode 100755 index 000000000..9d4fa67b3 --- /dev/null +++ b/install/debian/7/templates/web/suspend/index.html @@ -0,0 +1,27 @@ + + + SUSPEND + + + + + + +

SUSPEND

+

This site has been suspended

+
+ Please contact technical support departament. +
+ + + diff --git a/install/debian/templates/web/webalizer/webalizer.tpl b/install/debian/7/templates/web/webalizer/webalizer.tpl similarity index 100% rename from install/debian/templates/web/webalizer/webalizer.tpl rename to install/debian/7/templates/web/webalizer/webalizer.tpl diff --git a/install/debian/vsftpd.conf b/install/debian/7/vsftpd/vsftpd.conf similarity index 100% rename from install/debian/vsftpd.conf rename to install/debian/7/vsftpd/vsftpd.conf diff --git a/install/ubuntu/apache2.conf b/install/debian/8/apache2/apache2.conf similarity index 98% rename from install/ubuntu/apache2.conf rename to install/debian/8/apache2/apache2.conf index 140acee09..221780117 100644 --- a/install/ubuntu/apache2.conf +++ b/install/debian/8/apache2/apache2.conf @@ -11,7 +11,6 @@ # | `-- * # Global configuration -LockFile ${APACHE_LOCK_DIR}/accept.lock PidFile ${APACHE_PID_FILE} Timeout 30 KeepAlive Off diff --git a/install/ubuntu/apache2-status.conf b/install/debian/8/apache2/status.conf similarity index 100% rename from install/ubuntu/apache2-status.conf rename to install/debian/8/apache2/status.conf diff --git a/install/ubuntu/named.conf b/install/debian/8/bind/named.conf similarity index 100% rename from install/ubuntu/named.conf rename to install/debian/8/bind/named.conf diff --git a/install/ubuntu/clamd.conf b/install/debian/8/clamav/clamd.conf similarity index 100% rename from install/ubuntu/clamd.conf rename to install/debian/8/clamav/clamd.conf diff --git a/install/debian/8/deb_signing.key b/install/debian/8/deb_signing.key new file mode 100644 index 000000000..2ad2db8bc --- /dev/null +++ b/install/debian/8/deb_signing.key @@ -0,0 +1,30 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- +Version: GnuPG v1.4.12 (GNU/Linux) + +mQENBFJIGbEBCAC8SHOOFo7iDTbnC2GhNZ+uBGCh226Dn1QPoFZNFM/DNakHZ6rD +G3wzr8++eKz4fJual/VLllE2N9XDPuxbozb3LLkcyY1WzJqtIXbXhFGQ/SuIeT+x +QY90XU6t2Ckze2c+zUniAWmJ8GSyVmXOoc9JxAQ1u47wvGXLzrjWXc8u8PNRYXuf +fZplTL+dFu9P0d6lP8FGsV+r9wXvvazpRTz3+H8PKrGCYT55ZQIEdG9Jgamylto2 +oVPFXkwGML+TLw6oeCIBuz2y2vtivphW4MJ3ifQjDj7k3n+DTIxfDFs8lB6VRhhY +2nMHCrcZC6U2mhmXmr6O4s1fu6irBVx05ejPABEBAAG0IFNlcmdoZXkgUm9kaW4g +PHNraWRAdmVzdGFjcC5jb20+iQE4BBMBAgAiBQJSSBmxAhsDBgsJCAcDAgYVCAIJ +CgsEFgIDAQIeAQIXgAAKCRBCxbITCh93FPdqB/93GjV9g+wBfeZYLHQK9MDU2wBb +VloYOJJae6IvYKYQVAJayD3PbHdpxrF8s9e23vdnmb9jKu6jX6oV54EIyqP2HPiN +QYc8wcea+eSHerznBixCtoQh8mtdWGFeN71zU/ig7L5qlOVF/EmxDVZTFUeivFxh +IV6qyBnktQKktE45585yKZyyLtfGoXA54DGK69OtJFh+wdkKEMmUXocMl7wUrxW6 +Cx2CuKeEXEgvwu8mRHQi3S3T9XP456qWEn5dWyMVcP660IzEuZfSJApZusNK7zG3 +WMy0/EuX7xHNY3mcNxTOUN1LsO7iHnhHD9+iKWJo9parGkMZzc92MpjDK/g7uQEN +BFJIGbEBCAC7k5QEA9WQM7E3ceNaeLMrA9lXfuzaNCcySq7ONdVAa5PxzbSKdHvz +QFoL1VFqBTYQ038lbil1XqnoM0zvIfAI3LcpS8sq92El/vPxp6jZh2Ari9Uw7x95 +k2cZMgI67g+zQMGdjVRA155nFQRCgg000xU4F7JA6+WsuLlVUmccsDv7YWJExMtC +YPxiuz5DFu8RALnw4Ckts+dbwsrcvUHhkm9b6RAsdCKjjRpUZjLgdltjH83gUVvt +i1YmdjjsVpt95dtsaG+ad852g/Rk8EdxNMkjPF6HLA67CLADP9wYaj80yPcPtylS +ycvPtcclVeHkFBRVM8xZpQd4iD19MWI1ABEBAAGJAR8EGAECAAkFAlJIGbECGwwA +CgkQQsWyEwofdxQ7tQgAhB0FwTs7L8Qr63DHC2yAnXVxgtTAY1/36CccNXVculyR ++EkLcwahms9AKhz7eQb+Mud+5vH0GRohLp2npgO38CjVUfIP5d+Y6dsthmrkF6p8 +XdV1dVK9vWX+i/YZSw/Mded30Cq4P2Yhq9EaemMT0rtli8lz2NnkZ9dFJZk1lzJC +CZmRpbjSNWqRU4f7qyh21lYk/OC/0XE8fh8CaO23TZ+6gBionoCztwb7NyC9OArN +qYlNnbmh9iNqdblykPS3bkjf34n2xyMgnIehNrM89tk8PY4UfNPhgT1TMD9W3Svq +ynNZvLuF/FIDwDeC1qcfjGbfDn9fXO/lMIIRooQYKQ== +=J2HJ +-----END PGP PUBLIC KEY BLOCK----- diff --git a/install/debian/8/dovecot.tar.gz b/install/debian/8/dovecot.tar.gz new file mode 100644 index 0000000000000000000000000000000000000000..bfabaa030981d087ea4ccd8c7b86cc4d7ab1b7c6 GIT binary patch literal 3487 zcmV;Q4Pf#giwFRAz^+vQ1MM4YZyPrJESWH#l7u_ru?rTWOchsOV;5PJCsTFqMF@1q7J z@8Lu8?+=Fk(NVY80r~evgQH6Rj{$e&-|I9Jo%CDy^^@&^0v-(pACmu3uh#|ncRQo* z(dY>0bqAx~@CoaDG73Hde{=aieOi0^lwDn3^_fjXAZIdQR-~y^a|aq$g|DKQfwbnIX+x!UC0o24+8Ev1e?6`TyF z8`vq$jB@adI3@)oZi~NBA63I*Z>0~uk2KT zaHU4N^Mslf!x4zfNM=3)9v~#FmW9FwMovM>Qqk&A2kn)-mF@3y zG_7=ebDkGV094j@@Vs@0BEc@7@e)9w1lqm6#<#5dEoiE=m z@xRQ?I@Os$l_|q95)Rz0FPp%ZgQ-R*OzH}@2pfc;P;nNeTnTN9qnvI`X4%2lW7cbR zTm3_iDcc$Smm3}Aqsvx4A-9-ir}foWtu?zhA>BPnKH=r8;MprpW)8}EnWd=Ptk>xv zZ$wNMvfvPJARK}+#op!#f3DIl7_7MUF_H+{N8OxpIBtVkjrIw0*#{pt%}|=4)|}#i zlK@)fN@oy7fK{B$wRYhG42V-$TW~dZzNkgA$Vec}F7ibQ_$LtX40NJt`OMjEVY}## zC!XAK34ym>0Rsw56(X|5!=mP(gHmL#q$xf~(P8ePbmY17uP8?-2-eo4Yq8S|{0ePC z{%@rXcpy}2$J3Wi&9@E*NtxUUBtI;i4*_q;ryATy&))c2YhFE=mCZghykWlY>c z$`*4-IYg9zGgoBu+J$PTs?J72mMO7@v=QizHl?Ho^Q6trYBp`MA?apM!Dq&&Fw%;NZ>9uNV(Q;Ji1D zSC=o5I^LcO}XbK_ij~ctOc^?0jNp{bgsnFkh!dQ`x4_i~A(yWFTp;L}~+`2=c6K z3cll({3CicV6e|ZnwY%i*D{1yLZ+?e{=TLY6c|SC1fzpMzDZJI%5L+?v>Mfe#D|AM zu{H~_Ze62e^kh|%!fz>Q2_H!3659BJZVC(0Vjnu9`FU}gzn7>vr-tO$G^OH$ojEgYPB34n)nCN z6_up>=y0fnu2v=w9^ctv_X*FyQ{qy%dak!9@p03;bsS}E4*n(qZ-c&>9>6_P!1vB* z)S>Sb1jo$Vh9~sS!@r29x^Mp=wK=--Pv-z0vj5JYQ`rBokM&>pe^A-~V*p5dl5jAb zF>6B()Q0bEuM;i!{MS(O3O)$;`#>Hz_&+?N{?F*Bvj4{b*Z-lK^uDrs5Xa-jP|B-A`z+-YdcF%DyCW+}{uQ7yN8dB=smp0>#5MR`=XA`_M|@&2rY zZx3;qcSKw<4eRNIXYWR9hn<^w7Q@ziSccrYPi2Y|VUpNm!WeDfdNYG$fi5R_OuDV& z%!xY>ILFc8_Cq&nkN@v}qb4?dwsIDU?QXGzCXef~UH4_fOVB_gLqVlFBKY*=>g4(P z#re%UtS=?NLD9nMx$84TnP5{vXD0pJ|6<>@c0hzQWe!47Af$v-WgUAoa7#{glGpk@ zZ>{epa?OlGyuBkz|5C-&D zX>62B5bhh91xMVx7HNLb_;K4>S8Csx=x_yj>G+sP zYoJHLc3^{Pi~pL%ck9}<&CEpGF9Nl;%!vsdCTDtnY_DI_P0mWP6p-FC77Gq+7U;;R z_qKx!=CJW^E-!^5;+v)tDti>M$qK zMmnu|b$NMJAVUeBetUNMT~T|z0-^}BogfM`fY)aDoF=l zFMF--Ve4Me$(NX7#5m<475cGv?HcmvADsJ6x3wm4@D{7`xTjg;lm*- zO4=y45Y&e@WBcuWP~+K5uALR;b!oED-5MP=oo!)vr2}oHT*3-gpQ8UohXrhNy=W@A zO9iGU!=1fKT!?HoZPJScC9TDy{`g8;5kWx8UpoLTy10Jxob*!`{qijf$TcD#4)2si z-J1<%o&tptmg1?o0}&FNOl~vk2qPa!kx-KhTyrBfzd5u2ed#}{;xeAy8rjP#r?n6>GmN1 zKk8Tc|KkA4I-F8o9~!x&5|@*I6BPg+L!OMPYXh(-F@E`C*gSpx?&_vUSADuQt}E6S zY0wss9}n802Ct!PyB@Y3I;_;;l3%siZ^!+)`S@pr`}IF-qfdMNf6)HB!~UK3e+O6w ztnB|00Hh7}wt@T_K1~8)@ZR)wJF{2{40zOD3Sdwh2HQC3(oTpACZz?pV)Lu!!@SBw z|A=tk{xJo3)cPOT|IxPo-|4&hUuFM~0-?0@@^2DxEC#I83ANGaO)LB~fhax2m$#gg zphvO5S5~BrF;vq+Mye+;{o z{XYh{IxZyRV5V~sPIh|ZG{}QMSnCGt&Iktl)V+-F-%UQQFWUGKQ}ep2ef*u%&wca? zo^0(u@A-b(%-;do|L7z3-|zbT|ESaL;O{>N_>;iO{vQGI_8wX`b@3Y9jdImf(k0Apn?i2sGx!hDyX1>3M#0ef(kxA N{0}P55eWcL004dY&`|&Y literal 0 HcmV?d00001 diff --git a/install/rhel/dovecot/conf.d/10-auth.conf b/install/debian/8/dovecot/conf.d/10-auth.conf similarity index 100% rename from install/rhel/dovecot/conf.d/10-auth.conf rename to install/debian/8/dovecot/conf.d/10-auth.conf diff --git a/install/rhel/dovecot/conf.d/10-logging.conf b/install/debian/8/dovecot/conf.d/10-logging.conf similarity index 100% rename from install/rhel/dovecot/conf.d/10-logging.conf rename to install/debian/8/dovecot/conf.d/10-logging.conf diff --git a/install/rhel/dovecot/conf.d/10-mail.conf b/install/debian/8/dovecot/conf.d/10-mail.conf similarity index 100% rename from install/rhel/dovecot/conf.d/10-mail.conf rename to install/debian/8/dovecot/conf.d/10-mail.conf diff --git a/install/rhel/dovecot/conf.d/10-master.conf b/install/debian/8/dovecot/conf.d/10-master.conf similarity index 100% rename from install/rhel/dovecot/conf.d/10-master.conf rename to install/debian/8/dovecot/conf.d/10-master.conf diff --git a/install/ubuntu/dovecot/conf.d/10-ssl.conf b/install/debian/8/dovecot/conf.d/10-ssl.conf similarity index 100% rename from install/ubuntu/dovecot/conf.d/10-ssl.conf rename to install/debian/8/dovecot/conf.d/10-ssl.conf diff --git a/install/debian/8/dovecot/conf.d/20-imap.conf b/install/debian/8/dovecot/conf.d/20-imap.conf new file mode 100644 index 000000000..1a459f8e4 --- /dev/null +++ b/install/debian/8/dovecot/conf.d/20-imap.conf @@ -0,0 +1,58 @@ +## +## IMAP specific settings +## + +protocol imap { + # Maximum IMAP command line length. Some clients generate very long command + # lines with huge mailboxes, so you may need to raise this if you get + # "Too long argument" or "IMAP command line too large" errors often. + #imap_max_line_length = 64k + + # Maximum number of IMAP connections allowed for a user from each IP address. + # NOTE: The username is compared case-sensitively. + #mail_max_userip_connections = 10 + + # Space separated list of plugins to load (default is global mail_plugins). + #mail_plugins = $mail_plugins + + # IMAP logout format string: + # %i - total number of bytes read from client + # %o - total number of bytes sent to client + #imap_logout_format = bytes=%i/%o + + # Override the IMAP CAPABILITY response. If the value begins with '+', + # add the given capabilities on top of the defaults (e.g. +XFOO XBAR). + #imap_capability = + + # How long to wait between "OK Still here" notifications when client is + # IDLEing. + #imap_idle_notify_interval = 2 mins + + # ID field names and values to send to clients. Using * as the value makes + # Dovecot use the default value. The following fields have default values + # currently: name, version, os, os-version, support-url, support-email. + #imap_id_send = + + # ID fields sent by client to log. * means everything. + #imap_id_log = + + # Workarounds for various client bugs: + # delay-newmail: + # Send EXISTS/RECENT new mail notifications only when replying to NOOP + # and CHECK commands. Some clients ignore them otherwise, for example OSX + # Mail (#Ira4D7AZL1=&Z6#&~ zz`KruB3xbg09_DCMo>VRAaZ-;y)^U@ z_5_W1em^5}=Uk3M(j5%0M~Fp}7>lVIYRqubkoOIoiK#qP6BOckLPYW;2OWgmSsIAg zuZ|mFmaYUYjJJfo8s1fhF1)IOlQ|75La(j33(9U0btUMJvtIut>QYeUVmCrexr&Qi zKbjFQ61zkzP2U-?^r{!(!l(3+?Yga{u}aaFy}dZE-rC%=GOfyYm&N9W)k}T291PDY z*P0t`IZ}uIjJ_-j{V$SH_dlT#cu)PeEcx8DI+m&H|328vfBu=(y@&@N72}Qi-)t}U ze|i14JEpGxd*KMK)CoAp98}8bBuj9v%2KQe1W{6IHF7UVKsi-oBUDPa+B%^mI!l#A z%iggR=`rPvnSp)Z2xvn7V8#q@Dyt%#D2+c|xJU7JZ=WzC$g2~0Q{w%WGdx!uFgO@} z=-u4i58*FN5)y;)2*=Nd+$g+V_$fxmCp11?eTVGz8P->^KFOi;zxe)( z;(T!ZH#>H&|F+iuy|9`8{p-KwZ0f&dYyIB`OZs27=SuT4o@Sm$(ja3D9@K#V)prvv zs8^H+ECdN-k)k768hSV1`}Y@@gAp1N=}x2^dQlk4c0wJawc4RhTtX&fF0G*c4Nk6a z2g6fPkL6zl5rJ&(DMxg| +actionstop = /usr/local/vesta/bin/v-delete-firewall-chain +actioncheck = iptables -n -L INPUT | grep -q 'fail2ban-[ \t]' +actionban = /usr/local/vesta/bin/v-add-firewall-ban +actionunban = /usr/local/vesta/bin/v-delete-firewall-ban diff --git a/install/rhel/fail2ban.filter.conf b/install/debian/8/fail2ban/filter.d/vesta.conf similarity index 100% rename from install/rhel/fail2ban.filter.conf rename to install/debian/8/fail2ban/filter.d/vesta.conf diff --git a/install/debian/8/fail2ban/jail.local b/install/debian/8/fail2ban/jail.local new file mode 100644 index 000000000..eccea0685 --- /dev/null +++ b/install/debian/8/fail2ban/jail.local @@ -0,0 +1,39 @@ +[ssh-iptables] +enabled = true +filter = sshd +action = vesta[name=SSH] +logpath = /var/log/auth.log +maxretry = 5 + +[vsftpd-iptables] +enabled = false +filter = vsftpd +action = vesta[name=FTP] +logpath = /var/log/vsftpd.log +maxretry = 5 + +[exim-iptables] +enabled = true +filter = exim +action = vesta[name=MAIL] +logpath = /var/log/exim4/mainlog + +[dovecot-iptables] +enabled = true +filter = dovecot +action = vesta[name=MAIL] +logpath = /var/log/dovecot.log + +[mysqld-iptables] +enabled = false +filter = mysqld-auth +action = vesta[name=DB] +logpath = /var/log/mysql.log +maxretry = 5 + +[vesta-iptables] +enabled = true +filter = vesta +action = vesta[name=VESTA] +logpath = /var/log/vesta/auth.log +maxretry = 5 diff --git a/install/debian/8/firewall.tar.gz b/install/debian/8/firewall.tar.gz new file mode 100644 index 0000000000000000000000000000000000000000..e8556008077364323d7d6b6934e7a2cf7a734983 GIT binary patch literal 540 zcmV+%0^|K3iwFQ5XyQ}=1MQVdkJ>O4Mzij(@XnhsKo&*MSlh#7(1g=&0&FEG%?Me6ampuO4>y-_`!)kpP&FT0Pj|*j)GSV93 zG0u%P9?@5H>Ue&9TJ8w(mS4U;YbU>kw!5dto6pc!`1H`piz?!Qs? zZ2zTY(j)A}O)l`C?|(Hfn=&r%X0(YbN~&_+%&1`W&E*1z3IZzVUki(*D`*Kk5kQkG z1wFz!17_g@d9ch)G0;wCGL8I9sNtr~X-yEB=^d3PuoC0XT$oBik3eT~aJ zPYYM7vf@1@^`frQB1w}O-E1jovb=r04Y>?eKuHocY1?18ny~4FyPO>aM4!NUUOmFePy(-1M3SddTi>v8NVjB&*t=IgAYbgkDfmmx*FWy-yM^~-2uA1 z`-8QZ4$iCJUfZClsXi!k+gGp^gsj(jT}WJxQ(W4?Rswg^FKlTCd%;5d=XH e1VIo4K@bE%5ClOG1VIqwGCu%8Tmj4gC;$K)2?m1z literal 0 HcmV?d00001 diff --git a/install/rhel/firewall/ports.conf b/install/debian/8/firewall/ports.conf similarity index 93% rename from install/rhel/firewall/ports.conf rename to install/debian/8/firewall/ports.conf index e970f91de..a6ef4dae5 100644 --- a/install/rhel/firewall/ports.conf +++ b/install/debian/8/firewall/ports.conf @@ -11,6 +11,6 @@ PROTOCOL='TCP' PORT='143' PROTOCOL='TCP' PORT='3306' PROTOCOL='TCP' PORT='5432' PROTOCOL='TCP' PORT='8080' -PROTOCOL='TCP' PORT='8443' +PROTOCOL='TCP' PORT='8433' PROTOCOL='TCP' PORT='8083' PROTOCOL='TCP' PORT='12000:12100' diff --git a/install/rhel/firewall/rules.conf b/install/debian/8/firewall/rules.conf similarity index 89% rename from install/rhel/firewall/rules.conf rename to install/debian/8/firewall/rules.conf index 60136e1a5..956c2e1d9 100644 --- a/install/rhel/firewall/rules.conf +++ b/install/debian/8/firewall/rules.conf @@ -1,6 +1,6 @@ RULE='1' ACTION='ACCEPT' PROTOCOL='ICMP' PORT='0' IP='0.0.0.0/0' COMMENT='PING' SUSPENDED='no' TIME='17:13:48' DATE='2014-09-16' RULE='2' ACTION='ACCEPT' PROTOCOL='TCP' PORT='8083' IP='0.0.0.0/0' COMMENT='VESTA' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' -RULE='3' ACTION='ACCEPT' PROTOCOL='TCP' PORT='3306,5432' IP='127.0.0.1/32' COMMENT='DB' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='3' ACTION='ACCEPT' PROTOCOL='TCP' PORT='3306,5432' IP='0.0.0.0/0' COMMENT='DB' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' RULE='4' ACTION='ACCEPT' PROTOCOL='TCP' PORT='143,993' IP='0.0.0.0/0' COMMENT='IMAP' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' RULE='5' ACTION='ACCEPT' PROTOCOL='TCP' PORT='110,995' IP='0.0.0.0/0' COMMENT='POP3' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' RULE='6' ACTION='ACCEPT' PROTOCOL='TCP' PORT='25,465,587,2525' IP='0.0.0.0/0' COMMENT='SMTP' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' diff --git a/install/ubuntu/apache2.log b/install/debian/8/logrotate/apache2 similarity index 100% rename from install/ubuntu/apache2.log rename to install/debian/8/logrotate/apache2 diff --git a/install/debian/8/logrotate/nginx b/install/debian/8/logrotate/nginx new file mode 100644 index 000000000..d667f2135 --- /dev/null +++ b/install/debian/8/logrotate/nginx @@ -0,0 +1,13 @@ +/var/log/nginx/*log /var/log/nginx/domains/*log { + daily + missingok + rotate 52 + compress + delaycompress + notifempty + create 640 nginx adm + sharedscripts + postrotate + [ -f /var/run/nginx.pid ] && kill -USR1 `cat /var/run/nginx.pid` + endscript +} diff --git a/install/rhel/vesta.log b/install/debian/8/logrotate/vesta similarity index 100% rename from install/rhel/vesta.log rename to install/debian/8/logrotate/vesta diff --git a/install/debian/8/mysql/my-large.cnf b/install/debian/8/mysql/my-large.cnf new file mode 100644 index 000000000..d0bab3907 --- /dev/null +++ b/install/debian/8/mysql/my-large.cnf @@ -0,0 +1,42 @@ +[client] +port=3306 +socket=/var/run/mysqld/mysqld.sock + +[mysqld_safe] +socket=/var/run/mysqld/mysqld.sock + +[mysqld] +user=mysql +pid-file=/var/run/mysqld/mysqld.pid +socket=/var/run/mysqld/mysqld.sock +port=3306 +basedir=/usr +datadir=/var/lib/mysql +tmpdir=/tmp +lc-messages-dir=/usr/share/mysql +log_error=/var/log/mysql/error.log + +symbolic-links=0 + +skip-external-locking +key_buffer_size = 256M +max_allowed_packet = 32M +table_open_cache = 256 +sort_buffer_size = 1M +read_buffer_size = 1M +read_rnd_buffer_size = 4M +myisam_sort_buffer_size = 64M +thread_cache_size = 8 +query_cache_size= 16M +thread_concurrency = 8 + +#innodb_use_native_aio = 0 +innodb_file_per_table + +max_connections=200 +max_user_connections=50 +wait_timeout=10 +interactive_timeout=50 +long_query_time=5 + +!includedir /etc/mysql/conf.d/ diff --git a/install/debian/my.cnf b/install/debian/8/mysql/my-medium.cnf similarity index 59% rename from install/debian/my.cnf rename to install/debian/8/mysql/my-medium.cnf index 1b5ff1d24..1c10ab9a6 100644 --- a/install/debian/my.cnf +++ b/install/debian/8/mysql/my-medium.cnf @@ -15,11 +15,26 @@ datadir=/var/lib/mysql tmpdir=/tmp lc-messages-dir=/usr/share/mysql log_error=/var/log/mysql/error.log -max_connections=200 -max_user_connections=30 -wait_timeout=30 -interactive_timeout=50 -long_query_time=5 + +symbolic-links=0 + +skip-external-locking +key_buffer_size = 16M +max_allowed_packet = 16M +table_open_cache = 64 +sort_buffer_size = 512K +net_buffer_length = 8K +read_buffer_size = 256K +read_rnd_buffer_size = 512K +myisam_sort_buffer_size = 8M + +#innodb_use_native_aio = 0 innodb_file_per_table +max_connections=70 +max_user_connections=30 +wait_timeout=10 +interactive_timeout=50 +long_query_time=5 + !includedir /etc/mysql/conf.d/ diff --git a/install/debian/8/mysql/my-small.cnf b/install/debian/8/mysql/my-small.cnf new file mode 100644 index 000000000..26a804781 --- /dev/null +++ b/install/debian/8/mysql/my-small.cnf @@ -0,0 +1,40 @@ +[client] +port=3306 +socket=/var/run/mysqld/mysqld.sock + +[mysqld_safe] +socket=/var/run/mysqld/mysqld.sock + +[mysqld] +user=mysql +pid-file=/var/run/mysqld/mysqld.pid +socket=/var/run/mysqld/mysqld.sock +port=3306 +basedir=/usr +datadir=/var/lib/mysql +tmpdir=/tmp +lc-messages-dir=/usr/share/mysql +log_error=/var/log/mysql/error.log + +symbolic-links=0 + +skip-external-locking +key_buffer_size = 16K +max_allowed_packet = 1M +table_open_cache = 4 +sort_buffer_size = 64K +read_buffer_size = 256K +read_rnd_buffer_size = 256K +net_buffer_length = 2K +thread_stack = 240K + +#innodb_use_native_aio = 0 +innodb_file_per_table + +max_connections=30 +max_user_connections=20 +wait_timeout=10 +interactive_timeout=50 +long_query_time=5 + +!includedir /etc/mysql/conf.d/ diff --git a/install/rhel/nginx.conf b/install/debian/8/nginx/nginx.conf similarity index 99% rename from install/rhel/nginx.conf rename to install/debian/8/nginx/nginx.conf index f7a77b52d..7937301c1 100644 --- a/install/rhel/nginx.conf +++ b/install/debian/8/nginx/nginx.conf @@ -1,5 +1,5 @@ # Server globals -user nginx; +user www-data; worker_processes 2; error_log /var/log/nginx/error.log; pid /var/run/nginx.pid; @@ -106,8 +106,8 @@ http { # Cache proxy_cache_path /var/cache/nginx levels=2 keys_zone=cache:10m inactive=60m max_size=512m; - proxy_temp_path /var/cache/nginx/temp; proxy_cache_key "$host$request_uri $cookie_user"; + proxy_temp_path /var/cache/nginx/temp; proxy_ignore_headers Expires Cache-Control; proxy_cache_use_stale error timeout invalid_header http_502; proxy_cache_valid any 3d; diff --git a/install/debian/8/nginx/phpmyadmin.inc b/install/debian/8/nginx/phpmyadmin.inc new file mode 100644 index 000000000..d70ca3e3c --- /dev/null +++ b/install/debian/8/nginx/phpmyadmin.inc @@ -0,0 +1,15 @@ +location /phpmyadmin { + alias /usr/share/phpmyadmin/; + + location ~ /(libraries|setup) { + return 404; + } + + location ~ ^/phpmyadmin/(.*\.php)$ { + alias /usr/share/phpmyadmin/$1; + fastcgi_pass 127.0.0.1:9000; + fastcgi_index index.php; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $request_filename; + } +} diff --git a/install/debian/8/nginx/phppgadmin.inc b/install/debian/8/nginx/phppgadmin.inc new file mode 100644 index 000000000..cd1e5806b --- /dev/null +++ b/install/debian/8/nginx/phppgadmin.inc @@ -0,0 +1,11 @@ +location /phppgadmin { + alias /usr/share/phppgadmin/; + + location ~ ^/phppgadmin/(.*\.php)$ { + alias /usr/share/phppgadmin/$1; + fastcgi_pass 127.0.0.1:9000; + fastcgi_index index.php; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $request_filename; + } +} diff --git a/install/rhel/nginx-status.conf b/install/debian/8/nginx/status.conf similarity index 100% rename from install/rhel/nginx-status.conf rename to install/debian/8/nginx/status.conf diff --git a/install/debian/8/nginx/webmail.inc b/install/debian/8/nginx/webmail.inc new file mode 100644 index 000000000..ad66895bc --- /dev/null +++ b/install/debian/8/nginx/webmail.inc @@ -0,0 +1,15 @@ +location /webmail { + alias /var/lib/roundcube/; + + location ~ /(config|temp|logs) { + return 404; + } + + location ~ ^/webmail/(.*\.php)$ { + alias /var/lib/roundcube/$1; + fastcgi_pass 127.0.0.1:9000; + fastcgi_index index.php; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $request_filename; + } +} diff --git a/install/debian/8/packages.tar.gz b/install/debian/8/packages.tar.gz new file mode 100644 index 0000000000000000000000000000000000000000..4b778dadce20a61f03a8ca920ec81c55a8730fee GIT binary patch literal 562 zcmV-20?qv&iwFRHoJ3Lp1MQYgkD5>vhFSY7+_9e37(#VaFxE7E(hXh3fdi2rFJZkFya3gX^b)n zVXSCG>M9q!r;?X63%1>^6fD25GP?9(Zs8i zm#eSAOO(kSvCYUG8}`JzlNGcp7>;dtR#6ZOYcoV)W|{76R22A_Q=gJo4AXSy6Mw(T z@QvYNS99i079ZTgdF&uH#Hm!H2Tkno>k1^mATb^lABoBo#r=lG9NGXU~REdk0(83B2vo&kr_ zAp~{{4=IqJS7Kl{UdaJ`lmmICl^~$|AizYY10B;!5Re`k^vG)ug3|w@mF?UAH~v$N z5%B*SfdB3Ik9DT%#Rp2&fAy{S9|r3<{gP~x+kO96-v30?!2fG-8UK&;KeGQw{$uw~ zsNXQZA^ut3x1l|*XixdCp}qF{wFdwI0000000000000000RC})0(q@EkpL(F05 diff --git a/install/ubuntu/pma.conf b/install/debian/8/pma/config.inc.php similarity index 100% rename from install/ubuntu/pma.conf rename to install/debian/8/pma/config.inc.php diff --git a/install/rhel/pg_hba.conf b/install/debian/8/postgresql/pg_hba.conf similarity index 100% rename from install/rhel/pg_hba.conf rename to install/debian/8/postgresql/pg_hba.conf diff --git a/install/debian/8/proftpd/proftpd.conf b/install/debian/8/proftpd/proftpd.conf new file mode 100644 index 000000000..69ec6b2ec --- /dev/null +++ b/install/debian/8/proftpd/proftpd.conf @@ -0,0 +1,32 @@ +ServerName "FTP" +ServerIdent on "FTP Server ready." +ServerAdmin root@localhost +DefaultServer on +DefaultRoot ~ !adm + + + VRootEngine on + VRootAlias /etc/security/pam_env.conf etc/security/pam_env.conf + + +AuthPAMConfig proftpd +AuthOrder mod_auth_pam.c* mod_auth_unix.c +UseReverseDNS off +User proftpd +Group nogroup +MaxInstances 20 +UseSendfile off +LogFormat default "%h %l %u %t \"%r\" %s %b" +LogFormat auth "%v [%P] %h %t \"%r\" %s" +ListOptions -a +RequireValidShell off +PassivePorts 12000 12100 + + + Umask 002 + IdentLookups off + AllowOverwrite yes + + AllowAll + + diff --git a/install/ubuntu/apache2-webmail.conf b/install/debian/8/roundcube/apache.conf similarity index 100% rename from install/ubuntu/apache2-webmail.conf rename to install/debian/8/roundcube/apache.conf diff --git a/install/rhel/roundcube-pw.conf b/install/debian/8/roundcube/config.inc.php similarity index 100% rename from install/rhel/roundcube-pw.conf rename to install/debian/8/roundcube/config.inc.php diff --git a/install/rhel/roundcube-db.conf b/install/debian/8/roundcube/db.inc.php similarity index 100% rename from install/rhel/roundcube-db.conf rename to install/debian/8/roundcube/db.inc.php diff --git a/install/rhel/roundcube-main.conf b/install/debian/8/roundcube/main.inc.php similarity index 99% rename from install/rhel/roundcube-main.conf rename to install/debian/8/roundcube/main.inc.php index a6e1fc2ee..97cdbf2df 100644 --- a/install/rhel/roundcube-main.conf +++ b/install/debian/8/roundcube/main.inc.php @@ -175,6 +175,8 @@ $rcmail_config['smtp_timeout'] = 0; // ---------------------------------- // SYSTEM // ---------------------------------- +include_once("/etc/roundcube/debian-db-roundcube.php"); + // THIS OPTION WILL ALLOW THE INSTALLER TO RUN AND CAN EXPOSE SENSITIVE CONFIG DATA. // ONLY ENABLE IT IF YOU'RE REALLY SURE WHAT YOU'RE DOING! @@ -437,6 +439,7 @@ $rcmail_config['trash_mbox'] = 'Trash'; // these folders will also be displayed with localized names // NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP) $rcmail_config['default_folders'] = array('INBOX', 'Drafts', 'Sent', 'Spam', 'Trash'); +$rcmail_config['default_imap_folders'] = array('INBOX', 'Drafts', 'Sent', 'Spam', 'Trash'); // automatically create the above listed default folders on first login $rcmail_config['create_default_folders'] = true; diff --git a/install/ubuntu/roundcube-driver.php b/install/debian/8/roundcube/vesta.php similarity index 100% rename from install/ubuntu/roundcube-driver.php rename to install/debian/8/roundcube/vesta.php diff --git a/install/rhel/sudoers.admin.conf b/install/debian/8/sudo/admin similarity index 56% rename from install/rhel/sudoers.admin.conf rename to install/debian/8/sudo/admin index b4f870395..47e16098c 100644 --- a/install/rhel/sudoers.admin.conf +++ b/install/debian/8/sudo/admin @@ -1,3 +1,7 @@ # Created by vesta installer +Defaults env_keep="VESTA" +Defaults:admin !syslog +Defaults:admin !requiretty + admin ALL=(ALL) ALL admin ALL=NOPASSWD:/usr/local/vesta/bin/* diff --git a/install/debian/8/templates.tar.gz b/install/debian/8/templates.tar.gz new file mode 100644 index 0000000000000000000000000000000000000000..ce385d269736561780cb42d07b447572cebc7831 GIT binary patch literal 12935 zcmb8URZyHw7p{#YxCM6!?iL`pyF0-l1b6qr-ARz(?ruQ`4^D7`y9DZuAm^Lf{USGsP}RK+Ga`Vs-jJz6Gn9?|BB0`1J6{51&0u1-A(wAoe9`E z6vFFF9$veAdvSRue)_)Gm@QM;@XM>>0=l8*YwY(9{W9)%`RepE;+hLbGq^pv&)ZB8 z+UJ~^_R)U-TTXk!Dy_wd_uoOXH4L}g?^PzZPuwP_giL3A>ZWfDXn-)&+Nm*ctt9Ro zzkcM%b@(K34skWxW)xsdtReG-76iG!9zTrl!oGPF7;opAZ02sl{ChtK1-k6$74E0VejNdmSy38^P3J)Cf1-Zx6e}P#H|JTn7qDvR7!;<+EIe1bS^)*sfD>N50hnQeUnWn zFzTjnL@U1lj|+WjgiikibRW$cPRdAL&8qe8hhbL;eScs!{aa2e*ND-B@$C?!=FCH< z^~s6$i*H`*kGD%$(}!nN!-i^SK>feAX?tMl#;i>zYY8Z`ECzfKVqt*R8<=8~zX--| zp;5yq0um(a)tI)s77x-MFxzhqcEg>lUcYlUq3I%=BpHOc@9K0o`I|be`;KOZlPvIB zYPgu1K~sfidwaY51A@~Wj7>yn42>vAGk#;tx;$*i{Tj6kqc=v+*(I%@AYAhrX~N;| zsVvA7PqoV(G?;0HJg6vh&eRaE17Z&1XD^^m<9eM*0(N776F=<%FzIiF?uy&r%&Ith z($#hX`j!7uj9H2R{rU{N=PLxlanOBhsI7S?)T^%aha@c0@_qh;CBcDNWES-e-~)fv zKigBvPb(cGbwntTr}EF(Q@xXKhVB`e-a8%S*l`ESQcI($yR@DW58K>x`0eP=t{3FKGSRo{uR6e(#H$&Qk ziC(*DUd~E%L)b3adpbv^tUcfN-g!`|C&cJ1X1#Uf_)CxL)Nh*j`pF^P*h863`SqXQ zg13_gtU|4xc-=An4!LsgqoX7@RS6zE)~IG#7NVepDyvEys@ z*$PQ2+eaoBb0@g~!FfY{w&eW}2otfFH4Awx?+i4UTqKU9Msn|(jpkA`XF_p8f*;Gn z9L1&GhDc|*yuCLG-|=WcA)WpAU9RB1w;Ngfulms@WDka*s@ijS2qmv<#;))b^5lUU z=HFlCf<5Rae4^TxH~n=d+@}UT>ttwW+H7C9wHUk!zS2}Jn0%FsMP>-nm`%?Dvs3yy z??763L80Q*Rh#*37V&&Ki%&c8iRi;i0)q|h~vc@%bYbL1kN>=-s0)-cON^Yodi1Kp3KXZ?pJLJKh-(zS?3;W z_;?d?YEg^fIWXfiX5v%K>gFrBUWMWDt8$u757-_T*qr;5k05jG{9I(tE=SDl>LwbTE`79%21I)E>;jq#e6Zxg-5dBfX*LMqh0umSQ2o-uO{D#!-7F0 zt~unv(iXbV2M^9c5n7c7K$B>N6pd^P*}&%wtiwWZ{bfP9OHXMTl08vcbFrD z(tHawlPyRE$*!c`0m7l-Pvp5Q_Pat{0~Dh_4gZd`l}u@}M4~mv&SmMuS7^r%Wn~uq zDqKZF+?smlPthH3MLeow@zTVFU>x21VNhNwDk8cvhNkl@+9BPK*!M5L&+R0kee~yQ zPn}B|<6e{AKH)Dhip&S|Jk~lF8B&Q#0*H@e3Bvustg<_4jnw0wH|&nuh)5ZYv$8&$ ze0Ps<)-;-cSR$PHPBrE|Ixj&aUhNGLjt0Aq!;`_w4)LBhBGJL`c_AgtI_u458364a zyI=%x%|FrU9>hVO4BemNuI-QD|F$&GD+1kr=U;d8=%_LxVT@ayQ(F-=;QMZ8{vPKJ z?ukakSmd&E-!Ni-8iY&<_rjv>IVyWs?P&0iTHJnl&X`v}Ay>DqpoHQQ|s!d4G~E&r^`Y6YC@j@?kZMe1n5pC=`GcHJkG3W z5(?_>(qygL-S8?#O53fJl>}U2-MV%B57eWX!ymAeW%H;a+XqP)dTi2skTBzi%<~2v zxlZq}1SFPfDBdt;T&1y&x9|sD9Jxk2ZNhDT*5KkF`&pBM=fd07G|I9UGqc361TVIe zu~^RmxsUz2H)gt=vuhw!&|Iu^iP00M8eu^so#6dZ{g0D)KGogXh?!@MOR(*FPJ zm7qA-wlYTl3Ry^A)jHQYopA;vvH^9bKuyLG6wq>q zff!S2f&Z?Ll@N}|C=^mQKx9K!T-|pb*-AC)O|Kl<9aVNL&i@srzYQ29#R6!tZ`<$b z9>u@B3(S56Z9o4_A-eLUV|bMh@qMMb;JdPZ>nQxe>hUNZ3-}<8zqsJOi0>oq%%^iK zgwuWD2!@{=K@GIQaRF`~C42HM7$3pJ9%%tn3G; z?H;2Ge(>) z(=BPRn!e6)!2SX0KT1|(*)tWB!xgAc7>gIa=nR)oEH}?x#mJ+v?r^)}N2K4KAUbp| zUIj@q`cHAY4MrV4-i0#WQO>kjAdSD!O)9qY=Kg){Hv9bLl4r)fX1c8}BbsnYXI&2a z-^AuMfeo6ktzS=Z4dGsm^NHrTz26bpuX|5!jTfhTXKY)DSkHh152l+0`{(ixt-1}< zbcxD|X}Cn6+$4PvCs#n;9KHU?Soz__!yta#1Fk=gL{xHKT-`$@o%Z&QZUo=_fucBO zX%X!4T*$@URhRLQU5g(O5n}p!`F-s6VLJ~3jNC$DE>%Av|CPUCKphIW{HM!N>214K zPLRXxw<5aqh{A0-l&*iU2347mnmw?Rn==6ZFB&hAyorD^TD|_0m(2&&eOIaOu&{7A zbPBcNTLx1@-!|#9Vwn8d(ZN%9`jOL}MzkbP^qjAccW|JGyPrY7h&2umnN#_^dJHF{ zOB{p}ar*T6YLnODjtbtG58(3x8uaFBaL_YcVMA1+oq!J!4lPK))@Z}FDp|+LiYu@a zDhcT0{)c>eSVllD2-xGI$zn3BGz3RAl6R;i~4yG{UyOwT+XbQ(0Z@>8mFH@g7 ziUCEdW5>xZ$>UU4&YUx``3njQnH$%4&*_t&6rTdA_NWq~-QO(L#++e~3_y&ICmW%t zwWuzG&5QL5lUHGu$Xdoe#VF1nGjK3PhBB?zbg|kK*L3bD5>X0@dtyFXo9$yU$eDCS z4m8s#jO;GzQ$(VviZ;qIHPv1O1oDF@%(3Mc&y8!AGYYcw8C!53XW|V?A4U1i89d8a zfHX$Tg~$=r)@Hu7S=n8B1i5`Uo<;K?)DR|%utBHffOjx;Mb95{kT%i1c@A0%8k!-C zAlzjUf#S1gL==<2N>v@yp}YBg>T>oe_~#l#mF8co8Vh_+AF7$yXdD7`-@C+2Tx#SP zg_Hism7-12$uPu$Te@bYRq1;Mf0)h}Q*6@uS!kel9kq%N=F+6qHJAUSr3YeA_;t`A zCh%rjXP`mw(}pN@%&>NU#darNKr?JOc`Slin%wLcpOy^eS1bn5DoQf9tf97<>@%w) z%U{-vi4mnBwB68v4Vxn^a(f6glwJ08*T;d-oc!R&u!ZHpkVT%51c`h}QAP47|G}9i z%l(M240*qAMlJ786>N;f?A<*Zh1=5-hdCQu!#|WMPdkDu*teb#WqH{{YASc>N3Jz9 ztB{}ldKN$4GK<**IgiC()Q_7cfCavw85koN*v33hRrrRZlVWnjrKowDc$hyZ+rqZW z{<|U7ObZjrp|Na5NU?a0*gCrz@~#if@(4J$UeUkvm4fQC6Qx63h#I4y%7&+B2>5l{GtlExn3}7CZBn4L9P1oLF4yf;MU@j$x@+RDoSE?Yh-W@>dTTdZsAU+bF zzF?DvW%XkO5hs?eGlJ29$s5HoO|krX#8?(?YpFpTRr>qvxV}QWjOQqWspz$DqM4*P zMJoz=^20Q*j+#xJeNn@7T^rt>rZV}yks>B8wU868$B)DYg`^b0F5;7PpUeM6PO{D;%#AZ<&uCMl$~8h4S#zweCGPL%EW-cEa; zlJyhIO{&-**NGLL_jSk*xb7)uabTMVK#i(1P1N;+Z?%O20}+uOHsZyx-Yc!a5G=E; z!5Gf;8xS8kXbja?dj$C)Y=^#aI;@Ss3W}OX_eoWw{5A7}0<87>5!?2jG`b&d%+<`$ zDspmaE6JBW-QeMh?~*;?$t597P1woPcn@>l5@k$LXuZD9^PL|rS8fy55&%RUj)0dF z2aJ>c6)YTj)ejqjkpBg=Y1TJB{cUlAT3%bA5p>-%omgcm=G17f5G#wgE=O}k1jLr9 zv%Ni8o?5_Ejb36EiCs3Ya+6YmcS1Is`X{iLb9iHywh`F2fX&q#aK$-bTV@5=Fg8lT zaz4YJzTbhAV6i|)5CjVfK7g9J!>+pTf2ZAnP#wwiRsmIVAYkHI+(h{i9*AcrL{8$n>IJ~)+8beVHq_}#Sf=o6$M zUrU@c`ulZr#P=?13#d>j^~(&M-ghCH(RFr8ZRV9I8xOc9LV+FnXrek|QRi%}rPf-D zVxiN8+r_?*%cYfEoeQ_dEPrL>EEFvH5i!2R31S1mK1)5lwPv|cPHVbE8l2xRmV4eaqLbfa*X>9N==^WH#klhCO(?7%3)y!SA;LlZO zH+!?ky9K;)R31}&5GIu{@oegzO?w2lbAAE=O=#wvdWh%jI`9GUUi}_Vmy^-iuLUo= z7cn`9O{P#}2AOE9MLZl}_pLw?+7T3!3A*r#(R-EukMCjIVf;RKH zS=q_{rnO-f2yOXXUG6Yo<|R6EF;;q=P&hh-XpJZ%f`QVEzez-Z)K}ef)vbJ=1QO*? zW;gt~BA+TFW}umxS0kGy_%6TOKrZIBUvwlX{-2Qm#!*#Vu=$0NCN`83vi5IA7Ej-* zm-RO(2CH~@APZNj@aD5t{7G_LuE~mO<48WPs?bsj#)O=f;F&QR@D7x^4}WZi*tm8z zSTGy;J45gM?BS~GwtOZ=W-w83IKI-2-etNX?+s`1#3T#EPi z96E!g_>x)Ghe3mq?-l#7sorYH0SZm7eaE_9rS*EQZvrzQ+hTNd%#nDPq@KW_kkAGdp z8bvYu*BrDYc#Jg!zlx)U#Nmm7(JJjKD;^!%;>PPD=6O#d=-t7cf} zA(nJ*jXv5scRMt-A+MqOXRg8^=nBy@c>f}sv{)=s5@#AeYbLW6fJb7orLTP~nY19J z4AXq4cYlMFHcKuN>qY=^-igkn&ae6U;g`o9aQ@$s*7=*a!LQ7X?R#r#>~V_@0`+U< zRqOW~J!-j|y-%MKvDl?>$>J8%z7upPiNEH-Ll|V|GE~KdK6h7PU{Ssc&EAF!CmDD< zC{TT0M{nM&mUpP^%vs0}_3O%-_9QL^y}eG~T^&mQeyj+iV&DP&;p|!2A1;|n2V7yA zVkmb7!ssi?Hj4FE-%ic_WWI39n8JtK$0ECoJg1jp#R7;MbYp2UjGPwlETTx=1XJIO zgykH&9aY^2kbnO%6dKQQKK;Z9u->|A7MsVfCAzCmZ~IlBQb}w}Hq6`2uT+dPAfTq( z6PDv1^Xp~SUbH!c1>+|rj=fL?a~E_m(WH;i_{5%bW=G>`!s;g7kgTb#gSvJzPmTXx z^P*p4t6Wo~8;CcbRMgj)(Uph%^w;>Tyqr3`K(C&f_4yxBD0uTa1EqE>nQJ#ZbeFcZ zfh6Wf$eHd8XVrf1r;FoqssnR91-j#$>)~u_{G`h-aX5s+t*P|*opw^(%pMUR1yqS= zli1wu=@gSZxaFC1St@FR@*1w%7%?Srb>>)UiC4XM zV)x?=sGjGOtx=3A>1)@A{14O+9$C--P~87@&8zZ#+rKtl`M3QGrfYDO{jhz}reg?r zm4-bOn09axOvNT$(>W<~)@?;vzz}vE=0%kTErWU*-?vI)S*Sx`@UOJ~QR6;Gs;DN{ zD0(5(gj?dyVMk6vatr%}J0;}_C%0KaRe^rwOCPc|APbgmtH`y7;b8T;WB8rf7A zjl2?3#Pfykp^-*!#?}5_+cvH^M@Ln*@C{8Q>#WitdID9bOl)S zjPVW{R>8JMiFqiXuU9)}`q21&_vp=ejcVqyXYl8;-bXkbf(!BPO;hl?HeUkp=PCsN z47KK-eutxdc)Rf*1Uo}v7fA^~Wpz;7<|+E~Hsfoup%xD;IpJYJV@N?96LTN>Y3<|0 zY~ft&-s`6>v%uYFYU$(pyHiUhtadBo&u(!{Fsvgj9QEig&|Ji<6>qBnBzQ>J9R=P5MMb`t=J4Y`%7#a zaeXIwq=m^aGw9WB5tU}+3j4mw`weN5OK{n$ej2bzMziC>p^2BqRU+NZL-CRQTSl8R z(foTpQnu2Ui@qpl>?wbryH=q{Jb_8VnTtFdA?%L(=E`l37DL&NROMo3g0e)~h)>=^ zSn?t9THlSrhNyU*ph_<3Zce5~@YJOwlv4=$={o~j>{Gnl>8$i)(K95-Lp+NNig$^$ zd%9KXy3&bDIRMkEm)RGLg(|i8PxW8j69~9f)bNcU>NEIgV zF7`+8Wj7Jec`dZ1$yN1n)1ZT`wR_6GxuC^^Cq|V#xyHcqv%yjc0Tq!R#ltSzLSJQ{ zc=m0dAi?$>cIGSk%4jUPv8S50-*J0$w!P&GL1j5!nN++DxVy9KT{d$v#Y*H8J_0x1 z@*O0878_Xue;im_3q`$hxZJ;Qho>apEraSXu(CSVw?Ou_yNcN z-LG5GmSC4fu&PlAej>$%Twi*N{(7Gm#bS?qy@KZrTz&_tt2?|02uFZwM%{U!q4YI9 zSnWmd^tiMjJvca1I~5AnJH`gBI|2)txBtzqmI$9g4fLX}&s6hfiXv$c+8ZD75i_r6 z{a=8`wCN7Z8sNE@U+(>h;J+H=3sZg+7bs8y11?FtE%$Y9A-@j5TY$3BS=HQACd}-` zNeF0QbV>n8$_-6k7{A%bxhkoz@(`FzCxMh+(o{##EFXBvJfuE_TJRJ0z4MR#R*%yG zNgn)e%hu;~ayiVZdwHV<`PcDm#n-`D6Dw$%H+{tFaZuZHH*SC6SF_zio~!sV6dwaZ z-qAXV;cUj`W3kU?&oEsr3i+6is%3lnbG~pbBu>tEH$NaUPv>!(WUIj>wl{JqfvmhQ ztmsA$<``V~3451dM^@j%fe#$gH={2E-Oj0(!{fyslB!yrp(eX=i;(xifRAvirYps1 zsl0x`)q2Xro@lsoYkm5mOY4v!wk%53#WNgm!R!5UelhE^g$aT_kDzv8<1rfG4(!xA zM-00+4(}=WERwgpfvFN%zfV5W-n<|Xlu|Nmv2NO+CVyOU%CPAsnIfH!Qs(~YKVr4= z2?IU@ReR8vb19_*$%~<{1G%&ME_ojn_|pl zMUaLcGJk*HiO|~OkyC{aOi!0RyS+LUszMqT&PE{($q;aZ*9lCYJ@(p672?t_F_Bjy zUCr=v&5RJv92S~kaj2V8nuc?*l0Z2!xAN!57C9Gx_w?WFNaw*sOl=w!lyK7Wyy}yX zI(d;iHLPnopc=tOyP^IZ^eU4ut90Fl7z%4{@Iy}B_Cf$Vaj$X&pq&ieRP^(DQbk55 zbH5yX{OXbqws7a4sQ(J3l`$2}r7gD@IAPq%D$5CCEr@xsf}@|rl?<^8f3Lc892{_a zADziqLnJOP?C0fwI~je{5M4vWC@vaw^Y1};Oc*Zh=_LAMr?HeVLJ~Dx%mBkM4)_y0 zLmmY0>_cFS2wU*)HH`q)6e`-*tN
JXql@HLvN@Zghx7di_zx{Jl{l=j8>Rd0iuIDly5)|igW-~8Wh{82vJVRya(Gh28$Tg zNYvQTi%N?bCT;d~G|V4#+1?=$n)3*Hxd;vcbUYEFUd2Vb0A2Nu&?ll{P)8UPg|y7h zt|X>^>LNVb{#blXPfp^$?bprv6EHIeJC+ep4Snj{tkXIm5nFTt8ER^2OuVN!m)S0X zvQb6&n|xqJy&%>~Sa#2_Yw!4`{PZWwbk?(I*2wCsAP|b1st=@4l>#FI_0_}g{H+*3$S0l%u3ywW7$1|v! zaSpbH0u!@>L3X&jg3KQY$hH&phHZrY?~(zKk;K(>(uzNUH- zAZr2aY7}3oR5yTsUaxfjflMoKr|}3vF~{kr4v~c0PlCr#@)7#+3hHvro10o+MqFfo zt~mW?mKeRX>@k4lKg0BMFm;nxaf$PA{1_x*m9s`ei8?E;LBeQjPh;<^BC`vhy=8L5 z7V&1ruJ_U4bC3GCMbrm^YMib4{f-))$Pn`w@a>Pczvf0da-TC@FN1z}mO*A+i99yD z?0_qiI--5?Hby9TD1ip5FaHrL{|FqiUo?X}p29l2ChO3TRP!Rgae*d8XFjXt@lt+2 z(l{O@3MS9x?sg^QXz>(gRF%k(P@nrEjix>Us|FT-+Fwyk>$Q|s_U^a(#+sJf>R0Nk`o%iVEFD>Xu zX43CaBLt7SlSZr>sgwQU=RQ?pa1EU9vC%~c0OR;rBBGUX^6$}2?3>@PSr6go;#A(uRDeJ?r@yt7-{CNjWf$})#`?+ zFPi}mLdWU?k8*Asj=i8JW*@(>J$VC6@%xc~i?g{NFuI%b>=Cb=x3dd$gWg89atW(} zpW$UJH1jFz$K_|Mdo@4XPjjfTLC3Gi)5C_Tc`q8ZDaaS`YX<7~dyc5&+<)V>LrNWw zh|!H@H;_j8_QnQ8l%L8S%>>Q6l5&oGx5~mB7`a#+TWdF^-blaz8YHi*1i^s*##_FvY061=ALqeLd@J$ksHKP z6_vt~i+S&GRR-uk{ed{m2-yA_H6$NcWKeg!b{27o$qN>%+`hm|M zjQrW{eCJpuGlA6OeZNfM*=pe}a)<^~85he}>OE)56_#oGj@puBeg(|;|IxYaXiy&W z-AMMgq<11R%N9ux>R`07CGmPg{W}5dS5v*+RO%`%2QJ-e;6wr@WSo`q^vbpL23}{-71LD?wbSfJb|su5Qg-`CAXhJ6+on33>{I+|^K- zwa7vH3&QmHz2^_T7v2|u1D=jPRs7J?tysxYHt}Nodch%A_&)zMU(j;!`Bbyj0TGQZ zgoKK6jAUQ9a@LP44T9G;z`OFrKX#;sY}9qa3lXQEOut~tlYwZ(?ZXJ~+*(Uv8-?OC zK@NPFkb5V}86w*SD@mDPYD@YSWld@SMH-SkDS26r`r#wM>+(6gP5fS^a8F+sQQ$AA z4fhEU3Tg%Pg)azCL0)w80A(D^hvW*Ci3fRZR8*wwYt}`wMO=4aP7;2-&-EBPV(4cC zH*B^a>!6#azD6inJFwDaC@>201+*`Gm|-5GvFBj>dq9HttUjkJrGq6*7Q}3zGXi^! z+6TPWFZ3J%%rLWIfEKuFqgw;~m|n%79-+Vtadf%`#ET?~C{b#zg9h=&%IS%aFFo`# zNz8vjOOT+`_?p3T0XSE|Ij;d14@Pq^7o$@=1#quf2em$bvWY{l25Q3mFo194!B^Wsg34TJo+;u3;H zh)L68Y8_|n67v>dYp`@xip(ip-0eD;*)jEGuvc-g zmy*qWG(*DDS}Ym#Gs_tjzdh+(;~4jRG3r_pG74zmV*LXIOvP)OSizs4Wc%`@)hbqp5NwjpbcWEw62}W!p z*6|8cobtEeznxZ0F6#XOvo1E@jd zVB@0*+6D6lQ4$(WvC9keSb2MA9kh3)cKl`9lI2`X<_~1cx(V?8$?dig&%>`jKhcrH zGOhC<_!_p)3f}RjY-u8T-)7A%ex2|e`Rq7Da7~%Th32T?PtqT*=7(eaSVvv~-XwzU zrcyVdjp8A8p^dJmXd|m`kJnSJW01feAbrsqaPu~szeWfXH#`8EGGv~_Dbt?S*;r3P z+}1k^|A$;`Hk=Q!Cmfl|LH)`E&U7(tYJ?`&ZzQ9ySb(Eg9}x1|R_ir(zeM42xB=w)0Si$1$NjQTY`AjI?K{SLxzowsX7ZMHi$ zLFA$2ZD*1Z4Y)}Z#W9$I5IUBjLTV9>dp?^gk?KBz@EG=l>nNr+5t2=F1r$$z^twyC zNq{ZCUfd`A7U@Z{&xR!>o4_Fi9-f2LSp%6b(gEM6f_|W}=o0nyXB*!)CA5X?cic3J zQfWU@t(aj(LiOCyeCJL?@YViMMpdULAq2o{4EXP50tIP88CBjjggq-9$J2RU%|1>q zpK9HJ|NC{fQ9kR~e+8N762QdQ|MQ{p$7c{aOq^LnAo95Hae$Uw>hrTlC*Tu)^?A$3rSL#CItz$MK1{#+IIg(P~= zJ>=DZL*G&lxs#hoNz(_dN*L8V2j_f`aP`%iuGN*yF>+%qw-)11PM{Ar!r$TT66xe0 zJsjRCsn&DIEa4m7=bPVKn!*bfTNzcp&L<~ax@$1iqFZ}7yN0u?f+oy$MkR(f!+NWZ z(u|hpY)YTt9dFxTw(*2$}hHhUwJ08-EcnsmZ)-)(-JHS9zNH zKz3TfERImV)15?rnW04WX@E~}+rox?xSHL$^QCcO*4XBhp0L50c!+rg6KCGVIEZH< z+t~QG?0*37FdMe)O?Rm8h(vuncDQHxsj;!;~aoa;ky5pJO-1#@P4%gP=#nVflB&Rn9tL>xE=c2rAyI*><1|WYKK{@dlzKc(0vzK>Hzj6;_pI3=EkI&^?r z%~mU;QU1%QT{_gI%1{qhL;4q3N@E!ZSjS;&haPdV+Yz=5OS2lGrd+ev_TcPdT71{*QLSCls~=|+ynm} z-o9y$nn?iQ;7Um&Bp>mzL+}%Dk*DeLQvxUCHP@_(zF`DUGd5J*c*7E^@Y?4B`~c9eHy;l}b<2I*SECD}i)|-wJLnUGN}~_Ce$cmPWlvGO{qt{5 zuU{^}k9m*)tlyx`v5H1FHee|FjReBJAikh=v)yb9Tgln!p#qUigH#v`%S}~@s9fsh z3r`b*c;yokkH11-cCcrp1UWqGkLaQUs|R|BbzRST__8HjWQy%pcMXo=h8P>QhKn9; zszXG5{30ITQ>UfzkHZns5=6fz1B`yd(`Ds2SKN|eYsdXXIlQ%YPN~{AvNMq^gQkvMwNdVoXleSVR zlX;$}T{H>n{;XpA{b=84d{AQVR+*RIQs%f3!|w}zgK1AhRp`0PcGzz%%9-EkmzBK1 zmk2syi~NO4GPKo&JG(qM?Hes)SJK0go@%q&E9t+dkv1g;81K5OrgB8T7_6)BHlYN4 zShcQtoDHhOKluPAYVXEX1hb5NchbG3qfJ{x!h33I--$j;U#;Zp;%Cr#aN}L4XbE^$ zF{juQPJh$?b}jnX0amS$Qkf%&Oix~}CO{HVi&4ajtls!f2O~i!>A+ogm2@VY3;7-s zA=_=+jZ%6^(bY_;okh{_&%ZlwQa6EP7OB$N+iO2ba(^C_TirN2UWkYn@9th + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + SSLRequireSSL + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %docroot% + + + AllowOverride All + + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf* + + + diff --git a/install/debian/8/templates/web/apache2/basedir.tpl b/install/debian/8/templates/web/apache2/basedir.tpl new file mode 100755 index 000000000..75daf0e10 --- /dev/null +++ b/install/debian/8/templates/web/apache2/basedir.tpl @@ -0,0 +1,35 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %docroot% + + + AllowOverride All + + + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf* + + + diff --git a/install/debian/8/templates/web/apache2/default.stpl b/install/debian/8/templates/web/apache2/default.stpl new file mode 100755 index 000000000..e884a95b9 --- /dev/null +++ b/install/debian/8/templates/web/apache2/default.stpl @@ -0,0 +1,40 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + SSLRequireSSL + Options +Includes -Indexes +ExecCGI + + + AllowOverride All + + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf* + + + diff --git a/install/debian/8/templates/web/apache2/default.tpl b/install/debian/8/templates/web/apache2/default.tpl new file mode 100755 index 000000000..073724ce0 --- /dev/null +++ b/install/debian/8/templates/web/apache2/default.tpl @@ -0,0 +1,34 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes +ExecCGI + + + AllowOverride All + + + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/templates/web/apache2/hosting.stpl b/install/debian/8/templates/web/apache2/hosting.stpl similarity index 96% rename from install/ubuntu/templates/web/apache2/hosting.stpl rename to install/debian/8/templates/web/apache2/hosting.stpl index c1c91e22e..7a5d7787f 100755 --- a/install/ubuntu/templates/web/apache2/hosting.stpl +++ b/install/debian/8/templates/web/apache2/hosting.stpl @@ -43,7 +43,7 @@ AssignUserID %user% %group% - Include %home%/%user%/conf/web/s%web_system%.%domain%.conf* + IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf* diff --git a/install/ubuntu/templates/web/apache2/hosting.tpl b/install/debian/8/templates/web/apache2/hosting.tpl similarity index 95% rename from install/ubuntu/templates/web/apache2/hosting.tpl rename to install/debian/8/templates/web/apache2/hosting.tpl index 8f3ec012a..ab844dc74 100755 --- a/install/ubuntu/templates/web/apache2/hosting.tpl +++ b/install/debian/8/templates/web/apache2/hosting.tpl @@ -37,7 +37,7 @@ AssignUserID %user% %group% - Include %home%/%user%/conf/web/%web_system%.%domain%.conf* + IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf* diff --git a/install/rhel/templates/web/httpd/phpcgi.sh b/install/debian/8/templates/web/apache2/phpcgi.sh similarity index 100% rename from install/rhel/templates/web/httpd/phpcgi.sh rename to install/debian/8/templates/web/apache2/phpcgi.sh diff --git a/install/ubuntu/templates/web/apache2/phpcgi.stpl b/install/debian/8/templates/web/apache2/phpcgi.stpl similarity index 93% rename from install/ubuntu/templates/web/apache2/phpcgi.stpl rename to install/debian/8/templates/web/apache2/phpcgi.stpl index 58c4baf90..aa5137308 100755 --- a/install/ubuntu/templates/web/apache2/phpcgi.stpl +++ b/install/debian/8/templates/web/apache2/phpcgi.stpl @@ -29,7 +29,7 @@ SSLCertificateKeyFile %ssl_key% %ssl_ca_str%SSLCertificateChainFile %ssl_ca% - Include %home%/%user%/conf/web/s%web_system%.%domain%.conf* + IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf* diff --git a/install/ubuntu/templates/web/apache2/phpcgi.tpl b/install/debian/8/templates/web/apache2/phpcgi.tpl similarity index 92% rename from install/ubuntu/templates/web/apache2/phpcgi.tpl rename to install/debian/8/templates/web/apache2/phpcgi.tpl index 21be2cdd7..a05ff252d 100755 --- a/install/ubuntu/templates/web/apache2/phpcgi.tpl +++ b/install/debian/8/templates/web/apache2/phpcgi.tpl @@ -22,7 +22,7 @@ AllowOverride All - Include %home%/%user%/conf/web/%web_system%.%domain%.conf* + IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf* diff --git a/install/rhel/templates/web/httpd/phpfcgid.sh b/install/debian/8/templates/web/apache2/phpfcgid.sh similarity index 100% rename from install/rhel/templates/web/httpd/phpfcgid.sh rename to install/debian/8/templates/web/apache2/phpfcgid.sh diff --git a/install/ubuntu/templates/web/apache2/phpfcgid.stpl b/install/debian/8/templates/web/apache2/phpfcgid.stpl similarity index 94% rename from install/ubuntu/templates/web/apache2/phpfcgid.stpl rename to install/debian/8/templates/web/apache2/phpfcgid.stpl index 20a580093..622495756 100755 --- a/install/ubuntu/templates/web/apache2/phpfcgid.stpl +++ b/install/debian/8/templates/web/apache2/phpfcgid.stpl @@ -30,7 +30,7 @@ SSLCertificateKeyFile %ssl_key% %ssl_ca_str%SSLCertificateChainFile %ssl_ca% - Include %home%/%user%/conf/web/s%web_system%.%domain%.conf* + IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf* diff --git a/install/ubuntu/templates/web/apache2/phpfcgid.tpl b/install/debian/8/templates/web/apache2/phpfcgid.tpl similarity index 92% rename from install/ubuntu/templates/web/apache2/phpfcgid.tpl rename to install/debian/8/templates/web/apache2/phpfcgid.tpl index 72e7d8d44..5c1f16e20 100755 --- a/install/ubuntu/templates/web/apache2/phpfcgid.tpl +++ b/install/debian/8/templates/web/apache2/phpfcgid.tpl @@ -22,7 +22,7 @@ AllowOverride All - Include %home%/%user%/conf/web/%web_system%.%domain%.conf* + IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf* diff --git a/install/rhel/templates/web/awstats/awstats.tpl b/install/debian/8/templates/web/awstats/awstats.tpl similarity index 100% rename from install/rhel/templates/web/awstats/awstats.tpl rename to install/debian/8/templates/web/awstats/awstats.tpl diff --git a/install/rhel/templates/web/awstats/index.tpl b/install/debian/8/templates/web/awstats/index.tpl similarity index 100% rename from install/rhel/templates/web/awstats/index.tpl rename to install/debian/8/templates/web/awstats/index.tpl diff --git a/install/rhel/templates/web/awstats/nav.tpl b/install/debian/8/templates/web/awstats/nav.tpl similarity index 100% rename from install/rhel/templates/web/awstats/nav.tpl rename to install/debian/8/templates/web/awstats/nav.tpl diff --git a/install/debian/8/templates/web/nginx/caching.sh b/install/debian/8/templates/web/nginx/caching.sh new file mode 100755 index 000000000..6eb9126db --- /dev/null +++ b/install/debian/8/templates/web/nginx/caching.sh @@ -0,0 +1,12 @@ +#!/bin/bash + +user=$1 +domain=$2 +ip=$3 +home=$4 +docroot=$5 + +str="proxy_cache_path /var/cache/nginx/$domain levels=2" +str="$str keys_zone=$domain:10m inactive=60m max_size=512m;" +echo "$str" >> /etc/nginx/conf.d/01_caching_pool.conf + diff --git a/install/rhel/templates/web/nginx/caching.stpl b/install/debian/8/templates/web/nginx/caching.stpl similarity index 100% rename from install/rhel/templates/web/nginx/caching.stpl rename to install/debian/8/templates/web/nginx/caching.stpl diff --git a/install/rhel/templates/web/nginx/caching.tpl b/install/debian/8/templates/web/nginx/caching.tpl similarity index 100% rename from install/rhel/templates/web/nginx/caching.tpl rename to install/debian/8/templates/web/nginx/caching.tpl diff --git a/install/ubuntu/templates/web/nginx/default.stpl b/install/debian/8/templates/web/nginx/default.stpl similarity index 100% rename from install/ubuntu/templates/web/nginx/default.stpl rename to install/debian/8/templates/web/nginx/default.stpl diff --git a/install/ubuntu/templates/web/nginx/default.tpl b/install/debian/8/templates/web/nginx/default.tpl similarity index 100% rename from install/ubuntu/templates/web/nginx/default.tpl rename to install/debian/8/templates/web/nginx/default.tpl diff --git a/install/rhel/templates/web/nginx/hosting.sh b/install/debian/8/templates/web/nginx/hosting.sh similarity index 100% rename from install/rhel/templates/web/nginx/hosting.sh rename to install/debian/8/templates/web/nginx/hosting.sh diff --git a/install/ubuntu/templates/web/nginx/hosting.stpl b/install/debian/8/templates/web/nginx/hosting.stpl similarity index 100% rename from install/ubuntu/templates/web/nginx/hosting.stpl rename to install/debian/8/templates/web/nginx/hosting.stpl diff --git a/install/ubuntu/templates/web/nginx/hosting.tpl b/install/debian/8/templates/web/nginx/hosting.tpl similarity index 100% rename from install/ubuntu/templates/web/nginx/hosting.tpl rename to install/debian/8/templates/web/nginx/hosting.tpl diff --git a/install/debian/8/templates/web/nginx/php5-fpm/cms_made_simple.stpl b/install/debian/8/templates/web/nginx/php5-fpm/cms_made_simple.stpl new file mode 100644 index 000000000..01d82b603 --- /dev/null +++ b/install/debian/8/templates/web/nginx/php5-fpm/cms_made_simple.stpl @@ -0,0 +1,51 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php?page=$request_uri; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/8/templates/web/nginx/php5-fpm/cms_made_simple.tpl b/install/debian/8/templates/web/nginx/php5-fpm/cms_made_simple.tpl new file mode 100644 index 000000000..af452d19f --- /dev/null +++ b/install/debian/8/templates/web/nginx/php5-fpm/cms_made_simple.tpl @@ -0,0 +1,47 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php?page=$request_uri; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/8/templates/web/nginx/php5-fpm/codeigniter2.stpl b/install/debian/8/templates/web/nginx/php5-fpm/codeigniter2.stpl new file mode 100644 index 000000000..a592a652d --- /dev/null +++ b/install/debian/8/templates/web/nginx/php5-fpm/codeigniter2.stpl @@ -0,0 +1,56 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location = /index.php { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME /var/www/html/ci$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location ~ \.php$ { + return 444; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/8/templates/web/nginx/php5-fpm/codeigniter2.tpl b/install/debian/8/templates/web/nginx/php5-fpm/codeigniter2.tpl new file mode 100644 index 000000000..9b955aa6a --- /dev/null +++ b/install/debian/8/templates/web/nginx/php5-fpm/codeigniter2.tpl @@ -0,0 +1,52 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location = /index.php { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME /var/www/html/ci$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location ~ \.php$ { + return 444; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/8/templates/web/nginx/php5-fpm/codeigniter3.stpl b/install/debian/8/templates/web/nginx/php5-fpm/codeigniter3.stpl new file mode 100644 index 000000000..4d330d34f --- /dev/null +++ b/install/debian/8/templates/web/nginx/php5-fpm/codeigniter3.stpl @@ -0,0 +1,51 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/8/templates/web/nginx/php5-fpm/codeigniter3.tpl b/install/debian/8/templates/web/nginx/php5-fpm/codeigniter3.tpl new file mode 100644 index 000000000..1f446e5d3 --- /dev/null +++ b/install/debian/8/templates/web/nginx/php5-fpm/codeigniter3.tpl @@ -0,0 +1,47 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/8/templates/web/nginx/php5-fpm/datalife_engine.stpl b/install/debian/8/templates/web/nginx/php5-fpm/datalife_engine.stpl new file mode 100644 index 000000000..d1b5bcd24 --- /dev/null +++ b/install/debian/8/templates/web/nginx/php5-fpm/datalife_engine.stpl @@ -0,0 +1,122 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + rewrite "^/page/([0-9]+)(/?)$" /index.php?cstart=$1 last; + + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&cstart=$5&news_name=$6&seourl=$6 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/print:page,([0-9]+),(.*).html(/?)+$" /engine/print.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_name=$4&seourl=$4 last; + + rewrite "^/([^.]+)/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$4&news_page=$2&cstart=$3&seourl=$5&seocat=$1 last; + rewrite "^/([^.]+)/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$2&seourl=$4&seocat=$1 last; + rewrite "^/([^.]+)/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$2&newsid=$3&seourl=$4&seocat=$1 last; + rewrite "^/([^.]+)/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&seourl=$3&seocat=$1 last; + + rewrite "^/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$1&cstart=$2&seourl=$4 last; + rewrite "^/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&news_page=$1&seourl=$3 last; + rewrite "^/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$1&newsid=$2&seourl=$3 last; + rewrite "^/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$1&seourl=$2 last; + + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2&day=$3 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&day=$3&cstart=$4 last; + + rewrite "^/([0-9]{4})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2 last; + rewrite "^/([0-9]{4})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&cstart=$3 last; + + rewrite "^/([0-9]{4})(/?)+$" /index.php?year=$1 last; + rewrite "^/([0-9]{4})/page/([0-9]+)(/?)+$" /index.php?year=$1&cstart=$2 last; + + rewrite "^/tags/([^/]*)(/?)+$" /index.php?do=tags&tag=$1 last; + rewrite "^/tags/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=tags&tag=$1&cstart=$2 last; + + rewrite "^/xfsearch/([^/]*)(/?)+$" /index.php?do=xfsearch&xf=$1 last; + rewrite "^/xfsearch/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=xfsearch&xf=$1&cstart=$2 last; + + rewrite "^/user/([^/]*)/rss.xml$" /engine/rss.php?subaction=allnews&user=$1 last; + rewrite "^/user/([^/]*)(/?)+$" /index.php?subaction=userinfo&user=$1 last; + rewrite "^/user/([^/]*)/page/([0-9]+)(/?)+$" /index.php?subaction=userinfo&user=$1&cstart=$2 last; + rewrite "^/user/([^/]*)/news(/?)+$" /index.php?subaction=allnews&user=$1 last; + rewrite "^/user/([^/]*)/news/page/([0-9]+)(/?)+$" /index.php?subaction=allnews&user=$1&cstart=$2 last; + rewrite "^/user/([^/]*)/news/rss.xml(/?)+$" /engine/rss.php?subaction=allnews&user=$1 last; + + rewrite "^/lastnews(/?)+$" /index.php?do=lastnews last; + rewrite "^/lastnews/page/([0-9]+)(/?)+$" /index.php?do=lastnews&cstart=$1 last; + + rewrite "^/catalog/([^/]*)/rss.xml$" /engine/rss.php?catalog=$1 last; + rewrite "^/catalog/([^/]*)(/?)+$" /index.php?catalog=$1 last; + rewrite "^/catalog/([^/]*)/page/([0-9]+)(/?)+$" /index.php?catalog=$1&cstart=$2 last; + + rewrite "^/newposts(/?)+$" /index.php?subaction=newposts last; + rewrite "^/newposts/page/([0-9]+)(/?)+$" /index.php?subaction=newposts&cstart=$1 last; + + rewrite "^/favorites(/?)+$" /index.php?do=favorites last; + rewrite "^/favorites/page/([0-9]+)(/?)+$" /index.php?do=favorites&cstart=$1 last; + + rewrite "^/rules.html$" /index.php?do=rules last; + rewrite "^/statistics.html$" /index.php?do=stats last; + rewrite "^/addnews.html$" /index.php?do=addnews last; + rewrite "^/rss.xml$" /engine/rss.php last; + rewrite "^/sitemap.xml$" /uploads/sitemap.xml last; + + if (!-d $request_filename) { + rewrite "^/([^.]+)/page/([0-9]+)(/?)+$" /index.php?do=cat&category=$1&cstart=$2 last; + rewrite "^/([^.]+)/?$" /index.php?do=cat&category=$1 last; + } + + if (!-f $request_filename) { + rewrite "^/([^.]+)/rss.xml$" /engine/rss.php?do=cat&category=$1 last; + rewrite "^/page,([0-9]+),([^/]+).html$" /index.php?do=static&page=$2&news_page=$1 last; + rewrite "^/print:([^/]+).html$" /engine/print.php?do=static&page=$1 last; + } + + if (!-f $request_filename) { + rewrite "^/([^/]+).html$" /index.php?do=static&page=$1 last; + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/8/templates/web/nginx/php5-fpm/datalife_engine.tpl b/install/debian/8/templates/web/nginx/php5-fpm/datalife_engine.tpl new file mode 100644 index 000000000..ff33c2325 --- /dev/null +++ b/install/debian/8/templates/web/nginx/php5-fpm/datalife_engine.tpl @@ -0,0 +1,118 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + rewrite "^/page/([0-9]+)(/?)$" /index.php?cstart=$1 last; + + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&cstart=$5&news_name=$6&seourl=$6 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/print:page,([0-9]+),(.*).html(/?)+$" /engine/print.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_name=$4&seourl=$4 last; + + rewrite "^/([^.]+)/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$4&news_page=$2&cstart=$3&seourl=$5&seocat=$1 last; + rewrite "^/([^.]+)/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$2&seourl=$4&seocat=$1 last; + rewrite "^/([^.]+)/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$2&newsid=$3&seourl=$4&seocat=$1 last; + rewrite "^/([^.]+)/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&seourl=$3&seocat=$1 last; + + rewrite "^/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$1&cstart=$2&seourl=$4 last; + rewrite "^/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&news_page=$1&seourl=$3 last; + rewrite "^/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$1&newsid=$2&seourl=$3 last; + rewrite "^/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$1&seourl=$2 last; + + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2&day=$3 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&day=$3&cstart=$4 last; + + rewrite "^/([0-9]{4})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2 last; + rewrite "^/([0-9]{4})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&cstart=$3 last; + + rewrite "^/([0-9]{4})(/?)+$" /index.php?year=$1 last; + rewrite "^/([0-9]{4})/page/([0-9]+)(/?)+$" /index.php?year=$1&cstart=$2 last; + + rewrite "^/tags/([^/]*)(/?)+$" /index.php?do=tags&tag=$1 last; + rewrite "^/tags/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=tags&tag=$1&cstart=$2 last; + + rewrite "^/xfsearch/([^/]*)(/?)+$" /index.php?do=xfsearch&xf=$1 last; + rewrite "^/xfsearch/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=xfsearch&xf=$1&cstart=$2 last; + + rewrite "^/user/([^/]*)/rss.xml$" /engine/rss.php?subaction=allnews&user=$1 last; + rewrite "^/user/([^/]*)(/?)+$" /index.php?subaction=userinfo&user=$1 last; + rewrite "^/user/([^/]*)/page/([0-9]+)(/?)+$" /index.php?subaction=userinfo&user=$1&cstart=$2 last; + rewrite "^/user/([^/]*)/news(/?)+$" /index.php?subaction=allnews&user=$1 last; + rewrite "^/user/([^/]*)/news/page/([0-9]+)(/?)+$" /index.php?subaction=allnews&user=$1&cstart=$2 last; + rewrite "^/user/([^/]*)/news/rss.xml(/?)+$" /engine/rss.php?subaction=allnews&user=$1 last; + + rewrite "^/lastnews(/?)+$" /index.php?do=lastnews last; + rewrite "^/lastnews/page/([0-9]+)(/?)+$" /index.php?do=lastnews&cstart=$1 last; + + rewrite "^/catalog/([^/]*)/rss.xml$" /engine/rss.php?catalog=$1 last; + rewrite "^/catalog/([^/]*)(/?)+$" /index.php?catalog=$1 last; + rewrite "^/catalog/([^/]*)/page/([0-9]+)(/?)+$" /index.php?catalog=$1&cstart=$2 last; + + rewrite "^/newposts(/?)+$" /index.php?subaction=newposts last; + rewrite "^/newposts/page/([0-9]+)(/?)+$" /index.php?subaction=newposts&cstart=$1 last; + + rewrite "^/favorites(/?)+$" /index.php?do=favorites last; + rewrite "^/favorites/page/([0-9]+)(/?)+$" /index.php?do=favorites&cstart=$1 last; + + rewrite "^/rules.html$" /index.php?do=rules last; + rewrite "^/statistics.html$" /index.php?do=stats last; + rewrite "^/addnews.html$" /index.php?do=addnews last; + rewrite "^/rss.xml$" /engine/rss.php last; + rewrite "^/sitemap.xml$" /uploads/sitemap.xml last; + + if (!-d $request_filename) { + rewrite "^/([^.]+)/page/([0-9]+)(/?)+$" /index.php?do=cat&category=$1&cstart=$2 last; + rewrite "^/([^.]+)/?$" /index.php?do=cat&category=$1 last; + } + + if (!-f $request_filename) { + rewrite "^/([^.]+)/rss.xml$" /engine/rss.php?do=cat&category=$1 last; + rewrite "^/page,([0-9]+),([^/]+).html$" /index.php?do=static&page=$2&news_page=$1 last; + rewrite "^/print:([^/]+).html$" /engine/print.php?do=static&page=$1 last; + } + + if (!-f $request_filename) { + rewrite "^/([^/]+).html$" /index.php?do=static&page=$1 last; + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/8/templates/web/nginx/php5-fpm/default.stpl b/install/debian/8/templates/web/nginx/php5-fpm/default.stpl new file mode 100644 index 000000000..a68c99861 --- /dev/null +++ b/install/debian/8/templates/web/nginx/php5-fpm/default.stpl @@ -0,0 +1,50 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/debian/8/templates/web/nginx/php5-fpm/default.tpl b/install/debian/8/templates/web/nginx/php5-fpm/default.tpl new file mode 100644 index 000000000..b143e53ba --- /dev/null +++ b/install/debian/8/templates/web/nginx/php5-fpm/default.tpl @@ -0,0 +1,46 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/8/templates/web/nginx/php5-fpm/dokuwiki.stpl b/install/debian/8/templates/web/nginx/php5-fpm/dokuwiki.stpl new file mode 100644 index 000000000..27483cd8c --- /dev/null +++ b/install/debian/8/templates/web/nginx/php5-fpm/dokuwiki.stpl @@ -0,0 +1,67 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + index doku.php; + try_files $uri $uri/ @dokuwiki; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location ^~ /lib/ { + expires 30d; + } + + location ^~ /conf/ { return 403; } + location ^~ /data/ { return 403; } + + location @dokuwiki { + rewrite ^/_media/(.*) /lib/exe/fetch.php?media=$1 last; + rewrite ^/_detail/(.*) /lib/exe/detail.php?media=$1 last; + rewrite ^/_export/([^/]+)/(.*) /doku.php?do=export_$1&id=$2 last; + rewrite ^/(.*) /doku.php?id=$1 last; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/8/templates/web/nginx/php5-fpm/dokuwiki.tpl b/install/debian/8/templates/web/nginx/php5-fpm/dokuwiki.tpl new file mode 100644 index 000000000..31647c9ff --- /dev/null +++ b/install/debian/8/templates/web/nginx/php5-fpm/dokuwiki.tpl @@ -0,0 +1,62 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + index doku.php; + try_files $uri $uri/ @dokuwiki; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location ^~ /lib/ { + expires 30d; + } + + location ^~ /conf/ { return 403; } + location ^~ /data/ { return 403; } + location @dokuwiki { + rewrite ^/_media/(.*) /lib/exe/fetch.php?media=$1 last; + rewrite ^/_detail/(.*) /lib/exe/detail.php?media=$1 last; + rewrite ^/_export/([^/]+)/(.*) /doku.php?do=export_$1&id=$2 last; + rewrite ^/(.*) /doku.php?id=$1 last; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/8/templates/web/nginx/php5-fpm/drupal.stpl b/install/debian/8/templates/web/nginx/php5-fpm/drupal.stpl new file mode 100644 index 000000000..9a5484396 --- /dev/null +++ b/install/debian/8/templates/web/nginx/php5-fpm/drupal.stpl @@ -0,0 +1,101 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~* \.(txt|log)$ { + allow 192.168.0.0/16; + deny all; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + # No no for private + location ~ ^/sites/.*/private/ { + return 403; + } + + # Block access to "hidden" files and directories whose names begin with a + # period. This includes directories used by version control systems such + # as Subversion or Git to store control files. + location ~ (^|/)\. { + return 403; + } + + location / { + try_files $uri @rewrite; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $request_filename; + fastcgi_intercept_errors on; + include /etc/nginx/fastcgi_params; + } + } + + location @rewrite { + # You have 2 options here + # For D7 and above: + # Clean URLs are handled in drupal_environment_initialize(). + rewrite ^ /index.php; + + # For Drupal 6 and bwlow: + # Some modules enforce no slash (/) at the end of the URL + # Else this rewrite block wouldn't be needed (GlobalRedirect) + #rewrite ^/(.*)$ /index.php?q=$1; + } + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/8/templates/web/nginx/php5-fpm/drupal.tpl b/install/debian/8/templates/web/nginx/php5-fpm/drupal.tpl new file mode 100644 index 000000000..417762c18 --- /dev/null +++ b/install/debian/8/templates/web/nginx/php5-fpm/drupal.tpl @@ -0,0 +1,98 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + # Very rarely should these ever be accessed outside of your lan + location ~* \.(txt|log)$ { + allow 192.168.0.0/16; + deny all; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + # No no for private + location ~ ^/sites/.*/private/ { + return 403; + } + + # Block access to "hidden" files and directories whose names begin with a + # period. This includes directories used by version control systems such + # as Subversion or Git to store control files. + location ~ (^|/)\. { + return 403; + } + + location / { + try_files $uri @rewrite; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $request_filename; + fastcgi_intercept_errors on; + include /etc/nginx/fastcgi_params; + } + } + + location @rewrite { + # You have 2 options here + # For D7 and above: + # Clean URLs are handled in drupal_environment_initialize(). + rewrite ^ /index.php; + + # For Drupal 6 and bwlow: + # Some modules enforce no slash (/) at the end of the URL + # Else this rewrite block wouldn't be needed (GlobalRedirect) + #rewrite ^/(.*)$ /index.php?q=$1; + } + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/8/templates/web/nginx/php5-fpm/joomla.stpl b/install/debian/8/templates/web/nginx/php5-fpm/joomla.stpl new file mode 100644 index 000000000..235a01216 --- /dev/null +++ b/install/debian/8/templates/web/nginx/php5-fpm/joomla.stpl @@ -0,0 +1,58 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + # deny running scripts inside writable directories + location ~* /(images|cache|media|logs|tmp)/.*\.(php|pl|py|jsp|asp|sh|cgi)$ { + return 403; + error_page 403 /403_error.html; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/8/templates/web/nginx/php5-fpm/joomla.tpl b/install/debian/8/templates/web/nginx/php5-fpm/joomla.tpl new file mode 100644 index 000000000..997c268de --- /dev/null +++ b/install/debian/8/templates/web/nginx/php5-fpm/joomla.tpl @@ -0,0 +1,54 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + # deny running scripts inside writable directories + location ~* /(images|cache|media|logs|tmp)/.*\.(php|pl|py|jsp|asp|sh|cgi)$ { + return 403; + error_page 403 /403_error.html; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/8/templates/web/nginx/php5-fpm/owncloud.stpl b/install/debian/8/templates/web/nginx/php5-fpm/owncloud.stpl new file mode 100644 index 000000000..8311ca43f --- /dev/null +++ b/install/debian/8/templates/web/nginx/php5-fpm/owncloud.stpl @@ -0,0 +1,80 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect; + rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect; + rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect; + + error_page 403 = /core/templates/403.php; + error_page 404 = /core/templates/404.php; + + location ~ ^/(?:\.htaccess|data|config|db_structure\.xml|README){ + deny all; + } + + location / { + # The following 2 rules are only needed with webfinger + rewrite ^/.well-known/host-meta /public.php?service=host-meta last; + rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last; + rewrite ^/.well-known/carddav /remote.php/carddav/ redirect; + rewrite ^/.well-known/caldav /remote.php/caldav/ redirect; + rewrite ^(/core/doc/[^\/]+/)$ $1/index.html; + try_files $uri $uri/ /index.php; + + location ~ \.php(?:$|/) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param PATH_INFO $fastcgi_path_info; + #fastcgi_param HTTPS on; + fastcgi_pass %backend_lsnr%; + } + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + # Some basic cache-control for static files to be sent to the browser + add_header Pragma public; + add_header Cache-Control "public, must-revalidate, proxy-revalidate"; + } + + #error_page 403 /error/404.html; + #error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/8/templates/web/nginx/php5-fpm/owncloud.tpl b/install/debian/8/templates/web/nginx/php5-fpm/owncloud.tpl new file mode 100644 index 000000000..57cac2f85 --- /dev/null +++ b/install/debian/8/templates/web/nginx/php5-fpm/owncloud.tpl @@ -0,0 +1,76 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect; + rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect; + rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect; + + error_page 403 = /core/templates/403.php; + error_page 404 = /core/templates/404.php; + + location ~ ^/(?:\.htaccess|data|config|db_structure\.xml|README){ + deny all; + } + + location / { + # The following 2 rules are only needed with webfinger + rewrite ^/.well-known/host-meta /public.php?service=host-meta last; + rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last; + rewrite ^/.well-known/carddav /remote.php/carddav/ redirect; + rewrite ^/.well-known/caldav /remote.php/caldav/ redirect; + rewrite ^(/core/doc/[^\/]+/)$ $1/index.html; + try_files $uri $uri/ /index.php; + + location ~ \.php(?:$|/) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param PATH_INFO $fastcgi_path_info; + #fastcgi_param HTTPS on; + fastcgi_pass %backend_lsnr%; + } + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + # Some basic cache-control for static files to be sent to the browser + add_header Pragma public; + add_header Cache-Control "public, must-revalidate, proxy-revalidate"; + } + + #error_page 403 /error/404.html; + #error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/8/templates/web/nginx/php5-fpm/piwik.stpl b/install/debian/8/templates/web/nginx/php5-fpm/piwik.stpl new file mode 100644 index 000000000..c53af4011 --- /dev/null +++ b/install/debian/8/templates/web/nginx/php5-fpm/piwik.stpl @@ -0,0 +1,68 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + try_files /favicon.ico =204; + } + + location / { + try_files $uri /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + valid_referers none blocked %domain_idn% %alias_idn%; + if ($invalid_referer) { + return 444; + } + expires max; + } + + location ~* ^/(?:index|piwik)\.php$ { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + # Any other attempt to access PHP files returns a 404. + location ~* ^.+\.php$ { + return 404; + } + + # Return a 404 for all text files. + location ~* ^/(?:README|LICENSE[^.]*|LEGALNOTICE)(?:\.txt)*$ { + return 404; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/8/templates/web/nginx/php5-fpm/piwik.tpl b/install/debian/8/templates/web/nginx/php5-fpm/piwik.tpl new file mode 100644 index 000000000..6b4a94a68 --- /dev/null +++ b/install/debian/8/templates/web/nginx/php5-fpm/piwik.tpl @@ -0,0 +1,64 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + try_files /favicon.ico =204; + } + + location / { + try_files $uri /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + valid_referers none blocked %domain_idn% %alias_idn%; + if ($invalid_referer) { + return 444; + } + expires max; + } + + location ~* ^/(?:index|piwik)\.php$ { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + # Any other attempt to access PHP files returns a 404. + location ~* ^.+\.php$ { + return 404; + } + + # Return a 404 for all text files. + location ~* ^/(?:README|LICENSE[^.]*|LEGALNOTICE)(?:\.txt)*$ { + return 404; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/8/templates/web/nginx/php5-fpm/pyrocms.stpl b/install/debian/8/templates/web/nginx/php5-fpm/pyrocms.stpl new file mode 100644 index 000000000..a6fc67556 --- /dev/null +++ b/install/debian/8/templates/web/nginx/php5-fpm/pyrocms.stpl @@ -0,0 +1,61 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location /installer { + try_files $uri $uri/ /installer/index.php; + } + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location = /robots.txt { access_log off; log_not_found off; } + location = /favicon.ico { access_log off; log_not_found off; } + location ~ /\. { access_log off; log_not_found off; deny all; } + location ~ ~$ { access_log off; log_not_found off; deny all; } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/8/templates/web/nginx/php5-fpm/pyrocms.tpl b/install/debian/8/templates/web/nginx/php5-fpm/pyrocms.tpl new file mode 100644 index 000000000..68b378efd --- /dev/null +++ b/install/debian/8/templates/web/nginx/php5-fpm/pyrocms.tpl @@ -0,0 +1,57 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location /installer { + try_files $uri $uri/ /installer/index.php; + } + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location = /robots.txt { access_log off; log_not_found off; } + location = /favicon.ico { access_log off; log_not_found off; } + location ~ /\. { access_log off; log_not_found off; deny all; } + location ~ ~$ { access_log off; log_not_found off; deny all; } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/8/templates/web/nginx/php5-fpm/wordpress.stpl b/install/debian/8/templates/web/nginx/php5-fpm/wordpress.stpl new file mode 100644 index 000000000..910c28b69 --- /dev/null +++ b/install/debian/8/templates/web/nginx/php5-fpm/wordpress.stpl @@ -0,0 +1,50 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/8/templates/web/nginx/php5-fpm/wordpress.tpl b/install/debian/8/templates/web/nginx/php5-fpm/wordpress.tpl new file mode 100644 index 000000000..b143e53ba --- /dev/null +++ b/install/debian/8/templates/web/nginx/php5-fpm/wordpress.tpl @@ -0,0 +1,46 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/8/templates/web/nginx/php5-fpm/wordpress2.stpl b/install/debian/8/templates/web/nginx/php5-fpm/wordpress2.stpl new file mode 100644 index 000000000..2822f8754 --- /dev/null +++ b/install/debian/8/templates/web/nginx/php5-fpm/wordpress2.stpl @@ -0,0 +1,62 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/debian/8/templates/web/nginx/php5-fpm/wordpress2.tpl b/install/debian/8/templates/web/nginx/php5-fpm/wordpress2.tpl new file mode 100644 index 000000000..37b8be305 --- /dev/null +++ b/install/debian/8/templates/web/nginx/php5-fpm/wordpress2.tpl @@ -0,0 +1,58 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/templates/web/nginx/proxy_ip.tpl b/install/debian/8/templates/web/nginx/proxy_ip.tpl similarity index 100% rename from install/rhel/templates/web/nginx/proxy_ip.tpl rename to install/debian/8/templates/web/nginx/proxy_ip.tpl diff --git a/install/debian/8/templates/web/php5-fpm/default.tpl b/install/debian/8/templates/web/php5-fpm/default.tpl new file mode 100644 index 000000000..44ccf7a42 --- /dev/null +++ b/install/debian/8/templates/web/php5-fpm/default.tpl @@ -0,0 +1,18 @@ +[%backend%] +listen = 127.0.0.1:%backend_port% +listen.allowed_clients = 127.0.0.1 + +user = %user% +group = %user% + +pm = dynamic +pm.max_children = 50 +pm.start_servers = 3 +pm.min_spare_servers = 2 +pm.max_spare_servers = 10 + +env[HOSTNAME] = $HOSTNAME +env[PATH] = /usr/local/bin:/usr/bin:/bin +env[TMP] = /tmp +env[TMPDIR] = /tmp +env[TEMP] = /tmp diff --git a/install/debian/8/templates/web/php5-fpm/no-php.tpl b/install/debian/8/templates/web/php5-fpm/no-php.tpl new file mode 100644 index 000000000..89487d5f5 --- /dev/null +++ b/install/debian/8/templates/web/php5-fpm/no-php.tpl @@ -0,0 +1,13 @@ +#[%backend%] +#user = %user% +#group = %user% +#listen = /dev/null + +#listen.owner = %user% +#listen.group = nginx + +#pm = dynamic +#pm.max_children = 50 +#pm.start_servers = 3 +#pm.min_spare_servers = 2 +#pm.max_spare_servers = 10 diff --git a/install/debian/8/templates/web/php5-fpm/socket.tpl b/install/debian/8/templates/web/php5-fpm/socket.tpl new file mode 100644 index 000000000..f0513da3e --- /dev/null +++ b/install/debian/8/templates/web/php5-fpm/socket.tpl @@ -0,0 +1,21 @@ +[%backend%] +listen = /var/run/php5-%backend%.sock +listen.allowed_clients = 127.0.0.1 + +user = %user% +group = %user% + +listen.owner = %user% +listen.group = nginx + +pm = dynamic +pm.max_children = 50 +pm.start_servers = 3 +pm.min_spare_servers = 2 +pm.max_spare_servers = 10 + +env[HOSTNAME] = $HOSTNAME +env[PATH] = /usr/local/bin:/usr/bin:/bin +env[TMP] = /tmp +env[TMPDIR] = /tmp +env[TEMP] = /tmp diff --git a/install/debian/8/templates/web/skel/document_errors/403.html b/install/debian/8/templates/web/skel/document_errors/403.html new file mode 100755 index 000000000..9c3f6baab --- /dev/null +++ b/install/debian/8/templates/web/skel/document_errors/403.html @@ -0,0 +1,29 @@ + + + 403 — Forbidden + + + + + + +

%domain%

+ +

403

+

Forbidden

+
+ Unfortunately, you do not have permission to view this +
+ + + diff --git a/install/debian/8/templates/web/skel/document_errors/404.html b/install/debian/8/templates/web/skel/document_errors/404.html new file mode 100755 index 000000000..2cee77084 --- /dev/null +++ b/install/debian/8/templates/web/skel/document_errors/404.html @@ -0,0 +1,28 @@ + + + 404 — Not Found + + + + + + +

%domain%

+

404

+

Page Not Found

+
+ It seems that the page you were trying to reach does not exist anymore, or maybe it has just moved. + You can start again from the home or go back to previous page. +
+ + diff --git a/install/debian/8/templates/web/skel/document_errors/50x.html b/install/debian/8/templates/web/skel/document_errors/50x.html new file mode 100755 index 000000000..85ba648b7 --- /dev/null +++ b/install/debian/8/templates/web/skel/document_errors/50x.html @@ -0,0 +1,29 @@ + + + 500 — Internal Sever Error + + + + + + +

%domain%

+ +

500

+

Internal Server Error

+
+ Sorry, something went wrong :( +
+ + + diff --git a/install/rhel/templates/web/skel/public_html/index.html b/install/debian/8/templates/web/skel/public_html/index.html similarity index 100% rename from install/rhel/templates/web/skel/public_html/index.html rename to install/debian/8/templates/web/skel/public_html/index.html diff --git a/install/rhel/templates/web/skel/public_html/robots.txt b/install/debian/8/templates/web/skel/public_html/robots.txt similarity index 100% rename from install/rhel/templates/web/skel/public_html/robots.txt rename to install/debian/8/templates/web/skel/public_html/robots.txt diff --git a/install/rhel/templates/web/skel/public_shtml/index.html b/install/debian/8/templates/web/skel/public_shtml/index.html similarity index 100% rename from install/rhel/templates/web/skel/public_shtml/index.html rename to install/debian/8/templates/web/skel/public_shtml/index.html diff --git a/install/rhel/templates/web/skel/public_shtml/robots.txt b/install/debian/8/templates/web/skel/public_shtml/robots.txt similarity index 100% rename from install/rhel/templates/web/skel/public_shtml/robots.txt rename to install/debian/8/templates/web/skel/public_shtml/robots.txt diff --git a/install/rhel/templates/web/suspend/.htaccess b/install/debian/8/templates/web/suspend/.htaccess similarity index 100% rename from install/rhel/templates/web/suspend/.htaccess rename to install/debian/8/templates/web/suspend/.htaccess diff --git a/install/debian/8/templates/web/suspend/index.html b/install/debian/8/templates/web/suspend/index.html new file mode 100755 index 000000000..9d4fa67b3 --- /dev/null +++ b/install/debian/8/templates/web/suspend/index.html @@ -0,0 +1,27 @@ + + + SUSPEND + + + + + + +

SUSPEND

+

This site has been suspended

+
+ Please contact technical support departament. +
+ + + diff --git a/install/rhel/templates/web/webalizer/webalizer.tpl b/install/debian/8/templates/web/webalizer/webalizer.tpl similarity index 100% rename from install/rhel/templates/web/webalizer/webalizer.tpl rename to install/debian/8/templates/web/webalizer/webalizer.tpl diff --git a/install/ubuntu/vsftpd.conf b/install/debian/8/vsftpd/vsftpd.conf similarity index 100% rename from install/ubuntu/vsftpd.conf rename to install/debian/8/vsftpd/vsftpd.conf index 9c3c2742f..0902899e7 100644 --- a/install/ubuntu/vsftpd.conf +++ b/install/debian/8/vsftpd/vsftpd.conf @@ -5,9 +5,9 @@ local_umask=002 anon_upload_enable=NO dirmessage_enable=YES xferlog_enable=YES -dual_log_enable=YES connect_from_port_20=YES xferlog_std_format=YES +dual_log_enable=YES chroot_local_user=YES listen=YES pam_service_name=vsftpd diff --git a/install/debian/apache2.readme.txt b/install/debian/apache2.readme.txt deleted file mode 100644 index b8d05cbe1..000000000 --- a/install/debian/apache2.readme.txt +++ /dev/null @@ -1,11 +0,0 @@ -# -# _| _| _|_|_|_| _|_|_| _|_|_|_|_| _|_| -# _| _| _| _| _| _| _| -# _| _| _|_|_| _|_| _| _|_|_|_| -# _| _| _| _| _| _| _| -# _| _|_|_|_| _|_|_| _| _| _| -# -# -# Server is manager by Vesta Control Panel. -# See /etc/apache2/conf.d/vesta.conf to get a full list of running vhosts. -# diff --git a/install/debian/certificate.crt b/install/debian/certificate.crt deleted file mode 100644 index 4a3230ac2..000000000 --- a/install/debian/certificate.crt +++ /dev/null @@ -1,22 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDqjCCApICCQCBAQdAxoNnAjANBgkqhkiG9w0BAQUFADCBljELMAkGA1UEBhMC -VVMxFjAUBgNVBAgMDU1hc3NhY2h1c2V0dHMxEzARBgNVBAcMClN3YW1wc2NvdHQx -EDAOBgNVBAoMB1Zlc3RhQ1AxCzAJBgNVBAsMAklUMRowGAYDVQQDDBFwYW5lbC52 -ZXN0YWNwLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B2ZXN0YWNwLmNvbTAeFw0x -MzA5MjMwNzA0NDVaFw0xNDA5MjMwNzA0NDVaMIGWMQswCQYDVQQGEwJVUzEWMBQG -A1UECAwNTWFzc2FjaHVzZXR0czETMBEGA1UEBwwKU3dhbXBzY290dDEQMA4GA1UE -CgwHVmVzdGFDUDELMAkGA1UECwwCSVQxGjAYBgNVBAMMEXBhbmVsLnZlc3RhY3Au -Y29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHZlc3RhY3AuY29tMIIBIjANBgkqhkiG -9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvu84meigHrwPmzEbFpKe/o8FTKwO5w1VL0HU -ILVW5EBGT76VEBqpWC+x0QrChHit14FV7m+hZRvhhkulXrknChTTNA500EVNZ5Wb -UpDWezZDivTKAHzzq0aUwKB230Tz+k3j+duBcbzwFwirnDXb5dE5RqzBOhiIvDw9 -mjP66UyH8RxFF+pTAPlcF18zWak7KnaDreyGknzy7m+Zqs07uLnb0wTgcwIcqREP -eqgw0E8xrEdjz1N9HIvxi+glfnjNgHja3cCYhe9ZCpDDr9ERXrEcULrqRuch6Zfv -QKoscG4dankbq0V4DfpMBYMTvFvFLLp/uWvwLjunzfu37XmBLQIDAQABMA0GCSqG -SIb3DQEBBQUAA4IBAQBl+GF4Ii+7cW0tWVTsDh0Kw+rjc9bEA0eF4p3LBLEsFRkP -Yeqp2t0g8RTAAiq3OyUWYISzOX8xu0i56/3jUFazABBjz0P0w2A0BfRZS5TAEwxJ -TS9zAgobBuLtTh3FDJJIRXLJOKLJZVUmi6D+8QIQVOox0925tMIxGc9CxLK05bIc -HUYdHsn1gDwmTWem/XED559eWV/vGnvf3Ea0EHU76kTQaLPkul2y8BTbbLaHSw96 -1xFc8x9gqxWTT70YmBpZIApmSzvOGVXqTduMY/CeEbmigo1/1i2YMVjePFEDYnmE -/f6rNQrtM9kgtE+glWdA7zHlaigKl3SVof1ETStB ------END CERTIFICATE----- diff --git a/install/debian/certificate.key b/install/debian/certificate.key deleted file mode 100644 index eb913d684..000000000 --- a/install/debian/certificate.key +++ /dev/null @@ -1,27 +0,0 @@ ------BEGIN RSA PRIVATE KEY----- -MIIEowIBAAKCAQEAvu84meigHrwPmzEbFpKe/o8FTKwO5w1VL0HUILVW5EBGT76V -EBqpWC+x0QrChHit14FV7m+hZRvhhkulXrknChTTNA500EVNZ5WbUpDWezZDivTK -AHzzq0aUwKB230Tz+k3j+duBcbzwFwirnDXb5dE5RqzBOhiIvDw9mjP66UyH8RxF -F+pTAPlcF18zWak7KnaDreyGknzy7m+Zqs07uLnb0wTgcwIcqREPeqgw0E8xrEdj -z1N9HIvxi+glfnjNgHja3cCYhe9ZCpDDr9ERXrEcULrqRuch6ZfvQKoscG4dankb -q0V4DfpMBYMTvFvFLLp/uWvwLjunzfu37XmBLQIDAQABAoIBAF59YsSAJCWxqgOC -dMZh/z85JkVAbQuZRIvjhwg81eiVinZSedCDcUUMLXKnYYZPdrDM9+rM4dF4z843 -R3quJIzPq4n6kYK0mU7m8fwVY5+MRjbRV9qP+8LKZjlB8DIkHJ3FyEnRgKj5+NNd -Xhgra0y7kx3Pxrxqgdit80qJ6OVlN2gsMjUcDBhqQev9Xs8cKYjYc1uPtFw14B2G -5fsNE8cHJA+hH/aym7xTaEQlz/JOKn2GsH/dOhm3RM2QygdyrVOBBj6rKSi03LMb -7QOkDvZ3nBltxQKOqs2PkYyEAdqR4dMZIPNxye/k21iVovLeMVe4lG7BmNOD6XwB -+TOhYh0CgYEA9WyUeSNPP309Br65wg61GdapWmQIaj7HSZE06BWhp82PPwHaF1yY -p9hWgo6fDxwHiTSLeUqEPXJMaPG+RxvYFc7Lc3JjOKU4ezR9fqz01LLtWXHVVT/x -RZuogMyaDhIjhwMyu4mybpUMkBQ/B3DFufrzTv0y8ljAc0nlFsuXaPMCgYEAxymI -btxZFGES6UNG7ldEaihll9MpP22/VghUeAaia0qgnXlYkbngIIhGpGJUkvZ2pduE -tfw2S20k38qvrWXx/NhLxmiVSIvq5TFi/22dfT20kfrdCcnkrp/tRpeR72IrQ6Kx -+6l7QHV5Gjcc4rvNc8mw7itVu+StgCYx+koD9V8CgYA8sThaaLf9XGxOEbaAXgC9 -Pg+tcdV+6L2B3O33gvnyNGx7SWr0ogqCX4atTLXbF7RpYtwnB52CUJTC0x2aGjGq -2vQHPb95z6oTFdz/CaiWPRVjLDp0lZaF/0OBbpeeaS/uAIV4SUod/LAZpVgc7++F -2aB35TfHJNma6ShFJd3wrwKBgBH444DtjXRTVjuKgKodYeUahCBxQ7Wfl7aRxd2W -66027MuJGb78wQbuhUFsRimE6CwLZSxu+A9SaBNx3OyO2Ilyk1PyOBZ12dqY3FAk -eiPFH7hUpQGvIF3JvMW0A81QVIsj8V++aYrljuoYsxiaze128+pqKrBr8GQyDiyB -5V2NAoGBAIPWovM20cbx6LpEuFN5Pmkl500F6sTc8F3DQVRe3JhwVhqHQXv7tUE1 -VHMqpMybUQin8q/RXvJ0vr2sQEe2fVC2a0FWJTqww1eMwu1V9ppUJAfXfaYWY+XJ -4d3myajakr0Eh3ia+IrSBcMRJ2sD3sL5KQC6jbD0R8odex4syiu2 ------END RSA PRIVATE KEY----- diff --git a/install/debian/dovecot.conf b/install/debian/dovecot.conf deleted file mode 100644 index 005e97aaa..000000000 --- a/install/debian/dovecot.conf +++ /dev/null @@ -1,28 +0,0 @@ -protocols = imap pop3 -listen = *, :: -base_dir = /var/run/dovecot/ -!include conf.d/*.conf - - namespace { - type = private - separator = / - prefix = - inbox = yes - - mailbox Sent { - auto = subscribe - special_use = \Sent - } - mailbox Drafts { - auto = subscribe - special_use = \Drafts - } - mailbox Trash { - auto = subscribe - special_use = \Trash - } - mailbox Junk { - auto = subscribe - special_use = \Junk - } - } diff --git a/install/debian/freshclam.conf b/install/debian/freshclam.conf deleted file mode 100644 index 5e6ca56c1..000000000 --- a/install/debian/freshclam.conf +++ /dev/null @@ -1,27 +0,0 @@ -# Automatically created by the clamav-freshclam postinst -# Comments will get lost when you reconfigure the clamav-freshclam package - -DatabaseOwner clamav -UpdateLogFile /var/log/clamav/freshclam.log -LogVerbose false -LogSyslog false -LogFacility LOG_LOCAL6 -LogFileMaxSize 0 -LogTime true -Foreground false -Debug false -MaxAttempts 5 -DatabaseDirectory /var/lib/clamav -DNSDatabaseInfo current.cvd.clamav.net -AllowSupplementaryGroups false -PidFile /var/run/clamav/freshclam.pid -ConnectTimeout 30 -ReceiveTimeout 30 -TestDatabases yes -ScriptedUpdates yes -CompressLocalDatabase no -Bytecode true -# Check for new database 24 times a day -Checks 24 -DatabaseMirror db.local.clamav.net -DatabaseMirror database.clamav.net diff --git a/install/debian/nginx.readme.txt b/install/debian/nginx.readme.txt deleted file mode 100644 index e5db79e79..000000000 --- a/install/debian/nginx.readme.txt +++ /dev/null @@ -1,11 +0,0 @@ -# -# _| _| _|_|_|_| _|_|_| _|_|_|_|_| _|_| -# _| _| _| _| _| _| _| -# _| _| _|_|_| _|_| _| _|_|_|_| -# _| _| _| _| _| _| _| -# _| _|_|_|_| _|_|_| _| _| _| -# -# -# Server is manager by Vesta Control Panel. -# See /etc/nginx/conf.d/vesta.conf to get a full list of running vhosts. -# diff --git a/install/debian/sudoers.conf b/install/debian/sudoers.conf deleted file mode 100644 index efe9ce9c9..000000000 --- a/install/debian/sudoers.conf +++ /dev/null @@ -1,32 +0,0 @@ -# -# This file MUST be edited with the 'visudo' command as root. -# -# Please consider adding local content in /etc/sudoers.d/ instead of -# directly modifying this file. -# -# See the man page for details on how to write a sudoers file. -# -Defaults env_reset -Defaults mail_badpass -Defaults secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" -Defaults env_keep="VESTA" -Defaults:admin !requiretty - -# Host alias specification - -# User alias specification - -# Cmnd alias specification - -# User privilege specification -root ALL=(ALL:ALL) ALL - -# Members of the admin group may gain root privileges -%admin ALL=(ALL) ALL - -# Allow members of group sudo to execute any command -%sudo ALL=(ALL:ALL) ALL - -# See sudoers(5) for more information on "#include" directives: - -#includedir /etc/sudoers.d diff --git a/install/debian/vesta.conf b/install/debian/vesta.conf deleted file mode 100644 index 6c148bd17..000000000 --- a/install/debian/vesta.conf +++ /dev/null @@ -1,24 +0,0 @@ -WEB_SYSTEM='apache2' -WEB_RGROUPS='www-data' -WEB_PORT='8080' -WEB_SSL='mod_ssl' -WEB_SSL_PORT='8443' -PROXY_SYSTEM='nginx' -PROXY_PORT='80' -PROXY_SSL_PORT='443' -FTP_SYSTEM='vsftpd' -MAIL_SYSTEM='exim4' -IMAP_SYSTEM='dovecot' -ANTIVIRUS_SYSTEM='clamav-daemon' -ANTISPAM_SYSTEM='spamassassin' -DB_SYSTEM='mysql' -DNS_SYSTEM='bind9' -STATS_SYSTEM='webalizer,awstats' -BACKUP_SYSTEM='local' -CRON_SYSTEM='cron' -DISK_QUOTA='no' -FIREWALL_SYSTEM='iptables' -FIREWALL_EXTENSION='fail2ban' -REPOSITORY='cmmnt' -VERSION='0.9.8' -LANGUAGE='en' diff --git a/install/debian/whmcs-module.php b/install/debian/whmcs-module.php deleted file mode 100644 index 1cb250611..000000000 --- a/install/debian/whmcs-module.php +++ /dev/null @@ -1,359 +0,0 @@ - array( "Type" => "text", "Default" => "default"), - "SSH Access" => array( "Type" => "yesno", "Description" => "Tick to grant access", ), - "IP Address (optional)" => array( "Type" => "text" ), - ); - return $configarray; - -} - -function vesta_CreateAccount($params) { - - // Execute only if there is assigned server - if ($params["server"] == 1) { - - // Prepare variables - $postvars = array( - 'user' => $params["serverusername"], - 'password' => $params["serverpassword"], - 'hash' => $params["serveraccesshash"], - 'cmd' => 'v-add-user', - 'arg1' => $params["username"], - 'arg2' => $params["password"], - 'arg3' => $params["clientsdetails"]["email"], - 'arg4' => $params["configoption1"], - 'arg5' => $params["clientsdetails"]["firstname"], - 'arg6' => $params["clientsdetails"]["lastname"], - ); - $postdata = http_build_query($postvars); - - // Create user account - $curl = curl_init(); - curl_setopt($curl, CURLOPT_URL, 'https://' . $params["serverhostname"] . ':8083/api/'); - curl_setopt($curl, CURLOPT_RETURNTRANSFER,true); - curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false); - curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false); - curl_setopt($curl, CURLOPT_POST, true); - curl_setopt($curl, CURLOPT_POSTFIELDS, $postdata); - $answer = curl_exec($curl); - - logModuleCall('vesta','CreateAccount_UserAccount','https://'.$params["serverhostname"].':8083/api/'.$postdata,$answer); - - // Enable ssh access - if(($answer == 'OK') && ($params["configoption2"] == 'on')) { - $postvars = array( - 'user' => $params["serverusername"], - 'password' => $params["serverpassword"], - 'hash' => $params["serveraccesshash"], - 'cmd' => 'v-change-user-shell', - 'arg1' => $params["username"], - 'arg2' => 'bash' - ); - $postdata = http_build_query($postvars); - $curl = curl_init(); - curl_setopt($curl, CURLOPT_URL, 'https://' . $params["serverhostname"] . ':8083/api/'); - curl_setopt($curl, CURLOPT_RETURNTRANSFER,true); - curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false); - curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false); - curl_setopt($curl, CURLOPT_POST, true); - curl_setopt($curl, CURLOPT_POSTFIELDS, $postdata); - $answer = curl_exec($curl); - - logModuleCall('vesta','CreateAccount_EnableSSH','https://'.$params["serverhostname"].':8083/api/'.$postdata,$answer); - } - - // Add domain - if(($answer == 'OK') && (!empty($params["domain"]))) { - $postvars = array( - 'user' => $params["serverusername"], - 'password' => $params["serverpassword"], - 'hash' => $params["serveraccesshash"], - 'cmd' => 'v-add-domain', - 'arg1' => $params["username"], - 'arg2' => $params["domain"], - 'arg3' => $params["configoption3"], - ); - $postdata = http_build_query($postvars); - $curl = curl_init(); - curl_setopt($curl, CURLOPT_URL, 'https://' . $params["serverhostname"] . ':8083/api/'); - curl_setopt($curl, CURLOPT_RETURNTRANSFER,true); - curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false); - curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false); - curl_setopt($curl, CURLOPT_POST, true); - curl_setopt($curl, CURLOPT_POSTFIELDS, $postdata); - $answer = curl_exec($curl); - - logModuleCall('vesta','CreateAccount_AddDomain','https://'.$params["serverhostname"].':8083/api/'.$postdata,$answer); - } - } - - if($answer == 'OK') { - $result = "success"; - } else { - $result = $answer; - } - - return $result; -} - -function vesta_TerminateAccount($params) { - - // Execute only if there is assigned server - if ($params["server"] == 1) { - - // Prepare variables - $postvars = array( - 'user' => $params["serverusername"], - 'password' => $params["serverpassword"], - 'hash' => $params["serveraccesshash"], - 'cmd' => 'v-delete-user', - 'arg1' => $params["username"] - ); - $postdata = http_build_query($postvars); - - // Delete user account - $curl = curl_init(); - curl_setopt($curl, CURLOPT_URL, 'https://' . $params["serverhostname"] . ':8083/api/'); - curl_setopt($curl, CURLOPT_RETURNTRANSFER,true); - curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false); - curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false); - curl_setopt($curl, CURLOPT_POST, true); - curl_setopt($curl, CURLOPT_POSTFIELDS, $postdata); - $answer = curl_exec($curl); - } - - logModuleCall('vesta','TerminateAccount','https://'.$params["serverhostname"].':8083/api/'.$postdata,$answer); - - if($answer == 'OK') { - $result = "success"; - } else { - $result = $answer; - } - - return $result; -} - -function vesta_SuspendAccount($params) { - - // Execute only if there is assigned server - if ($params["server"] == 1) { - - // Prepare variables - $postvars = array( - 'user' => $params["serverusername"], - 'password' => $params["serverpassword"], - 'hash' => $params["serveraccesshash"], - 'cmd' => 'v-suspend-user', - 'arg1' => $params["username"] - ); - $postdata = http_build_query($postvars); - - // Susupend user account - $curl = curl_init(); - curl_setopt($curl, CURLOPT_URL, 'https://' . $params["serverhostname"] . ':8083/api/'); - curl_setopt($curl, CURLOPT_RETURNTRANSFER,true); - curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false); - curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false); - curl_setopt($curl, CURLOPT_POST, true); - curl_setopt($curl, CURLOPT_POSTFIELDS, $postdata); - $answer = curl_exec($curl); - } - - logModuleCall('vesta','SuspendAccount','https://'.$params["serverhostname"].':8083/api/'.$postdata,$answer); - - if($answer == 'OK') { - $result = "success"; - } else { - $result = $answer; - } - - return $result; -} - -function vesta_UnsuspendAccount($params) { - - // Execute only if there is assigned server - if ($params["server"] == 1) { - - // Prepare variables - $postvars = array( - 'user' => $params["serverusername"], - 'password' => $params["serverpassword"], - 'hash' => $params["serveraccesshash"], - 'cmd' => 'v-unsuspend-user', - 'arg1' => $params["username"] - ); - $postdata = http_build_query($postvars); - - // Unsusupend user account - $curl = curl_init(); - curl_setopt($curl, CURLOPT_URL, 'https://' . $params["serverhostname"] . ':8083/api/'); - curl_setopt($curl, CURLOPT_RETURNTRANSFER,true); - curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false); - curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false); - curl_setopt($curl, CURLOPT_POST, true); - curl_setopt($curl, CURLOPT_POSTFIELDS, $postdata); - $answer = curl_exec($curl); - } - - logModuleCall('vesta','UnsuspendAccount','https://'.$params["serverhostname"].':8083/api/'.$postdata,$answer); - - if($answer == 'OK') { - $result = "success"; - } else { - $result = $answer; - } - - return $result; -} - -function vesta_ChangePassword($params) { - - // Execute only if there is assigned server - if ($params["server"] == 1) { - - // Prepare variables - $postvars = array( - 'user' => $params["serverusername"], - 'password' => $params["serverpassword"], - 'hash' => $params["serveraccesshash"], - 'cmd' => 'v-change-user-password', - 'arg1' => $params["username"], - 'arg2' => $params["password"] - ); - $postdata = http_build_query($postvars); - - // Change user package - $curl = curl_init(); - curl_setopt($curl, CURLOPT_URL, 'https://' . $params["serverhostname"] . ':8083/api/'); - curl_setopt($curl, CURLOPT_RETURNTRANSFER,true); - curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false); - curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false); - curl_setopt($curl, CURLOPT_POST, true); - curl_setopt($curl, CURLOPT_POSTFIELDS, $postdata); - $answer = curl_exec($curl); - } - - logModuleCall('vesta','ChangePassword','https://'.$params["serverhostname"].':8083/api/'.$postdata,$answer); - - if($answer == 'OK') { - $result = "success"; - } else { - $result = $answer; - } - - return $result; -} - -function vesta_ChangePackage($params) { - - // Execute only if there is assigned server - if ($params["server"] == 1) { - - // Prepare variables - $postvars = array( - 'user' => $params["serverusername"], - 'password' => $params["serverpassword"], - 'hash' => $params["serveraccesshash"], - 'cmd' => 'v-change-user-package', - 'arg1' => $params["username"], - 'arg2' => $params["configoption1"] - ); - $postdata = http_build_query($postvars); - - // Change user package - $curl = curl_init(); - curl_setopt($curl, CURLOPT_URL, 'https://' . $params["serverhostname"] . ':8083/api/'); - curl_setopt($curl, CURLOPT_RETURNTRANSFER,true); - curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false); - curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false); - curl_setopt($curl, CURLOPT_POST, true); - curl_setopt($curl, CURLOPT_POSTFIELDS, $postdata); - $answer = curl_exec($curl); - } - - logModuleCall('vesta','ChangePackage','https://'.$params["serverhostname"].':8083/api/'.$postdata,$answer); - - if($answer == 'OK') { - $result = "success"; - } else { - $result = $answer; - } - - return $result; -} - -function vesta_ClientArea($params) { - - $code = '
- - - - -
'; - return $code; - -} - -function vesta_AdminLink($params) { - - $code = '
- - - -
'; - return $code; - -} - -function vesta_LoginLink($params) { - - echo "control panel"; - -} - -function vesta_UsageUpdate($params) { - - // Prepare variables - $postvars = array( - 'user' => $params["serverusername"], - 'password' => $params["serverpassword"], - 'hash' => $params["serveraccesshash"], - 'cmd' => 'v-list-users', - 'arg1' => 'json' - ); - $postdata = http_build_query($postvars); - - // Get user stats - $curl = curl_init(); - curl_setopt($curl, CURLOPT_URL, 'https://' . $params["serverhostname"] . ':8083/api/'); - curl_setopt($curl, CURLOPT_RETURNTRANSFER,true); - curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false); - curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false); - curl_setopt($curl, CURLOPT_POST, true); - curl_setopt($curl, CURLOPT_POSTFIELDS, $postdata); - $answer = curl_exec($curl); - - // Decode json data - $results = json_decode($answer, true); - - // Loop through results and update DB - foreach ($results AS $user=>$values) { - update_query("tblhosting",array( - "diskusage"=>$values['U_DISK'], - "disklimit"=>$values['DISK_QUOTA'], - "bwusage"=>$values['U_BANDWIDTH'], - "bwlimit"=>$values['BANDWIDTH'], - "lastupdate"=>"now()", - ),array("server"=>$params['serverid'], "username"=>$user)); - } - -} - -?> diff --git a/install/rhel/5/GPG.txt b/install/rhel/5/GPG.txt new file mode 100644 index 000000000..33bb1ff26 --- /dev/null +++ b/install/rhel/5/GPG.txt @@ -0,0 +1,30 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- +Version: GnuPG v1.4.5 (GNU/Linux) + +mQGiBExUOVkRBACPJeB3bdrAggHlFpkaB1aRDXDz7clRg6jyEzdMYHhrniSyjhAH ++b53zE4iapCHFIamEG2Fa7zS2lSx7068AmqHsZK5jwmyhTVVYuTtbebj1C4Y5ToW +icHhy4ullB7qeDmAod6EY4YSx2kYO3dR/QLk5QM4lWuV/OLdXWTeoKiiYwCg0UAP +yUkBXgNcKXrFqoJelmG3JEMEAIYM7CGwVd47FsM1UCu56HNQPErxLoUPBUlAQFtx +OMOFDMEm7qH7ve8FgGGRL9oHF7mSJ3y7HgM1BF5MHkKz6FjDrT1U5+Lub6oI2e90 +gfCMGlQAzUm9o+fijfbhKoEQ/xQRkUoqWEaf9zlFx1/4+NH+Qz/L8ZDTHvSLvUgt +HyZlA/916St5suAUugXu9PeLRVqboiHjhz0JWKneQEQ2QcTu8lhHsu/mZTWL9FYn +XwtiCJLZT8bpBSfl8Oeqhof1+sPgnv7t/LuKQ6JJmyJ46Sa453wfrs+xs32hKAe+ +ZN0VGBmHe7NhuhW/LdM0KMMr/LHuJJJAgmt+XVHi2RFwsZvdMbQkVmVzdGEgUGFj +a2FnZXMgPGJ1aWxkZXJAdmVzdGFjcC5jb20+iGAEExECACAFAkxUOVkCGwMGCwkI +BwMCBBUCCAMEFgIDAQIeAQIXgAAKCRBbjeFzoXeCtp6dAKDQfeTPHi6hCgg4L+sx +LEjXvVdLOwCfe9yfr+en+uz6qst0QBT2cAwB+q+5Ag0ETFQ5bBAIAJYZa9pV9l/R +OUFgIvdJd1mvzJpRAXsRBBJc22WuOHp22Uj+lMKrJMTRQZvFBvk9s7Mb1/ACXrL4 +vIbsKqXNAlVFp9kF1tKV2ejZ1MrJaQ4819bIkyG0lJzjl6u9lzJopF7ie00YHKC6 +1rltLaevfFjUXq1DoYZBg42hT/SOj+3+2D0e9qcxeuxXbsjnvwtxxUkWcP/ftOSt +HsAAbM1YtwGl9+fZLWG9+WIKNOE9kp+h2ywZtFA4v/Ms2op7oZGAL7C95k1EgLrH +mOZ0B2oKOLctV1z9keWksPN/osyG7Mg8ljv8zF3XwQFqHOHRntDqSWoFBMvJBkNS +vtm6u5WyKd8ABAsH/0RbeWVA+JqpZ24Rl57XoDRPRzno0m0EnkJMXr22uBq1lPg8 +VkadrGOshFXpM3Rho57f3U7fwKmShQXGEV7RHsWcxcfwOSKVJtI468sDuYXc2l1f +5nFo+rCtVh3BBq+JtZFKX0x53BesCT/M7l33Dfm9MDi34tEdPTPjumBIH1dowYdv +9/2HPlPp4NZte7gOO/VIAiS+jJ30aBn09t8duW5md7/rkOPIM5It05LGCLjb9hVm +R9zTwzw30fIrkeyWZdAbk76lH8u8j6PX30U6RRzb33+XIFR4ab3nlyqOQOpoTqyG +cs7B02sgBbyC+RG1EYfcelSEvLXkR8mjcqjs+MCISQQYEQIACQUCTFQ5bAIbDAAK +CRBbjeFzoXeCtlpcAKDLh59svtq/Gn99O9ZZw0nBjWv6sACfffDxPhCP1F852Jab +d8P1WGhr2Q8= +=Z1Jj +-----END PGP PUBLIC KEY BLOCK----- diff --git a/install/rhel/clamd.conf b/install/rhel/5/clamav/clamd.conf similarity index 100% rename from install/rhel/clamd.conf rename to install/rhel/5/clamav/clamd.conf diff --git a/install/rhel/5/clamav/clamd.service b/install/rhel/5/clamav/clamd.service new file mode 100644 index 000000000..fdb3af7fd --- /dev/null +++ b/install/rhel/5/clamav/clamd.service @@ -0,0 +1,12 @@ +[Unit] +Description = clamd scanner (clamd) daemon +After = syslog.target nss-lookup.target network.target + +[Service] +Type = simple +ExecStart = /usr/sbin/clamd -c /etc/clamd.conf --nofork=yes +Restart = on-failure +PrivateTmp = true + +[Install] +WantedBy=multi-user.target diff --git a/install/rhel/freshclam.conf b/install/rhel/5/clamav/freshclam.conf similarity index 100% rename from install/rhel/freshclam.conf rename to install/rhel/5/clamav/freshclam.conf diff --git a/install/rhel/5/dovecot.tar.gz b/install/rhel/5/dovecot.tar.gz new file mode 100644 index 0000000000000000000000000000000000000000..430dbc3488efdf225540151192da124cfe4a7dfe GIT binary patch literal 439 zcmV;o0Z9HIiwFRS|Atin1MSnzZrmUc0AQba3NCw0@XyAnD)kNe0J&K#jI(I@vG{Qk zMf>gnoVJ@wlS88_(tHPF4>K%`Sm{;}E?x^~=jM~N*|^`=@pimybf7<|GJL6zKo_?R^%016_tV1T zF(0Je%*|Eh)#F zl9GCwoi{w@_^$nSm&#)$W$9@Je{iAf@Cm{eN&&p(1}=(zCQ|39gqbHD=`*330deG3 z1yg!k_e^uYl&zBs4?!O4@F1^h8@8%~`}~wxuTARL6y2nPhr4Iv~U zB#xc@9}YYa(SP=cD*BFxnQ}lO&fr*AX55sUj%d z@|p4VybYq+GSxU`f699Rql5~f{Za)amoOdBLP3eXtOqNez7 z*0+Ly($$$64+$lhZeD#>Vbnujr{k%xU=Dg4L_ugTpSt0PuV%4p#xNf~??;DC1_*R7 z5BT|$w~LF5SHLyxzw#;%q~j(qrvwO)7ZM4q9uRCuq<~<@KY7IF6(7gf0K{?{9AC$A zIvmI5nG6sH9LMGv%MEaR8$fKHdvF|^ckKNJaC{d)tbPZ__W;D|4{&_{FUP}{A2z-t z9H+fo1MdCR2 z*|0nw$H@W2+P}qdY@Gu6#H+w@%D)_62FJ0l3b4ml1`vCHY+eC-d}AEPz7s5W#BoLd zff(?g0|-1nArpXD|F-~Q{VxHCwa2apyfZ=;0I_=P9s-b%6{r7><7|I9fhLY$`HKV( z0mR;)1E;sdaZVg}#&LcCfp`d9a9kQdU>$;g@`Zg)ARdB$@+JG16QTgb#*15*Crmxj**UJOcA1>^SZVAfO|`#!sXM`gi{YNr1#bH@z@u7}x-2Z4a|S zxPg(*Xz)!Z31#s9G2pYXih9fg61 z(Y0C)baAnUhzq;edWi`m5pZWT%mwXihp@&7JELs?lRrb_j{iu0u!@_Tg$)^5Nin#Qc4Djgu|tgP`J3H7*Z6VQr6-SaTz2;N?Jw=3W7+; zh)aq}SRl>={7V4Q(xqb^$sT@ZI?@<8J}*|JzC6 zKbG;IjAHAb64-FsSov>#&=a>ZXUD&WP>>$V+7^az02^Uowodj4u)HJ8?eC?sjUx>8FI%zyfvxEO zz!m}$`m=8xP}cuE&_6i=yE%hh5Y8?R2r%5)i4OxtIl*CY4+I(m>@x>%U=px!1X6=? zvH`oH92~rXd$|Lh$PtA`JEI*?ZWuSf2mGfTFbFpcU?+_2Pvn2i{_ndJ>%|YG3A>>Y zaImvGMgVLD>}z+lgB!4h9tv9nU>MlV8)#!*K>TPl&`E$U_unoDc-(@a;eZ(&@B-p@ z!&>r5@cm;A2HMo0)&@pm%SRY+&~idyP{8ZPHQPVU?9Q#5x?t>C3K(R-_vt?hUQXZz zUd~f|K=1$|0|a|s_%mq#^mP#FpJMz!2Wg=EvEQ9P=P!ag26{q3PZiR+c~1!2Z2#_? zf2Zxw%%24Qhdm`E0m61h5d_9s#Kj&Z0&Er`8y6dqzcbhl{O6k>3z0tX)vfAR8Z)3rOalCi%Bl0#)*7kN)YOLN-p=kKg}e0Qvg+ zoB-m1RE*TLw1Bp40~CoZ7=!S_;HLgu!co}Q34Fr-ANTves{R~$FD_1%0Sj8r2yCwb z2Ei9UZ?|vS@y-`=tovLehvvGI#SoTH^U3REcvhv8Jyw?+z36zrc$4=_?%*%pzUY%l z5+HLJFPb)@+xk9@$TVK*jIsHddQGN5xiC_cuR(N~MIGzYk6p)4#19d}{5_ zl{|BIN*GzayFNeEUL2=?;QSN+Wlr#Dxe@8zxk0N+{sZ5wOrK(ZjP;9`g=wR|E}yc0 zy*-&PC8tq52ldHB7u*xId}iq6E+}=7IJ;{g9e5F9c)VynYj$Zr`?SW@;7266Q2R>@ z8rFTM4gEqk}0&!Lo-`p8J-~ey9H|;{%%8ekJD2X$l)l4vN>G)9fF8*_rqx zC*aWo%QmszzPCKKX52fxptv;p6>WIEzrV3E*;CE1F_rO0gMxgk(C?okdwo?cyEzJ< z1TT^25;dOr*z1`(1gTMUM!qye6O2^jPoe) zsb`-qh}gB2*$VS`+@vY>wN3DD*LddK!KYfk{Gw`|{rpLfd#+xmy*D0GIX&Mf7={f9 zK71L}RU-QE=Ecvwub8p-^A+iRk8HZew)TVjZ^w^W z{uY1i&F=N}%b4Av&mm$zf3|dSV}E-IExVcU{L7u*2NsS|xARA1sw|idFZ}8^OCNY` zAY~LTKYZD~7_s1VzD`}cKee{u2X&m8BOEP<9V3Uuo%=%)Zck6GBhkNSj^Gi~JLB7G!BWvQN zvmkQR{O1||n~z@)5squZvI@s1U+rAbj!bFQ5p!Al1AeU;X_?ZdbfMy}G#0 zv%bu8yk@75_i*qhV(WqPn6rMtXGFcnal^b1M?7cUVUwd!a?H`%&0V{5EAzcj=j5WD zukzbPzejsL+&m3w>$M$6)BEI7_iRtMb`PJW>aFCuT}*zM`6SH2Tph&VcH(%CQ)IS! zrF(03r)KWne%ruHeUhN+;GaW{^g+E_D+tHl9~rJ8G!rW~3WdL!o>feIJPd!afO_mP z`aLq8ZME|ATNcw9&0OP@3g(wFZ%nd}TwKqGB7_B7dZkvYOtue^4wo?-FMdvYxPOiK ziDpbj)|m=FWMaE}IJ%E`fAI18{`mCo;VrEKbBYffBn_9IM0g*UO3AW*GS)M#7a`tg zpFAnzu%OvEJTe*Z=;tfaIcL$=Tt-(T=S5B?S6qLMRp`eTUpprcd6ZgY(NL*5T4(oq zve<+33BqDia^Z=GnDxcE3HcP7o$Z_d=pz3y^YhToki!HS zG&b5fiwdG*E?8ZSkea{jkv^-H{dk*sooN4b+1U7($bNO(iW3C$*-P$*T&AGs+z;~M z`V=Jz3+>tJ-y1`(4nI6o5Zuq$h-&jFsR=c24;n0>J)RdX-aHhSm3bgu4fCe&>7Sav zz8q3Cd1W%l*LhTU*XxcfqFp5Bk_|0$+v=kq(y|sbbH5Va?q7;<{?g_>EX$$sWyKxw zNOU@C)hxlZo>CiOem$G*uG!;qt|I*GDWjD3>D`Pn7mmwuhie;4Z&)O+`*VfneA)Kd zVyum*T07=!a}c8|ntJTHU7zHid(UG0*YULT;`0{&is@8lo(n7Yd?i=KC%>m%*QIoZ zew>xf%M0yU9K6Y`^LM-K`}0*X{_Aw6lkhrCx=XJYMZT-;yt$D2{q@4SVQZIj%${*d zqd!e?nnF0zo0ct}bJvAQ_UYv%ffvxl4wkO!h3X51QljdXwIRz3iYG7Bj@!k;O`kB5 zms>8@1uAs+|GYuEWx^uAi;AWBd=tiWJ2dC%{RS7)TfA0j49``*%W@AvJ8!p=Fl1X_ zP*fkP^?E*wNk1deKjumGa*}f@S$Wr#tsAj0`*SIR8o$r%0_N8P^fmR{|<%qL;*e&$m4IEx83wxqx%T@OSmdG3-A z^+YKVh}voj3rF~-UnE^g%JsO)3{$zW^@_kVm;UFondOq{OlZ%g%>nBRraBKFQNi;= z_O|}-0wcb$EhkEi`yo^b>{&zZK~%r0Q6*E)`>a@5kL;FZ!KH?l>X58{8;zEz*j9Z4 z=jD$cON0%u-_R3h`w|n{ZzP{dSA1JiI}(W?37qOX`AQ)Ja$=JD6+M@ab++AJ@tL*K zL5Sq1x|-z(!k))Uo8cv3PLs+#kfmE}cDtKXk<9&Dg;8}=E3Cik<>41c&cvr9ay*$% z?u8ALLkk?|<+21iQ~{iE55%-(7G;lW3_sQ4x4?{}i>??`e{Jb5U{?^c<65<(T^S^P z_BoHJREei*H8Mx37rHo{z8?Y2bfkbK+NVLUS4okjPU8DJzG-uP?}bkhNz4nqVR?buXhFqMti4yy2UvF=X~EuS`7yCl|Ejn=k_wt5quL>e7&waT6>CbehOBetr;(sR zJoj!a?c!;X1T`(LSN3P2ZQP6w7@8V7<59@!6fN732a7SOG7X{9(jV1YSV&4mD<8iv zd4Bb|SusDe%TtwCn(tK@tQ-PL1)Y?5q(TdlquCWz!&MbmVWHD_)OiFw?{vjntc{AHq#dQ^eV#vZ^6x6lMqG#NsLZ?aIOzr$yv#&M0t~~1pvE@c zHM~BsYj~2Nnw9H&6r?BiBhoLpDJii3slE-%LIGU>)q7d^GGS_XKlBr&4BGCx0;wKN zPogxG_;dIQSyJcYJMNXCDP&}tubKPz3AP z1B*uC!aJzzLq2rumCs4nG$%v&l9%Ds0(Ul#pC&;ycdwa_EZ{wn5@(`^QX=Ra1&GNjV>Z&1TPj5A`+@>J#VyaLPFJNRj=_N~2WE+8a(%?q88S~+twX&+HX(l7t`CFjRAqyhz=U4UysTQ1%9yzY zRg^!-ih+@t!9j$#eq$ceWq@`Ls@?=iEX5CWf_R!LeV24vESYa#V_j0;!Klc(;zN3c zITX@Vk-|BrgLhdzAp4ujn25HOztvU!u-*92|+0Q%%eDEk(^WW zyN$~BKvgu+J(9l2vGjNDl*>`gfhbqy{?H~PF@@cfk710VpS7ExQHDLd+6;ZW+t92c znVaRf6cWECz9aIHizCppM=+C2EbtqCyY6Q-_Tx>~r>xfGqJbH-W^X00jygwM<|Q%e zUAu3=G@~p?!^txr<0^?){;ADUQ2s*Qty77pL=7e3s&C9Vp&|@?$;XmntKO>-T6wux=iHQ?KuOw`Szz(c{LmCh3gAN-)+ekMwt_4< z{S|C$lZoxk{j4+Zgly6l*ri2Ytrvc6Rc^3l*7B=`jnAEOxleK3w_GhLWG|S=Y4x^Q zanL2EeI|e(&4TY4aHJq8rut^4RjPl$W8r+QHIbs0b(#V`sX}mrhvlhEiFCrJ01A4q z^jguUo)5W04ae|?^4k@M`K)nyG6K6L;Yl{tW?c}>qCQdDz z2B1G`f5;ZwaMAm46>rY8*Ge#jr7$+QS%GhdKd5nFtzo_6VGuGp<<4~(^7+9?^xd!R z_?bdEWe&RcC0XcVEDo;Lq$ht%*~`A8U#=XZ`}+fzG4b3 zY;E1e!k5?J%8g!?A9S14D=dUt;OixHRrkMW2-|vVT)H{+{aHDjnelD^s{oHP^zUIc zs#%6Hd(9s~59vM-8q3Ahu!d7Z6qu&IKX2;G>kWEGMDQkz?3$pV#u`_Oaj3A#1K0>D zqk@kDlq*oZ{VpLaN+2aLmum37fhFmPjO~(|JR?Y(f8b7}WSs&}w>nJOn46}g6US9rC zaCS-G#-QXfi+zamkpp*cH1{Wh4fn3jhi8G*9_EUOrs-Zc(AW2lQ8!2R8Y}R#AgHbI zyrRBvsqLWdfM0#RTF>1)kei>x)A+0=glq^F0n*Wn?Ye2pNUy5vNr9GPSuoTxs&@F7gH~cLr{RZ<1z8V6#br7+z}=HvYbO{wK#9;BENUw7FlXZ zJ>}g6M==FPYi$M|H3rR1X{M?l#vLU{yj=8sH1!q6{OSrOt2*{qWDDX~xEJNg@Wol4 zvwUMR`nLX^mBTSFeh>`hb>TeZ*@L=Lt>aD&<&OD)94GfHRa7<#pw2+|-< z3K(p}q@D>-9;+d3@bkcg(yLaIY9U77)c8TZPQO_0OP3`tzRNDZM6nc|X8J`Q&Djz6 zlGp0DSp?5C&oWN_#^)BkY>=?g)pL0UCp;}-!Yc3|o=Co5>aXN%3LVE^ z599Th7+f(t*W0%5-g-qYfihD8g;9Q%%mvk`8Ysq>!||sQh!pTO@;_(u5FYr;kC;6W z6&5U(+4~%QEZ(Bn4psEIaPjC13`oZ`HF^-I?^|pyrAr5`*$f32$%2S)QHhBPel=Q7 zTnothF<+qexD3(CAFELQ=2`kT7{6@?y$}=~w%$F;S|pq>a+v6eXy zlwM&F)aUDyNbIejzHRy_uQkM6ZF#XIS@TQt)zO%MsZDzlma1;dyJS``@pq)pzRFz5 zNnV(|{R|}k%2qX(1RZi~7aA(+c}<+owvA?#n)M{lfVjv?kUPLB7OvV-SN9|`HlU#N z_Qzmb{dg<#s%dRCfx%DR3NCy5p0-?2In}~QV#`X6<<46Jfr`ZC!$bL8K?9{l+JjfA zVslLMOdAp4ha|(1#@l*3`oF|ycp=&`%|VGS4VIkET~`FdZj!gQ?^-35ZbjuMc3;h{ ze)?8m*f=@~F7hZAMr=w&xhVdHvdo*5K}GBl!7k^u!E64#8Sz(cG-qXH9PEuV@uCF+ z?tCzRvrlQ{!YR z`lfON(|oZ~Dkv1OF+nR&KO+~TncGt5P!Yym6Mkd``D%IR&ZS%}jByooi~X}DHv z>GPTlIm?cTdCVVZBDk2=;`>^|;Q4cvQd)=RMBzV< zc~s3-k84rzRs(ouJkQYSCLl3BI;G|dzxYFF9iekpm`U3a&suV2_x{eQxBQ@QE0(Y?o#ivC-x3zyJe2k8E)SVx zoT~|Oz!IBTX%_w6v@N^nb%WRZWZVxjj-iuYqPrP{+@{F5Z=>p6TTvsZKQlN zrVAvC7dn;xZSpDFn?4JkVRX+88K6G6=%Qfzq0eZX24Z2&-eFh1nm4CvQcUdrqDH!> zG?I~?g;y~e{C1N)@BGqCY!>+|PA+=Vgu~D8vlU1D*&duBCseM#_AhHqi&}!$=&g&@ zQt0}Bs|~Y1J$*EZe)lVV=g>i4$-wrZmP-(!AgQ5Fkf{cBG%=; z1;ToA79}!Y0=pKnX#6+VOM9AxbW3jr4IOn_&}z`<2R!Z&ie7%#q+02h0RfpL*E3ks zKeb5;?fNCdCaGc_%5+GZY8p+Qp>|I8lfDHJuK0ug&dx@3U1$~p5}Ar=FxJ-Rzg=sd zj34L9Rwrq8pD(2?4O}23G}G!~#L!nhY$I!!q^rH|6V4GUptI@zA)i>=BAm8cID%

4#gFY{Hifuu@N@Uq2 zdg*xfOF~t+t&1lsxqIAg_o0QHOYf2mt6@2KM}2fU1L-<@1wAT*nmXK%PPMCSY}YId zwK-UkERM3898D(`*FuC!iU~&U-@j6+OCRoB@{IEi6@A_Bx!0{Wx;k=6!b~v+QW<5d zfg%iZPbv8hD|MlwZ>TK8%zu4|&fC2%aD0cs1jc-_2SP49MvmOmE;4;?7Tp78xq93X zbK{on=s|YdEjoee+tL1H2;w-t*ymoX($C03eDB9F8QF!Ysk$=tY#Rj)YY>GoSQ1$1 z5GC#$&uROZ(AD?LS<$*Cjen^;lfS9rUcY_sh9-Q9uf*@|8#Mt4`JnCl?~I6Rap#?q zMGlBX3@Xz|dhbI5X%Tm@xm8HiF${DM<0~2CO~QyTy-n2qwcwh`fM-=A$_KBJ*WOi^ z?HgQBW-=M2Sy#OMkmS`Gd%AJ}$vcn^E0><;jS+mm=fZ;tU*5kLs<&@rCg`A14k}gW z?s#i+i%@~&{Ro+ciGK=V`Buo3~)&3fM>J|b}YH_;0zNxNX5=OQ)Y;XDaNzT#rXkwb**!f(g)tZG&B!pK!; zB}&R;6&EV>XubqK22=kyN@Etk%235wYFT`%O3%j(|Hb~HASPr@%}%j4hU-B>)IOX1 zI>$()2d$~s_!HH7m!WfHok4K^{FdzwM_zoihJ=-|Xu}3);`%$ylQfMXayDLb@Ow>U z?@YRjzjICh!J*uvucY!(+Po}3gRXY+M@QMX>k*`~?53hw-g<-g%43-wSS<*vbf)xb zFMX(-&@uz@^2Kj`+VM{&eEaf%Dm~Q~iq2`Gh)%rXeBLqloRx)TStI%`^HAD=Bh-EL z{jkJ#umAieWjp5l%cnpKWl=V>wh|a?y?^zb)U<}%+d8WPjUwlJ8r4W+He{pIvdhEy z&vcVDC7O~@yvX&T`LULPb;=iMqs~$xYKcYil0D`$yi(ml-L^@`O?n&etPY>IJ#JYq z5!Qb)Pv}Fe#$aLV5&7HSZDMl-rRvbSCAIP5-Qf4CeADz=cZw3(dfS7Z^AZ#l%Yf^6 z;kMIygbb*xk>$7-mMO=^+q$^Y(>L)E<&iJbVmG8drdI4sWqCol;#3uAMZqB{7dMut z{h|qx_-^5rZOe)r*~7%lX2GMWn=-Fj@7D5k<4Zj{fLEwc9&pg zJlPwTL*LoJ;GdV_T)Oy_Kcq;cp37K>wGd_CYdC zyi^!EQ|uesx;1^LYw>GfteGc2L8d;1=XAA`W=T5DRlHTm2H3Hqr>Ca;H}8!ozKSO& zGCo8cSs_ZqqU&sqZZ|HMw`^kljD-o38Oe`ig+`_YmL>vt6WJ!Mic!k2k=RlT(m z9i{4|wy06vG$^q`!BDHkf=nn!in|V)sN%cFvs_ZnJS|FwD2D3i=)5ROcUnYICW3Hm zZoE4Pv!(D;t;W`!gx{g0V?aFA>ZID?>-UCHJpb3SNpW3yH2J|iJ5+Cx5PXEa$9Dsk z?SzV&$zr?5+=`ba$|u5|`gWdQP%)+nFG>&Wy=RhBV5cO~8)r7~T}VB*!T6M$CF7#F9ZlPGG5xVed6hw8?E z;oemhYcg_`BBoBf^S0-Jo`8z%F}zyNo14$7jzh)g^U@S`72j5tH1v{cOmwL}_qwmE ztmx&NRoCUSK?0~XsY|LaWWG@k)WTz`6%-O{PxFSJ-8Rl9+6d~5GxVmp=|PRJ zYqnpM{}AulCGx^-q4trEAfrKcE3Gxgr=GPdw{M;6;FC9i@{djSy3B|eNetDf5BCQ( ztnc}}m5cg58>p4fw5Rks{h(p{atCBVP+79jsPjD^ZD0?T%W0K^KpD^DNx2J}Wc!Qz zhaMFB!-U^|lAWBYeb6pNtwD!>}$?3*6ioDJ;*KVP!G5^B#ka0p9Pc>S%6*!-=rOQOuA7{1C2 zj~(04ikOSEna>8xs@l7?BNBPjvUm=QjK3S$5`R;C@M+T0HbZxQkFku33U}JGD!eu_ zCR&pgw_cHCm3wz-Kg=XTJtsD4Z%?kR0=%Xa)O>J$K6^eRV*a(gn|~tr*}XuA2c*cp zteR{meD894JhAre3dl~Nzc&%>j-r`Nd))iJRO%P0Q6ni;!N0h}UN}(1@S2Z%$H&JQ zw(vyq=v-YA3QwIgHDLK5o42kQuwJRYe?O%kX3zP3`@>3uuP^yvP%YFho@AE!?Taz# zh}gy$!n_u#4585dC&P}Tz2koQgukcKf3b?4&U|ryRqWdqfHd&TjrMy@-P~Z4@W#KF zK02Z3diNGNfn2_Q_M^FE#SAX*2U-OUs5-Yda6YHggNA#a`q_*oXSc>P@02zbt}rvO znOSF&L;U9{;_!#N^*N(+wuL);hyYfoh3eZDdB8pHkTWanvFTKKCEhQQB#|nrA}&kH5*q+W#Lg`?aC_B zm)-gCpsP3G02$uK)|c|rOTxV4ax&Ful9Tm(YZuWal}APg)ZyzGf<=m65F}hEiRCmN?p5_ppE1@;$T<(4Uc(BDoYOoZiK--OtUukkb+kv=y#!s&S4i+c~zGnotHk70+;eFBeyg{2=s|zwqqc0^k*rC&} zzO11|7C^qf()A&+GbPexP#1MQbfPvbBU$9vAF7>NVYN@*TV+6y4T0s@I;ky^NPdvKFU z>fOW%iPHsXKm6KBD6~yWk)Yj&f0yPl@i_R>*Fv5J=ZON1&hDswPicD z-1Fox50A!rzlpW?IkRDFAW*suH&qXf7i60>)#Z1meaHC7MSn#0qgkB384%Q7>V&{=ANXhy?u<3!{eK%Q$AA0%-*(NV{@+pke=EG`|5XN*J-=Xi;dz(`MHIoEOb8$apCIGZtF{Ni zImRi^wLP&lTwZ^^x;;JXkF+rgcNFc=OX64@CuABe>>V=WG7RxSSV8*}99(?u4~{@S zMjv=VUA66~gC(n`Yt4OXPF7D2@*_ZjfG>?;%LLnd+SA zm*dN;XVn*?(#43yDYewqhJG?dFX5Z0)uwM0ti5Wv_%XkaHeJ@*Sa$UlYkPXqytI{P z)6$mCo6NTQOVK#jyR-h_xN)-8sak&Uvi7d4NTER9egiTc JO4Mzij(@XnhsKo&*MSlh#7(1g=&0&FEG%?Me6ampuO4>y-_`!)kpP&FT0Pj|*j)GSV93 zG0u%P9?@5H>Ue&9TJ8w(mS4U;YbU>kw!5dto6pc!`1H`piz?!Qs? zZ2zTY(j)A}O)l`C?|(Hfn=&r%X0(YbN~&_+%&1`W&E*1z3IZzVUki(*D`*Kk5kQkG z1wFz!17_g@d9ch)G0;wCGL8I9sNtr~X-yEB=^d3PuoC0XT$oBik3eT~aJ zPYYM7vf@1@^`frQB1w}O-E1jovb=r04Y>?eKuHocY1?18ny~4FyPO>aM4!NUUOmFePy(-1M3SddTi>v8NVjB&*t=IgAYbgkDfmmx*FWy-yM^~-2uA1 z`-8QZ4$iCJUfZClsXi!k+gGp^gsj(jT}WJxQ(W4?Rswg^FKlTCd%;5d=XH e1VIo4K@bE%5ClOG1VIqwGCu%8Tmj4gC;$K)2?m1z literal 0 HcmV?d00001 diff --git a/install/ubuntu/firewall/ports.conf b/install/rhel/5/firewall/ports.conf similarity index 93% rename from install/ubuntu/firewall/ports.conf rename to install/rhel/5/firewall/ports.conf index e970f91de..a6ef4dae5 100644 --- a/install/ubuntu/firewall/ports.conf +++ b/install/rhel/5/firewall/ports.conf @@ -11,6 +11,6 @@ PROTOCOL='TCP' PORT='143' PROTOCOL='TCP' PORT='3306' PROTOCOL='TCP' PORT='5432' PROTOCOL='TCP' PORT='8080' -PROTOCOL='TCP' PORT='8443' +PROTOCOL='TCP' PORT='8433' PROTOCOL='TCP' PORT='8083' PROTOCOL='TCP' PORT='12000:12100' diff --git a/install/ubuntu/firewall/rules.conf b/install/rhel/5/firewall/rules.conf similarity index 89% rename from install/ubuntu/firewall/rules.conf rename to install/rhel/5/firewall/rules.conf index 60136e1a5..956c2e1d9 100644 --- a/install/ubuntu/firewall/rules.conf +++ b/install/rhel/5/firewall/rules.conf @@ -1,6 +1,6 @@ RULE='1' ACTION='ACCEPT' PROTOCOL='ICMP' PORT='0' IP='0.0.0.0/0' COMMENT='PING' SUSPENDED='no' TIME='17:13:48' DATE='2014-09-16' RULE='2' ACTION='ACCEPT' PROTOCOL='TCP' PORT='8083' IP='0.0.0.0/0' COMMENT='VESTA' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' -RULE='3' ACTION='ACCEPT' PROTOCOL='TCP' PORT='3306,5432' IP='127.0.0.1/32' COMMENT='DB' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='3' ACTION='ACCEPT' PROTOCOL='TCP' PORT='3306,5432' IP='0.0.0.0/0' COMMENT='DB' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' RULE='4' ACTION='ACCEPT' PROTOCOL='TCP' PORT='143,993' IP='0.0.0.0/0' COMMENT='IMAP' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' RULE='5' ACTION='ACCEPT' PROTOCOL='TCP' PORT='110,995' IP='0.0.0.0/0' COMMENT='POP3' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' RULE='6' ACTION='ACCEPT' PROTOCOL='TCP' PORT='25,465,587,2525' IP='0.0.0.0/0' COMMENT='SMTP' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' diff --git a/install/rhel/httpd.conf b/install/rhel/5/httpd/httpd.conf similarity index 100% rename from install/rhel/httpd.conf rename to install/rhel/5/httpd/httpd.conf diff --git a/install/rhel/5/httpd/ruid2.conf b/install/rhel/5/httpd/ruid2.conf new file mode 100644 index 000000000..42f908a85 --- /dev/null +++ b/install/rhel/5/httpd/ruid2.conf @@ -0,0 +1,8 @@ +LoadModule ruid2_module modules/mod_ruid2.so + + + RMode config + RDefaultUidGid apache apache + RUidGid apache apache + RGroups apache + diff --git a/install/rhel/httpd-ssl.conf b/install/rhel/5/httpd/ssl.conf similarity index 100% rename from install/rhel/httpd-ssl.conf rename to install/rhel/5/httpd/ssl.conf diff --git a/install/rhel/httpd-status.conf b/install/rhel/5/httpd/status.conf similarity index 100% rename from install/rhel/httpd-status.conf rename to install/rhel/5/httpd/status.conf diff --git a/install/rhel/httpd.log b/install/rhel/5/logrotate/httpd similarity index 100% rename from install/rhel/httpd.log rename to install/rhel/5/logrotate/httpd diff --git a/install/rhel/5/logrotate/nginx b/install/rhel/5/logrotate/nginx new file mode 100644 index 000000000..b1da1bf16 --- /dev/null +++ b/install/rhel/5/logrotate/nginx @@ -0,0 +1,12 @@ +/var/log/nginx/*log /var/log/nginx/domains/*log { + create 0644 nginx nginx + daily + rotate 10 + missingok + notifempty + compress + sharedscripts + postrotate + [ -f /var/run/nginx.pid ] && kill -USR1 `cat /var/run/nginx.pid` + endscript +} diff --git a/install/ubuntu/vesta.log b/install/rhel/5/logrotate/vesta similarity index 100% rename from install/ubuntu/vesta.log rename to install/rhel/5/logrotate/vesta diff --git a/install/rhel/5/mariadb/my-large.cnf b/install/rhel/5/mariadb/my-large.cnf new file mode 100644 index 000000000..4e6c2225c --- /dev/null +++ b/install/rhel/5/mariadb/my-large.cnf @@ -0,0 +1,38 @@ +[mysqld] +datadir=/var/lib/mysql +socket=/var/lib/mysql/mysql.sock +symbolic-links=0 + +skip-external-locking +key_buffer_size = 256M +max_allowed_packet = 32M +table_open_cache = 256 +sort_buffer_size = 1M +read_buffer_size = 1M +read_rnd_buffer_size = 4M +myisam_sort_buffer_size = 64M +thread_cache_size = 8 +query_cache_size= 16M +thread_concurrency = 8 + +#innodb_use_native_aio = 0 +innodb_file_per_table + +max_connections=200 +max_user_connections=50 +wait_timeout=10 +interactive_timeout=50 +long_query_time=5 + +#slow_query_log=1 +#slow_query_log_file=/var/log/mysql-slow-queries.log + + +[mysqld_safe] +log-error=/var/log/mariadb/mariadb.log +pid-file=/var/run/mariadb/mariadb.pid + +# +# include all files from the config directory +# +!includedir /etc/my.cnf.d diff --git a/install/rhel/5/mariadb/my-medium.cnf b/install/rhel/5/mariadb/my-medium.cnf new file mode 100644 index 000000000..fa255ec52 --- /dev/null +++ b/install/rhel/5/mariadb/my-medium.cnf @@ -0,0 +1,37 @@ +[mysqld] +datadir=/var/lib/mysql +socket=/var/lib/mysql/mysql.sock +symbolic-links=0 + +skip-external-locking +key_buffer_size = 16M +max_allowed_packet = 16M +table_open_cache = 64 +sort_buffer_size = 512K +net_buffer_length = 8K +read_buffer_size = 256K +read_rnd_buffer_size = 512K +myisam_sort_buffer_size = 8M + +#innodb_use_native_aio = 0 +innodb_file_per_table + +max_connections=70 +max_user_connections=30 +wait_timeout=10 +interactive_timeout=50 +long_query_time=5 + +#slow_query_log=1 +#slow_query_log_file=/var/log/mysql-slow-queries.log + + + +[mysqld_safe] +log-error=/var/log/mariadb/mariadb.log +pid-file=/var/run/mariadb/mariadb.pid + +# +# include all files from the config directory +# +!includedir /etc/my.cnf.d diff --git a/install/rhel/5/mariadb/my-small.cnf b/install/rhel/5/mariadb/my-small.cnf new file mode 100644 index 000000000..7d2fdc1b3 --- /dev/null +++ b/install/rhel/5/mariadb/my-small.cnf @@ -0,0 +1,35 @@ +[mysqld] +datadir=/var/lib/mysql +socket=/var/lib/mysql/mysql.sock +symbolic-links=0 + +skip-external-locking +key_buffer_size = 32K +max_allowed_packet = 8M +table_open_cache = 4 +sort_buffer_size = 128K +read_buffer_size = 256K +read_rnd_buffer_size = 256K +net_buffer_length = 2K +thread_stack = 240K + +#innodb_use_native_aio = 0 +innodb_file_per_table + +max_connections=50 +max_user_connections=25 +wait_timeout=10 +interactive_timeout=50 +long_query_time=5 + +#slow_query_log=1 +#slow_query_log_file=/var/log/mysql-slow-queries.log + +[mysqld_safe] +log-error=/var/log/mariadb/mariadb.log +pid-file=/var/run/mariadb/mariadb.pid + +# +# include all files from the config directory +# +!includedir /etc/my.cnf.d diff --git a/install/rhel/monit/clamd.conf b/install/rhel/5/monit/clamd.conf similarity index 100% rename from install/rhel/monit/clamd.conf rename to install/rhel/5/monit/clamd.conf diff --git a/install/rhel/monit/dovecot.conf b/install/rhel/5/monit/dovecot.conf similarity index 100% rename from install/rhel/monit/dovecot.conf rename to install/rhel/5/monit/dovecot.conf diff --git a/install/rhel/monit/exim.conf b/install/rhel/5/monit/exim.conf similarity index 100% rename from install/rhel/monit/exim.conf rename to install/rhel/5/monit/exim.conf diff --git a/install/rhel/monit/httpd.conf b/install/rhel/5/monit/httpd.conf similarity index 100% rename from install/rhel/monit/httpd.conf rename to install/rhel/5/monit/httpd.conf diff --git a/install/rhel/monit/mysql.conf b/install/rhel/5/monit/mysql.conf similarity index 100% rename from install/rhel/monit/mysql.conf rename to install/rhel/5/monit/mysql.conf diff --git a/install/rhel/monit/nginx.conf b/install/rhel/5/monit/nginx.conf similarity index 100% rename from install/rhel/monit/nginx.conf rename to install/rhel/5/monit/nginx.conf diff --git a/install/rhel/monit/spamassassin.conf b/install/rhel/5/monit/spamassassin.conf similarity index 100% rename from install/rhel/monit/spamassassin.conf rename to install/rhel/5/monit/spamassassin.conf diff --git a/install/rhel/monit/sshd.conf b/install/rhel/5/monit/sshd.conf similarity index 100% rename from install/rhel/monit/sshd.conf rename to install/rhel/5/monit/sshd.conf diff --git a/install/rhel/monit/vesta-nginx.conf b/install/rhel/5/monit/vesta-nginx.conf similarity index 100% rename from install/rhel/monit/vesta-nginx.conf rename to install/rhel/5/monit/vesta-nginx.conf diff --git a/install/rhel/monit/vesta-php.conf b/install/rhel/5/monit/vesta-php.conf similarity index 100% rename from install/rhel/monit/vesta-php.conf rename to install/rhel/5/monit/vesta-php.conf diff --git a/install/rhel/5/mysqld/my-large.cnf b/install/rhel/5/mysqld/my-large.cnf new file mode 100644 index 000000000..b548eeb87 --- /dev/null +++ b/install/rhel/5/mysqld/my-large.cnf @@ -0,0 +1,38 @@ +[mysqld] +datadir=/var/lib/mysql +socket=/var/lib/mysql/mysql.sock +symbolic-links=0 + +skip-external-locking +key_buffer_size = 256M +max_allowed_packet = 32M +table_open_cache = 256 +sort_buffer_size = 1M +read_buffer_size = 1M +read_rnd_buffer_size = 4M +myisam_sort_buffer_size = 64M +thread_cache_size = 8 +query_cache_size= 16M +thread_concurrency = 8 + +#innodb_use_native_aio = 0 +innodb_file_per_table + +max_connections=200 +max_user_connections=50 +wait_timeout=10 +interactive_timeout=50 +long_query_time=5 + +#slow_query_log=1 +#slow_query_log_file=/var/log/mysql-slow-queries.log + + +[mysqld_safe] +log-error=/var/log/mysqld.log +pid-file=/var/run/mysqld/mysqld.pid + +# +# include all files from the config directory +# +!includedir /etc/my.cnf.d diff --git a/install/rhel/5/mysqld/my-medium.cnf b/install/rhel/5/mysqld/my-medium.cnf new file mode 100644 index 000000000..e5f2677fc --- /dev/null +++ b/install/rhel/5/mysqld/my-medium.cnf @@ -0,0 +1,37 @@ +[mysqld] +datadir=/var/lib/mysql +socket=/var/lib/mysql/mysql.sock +symbolic-links=0 + +skip-external-locking +key_buffer_size = 16M +max_allowed_packet = 16M +table_open_cache = 64 +sort_buffer_size = 512K +net_buffer_length = 8K +read_buffer_size = 256K +read_rnd_buffer_size = 512K +myisam_sort_buffer_size = 8M + +#innodb_use_native_aio = 0 +innodb_file_per_table + +max_connections=70 +max_user_connections=30 +wait_timeout=10 +interactive_timeout=50 +long_query_time=5 + +#slow_query_log=1 +#slow_query_log_file=/var/log/mysql-slow-queries.log + + + +[mysqld_safe] +log-error=/var/log/mysqld.log +pid-file=/var/run/mysqld/mysqld.pid + +# +# include all files from the config directory +# +!includedir /etc/my.cnf.d diff --git a/install/rhel/5/mysqld/my-small.cnf b/install/rhel/5/mysqld/my-small.cnf new file mode 100644 index 000000000..52a3d33a6 --- /dev/null +++ b/install/rhel/5/mysqld/my-small.cnf @@ -0,0 +1,35 @@ +[mysqld] +datadir=/var/lib/mysql +socket=/var/lib/mysql/mysql.sock +symbolic-links=0 + +skip-external-locking +key_buffer_size = 32K +max_allowed_packet = 8M +table_open_cache = 4 +sort_buffer_size = 128K +read_buffer_size = 256K +read_rnd_buffer_size = 256K +net_buffer_length = 2K +thread_stack = 240K + +#innodb_use_native_aio = 0 +innodb_file_per_table + +max_connections=50 +max_user_connections=25 +wait_timeout=10 +interactive_timeout=50 +long_query_time=5 + +#slow_query_log=1 +#slow_query_log_file=/var/log/mysql-slow-queries.log + +[mysqld_safe] +log-error=/var/log/mysqld.log +pid-file=/var/run/mysqld/mysqld.pid + +# +# include all files from the config directory +# +!includedir /etc/my.cnf.d diff --git a/install/rhel/named.conf b/install/rhel/5/named/named.conf similarity index 100% rename from install/rhel/named.conf rename to install/rhel/5/named/named.conf diff --git a/install/rhel/5/nginx/nginx.conf b/install/rhel/5/nginx/nginx.conf new file mode 100644 index 000000000..0316de7ac --- /dev/null +++ b/install/rhel/5/nginx/nginx.conf @@ -0,0 +1,101 @@ +# Server globals +user nginx; +worker_processes 2; +error_log /var/log/nginx/error.log; +pid /var/run/nginx.pid; + + +# Worker config +events { + worker_connections 1024; + use epoll; +} + + +http { + # Main settings + sendfile on; + tcp_nopush on; + tcp_nodelay on; + client_header_timeout 1m; + client_body_timeout 1m; + client_header_buffer_size 2k; + client_body_buffer_size 256k; + client_max_body_size 100m; + large_client_header_buffers 4 8k; + send_timeout 30; + keepalive_timeout 60 60; + reset_timedout_connection on; + server_tokens off; + server_name_in_redirect off; + server_names_hash_max_size 512; + server_names_hash_bucket_size 512; + + + # Log format + log_format main '$remote_addr - $remote_user [$time_local] $request ' + '"$status" $body_bytes_sent "$http_referer" ' + '"$http_user_agent" "$http_x_forwarded_for"'; + log_format bytes '$body_bytes_sent'; + #access_log /var/log/nginx/access.log main; + access_log off; + + + # Mime settings + include /etc/nginx/mime.types; + default_type application/octet-stream; + + + # Compression + gzip on; + gzip_comp_level 9; + gzip_min_length 512; + gzip_buffers 8 64k; + gzip_types text/plain text/css text/javascript + application/x-javascript; + gzip_proxied any; + + + # Proxy settings + proxy_redirect off; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_pass_header Set-Cookie; + proxy_connect_timeout 90; + proxy_send_timeout 90; + proxy_read_timeout 90; + proxy_buffers 32 4k; + + + # SSL PCI Compliance + ssl_session_cache shared:SSL:10m; + ssl_protocols TLSv1 TLSv1.1 TLSv1.2; + ssl_prefer_server_ciphers on; + ssl_ciphers "ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4"; + + + # Error pages + error_page 403 /error/403.html; + error_page 404 /error/404.html; + error_page 502 503 504 /error/50x.html; + + + # Cache + proxy_cache_path /var/cache/nginx levels=2 keys_zone=cache:10m inactive=60m max_size=512m; + proxy_temp_path /var/cache/nginx/temp; + proxy_cache_key "$host$request_uri $cookie_user"; + proxy_ignore_headers Expires Cache-Control; + proxy_cache_use_stale error timeout invalid_header http_502; + proxy_cache_valid any 3d; + + map $http_cookie $no_cache { + default 0; + ~SESS 1; + ~wordpress_logged_in 1; + } + + + # Wildcard include + include /etc/nginx/conf.d/*.conf; +} diff --git a/install/rhel/5/nginx/phpmyadmin.inc b/install/rhel/5/nginx/phpmyadmin.inc new file mode 100644 index 000000000..09da52076 --- /dev/null +++ b/install/rhel/5/nginx/phpmyadmin.inc @@ -0,0 +1,15 @@ +location /phpmyadmin { + alias /usr/share/phpMyAdmin/; + + location ~ /(libraries|setup) { + return 404; + } + + location ~ ^/phpmyadmin/(.*\.php)$ { + alias /usr/share/phpMyAdmin/$1; + fastcgi_pass 127.0.0.1:9000; + fastcgi_index index.php; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $request_filename; + } +} diff --git a/install/rhel/5/nginx/phppgadmin.inc b/install/rhel/5/nginx/phppgadmin.inc new file mode 100644 index 000000000..333e560a2 --- /dev/null +++ b/install/rhel/5/nginx/phppgadmin.inc @@ -0,0 +1,11 @@ +location /phppgadmin { + alias /usr/share/phpPgAdmin/; + + location ~ ^/phppgadmin/(.*\.php)$ { + alias /usr/share/phpPgAdmin/$1; + fastcgi_pass 127.0.0.1:9000; + fastcgi_index index.php; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $request_filename; + } +} diff --git a/install/ubuntu/nginx-status.conf b/install/rhel/5/nginx/status.conf similarity index 100% rename from install/ubuntu/nginx-status.conf rename to install/rhel/5/nginx/status.conf diff --git a/install/rhel/5/nginx/webmail.inc b/install/rhel/5/nginx/webmail.inc new file mode 100644 index 000000000..2d0fbe293 --- /dev/null +++ b/install/rhel/5/nginx/webmail.inc @@ -0,0 +1,15 @@ +location /webmail { + alias /usr/share/roundcubemail/; + + location ~ /(config|temp|logs) { + return 404; + } + + location ~ ^/webmail/(.*\.php)$ { + alias /usr/share/roundcubemail/$1; + fastcgi_pass 127.0.0.1:9000; + fastcgi_index index.php; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $request_filename; + } +} diff --git a/install/rhel/5/packages.tar.gz b/install/rhel/5/packages.tar.gz new file mode 100644 index 0000000000000000000000000000000000000000..269d9bee0b4daf7297f7c0f253ab0208388a9940 GIT binary patch literal 552 zcmV+@0@wW?iwFSH#Bfyr1MQVxZ<{a_#q*p`kvCq}%r*v8q&^TpDl3635OsTsSi@LU z22r37`}VUTaYD$pRw944-Jc?XkFPQ0>Kw14r{^e%i}$_Lff$-X>#M3Xt{ZxoC^E&A z5MGC|ig9nCoba6lFGU%x2ZLU;_`b}3Q}?I&zm(Os|EnmClXVth#pl)B|IRAP7AMMdRw8svL}te)>+`D4TJf;&k;wP3i85!f4nFKkqBVQQQH)Y=Ga&TW=dieZ}m z%nP@xjL;bEo@!2gZ~nm_ZD*a}Vg7OEhXx-r_(yuyqhp2lLg7!(3Or2nrzqtgHcZRK zyR0BhMd}Clw(GLmJk673R{vkK3ExWUht8ONKhku1t5dCdFE%C!D>q2JL9F7^P2WTK zzeuB!2f&XD_+L{G@}J5C{C^gj{uicwga5_EYy6MVVE|N0BLRdWBA`;58L*RfAy6;e zr9d^_i-CH6F9&cd2P&nLAdt5~fQc^O>R7(cAQ1jfqGeWm$=CUX&wo_=A7SwSIXJuj zTlR0czh(Zm_m5cr!1)Kpf0ggMuss&G$GXgZ=sImL5dPovt9$pq?fl1F$Fimn@c%i0 q^Z(@MKh~+LE7u+b0000000000000000002MKgCa859^TtC;$NBUl=j~ literal 0 HcmV?d00001 diff --git a/install/rhel/5/packages/default.pkg b/install/rhel/5/packages/default.pkg new file mode 100644 index 000000000..3df21d3df --- /dev/null +++ b/install/rhel/5/packages/default.pkg @@ -0,0 +1,19 @@ +WEB_TEMPLATE='default' +BACKEND_TEMPLATE='default' +PROXY_TEMPLATE='default' +DNS_TEMPLATE='default' +WEB_DOMAINS='100' +WEB_ALIASES='100' +DNS_DOMAINS='100' +DNS_RECORDS='100' +MAIL_DOMAINS='100' +MAIL_ACCOUNTS='100' +DATABASES='100' +CRON_JOBS='100' +DISK_QUOTA='10000' +BANDWIDTH='100000' +NS='ns1.localhost.ltd,ns2.localhost.ltd' +SHELL='nologin' +BACKUPS='3' +TIME='11:46:50' +DATE='2015-06-05' diff --git a/install/rhel/5/packages/gainsboro.pkg b/install/rhel/5/packages/gainsboro.pkg new file mode 100644 index 000000000..2b66b7d17 --- /dev/null +++ b/install/rhel/5/packages/gainsboro.pkg @@ -0,0 +1,19 @@ +WEB_TEMPLATE='default' +BACKEND_TEMPLATE='default' +PROXY_TEMPLATE='default' +DNS_TEMPLATE='default' +WEB_DOMAINS='10' +WEB_ALIASES='10' +DNS_DOMAINS='10' +DNS_RECORDS='10' +MAIL_DOMAINS='10' +MAIL_ACCOUNTS='10' +DATABASES='10' +CRON_JOBS='10' +DISK_QUOTA='10000' +BANDWIDTH='10000' +NS='ns1.localhost.ltd,ns2.localhost.ltd' +SHELL='nologin' +BACKUPS='1' +TIME='11:31:30' +DATE='2015-06-05' diff --git a/install/rhel/5/packages/palegreen.pkg b/install/rhel/5/packages/palegreen.pkg new file mode 100644 index 000000000..b17e5e1b2 --- /dev/null +++ b/install/rhel/5/packages/palegreen.pkg @@ -0,0 +1,19 @@ +WEB_TEMPLATE='hosting' +BACKEND_TEMPLATE='default' +PROXY_TEMPLATE='hosting' +DNS_TEMPLATE='default' +WEB_DOMAINS='50' +WEB_ALIASES='50' +DNS_DOMAINS='50' +DNS_RECORDS='50' +MAIL_DOMAINS='50' +MAIL_ACCOUNTS='50' +DATABASES='50' +CRON_JOBS='50' +DISK_QUOTA='50000' +BANDWIDTH='50000' +NS='ns1.localhost.ltd,ns2.localhost.ltd' +SHELL='nologin' +BACKUPS='5' +TIME='07:49:47' +DATE='2015-06-05' diff --git a/install/rhel/5/packages/slategrey.pkg b/install/rhel/5/packages/slategrey.pkg new file mode 100644 index 000000000..cc9ef423c --- /dev/null +++ b/install/rhel/5/packages/slategrey.pkg @@ -0,0 +1,19 @@ +WEB_TEMPLATE='default' +BACKEND_TEMPLATE='default' +PROXY_TEMPLATE='default' +DNS_TEMPLATE='default' +WEB_DOMAINS='100' +WEB_ALIASES='100' +DNS_DOMAINS='100' +DNS_RECORDS='100' +MAIL_DOMAINS='100' +MAIL_ACCOUNTS='100' +DATABASES='100' +CRON_JOBS='100' +DISK_QUOTA='10000' +BANDWIDTH='100000' +NS='ns1.localhost.ltd,ns2.localhost.ltd' +SHELL='nologin' +BACKUPS='3' +TIME='12:39:13' +DATE='2015-06-05' diff --git a/install/ubuntu/pga.conf b/install/rhel/5/pga/config.inc.php similarity index 100% rename from install/ubuntu/pga.conf rename to install/rhel/5/pga/config.inc.php diff --git a/install/rhel/httpd-pga.conf b/install/rhel/5/pga/phpPgAdmin.conf similarity index 100% rename from install/rhel/httpd-pga.conf rename to install/rhel/5/pga/phpPgAdmin.conf diff --git a/install/rhel/5/php-fpm/www.conf b/install/rhel/5/php-fpm/www.conf new file mode 100644 index 000000000..260109d8f --- /dev/null +++ b/install/rhel/5/php-fpm/www.conf @@ -0,0 +1,10 @@ +[www] +listen = 127.0.0.1:9000 +listen.allowed_clients = 127.0.0.1 +user = apache +group = apache +pm = dynamic +pm.max_children = 50 +pm.start_servers = 5 +pm.min_spare_servers = 3 +pm.max_spare_servers = 35 diff --git a/install/rhel/pma.conf b/install/rhel/5/pma/config.inc.conf similarity index 100% rename from install/rhel/pma.conf rename to install/rhel/5/pma/config.inc.conf diff --git a/install/rhel/httpd-pma.conf b/install/rhel/5/pma/phpMyAdmin.conf similarity index 89% rename from install/rhel/httpd-pma.conf rename to install/rhel/5/pma/phpMyAdmin.conf index 3950860ef..0049ef2b7 100644 --- a/install/rhel/httpd-pma.conf +++ b/install/rhel/5/pma/phpMyAdmin.conf @@ -37,9 +37,3 @@ Alias /phpmyadmin /usr/share/phpMyAdmin # SecRuleInheritance Off # # - - - Order Deny,Allow - Deny from All - Allow from None - diff --git a/install/rhel/5/postgresql/pg_hba.conf b/install/rhel/5/postgresql/pg_hba.conf new file mode 100644 index 000000000..b65e66434 --- /dev/null +++ b/install/rhel/5/postgresql/pg_hba.conf @@ -0,0 +1,11 @@ +# "local" is for Unix domain socket connections only +local all all md5 + +# IPv4 local connections: +host all all 127.0.0.1/32 md5 + +# IPv6 local connections: +host all all ::1/128 md5 + +# Others +host all all 0.0.0.0/0 md5 diff --git a/install/rhel/proftpd.conf b/install/rhel/5/proftpd/proftpd.conf similarity index 100% rename from install/rhel/proftpd.conf rename to install/rhel/5/proftpd/proftpd.conf diff --git a/install/rhel/5/remi-release.rpm b/install/rhel/5/remi-release.rpm new file mode 100644 index 0000000000000000000000000000000000000000..e0c3696c4822bf6f14f7464c2a3447c2997c966c GIT binary patch literal 5450 zcmbVQ30M=?79KVgl)6;GrRXS@MM(&dgiQp>t`rai@fD?$WC9~eCeBP)T(Q<&sYNL+ zs8o3<#f4g)zFHJpS`ms0qR3VhTTxpPQEbtoymOOrsqOndKj-^yPX4*)zh{{{=iH>T z_-=~{2A2^-swn|Osz`z*1rni)NZ=wQRT3e(j}%_xGQ!MW)yg__%ZR@>5M(2a=`hgu zvoMB%;lVrxf%yZr1UbO)9Rse(E%kn zBDrF7mt$B>{Yz|`*48%uyMwsF8U67Dx<9Lv0J(PD?&p3g{ z-TZtej~{?U^B?mV`H3)!2l4;l@m3!9f&_cUU-7t)pZ}4^Pk7wH+K6px4U^C%yP zkDdY2m+^QcNbtc#1rqr;3MAsAc#%HJJJQeN@o0YjG)Ul?jsc108+km|fK5Yr?7+(u zkZ64mkg&cf2NHZY^#log(*hoQ8Sp@~4w?@E3HpPc`GeL)_?bUp2K_;ZkNib(qWJ?n zp3Bdd@Hl~=ujTPPejfRc`15&;_65Q+kPxRizyC}XJpKeEiihMe@(*DpkGJy}#f|to zd5rRm@LnFHJb=IEWgw9~9gn}~aVkj2k9iG9*c7H|{QNKcd^(Ts@OUvuq~C*Z0H$QH zmrE#yN+|YH37s4JJ}##v7bSsKrvb+}r`a%e>hWJw?}Fwjaq`ZUnm=V^g3gjfK$LoC#h+_MNN zQp2G^B3FLEuGDhKG0ap>YTvbt|kJ~`3 zC<5z-ytDe~Nd`g>fAJ7B_9R53g}f1Rj!FeGp=Bx#u(-(Q>pJ1X%99ydL1~gmhLsbXP)VpMm5P+p@WBb?v>G-bhP@??Mtdnh ze-{gh3dfQ;PV43DEK|`*f9E)3F&QjJs_`IAD#g$mHRRU$J?Q<5(V0iON8lZudK z?AT|Vw%M3J-3;)O^wWR9VO0bY3nc!YP zty)FN90F*ymLXYqdx9wy89}H?7Hk^kqKFI?P3R}sP$HF#Vn`*G?ufw?*H?{~4_*>X zg1HGrLb1RF6AR%?hJg?ZU4?EK7Bg%<9{s)_K5OiV{O~p+e`d>{`C(5|@UZlN{4ia9 zen^2Y9y0x#{NQDN`N8pK@Y+A$ANVw=12KNVhMi>CGiWDG#|60I?1vK?1uhjzz~XE3 zJOwU14Y~WeG=ZmqByfFQid3H=so`k)+Gadn9A{sf}10mtnPIIeHN zd8zLSa6+NLwaHqE^rfzWy|^v;`)vg&(C3`v%(!DF(iZTDrl0`*mHOq&7>fUpaTBke6{3l z@iq*GalR%)C1C%lCL6NCkPCGbR1f?wg+_o!fUnS%aR*WjslesQ1oQ;xu25a@us}X$ zlukp;P`-xiho#Xq%+ja>)ib`%4SMwl-m4ht!es1g5!dgUqOqh!los=R)~*a)3xd#>YkemZBx%qg@RiF5^N$G#3&S}w zox>FH9FYBtSCpPZ{jaY6{=Q7OGi<^J)I{JiIhWg%y)W2m^`ATT=XZX6&-AeDQ@`kt zOF_m}c7B<)tL4H*|FuC*#yvf@Mf<&#i&S%t&+ELm4vWa%zNWVyFE^D1*9^+W*Jk1Y z*T=ILca10?|I4MpW4!kEg>2Z}o5*b`pT23wlIq>vB@er&%4|;cJUoSZ#$XS>+B&=k9R8ir- zBR<+Y;r9H(mQ_CfTC>8a?dyIw>zTDf8a2aKP<`NxSLeaCAC)Ghv@ z|LTp4gjqJ>L2Eb99eb=`%!chgHpf`kyb|G|?%u$zIm-8Dw`^dWU53=$JQ`i{;b=GYy4#sYI^Q1FH&wB8Rjk=XyY11M zjHWoIcJ#_Lzl$Qp$f?aY&)?5`Fu-Ng!P8UIcF;Dq)35h&HfKLimnyB#CC)0X^mcL+ zjkY?}*LpB`{6sVN-5xvLB%f8LmwVH{#cv*)AhWm2Q`e|!de(2uD!e7g9lfjTPIHa) z(J|c>r>S)e6C9i_*vDn!TzoNnfpE&AM|0-Ap9MCpa-5=^KEHB z)w+{*%u+jB)sclx-?V$=`%nBVEWeSjICw00io zl)LM<;q9S04eX4E4SV;sJPy1vEx_S|y`Z{s$tmmJlh%2k`2G5?Zp_BqeZWj*pk`TP z-I^OCN35NF)Nj(X_u^|tzODR`y=j-X)5d(|`5z)=H5oNW_HHdI5IgUX471%>IeP!V zA6mCqT$}W+otkxMS+kWA9WEMoaN*E#{oA+=DXvF{V>_^Wt8zjr%}#x3?0CH@tK|2e zg08h{FWa_G%yuaIufn9mXu06eHfd$E&Um!4$9Ui;4=24{bHm~OhRbDB8~$W1V(Z*H za-5r@S^upmr?)iaMH>4@o-n#PCaxBo5gB@swf{EcUdY`m-FZFzxi{sxzE_A?=>?-@Nxl0P z{@m;Q$C>iY-<_+lmZ)mS{Z@wucBR#Qac99uD|P%FUGvAcRyH|on*MqJy;eIe#n*pX zS<<|vi^7_ZJ0`~`sj5FA{4J)r^lHM5 zpJz{YO6VFnz}b{(Inp<|=PT>`yOr&|BmTYrUfli5^DO7F1u}eztQ#=ztl% z^;gg3RsP&x<~`xZzRKMb>TF85xz@h<%*R>enq}f4>Mf=I6OIHmfA+BV!9M4%9ag%? z_a9N0hNgA;mVI4SlVay~^|GQv9j<(O%I-K(|8#XFv7&8p`Oa_uxW2sYYDiA`p_Bf% zbPN9#cw<84O+kNx*&`FFubuDGs(SbR?ZwgMn>Nt<9{2k_>R9r4QBzIg)SZv!AMF}^ zH}>+?(^ - Order Deny,Allow - Deny from all - Allow from all - - - - Order Deny,Allow - Deny from all - Allow from None + Order Deny,Allow + Deny from all + Allow from all diff --git a/install/rhel/roundcube-driver.php b/install/rhel/5/roundcube/vesta.php similarity index 100% rename from install/rhel/roundcube-driver.php rename to install/rhel/5/roundcube/vesta.php diff --git a/install/ubuntu/sudoers.admin.conf b/install/rhel/5/sudo/admin similarity index 56% rename from install/ubuntu/sudoers.admin.conf rename to install/rhel/5/sudo/admin index b4f870395..47e16098c 100644 --- a/install/ubuntu/sudoers.admin.conf +++ b/install/rhel/5/sudo/admin @@ -1,3 +1,7 @@ # Created by vesta installer +Defaults env_keep="VESTA" +Defaults:admin !syslog +Defaults:admin !requiretty + admin ALL=(ALL) ALL admin ALL=NOPASSWD:/usr/local/vesta/bin/* diff --git a/install/rhel/5/templates.tar.gz b/install/rhel/5/templates.tar.gz new file mode 100644 index 0000000000000000000000000000000000000000..6a2fd89099235ba19e1e41e099639d3b4b6d9b66 GIT binary patch literal 12995 zcmb8UQ*_}s3-NdV^|s_!eGsCO{IR2fa&c~qdHeAT?)y@$!MN4) z`6F10o}RY^1*w>x?R^t+DFmNHz@nM@bM#J-aLseH4<>BHgsK+>W3|`Yb~N-Zj!9Xh z*s7}r>SzJ{m`5)%Tc~{WQ>i`Y@+d0QeIzc1dZ=WUnBr(ijiTFOQe5M9%Dw`HEMJbc z?{Z_2Q?mfSW~&9($H;6Ta&Bc35Yh00s;s+KQ*tp!ba#l5p&#{_X_1eCmoq;Co?SX1 zsfR@Y)1Wt@JfN{?sij`UDFM6IY3Ej=Rq?p>e1GZ5(m%^^JKJb8+cU`C(fOA#*0co7 z3VOW8+#dXy&(OS}Ey%{0+L($`Mln%lt`WVLC2~5Luyt%s3VEA-r)JL!7FD}DQteO_ zMcW;P@?f4tBlf#Ju3%a~9aVcU8%q zso#=Z0cdcMxdSD{Jte3#N}u75PeoJ1lUv6{d%WB_ihdY`Z1bTog!%8iG#gz|zmj_z zT~?wK#oNcF5WkjcxbT=goy;2VhYl^?sH7H;0 zRmL97G@tfZx|H_gKTZ9o+T}9NZE%*&L>2gYLj7CygYg9*V4p$?^ypNclE3yOG$jMZ zY(Sn|%b&rX36--oF%)VhbFEAUN~m?!_^W8ASlh>GhQ-z}jlBEr2_;7A0LTGV%5FmJ^@h7u99U_DBB{E82KXOBnUqs z^arFT!2`|fh=GzDuXNP1+mpRk@8dB9e50EndwT< zgrFv}KmsF?B6-2VT}}0HkK3e>d6i?BYk(qLYIgxunv?P05j!gngN@8we}*-hpviXy zBkiF6P<}P-&VWBhYADQlZ6$$A8881#>jwHNqtqI&#Sq?F02~rYM5o=8hCl@se>9!2 z^WwA*9}im@X;Z3d*n^RqW|_5nXVF2_BJA|#;enraYZk5Y5+f8~XT;(*soStHY4gK^ z@dR%c>Q|z&?rj-rl>$rCkb^*8Karsa&-cB6C*%|Mg@60Xa$5UJDA8Ix+P_avZwaMx zab8oB{YsjXNikBh<9(j1;wrnQZ`pCjk%D0bT!HXgNim9?oY>Y1Gv$26bS9>MqXoUG zAN)BT^Wy60BW>4cvANo^9L+vm&i;`a12>@5t_!49)Sml5EQd?Z;b^%yLPp-DY^51= z-P>f*1P;0+kv?>a zsH~qprsg~T&A(*ilMzl7q)z7_b#r#g2~9BK#wXgtr1Z`>Z9xK0u;=c*idk$uQ#P~R z`uu@HdUF_pgr@r}WcseGj?|Npz3T7KZ-VP5$#j>ITu;-%<(2?Udv%ZchFiue- zJPoA8<+$@-tDHL0)3eVu3}{ZX~z$hr7V z^NcUtG^u;yB)!0~cy1|t_WO*?NasXNk?@a~LDEMnG71&z+&2h+`!SzE*uidl_BJ9s z>%4$Wvu`^7FXTo#(b9T&5fXMjbatV;95q$ zB#+#P6NOsc@v&zu3(TAjs9EYNaZ;rd3gYLUKV14Wd^*O%GAcJC#ytx4gD~h2Q1jr1 z`g}Eqisjvc3y7y{z`{?#`C(U8SXo>Jh4ska91Lh`yKuj!c`?NV1R-$gJXPGb-r$~q8z5?+1Fr`x8Z#qE$}eQu-2ck_f~aIaQwPkOmH3dQxy1mK?# z?Z(lvItht=7V?aS?hzD5Uo_wl9vEZ?+>;r2JMa5YCYI8;j)K>7xcL0UYloBRc6@uQ ze*YaC+D{N&$2XlzI@$>h&q#@!WB0hz#rZ2U=i%p3oI2n6fl?IqK9aOlptTR*?w+(G z@1@;m{$OTjO8*4kX>OG@3(CJ>sNuxTPv^xk&o-%#}w&t*%16Qg@2Y|iE;`TruMHx9jEax$(5da=+uT|xB zqkM3FWUX!n8fPUYyf0>hp@C1PP?66C-J4a~IqX-V=wn zK89qv%7zaUIazn&OJ*kZC$3CMmP$G{w(k+*iU?wKTsDVVCY`?baw-3CY?l#7^8fIt z(vAIt=1!G08%s`g5sMT|JncjL?x^A8kegs$%qwW$5weTi+=_pF| z8tuZFyrSI5S&lB>G9WX+wsaW&X11nq-MR#9Ls z3L64w;zejxZhGzg`$V@>Dit|0{JFXF_X2r1ep)h)0lq*#2As;F>6x3obkH?ya!&7S zzZd3aPZXnDTHI!J$rtCC$*Z}L{jXl-F3cWqm1_k%b-o=ZmfW{bpkE@6bVlYysTK8{ z|Gv2t&h>9FsL;rJXruwf6*pto<|AmAn|88-Cm-6&Vky%e`;9~}Ue{4*W@EIHNSF?w zoaMAXSP&;jtHXzzdC6>e+mj_EY()CywpqR=t9NLz`=%1q&i70RnSJbXJgxkx#T zALwUhYvH`urI6n+AxCwV>Bf~ZWiO$qM+UR&ap`}dL)x2sn8ReTe_sxmM0m&-{m?_v zDvIoHNv5rl+I*2hC_s8@I!i)0+>c`py=*fU@0jz9mxFt{t4M78HnPQ-~)DWmxQ3(2J_fE z04#{HhC0$9S()l5{-=kk<2z`btSF!3s}*%^iyifhPmUM)cBilnRkoPR-9vnowQdR4 zaqlLJ_d?CZ45tXpVOs@dR{3Qj zDmC7NvLZ8Mn<~B=Es21mnJWfiW}AL?x-k!IB^e=od{YguR{ z<|AOEUdq@js^0X$*M3}N!+;J_;c_bE{o)k3u7mx+&&l!_lTc=`)G-w6R9Uv5kq0!H zgZ0;+5y^!ENJghkwEu{ui9D6%ee32@Qa%CxLUYJ_;~qfTSAf+6=udq+V9jxgJPUXl zsXhRtXm*Kzi+_Bu2&JGymq;TG##|qBo*yP#(Sw(W6oC1X+l+L?-WO1mk9qd7X%3BK zpzLS;4hccfB`=x6JIoJ6*rUGV59qXn09UmW;9|=H^t?5_^=MQ&f&ptKiC`!)^veT) zN^CUJu+m5gHZ%7snOZq{{gDgsJcx07>CBX-8gx6!KX2^K7qqf?3|pJ+Ai!1;KeWkX zk%z5cGE4XsE#$FGNdQLrFWaqyz-jZ@e;*K~Z6COn7JU6}4>$ljU-Xo!N(4h%V}SKR z0K)9G#t3!(wUkM80%(T=fy&^#0wJOQfX@~mc)reQINxrC`hpMUW8dBP9^w1#SvJ1=ZEmuxm+R(Y5CIQDq_56x9^x`; zum1-QPuvU=zftVR9E7592VB#Xvhz?++s(`x_{ZnYca8wZu%Ww$RrESM*dYEt9SB{*Y*5MG!Qoh>rDItJ~SQ=irl zRYYY=tvyyNKFMUlbfLGAQ|*qhWf}nAglnHT!#!|TSk}guWCzoS(R0GcCH9~)AXoyg z-rbeswm*crhdO7|LTZF1`#1*xKlZF$2eTUhk4jBYHa|=Yi5j5dzq=5~!Qu^JV)GT6 z?i!jnh-K4z&w2!pD7~Iw*lpIP*?kZZ}4Z!Je&zzhgYi=(e=`TWZg>H z1*TCe4!m{qt4_Db_IMRgZ3tVJ!Uo%N6dPRq%DdAp|D2fDaGsa2NZ3~Sr#>4?) z&q4cuc;I**aI#If21=X+!S}poZvaNgPsY{lF~E1_Sf>{!+llRq>fPoYAG4)5W-gRt zGs%I}kQqlL-t-cCz(z$ zek@-(1#$9ej_lXzcY96(E~&(2V-aoXiTut$>j^x5 z(TlwAC;)}R6E{Ei^6S%(za@K$f=x))OzcG&ucr4B99$0Df3@B6jWSV$BrJpU?7l-3 zlN-CmGMWFCetKeweGb~ zo&-GbZ2ePK2JH(@HG$rAngbY@grFEt@O{hMgs?@D1&+lJ1i!ZOrYA(!6W#|B*zEq!_!$Ft1xPV*}lh1zWS1P6V~aue>TF zJ28HeDz1y&p2?)tR+8)Mq`xUe-i(BLkD+%?pl|lL z`0DKG4sA?rDun~))tk3*8ALJsMQfYCcwB{;vB2%csi|H3;-Y!_Rkv~Q%pz_}*_f1{ zU}uX7sjW@=jXqPmhsJ<~8ooL&CZgeFNDzU3O@{gfb{a0oSN6UwlA6_oWZ|vO!!$k}L=9{EYcOO?(L5w|2zUk6eX}?cH~En%PX|)&rleOY%J@uj$(r?rX^zHKxaMfEnf>3 z6z!FG#PVLbLuGs%ApzGQHbEhnjSXpl(AJUVZ4SObF zr!ov$z$`-Lb5?+CZ=3+l#nlp~`I_y@@ZTbwn!l4Fdd@ES>9c$cI=5^NmUpdA69^8A zm>O7`@GHOx&zA}8yJk9rZ*KjB=}0Kdx=r`pul$Ublbnb9h%J-#1rNICofx{#<+Fuv zdP(*c{4w`UUAq#Ni?;^e;YDY&3}ed<(P}Mwbe?Q=o5_+WljomXt!~5kUsv+_>*|^I zIO_2;$Dk#C3Gu&BT@v7NCFV6S#NC9&L5Ba!yA0 zM^No3@Edx!{U?w1$>h21LpZX-5MX`1mbKoJ0)edO!Hwt`ik8dXemKo8{+e|zlGtwh zQ*nN){U1GK$=N5Q}$vR@RG* zza;L=@BPqN0u!_Lb}rphN8Ikc5JqM1o{%fcfhqFZnvOGm>m%i={Tb!LQ<}e z7tWA2Y#ClyZ2f+8{MZlq#UyXorx!Fb5{8i@Eel||30hlbHx6}fo`cp#u&x63t5BP~ zqQHbF;k9F%ylY;|Q{emuRIM8*o!IX|d8e*|=>}>e-g<~CbOAn7%Z0+1w9{pc*esT= zY`L16OE;2&Oc?>`hlAJ*?Q3W1xaaG zmZK5hpyb9LgkLed`Ljl9O?=!CXg^}EBYXzz@}DeKcHbpdf8tyL)giIn0CkIa%fr+r z%mqC0AV@PMfg%8e3shH{fb;yy5C8`D>a$U?d|r=|y)RAwaIcFj=sM^)AcO zS3Di1XnY|<@2;yO(HvMHo)x(2Cs$4Ua};O;$M3<@O!SYf?A)VZ0CZ(DN1bV#-#N%- z2N!*pIN+>h+Im&*&x#0lP{iEmiyQFp&UCtuytFPqUzjYGDmZI|T`_O&>NtF`xw=m5 zy!D*h?c+P$A9Y8`4(HOKzNyDZlrzL6-&uGROaVE!Q2SuqK$U#t4kq#^wbkvMhMPhv z_{QPAM;{++xpt_95&7M#!Tt=1+LM!|!B;{jDa)Mxb9d{@PQOlYP)xv$4{fy=ZbxzZ zrpAs0ArzgLol9I*W&e_tncMjZwwd~e*oQ_Uy2QYVcGr!S#NQ)K%v?ge!`&c$vDK)k*Af+}mLi56=pKk3VTYxvmc5oaS;e$qA%WwgV|zVB)&Y<~DdnC- z5VUe4H3SD(l#B-K`az`#O&bj83ab`8;D%lk_P+9;IEUIv#RTdH%kfmN-D$aWg~II? zW~$8Xbt~c@(JsFAW1Q8k5QMx~*IUHfp z_M9UGWtr8%-yzIKUH*`?I-$~}qUxB`{la^9^h!=ES5zj_0VI8>C79kF;4XTm<6yis z+m02=&TEsLYj|M@F6@n`T{#Z&haMaoPZM()XXo_zc|+ezk4E0((vD|xI|Cly#KlA- z>8bT7miFHf1*9-yNgk%nW@*7AW+y88%sZI6p~^RT^QRtg;L-*UG*SHcms+ffU|{Jx zL>8m1by53rV(KgCuif$p$gN}Z ziW^Wxo&hb&L<8MYU~jrn>;iQ$4v|=#$qlje@+N4JLknuzBtX|Hati^J(62$|F)qN2 z$~6!|(G_#~i1g%OHV9w$`HV_TbzExa{H6nM^;2Yee)EN|;f15#{G|)`hso$t+4K%GO2w=luAdsMN}*hbxf!4p)RSUhuM0#5t&9-trhA!T1c;g)aa~IRR|?CrNaKoUUTAs-x0W zJQC9|Sw2I~j>p;BCq7rZ31B@I{s89((+Ckokol&RHTt zt5WV^u3KQ6&M5))vLa8ihFi0R8aa!I41!pNH1CdE`ahM5WCyT*&z>A9$HH(Y)m8}XBb>gB4dNbSa- zj^#u;iHO~kqUQ`c;T4pITX@VHqrXbJJhJ>Usrl1E=SEM7ziIxHbc^S98YG=VM={Nj z#7~7!KXG=0Gi@;){&pamh@-xIK7k2Nb2+7_R~>DInw&u&To#bRv$E`$SU{H+|wVCyEKzdDlNdk7*f0h@9k zXem)YgxcE@7^xQEmJyp<=8)-mP>+xqX^~%TyU7!>P+*-MEz*)3866ulCa{RW&CSph zOSJq_h=e4O@BL;XqF6u?QTib~;m;DUradk_NtiO&EffZcapCSW`Z;Q~v~>5IWX)DlMQ0|ct?Eh^L)GUe zt05#gS-_xp(1gXz?2oUWC40gk4NMF(1bQ0wa2tYPUi(40;02wpy0Mt)>7@6@Hn^|b z=$Dsg*5w-;?(x&n*!yu8acyol@;9&)B+gm2oPTOh@f2dbeI9vc;X@DlmB{Mv7KE> zt?n(;FIcxNXd=!p#V{s*h0j& zo}xPl$Oo`i2|w=LC!hgI?^L)s^|ydPh&S z1r%g&i?%Z2*|Y8I_~dBK1D1j7dpzXKr9Y+%lrJ;P`)ad`gzcNm&{Gn%+9|c#yA)F> z-S@=VE8CK4Xm6bs0TEIC1!eTJKZFS(P&7h zBH7o56nm|5TDwkKDTykrfTiH^+Rt_tLv}bi4%L6F7GCPQ>?-2L>f27!5&xrS!n}wHyaJ82KTV$8@}jEMo0@+6joG9w2P^DmE@OoIuVPUNV_2cyWt_QF znzT~T`cM#|uv+8rURbBXW^oO%u_j+5_mfA4Uh=1{88ge3Qud(_;MzJbb-_Q6aeUQU zQ(W-GWQ){T*Z! z>de^m7O}-LX4sF*i%#eSc%!|jBftCRS}%{YajGP>n%wEZwIM6~+orgZFU^_n~b zHM$)5!?!7twQ23-bT;P05#AD19phh^6jhtO0i>D+aTqmbRe&QCG^(mR=LT#ouj32G zCf%1PHSj}CWDA_|JQ4HU0L=Vr0MPyv?T`qW(x)q=28C(0K8uy z+nMp_AWxhcU^C^hXXC}$bT(TrRFmPuapmVj)^=Yz{HDQL^fO@(Ny@Xf|EL$dBeTFv zYOQQmR$}_qEIvW;Q}A3#o{o!1uNe6dV^V-{Z3i zdkt3QxZ3#E8Q|&#J=+xK+rHxZo-5&hcei-{d~=b$y?q>bn{drEBB|3uCn+232M^Qi z0;EBFk=!OX?jSvOy6AgAi`L83H8Av|+KjW;(-8_3?iqM+W%alcD;;&INpKtsM;dGf zBCq_|-p-`dc>E{vxnVNygv2l?pxM$w1~xUyUi!|PU$4$snw@k#Ci^RqDlx`>d|*;u z@m4xn$+S>*Oy)e77MY~G{D#ov_EBwzR8W{-{x&|w;6N-zzKmonC*{JY(nAW%E!*V$ zKhi52u^CspqFuDgl{@M}u)`KMt0l~jfr&(WB05ECRZa;U=Flwf0 zB-h2|)pw!SY$I2Rn~vK+iPxGz8KjEhM9!>qsQKq~+s7*MVtjC@T$8vA&C7%4~mn5Grh8ZSNu#E)&z>>BZ?uJyJ z)st$NLodc0ZQ&3{;Sep@dZwV}X>z3jz>YMI1_)G$pc4NTJ^$HBEhAujb=%nl#y+$+ z)YekVP+xUey>BaKXD%;pn(g?1am3$T$mIuBKjlmUzxuAx|-2&jWDwR0V-S!pC+FNw(3b!0*{S_Jim^`-6?#34{HX_W+i!17w_9I~)LOWz8F~JV*G`_SGfunfUFh zWA-*5g|@0AxUS(rf^TtZ%tf=+S<-O3b=~(Z&(~iH2)oi1t=O=7mk@1Ol7ko{r<{PC zm}{b7X#eu5<MD);FL6?E)0K!N&-{zf!9;-h-tO32IZ{o$ouOlRZEcQ zp7G7KLRoc{_V;Hu+LThV%G|*@RC#hpW?$~B$~+70N)@2aRIi$9F<@N_6|94vc_*INnU;`(|B^G-F`(Hy*wOwN zKh3N8lvs$-2QLRVZ2Ft4&6K?T-q^Z;Nf(9+>l2>V^QizRRZN?-P*RBv5JR z_RX=<0cc&*UIb__&ubKj0{7n}&fit#|3O{$HS<2CtOAtnIWN%5n%H;1zJNN2kJ7p1 z+YIbIQy?@k;si9ZyH!cQwtpQkcllwY=;)ff$nePHZ!oLRu2gbWRvLb>VSN*pgynqp^8Pqk`4c(hB`x%rNT zYEp)$-(UTR|4y`&+=;3^fu|*oy-#ud8v<^~JtzAXGb|gX!sdQk7wpG-Cf;N{<{a|J zF}zUw5tf*C3-A>AV&$lu`rkfS)7jXER|YxP#=g0G>i~i0TL0w=x4=YBOZEZ~8~I-_ zD*cYF4dQs(7OL9!UKO1D2_R9P@J&?u0;*r26TEML-G|@6`6v+fND$0jU2B-`@w_w- zKZL& z>giH`U=j5?OzU7jaxK*Q_fEla9dn*JfJ!dO6*Rp^ZK)+2^I778^>48Pbh#OjKV@bC zZx7v5H{-kkYN!r7gpG+Bc5p;HFwf$>1aPP=btdkcOV#_+aa!XtEHkwo;L_jptuAE>CAjp588 zap;c?*jD6QPBs*rN#z=ik^lO|jaP5_;`;2lgg|E4!WLVz8pJFWM|IbND6!IRs|+5q z8V~rCrq@{&MJs+CnS3=HB}PS{wUfrixgFXA>DAnGj*3{mn&I@pW}rfaUW7L6;P$J8 zX9>y6Li7GUfyxa00Pk9%V|wo;?XtpuJ)_*R zmYhDAxcXN-Fz;mF2J{e#yb$yGlN^v=QYJA)_Fbi!-nJd@MNd&>1(d#H`hrxy@V``F zTxV#$=x%PC^ZnL8yGa|?aLK>`{jWd>zzV`S{&$_vynV8Vdt@4&{Oc3gt}#!=-7JXM z!jw_WMc*xrtcoZgT<|kTVHSKo^BVQ4MGr2QYaSTnf4ubTBhJvR_opF;&E3NI zWqW@0vxLKVte+So3HP%w+NPR{)0}d&naD zhyDzPAm@~U@Ucb5sRhAUB@e97?+}lFW8IK#{AvJGbDIJHQEx2f<_=Xv% zFZOAV4{hr4Hm|$nhWdVm35J>ssQ3shm!+pDVXhGkgJf%UZo%7{bsdmxcQR^*;l8KZ z+iOszc6AAvmFxjXt@0y~hfsi()*v?Vxn+D%ca6QeDg}D^mku<2b=zZiU_SWK2O4JT zGzs`X2g>Vu+P2rBGYRsa&!)Zt>yO%53JrxDq>i$#foU7YZ$itT*(!@i80UgnV!hdL zS!PBN{My9$#*4-p_qfc?B$hhaT2zuS_|JU6gYi9% zC#8-1@R}lKP8ff@TMCKhL~}g58}uPhS!oVe)o)+n!<0_Y95aj0O_aKlm9Jx@loAz- zio)M2o!3pxaiaWhq=Pd9So2y2EGr}GZ8XlRJ32@HN~t=eGX)w&KK%95cA-ePL#lns z1YA`nc!+9_S4voBYCTIZte=^Db#SKD*!;w}{Hm6}H807Abt3#aX0BIIp`3{s2gN?0 zA8<4>S=Z<~W?lIaDtwR9#we^5i*DmCn!8WZzp-##q2aMq6Bb5v#kL!uZ5YN(+ZE6Z zU*1*y08Q_lDon!UpmXnlRJFqkm#9vneP1n0HcpRT*&Cma{4q?#^Wt7Z8$S2I%%ejE zA7`zrALztAK)Se;*~h<^!?0nGkD|?Q6hYL=j{RkZk5yPF}6vu5Gp-s-sJh*5IZH>SzniTy|R|11S$1f nSy|!Qq8n2-{Y3{JtgNJ|KlV AllowOverride All diff --git a/install/rhel/templates/web/httpd/basedir.tpl b/install/rhel/5/templates/web/httpd/basedir.tpl similarity index 84% rename from install/rhel/templates/web/httpd/basedir.tpl rename to install/rhel/5/templates/web/httpd/basedir.tpl index 94288db02..41b77334a 100755 --- a/install/rhel/templates/web/httpd/basedir.tpl +++ b/install/rhel/5/templates/web/httpd/basedir.tpl @@ -14,9 +14,7 @@ AllowOverride All Options +Includes -Indexes +ExecCGI - php_admin_value open_basedir %docroot%:%home%/%user%/tmp - php_admin_value upload_tmp_dir %home%/%user%/tmp - php_admin_value session.save_path %home%/%user%/tmp + php_admin_value open_basedir %docroot% AllowOverride All diff --git a/install/rhel/templates/web/httpd/default.stpl b/install/rhel/5/templates/web/httpd/default.stpl similarity index 100% rename from install/rhel/templates/web/httpd/default.stpl rename to install/rhel/5/templates/web/httpd/default.stpl diff --git a/install/rhel/templates/web/httpd/default.tpl b/install/rhel/5/templates/web/httpd/default.tpl similarity index 100% rename from install/rhel/templates/web/httpd/default.tpl rename to install/rhel/5/templates/web/httpd/default.tpl diff --git a/install/rhel/templates/web/httpd/hosting.stpl b/install/rhel/5/templates/web/httpd/hosting.stpl similarity index 100% rename from install/rhel/templates/web/httpd/hosting.stpl rename to install/rhel/5/templates/web/httpd/hosting.stpl diff --git a/install/rhel/templates/web/httpd/hosting.tpl b/install/rhel/5/templates/web/httpd/hosting.tpl similarity index 100% rename from install/rhel/templates/web/httpd/hosting.tpl rename to install/rhel/5/templates/web/httpd/hosting.tpl diff --git a/install/ubuntu/templates/web/apache2/phpcgi.sh b/install/rhel/5/templates/web/httpd/phpcgi.sh similarity index 100% rename from install/ubuntu/templates/web/apache2/phpcgi.sh rename to install/rhel/5/templates/web/httpd/phpcgi.sh diff --git a/install/rhel/templates/web/httpd/phpcgi.stpl b/install/rhel/5/templates/web/httpd/phpcgi.stpl similarity index 100% rename from install/rhel/templates/web/httpd/phpcgi.stpl rename to install/rhel/5/templates/web/httpd/phpcgi.stpl diff --git a/install/rhel/templates/web/httpd/phpcgi.tpl b/install/rhel/5/templates/web/httpd/phpcgi.tpl similarity index 100% rename from install/rhel/templates/web/httpd/phpcgi.tpl rename to install/rhel/5/templates/web/httpd/phpcgi.tpl diff --git a/install/ubuntu/templates/web/apache2/phpfcgid.sh b/install/rhel/5/templates/web/httpd/phpfcgid.sh similarity index 100% rename from install/ubuntu/templates/web/apache2/phpfcgid.sh rename to install/rhel/5/templates/web/httpd/phpfcgid.sh diff --git a/install/rhel/templates/web/httpd/phpfcgid.stpl b/install/rhel/5/templates/web/httpd/phpfcgid.stpl similarity index 100% rename from install/rhel/templates/web/httpd/phpfcgid.stpl rename to install/rhel/5/templates/web/httpd/phpfcgid.stpl diff --git a/install/rhel/templates/web/httpd/phpfcgid.tpl b/install/rhel/5/templates/web/httpd/phpfcgid.tpl similarity index 100% rename from install/rhel/templates/web/httpd/phpfcgid.tpl rename to install/rhel/5/templates/web/httpd/phpfcgid.tpl diff --git a/install/rhel/5/templates/web/nginx/caching.sh b/install/rhel/5/templates/web/nginx/caching.sh new file mode 100755 index 000000000..6eb9126db --- /dev/null +++ b/install/rhel/5/templates/web/nginx/caching.sh @@ -0,0 +1,12 @@ +#!/bin/bash + +user=$1 +domain=$2 +ip=$3 +home=$4 +docroot=$5 + +str="proxy_cache_path /var/cache/nginx/$domain levels=2" +str="$str keys_zone=$domain:10m inactive=60m max_size=512m;" +echo "$str" >> /etc/nginx/conf.d/01_caching_pool.conf + diff --git a/install/rhel/5/templates/web/nginx/caching.stpl b/install/rhel/5/templates/web/nginx/caching.stpl new file mode 100755 index 000000000..1109c924f --- /dev/null +++ b/install/rhel/5/templates/web/nginx/caching.stpl @@ -0,0 +1,44 @@ +server { + listen %ip%:%proxy_ssl_port%; + server_name %domain_idn% %alias_idn%; + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass http://%ip%:%web_port%; + + proxy_cache %domain%; + proxy_cache_valid 15m; + proxy_cache_valid 404 1m; + proxy_no_cache $no_cache; + proxy_cache_bypass $no_cache; + proxy_cache_bypass $cookie_session $http_x_update; + + location ~* ^.+\.(%proxy_extentions%)$ { + proxy_cache off; + root %docroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass http://%ip%:%web_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/5/templates/web/nginx/caching.tpl b/install/rhel/5/templates/web/nginx/caching.tpl new file mode 100755 index 000000000..6d727c67f --- /dev/null +++ b/install/rhel/5/templates/web/nginx/caching.tpl @@ -0,0 +1,41 @@ +server { + listen %ip%:%proxy_port%; + server_name %domain_idn% %alias_idn%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass http://%ip%:%web_port%; + + proxy_cache %domain%; + proxy_cache_valid 15m; + proxy_cache_valid 404 1m; + proxy_no_cache $no_cache; + proxy_cache_bypass $no_cache; + proxy_cache_bypass $cookie_session $http_x_update; + + location ~* ^.+\.(%proxy_extentions%)$ { + proxy_cache off; + root %docroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass http://%ip%:%web_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/templates/web/nginx/default.stpl b/install/rhel/5/templates/web/nginx/default.stpl similarity index 100% rename from install/rhel/templates/web/nginx/default.stpl rename to install/rhel/5/templates/web/nginx/default.stpl diff --git a/install/rhel/templates/web/nginx/default.tpl b/install/rhel/5/templates/web/nginx/default.tpl similarity index 100% rename from install/rhel/templates/web/nginx/default.tpl rename to install/rhel/5/templates/web/nginx/default.tpl diff --git a/install/ubuntu/templates/web/nginx/hosting.sh b/install/rhel/5/templates/web/nginx/hosting.sh similarity index 100% rename from install/ubuntu/templates/web/nginx/hosting.sh rename to install/rhel/5/templates/web/nginx/hosting.sh diff --git a/install/rhel/templates/web/nginx/hosting.stpl b/install/rhel/5/templates/web/nginx/hosting.stpl similarity index 100% rename from install/rhel/templates/web/nginx/hosting.stpl rename to install/rhel/5/templates/web/nginx/hosting.stpl diff --git a/install/rhel/templates/web/nginx/hosting.tpl b/install/rhel/5/templates/web/nginx/hosting.tpl similarity index 100% rename from install/rhel/templates/web/nginx/hosting.tpl rename to install/rhel/5/templates/web/nginx/hosting.tpl diff --git a/install/rhel/5/templates/web/nginx/php-fpm/cms_made_simple.stpl b/install/rhel/5/templates/web/nginx/php-fpm/cms_made_simple.stpl new file mode 100644 index 000000000..01d82b603 --- /dev/null +++ b/install/rhel/5/templates/web/nginx/php-fpm/cms_made_simple.stpl @@ -0,0 +1,51 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php?page=$request_uri; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/5/templates/web/nginx/php-fpm/cms_made_simple.tpl b/install/rhel/5/templates/web/nginx/php-fpm/cms_made_simple.tpl new file mode 100644 index 000000000..af452d19f --- /dev/null +++ b/install/rhel/5/templates/web/nginx/php-fpm/cms_made_simple.tpl @@ -0,0 +1,47 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php?page=$request_uri; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/5/templates/web/nginx/php-fpm/codeigniter2.stpl b/install/rhel/5/templates/web/nginx/php-fpm/codeigniter2.stpl new file mode 100644 index 000000000..a592a652d --- /dev/null +++ b/install/rhel/5/templates/web/nginx/php-fpm/codeigniter2.stpl @@ -0,0 +1,56 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location = /index.php { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME /var/www/html/ci$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location ~ \.php$ { + return 444; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/5/templates/web/nginx/php-fpm/codeigniter2.tpl b/install/rhel/5/templates/web/nginx/php-fpm/codeigniter2.tpl new file mode 100644 index 000000000..9b955aa6a --- /dev/null +++ b/install/rhel/5/templates/web/nginx/php-fpm/codeigniter2.tpl @@ -0,0 +1,52 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location = /index.php { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME /var/www/html/ci$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location ~ \.php$ { + return 444; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/5/templates/web/nginx/php-fpm/codeigniter3.stpl b/install/rhel/5/templates/web/nginx/php-fpm/codeigniter3.stpl new file mode 100644 index 000000000..4d330d34f --- /dev/null +++ b/install/rhel/5/templates/web/nginx/php-fpm/codeigniter3.stpl @@ -0,0 +1,51 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/5/templates/web/nginx/php-fpm/codeigniter3.tpl b/install/rhel/5/templates/web/nginx/php-fpm/codeigniter3.tpl new file mode 100644 index 000000000..1f446e5d3 --- /dev/null +++ b/install/rhel/5/templates/web/nginx/php-fpm/codeigniter3.tpl @@ -0,0 +1,47 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/5/templates/web/nginx/php-fpm/datalife_engine.stpl b/install/rhel/5/templates/web/nginx/php-fpm/datalife_engine.stpl new file mode 100644 index 000000000..d1b5bcd24 --- /dev/null +++ b/install/rhel/5/templates/web/nginx/php-fpm/datalife_engine.stpl @@ -0,0 +1,122 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + rewrite "^/page/([0-9]+)(/?)$" /index.php?cstart=$1 last; + + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&cstart=$5&news_name=$6&seourl=$6 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/print:page,([0-9]+),(.*).html(/?)+$" /engine/print.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_name=$4&seourl=$4 last; + + rewrite "^/([^.]+)/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$4&news_page=$2&cstart=$3&seourl=$5&seocat=$1 last; + rewrite "^/([^.]+)/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$2&seourl=$4&seocat=$1 last; + rewrite "^/([^.]+)/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$2&newsid=$3&seourl=$4&seocat=$1 last; + rewrite "^/([^.]+)/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&seourl=$3&seocat=$1 last; + + rewrite "^/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$1&cstart=$2&seourl=$4 last; + rewrite "^/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&news_page=$1&seourl=$3 last; + rewrite "^/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$1&newsid=$2&seourl=$3 last; + rewrite "^/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$1&seourl=$2 last; + + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2&day=$3 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&day=$3&cstart=$4 last; + + rewrite "^/([0-9]{4})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2 last; + rewrite "^/([0-9]{4})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&cstart=$3 last; + + rewrite "^/([0-9]{4})(/?)+$" /index.php?year=$1 last; + rewrite "^/([0-9]{4})/page/([0-9]+)(/?)+$" /index.php?year=$1&cstart=$2 last; + + rewrite "^/tags/([^/]*)(/?)+$" /index.php?do=tags&tag=$1 last; + rewrite "^/tags/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=tags&tag=$1&cstart=$2 last; + + rewrite "^/xfsearch/([^/]*)(/?)+$" /index.php?do=xfsearch&xf=$1 last; + rewrite "^/xfsearch/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=xfsearch&xf=$1&cstart=$2 last; + + rewrite "^/user/([^/]*)/rss.xml$" /engine/rss.php?subaction=allnews&user=$1 last; + rewrite "^/user/([^/]*)(/?)+$" /index.php?subaction=userinfo&user=$1 last; + rewrite "^/user/([^/]*)/page/([0-9]+)(/?)+$" /index.php?subaction=userinfo&user=$1&cstart=$2 last; + rewrite "^/user/([^/]*)/news(/?)+$" /index.php?subaction=allnews&user=$1 last; + rewrite "^/user/([^/]*)/news/page/([0-9]+)(/?)+$" /index.php?subaction=allnews&user=$1&cstart=$2 last; + rewrite "^/user/([^/]*)/news/rss.xml(/?)+$" /engine/rss.php?subaction=allnews&user=$1 last; + + rewrite "^/lastnews(/?)+$" /index.php?do=lastnews last; + rewrite "^/lastnews/page/([0-9]+)(/?)+$" /index.php?do=lastnews&cstart=$1 last; + + rewrite "^/catalog/([^/]*)/rss.xml$" /engine/rss.php?catalog=$1 last; + rewrite "^/catalog/([^/]*)(/?)+$" /index.php?catalog=$1 last; + rewrite "^/catalog/([^/]*)/page/([0-9]+)(/?)+$" /index.php?catalog=$1&cstart=$2 last; + + rewrite "^/newposts(/?)+$" /index.php?subaction=newposts last; + rewrite "^/newposts/page/([0-9]+)(/?)+$" /index.php?subaction=newposts&cstart=$1 last; + + rewrite "^/favorites(/?)+$" /index.php?do=favorites last; + rewrite "^/favorites/page/([0-9]+)(/?)+$" /index.php?do=favorites&cstart=$1 last; + + rewrite "^/rules.html$" /index.php?do=rules last; + rewrite "^/statistics.html$" /index.php?do=stats last; + rewrite "^/addnews.html$" /index.php?do=addnews last; + rewrite "^/rss.xml$" /engine/rss.php last; + rewrite "^/sitemap.xml$" /uploads/sitemap.xml last; + + if (!-d $request_filename) { + rewrite "^/([^.]+)/page/([0-9]+)(/?)+$" /index.php?do=cat&category=$1&cstart=$2 last; + rewrite "^/([^.]+)/?$" /index.php?do=cat&category=$1 last; + } + + if (!-f $request_filename) { + rewrite "^/([^.]+)/rss.xml$" /engine/rss.php?do=cat&category=$1 last; + rewrite "^/page,([0-9]+),([^/]+).html$" /index.php?do=static&page=$2&news_page=$1 last; + rewrite "^/print:([^/]+).html$" /engine/print.php?do=static&page=$1 last; + } + + if (!-f $request_filename) { + rewrite "^/([^/]+).html$" /index.php?do=static&page=$1 last; + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/5/templates/web/nginx/php-fpm/datalife_engine.tpl b/install/rhel/5/templates/web/nginx/php-fpm/datalife_engine.tpl new file mode 100644 index 000000000..ff33c2325 --- /dev/null +++ b/install/rhel/5/templates/web/nginx/php-fpm/datalife_engine.tpl @@ -0,0 +1,118 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + rewrite "^/page/([0-9]+)(/?)$" /index.php?cstart=$1 last; + + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&cstart=$5&news_name=$6&seourl=$6 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/print:page,([0-9]+),(.*).html(/?)+$" /engine/print.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_name=$4&seourl=$4 last; + + rewrite "^/([^.]+)/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$4&news_page=$2&cstart=$3&seourl=$5&seocat=$1 last; + rewrite "^/([^.]+)/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$2&seourl=$4&seocat=$1 last; + rewrite "^/([^.]+)/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$2&newsid=$3&seourl=$4&seocat=$1 last; + rewrite "^/([^.]+)/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&seourl=$3&seocat=$1 last; + + rewrite "^/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$1&cstart=$2&seourl=$4 last; + rewrite "^/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&news_page=$1&seourl=$3 last; + rewrite "^/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$1&newsid=$2&seourl=$3 last; + rewrite "^/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$1&seourl=$2 last; + + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2&day=$3 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&day=$3&cstart=$4 last; + + rewrite "^/([0-9]{4})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2 last; + rewrite "^/([0-9]{4})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&cstart=$3 last; + + rewrite "^/([0-9]{4})(/?)+$" /index.php?year=$1 last; + rewrite "^/([0-9]{4})/page/([0-9]+)(/?)+$" /index.php?year=$1&cstart=$2 last; + + rewrite "^/tags/([^/]*)(/?)+$" /index.php?do=tags&tag=$1 last; + rewrite "^/tags/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=tags&tag=$1&cstart=$2 last; + + rewrite "^/xfsearch/([^/]*)(/?)+$" /index.php?do=xfsearch&xf=$1 last; + rewrite "^/xfsearch/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=xfsearch&xf=$1&cstart=$2 last; + + rewrite "^/user/([^/]*)/rss.xml$" /engine/rss.php?subaction=allnews&user=$1 last; + rewrite "^/user/([^/]*)(/?)+$" /index.php?subaction=userinfo&user=$1 last; + rewrite "^/user/([^/]*)/page/([0-9]+)(/?)+$" /index.php?subaction=userinfo&user=$1&cstart=$2 last; + rewrite "^/user/([^/]*)/news(/?)+$" /index.php?subaction=allnews&user=$1 last; + rewrite "^/user/([^/]*)/news/page/([0-9]+)(/?)+$" /index.php?subaction=allnews&user=$1&cstart=$2 last; + rewrite "^/user/([^/]*)/news/rss.xml(/?)+$" /engine/rss.php?subaction=allnews&user=$1 last; + + rewrite "^/lastnews(/?)+$" /index.php?do=lastnews last; + rewrite "^/lastnews/page/([0-9]+)(/?)+$" /index.php?do=lastnews&cstart=$1 last; + + rewrite "^/catalog/([^/]*)/rss.xml$" /engine/rss.php?catalog=$1 last; + rewrite "^/catalog/([^/]*)(/?)+$" /index.php?catalog=$1 last; + rewrite "^/catalog/([^/]*)/page/([0-9]+)(/?)+$" /index.php?catalog=$1&cstart=$2 last; + + rewrite "^/newposts(/?)+$" /index.php?subaction=newposts last; + rewrite "^/newposts/page/([0-9]+)(/?)+$" /index.php?subaction=newposts&cstart=$1 last; + + rewrite "^/favorites(/?)+$" /index.php?do=favorites last; + rewrite "^/favorites/page/([0-9]+)(/?)+$" /index.php?do=favorites&cstart=$1 last; + + rewrite "^/rules.html$" /index.php?do=rules last; + rewrite "^/statistics.html$" /index.php?do=stats last; + rewrite "^/addnews.html$" /index.php?do=addnews last; + rewrite "^/rss.xml$" /engine/rss.php last; + rewrite "^/sitemap.xml$" /uploads/sitemap.xml last; + + if (!-d $request_filename) { + rewrite "^/([^.]+)/page/([0-9]+)(/?)+$" /index.php?do=cat&category=$1&cstart=$2 last; + rewrite "^/([^.]+)/?$" /index.php?do=cat&category=$1 last; + } + + if (!-f $request_filename) { + rewrite "^/([^.]+)/rss.xml$" /engine/rss.php?do=cat&category=$1 last; + rewrite "^/page,([0-9]+),([^/]+).html$" /index.php?do=static&page=$2&news_page=$1 last; + rewrite "^/print:([^/]+).html$" /engine/print.php?do=static&page=$1 last; + } + + if (!-f $request_filename) { + rewrite "^/([^/]+).html$" /index.php?do=static&page=$1 last; + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/5/templates/web/nginx/php-fpm/default.stpl b/install/rhel/5/templates/web/nginx/php-fpm/default.stpl new file mode 100644 index 000000000..a68c99861 --- /dev/null +++ b/install/rhel/5/templates/web/nginx/php-fpm/default.stpl @@ -0,0 +1,50 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/rhel/5/templates/web/nginx/php-fpm/default.tpl b/install/rhel/5/templates/web/nginx/php-fpm/default.tpl new file mode 100644 index 000000000..b143e53ba --- /dev/null +++ b/install/rhel/5/templates/web/nginx/php-fpm/default.tpl @@ -0,0 +1,46 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/5/templates/web/nginx/php-fpm/dokuwiki.stpl b/install/rhel/5/templates/web/nginx/php-fpm/dokuwiki.stpl new file mode 100644 index 000000000..27483cd8c --- /dev/null +++ b/install/rhel/5/templates/web/nginx/php-fpm/dokuwiki.stpl @@ -0,0 +1,67 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + index doku.php; + try_files $uri $uri/ @dokuwiki; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location ^~ /lib/ { + expires 30d; + } + + location ^~ /conf/ { return 403; } + location ^~ /data/ { return 403; } + + location @dokuwiki { + rewrite ^/_media/(.*) /lib/exe/fetch.php?media=$1 last; + rewrite ^/_detail/(.*) /lib/exe/detail.php?media=$1 last; + rewrite ^/_export/([^/]+)/(.*) /doku.php?do=export_$1&id=$2 last; + rewrite ^/(.*) /doku.php?id=$1 last; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/5/templates/web/nginx/php-fpm/dokuwiki.tpl b/install/rhel/5/templates/web/nginx/php-fpm/dokuwiki.tpl new file mode 100644 index 000000000..31647c9ff --- /dev/null +++ b/install/rhel/5/templates/web/nginx/php-fpm/dokuwiki.tpl @@ -0,0 +1,62 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + index doku.php; + try_files $uri $uri/ @dokuwiki; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location ^~ /lib/ { + expires 30d; + } + + location ^~ /conf/ { return 403; } + location ^~ /data/ { return 403; } + location @dokuwiki { + rewrite ^/_media/(.*) /lib/exe/fetch.php?media=$1 last; + rewrite ^/_detail/(.*) /lib/exe/detail.php?media=$1 last; + rewrite ^/_export/([^/]+)/(.*) /doku.php?do=export_$1&id=$2 last; + rewrite ^/(.*) /doku.php?id=$1 last; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/5/templates/web/nginx/php-fpm/drupal.stpl b/install/rhel/5/templates/web/nginx/php-fpm/drupal.stpl new file mode 100644 index 000000000..9a5484396 --- /dev/null +++ b/install/rhel/5/templates/web/nginx/php-fpm/drupal.stpl @@ -0,0 +1,101 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~* \.(txt|log)$ { + allow 192.168.0.0/16; + deny all; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + # No no for private + location ~ ^/sites/.*/private/ { + return 403; + } + + # Block access to "hidden" files and directories whose names begin with a + # period. This includes directories used by version control systems such + # as Subversion or Git to store control files. + location ~ (^|/)\. { + return 403; + } + + location / { + try_files $uri @rewrite; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $request_filename; + fastcgi_intercept_errors on; + include /etc/nginx/fastcgi_params; + } + } + + location @rewrite { + # You have 2 options here + # For D7 and above: + # Clean URLs are handled in drupal_environment_initialize(). + rewrite ^ /index.php; + + # For Drupal 6 and bwlow: + # Some modules enforce no slash (/) at the end of the URL + # Else this rewrite block wouldn't be needed (GlobalRedirect) + #rewrite ^/(.*)$ /index.php?q=$1; + } + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/5/templates/web/nginx/php-fpm/drupal.tpl b/install/rhel/5/templates/web/nginx/php-fpm/drupal.tpl new file mode 100644 index 000000000..417762c18 --- /dev/null +++ b/install/rhel/5/templates/web/nginx/php-fpm/drupal.tpl @@ -0,0 +1,98 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + # Very rarely should these ever be accessed outside of your lan + location ~* \.(txt|log)$ { + allow 192.168.0.0/16; + deny all; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + # No no for private + location ~ ^/sites/.*/private/ { + return 403; + } + + # Block access to "hidden" files and directories whose names begin with a + # period. This includes directories used by version control systems such + # as Subversion or Git to store control files. + location ~ (^|/)\. { + return 403; + } + + location / { + try_files $uri @rewrite; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $request_filename; + fastcgi_intercept_errors on; + include /etc/nginx/fastcgi_params; + } + } + + location @rewrite { + # You have 2 options here + # For D7 and above: + # Clean URLs are handled in drupal_environment_initialize(). + rewrite ^ /index.php; + + # For Drupal 6 and bwlow: + # Some modules enforce no slash (/) at the end of the URL + # Else this rewrite block wouldn't be needed (GlobalRedirect) + #rewrite ^/(.*)$ /index.php?q=$1; + } + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/5/templates/web/nginx/php-fpm/joomla.stpl b/install/rhel/5/templates/web/nginx/php-fpm/joomla.stpl new file mode 100644 index 000000000..235a01216 --- /dev/null +++ b/install/rhel/5/templates/web/nginx/php-fpm/joomla.stpl @@ -0,0 +1,58 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + # deny running scripts inside writable directories + location ~* /(images|cache|media|logs|tmp)/.*\.(php|pl|py|jsp|asp|sh|cgi)$ { + return 403; + error_page 403 /403_error.html; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/5/templates/web/nginx/php-fpm/joomla.tpl b/install/rhel/5/templates/web/nginx/php-fpm/joomla.tpl new file mode 100644 index 000000000..997c268de --- /dev/null +++ b/install/rhel/5/templates/web/nginx/php-fpm/joomla.tpl @@ -0,0 +1,54 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + # deny running scripts inside writable directories + location ~* /(images|cache|media|logs|tmp)/.*\.(php|pl|py|jsp|asp|sh|cgi)$ { + return 403; + error_page 403 /403_error.html; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/5/templates/web/nginx/php-fpm/owncloud.stpl b/install/rhel/5/templates/web/nginx/php-fpm/owncloud.stpl new file mode 100644 index 000000000..8311ca43f --- /dev/null +++ b/install/rhel/5/templates/web/nginx/php-fpm/owncloud.stpl @@ -0,0 +1,80 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect; + rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect; + rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect; + + error_page 403 = /core/templates/403.php; + error_page 404 = /core/templates/404.php; + + location ~ ^/(?:\.htaccess|data|config|db_structure\.xml|README){ + deny all; + } + + location / { + # The following 2 rules are only needed with webfinger + rewrite ^/.well-known/host-meta /public.php?service=host-meta last; + rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last; + rewrite ^/.well-known/carddav /remote.php/carddav/ redirect; + rewrite ^/.well-known/caldav /remote.php/caldav/ redirect; + rewrite ^(/core/doc/[^\/]+/)$ $1/index.html; + try_files $uri $uri/ /index.php; + + location ~ \.php(?:$|/) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param PATH_INFO $fastcgi_path_info; + #fastcgi_param HTTPS on; + fastcgi_pass %backend_lsnr%; + } + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + # Some basic cache-control for static files to be sent to the browser + add_header Pragma public; + add_header Cache-Control "public, must-revalidate, proxy-revalidate"; + } + + #error_page 403 /error/404.html; + #error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/5/templates/web/nginx/php-fpm/owncloud.tpl b/install/rhel/5/templates/web/nginx/php-fpm/owncloud.tpl new file mode 100644 index 000000000..57cac2f85 --- /dev/null +++ b/install/rhel/5/templates/web/nginx/php-fpm/owncloud.tpl @@ -0,0 +1,76 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect; + rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect; + rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect; + + error_page 403 = /core/templates/403.php; + error_page 404 = /core/templates/404.php; + + location ~ ^/(?:\.htaccess|data|config|db_structure\.xml|README){ + deny all; + } + + location / { + # The following 2 rules are only needed with webfinger + rewrite ^/.well-known/host-meta /public.php?service=host-meta last; + rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last; + rewrite ^/.well-known/carddav /remote.php/carddav/ redirect; + rewrite ^/.well-known/caldav /remote.php/caldav/ redirect; + rewrite ^(/core/doc/[^\/]+/)$ $1/index.html; + try_files $uri $uri/ /index.php; + + location ~ \.php(?:$|/) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param PATH_INFO $fastcgi_path_info; + #fastcgi_param HTTPS on; + fastcgi_pass %backend_lsnr%; + } + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + # Some basic cache-control for static files to be sent to the browser + add_header Pragma public; + add_header Cache-Control "public, must-revalidate, proxy-revalidate"; + } + + #error_page 403 /error/404.html; + #error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/5/templates/web/nginx/php-fpm/piwik.stpl b/install/rhel/5/templates/web/nginx/php-fpm/piwik.stpl new file mode 100644 index 000000000..c53af4011 --- /dev/null +++ b/install/rhel/5/templates/web/nginx/php-fpm/piwik.stpl @@ -0,0 +1,68 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + try_files /favicon.ico =204; + } + + location / { + try_files $uri /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + valid_referers none blocked %domain_idn% %alias_idn%; + if ($invalid_referer) { + return 444; + } + expires max; + } + + location ~* ^/(?:index|piwik)\.php$ { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + # Any other attempt to access PHP files returns a 404. + location ~* ^.+\.php$ { + return 404; + } + + # Return a 404 for all text files. + location ~* ^/(?:README|LICENSE[^.]*|LEGALNOTICE)(?:\.txt)*$ { + return 404; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/5/templates/web/nginx/php-fpm/piwik.tpl b/install/rhel/5/templates/web/nginx/php-fpm/piwik.tpl new file mode 100644 index 000000000..6b4a94a68 --- /dev/null +++ b/install/rhel/5/templates/web/nginx/php-fpm/piwik.tpl @@ -0,0 +1,64 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + try_files /favicon.ico =204; + } + + location / { + try_files $uri /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + valid_referers none blocked %domain_idn% %alias_idn%; + if ($invalid_referer) { + return 444; + } + expires max; + } + + location ~* ^/(?:index|piwik)\.php$ { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + # Any other attempt to access PHP files returns a 404. + location ~* ^.+\.php$ { + return 404; + } + + # Return a 404 for all text files. + location ~* ^/(?:README|LICENSE[^.]*|LEGALNOTICE)(?:\.txt)*$ { + return 404; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/5/templates/web/nginx/php-fpm/pyrocms.stpl b/install/rhel/5/templates/web/nginx/php-fpm/pyrocms.stpl new file mode 100644 index 000000000..a6fc67556 --- /dev/null +++ b/install/rhel/5/templates/web/nginx/php-fpm/pyrocms.stpl @@ -0,0 +1,61 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location /installer { + try_files $uri $uri/ /installer/index.php; + } + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location = /robots.txt { access_log off; log_not_found off; } + location = /favicon.ico { access_log off; log_not_found off; } + location ~ /\. { access_log off; log_not_found off; deny all; } + location ~ ~$ { access_log off; log_not_found off; deny all; } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/5/templates/web/nginx/php-fpm/pyrocms.tpl b/install/rhel/5/templates/web/nginx/php-fpm/pyrocms.tpl new file mode 100644 index 000000000..68b378efd --- /dev/null +++ b/install/rhel/5/templates/web/nginx/php-fpm/pyrocms.tpl @@ -0,0 +1,57 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location /installer { + try_files $uri $uri/ /installer/index.php; + } + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location = /robots.txt { access_log off; log_not_found off; } + location = /favicon.ico { access_log off; log_not_found off; } + location ~ /\. { access_log off; log_not_found off; deny all; } + location ~ ~$ { access_log off; log_not_found off; deny all; } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/5/templates/web/nginx/php-fpm/wordpress.stpl b/install/rhel/5/templates/web/nginx/php-fpm/wordpress.stpl new file mode 100644 index 000000000..910c28b69 --- /dev/null +++ b/install/rhel/5/templates/web/nginx/php-fpm/wordpress.stpl @@ -0,0 +1,50 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/5/templates/web/nginx/php-fpm/wordpress.tpl b/install/rhel/5/templates/web/nginx/php-fpm/wordpress.tpl new file mode 100644 index 000000000..b143e53ba --- /dev/null +++ b/install/rhel/5/templates/web/nginx/php-fpm/wordpress.tpl @@ -0,0 +1,46 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/5/templates/web/nginx/php-fpm/wordpress2.stpl b/install/rhel/5/templates/web/nginx/php-fpm/wordpress2.stpl new file mode 100644 index 000000000..2822f8754 --- /dev/null +++ b/install/rhel/5/templates/web/nginx/php-fpm/wordpress2.stpl @@ -0,0 +1,62 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/5/templates/web/nginx/php-fpm/wordpress2.tpl b/install/rhel/5/templates/web/nginx/php-fpm/wordpress2.tpl new file mode 100644 index 000000000..37b8be305 --- /dev/null +++ b/install/rhel/5/templates/web/nginx/php-fpm/wordpress2.tpl @@ -0,0 +1,58 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/templates/web/nginx/proxy_ip.tpl b/install/rhel/5/templates/web/nginx/proxy_ip.tpl similarity index 100% rename from install/ubuntu/templates/web/nginx/proxy_ip.tpl rename to install/rhel/5/templates/web/nginx/proxy_ip.tpl diff --git a/install/rhel/5/templates/web/php-fpm/default.tpl b/install/rhel/5/templates/web/php-fpm/default.tpl new file mode 100644 index 000000000..44ccf7a42 --- /dev/null +++ b/install/rhel/5/templates/web/php-fpm/default.tpl @@ -0,0 +1,18 @@ +[%backend%] +listen = 127.0.0.1:%backend_port% +listen.allowed_clients = 127.0.0.1 + +user = %user% +group = %user% + +pm = dynamic +pm.max_children = 50 +pm.start_servers = 3 +pm.min_spare_servers = 2 +pm.max_spare_servers = 10 + +env[HOSTNAME] = $HOSTNAME +env[PATH] = /usr/local/bin:/usr/bin:/bin +env[TMP] = /tmp +env[TMPDIR] = /tmp +env[TEMP] = /tmp diff --git a/install/rhel/5/templates/web/php-fpm/no-php.tpl b/install/rhel/5/templates/web/php-fpm/no-php.tpl new file mode 100644 index 000000000..89487d5f5 --- /dev/null +++ b/install/rhel/5/templates/web/php-fpm/no-php.tpl @@ -0,0 +1,13 @@ +#[%backend%] +#user = %user% +#group = %user% +#listen = /dev/null + +#listen.owner = %user% +#listen.group = nginx + +#pm = dynamic +#pm.max_children = 50 +#pm.start_servers = 3 +#pm.min_spare_servers = 2 +#pm.max_spare_servers = 10 diff --git a/install/rhel/5/templates/web/php-fpm/socket.tpl b/install/rhel/5/templates/web/php-fpm/socket.tpl new file mode 100644 index 000000000..f0513da3e --- /dev/null +++ b/install/rhel/5/templates/web/php-fpm/socket.tpl @@ -0,0 +1,21 @@ +[%backend%] +listen = /var/run/php5-%backend%.sock +listen.allowed_clients = 127.0.0.1 + +user = %user% +group = %user% + +listen.owner = %user% +listen.group = nginx + +pm = dynamic +pm.max_children = 50 +pm.start_servers = 3 +pm.min_spare_servers = 2 +pm.max_spare_servers = 10 + +env[HOSTNAME] = $HOSTNAME +env[PATH] = /usr/local/bin:/usr/bin:/bin +env[TMP] = /tmp +env[TMPDIR] = /tmp +env[TEMP] = /tmp diff --git a/install/debian/templates/web/skel/document_errors/403.html b/install/rhel/5/templates/web/skel/document_errors/403.html similarity index 100% rename from install/debian/templates/web/skel/document_errors/403.html rename to install/rhel/5/templates/web/skel/document_errors/403.html diff --git a/install/debian/templates/web/skel/document_errors/404.html b/install/rhel/5/templates/web/skel/document_errors/404.html similarity index 100% rename from install/debian/templates/web/skel/document_errors/404.html rename to install/rhel/5/templates/web/skel/document_errors/404.html diff --git a/install/debian/templates/web/skel/document_errors/50x.html b/install/rhel/5/templates/web/skel/document_errors/50x.html similarity index 100% rename from install/debian/templates/web/skel/document_errors/50x.html rename to install/rhel/5/templates/web/skel/document_errors/50x.html diff --git a/install/ubuntu/templates/web/skel/public_html/index.html b/install/rhel/5/templates/web/skel/public_html/index.html similarity index 100% rename from install/ubuntu/templates/web/skel/public_html/index.html rename to install/rhel/5/templates/web/skel/public_html/index.html diff --git a/install/ubuntu/templates/web/skel/public_html/robots.txt b/install/rhel/5/templates/web/skel/public_html/robots.txt similarity index 100% rename from install/ubuntu/templates/web/skel/public_html/robots.txt rename to install/rhel/5/templates/web/skel/public_html/robots.txt diff --git a/install/ubuntu/templates/web/skel/public_shtml/index.html b/install/rhel/5/templates/web/skel/public_shtml/index.html similarity index 100% rename from install/ubuntu/templates/web/skel/public_shtml/index.html rename to install/rhel/5/templates/web/skel/public_shtml/index.html diff --git a/install/ubuntu/templates/web/skel/public_shtml/robots.txt b/install/rhel/5/templates/web/skel/public_shtml/robots.txt similarity index 100% rename from install/ubuntu/templates/web/skel/public_shtml/robots.txt rename to install/rhel/5/templates/web/skel/public_shtml/robots.txt diff --git a/install/ubuntu/templates/web/suspend/.htaccess b/install/rhel/5/templates/web/suspend/.htaccess similarity index 100% rename from install/ubuntu/templates/web/suspend/.htaccess rename to install/rhel/5/templates/web/suspend/.htaccess diff --git a/install/debian/templates/web/suspend/index.html b/install/rhel/5/templates/web/suspend/index.html similarity index 100% rename from install/debian/templates/web/suspend/index.html rename to install/rhel/5/templates/web/suspend/index.html diff --git a/install/ubuntu/templates/web/webalizer/webalizer.tpl b/install/rhel/5/templates/web/webalizer/webalizer.tpl similarity index 100% rename from install/ubuntu/templates/web/webalizer/webalizer.tpl rename to install/rhel/5/templates/web/webalizer/webalizer.tpl diff --git a/install/rhel/vsftpd.conf b/install/rhel/5/vsftpd/vsftpd.conf similarity index 100% rename from install/rhel/vsftpd.conf rename to install/rhel/5/vsftpd/vsftpd.conf diff --git a/install/rhel/5/wsgi/httpd.tar.gz b/install/rhel/5/wsgi/httpd.tar.gz new file mode 100644 index 0000000000000000000000000000000000000000..b25acd68e8a2a11305b57b3f2f79f7bbf0cb4995 GIT binary patch literal 1311 zcmV+)1>pK0iwFSs4QNsT1MOGqZ`(Kw?`QuNS{9?*uC-&QNr9p%kW14vcWKil>Gold zK(&=vt1TIl(kvMIzaM2guRd{)bU4fe@~}kyNRc#21xm%fy|qy)0qs{R>2G!YH=`}b zb<1w4RNb%aZlV1r9vi+%>#2vu7*;E!JxE8#5s-# zGJPIl%7)ZuX0m7EkYYKMN>Da7SJ>;?WymDJ9;WNZ+?zy%sUGK`P5Rsu@Gq0`1dUZ) zVk|Y-9#JBBpIlBoU?!rrDW(bHS5HXL2_XO(mZcOF34Bh!9*nDdT5$4-?i* zx<4V`iFXOyEx{)-N(GTQ)=%k~8jxK)>hLjGhJ_vSv7NeiCKZV^uEv)OMb_0!5s8xT ze+B>?$m0?Ch4=|VQ(OEu0Fo1Gm_+*Um>t3Gfn!#_UMfJ6IhS9KNJ({yOy^+W)C(AIGc^=c)55<{TB5f zN`_=RNfn83jJ<$lewnK|x}%k<>s5VqDe0K$d}|*+g#S2@Ha{uxD`+44t@be{5oZ^I zdqirRzVAZ7Fw)SqOhJM_e~42~B5Mv(fgsqIwF>g7j6*!zWl$Yz=8smddwFq-;+YCK z+l{dbYEPt2Ea(k{!1ljkHs;H9!fx!4UfC&(YgKJY6#+Q!8jrJ=V}6Y60O?yeKgAkH zJ&r>iYRXymuKs9sy1&;uxA#1EFYOmq>ahgZnbT$?zS!=@T9HIeC=ZQR8?~7am11f0 z*(6l-hLWi~!^#WLDQ131guDmv+X>g2`m?A*+4ai4@QFZJ@9p@6&DIS=Bf%rRd;hgd zR@%%9Ct&w_RCFFEp^>Zg!CKS>z5mWI4(*kO0f0Zdf93S=Xm$PzHl*X3`Om4kWtjh* zea9_TOM81T|G9hBy?p+A33~m?)-%)NgkC={K7kyZlu z?-mRi!*97@=n^vYspi-t&?FQwKt)#Xkj}bYnT&nN z(hr8wBU1r&KAQ`=Y_Zbd44UeX)4||kc-rj`Zqe82bZQmd&z6{cE}~E8jW2WFp6+>H z-&pV7!iG-p1KTdT_UEF5KJ{wllC#tKau>MQe1F;O4~8f0PV>Be*1Scpc1I5aX00kQ zIK_P5ukTz8G-v@Gp $docroot/.htaccess +chown $user:$user $docroot/.htaccess + + +echo "import os, sys +sys.path.insert(0, '$home_dir/$user/web/$domain/private/django/$domain/env/lib/python2.6/site-packages') +sys.path.insert(0, '$home_dir/$user/web/$domain/private/django/$domain/project/src/shared/') +sys.path.insert(0, '$home_dir/$user/web/$domain/private/django/$domain/project/src/') + +os.environ['DJANGO_SETTINGS_MODULE'] = 'main.settings' +import django.core.handlers.wsgi +application = django.core.handlers.wsgi.WSGIHandler()" > $docroot/django.wsgi +chown $user:$user $docroot/django.wsgi + +exit 0 diff --git a/install/rhel/5/wsgi/httpd/wsgi.stpl b/install/rhel/5/wsgi/httpd/wsgi.stpl new file mode 100755 index 000000000..e2fdd3f40 --- /dev/null +++ b/install/rhel/5/wsgi/httpd/wsgi.stpl @@ -0,0 +1,49 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + + RMode config + RUidGid %user% %group% + RGroups apache + + + AssignUserID %user% %group% + + + WSGIDaemonProcess apx-idea user=%user% group=%user% processes=1 threads=5 display-name=%{GROUP} python-path=%home%/%user%/web/%domain%/private/django/%domain%/env/lib/python2.6/site-packages + WSGIProcessGroup apx-idea + WSGIApplicationGroup %{GLOBAL} + + + + AllowOverride FileInfo + Options ExecCGI Indexes + MultiviewsMatch Handlers + Options +FollowSymLinks + Order allow,deny + Allow from all + + + Include %home%/%user%/conf/web/s%web_system%.%domain%.conf* + + + diff --git a/install/rhel/5/wsgi/httpd/wsgi.tpl b/install/rhel/5/wsgi/httpd/wsgi.tpl new file mode 100644 index 000000000..ad5d8a076 --- /dev/null +++ b/install/rhel/5/wsgi/httpd/wsgi.tpl @@ -0,0 +1,44 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + + + + RMode config + RUidGid %user% %group% + RGroups apache + + + AssignUserID %user% %group% + + + WSGIDaemonProcess apx-idea user=%user% group=%user% processes=1 threads=5 display-name=%{GROUP} python-path=%home%/%user%/web/%domain%/private/django/%domain%/env/lib/python2.6/site-packages + WSGIProcessGroup apx-idea + WSGIApplicationGroup %{GLOBAL} + + + + AllowOverride FileInfo + Options ExecCGI Indexes + MultiviewsMatch Handlers + Options +FollowSymLinks + Order allow,deny + Allow from all + + + Include %home%/%user%/conf/web/%web_system%.%domain%.conf* + + + diff --git a/install/rhel/6/GPG.txt b/install/rhel/6/GPG.txt new file mode 100644 index 000000000..33bb1ff26 --- /dev/null +++ b/install/rhel/6/GPG.txt @@ -0,0 +1,30 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- +Version: GnuPG v1.4.5 (GNU/Linux) + +mQGiBExUOVkRBACPJeB3bdrAggHlFpkaB1aRDXDz7clRg6jyEzdMYHhrniSyjhAH ++b53zE4iapCHFIamEG2Fa7zS2lSx7068AmqHsZK5jwmyhTVVYuTtbebj1C4Y5ToW +icHhy4ullB7qeDmAod6EY4YSx2kYO3dR/QLk5QM4lWuV/OLdXWTeoKiiYwCg0UAP +yUkBXgNcKXrFqoJelmG3JEMEAIYM7CGwVd47FsM1UCu56HNQPErxLoUPBUlAQFtx +OMOFDMEm7qH7ve8FgGGRL9oHF7mSJ3y7HgM1BF5MHkKz6FjDrT1U5+Lub6oI2e90 +gfCMGlQAzUm9o+fijfbhKoEQ/xQRkUoqWEaf9zlFx1/4+NH+Qz/L8ZDTHvSLvUgt +HyZlA/916St5suAUugXu9PeLRVqboiHjhz0JWKneQEQ2QcTu8lhHsu/mZTWL9FYn +XwtiCJLZT8bpBSfl8Oeqhof1+sPgnv7t/LuKQ6JJmyJ46Sa453wfrs+xs32hKAe+ +ZN0VGBmHe7NhuhW/LdM0KMMr/LHuJJJAgmt+XVHi2RFwsZvdMbQkVmVzdGEgUGFj +a2FnZXMgPGJ1aWxkZXJAdmVzdGFjcC5jb20+iGAEExECACAFAkxUOVkCGwMGCwkI +BwMCBBUCCAMEFgIDAQIeAQIXgAAKCRBbjeFzoXeCtp6dAKDQfeTPHi6hCgg4L+sx +LEjXvVdLOwCfe9yfr+en+uz6qst0QBT2cAwB+q+5Ag0ETFQ5bBAIAJYZa9pV9l/R +OUFgIvdJd1mvzJpRAXsRBBJc22WuOHp22Uj+lMKrJMTRQZvFBvk9s7Mb1/ACXrL4 +vIbsKqXNAlVFp9kF1tKV2ejZ1MrJaQ4819bIkyG0lJzjl6u9lzJopF7ie00YHKC6 +1rltLaevfFjUXq1DoYZBg42hT/SOj+3+2D0e9qcxeuxXbsjnvwtxxUkWcP/ftOSt +HsAAbM1YtwGl9+fZLWG9+WIKNOE9kp+h2ywZtFA4v/Ms2op7oZGAL7C95k1EgLrH +mOZ0B2oKOLctV1z9keWksPN/osyG7Mg8ljv8zF3XwQFqHOHRntDqSWoFBMvJBkNS +vtm6u5WyKd8ABAsH/0RbeWVA+JqpZ24Rl57XoDRPRzno0m0EnkJMXr22uBq1lPg8 +VkadrGOshFXpM3Rho57f3U7fwKmShQXGEV7RHsWcxcfwOSKVJtI468sDuYXc2l1f +5nFo+rCtVh3BBq+JtZFKX0x53BesCT/M7l33Dfm9MDi34tEdPTPjumBIH1dowYdv +9/2HPlPp4NZte7gOO/VIAiS+jJ30aBn09t8duW5md7/rkOPIM5It05LGCLjb9hVm +R9zTwzw30fIrkeyWZdAbk76lH8u8j6PX30U6RRzb33+XIFR4ab3nlyqOQOpoTqyG +cs7B02sgBbyC+RG1EYfcelSEvLXkR8mjcqjs+MCISQQYEQIACQUCTFQ5bAIbDAAK +CRBbjeFzoXeCtlpcAKDLh59svtq/Gn99O9ZZw0nBjWv6sACfffDxPhCP1F852Jab +d8P1WGhr2Q8= +=Z1Jj +-----END PGP PUBLIC KEY BLOCK----- diff --git a/install/rhel/6/clamav/clamd.conf b/install/rhel/6/clamav/clamd.conf new file mode 100644 index 000000000..c215bcb98 --- /dev/null +++ b/install/rhel/6/clamav/clamd.conf @@ -0,0 +1,502 @@ +## +## Example config file for the Clam AV daemon +## Please read the clamd.conf(5) manual before editing this file. +## + + +# Comment or remove the line below. +#Example + +# Uncomment this option to enable logging. +# LogFile must be writable for the user running daemon. +# A full path is required. +# Default: disabled +LogFile /var/log/clamav/clamd.log + +# By default the log file is locked for writing - the lock protects against +# running clamd multiple times (if want to run another clamd, please +# copy the configuration file, change the LogFile variable, and run +# the daemon with --config-file option). +# This option disables log file locking. +# Default: no +#LogFileUnlock yes + +# Maximum size of the log file. +# Value of 0 disables the limit. +# You may use 'M' or 'm' for megabytes (1M = 1m = 1048576 bytes) +# and 'K' or 'k' for kilobytes (1K = 1k = 1024 bytes). To specify the size +# in bytes just don't use modifiers. +# Default: 1M +LogFileMaxSize 0 + +# Log time with each message. +# Default: no +LogTime yes + +# Also log clean files. Useful in debugging but drastically increases the +# log size. +# Default: no +#LogClean yes + +# Use system logger (can work together with LogFile). +# Default: no +LogSyslog yes + +# Specify the type of syslog messages - please refer to 'man syslog' +# for facility names. +# Default: LOG_LOCAL6 +#LogFacility LOG_MAIL + +# Enable verbose logging. +# Default: no +#LogVerbose yes + +# Log additional information about the infected file, such as its +# size and hash, together with the virus name. +#ExtendedDetectionInfo yes + +# This option allows you to save a process identifier of the listening +# daemon (main thread). +# Default: disabled +PidFile /var/run/clamav/clamd.pid + +# Optional path to the global temporary directory. +# Default: system specific (usually /tmp or /var/tmp). +TemporaryDirectory /var/tmp + +# Path to the database directory. +# Default: hardcoded (depends on installation options) +DatabaseDirectory /var/lib/clamav + +# Only load the official signatures published by the ClamAV project. +# Default: no +#OfficialDatabaseOnly no + +# The daemon can work in local mode, network mode or both. +# Due to security reasons we recommend the local mode. + +# Path to a local socket file the daemon will listen on. +# Default: disabled (must be specified by a user) +LocalSocket /var/run/clamav/clamd.sock + +# Sets the group ownership on the unix socket. +# Default: disabled (the primary group of the user running clamd) +#LocalSocketGroup virusgroup + +# Sets the permissions on the unix socket to the specified mode. +# Default: disabled (socket is world accessible) +#LocalSocketMode 660 + +# Remove stale socket after unclean shutdown. +# Default: yes +FixStaleSocket yes + +# TCP port address. +# Default: no +TCPSocket 3310 + +# TCP address. +# By default we bind to INADDR_ANY, probably not wise. +# Enable the following to provide some degree of protection +# from the outside world. +# Default: no +TCPAddr 127.0.0.1 + +# Maximum length the queue of pending connections may grow to. +# Default: 200 +MaxConnectionQueueLength 30 + +# Clamd uses FTP-like protocol to receive data from remote clients. +# If you are using clamav-milter to balance load between remote clamd daemons +# on firewall servers you may need to tune the options below. + +# Close the connection when the data size limit is exceeded. +# The value should match your MTA's limit for a maximum attachment size. +# Default: 25M +#StreamMaxLength 10M + +# Limit port range. +# Default: 1024 +#StreamMinPort 30000 +# Default: 2048 +#StreamMaxPort 32000 + +# Maximum number of threads running at the same time. +# Default: 10 +MaxThreads 50 + +# Waiting for data from a client socket will timeout after this time (seconds). +# Default: 120 +ReadTimeout 300 + +# This option specifies the time (in seconds) after which clamd should +# timeout if a client doesn't provide any initial command after connecting. +# Default: 5 +#CommandReadTimeout 5 + +# This option specifies how long to wait (in miliseconds) if the send buffer is full. +# Keep this value low to prevent clamd hanging +# +# Default: 500 +#SendBufTimeout 200 + +# Maximum number of queued items (including those being processed by MaxThreads threads) +# It is recommended to have this value at least twice MaxThreads if possible. +# WARNING: you shouldn't increase this too much to avoid running out of file descriptors, +# the following condition should hold: +# MaxThreads*MaxRecursion + (MaxQueue - MaxThreads) + 6< RLIMIT_NOFILE (usual max is 1024) +# +# Default: 100 +#MaxQueue 200 + +# Waiting for a new job will timeout after this time (seconds). +# Default: 30 +#IdleTimeout 60 + +# Don't scan files and directories matching regex +# This directive can be used multiple times +# Default: scan all +#ExcludePath ^/proc/ +#ExcludePath ^/sys/ + +# Maximum depth directories are scanned at. +# Default: 15 +#MaxDirectoryRecursion 20 + +# Follow directory symlinks. +# Default: no +#FollowDirectorySymlinks yes + +# Follow regular file symlinks. +# Default: no +#FollowFileSymlinks yes + +# Scan files and directories on other filesystems. +# Default: yes +#CrossFilesystems yes + +# Perform a database check. +# Default: 600 (10 min) +#SelfCheck 600 + +# Execute a command when virus is found. In the command string %v will +# be replaced with the virus name. +# Default: no +#VirusEvent /usr/local/bin/send_sms 123456789 "VIRUS ALERT: %v" + +# Run as another user (clamd must be started by root for this option to work) +# Default: don't drop privileges +User clam + +# Initialize supplementary group access (clamd must be started by root). +# Default: no +AllowSupplementaryGroups yes + +# Stop daemon when libclamav reports out of memory condition. +#ExitOnOOM yes + +# Don't fork into background. +# Default: no +#Foreground yes + +# Enable debug messages in libclamav. +# Default: no +#Debug yes + +# Do not remove temporary files (for debug purposes). +# Default: no +#LeaveTemporaryFiles yes + +# Detect Possibly Unwanted Applications. +# Default: no +#DetectPUA yes + +# Exclude a specific PUA category. This directive can be used multiple times. +# See http://www.clamav.net/support/pua for the complete list of PUA +# categories. +# Default: Load all categories (if DetectPUA is activated) +#ExcludePUA NetTool +#ExcludePUA PWTool + +# Only include a specific PUA category. This directive can be used multiple +# times. +# Default: Load all categories (if DetectPUA is activated) +#IncludePUA Spy +#IncludePUA Scanner +#IncludePUA RAT + +# In some cases (eg. complex malware, exploits in graphic files, and others), +# ClamAV uses special algorithms to provide accurate detection. This option +# controls the algorithmic detection. +# Default: yes +#AlgorithmicDetection yes + + +## +## Executable files +## + +# PE stands for Portable Executable - it's an executable file format used +# in all 32 and 64-bit versions of Windows operating systems. This option allows +# ClamAV to perform a deeper analysis of executable files and it's also +# required for decompression of popular executable packers such as UPX, FSG, +# and Petite. If you turn off this option, the original files will still be +# scanned, but without additional processing. +# Default: yes +ScanPE yes + +# Executable and Linking Format is a standard format for UN*X executables. +# This option allows you to control the scanning of ELF files. +# If you turn off this option, the original files will still be scanned, but +# without additional processing. +# Default: yes +ScanELF yes + +# With this option clamav will try to detect broken executables (both PE and +# ELF) and mark them as Broken.Executable. +# Default: no +DetectBrokenExecutables yes + + +## +## Documents +## + +# This option enables scanning of OLE2 files, such as Microsoft Office +# documents and .msi files. +# If you turn off this option, the original files will still be scanned, but +# without additional processing. +# Default: yes +ScanOLE2 yes + + +# With this option enabled OLE2 files with VBA macros, which were not +# detected by signatures will be marked as "Heuristics.OLE2.ContainsMacros". +# Default: no +#OLE2BlockMacros no + +# This option enables scanning within PDF files. +# If you turn off this option, the original files will still be scanned, but +# without decoding and additional processing. +# Default: yes +#ScanPDF yes + + +## +## Mail files +## + +# Enable internal e-mail scanner. +# If you turn off this option, the original files will still be scanned, but +# without parsing individual messages/attachments. +# Default: yes +ScanMail yes + +# Scan RFC1341 messages split over many emails. +# You will need to periodically clean up $TemporaryDirectory/clamav-partial directory. +# WARNING: This option may open your system to a DoS attack. +# Never use it on loaded servers. +# Default: no +#ScanPartialMessages yes + + +# With this option enabled ClamAV will try to detect phishing attempts by using +# signatures. +# Default: yes +#PhishingSignatures yes + +# Scan URLs found in mails for phishing attempts using heuristics. +# Default: yes +#PhishingScanURLs yes + +# Always block SSL mismatches in URLs, even if the URL isn't in the database. +# This can lead to false positives. +# +# Default: no +#PhishingAlwaysBlockSSLMismatch no + +# Always block cloaked URLs, even if URL isn't in database. +# This can lead to false positives. +# +# Default: no +#PhishingAlwaysBlockCloak no + +# Allow heuristic match to take precedence. +# When enabled, if a heuristic scan (such as phishingScan) detects +# a possible virus/phish it will stop scan immediately. Recommended, saves CPU +# scan-time. +# When disabled, virus/phish detected by heuristic scans will be reported only at +# the end of a scan. If an archive contains both a heuristically detected +# virus/phish, and a real malware, the real malware will be reported +# +# Keep this disabled if you intend to handle "*.Heuristics.*" viruses +# differently from "real" malware. +# If a non-heuristically-detected virus (signature-based) is found first, +# the scan is interrupted immediately, regardless of this config option. +# +# Default: no +#HeuristicScanPrecedence yes + +## +## Data Loss Prevention (DLP) +## + +# Enable the DLP module +# Default: No +#StructuredDataDetection yes + +# This option sets the lowest number of Credit Card numbers found in a file +# to generate a detect. +# Default: 3 +#StructuredMinCreditCardCount 5 + +# This option sets the lowest number of Social Security Numbers found +# in a file to generate a detect. +# Default: 3 +#StructuredMinSSNCount 5 + +# With this option enabled the DLP module will search for valid +# SSNs formatted as xxx-yy-zzzz +# Default: yes +#StructuredSSNFormatNormal yes + +# With this option enabled the DLP module will search for valid +# SSNs formatted as xxxyyzzzz +# Default: no +#StructuredSSNFormatStripped yes + + +## +## HTML +## + +# Perform HTML normalisation and decryption of MS Script Encoder code. +# Default: yes +# If you turn off this option, the original files will still be scanned, but +# without additional processing. +#ScanHTML yes + + +## +## Archives +## + +# ClamAV can scan within archives and compressed files. +# If you turn off this option, the original files will still be scanned, but +# without unpacking and additional processing. +# Default: yes +ScanArchive yes + +# Mark encrypted archives as viruses (Encrypted.Zip, Encrypted.RAR). +# Default: no +ArchiveBlockEncrypted no + + +## +## Limits +## + +# The options below protect your system against Denial of Service attacks +# using archive bombs. + +# This option sets the maximum amount of data to be scanned for each input file. +# Archives and other containers are recursively extracted and scanned up to this +# value. +# Value of 0 disables the limit +# Note: disabling this limit or setting it too high may result in severe damage +# to the system. +# Default: 100M +#MaxScanSize 150M + +# Files larger than this limit won't be scanned. Affects the input file itself +# as well as files contained inside it (when the input file is an archive, a +# document or some other kind of container). +# Value of 0 disables the limit. +# Note: disabling this limit or setting it too high may result in severe damage +# to the system. +# Default: 25M +#MaxFileSize 30M + +# Nested archives are scanned recursively, e.g. if a Zip archive contains a RAR +# file, all files within it will also be scanned. This options specifies how +# deeply the process should be continued. +# Note: setting this limit too high may result in severe damage to the system. +# Default: 16 +#MaxRecursion 10 + +# Number of files to be scanned within an archive, a document, or any other +# container file. +# Value of 0 disables the limit. +# Note: disabling this limit or setting it too high may result in severe damage +# to the system. +# Default: 10000 +#MaxFiles 15000 + + +## +## Clamuko settings +## + +# Enable Clamuko. Dazuko must be configured and running. Clamuko supports +# both Dazuko (/dev/dazuko) and DazukoFS (/dev/dazukofs.ctrl). DazukoFS +# is the preferred option. For more information please visit www.dazuko.org +# Default: no +#ClamukoScanOnAccess yes + +# The number of scanner threads that will be started (DazukoFS only). +# Having multiple scanner threads allows Clamuko to serve multiple +# processes simultaneously. This is particularly beneficial on SMP machines. +# Default: 3 +#ClamukoScannerCount 3 + +# Don't scan files larger than ClamukoMaxFileSize +# Value of 0 disables the limit. +# Default: 5M +#ClamukoMaxFileSize 10M + +# Set access mask for Clamuko (Dazuko only). +# Default: no +#ClamukoScanOnOpen yes +#ClamukoScanOnClose yes +#ClamukoScanOnExec yes + +# Set the include paths (all files inside them will be scanned). You can have +# multiple ClamukoIncludePath directives but each directory must be added +# in a seperate line. (Dazuko only) +# Default: disabled +#ClamukoIncludePath /home +#ClamukoIncludePath /students + +# Set the exclude paths. All subdirectories are also excluded. (Dazuko only) +# Default: disabled +#ClamukoExcludePath /home/bofh + +# With this option you can whitelist specific UIDs. Processes with these UIDs +# will be able to access all files. +# This option can be used multiple times (one per line). +# Default: disabled +#ClamukoExcludeUID 0 + +# With this option enabled ClamAV will load bytecode from the database. +# It is highly recommended you keep this option on, otherwise you'll miss detections for many new viruses. +# Default: yes +#Bytecode yes + +# Set bytecode security level. +# Possible values: +# None - no security at all, meant for debugging. DO NOT USE THIS ON PRODUCTION SYSTEMS +# This value is only available if clamav was built with --enable-debug! +# TrustSigned - trust bytecode loaded from signed .c[lv]d files, +# insert runtime safety checks for bytecode loaded from other sources +# Paranoid - don't trust any bytecode, insert runtime checks for all +# Recommended: TrustSigned, because bytecode in .cvd files already has these checks +# Note that by default only signed bytecode is loaded, currently you can only +# load unsigned bytecode in --enable-debug mode. +# +# Default: TrustSigned +#BytecodeSecurity TrustSigned + +# Set bytecode timeout in miliseconds. +# +# Default: 5000 +# BytecodeTimeout 1000 diff --git a/install/rhel/6/clamav/clamd.service b/install/rhel/6/clamav/clamd.service new file mode 100644 index 000000000..fdb3af7fd --- /dev/null +++ b/install/rhel/6/clamav/clamd.service @@ -0,0 +1,12 @@ +[Unit] +Description = clamd scanner (clamd) daemon +After = syslog.target nss-lookup.target network.target + +[Service] +Type = simple +ExecStart = /usr/sbin/clamd -c /etc/clamd.conf --nofork=yes +Restart = on-failure +PrivateTmp = true + +[Install] +WantedBy=multi-user.target diff --git a/install/rhel/6/clamav/freshclam.conf b/install/rhel/6/clamav/freshclam.conf new file mode 100644 index 000000000..61fb36465 --- /dev/null +++ b/install/rhel/6/clamav/freshclam.conf @@ -0,0 +1,6 @@ +DatabaseDirectory /var/lib/clamav +UpdateLogFile /var/log/clamav/freshclam.log +LogSyslog yes +DatabaseOwner clam +DatabaseMirror db.ca.clamav.net +DatabaseMirror db.local.clamav.net diff --git a/install/rhel/6/dovecot.tar.gz b/install/rhel/6/dovecot.tar.gz new file mode 100644 index 0000000000000000000000000000000000000000..9efb91bebbb483918ea5bd862e0776b9e6eee301 GIT binary patch literal 2640 zcmV-W3a|AaiwFQS|Atin1MOPtZyUK0_hjKtNXpgh+^NYPO&VZsopV4MlEr$TCz zuL&21iIk=IPd!`jo_#A#M#p;q zc2Wy)1f7A@&7m1`WYe5#vvc5!%o^S5|4ZlX#rX^3taWO20*g{qirH09HNh2Io{GVu z>8j#szQgk$jFp=`=$Bk3H{kXR;suA{{9LiUfZ4LdwNpR3!_zKS?AHo*>iTp<^MAo7 zuwTqb4(<*1saV(I)q*Ka7F^~K3eE@d8YG!Y z31|OWjE%EhW~Y`}%o6HM1?I`Xx=f))GiD&D=in8~)1wU#L7XGfQvjIF$}SWvFQd3S zPb#fo#b;b9S+C!GCR@TLev(G8|FN64qX>w!vTJuxQLC0guNhDGM zn$3wlO)`HP&uvy|Fv?CCOk#QX2AOdU0r~JF0#Aiy{t$=g$=1p z=DA#gwwBj|Dvss=7|~q95v-L_&3XnhKx(;ak}{nr9)p*;u)9;41WSIygP&_QU9&Re zn004e(tew5LJkv%pa4IBFF>5BglcwzJS-p5UXTuig$-A5t zd$WIav%`9J(XAKMh*^Z)AAabr$gKrt|0wl>m)XW@_frB%MiH@e3!|evUn2x7j-N_CE zk6s270-y>NS>s_baxg&&i&q;dzDU`_++yj}bLU^$9$}-f)Sg|JoK=ultPq?3mQq0m z!k~6Ged)q{n{ZH-=|Lf}y5w>uAyawb8d9W~`RHwP0EUr<=0sFQ43-7##cM3-3Q*@N zp*xG;An)8zpMP(;f#utU*RL<@(yRS~a&N)MIAKAeppJ&%IAG#=s68HUo?pK?loJ1D zDZ5-elXQe2R)p+G)@(POYYswr=@eU*B_O00KI$e(vVJ8|y- zuvEzkqR<{3%dv#)?Bgx2X4<0=eT9j%BVWZC(;?v%{$!cCB6YVE917{s^rA?zk1M9;+=&9PaqsgtLUq05l~)1`~`OfO`ak z&*5kk+RrwTPl(5cSM*@;_rdL}quclgugx$YJzN5~5C7pX^!ShZ<8X}lAB>v!zegeP z_7pCLbBOE!3V8sZ10NGz`1^k&$Q!zoZomIys(sY=|1j$J0sqmk7mde*Vc)+0k9!UN zAA{WczkRd1=l$Q8;7{ETu-3{1x@5z!FuPG(bhi_*=UTzdZf~#;qi~BU_67$y=x*HG z!66KuE1DVGZEwdT7(WAF%9@9+V)rC?AaFB&AagT*Aa*l;Tk>XVNBFna798N;HcKVd zdYR(Gqs;?dwle>f42%EK-S{7bBVYeV(RhIMA1?w8{vU(T*J*4qnkv4qEw1x_2Lk{> zpk@ekoxqivO!`2cr(maN~* z`j58aw@bJCf35R}E&un{e`xm)e*ZCyn(zM~hrrtaxHZ!)_-mRlg%71a29?IEKtl6i z!N5QPOa?fK{Q*?lZla9caKqN0wI0?rApIKYHvX{%c-;OU`hKkcqh1eS-?R9~cA>%l zBT&k<{qaYcQ~VLm%1rGun*F8?|C&OXj`7Pomn7^^!SHJrt_!Tyb|bM*eXT!nk>pkC zp5i{%Mm9O%Yom|7|MLfK0Pe;A=KVkFk9v{Af7Aaz3c2e$bmIWi8B3>oZ{v27CJEEp zP3XNDEcnL#7|Z`Qw?*sIzd87$kKWMH7XS5|@56Tfj_$kv_xcgwzc(CU z0}$EY|H6U>|BpfS^ByAGzVIPtTkgv<82YXiQ_ZIMvorq%fvQ9uEWx(m`||Ofjh_bD y4K>tILk%_5P(uwh)KEhWHPlc;4K>tILk%_5P(uwh)KEi@PyYcFsKbl^Pyhh(FFgwzB$AXM2uct^1SLw4oCOJz zjR=SY$w@^}fj29B=Y02^^WMGpjlbFIe^*s^bxn6w&B(^n%_$NPa2+GDNN-6T(i;iG zBPF4dN`%h;!AE1mN5E1PO27W=r8~~;R8ssN! z5THx43}8|K>jIR3R{;v>6C0k$kgT6zQdfWiN~*#Zp*LqjPH(XuKl2ccPv5kG#wW2KigD-q`i{h znbW*pocQ!}H3&+#%S?ACnbl+Lc7yB(tP+VFoJg3&ba(MH3FN>j)nQ|Pl zG5@jL;j5ZuS^+K6Z4U!+P;135M?C+*+19>SsXF6sf+@{>#1u-yn^KZfNo7=Umz(To ze-;J!5HaJ)uWP^3NSmNy3n6Q7X8*j5L~Q%=B9(FAYalt3H+UtL!6)VneR9#MFYF>s;d>WE3~iAb6%b8b1^CzA zxXkGmFD13*6^0oLd#vKSA4}cWRAQB?0?@x}FbBW+MoG@8q=9}qivCCvUtoC@Nc$^A zQ_Yi9zIuvEZ=im)LHPbe7CmA^sOTA~lFYB1k;^OL=>jpdpGqHY`%&A)v@$4`s4OdS zg+1bC%QHtwPomXU(3G2J;#19uD8}uc@PDq+a96smAbPQ(#EYzV=YXlh-lE2?+!e(- z#6u#jLpB=%mr;^+L&>4!l%NPjIYqcUQbyj*4T(}#Qc^(3q971i6b$Mnivso#aLFP5 z(>~I>#&B#hq|7YUJg-|=6fwg3{@5o$C?DrCANpAJmi5cUxkedhHjf?W(1No!xYb-M zMEd#pv*s_7QzwkMh?8;=+s9y!VT@vAWkcgn$Iq$A>1nQidp@3=rQ?`oMW2;-Bl<-J zXgDiKSFbY`z18sj*+NyuRAEzAJKpS7#YU{X!?Z|}sho~;huhZ|d2>H@lPTQS&rTQr zELyLB-fMkx@D-Y*v@5-A3)$hkJvN?wm`ha9*_(+- z)K#Hs#qW3s!}MLE^JK{%RBj=)bg8(jpOnv9eel`A#UdAe==2p%-NwI}dtz%QE7IS& z$C0vLiNij8NvolwYV@P0hqKr9LjLB_re2&I7s%7%qgt&}NVaxp)@=-3u=*^8;BIlR zUb&&f04bWWQQqOg6*00-fos|mFV2~#r%n8V3YL#IM3pf)p{+#tUf(->J#+8z;@#F2 z@}TVFzWKfL)*lRsVs`r zB3T0s^!r^;5%F4VzH_w3>`C{b6$H9;9oR5`V%+iZaSG4|ViE}Sw>YQ)0?`fuT>vG- zG1?Y@5@Zm-O$pqD>#w*6#6b}8DP9360W+LpLL4Murc+FagH*uHa*8)jvBfFg1Sk*} zLGMm6Ax;wXKc3=8NeR9H zFbP49fT;lrv`GlQCSV$X0{$i;*h|2KJOp4;-&0J;LxB9BJVoFW{7&E}o$?9e5b%>z z%z8>+0u=BUDH}iu`U|K1>;NUm6Z`6!QX`A_lb{vZ_tFu)`y*h!FA0w|zQPMDV-Xet8~u!r2@6kj;OlrK&(VGjfP z)P(0s(APZ0$EVl;pul)Ez!-o0XLyRir`QOf0FQ<+FE9?N13(G#ngAuN-w~h$K0%Lw zodHVV6YL?#Uq0n~oMM+#+yqdd&LDL=>8B<5m0%y@6my?q-XI>p|nSmYEF z>JeamTFsMwQo_C@V1nHQdjbIp*h`BAD6p?cgHHK3Px-;8_`wNgNk7F60434^{k^^d zK|x9&yO?T)*~1qg+d}QI2aa( z@kGM?r7$>mKn?`5%hvzX54JdAfc^yY^UXYeXc>nuk(%1kuX@aw*LEZ!(f_yPB9NYsW1UAF?gME=m1QPLQHArtLVVQVL z01giL-vem7A(6g-S9~ymNCdSI67GQk3krb=gZ=RpSW*%ULlE@cLjLsrRWE}D!Oqk| zVBk_$2TLRU;nMgJ{E7dhaUQ^$o3=DC)7%3bQ;Q{lPf@6IC zxfrOlv#^$xj^Y1oCXf&wuu>8Y7L|4ZW^?{Coisx9|7qMmRh)%RG@Sn|+Zp`-*8KB$ zLF9e_y$YNQFmOD8JV*#T24j&$C;zlIB8yJsPJS)!D(?K(TPc!&p%5riRtbf2lT&~y zAR)>yH)VOa3!zSA=cWh)ysrp{Da*Z-| zB%`1p2a=bAC_|Ls2t^oNPC)?*g()JT2pNd7tUO!}j)KT4%Ru4EGD;{J7(x*Ru#}YK z-B2h5Qb7iy1cO3kKyZY-GB6t)DK9S%kx@p<1L|^6MI{&tDF^5(LFAE0B?Md{KxC$Ac*~4RUGtpL{R?o>c~XcH9(97(E`IIjFh~jEJ$7oDkbxW5`Gn=Ai(dR>m(-r!!$rp zNlFIbSY$eMm_KpWG^Z8QG^sW1FmX%iFi~XCG=4MIVN^J$X&51|sZWmh$F28czC-W3 zW``=?ALilf1JgVi_;0~h9V`hZ72CxLIGrr^!EVUp%E}|K-eqrPXp!;{=Zl)57I^Y`U08F0PXFA!2uH> z{$Nd503Piv6@Wi6S?+%(Ci_=5u{!yx0i+RkG>`yrXkT}*D)6a866x!%>5T>+{=cV@ zlbIkO8;lQF5Rb+93xaiE-rlevSO{3vAAZvOS7%De{=18OV1FK!7gE#R2L>zxi0UU} z%lwaJePD1L1}_B&Na6tuM&SV0o@@jl%@8u4B+xB+B6d2LTYx)Q z2nqq>Ibn9fq4!3^|JpwPI8Bn^0H9*>LHfghjPC^wzNpHrxkuTaG4V?AUs`ek@`meA}h=o8{|G(bAdjO%f zCe+=35&}?npIoPTf$~qd{pZI?!dL{If9P3Rm`Vb*tfaA?qa>lom4t%+W#64-9)BR@ z17QFtwXm2!J^yU|wXFbEpe6mg#da2@Hik( z!Ei`v1P13rTSTqI{d=&&atyF>e{~U%t)vKhtFX27pzq|hKQ-Uvu zKw8#1Mn+(NWUxO7fyM!aIPebf-;MI0`GkD@=Uc_`@oz#=$9SlC)!`D5pXYwj77&93 zh=7+#5UGVB^wXsXLG{ZZ4!UVlH^@N%&Gm<^43^}fJr~#SnYb$H>ww>9#ly4nZNQ{^ zRx$U>5Exs{{2ENZ&4rgt4xS551)7WGPqQ@{?uxLlw!89`ye$}}cxBHxRQt?UCCi}O ztkZ7VQt)f$lgswmpSlagk`);PRIm?*wkGJ#}2iDyP8OQ2PuH$DxO%xI~FyuvVZ^jZWk*3*!9zs((I-?UA$aaqU)ckP=!K=w&ucW)0vE<{PcAg1HV4zvNIKMG zrkoEwTy>^{A(h9g@qx(m^}suZ`IF>~zSl_(q`ZYA&l`s+?Pg0VEFBgeFqBMua>%7? zV#>mQvx=1oVBs{6<7-h2F;wu7w%?^|DSp4^E?pcf*CGC8?MhtMhkGjh^P9^TUP$=F zeb*=bpgoWA_Pw2r3#<-1a!;v6h3x z*7Cq1rI&~+SB;3`tYtzz=M|@I&cMz?V=HF=3-QiA+DMk%(lKLJPsW2k7fQItG zUhfX+Kxq!%)v{*YAHQx9U5K4{xnOoqneL};N#>Bay){HD&8elN%X5ETbK;A(JLlNe z7e1j!Rlat?<}(6j*s{A^QexrhzC&dbF7$S4F+cc^bvTHAXS`?pNunSvyBQ?2KUTk! zks9q^*A+j4R#R-+uz5bgySjJ#YSvDwL#DIV-F^=J8CAurj^Pb)Tk$D68aIF3$}6P9 z>rT}_GbS_peA8%Srr5r()aQ5q7}b($T(Cdl)!9!0$}~?L)7Q@^P#Z(iXA-6tQ<4+= zNGXUr7=sTTHzHw>kwJP-kwGH8)IG`Rbm@)Qv3^GSCj$d?2aL~EX^hfpzSDlK`=Bwu z>pO5Tg^nDUI51+)y(GO8SVvlAeTFMxTY2yBTRRytOyL8~Ti^GLWRlp%m+`Qp_oVN< z9%kfFvA()2b2$yeDBqmfG?o$VTNnFzjc*JrzVmw;diCW}*i~e(`zvgWX673YNLPut z06dMDk>gcw;dHc&!-4AUtO=B?c|X~4Mw?6GL8n3W=gSwy-##GWl0%zq91wqb!}s+D z6&G3V?rVv@vzM!8lj<*ub?V;KlczpAcHPJ#1+TlNVJ@J~_w-5Z=U3^F-CO8zTi<#8 zO)3aVi;axP$5nUOm#uhG_}B74mJn;hHK%qsmG;QB>#Dg-H5C%CQ^oBw+fx#YcNh0kyJJ5te7oaW%-8*G zSk5hCt@!@K0UFzzcVoYBH;QAU#iq~MXiz?)3SQ)1)-qq)h^$%KpE1wlDo<^$QG>5M zhLWiu`U5RXBwk!y!1@S;n|w6yyL{aPVL;ox=uWosWPP>4k6wSLZL4oY>#|c(!K$Vt z+*G~OmMdw)HQ4g0LT(I&pGj69r<_EYM(@EjoZXIoL&RRScu3@h zShG_l$y1E&OF4H@P*q@gJ|@uJ`mLOk+V9hC zKgbi0xkDk;xAR~%IBVc~$`2{VCvie`qTX%{^eYa@G#v(Obi-_U82sot;cK9vW-eNN za}yDMCW{@$DM!Tz#@hplbbBZ^ZVmd>Y}Bp3DHSuYRXG)?oKG%>qA_gE?rrAvodqHK z*534ejU~5Bbq$o$C6xm@%yIp9ll{LcmR`S1%E9)1V3foSiMc6tRr(AikApr-De7g? zn;KsA-9y7AuRRMI^R4?!M^=9FZ_`Ao#`Gq6C!-S?Bl79&yUPzBDYGUuc0Egx?3ROS zS+5ogQ-U0+9QH#xKT3`f^$rz_Jn=n@)V2-Z5x&w?q~-cS{=47J<~{6ou;m-?_0C@)Bm=a3afRX_7CF&tlZJ2h@qVSS=sFKySOs-hS(RfjOl2gXe=m zmF6f@r#0J1g(%w#`WrXo1&m)Fem(cO&w)%N=Y#f_aYnO8maO2Sjmq9E!Go!FwQodT z;@b958$p}ZMY>VeeG~UPh56za&xn$kSytI1{m89osTDVKs{fgs@4yIrM+)Kys;bUhhwg}&r0kwkD+Yt?knqGfX2)P#eij6b-mquvPF?p<9(@XxT8*sz(O$laEMq@T(Jtq2?Vbzq$_%A9 z^RB+7oO|Bsdk?thi<}{iB{`dm-{O_8f(L@09q-&PRDN$u9;Pc_11F!YPiOOl@8ut# zsb!VSuf399Ip1W@OHTIzo$Tf0HDQpnKL`AmZSG<%><#&P!iWuMG2rXxR?+Hb5>G2s z_isGYH|K5o{rdfA<@}&*2OrOVQ@}#7>5@BS^lSxkY+mqcuehd4$OZ*nf8DGFO^=}1 z;`fK=lPt>L3dC}*!c;V7DQo7i}@8@%B5Vmf}Qxmo;tHHpNrl_}qsCwKU6 zn3AKbwy#w7-XH2t^Zr(i$qF2M?CIyF4=-fC+NjFJx4n}P(81HYTFoSWmL6}#_3$py zVVtPmYR|XJuKr{L6Xg5>tjJjeYlsNeka%9#p&1UapZyR9>1?v$qKwN zQ)8c>;&(}(>a&`(x7gsUz2bh!SeYY6SN=y?rrMP(w)y)>wn4SeS}$7Xm3Om{rO48% z@OE(#yX!h1u6=8M=*u96e-xAl$KhU9KnL$z;yiie9v-!4+~bU5b1Y#0G(BN5c`Y)+ zp*haGVc9n)j}F2D5|-^a&9CwO`))oZhn z9;awfB{1`;pL^T36>NA}7^$xL5}|?=Sb6!Kn7AzI^E72z$!6nmg2gGcU`D0swWlw8y%aq+B0A17sCTtwR5(WY0v#$p(b+oOW~sqB|ktkopu zx$6Z=`igPV5q1GeDZ}##GBlAoD;>ma{#6Cjdx(NVjTip<^53Vqoj|!R&ONQ69kp~1 zEjJ*ExGlRG9?2gbSiGL~=wg|q#=Q8qnlnz@z0@~I2iHGoC!W1IlcDuADB8lHI~DTc z?VIym(4t43)tPNM=^B1xIrHs?2=J4(qWG!FXmAN)>E5V#6m?otg z?C)w1NmRex9?IbJ_|eU&@ikDig}oSyROHzy<^8^oN2`&Qb*<@N$5SSsO*^|=j1c7= zv}tlp=MM>H$SzE{$8Z;$Y}f5LqEK7PKt+%;px$RDIRv&bA!A8oYcLEIZLDfjeJ z&E;1m1yZ=SS}`G>2V0AkABSy9O_~Q^M6gcX6u2V$(C^FKCe>qyd2NbS^l(C8IV!Eu z1-`ZI^7ZF6Mb47;EaJFfIn{jq(q&tL4)BNRsDY&To@Z;(Hrs36KJky;)>T|8QvR>dU$;N5kzAWWd`>AE4xtxeNu`R?#_Slq0z1_lRrI!MGh1a02E0EbR zs?am%E5qfr0dx!I)q?%5s@oC5%HWJ=DS#-%*er?ZGE5c*<}90O!WrKO*a{WyT@Li z6Hyj%FQ`{vCRM@E1T5WB$nvnqR5FFLjT2kU%y~QU6n+Xn9bmrWPb~Z#>d2{q4^j1$6RT%qTvYAMAVCe_r>p?{{!Y_3vOgf{6rFmO^ zyjLGMS1sM}B%NWBtTCAyef#O%*ekT*C_YaQ)<;4~X%rK--lDRv(QflvnxJQ>jrG(s z2V)d#P1!}gpUwFwEbJZH&t8_#iRNio&MxRO_X5}D=m*Qsn(Tiv#1GRpGx)qrD_FZ> ztrxubOL)%OoKhxoo7LDyTZWUe%&Q{o~uKlC;~7gpf04eL^}Uwk5R z;S;n@X?j4EJUJBqPT~_A>ycSkkauE~Emly@(jXzaxQpYma-aZoXR;L0FVaEIY9o;I z`d(Y(zM=f*-J9y|K}j0lnLIjp>#r!3nk`nCHpAU?4S2NT10GL4OeBle%o$*mZoxJ@ zUO>JL%=0SSgK&AWn8>I$(+Af6^q3c~;Q|(p`)vw;wOlfC{1zQjl!m?&^q{sWyON~u;L3ee>(vS~7gfg5 z@?Q76P{}9k{InEw&(mk&&5~p9+$GfNjdx;F1*qy#|D!QDei?D|$uuo(BF!f=ug&3-VBfXP z$Qa6!4LtEl$|P#?H<^BbID&AO4Ky7VkOP=~VF9#cT|es_vTKfB36hS&O+3qB7axDIr;=Od~dj-@49NujzbQ*t54{=^~f%R){tEdvNoJwRFa8f?-GSPDmd~giBHX z!Cc3JrP~l_;AQWPly}&+htFh-AyK$@N0&9`Fx|7vQIoJUfpcRtwoD5wD?Bgtf4|8! zU0#VBx1XfeHv2~0Ec<=r+){GMd+th4xHS+?#R{ZRwB?(Xa{0$#4)%|;lG5+XJ{_{Dok35w|rYQzbcW^-m{`1Rx`*QYG1wv zA?6(GZV%Z=3!_ z_M7QdMqSZui-|Hd9yEq+0qUCtdE{yiT++A*`lZZF@msOWsF4Cg$qSLlU<3mU({JDS zAfm|p2P^IN=N%oa&U2`s_)$BWM3Q)_paYlfz25=Y;Jc6!f;9-GT%| zVRtqS7Kw!pM2LNE+hp(WsCwb4nS`Pj9+}c3ZA5l3PK?3b*&mdL`4&A)RHFi|LCcUZ zrK)dWXZPu4!~@csBHA?VcPk_LY?cLiTWhO76|=C)k5*9SE+e0xm9ermIM-aPE_RH>=ZrP&m^ z$4e3k`f9%en*I6ycYDaK;f5*}F{g#An~n6^tFL&fK1w7eZDEZdgMwn|DN^Y#D1!-_|c7=``6#cf;16 z(&g{jeM^6LrsI&)mT$IWf{odGq0`~QR_RLPlbkNGbk$Hrl{uZ|-Z7hx)ePYnaWS%l z@M&h+shSNFTzcwc!b`m!hfzy@tu)IX>h~n)7__H$9NH!>!iGPNomf%_7 zAj8*-V;J+62~HnBQ$09x}1A$#bynXSRB`gxf5pdZ-2@`?au-FSE%S4dSaHYcV+iYAZHPjf>3K$W33@eJ1G^6(y-UadN!gt)sj^0pFak{H8a3ZSUu5j%e8a@+GYL^~=FhlV%T!4bs)k ztv^I+Ts&}Rz@by6J$hH&cfg)=)uC>AEO+^*6d|h(RvgL82S#$RLm$zr#3NP+ugujF`u%<92H}F4TLcjOX zQWSNZtnivXo<(8cf+;Mtou&a^ZBa-4KmAH}1Vv*LJSi=r*7DmgjVI!fOU>hjMJykU z8zx0<#iUceB%?65eQy^JhlaS=%dm;Z={=5R{b|U*i?Ir7NI5^NGNbS*KAu>c5w-e* zW%mv;w)Ka249zCHYx$#_@67XFebcd^pAE9KIHs?vg%oNkW)z6FZw_zg#k*FD3i!2~ zjs>c(Pt7%IyLG0w%IVR&<{%GgNfJ2Le}9!$fg%DwFSEJ%a3mA&|NL`|XT`vWRFDRv{yT7*>z)fYDxcbU6ZZ&jSWkDWlRCHvV6(vj3 z5s_dg^=HPAUIB#+CW9u{tP8iFkeWB{#Mo`UcW!)=0+~2}j}q2+x8ZTF{+2$4C1s5K z2cOu*vOzbeO2+d}w{orTc}aA$69+p{+zw*zT#;S*H9?cjczuZf9O%Z_^;DiWcidpK zQ{>e@#9GX!R5Yribo!gJouW%4(K2HWM$F}*vP$ZPKXW&mI_P$v+sCx9o*(HztkodT z%kbV%s;?Jt$Xgqr`j{QkdH`?F7yS{meo3fn_=Z@`i$=d6Ee#2yb(dpG7BbnLxYp3z zKOObTC7v;b6}oP$StQEm^H0B{+pr|A$jNJGt3~0}_!}6MaHJc27Q^ywono^VYQkT+ z9(9K+PT%;QX{YgtJSwCTT8qxE*$So$sVWX<@e_>^EKJs$P^P^2`>jmLH_@8->q`UT z%qAv%%vDT&5-~S-OGSz_hKEDmJ>2adU^(FYc&6KQ`5=2U`^Tmel{(8j%|3H=&9s(x zW=db(CGOA?*}=&YHfM$||D>QOt5Vyj($ba#bB%&)Pjc7`evULpXtLcR;;|=-Y6>AM zCULCQ7JXD3Fc$-VTcB}df3Aj0^ie7=wYWh<$nWz~?TgAi!@`>3qlbqeYyL+S=k@V2 zuio2ia<%^A-)-O=bGP?^`8}}m9KHBx(W=-e>V8xFhi_5BY!A;czNO3 zL4OsKNBCTECUfx7F|R#r{9+Mo5iVkTYxI2E8(h2bGh)e2*_T{0XKz`xSGecCkbbt? zog%X-@X=55=3_ONNS}A@uSaY|%y_0m+DAJ+)W5(-b*%DE z_3Z9C^p5>#Tl0;9%H3D@p0L|L45{l)kW_DQ6LuFTaiv18Ot)5#2krY zjx`L}p}90W(1GuKvN>dW9d9_Mbh90?Bx#^nD8c5^I}!a=TzZ5u+nG&G@nb*z`!*bcXYWF19~g`C6@x$$}n4=r2HyOx@+WR>oQWh5>$HKFf+l_Arx z@n_R>CZpewkrm(ZiEQw;RXkRm7fJoO*gnf)om>L%6~lb*YR!p}jv^Hq7yETaTCqXy z%gahkmoB+fY||3?f_@J>#Q`GwQO`Zs7m&;i_1}FZG=}NBIgdk35#(E;VoBj8!lp{% z6fMj~i|o959d>Pr2sFH7a%P6(VG29HvBR`cXxKg-GMZKkp*Y9!rJS7clXRTXN(=UWs^kalwJMsE{)bwZ_dX7sUT)%1qLneQLbeH5zQ(l zSkEqWne?J{dsKbq6)%gW1zUWpfXP`pZfC87;u;BQGT1{d{i*VejPN?H+hJ@i%c sP`@P@FtTdgEH&cAP!MqeM6|1Wy^aXfC;pVEer1-2@CPp-YR60e2R;l*O#lD@ literal 0 HcmV?d00001 diff --git a/install/rhel/6/exim/dnsbl.conf b/install/rhel/6/exim/dnsbl.conf new file mode 100644 index 000000000..5166b255e --- /dev/null +++ b/install/rhel/6/exim/dnsbl.conf @@ -0,0 +1,2 @@ +bl.spamcop.net +zen.spamhaus.org diff --git a/install/rhel/6/exim/exim-smarthost.conf b/install/rhel/6/exim/exim-smarthost.conf new file mode 100644 index 000000000..086ca6507 --- /dev/null +++ b/install/rhel/6/exim/exim-smarthost.conf @@ -0,0 +1,384 @@ +###################################################################### +# # +# Exim configuration file for Vesta Control Panel # +# # +###################################################################### + +#SPAMASSASSIN = yes +#SPAM_SCORE = 50 +#CLAMD = yes + +domainlist local_domains = dsearch;/etc/exim/domains/ +domainlist relay_to_domains = dsearch;/etc/exim/domains/ +hostlist relay_from_hosts = 127.0.0.1 +hostlist whitelist = net-iplsearch;/etc/exim/white-blocks.conf +hostlist spammers = net-iplsearch;/etc/exim/spam-blocks.conf +no_local_from_check +untrusted_set_sender = * +acl_smtp_connect = acl_check_spammers +acl_smtp_mail = acl_check_mail +acl_smtp_rcpt = acl_check_rcpt +acl_smtp_data = acl_check_data +acl_smtp_mime = acl_check_mime + +.ifdef SPAMASSASSIN +spamd_address = 127.0.0.1 783 +.endif + +.ifdef CLAMD +av_scanner = clamd: /var/run/clamav/clamd.sock +.endif + +tls_advertise_hosts = * +tls_certificate = /etc/pki/tls/certs/exim.pem +tls_privatekey = /etc/pki/tls/private/exim.pem + +daemon_smtp_ports = 25 : 465 : 587 : 2525 +tls_on_connect_ports = 465 +never_users = root +host_lookup = * +rfc1413_hosts = * +rfc1413_query_timeout = 5s +ignore_bounce_errors_after = 2d +timeout_frozen_after = 7d + +DKIM_DOMAIN = ${lc:${domain:$h_from:}} +DKIM_FILE = /etc/exim/domains/${lc:${domain:$h_from:}}/dkim.pem +DKIM_PRIVATE_KEY = ${if exists{DKIM_FILE}{DKIM_FILE}{0}} + + +###################################################################### +# ACL CONFIGURATION # +# Specifies access control lists for incoming SMTP mail # +###################################################################### +begin acl + +acl_check_spammers: + accept hosts = +whitelist + + drop message = Your host in blacklist on this server. + log_message = Host in blacklist + hosts = +spammers + + accept + + +acl_check_mail: + deny condition = ${if eq{$sender_helo_name}{}} + message = HELO required before MAIL + + drop message = Helo name contains a ip address (HELO was $sender_helo_name) and not is valid + condition = ${if match{$sender_helo_name}{\N((\d{1,3}[.-]\d{1,3}[.-]\d{1,3}[.-]\d{1,3})|([0-9a-f]{8})|([0-9A-F]{8}))\N}{yes}{no}} + condition = ${if match {${lookup dnsdb{>: defer_never,ptr=$sender_host_address}}\}{$sender_helo_name}{no}{yes}} + delay = 45s + + drop condition = ${if isip{$sender_helo_name}} + message = Access denied - Invalid HELO name (See RFC2821 4.1.3) + + drop condition = ${if eq{[$interface_address]}{$sender_helo_name}} + message = $interface_address is _my_ address + + accept + + +acl_check_rcpt: + accept hosts = : + + deny message = Restricted characters in address + domains = +local_domains + local_parts = ^[.] : ^.*[@%!/|] + + deny message = Restricted characters in address + domains = !+local_domains + local_parts = ^[./|] : ^.*[@%!] : ^.*/\\.\\./ + + require verify = sender + + accept hosts = +relay_from_hosts + control = submission + + accept authenticated = * + control = submission/domain= + + deny message = Rejected because $sender_host_address is in a black list at $dnslist_domain\n$dnslist_text + hosts = !+whitelist + dnslists = ${readfile {/etc/exim/dnsbl.conf}{:}} + + require message = relay not permitted + domains = +local_domains : +relay_to_domains + + deny message = smtp auth requried + sender_domains = +local_domains + !authenticated = * + + require verify = recipient + +.ifdef CLAMD + warn set acl_m0 = no + + warn condition = ${if exists {/etc/exim/domains/$domain/antivirus}{yes}{no}} + set acl_m0 = yes +.endif + +.ifdef SPAMASSASSIN + warn set acl_m1 = no + + warn condition = ${if exists {/etc/exim/domains/$domain/antispam}{yes}{no}} + set acl_m1 = yes +.endif + + accept + + +acl_check_data: +.ifdef CLAMD + deny message = Message contains a virus ($malware_name) and has been rejected + malware = * + condition = ${if eq{$acl_m0}{yes}{yes}{no}} +.endif + +.ifdef SPAMASSASSIN + warn !authenticated = * + hosts = !+relay_from_hosts + condition = ${if < {$message_size}{100K}} + condition = ${if eq{$acl_m1}{yes}{yes}{no}} + spam = nobody:true/defer_ok + add_header = X-Spam-Score: $spam_score_int + add_header = X-Spam-Bar: $spam_bar + add_header = X-Spam-Report: $spam_report + set acl_m2 = $spam_score_int + + warn condition = ${if !eq{$acl_m2}{} {yes}{no}} + condition = ${if >{$acl_m2}{SPAM_SCORE} {yes}{no}} + add_header = X-Spam-Status: Yes + message = SpamAssassin detected spam (from $sender_address to $recipients). +.endif + + accept + + +acl_check_mime: + deny message = Blacklisted file extension detected + condition = ${if match {${lc:$mime_filename}}{\N(\.ade|\.adp|\.bat|\.chm|\.cmd|\.com|\.cpl|\.exe|\.hta|\.ins|\.isp|\.jse|\.lib|\.lnk|\.mde|\.msc|\.msp|\.mst|\.pif|\.scr|\.sct|\.shb|\.sys|\.vb|\.vbe|\.vbs|\.vxd|\.wsc|\.wsf|\.wsh)$\N}{1}{0}} + + accept + + + +###################################################################### +# AUTHENTICATION CONFIGURATION # +###################################################################### +begin authenticators + +login: + driver = plaintext + public_name = LOGIN + client_send = ": user@smartrelay.vestacp.com : p4sw0rd" + server_set_id = $auth1 + +dovecot_plain: + driver = dovecot + public_name = PLAIN + server_socket = /var/run/dovecot/auth-client + server_set_id = $auth1 + +dovecot_login: + driver = dovecot + public_name = LOGIN + server_socket = /var/run/dovecot/auth-client + server_set_id = $auth1 + + + +###################################################################### +# ROUTERS CONFIGURATION # +# Specifies how addresses are handled # +###################################################################### +begin routers + +smarthost: + driver = manualroute + domains = ! +local_domains + transport = remote_smtp_auth + route_list = * smartrelay.vestacp.com + +dnslookup: + driver = dnslookup + domains = !+local_domains + transport = remote_smtp + no_more + +userforward: + driver = redirect + check_local_user + file = $home/.forward + allow_filter + no_verify + no_expn + check_ancestor + file_transport = address_file + pipe_transport = address_pipe + reply_transport = address_reply + +procmail: + driver = accept + check_local_user + require_files = ${local_part}:+${home}/.procmailrc:/usr/bin/procmail + transport = procmail + no_verify + +autoreplay: + driver = accept + require_files = /etc/exim/domains/$domain/autoreply.${local_part}.msg + condition = ${if exists{/etc/exim/domains/$domain/autoreply.${local_part}.msg}}{yes}{no}} + retry_use_local_part + transport = userautoreply + unseen + +aliases: + driver = redirect + headers_add = X-redirected: yes + data = ${extract{1}{:}{${lookup{$local_part@$domain}lsearch{/etc/exim/domains/$domain/aliases}}}} + require_files = /etc/exim/domains/$domain/aliases + redirect_router = dnslookup + pipe_transport = address_pipe + unseen + +localuser_fwd_only: + driver = accept + transport = devnull + condition = ${if exists{/etc/exim/domains/$domain/fwd_only}{${lookup{$local_part}lsearch{/etc/exim/domains/$domain/fwd_only}{true}{false}}}} + +localuser_spam: + driver = accept + transport = local_spam_delivery + condition = ${if eq {${if match{$h_X-Spam-Status:}{\N^Yes\N}{yes}{no}}} {${lookup{$local_part}lsearch{/etc/exim/domains/$domain/passwd}{yes}{no_such_user}}}} + +localuser: + driver = accept + transport = local_delivery + condition = ${lookup{$local_part}lsearch{/etc/exim/domains/$domain/passwd}{true}{false}} + +catchall: + driver = redirect + headers_add = X-redirected: yes + require_files = /etc/exim/domains/$domain/aliases + data = ${extract{1}{:}{${lookup{*@$domain}lsearch{/etc/exim/domains/$domain/aliases}}}} + file_transport = local_delivery + redirect_router = dnslookup + +terminate_alias: + driver = accept + transport = devnull + condition = ${lookup{$local_part@$domain}lsearch{/etc/exim/domains/$domain/aliases}{true}{false}} + + + +###################################################################### +# TRANSPORTS CONFIGURATION # +###################################################################### +begin transports + +remote_smtp: + driver = smtp + dkim_domain = DKIM_DOMAIN + dkim_selector = mail + dkim_private_key = DKIM_PRIVATE_KEY + dkim_canon = relaxed + dkim_strict = 0 + +remote_smtp_auth: + driver = smtp + hosts = smartrelay.vestacp.com + hosts_require_auth = smartrelay.vestacp.com + +procmail: + driver = pipe + command = "/usr/bin/procmail -d $local_part" + return_path_add + delivery_date_add + envelope_to_add + user = $local_part + initgroups + return_output + +local_delivery: + driver = appendfile + maildir_format + maildir_use_size_file + user = ${extract{2}{:}{${lookup{$local_part}lsearch{/etc/exim/domains/$domain/passwd}}}} + group = mail + create_directory + directory_mode = 770 + mode = 660 + use_lockfile = no + delivery_date_add + envelope_to_add + return_path_add + directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim/domains/$domain/passwd}}}}/mail/$domain/$local_part" + quota = ${extract{6}{:}{${lookup{$local_part}lsearch{/etc/exim/domains/$domain/passwd}}}}M + quota_warn_threshold = 75% + +local_spam_delivery: + driver = appendfile + maildir_format + maildir_use_size_file + user = ${extract{2}{:}{${lookup{$local_part}lsearch{/etc/exim/domains/$domain/passwd}}}} + group = mail + create_directory + directory_mode = 770 + mode = 660 + use_lockfile = no + delivery_date_add + envelope_to_add + return_path_add + directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim/domains/$domain/passwd}}}}/mail/$domain/$local_part/.Spam" + quota = ${extract{6}{:}{${lookup{$local_part}lsearch{/etc/exim/domains/$domain/passwd}}}}M + quota_directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim/domains/$domain/passwd}}}}/mail/$domain/$local_part" + quota_warn_threshold = 75% + +address_pipe: + driver = pipe + return_output + +address_file: + driver = appendfile + delivery_date_add + envelope_to_add + return_path_add + +address_reply: + driver = autoreply + +userautoreply: + driver = autoreply + file = /etc/exim/domains/$domain/autoreply.${local_part}.msg + from = "${local_part}@${domain}" + subject = "${if def:h_Subject: {Autoreply: ${quote:${escape:$h_Subject:}}} {Autoreply Message}}" + to = "${sender_address}" + +devnull: + driver = appendfile + file = /dev/null + + + +###################################################################### +# RETRY CONFIGURATION # +###################################################################### +begin retry + +# Address or Domain Error Retries +# ----------------- ----- ------- +* * F,2h,15m; G,16h,1h,1.5; F,4d,6h + + + +###################################################################### +# REWRITE CONFIGURATION # +###################################################################### +begin rewrite + + + +###################################################################### diff --git a/install/rhel/6/exim/exim.conf b/install/rhel/6/exim/exim.conf new file mode 100644 index 000000000..0f9830168 --- /dev/null +++ b/install/rhel/6/exim/exim.conf @@ -0,0 +1,376 @@ +###################################################################### +# # +# Exim configuration file for Vesta Control Panel # +# # +###################################################################### + +#SPAMASSASSIN = yes +#SPAM_SCORE = 50 +#CLAMD = yes + +domainlist local_domains = dsearch;/etc/exim/domains/ +domainlist relay_to_domains = dsearch;/etc/exim/domains/ +hostlist relay_from_hosts = 127.0.0.1 +hostlist whitelist = net-iplsearch;/etc/exim/white-blocks.conf +hostlist spammers = net-iplsearch;/etc/exim/spam-blocks.conf +no_local_from_check +untrusted_set_sender = * +acl_smtp_connect = acl_check_spammers +acl_smtp_mail = acl_check_mail +acl_smtp_rcpt = acl_check_rcpt +acl_smtp_data = acl_check_data +acl_smtp_mime = acl_check_mime + +.ifdef SPAMASSASSIN +spamd_address = 127.0.0.1 783 +.endif + +.ifdef CLAMD +av_scanner = clamd: /var/run/clamav/clamd.sock +.endif + +tls_advertise_hosts = * +tls_certificate = /usr/local/vesta/ssl/certificate.crt +tls_privatekey = /usr/local/vesta/ssl/certificate.key + +daemon_smtp_ports = 25 : 465 : 587 : 2525 +tls_on_connect_ports = 465 +never_users = root +host_lookup = * +rfc1413_hosts = * +rfc1413_query_timeout = 5s +ignore_bounce_errors_after = 2d +timeout_frozen_after = 7d + +DKIM_DOMAIN = ${lc:${domain:$h_from:}} +DKIM_FILE = /etc/exim/domains/${lc:${domain:$h_from:}}/dkim.pem +DKIM_PRIVATE_KEY = ${if exists{DKIM_FILE}{DKIM_FILE}{0}} + + + +###################################################################### +# ACL CONFIGURATION # +# Specifies access control lists for incoming SMTP mail # +###################################################################### +begin acl + +acl_check_spammers: + accept hosts = +whitelist + + drop message = Your host in blacklist on this server. + log_message = Host in blacklist + hosts = +spammers + + accept + + +acl_check_mail: + deny condition = ${if eq{$sender_helo_name}{}} + message = HELO required before MAIL + + drop message = Helo name contains a ip address (HELO was $sender_helo_name) and not is valid + condition = ${if match{$sender_helo_name}{\N((\d{1,3}[.-]\d{1,3}[.-]\d{1,3}[.-]\d{1,3})|([0-9a-f]{8})|([0-9A-F]{8}))\N}{yes}{no}} + condition = ${if match {${lookup dnsdb{>: defer_never,ptr=$sender_host_address}}\}{$sender_helo_name}{no}{yes}} + delay = 45s + + drop condition = ${if isip{$sender_helo_name}} + message = Access denied - Invalid HELO name (See RFC2821 4.1.3) + + drop condition = ${if eq{[$interface_address]}{$sender_helo_name}} + message = $interface_address is _my_ address + + accept + + +acl_check_rcpt: + accept hosts = : + + deny message = Restricted characters in address + domains = +local_domains + local_parts = ^[.] : ^.*[@%!/|] + + deny message = Restricted characters in address + domains = !+local_domains + local_parts = ^[./|] : ^.*[@%!] : ^.*/\\.\\./ + + require verify = sender + + accept hosts = +relay_from_hosts + control = submission + + accept authenticated = * + control = submission/domain= + + deny message = Rejected because $sender_host_address is in a black list at $dnslist_domain\n$dnslist_text + hosts = !+whitelist + dnslists = ${readfile {/etc/exim/dnsbl.conf}{:}} + + require message = relay not permitted + domains = +local_domains : +relay_to_domains + + deny message = smtp auth requried + sender_domains = +local_domains + !authenticated = * + + require verify = recipient + +.ifdef CLAMD + warn set acl_m0 = no + + warn condition = ${if exists {/etc/exim/domains/$domain/antivirus}{yes}{no}} + set acl_m0 = yes +.endif + +.ifdef SPAMASSASSIN + warn set acl_m1 = no + + warn condition = ${if exists {/etc/exim/domains/$domain/antispam}{yes}{no}} + set acl_m1 = yes +.endif + + accept + + +acl_check_data: +.ifdef CLAMD + deny message = Message contains a virus ($malware_name) and has been rejected + malware = * + condition = ${if eq{$acl_m0}{yes}{yes}{no}} +.endif + +.ifdef SPAMASSASSIN + warn !authenticated = * + hosts = !+relay_from_hosts + condition = ${if < {$message_size}{100K}} + condition = ${if eq{$acl_m1}{yes}{yes}{no}} + spam = nobody:true/defer_ok + add_header = X-Spam-Score: $spam_score_int + add_header = X-Spam-Bar: $spam_bar + add_header = X-Spam-Report: $spam_report + set acl_m2 = $spam_score_int + + warn condition = ${if !eq{$acl_m2}{} {yes}{no}} + condition = ${if >{$acl_m2}{SPAM_SCORE} {yes}{no}} + add_header = X-Spam-Status: Yes + message = SpamAssassin detected spam (from $sender_address to $recipients). +.endif + + accept + + +acl_check_mime: + deny message = Blacklisted file extension detected + condition = ${if match {${lc:$mime_filename}}{\N(\.ade|\.adp|\.bat|\.chm|\.cmd|\.com|\.cpl|\.exe|\.hta|\.ins|\.isp|\.jse|\.lib|\.lnk|\.mde|\.msc|\.msp|\.mst|\.pif|\.scr|\.sct|\.shb|\.sys|\.vb|\.vbe|\.vbs|\.vxd|\.wsc|\.wsf|\.wsh)$\N}{1}{0}} + + accept + + + +###################################################################### +# AUTHENTICATION CONFIGURATION # +###################################################################### +begin authenticators + +dovecot_plain: + driver = dovecot + public_name = PLAIN + server_socket = /var/run/dovecot/auth-client + server_set_id = $auth1 + +dovecot_login: + driver = dovecot + public_name = LOGIN + server_socket = /var/run/dovecot/auth-client + server_set_id = $auth1 + + + +###################################################################### +# ROUTERS CONFIGURATION # +# Specifies how addresses are handled # +###################################################################### +begin routers + +#smarthost: +# driver = manualroute +# domains = ! +local_domains +# transport = remote_smtp +# route_list = * smartrelay.vestacp.com +# no_more +# no_verify + +dnslookup: + driver = dnslookup + domains = !+local_domains + transport = remote_smtp + no_more + +userforward: + driver = redirect + check_local_user + file = $home/.forward + allow_filter + no_verify + no_expn + check_ancestor + file_transport = address_file + pipe_transport = address_pipe + reply_transport = address_reply + +procmail: + driver = accept + check_local_user + require_files = ${local_part}:+${home}/.procmailrc:/usr/bin/procmail + transport = procmail + no_verify + +autoreplay: + driver = accept + require_files = /etc/exim/domains/$domain/autoreply.${local_part}.msg + condition = ${if exists{/etc/exim/domains/$domain/autoreply.${local_part}.msg}}{yes}{no}} + retry_use_local_part + transport = userautoreply + unseen + +aliases: + driver = redirect + headers_add = X-redirected: yes + data = ${extract{1}{:}{${lookup{$local_part@$domain}lsearch{/etc/exim/domains/$domain/aliases}}}} + require_files = /etc/exim/domains/$domain/aliases + redirect_router = dnslookup + pipe_transport = address_pipe + unseen + +localuser_fwd_only: + driver = accept + transport = devnull + condition = ${if exists{/etc/exim/domains/$domain/fwd_only}{${lookup{$local_part}lsearch{/etc/exim/domains/$domain/fwd_only}{true}{false}}}} + +localuser_spam: + driver = accept + transport = local_spam_delivery + condition = ${if eq {${if match{$h_X-Spam-Status:}{\N^Yes\N}{yes}{no}}} {${lookup{$local_part}lsearch{/etc/exim/domains/$domain/passwd}{yes}{no_such_user}}}} + +localuser: + driver = accept + transport = local_delivery + condition = ${lookup{$local_part}lsearch{/etc/exim/domains/$domain/passwd}{true}{false}} + +catchall: + driver = redirect + headers_add = X-redirected: yes + require_files = /etc/exim/domains/$domain/aliases + data = ${extract{1}{:}{${lookup{*@$domain}lsearch{/etc/exim/domains/$domain/aliases}}}} + file_transport = local_delivery + redirect_router = dnslookup + +terminate_alias: + driver = accept + transport = devnull + condition = ${lookup{$local_part@$domain}lsearch{/etc/exim/domains/$domain/aliases}{true}{false}} + + + +###################################################################### +# TRANSPORTS CONFIGURATION # +###################################################################### +begin transports + +remote_smtp: + driver = smtp + #helo_data = $sender_address_domain + dkim_domain = DKIM_DOMAIN + dkim_selector = mail + dkim_private_key = DKIM_PRIVATE_KEY + dkim_canon = relaxed + dkim_strict = 0 + +procmail: + driver = pipe + command = "/usr/bin/procmail -d $local_part" + return_path_add + delivery_date_add + envelope_to_add + user = $local_part + initgroups + return_output + +local_delivery: + driver = appendfile + maildir_format + maildir_use_size_file + user = ${extract{2}{:}{${lookup{$local_part}lsearch{/etc/exim/domains/$domain/passwd}}}} + group = mail + create_directory + directory_mode = 770 + mode = 660 + use_lockfile = no + delivery_date_add + envelope_to_add + return_path_add + directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim/domains/$domain/passwd}}}}/mail/$domain/$local_part" + quota = ${extract{6}{:}{${lookup{$local_part}lsearch{/etc/exim/domains/$domain/passwd}}}}M + quota_warn_threshold = 75% + +local_spam_delivery: + driver = appendfile + maildir_format + maildir_use_size_file + user = ${extract{2}{:}{${lookup{$local_part}lsearch{/etc/exim/domains/$domain/passwd}}}} + group = mail + create_directory + directory_mode = 770 + mode = 660 + use_lockfile = no + delivery_date_add + envelope_to_add + return_path_add + directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim/domains/$domain/passwd}}}}/mail/$domain/$local_part/.Spam" + quota = ${extract{6}{:}{${lookup{$local_part}lsearch{/etc/exim/domains/$domain/passwd}}}}M + quota_directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim/domains/$domain/passwd}}}}/mail/$domain/$local_part" + quota_warn_threshold = 75% + +address_pipe: + driver = pipe + return_output + +address_file: + driver = appendfile + delivery_date_add + envelope_to_add + return_path_add + +address_reply: + driver = autoreply + +userautoreply: + driver = autoreply + file = /etc/exim/domains/$domain/autoreply.${local_part}.msg + from = "${local_part}@${domain}" + subject = "${if def:h_Subject: {Autoreply: ${quote:${escape:$h_Subject:}}} {Autoreply Message}}" + to = "${sender_address}" + +devnull: + driver = appendfile + file = /dev/null + + +###################################################################### +# RETRY CONFIGURATION # +###################################################################### +begin retry + +# Address or Domain Error Retries +# ----------------- ----- ------- +* * F,2h,15m; G,16h,1h,1.5; F,4d,6h + + + +###################################################################### +# REWRITE CONFIGURATION # +###################################################################### +begin rewrite + + + +###################################################################### diff --git a/install/rhel/6/exim/spam-blocks.conf b/install/rhel/6/exim/spam-blocks.conf new file mode 100644 index 000000000..e69de29bb diff --git a/install/rhel/6/fail2ban.tar.gz b/install/rhel/6/fail2ban.tar.gz new file mode 100644 index 0000000000000000000000000000000000000000..563451b41911801445523d68e3fe4f910f1adc7c GIT binary patch literal 727 zcmV;|0x10-iwFR>PexP#1MQbfPvbBU$9vAF7>NVYN@*TV+6y4T0s@I;ky^NPdvKFU z>fOW%iPHsXKm6KBD6~yWk)Yj&f0yPl@i_R>*Fv5J=ZON1&hDswPicD z-1Fox50A!rzlpW?IkRDFAW*suH&qXf7i60>)#Z1meaHC7MSn#0qgkB384%Q7>V&{=ANXhy?u<3!{eK%Q$AA0%-*(NV{@+pke=EG`|5XN*J-=Xi;dz(`MHIoEOb8$apCIGZtF{Ni zImRi^wLP&lTwZ^^x;;JXkF+rgcNFc=OX64@CuABe>>V=WG7RxSSV8*}99(?u4~{@S zMjv=VUA66~gC(n`Yt4OXPF7D2@*_ZjfG>?;%LLnd+SA zm*dN;XVn*?(#43yDYewqhJG?dFX5Z0)uwM0ti5Wv_%XkaHeJ@*Sa$UlYkPXqytI{P z)6$mCo6NTQOVK#jyR-h_xN)-8sak&Uvi7d4NTER9egiTc J failed to login +ignoreregex = + diff --git a/install/rhel/fail2ban.jail.conf b/install/rhel/6/fail2ban/fail2ban.jail.conf similarity index 100% rename from install/rhel/fail2ban.jail.conf rename to install/rhel/6/fail2ban/fail2ban.jail.conf diff --git a/install/rhel/6/firewall.tar.gz b/install/rhel/6/firewall.tar.gz new file mode 100644 index 0000000000000000000000000000000000000000..e8556008077364323d7d6b6934e7a2cf7a734983 GIT binary patch literal 540 zcmV+%0^|K3iwFQ5XyQ}=1MQVdkJ>O4Mzij(@XnhsKo&*MSlh#7(1g=&0&FEG%?Me6ampuO4>y-_`!)kpP&FT0Pj|*j)GSV93 zG0u%P9?@5H>Ue&9TJ8w(mS4U;YbU>kw!5dto6pc!`1H`piz?!Qs? zZ2zTY(j)A}O)l`C?|(Hfn=&r%X0(YbN~&_+%&1`W&E*1z3IZzVUki(*D`*Kk5kQkG z1wFz!17_g@d9ch)G0;wCGL8I9sNtr~X-yEB=^d3PuoC0XT$oBik3eT~aJ zPYYM7vf@1@^`frQB1w}O-E1jovb=r04Y>?eKuHocY1?18ny~4FyPO>aM4!NUUOmFePy(-1M3SddTi>v8NVjB&*t=IgAYbgkDfmmx*FWy-yM^~-2uA1 z`-8QZ4$iCJUfZClsXi!k+gGp^gsj(jT}WJxQ(W4?Rswg^FKlTCd%;5d=XH e1VIo4K@bE%5ClOG1VIqwGCu%8Tmj4gC;$K)2?m1z literal 0 HcmV?d00001 diff --git a/install/rhel/6/firewall/ports.conf b/install/rhel/6/firewall/ports.conf new file mode 100644 index 000000000..a6ef4dae5 --- /dev/null +++ b/install/rhel/6/firewall/ports.conf @@ -0,0 +1,16 @@ +PROTOCOL='TCP' PORT='20' +PROTOCOL='TCP' PORT='21' +PROTOCOL='TCP' PORT='22' +PROTOCOL='TCP' PORT='25' +PROTOCOL='UDP' PORT='53' +PROTOCOL='TCP' PORT='80' +PROTOCOL='TCP' PORT='443' +PROTOCOL='TCP' PORT='110' +PROTOCOL='UDP' PORT='123' +PROTOCOL='TCP' PORT='143' +PROTOCOL='TCP' PORT='3306' +PROTOCOL='TCP' PORT='5432' +PROTOCOL='TCP' PORT='8080' +PROTOCOL='TCP' PORT='8433' +PROTOCOL='TCP' PORT='8083' +PROTOCOL='TCP' PORT='12000:12100' diff --git a/install/rhel/6/firewall/rules.conf b/install/rhel/6/firewall/rules.conf new file mode 100644 index 000000000..956c2e1d9 --- /dev/null +++ b/install/rhel/6/firewall/rules.conf @@ -0,0 +1,10 @@ +RULE='1' ACTION='ACCEPT' PROTOCOL='ICMP' PORT='0' IP='0.0.0.0/0' COMMENT='PING' SUSPENDED='no' TIME='17:13:48' DATE='2014-09-16' +RULE='2' ACTION='ACCEPT' PROTOCOL='TCP' PORT='8083' IP='0.0.0.0/0' COMMENT='VESTA' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='3' ACTION='ACCEPT' PROTOCOL='TCP' PORT='3306,5432' IP='0.0.0.0/0' COMMENT='DB' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='4' ACTION='ACCEPT' PROTOCOL='TCP' PORT='143,993' IP='0.0.0.0/0' COMMENT='IMAP' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='5' ACTION='ACCEPT' PROTOCOL='TCP' PORT='110,995' IP='0.0.0.0/0' COMMENT='POP3' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='6' ACTION='ACCEPT' PROTOCOL='TCP' PORT='25,465,587,2525' IP='0.0.0.0/0' COMMENT='SMTP' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='7' ACTION='ACCEPT' PROTOCOL='UDP' PORT='53' IP='0.0.0.0/0' COMMENT='DNS' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='8' ACTION='ACCEPT' PROTOCOL='TCP' PORT='21,12000-12100' IP='0.0.0.0/0' COMMENT='FTP' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='9' ACTION='ACCEPT' PROTOCOL='TCP' PORT='80,443' IP='0.0.0.0/0' COMMENT='WEB' SUSPENDED='no' TIME='17:04:27' DATE='2014-09-24' +RULE='10' ACTION='ACCEPT' PROTOCOL='TCP' PORT='22' IP='0.0.0.0/0' COMMENT='SSH' SUSPENDED='no' TIME='17:14:41' DATE='2014-09-16' diff --git a/install/rhel/6/httpd/httpd.conf b/install/rhel/6/httpd/httpd.conf new file mode 100644 index 000000000..e4ca29eb5 --- /dev/null +++ b/install/rhel/6/httpd/httpd.conf @@ -0,0 +1,256 @@ +ServerTokens OS +ServerRoot "/etc/httpd" +PidFile run/httpd.pid +Timeout 30 +KeepAlive Off +MaxKeepAliveRequests 100 +KeepAliveTimeout 10 + + + StartServers 8 + MinSpareServers 5 + MaxSpareServers 20 + ServerLimit 256 + MaxClients 200 + MaxRequestsPerChild 4000 + + + + StartServers 2 + MaxClients 200 + MinSpareThreads 25 + MaxSpareThreads 75 + ThreadsPerChild 25 + MaxRequestsPerChild 4000 + + + + StartServers 8 + MinSpareServers 5 + MaxSpareServers 20 + ServerLimit 256 + MaxClients 256 + MaxRequestsPerChild 4000 + + +LoadModule auth_basic_module modules/mod_auth_basic.so +LoadModule auth_digest_module modules/mod_auth_digest.so +LoadModule authn_file_module modules/mod_authn_file.so +LoadModule authn_alias_module modules/mod_authn_alias.so +LoadModule authn_anon_module modules/mod_authn_anon.so +#LoadModule authn_dbm_module modules/mod_authn_dbm.so +LoadModule authn_default_module modules/mod_authn_default.so +LoadModule authz_host_module modules/mod_authz_host.so +LoadModule authz_user_module modules/mod_authz_user.so +LoadModule authz_owner_module modules/mod_authz_owner.so +LoadModule authz_groupfile_module modules/mod_authz_groupfile.so +#LoadModule authz_dbm_module modules/mod_authz_dbm.so +LoadModule authz_default_module modules/mod_authz_default.so +#LoadModule ldap_module modules/mod_ldap.so +#LoadModule authnz_ldap_module modules/mod_authnz_ldap.so +LoadModule include_module modules/mod_include.so +LoadModule log_config_module modules/mod_log_config.so +LoadModule logio_module modules/mod_logio.so +LoadModule env_module modules/mod_env.so +LoadModule ext_filter_module modules/mod_ext_filter.so +LoadModule mime_magic_module modules/mod_mime_magic.so +LoadModule expires_module modules/mod_expires.so +LoadModule deflate_module modules/mod_deflate.so +LoadModule headers_module modules/mod_headers.so +LoadModule usertrack_module modules/mod_usertrack.so +LoadModule setenvif_module modules/mod_setenvif.so +LoadModule mime_module modules/mod_mime.so +LoadModule dav_module modules/mod_dav.so +LoadModule status_module modules/mod_status.so +LoadModule autoindex_module modules/mod_autoindex.so +#LoadModule info_module modules/mod_info.so +#LoadModule dav_fs_module modules/mod_dav_fs.so +LoadModule vhost_alias_module modules/mod_vhost_alias.so +LoadModule negotiation_module modules/mod_negotiation.so +LoadModule dir_module modules/mod_dir.so +LoadModule actions_module modules/mod_actions.so +#LoadModule speling_module modules/mod_speling.so +#LoadModule userdir_module modules/mod_userdir.so +LoadModule alias_module modules/mod_alias.so +LoadModule rewrite_module modules/mod_rewrite.so +LoadModule proxy_module modules/mod_proxy.so +#LoadModule proxy_balancer_module modules/mod_proxy_balancer.so +#LoadModule proxy_ftp_module modules/mod_proxy_ftp.so +#LoadModule proxy_http_module modules/mod_proxy_http.so +#LoadModule proxy_connect_module modules/mod_proxy_connect.so +LoadModule cache_module modules/mod_cache.so +LoadModule suexec_module modules/mod_suexec.so +#LoadModule disk_cache_module modules/mod_disk_cache.so +#LoadModule file_cache_module modules/mod_file_cache.so +#LoadModule mem_cache_module modules/mod_mem_cache.so +LoadModule cgi_module modules/mod_cgi.so +LoadModule version_module modules/mod_version.so + +Include conf.d/*.conf + +ExtendedStatus On + +User apache +Group apache + +ServerAdmin root@localhost +UseCanonicalName Off +DocumentRoot "/var/www/html" + + Options SymLinksIfOwnerMatch + AllowOverride None + + + + Options Indexes SymLinksIfOwnerMatch + AllowOverride None + Order allow,deny + Allow from all + + + + UserDir public_html + + +DirectoryIndex index.php index.htm index.html + +AccessFileName .htaccess + + Order allow,deny + Deny from all + +TypesConfig /etc/mime.types + +DefaultType text/plain + + + MIMEMagicFile conf/magic + + +HostnameLookups Off + +ErrorLog logs/error_log +LogLevel warn + +LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined +LogFormat "%h %l %u %t \"%r\" %>s %b" common +LogFormat "%{Referer}i -> %U" referer +LogFormat "%{User-agent}i" agent +LogFormat "%b" bytes +CustomLog logs/access_log combined + +ServerSignature On + +Alias /icons/ "/var/www/icons/" + + + Options Indexes MultiViews + AllowOverride None + Order allow,deny + Allow from all + + + + AllowOverride None + Order allow,deny + Allow from all + + +ScriptAlias /cgi-bin/ "/var/www/cgi-bin/" + + + AllowOverride None + Options ExecCGI + Order allow,deny + Allow from all + + +IndexOptions FancyIndexing VersionSort NameWidth=* HTMLTable + +AddIconByEncoding (CMP,/icons/compressed.gif) x-compress x-gzip +AddIconByType (TXT,/icons/text.gif) text/* +AddIconByType (IMG,/icons/image2.gif) image/* +AddIconByType (SND,/icons/sound2.gif) audio/* +AddIconByType (VID,/icons/movie.gif) video/* +AddIcon /icons/binary.gif .bin .exe +AddIcon /icons/binhex.gif .hqx +AddIcon /icons/tar.gif .tar +AddIcon /icons/world2.gif .wrl .wrl.gz .vrml .vrm .iv +AddIcon /icons/compressed.gif .Z .z .tgz .gz .zip +AddIcon /icons/a.gif .ps .ai .eps +AddIcon /icons/layout.gif .html .shtml .htm .pdf +AddIcon /icons/text.gif .txt +AddIcon /icons/c.gif .c +AddIcon /icons/p.gif .pl .py +AddIcon /icons/f.gif .for +AddIcon /icons/dvi.gif .dvi +AddIcon /icons/uuencoded.gif .uu +AddIcon /icons/script.gif .conf .sh .shar .csh .ksh .tcl +AddIcon /icons/tex.gif .tex +AddIcon /icons/bomb.gif core +AddIcon /icons/back.gif .. +AddIcon /icons/hand.right.gif README +AddIcon /icons/folder.gif ^^DIRECTORY^^ +AddIcon /icons/blank.gif ^^BLANKICON^^ +DefaultIcon /icons/unknown.gif +ReadmeName README.html +HeaderName HEADER.html +IndexIgnore .??* *~ *# HEADER* README* RCS CVS *,v *,t +AddLanguage ca .ca +AddLanguage cs .cz .cs +AddLanguage da .dk +AddLanguage de .de +AddLanguage el .el +AddLanguage en .en +AddLanguage eo .eo +AddLanguage es .es +AddLanguage et .et +AddLanguage fr .fr +AddLanguage he .he +AddLanguage hr .hr +AddLanguage it .it +AddLanguage ja .ja +AddLanguage ko .ko +AddLanguage ltz .ltz +AddLanguage nl .nl +AddLanguage nn .nn +AddLanguage no .no +AddLanguage pl .po +AddLanguage pt .pt +AddLanguage pt-BR .pt-br +AddLanguage ru .ru +AddLanguage sv .sv +AddLanguage zh-CN .zh-cn +AddLanguage zh-TW .zh-tw +LanguagePriority en ca cs da de el eo es et fr he hr it ja ko ltz nl nn no pl pt pt-BR ru sv zh-CN zh-TW +ForceLanguagePriority Prefer Fallback + +AddDefaultCharset UTF-8 + +AddType application/x-compress .Z +AddType application/x-gzip .gz .tgz +AddType image/x-icon .ico + +AddType text/html .shtml +AddOutputFilter INCLUDES .shtml + +ErrorDocument 403 /error/403.html +ErrorDocument 404 /error/404.html +ErrorDocument 500 /error/50x.html +ErrorDocument 501 /error/50x.html +ErrorDocument 502 /error/50x.html +ErrorDocument 503 /error/50x.html +ErrorDocument 506 /error/50x.html + +BrowserMatch "Mozilla/2" nokeepalive +BrowserMatch "MSIE 4\.0b2;" nokeepalive downgrade-1.0 force-response-1.0 +BrowserMatch "RealPlayer 4\.0" force-response-1.0 +BrowserMatch "Java/1\.0" force-response-1.0 +BrowserMatch "JDK/1\.0" force-response-1.0 +BrowserMatch "Microsoft Data Access Internet Publishing Provider" redirect-carefully +BrowserMatch "MS FrontPage" redirect-carefully +BrowserMatch "^WebDrive" redirect-carefully +BrowserMatch "^WebDAVFS/1.[0123]" redirect-carefully +BrowserMatch "^gnome-vfs/1.0" redirect-carefully +BrowserMatch "^XML Spy" redirect-carefully +BrowserMatch "^Dreamweaver-WebDAV-SCM1" redirect-carefully diff --git a/install/rhel/6/httpd/ruid2.conf b/install/rhel/6/httpd/ruid2.conf new file mode 100644 index 000000000..42f908a85 --- /dev/null +++ b/install/rhel/6/httpd/ruid2.conf @@ -0,0 +1,8 @@ +LoadModule ruid2_module modules/mod_ruid2.so + + + RMode config + RDefaultUidGid apache apache + RUidGid apache apache + RGroups apache + diff --git a/install/rhel/6/httpd/ssl.conf b/install/rhel/6/httpd/ssl.conf new file mode 100644 index 000000000..6835e420b --- /dev/null +++ b/install/rhel/6/httpd/ssl.conf @@ -0,0 +1,12 @@ +LoadModule ssl_module modules/mod_ssl.so + +AddType application/x-x509-ca-cert .crt +AddType application/x-pkcs7-crl .crl + +SSLPassPhraseDialog builtin +SSLSessionCache shmcb:/var/cache/mod_ssl/scache(512000) +SSLSessionCacheTimeout 300 +SSLMutex default +SSLRandomSeed startup file:/dev/urandom 256 +SSLRandomSeed connect builtin +SSLCryptoDevice builtin diff --git a/install/rhel/6/httpd/status.conf b/install/rhel/6/httpd/status.conf new file mode 100644 index 000000000..f68f293dc --- /dev/null +++ b/install/rhel/6/httpd/status.conf @@ -0,0 +1,7 @@ +Listen 127.0.0.1:8081 + + SetHandler server-status + Order deny,allow + Deny from all + Allow from 127.0.0.1 + diff --git a/install/rhel/6/logrotate/httpd b/install/rhel/6/logrotate/httpd new file mode 100644 index 000000000..80dab8e29 --- /dev/null +++ b/install/rhel/6/logrotate/httpd @@ -0,0 +1,10 @@ +/var/log/httpd/*log /var/log/httpd/domains/*log { + missingok + notifempty + compress + sharedscripts + postrotate + /sbin/service httpd reload > /dev/null 2>/dev/null || true + [ ! -f /var/run/nginx.pid ] || kill -USR1 `cat /var/run/nginx.pid` + endscript +} diff --git a/install/rhel/6/logrotate/nginx b/install/rhel/6/logrotate/nginx new file mode 100644 index 000000000..b1da1bf16 --- /dev/null +++ b/install/rhel/6/logrotate/nginx @@ -0,0 +1,12 @@ +/var/log/nginx/*log /var/log/nginx/domains/*log { + create 0644 nginx nginx + daily + rotate 10 + missingok + notifempty + compress + sharedscripts + postrotate + [ -f /var/run/nginx.pid ] && kill -USR1 `cat /var/run/nginx.pid` + endscript +} diff --git a/install/rhel/6/logrotate/vesta b/install/rhel/6/logrotate/vesta new file mode 100644 index 000000000..027a34396 --- /dev/null +++ b/install/rhel/6/logrotate/vesta @@ -0,0 +1,7 @@ +/usr/local/vesta/log/*.log { + missingok + notifempty + size 30k + yearly + create 0600 root root +} diff --git a/install/rhel/6/mariadb/my-large.cnf b/install/rhel/6/mariadb/my-large.cnf new file mode 100644 index 000000000..4e6c2225c --- /dev/null +++ b/install/rhel/6/mariadb/my-large.cnf @@ -0,0 +1,38 @@ +[mysqld] +datadir=/var/lib/mysql +socket=/var/lib/mysql/mysql.sock +symbolic-links=0 + +skip-external-locking +key_buffer_size = 256M +max_allowed_packet = 32M +table_open_cache = 256 +sort_buffer_size = 1M +read_buffer_size = 1M +read_rnd_buffer_size = 4M +myisam_sort_buffer_size = 64M +thread_cache_size = 8 +query_cache_size= 16M +thread_concurrency = 8 + +#innodb_use_native_aio = 0 +innodb_file_per_table + +max_connections=200 +max_user_connections=50 +wait_timeout=10 +interactive_timeout=50 +long_query_time=5 + +#slow_query_log=1 +#slow_query_log_file=/var/log/mysql-slow-queries.log + + +[mysqld_safe] +log-error=/var/log/mariadb/mariadb.log +pid-file=/var/run/mariadb/mariadb.pid + +# +# include all files from the config directory +# +!includedir /etc/my.cnf.d diff --git a/install/rhel/6/mariadb/my-medium.cnf b/install/rhel/6/mariadb/my-medium.cnf new file mode 100644 index 000000000..fa255ec52 --- /dev/null +++ b/install/rhel/6/mariadb/my-medium.cnf @@ -0,0 +1,37 @@ +[mysqld] +datadir=/var/lib/mysql +socket=/var/lib/mysql/mysql.sock +symbolic-links=0 + +skip-external-locking +key_buffer_size = 16M +max_allowed_packet = 16M +table_open_cache = 64 +sort_buffer_size = 512K +net_buffer_length = 8K +read_buffer_size = 256K +read_rnd_buffer_size = 512K +myisam_sort_buffer_size = 8M + +#innodb_use_native_aio = 0 +innodb_file_per_table + +max_connections=70 +max_user_connections=30 +wait_timeout=10 +interactive_timeout=50 +long_query_time=5 + +#slow_query_log=1 +#slow_query_log_file=/var/log/mysql-slow-queries.log + + + +[mysqld_safe] +log-error=/var/log/mariadb/mariadb.log +pid-file=/var/run/mariadb/mariadb.pid + +# +# include all files from the config directory +# +!includedir /etc/my.cnf.d diff --git a/install/rhel/6/mariadb/my-small.cnf b/install/rhel/6/mariadb/my-small.cnf new file mode 100644 index 000000000..7d2fdc1b3 --- /dev/null +++ b/install/rhel/6/mariadb/my-small.cnf @@ -0,0 +1,35 @@ +[mysqld] +datadir=/var/lib/mysql +socket=/var/lib/mysql/mysql.sock +symbolic-links=0 + +skip-external-locking +key_buffer_size = 32K +max_allowed_packet = 8M +table_open_cache = 4 +sort_buffer_size = 128K +read_buffer_size = 256K +read_rnd_buffer_size = 256K +net_buffer_length = 2K +thread_stack = 240K + +#innodb_use_native_aio = 0 +innodb_file_per_table + +max_connections=50 +max_user_connections=25 +wait_timeout=10 +interactive_timeout=50 +long_query_time=5 + +#slow_query_log=1 +#slow_query_log_file=/var/log/mysql-slow-queries.log + +[mysqld_safe] +log-error=/var/log/mariadb/mariadb.log +pid-file=/var/run/mariadb/mariadb.pid + +# +# include all files from the config directory +# +!includedir /etc/my.cnf.d diff --git a/install/rhel/6/mysqld/my-large.cnf b/install/rhel/6/mysqld/my-large.cnf new file mode 100644 index 000000000..b548eeb87 --- /dev/null +++ b/install/rhel/6/mysqld/my-large.cnf @@ -0,0 +1,38 @@ +[mysqld] +datadir=/var/lib/mysql +socket=/var/lib/mysql/mysql.sock +symbolic-links=0 + +skip-external-locking +key_buffer_size = 256M +max_allowed_packet = 32M +table_open_cache = 256 +sort_buffer_size = 1M +read_buffer_size = 1M +read_rnd_buffer_size = 4M +myisam_sort_buffer_size = 64M +thread_cache_size = 8 +query_cache_size= 16M +thread_concurrency = 8 + +#innodb_use_native_aio = 0 +innodb_file_per_table + +max_connections=200 +max_user_connections=50 +wait_timeout=10 +interactive_timeout=50 +long_query_time=5 + +#slow_query_log=1 +#slow_query_log_file=/var/log/mysql-slow-queries.log + + +[mysqld_safe] +log-error=/var/log/mysqld.log +pid-file=/var/run/mysqld/mysqld.pid + +# +# include all files from the config directory +# +!includedir /etc/my.cnf.d diff --git a/install/rhel/6/mysqld/my-medium.cnf b/install/rhel/6/mysqld/my-medium.cnf new file mode 100644 index 000000000..e5f2677fc --- /dev/null +++ b/install/rhel/6/mysqld/my-medium.cnf @@ -0,0 +1,37 @@ +[mysqld] +datadir=/var/lib/mysql +socket=/var/lib/mysql/mysql.sock +symbolic-links=0 + +skip-external-locking +key_buffer_size = 16M +max_allowed_packet = 16M +table_open_cache = 64 +sort_buffer_size = 512K +net_buffer_length = 8K +read_buffer_size = 256K +read_rnd_buffer_size = 512K +myisam_sort_buffer_size = 8M + +#innodb_use_native_aio = 0 +innodb_file_per_table + +max_connections=70 +max_user_connections=30 +wait_timeout=10 +interactive_timeout=50 +long_query_time=5 + +#slow_query_log=1 +#slow_query_log_file=/var/log/mysql-slow-queries.log + + + +[mysqld_safe] +log-error=/var/log/mysqld.log +pid-file=/var/run/mysqld/mysqld.pid + +# +# include all files from the config directory +# +!includedir /etc/my.cnf.d diff --git a/install/rhel/6/mysqld/my-small.cnf b/install/rhel/6/mysqld/my-small.cnf new file mode 100644 index 000000000..966c49c3a --- /dev/null +++ b/install/rhel/6/mysqld/my-small.cnf @@ -0,0 +1,35 @@ +[mysqld] +datadir=/var/lib/mysql +socket=/var/lib/mysql/mysql.sock +symbolic-links=0 + +skip-external-locking +key_buffer_size = 16K +max_allowed_packet = 1M +table_open_cache = 4 +sort_buffer_size = 64K +read_buffer_size = 256K +read_rnd_buffer_size = 256K +net_buffer_length = 2K +thread_stack = 240K + +#innodb_use_native_aio = 0 +innodb_file_per_table + +max_connections=50 +max_user_connections=25 +wait_timeout=10 +interactive_timeout=50 +long_query_time=5 + +#slow_query_log=1 +#slow_query_log_file=/var/log/mysql-slow-queries.log + +[mysqld_safe] +log-error=/var/log/mysqld.log +pid-file=/var/run/mysqld/mysqld.pid + +# +# include all files from the config directory +# +!includedir /etc/my.cnf.d diff --git a/install/rhel/6/named/named.conf b/install/rhel/6/named/named.conf new file mode 100644 index 000000000..472bd829b --- /dev/null +++ b/install/rhel/6/named/named.conf @@ -0,0 +1,13 @@ +options { + directory "/var/named"; + dump-file "/var/named/data/cache_dump.db"; + pid-file "/var/run/named/named.pid"; + statistics-file "/var/named/data/named_stats.txt"; + version "get lost"; + allow-transfer {"none";}; + recursion no; + +}; + +include "/etc/rndc.key"; + diff --git a/install/rhel/6/nginx/nginx.conf b/install/rhel/6/nginx/nginx.conf new file mode 100644 index 000000000..0316de7ac --- /dev/null +++ b/install/rhel/6/nginx/nginx.conf @@ -0,0 +1,101 @@ +# Server globals +user nginx; +worker_processes 2; +error_log /var/log/nginx/error.log; +pid /var/run/nginx.pid; + + +# Worker config +events { + worker_connections 1024; + use epoll; +} + + +http { + # Main settings + sendfile on; + tcp_nopush on; + tcp_nodelay on; + client_header_timeout 1m; + client_body_timeout 1m; + client_header_buffer_size 2k; + client_body_buffer_size 256k; + client_max_body_size 100m; + large_client_header_buffers 4 8k; + send_timeout 30; + keepalive_timeout 60 60; + reset_timedout_connection on; + server_tokens off; + server_name_in_redirect off; + server_names_hash_max_size 512; + server_names_hash_bucket_size 512; + + + # Log format + log_format main '$remote_addr - $remote_user [$time_local] $request ' + '"$status" $body_bytes_sent "$http_referer" ' + '"$http_user_agent" "$http_x_forwarded_for"'; + log_format bytes '$body_bytes_sent'; + #access_log /var/log/nginx/access.log main; + access_log off; + + + # Mime settings + include /etc/nginx/mime.types; + default_type application/octet-stream; + + + # Compression + gzip on; + gzip_comp_level 9; + gzip_min_length 512; + gzip_buffers 8 64k; + gzip_types text/plain text/css text/javascript + application/x-javascript; + gzip_proxied any; + + + # Proxy settings + proxy_redirect off; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_pass_header Set-Cookie; + proxy_connect_timeout 90; + proxy_send_timeout 90; + proxy_read_timeout 90; + proxy_buffers 32 4k; + + + # SSL PCI Compliance + ssl_session_cache shared:SSL:10m; + ssl_protocols TLSv1 TLSv1.1 TLSv1.2; + ssl_prefer_server_ciphers on; + ssl_ciphers "ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4"; + + + # Error pages + error_page 403 /error/403.html; + error_page 404 /error/404.html; + error_page 502 503 504 /error/50x.html; + + + # Cache + proxy_cache_path /var/cache/nginx levels=2 keys_zone=cache:10m inactive=60m max_size=512m; + proxy_temp_path /var/cache/nginx/temp; + proxy_cache_key "$host$request_uri $cookie_user"; + proxy_ignore_headers Expires Cache-Control; + proxy_cache_use_stale error timeout invalid_header http_502; + proxy_cache_valid any 3d; + + map $http_cookie $no_cache { + default 0; + ~SESS 1; + ~wordpress_logged_in 1; + } + + + # Wildcard include + include /etc/nginx/conf.d/*.conf; +} diff --git a/install/rhel/6/nginx/phpmyadmin.inc b/install/rhel/6/nginx/phpmyadmin.inc new file mode 100644 index 000000000..09da52076 --- /dev/null +++ b/install/rhel/6/nginx/phpmyadmin.inc @@ -0,0 +1,15 @@ +location /phpmyadmin { + alias /usr/share/phpMyAdmin/; + + location ~ /(libraries|setup) { + return 404; + } + + location ~ ^/phpmyadmin/(.*\.php)$ { + alias /usr/share/phpMyAdmin/$1; + fastcgi_pass 127.0.0.1:9000; + fastcgi_index index.php; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $request_filename; + } +} diff --git a/install/rhel/6/nginx/phppgadmin.inc b/install/rhel/6/nginx/phppgadmin.inc new file mode 100644 index 000000000..333e560a2 --- /dev/null +++ b/install/rhel/6/nginx/phppgadmin.inc @@ -0,0 +1,11 @@ +location /phppgadmin { + alias /usr/share/phpPgAdmin/; + + location ~ ^/phppgadmin/(.*\.php)$ { + alias /usr/share/phpPgAdmin/$1; + fastcgi_pass 127.0.0.1:9000; + fastcgi_index index.php; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $request_filename; + } +} diff --git a/install/rhel/6/nginx/status.conf b/install/rhel/6/nginx/status.conf new file mode 100644 index 000000000..c0bcd0691 --- /dev/null +++ b/install/rhel/6/nginx/status.conf @@ -0,0 +1,9 @@ +server { + listen 127.0.0.1:8084 default; + server_name _; + server_name_in_redirect off; + location / { + stub_status on; + access_log off; + } +} diff --git a/install/rhel/6/nginx/webmail.inc b/install/rhel/6/nginx/webmail.inc new file mode 100644 index 000000000..2d0fbe293 --- /dev/null +++ b/install/rhel/6/nginx/webmail.inc @@ -0,0 +1,15 @@ +location /webmail { + alias /usr/share/roundcubemail/; + + location ~ /(config|temp|logs) { + return 404; + } + + location ~ ^/webmail/(.*\.php)$ { + alias /usr/share/roundcubemail/$1; + fastcgi_pass 127.0.0.1:9000; + fastcgi_index index.php; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $request_filename; + } +} diff --git a/install/rhel/6/packages.tar.gz b/install/rhel/6/packages.tar.gz new file mode 100644 index 0000000000000000000000000000000000000000..8159005437ddef03e93df18548119984a8ee56b6 GIT binary patch literal 552 zcmV+@0@wW?iwFSC#Bfyr1MQVxZ<{a_#q*p`kvCq}%r*v8q&^TpDl3635OsTsSi@LU z22r37`}VUTaYD$pRw944-Jc?XkFPQ0>Kw14r{^e%i}$_Lff$-X>#M3Xt{ZxoC^E&A z5MGC|ig9nCoba6lFGU%x2ZLU;_`b}3Q}?I&zm(Os|EnmClXVth#pl)B|IRAP7AMMdRw8svL}te)>+`D4TJf;&k;wP3i85!f4nFKkqBVQQQH)Y=Ga&TW=dieZ}m z%nP@xjL;bEo@!2gZ~nm_ZD*a}Vg7OEhXx-r_(yuyqhp2lLg7!(3Or2nrzqtgHcZRK zyR0BhMd}Clw(GLmJk673R{vkK3ExWUht8ONKhku1t5dCdFE%C!D>q2JL9F7^P2WTK zzeuB!2f&XD_+L{G@}J5C{C^gj{uicwga5_EYy6MVVE|N0BLRdWBA`;58L*RfAy6;e zr9d^_i-CH6F9&cd2P&nLAdt5~fQc^O>R7(cAQ1jfqGeWm$=CUX&wo_=A7SwSIXJuj zTlR0czh(Zm_m5cr!1)Kpf0ggMuss&G$GXgZ=sImL5dPovt9$pq?fl1F$Fimn@c%i0 q^Z(@MKh~+LE7u+b0000000000000000002MKgCa859^TtC;$N0s~9Z+ literal 0 HcmV?d00001 diff --git a/install/rhel/6/packages/default.pkg b/install/rhel/6/packages/default.pkg new file mode 100644 index 000000000..3df21d3df --- /dev/null +++ b/install/rhel/6/packages/default.pkg @@ -0,0 +1,19 @@ +WEB_TEMPLATE='default' +BACKEND_TEMPLATE='default' +PROXY_TEMPLATE='default' +DNS_TEMPLATE='default' +WEB_DOMAINS='100' +WEB_ALIASES='100' +DNS_DOMAINS='100' +DNS_RECORDS='100' +MAIL_DOMAINS='100' +MAIL_ACCOUNTS='100' +DATABASES='100' +CRON_JOBS='100' +DISK_QUOTA='10000' +BANDWIDTH='100000' +NS='ns1.localhost.ltd,ns2.localhost.ltd' +SHELL='nologin' +BACKUPS='3' +TIME='11:46:50' +DATE='2015-06-05' diff --git a/install/rhel/6/packages/gainsboro.pkg b/install/rhel/6/packages/gainsboro.pkg new file mode 100644 index 000000000..2b66b7d17 --- /dev/null +++ b/install/rhel/6/packages/gainsboro.pkg @@ -0,0 +1,19 @@ +WEB_TEMPLATE='default' +BACKEND_TEMPLATE='default' +PROXY_TEMPLATE='default' +DNS_TEMPLATE='default' +WEB_DOMAINS='10' +WEB_ALIASES='10' +DNS_DOMAINS='10' +DNS_RECORDS='10' +MAIL_DOMAINS='10' +MAIL_ACCOUNTS='10' +DATABASES='10' +CRON_JOBS='10' +DISK_QUOTA='10000' +BANDWIDTH='10000' +NS='ns1.localhost.ltd,ns2.localhost.ltd' +SHELL='nologin' +BACKUPS='1' +TIME='11:31:30' +DATE='2015-06-05' diff --git a/install/rhel/6/packages/palegreen.pkg b/install/rhel/6/packages/palegreen.pkg new file mode 100644 index 000000000..b17e5e1b2 --- /dev/null +++ b/install/rhel/6/packages/palegreen.pkg @@ -0,0 +1,19 @@ +WEB_TEMPLATE='hosting' +BACKEND_TEMPLATE='default' +PROXY_TEMPLATE='hosting' +DNS_TEMPLATE='default' +WEB_DOMAINS='50' +WEB_ALIASES='50' +DNS_DOMAINS='50' +DNS_RECORDS='50' +MAIL_DOMAINS='50' +MAIL_ACCOUNTS='50' +DATABASES='50' +CRON_JOBS='50' +DISK_QUOTA='50000' +BANDWIDTH='50000' +NS='ns1.localhost.ltd,ns2.localhost.ltd' +SHELL='nologin' +BACKUPS='5' +TIME='07:49:47' +DATE='2015-06-05' diff --git a/install/rhel/6/packages/slategrey.pkg b/install/rhel/6/packages/slategrey.pkg new file mode 100644 index 000000000..cc9ef423c --- /dev/null +++ b/install/rhel/6/packages/slategrey.pkg @@ -0,0 +1,19 @@ +WEB_TEMPLATE='default' +BACKEND_TEMPLATE='default' +PROXY_TEMPLATE='default' +DNS_TEMPLATE='default' +WEB_DOMAINS='100' +WEB_ALIASES='100' +DNS_DOMAINS='100' +DNS_RECORDS='100' +MAIL_DOMAINS='100' +MAIL_ACCOUNTS='100' +DATABASES='100' +CRON_JOBS='100' +DISK_QUOTA='10000' +BANDWIDTH='100000' +NS='ns1.localhost.ltd,ns2.localhost.ltd' +SHELL='nologin' +BACKUPS='3' +TIME='12:39:13' +DATE='2015-06-05' diff --git a/install/rhel/6/pga/config.inc.php b/install/rhel/6/pga/config.inc.php new file mode 100644 index 000000000..1eec9776c --- /dev/null +++ b/install/rhel/6/pga/config.inc.php @@ -0,0 +1,159 @@ + diff --git a/install/rhel/6/pga/phpPgAdmin.conf b/install/rhel/6/pga/phpPgAdmin.conf new file mode 100644 index 000000000..4f6ea1b53 --- /dev/null +++ b/install/rhel/6/pga/phpPgAdmin.conf @@ -0,0 +1,14 @@ +# +# This configuration file maps the phpPgAdmin directory into the URL space. +# By default this application is only accessible from the local host. +# + +Alias /phpPgAdmin /usr/share/phpPgAdmin +Alias /phppgadmin /usr/share/phpPgAdmin + + + Order deny,allow + Deny from all + Allow from 127.0.0.1 + Allow from all + diff --git a/install/rhel/6/php-fpm/www.conf b/install/rhel/6/php-fpm/www.conf new file mode 100644 index 000000000..260109d8f --- /dev/null +++ b/install/rhel/6/php-fpm/www.conf @@ -0,0 +1,10 @@ +[www] +listen = 127.0.0.1:9000 +listen.allowed_clients = 127.0.0.1 +user = apache +group = apache +pm = dynamic +pm.max_children = 50 +pm.start_servers = 5 +pm.min_spare_servers = 3 +pm.max_spare_servers = 35 diff --git a/install/rhel/6/pma/config.inc.conf b/install/rhel/6/pma/config.inc.conf new file mode 100644 index 000000000..47ae207e4 --- /dev/null +++ b/install/rhel/6/pma/config.inc.conf @@ -0,0 +1,143 @@ +. + * + * @package phpMyAdmin + */ + +/* + * This is needed for cookie based authentication to encrypt password in + * cookie + */ +$cfg['blowfish_secret'] = '%blowfish_secret%'; /* YOU MUST FILL IN THIS FOR COOKIE AUTH! */ + +/* + * Servers configuration + */ +$i = 0; + +/* + * First server + */ +$i++; +/* Authentication type */ +$cfg['Servers'][$i]['auth_type'] = 'cookie'; +/* Server parameters */ +$cfg['Servers'][$i]['host'] = 'localhost'; +$cfg['Servers'][$i]['connect_type'] = 'tcp'; +$cfg['Servers'][$i]['compress'] = false; +/* Select mysqli if your server has it */ +$cfg['Servers'][$i]['extension'] = 'mysql'; +$cfg['Servers'][$i]['AllowNoPassword'] = false; + +/* + * phpMyAdmin configuration storage settings. + */ + +/* User used to manipulate with storage */ +// $cfg['Servers'][$i]['controluser'] = 'pma'; +// $cfg['Servers'][$i]['controlpass'] = 'pmapass'; + +/* Storage database and tables */ +// $cfg['Servers'][$i]['pmadb'] = 'phpmyadmin'; +// $cfg['Servers'][$i]['bookmarktable'] = 'pma_bookmark'; +// $cfg['Servers'][$i]['relation'] = 'pma_relation'; +// $cfg['Servers'][$i]['table_info'] = 'pma_table_info'; +// $cfg['Servers'][$i]['table_coords'] = 'pma_table_coords'; +// $cfg['Servers'][$i]['pdf_pages'] = 'pma_pdf_pages'; +// $cfg['Servers'][$i]['column_info'] = 'pma_column_info'; +// $cfg['Servers'][$i]['history'] = 'pma_history'; +// $cfg['Servers'][$i]['tracking'] = 'pma_tracking'; +// $cfg['Servers'][$i]['designer_coords'] = 'pma_designer_coords'; +// $cfg['Servers'][$i]['userconfig'] = 'pma_userconfig'; +/* Contrib / Swekey authentication */ +// $cfg['Servers'][$i]['auth_swekey_config'] = '/etc/swekey-pma.conf'; + +/* + * End of servers configuration + */ + +/* + * Directories for saving/loading files from server + */ +$cfg['UploadDir'] = ''; +$cfg['SaveDir'] = ''; + +/** + * Defines whether a user should be displayed a "show all (records)" + * button in browse mode or not. + * default = false + */ +//$cfg['ShowAll'] = true; + +/** + * Number of rows displayed when browsing a result set. If the result + * set contains more rows, "Previous" and "Next". + * default = 30 + */ +//$cfg['MaxRows'] = 50; + +/** + * Use graphically less intense menu tabs + * default = false + */ +//$cfg['LightTabs'] = true; + +/** + * disallow editing of binary fields + * valid values are: + * false allow editing + * 'blob' allow editing except for BLOB fields + * 'all' disallow editing + * default = blob + */ +//$cfg['ProtectBinary'] = 'false'; + +/** + * Default language to use, if not browser-defined or user-defined + * (you find all languages in the locale folder) + * uncomment the desired line: + * default = 'en' + */ +//$cfg['DefaultLang'] = 'en'; +//$cfg['DefaultLang'] = 'de'; + +/** + * default display direction (horizontal|vertical|horizontalflipped) + */ +//$cfg['DefaultDisplay'] = 'vertical'; + + +/** + * How many columns should be used for table display of a database? + * (a value larger than 1 results in some information being hidden) + * default = 1 + */ +//$cfg['PropertiesNumColumns'] = 2; + +/** + * Set to true if you want DB-based query history.If false, this utilizes + * JS-routines to display query history (lost by window close) + * + * This requires configuration storage enabled, see above. + * default = false + */ +//$cfg['QueryHistoryDB'] = true; + +/** + * When using DB-based query history, how many entries should be kept? + * + * default = 25 + */ +//$cfg['QueryHistoryMax'] = 100; + +/* + * You can find more configuration options in Documentation.html + * or here: http://wiki.phpmyadmin.net/pma/Config + */ +?> diff --git a/install/rhel/6/pma/phpMyAdmin.conf b/install/rhel/6/pma/phpMyAdmin.conf new file mode 100644 index 000000000..0049ef2b7 --- /dev/null +++ b/install/rhel/6/pma/phpMyAdmin.conf @@ -0,0 +1,39 @@ +# phpMyAdmin - Web based MySQL browser written in php +# +# Allows only localhost by default +# +# But allowing phpMyAdmin to anyone other than localhost should be considered +# dangerous unless properly secured by SSL + +Alias /phpMyAdmin /usr/share/phpMyAdmin +Alias /phpmyadmin /usr/share/phpMyAdmin + + + Order Deny,Allow + Deny from All + Allow from All + + + + Order Deny,Allow + Deny from All + Allow from All + + +# This directory does not require access over HTTP - taken from the original +# phpMyAdmin upstream tarball +# + + Order Deny,Allow + Deny from All + Allow from None + + +# This configuration prevents mod_security at phpMyAdmin directories from +# filtering SQL etc. This may break your mod_security implementation. +# +# +# +# SecRuleInheritance Off +# +# diff --git a/install/ubuntu/pg_hba.conf b/install/rhel/6/postgresql/pg_hba.conf similarity index 100% rename from install/ubuntu/pg_hba.conf rename to install/rhel/6/postgresql/pg_hba.conf diff --git a/install/debian/proftpd.conf b/install/rhel/6/proftpd/proftpd.conf similarity index 84% rename from install/debian/proftpd.conf rename to install/rhel/6/proftpd/proftpd.conf index e948e92a8..6b89d125e 100644 --- a/install/debian/proftpd.conf +++ b/install/rhel/6/proftpd/proftpd.conf @@ -1,15 +1,14 @@ -LoadModule mod_vroot.c ServerName "FTP" ServerIdent on "FTP Server ready." ServerAdmin root@localhost DefaultServer on -VRootEngine off +VRootEngine on DefaultRoot ~ !adm AuthPAMConfig proftpd AuthOrder mod_auth_pam.c* mod_auth_unix.c UseReverseDNS off -User proftpd -Group nogroup +User nobody +Group nobody MaxInstances 20 UseSendfile off LogFormat default "%h %l %u %t \"%r\" %s %b" diff --git a/install/rhel/6/remi-release.rpm b/install/rhel/6/remi-release.rpm new file mode 100644 index 0000000000000000000000000000000000000000..555c7abeb1dde19a38a81e61f93152a8f31ea46f GIT binary patch literal 5688 zcmbVP2Uru?_8%aC!~&@3Vp&EXAiO03LaGabbVLOyN)d6AnZQUIlZ38<9kCY#cU|m0 z3o7bjUr`Zt^(l(=zhZf^R@U-VKo|9$8^*f(|2{wG`)+>oyZ4-XN^Z`%`D62=-z+eA z%os{d^B77+5qgRz=8JgVd`czeqiMAMC65_q`MKD<%6n$)oHgJT7(-y7_Y*Mez;I`l z17JgecLlWSc*j83;vT$nV5ndq-VBKJbud8R;t!S=0)oE9V?ZQd3&U)dzl9|hYky!p zHc}ggy_`JS-u$%=tC)1MigRqwxf$yo&bwp3i1CjPWPZacjOyu{=)Tvap4D$7wm#c2 z=Y?JF4lhzEl*mZZn6@lU|TXP&$PKDNid`{5N zg0LiIlxbhv3jn6Py?y(30leFNlvfFcadTkK9|q)wn~v6DkT5#IK#w__N0e9e9icql z2SmI(%O9}37t2weZD0(5f%H+H5zl1#BS6Trc>*BX59J;9Gat+Hr|fzm%bx+F^=T|` zVL6Hi>9?|c3Cr66!Jhd}mbbI(r&#`)<#$;AhULg_*pCCgnf!YW2>x?WtZ>xL(LRWy zSb&>OKjK{Apksmb5J%?{@@LV7

d<$8vN|kv#Gr$=kB)Wh_VE0g_+M@}7X;gT)p= z1j{GtU!jug5ammD>WMUtc%*6N+xI(K@(rHG9 zFwj~JuGBI((tr=0R!h)3@8suT9HnJ5lGLc8T~k4 zMgy&)^%TQZQF>FBlMzG$IcfBckih*R zS83D!s^f{p=IRZU8V}KA(TrB3hU9t%La%?PhQ1Tn++;(^P!t~yxQf;ob1;pTU=-=d zrX~DVI=w1dTeKFj$UCVX$X~e^bVs3r@Dln^0y!!6QYt0hQkhIHQh0d_MTAl;RLT@y zltQc&cu9PGL=sXd7Yj*>APJF-5@G^xF+obj0!k_u$Ye5!4<+`NNR=WlfrOArNwI{G z`;ZDRl9EXjG9MvyUQ$Go0+~qWLrDb!RM^L*5?*{S#z5neVl#Wup+YvS-(+R@|s#B|Ixm%D{ ztz#%X`~*X36*ZDjQ+lx7v4&=X=`=WlALgQoT$PqE3G2g&EGn9zlyr_e21n_g8Y>c^ zPsnpe73$+lofs2iK722}kmrpF`C`783DGAe;tNbf%J+hpV(sz*Vn&P&7}bYgGyM9* zn#gOtYa(9H42Z}{t%)!ms0mw}91u3-a!u%@u{EIy0|Guem$)w!pxA)WjuYH*R?!I_ zg7a_@-y4kKgoeaTo?&0CCws4keE(84o~*+bPw=HG;*Zny#b%^%Zx(gjo4;5`@)bJb zuh0>Fg^utmbbP)-NAMLosNu4?=HUcM;<|L5Nc>T|!ahuk{yI%ka$_2;QEE*~Tpms` zS{<$=Xq7gLV$_r&T}$F@)ppZo(*{L4>W+-or~yeit#OC_Lx%H^MY)kykwBs0;RLRx z8Ai)MM>62?F~eb6LuH$cK<|OxXn+~`t>SWm#GTncU0@OVC=z+k!MUlbNFq?5pgZU1 zj~O;JHYg$jH&8hSjD-9nySblBb#T;YO#kcNzHMIs?{=>xc?n6-V{ZM~WtBNLz^ofg za-zefxW#hk1w)JE4$nF_ zeq=;etVQasQtl-~>VpQmd7>ThJJn5#`cjLfz|QlPNjRDHZELU5zL)2?fdBX9_Ny}7@mi9!sZVS z`MGby{hoRK-|QMa%xY0rnd;yZl}(EI?+HI2+PC}hqP^U{IgxUo2S0@0UHN^vZhcYJ z@L98WN)M;F6dp{tyb@^A|P_!eiw&DU|~sil#fJ$K4xl-gK?8?WJ}KcWH&~&h{>8 z?b>OzDJgS?tUn{WRrV&e(AmNv>q^~%=_2(RG`Ecg!Auk-d*~D}o{p!a_%Uzw8|8cB?q5Xdn~?D?PcL{cE9F%!_UTt? zQM5~XSj#BB4;~hmJT2>F)TxJ6x9=59D4F}R_x~+&?nG`@PuuU~exNCcyR_GtFmsEX z;7KbR+BL0-Z|35?j%;>6<6ILHT-UtS=0D@?dx;}n`p%1$?=N0kJm2A$@z+*_c8gyV z(3bDIY*{sPU|ZUfTd%xtxsFacv&M2`lgFyLKloppts8j1Rq%VKi?X+>r?0xHx_Rk4!r&JSdT_CKVF>0;+6A<8p*1S z&jWXFD_G}ebIv~Sj=w(R=7fsY3zFnMt6o-Q3!MfyJB1pt%zrHJbTQd3()`8xD&nqq z%#yj`hhD53|3iAauXRiO!j;Y6UaQ#eQFAn-=P{@4Pq&iT;W}N#-OJDN`g*ueg8Q=U}2wM&-rIw?K103H)CT{ukU91o||^=c}UZK z|I1sm1XF)YZCy_9*ROrpc3h|{nGlg$(sIIVjV!szCogWl)sC6R=;XRU>wUcK>eIao zE}RUmA5*t#VSb63i%Kr`Ja!JQO8$Y zNpM~IXOEv&?5&-6Y<8^M)Sky$Znj_9z_Ab&7uPO$^5ep7^J;BHf-NrfebUD`HVmpb zQdf8@f~=l8jz6IG(Ar?Z(-h^!o~jWec0`R)_-L>^gACZ+U#e^u^tW z`8Nk_@A+@5`_y2+!H3U(+ZuYO4xccw@4ZTw+4!=pb>rn#_mhJB&+f*4-dQd>86Q4x zl*<#m`Sg#~-Q(Z<(qi>0PZC*QUo`Tlo8)xH?_So@q+f;~IT@yp-}w*g`E3_YJ3EiX zoek5Y5`Xg8#!EBe_^59BGfwA^OkBZPFlUGV>yVk1%|Z*0fXQVW*QQP%yrs1E^d?DE z)kXUljj(xY_2MO2uIdr~xy|VkJ`LAAy!?;a7yEr8jNAmK-M|7+9)+Y@49W%S#<$@E2>6gpg Ps_) diff --git a/install/rhel/6/roundcube/main.inc.php b/install/rhel/6/roundcube/main.inc.php new file mode 100644 index 000000000..a27c306eb --- /dev/null +++ b/install/rhel/6/roundcube/main.inc.php @@ -0,0 +1,40 @@ + + Order Deny,Allow + Deny from all + Allow from all + diff --git a/install/rhel/6/roundcube/vesta.php b/install/rhel/6/roundcube/vesta.php new file mode 100644 index 000000000..b8695bd17 --- /dev/null +++ b/install/rhel/6/roundcube/vesta.php @@ -0,0 +1,59 @@ + + */ + +class rcube_vesta_password +{ + function save($curpass, $passwd) + { + $rcmail = rcmail::get_instance(); + $vesta_host = $rcmail->config->get('password_vesta_host'); + + if (empty($vesta_host)) + { + $vesta_host = 'localhost'; + } + + $vesta_port = $rcmail->config->get('password_vesta_port'); + if (empty($vesta_port)) + { + $vesta_port = '8083'; + } + + $postvars = array( + 'email' => $_SESSION['username'], + 'password' => $curpass, + 'new' => $passwd + ); + + $postdata = http_build_query($postvars); + + $send = 'POST /reset/mail/ HTTP/1.1' . PHP_EOL; + $send .= 'Host: ' . $vesta_host . PHP_EOL; + $send .= 'User-Agent: PHP Script' . PHP_EOL; + $send .= 'Content-length: ' . strlen($postdata) . PHP_EOL; + $send .= 'Content-type: application/x-www-form-urlencoded' . PHP_EOL; + $send .= 'Connection: close' . PHP_EOL; + $send .= PHP_EOL; + $send .= $postdata . PHP_EOL . PHP_EOL; + + $fp = fsockopen('ssl://' . $vesta_host, $vesta_port); + fputs($fp, $send); + $result = fread($fp, 2048); + fclose($fp); + + if(strpos($result, 'ok') && !strpos($result, 'error')) + { + return PASSWORD_SUCCESS; + } + else { + return PASSWORD_ERROR; + } + + } +} diff --git a/install/rhel/6/sudo/admin b/install/rhel/6/sudo/admin new file mode 100644 index 000000000..47e16098c --- /dev/null +++ b/install/rhel/6/sudo/admin @@ -0,0 +1,7 @@ +# Created by vesta installer +Defaults env_keep="VESTA" +Defaults:admin !syslog +Defaults:admin !requiretty + +admin ALL=(ALL) ALL +admin ALL=NOPASSWD:/usr/local/vesta/bin/* diff --git a/install/rhel/6/templates.tar.gz b/install/rhel/6/templates.tar.gz new file mode 100644 index 0000000000000000000000000000000000000000..c81c85510aeb8c669dd3d2f1e5f2fb2fdf26c1c0 GIT binary patch literal 12998 zcmb7|RZ!ePm&I{+f?IG1?j9_72rj|hHNgoC?(XhR@ZcnaJHa79aCi5a`ES16ecYF= z>f3K!U0rqW>EAgtv1o8;w`DqTh-VV7{%ak{&!0ia$_j_h1}bF*(UzTuPx!A(4F=;j zkEiz#X$A(~3N(~52DaCA=(!ML(i>K-jFizEL84X9(LT7)5i{yuG^~|gZ~M`Zn^urp z!u`RF)12KwJn2#3dF8DYuo<6>a1FWsf_2Em(rXpEu$J5Q~~XEe_g zp2p|3Xp-$7Yh`k*wE)LbsjQGu-HT}%5FeqDy9zRUI+m|n;TL=XQ6010gYfUx=idbu zsXxm)LYU_=?<n;@pJf+D&|iTux{h*4>$&0RoQcWB^#V_L$-sobV$V zFl7S@<=e^!!4s+{tKw)h%$C|Yj8rh&@8i#6J>nh0zZnTtH_w0uM(aZw zSZV!jcy#)g{**&ddIkKJ0rolAujN-Z;92H-TPR-FOX2ekhW)c**&N2Uh$2q0$TSHe z{1y@q1t)l5cpWfOaT8RITL1E7Z_pP$gc6SA+oaq?#WYX6?$dFPI&-53fnuz67+9Du z1kK*mM-)q9B~m6YIDJ)D+uz|fD`8pT80H$F43pkoK$qcUnm=HF$HQnRJKLXaiy>%c zqG+rW*dM~LuG90a{6HOzMZcpWU@7})-n?<3uQpP>Aa(YN6>*WbUm!V}o))WhQDM$SVaEw)c433wT1`zH2WmZBaf(34#SuL6Ds3;r zsHd=wvl5UMN&cnK*OJr7ahuyKGFXX&v&hCH@Gw=Ohw%^A)fNxhT-B{z?%RMtwK^F;M7tpOtLih0TFRGOAb84dzu)(8C<9E?*!A2`ql!#Z zR7ej)?w##E!FOh&-64t6my9wDB#AtjcU_8!4x9z_>S~>gu@awzhE-ZG6I2i4Y}L3? zI4GNtOByfl?3bs$*l|*$ZYQUQe7#csaw`^}lgRwoN4#V^FJ?>TYj)cxR?Bcur!;aZ zvDG^5i}0K5YvLq>z@bDzC1T#|wCqUFM1849{L>)Wy$v~~s%^mwl)v+k&meSfyEAVS z8S&kmfNZO87GWxC3%yun6QU?7J0B(@@tk6cL;{HqZrYk0Gl~1>Xud3Q_2b0fi)ILI zBOjATt|W*GnN z;D`8pvV@5jUPFpWe%C`p9)gNOFTUgCaut^}p&B|Fylwc2Z<6W79Q`d2iA(pP=DMv2 z-XAI3e`yAtL>B`jOMz9@jqH=~>|6c2<9C#V1B#r_b=3HFp^z;8#h>e=UM`LjiO*F6 zh!4mP;~2R;L?k{7g~mg-NQ$FRng~dDjB*2ClNot?Zu`(CmNK~xg4Xi6`1~XqhLh>H ze0#sAb&U<}CWx&On$IR3Y=wknr$@}Pd)(;Zb;-_p_<59N%=OSxiNW7SkW~t__YpeW zl64n8b^6ThO>a$oJ|c9PU3nLL_tmvu+;aQ^K=z(AhSK(ac?J6o*qto;VNV0wG?pzu zcS0H;0K+qKxz%;itP3Oi6$qn9A3uQDa@fy8YE@;vLA=OgcR(Jc+4(>W=OL&C0PgHB z)fDt1eemLQS2;UjR~L}8Bs;PFn~@Xq&Tk7Mbl?In&fn1*b4p@w638+pMl#7~&$#cr zC-$#>jL7v=jP54#b8jS;EXEY%4~Abx&1+uDraIg8bcHc!eu{@!d6PbM zmu7g4{=}QSp!%D?996wxKyH9*?KEs?v8s*4?i6s8ch<8sejL-gWW_OM5zI;{>Cur{ zQ*0>)9}H*_glpHXd+p4>r{AiSju;vK(Atx>KoLfmnT%&ZDA13Ept^5<^2Jdm@De^b zzxTP{3ws?L$@C>NcD=6Rqigi!#cc5IC$DNZ77v8l)#9y2-|i!8?&}9os;D!)v1MsS zO%vz5pu=9x~;kmf;hZr^vrHDHWD$iQ+VPf3K~v#hKFWn z>HBd5{VZ&4oM+pV3V+Qg&|PJJ;Y*vdS5P*gLfG}WK7XV~*_phX#b$MUUH&$SbXO!s z3#M!rL-n^N*U`*qJxeDNV8H#0gFDTUAZR~jp9~}EnHVT~vk|%Z$ub#gdo+v)-Tdx! z2Z+uQM}I((hF`IzCVUgV;jw{9gTUk^8m3=7!XVq+v(99i#jvC9<2IOpVk87 zaKYg*+sQ!h8^Yj3*8dG44(ZnlU>m=HqJCWiOGz17K#s}ldsMe%Ad**-57@$A5`t|S z%;9bU@F1ponh1kr73vhi_jlh9Z(xmbVtmfeHZ%=w4m8s~`Cb&8JtB70dE#z2cX5%n zdKEa6v+lc%foaZ&(d0agGHJO?@Rm#x+($W%KN&eOi#^4H)l{$MyvGuPqj;Y4YZy!e z5PQXOTRwyQaBuzXAlnj?KSGZ$r(Y74SjsZKNF2jVRtjIrde>RK7wXTZIYr_2J8GzM ztIreBX$bCAlvtQL)Cj-OkqS6lxD(^yo|r%440{?ygZq=zy5fXso9v}fW;ANk7M>`y ztuzyhkZ{q@WgV5&uKExggcsScV1v~7oQj31oC24P@U;A#toP9gRR&AlLoqJ3RSTMh zzz<8v=e0*<3XyN5qrc5`%EdE9AF2use{m_R906Uhe2U)KJCM!=U~>m5Z|VeWIgU|h z08eAJJAe$sA+f70p4KXak{(kslPm~(ZOnCUnEa1EqGW^s+{c1elmqs@Z>2@pC&E8w zF-QlhQku3%-vplXk}JN##UsNX^c~V-(h&h%buNILJu3iy`SAkQtaXL}w#t%0FjUyb zI{=-;c%=DH3l+q|(yLcLwp42gaH96kiudip?|<)+@w8vhsYlGA4bmJ79}Gv>s6)Z?95E>7dYUQx zH7sz|lsOzz#KQ}-d;O(;g?iJ8ToiFJYwhxo%gt1%9UhTIa zNrI-Y?i|iXksshP5(9b9x|f*e7d(t=du zpQ~ty?}8OD`;3 zXonV30~x{7&M3TD5k^1wONdrKjV4%iW@P-*HDcSU+r4?`KrBT(RLOEUim%|qoZWVm z;}Y%n$GdS~t2cY>+KvYyoyuns1J$nH>j{+x95p)}N7#pYxu8?UVZ2`$B={PyaUDA_ zT&KMKr_?wzKXd>Ss>N6wtB~o;ewlT%<09aeK~hE0HSnq~8~2qwtmXp_@rJ%=S~dna z;P6R5;5N_XFc4l=p{~Vuit2!@allzX8uCeE$ zM^yof?YRH@ZWa-mW79j||5-3v=+ti`s4Ur|&76)M_7>)SyXdUJiJ)hLMAd^`D zj#FkaXi;m*?c-;jPibGw7XL7l6JWf^%q=8um?Dz-F zQAy!`{Dfq+b6(QdQArdSyl9#4CAu8>x1XG?>r;&%$GDv-0~t#7f@c;4l^vc#I84Nz zkIU_fpD^NKV9NLXo5QnSK4;E_*Ujq$u+<`BI{4?Jg?P3Q2b1Zww3nn!yCaK;nK?gi zOVu~h-y?C%bgHNHMATa*a6o?%9rNhb?H-jfb<>4gOc4oZx8BdMJt-8VS4o&Wcjjh6 zvj%1{fo~Qbv+X7b19kp{%|hJZ_Br!<&(MD4520>{Og^U_O&M<4-wJAHm#e+aF)LDQ zeC|^qg$z8}rpU=+e8j7JqyIb834%}hri?)Fb;H|?s7;C$fz=O$xW$J{&$Hl7WPoD# zyT21Fwl|f66}sS99XCtR`(2R6l-m`pb=%Tkm{gs#3>R!v_)9DMFQzjqu2wI-D0;nL z_4n+&#JKh9IMTrJNV?IGv;|z7YcpSlqOa%^`08Dg9m$7k7-I4;v^fR@*0NnpQt2&q zM}toxQu5rk{K#$D1Uxn0$#IN4+#NTlfOqB{EE-LW9)xyl&;7h*iM^ZdBCX9;dguJn ziUU@o2y8qD=AOr^^@&K|+{Kq zjLMIf|+SQbanrp&$ENRgY3rvgc#PT2he9>Vgwig@DDXqDF#lJXbS zpl_Ww>U$I{OYW_$_)%VTC-B%x1$+&-IrYrwA@vRd4#;mdD&q`zgbL;)Q zR4*?+yLx_wwPgILL;&VAS~u|-#jyOv8d^VkTm)ONBJ9MftDmKEy?sb+{JZzaDq&C6 zl2nx7V2=%LXh=%KoNm~`V8lTWTbUCV)pRj>6OMUFj{Xt;H$tGV+-*k$%{w#Fg_lMT z_n-(B9-?*XYn4?)oxO zWy@FW?>pp4A)fjQ)fr09%_ z&~N7T6i_-I-^Xfexl4VM!BC6yOOeoDDKvI5N-9{Af0yR0kjmR|cP+~s`!FazXv%pa zHCpoFf`u%<)|TIY_WSXmt!Md}!Ib}tr>~En+cT`Ad?*x6F6P~%u2Qo-wl#9%Ku;6? zHD4PJ4C9$(#QIjHTXlRK5&#H)G}`A{Al z?AUVv2i0NF0(Pmr_Ni($Aan>iRWbziOI3c!L}|lVclgPVaZ*%w->m5dS(`rErS?n^x&^Y)@(aZ8qpOq%oYW_WI+2y| zw|lk1=v|rnjc3cj%A6`@NTKgu+loY~M5xR1ZdA3w0pbzqtiM=faWDv?BP=U|(!O11 zz1ck2-$=MJ${@Y(vt02B{eBHMu!|p_d94*lwI1#CoTATk=#7K&ySiJ%#KP3|(p4u- zrY3ew3cAU5BUuiHcpq0rN&Jy;LEDC316sV#r<~WuVX$+xU`w|8{Dl(56ZcP=mG_?c zgJ0(v2)loNtyJRwfu`idqQS_@=8_)x&<)4(%QS`Ez{|^ab(Epe2k#H`96?`P^!pH2 zj~lpAdgf9xw#W8`;qH)LZAd((V(!TX`MPP0w|%C?F-{t+0Tp~QUJuG+fB+g^+U!f5 zFr;##fXh{(_4kHXB%q~=HtE0<$BMBwli~Q4hHLXNR7W2-hYiLH5kspTo}Pm8=7-b9 z{!z8vN8IH13y~0in6s9*L*k0m!*5XqEs8vv>;Z(C$a1m;foX8}|6@N0lt#2SZ* zSd88SMf^>>5-D1@fUmbX-Psb{Y-n<$p_X@N_RJ!7MoH%>1!i~a(#7vjuENb82&F*_ zJtSgccd^?9Mg~1v%DI3HGHJUXjNTg-+BAIt(mMAr*nyym5ro`=5yl4re8iwrh#X69 z8NO84&WZ`C-gA*M*1O>ZdR``>f^^vpkw3d^c4ldmr&Nkxvgv$iv25#C-g9*v^V1~u!hviB}CK)v=3#3xdE=oX^&8# z@q2Q0-6e_{jW9DTx8{d6@EZH%N`?Fg=*l8LaoO0XD+HQ*5VjN!sgj1w$+RFz%Dv>t z4G~<~X8%Q>B<#-$&(4I)hX1g06a`hIOW7omT;liN+Vgw({4wj9CbjPyFZCpa3cuf!}?2Cb?&G>M?HJ|6!B-C2eVXWu<0G@uP946ldP2pVfAvv zQfkZ&+581%Wz^xQq2;XG@bKrTlL*1cdiR41yDuz@G_r(6#kbKSg@2`tnZIJgzDC?` z^eQ6kBL`|&N~M7)14}WwJrmcpSn=M{$W>2aZkKLKD$z(bZoE%AXnkt>@#~;NJ)JYw zk&lj~@^X69*vm8z{N8d~_8Es5UU;Rdo`WFv_f9Ikfkvqs4$O0bE1AnAQTaoB^buwjE+PJ5 z!cc~YJ4@&}RYnl*`>ySnIvjKwNw!RDUVTnX4`h$f<8n2tUhDksGI59ykInF*p+54v ze$bQ`TQ7(z0uXZ|L%TLb4tx6N7`;DAO>XrFjw$aA9M~6Hv18XqccVDbvaYP8=m) z`X8^-<)q3EFJ+~$rLGf}kYI%)^N?!u4dcs4GEiLe=c4x#!fLVd;`xn5pRQRi3q?qr zA}OImxt-yomx95YU8GKld2la{e`!atrmV*YtTUful;k&l`Y8M`-h-G(+qF<)k7?v^gd_{stO{2)__DdW){6m^+<^(z1N#a6 z5XmXQ0-!cb9gt*zf?1GBNZo_4-xtvunSF4&cWYV3jdw0iNFH_LZ2=_CDF)~+8KDfq0Q>_=hkw7DtvY&R8IyJTz-_k0_i9l zfF}Mntgw3nKose+oH&1|JJwG`F+*Qm2T^B+_AVcIGd2fc;Y&Ljv{d~uY$RHG#_3cz$)V?PkC~!6X@-~1xeaCHF^-$nkD9|%ORwzLS=5HbVYszW5vxbe*1 z_DTgcS;HaP*Rl%1=Hs33<$tf@7sXte*5ZE$s+A-20ZVSY|Fk2lum&QT^aq(^%ljdu zxiKfxAjUjQfOyKS^K3&FJU%^W&5oD~-ev1zjRo&HhR9ik`ymsH*9XjWX|f9=Sw69i zofVRQ4kg<$8ti<|8@6z(@yG(8nXK+rl88*H+>j@j6 zP(5)DTBf*-qUc6UVji64cUI6`Pe+FXt5*frI_$-onyh=DGNZ*h=t65!XsyNRxuOTXOa`PV|9$ zuKHTzooFW|`EMCH5quP_rF%Ugq+cjtTGHVxM?)rjl6}#^?1u5qK1BI7Ry|Sl@{?CJpi-#p@gtXp35+cEeQRpOqB^*x2g^0 zHF9`7vVs?arsIMAT_!X?W7VlMUnB!96;@ToS|xan{jOH@vJUg=F(lj+ffrXR)yAKf z@9dA(tCd=Lp6{WKSwFeeB9cbKL{PPK%*r^aOexv~4onwGDeB>0uDJZ%^l_(%G^*8( zQ9AYBAIh)x5bNs}weW{xI^k!!J#Vdt@PxRwU`)(|O0RF0*_NC5wO4 z;@C1Nl4qi)$a(sp+45S-1VHj9!k)7UvOk!QE%*D)n7qBQSM~qGwsOBKxDV~nXa_Xc5jdCOLIS( z+7xSn0`IT}Vkpgwm;`rznN&jmJe-VzrjVAFkgOs%Lgv#x(tE5K0li#4s4dok=tt${ zf(NO!dE9$0`mdavqQY_8p&vs($C&M^^hO8727Dq;(V!JX&B8h|u;hN0kQ$BGJW7Ah zP~t_ftb9)$L4&eCW@DBXOukui>^OsO;i6ffu;b9X>u4m)1}2r@CrsYD<}&7oqu#6P z;J#mH|Gw){Z)6Y3Cx$(;}G`xjm)#ujtZ|8oIWI99^oXM|SmSc5D{Meca zkzEzvzW``N*6}|=>n)||x|+%Ke*m@kqQLT5BNS*})t-gbhRneHSspfdX9=^$#UH31 zuZT0vmrNs+8g7hHG&|OR4>V$-?cfbcaF4G8a<8ik9zs6>Q+w7rIH2ja@JnU%qokf} z2T$B@bzPWb-nhKv@tu*WD{n~XS>h=qk znHw{AcMme$e+8~!(=lkvpv$)~pkHbO%D{8YMg`drewiL&jzpbH{5T$dwogrw&q+G9 zk)6R$O!v4s)esq5sC>uFw)-kaR!n1-cZ*{?^gcS{^rQ5AlOK(ktm9H)&H)U2(Wz<_ zHcH+-u$$A|;3zaA;0gL@`$^A<#p#0UWR2h-uZz^TK2kZTIuiz3Q%-#@CZeeNRyEE6 z9Uh&8vh~?PRCeoVDX^Xz>jQY52p!mlFb5dA^^;SDEdoBIR0TFH^a`5Qw5Dm8&9R1(ck_d4x_(akFkaw-iH_V+4tb7K_DsDK};A} z$*MiKWt@Xdm+smKZ$pgs@bxjJ$T#o() zURcTj@A=@sj4#jaKioYW8Yk58jv98LNmM+<9{BDCnzCgu*!vIe?wA8`B>0(u?(>Kn zzJ&&VJB2_2fqoAMJ8{{riH8l-CIvl#w+{pbR5!1$f4MHUcb`ZVPrZ?<(9|#CiViM- z=J#sS31k%iB;}kR`UJ)%3cP&<@xZhg!=5gSx4?}Z#Oo6Wt_$HQeq0M`vAzk#y6v0r zUWbqE6_MJ|JKW@tyYIwNNN7x*kB-%Y_P2AAAXGTSXX$uK!(MdEsdDqr1H#rcd(72h zC0)hW*tR7VcbMrfGk<9xv2WW~PF<2rD>;uINfECb8BmY#l1ea9TSx496tcYy7><_q z0)By+QnlEbH$@4R;}i*!t?U`HBLSO?IyEy4F~pTT=M?XJg>fEGcHufU_t4oEO9fjkdz9OF#{R{lY>J>rH3$rzc3%5k7+#7G z(niT%n0?Hn_O}UXwYS7Tpkg<-iZn2*# zN#U(53zlvm^PJkNO+c2MW0`pjuvIPGteN?VQNR(I$t)=%avLC*|IP9;JycldNI zp2AbVo7F6C6Ud&c99$Jz3C|K!=2B7N5)tIA*mSF9MsxCO&cdZpBz0-ntUh#oZ*`vf zi0LI5`7SGV*CLX~`2bWTKKfIEGcxUt<3TC@I*8@NVDhXJ21>ZE>~PwNHZ$J<6~X_Y zNsMdF`_c;EJ7266V{(H8fBuqs`LeOQaehBKYTQY;Qia6O_RoR!+9vmsl)8`N5eni; zWc3@PiWD50PK|p!JgMT7bi}9@ctKk!fxw;g%hQLDCcV^hDP z5%Fo=CYhhU_j)-nsf|sVm1*^wUbOeo!s24hr7x!XCG219y5)Mx7k-1 zcPVhfEhV!}@%WWh-bdV_g@ydXW=X?$7BfC0`o^(F8tS!{f#Zwep98H8`Iz~A1&l9o zsw+ZM0&N{bljR5Z{4z3j(lWhH(%aZH1J&f=z9cw}h#_!@`)=U2cNMoCZC;O8&Ef0}mj<9E<{>Dr^R}_6u5gB(oVv zB1-*6I_w?~Pd5iEcf3aK@AQ#h_-sHi>x@-JG&eS@WGiG$uo_)K9@#t{LrzVc)cwO!F%lf~TR( zbXqIv7>evLCN^H>qBP|2Me%5RKY94Gt-+=dwE(=IAE}6+l?1EUAfn%&@(H^l>o#$o zNg!fx9N3)GmpiFdhN@8_4Cxl#-lnr$pKyuw#WK%hD|GYPFL#n<4?nda{)zHGty>{w zvfFHvA1MwdofTJc$ZuR7O9f69U~jbF0z{pxuQ#Ul0$C8-wO)0Yo>ciBFfP_B*m@hS z(mj3`ONcMt^gHVJl|WitsDTaJkB=A2@;a&Y4tc!)9aPl-;p`pfyclcTIK! z-0esJY&!f1yybSON_l?mO}+Eghyp7@p?Ht^d-o{)c%Jpn^K?N*;Ivy}gUJWtivx-6 z9Fve@Z=@@^@%g7%e)0Cq%N)~$v|QCPG~1i4VS+6gZ69Uu%tk}fOS!Wu^9L)2M3ghG z*$ORE{iP#;qB_Q;r4*3?vqW17OHcOHd4)moHC)Nt0Pc(c!f#oJ?-fPO*Ah1Rg<7%U z;I1-(gYz&;!<#*$BE(3_d_Hdxh|d=kDvy^N@vVN>XF8cSO7xMytETOy!kb7EN{RP2 zpB@kK?R=%z^;Y$56)5Sxg?uNNX8Qtt`#j}WU}w|!menC3pP9CS>IuMhtL6Qs8eN1Djgg>{z}yEf*N*rAC6O_?J8Al%xTcIoFh^` zm^0)4sQmTMl6D~Kc*63tEre6TBAx^{u(WL!EFys2=F6RT!|#^Ybb%k(Qt&g&CK(Bk zbq(R4Y-h6JpDu1V>Td_+?H7o@z7Cfh^mb=H|Ezy@Kd&OoyT1MZ9r9XAjtLz>vyX62ke|rNDL^{0)V1 zLHd2DL#xccuuNR!60kVdYBZA1*l4Ycs9*4h&wac~A#nHM^LeT*2J_$jXqYg)b-l!M z?oTlG-RF$)rDj`nlZ>1YbEmZAwn03C9P-1=<*m~cp9VNfRc`h`I_~fd`3e za5w33utpB7K^PWV!=m(R>RkFSgi!}dVViVN$^5L03h(vVvI%^tz3$%mk~sSFSmAF@ z5V`2TPmFvLDx>eW(-vD#$+niPO&1SpRf1Yhawn-sGvb$&!6y`>_eXy=k z094jMX&m^h0ig}R0Db!fH>8*2FQD=L=yF(SuhpqL^DDJ*R_{4oyQ1%_WJJ5RyapuG zMvNLLUv$`p0m^olrjuvpNv<6&3ZFdk*SQ9E+@}ZebEyQM6TBU7E)ufrt_)Y!d6=#m zy1EB!SXvgg|M}-WYhK9g>iWvHu#a?JA~>`}yfjuJE0R_|!SAYeC~zsh={mnKJo~EG zy3e?#$>0j#fUp(K6(^{~&ebk?-QdTd@l75CSlZC^wtf zO~ZX|^Dmx`I<4^~1o@#wdXnoN&91=Xhf`2#jcWpEenx;2sDxVvI$*%tQ_x?E;h)=p zyX%wbQf>*6x=Wx@XD0w@*k$RJeVOKOdjRPWP6NW|mGdA?Y7B%{uC@FO!z^R-ImF;0 zlDrRTL>uB)x75@wIghwhfWqeGLsvaYfXzgSr?2O^C&WS7q&GsY_msov!9f6%hOxuz{cKt(<>4%z4&i&q^Q#%?iz|)aJ69v z03yia+IZBxv|VGSySM2E&R=Te7(Q!U#ATHDNF@F>eQ>Fd*40(YR4swmdIRXvX%-}- z-?{nPq@|9v%$>4)y^z~&-{;!b{;P%anMFW30gV?Ftx(-P5d1IIZGL5Nu^Q<+T1h`r zq`Pb&$5HdlSCJy-QFr&g;8OLUR-L0oSm#_F>N{aP0Zm$SzJQ!qwN=0o(ckz z3P?U1kEpH8%JLW-Qh;*y+NJU6VTz{5VCqJPreaIFX<8fxwch{>V@r?Vz+1+|v;@Vj z@4CttIncdiKB^V8B;||rU89p&RWHVL~YCzufe7Nq% zVbXwGJgDD$i*oOXTO{L=VvD?u)mk!gTQXu$XD`5Yvd5Suu0Wrwf8z5=8>ZD`%Iumg zA#(ezMdyC0R_aFdy9J){zVu)?S$sj{WCU~UfM_&p==d0Gl)pNKV6uQq2UdfQoDUW3 z%}(Oj8au|yj396O+H{UslI6?b*;YE^J*5A`AhBMCAUoOG;MR0!44(Xa>7c$ZmQ#VT z^?hd_mTlIQK&btom`cYo6KSKJ@?#DbVe+7TWq4`S1xl#eSVY3WtKJ4-q(SN0WgFCR z`mxB!&}4}sQj|~sv{T^Qm)hTJ3HC`bP-=Y{-sHK0U + + + Awstats log analyzer + + + + + + diff --git a/install/rhel/6/templates/web/awstats/nav.tpl b/install/rhel/6/templates/web/awstats/nav.tpl new file mode 100755 index 000000000..f29bed68b --- /dev/null +++ b/install/rhel/6/templates/web/awstats/nav.tpl @@ -0,0 +1,23 @@ + + + Awstats navigation + + + + + + + + +
vesta
+ +
+
+ + diff --git a/install/ubuntu/templates/web/apache2/basedir.stpl b/install/rhel/6/templates/web/httpd/basedir.stpl similarity index 85% rename from install/ubuntu/templates/web/apache2/basedir.stpl rename to install/rhel/6/templates/web/httpd/basedir.stpl index 269c09711..d568276df 100755 --- a/install/ubuntu/templates/web/apache2/basedir.stpl +++ b/install/rhel/6/templates/web/httpd/basedir.stpl @@ -15,9 +15,7 @@ AllowOverride All SSLRequireSSL Options +Includes -Indexes +ExecCGI - php_admin_value open_basedir %docroot%:%home%/%user%/tmp - php_admin_value upload_tmp_dir %home%/%user%/tmp - php_admin_value session.save_path %home%/%user%/tmp + php_admin_value open_basedir %docroot% AllowOverride All @@ -31,7 +29,7 @@ RMode config RUidGid %user% %group% - RGroups www-data + RGroups apache AssignUserID %user% %group% diff --git a/install/debian/templates/web/apache2/basedir.tpl b/install/rhel/6/templates/web/httpd/basedir.tpl similarity index 82% rename from install/debian/templates/web/apache2/basedir.tpl rename to install/rhel/6/templates/web/httpd/basedir.tpl index c24b12796..41b77334a 100755 --- a/install/debian/templates/web/apache2/basedir.tpl +++ b/install/rhel/6/templates/web/httpd/basedir.tpl @@ -14,9 +14,7 @@ AllowOverride All Options +Includes -Indexes +ExecCGI - php_admin_value open_basedir %docroot%:%home%/%user%/tmp - php_admin_value upload_tmp_dir %home%/%user%/tmp - php_admin_value session.save_path %home%/%user%/tmp + php_admin_value open_basedir %docroot% AllowOverride All @@ -25,7 +23,7 @@ RMode config RUidGid %user% %group% - RGroups www-data + RGroups apache AssignUserID %user% %group% diff --git a/install/ubuntu/templates/web/apache2/default.stpl b/install/rhel/6/templates/web/httpd/default.stpl similarity index 97% rename from install/ubuntu/templates/web/apache2/default.stpl rename to install/rhel/6/templates/web/httpd/default.stpl index da523c138..ffb536c54 100755 --- a/install/ubuntu/templates/web/apache2/default.stpl +++ b/install/rhel/6/templates/web/httpd/default.stpl @@ -28,7 +28,7 @@ RMode config RUidGid %user% %group% - RGroups www-data + RGroups apache AssignUserID %user% %group% diff --git a/install/ubuntu/templates/web/apache2/default.tpl b/install/rhel/6/templates/web/httpd/default.tpl similarity index 97% rename from install/ubuntu/templates/web/apache2/default.tpl rename to install/rhel/6/templates/web/httpd/default.tpl index b95c1ee38..29de125f9 100755 --- a/install/ubuntu/templates/web/apache2/default.tpl +++ b/install/rhel/6/templates/web/httpd/default.tpl @@ -22,7 +22,7 @@ RMode config RUidGid %user% %group% - RGroups www-data + RGroups apache AssignUserID %user% %group% diff --git a/install/rhel/6/templates/web/httpd/hosting.stpl b/install/rhel/6/templates/web/httpd/hosting.stpl new file mode 100755 index 000000000..ee06dfce7 --- /dev/null +++ b/install/rhel/6/templates/web/httpd/hosting.stpl @@ -0,0 +1,49 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + SSLRequireSSL + Options +Includes -Indexes +ExecCGI + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value upload_max_filesize 10M + php_admin_value max_execution_time 20 + php_admin_value post_max_size 8M + php_admin_value memory_limit 32M + php_admin_flag mysql.allow_persistent off + php_admin_flag safe_mode off + php_admin_value session.save_path %home%/%user%/tmp + php_admin_value sendmail_path '/usr/sbin/sendmail -t -i -f %email%' + + + AllowOverride All + + php_admin_value open_basedir %home%/%user%/web:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + RMode config + RUidGid %user% %group% + RGroups apache + + + AssignUserID %user% %group% + + + Include %home%/%user%/conf/web/s%web_system%.%domain%.conf* + + + diff --git a/install/rhel/6/templates/web/httpd/hosting.tpl b/install/rhel/6/templates/web/httpd/hosting.tpl new file mode 100755 index 000000000..c3b839972 --- /dev/null +++ b/install/rhel/6/templates/web/httpd/hosting.tpl @@ -0,0 +1,43 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value upload_max_filesize 10M + php_admin_value max_execution_time 20 + php_admin_value post_max_size 8M + php_admin_value memory_limit 32M + php_admin_flag mysql.allow_persistent off + php_admin_flag safe_mode off + php_admin_value session.save_path %home%/%user%/tmp + php_admin_value sendmail_path '/usr/sbin/sendmail -t -i -f %email%' + + + AllowOverride All + + php_admin_value open_basedir %home%/%user%/web:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube + + RMode config + RUidGid %user% %group% + RGroups apache + + + AssignUserID %user% %group% + + + Include %home%/%user%/conf/web/%web_system%.%domain%.conf* + + + diff --git a/install/rhel/6/templates/web/httpd/phpcgi.sh b/install/rhel/6/templates/web/httpd/phpcgi.sh new file mode 100755 index 000000000..6565e103d --- /dev/null +++ b/install/rhel/6/templates/web/httpd/phpcgi.sh @@ -0,0 +1,16 @@ +#!/bin/bash +# Adding php wrapper +user="$1" +domain="$2" +ip="$3" +home_dir="$4" +docroot="$5" + +wrapper_script='#!/usr/bin/php-cgi -cphp5-cgi.ini' +wrapper_file="$home_dir/$user/web/$domain/cgi-bin/php" + +echo "$wrapper_script" > $wrapper_file +chown $user:$user $wrapper_file +chmod -f 751 $wrapper_file + +exit 0 diff --git a/install/rhel/6/templates/web/httpd/phpcgi.stpl b/install/rhel/6/templates/web/httpd/phpcgi.stpl new file mode 100755 index 000000000..b3e6488a6 --- /dev/null +++ b/install/rhel/6/templates/web/httpd/phpcgi.stpl @@ -0,0 +1,35 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + SuexecUserGroup %user% %group% + CustomLog /var/log/httpd/domains/%domain%.bytes bytes + CustomLog /var/log/httpd/domains/%domain%.log combined + ErrorLog /var/log/httpd/domains/%domain%.error.log + + SSLRequireSSL + AllowOverride All + Options +Includes -Indexes +ExecCGI + Action phpcgi-script /cgi-bin/php + + SetHandler phpcgi-script + + + + AllowOverride All + + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + Include %home%/%user%/conf/web/shttpd.%domain%.conf* + + + diff --git a/install/rhel/6/templates/web/httpd/phpcgi.tpl b/install/rhel/6/templates/web/httpd/phpcgi.tpl new file mode 100755 index 000000000..952d2b493 --- /dev/null +++ b/install/rhel/6/templates/web/httpd/phpcgi.tpl @@ -0,0 +1,28 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + SuexecUserGroup %user% %group% + CustomLog /var/log/httpd/domains/%domain%.bytes bytes + CustomLog /var/log/httpd/domains/%domain%.log combined + ErrorLog /var/log/httpd/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes +ExecCGI + Action phpcgi-script /cgi-bin/php + + SetHandler phpcgi-script + + + + AllowOverride All + + Include %home%/%user%/conf/web/httpd.%domain%.conf* + + + diff --git a/install/rhel/6/templates/web/httpd/phpfcgid.sh b/install/rhel/6/templates/web/httpd/phpfcgid.sh new file mode 100755 index 000000000..e80582492 --- /dev/null +++ b/install/rhel/6/templates/web/httpd/phpfcgid.sh @@ -0,0 +1,22 @@ +#!/bin/bash +# Adding php wrapper +user="$1" +domain="$2" +ip="$3" +home_dir="$4" +docroot="$5" + +wrapper_script="#!/bin/sh +PHPRC=/usr/local/lib +export PHPRC +export PHP_FCGI_MAX_REQUESTS=1000 +export PHP_FCGI_CHILDREN=20 +exec /usr/bin/php-cgi +" +wrapper_file="$home_dir/$user/web/$domain/cgi-bin/fcgi-starter" + +echo "$wrapper_script" > $wrapper_file +chown $user:$user $wrapper_file +chmod -f 751 $wrapper_file + +exit 0 diff --git a/install/rhel/6/templates/web/httpd/phpfcgid.stpl b/install/rhel/6/templates/web/httpd/phpfcgid.stpl new file mode 100755 index 000000000..352d268b6 --- /dev/null +++ b/install/rhel/6/templates/web/httpd/phpfcgid.stpl @@ -0,0 +1,36 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + SuexecUserGroup %user% %group% + CustomLog /var/log/httpd/domains/%domain%.bytes bytes + CustomLog /var/log/httpd/domains/%domain%.log combined + ErrorLog /var/log/httpd/domains/%domain%.error.log + + SSLRequireSSL + AllowOverride All + Options +Includes -Indexes +ExecCGI + + SetHandler fcgid-script + + FCGIWrapper %home%/%user%/web/%domain%/cgi-bin/fcgi-starter .php + + + AllowOverride All + + php_admin_value open_basedir none + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + Include %home%/%user%/conf/web/shttpd.%domain%.conf* + + + diff --git a/install/rhel/6/templates/web/httpd/phpfcgid.tpl b/install/rhel/6/templates/web/httpd/phpfcgid.tpl new file mode 100755 index 000000000..9826c9464 --- /dev/null +++ b/install/rhel/6/templates/web/httpd/phpfcgid.tpl @@ -0,0 +1,28 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + SuexecUserGroup %user% %group% + CustomLog /var/log/httpd/domains/%domain%.bytes bytes + CustomLog /var/log/httpd/domains/%domain%.log combined + ErrorLog /var/log/httpd/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes +ExecCGI + + SetHandler fcgid-script + + FCGIWrapper %home%/%user%/web/%domain%/cgi-bin/fcgi-starter .php + + + AllowOverride All + + Include %home%/%user%/conf/web/httpd.%domain%.conf* + + + diff --git a/install/rhel/6/templates/web/nginx/caching.sh b/install/rhel/6/templates/web/nginx/caching.sh new file mode 100755 index 000000000..6eb9126db --- /dev/null +++ b/install/rhel/6/templates/web/nginx/caching.sh @@ -0,0 +1,12 @@ +#!/bin/bash + +user=$1 +domain=$2 +ip=$3 +home=$4 +docroot=$5 + +str="proxy_cache_path /var/cache/nginx/$domain levels=2" +str="$str keys_zone=$domain:10m inactive=60m max_size=512m;" +echo "$str" >> /etc/nginx/conf.d/01_caching_pool.conf + diff --git a/install/rhel/6/templates/web/nginx/caching.stpl b/install/rhel/6/templates/web/nginx/caching.stpl new file mode 100755 index 000000000..1109c924f --- /dev/null +++ b/install/rhel/6/templates/web/nginx/caching.stpl @@ -0,0 +1,44 @@ +server { + listen %ip%:%proxy_ssl_port%; + server_name %domain_idn% %alias_idn%; + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass http://%ip%:%web_port%; + + proxy_cache %domain%; + proxy_cache_valid 15m; + proxy_cache_valid 404 1m; + proxy_no_cache $no_cache; + proxy_cache_bypass $no_cache; + proxy_cache_bypass $cookie_session $http_x_update; + + location ~* ^.+\.(%proxy_extentions%)$ { + proxy_cache off; + root %docroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass http://%ip%:%web_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/6/templates/web/nginx/caching.tpl b/install/rhel/6/templates/web/nginx/caching.tpl new file mode 100755 index 000000000..6d727c67f --- /dev/null +++ b/install/rhel/6/templates/web/nginx/caching.tpl @@ -0,0 +1,41 @@ +server { + listen %ip%:%proxy_port%; + server_name %domain_idn% %alias_idn%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass http://%ip%:%web_port%; + + proxy_cache %domain%; + proxy_cache_valid 15m; + proxy_cache_valid 404 1m; + proxy_no_cache $no_cache; + proxy_cache_bypass $no_cache; + proxy_cache_bypass $cookie_session $http_x_update; + + location ~* ^.+\.(%proxy_extentions%)$ { + proxy_cache off; + root %docroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass http://%ip%:%web_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/6/templates/web/nginx/default.stpl b/install/rhel/6/templates/web/nginx/default.stpl new file mode 100755 index 000000000..53ad8d1b8 --- /dev/null +++ b/install/rhel/6/templates/web/nginx/default.stpl @@ -0,0 +1,36 @@ +server { + listen %ip%:%proxy_ssl_port%; + server_name %domain_idn% %alias_idn%; + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + error_log /var/log/httpd/domains/%domain%.error.log error; + + location / { + proxy_pass https://%ip%:%web_ssl_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %sdocroot%; + access_log /var/log/httpd/domains/%domain%.log combined; + access_log /var/log/httpd/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass https://%ip%:%web_ssl_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} + diff --git a/install/rhel/6/templates/web/nginx/default.tpl b/install/rhel/6/templates/web/nginx/default.tpl new file mode 100755 index 000000000..c1fec114f --- /dev/null +++ b/install/rhel/6/templates/web/nginx/default.tpl @@ -0,0 +1,33 @@ +server { + listen %ip%:%proxy_port%; + server_name %domain_idn% %alias_idn%; + error_log /var/log/httpd/domains/%domain%.error.log error; + + location / { + proxy_pass http://%ip%:%web_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %docroot%; + access_log /var/log/httpd/domains/%domain%.log combined; + access_log /var/log/httpd/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass http://%ip%:%web_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} + diff --git a/install/rhel/6/templates/web/nginx/hosting.sh b/install/rhel/6/templates/web/nginx/hosting.sh new file mode 100755 index 000000000..eeed37ef9 --- /dev/null +++ b/install/rhel/6/templates/web/nginx/hosting.sh @@ -0,0 +1,11 @@ +#!/bin/bash +# Changing public_html permission +user="$1" +domain="$2" +ip="$3" +home_dir="$4" +docroot="$5" + +chmod 755 $docroot + +exit 0 diff --git a/install/rhel/6/templates/web/nginx/hosting.stpl b/install/rhel/6/templates/web/nginx/hosting.stpl new file mode 100755 index 000000000..aca458a4b --- /dev/null +++ b/install/rhel/6/templates/web/nginx/hosting.stpl @@ -0,0 +1,38 @@ +server { + listen %ip%:%proxy_ssl_port%; + server_name %domain_idn% %alias_idn%; + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + error_log /var/log/httpd/domains/%domain%.error.log error; + + location / { + proxy_pass https://%ip%:%web_ssl_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %sdocroot%; + access_log /var/log/httpd/domains/%domain%.log combined; + access_log /var/log/httpd/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass https://%ip%:%web_ssl_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + disable_symlinks if_not_owner from=%docroot%; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} + diff --git a/install/rhel/6/templates/web/nginx/hosting.tpl b/install/rhel/6/templates/web/nginx/hosting.tpl new file mode 100755 index 000000000..44d874962 --- /dev/null +++ b/install/rhel/6/templates/web/nginx/hosting.tpl @@ -0,0 +1,35 @@ +server { + listen %ip%:%proxy_port%; + server_name %domain_idn% %alias_idn%; + error_log /var/log/httpd/domains/%domain%.error.log error; + + location / { + proxy_pass http://%ip%:%web_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %docroot%; + access_log /var/log/httpd/domains/%domain%.log combined; + access_log /var/log/httpd/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass http://%ip%:%web_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + disable_symlinks if_not_owner from=%docroot%; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} + diff --git a/install/rhel/6/templates/web/nginx/php-fpm/cms_made_simple.stpl b/install/rhel/6/templates/web/nginx/php-fpm/cms_made_simple.stpl new file mode 100644 index 000000000..01d82b603 --- /dev/null +++ b/install/rhel/6/templates/web/nginx/php-fpm/cms_made_simple.stpl @@ -0,0 +1,51 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php?page=$request_uri; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/6/templates/web/nginx/php-fpm/cms_made_simple.tpl b/install/rhel/6/templates/web/nginx/php-fpm/cms_made_simple.tpl new file mode 100644 index 000000000..af452d19f --- /dev/null +++ b/install/rhel/6/templates/web/nginx/php-fpm/cms_made_simple.tpl @@ -0,0 +1,47 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php?page=$request_uri; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/6/templates/web/nginx/php-fpm/codeigniter2.stpl b/install/rhel/6/templates/web/nginx/php-fpm/codeigniter2.stpl new file mode 100644 index 000000000..a592a652d --- /dev/null +++ b/install/rhel/6/templates/web/nginx/php-fpm/codeigniter2.stpl @@ -0,0 +1,56 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location = /index.php { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME /var/www/html/ci$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location ~ \.php$ { + return 444; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/6/templates/web/nginx/php-fpm/codeigniter2.tpl b/install/rhel/6/templates/web/nginx/php-fpm/codeigniter2.tpl new file mode 100644 index 000000000..9b955aa6a --- /dev/null +++ b/install/rhel/6/templates/web/nginx/php-fpm/codeigniter2.tpl @@ -0,0 +1,52 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location = /index.php { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME /var/www/html/ci$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location ~ \.php$ { + return 444; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/6/templates/web/nginx/php-fpm/codeigniter3.stpl b/install/rhel/6/templates/web/nginx/php-fpm/codeigniter3.stpl new file mode 100644 index 000000000..4d330d34f --- /dev/null +++ b/install/rhel/6/templates/web/nginx/php-fpm/codeigniter3.stpl @@ -0,0 +1,51 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/6/templates/web/nginx/php-fpm/codeigniter3.tpl b/install/rhel/6/templates/web/nginx/php-fpm/codeigniter3.tpl new file mode 100644 index 000000000..1f446e5d3 --- /dev/null +++ b/install/rhel/6/templates/web/nginx/php-fpm/codeigniter3.tpl @@ -0,0 +1,47 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/6/templates/web/nginx/php-fpm/datalife_engine.stpl b/install/rhel/6/templates/web/nginx/php-fpm/datalife_engine.stpl new file mode 100644 index 000000000..d1b5bcd24 --- /dev/null +++ b/install/rhel/6/templates/web/nginx/php-fpm/datalife_engine.stpl @@ -0,0 +1,122 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + rewrite "^/page/([0-9]+)(/?)$" /index.php?cstart=$1 last; + + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&cstart=$5&news_name=$6&seourl=$6 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/print:page,([0-9]+),(.*).html(/?)+$" /engine/print.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_name=$4&seourl=$4 last; + + rewrite "^/([^.]+)/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$4&news_page=$2&cstart=$3&seourl=$5&seocat=$1 last; + rewrite "^/([^.]+)/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$2&seourl=$4&seocat=$1 last; + rewrite "^/([^.]+)/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$2&newsid=$3&seourl=$4&seocat=$1 last; + rewrite "^/([^.]+)/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&seourl=$3&seocat=$1 last; + + rewrite "^/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$1&cstart=$2&seourl=$4 last; + rewrite "^/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&news_page=$1&seourl=$3 last; + rewrite "^/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$1&newsid=$2&seourl=$3 last; + rewrite "^/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$1&seourl=$2 last; + + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2&day=$3 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&day=$3&cstart=$4 last; + + rewrite "^/([0-9]{4})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2 last; + rewrite "^/([0-9]{4})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&cstart=$3 last; + + rewrite "^/([0-9]{4})(/?)+$" /index.php?year=$1 last; + rewrite "^/([0-9]{4})/page/([0-9]+)(/?)+$" /index.php?year=$1&cstart=$2 last; + + rewrite "^/tags/([^/]*)(/?)+$" /index.php?do=tags&tag=$1 last; + rewrite "^/tags/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=tags&tag=$1&cstart=$2 last; + + rewrite "^/xfsearch/([^/]*)(/?)+$" /index.php?do=xfsearch&xf=$1 last; + rewrite "^/xfsearch/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=xfsearch&xf=$1&cstart=$2 last; + + rewrite "^/user/([^/]*)/rss.xml$" /engine/rss.php?subaction=allnews&user=$1 last; + rewrite "^/user/([^/]*)(/?)+$" /index.php?subaction=userinfo&user=$1 last; + rewrite "^/user/([^/]*)/page/([0-9]+)(/?)+$" /index.php?subaction=userinfo&user=$1&cstart=$2 last; + rewrite "^/user/([^/]*)/news(/?)+$" /index.php?subaction=allnews&user=$1 last; + rewrite "^/user/([^/]*)/news/page/([0-9]+)(/?)+$" /index.php?subaction=allnews&user=$1&cstart=$2 last; + rewrite "^/user/([^/]*)/news/rss.xml(/?)+$" /engine/rss.php?subaction=allnews&user=$1 last; + + rewrite "^/lastnews(/?)+$" /index.php?do=lastnews last; + rewrite "^/lastnews/page/([0-9]+)(/?)+$" /index.php?do=lastnews&cstart=$1 last; + + rewrite "^/catalog/([^/]*)/rss.xml$" /engine/rss.php?catalog=$1 last; + rewrite "^/catalog/([^/]*)(/?)+$" /index.php?catalog=$1 last; + rewrite "^/catalog/([^/]*)/page/([0-9]+)(/?)+$" /index.php?catalog=$1&cstart=$2 last; + + rewrite "^/newposts(/?)+$" /index.php?subaction=newposts last; + rewrite "^/newposts/page/([0-9]+)(/?)+$" /index.php?subaction=newposts&cstart=$1 last; + + rewrite "^/favorites(/?)+$" /index.php?do=favorites last; + rewrite "^/favorites/page/([0-9]+)(/?)+$" /index.php?do=favorites&cstart=$1 last; + + rewrite "^/rules.html$" /index.php?do=rules last; + rewrite "^/statistics.html$" /index.php?do=stats last; + rewrite "^/addnews.html$" /index.php?do=addnews last; + rewrite "^/rss.xml$" /engine/rss.php last; + rewrite "^/sitemap.xml$" /uploads/sitemap.xml last; + + if (!-d $request_filename) { + rewrite "^/([^.]+)/page/([0-9]+)(/?)+$" /index.php?do=cat&category=$1&cstart=$2 last; + rewrite "^/([^.]+)/?$" /index.php?do=cat&category=$1 last; + } + + if (!-f $request_filename) { + rewrite "^/([^.]+)/rss.xml$" /engine/rss.php?do=cat&category=$1 last; + rewrite "^/page,([0-9]+),([^/]+).html$" /index.php?do=static&page=$2&news_page=$1 last; + rewrite "^/print:([^/]+).html$" /engine/print.php?do=static&page=$1 last; + } + + if (!-f $request_filename) { + rewrite "^/([^/]+).html$" /index.php?do=static&page=$1 last; + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/6/templates/web/nginx/php-fpm/datalife_engine.tpl b/install/rhel/6/templates/web/nginx/php-fpm/datalife_engine.tpl new file mode 100644 index 000000000..ff33c2325 --- /dev/null +++ b/install/rhel/6/templates/web/nginx/php-fpm/datalife_engine.tpl @@ -0,0 +1,118 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + rewrite "^/page/([0-9]+)(/?)$" /index.php?cstart=$1 last; + + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&cstart=$5&news_name=$6&seourl=$6 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/print:page,([0-9]+),(.*).html(/?)+$" /engine/print.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_name=$4&seourl=$4 last; + + rewrite "^/([^.]+)/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$4&news_page=$2&cstart=$3&seourl=$5&seocat=$1 last; + rewrite "^/([^.]+)/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$2&seourl=$4&seocat=$1 last; + rewrite "^/([^.]+)/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$2&newsid=$3&seourl=$4&seocat=$1 last; + rewrite "^/([^.]+)/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&seourl=$3&seocat=$1 last; + + rewrite "^/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$1&cstart=$2&seourl=$4 last; + rewrite "^/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&news_page=$1&seourl=$3 last; + rewrite "^/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$1&newsid=$2&seourl=$3 last; + rewrite "^/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$1&seourl=$2 last; + + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2&day=$3 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&day=$3&cstart=$4 last; + + rewrite "^/([0-9]{4})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2 last; + rewrite "^/([0-9]{4})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&cstart=$3 last; + + rewrite "^/([0-9]{4})(/?)+$" /index.php?year=$1 last; + rewrite "^/([0-9]{4})/page/([0-9]+)(/?)+$" /index.php?year=$1&cstart=$2 last; + + rewrite "^/tags/([^/]*)(/?)+$" /index.php?do=tags&tag=$1 last; + rewrite "^/tags/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=tags&tag=$1&cstart=$2 last; + + rewrite "^/xfsearch/([^/]*)(/?)+$" /index.php?do=xfsearch&xf=$1 last; + rewrite "^/xfsearch/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=xfsearch&xf=$1&cstart=$2 last; + + rewrite "^/user/([^/]*)/rss.xml$" /engine/rss.php?subaction=allnews&user=$1 last; + rewrite "^/user/([^/]*)(/?)+$" /index.php?subaction=userinfo&user=$1 last; + rewrite "^/user/([^/]*)/page/([0-9]+)(/?)+$" /index.php?subaction=userinfo&user=$1&cstart=$2 last; + rewrite "^/user/([^/]*)/news(/?)+$" /index.php?subaction=allnews&user=$1 last; + rewrite "^/user/([^/]*)/news/page/([0-9]+)(/?)+$" /index.php?subaction=allnews&user=$1&cstart=$2 last; + rewrite "^/user/([^/]*)/news/rss.xml(/?)+$" /engine/rss.php?subaction=allnews&user=$1 last; + + rewrite "^/lastnews(/?)+$" /index.php?do=lastnews last; + rewrite "^/lastnews/page/([0-9]+)(/?)+$" /index.php?do=lastnews&cstart=$1 last; + + rewrite "^/catalog/([^/]*)/rss.xml$" /engine/rss.php?catalog=$1 last; + rewrite "^/catalog/([^/]*)(/?)+$" /index.php?catalog=$1 last; + rewrite "^/catalog/([^/]*)/page/([0-9]+)(/?)+$" /index.php?catalog=$1&cstart=$2 last; + + rewrite "^/newposts(/?)+$" /index.php?subaction=newposts last; + rewrite "^/newposts/page/([0-9]+)(/?)+$" /index.php?subaction=newposts&cstart=$1 last; + + rewrite "^/favorites(/?)+$" /index.php?do=favorites last; + rewrite "^/favorites/page/([0-9]+)(/?)+$" /index.php?do=favorites&cstart=$1 last; + + rewrite "^/rules.html$" /index.php?do=rules last; + rewrite "^/statistics.html$" /index.php?do=stats last; + rewrite "^/addnews.html$" /index.php?do=addnews last; + rewrite "^/rss.xml$" /engine/rss.php last; + rewrite "^/sitemap.xml$" /uploads/sitemap.xml last; + + if (!-d $request_filename) { + rewrite "^/([^.]+)/page/([0-9]+)(/?)+$" /index.php?do=cat&category=$1&cstart=$2 last; + rewrite "^/([^.]+)/?$" /index.php?do=cat&category=$1 last; + } + + if (!-f $request_filename) { + rewrite "^/([^.]+)/rss.xml$" /engine/rss.php?do=cat&category=$1 last; + rewrite "^/page,([0-9]+),([^/]+).html$" /index.php?do=static&page=$2&news_page=$1 last; + rewrite "^/print:([^/]+).html$" /engine/print.php?do=static&page=$1 last; + } + + if (!-f $request_filename) { + rewrite "^/([^/]+).html$" /index.php?do=static&page=$1 last; + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/6/templates/web/nginx/php-fpm/default.stpl b/install/rhel/6/templates/web/nginx/php-fpm/default.stpl new file mode 100644 index 000000000..a68c99861 --- /dev/null +++ b/install/rhel/6/templates/web/nginx/php-fpm/default.stpl @@ -0,0 +1,50 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/rhel/6/templates/web/nginx/php-fpm/default.tpl b/install/rhel/6/templates/web/nginx/php-fpm/default.tpl new file mode 100644 index 000000000..b143e53ba --- /dev/null +++ b/install/rhel/6/templates/web/nginx/php-fpm/default.tpl @@ -0,0 +1,46 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/6/templates/web/nginx/php-fpm/dokuwiki.stpl b/install/rhel/6/templates/web/nginx/php-fpm/dokuwiki.stpl new file mode 100644 index 000000000..27483cd8c --- /dev/null +++ b/install/rhel/6/templates/web/nginx/php-fpm/dokuwiki.stpl @@ -0,0 +1,67 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + index doku.php; + try_files $uri $uri/ @dokuwiki; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location ^~ /lib/ { + expires 30d; + } + + location ^~ /conf/ { return 403; } + location ^~ /data/ { return 403; } + + location @dokuwiki { + rewrite ^/_media/(.*) /lib/exe/fetch.php?media=$1 last; + rewrite ^/_detail/(.*) /lib/exe/detail.php?media=$1 last; + rewrite ^/_export/([^/]+)/(.*) /doku.php?do=export_$1&id=$2 last; + rewrite ^/(.*) /doku.php?id=$1 last; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/6/templates/web/nginx/php-fpm/dokuwiki.tpl b/install/rhel/6/templates/web/nginx/php-fpm/dokuwiki.tpl new file mode 100644 index 000000000..31647c9ff --- /dev/null +++ b/install/rhel/6/templates/web/nginx/php-fpm/dokuwiki.tpl @@ -0,0 +1,62 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + index doku.php; + try_files $uri $uri/ @dokuwiki; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location ^~ /lib/ { + expires 30d; + } + + location ^~ /conf/ { return 403; } + location ^~ /data/ { return 403; } + location @dokuwiki { + rewrite ^/_media/(.*) /lib/exe/fetch.php?media=$1 last; + rewrite ^/_detail/(.*) /lib/exe/detail.php?media=$1 last; + rewrite ^/_export/([^/]+)/(.*) /doku.php?do=export_$1&id=$2 last; + rewrite ^/(.*) /doku.php?id=$1 last; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/6/templates/web/nginx/php-fpm/drupal.stpl b/install/rhel/6/templates/web/nginx/php-fpm/drupal.stpl new file mode 100644 index 000000000..9a5484396 --- /dev/null +++ b/install/rhel/6/templates/web/nginx/php-fpm/drupal.stpl @@ -0,0 +1,101 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~* \.(txt|log)$ { + allow 192.168.0.0/16; + deny all; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + # No no for private + location ~ ^/sites/.*/private/ { + return 403; + } + + # Block access to "hidden" files and directories whose names begin with a + # period. This includes directories used by version control systems such + # as Subversion or Git to store control files. + location ~ (^|/)\. { + return 403; + } + + location / { + try_files $uri @rewrite; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $request_filename; + fastcgi_intercept_errors on; + include /etc/nginx/fastcgi_params; + } + } + + location @rewrite { + # You have 2 options here + # For D7 and above: + # Clean URLs are handled in drupal_environment_initialize(). + rewrite ^ /index.php; + + # For Drupal 6 and bwlow: + # Some modules enforce no slash (/) at the end of the URL + # Else this rewrite block wouldn't be needed (GlobalRedirect) + #rewrite ^/(.*)$ /index.php?q=$1; + } + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/6/templates/web/nginx/php-fpm/drupal.tpl b/install/rhel/6/templates/web/nginx/php-fpm/drupal.tpl new file mode 100644 index 000000000..417762c18 --- /dev/null +++ b/install/rhel/6/templates/web/nginx/php-fpm/drupal.tpl @@ -0,0 +1,98 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + # Very rarely should these ever be accessed outside of your lan + location ~* \.(txt|log)$ { + allow 192.168.0.0/16; + deny all; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + # No no for private + location ~ ^/sites/.*/private/ { + return 403; + } + + # Block access to "hidden" files and directories whose names begin with a + # period. This includes directories used by version control systems such + # as Subversion or Git to store control files. + location ~ (^|/)\. { + return 403; + } + + location / { + try_files $uri @rewrite; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $request_filename; + fastcgi_intercept_errors on; + include /etc/nginx/fastcgi_params; + } + } + + location @rewrite { + # You have 2 options here + # For D7 and above: + # Clean URLs are handled in drupal_environment_initialize(). + rewrite ^ /index.php; + + # For Drupal 6 and bwlow: + # Some modules enforce no slash (/) at the end of the URL + # Else this rewrite block wouldn't be needed (GlobalRedirect) + #rewrite ^/(.*)$ /index.php?q=$1; + } + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/6/templates/web/nginx/php-fpm/joomla.stpl b/install/rhel/6/templates/web/nginx/php-fpm/joomla.stpl new file mode 100644 index 000000000..235a01216 --- /dev/null +++ b/install/rhel/6/templates/web/nginx/php-fpm/joomla.stpl @@ -0,0 +1,58 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + # deny running scripts inside writable directories + location ~* /(images|cache|media|logs|tmp)/.*\.(php|pl|py|jsp|asp|sh|cgi)$ { + return 403; + error_page 403 /403_error.html; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/6/templates/web/nginx/php-fpm/joomla.tpl b/install/rhel/6/templates/web/nginx/php-fpm/joomla.tpl new file mode 100644 index 000000000..997c268de --- /dev/null +++ b/install/rhel/6/templates/web/nginx/php-fpm/joomla.tpl @@ -0,0 +1,54 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + # deny running scripts inside writable directories + location ~* /(images|cache|media|logs|tmp)/.*\.(php|pl|py|jsp|asp|sh|cgi)$ { + return 403; + error_page 403 /403_error.html; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/6/templates/web/nginx/php-fpm/owncloud.stpl b/install/rhel/6/templates/web/nginx/php-fpm/owncloud.stpl new file mode 100644 index 000000000..8311ca43f --- /dev/null +++ b/install/rhel/6/templates/web/nginx/php-fpm/owncloud.stpl @@ -0,0 +1,80 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect; + rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect; + rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect; + + error_page 403 = /core/templates/403.php; + error_page 404 = /core/templates/404.php; + + location ~ ^/(?:\.htaccess|data|config|db_structure\.xml|README){ + deny all; + } + + location / { + # The following 2 rules are only needed with webfinger + rewrite ^/.well-known/host-meta /public.php?service=host-meta last; + rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last; + rewrite ^/.well-known/carddav /remote.php/carddav/ redirect; + rewrite ^/.well-known/caldav /remote.php/caldav/ redirect; + rewrite ^(/core/doc/[^\/]+/)$ $1/index.html; + try_files $uri $uri/ /index.php; + + location ~ \.php(?:$|/) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param PATH_INFO $fastcgi_path_info; + #fastcgi_param HTTPS on; + fastcgi_pass %backend_lsnr%; + } + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + # Some basic cache-control for static files to be sent to the browser + add_header Pragma public; + add_header Cache-Control "public, must-revalidate, proxy-revalidate"; + } + + #error_page 403 /error/404.html; + #error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/6/templates/web/nginx/php-fpm/owncloud.tpl b/install/rhel/6/templates/web/nginx/php-fpm/owncloud.tpl new file mode 100644 index 000000000..57cac2f85 --- /dev/null +++ b/install/rhel/6/templates/web/nginx/php-fpm/owncloud.tpl @@ -0,0 +1,76 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect; + rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect; + rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect; + + error_page 403 = /core/templates/403.php; + error_page 404 = /core/templates/404.php; + + location ~ ^/(?:\.htaccess|data|config|db_structure\.xml|README){ + deny all; + } + + location / { + # The following 2 rules are only needed with webfinger + rewrite ^/.well-known/host-meta /public.php?service=host-meta last; + rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last; + rewrite ^/.well-known/carddav /remote.php/carddav/ redirect; + rewrite ^/.well-known/caldav /remote.php/caldav/ redirect; + rewrite ^(/core/doc/[^\/]+/)$ $1/index.html; + try_files $uri $uri/ /index.php; + + location ~ \.php(?:$|/) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param PATH_INFO $fastcgi_path_info; + #fastcgi_param HTTPS on; + fastcgi_pass %backend_lsnr%; + } + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + # Some basic cache-control for static files to be sent to the browser + add_header Pragma public; + add_header Cache-Control "public, must-revalidate, proxy-revalidate"; + } + + #error_page 403 /error/404.html; + #error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/6/templates/web/nginx/php-fpm/piwik.stpl b/install/rhel/6/templates/web/nginx/php-fpm/piwik.stpl new file mode 100644 index 000000000..c53af4011 --- /dev/null +++ b/install/rhel/6/templates/web/nginx/php-fpm/piwik.stpl @@ -0,0 +1,68 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + try_files /favicon.ico =204; + } + + location / { + try_files $uri /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + valid_referers none blocked %domain_idn% %alias_idn%; + if ($invalid_referer) { + return 444; + } + expires max; + } + + location ~* ^/(?:index|piwik)\.php$ { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + # Any other attempt to access PHP files returns a 404. + location ~* ^.+\.php$ { + return 404; + } + + # Return a 404 for all text files. + location ~* ^/(?:README|LICENSE[^.]*|LEGALNOTICE)(?:\.txt)*$ { + return 404; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/6/templates/web/nginx/php-fpm/piwik.tpl b/install/rhel/6/templates/web/nginx/php-fpm/piwik.tpl new file mode 100644 index 000000000..6b4a94a68 --- /dev/null +++ b/install/rhel/6/templates/web/nginx/php-fpm/piwik.tpl @@ -0,0 +1,64 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + try_files /favicon.ico =204; + } + + location / { + try_files $uri /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + valid_referers none blocked %domain_idn% %alias_idn%; + if ($invalid_referer) { + return 444; + } + expires max; + } + + location ~* ^/(?:index|piwik)\.php$ { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + # Any other attempt to access PHP files returns a 404. + location ~* ^.+\.php$ { + return 404; + } + + # Return a 404 for all text files. + location ~* ^/(?:README|LICENSE[^.]*|LEGALNOTICE)(?:\.txt)*$ { + return 404; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/6/templates/web/nginx/php-fpm/pyrocms.stpl b/install/rhel/6/templates/web/nginx/php-fpm/pyrocms.stpl new file mode 100644 index 000000000..a6fc67556 --- /dev/null +++ b/install/rhel/6/templates/web/nginx/php-fpm/pyrocms.stpl @@ -0,0 +1,61 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location /installer { + try_files $uri $uri/ /installer/index.php; + } + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location = /robots.txt { access_log off; log_not_found off; } + location = /favicon.ico { access_log off; log_not_found off; } + location ~ /\. { access_log off; log_not_found off; deny all; } + location ~ ~$ { access_log off; log_not_found off; deny all; } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/6/templates/web/nginx/php-fpm/pyrocms.tpl b/install/rhel/6/templates/web/nginx/php-fpm/pyrocms.tpl new file mode 100644 index 000000000..68b378efd --- /dev/null +++ b/install/rhel/6/templates/web/nginx/php-fpm/pyrocms.tpl @@ -0,0 +1,57 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location /installer { + try_files $uri $uri/ /installer/index.php; + } + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location = /robots.txt { access_log off; log_not_found off; } + location = /favicon.ico { access_log off; log_not_found off; } + location ~ /\. { access_log off; log_not_found off; deny all; } + location ~ ~$ { access_log off; log_not_found off; deny all; } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/6/templates/web/nginx/php-fpm/wordpress.stpl b/install/rhel/6/templates/web/nginx/php-fpm/wordpress.stpl new file mode 100644 index 000000000..910c28b69 --- /dev/null +++ b/install/rhel/6/templates/web/nginx/php-fpm/wordpress.stpl @@ -0,0 +1,50 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/6/templates/web/nginx/php-fpm/wordpress.tpl b/install/rhel/6/templates/web/nginx/php-fpm/wordpress.tpl new file mode 100644 index 000000000..b143e53ba --- /dev/null +++ b/install/rhel/6/templates/web/nginx/php-fpm/wordpress.tpl @@ -0,0 +1,46 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/6/templates/web/nginx/php-fpm/wordpress2.stpl b/install/rhel/6/templates/web/nginx/php-fpm/wordpress2.stpl new file mode 100644 index 000000000..2822f8754 --- /dev/null +++ b/install/rhel/6/templates/web/nginx/php-fpm/wordpress2.stpl @@ -0,0 +1,62 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/6/templates/web/nginx/php-fpm/wordpress2.tpl b/install/rhel/6/templates/web/nginx/php-fpm/wordpress2.tpl new file mode 100644 index 000000000..37b8be305 --- /dev/null +++ b/install/rhel/6/templates/web/nginx/php-fpm/wordpress2.tpl @@ -0,0 +1,58 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/6/templates/web/nginx/proxy_ip.tpl b/install/rhel/6/templates/web/nginx/proxy_ip.tpl new file mode 100755 index 000000000..ae1956173 --- /dev/null +++ b/install/rhel/6/templates/web/nginx/proxy_ip.tpl @@ -0,0 +1,9 @@ +server { + listen %ip%:%proxy_port% default; + server_name _; + #access_log /var/log/nginx/%ip%.log main; + location / { + proxy_pass http://%ip%:%web_port%; + } +} + diff --git a/install/rhel/6/templates/web/php-fpm/default.tpl b/install/rhel/6/templates/web/php-fpm/default.tpl new file mode 100644 index 000000000..44ccf7a42 --- /dev/null +++ b/install/rhel/6/templates/web/php-fpm/default.tpl @@ -0,0 +1,18 @@ +[%backend%] +listen = 127.0.0.1:%backend_port% +listen.allowed_clients = 127.0.0.1 + +user = %user% +group = %user% + +pm = dynamic +pm.max_children = 50 +pm.start_servers = 3 +pm.min_spare_servers = 2 +pm.max_spare_servers = 10 + +env[HOSTNAME] = $HOSTNAME +env[PATH] = /usr/local/bin:/usr/bin:/bin +env[TMP] = /tmp +env[TMPDIR] = /tmp +env[TEMP] = /tmp diff --git a/install/rhel/6/templates/web/php-fpm/no-php.tpl b/install/rhel/6/templates/web/php-fpm/no-php.tpl new file mode 100644 index 000000000..89487d5f5 --- /dev/null +++ b/install/rhel/6/templates/web/php-fpm/no-php.tpl @@ -0,0 +1,13 @@ +#[%backend%] +#user = %user% +#group = %user% +#listen = /dev/null + +#listen.owner = %user% +#listen.group = nginx + +#pm = dynamic +#pm.max_children = 50 +#pm.start_servers = 3 +#pm.min_spare_servers = 2 +#pm.max_spare_servers = 10 diff --git a/install/rhel/6/templates/web/php-fpm/socket.tpl b/install/rhel/6/templates/web/php-fpm/socket.tpl new file mode 100644 index 000000000..f0513da3e --- /dev/null +++ b/install/rhel/6/templates/web/php-fpm/socket.tpl @@ -0,0 +1,21 @@ +[%backend%] +listen = /var/run/php5-%backend%.sock +listen.allowed_clients = 127.0.0.1 + +user = %user% +group = %user% + +listen.owner = %user% +listen.group = nginx + +pm = dynamic +pm.max_children = 50 +pm.start_servers = 3 +pm.min_spare_servers = 2 +pm.max_spare_servers = 10 + +env[HOSTNAME] = $HOSTNAME +env[PATH] = /usr/local/bin:/usr/bin:/bin +env[TMP] = /tmp +env[TMPDIR] = /tmp +env[TEMP] = /tmp diff --git a/install/rhel/templates/web/skel/document_errors/403.html b/install/rhel/6/templates/web/skel/document_errors/403.html similarity index 100% rename from install/rhel/templates/web/skel/document_errors/403.html rename to install/rhel/6/templates/web/skel/document_errors/403.html diff --git a/install/rhel/templates/web/skel/document_errors/404.html b/install/rhel/6/templates/web/skel/document_errors/404.html similarity index 100% rename from install/rhel/templates/web/skel/document_errors/404.html rename to install/rhel/6/templates/web/skel/document_errors/404.html diff --git a/install/rhel/templates/web/skel/document_errors/50x.html b/install/rhel/6/templates/web/skel/document_errors/50x.html similarity index 100% rename from install/rhel/templates/web/skel/document_errors/50x.html rename to install/rhel/6/templates/web/skel/document_errors/50x.html diff --git a/install/rhel/6/templates/web/skel/public_html/index.html b/install/rhel/6/templates/web/skel/public_html/index.html new file mode 100755 index 000000000..4f5bb7244 --- /dev/null +++ b/install/rhel/6/templates/web/skel/public_html/index.html @@ -0,0 +1,26 @@ + + + %domain% — Coming Soon + + + + + + +

%domain%

+ + + + + diff --git a/install/rhel/6/templates/web/skel/public_html/robots.txt b/install/rhel/6/templates/web/skel/public_html/robots.txt new file mode 100755 index 000000000..00ee83dcf --- /dev/null +++ b/install/rhel/6/templates/web/skel/public_html/robots.txt @@ -0,0 +1,3 @@ +# vestacp autogenerated robots.txt +User-agent: * +Crawl-delay: 10 diff --git a/install/rhel/6/templates/web/skel/public_shtml/index.html b/install/rhel/6/templates/web/skel/public_shtml/index.html new file mode 100755 index 000000000..4f5bb7244 --- /dev/null +++ b/install/rhel/6/templates/web/skel/public_shtml/index.html @@ -0,0 +1,26 @@ + + + %domain% — Coming Soon + + + + + + +

%domain%

+ + + + + diff --git a/install/rhel/6/templates/web/skel/public_shtml/robots.txt b/install/rhel/6/templates/web/skel/public_shtml/robots.txt new file mode 100755 index 000000000..00ee83dcf --- /dev/null +++ b/install/rhel/6/templates/web/skel/public_shtml/robots.txt @@ -0,0 +1,3 @@ +# vestacp autogenerated robots.txt +User-agent: * +Crawl-delay: 10 diff --git a/install/rhel/6/templates/web/suspend/.htaccess b/install/rhel/6/templates/web/suspend/.htaccess new file mode 100755 index 000000000..5a6df83fb --- /dev/null +++ b/install/rhel/6/templates/web/suspend/.htaccess @@ -0,0 +1,2 @@ +ErrorDocument 403 /index.html +ErrorDocument 404 /index.html diff --git a/install/rhel/templates/web/suspend/index.html b/install/rhel/6/templates/web/suspend/index.html similarity index 100% rename from install/rhel/templates/web/suspend/index.html rename to install/rhel/6/templates/web/suspend/index.html diff --git a/install/rhel/6/templates/web/webalizer/webalizer.tpl b/install/rhel/6/templates/web/webalizer/webalizer.tpl new file mode 100755 index 000000000..068adcfb9 --- /dev/null +++ b/install/rhel/6/templates/web/webalizer/webalizer.tpl @@ -0,0 +1,110 @@ +HostName %domain_idn% +LogFile /var/log/%web_system%/domains/%domain%.log +OutputDir %home%/%user%/web/%domain%/stats +HistoryName %home%/%user%/web/%domain%/stats/%domain%.hist +Incremental yes +IncrementalName %home%/%user%/web/%domain%/stats/%domain%.current +PageType htm* +PageType cgi +PageType php +PageType shtml +DNSCache /var/lib/webalizer/dns_cache.db +DNSChildren 10 +Quiet yes +FoldSeqErr yes +IndexAlias index.php +HideURL *.gif +HideURL *.GIF +HideURL *.jpg +HideURL *.JPG +HideURL *.png +HideURL *.PNG +HideURL *.ra +SearchEngine abcsearch. terms= +SearchEngine alexa. q= +SearchEngine alltheweb. q= +SearchEngine alltheweb. query= +SearchEngine alot. q= +SearchEngine altavista. q= +SearchEngine aolsearch. query= +SearchEngine aport.ru r= +SearchEngine ask. q= +SearchEngine atlas.cz q= +SearchEngine bbc. q= +SearchEngine bing. q= +SearchEngine blingo. q= +SearchEngine blogs.yandex.ru text= +SearchEngine btopenworld query= +SearchEngine buscador.ya.com q= +SearchEngine busca. q= +SearchEngine business. query= +SearchEngine centrum.cz q= +SearchEngine chiff. q= +SearchEngine clusty. query= +SearchEngine comcast. q= +SearchEngine crawler. q= +SearchEngine cuil. q= +SearchEngine dmoz. search= +SearchEngine dogpile.com q= +SearchEngine dpxml qkw= +SearchEngine eureka. searchword= +SearchEngine euroseek. string= +SearchEngine exalead. q= +SearchEngine excite search= +SearchEngine ezilon. q= +SearchEngine fastbrowsersearch. q= +SearchEngine feedster.com q= +SearchEngine fireball.de q= +SearchEngine fireball. keyword= +SearchEngine freeserve. q= +SearchEngine gigablast. q= +SearchEngine gogo.ru q= +SearchEngine go.mail.ru q= +SearchEngine google. q= +SearchEngine hakia. q= +SearchEngine hotbot. query= +SearchEngine infoseek. qt= +SearchEngine iwon searchfor= +SearchEngine ixquick.com query= +SearchEngine joeant. keywords= +SearchEngine jyxo.cz s= +SearchEngine looksmart. key= +SearchEngine lycos. query= +SearchEngine mamma. q= +SearchEngine metacrawler q= +SearchEngine msn. MT= +SearchEngine msxml qkw= +SearchEngine mysearch. searchfor= +SearchEngine mywebsearch. searchfor= +SearchEngine netscape. q= +SearchEngine nigma.ru q= +SearchEngine northernlight. qr= +SearchEngine ntlworld. q= +SearchEngine orange. q= +SearchEngine overture. Keywords= +SearchEngine punto.ru text= +SearchEngine rambler. keyword= +SearchEngine search.aol. q= +SearchEngine search.babylon. q= +SearchEngine search.centrum. phrase= +SearchEngine search.conduit. q= +SearchEngine search.earthlink q= +SearchEngine search.icq. q= +SearchEngine search.live.com q= +SearchEngine search.rambler.ru words= +SearchEngine search.winamp. q= +SearchEngine searchy. q= +SearchEngine seznam.cz w= +SearchEngine snap. query= +SearchEngine teoma. q= +SearchEngine teradex.com q= +SearchEngine ukplus key= +SearchEngine verizon. q= +SearchEngine virginmedia. q= +SearchEngine voila. rdata= +SearchEngine webcrawler searchText= +SearchEngine web.search.naver. query= +SearchEngine wisenut q= +SearchEngine yahoo. p= +SearchEngine yandex. text= +SearchEngine yodao. q= diff --git a/install/rhel/6/vsftpd/vsftpd.conf b/install/rhel/6/vsftpd/vsftpd.conf new file mode 100644 index 000000000..7a986aff0 --- /dev/null +++ b/install/rhel/6/vsftpd/vsftpd.conf @@ -0,0 +1,21 @@ +anonymous_enable=NO +local_enable=YES +write_enable=YES +local_umask=002 +anon_upload_enable=NO +dirmessage_enable=YES +xferlog_enable=YES +dual_log_enable=YES +connect_from_port_20=YES +xferlog_std_format=YES +chroot_local_user=YES +listen=YES +pam_service_name=vsftpd +userlist_enable=YES +tcp_wrappers=YES +force_dot_files=YES +ascii_upload_enable=YES +ascii_download_enable=YES +pasv_enable=YES +pasv_max_port=12100 +pasv_min_port=12000 diff --git a/install/rhel/6/wsgi/httpd.tar.gz b/install/rhel/6/wsgi/httpd.tar.gz new file mode 100644 index 0000000000000000000000000000000000000000..b25acd68e8a2a11305b57b3f2f79f7bbf0cb4995 GIT binary patch literal 1311 zcmV+)1>pK0iwFSs4QNsT1MOGqZ`(Kw?`QuNS{9?*uC-&QNr9p%kW14vcWKil>Gold zK(&=vt1TIl(kvMIzaM2guRd{)bU4fe@~}kyNRc#21xm%fy|qy)0qs{R>2G!YH=`}b zb<1w4RNb%aZlV1r9vi+%>#2vu7*;E!JxE8#5s-# zGJPIl%7)ZuX0m7EkYYKMN>Da7SJ>;?WymDJ9;WNZ+?zy%sUGK`P5Rsu@Gq0`1dUZ) zVk|Y-9#JBBpIlBoU?!rrDW(bHS5HXL2_XO(mZcOF34Bh!9*nDdT5$4-?i* zx<4V`iFXOyEx{)-N(GTQ)=%k~8jxK)>hLjGhJ_vSv7NeiCKZV^uEv)OMb_0!5s8xT ze+B>?$m0?Ch4=|VQ(OEu0Fo1Gm_+*Um>t3Gfn!#_UMfJ6IhS9KNJ({yOy^+W)C(AIGc^=c)55<{TB5f zN`_=RNfn83jJ<$lewnK|x}%k<>s5VqDe0K$d}|*+g#S2@Ha{uxD`+44t@be{5oZ^I zdqirRzVAZ7Fw)SqOhJM_e~42~B5Mv(fgsqIwF>g7j6*!zWl$Yz=8smddwFq-;+YCK z+l{dbYEPt2Ea(k{!1ljkHs;H9!fx!4UfC&(YgKJY6#+Q!8jrJ=V}6Y60O?yeKgAkH zJ&r>iYRXymuKs9sy1&;uxA#1EFYOmq>ahgZnbT$?zS!=@T9HIeC=ZQR8?~7am11f0 z*(6l-hLWi~!^#WLDQ131guDmv+X>g2`m?A*+4ai4@QFZJ@9p@6&DIS=Bf%rRd;hgd zR@%%9Ct&w_RCFFEp^>Zg!CKS>z5mWI4(*kO0f0Zdf93S=Xm$PzHl*X3`Om4kWtjh* zea9_TOM81T|G9hBy?p+A33~m?)-%)NgkC={K7kyZlu z?-mRi!*97@=n^vYspi-t&?FQwKt)#Xkj}bYnT&nN z(hr8wBU1r&KAQ`=Y_Zbd44UeX)4||kc-rj`Zqe82bZQmd&z6{cE}~E8jW2WFp6+>H z-&pV7!iG-p1KTdT_UEF5KJ{wllC#tKau>MQe1F;O4~8f0PV>Be*1Scpc1I5aX00kQ zIK_P5ukTz8G-v@Gp $docroot/.htaccess +chown $user:$user $docroot/.htaccess + + +echo "import os, sys +sys.path.insert(0, '$home_dir/$user/web/$domain/private/django/$domain/env/lib/python2.6/site-packages') +sys.path.insert(0, '$home_dir/$user/web/$domain/private/django/$domain/project/src/shared/') +sys.path.insert(0, '$home_dir/$user/web/$domain/private/django/$domain/project/src/') + +os.environ['DJANGO_SETTINGS_MODULE'] = 'main.settings' +import django.core.handlers.wsgi +application = django.core.handlers.wsgi.WSGIHandler()" > $docroot/django.wsgi +chown $user:$user $docroot/django.wsgi + +exit 0 diff --git a/install/rhel/6/wsgi/httpd/wsgi.stpl b/install/rhel/6/wsgi/httpd/wsgi.stpl new file mode 100755 index 000000000..e2fdd3f40 --- /dev/null +++ b/install/rhel/6/wsgi/httpd/wsgi.stpl @@ -0,0 +1,49 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + + RMode config + RUidGid %user% %group% + RGroups apache + + + AssignUserID %user% %group% + + + WSGIDaemonProcess apx-idea user=%user% group=%user% processes=1 threads=5 display-name=%{GROUP} python-path=%home%/%user%/web/%domain%/private/django/%domain%/env/lib/python2.6/site-packages + WSGIProcessGroup apx-idea + WSGIApplicationGroup %{GLOBAL} + + + + AllowOverride FileInfo + Options ExecCGI Indexes + MultiviewsMatch Handlers + Options +FollowSymLinks + Order allow,deny + Allow from all + + + Include %home%/%user%/conf/web/s%web_system%.%domain%.conf* + + + diff --git a/install/rhel/6/wsgi/httpd/wsgi.tpl b/install/rhel/6/wsgi/httpd/wsgi.tpl new file mode 100644 index 000000000..ad5d8a076 --- /dev/null +++ b/install/rhel/6/wsgi/httpd/wsgi.tpl @@ -0,0 +1,44 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + + + + RMode config + RUidGid %user% %group% + RGroups apache + + + AssignUserID %user% %group% + + + WSGIDaemonProcess apx-idea user=%user% group=%user% processes=1 threads=5 display-name=%{GROUP} python-path=%home%/%user%/web/%domain%/private/django/%domain%/env/lib/python2.6/site-packages + WSGIProcessGroup apx-idea + WSGIApplicationGroup %{GLOBAL} + + + + AllowOverride FileInfo + Options ExecCGI Indexes + MultiviewsMatch Handlers + Options +FollowSymLinks + Order allow,deny + Allow from all + + + Include %home%/%user%/conf/web/%web_system%.%domain%.conf* + + + diff --git a/install/rhel/7/GPG.txt b/install/rhel/7/GPG.txt new file mode 100644 index 000000000..33bb1ff26 --- /dev/null +++ b/install/rhel/7/GPG.txt @@ -0,0 +1,30 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- +Version: GnuPG v1.4.5 (GNU/Linux) + +mQGiBExUOVkRBACPJeB3bdrAggHlFpkaB1aRDXDz7clRg6jyEzdMYHhrniSyjhAH ++b53zE4iapCHFIamEG2Fa7zS2lSx7068AmqHsZK5jwmyhTVVYuTtbebj1C4Y5ToW +icHhy4ullB7qeDmAod6EY4YSx2kYO3dR/QLk5QM4lWuV/OLdXWTeoKiiYwCg0UAP +yUkBXgNcKXrFqoJelmG3JEMEAIYM7CGwVd47FsM1UCu56HNQPErxLoUPBUlAQFtx +OMOFDMEm7qH7ve8FgGGRL9oHF7mSJ3y7HgM1BF5MHkKz6FjDrT1U5+Lub6oI2e90 +gfCMGlQAzUm9o+fijfbhKoEQ/xQRkUoqWEaf9zlFx1/4+NH+Qz/L8ZDTHvSLvUgt +HyZlA/916St5suAUugXu9PeLRVqboiHjhz0JWKneQEQ2QcTu8lhHsu/mZTWL9FYn +XwtiCJLZT8bpBSfl8Oeqhof1+sPgnv7t/LuKQ6JJmyJ46Sa453wfrs+xs32hKAe+ +ZN0VGBmHe7NhuhW/LdM0KMMr/LHuJJJAgmt+XVHi2RFwsZvdMbQkVmVzdGEgUGFj +a2FnZXMgPGJ1aWxkZXJAdmVzdGFjcC5jb20+iGAEExECACAFAkxUOVkCGwMGCwkI +BwMCBBUCCAMEFgIDAQIeAQIXgAAKCRBbjeFzoXeCtp6dAKDQfeTPHi6hCgg4L+sx +LEjXvVdLOwCfe9yfr+en+uz6qst0QBT2cAwB+q+5Ag0ETFQ5bBAIAJYZa9pV9l/R +OUFgIvdJd1mvzJpRAXsRBBJc22WuOHp22Uj+lMKrJMTRQZvFBvk9s7Mb1/ACXrL4 +vIbsKqXNAlVFp9kF1tKV2ejZ1MrJaQ4819bIkyG0lJzjl6u9lzJopF7ie00YHKC6 +1rltLaevfFjUXq1DoYZBg42hT/SOj+3+2D0e9qcxeuxXbsjnvwtxxUkWcP/ftOSt +HsAAbM1YtwGl9+fZLWG9+WIKNOE9kp+h2ywZtFA4v/Ms2op7oZGAL7C95k1EgLrH +mOZ0B2oKOLctV1z9keWksPN/osyG7Mg8ljv8zF3XwQFqHOHRntDqSWoFBMvJBkNS +vtm6u5WyKd8ABAsH/0RbeWVA+JqpZ24Rl57XoDRPRzno0m0EnkJMXr22uBq1lPg8 +VkadrGOshFXpM3Rho57f3U7fwKmShQXGEV7RHsWcxcfwOSKVJtI468sDuYXc2l1f +5nFo+rCtVh3BBq+JtZFKX0x53BesCT/M7l33Dfm9MDi34tEdPTPjumBIH1dowYdv +9/2HPlPp4NZte7gOO/VIAiS+jJ30aBn09t8duW5md7/rkOPIM5It05LGCLjb9hVm +R9zTwzw30fIrkeyWZdAbk76lH8u8j6PX30U6RRzb33+XIFR4ab3nlyqOQOpoTqyG +cs7B02sgBbyC+RG1EYfcelSEvLXkR8mjcqjs+MCISQQYEQIACQUCTFQ5bAIbDAAK +CRBbjeFzoXeCtlpcAKDLh59svtq/Gn99O9ZZw0nBjWv6sACfffDxPhCP1F852Jab +d8P1WGhr2Q8= +=Z1Jj +-----END PGP PUBLIC KEY BLOCK----- diff --git a/install/rhel/7/clamav/clamd.conf b/install/rhel/7/clamav/clamd.conf new file mode 100644 index 000000000..c215bcb98 --- /dev/null +++ b/install/rhel/7/clamav/clamd.conf @@ -0,0 +1,502 @@ +## +## Example config file for the Clam AV daemon +## Please read the clamd.conf(5) manual before editing this file. +## + + +# Comment or remove the line below. +#Example + +# Uncomment this option to enable logging. +# LogFile must be writable for the user running daemon. +# A full path is required. +# Default: disabled +LogFile /var/log/clamav/clamd.log + +# By default the log file is locked for writing - the lock protects against +# running clamd multiple times (if want to run another clamd, please +# copy the configuration file, change the LogFile variable, and run +# the daemon with --config-file option). +# This option disables log file locking. +# Default: no +#LogFileUnlock yes + +# Maximum size of the log file. +# Value of 0 disables the limit. +# You may use 'M' or 'm' for megabytes (1M = 1m = 1048576 bytes) +# and 'K' or 'k' for kilobytes (1K = 1k = 1024 bytes). To specify the size +# in bytes just don't use modifiers. +# Default: 1M +LogFileMaxSize 0 + +# Log time with each message. +# Default: no +LogTime yes + +# Also log clean files. Useful in debugging but drastically increases the +# log size. +# Default: no +#LogClean yes + +# Use system logger (can work together with LogFile). +# Default: no +LogSyslog yes + +# Specify the type of syslog messages - please refer to 'man syslog' +# for facility names. +# Default: LOG_LOCAL6 +#LogFacility LOG_MAIL + +# Enable verbose logging. +# Default: no +#LogVerbose yes + +# Log additional information about the infected file, such as its +# size and hash, together with the virus name. +#ExtendedDetectionInfo yes + +# This option allows you to save a process identifier of the listening +# daemon (main thread). +# Default: disabled +PidFile /var/run/clamav/clamd.pid + +# Optional path to the global temporary directory. +# Default: system specific (usually /tmp or /var/tmp). +TemporaryDirectory /var/tmp + +# Path to the database directory. +# Default: hardcoded (depends on installation options) +DatabaseDirectory /var/lib/clamav + +# Only load the official signatures published by the ClamAV project. +# Default: no +#OfficialDatabaseOnly no + +# The daemon can work in local mode, network mode or both. +# Due to security reasons we recommend the local mode. + +# Path to a local socket file the daemon will listen on. +# Default: disabled (must be specified by a user) +LocalSocket /var/run/clamav/clamd.sock + +# Sets the group ownership on the unix socket. +# Default: disabled (the primary group of the user running clamd) +#LocalSocketGroup virusgroup + +# Sets the permissions on the unix socket to the specified mode. +# Default: disabled (socket is world accessible) +#LocalSocketMode 660 + +# Remove stale socket after unclean shutdown. +# Default: yes +FixStaleSocket yes + +# TCP port address. +# Default: no +TCPSocket 3310 + +# TCP address. +# By default we bind to INADDR_ANY, probably not wise. +# Enable the following to provide some degree of protection +# from the outside world. +# Default: no +TCPAddr 127.0.0.1 + +# Maximum length the queue of pending connections may grow to. +# Default: 200 +MaxConnectionQueueLength 30 + +# Clamd uses FTP-like protocol to receive data from remote clients. +# If you are using clamav-milter to balance load between remote clamd daemons +# on firewall servers you may need to tune the options below. + +# Close the connection when the data size limit is exceeded. +# The value should match your MTA's limit for a maximum attachment size. +# Default: 25M +#StreamMaxLength 10M + +# Limit port range. +# Default: 1024 +#StreamMinPort 30000 +# Default: 2048 +#StreamMaxPort 32000 + +# Maximum number of threads running at the same time. +# Default: 10 +MaxThreads 50 + +# Waiting for data from a client socket will timeout after this time (seconds). +# Default: 120 +ReadTimeout 300 + +# This option specifies the time (in seconds) after which clamd should +# timeout if a client doesn't provide any initial command after connecting. +# Default: 5 +#CommandReadTimeout 5 + +# This option specifies how long to wait (in miliseconds) if the send buffer is full. +# Keep this value low to prevent clamd hanging +# +# Default: 500 +#SendBufTimeout 200 + +# Maximum number of queued items (including those being processed by MaxThreads threads) +# It is recommended to have this value at least twice MaxThreads if possible. +# WARNING: you shouldn't increase this too much to avoid running out of file descriptors, +# the following condition should hold: +# MaxThreads*MaxRecursion + (MaxQueue - MaxThreads) + 6< RLIMIT_NOFILE (usual max is 1024) +# +# Default: 100 +#MaxQueue 200 + +# Waiting for a new job will timeout after this time (seconds). +# Default: 30 +#IdleTimeout 60 + +# Don't scan files and directories matching regex +# This directive can be used multiple times +# Default: scan all +#ExcludePath ^/proc/ +#ExcludePath ^/sys/ + +# Maximum depth directories are scanned at. +# Default: 15 +#MaxDirectoryRecursion 20 + +# Follow directory symlinks. +# Default: no +#FollowDirectorySymlinks yes + +# Follow regular file symlinks. +# Default: no +#FollowFileSymlinks yes + +# Scan files and directories on other filesystems. +# Default: yes +#CrossFilesystems yes + +# Perform a database check. +# Default: 600 (10 min) +#SelfCheck 600 + +# Execute a command when virus is found. In the command string %v will +# be replaced with the virus name. +# Default: no +#VirusEvent /usr/local/bin/send_sms 123456789 "VIRUS ALERT: %v" + +# Run as another user (clamd must be started by root for this option to work) +# Default: don't drop privileges +User clam + +# Initialize supplementary group access (clamd must be started by root). +# Default: no +AllowSupplementaryGroups yes + +# Stop daemon when libclamav reports out of memory condition. +#ExitOnOOM yes + +# Don't fork into background. +# Default: no +#Foreground yes + +# Enable debug messages in libclamav. +# Default: no +#Debug yes + +# Do not remove temporary files (for debug purposes). +# Default: no +#LeaveTemporaryFiles yes + +# Detect Possibly Unwanted Applications. +# Default: no +#DetectPUA yes + +# Exclude a specific PUA category. This directive can be used multiple times. +# See http://www.clamav.net/support/pua for the complete list of PUA +# categories. +# Default: Load all categories (if DetectPUA is activated) +#ExcludePUA NetTool +#ExcludePUA PWTool + +# Only include a specific PUA category. This directive can be used multiple +# times. +# Default: Load all categories (if DetectPUA is activated) +#IncludePUA Spy +#IncludePUA Scanner +#IncludePUA RAT + +# In some cases (eg. complex malware, exploits in graphic files, and others), +# ClamAV uses special algorithms to provide accurate detection. This option +# controls the algorithmic detection. +# Default: yes +#AlgorithmicDetection yes + + +## +## Executable files +## + +# PE stands for Portable Executable - it's an executable file format used +# in all 32 and 64-bit versions of Windows operating systems. This option allows +# ClamAV to perform a deeper analysis of executable files and it's also +# required for decompression of popular executable packers such as UPX, FSG, +# and Petite. If you turn off this option, the original files will still be +# scanned, but without additional processing. +# Default: yes +ScanPE yes + +# Executable and Linking Format is a standard format for UN*X executables. +# This option allows you to control the scanning of ELF files. +# If you turn off this option, the original files will still be scanned, but +# without additional processing. +# Default: yes +ScanELF yes + +# With this option clamav will try to detect broken executables (both PE and +# ELF) and mark them as Broken.Executable. +# Default: no +DetectBrokenExecutables yes + + +## +## Documents +## + +# This option enables scanning of OLE2 files, such as Microsoft Office +# documents and .msi files. +# If you turn off this option, the original files will still be scanned, but +# without additional processing. +# Default: yes +ScanOLE2 yes + + +# With this option enabled OLE2 files with VBA macros, which were not +# detected by signatures will be marked as "Heuristics.OLE2.ContainsMacros". +# Default: no +#OLE2BlockMacros no + +# This option enables scanning within PDF files. +# If you turn off this option, the original files will still be scanned, but +# without decoding and additional processing. +# Default: yes +#ScanPDF yes + + +## +## Mail files +## + +# Enable internal e-mail scanner. +# If you turn off this option, the original files will still be scanned, but +# without parsing individual messages/attachments. +# Default: yes +ScanMail yes + +# Scan RFC1341 messages split over many emails. +# You will need to periodically clean up $TemporaryDirectory/clamav-partial directory. +# WARNING: This option may open your system to a DoS attack. +# Never use it on loaded servers. +# Default: no +#ScanPartialMessages yes + + +# With this option enabled ClamAV will try to detect phishing attempts by using +# signatures. +# Default: yes +#PhishingSignatures yes + +# Scan URLs found in mails for phishing attempts using heuristics. +# Default: yes +#PhishingScanURLs yes + +# Always block SSL mismatches in URLs, even if the URL isn't in the database. +# This can lead to false positives. +# +# Default: no +#PhishingAlwaysBlockSSLMismatch no + +# Always block cloaked URLs, even if URL isn't in database. +# This can lead to false positives. +# +# Default: no +#PhishingAlwaysBlockCloak no + +# Allow heuristic match to take precedence. +# When enabled, if a heuristic scan (such as phishingScan) detects +# a possible virus/phish it will stop scan immediately. Recommended, saves CPU +# scan-time. +# When disabled, virus/phish detected by heuristic scans will be reported only at +# the end of a scan. If an archive contains both a heuristically detected +# virus/phish, and a real malware, the real malware will be reported +# +# Keep this disabled if you intend to handle "*.Heuristics.*" viruses +# differently from "real" malware. +# If a non-heuristically-detected virus (signature-based) is found first, +# the scan is interrupted immediately, regardless of this config option. +# +# Default: no +#HeuristicScanPrecedence yes + +## +## Data Loss Prevention (DLP) +## + +# Enable the DLP module +# Default: No +#StructuredDataDetection yes + +# This option sets the lowest number of Credit Card numbers found in a file +# to generate a detect. +# Default: 3 +#StructuredMinCreditCardCount 5 + +# This option sets the lowest number of Social Security Numbers found +# in a file to generate a detect. +# Default: 3 +#StructuredMinSSNCount 5 + +# With this option enabled the DLP module will search for valid +# SSNs formatted as xxx-yy-zzzz +# Default: yes +#StructuredSSNFormatNormal yes + +# With this option enabled the DLP module will search for valid +# SSNs formatted as xxxyyzzzz +# Default: no +#StructuredSSNFormatStripped yes + + +## +## HTML +## + +# Perform HTML normalisation and decryption of MS Script Encoder code. +# Default: yes +# If you turn off this option, the original files will still be scanned, but +# without additional processing. +#ScanHTML yes + + +## +## Archives +## + +# ClamAV can scan within archives and compressed files. +# If you turn off this option, the original files will still be scanned, but +# without unpacking and additional processing. +# Default: yes +ScanArchive yes + +# Mark encrypted archives as viruses (Encrypted.Zip, Encrypted.RAR). +# Default: no +ArchiveBlockEncrypted no + + +## +## Limits +## + +# The options below protect your system against Denial of Service attacks +# using archive bombs. + +# This option sets the maximum amount of data to be scanned for each input file. +# Archives and other containers are recursively extracted and scanned up to this +# value. +# Value of 0 disables the limit +# Note: disabling this limit or setting it too high may result in severe damage +# to the system. +# Default: 100M +#MaxScanSize 150M + +# Files larger than this limit won't be scanned. Affects the input file itself +# as well as files contained inside it (when the input file is an archive, a +# document or some other kind of container). +# Value of 0 disables the limit. +# Note: disabling this limit or setting it too high may result in severe damage +# to the system. +# Default: 25M +#MaxFileSize 30M + +# Nested archives are scanned recursively, e.g. if a Zip archive contains a RAR +# file, all files within it will also be scanned. This options specifies how +# deeply the process should be continued. +# Note: setting this limit too high may result in severe damage to the system. +# Default: 16 +#MaxRecursion 10 + +# Number of files to be scanned within an archive, a document, or any other +# container file. +# Value of 0 disables the limit. +# Note: disabling this limit or setting it too high may result in severe damage +# to the system. +# Default: 10000 +#MaxFiles 15000 + + +## +## Clamuko settings +## + +# Enable Clamuko. Dazuko must be configured and running. Clamuko supports +# both Dazuko (/dev/dazuko) and DazukoFS (/dev/dazukofs.ctrl). DazukoFS +# is the preferred option. For more information please visit www.dazuko.org +# Default: no +#ClamukoScanOnAccess yes + +# The number of scanner threads that will be started (DazukoFS only). +# Having multiple scanner threads allows Clamuko to serve multiple +# processes simultaneously. This is particularly beneficial on SMP machines. +# Default: 3 +#ClamukoScannerCount 3 + +# Don't scan files larger than ClamukoMaxFileSize +# Value of 0 disables the limit. +# Default: 5M +#ClamukoMaxFileSize 10M + +# Set access mask for Clamuko (Dazuko only). +# Default: no +#ClamukoScanOnOpen yes +#ClamukoScanOnClose yes +#ClamukoScanOnExec yes + +# Set the include paths (all files inside them will be scanned). You can have +# multiple ClamukoIncludePath directives but each directory must be added +# in a seperate line. (Dazuko only) +# Default: disabled +#ClamukoIncludePath /home +#ClamukoIncludePath /students + +# Set the exclude paths. All subdirectories are also excluded. (Dazuko only) +# Default: disabled +#ClamukoExcludePath /home/bofh + +# With this option you can whitelist specific UIDs. Processes with these UIDs +# will be able to access all files. +# This option can be used multiple times (one per line). +# Default: disabled +#ClamukoExcludeUID 0 + +# With this option enabled ClamAV will load bytecode from the database. +# It is highly recommended you keep this option on, otherwise you'll miss detections for many new viruses. +# Default: yes +#Bytecode yes + +# Set bytecode security level. +# Possible values: +# None - no security at all, meant for debugging. DO NOT USE THIS ON PRODUCTION SYSTEMS +# This value is only available if clamav was built with --enable-debug! +# TrustSigned - trust bytecode loaded from signed .c[lv]d files, +# insert runtime safety checks for bytecode loaded from other sources +# Paranoid - don't trust any bytecode, insert runtime checks for all +# Recommended: TrustSigned, because bytecode in .cvd files already has these checks +# Note that by default only signed bytecode is loaded, currently you can only +# load unsigned bytecode in --enable-debug mode. +# +# Default: TrustSigned +#BytecodeSecurity TrustSigned + +# Set bytecode timeout in miliseconds. +# +# Default: 5000 +# BytecodeTimeout 1000 diff --git a/install/rhel/7/clamav/clamd.service b/install/rhel/7/clamav/clamd.service new file mode 100644 index 000000000..fdb3af7fd --- /dev/null +++ b/install/rhel/7/clamav/clamd.service @@ -0,0 +1,12 @@ +[Unit] +Description = clamd scanner (clamd) daemon +After = syslog.target nss-lookup.target network.target + +[Service] +Type = simple +ExecStart = /usr/sbin/clamd -c /etc/clamd.conf --nofork=yes +Restart = on-failure +PrivateTmp = true + +[Install] +WantedBy=multi-user.target diff --git a/install/rhel/7/clamav/freshclam.conf b/install/rhel/7/clamav/freshclam.conf new file mode 100644 index 000000000..61fb36465 --- /dev/null +++ b/install/rhel/7/clamav/freshclam.conf @@ -0,0 +1,6 @@ +DatabaseDirectory /var/lib/clamav +UpdateLogFile /var/log/clamav/freshclam.log +LogSyslog yes +DatabaseOwner clam +DatabaseMirror db.ca.clamav.net +DatabaseMirror db.local.clamav.net diff --git a/install/rhel/7/dovecot.tar.gz b/install/rhel/7/dovecot.tar.gz new file mode 100644 index 0000000000000000000000000000000000000000..24182a6adcbfc3b30f761408504e09d519842fad GIT binary patch literal 2640 zcmV-W3a|AaiwFQa4Tn_#1MOPtZyUK0_hChxXJ><9AN=1RMWe?5hoC+G_rp#p%Rv`EKAH@4@Mt)^&;O&d-tY(^e-=jl za4-V@4@dp}5eXkngHO=^x&NO$X+3#Du3ldah%Q;eGoBF5jNxLcVW!n8l{7MuIl;If z|85cTgj`7R)DWXq#7JCC3d(a$gcKdc5+)3h3dWfr3vOnfJJXs=p}XW}#x>#Eaw?=Y z`HFC1m`GWQ{1i*8gpri%TXGq^?vi)N10|$f5pGB-nMU~qgf7W=&K#>u$$|*B2#`rq zso>N}FJige-nLNOFmi3EsdQ(?Xv$O<8Q}RQLQb-rPA65FQo}SE!=YN1{dHBAQW^5% zr|TP%$fBSkC5stPW`r%dHgF_CWS(wpsZU8<88V}q#Apk}P~&t*St11klU&P!ktF9} zI!(0Uc@Dbk8J?ulj2N_-naOH8>yqb!#yPmhjyfaKTTu1Q_4AElNzNduDe(E{HOj_A zX(zP+N6;xqT_2huM>ff+Hd_b2%&gI^{=anIUS7N)&RVBdC$K0*rI=myR1;jW;i(ub znk*}x=36}f!C1N8gMP_natm(HAYO17&d(Lw378E_Ts!fjTRiPz#eS_|r>;*&H2)WT z0{g{`YdInyxJU!X~5yUwnJq3W-tn5O;@-m9M z^Q6)WR(v`$$N+X`TxsKi%^r}NjXh+^YGqxlIQyKU|1yY=m?pQDuQfl_9CSRkoJ1lO zpxK<*LvGxF2btgyI7Hr7rQY|24VB|c@LwzEXu?x;YzDkf(A5Pf=pwsI-ph(4RM?Qp zWS+|fXlr@Rsp4o3fDz3l9Kl){)vRYA1EiL#CMna2;xTxc3%fg&NwDCzJove0(=|&& zj#+owCGEG_I^-~c2nz56_yWY4N~mTh$iwm>?K$Z{SlDm{H(tK{=?YKy^G`1>FD`H1 z`$d&sw6(&|6gYDc5nUBTW;?;};A9iWj4jEr%~Vq4s}sLBgS~70j_VY-y<)nN`*$z1 z2JZ?iyP%MZtv?_!l+^H;=iIEEDJAHlc7oj^`m?TA?=F6f@)tQtwK*RHZuyxJtbNqKEW?fA;-lPdK1E$+B)DofT&!^ z3aSX0ijt|6u3P|ss4Z(VDyA+Mb*(Qd>ky)6^`;W?6F4}7nCNJlIoz(Xi|Kgc)g5m! z@aSbQApojSku@F`BL@?duz0nR;)|3$%pI0aJ$L?v?Ge@rOYPZp$$15N#R{?cZy^D0dcoj1v|l3hHPGjy)!xhuY!s=K0N=eJSy8 zma@&oGf8)tq%3DxF6%yFE01j!)sp~k2KHxe7Zm0?F=<#{=Q%7EnB<&#_wB$G3jI@n zXmH&I)zIz~6v{QrOGt#m;zhbL=VH^vS4t|ume6v6-uY^)VZiv<#JiE@xNU-Vd5TqB zjoT_{$ET>sxSa;=;?!z7ZtIrs1(uMfimg*S1V|x3685s#V9AB=Unu4_?Snfq@c?QZsFx*Tlkm^ zd}~@#XqYtvJ`_EN{SK;I=GBx7o4axeL4WKs5sIDWGKN^U{QbITbGTL1lgS)#EBx)eR^E){TM zLm_xxy?ue+Rur79yhV|2wtFbW${cKA`_jUtlW_TcxY=0mldL0jhsoJpm1;FmwO7pO zgqF-EB@#pGxV23rTvpJ)zJPbI@2hV#NCk%`RZRU=N0#U>EP5p-R)%)tHim6uSTDA_ zF*>aK@KEU1&f2Y;gy;-CS#0@XOj;jWzvuq9cmMB&ox(P%kNE=d!2LfQo(+zA{V*Dy z4F`i!5AOd_e-JhI|3eV=9UQU;FKF3;gb7H)J3a)onb>=iz^())?eK?>PH8{)q1CF{ zVVvH}ZvB#QmmN-Rv1@Is2g7?3c1LIhaL281^;m9L;&8|3CY&W?3ZN+gGMHfO0Nf)O zd=5vW(0;awd`vtxyrO%9zYlI-9o@x0cx{UL=F)bKrrLwP|A$e(zxVymaCFvd@P7z$@BjAA z>VfxvUxGh%Kfqcm6X=o+!@}%FZPDFKz@8fgH@ls|K8(UGrq~%A;Gny4Zw7}jc%f)! zY`47`k6`>9d?{-lx{BSC;GV$s_@2!5_@3DH_+82CsV(8(T3fJ(f7>jTRO>~G505qv zblKAUS28UANB84@5RQEPA4O*atp9isXz+gsLSLt`#b~Pd+_t#R{~Zhf1c90&&~*Y= zYBqj(5p~YryuZ3xKVtazm2q2;fSDv$L*I|}f7I&%?0Xjf*e*2q zKLDj%+aG_FImI90EX~9|quFoT@UID!=@`Gfb4kJu6%4<2;kv+DZ8sA8)YtkG7fD{F z?kVnLZDf-JzBc;U`#*o=2H-*buiyWp{-_r@{5SpoLC9U-p&JL7PFXtHc^kKrG)b7& zZbI+OV8J);$5{TiDbL!o0RP11ye(Rv{>{N3ee{NoHu$gKd>^;-cl6Nxzt@id|GnV= z8-U3E{udTB_&)^I&wGe$`@)BqZMiScVCcJ6Of{R}&(8c81ga8sumqce@5{$`Hhvmp yH`Gu=4K>tILk%_5P(uwh)KEhWHPlc;4K>tILk%_5P(uwJp8f-NY1hX9Pyhgu%_~d* literal 0 HcmV?d00001 diff --git a/install/rhel/7/dovecot/conf.d/10-auth.conf b/install/rhel/7/dovecot/conf.d/10-auth.conf new file mode 100644 index 000000000..dfcc83110 --- /dev/null +++ b/install/rhel/7/dovecot/conf.d/10-auth.conf @@ -0,0 +1,4 @@ +disable_plaintext_auth = no +auth_verbose = yes +auth_mechanisms = plain login +!include auth-passwdfile.conf.ext diff --git a/install/rhel/7/dovecot/conf.d/10-logging.conf b/install/rhel/7/dovecot/conf.d/10-logging.conf new file mode 100644 index 000000000..a5f207d51 --- /dev/null +++ b/install/rhel/7/dovecot/conf.d/10-logging.conf @@ -0,0 +1 @@ +log_path = /var/log/dovecot.log diff --git a/install/rhel/7/dovecot/conf.d/10-mail.conf b/install/rhel/7/dovecot/conf.d/10-mail.conf new file mode 100644 index 000000000..55313419e --- /dev/null +++ b/install/rhel/7/dovecot/conf.d/10-mail.conf @@ -0,0 +1,4 @@ +mail_privileged_group = mail +mail_access_groups = mail +mail_location = maildir:%h/mail/%d/%n +pop3_uidl_format = %08Xu%08Xv diff --git a/install/rhel/7/dovecot/conf.d/10-master.conf b/install/rhel/7/dovecot/conf.d/10-master.conf new file mode 100644 index 000000000..a75a9aaa4 --- /dev/null +++ b/install/rhel/7/dovecot/conf.d/10-master.conf @@ -0,0 +1,29 @@ +service imap-login { + inet_listener imap { + } + inet_listener imaps { + } +} + +service pop3-login { + inet_listener pop3 { + } + inet_listener pop3s { + } +} + + +service imap { +} + +service pop3 { +} + +service auth { + unix_listener auth-client { + group = mail + mode = 0660 + user = dovecot + } + user = dovecot +} diff --git a/install/rhel/7/dovecot/conf.d/10-ssl.conf b/install/rhel/7/dovecot/conf.d/10-ssl.conf new file mode 100644 index 000000000..3aaff6eec --- /dev/null +++ b/install/rhel/7/dovecot/conf.d/10-ssl.conf @@ -0,0 +1,3 @@ +ssl = yes +ssl_cert = = 2.1.4) : %v.%u + # Dovecot v0.99.x : %v.%u + # tpop3d : %Mf + # + # Note that Outlook 2003 seems to have problems with %v.%u format which was + # Dovecot's default, so if you're building a new server it would be a good + # idea to change this. %08Xu%08Xv should be pretty fail-safe. + # + #pop3_uidl_format = %08Xu%08Xv + + # Permanently save UIDLs sent to POP3 clients, so pop3_uidl_format changes + # won't change those UIDLs. Currently this works only with Maildir. + #pop3_save_uidl = no + + # POP3 logout format string: + # %i - total number of bytes read from client + # %o - total number of bytes sent to client + # %t - number of TOP commands + # %p - number of bytes sent to client as a result of TOP command + # %r - number of RETR commands + # %b - number of bytes sent to client as a result of RETR command + # %d - number of deleted messages + # %m - number of messages (before deletion) + # %s - mailbox size in bytes (before deletion) + # %u - old/new UIDL hash. may help finding out if UIDLs changed unexpectedly + #pop3_logout_format = top=%t/%p, retr=%r/%b, del=%d/%m, size=%s + + # Maximum number of POP3 connections allowed for a user from each IP address. + # NOTE: The username is compared case-sensitively. + #mail_max_userip_connections = 3 + + # Space separated list of plugins to load (default is global mail_plugins). + #mail_plugins = $mail_plugins + + # Workarounds for various client bugs: + # outlook-no-nuls: + # Outlook and Outlook Express hang if mails contain NUL characters. + # This setting replaces them with 0x80 character. + # oe-ns-eoh: + # Outlook Express and Netscape Mail breaks if end of headers-line is + # missing. This option simply sends it if it's missing. + # The list is space-separated. + #pop3_client_workarounds = +} diff --git a/install/rhel/7/dovecot/conf.d/auth-passwdfile.conf.ext b/install/rhel/7/dovecot/conf.d/auth-passwdfile.conf.ext new file mode 100644 index 000000000..69ab3a5d9 --- /dev/null +++ b/install/rhel/7/dovecot/conf.d/auth-passwdfile.conf.ext @@ -0,0 +1,9 @@ +passdb { + driver = passwd-file + args = scheme=MD5-CRYPT username_format=%n /etc/exim/domains/%d/passwd +} + +userdb { + driver = passwd-file + args = username_format=%n /etc/exim/domains/%d/passwd +} diff --git a/install/rhel/7/dovecot/dovecot.conf b/install/rhel/7/dovecot/dovecot.conf new file mode 100644 index 000000000..b44bd6a82 --- /dev/null +++ b/install/rhel/7/dovecot/dovecot.conf @@ -0,0 +1,4 @@ +protocols = imap pop3 +listen = * +base_dir = /var/run/dovecot/ +!include conf.d/*.conf diff --git a/install/rhel/7/epel-release.rpm b/install/rhel/7/epel-release.rpm new file mode 100644 index 0000000000000000000000000000000000000000..6c2a040be2d2fad18a7a2c4e194a4380786c945e GIT binary patch literal 14524 zcmbul1z1#F)HXb%gh)5&&>%H4z|bfupwc0r$RrKJ0MY^?3Ifs%qM$TL2q>Xaf^>9l@BiNa`Zw1;_qq4lYwxvdt$pTVqiA!S1O%j03=ZQYj>kA*5bhXp zS#cRc;s3`(1S0#-8c$1>iO$N-fk31Wfp--k6W%=lqyvG7&j01W6GY4ga2nu+{O>ym z&?Q+0I4Qt203`5L00Dhs?Z0(M*8g%+8vud!NVWh3>XYICBnl^HCLsfvc(k%QNS0>H zh@lsVD5Oj2K$$1J4GYaiN|)y&v3Q#|wQ5e%< zEIKqEwp6x`#&O%{jUorM zo}BNLj&wIG`MFy2b9C)d!sm1DFfXZ}?skJkOjA{zZb7*Vr&7|fYza(ouSih@anaWe z9bu{%@ zXYV~lD$@-+d8S}9${xRGUYcZB@36QM2?_RInrwR{SWI)8Cd0>ej1l{Ws?z@Qc=M|A z_pLh%$V*Y@nQT9N;PEBiH-8o8YO>sOUc~06-OZ@>Vdz&cd*wVLcqZ2Ov4SQv?UQY`c`8U2v_V{82j+3B;M)u>orrK{aOQV9-W9^hO$1glxl3XB8i(s>9giZ!t z5kGK?M!KxDWKM&3_kSuMJ~bU_rHKxidO*TS6>9hE?ZwpqYU>`M&_FpK##~w5@b0Tm zW}ccIj(;n>bh(pOn(`OjClTL^0qSc(anGghvKtS5D3WU{OBvSL{|v2KXYJwSA23X4 z`kBhw9^vLGFN46ypovjYP|%A<_^e0@y=9k}~=4 z_L19NI#BNL<|Q^Aoa6aHTrr~_ZKQvFf6HNFLWJ`TvJ#2h?pdEU=+392-l7Z9C$=jo zTJdj5>T;#@J|N9WzHVI8cNbnXFfO_Ct(l3l#^R_vmbOgz{Bq}1z+or#<1ot+{(~3D zC96TD_1A;Revw@W#?mUG_N~-lA>|>1@)RcMEaS6r%9uUpZ9~Sa^IFc1<|X>$cnw8j zF+2j{lMi9q9;Nsaa~zb*$K_P~ONu>y-|vEX3!I-mOFtnHEl(b8%wGGVO5tVtn_KwE zxAjR=go{mfFdPC7 z{0UTd;LNn8JMK3fzEkP1uRFWgWi%DxK7V){ea<_(l43 zZ|cWyMRm7Mohu_1l3$gKXEJx17ycTs?YD*K4YBLZE<3!7%R1|t*--bIbOM?D`-V=T+K63Ce~+W zReL6QHxJZMcQO_!PaZmN6Vt@o@sx{Y*zsn9gvS!1!uluUj7{kcm(>9+t(vL8Tt+E# z^p3||H!N&1L+bauXYEw+1%D6-L-1FBeB9~jX$simm_|@MBa2 z|3|2U1~LVZ3F#ld2lzn{@flwMkicorIKdARIQfa90njHU*aBoCU{3$U3xX{`s3J-^dHWf+{>v!@03?hL`4=f(14ytR{g+c}opH<=zkbHCXI$@$JDu^f{rcyA0Q663 z2b2@~_XLo@AD;1h00QHoeEzqb)ax%&{4sY*{0pGB9@$?4cF*sLudkT;tuw(!+`%M%?fK8XxZk_3=)Ec$)jYYq^0B_P#IYW6e$mqlSRW|GH4h?1_6h`rGP7i3`7or zl0l)RQ3xm!3q_-(Fmkf;a0p5sEd`N5N@0+2lnfkbN)`f>mj%HQ(o$HA91OUP$iblq zxGVw*mz9FbK;;2Dp)wG-JQgF1MIfc6;j;2rI7CWX1|9L8E0cSQ(5IP!l2tMPN~KQoyhgSQr$62Ic@R2bY&a!htD+fItu_ zgp3Rdi$o%^C^Qx&D+6pJIRplUkdcxDY{NofXpA%#0+mP0V6jjcl#Cn}ih%zp zok;Kz=K&{1_3!-O>f$kIJA}tSA5I{^04IB-u)3==4v%qn$DpOLRuUOl9qr= zK>i@%DI)><^A3edKmottdey{LEA2 zs@LqDoL%u4uoC(Yzl!j5w|A28bXNh31J$7a*M=Yx|HGyrz?6xDfoTVO_~2Z@fOXCY z6yDWc;*Sdx2P4pEu=^ihhz83;#0jMmghj@90BZKmI42CjH-ZHSg1@Rj`Avi)=8sgfS?#e$I-4+KzI1Mi9hd%Cz_FlY=K?1_V+5gr&Y5UD&Q2@g*f zD)B$P5M*F92AF4i93g5+oR$CS-5uy2A_J3_k_IDO&;%kcB@dM&jLpT~!ye%T{xdLH zz)~R8Nc>~kAIpGcLfg9&EJpu5>AMg}*k( zv@Gr#>zf*>YbpcPuo!O?=Fj@N1H|0}xRe0hx_ST?0av`Zy9W@&ftJK^2t2}B+1(u{ zj`YN0F@VJ07o#iZl(;KzAyJ}948Ku4*9ppk= zL2^RcrDdzH7!-#^+rwDc<%*ndSKLg0zjN-q8hX4m9gz`7(sC4+ zQbp0O6Si*B(r-bdd>~rqcbP7%-C#6LsDzC9(Pcf`^G7tLi9cNMc$(rM&3;hR&`cNd zO}k)8YG@~|%7%liWq6vWe^VL_f)1|K9b)aAtgx}#$!d>~Kw6Lp`R>6~Kt@LgH&tFa zxeb2FSS=7YAiuuB#u;+L@(}NQm#NCG^T)&uu`Xt@o9aapduHrLBC`ICu{jdf3!~Ws zB#f389ypBYg+}v=Pd_H2{Dr*2x3DFM&2X;K8djce?n7R<&;-oZqA2T0DB`#0Tj7wc zG}@P`(?pXM|)D zO=e(EVCPyUZYuL55vbnPt5P*&Z#X};p)<@S}N~5}JR2GmLr&ayId^V}guilRrV>t`9 z5^n{?Dzb!!2ADCa^A8kfy{uA_N_IbPe@r@>omDVlluNs_|3JcDn%-NPu5*KYK_N9v zjhnLiabmZ57GD-RTeAKnSMOQtZx>0uLAvYcK_Mk9s4{3|s96ifZoF(@Tk&+fr(?Y4 zQq>occ^-$)Zf`Yk5%{I@uNPloFaDbDH~e9~mNsqNKe1W9;KnN~>-15*j500lTC3m? zS}udX_|?-`wZTx!uO0q%6Cp!i+=72iH`qt0StvKy=wt3x%ufo8NZC8(Jf9w|e$?jB zJmy~L4ARsRNqX8nLOf?ZL+hr>y2rE~bc|7Yv{s;B?sUVYcLjaYZJxc^SxTC@`aE%<7os1s^P zH{ZjA$g!06tx~&VD@gXRJn;p(g7elMgIkC%q%zHD;iOFIVz18n0P8I5o@xC-peZ8rTK&gN`1G?0WaKR3fO}u*>qgD8Y|61 zb-cF9HN?N@^zx8h=bYyuZMKc`9Id`}oO|(8kI=V{Sl`Mk-t?OfcM&_?vN+~*b_XS) z?}IWVz%`Ze3o#m7zl+q{=cXsBFh9(vyE z!<)%GtG~nJfA>(0TOj!$AM-O>MJs=_@l?I_qmcCz@l282=B9Rdt-nOoOD4cFB#w^l@kS;()3e)j_O2ujg{>lLx?e|CCO~HxCd8aPunC{`E`>WzF)sa9fzzW zdu;A}OT?$U_k3bvs)sbceey?7`vK$Mzh|Dhd9pmxmB=N!TUyOGvY|JBEK(~OuKB>? zDw*8!w3K#AZ^Q``N7YwteV+@OYmEzwYq%jp{X0=US%(o3U+-o(Q^e=y^&ejRz8@L! zQRW)UJi?@q|@ikCn2Q0>fz%;fRB$_YLAUD{mpg2UnC{o#^tn)RF? z`(QE6pH}(UkJ%@-z5FyPPMkCCV&I7mhE!f&pWb`nKjKf;i_z^nhk}OYY1G@ukxBC#n+%4^D_xLqCPBso<+J9;aMN z+*8IuCGVpgL~Im;SWfq^_JS7#k2pDLgc#Xe9oggr+{G31?ltt~uK)g(q$bKs=8`p? z+aS0gEW$}l946R4a-~20n^#jU$fb~o`9=+$!Kbe0)u}oKQ&{?k@(s5k(qlS&8TmzB zy-2y|)~k*m$nRR1(_|lg<}gldkfD9cHYl=I^2!PEi7f+*l#fr?=!h@iIhP%wd;97$ zklt0K-fU(WmECWjp~~^#WNAAPR4ZKIH^nXeQry676j(OqmShH*bkOiit{G_J3R~6~ zR*1!%M46RUm$K%;0w2dU=K-4r_A&W$1}hq)p{y@bZw3e^Jv|p>kd)vyoXGAd~4tJ{mRo)rxGFw9Cy-#)_cS?~i zU0XLtX_wrx{HK5Db02mQAF4roBzp6`iR$wJRFU<)o8QfBEk{k21&l{HWW~fq?-4uq zme~6?s)u_<1h-*x5(e;-f)>=1gQBd3Z1XEFUJ9Y-Ay$l8Ag1XGZa%I6QPw#A0ytSqL|B3Qrbx4W)54|r&RbMv02)r z3n$u4UGaw}t!w1Af6usArm%fRPQy`7r2A}T1!@V@RGZnhB)!TR{>*0O;I8qMF}Ilq z#3bGKD0a_&nUQ96m5IG#Hkhp#G(Qdz^QjOi6|LZf-;1z}(p+{mEp};UqK&=) zw4fyM=8mO$&aWisRy+H!HCM^oBT7TMb!vuXRoO3FMv~U2Tja+FzC~H#!%`RfQ9#;ZVDH<$pkQH zL1yRa8E{f=9lb+k)yh3hSiyH%r3pJsk-D(Fela1`SCn~kjgxf>OE&{&@?lalcX!Nt zh7Y%wS(VIqu^j4{=8vX%`=bHRiVvdrM|z(b1Zxe%aeug~&l(j(WmiY{Bfc0Pkxj!F z9ZY+2AXAzGr+@by$vc`$0nw}6XjD>n{>|KVEAhkB4{iDBT4;h?G+5=r<#%HV$7*su zbHh|U7Ygr3#|BE-HBa>88>hw2M;aJ1J@&A@U;K?lF-`e&bWkQzbxKYatHzga>lYbw z1nb5Ne-aw)d|MyU$Wqg1pc;1XQ!Jg0hrhU;hlSSaR?5K8buFK)1QL{f{&o8=(-e}+ zrfZXXuQqj`^pHZC`5r#b&`VL|p5fQgxi^J7o}A@<6?vLwf6tqn{=45jedp(GqONi} zpFI~6Soz1!jm@kLOP0-=hvYbJm(SBKJR>K8g`%!QTll_S;Pd-dG&GWB%462d4r*2ziR%n6^X288Fgpz_cn59Ey7aw%bpiaZtWrN7)DI8O)+>%94b1azTrx#0cRqYL*pE1!aJ_hsr{5iqP z(%Z;|IT9O~eN?{dFyCfy%+8nP<5S`3!5Bfj*rV5J@iX|&+&Y)Xz(AN%wm_%ebGrKI zFmV@5<>>D4yV?NJ64Il(sCI`zm`&QH_%!#*)06rikAhLEx<4j%)+Vs8WMwLxK*yKz z78gmGg}5`f1+-IacF5K8XF51T6jr@QzZBkZ8g{sunNlCDIxqC>1C}F9QgFUkxv$r* zu_wygGRs1x<|e`_AmHcmi@|C*iQ_eU8aB{K1d<#+_8F`GC~>bS_BRs4|ztQr}>$ZF0db+1pV7nemLlJ*gVx8#KZDWOsdQ*q8;kkf>6Eve6+eap~ zX;J|iEKO3rO;IJ&#@JMB|BlP<`;2Rcrn=7_T-q0Z?=2HTWYTJ@ZU^EPp2(Sa^Vvhz z*(44&NctjcP@$szcH>k+I8vuc_LQh50HTvCJ#JSZL|ga2HIx z^0G`U{dl_AgCpHfq!!eD@|%j^FVPywDAcATw76u(62mK4)`QsMcQ!MrZGlD9s%0;k z{HP|8cb=zi-codbP1$v1*zYbLm-NWx^Kx#%q&+xY9F#tt7{YTL+&k zr(AXu#X7;EWr&K-TT8Sdu(!-P(y|qFkZs|@I~By4G#Az18LD%>nAQpSCK&jBfoy?M zl_~dKNXnhsg%^~tNn$d3m?y6s*+$<@vPP44U}84M48HX)>8jSy=EZ!@f&wsI+*c!> z{@)E>^tEQFGiqY!zlH6r>YI0cRt!86#K-#@U1761=jXedj`aOJt=~_<1#ae*+RvkF zbFB`Xk38d_NI$|!C?H4J8kE9SR@}DRX^&ZT#a3R@u@KJ zc5UQ!r5Nf$=Z+?{Za@j&;T^qcma?KoC7bQeAFuk8@$EMEpS|+#%960>6zSmNy7U$a z>80XM;6Np-N=1r%#;q<-tY7-93F3ICw_m+ zwRqZ}`#vfwZoz7RoXm?}NBP&EPBjZYgWnb%YplmKiAS5YJAU{n zotWh=Oq(*&J>E`dm1Y#vSfA#ArvFrxysu%~tHh(9y%ka5`_sNX%zj@x!Bhwx%t*&@ zFh<;FMJ}BIiYJbyKz~q>X;O%}`@Qsn@?Lw@OurFT+~I4NJw``(HWyd)m8uVrj`QUy zI|gx}XPu^DA-8^A^S?~f$*i7ZBe5AO#eD^*7AtB}q0f60C9m#(1H9F2qX z173(u(Wb}IT^34Oc8{6{a0H{!6JutJo3kUnnGe3loZb+o)wz20ih*G2${PG)kv5ae zv)2tl&txax<>`Ke{MhCzrV21}9O>zceIHIjVzOvmDPh?K@ zwdTr}Ai=G5)Dg18iVlntF_o05^_j|spGu@c@cV*EhbK;z;~!~!O4Z=q#0*bFCJ!=# z8n^Ce&>x??GJS1gJ|1RvZ~D#Ay@^NR2hU98nCGat@AG#wKjOG^r4N~KO1Wxh3XX-m@ck87z^)BO+Vj|CDQMvPeLt&@($BA^dmmV$D zT?rpe*;MB>myYL9t8H#EvgNc5^Shs`brsj|%+_C)*K1v#&UYfr(zg7&o5mq8@;T;uQpU?k znIpeY@my&8TaE>H_sQk2wHJp*h*k&iu6Ge@&@C0x5?3YZtQhfJ&$daQt00#_(J#)Y zsT+LLm}vE-va1q|FT>d=O*%n(f&y~0!Tl3)gs1SQQiXr<3l4$RK z3nE$k$GG{{b*Otc6O65&HJC`QT<(o?^WeuY6rZ?>)v8E6%<}Rw@pi3LS6rMlSoet({WB(ZwmFeheBz1C8M)%wD z=)>&}^V60IvNon=m9#|KH;r(u$dDygfr@kQ5)OtA(3I=F?|6h(yLiNMUEj&5xxT3( zo{Xa9@w+K$CDR?5@!>pM)*X+9+(0Nz%2HEDYWwZwYrU>TALX|T_#I%e)(7I!FY~r9 z3%;EIeypsu?|<*0UMm$RbADC!I>}?AbM$Rh3hI%m>0};#UL%$&P81gnv-g+gMrPE% zzYuSKe4#sDWnSrW&0_89ojcmriL@ihX(b_@EiPXSK*=`)7#SiYoFgxOo_{L(8y$|T zar66_$Nw-TG=x&=lg@ClQFeUfUclX}he=FvUH_ta6_3s352lqWY# zJEE55_^TuPh-j0aMURcp2y?JU@l;FAnU9X#M9hT41+DBPJ5KDpN5)5v5Pkk~fnpC% zSh(G%5=KtXzo&@3Mk-diY~;W{!d*-5srq$Uyd$z#|E6}+9ZaXntp~Gk>GA@*d{K^v zpg0dAPtQX(NxD0#G8R?mFU#iHgsOUmMOs0gA5_Q^2 zQxgxoj$ZO%6-DQ z<%5+d>+LIKZ^a#c#qPeW3oR62y5DIsy7AtCEd9hNgLIR{WF}qWspyY*yQTis*i|#c zJcrhhD=*a*6V;<{apVpD2JreB=GBVX6x}X|7RiY{hl|}X)6MY9@yis=TljpgeBeKj zj0M!Zr8e6XW3G!mMVh_Yx#Z9s%W?qXdSW%tDX?sl9t|-NLt4EGKkZ>wBeIOx+#BSw zxwBczXV7<~vFJIP_o0XT^M2@3sG(-|Y|!NL7YdW&!CT%2dkrnY)O{U9F#XjgMsixg ziu)6!cEN}dx@aab$?)bEey*|%I+d5$4=_%6?{hBGr5j#?34t}*_9MOCqS0P@%Ut_1 z4hJT4B*)rO@DFt)wZ`AwC6O<;ugZU}NRQ0TJ1?shT`pg6qMo*0Rkq`XT8_IIG=At8 z6uh!sT;-eca7!-XUf-=wo03baoUe3_P{|xN3~k3#$0fSLhTrENUQ*ceNuxVly}W}I z9v-rPqj-szvg;)N{Y2Tl^48TiU0103XvMlID6*SxXH7Cjgt-`u?%TRO$+mk1e$v%y zvlb1Qu~XT_>`(a)%2ZF6MWV#b;@0`~7iqN1)czX{TH9Yc26g*ITO|C=0lK)$*x5Yu zE!)obOwiV$T9cd?Q+czN%n^u2eoJ*3&LK^^nEJKy3V~ahujU{Ycd2{uj^tIuR^gW~ zUsEjLJFN9(9ZW6N*P_)9R-s^FFo5^ES8-oRitvkyu>Zi>q|CeSGESVdL%ZzFH+6JhW9gco8dhMb(v#`Chc~sg_!@#q>E6-^S=YgP367BnC@w zbBc-?r)i$Xqk}~O&-xJEB0U(SVfr+Rok})$5|8 zT>he`_HRY<_Gq^Hz%&ouh;RF}4fZr+S0aW!W!6Pk_jjlL=z@()+A^b{S!1~1uu*nP z_t@+udhJf#@TpsV4@&62T>o@(clP}=eH(r1rot83 z@jO8&>YlP)IN#4_m1Mca5WRsc0k3>*|EnPJ5|c5|sD3D-6z!8N_4?|k1ixi9=oD;< z2JTmy!(VbR|FB{D&`nvn(O&dvMg~2)!s>b40$))#!gBsfw5UT9eobCFF1*%|=kABz z6=#`xoOrG&Gd03ZjU3U;v|DU z>BdS+hj9Dn8^n>mHzkkLLDRl=hMlDNEt%CP_No=N{g(T_NSpv@p)NUR(HU>^m{PSmWKL=d@qHlCcT% zs~1bX-rlM4Hr$IH=FRl=k?zi0H5b12Hj?FlLUwaMiNOm9;E5Bb>>UD-EW?T5{_zXR zOk)BMa5nl@%F`xJh^JA-kKfC6zK29OTWidor*NO%uX=j<-0!C!tU3DFA3mMDD7el; zi}4gItXeK_d?~2F_{P7Ik&@^>h&9uOuEX7x5zXVCaHqG*q)H2_VAkmR4h{kh=&krA zeOX9-53fP2<{qh`;u)PeW3qBZ;EA@^_p+qU+|5}E>= zvQ*#lHO1c+14Jy(%zwV9ndsC>&h);XklSuQ^k`3{N)KB6#mMi&-d@e?jWz0)%omYQ z)a5r`+{29+Ru5A{A0^6zJ>8~qg-nZ{^xaPR>WMn%p>JnEPnS8mcO4>n9dm5*0BS$T zL;3v8qalNS3tXS)JV>*RqV=0mDGMCIVUtY3=FQFOZTP++^pW}IcqhvjvBxO}7vJu7 z+;}4MgT@dQMQ))P!NWz>*?S-y%QKkaM6z??$(-oH!}JwHvv~4OY47+*<_kR)13L8I zHQ&kz*CKA2s$uR|?y}^_r82syayRSG7`_}laEiSqU{`D1Xiq;RwCApi@yDxbJj6BX zeH&=W->|03V!$8|83i^s8{dXTbe(vlj;bXGr$};fwQ9^OzwWrfyE>LEF|*z>-&Nxw@;M==F{>4k5$Sv@j2b}yWMKtG0qWu=Ngbru<8tY7oHOHUX1 zA=nq3MXBF|4tm$=3?NUijWDm4@pXUb@|H`e=S7D97#A9RHI! zfxBeRS?~FtA*nVSsybIjGyIpqjuxz^`trI`8I8Z;KfHA#78naL_B_WNyFs<*c_T=w&S+n>9P7m`-nvHs;FG4mKS zp?4P)icBK1PdKJ{jCd^O_X#&1|1py8cwg!xd*kp`jiy)D)l-#+4qsQTPrf_%el^t_ z5G@!ssC}KLzapw1V9hD^G3x6^7l*L8gA6rn z8XZGCx}=p%a?`e@?Z(^GO3!gw5%gTc*n?y$%JR4l3tj2x>qGdTEKIG9%gnJ1z316@ z>g)PakcwoNuEjiLzEDsQPTqH4)8Gkrn%AhB_G8i?Zyp?R3VMPY1-iX-tpDam`goX5;w}^+e&ECCdm4ynBMBvjT|Qmf2cPteEpq# z@#f0YV(n`9&J=QIZj%0S|9g6DS?oG)a#P>*HI3G$rD2P~V*zidq^Ft|(OTl*eWwjS z5Gd(JABfi%0);OXXI(62+af+SDm(nd#T1ZXa(zv6&AgZqbBhC0mWIAtj8r!l9+gKu)^7>% zhMR}HkOik^9O@-ZM)<_MyZy36)1PeY_zDB5crtA~$$7t3lE9yy&JWVwPwgV4RTPPBd{(U6~S4reKvk6Yw$`I&F%aNBB{9Hiit@jFOYtL9+yVG7K; uaBq52f4nR4+%x&nq%0XhDN7L1!|ThPL?Hi;fRpN#DK5f4h=HgqEdLjRaW2jP literal 0 HcmV?d00001 diff --git a/install/rhel/7/exim/dnsbl.conf b/install/rhel/7/exim/dnsbl.conf new file mode 100644 index 000000000..5166b255e --- /dev/null +++ b/install/rhel/7/exim/dnsbl.conf @@ -0,0 +1,2 @@ +bl.spamcop.net +zen.spamhaus.org diff --git a/install/rhel/7/exim/exim-smarthost.conf b/install/rhel/7/exim/exim-smarthost.conf new file mode 100644 index 000000000..086ca6507 --- /dev/null +++ b/install/rhel/7/exim/exim-smarthost.conf @@ -0,0 +1,384 @@ +###################################################################### +# # +# Exim configuration file for Vesta Control Panel # +# # +###################################################################### + +#SPAMASSASSIN = yes +#SPAM_SCORE = 50 +#CLAMD = yes + +domainlist local_domains = dsearch;/etc/exim/domains/ +domainlist relay_to_domains = dsearch;/etc/exim/domains/ +hostlist relay_from_hosts = 127.0.0.1 +hostlist whitelist = net-iplsearch;/etc/exim/white-blocks.conf +hostlist spammers = net-iplsearch;/etc/exim/spam-blocks.conf +no_local_from_check +untrusted_set_sender = * +acl_smtp_connect = acl_check_spammers +acl_smtp_mail = acl_check_mail +acl_smtp_rcpt = acl_check_rcpt +acl_smtp_data = acl_check_data +acl_smtp_mime = acl_check_mime + +.ifdef SPAMASSASSIN +spamd_address = 127.0.0.1 783 +.endif + +.ifdef CLAMD +av_scanner = clamd: /var/run/clamav/clamd.sock +.endif + +tls_advertise_hosts = * +tls_certificate = /etc/pki/tls/certs/exim.pem +tls_privatekey = /etc/pki/tls/private/exim.pem + +daemon_smtp_ports = 25 : 465 : 587 : 2525 +tls_on_connect_ports = 465 +never_users = root +host_lookup = * +rfc1413_hosts = * +rfc1413_query_timeout = 5s +ignore_bounce_errors_after = 2d +timeout_frozen_after = 7d + +DKIM_DOMAIN = ${lc:${domain:$h_from:}} +DKIM_FILE = /etc/exim/domains/${lc:${domain:$h_from:}}/dkim.pem +DKIM_PRIVATE_KEY = ${if exists{DKIM_FILE}{DKIM_FILE}{0}} + + +###################################################################### +# ACL CONFIGURATION # +# Specifies access control lists for incoming SMTP mail # +###################################################################### +begin acl + +acl_check_spammers: + accept hosts = +whitelist + + drop message = Your host in blacklist on this server. + log_message = Host in blacklist + hosts = +spammers + + accept + + +acl_check_mail: + deny condition = ${if eq{$sender_helo_name}{}} + message = HELO required before MAIL + + drop message = Helo name contains a ip address (HELO was $sender_helo_name) and not is valid + condition = ${if match{$sender_helo_name}{\N((\d{1,3}[.-]\d{1,3}[.-]\d{1,3}[.-]\d{1,3})|([0-9a-f]{8})|([0-9A-F]{8}))\N}{yes}{no}} + condition = ${if match {${lookup dnsdb{>: defer_never,ptr=$sender_host_address}}\}{$sender_helo_name}{no}{yes}} + delay = 45s + + drop condition = ${if isip{$sender_helo_name}} + message = Access denied - Invalid HELO name (See RFC2821 4.1.3) + + drop condition = ${if eq{[$interface_address]}{$sender_helo_name}} + message = $interface_address is _my_ address + + accept + + +acl_check_rcpt: + accept hosts = : + + deny message = Restricted characters in address + domains = +local_domains + local_parts = ^[.] : ^.*[@%!/|] + + deny message = Restricted characters in address + domains = !+local_domains + local_parts = ^[./|] : ^.*[@%!] : ^.*/\\.\\./ + + require verify = sender + + accept hosts = +relay_from_hosts + control = submission + + accept authenticated = * + control = submission/domain= + + deny message = Rejected because $sender_host_address is in a black list at $dnslist_domain\n$dnslist_text + hosts = !+whitelist + dnslists = ${readfile {/etc/exim/dnsbl.conf}{:}} + + require message = relay not permitted + domains = +local_domains : +relay_to_domains + + deny message = smtp auth requried + sender_domains = +local_domains + !authenticated = * + + require verify = recipient + +.ifdef CLAMD + warn set acl_m0 = no + + warn condition = ${if exists {/etc/exim/domains/$domain/antivirus}{yes}{no}} + set acl_m0 = yes +.endif + +.ifdef SPAMASSASSIN + warn set acl_m1 = no + + warn condition = ${if exists {/etc/exim/domains/$domain/antispam}{yes}{no}} + set acl_m1 = yes +.endif + + accept + + +acl_check_data: +.ifdef CLAMD + deny message = Message contains a virus ($malware_name) and has been rejected + malware = * + condition = ${if eq{$acl_m0}{yes}{yes}{no}} +.endif + +.ifdef SPAMASSASSIN + warn !authenticated = * + hosts = !+relay_from_hosts + condition = ${if < {$message_size}{100K}} + condition = ${if eq{$acl_m1}{yes}{yes}{no}} + spam = nobody:true/defer_ok + add_header = X-Spam-Score: $spam_score_int + add_header = X-Spam-Bar: $spam_bar + add_header = X-Spam-Report: $spam_report + set acl_m2 = $spam_score_int + + warn condition = ${if !eq{$acl_m2}{} {yes}{no}} + condition = ${if >{$acl_m2}{SPAM_SCORE} {yes}{no}} + add_header = X-Spam-Status: Yes + message = SpamAssassin detected spam (from $sender_address to $recipients). +.endif + + accept + + +acl_check_mime: + deny message = Blacklisted file extension detected + condition = ${if match {${lc:$mime_filename}}{\N(\.ade|\.adp|\.bat|\.chm|\.cmd|\.com|\.cpl|\.exe|\.hta|\.ins|\.isp|\.jse|\.lib|\.lnk|\.mde|\.msc|\.msp|\.mst|\.pif|\.scr|\.sct|\.shb|\.sys|\.vb|\.vbe|\.vbs|\.vxd|\.wsc|\.wsf|\.wsh)$\N}{1}{0}} + + accept + + + +###################################################################### +# AUTHENTICATION CONFIGURATION # +###################################################################### +begin authenticators + +login: + driver = plaintext + public_name = LOGIN + client_send = ": user@smartrelay.vestacp.com : p4sw0rd" + server_set_id = $auth1 + +dovecot_plain: + driver = dovecot + public_name = PLAIN + server_socket = /var/run/dovecot/auth-client + server_set_id = $auth1 + +dovecot_login: + driver = dovecot + public_name = LOGIN + server_socket = /var/run/dovecot/auth-client + server_set_id = $auth1 + + + +###################################################################### +# ROUTERS CONFIGURATION # +# Specifies how addresses are handled # +###################################################################### +begin routers + +smarthost: + driver = manualroute + domains = ! +local_domains + transport = remote_smtp_auth + route_list = * smartrelay.vestacp.com + +dnslookup: + driver = dnslookup + domains = !+local_domains + transport = remote_smtp + no_more + +userforward: + driver = redirect + check_local_user + file = $home/.forward + allow_filter + no_verify + no_expn + check_ancestor + file_transport = address_file + pipe_transport = address_pipe + reply_transport = address_reply + +procmail: + driver = accept + check_local_user + require_files = ${local_part}:+${home}/.procmailrc:/usr/bin/procmail + transport = procmail + no_verify + +autoreplay: + driver = accept + require_files = /etc/exim/domains/$domain/autoreply.${local_part}.msg + condition = ${if exists{/etc/exim/domains/$domain/autoreply.${local_part}.msg}}{yes}{no}} + retry_use_local_part + transport = userautoreply + unseen + +aliases: + driver = redirect + headers_add = X-redirected: yes + data = ${extract{1}{:}{${lookup{$local_part@$domain}lsearch{/etc/exim/domains/$domain/aliases}}}} + require_files = /etc/exim/domains/$domain/aliases + redirect_router = dnslookup + pipe_transport = address_pipe + unseen + +localuser_fwd_only: + driver = accept + transport = devnull + condition = ${if exists{/etc/exim/domains/$domain/fwd_only}{${lookup{$local_part}lsearch{/etc/exim/domains/$domain/fwd_only}{true}{false}}}} + +localuser_spam: + driver = accept + transport = local_spam_delivery + condition = ${if eq {${if match{$h_X-Spam-Status:}{\N^Yes\N}{yes}{no}}} {${lookup{$local_part}lsearch{/etc/exim/domains/$domain/passwd}{yes}{no_such_user}}}} + +localuser: + driver = accept + transport = local_delivery + condition = ${lookup{$local_part}lsearch{/etc/exim/domains/$domain/passwd}{true}{false}} + +catchall: + driver = redirect + headers_add = X-redirected: yes + require_files = /etc/exim/domains/$domain/aliases + data = ${extract{1}{:}{${lookup{*@$domain}lsearch{/etc/exim/domains/$domain/aliases}}}} + file_transport = local_delivery + redirect_router = dnslookup + +terminate_alias: + driver = accept + transport = devnull + condition = ${lookup{$local_part@$domain}lsearch{/etc/exim/domains/$domain/aliases}{true}{false}} + + + +###################################################################### +# TRANSPORTS CONFIGURATION # +###################################################################### +begin transports + +remote_smtp: + driver = smtp + dkim_domain = DKIM_DOMAIN + dkim_selector = mail + dkim_private_key = DKIM_PRIVATE_KEY + dkim_canon = relaxed + dkim_strict = 0 + +remote_smtp_auth: + driver = smtp + hosts = smartrelay.vestacp.com + hosts_require_auth = smartrelay.vestacp.com + +procmail: + driver = pipe + command = "/usr/bin/procmail -d $local_part" + return_path_add + delivery_date_add + envelope_to_add + user = $local_part + initgroups + return_output + +local_delivery: + driver = appendfile + maildir_format + maildir_use_size_file + user = ${extract{2}{:}{${lookup{$local_part}lsearch{/etc/exim/domains/$domain/passwd}}}} + group = mail + create_directory + directory_mode = 770 + mode = 660 + use_lockfile = no + delivery_date_add + envelope_to_add + return_path_add + directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim/domains/$domain/passwd}}}}/mail/$domain/$local_part" + quota = ${extract{6}{:}{${lookup{$local_part}lsearch{/etc/exim/domains/$domain/passwd}}}}M + quota_warn_threshold = 75% + +local_spam_delivery: + driver = appendfile + maildir_format + maildir_use_size_file + user = ${extract{2}{:}{${lookup{$local_part}lsearch{/etc/exim/domains/$domain/passwd}}}} + group = mail + create_directory + directory_mode = 770 + mode = 660 + use_lockfile = no + delivery_date_add + envelope_to_add + return_path_add + directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim/domains/$domain/passwd}}}}/mail/$domain/$local_part/.Spam" + quota = ${extract{6}{:}{${lookup{$local_part}lsearch{/etc/exim/domains/$domain/passwd}}}}M + quota_directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim/domains/$domain/passwd}}}}/mail/$domain/$local_part" + quota_warn_threshold = 75% + +address_pipe: + driver = pipe + return_output + +address_file: + driver = appendfile + delivery_date_add + envelope_to_add + return_path_add + +address_reply: + driver = autoreply + +userautoreply: + driver = autoreply + file = /etc/exim/domains/$domain/autoreply.${local_part}.msg + from = "${local_part}@${domain}" + subject = "${if def:h_Subject: {Autoreply: ${quote:${escape:$h_Subject:}}} {Autoreply Message}}" + to = "${sender_address}" + +devnull: + driver = appendfile + file = /dev/null + + + +###################################################################### +# RETRY CONFIGURATION # +###################################################################### +begin retry + +# Address or Domain Error Retries +# ----------------- ----- ------- +* * F,2h,15m; G,16h,1h,1.5; F,4d,6h + + + +###################################################################### +# REWRITE CONFIGURATION # +###################################################################### +begin rewrite + + + +###################################################################### diff --git a/install/rhel/7/exim/exim.conf b/install/rhel/7/exim/exim.conf new file mode 100644 index 000000000..0f9830168 --- /dev/null +++ b/install/rhel/7/exim/exim.conf @@ -0,0 +1,376 @@ +###################################################################### +# # +# Exim configuration file for Vesta Control Panel # +# # +###################################################################### + +#SPAMASSASSIN = yes +#SPAM_SCORE = 50 +#CLAMD = yes + +domainlist local_domains = dsearch;/etc/exim/domains/ +domainlist relay_to_domains = dsearch;/etc/exim/domains/ +hostlist relay_from_hosts = 127.0.0.1 +hostlist whitelist = net-iplsearch;/etc/exim/white-blocks.conf +hostlist spammers = net-iplsearch;/etc/exim/spam-blocks.conf +no_local_from_check +untrusted_set_sender = * +acl_smtp_connect = acl_check_spammers +acl_smtp_mail = acl_check_mail +acl_smtp_rcpt = acl_check_rcpt +acl_smtp_data = acl_check_data +acl_smtp_mime = acl_check_mime + +.ifdef SPAMASSASSIN +spamd_address = 127.0.0.1 783 +.endif + +.ifdef CLAMD +av_scanner = clamd: /var/run/clamav/clamd.sock +.endif + +tls_advertise_hosts = * +tls_certificate = /usr/local/vesta/ssl/certificate.crt +tls_privatekey = /usr/local/vesta/ssl/certificate.key + +daemon_smtp_ports = 25 : 465 : 587 : 2525 +tls_on_connect_ports = 465 +never_users = root +host_lookup = * +rfc1413_hosts = * +rfc1413_query_timeout = 5s +ignore_bounce_errors_after = 2d +timeout_frozen_after = 7d + +DKIM_DOMAIN = ${lc:${domain:$h_from:}} +DKIM_FILE = /etc/exim/domains/${lc:${domain:$h_from:}}/dkim.pem +DKIM_PRIVATE_KEY = ${if exists{DKIM_FILE}{DKIM_FILE}{0}} + + + +###################################################################### +# ACL CONFIGURATION # +# Specifies access control lists for incoming SMTP mail # +###################################################################### +begin acl + +acl_check_spammers: + accept hosts = +whitelist + + drop message = Your host in blacklist on this server. + log_message = Host in blacklist + hosts = +spammers + + accept + + +acl_check_mail: + deny condition = ${if eq{$sender_helo_name}{}} + message = HELO required before MAIL + + drop message = Helo name contains a ip address (HELO was $sender_helo_name) and not is valid + condition = ${if match{$sender_helo_name}{\N((\d{1,3}[.-]\d{1,3}[.-]\d{1,3}[.-]\d{1,3})|([0-9a-f]{8})|([0-9A-F]{8}))\N}{yes}{no}} + condition = ${if match {${lookup dnsdb{>: defer_never,ptr=$sender_host_address}}\}{$sender_helo_name}{no}{yes}} + delay = 45s + + drop condition = ${if isip{$sender_helo_name}} + message = Access denied - Invalid HELO name (See RFC2821 4.1.3) + + drop condition = ${if eq{[$interface_address]}{$sender_helo_name}} + message = $interface_address is _my_ address + + accept + + +acl_check_rcpt: + accept hosts = : + + deny message = Restricted characters in address + domains = +local_domains + local_parts = ^[.] : ^.*[@%!/|] + + deny message = Restricted characters in address + domains = !+local_domains + local_parts = ^[./|] : ^.*[@%!] : ^.*/\\.\\./ + + require verify = sender + + accept hosts = +relay_from_hosts + control = submission + + accept authenticated = * + control = submission/domain= + + deny message = Rejected because $sender_host_address is in a black list at $dnslist_domain\n$dnslist_text + hosts = !+whitelist + dnslists = ${readfile {/etc/exim/dnsbl.conf}{:}} + + require message = relay not permitted + domains = +local_domains : +relay_to_domains + + deny message = smtp auth requried + sender_domains = +local_domains + !authenticated = * + + require verify = recipient + +.ifdef CLAMD + warn set acl_m0 = no + + warn condition = ${if exists {/etc/exim/domains/$domain/antivirus}{yes}{no}} + set acl_m0 = yes +.endif + +.ifdef SPAMASSASSIN + warn set acl_m1 = no + + warn condition = ${if exists {/etc/exim/domains/$domain/antispam}{yes}{no}} + set acl_m1 = yes +.endif + + accept + + +acl_check_data: +.ifdef CLAMD + deny message = Message contains a virus ($malware_name) and has been rejected + malware = * + condition = ${if eq{$acl_m0}{yes}{yes}{no}} +.endif + +.ifdef SPAMASSASSIN + warn !authenticated = * + hosts = !+relay_from_hosts + condition = ${if < {$message_size}{100K}} + condition = ${if eq{$acl_m1}{yes}{yes}{no}} + spam = nobody:true/defer_ok + add_header = X-Spam-Score: $spam_score_int + add_header = X-Spam-Bar: $spam_bar + add_header = X-Spam-Report: $spam_report + set acl_m2 = $spam_score_int + + warn condition = ${if !eq{$acl_m2}{} {yes}{no}} + condition = ${if >{$acl_m2}{SPAM_SCORE} {yes}{no}} + add_header = X-Spam-Status: Yes + message = SpamAssassin detected spam (from $sender_address to $recipients). +.endif + + accept + + +acl_check_mime: + deny message = Blacklisted file extension detected + condition = ${if match {${lc:$mime_filename}}{\N(\.ade|\.adp|\.bat|\.chm|\.cmd|\.com|\.cpl|\.exe|\.hta|\.ins|\.isp|\.jse|\.lib|\.lnk|\.mde|\.msc|\.msp|\.mst|\.pif|\.scr|\.sct|\.shb|\.sys|\.vb|\.vbe|\.vbs|\.vxd|\.wsc|\.wsf|\.wsh)$\N}{1}{0}} + + accept + + + +###################################################################### +# AUTHENTICATION CONFIGURATION # +###################################################################### +begin authenticators + +dovecot_plain: + driver = dovecot + public_name = PLAIN + server_socket = /var/run/dovecot/auth-client + server_set_id = $auth1 + +dovecot_login: + driver = dovecot + public_name = LOGIN + server_socket = /var/run/dovecot/auth-client + server_set_id = $auth1 + + + +###################################################################### +# ROUTERS CONFIGURATION # +# Specifies how addresses are handled # +###################################################################### +begin routers + +#smarthost: +# driver = manualroute +# domains = ! +local_domains +# transport = remote_smtp +# route_list = * smartrelay.vestacp.com +# no_more +# no_verify + +dnslookup: + driver = dnslookup + domains = !+local_domains + transport = remote_smtp + no_more + +userforward: + driver = redirect + check_local_user + file = $home/.forward + allow_filter + no_verify + no_expn + check_ancestor + file_transport = address_file + pipe_transport = address_pipe + reply_transport = address_reply + +procmail: + driver = accept + check_local_user + require_files = ${local_part}:+${home}/.procmailrc:/usr/bin/procmail + transport = procmail + no_verify + +autoreplay: + driver = accept + require_files = /etc/exim/domains/$domain/autoreply.${local_part}.msg + condition = ${if exists{/etc/exim/domains/$domain/autoreply.${local_part}.msg}}{yes}{no}} + retry_use_local_part + transport = userautoreply + unseen + +aliases: + driver = redirect + headers_add = X-redirected: yes + data = ${extract{1}{:}{${lookup{$local_part@$domain}lsearch{/etc/exim/domains/$domain/aliases}}}} + require_files = /etc/exim/domains/$domain/aliases + redirect_router = dnslookup + pipe_transport = address_pipe + unseen + +localuser_fwd_only: + driver = accept + transport = devnull + condition = ${if exists{/etc/exim/domains/$domain/fwd_only}{${lookup{$local_part}lsearch{/etc/exim/domains/$domain/fwd_only}{true}{false}}}} + +localuser_spam: + driver = accept + transport = local_spam_delivery + condition = ${if eq {${if match{$h_X-Spam-Status:}{\N^Yes\N}{yes}{no}}} {${lookup{$local_part}lsearch{/etc/exim/domains/$domain/passwd}{yes}{no_such_user}}}} + +localuser: + driver = accept + transport = local_delivery + condition = ${lookup{$local_part}lsearch{/etc/exim/domains/$domain/passwd}{true}{false}} + +catchall: + driver = redirect + headers_add = X-redirected: yes + require_files = /etc/exim/domains/$domain/aliases + data = ${extract{1}{:}{${lookup{*@$domain}lsearch{/etc/exim/domains/$domain/aliases}}}} + file_transport = local_delivery + redirect_router = dnslookup + +terminate_alias: + driver = accept + transport = devnull + condition = ${lookup{$local_part@$domain}lsearch{/etc/exim/domains/$domain/aliases}{true}{false}} + + + +###################################################################### +# TRANSPORTS CONFIGURATION # +###################################################################### +begin transports + +remote_smtp: + driver = smtp + #helo_data = $sender_address_domain + dkim_domain = DKIM_DOMAIN + dkim_selector = mail + dkim_private_key = DKIM_PRIVATE_KEY + dkim_canon = relaxed + dkim_strict = 0 + +procmail: + driver = pipe + command = "/usr/bin/procmail -d $local_part" + return_path_add + delivery_date_add + envelope_to_add + user = $local_part + initgroups + return_output + +local_delivery: + driver = appendfile + maildir_format + maildir_use_size_file + user = ${extract{2}{:}{${lookup{$local_part}lsearch{/etc/exim/domains/$domain/passwd}}}} + group = mail + create_directory + directory_mode = 770 + mode = 660 + use_lockfile = no + delivery_date_add + envelope_to_add + return_path_add + directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim/domains/$domain/passwd}}}}/mail/$domain/$local_part" + quota = ${extract{6}{:}{${lookup{$local_part}lsearch{/etc/exim/domains/$domain/passwd}}}}M + quota_warn_threshold = 75% + +local_spam_delivery: + driver = appendfile + maildir_format + maildir_use_size_file + user = ${extract{2}{:}{${lookup{$local_part}lsearch{/etc/exim/domains/$domain/passwd}}}} + group = mail + create_directory + directory_mode = 770 + mode = 660 + use_lockfile = no + delivery_date_add + envelope_to_add + return_path_add + directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim/domains/$domain/passwd}}}}/mail/$domain/$local_part/.Spam" + quota = ${extract{6}{:}{${lookup{$local_part}lsearch{/etc/exim/domains/$domain/passwd}}}}M + quota_directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim/domains/$domain/passwd}}}}/mail/$domain/$local_part" + quota_warn_threshold = 75% + +address_pipe: + driver = pipe + return_output + +address_file: + driver = appendfile + delivery_date_add + envelope_to_add + return_path_add + +address_reply: + driver = autoreply + +userautoreply: + driver = autoreply + file = /etc/exim/domains/$domain/autoreply.${local_part}.msg + from = "${local_part}@${domain}" + subject = "${if def:h_Subject: {Autoreply: ${quote:${escape:$h_Subject:}}} {Autoreply Message}}" + to = "${sender_address}" + +devnull: + driver = appendfile + file = /dev/null + + +###################################################################### +# RETRY CONFIGURATION # +###################################################################### +begin retry + +# Address or Domain Error Retries +# ----------------- ----- ------- +* * F,2h,15m; G,16h,1h,1.5; F,4d,6h + + + +###################################################################### +# REWRITE CONFIGURATION # +###################################################################### +begin rewrite + + + +###################################################################### diff --git a/install/rhel/7/exim/spam-blocks.conf b/install/rhel/7/exim/spam-blocks.conf new file mode 100644 index 000000000..e69de29bb diff --git a/install/rhel/7/fail2ban.tar.gz b/install/rhel/7/fail2ban.tar.gz new file mode 100644 index 0000000000000000000000000000000000000000..563451b41911801445523d68e3fe4f910f1adc7c GIT binary patch literal 727 zcmV;|0x10-iwFR>PexP#1MQbfPvbBU$9vAF7>NVYN@*TV+6y4T0s@I;ky^NPdvKFU z>fOW%iPHsXKm6KBD6~yWk)Yj&f0yPl@i_R>*Fv5J=ZON1&hDswPicD z-1Fox50A!rzlpW?IkRDFAW*suH&qXf7i60>)#Z1meaHC7MSn#0qgkB384%Q7>V&{=ANXhy?u<3!{eK%Q$AA0%-*(NV{@+pke=EG`|5XN*J-=Xi;dz(`MHIoEOb8$apCIGZtF{Ni zImRi^wLP&lTwZ^^x;;JXkF+rgcNFc=OX64@CuABe>>V=WG7RxSSV8*}99(?u4~{@S zMjv=VUA66~gC(n`Yt4OXPF7D2@*_ZjfG>?;%LLnd+SA zm*dN;XVn*?(#43yDYewqhJG?dFX5Z0)uwM0ti5Wv_%XkaHeJ@*Sa$UlYkPXqytI{P z)6$mCo6NTQOVK#jyR-h_xN)-8sak&Uvi7d4NTER9egiTc J failed to login +ignoreregex = + diff --git a/install/ubuntu/fail2ban.jail.conf b/install/rhel/7/fail2ban/fail2ban.jail.conf similarity index 100% rename from install/ubuntu/fail2ban.jail.conf rename to install/rhel/7/fail2ban/fail2ban.jail.conf diff --git a/install/rhel/7/firewall.tar.gz b/install/rhel/7/firewall.tar.gz new file mode 100644 index 0000000000000000000000000000000000000000..e8556008077364323d7d6b6934e7a2cf7a734983 GIT binary patch literal 540 zcmV+%0^|K3iwFQ5XyQ}=1MQVdkJ>O4Mzij(@XnhsKo&*MSlh#7(1g=&0&FEG%?Me6ampuO4>y-_`!)kpP&FT0Pj|*j)GSV93 zG0u%P9?@5H>Ue&9TJ8w(mS4U;YbU>kw!5dto6pc!`1H`piz?!Qs? zZ2zTY(j)A}O)l`C?|(Hfn=&r%X0(YbN~&_+%&1`W&E*1z3IZzVUki(*D`*Kk5kQkG z1wFz!17_g@d9ch)G0;wCGL8I9sNtr~X-yEB=^d3PuoC0XT$oBik3eT~aJ zPYYM7vf@1@^`frQB1w}O-E1jovb=r04Y>?eKuHocY1?18ny~4FyPO>aM4!NUUOmFePy(-1M3SddTi>v8NVjB&*t=IgAYbgkDfmmx*FWy-yM^~-2uA1 z`-8QZ4$iCJUfZClsXi!k+gGp^gsj(jT}WJxQ(W4?Rswg^FKlTCd%;5d=XH e1VIo4K@bE%5ClOG1VIqwGCu%8Tmj4gC;$K)2?m1z literal 0 HcmV?d00001 diff --git a/install/rhel/7/firewall/ports.conf b/install/rhel/7/firewall/ports.conf new file mode 100644 index 000000000..a6ef4dae5 --- /dev/null +++ b/install/rhel/7/firewall/ports.conf @@ -0,0 +1,16 @@ +PROTOCOL='TCP' PORT='20' +PROTOCOL='TCP' PORT='21' +PROTOCOL='TCP' PORT='22' +PROTOCOL='TCP' PORT='25' +PROTOCOL='UDP' PORT='53' +PROTOCOL='TCP' PORT='80' +PROTOCOL='TCP' PORT='443' +PROTOCOL='TCP' PORT='110' +PROTOCOL='UDP' PORT='123' +PROTOCOL='TCP' PORT='143' +PROTOCOL='TCP' PORT='3306' +PROTOCOL='TCP' PORT='5432' +PROTOCOL='TCP' PORT='8080' +PROTOCOL='TCP' PORT='8433' +PROTOCOL='TCP' PORT='8083' +PROTOCOL='TCP' PORT='12000:12100' diff --git a/install/rhel/7/firewall/rules.conf b/install/rhel/7/firewall/rules.conf new file mode 100644 index 000000000..956c2e1d9 --- /dev/null +++ b/install/rhel/7/firewall/rules.conf @@ -0,0 +1,10 @@ +RULE='1' ACTION='ACCEPT' PROTOCOL='ICMP' PORT='0' IP='0.0.0.0/0' COMMENT='PING' SUSPENDED='no' TIME='17:13:48' DATE='2014-09-16' +RULE='2' ACTION='ACCEPT' PROTOCOL='TCP' PORT='8083' IP='0.0.0.0/0' COMMENT='VESTA' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='3' ACTION='ACCEPT' PROTOCOL='TCP' PORT='3306,5432' IP='0.0.0.0/0' COMMENT='DB' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='4' ACTION='ACCEPT' PROTOCOL='TCP' PORT='143,993' IP='0.0.0.0/0' COMMENT='IMAP' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='5' ACTION='ACCEPT' PROTOCOL='TCP' PORT='110,995' IP='0.0.0.0/0' COMMENT='POP3' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='6' ACTION='ACCEPT' PROTOCOL='TCP' PORT='25,465,587,2525' IP='0.0.0.0/0' COMMENT='SMTP' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='7' ACTION='ACCEPT' PROTOCOL='UDP' PORT='53' IP='0.0.0.0/0' COMMENT='DNS' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='8' ACTION='ACCEPT' PROTOCOL='TCP' PORT='21,12000-12100' IP='0.0.0.0/0' COMMENT='FTP' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='9' ACTION='ACCEPT' PROTOCOL='TCP' PORT='80,443' IP='0.0.0.0/0' COMMENT='WEB' SUSPENDED='no' TIME='17:04:27' DATE='2014-09-24' +RULE='10' ACTION='ACCEPT' PROTOCOL='TCP' PORT='22' IP='0.0.0.0/0' COMMENT='SSH' SUSPENDED='no' TIME='17:14:41' DATE='2014-09-16' diff --git a/install/rhel/7/httpd/httpd.conf b/install/rhel/7/httpd/httpd.conf new file mode 100644 index 000000000..40b034885 --- /dev/null +++ b/install/rhel/7/httpd/httpd.conf @@ -0,0 +1,58 @@ +ServerRoot "/etc/httpd" +Include conf.modules.d/*.conf +User apache +Group apache +ServerAdmin root@localhost + + + AllowOverride none + + +DocumentRoot "/var/www/html" + + AllowOverride None + Require all granted + + + + Options Indexes FollowSymLinks + AllowOverride None + Require all granted + + +DirectoryIndex index.php index.html + + + Require all denied + + +ErrorLog "logs/error_log" +LogLevel warn + +LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined +LogFormat "%h %l %u %t \"%r\" %>s %b" common +LogFormat "%b" bytes +CustomLog "logs/access_log" combined + +TypesConfig /etc/mime.types +AddType application/x-compress .Z +AddType application/x-gzip .gz .tgz +AddType text/html .shtml +AddOutputFilter INCLUDES .shtml +#AddHandler cgi-script .cgi + +AddDefaultCharset UTF-8 + + + MIMEMagicFile conf/magic + + +EnableSendfile on + + + RemoteIPHeader X-Real-IP + LogFormat "%a %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined + LogFormat "%a %l %u %t \"%r\" %>s %b" common + + +IncludeOptional conf.d/*.conf diff --git a/install/rhel/7/httpd/ruid2.conf b/install/rhel/7/httpd/ruid2.conf new file mode 100644 index 000000000..42f908a85 --- /dev/null +++ b/install/rhel/7/httpd/ruid2.conf @@ -0,0 +1,8 @@ +LoadModule ruid2_module modules/mod_ruid2.so + + + RMode config + RDefaultUidGid apache apache + RUidGid apache apache + RGroups apache + diff --git a/install/rhel/7/httpd/ssl.conf b/install/rhel/7/httpd/ssl.conf new file mode 100644 index 000000000..ccc067c19 --- /dev/null +++ b/install/rhel/7/httpd/ssl.conf @@ -0,0 +1,6 @@ +SSLPassPhraseDialog exec:/usr/libexec/httpd-ssl-pass-dialog +SSLSessionCache shmcb:/run/httpd/sslcache(512000) +SSLSessionCacheTimeout 300 +SSLRandomSeed startup file:/dev/urandom 256 +SSLRandomSeed connect builtin +SSLCryptoDevice builtin diff --git a/install/rhel/7/httpd/status.conf b/install/rhel/7/httpd/status.conf new file mode 100644 index 000000000..f68f293dc --- /dev/null +++ b/install/rhel/7/httpd/status.conf @@ -0,0 +1,7 @@ +Listen 127.0.0.1:8081 + + SetHandler server-status + Order deny,allow + Deny from all + Allow from 127.0.0.1 + diff --git a/install/rhel/7/logrotate/httpd b/install/rhel/7/logrotate/httpd new file mode 100644 index 000000000..80dab8e29 --- /dev/null +++ b/install/rhel/7/logrotate/httpd @@ -0,0 +1,10 @@ +/var/log/httpd/*log /var/log/httpd/domains/*log { + missingok + notifempty + compress + sharedscripts + postrotate + /sbin/service httpd reload > /dev/null 2>/dev/null || true + [ ! -f /var/run/nginx.pid ] || kill -USR1 `cat /var/run/nginx.pid` + endscript +} diff --git a/install/rhel/7/logrotate/nginx b/install/rhel/7/logrotate/nginx new file mode 100644 index 000000000..b1da1bf16 --- /dev/null +++ b/install/rhel/7/logrotate/nginx @@ -0,0 +1,12 @@ +/var/log/nginx/*log /var/log/nginx/domains/*log { + create 0644 nginx nginx + daily + rotate 10 + missingok + notifempty + compress + sharedscripts + postrotate + [ -f /var/run/nginx.pid ] && kill -USR1 `cat /var/run/nginx.pid` + endscript +} diff --git a/install/rhel/7/logrotate/vesta b/install/rhel/7/logrotate/vesta new file mode 100644 index 000000000..027a34396 --- /dev/null +++ b/install/rhel/7/logrotate/vesta @@ -0,0 +1,7 @@ +/usr/local/vesta/log/*.log { + missingok + notifempty + size 30k + yearly + create 0600 root root +} diff --git a/install/rhel/7/mariadb/my-large.cnf b/install/rhel/7/mariadb/my-large.cnf new file mode 100644 index 000000000..4e6c2225c --- /dev/null +++ b/install/rhel/7/mariadb/my-large.cnf @@ -0,0 +1,38 @@ +[mysqld] +datadir=/var/lib/mysql +socket=/var/lib/mysql/mysql.sock +symbolic-links=0 + +skip-external-locking +key_buffer_size = 256M +max_allowed_packet = 32M +table_open_cache = 256 +sort_buffer_size = 1M +read_buffer_size = 1M +read_rnd_buffer_size = 4M +myisam_sort_buffer_size = 64M +thread_cache_size = 8 +query_cache_size= 16M +thread_concurrency = 8 + +#innodb_use_native_aio = 0 +innodb_file_per_table + +max_connections=200 +max_user_connections=50 +wait_timeout=10 +interactive_timeout=50 +long_query_time=5 + +#slow_query_log=1 +#slow_query_log_file=/var/log/mysql-slow-queries.log + + +[mysqld_safe] +log-error=/var/log/mariadb/mariadb.log +pid-file=/var/run/mariadb/mariadb.pid + +# +# include all files from the config directory +# +!includedir /etc/my.cnf.d diff --git a/install/rhel/7/mariadb/my-medium.cnf b/install/rhel/7/mariadb/my-medium.cnf new file mode 100644 index 000000000..fa255ec52 --- /dev/null +++ b/install/rhel/7/mariadb/my-medium.cnf @@ -0,0 +1,37 @@ +[mysqld] +datadir=/var/lib/mysql +socket=/var/lib/mysql/mysql.sock +symbolic-links=0 + +skip-external-locking +key_buffer_size = 16M +max_allowed_packet = 16M +table_open_cache = 64 +sort_buffer_size = 512K +net_buffer_length = 8K +read_buffer_size = 256K +read_rnd_buffer_size = 512K +myisam_sort_buffer_size = 8M + +#innodb_use_native_aio = 0 +innodb_file_per_table + +max_connections=70 +max_user_connections=30 +wait_timeout=10 +interactive_timeout=50 +long_query_time=5 + +#slow_query_log=1 +#slow_query_log_file=/var/log/mysql-slow-queries.log + + + +[mysqld_safe] +log-error=/var/log/mariadb/mariadb.log +pid-file=/var/run/mariadb/mariadb.pid + +# +# include all files from the config directory +# +!includedir /etc/my.cnf.d diff --git a/install/rhel/7/mariadb/my-small.cnf b/install/rhel/7/mariadb/my-small.cnf new file mode 100644 index 000000000..933d4ae0b --- /dev/null +++ b/install/rhel/7/mariadb/my-small.cnf @@ -0,0 +1,35 @@ +[mysqld] +datadir=/var/lib/mysql +socket=/var/lib/mysql/mysql.sock +symbolic-links=0 + +skip-external-locking +key_buffer_size = 16K +max_allowed_packet = 1M +table_open_cache = 4 +sort_buffer_size = 64K +read_buffer_size = 256K +read_rnd_buffer_size = 256K +net_buffer_length = 2K +thread_stack = 240K + +#innodb_use_native_aio = 0 +innodb_file_per_table + +max_connections=50 +max_user_connections=25 +wait_timeout=10 +interactive_timeout=50 +long_query_time=5 + +#slow_query_log=1 +#slow_query_log_file=/var/log/mysql-slow-queries.log + +[mysqld_safe] +log-error=/var/log/mariadb/mariadb.log +pid-file=/var/run/mariadb/mariadb.pid + +# +# include all files from the config directory +# +!includedir /etc/my.cnf.d diff --git a/install/rhel/7/monit/clamd.conf b/install/rhel/7/monit/clamd.conf new file mode 100644 index 000000000..a360b1097 --- /dev/null +++ b/install/rhel/7/monit/clamd.conf @@ -0,0 +1,3 @@ +check process clamd with pidfile /var/run/clamav/clamd.pid + start program = "/etc/init.d/clamd start" + stop program = "/etc/init.d/clamd stop" diff --git a/install/rhel/7/monit/dovecot.conf b/install/rhel/7/monit/dovecot.conf new file mode 100644 index 000000000..c78216565 --- /dev/null +++ b/install/rhel/7/monit/dovecot.conf @@ -0,0 +1,3 @@ +check process dovecot with pidfile /var/run/dovecot/master.pid + start program = "/etc/init.d/dovecot start" + stop program = "/etc/init.d/dovecot stop" diff --git a/install/rhel/7/monit/exim.conf b/install/rhel/7/monit/exim.conf new file mode 100644 index 000000000..e7988e47d --- /dev/null +++ b/install/rhel/7/monit/exim.conf @@ -0,0 +1,3 @@ +check process exim with pidfile /var/run/exim.pid + start program = "/etc/init.d/exim start" + stop program = "/etc/init.d/exim stop" diff --git a/install/rhel/7/monit/httpd.conf b/install/rhel/7/monit/httpd.conf new file mode 100644 index 000000000..1ce1a594d --- /dev/null +++ b/install/rhel/7/monit/httpd.conf @@ -0,0 +1,3 @@ +check process httpd with pidfile /var/run/httpd/httpd.pid + start program = "/etc/init.d/httpd start" + stop program = "/etc/init.d/httpd stop" diff --git a/install/rhel/7/monit/mysql.conf b/install/rhel/7/monit/mysql.conf new file mode 100644 index 000000000..aa413c438 --- /dev/null +++ b/install/rhel/7/monit/mysql.conf @@ -0,0 +1,3 @@ +check process mysql with pidfile /var/run/mysqld/mysqld.pid + start program = "/etc/init.d/mysqld start" + stop program = "/etc/init.d/mysqld stop" diff --git a/install/rhel/7/monit/nginx.conf b/install/rhel/7/monit/nginx.conf new file mode 100644 index 000000000..d29af043c --- /dev/null +++ b/install/rhel/7/monit/nginx.conf @@ -0,0 +1,3 @@ +check process nginx with pidfile /var/run/nginx.pid + start program = "/etc/init.d/nginx start" + stop program = "/etc/init.d/nginx stop" diff --git a/install/rhel/7/monit/spamassassin.conf b/install/rhel/7/monit/spamassassin.conf new file mode 100644 index 000000000..0c9729d51 --- /dev/null +++ b/install/rhel/7/monit/spamassassin.conf @@ -0,0 +1,3 @@ +check process spamassassin with pidfile /var/run/spamd.pid + start program = "/etc/init.d/spamassassin start" + stop program = "/etc/init.d/spamassassin stop" diff --git a/install/rhel/7/monit/sshd.conf b/install/rhel/7/monit/sshd.conf new file mode 100644 index 000000000..b28123129 --- /dev/null +++ b/install/rhel/7/monit/sshd.conf @@ -0,0 +1,3 @@ +check process sshd with pidfile /var/run/sshd.pid + start program = "/etc/init.d/sshd start" + stop program = "/etc/init.d/sshd stop" diff --git a/install/rhel/7/monit/vesta-nginx.conf b/install/rhel/7/monit/vesta-nginx.conf new file mode 100644 index 000000000..1a85cac3a --- /dev/null +++ b/install/rhel/7/monit/vesta-nginx.conf @@ -0,0 +1,3 @@ +check process vesta-nginx with pidfile /var/run/vesta-nginx.pid + start program = "/etc/init.d/vesta start" + stop program = "/etc/init.d/vesta stop" diff --git a/install/rhel/7/monit/vesta-php.conf b/install/rhel/7/monit/vesta-php.conf new file mode 100644 index 000000000..80731189f --- /dev/null +++ b/install/rhel/7/monit/vesta-php.conf @@ -0,0 +1,3 @@ +check process vesta-php with pidfile /var/run/vesta-php.pid + start program = "/etc/init.d/vesta start" + stop program = "/etc/init.d/vesta stop" diff --git a/install/rhel/7/mysqld/my-large.cnf b/install/rhel/7/mysqld/my-large.cnf new file mode 100644 index 000000000..b548eeb87 --- /dev/null +++ b/install/rhel/7/mysqld/my-large.cnf @@ -0,0 +1,38 @@ +[mysqld] +datadir=/var/lib/mysql +socket=/var/lib/mysql/mysql.sock +symbolic-links=0 + +skip-external-locking +key_buffer_size = 256M +max_allowed_packet = 32M +table_open_cache = 256 +sort_buffer_size = 1M +read_buffer_size = 1M +read_rnd_buffer_size = 4M +myisam_sort_buffer_size = 64M +thread_cache_size = 8 +query_cache_size= 16M +thread_concurrency = 8 + +#innodb_use_native_aio = 0 +innodb_file_per_table + +max_connections=200 +max_user_connections=50 +wait_timeout=10 +interactive_timeout=50 +long_query_time=5 + +#slow_query_log=1 +#slow_query_log_file=/var/log/mysql-slow-queries.log + + +[mysqld_safe] +log-error=/var/log/mysqld.log +pid-file=/var/run/mysqld/mysqld.pid + +# +# include all files from the config directory +# +!includedir /etc/my.cnf.d diff --git a/install/rhel/7/mysqld/my-medium.cnf b/install/rhel/7/mysqld/my-medium.cnf new file mode 100644 index 000000000..e5f2677fc --- /dev/null +++ b/install/rhel/7/mysqld/my-medium.cnf @@ -0,0 +1,37 @@ +[mysqld] +datadir=/var/lib/mysql +socket=/var/lib/mysql/mysql.sock +symbolic-links=0 + +skip-external-locking +key_buffer_size = 16M +max_allowed_packet = 16M +table_open_cache = 64 +sort_buffer_size = 512K +net_buffer_length = 8K +read_buffer_size = 256K +read_rnd_buffer_size = 512K +myisam_sort_buffer_size = 8M + +#innodb_use_native_aio = 0 +innodb_file_per_table + +max_connections=70 +max_user_connections=30 +wait_timeout=10 +interactive_timeout=50 +long_query_time=5 + +#slow_query_log=1 +#slow_query_log_file=/var/log/mysql-slow-queries.log + + + +[mysqld_safe] +log-error=/var/log/mysqld.log +pid-file=/var/run/mysqld/mysqld.pid + +# +# include all files from the config directory +# +!includedir /etc/my.cnf.d diff --git a/install/rhel/7/mysqld/my-small.cnf b/install/rhel/7/mysqld/my-small.cnf new file mode 100644 index 000000000..adc7cd1fb --- /dev/null +++ b/install/rhel/7/mysqld/my-small.cnf @@ -0,0 +1,35 @@ +[mysqld] +datadir=/var/lib/mysql +socket=/var/lib/mysql/mysql.sock +symbolic-links=0 + +skip-external-locking +key_buffer_size = 16K +max_allowed_packet = 1M +table_open_cache = 4 +sort_buffer_size = 64K +read_buffer_size = 256K +read_rnd_buffer_size = 256K +net_buffer_length = 2K +thread_stack = 240K + +#innodb_use_native_aio = 0 +innodb_file_per_table + +max_connections=30 +max_user_connections=20 +wait_timeout=10 +interactive_timeout=50 +long_query_time=5 + +#slow_query_log=1 +#slow_query_log_file=/var/log/mysql-slow-queries.log + +[mysqld_safe] +log-error=/var/log/mysqld.log +pid-file=/var/run/mysqld/mysqld.pid + +# +# include all files from the config directory +# +!includedir /etc/my.cnf.d diff --git a/install/rhel/7/named/named.conf b/install/rhel/7/named/named.conf new file mode 100644 index 000000000..472bd829b --- /dev/null +++ b/install/rhel/7/named/named.conf @@ -0,0 +1,13 @@ +options { + directory "/var/named"; + dump-file "/var/named/data/cache_dump.db"; + pid-file "/var/run/named/named.pid"; + statistics-file "/var/named/data/named_stats.txt"; + version "get lost"; + allow-transfer {"none";}; + recursion no; + +}; + +include "/etc/rndc.key"; + diff --git a/install/rhel/7/nginx/nginx.conf b/install/rhel/7/nginx/nginx.conf new file mode 100644 index 000000000..0316de7ac --- /dev/null +++ b/install/rhel/7/nginx/nginx.conf @@ -0,0 +1,101 @@ +# Server globals +user nginx; +worker_processes 2; +error_log /var/log/nginx/error.log; +pid /var/run/nginx.pid; + + +# Worker config +events { + worker_connections 1024; + use epoll; +} + + +http { + # Main settings + sendfile on; + tcp_nopush on; + tcp_nodelay on; + client_header_timeout 1m; + client_body_timeout 1m; + client_header_buffer_size 2k; + client_body_buffer_size 256k; + client_max_body_size 100m; + large_client_header_buffers 4 8k; + send_timeout 30; + keepalive_timeout 60 60; + reset_timedout_connection on; + server_tokens off; + server_name_in_redirect off; + server_names_hash_max_size 512; + server_names_hash_bucket_size 512; + + + # Log format + log_format main '$remote_addr - $remote_user [$time_local] $request ' + '"$status" $body_bytes_sent "$http_referer" ' + '"$http_user_agent" "$http_x_forwarded_for"'; + log_format bytes '$body_bytes_sent'; + #access_log /var/log/nginx/access.log main; + access_log off; + + + # Mime settings + include /etc/nginx/mime.types; + default_type application/octet-stream; + + + # Compression + gzip on; + gzip_comp_level 9; + gzip_min_length 512; + gzip_buffers 8 64k; + gzip_types text/plain text/css text/javascript + application/x-javascript; + gzip_proxied any; + + + # Proxy settings + proxy_redirect off; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_pass_header Set-Cookie; + proxy_connect_timeout 90; + proxy_send_timeout 90; + proxy_read_timeout 90; + proxy_buffers 32 4k; + + + # SSL PCI Compliance + ssl_session_cache shared:SSL:10m; + ssl_protocols TLSv1 TLSv1.1 TLSv1.2; + ssl_prefer_server_ciphers on; + ssl_ciphers "ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4"; + + + # Error pages + error_page 403 /error/403.html; + error_page 404 /error/404.html; + error_page 502 503 504 /error/50x.html; + + + # Cache + proxy_cache_path /var/cache/nginx levels=2 keys_zone=cache:10m inactive=60m max_size=512m; + proxy_temp_path /var/cache/nginx/temp; + proxy_cache_key "$host$request_uri $cookie_user"; + proxy_ignore_headers Expires Cache-Control; + proxy_cache_use_stale error timeout invalid_header http_502; + proxy_cache_valid any 3d; + + map $http_cookie $no_cache { + default 0; + ~SESS 1; + ~wordpress_logged_in 1; + } + + + # Wildcard include + include /etc/nginx/conf.d/*.conf; +} diff --git a/install/rhel/7/nginx/phpmyadmin.inc b/install/rhel/7/nginx/phpmyadmin.inc new file mode 100644 index 000000000..09da52076 --- /dev/null +++ b/install/rhel/7/nginx/phpmyadmin.inc @@ -0,0 +1,15 @@ +location /phpmyadmin { + alias /usr/share/phpMyAdmin/; + + location ~ /(libraries|setup) { + return 404; + } + + location ~ ^/phpmyadmin/(.*\.php)$ { + alias /usr/share/phpMyAdmin/$1; + fastcgi_pass 127.0.0.1:9000; + fastcgi_index index.php; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $request_filename; + } +} diff --git a/install/rhel/7/nginx/phppgadmin.inc b/install/rhel/7/nginx/phppgadmin.inc new file mode 100644 index 000000000..333e560a2 --- /dev/null +++ b/install/rhel/7/nginx/phppgadmin.inc @@ -0,0 +1,11 @@ +location /phppgadmin { + alias /usr/share/phpPgAdmin/; + + location ~ ^/phppgadmin/(.*\.php)$ { + alias /usr/share/phpPgAdmin/$1; + fastcgi_pass 127.0.0.1:9000; + fastcgi_index index.php; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $request_filename; + } +} diff --git a/install/rhel/7/nginx/status.conf b/install/rhel/7/nginx/status.conf new file mode 100644 index 000000000..c0bcd0691 --- /dev/null +++ b/install/rhel/7/nginx/status.conf @@ -0,0 +1,9 @@ +server { + listen 127.0.0.1:8084 default; + server_name _; + server_name_in_redirect off; + location / { + stub_status on; + access_log off; + } +} diff --git a/install/rhel/7/nginx/webmail.inc b/install/rhel/7/nginx/webmail.inc new file mode 100644 index 000000000..2d0fbe293 --- /dev/null +++ b/install/rhel/7/nginx/webmail.inc @@ -0,0 +1,15 @@ +location /webmail { + alias /usr/share/roundcubemail/; + + location ~ /(config|temp|logs) { + return 404; + } + + location ~ ^/webmail/(.*\.php)$ { + alias /usr/share/roundcubemail/$1; + fastcgi_pass 127.0.0.1:9000; + fastcgi_index index.php; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $request_filename; + } +} diff --git a/install/rhel/7/packages.tar.gz b/install/rhel/7/packages.tar.gz new file mode 100644 index 0000000000000000000000000000000000000000..b857a50997708f615e832c6d84353378180f0280 GIT binary patch literal 552 zcmV+@0@wW?iwFSK#Bfyr1MQVxZ<{a_#q*p`kvCq}%r*v8q&^TpDl3635OsTsSi@LU z22r37`}VUTaYD$pRw944-Jc?XkFPQ0>Kw14r{^e%i}$_Lff$-X>#M3Xt{ZxoC^E&A z5MGC|ig9nCoba6lFGU%x2ZLU;_`b}3Q}?I&zm(Os|EnmClXVth#pl)B|IRAP7AMMdRw8svL}te)>+`D4TJf;&k;wP3i85!f4nFKkqBVQQQH)Y=Ga&TW=dieZ}m z%nP@xjL;bEo@!2gZ~nm_ZD*a}Vg7OEhXx-r_(yuyqhp2lLg7!(3Or2nrzqtgHcZRK zyR0BhMd}Clw(GLmJk673R{vkK3ExWUht8ONKhku1t5dCdFE%C!D>q2JL9F7^P2WTK zzeuB!2f&XD_+L{G@}J5C{C^gj{uicwga5_EYy6MVVE|N0BLRdWBA`;58L*RfAy6;e zr9d^_i-CH6F9&cd2P&nLAdt5~fQc^O>R7(cAQ1jfqGeWm$=CUX&wo_=A7SwSIXJuj zTlR0czh(Zm_m5cr!1)Kpf0ggMuss&G$GXgZ=sImL5dPovt9$pq?fl1F$Fimn@c%i0 q^Z(@MKh~+LE7u+b0000000000000000002MKgCa859^TtC;$NH%NR8P literal 0 HcmV?d00001 diff --git a/install/rhel/7/packages/default.pkg b/install/rhel/7/packages/default.pkg new file mode 100644 index 000000000..3df21d3df --- /dev/null +++ b/install/rhel/7/packages/default.pkg @@ -0,0 +1,19 @@ +WEB_TEMPLATE='default' +BACKEND_TEMPLATE='default' +PROXY_TEMPLATE='default' +DNS_TEMPLATE='default' +WEB_DOMAINS='100' +WEB_ALIASES='100' +DNS_DOMAINS='100' +DNS_RECORDS='100' +MAIL_DOMAINS='100' +MAIL_ACCOUNTS='100' +DATABASES='100' +CRON_JOBS='100' +DISK_QUOTA='10000' +BANDWIDTH='100000' +NS='ns1.localhost.ltd,ns2.localhost.ltd' +SHELL='nologin' +BACKUPS='3' +TIME='11:46:50' +DATE='2015-06-05' diff --git a/install/rhel/7/packages/gainsboro.pkg b/install/rhel/7/packages/gainsboro.pkg new file mode 100644 index 000000000..2b66b7d17 --- /dev/null +++ b/install/rhel/7/packages/gainsboro.pkg @@ -0,0 +1,19 @@ +WEB_TEMPLATE='default' +BACKEND_TEMPLATE='default' +PROXY_TEMPLATE='default' +DNS_TEMPLATE='default' +WEB_DOMAINS='10' +WEB_ALIASES='10' +DNS_DOMAINS='10' +DNS_RECORDS='10' +MAIL_DOMAINS='10' +MAIL_ACCOUNTS='10' +DATABASES='10' +CRON_JOBS='10' +DISK_QUOTA='10000' +BANDWIDTH='10000' +NS='ns1.localhost.ltd,ns2.localhost.ltd' +SHELL='nologin' +BACKUPS='1' +TIME='11:31:30' +DATE='2015-06-05' diff --git a/install/rhel/7/packages/palegreen.pkg b/install/rhel/7/packages/palegreen.pkg new file mode 100644 index 000000000..b17e5e1b2 --- /dev/null +++ b/install/rhel/7/packages/palegreen.pkg @@ -0,0 +1,19 @@ +WEB_TEMPLATE='hosting' +BACKEND_TEMPLATE='default' +PROXY_TEMPLATE='hosting' +DNS_TEMPLATE='default' +WEB_DOMAINS='50' +WEB_ALIASES='50' +DNS_DOMAINS='50' +DNS_RECORDS='50' +MAIL_DOMAINS='50' +MAIL_ACCOUNTS='50' +DATABASES='50' +CRON_JOBS='50' +DISK_QUOTA='50000' +BANDWIDTH='50000' +NS='ns1.localhost.ltd,ns2.localhost.ltd' +SHELL='nologin' +BACKUPS='5' +TIME='07:49:47' +DATE='2015-06-05' diff --git a/install/rhel/7/packages/slategrey.pkg b/install/rhel/7/packages/slategrey.pkg new file mode 100644 index 000000000..cc9ef423c --- /dev/null +++ b/install/rhel/7/packages/slategrey.pkg @@ -0,0 +1,19 @@ +WEB_TEMPLATE='default' +BACKEND_TEMPLATE='default' +PROXY_TEMPLATE='default' +DNS_TEMPLATE='default' +WEB_DOMAINS='100' +WEB_ALIASES='100' +DNS_DOMAINS='100' +DNS_RECORDS='100' +MAIL_DOMAINS='100' +MAIL_ACCOUNTS='100' +DATABASES='100' +CRON_JOBS='100' +DISK_QUOTA='10000' +BANDWIDTH='100000' +NS='ns1.localhost.ltd,ns2.localhost.ltd' +SHELL='nologin' +BACKUPS='3' +TIME='12:39:13' +DATE='2015-06-05' diff --git a/install/rhel/7/pga/config.inc.php b/install/rhel/7/pga/config.inc.php new file mode 100644 index 000000000..1eec9776c --- /dev/null +++ b/install/rhel/7/pga/config.inc.php @@ -0,0 +1,159 @@ + diff --git a/install/rhel/7/pga/phpPgAdmin.conf b/install/rhel/7/pga/phpPgAdmin.conf new file mode 100644 index 000000000..4f6ea1b53 --- /dev/null +++ b/install/rhel/7/pga/phpPgAdmin.conf @@ -0,0 +1,14 @@ +# +# This configuration file maps the phpPgAdmin directory into the URL space. +# By default this application is only accessible from the local host. +# + +Alias /phpPgAdmin /usr/share/phpPgAdmin +Alias /phppgadmin /usr/share/phpPgAdmin + + + Order deny,allow + Deny from all + Allow from 127.0.0.1 + Allow from all + diff --git a/install/rhel/7/php-fpm/www.conf b/install/rhel/7/php-fpm/www.conf new file mode 100644 index 000000000..260109d8f --- /dev/null +++ b/install/rhel/7/php-fpm/www.conf @@ -0,0 +1,10 @@ +[www] +listen = 127.0.0.1:9000 +listen.allowed_clients = 127.0.0.1 +user = apache +group = apache +pm = dynamic +pm.max_children = 50 +pm.start_servers = 5 +pm.min_spare_servers = 3 +pm.max_spare_servers = 35 diff --git a/install/rhel/7/pma/config.inc.conf b/install/rhel/7/pma/config.inc.conf new file mode 100644 index 000000000..47ae207e4 --- /dev/null +++ b/install/rhel/7/pma/config.inc.conf @@ -0,0 +1,143 @@ +. + * + * @package phpMyAdmin + */ + +/* + * This is needed for cookie based authentication to encrypt password in + * cookie + */ +$cfg['blowfish_secret'] = '%blowfish_secret%'; /* YOU MUST FILL IN THIS FOR COOKIE AUTH! */ + +/* + * Servers configuration + */ +$i = 0; + +/* + * First server + */ +$i++; +/* Authentication type */ +$cfg['Servers'][$i]['auth_type'] = 'cookie'; +/* Server parameters */ +$cfg['Servers'][$i]['host'] = 'localhost'; +$cfg['Servers'][$i]['connect_type'] = 'tcp'; +$cfg['Servers'][$i]['compress'] = false; +/* Select mysqli if your server has it */ +$cfg['Servers'][$i]['extension'] = 'mysql'; +$cfg['Servers'][$i]['AllowNoPassword'] = false; + +/* + * phpMyAdmin configuration storage settings. + */ + +/* User used to manipulate with storage */ +// $cfg['Servers'][$i]['controluser'] = 'pma'; +// $cfg['Servers'][$i]['controlpass'] = 'pmapass'; + +/* Storage database and tables */ +// $cfg['Servers'][$i]['pmadb'] = 'phpmyadmin'; +// $cfg['Servers'][$i]['bookmarktable'] = 'pma_bookmark'; +// $cfg['Servers'][$i]['relation'] = 'pma_relation'; +// $cfg['Servers'][$i]['table_info'] = 'pma_table_info'; +// $cfg['Servers'][$i]['table_coords'] = 'pma_table_coords'; +// $cfg['Servers'][$i]['pdf_pages'] = 'pma_pdf_pages'; +// $cfg['Servers'][$i]['column_info'] = 'pma_column_info'; +// $cfg['Servers'][$i]['history'] = 'pma_history'; +// $cfg['Servers'][$i]['tracking'] = 'pma_tracking'; +// $cfg['Servers'][$i]['designer_coords'] = 'pma_designer_coords'; +// $cfg['Servers'][$i]['userconfig'] = 'pma_userconfig'; +/* Contrib / Swekey authentication */ +// $cfg['Servers'][$i]['auth_swekey_config'] = '/etc/swekey-pma.conf'; + +/* + * End of servers configuration + */ + +/* + * Directories for saving/loading files from server + */ +$cfg['UploadDir'] = ''; +$cfg['SaveDir'] = ''; + +/** + * Defines whether a user should be displayed a "show all (records)" + * button in browse mode or not. + * default = false + */ +//$cfg['ShowAll'] = true; + +/** + * Number of rows displayed when browsing a result set. If the result + * set contains more rows, "Previous" and "Next". + * default = 30 + */ +//$cfg['MaxRows'] = 50; + +/** + * Use graphically less intense menu tabs + * default = false + */ +//$cfg['LightTabs'] = true; + +/** + * disallow editing of binary fields + * valid values are: + * false allow editing + * 'blob' allow editing except for BLOB fields + * 'all' disallow editing + * default = blob + */ +//$cfg['ProtectBinary'] = 'false'; + +/** + * Default language to use, if not browser-defined or user-defined + * (you find all languages in the locale folder) + * uncomment the desired line: + * default = 'en' + */ +//$cfg['DefaultLang'] = 'en'; +//$cfg['DefaultLang'] = 'de'; + +/** + * default display direction (horizontal|vertical|horizontalflipped) + */ +//$cfg['DefaultDisplay'] = 'vertical'; + + +/** + * How many columns should be used for table display of a database? + * (a value larger than 1 results in some information being hidden) + * default = 1 + */ +//$cfg['PropertiesNumColumns'] = 2; + +/** + * Set to true if you want DB-based query history.If false, this utilizes + * JS-routines to display query history (lost by window close) + * + * This requires configuration storage enabled, see above. + * default = false + */ +//$cfg['QueryHistoryDB'] = true; + +/** + * When using DB-based query history, how many entries should be kept? + * + * default = 25 + */ +//$cfg['QueryHistoryMax'] = 100; + +/* + * You can find more configuration options in Documentation.html + * or here: http://wiki.phpmyadmin.net/pma/Config + */ +?> diff --git a/install/rhel/7/pma/phpMyAdmin.conf b/install/rhel/7/pma/phpMyAdmin.conf new file mode 100644 index 000000000..0049ef2b7 --- /dev/null +++ b/install/rhel/7/pma/phpMyAdmin.conf @@ -0,0 +1,39 @@ +# phpMyAdmin - Web based MySQL browser written in php +# +# Allows only localhost by default +# +# But allowing phpMyAdmin to anyone other than localhost should be considered +# dangerous unless properly secured by SSL + +Alias /phpMyAdmin /usr/share/phpMyAdmin +Alias /phpmyadmin /usr/share/phpMyAdmin + + + Order Deny,Allow + Deny from All + Allow from All + + + + Order Deny,Allow + Deny from All + Allow from All + + +# This directory does not require access over HTTP - taken from the original +# phpMyAdmin upstream tarball +# + + Order Deny,Allow + Deny from All + Allow from None + + +# This configuration prevents mod_security at phpMyAdmin directories from +# filtering SQL etc. This may break your mod_security implementation. +# +# +# +# SecRuleInheritance Off +# +# diff --git a/install/rhel/7/postgresql/pg_hba.conf b/install/rhel/7/postgresql/pg_hba.conf new file mode 100644 index 000000000..1ba43941b --- /dev/null +++ b/install/rhel/7/postgresql/pg_hba.conf @@ -0,0 +1,11 @@ +# "local" is for Unix domain socket connections only +local all all ident + +# IPv4 local connections: +host all all 127.0.0.1/32 md5 + +# IPv6 local connections: +host all all ::1/128 md5 + +# Others +host all all 0.0.0.0/0 md5 diff --git a/install/rhel/7/proftpd/proftpd.conf b/install/rhel/7/proftpd/proftpd.conf new file mode 100644 index 000000000..a889ec82b --- /dev/null +++ b/install/rhel/7/proftpd/proftpd.conf @@ -0,0 +1,32 @@ +ServerName "FTP" +ServerIdent on "FTP Server ready." +ServerAdmin root@localhost +DefaultServer on +DefaultRoot ~ !adm + + + VRootEngine on + VRootAlias /etc/security/pam_env.conf etc/security/pam_env.conf + + +AuthPAMConfig proftpd +AuthOrder mod_auth_pam.c* mod_auth_unix.c +UseReverseDNS off +User nobody +Group nobody +MaxInstances 20 +UseSendfile off +LogFormat default "%h %l %u %t \"%r\" %s %b" +LogFormat auth "%v [%P] %h %t \"%r\" %s" +ListOptions -a +RequireValidShell off +PassivePorts 12000 12100 + + + Umask 002 + IdentLookups off + AllowOverwrite yes + + AllowAll + + diff --git a/install/rhel/7/remi-release.rpm b/install/rhel/7/remi-release.rpm new file mode 100644 index 0000000000000000000000000000000000000000..7eea9560b04fd594a5c12db9d740ff4100b6fce8 GIT binary patch literal 5764 zcmbVP2Urx>x1Xh`tQs&17Bq|o5F$g{28x1$AcBo1MFO+CvoNx|v&`<&W5AAxU2HL; zAO<^u7;I0BfExYVP>}>If3f$dsEG2;T?R{%_kBL+`|h0i-E+=8W$v7F=fSpze;Q+O z@mNYl6D*~qNG(N3oLvbwXG$q?M$?G@DHjhj{kzzr9k+ShTvwo%V2px+o{zz>0K?rm z3a^ffR*-}nKCvw?!X@gtx}z8VH^zPGU{78=D{ zfK6lquvgzl^fHR~#C|aQtJumeo_Wi>tZ5Gn`dailTJ!?j;CGyC9FiNYO1Petw2Jt7 z``r^|6I~SwnTV20r0yb-z)d2OkrIVM;VG926r@5Vq6Bg`iCpL*1!EZ2=j1tJk0>^^ zr>^|?DvOJ2`xg9*{qIj=8>Txsq(+=Qc5Qdlf2thxHyW&xE>~ec+MXMA@!HA3i)9Z> zuTfS9&y_unA8%OK{5%jt-rC#Sm%y{d2YHoX7$4=*8wTWsUy1lI6&!vE6zmz5bGVJ;pWyHt4&UVPTMi??VLcP@&EVfNpy0m=iWRoH z5n2af6boR(?njsp7<7!09>Qo}LjH_I2EJ3#WAINS#) z_+Y#pDDuw|DAGT}@%sWr@|QT=kK-eMVcw)aM+b6r07ol0>HrkhH)#fn*7pDk>zkl_ zfUhQ=Kw%wIoWsLAaMvRo4gd=BX2C#FJmWYV#^FGqpl>#f!;u_6p2JZ<5kHZ`NDi$x zpTn^nzcXLoa(ElZmjVU<%}xVF{>wWsU%_FD!$}-Q^B~Vxb6Ck?4Tp6=!9Ks!zMjLK z_EP|Zzx>reQM{=fznH^m97gX8_`R2N80DMiiz!&_!;*G&G~lLTw6u<4(=p$VB;*v1)HIBq#g!B;KT@hWQlT>_VPT217T1unBr<_Q z3+qT)t;N&zs(-PfOQi52$kY%#Wby<&i1DWwtzilj7psgjoA0h0spBr08t z>$Q{|*D<)3PEaEOl{23o26FFR#=#9Wqr)jRDOG|nsnAg@4!-C}rP2_n6Ru_ObViS> z^jaNSk&i49M27}iX`~?yjOJZhAPi^B7u+F}^^~qNLYh+RP#zStERhByke-h-`eDBG zI$B9D*x*W9txv<$49UvSSB;r^ z!6(z2Q=Ego5iICtoD=d_>MD1W3uUCMP(Zm$LwJC3b9b(DRZS{ zVuib_L?94J7@d_OmtOjk0bL0CJEOra*Tl!8uk#9%9Rs&OKL+QR_K+zo&IlCKxo0~JB(8#u`P>T$okO|X#rVMbd3cmbZ zRZwH!s=zn%d;-(rssi-~ssf5*d;&(*SNYGFR^=Z#*yn@2iF-j23ia{t*u@?D7470t zIDs2n!ah-0MrB`3xQLXXuDNLr3@-I)cy8asLb*)S6v{H@{IFuP&lc*7iKWKIz zOpE?GEvKaV1X`_N3@ko@%UMQ)D@a<&q)@Di(j_u-oU8c`+EiL6OGLeuW%O#0l+tQP zSRZ^q7CXIwc8Qa?ie_1cg?^^P!$X2WN=>C2j6mmt&Z>hM_|kDHDaUQOUpBA^T^NL* zilZKjJBUIl7R|~TN~<2K!&4bH30VXY@DJx|JZFou(P0?pItkPs?Z0)Bj%2Y^vYv)| zg@07q2z(;=3Wo{Yfl@&#a9JV=oeT~IP|xr{KQ3mJ&W@N-)kJ0U-GH;!yBgc=?=|b= z5{4uV7Y|Ad0jC%uXlxXeRrqCnmk7*-(#c#jNwf=uLnLStTsme@!!;ahoaHVUG07b# z5^zF8Yv8Cd6^=4+*EkV=asHD+!UFxH;zB2dhxm>i31SK=O-32cE?NL^?vW)C8kW&f zGC0x^S{*c3Sc%Y(EU6l))oKW-UZJ3XLuXJUg=P~X5nTt}s$wds8%aiFH1w=%uX}7X!Upru&*0aU^PH}l*L4{di}mZ-WFmEcrSG1->7e

?&SjP6`=nkw zTwAsud-T$Gs@;S&9{(vEdRn1=IMZfOjBUTj#hVtDd+_@83Z@>8p?+}C+cl4CcwCTm ze8Q~5G5)4|225GllKPFceVN6rsL`VGnaxqT*P9l^&dpvC+4a$n!jffEmK@j=zQ(3t zuTAOFO&k39b7zm39NznEbPwILfNt30;bVWXuDjDGW6;}*i1A&P_4HI8e5^E!HM$Y` z%b|V0K3cYyZ=Dt-72I7n?pEQ5HJXx~vf%j($~_Lp+GQV%yuMbXn&184Mf>SW%hTIR z3mo>U_PjkaV{p#|&-(v%eJ&~4_SBE~{;Qzy6~wKuEpr?bE_+0{T1>p#th60A)643+ zx|e$jCa#eLoftY|X~9Lo{-T2yBsZ;JG+iq2nc7MlKeNvBT7LS_^+it1j#G(G9gA+; z58BGpoQv_T-&;A(En^9h(n~35I=c5vp-kMK+1ro(ers|?ruWqrqvvLp!kRT^u{(y` z6V2(L7lJvr~Ts(>h4E*QAOIH$tnFvH45_>B*XnVoWc(usRz*KcP{&&z++ z_m5?^-Q?R;v-b-e4>bGoS6ZD4FfvZ_n^9QTrhXCiHXpb8ZJXmM+o}-1+WR}r{`+k& zD{KDgYq#9Hof0*zeD!#%Z!eB~=n!^cZF=OS6D3I=uh#u)Q@VY@zLMX(hYie|5q;@I zbuT+hVn032sfjm|2s2(@xOlW)URL^S%&)t$Hjgwr+iT2CZ*9`m=^I|0m&6R%_-aF{ z&}Oi$jlUjC{(5b<3o#Z!M$b#i$Xnv6EAq!3dcHY+U1FP8*Ou_5h4;T|+_2xN>PS+b z8k^lucFM8CwVDmL>YrvYhPaF>h8?cS=xgG`})S$RlAOTq4QjB z-q28g(mHU!_~h0*hds{y^4n_a==w{M_A6ia{&D@@>hEe6ggVUXQ`2&_?a~$#W3hK+ zYRjptyGDI3<&Epk_P$X$d~@+%xr)>ib4F|wW|qXf+Oo+qFEf9|pwgoaGi<^(&&fVN z=22!##6X9L*1($I-tqd4g)7a>n|?QaeV}IFP)6X96xMUjq^%J}ydfjjoA5Rj{+T~yOXk@( zu~V0A^4a^~kIO^S)^r^?Yg19~!#iIR$=F;ATj7n^WpBRCh%5Z&-h{~o!wPhb0drdg zqa~?dUzmL~`>NU2X+dmO`;?vaZ#hTphrAQ(YW`TaD@|py zWzCxHgO)5^NViw6Jbv?BO@9B{$KQ0hb=|x@)^F*vLTl?d-xPKDfUgptKZ!1Lv#D23 zt~lQ^>_En>^_F!d|#>Zj&E!V<57Oj zHU%rJ=pl7#_3kDdv!kjgrSOP0J@y>*4PQTNLFARZ_QTXQMPk{a@{HnPIbQ`>UKss& g?w6Vf=>v>+rN?<24BH%=6SL>em4Svv&yR}!Ul=4yT>t<8 literal 0 HcmV?d00001 diff --git a/install/rhel/7/roundcube/config.inc.php b/install/rhel/7/roundcube/config.inc.php new file mode 100644 index 000000000..0c82b1bc1 --- /dev/null +++ b/install/rhel/7/roundcube/config.inc.php @@ -0,0 +1,33 @@ + diff --git a/install/rhel/7/roundcube/main.inc.php b/install/rhel/7/roundcube/main.inc.php new file mode 100644 index 000000000..a27c306eb --- /dev/null +++ b/install/rhel/7/roundcube/main.inc.php @@ -0,0 +1,40 @@ + + Order Deny,Allow + Deny from all + Allow from all + diff --git a/install/rhel/7/roundcube/vesta.php b/install/rhel/7/roundcube/vesta.php new file mode 100644 index 000000000..b8695bd17 --- /dev/null +++ b/install/rhel/7/roundcube/vesta.php @@ -0,0 +1,59 @@ + + */ + +class rcube_vesta_password +{ + function save($curpass, $passwd) + { + $rcmail = rcmail::get_instance(); + $vesta_host = $rcmail->config->get('password_vesta_host'); + + if (empty($vesta_host)) + { + $vesta_host = 'localhost'; + } + + $vesta_port = $rcmail->config->get('password_vesta_port'); + if (empty($vesta_port)) + { + $vesta_port = '8083'; + } + + $postvars = array( + 'email' => $_SESSION['username'], + 'password' => $curpass, + 'new' => $passwd + ); + + $postdata = http_build_query($postvars); + + $send = 'POST /reset/mail/ HTTP/1.1' . PHP_EOL; + $send .= 'Host: ' . $vesta_host . PHP_EOL; + $send .= 'User-Agent: PHP Script' . PHP_EOL; + $send .= 'Content-length: ' . strlen($postdata) . PHP_EOL; + $send .= 'Content-type: application/x-www-form-urlencoded' . PHP_EOL; + $send .= 'Connection: close' . PHP_EOL; + $send .= PHP_EOL; + $send .= $postdata . PHP_EOL . PHP_EOL; + + $fp = fsockopen('ssl://' . $vesta_host, $vesta_port); + fputs($fp, $send); + $result = fread($fp, 2048); + fclose($fp); + + if(strpos($result, 'ok') && !strpos($result, 'error')) + { + return PASSWORD_SUCCESS; + } + else { + return PASSWORD_ERROR; + } + + } +} diff --git a/install/rhel/7/sudo/admin b/install/rhel/7/sudo/admin new file mode 100644 index 000000000..47e16098c --- /dev/null +++ b/install/rhel/7/sudo/admin @@ -0,0 +1,7 @@ +# Created by vesta installer +Defaults env_keep="VESTA" +Defaults:admin !syslog +Defaults:admin !requiretty + +admin ALL=(ALL) ALL +admin ALL=NOPASSWD:/usr/local/vesta/bin/* diff --git a/install/rhel/7/templates.tar.gz b/install/rhel/7/templates.tar.gz new file mode 100644 index 0000000000000000000000000000000000000000..fd86c50695d8193d1085ecc07a66b0355032bae9 GIT binary patch literal 12995 zcmajERZyKx7q*GJ26rd8y9WsFF2M;9BuH=q8+Uhi_YgG5#wEDBy9M{ne*X8Hsi~TS zshX}{ebChh-Bow@ef3&YF(@zyccr>8@E79Wyw-)1Uuw;Qib_1ZY}k@S@YZi@_vs#6 z8-As#J>}#*geWLjtKecN80x)VLLckk6rxj^l@+apQwVL=XwVVy{1IHtxu!q_L$^XxLrOk zKsmF@(e`bAG%{fh;M-!e!155D3xv-aOam-ho>0|w*E)7irm&t)G14DLU`rjcG01YZ z5a7|R2l{k>$Zz5KnlcTXS~$$F&@am)XDnYo7vz-Qy)9}w+!c2#*4L|ZHmHk&+XMv1 z8s2QLU@s8ms_brHJ-RHvr8IB1HND>H2|f44n{fWtr=ba#)b+&^l3n71v`u{rzCC}^7(g(1Xm@43b4 zg6c)o!{jmsMY7G^xWb3I24G(*krDh-|5{K1#D#0-tboj)Pvz=X`IcTm1gGc^Al&=S zd6s}ejhA|UDBkJ#tM>W$@PBdiUo5lgWH>|V*LYZgH@Ag!*7xH#(4^7Vzd*yH{i_kQ zfwt}t$oLCXBsnqPT)CzE5y0*r86!@!QH%gc#@(P;9FNlpZi)|=g$u`BS53)d$Yv74 zlNEa64FyI%M^z!rizzrO&SrUlo(OAqXV*_JPaTnVF#yfksmH;f07vYcxU5WLG6f+) zqmC`YKHojFYMEh3N%s0DaDTxXb%Yu_5~T;uv%Bp4&BFK!8vHX22F#H0r2YZt=kGvT z=>=o}wBRAZ`%6d7;2P2}#|QJJrs!SYd1?6$9L?tdO{rk;hEJFV7cJk5On}PP0&Ppy zLSLMN)f-y@{Uo*CsjfnJxjp=j3BmY70(9Fh&_#QSidIia@x^UG2MUH8UM&1hfu$h< z>ffkNOyaO{ixcbt8F_mCb@B!64k3(8CMD09n{h5=3k@OH;KZ1lQsFx#6_hoNW|y<9 zV9ZP+E&VjA-_)2o1e~T-!uW7#g!Og>9>Y*;;tQASGn$19QS6|eOGyMIjUZ#8E;}lX z`TW4e9g)+oC~7ZpQ3?z-tmr$i?0iZDT=)Hw;aKR3EEWX`9S$w46?8OOz1q{3PjB@y zAt)!*g`t>Yu56FcS4XX}8m;Zq!=UXv%Htr(*LSgNkV*GA{F^DqlK$p| zuAcp>*mjQ;J5e zJo%hX>{s!W*6Gg%9|riGk|KyU)C9Q;JWu8dtpoBSmM^o>7neP{ptM%=9qy@)#pdP@n3G>uZa=9Ef_YdCQ4We zjbiwk=9ORG`=ZYXn9O+YR~6-c&cRk8weApXQ~M;(k%{`_COp1#)ZG{!>O-o2^OKV2 z>MedP&AUqr2-s1>15+HDHx-$;Y2Q_j!gm_HAbR&2*kB?S!Q@ZM^dNtet?LLG`ltHQ znm)w_3-0ZreIo}f<;#_4(kEZ|^noThW+W5Q*Q8XQpJ*DlvSK57h_ZrgziiEGe3*Cm z_ebIo!mVGz#f?|@-^LZqcazeBd9Rh+?nL9V6Fxrm9WB|;8{6XgnBO&u*3sM4 zDUO_r@3g4ayGi2k1C~jZ1~SbSx2|C5+GQbR#A3V7`P$ z@A@T-728T?R>xbtFFTqbUxMim)HM6(s5mnj_?Xi^>7&<6$aHMRW<8nk-@PQ%PanES zugGDi;cdzmR5>WUHcsOUw*J~2-4mR~^4T*fyJso>aJff~Wsa?`ryYX}vT zd+7~aqab{Dh23{3;C#TisFk@pehk*Es+|VuB_B;@|tCKGc7uPx)m1(vNegw!s;eTZg5$>aV29_VV5a>!~3Q=LkCM2xBI- znz&#Xk>2qoi(Ou>#Txk`E^Krb;r(&s+-mp;a5vhSUnRn0X)k_sn(E$c>eqZeImD&! z9O~WfcKC+8f!=qq)xYTzmw8rKR`j4TY;%D#UruXoaqfTYecqy{rjO9d=4TlCFZm@?9m&*NN?=F_q(I1m*(Q6QR>}UO8!- z>Rn+UCy5Bt)N?dh84`|f?-Tg275jEDY4Se4eAI>i9%oVuq!?5)O-CdX`#8$SWxf=mWDM>HnrPCa( zsn@o4;laQtGDZX<<#v2?ZU7tKs&0wT{S=^iT?33i8JR;Jd@t9@dwrl(e<2f)5P1W$ zHxR3$WFUYH$!ZTEw*SoGtq}h*^E-e1ZGg~8wdJtJziX|@Uu@rF&FSZz4Y&gY=^dNr zrOY?U65@)Gj|+LVXvL(r9}Gp&{GN>vn|a?`=uqDx^Mz3QycMn>d#B7fg&iK(>eg6S zvF8;j(1+6IH}szJsBPx?pZG*`$mx~pTY@4}X}X*E>DKqvg6GoSO=ho!`U_P~5tzgF zYKoky%LHz!5BJK7OvCN!cy6@B{7#mxggDq|7Ef5i9$%uteTfO3u|hPzzDXg?Xx5}I zJd5gBYb6vSV545jI4G)L_rW&^EwW-j2Pttm6be!}_?>^j((rLGKO}8ww$!%85Nzsc zR+UKr-^QN}*Y6NJe>`&~=Ji!8`EYn#XiB#IEXW|70X*Kx1Otyxf$9xl@&r(_@&~4s z=CBKa^FR3~fHwXDrH3M!%qW7eG+_V-FAQ00+IDFRe`70B0EPohrkDffghB9&+$XXH zSGy7du3$|Dx;}0u$ltGgiI1?P=x`Gu>N13~EYNME%>b`&GywRu`4y~HQ}+(oDoF-H zk)bO005_4zNYl!13W%juE90cW`AbVazq<*7Gak#5xUUH)lfZ?33~*?rj7at8sn zmgv6yid+D$ZCx|q-l$4aJKG=H*?bLdhyvyv79U=wS>|$I%;cW8mj{8d7qfMcdO-lp zn==K_77x5>UNn0^wnggrCTD?h6yPoUSyINi{sCZ_6Mqo=xfty9_JBs~Khfosgh-;Bnc^>TXZ8NhTKAR>`Yb|2ipSIJ%IV2Wt1$qj8OV?HJd$?55()jCt}NM`9Md1ZRd2!~=68w?#_V$eMa~UfG>dVe_D7`()#zR zu6OI1>lczSMv&3?xP1Qdru1^Yy>EQo&hl=iyA3FxgStB&0lj2_IXH8=PEWyd!mHsy zsm2wPRkAuX1PdXL^0)}6ZjTNZmlDZ-%&rsEmh2=9+s z0$17JqkLz)8V~V$tHy5ZxZ%<$ycf~l?CL$A{iwi^v%|4geaOy>x|QrEhg2Z~Z+V(G zH3M>WO1q;aCK-7_1L*JC3`H>!L{4m1nYVl2`CZb9D#`u~ylKe9@{)#D%VH638Hl82 zp@IF+pAEwA){8)~@I)L!VE{aQ6+?m{L=;z5Ci=Xvi&B+kEtl` zArpry)!BqP04bCk*_N(awcFYuie^k%iy@W?8lbdjg#`OTjDy!sPwihJFY)UCobV8J z^`PhlBhDp^n;6v=gH)2Q_e`Ld;4ydlg~A2hq4q?i>a2yS#6RDfxKwM|;+Corp?L@9 zsC2Tcw{KpBc^2 zvo6$xi zFHA{GFaA4q!c@eax+L6?Q0&i%h|E<~D*Ju63R1Qo(&-A_vs~Gy3-CQ-A+V*22wDpA$6Ud^ zMN6f*2tl#tQ=14YHcEq)P4+@AvqN=0e)l<{yT!6Y=`*T@PRG3Ci4q8)k;8?*#ip(E z^t6~MH0ZU1nGuU+4xRW|&+<1b3NxIJwH!f{_z72?sso9*i=w*w82wUi{^{2~gw-fi zJ8{>&JGdyalF=vrG$%qsaB_@v8Oku zksHH~uP&tQXV;GrQP+Ny;6h@>8?u=(YFd05YOTn|m7rn1;!qo025kwc)ETzDP|@+uGD*&b1|y40a@1>4mB@VbKEquSc7O8eQT|jfRuX7<7jW4RZD3@gh}_O4{+K~a zE((-zp+-KXJjHM9@_`5E(Ox>o)2B2RteByjf6l5M>GNdq!I&6t!(S*NSZj(&3y%-P zBgsq%6r7Qdm9$@vRebPt$5v8i=11qB%HnmA)(Ab%OQqsJd;|WfnJ#$+9$x|rXN%TA zg{l5A_4IL#BFS9#iqCylo1QWoLv%cDU1dSzUltUI*kl-uvaxQ% zI=3?6J&q!V;o`QTzlx3ryOyeb70GBdJsLtKoNQ*cw)C}R`S`jJ>2aTEy_aeLz@ z#UNX;lXdA!wx_dex+Za7lYY*Q9uD=5L5Dg^(h0F?@tLbP$QZ^L`BMqRu>pf$TJ=|FPE5EfkWoYIZ2pb<`COWu57uM@NH0?K+X9Zpr3quM1{?Ay&oIYO-_1u z1U7O|nFMwJfG<>`{T(Lk+WoKi_q51?gS05s57xm1m^BVeM#>{LDKcCC={U(rYz09Rn-Cei-o5#_b|y|p?!!7x2g_I{dtp#?{(|u{O|fp zI`KoF)v9+$?G4PpK5kgXjdlRV<}b&WU<1bEHY}v6s!m~3OEc$x&N`{m)iGmI@7t`m zl4W41*J(wh_=@;T zF{8}dfwk2ThnpTZ1OYyV`>LCft$4AJC@w32HpLF+%s&{EQ!? zIvhyC?ej#53riZ69!`pCdPi8ki513eoP7?{l?~F*11@F5I0@j$1^I^x_Jh>P`&pf}**x?=_ z2d7)h$id9X2S9Ig9?uQ<%l;!^qy3E;lM*Of{a*ME#z)%&;NAK#RMN`Z#bw~~PPSK+hc z%7T)Bp7B(AK#=U627svNjDT=oCGB7#5Hrj}5VKA_#CAf7_4767TmwD+GM+DU-WSug zGW<|Wtf5@aqovdzh7d3t;9R#Fy#_iE7zS~KQKkc4qPIg>-1(#Cpm#J?hv?a zz8^72m18FfiC6+Dkq2=@2?UF0>sjgkgm^a4k#d*(Y2L{sC2$*Xk;L66nR?GmC^Z+ z?m0|!SXoGvX4g+y*j;q+l2a)!;+?>`yGsZh?UOWni0SW2`f*)7J_u=;?hrA+$-W$1 zlj*M1`Ca5I1;MWZXP%po^X7Q+N6e zoQBUD0l}YP)LN@qV+Ji7pN~)kb*_?1KzWa72QjU5Gyd`0(wy+`Xl;gthMev-774YH zTE7%JSE9G(l+{{`EL=2?gW)2cWC&K7m88vkhCeYA0RHpz zcw_s$SZiEcMPYBxD)K@Ap9{itHa59HhW2H96IEq`vxcd&dE5x0BEqTs@cO#}9OF-+ z{opz@RP}tqah`vi8HnL<;e9UiBRqx1#~jS)K-@zW)Cb4Y$bYh!nrm{Asdi`5O8kU z2=9h8X&8JX!rDLagxgO{%X?l7O+PSb$;m%mwMs>my#MAHn2;lE+SsUT#caN(MNK*&@Gt11MX+0o7Gfric7 zcaT!buA~i;EJPo!=-v5gPjZ93Rv5h*fkqWtRkk8@9mbQV_LBEUOMe^MR|Z2L=dVZf zp83IopuZZXmW2&y^McA(Ax{INkhcaKW4RYIq@wrZq7@L1Id!j8U=WPe2n^Dknzjw3 zBI~PX#N!%n;qA5A@1r*Wzhklou;RkGF+&Y~ENHrrOk9Cw-obnfo@>m`F^V=1<LZ3m6FsVj)oK#&eHrX{ zqByqMm7L6u)wMdm+0Jnr9|3s;01n1gR*(uUlpCsiV7mS^5F%Gc@=GU%l-Ck_BB}`2 zR?10<$yh{iVN$hdB5Gh?C{vt=_ah!8*B zz{h6VHAQb&R{c@zOeWfug?O#+e3>jIR)tc<&GEFY7onsqAlWhRmmJf&D$Uo_%e1#` zHnuZb#&WCV_n`Vu$d8*VnJgFq)IEqoiD_L8{zr;COORm$CHDTcFlDXgv_ADe|W`paN*hb>~Q zXUQr1vs6g5sr-+*Y$S?xLV75=xhBXKz10ybgdde}d}%3k)y)A!wL_?nURA}f6BypZ zpHfYEBySZc2`H(NuY?~L+7bmm8NL<>hoSO(T>FCyb9WE+6?FkJ*nZzp@gsr(=CEtX zh>S4c>P(>V=-HFs?o}^ahxVXPhfZOjjg1t?BIZtr>P%JeS$eZf=5mh zK7@)(#6%;Hz96Arn@T!DOYnoXAe;ghLdNqU0wu~GdF(|_ z87mGB5ux~<5S=hXG>d(Q-YD@D)sN_7On5QyDoE~=xRnqN>H{U_SS9Qanym2-WoN0R z!>7l%k(j7DM#t_76ln_kV{t`Z!eZ97GFNlF06Vq*@weHgYS2pUr6FSeE&XRD4}G~g z`y|>Jh8i3?)9@ty!6XBOUfi;6N&iF%iFETz-LvFrC`6^E{eF;y!a#yRW2LQTj-%nX zQxER$+*Y0$_@c}A4#Hmb%$W;o_f?!X_li3A=J4U6vnEr|NGDHCn4_hdfo?H+*FH$F zy3Pv~JHYqM&`Bx?fos1P{g)+q%IOb*So*iI=039V+_j*|8hayKDP2sQUQy*sY+YJ` z<@r*4qOMl-wpRb7TR$EI1P^=7fI95P=BuHywV;o07Iy|Ti2q>tg%)-aTh+6Ufe24q z6l1W}d17RJEz(gQP>t9FI5e-m0DtB*Gyv8R4Zx4-b(?1vFLPAv4&&*XaFgr2(;_+N zXGRddfT%ZdI_xL%;C5uWtYfg9dLHpq>ohQ~+Htxs`S@wgZhVei@Q~CGTBpqE1l1j9}V*C=>M${X1%vWkHhBcIOXr?P)lL=KM)&p zXy2))z4_h(N(o_GTfAOd9Q`s|P|c-Rg}(gmn!PBYS5@ybKs&7PNLaatjq`?>v#@Qg z+*YX}ljkt)%HLjNkLCycR`q(URZSfj&o=LC3T({%hxN zcPg+Y210wg*(IM&juOrIwKfvtB#C@_g0d`Iwjmk_=WmZbOSg3*j%E#B@V(=S zj#uL5!sqG%&hCjNIc3(lJ(txm(#dQh5p~K6(x%le#0=rfhkc&)QL7H^RwSV@NQr4X zjr&r{)YMP(4LgQO!o;QkCX5Z_)5*+R!J%a&{iesn&^8^A71qidJGs)Fcd__KA$9BT z=V%7KV_M~+tkbGC#<#pCo37A3w}cA=Fh0(x4rQh{iYiL#X<+0j);?n$Aq@z}vK*$?lEh88Pq+ zzyC^-a_)x8Os_D+bsXdg&c)`$Q{F#Fr#PDpPJM@FJuTX(HJQfx7QqJ zr2BDzL{)4wC1Q*t!%yIk&vKGk3ZE%Q#~Ti~U0=#>tPGFXP6;2ovh9$UP$0PF47#4f zHUEdZGlT!(ZmLd%;z!Exskp4Ce}|%idii#LRCShK?PNu~NXoiPc$-OTOnctM!-!^ayX{Ea11G9ag;}9`e ziE`%`s9D+O^&YT<|2%mG3_Yut;p~AUf`Q-*BMi=UumzsdUbluM`=fBU(WXEAO5XN% zHo4ZryreA8ea;T)7nL5Z`Q##)@c{;!7g1uil{%W#*gV8}04qv~3=3j8LA z$WyY)r$j6dg`M!<$&Q@o-@hlCm0*oNDZuVo^nEaw3XI{vSop3OBmTE`p7v9PmgK>) zgO+mi!GXLjTokS%Z8BRd{qO7Th2~~%M+?76vcl+XfPOhmFJvD~I1I3aaY2c;fI*bq zv`)%daHRATG}C#h{OdnpOARuey`cxW0GQc7QosA?LBOGi$4t`W4og4 zB_6se&;Zk(SAa&g(|^BclMP_QzEu;N@renzl7g1_9Tlx%&xofaV|4SL(Uu!j!3p^wn|t0!f@m1ox1zJBdJWtyiu;>>XjLLV znoM(~ookF8H#(4|ZC4{a+v*5}93JmWc4!hkN{Rs{XhrW0^lxTo$3CvmtGngKN+xQa zkgip(3JbL?O>H%&9*>e5(rn*xM{FLQS;L%aE z7%uJ#Z_2;KX|5^;`P`!EpBV}k`?RU>!~Sn3=@p<}dC@ngs?MLWv}qLHU-AXj2W=e~ zq;QNfz6K%QXU0qq#na7AUbd` z$dw^SRi>HeRI624&WA2|Xq`sIIQ;*_1o`m6SgO2ENS zFQ`IHF-dDPEveb4bkuT;WiT?s;()-Fo)DIci!N4!=&%uu>@*4kmY1z=| z+x?WkU)GwE-IfDRy}w;eHJEvtcKblnbs$7jg#*&HVRsavyggk#0bYkyGdKOe2}-Tg ztiEpY>2iuw>%*Ln#@U~n%;|Q*`=Y7z{Za`58M9c@>LYu;#C=t} z>^;)uuj4JOMv{KbD|?J!!Oc1UrWK8Dx*le{-lOm$P69V7+`13^sOrA~8z-y8u;^8%@W2@2+V)lKB7_c4bO$0Ke!k&S@ zAA4IpZliv5&K<;1Sc)a}pyS4$X0j1q`v? zuXDZ&<1KolW=h)Mffx+{f(Sq7V!H(J58Q%FgF-GbGaX z8`>rp-YemZ`wwj0+JT%}>4RpayB(W9+aPYG6OOc>xl+&t(_x5;`|w`FJV9X#oNPaM z7-{Kz7HmOL5+=R4IYlHAi`iSASJ z6y0IME$%Qd*BMVomzh?^x6f%($O6LtLlcMB`!@_2Gea@@0nCtePFnBrDz1yS6wHL~ zR7tVplbcYI&4RGPLjn)eYPvZ8Jsg&iX_lKV+GXtI8vGVyaB~ME=297dO<5F=7F;lfIT7+Xy^y9_3&V% zTk=;MPbur@k(ku>b;`;3Dq#iA_u+@uOJ8t0E^Qww2d#3` zGsy55bkIsZ0MrrQ0z4>}ASQ&RMznI}AZx$fsWGIss!k`9H#zH!?%HcdWm(8^A*7)QYKB$x zPNWNn-lN%2f>1d>@DW`Fb`YNiX(mHBg`pv|tgi27eg9*Dzo1k=lpgqKHK5ZH&r9wl z1cx$-E;czXqyvsjNO%Ae8*`0vSSKd-j=5e<;LJzxT3=R&P*;?01@@NJq#-e259nm!U$aS3_ z(r+89l`)D{UioSK;)-kUpavQCu7+e)7%#?iW za^Avz+-#-xW3X9SfU z*Cb4hrI&=h@UzhvV9xIIKA0~DGZiSC=>uo34Nz~JUj^nmkan7d5AEkit2;ifl#8x6 zEId68B86<V@qf`43=7gpJ95kticiRg)D0nnbzPB^{xeCbinr3>LVi>f-9uE zz%pUW7(up_Hq*PmOm!{4BJDn<6^h`FONk$|5?!*3`KP zg#Y`=;ma1Z_)|8NR~fR!5&@f1V>~}25Uu168*KXSGBDcnu#Gnfc*tyD0Q@HNzkmX` zTwospu^RP>@D-#B0XY8wZ^x_t zz_uGH6~l1foAd2|b>M89>OY#gH!oLsvaJAH z^7*OH2f?O2^ZNq@clx9@FV&oiKU4J7F~pVa#;=LjrI+2!H*+(3bHNJ=^uLaOS@)3h z|DeyOBn#(VHB+k`3}Xfk6k<6tH6Af}U_KRS9NoV++;)`WQ{0pa#^cYqA0Y?-+UcW` zL(Q^nAwfd*DRh@j)@}Lgod2N}Ve>C_0HJ3hy;i+B)$nd|mqf5}Rs*x4kw;UYQr!N{ zf(S1nCT%oT$T5?tQ6C>#;o3$T`Cwr{9js2I+V5KG+#6SAwRdnw9cvhT$kFA;+D9y_?CLFH&;$w#-=ZA$RcDg_0!=2!k~C1 zX3Qw5;Fqvv4BQ?#&ah{^Tag55f#&;#%f}WQtb + + + Awstats log analyzer + + + + + + diff --git a/install/rhel/7/templates/web/awstats/nav.tpl b/install/rhel/7/templates/web/awstats/nav.tpl new file mode 100755 index 000000000..f29bed68b --- /dev/null +++ b/install/rhel/7/templates/web/awstats/nav.tpl @@ -0,0 +1,23 @@ + + + Awstats navigation + + + + + + + + +
vesta
+ +
+
+ + diff --git a/install/rhel/7/templates/web/httpd/basedir.stpl b/install/rhel/7/templates/web/httpd/basedir.stpl new file mode 100755 index 000000000..b90818f14 --- /dev/null +++ b/install/rhel/7/templates/web/httpd/basedir.stpl @@ -0,0 +1,41 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + SSLRequireSSL + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %docroot% + + + AllowOverride All + + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + + RMode config + RUidGid %user% %group% + RGroups apache + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf* + + + diff --git a/install/rhel/7/templates/web/httpd/basedir.tpl b/install/rhel/7/templates/web/httpd/basedir.tpl new file mode 100755 index 000000000..53188221e --- /dev/null +++ b/install/rhel/7/templates/web/httpd/basedir.tpl @@ -0,0 +1,35 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %docroot% + + + AllowOverride All + + + + RMode config + RUidGid %user% %group% + RGroups apache + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf* + + + diff --git a/install/rhel/7/templates/web/httpd/default.stpl b/install/rhel/7/templates/web/httpd/default.stpl new file mode 100755 index 000000000..1134f39a8 --- /dev/null +++ b/install/rhel/7/templates/web/httpd/default.stpl @@ -0,0 +1,40 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + SSLRequireSSL + Options +Includes -Indexes +ExecCGI + + + AllowOverride All + + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + + RMode config + RUidGid %user% %group% + RGroups apache + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf* + + + diff --git a/install/rhel/7/templates/web/httpd/default.tpl b/install/rhel/7/templates/web/httpd/default.tpl new file mode 100755 index 000000000..78caf0b8c --- /dev/null +++ b/install/rhel/7/templates/web/httpd/default.tpl @@ -0,0 +1,34 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes +ExecCGI + + + AllowOverride All + + + + RMode config + RUidGid %user% %group% + RGroups apache + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf* + + + diff --git a/install/rhel/7/templates/web/httpd/hosting.stpl b/install/rhel/7/templates/web/httpd/hosting.stpl new file mode 100755 index 000000000..28ba49d59 --- /dev/null +++ b/install/rhel/7/templates/web/httpd/hosting.stpl @@ -0,0 +1,49 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + SSLRequireSSL + Options +Includes -Indexes +ExecCGI + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value upload_max_filesize 10M + php_admin_value max_execution_time 20 + php_admin_value post_max_size 8M + php_admin_value memory_limit 32M + php_admin_flag mysql.allow_persistent off + php_admin_flag safe_mode off + php_admin_value session.save_path %home%/%user%/tmp + php_admin_value sendmail_path '/usr/sbin/sendmail -t -i -f %email%' + + + AllowOverride All + + php_admin_value open_basedir %home%/%user%/web:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + RMode config + RUidGid %user% %group% + RGroups apache + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf* + + + diff --git a/install/rhel/7/templates/web/httpd/hosting.tpl b/install/rhel/7/templates/web/httpd/hosting.tpl new file mode 100755 index 000000000..3a9249701 --- /dev/null +++ b/install/rhel/7/templates/web/httpd/hosting.tpl @@ -0,0 +1,43 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value upload_max_filesize 10M + php_admin_value max_execution_time 20 + php_admin_value post_max_size 8M + php_admin_value memory_limit 32M + php_admin_flag mysql.allow_persistent off + php_admin_flag safe_mode off + php_admin_value session.save_path %home%/%user%/tmp + php_admin_value sendmail_path '/usr/sbin/sendmail -t -i -f %email%' + + + AllowOverride All + + php_admin_value open_basedir %home%/%user%/web:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube + + RMode config + RUidGid %user% %group% + RGroups apache + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf* + + + diff --git a/install/rhel/7/templates/web/httpd/phpcgi.sh b/install/rhel/7/templates/web/httpd/phpcgi.sh new file mode 100755 index 000000000..6565e103d --- /dev/null +++ b/install/rhel/7/templates/web/httpd/phpcgi.sh @@ -0,0 +1,16 @@ +#!/bin/bash +# Adding php wrapper +user="$1" +domain="$2" +ip="$3" +home_dir="$4" +docroot="$5" + +wrapper_script='#!/usr/bin/php-cgi -cphp5-cgi.ini' +wrapper_file="$home_dir/$user/web/$domain/cgi-bin/php" + +echo "$wrapper_script" > $wrapper_file +chown $user:$user $wrapper_file +chmod -f 751 $wrapper_file + +exit 0 diff --git a/install/rhel/7/templates/web/httpd/phpcgi.stpl b/install/rhel/7/templates/web/httpd/phpcgi.stpl new file mode 100755 index 000000000..924e869ec --- /dev/null +++ b/install/rhel/7/templates/web/httpd/phpcgi.stpl @@ -0,0 +1,35 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + SuexecUserGroup %user% %group% + CustomLog /var/log/httpd/domains/%domain%.bytes bytes + CustomLog /var/log/httpd/domains/%domain%.log combined + ErrorLog /var/log/httpd/domains/%domain%.error.log + + SSLRequireSSL + AllowOverride All + Options +Includes -Indexes +ExecCGI + Action phpcgi-script /cgi-bin/php + + SetHandler phpcgi-script + + + + AllowOverride All + + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + IncludeOptional %home%/%user%/conf/web/shttpd.%domain%.conf* + + + diff --git a/install/rhel/7/templates/web/httpd/phpcgi.tpl b/install/rhel/7/templates/web/httpd/phpcgi.tpl new file mode 100755 index 000000000..bcefbfc4a --- /dev/null +++ b/install/rhel/7/templates/web/httpd/phpcgi.tpl @@ -0,0 +1,28 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + SuexecUserGroup %user% %group% + CustomLog /var/log/httpd/domains/%domain%.bytes bytes + CustomLog /var/log/httpd/domains/%domain%.log combined + ErrorLog /var/log/httpd/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes +ExecCGI + Action phpcgi-script /cgi-bin/php + + SetHandler phpcgi-script + + + + AllowOverride All + + IncludeOptional %home%/%user%/conf/web/httpd.%domain%.conf* + + + diff --git a/install/rhel/7/templates/web/httpd/phpfcgid.sh b/install/rhel/7/templates/web/httpd/phpfcgid.sh new file mode 100755 index 000000000..e80582492 --- /dev/null +++ b/install/rhel/7/templates/web/httpd/phpfcgid.sh @@ -0,0 +1,22 @@ +#!/bin/bash +# Adding php wrapper +user="$1" +domain="$2" +ip="$3" +home_dir="$4" +docroot="$5" + +wrapper_script="#!/bin/sh +PHPRC=/usr/local/lib +export PHPRC +export PHP_FCGI_MAX_REQUESTS=1000 +export PHP_FCGI_CHILDREN=20 +exec /usr/bin/php-cgi +" +wrapper_file="$home_dir/$user/web/$domain/cgi-bin/fcgi-starter" + +echo "$wrapper_script" > $wrapper_file +chown $user:$user $wrapper_file +chmod -f 751 $wrapper_file + +exit 0 diff --git a/install/rhel/7/templates/web/httpd/phpfcgid.stpl b/install/rhel/7/templates/web/httpd/phpfcgid.stpl new file mode 100755 index 000000000..64bdb1b07 --- /dev/null +++ b/install/rhel/7/templates/web/httpd/phpfcgid.stpl @@ -0,0 +1,36 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + SuexecUserGroup %user% %group% + CustomLog /var/log/httpd/domains/%domain%.bytes bytes + CustomLog /var/log/httpd/domains/%domain%.log combined + ErrorLog /var/log/httpd/domains/%domain%.error.log + + SSLRequireSSL + AllowOverride All + Options +Includes -Indexes +ExecCGI + + SetHandler fcgid-script + + FCGIWrapper %home%/%user%/web/%domain%/cgi-bin/fcgi-starter .php + + + AllowOverride All + + php_admin_value open_basedir none + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + IncludeOptional %home%/%user%/conf/web/shttpd.%domain%.conf* + + + diff --git a/install/rhel/7/templates/web/httpd/phpfcgid.tpl b/install/rhel/7/templates/web/httpd/phpfcgid.tpl new file mode 100755 index 000000000..d48da5eef --- /dev/null +++ b/install/rhel/7/templates/web/httpd/phpfcgid.tpl @@ -0,0 +1,28 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + SuexecUserGroup %user% %group% + CustomLog /var/log/httpd/domains/%domain%.bytes bytes + CustomLog /var/log/httpd/domains/%domain%.log combined + ErrorLog /var/log/httpd/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes +ExecCGI + + SetHandler fcgid-script + + FCGIWrapper %home%/%user%/web/%domain%/cgi-bin/fcgi-starter .php + + + AllowOverride All + + IncludeOptional %home%/%user%/conf/web/httpd.%domain%.conf* + + + diff --git a/install/rhel/7/templates/web/nginx/caching.sh b/install/rhel/7/templates/web/nginx/caching.sh new file mode 100755 index 000000000..6eb9126db --- /dev/null +++ b/install/rhel/7/templates/web/nginx/caching.sh @@ -0,0 +1,12 @@ +#!/bin/bash + +user=$1 +domain=$2 +ip=$3 +home=$4 +docroot=$5 + +str="proxy_cache_path /var/cache/nginx/$domain levels=2" +str="$str keys_zone=$domain:10m inactive=60m max_size=512m;" +echo "$str" >> /etc/nginx/conf.d/01_caching_pool.conf + diff --git a/install/rhel/7/templates/web/nginx/caching.stpl b/install/rhel/7/templates/web/nginx/caching.stpl new file mode 100755 index 000000000..1109c924f --- /dev/null +++ b/install/rhel/7/templates/web/nginx/caching.stpl @@ -0,0 +1,44 @@ +server { + listen %ip%:%proxy_ssl_port%; + server_name %domain_idn% %alias_idn%; + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass http://%ip%:%web_port%; + + proxy_cache %domain%; + proxy_cache_valid 15m; + proxy_cache_valid 404 1m; + proxy_no_cache $no_cache; + proxy_cache_bypass $no_cache; + proxy_cache_bypass $cookie_session $http_x_update; + + location ~* ^.+\.(%proxy_extentions%)$ { + proxy_cache off; + root %docroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass http://%ip%:%web_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/7/templates/web/nginx/caching.tpl b/install/rhel/7/templates/web/nginx/caching.tpl new file mode 100755 index 000000000..6d727c67f --- /dev/null +++ b/install/rhel/7/templates/web/nginx/caching.tpl @@ -0,0 +1,41 @@ +server { + listen %ip%:%proxy_port%; + server_name %domain_idn% %alias_idn%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass http://%ip%:%web_port%; + + proxy_cache %domain%; + proxy_cache_valid 15m; + proxy_cache_valid 404 1m; + proxy_no_cache $no_cache; + proxy_cache_bypass $no_cache; + proxy_cache_bypass $cookie_session $http_x_update; + + location ~* ^.+\.(%proxy_extentions%)$ { + proxy_cache off; + root %docroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass http://%ip%:%web_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/7/templates/web/nginx/default.stpl b/install/rhel/7/templates/web/nginx/default.stpl new file mode 100755 index 000000000..53ad8d1b8 --- /dev/null +++ b/install/rhel/7/templates/web/nginx/default.stpl @@ -0,0 +1,36 @@ +server { + listen %ip%:%proxy_ssl_port%; + server_name %domain_idn% %alias_idn%; + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + error_log /var/log/httpd/domains/%domain%.error.log error; + + location / { + proxy_pass https://%ip%:%web_ssl_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %sdocroot%; + access_log /var/log/httpd/domains/%domain%.log combined; + access_log /var/log/httpd/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass https://%ip%:%web_ssl_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} + diff --git a/install/rhel/7/templates/web/nginx/default.tpl b/install/rhel/7/templates/web/nginx/default.tpl new file mode 100755 index 000000000..c1fec114f --- /dev/null +++ b/install/rhel/7/templates/web/nginx/default.tpl @@ -0,0 +1,33 @@ +server { + listen %ip%:%proxy_port%; + server_name %domain_idn% %alias_idn%; + error_log /var/log/httpd/domains/%domain%.error.log error; + + location / { + proxy_pass http://%ip%:%web_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %docroot%; + access_log /var/log/httpd/domains/%domain%.log combined; + access_log /var/log/httpd/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass http://%ip%:%web_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} + diff --git a/install/rhel/7/templates/web/nginx/hosting.sh b/install/rhel/7/templates/web/nginx/hosting.sh new file mode 100755 index 000000000..eeed37ef9 --- /dev/null +++ b/install/rhel/7/templates/web/nginx/hosting.sh @@ -0,0 +1,11 @@ +#!/bin/bash +# Changing public_html permission +user="$1" +domain="$2" +ip="$3" +home_dir="$4" +docroot="$5" + +chmod 755 $docroot + +exit 0 diff --git a/install/rhel/7/templates/web/nginx/hosting.stpl b/install/rhel/7/templates/web/nginx/hosting.stpl new file mode 100755 index 000000000..aca458a4b --- /dev/null +++ b/install/rhel/7/templates/web/nginx/hosting.stpl @@ -0,0 +1,38 @@ +server { + listen %ip%:%proxy_ssl_port%; + server_name %domain_idn% %alias_idn%; + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + error_log /var/log/httpd/domains/%domain%.error.log error; + + location / { + proxy_pass https://%ip%:%web_ssl_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %sdocroot%; + access_log /var/log/httpd/domains/%domain%.log combined; + access_log /var/log/httpd/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass https://%ip%:%web_ssl_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + disable_symlinks if_not_owner from=%docroot%; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} + diff --git a/install/rhel/7/templates/web/nginx/hosting.tpl b/install/rhel/7/templates/web/nginx/hosting.tpl new file mode 100755 index 000000000..44d874962 --- /dev/null +++ b/install/rhel/7/templates/web/nginx/hosting.tpl @@ -0,0 +1,35 @@ +server { + listen %ip%:%proxy_port%; + server_name %domain_idn% %alias_idn%; + error_log /var/log/httpd/domains/%domain%.error.log error; + + location / { + proxy_pass http://%ip%:%web_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %docroot%; + access_log /var/log/httpd/domains/%domain%.log combined; + access_log /var/log/httpd/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass http://%ip%:%web_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + disable_symlinks if_not_owner from=%docroot%; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} + diff --git a/install/rhel/7/templates/web/nginx/php-fpm/cms_made_simple.stpl b/install/rhel/7/templates/web/nginx/php-fpm/cms_made_simple.stpl new file mode 100644 index 000000000..01d82b603 --- /dev/null +++ b/install/rhel/7/templates/web/nginx/php-fpm/cms_made_simple.stpl @@ -0,0 +1,51 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php?page=$request_uri; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/7/templates/web/nginx/php-fpm/cms_made_simple.tpl b/install/rhel/7/templates/web/nginx/php-fpm/cms_made_simple.tpl new file mode 100644 index 000000000..af452d19f --- /dev/null +++ b/install/rhel/7/templates/web/nginx/php-fpm/cms_made_simple.tpl @@ -0,0 +1,47 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php?page=$request_uri; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/7/templates/web/nginx/php-fpm/codeigniter2.stpl b/install/rhel/7/templates/web/nginx/php-fpm/codeigniter2.stpl new file mode 100644 index 000000000..a592a652d --- /dev/null +++ b/install/rhel/7/templates/web/nginx/php-fpm/codeigniter2.stpl @@ -0,0 +1,56 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location = /index.php { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME /var/www/html/ci$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location ~ \.php$ { + return 444; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/7/templates/web/nginx/php-fpm/codeigniter2.tpl b/install/rhel/7/templates/web/nginx/php-fpm/codeigniter2.tpl new file mode 100644 index 000000000..9b955aa6a --- /dev/null +++ b/install/rhel/7/templates/web/nginx/php-fpm/codeigniter2.tpl @@ -0,0 +1,52 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location = /index.php { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME /var/www/html/ci$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location ~ \.php$ { + return 444; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/7/templates/web/nginx/php-fpm/codeigniter3.stpl b/install/rhel/7/templates/web/nginx/php-fpm/codeigniter3.stpl new file mode 100644 index 000000000..4d330d34f --- /dev/null +++ b/install/rhel/7/templates/web/nginx/php-fpm/codeigniter3.stpl @@ -0,0 +1,51 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/7/templates/web/nginx/php-fpm/codeigniter3.tpl b/install/rhel/7/templates/web/nginx/php-fpm/codeigniter3.tpl new file mode 100644 index 000000000..1f446e5d3 --- /dev/null +++ b/install/rhel/7/templates/web/nginx/php-fpm/codeigniter3.tpl @@ -0,0 +1,47 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/7/templates/web/nginx/php-fpm/datalife_engine.stpl b/install/rhel/7/templates/web/nginx/php-fpm/datalife_engine.stpl new file mode 100644 index 000000000..d1b5bcd24 --- /dev/null +++ b/install/rhel/7/templates/web/nginx/php-fpm/datalife_engine.stpl @@ -0,0 +1,122 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + rewrite "^/page/([0-9]+)(/?)$" /index.php?cstart=$1 last; + + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&cstart=$5&news_name=$6&seourl=$6 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/print:page,([0-9]+),(.*).html(/?)+$" /engine/print.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_name=$4&seourl=$4 last; + + rewrite "^/([^.]+)/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$4&news_page=$2&cstart=$3&seourl=$5&seocat=$1 last; + rewrite "^/([^.]+)/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$2&seourl=$4&seocat=$1 last; + rewrite "^/([^.]+)/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$2&newsid=$3&seourl=$4&seocat=$1 last; + rewrite "^/([^.]+)/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&seourl=$3&seocat=$1 last; + + rewrite "^/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$1&cstart=$2&seourl=$4 last; + rewrite "^/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&news_page=$1&seourl=$3 last; + rewrite "^/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$1&newsid=$2&seourl=$3 last; + rewrite "^/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$1&seourl=$2 last; + + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2&day=$3 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&day=$3&cstart=$4 last; + + rewrite "^/([0-9]{4})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2 last; + rewrite "^/([0-9]{4})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&cstart=$3 last; + + rewrite "^/([0-9]{4})(/?)+$" /index.php?year=$1 last; + rewrite "^/([0-9]{4})/page/([0-9]+)(/?)+$" /index.php?year=$1&cstart=$2 last; + + rewrite "^/tags/([^/]*)(/?)+$" /index.php?do=tags&tag=$1 last; + rewrite "^/tags/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=tags&tag=$1&cstart=$2 last; + + rewrite "^/xfsearch/([^/]*)(/?)+$" /index.php?do=xfsearch&xf=$1 last; + rewrite "^/xfsearch/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=xfsearch&xf=$1&cstart=$2 last; + + rewrite "^/user/([^/]*)/rss.xml$" /engine/rss.php?subaction=allnews&user=$1 last; + rewrite "^/user/([^/]*)(/?)+$" /index.php?subaction=userinfo&user=$1 last; + rewrite "^/user/([^/]*)/page/([0-9]+)(/?)+$" /index.php?subaction=userinfo&user=$1&cstart=$2 last; + rewrite "^/user/([^/]*)/news(/?)+$" /index.php?subaction=allnews&user=$1 last; + rewrite "^/user/([^/]*)/news/page/([0-9]+)(/?)+$" /index.php?subaction=allnews&user=$1&cstart=$2 last; + rewrite "^/user/([^/]*)/news/rss.xml(/?)+$" /engine/rss.php?subaction=allnews&user=$1 last; + + rewrite "^/lastnews(/?)+$" /index.php?do=lastnews last; + rewrite "^/lastnews/page/([0-9]+)(/?)+$" /index.php?do=lastnews&cstart=$1 last; + + rewrite "^/catalog/([^/]*)/rss.xml$" /engine/rss.php?catalog=$1 last; + rewrite "^/catalog/([^/]*)(/?)+$" /index.php?catalog=$1 last; + rewrite "^/catalog/([^/]*)/page/([0-9]+)(/?)+$" /index.php?catalog=$1&cstart=$2 last; + + rewrite "^/newposts(/?)+$" /index.php?subaction=newposts last; + rewrite "^/newposts/page/([0-9]+)(/?)+$" /index.php?subaction=newposts&cstart=$1 last; + + rewrite "^/favorites(/?)+$" /index.php?do=favorites last; + rewrite "^/favorites/page/([0-9]+)(/?)+$" /index.php?do=favorites&cstart=$1 last; + + rewrite "^/rules.html$" /index.php?do=rules last; + rewrite "^/statistics.html$" /index.php?do=stats last; + rewrite "^/addnews.html$" /index.php?do=addnews last; + rewrite "^/rss.xml$" /engine/rss.php last; + rewrite "^/sitemap.xml$" /uploads/sitemap.xml last; + + if (!-d $request_filename) { + rewrite "^/([^.]+)/page/([0-9]+)(/?)+$" /index.php?do=cat&category=$1&cstart=$2 last; + rewrite "^/([^.]+)/?$" /index.php?do=cat&category=$1 last; + } + + if (!-f $request_filename) { + rewrite "^/([^.]+)/rss.xml$" /engine/rss.php?do=cat&category=$1 last; + rewrite "^/page,([0-9]+),([^/]+).html$" /index.php?do=static&page=$2&news_page=$1 last; + rewrite "^/print:([^/]+).html$" /engine/print.php?do=static&page=$1 last; + } + + if (!-f $request_filename) { + rewrite "^/([^/]+).html$" /index.php?do=static&page=$1 last; + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/7/templates/web/nginx/php-fpm/datalife_engine.tpl b/install/rhel/7/templates/web/nginx/php-fpm/datalife_engine.tpl new file mode 100644 index 000000000..ff33c2325 --- /dev/null +++ b/install/rhel/7/templates/web/nginx/php-fpm/datalife_engine.tpl @@ -0,0 +1,118 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + rewrite "^/page/([0-9]+)(/?)$" /index.php?cstart=$1 last; + + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&cstart=$5&news_name=$6&seourl=$6 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/print:page,([0-9]+),(.*).html(/?)+$" /engine/print.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_name=$4&seourl=$4 last; + + rewrite "^/([^.]+)/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$4&news_page=$2&cstart=$3&seourl=$5&seocat=$1 last; + rewrite "^/([^.]+)/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$2&seourl=$4&seocat=$1 last; + rewrite "^/([^.]+)/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$2&newsid=$3&seourl=$4&seocat=$1 last; + rewrite "^/([^.]+)/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&seourl=$3&seocat=$1 last; + + rewrite "^/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$1&cstart=$2&seourl=$4 last; + rewrite "^/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&news_page=$1&seourl=$3 last; + rewrite "^/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$1&newsid=$2&seourl=$3 last; + rewrite "^/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$1&seourl=$2 last; + + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2&day=$3 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&day=$3&cstart=$4 last; + + rewrite "^/([0-9]{4})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2 last; + rewrite "^/([0-9]{4})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&cstart=$3 last; + + rewrite "^/([0-9]{4})(/?)+$" /index.php?year=$1 last; + rewrite "^/([0-9]{4})/page/([0-9]+)(/?)+$" /index.php?year=$1&cstart=$2 last; + + rewrite "^/tags/([^/]*)(/?)+$" /index.php?do=tags&tag=$1 last; + rewrite "^/tags/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=tags&tag=$1&cstart=$2 last; + + rewrite "^/xfsearch/([^/]*)(/?)+$" /index.php?do=xfsearch&xf=$1 last; + rewrite "^/xfsearch/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=xfsearch&xf=$1&cstart=$2 last; + + rewrite "^/user/([^/]*)/rss.xml$" /engine/rss.php?subaction=allnews&user=$1 last; + rewrite "^/user/([^/]*)(/?)+$" /index.php?subaction=userinfo&user=$1 last; + rewrite "^/user/([^/]*)/page/([0-9]+)(/?)+$" /index.php?subaction=userinfo&user=$1&cstart=$2 last; + rewrite "^/user/([^/]*)/news(/?)+$" /index.php?subaction=allnews&user=$1 last; + rewrite "^/user/([^/]*)/news/page/([0-9]+)(/?)+$" /index.php?subaction=allnews&user=$1&cstart=$2 last; + rewrite "^/user/([^/]*)/news/rss.xml(/?)+$" /engine/rss.php?subaction=allnews&user=$1 last; + + rewrite "^/lastnews(/?)+$" /index.php?do=lastnews last; + rewrite "^/lastnews/page/([0-9]+)(/?)+$" /index.php?do=lastnews&cstart=$1 last; + + rewrite "^/catalog/([^/]*)/rss.xml$" /engine/rss.php?catalog=$1 last; + rewrite "^/catalog/([^/]*)(/?)+$" /index.php?catalog=$1 last; + rewrite "^/catalog/([^/]*)/page/([0-9]+)(/?)+$" /index.php?catalog=$1&cstart=$2 last; + + rewrite "^/newposts(/?)+$" /index.php?subaction=newposts last; + rewrite "^/newposts/page/([0-9]+)(/?)+$" /index.php?subaction=newposts&cstart=$1 last; + + rewrite "^/favorites(/?)+$" /index.php?do=favorites last; + rewrite "^/favorites/page/([0-9]+)(/?)+$" /index.php?do=favorites&cstart=$1 last; + + rewrite "^/rules.html$" /index.php?do=rules last; + rewrite "^/statistics.html$" /index.php?do=stats last; + rewrite "^/addnews.html$" /index.php?do=addnews last; + rewrite "^/rss.xml$" /engine/rss.php last; + rewrite "^/sitemap.xml$" /uploads/sitemap.xml last; + + if (!-d $request_filename) { + rewrite "^/([^.]+)/page/([0-9]+)(/?)+$" /index.php?do=cat&category=$1&cstart=$2 last; + rewrite "^/([^.]+)/?$" /index.php?do=cat&category=$1 last; + } + + if (!-f $request_filename) { + rewrite "^/([^.]+)/rss.xml$" /engine/rss.php?do=cat&category=$1 last; + rewrite "^/page,([0-9]+),([^/]+).html$" /index.php?do=static&page=$2&news_page=$1 last; + rewrite "^/print:([^/]+).html$" /engine/print.php?do=static&page=$1 last; + } + + if (!-f $request_filename) { + rewrite "^/([^/]+).html$" /index.php?do=static&page=$1 last; + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/7/templates/web/nginx/php-fpm/default.stpl b/install/rhel/7/templates/web/nginx/php-fpm/default.stpl new file mode 100644 index 000000000..a68c99861 --- /dev/null +++ b/install/rhel/7/templates/web/nginx/php-fpm/default.stpl @@ -0,0 +1,50 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/rhel/7/templates/web/nginx/php-fpm/default.tpl b/install/rhel/7/templates/web/nginx/php-fpm/default.tpl new file mode 100644 index 000000000..b143e53ba --- /dev/null +++ b/install/rhel/7/templates/web/nginx/php-fpm/default.tpl @@ -0,0 +1,46 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/7/templates/web/nginx/php-fpm/dokuwiki.stpl b/install/rhel/7/templates/web/nginx/php-fpm/dokuwiki.stpl new file mode 100644 index 000000000..27483cd8c --- /dev/null +++ b/install/rhel/7/templates/web/nginx/php-fpm/dokuwiki.stpl @@ -0,0 +1,67 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + index doku.php; + try_files $uri $uri/ @dokuwiki; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location ^~ /lib/ { + expires 30d; + } + + location ^~ /conf/ { return 403; } + location ^~ /data/ { return 403; } + + location @dokuwiki { + rewrite ^/_media/(.*) /lib/exe/fetch.php?media=$1 last; + rewrite ^/_detail/(.*) /lib/exe/detail.php?media=$1 last; + rewrite ^/_export/([^/]+)/(.*) /doku.php?do=export_$1&id=$2 last; + rewrite ^/(.*) /doku.php?id=$1 last; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/7/templates/web/nginx/php-fpm/dokuwiki.tpl b/install/rhel/7/templates/web/nginx/php-fpm/dokuwiki.tpl new file mode 100644 index 000000000..31647c9ff --- /dev/null +++ b/install/rhel/7/templates/web/nginx/php-fpm/dokuwiki.tpl @@ -0,0 +1,62 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + index doku.php; + try_files $uri $uri/ @dokuwiki; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location ^~ /lib/ { + expires 30d; + } + + location ^~ /conf/ { return 403; } + location ^~ /data/ { return 403; } + location @dokuwiki { + rewrite ^/_media/(.*) /lib/exe/fetch.php?media=$1 last; + rewrite ^/_detail/(.*) /lib/exe/detail.php?media=$1 last; + rewrite ^/_export/([^/]+)/(.*) /doku.php?do=export_$1&id=$2 last; + rewrite ^/(.*) /doku.php?id=$1 last; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/7/templates/web/nginx/php-fpm/drupal.stpl b/install/rhel/7/templates/web/nginx/php-fpm/drupal.stpl new file mode 100644 index 000000000..9a5484396 --- /dev/null +++ b/install/rhel/7/templates/web/nginx/php-fpm/drupal.stpl @@ -0,0 +1,101 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~* \.(txt|log)$ { + allow 192.168.0.0/16; + deny all; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + # No no for private + location ~ ^/sites/.*/private/ { + return 403; + } + + # Block access to "hidden" files and directories whose names begin with a + # period. This includes directories used by version control systems such + # as Subversion or Git to store control files. + location ~ (^|/)\. { + return 403; + } + + location / { + try_files $uri @rewrite; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $request_filename; + fastcgi_intercept_errors on; + include /etc/nginx/fastcgi_params; + } + } + + location @rewrite { + # You have 2 options here + # For D7 and above: + # Clean URLs are handled in drupal_environment_initialize(). + rewrite ^ /index.php; + + # For Drupal 6 and bwlow: + # Some modules enforce no slash (/) at the end of the URL + # Else this rewrite block wouldn't be needed (GlobalRedirect) + #rewrite ^/(.*)$ /index.php?q=$1; + } + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/7/templates/web/nginx/php-fpm/drupal.tpl b/install/rhel/7/templates/web/nginx/php-fpm/drupal.tpl new file mode 100644 index 000000000..417762c18 --- /dev/null +++ b/install/rhel/7/templates/web/nginx/php-fpm/drupal.tpl @@ -0,0 +1,98 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + # Very rarely should these ever be accessed outside of your lan + location ~* \.(txt|log)$ { + allow 192.168.0.0/16; + deny all; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + # No no for private + location ~ ^/sites/.*/private/ { + return 403; + } + + # Block access to "hidden" files and directories whose names begin with a + # period. This includes directories used by version control systems such + # as Subversion or Git to store control files. + location ~ (^|/)\. { + return 403; + } + + location / { + try_files $uri @rewrite; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $request_filename; + fastcgi_intercept_errors on; + include /etc/nginx/fastcgi_params; + } + } + + location @rewrite { + # You have 2 options here + # For D7 and above: + # Clean URLs are handled in drupal_environment_initialize(). + rewrite ^ /index.php; + + # For Drupal 6 and bwlow: + # Some modules enforce no slash (/) at the end of the URL + # Else this rewrite block wouldn't be needed (GlobalRedirect) + #rewrite ^/(.*)$ /index.php?q=$1; + } + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/7/templates/web/nginx/php-fpm/joomla.stpl b/install/rhel/7/templates/web/nginx/php-fpm/joomla.stpl new file mode 100644 index 000000000..235a01216 --- /dev/null +++ b/install/rhel/7/templates/web/nginx/php-fpm/joomla.stpl @@ -0,0 +1,58 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + # deny running scripts inside writable directories + location ~* /(images|cache|media|logs|tmp)/.*\.(php|pl|py|jsp|asp|sh|cgi)$ { + return 403; + error_page 403 /403_error.html; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/7/templates/web/nginx/php-fpm/joomla.tpl b/install/rhel/7/templates/web/nginx/php-fpm/joomla.tpl new file mode 100644 index 000000000..997c268de --- /dev/null +++ b/install/rhel/7/templates/web/nginx/php-fpm/joomla.tpl @@ -0,0 +1,54 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + # deny running scripts inside writable directories + location ~* /(images|cache|media|logs|tmp)/.*\.(php|pl|py|jsp|asp|sh|cgi)$ { + return 403; + error_page 403 /403_error.html; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/7/templates/web/nginx/php-fpm/owncloud.stpl b/install/rhel/7/templates/web/nginx/php-fpm/owncloud.stpl new file mode 100644 index 000000000..8311ca43f --- /dev/null +++ b/install/rhel/7/templates/web/nginx/php-fpm/owncloud.stpl @@ -0,0 +1,80 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect; + rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect; + rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect; + + error_page 403 = /core/templates/403.php; + error_page 404 = /core/templates/404.php; + + location ~ ^/(?:\.htaccess|data|config|db_structure\.xml|README){ + deny all; + } + + location / { + # The following 2 rules are only needed with webfinger + rewrite ^/.well-known/host-meta /public.php?service=host-meta last; + rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last; + rewrite ^/.well-known/carddav /remote.php/carddav/ redirect; + rewrite ^/.well-known/caldav /remote.php/caldav/ redirect; + rewrite ^(/core/doc/[^\/]+/)$ $1/index.html; + try_files $uri $uri/ /index.php; + + location ~ \.php(?:$|/) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param PATH_INFO $fastcgi_path_info; + #fastcgi_param HTTPS on; + fastcgi_pass %backend_lsnr%; + } + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + # Some basic cache-control for static files to be sent to the browser + add_header Pragma public; + add_header Cache-Control "public, must-revalidate, proxy-revalidate"; + } + + #error_page 403 /error/404.html; + #error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/7/templates/web/nginx/php-fpm/owncloud.tpl b/install/rhel/7/templates/web/nginx/php-fpm/owncloud.tpl new file mode 100644 index 000000000..57cac2f85 --- /dev/null +++ b/install/rhel/7/templates/web/nginx/php-fpm/owncloud.tpl @@ -0,0 +1,76 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect; + rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect; + rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect; + + error_page 403 = /core/templates/403.php; + error_page 404 = /core/templates/404.php; + + location ~ ^/(?:\.htaccess|data|config|db_structure\.xml|README){ + deny all; + } + + location / { + # The following 2 rules are only needed with webfinger + rewrite ^/.well-known/host-meta /public.php?service=host-meta last; + rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last; + rewrite ^/.well-known/carddav /remote.php/carddav/ redirect; + rewrite ^/.well-known/caldav /remote.php/caldav/ redirect; + rewrite ^(/core/doc/[^\/]+/)$ $1/index.html; + try_files $uri $uri/ /index.php; + + location ~ \.php(?:$|/) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param PATH_INFO $fastcgi_path_info; + #fastcgi_param HTTPS on; + fastcgi_pass %backend_lsnr%; + } + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + # Some basic cache-control for static files to be sent to the browser + add_header Pragma public; + add_header Cache-Control "public, must-revalidate, proxy-revalidate"; + } + + #error_page 403 /error/404.html; + #error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/7/templates/web/nginx/php-fpm/piwik.stpl b/install/rhel/7/templates/web/nginx/php-fpm/piwik.stpl new file mode 100644 index 000000000..c53af4011 --- /dev/null +++ b/install/rhel/7/templates/web/nginx/php-fpm/piwik.stpl @@ -0,0 +1,68 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + try_files /favicon.ico =204; + } + + location / { + try_files $uri /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + valid_referers none blocked %domain_idn% %alias_idn%; + if ($invalid_referer) { + return 444; + } + expires max; + } + + location ~* ^/(?:index|piwik)\.php$ { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + # Any other attempt to access PHP files returns a 404. + location ~* ^.+\.php$ { + return 404; + } + + # Return a 404 for all text files. + location ~* ^/(?:README|LICENSE[^.]*|LEGALNOTICE)(?:\.txt)*$ { + return 404; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/7/templates/web/nginx/php-fpm/piwik.tpl b/install/rhel/7/templates/web/nginx/php-fpm/piwik.tpl new file mode 100644 index 000000000..6b4a94a68 --- /dev/null +++ b/install/rhel/7/templates/web/nginx/php-fpm/piwik.tpl @@ -0,0 +1,64 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + try_files /favicon.ico =204; + } + + location / { + try_files $uri /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + valid_referers none blocked %domain_idn% %alias_idn%; + if ($invalid_referer) { + return 444; + } + expires max; + } + + location ~* ^/(?:index|piwik)\.php$ { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + # Any other attempt to access PHP files returns a 404. + location ~* ^.+\.php$ { + return 404; + } + + # Return a 404 for all text files. + location ~* ^/(?:README|LICENSE[^.]*|LEGALNOTICE)(?:\.txt)*$ { + return 404; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/7/templates/web/nginx/php-fpm/pyrocms.stpl b/install/rhel/7/templates/web/nginx/php-fpm/pyrocms.stpl new file mode 100644 index 000000000..a6fc67556 --- /dev/null +++ b/install/rhel/7/templates/web/nginx/php-fpm/pyrocms.stpl @@ -0,0 +1,61 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location /installer { + try_files $uri $uri/ /installer/index.php; + } + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location = /robots.txt { access_log off; log_not_found off; } + location = /favicon.ico { access_log off; log_not_found off; } + location ~ /\. { access_log off; log_not_found off; deny all; } + location ~ ~$ { access_log off; log_not_found off; deny all; } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/7/templates/web/nginx/php-fpm/pyrocms.tpl b/install/rhel/7/templates/web/nginx/php-fpm/pyrocms.tpl new file mode 100644 index 000000000..68b378efd --- /dev/null +++ b/install/rhel/7/templates/web/nginx/php-fpm/pyrocms.tpl @@ -0,0 +1,57 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location /installer { + try_files $uri $uri/ /installer/index.php; + } + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location = /robots.txt { access_log off; log_not_found off; } + location = /favicon.ico { access_log off; log_not_found off; } + location ~ /\. { access_log off; log_not_found off; deny all; } + location ~ ~$ { access_log off; log_not_found off; deny all; } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/7/templates/web/nginx/php-fpm/wordpress.stpl b/install/rhel/7/templates/web/nginx/php-fpm/wordpress.stpl new file mode 100644 index 000000000..910c28b69 --- /dev/null +++ b/install/rhel/7/templates/web/nginx/php-fpm/wordpress.stpl @@ -0,0 +1,50 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/7/templates/web/nginx/php-fpm/wordpress.tpl b/install/rhel/7/templates/web/nginx/php-fpm/wordpress.tpl new file mode 100644 index 000000000..b143e53ba --- /dev/null +++ b/install/rhel/7/templates/web/nginx/php-fpm/wordpress.tpl @@ -0,0 +1,46 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/7/templates/web/nginx/php-fpm/wordpress2.stpl b/install/rhel/7/templates/web/nginx/php-fpm/wordpress2.stpl new file mode 100644 index 000000000..2822f8754 --- /dev/null +++ b/install/rhel/7/templates/web/nginx/php-fpm/wordpress2.stpl @@ -0,0 +1,62 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/7/templates/web/nginx/php-fpm/wordpress2.tpl b/install/rhel/7/templates/web/nginx/php-fpm/wordpress2.tpl new file mode 100644 index 000000000..37b8be305 --- /dev/null +++ b/install/rhel/7/templates/web/nginx/php-fpm/wordpress2.tpl @@ -0,0 +1,58 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/rhel/7/templates/web/nginx/proxy_ip.tpl b/install/rhel/7/templates/web/nginx/proxy_ip.tpl new file mode 100755 index 000000000..ae1956173 --- /dev/null +++ b/install/rhel/7/templates/web/nginx/proxy_ip.tpl @@ -0,0 +1,9 @@ +server { + listen %ip%:%proxy_port% default; + server_name _; + #access_log /var/log/nginx/%ip%.log main; + location / { + proxy_pass http://%ip%:%web_port%; + } +} + diff --git a/install/rhel/7/templates/web/php-fpm/default.tpl b/install/rhel/7/templates/web/php-fpm/default.tpl new file mode 100644 index 000000000..44ccf7a42 --- /dev/null +++ b/install/rhel/7/templates/web/php-fpm/default.tpl @@ -0,0 +1,18 @@ +[%backend%] +listen = 127.0.0.1:%backend_port% +listen.allowed_clients = 127.0.0.1 + +user = %user% +group = %user% + +pm = dynamic +pm.max_children = 50 +pm.start_servers = 3 +pm.min_spare_servers = 2 +pm.max_spare_servers = 10 + +env[HOSTNAME] = $HOSTNAME +env[PATH] = /usr/local/bin:/usr/bin:/bin +env[TMP] = /tmp +env[TMPDIR] = /tmp +env[TEMP] = /tmp diff --git a/install/rhel/7/templates/web/php-fpm/no-php.tpl b/install/rhel/7/templates/web/php-fpm/no-php.tpl new file mode 100644 index 000000000..89487d5f5 --- /dev/null +++ b/install/rhel/7/templates/web/php-fpm/no-php.tpl @@ -0,0 +1,13 @@ +#[%backend%] +#user = %user% +#group = %user% +#listen = /dev/null + +#listen.owner = %user% +#listen.group = nginx + +#pm = dynamic +#pm.max_children = 50 +#pm.start_servers = 3 +#pm.min_spare_servers = 2 +#pm.max_spare_servers = 10 diff --git a/install/rhel/7/templates/web/php-fpm/socket.tpl b/install/rhel/7/templates/web/php-fpm/socket.tpl new file mode 100644 index 000000000..f0513da3e --- /dev/null +++ b/install/rhel/7/templates/web/php-fpm/socket.tpl @@ -0,0 +1,21 @@ +[%backend%] +listen = /var/run/php5-%backend%.sock +listen.allowed_clients = 127.0.0.1 + +user = %user% +group = %user% + +listen.owner = %user% +listen.group = nginx + +pm = dynamic +pm.max_children = 50 +pm.start_servers = 3 +pm.min_spare_servers = 2 +pm.max_spare_servers = 10 + +env[HOSTNAME] = $HOSTNAME +env[PATH] = /usr/local/bin:/usr/bin:/bin +env[TMP] = /tmp +env[TMPDIR] = /tmp +env[TEMP] = /tmp diff --git a/install/ubuntu/templates/web/skel/document_errors/403.html b/install/rhel/7/templates/web/skel/document_errors/403.html similarity index 100% rename from install/ubuntu/templates/web/skel/document_errors/403.html rename to install/rhel/7/templates/web/skel/document_errors/403.html diff --git a/install/ubuntu/templates/web/skel/document_errors/404.html b/install/rhel/7/templates/web/skel/document_errors/404.html similarity index 100% rename from install/ubuntu/templates/web/skel/document_errors/404.html rename to install/rhel/7/templates/web/skel/document_errors/404.html diff --git a/install/ubuntu/templates/web/skel/document_errors/50x.html b/install/rhel/7/templates/web/skel/document_errors/50x.html similarity index 100% rename from install/ubuntu/templates/web/skel/document_errors/50x.html rename to install/rhel/7/templates/web/skel/document_errors/50x.html diff --git a/install/rhel/7/templates/web/skel/public_html/index.html b/install/rhel/7/templates/web/skel/public_html/index.html new file mode 100755 index 000000000..4f5bb7244 --- /dev/null +++ b/install/rhel/7/templates/web/skel/public_html/index.html @@ -0,0 +1,26 @@ + + + %domain% — Coming Soon + + + + + + +

%domain%

+ + + + + diff --git a/install/rhel/7/templates/web/skel/public_html/robots.txt b/install/rhel/7/templates/web/skel/public_html/robots.txt new file mode 100755 index 000000000..00ee83dcf --- /dev/null +++ b/install/rhel/7/templates/web/skel/public_html/robots.txt @@ -0,0 +1,3 @@ +# vestacp autogenerated robots.txt +User-agent: * +Crawl-delay: 10 diff --git a/install/rhel/7/templates/web/skel/public_shtml/index.html b/install/rhel/7/templates/web/skel/public_shtml/index.html new file mode 100755 index 000000000..4f5bb7244 --- /dev/null +++ b/install/rhel/7/templates/web/skel/public_shtml/index.html @@ -0,0 +1,26 @@ + + + %domain% — Coming Soon + + + + + + +

%domain%

+ + + + + diff --git a/install/rhel/7/templates/web/skel/public_shtml/robots.txt b/install/rhel/7/templates/web/skel/public_shtml/robots.txt new file mode 100755 index 000000000..00ee83dcf --- /dev/null +++ b/install/rhel/7/templates/web/skel/public_shtml/robots.txt @@ -0,0 +1,3 @@ +# vestacp autogenerated robots.txt +User-agent: * +Crawl-delay: 10 diff --git a/install/rhel/7/templates/web/suspend/.htaccess b/install/rhel/7/templates/web/suspend/.htaccess new file mode 100755 index 000000000..5a6df83fb --- /dev/null +++ b/install/rhel/7/templates/web/suspend/.htaccess @@ -0,0 +1,2 @@ +ErrorDocument 403 /index.html +ErrorDocument 404 /index.html diff --git a/install/ubuntu/templates/web/suspend/index.html b/install/rhel/7/templates/web/suspend/index.html similarity index 100% rename from install/ubuntu/templates/web/suspend/index.html rename to install/rhel/7/templates/web/suspend/index.html diff --git a/install/rhel/7/templates/web/webalizer/webalizer.tpl b/install/rhel/7/templates/web/webalizer/webalizer.tpl new file mode 100755 index 000000000..068adcfb9 --- /dev/null +++ b/install/rhel/7/templates/web/webalizer/webalizer.tpl @@ -0,0 +1,110 @@ +HostName %domain_idn% +LogFile /var/log/%web_system%/domains/%domain%.log +OutputDir %home%/%user%/web/%domain%/stats +HistoryName %home%/%user%/web/%domain%/stats/%domain%.hist +Incremental yes +IncrementalName %home%/%user%/web/%domain%/stats/%domain%.current +PageType htm* +PageType cgi +PageType php +PageType shtml +DNSCache /var/lib/webalizer/dns_cache.db +DNSChildren 10 +Quiet yes +FoldSeqErr yes +IndexAlias index.php +HideURL *.gif +HideURL *.GIF +HideURL *.jpg +HideURL *.JPG +HideURL *.png +HideURL *.PNG +HideURL *.ra +SearchEngine abcsearch. terms= +SearchEngine alexa. q= +SearchEngine alltheweb. q= +SearchEngine alltheweb. query= +SearchEngine alot. q= +SearchEngine altavista. q= +SearchEngine aolsearch. query= +SearchEngine aport.ru r= +SearchEngine ask. q= +SearchEngine atlas.cz q= +SearchEngine bbc. q= +SearchEngine bing. q= +SearchEngine blingo. q= +SearchEngine blogs.yandex.ru text= +SearchEngine btopenworld query= +SearchEngine buscador.ya.com q= +SearchEngine busca. q= +SearchEngine business. query= +SearchEngine centrum.cz q= +SearchEngine chiff. q= +SearchEngine clusty. query= +SearchEngine comcast. q= +SearchEngine crawler. q= +SearchEngine cuil. q= +SearchEngine dmoz. search= +SearchEngine dogpile.com q= +SearchEngine dpxml qkw= +SearchEngine eureka. searchword= +SearchEngine euroseek. string= +SearchEngine exalead. q= +SearchEngine excite search= +SearchEngine ezilon. q= +SearchEngine fastbrowsersearch. q= +SearchEngine feedster.com q= +SearchEngine fireball.de q= +SearchEngine fireball. keyword= +SearchEngine freeserve. q= +SearchEngine gigablast. q= +SearchEngine gogo.ru q= +SearchEngine go.mail.ru q= +SearchEngine google. q= +SearchEngine hakia. q= +SearchEngine hotbot. query= +SearchEngine infoseek. qt= +SearchEngine iwon searchfor= +SearchEngine ixquick.com query= +SearchEngine joeant. keywords= +SearchEngine jyxo.cz s= +SearchEngine looksmart. key= +SearchEngine lycos. query= +SearchEngine mamma. q= +SearchEngine metacrawler q= +SearchEngine msn. MT= +SearchEngine msxml qkw= +SearchEngine mysearch. searchfor= +SearchEngine mywebsearch. searchfor= +SearchEngine netscape. q= +SearchEngine nigma.ru q= +SearchEngine northernlight. qr= +SearchEngine ntlworld. q= +SearchEngine orange. q= +SearchEngine overture. Keywords= +SearchEngine punto.ru text= +SearchEngine rambler. keyword= +SearchEngine search.aol. q= +SearchEngine search.babylon. q= +SearchEngine search.centrum. phrase= +SearchEngine search.conduit. q= +SearchEngine search.earthlink q= +SearchEngine search.icq. q= +SearchEngine search.live.com q= +SearchEngine search.rambler.ru words= +SearchEngine search.winamp. q= +SearchEngine searchy. q= +SearchEngine seznam.cz w= +SearchEngine snap. query= +SearchEngine teoma. q= +SearchEngine teradex.com q= +SearchEngine ukplus key= +SearchEngine verizon. q= +SearchEngine virginmedia. q= +SearchEngine voila. rdata= +SearchEngine webcrawler searchText= +SearchEngine web.search.naver. query= +SearchEngine wisenut q= +SearchEngine yahoo. p= +SearchEngine yandex. text= +SearchEngine yodao. q= diff --git a/install/rhel/7/vsftpd/vsftpd.conf b/install/rhel/7/vsftpd/vsftpd.conf new file mode 100644 index 000000000..4673c838d --- /dev/null +++ b/install/rhel/7/vsftpd/vsftpd.conf @@ -0,0 +1,22 @@ +anonymous_enable=NO +local_enable=YES +write_enable=YES +local_umask=002 +anon_upload_enable=NO +dirmessage_enable=YES +xferlog_enable=YES +dual_log_enable=YES +connect_from_port_20=YES +xferlog_std_format=YES +chroot_local_user=YES +allow_writeable_chroot=YES +listen=YES +pam_service_name=vsftpd +userlist_enable=YES +tcp_wrappers=YES +force_dot_files=YES +ascii_upload_enable=YES +ascii_download_enable=YES +pasv_enable=YES +pasv_max_port=12100 +pasv_min_port=12000 diff --git a/install/rhel/7/wsgi/httpd.tar.gz b/install/rhel/7/wsgi/httpd.tar.gz new file mode 100644 index 0000000000000000000000000000000000000000..b25acd68e8a2a11305b57b3f2f79f7bbf0cb4995 GIT binary patch literal 1311 zcmV+)1>pK0iwFSs4QNsT1MOGqZ`(Kw?`QuNS{9?*uC-&QNr9p%kW14vcWKil>Gold zK(&=vt1TIl(kvMIzaM2guRd{)bU4fe@~}kyNRc#21xm%fy|qy)0qs{R>2G!YH=`}b zb<1w4RNb%aZlV1r9vi+%>#2vu7*;E!JxE8#5s-# zGJPIl%7)ZuX0m7EkYYKMN>Da7SJ>;?WymDJ9;WNZ+?zy%sUGK`P5Rsu@Gq0`1dUZ) zVk|Y-9#JBBpIlBoU?!rrDW(bHS5HXL2_XO(mZcOF34Bh!9*nDdT5$4-?i* zx<4V`iFXOyEx{)-N(GTQ)=%k~8jxK)>hLjGhJ_vSv7NeiCKZV^uEv)OMb_0!5s8xT ze+B>?$m0?Ch4=|VQ(OEu0Fo1Gm_+*Um>t3Gfn!#_UMfJ6IhS9KNJ({yOy^+W)C(AIGc^=c)55<{TB5f zN`_=RNfn83jJ<$lewnK|x}%k<>s5VqDe0K$d}|*+g#S2@Ha{uxD`+44t@be{5oZ^I zdqirRzVAZ7Fw)SqOhJM_e~42~B5Mv(fgsqIwF>g7j6*!zWl$Yz=8smddwFq-;+YCK z+l{dbYEPt2Ea(k{!1ljkHs;H9!fx!4UfC&(YgKJY6#+Q!8jrJ=V}6Y60O?yeKgAkH zJ&r>iYRXymuKs9sy1&;uxA#1EFYOmq>ahgZnbT$?zS!=@T9HIeC=ZQR8?~7am11f0 z*(6l-hLWi~!^#WLDQ131guDmv+X>g2`m?A*+4ai4@QFZJ@9p@6&DIS=Bf%rRd;hgd zR@%%9Ct&w_RCFFEp^>Zg!CKS>z5mWI4(*kO0f0Zdf93S=Xm$PzHl*X3`Om4kWtjh* zea9_TOM81T|G9hBy?p+A33~m?)-%)NgkC={K7kyZlu z?-mRi!*97@=n^vYspi-t&?FQwKt)#Xkj}bYnT&nN z(hr8wBU1r&KAQ`=Y_Zbd44UeX)4||kc-rj`Zqe82bZQmd&z6{cE}~E8jW2WFp6+>H z-&pV7!iG-p1KTdT_UEF5KJ{wllC#tKau>MQe1F;O4~8f0PV>Be*1Scpc1I5aX00kQ zIK_P5ukTz8G-v@Gp $docroot/.htaccess +chown $user:$user $docroot/.htaccess + + +echo "import os, sys +sys.path.insert(0, '$home_dir/$user/web/$domain/private/django/$domain/env/lib/python2.6/site-packages') +sys.path.insert(0, '$home_dir/$user/web/$domain/private/django/$domain/project/src/shared/') +sys.path.insert(0, '$home_dir/$user/web/$domain/private/django/$domain/project/src/') + +os.environ['DJANGO_SETTINGS_MODULE'] = 'main.settings' +import django.core.handlers.wsgi +application = django.core.handlers.wsgi.WSGIHandler()" > $docroot/django.wsgi +chown $user:$user $docroot/django.wsgi + +exit 0 diff --git a/install/rhel/7/wsgi/httpd/wsgi.stpl b/install/rhel/7/wsgi/httpd/wsgi.stpl new file mode 100755 index 000000000..e2fdd3f40 --- /dev/null +++ b/install/rhel/7/wsgi/httpd/wsgi.stpl @@ -0,0 +1,49 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + + RMode config + RUidGid %user% %group% + RGroups apache + + + AssignUserID %user% %group% + + + WSGIDaemonProcess apx-idea user=%user% group=%user% processes=1 threads=5 display-name=%{GROUP} python-path=%home%/%user%/web/%domain%/private/django/%domain%/env/lib/python2.6/site-packages + WSGIProcessGroup apx-idea + WSGIApplicationGroup %{GLOBAL} + + + + AllowOverride FileInfo + Options ExecCGI Indexes + MultiviewsMatch Handlers + Options +FollowSymLinks + Order allow,deny + Allow from all + + + Include %home%/%user%/conf/web/s%web_system%.%domain%.conf* + + + diff --git a/install/rhel/7/wsgi/httpd/wsgi.tpl b/install/rhel/7/wsgi/httpd/wsgi.tpl new file mode 100644 index 000000000..ad5d8a076 --- /dev/null +++ b/install/rhel/7/wsgi/httpd/wsgi.tpl @@ -0,0 +1,44 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + + + + RMode config + RUidGid %user% %group% + RGroups apache + + + AssignUserID %user% %group% + + + WSGIDaemonProcess apx-idea user=%user% group=%user% processes=1 threads=5 display-name=%{GROUP} python-path=%home%/%user%/web/%domain%/private/django/%domain%/env/lib/python2.6/site-packages + WSGIProcessGroup apx-idea + WSGIApplicationGroup %{GLOBAL} + + + + AllowOverride FileInfo + Options ExecCGI Indexes + MultiviewsMatch Handlers + Options +FollowSymLinks + Order allow,deny + Allow from all + + + Include %home%/%user%/conf/web/%web_system%.%domain%.conf* + + + diff --git a/install/rhel/apc.ini b/install/rhel/apc.ini deleted file mode 100644 index b4e2d3493..000000000 --- a/install/rhel/apc.ini +++ /dev/null @@ -1,70 +0,0 @@ -; Enable apc extension module -extension = apc.so - -; Options for the APC module version >= 3.1.3 -; See http://www.php.net/manual/en/apc.configuration.php - -; This can be set to 0 to disable APC. -apc.enabled=1 -; The number of shared memory segments to allocate for the compiler cache. -apc.shm_segments=1 -; The size of each shared memory segment, with M/G suffix -apc.shm_size=128M -; A "hint" about the number of distinct source files that will be included or -; requested on your web server. Set to zero or omit if you are not sure; -apc.num_files_hint=1024 -; Just like num_files_hint, a "hint" about the number of distinct user cache -; variables to store. Set to zero or omit if you are not sure; -apc.user_entries_hint=4096 -; The number of seconds a cache entry is allowed to idle in a slot in case this -; cache entry slot is needed by another entry. -apc.ttl=0 -; use the SAPI request start time for TTL -apc.use_request_time=1 -; The number of seconds a user cache entry is allowed to idle in a slot in case -; this cache entry slot is needed by another entry. -apc.user_ttl=7200 -; The number of seconds that a cache entry may remain on the garbage-collection list. -apc.gc_ttl=3600 -; On by default, but can be set to off and used in conjunction with positive -; apc.filters so that files are only cached if matched by a positive filter. -apc.cache_by_default=1 -; A comma-separated list of POSIX extended regular expressions. -apc.filters -; The mktemp-style file_mask to pass to the mmap module -apc.mmap_file_mask=/tmp/apc.XXXXXX -; This file_update_protection setting puts a delay on caching brand new files. -apc.file_update_protection=2 -; Setting this enables APC for the CLI version of PHP (Mostly for testing and debugging). -apc.enable_cli=0 -; Prevents large files from being cached -apc.max_file_size=1M -; Whether to stat the main script file and the fullpath includes. -apc.stat=1 -; Vertification with ctime will avoid problems caused by programs such as svn or rsync by making -; sure inodes have not changed since the last stat. APC will normally only check mtime. -apc.stat_ctime=0 -; Whether to canonicalize paths in stat=0 mode or fall back to stat behaviour -apc.canonicalize=0 -; With write_lock enabled, only one process at a time will try to compile an -; uncached script while the other processes will run uncached -apc.write_lock=1 -; Logs any scripts that were automatically excluded from being cached due to early/late binding issues. -apc.report_autofilter=0 -; RFC1867 File Upload Progress hook handler -apc.rfc1867=0 -apc.rfc1867_prefix =upload_ -apc.rfc1867_name=APC_UPLOAD_PROGRESS -apc.rfc1867_freq=0 -apc.rfc1867_ttl=3600 -; Optimize include_once and require_once calls and avoid the expensive system calls used. -apc.include_once_override=0 -apc.lazy_classes=0 -apc.lazy_functions=0 -; Enables APC handling of signals, such as SIGSEGV, that write core files when signaled. -; APC will attempt to unmap the shared memory segment in order to exclude it from the core file -apc.coredump_unmap=0 -; Records a md5 hash of files. -apc.file_md5=0 -; not documented -apc.preload_path diff --git a/install/rhel/dovecot/conf.d/10-ssl.conf b/install/rhel/dovecot/conf.d/10-ssl.conf deleted file mode 100644 index aaf63255b..000000000 --- a/install/rhel/dovecot/conf.d/10-ssl.conf +++ /dev/null @@ -1,3 +0,0 @@ -ssl = yes -ssl_cert = ", because it will show the password in clear. -# You have to run "ssh -t hostname sudo ". -# -#Defaults requiretty - -Defaults env_reset -Defaults env_keep = "COLORS DISPLAY HOSTNAME HISTSIZE INPUTRC KDEDIR \ - LS_COLORS MAIL PS1 PS2 QTDIR USERNAME \ - LANG LC_ADDRESS LC_CTYPE LC_COLLATE LC_IDENTIFICATION \ - LC_MEASUREMENT LC_MESSAGES LC_MONETARY LC_NAME LC_NUMERIC \ - LC_PAPER LC_TELEPHONE LC_TIME LC_ALL LANGUAGE LINGUAS \ - _XKB_CHARSET XAUTHORITY VESTA" - - -# Disable syslog loggging -Defaults !syslog - -## Next comes the main part: which users can run what software on -## which machines (the sudoers file can be shared between multiple -## systems). -## Syntax: -## -## user MACHINE=COMMANDS -## -## The COMMANDS section may have other options added to it. -## -## Allow root to run any commands anywhere -root ALL=(ALL) ALL - -## Allows members of the 'sys' group to run networking, software, -## service management apps and more. -# %sys ALL = NETWORKING, SOFTWARE, SERVICES, STORAGE, DELEGATING, PROCESSES, LOCATE, DRIVERS - -## Allows people in group wheel to run all commands -# %wheel ALL=(ALL) ALL - -## Same thing without a password -# %wheel ALL=(ALL) NOPASSWD: ALL - -## Allows members of the users group to mount and unmount the -## cdrom as root -# %users ALL=/sbin/mount /mnt/cdrom, /sbin/umount /mnt/cdrom - -## Allows members of the users group to shutdown this system -# %users localhost=/sbin/shutdown -h now - -#includedir /etc/sudoers.d diff --git a/install/rhel/vesta.conf b/install/rhel/vesta.conf deleted file mode 100644 index eb2ae13fa..000000000 --- a/install/rhel/vesta.conf +++ /dev/null @@ -1,24 +0,0 @@ -WEB_SYSTEM='httpd' -WEB_RGROUPS='apache' -WEB_PORT='8080' -WEB_SSL='mod_ssl' -WEB_SSL_PORT='8443' -PROXY_SYSTEM='nginx' -PROXY_PORT='80' -PROXY_SSL_PORT='443' -FTP_SYSTEM='vsftpd' -MAIL_SYSTEM='exim' -IMAP_SYSTEM='dovecot' -ANTIVIRUS_SYSTEM='clamav' -ANTISPAM_SYSTEM='spamassassin' -DB_SYSTEM='mysql' -DNS_SYSTEM='named' -STATS_SYSTEM='webalizer,awstats' -BACKUP_SYSTEM='local' -CRON_SYSTEM='crond' -DISK_QUOTA='no' -FIREWALL_SYSTEM='iptables' -FIREWALL_EXTENSION='fail2ban' -REPOSITORY='cmmnt' -VERSION='0.9.8' -LANGUAGE='en' diff --git a/install/rhel/whmcs-module.php b/install/rhel/whmcs-module.php deleted file mode 100644 index 1cb250611..000000000 --- a/install/rhel/whmcs-module.php +++ /dev/null @@ -1,359 +0,0 @@ - array( "Type" => "text", "Default" => "default"), - "SSH Access" => array( "Type" => "yesno", "Description" => "Tick to grant access", ), - "IP Address (optional)" => array( "Type" => "text" ), - ); - return $configarray; - -} - -function vesta_CreateAccount($params) { - - // Execute only if there is assigned server - if ($params["server"] == 1) { - - // Prepare variables - $postvars = array( - 'user' => $params["serverusername"], - 'password' => $params["serverpassword"], - 'hash' => $params["serveraccesshash"], - 'cmd' => 'v-add-user', - 'arg1' => $params["username"], - 'arg2' => $params["password"], - 'arg3' => $params["clientsdetails"]["email"], - 'arg4' => $params["configoption1"], - 'arg5' => $params["clientsdetails"]["firstname"], - 'arg6' => $params["clientsdetails"]["lastname"], - ); - $postdata = http_build_query($postvars); - - // Create user account - $curl = curl_init(); - curl_setopt($curl, CURLOPT_URL, 'https://' . $params["serverhostname"] . ':8083/api/'); - curl_setopt($curl, CURLOPT_RETURNTRANSFER,true); - curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false); - curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false); - curl_setopt($curl, CURLOPT_POST, true); - curl_setopt($curl, CURLOPT_POSTFIELDS, $postdata); - $answer = curl_exec($curl); - - logModuleCall('vesta','CreateAccount_UserAccount','https://'.$params["serverhostname"].':8083/api/'.$postdata,$answer); - - // Enable ssh access - if(($answer == 'OK') && ($params["configoption2"] == 'on')) { - $postvars = array( - 'user' => $params["serverusername"], - 'password' => $params["serverpassword"], - 'hash' => $params["serveraccesshash"], - 'cmd' => 'v-change-user-shell', - 'arg1' => $params["username"], - 'arg2' => 'bash' - ); - $postdata = http_build_query($postvars); - $curl = curl_init(); - curl_setopt($curl, CURLOPT_URL, 'https://' . $params["serverhostname"] . ':8083/api/'); - curl_setopt($curl, CURLOPT_RETURNTRANSFER,true); - curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false); - curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false); - curl_setopt($curl, CURLOPT_POST, true); - curl_setopt($curl, CURLOPT_POSTFIELDS, $postdata); - $answer = curl_exec($curl); - - logModuleCall('vesta','CreateAccount_EnableSSH','https://'.$params["serverhostname"].':8083/api/'.$postdata,$answer); - } - - // Add domain - if(($answer == 'OK') && (!empty($params["domain"]))) { - $postvars = array( - 'user' => $params["serverusername"], - 'password' => $params["serverpassword"], - 'hash' => $params["serveraccesshash"], - 'cmd' => 'v-add-domain', - 'arg1' => $params["username"], - 'arg2' => $params["domain"], - 'arg3' => $params["configoption3"], - ); - $postdata = http_build_query($postvars); - $curl = curl_init(); - curl_setopt($curl, CURLOPT_URL, 'https://' . $params["serverhostname"] . ':8083/api/'); - curl_setopt($curl, CURLOPT_RETURNTRANSFER,true); - curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false); - curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false); - curl_setopt($curl, CURLOPT_POST, true); - curl_setopt($curl, CURLOPT_POSTFIELDS, $postdata); - $answer = curl_exec($curl); - - logModuleCall('vesta','CreateAccount_AddDomain','https://'.$params["serverhostname"].':8083/api/'.$postdata,$answer); - } - } - - if($answer == 'OK') { - $result = "success"; - } else { - $result = $answer; - } - - return $result; -} - -function vesta_TerminateAccount($params) { - - // Execute only if there is assigned server - if ($params["server"] == 1) { - - // Prepare variables - $postvars = array( - 'user' => $params["serverusername"], - 'password' => $params["serverpassword"], - 'hash' => $params["serveraccesshash"], - 'cmd' => 'v-delete-user', - 'arg1' => $params["username"] - ); - $postdata = http_build_query($postvars); - - // Delete user account - $curl = curl_init(); - curl_setopt($curl, CURLOPT_URL, 'https://' . $params["serverhostname"] . ':8083/api/'); - curl_setopt($curl, CURLOPT_RETURNTRANSFER,true); - curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false); - curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false); - curl_setopt($curl, CURLOPT_POST, true); - curl_setopt($curl, CURLOPT_POSTFIELDS, $postdata); - $answer = curl_exec($curl); - } - - logModuleCall('vesta','TerminateAccount','https://'.$params["serverhostname"].':8083/api/'.$postdata,$answer); - - if($answer == 'OK') { - $result = "success"; - } else { - $result = $answer; - } - - return $result; -} - -function vesta_SuspendAccount($params) { - - // Execute only if there is assigned server - if ($params["server"] == 1) { - - // Prepare variables - $postvars = array( - 'user' => $params["serverusername"], - 'password' => $params["serverpassword"], - 'hash' => $params["serveraccesshash"], - 'cmd' => 'v-suspend-user', - 'arg1' => $params["username"] - ); - $postdata = http_build_query($postvars); - - // Susupend user account - $curl = curl_init(); - curl_setopt($curl, CURLOPT_URL, 'https://' . $params["serverhostname"] . ':8083/api/'); - curl_setopt($curl, CURLOPT_RETURNTRANSFER,true); - curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false); - curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false); - curl_setopt($curl, CURLOPT_POST, true); - curl_setopt($curl, CURLOPT_POSTFIELDS, $postdata); - $answer = curl_exec($curl); - } - - logModuleCall('vesta','SuspendAccount','https://'.$params["serverhostname"].':8083/api/'.$postdata,$answer); - - if($answer == 'OK') { - $result = "success"; - } else { - $result = $answer; - } - - return $result; -} - -function vesta_UnsuspendAccount($params) { - - // Execute only if there is assigned server - if ($params["server"] == 1) { - - // Prepare variables - $postvars = array( - 'user' => $params["serverusername"], - 'password' => $params["serverpassword"], - 'hash' => $params["serveraccesshash"], - 'cmd' => 'v-unsuspend-user', - 'arg1' => $params["username"] - ); - $postdata = http_build_query($postvars); - - // Unsusupend user account - $curl = curl_init(); - curl_setopt($curl, CURLOPT_URL, 'https://' . $params["serverhostname"] . ':8083/api/'); - curl_setopt($curl, CURLOPT_RETURNTRANSFER,true); - curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false); - curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false); - curl_setopt($curl, CURLOPT_POST, true); - curl_setopt($curl, CURLOPT_POSTFIELDS, $postdata); - $answer = curl_exec($curl); - } - - logModuleCall('vesta','UnsuspendAccount','https://'.$params["serverhostname"].':8083/api/'.$postdata,$answer); - - if($answer == 'OK') { - $result = "success"; - } else { - $result = $answer; - } - - return $result; -} - -function vesta_ChangePassword($params) { - - // Execute only if there is assigned server - if ($params["server"] == 1) { - - // Prepare variables - $postvars = array( - 'user' => $params["serverusername"], - 'password' => $params["serverpassword"], - 'hash' => $params["serveraccesshash"], - 'cmd' => 'v-change-user-password', - 'arg1' => $params["username"], - 'arg2' => $params["password"] - ); - $postdata = http_build_query($postvars); - - // Change user package - $curl = curl_init(); - curl_setopt($curl, CURLOPT_URL, 'https://' . $params["serverhostname"] . ':8083/api/'); - curl_setopt($curl, CURLOPT_RETURNTRANSFER,true); - curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false); - curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false); - curl_setopt($curl, CURLOPT_POST, true); - curl_setopt($curl, CURLOPT_POSTFIELDS, $postdata); - $answer = curl_exec($curl); - } - - logModuleCall('vesta','ChangePassword','https://'.$params["serverhostname"].':8083/api/'.$postdata,$answer); - - if($answer == 'OK') { - $result = "success"; - } else { - $result = $answer; - } - - return $result; -} - -function vesta_ChangePackage($params) { - - // Execute only if there is assigned server - if ($params["server"] == 1) { - - // Prepare variables - $postvars = array( - 'user' => $params["serverusername"], - 'password' => $params["serverpassword"], - 'hash' => $params["serveraccesshash"], - 'cmd' => 'v-change-user-package', - 'arg1' => $params["username"], - 'arg2' => $params["configoption1"] - ); - $postdata = http_build_query($postvars); - - // Change user package - $curl = curl_init(); - curl_setopt($curl, CURLOPT_URL, 'https://' . $params["serverhostname"] . ':8083/api/'); - curl_setopt($curl, CURLOPT_RETURNTRANSFER,true); - curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false); - curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false); - curl_setopt($curl, CURLOPT_POST, true); - curl_setopt($curl, CURLOPT_POSTFIELDS, $postdata); - $answer = curl_exec($curl); - } - - logModuleCall('vesta','ChangePackage','https://'.$params["serverhostname"].':8083/api/'.$postdata,$answer); - - if($answer == 'OK') { - $result = "success"; - } else { - $result = $answer; - } - - return $result; -} - -function vesta_ClientArea($params) { - - $code = '
- - - - -
'; - return $code; - -} - -function vesta_AdminLink($params) { - - $code = '
- - - -
'; - return $code; - -} - -function vesta_LoginLink($params) { - - echo "control panel"; - -} - -function vesta_UsageUpdate($params) { - - // Prepare variables - $postvars = array( - 'user' => $params["serverusername"], - 'password' => $params["serverpassword"], - 'hash' => $params["serveraccesshash"], - 'cmd' => 'v-list-users', - 'arg1' => 'json' - ); - $postdata = http_build_query($postvars); - - // Get user stats - $curl = curl_init(); - curl_setopt($curl, CURLOPT_URL, 'https://' . $params["serverhostname"] . ':8083/api/'); - curl_setopt($curl, CURLOPT_RETURNTRANSFER,true); - curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false); - curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false); - curl_setopt($curl, CURLOPT_POST, true); - curl_setopt($curl, CURLOPT_POSTFIELDS, $postdata); - $answer = curl_exec($curl); - - // Decode json data - $results = json_decode($answer, true); - - // Loop through results and update DB - foreach ($results AS $user=>$values) { - update_query("tblhosting",array( - "diskusage"=>$values['U_DISK'], - "disklimit"=>$values['DISK_QUOTA'], - "bwusage"=>$values['U_BANDWIDTH'], - "bwlimit"=>$values['BANDWIDTH'], - "lastupdate"=>"now()", - ),array("server"=>$params['serverid'], "username"=>$user)); - } - -} - -?> diff --git a/install/ubuntu/12.04/apache2/apache2.conf b/install/ubuntu/12.04/apache2/apache2.conf new file mode 100644 index 000000000..221780117 --- /dev/null +++ b/install/ubuntu/12.04/apache2/apache2.conf @@ -0,0 +1,86 @@ +# It is split into several files forming the configuration hierarchy outlined +# below, all located in the /etc/apache2/ directory: +# +# /etc/apache2/ +# |-- apache2.conf +# | `-- ports.conf +# |-- mods-enabled +# | |-- *.load +# | `-- *.conf +# |-- conf.d +# | `-- * + +# Global configuration +PidFile ${APACHE_PID_FILE} +Timeout 30 +KeepAlive Off +MaxKeepAliveRequests 100 +KeepAliveTimeout 10 + + + StartServers 8 + MinSpareServers 5 + MaxSpareServers 20 + ServerLimit 256 + MaxClients 200 + MaxRequestsPerChild 4000 + + + + StartServers 2 + MinSpareThreads 25 + MaxSpareThreads 75 + ThreadLimit 64 + ThreadsPerChild 25 + MaxClients 200 + MaxRequestsPerChild 4000 + + + + StartServers 2 + MinSpareThreads 25 + MaxSpareThreads 75 + ThreadLimit 64 + ThreadsPerChild 25 + MaxClients 200 + MaxRequestsPerChild 4000 + + +# These need to be set in /etc/apache2/envvars +User ${APACHE_RUN_USER} +Group ${APACHE_RUN_GROUP} +#User www-data +#Group www-data + +AccessFileName .htaccess + + + Order allow,deny + Deny from all + Satisfy all + + +DefaultType None +HostnameLookups Off + +ErrorLog ${APACHE_LOG_DIR}/error.log +LogLevel warn + +# Include module configuration: +Include mods-enabled/*.load +Include mods-enabled/*.conf + +# Include list of ports to listen on and which to use for name based vhosts +Include ports.conf + +LogFormat "%v:%p %h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined +LogFormat "%h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined +LogFormat "%h %l %u %t \"%r\" %>s %O" common +LogFormat "%{Referer}i -> %U" referer +LogFormat "%{User-agent}i" agent +LogFormat "%b" bytes + +Include conf.d/ + +# Include the virtual host configurations: +#Include sites-enabled/ diff --git a/install/ubuntu/12.04/apache2/status.conf b/install/ubuntu/12.04/apache2/status.conf new file mode 100644 index 000000000..da9d96333 --- /dev/null +++ b/install/ubuntu/12.04/apache2/status.conf @@ -0,0 +1,8 @@ +Listen 127.0.0.1:8081 + + SetHandler server-status + Order deny,allow + Deny from all + Allow from 127.0.0.1 + Allow from all + diff --git a/install/ubuntu/12.04/bind/named.conf b/install/ubuntu/12.04/bind/named.conf new file mode 100644 index 000000000..ed6ece885 --- /dev/null +++ b/install/ubuntu/12.04/bind/named.conf @@ -0,0 +1,12 @@ +// This is the primary configuration file for the BIND DNS server named. +// +// Please read /usr/share/doc/bind9/README.Debian.gz for information on the +// structure of BIND configuration files in Debian, *BEFORE* you customize +// this configuration file. +// +// If you are just adding zones, please do that in /etc/bind/named.conf.local + +include "/etc/bind/named.conf.options"; +include "/etc/bind/named.conf.local"; +include "/etc/bind/named.conf.default-zones"; + diff --git a/install/ubuntu/12.04/clamav/clamd.conf b/install/ubuntu/12.04/clamav/clamd.conf new file mode 100644 index 000000000..ea982697a --- /dev/null +++ b/install/ubuntu/12.04/clamav/clamd.conf @@ -0,0 +1,61 @@ +#Automatically Generated by clamav-base postinst +#To reconfigure clamd run #dpkg-reconfigure clamav-base +#Please read /usr/share/doc/clamav-base/README.Debian.gz for details +LocalSocket /var/run/clamav/clamd.ctl +FixStaleSocket true +LocalSocketGroup clamav +LocalSocketMode 666 +# TemporaryDirectory is not set to its default /tmp here to make overriding +# the default with environment variables TMPDIR/TMP/TEMP possible +User clamav +AllowSupplementaryGroups true +ScanMail true +ScanArchive true +ArchiveBlockEncrypted false +MaxDirectoryRecursion 15 +FollowDirectorySymlinks false +FollowFileSymlinks false +ReadTimeout 180 +MaxThreads 12 +MaxConnectionQueueLength 15 +LogSyslog false +LogFacility LOG_LOCAL6 +LogClean false +LogVerbose true +PidFile /var/run/clamav/clamd.pid +DatabaseDirectory /var/lib/clamav +SelfCheck 3600 +Foreground false +Debug false +ScanPE true +ScanOLE2 true +ScanHTML true +DetectBrokenExecutables false +ExitOnOOM false +LeaveTemporaryFiles false +AlgorithmicDetection true +ScanELF true +IdleTimeout 30 +PhishingSignatures true +PhishingScanURLs true +PhishingAlwaysBlockSSLMismatch false +PhishingAlwaysBlockCloak false +DetectPUA false +ScanPartialMessages false +HeuristicScanPrecedence false +StructuredDataDetection false +CommandReadTimeout 5 +SendBufTimeout 200 +MaxQueue 100 +ExtendedDetectionInfo true +OLE2BlockMacros false +StreamMaxLength 25M +LogFile /var/log/clamav/clamav.log +LogTime true +LogFileUnlock false +LogFileMaxSize 0 +Bytecode true +BytecodeSecurity TrustSigned +BytecodeTimeout 60000 +OfficialDatabaseOnly false +CrossFilesystems true diff --git a/install/ubuntu/12.04/deb_signing.key b/install/ubuntu/12.04/deb_signing.key new file mode 100644 index 000000000..2ad2db8bc --- /dev/null +++ b/install/ubuntu/12.04/deb_signing.key @@ -0,0 +1,30 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- +Version: GnuPG v1.4.12 (GNU/Linux) + +mQENBFJIGbEBCAC8SHOOFo7iDTbnC2GhNZ+uBGCh226Dn1QPoFZNFM/DNakHZ6rD +G3wzr8++eKz4fJual/VLllE2N9XDPuxbozb3LLkcyY1WzJqtIXbXhFGQ/SuIeT+x +QY90XU6t2Ckze2c+zUniAWmJ8GSyVmXOoc9JxAQ1u47wvGXLzrjWXc8u8PNRYXuf +fZplTL+dFu9P0d6lP8FGsV+r9wXvvazpRTz3+H8PKrGCYT55ZQIEdG9Jgamylto2 +oVPFXkwGML+TLw6oeCIBuz2y2vtivphW4MJ3ifQjDj7k3n+DTIxfDFs8lB6VRhhY +2nMHCrcZC6U2mhmXmr6O4s1fu6irBVx05ejPABEBAAG0IFNlcmdoZXkgUm9kaW4g +PHNraWRAdmVzdGFjcC5jb20+iQE4BBMBAgAiBQJSSBmxAhsDBgsJCAcDAgYVCAIJ +CgsEFgIDAQIeAQIXgAAKCRBCxbITCh93FPdqB/93GjV9g+wBfeZYLHQK9MDU2wBb +VloYOJJae6IvYKYQVAJayD3PbHdpxrF8s9e23vdnmb9jKu6jX6oV54EIyqP2HPiN +QYc8wcea+eSHerznBixCtoQh8mtdWGFeN71zU/ig7L5qlOVF/EmxDVZTFUeivFxh +IV6qyBnktQKktE45585yKZyyLtfGoXA54DGK69OtJFh+wdkKEMmUXocMl7wUrxW6 +Cx2CuKeEXEgvwu8mRHQi3S3T9XP456qWEn5dWyMVcP660IzEuZfSJApZusNK7zG3 +WMy0/EuX7xHNY3mcNxTOUN1LsO7iHnhHD9+iKWJo9parGkMZzc92MpjDK/g7uQEN +BFJIGbEBCAC7k5QEA9WQM7E3ceNaeLMrA9lXfuzaNCcySq7ONdVAa5PxzbSKdHvz +QFoL1VFqBTYQ038lbil1XqnoM0zvIfAI3LcpS8sq92El/vPxp6jZh2Ari9Uw7x95 +k2cZMgI67g+zQMGdjVRA155nFQRCgg000xU4F7JA6+WsuLlVUmccsDv7YWJExMtC +YPxiuz5DFu8RALnw4Ckts+dbwsrcvUHhkm9b6RAsdCKjjRpUZjLgdltjH83gUVvt +i1YmdjjsVpt95dtsaG+ad852g/Rk8EdxNMkjPF6HLA67CLADP9wYaj80yPcPtylS +ycvPtcclVeHkFBRVM8xZpQd4iD19MWI1ABEBAAGJAR8EGAECAAkFAlJIGbECGwwA +CgkQQsWyEwofdxQ7tQgAhB0FwTs7L8Qr63DHC2yAnXVxgtTAY1/36CccNXVculyR ++EkLcwahms9AKhz7eQb+Mud+5vH0GRohLp2npgO38CjVUfIP5d+Y6dsthmrkF6p8 +XdV1dVK9vWX+i/YZSw/Mded30Cq4P2Yhq9EaemMT0rtli8lz2NnkZ9dFJZk1lzJC +CZmRpbjSNWqRU4f7qyh21lYk/OC/0XE8fh8CaO23TZ+6gBionoCztwb7NyC9OArN +qYlNnbmh9iNqdblykPS3bkjf34n2xyMgnIehNrM89tk8PY4UfNPhgT1TMD9W3Svq +ynNZvLuF/FIDwDeC1qcfjGbfDn9fXO/lMIIRooQYKQ== +=J2HJ +-----END PGP PUBLIC KEY BLOCK----- diff --git a/install/ubuntu/12.04/dovecot.tar.gz b/install/ubuntu/12.04/dovecot.tar.gz new file mode 100644 index 0000000000000000000000000000000000000000..bfabaa030981d087ea4ccd8c7b86cc4d7ab1b7c6 GIT binary patch literal 3487 zcmV;Q4Pf#giwFRAz^+vQ1MM4YZyPrJESWH#l7u_ru?rTWOchsOV;5PJCsTFqMF@1q7J z@8Lu8?+=Fk(NVY80r~evgQH6Rj{$e&-|I9Jo%CDy^^@&^0v-(pACmu3uh#|ncRQo* z(dY>0bqAx~@CoaDG73Hde{=aieOi0^lwDn3^_fjXAZIdQR-~y^a|aq$g|DKQfwbnIX+x!UC0o24+8Ev1e?6`TyF z8`vq$jB@adI3@)oZi~NBA63I*Z>0~uk2KT zaHU4N^Mslf!x4zfNM=3)9v~#FmW9FwMovM>Qqk&A2kn)-mF@3y zG_7=ebDkGV094j@@Vs@0BEc@7@e)9w1lqm6#<#5dEoiE=m z@xRQ?I@Os$l_|q95)Rz0FPp%ZgQ-R*OzH}@2pfc;P;nNeTnTN9qnvI`X4%2lW7cbR zTm3_iDcc$Smm3}Aqsvx4A-9-ir}foWtu?zhA>BPnKH=r8;MprpW)8}EnWd=Ptk>xv zZ$wNMvfvPJARK}+#op!#f3DIl7_7MUF_H+{N8OxpIBtVkjrIw0*#{pt%}|=4)|}#i zlK@)fN@oy7fK{B$wRYhG42V-$TW~dZzNkgA$Vec}F7ibQ_$LtX40NJt`OMjEVY}## zC!XAK34ym>0Rsw56(X|5!=mP(gHmL#q$xf~(P8ePbmY17uP8?-2-eo4Yq8S|{0ePC z{%@rXcpy}2$J3Wi&9@E*NtxUUBtI;i4*_q;ryATy&))c2YhFE=mCZghykWlY>c z$`*4-IYg9zGgoBu+J$PTs?J72mMO7@v=QizHl?Ho^Q6trYBp`MA?apM!Dq&&Fw%;NZ>9uNV(Q;Ji1D zSC=o5I^LcO}XbK_ij~ctOc^?0jNp{bgsnFkh!dQ`x4_i~A(yWFTp;L}~+`2=c6K z3cll({3CicV6e|ZnwY%i*D{1yLZ+?e{=TLY6c|SC1fzpMzDZJI%5L+?v>Mfe#D|AM zu{H~_Ze62e^kh|%!fz>Q2_H!3659BJZVC(0Vjnu9`FU}gzn7>vr-tO$G^OH$ojEgYPB34n)nCN z6_up>=y0fnu2v=w9^ctv_X*FyQ{qy%dak!9@p03;bsS}E4*n(qZ-c&>9>6_P!1vB* z)S>Sb1jo$Vh9~sS!@r29x^Mp=wK=--Pv-z0vj5JYQ`rBokM&>pe^A-~V*p5dl5jAb zF>6B()Q0bEuM;i!{MS(O3O)$;`#>Hz_&+?N{?F*Bvj4{b*Z-lK^uDrs5Xa-jP|B-A`z+-YdcF%DyCW+}{uQ7yN8dB=smp0>#5MR`=XA`_M|@&2rY zZx3;qcSKw<4eRNIXYWR9hn<^w7Q@ziSccrYPi2Y|VUpNm!WeDfdNYG$fi5R_OuDV& z%!xY>ILFc8_Cq&nkN@v}qb4?dwsIDU?QXGzCXef~UH4_fOVB_gLqVlFBKY*=>g4(P z#re%UtS=?NLD9nMx$84TnP5{vXD0pJ|6<>@c0hzQWe!47Af$v-WgUAoa7#{glGpk@ zZ>{epa?OlGyuBkz|5C-&D zX>62B5bhh91xMVx7HNLb_;K4>S8Csx=x_yj>G+sP zYoJHLc3^{Pi~pL%ck9}<&CEpGF9Nl;%!vsdCTDtnY_DI_P0mWP6p-FC77Gq+7U;;R z_qKx!=CJW^E-!^5;+v)tDti>M$qK zMmnu|b$NMJAVUeBetUNMT~T|z0-^}BogfM`fY)aDoF=l zFMF--Ve4Me$(NX7#5m<475cGv?HcmvADsJ6x3wm4@D{7`xTjg;lm*- zO4=y45Y&e@WBcuWP~+K5uALR;b!oED-5MP=oo!)vr2}oHT*3-gpQ8UohXrhNy=W@A zO9iGU!=1fKT!?HoZPJScC9TDy{`g8;5kWx8UpoLTy10Jxob*!`{qijf$TcD#4)2si z-J1<%o&tptmg1?o0}&FNOl~vk2qPa!kx-KhTyrBfzd5u2ed#}{;xeAy8rjP#r?n6>GmN1 zKk8Tc|KkA4I-F8o9~!x&5|@*I6BPg+L!OMPYXh(-F@E`C*gSpx?&_vUSADuQt}E6S zY0wss9}n802Ct!PyB@Y3I;_;;l3%siZ^!+)`S@pr`}IF-qfdMNf6)HB!~UK3e+O6w ztnB|00Hh7}wt@T_K1~8)@ZR)wJF{2{40zOD3Sdwh2HQC3(oTpACZz?pV)Lu!!@SBw z|A=tk{xJo3)cPOT|IxPo-|4&hUuFM~0-?0@@^2DxEC#I83ANGaO)LB~fhax2m$#gg zphvO5S5~BrF;vq+Mye+;{o z{XYh{IxZyRV5V~sPIh|ZG{}QMSnCGt&Iktl)V+-F-%UQQFWUGKQ}ep2ef*u%&wca? zo^0(u@A-b(%-;do|L7z3-|zbT|ESaL;O{>N_>;iO{vQGI_8wX`b@3Y9jdImf(k0Apn?i2sGx!hDyX1>3M#0ef(kxA N{0}P55eWcL004dY&`|&Y literal 0 HcmV?d00001 diff --git a/install/ubuntu/12.04/dovecot/conf.d/10-auth.conf b/install/ubuntu/12.04/dovecot/conf.d/10-auth.conf new file mode 100644 index 000000000..dfcc83110 --- /dev/null +++ b/install/ubuntu/12.04/dovecot/conf.d/10-auth.conf @@ -0,0 +1,4 @@ +disable_plaintext_auth = no +auth_verbose = yes +auth_mechanisms = plain login +!include auth-passwdfile.conf.ext diff --git a/install/ubuntu/12.04/dovecot/conf.d/10-logging.conf b/install/ubuntu/12.04/dovecot/conf.d/10-logging.conf new file mode 100644 index 000000000..a5f207d51 --- /dev/null +++ b/install/ubuntu/12.04/dovecot/conf.d/10-logging.conf @@ -0,0 +1 @@ +log_path = /var/log/dovecot.log diff --git a/install/ubuntu/12.04/dovecot/conf.d/10-mail.conf b/install/ubuntu/12.04/dovecot/conf.d/10-mail.conf new file mode 100644 index 000000000..55313419e --- /dev/null +++ b/install/ubuntu/12.04/dovecot/conf.d/10-mail.conf @@ -0,0 +1,4 @@ +mail_privileged_group = mail +mail_access_groups = mail +mail_location = maildir:%h/mail/%d/%n +pop3_uidl_format = %08Xu%08Xv diff --git a/install/ubuntu/12.04/dovecot/conf.d/10-master.conf b/install/ubuntu/12.04/dovecot/conf.d/10-master.conf new file mode 100644 index 000000000..a75a9aaa4 --- /dev/null +++ b/install/ubuntu/12.04/dovecot/conf.d/10-master.conf @@ -0,0 +1,29 @@ +service imap-login { + inet_listener imap { + } + inet_listener imaps { + } +} + +service pop3-login { + inet_listener pop3 { + } + inet_listener pop3s { + } +} + + +service imap { +} + +service pop3 { +} + +service auth { + unix_listener auth-client { + group = mail + mode = 0660 + user = dovecot + } + user = dovecot +} diff --git a/install/ubuntu/12.04/dovecot/conf.d/10-ssl.conf b/install/ubuntu/12.04/dovecot/conf.d/10-ssl.conf new file mode 100644 index 000000000..3aaff6eec --- /dev/null +++ b/install/ubuntu/12.04/dovecot/conf.d/10-ssl.conf @@ -0,0 +1,3 @@ +ssl = yes +ssl_cert = = 2.1.4) : %v.%u + # Dovecot v0.99.x : %v.%u + # tpop3d : %Mf + # + # Note that Outlook 2003 seems to have problems with %v.%u format which was + # Dovecot's default, so if you're building a new server it would be a good + # idea to change this. %08Xu%08Xv should be pretty fail-safe. + # + #pop3_uidl_format = %08Xu%08Xv + + # Permanently save UIDLs sent to POP3 clients, so pop3_uidl_format changes + # won't change those UIDLs. Currently this works only with Maildir. + #pop3_save_uidl = no + + # What to do about duplicate UIDLs if they exist? + # allow: Show duplicates to clients. + # rename: Append a temporary -2, -3, etc. counter after the UIDL. + #pop3_uidl_duplicates = allow + + # POP3 logout format string: + # %i - total number of bytes read from client + # %o - total number of bytes sent to client + # %t - number of TOP commands + # %p - number of bytes sent to client as a result of TOP command + # %r - number of RETR commands + # %b - number of bytes sent to client as a result of RETR command + # %d - number of deleted messages + # %m - number of messages (before deletion) + # %s - mailbox size in bytes (before deletion) + # %u - old/new UIDL hash. may help finding out if UIDLs changed unexpectedly + #pop3_logout_format = top=%t/%p, retr=%r/%b, del=%d/%m, size=%s + + # Maximum number of POP3 connections allowed for a user from each IP address. + # NOTE: The username is compared case-sensitively. + #mail_max_userip_connections = 10 + + # Space separated list of plugins to load (default is global mail_plugins). + #mail_plugins = $mail_plugins + + # Workarounds for various client bugs: + # outlook-no-nuls: + # Outlook and Outlook Express hang if mails contain NUL characters. + # This setting replaces them with 0x80 character. + # oe-ns-eoh: + # Outlook Express and Netscape Mail breaks if end of headers-line is + # missing. This option simply sends it if it's missing. + # The list is space-separated. + #pop3_client_workarounds = +} diff --git a/install/ubuntu/12.04/dovecot/conf.d/auth-passwdfile.conf.ext b/install/ubuntu/12.04/dovecot/conf.d/auth-passwdfile.conf.ext new file mode 100644 index 000000000..75e6e1152 --- /dev/null +++ b/install/ubuntu/12.04/dovecot/conf.d/auth-passwdfile.conf.ext @@ -0,0 +1,9 @@ +passdb { + driver = passwd-file + args = scheme=MD5-CRYPT username_format=%n /etc/exim4/domains/%d/passwd +} + +userdb { + driver = passwd-file + args = username_format=%n /etc/exim4/domains/%d/passwd +} diff --git a/install/ubuntu/12.04/dovecot/dovecot.conf b/install/ubuntu/12.04/dovecot/dovecot.conf new file mode 100644 index 000000000..0a8553510 --- /dev/null +++ b/install/ubuntu/12.04/dovecot/dovecot.conf @@ -0,0 +1,4 @@ +protocols = imap pop3 +listen = *, :: +base_dir = /var/run/dovecot/ +!include conf.d/*.conf diff --git a/install/ubuntu/12.04/exim/dnsbl.conf b/install/ubuntu/12.04/exim/dnsbl.conf new file mode 100644 index 000000000..5166b255e --- /dev/null +++ b/install/ubuntu/12.04/exim/dnsbl.conf @@ -0,0 +1,2 @@ +bl.spamcop.net +zen.spamhaus.org diff --git a/install/ubuntu/12.04/exim/exim4.conf.template b/install/ubuntu/12.04/exim/exim4.conf.template new file mode 100644 index 000000000..742f0409e --- /dev/null +++ b/install/ubuntu/12.04/exim/exim4.conf.template @@ -0,0 +1,377 @@ +###################################################################### +# # +# Exim configuration file for Vesta Control Panel # +# # +###################################################################### + +#SPAMASSASSIN = yes +#SPAM_SCORE = 50 +#CLAMD = yes + +domainlist local_domains = dsearch;/etc/exim4/domains/ +domainlist relay_to_domains = dsearch;/etc/exim4/domains/ +hostlist relay_from_hosts = 127.0.0.1 +hostlist whitelist = net-iplsearch;/etc/exim4/white-blocks.conf +hostlist spammers = net-iplsearch;/etc/exim4/spam-blocks.conf +no_local_from_check +untrusted_set_sender = * +acl_smtp_connect = acl_check_spammers +acl_smtp_mail = acl_check_mail +acl_smtp_rcpt = acl_check_rcpt +acl_smtp_data = acl_check_data +acl_smtp_mime = acl_check_mime + +.ifdef SPAMASSASSIN +spamd_address = 127.0.0.1 783 +.endif + +.ifdef CLAMD +av_scanner = clamd: /var/run/clamav/clamd.ctl +.endif + +tls_advertise_hosts = * +tls_certificate = /usr/local/vesta/ssl/certificate.crt +tls_privatekey = /usr/local/vesta/ssl/certificate.key + +daemon_smtp_ports = 25 : 465 : 587 : 2525 +tls_on_connect_ports = 465 +never_users = root +host_lookup = * +rfc1413_hosts = * +rfc1413_query_timeout = 5s +ignore_bounce_errors_after = 2d +timeout_frozen_after = 7d + +DKIM_DOMAIN = ${lc:${domain:$h_from:}} +DKIM_FILE = /etc/exim4/domains/${lc:${domain:$h_from:}}/dkim.pem +DKIM_PRIVATE_KEY = ${if exists{DKIM_FILE}{DKIM_FILE}{0}} + + + +###################################################################### +# ACL CONFIGURATION # +# Specifies access control lists for incoming SMTP mail # +###################################################################### +begin acl + +acl_check_spammers: + accept hosts = +whitelist + + drop message = Your host in blacklist on this server. + log_message = Host in blacklist + hosts = +spammers + + accept + + +acl_check_mail: + deny condition = ${if eq{$sender_helo_name}{}} + message = HELO required before MAIL + + drop message = Helo name contains a ip address (HELO was $sender_helo_name) and not is valid + condition = ${if match{$sender_helo_name}{\N((\d{1,3}[.-]\d{1,3}[.-]\d{1,3}[.-]\d{1,3})|([0-9a-f]{8})|([0-9A-F]{8}))\N}{yes}{no}} + condition = ${if match {${lookup dnsdb{>: defer_never,ptr=$sender_host_address}}\}{$sender_helo_name}{no}{yes}} + delay = 45s + + drop condition = ${if isip{$sender_helo_name}} + message = Access denied - Invalid HELO name (See RFC2821 4.1.3) + + drop condition = ${if eq{[$interface_address]}{$sender_helo_name}} + message = $interface_address is _my_ address + + accept + + +acl_check_rcpt: + accept hosts = : + + deny message = Restricted characters in address + domains = +local_domains + local_parts = ^[.] : ^.*[@%!/|] + + deny message = Restricted characters in address + domains = !+local_domains + local_parts = ^[./|] : ^.*[@%!] : ^.*/\\.\\./ + + require verify = sender + + accept hosts = +relay_from_hosts + control = submission + + accept authenticated = * + control = submission/domain= + + deny message = Rejected because $sender_host_address is in a black list at $dnslist_domain\n$dnslist_text + hosts = !+whitelist + dnslists = ${readfile {/etc/exim4/dnsbl.conf}{:}} + + require message = relay not permitted + domains = +local_domains : +relay_to_domains + + deny message = smtp auth requried + sender_domains = +local_domains + !authenticated = * + + require verify = recipient + +.ifdef CLAMD + warn set acl_m0 = no + + warn condition = ${if exists {/etc/exim4/domains/$domain/antivirus}{yes}{no}} + set acl_m0 = yes +.endif + +.ifdef SPAMASSASSIN + warn set acl_m1 = no + + warn condition = ${if exists {/etc/exim4/domains/$domain/antispam}{yes}{no}} + set acl_m1 = yes +.endif + + accept + + +acl_check_data: +.ifdef CLAMD + deny message = Message contains a virus ($malware_name) and has been rejected + malware = * + condition = ${if eq{$acl_m0}{yes}{yes}{no}} +.endif + +.ifdef SPAMASSASSIN + warn !authenticated = * + hosts = !+relay_from_hosts + condition = ${if < {$message_size}{100K}} + condition = ${if eq{$acl_m1}{yes}{yes}{no}} + spam = nobody:true/defer_ok + add_header = X-Spam-Score: $spam_score_int + add_header = X-Spam-Bar: $spam_bar + add_header = X-Spam-Report: $spam_report + set acl_m2 = $spam_score_int + + warn condition = ${if !eq{$acl_m2}{} {yes}{no}} + condition = ${if >{$acl_m2}{SPAM_SCORE} {yes}{no}} + add_header = X-Spam-Status: Yes + message = SpamAssassin detected spam (from $sender_address to $recipients). +.endif + + accept + + +acl_check_mime: + deny message = Blacklisted file extension detected + condition = ${if match {${lc:$mime_filename}}{\N(\.ade|\.adp|\.bat|\.chm|\.cmd|\.com|\.cpl|\.exe|\.hta|\.ins|\.isp|\.jse|\.lib|\.lnk|\.mde|\.msc|\.msp|\.mst|\.pif|\.scr|\.sct|\.shb|\.sys|\.vb|\.vbe|\.vbs|\.vxd|\.wsc|\.wsf|\.wsh)$\N}{1}{0}} + + accept + + + +###################################################################### +# AUTHENTICATION CONFIGURATION # +###################################################################### +begin authenticators + +dovecot_plain: + driver = dovecot + public_name = PLAIN + server_socket = /var/run/dovecot/auth-client + server_set_id = $auth1 + +dovecot_login: + driver = dovecot + public_name = LOGIN + server_socket = /var/run/dovecot/auth-client + server_set_id = $auth1 + + + +###################################################################### +# ROUTERS CONFIGURATION # +# Specifies how addresses are handled # +###################################################################### +begin routers + +#smarthost: +# driver = manualroute +# domains = ! +local_domains +# transport = remote_smtp +# route_list = * smartrelay.vestacp.com +# no_more +# no_verify + +dnslookup: + driver = dnslookup + domains = !+local_domains + transport = remote_smtp + no_more + +userforward: + driver = redirect + check_local_user + file = $home/.forward + allow_filter + no_verify + no_expn + check_ancestor + file_transport = address_file + pipe_transport = address_pipe + reply_transport = address_reply + +procmail: + driver = accept + check_local_user + require_files = ${local_part}:+${home}/.procmailrc:/usr/bin/procmail + transport = procmail + no_verify + +autoreplay: + driver = accept + require_files = /etc/exim4/domains/$domain/autoreply.${local_part}.msg + condition = ${if exists{/etc/exim4/domains/$domain/autoreply.${local_part}.msg}}{yes}{no}} + retry_use_local_part + transport = userautoreply + unseen + +aliases: + driver = redirect + headers_add = X-redirected: yes + data = ${extract{1}{:}{${lookup{$local_part@$domain}lsearch{/etc/exim4/domains/$domain/aliases}}}} + require_files = /etc/exim4/domains/$domain/aliases + redirect_router = dnslookup + pipe_transport = address_pipe + unseen + +localuser_fwd_only: + driver = accept + transport = devnull + condition = ${if exists{/etc/exim/domains/$domain/fwd_only}{${lookup{$local_part}lsearch{/etc/exim/domains/$domain/fwd_only}{true}{false}}}} + +localuser_spam: + driver = accept + transport = local_spam_delivery + condition = ${if eq {${if match{$h_X-Spam-Status:}{\N^Yes\N}{yes}{no}}} {${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}{yes}{no_such_user}}}} + +localuser: + driver = accept + transport = local_delivery + condition = ${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}{true}{false}} + +catchall: + driver = redirect + headers_add = X-redirected: yes + require_files = /etc/exim4/domains/$domain/aliases + data = ${extract{1}{:}{${lookup{*@$domain}lsearch{/etc/exim4/domains/$domain/aliases}}}} + file_transport = local_delivery + redirect_router = dnslookup + +terminate_alias: + driver = accept + transport = devnull + condition = ${lookup{$local_part@$domain}lsearch{/etc/exim4/domains/$domain/aliases}{true}{false}} + + + +###################################################################### +# TRANSPORTS CONFIGURATION # +###################################################################### +begin transports + +remote_smtp: + driver = smtp + #helo_data = $sender_address_domain + dkim_domain = DKIM_DOMAIN + dkim_selector = mail + dkim_private_key = DKIM_PRIVATE_KEY + dkim_canon = relaxed + dkim_strict = 0 + +procmail: + driver = pipe + command = "/usr/bin/procmail -d $local_part" + return_path_add + delivery_date_add + envelope_to_add + user = $local_part + initgroups + return_output + +local_delivery: + driver = appendfile + maildir_format + maildir_use_size_file + user = ${extract{2}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}} + group = mail + create_directory + directory_mode = 770 + mode = 660 + use_lockfile = no + delivery_date_add + envelope_to_add + return_path_add + directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}/mail/$domain/$local_part" + quota = ${extract{6}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}M + quota_warn_threshold = 75% + +local_spam_delivery: + driver = appendfile + maildir_format + maildir_use_size_file + user = ${extract{2}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}} + group = mail + create_directory + directory_mode = 770 + mode = 660 + use_lockfile = no + delivery_date_add + envelope_to_add + return_path_add + directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}/mail/$domain/$local_part/.Spam" + quota = ${extract{6}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}M + quota_directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}/mail/$domain/$local_part" + quota_warn_threshold = 75% + +address_pipe: + driver = pipe + return_output + +address_file: + driver = appendfile + delivery_date_add + envelope_to_add + return_path_add + +address_reply: + driver = autoreply + +userautoreply: + driver = autoreply + file = /etc/exim4/domains/$domain/autoreply.${local_part}.msg + from = "${local_part}@${domain}" + subject = "${if def:h_Subject: {Autoreply: ${quote:${escape:$h_Subject:}}} {Autoreply Message}}" + to = "${sender_address}" + +devnull: + driver = appendfile + file = /dev/null + + + +###################################################################### +# RETRY CONFIGURATION # +###################################################################### +begin retry + +# Address or Domain Error Retries +# ----------------- ----- ------- +* * F,2h,15m; G,16h,1h,1.5; F,4d,6h + + + +###################################################################### +# REWRITE CONFIGURATION # +###################################################################### +begin rewrite + + + +###################################################################### diff --git a/install/ubuntu/12.04/exim/spam-blocks.conf b/install/ubuntu/12.04/exim/spam-blocks.conf new file mode 100644 index 000000000..e69de29bb diff --git a/install/ubuntu/12.04/fail2ban.tar.gz b/install/ubuntu/12.04/fail2ban.tar.gz new file mode 100644 index 0000000000000000000000000000000000000000..628545b6b12d83a4dfcf4529b41f62792c228c85 GIT binary patch literal 721 zcmV;?0xta@iwFR?P)1Y$1MQbhZ{jczhB^CJjMPJ=l>#Ira4D7AZL1=&Z6#&~ zz`KruB3xbg09_DCMo>VRAaZ-;y)^U@ z_5_W1em^5}=Uk3M(j5%0M~Fp}7>lVIYRqubkoOIoiK#qP6BOckLPYW;2OWgmSsIAg zuZ|mFmaYUYjJJfo8s1fhF1)IOlQ|75La(j33(9U0btUMJvtIut>QYeUVmCrexr&Qi zKbjFQ61zkzP2U-?^r{!(!l(3+?Yga{u}aaFy}dZE-rC%=GOfyYm&N9W)k}T291PDY z*P0t`IZ}uIjJ_-j{V$SH_dlT#cu)PeEcx8DI+m&H|328vfBu=(y@&@N72}Qi-)t}U ze|i14JEpGxd*KMK)CoAp98}8bBuj9v%2KQe1W{6IHF7UVKsi-oBUDPa+B%^mI!l#A z%iggR=`rPvnSp)Z2xvn7V8#q@Dyt%#D2+c|xJU7JZ=WzC$g2~0Q{w%WGdx!uFgO@} z=-u4i58*FN5)y;)2*=Nd+$g+V_$fxmCp11?eTVGz8P->^KFOi;zxe)( z;(T!ZH#>H&|F+iuy|9`8{p-KwZ0f&dYyIB`OZs27=SuT4o@Sm$(ja3D9@K#V)prvv zs8^H+ECdN-k)k768hSV1`}Y@@gAp1N=}x2^dQlk4c0wJawc4RhTtX&fF0G*c4Nk6a z2g6fPkL6zl5rJ&(DMxg| +actionstop = /usr/local/vesta/bin/v-delete-firewall-chain +actioncheck = iptables -n -L INPUT | grep -q 'fail2ban-[ \t]' +actionban = /usr/local/vesta/bin/v-add-firewall-ban +actionunban = /usr/local/vesta/bin/v-delete-firewall-ban diff --git a/install/ubuntu/12.04/fail2ban/filter.d/vesta.conf b/install/ubuntu/12.04/fail2ban/filter.d/vesta.conf new file mode 100644 index 000000000..69670a56e --- /dev/null +++ b/install/ubuntu/12.04/fail2ban/filter.d/vesta.conf @@ -0,0 +1,10 @@ +# Fail2Ban filter for unsuccesfull Vesta authentication attempts +# + +[INCLUDES] +before = common.conf + +[Definition] +failregex = .* failed to login +ignoreregex = + diff --git a/install/ubuntu/12.04/fail2ban/jail.local b/install/ubuntu/12.04/fail2ban/jail.local new file mode 100644 index 000000000..eccea0685 --- /dev/null +++ b/install/ubuntu/12.04/fail2ban/jail.local @@ -0,0 +1,39 @@ +[ssh-iptables] +enabled = true +filter = sshd +action = vesta[name=SSH] +logpath = /var/log/auth.log +maxretry = 5 + +[vsftpd-iptables] +enabled = false +filter = vsftpd +action = vesta[name=FTP] +logpath = /var/log/vsftpd.log +maxretry = 5 + +[exim-iptables] +enabled = true +filter = exim +action = vesta[name=MAIL] +logpath = /var/log/exim4/mainlog + +[dovecot-iptables] +enabled = true +filter = dovecot +action = vesta[name=MAIL] +logpath = /var/log/dovecot.log + +[mysqld-iptables] +enabled = false +filter = mysqld-auth +action = vesta[name=DB] +logpath = /var/log/mysql.log +maxretry = 5 + +[vesta-iptables] +enabled = true +filter = vesta +action = vesta[name=VESTA] +logpath = /var/log/vesta/auth.log +maxretry = 5 diff --git a/install/ubuntu/12.04/firewall.tar.gz b/install/ubuntu/12.04/firewall.tar.gz new file mode 100644 index 0000000000000000000000000000000000000000..e8556008077364323d7d6b6934e7a2cf7a734983 GIT binary patch literal 540 zcmV+%0^|K3iwFQ5XyQ}=1MQVdkJ>O4Mzij(@XnhsKo&*MSlh#7(1g=&0&FEG%?Me6ampuO4>y-_`!)kpP&FT0Pj|*j)GSV93 zG0u%P9?@5H>Ue&9TJ8w(mS4U;YbU>kw!5dto6pc!`1H`piz?!Qs? zZ2zTY(j)A}O)l`C?|(Hfn=&r%X0(YbN~&_+%&1`W&E*1z3IZzVUki(*D`*Kk5kQkG z1wFz!17_g@d9ch)G0;wCGL8I9sNtr~X-yEB=^d3PuoC0XT$oBik3eT~aJ zPYYM7vf@1@^`frQB1w}O-E1jovb=r04Y>?eKuHocY1?18ny~4FyPO>aM4!NUUOmFePy(-1M3SddTi>v8NVjB&*t=IgAYbgkDfmmx*FWy-yM^~-2uA1 z`-8QZ4$iCJUfZClsXi!k+gGp^gsj(jT}WJxQ(W4?Rswg^FKlTCd%;5d=XH e1VIo4K@bE%5ClOG1VIqwGCu%8Tmj4gC;$K)2?m1z literal 0 HcmV?d00001 diff --git a/install/ubuntu/12.04/firewall/ports.conf b/install/ubuntu/12.04/firewall/ports.conf new file mode 100644 index 000000000..a6ef4dae5 --- /dev/null +++ b/install/ubuntu/12.04/firewall/ports.conf @@ -0,0 +1,16 @@ +PROTOCOL='TCP' PORT='20' +PROTOCOL='TCP' PORT='21' +PROTOCOL='TCP' PORT='22' +PROTOCOL='TCP' PORT='25' +PROTOCOL='UDP' PORT='53' +PROTOCOL='TCP' PORT='80' +PROTOCOL='TCP' PORT='443' +PROTOCOL='TCP' PORT='110' +PROTOCOL='UDP' PORT='123' +PROTOCOL='TCP' PORT='143' +PROTOCOL='TCP' PORT='3306' +PROTOCOL='TCP' PORT='5432' +PROTOCOL='TCP' PORT='8080' +PROTOCOL='TCP' PORT='8433' +PROTOCOL='TCP' PORT='8083' +PROTOCOL='TCP' PORT='12000:12100' diff --git a/install/ubuntu/12.04/firewall/rules.conf b/install/ubuntu/12.04/firewall/rules.conf new file mode 100644 index 000000000..956c2e1d9 --- /dev/null +++ b/install/ubuntu/12.04/firewall/rules.conf @@ -0,0 +1,10 @@ +RULE='1' ACTION='ACCEPT' PROTOCOL='ICMP' PORT='0' IP='0.0.0.0/0' COMMENT='PING' SUSPENDED='no' TIME='17:13:48' DATE='2014-09-16' +RULE='2' ACTION='ACCEPT' PROTOCOL='TCP' PORT='8083' IP='0.0.0.0/0' COMMENT='VESTA' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='3' ACTION='ACCEPT' PROTOCOL='TCP' PORT='3306,5432' IP='0.0.0.0/0' COMMENT='DB' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='4' ACTION='ACCEPT' PROTOCOL='TCP' PORT='143,993' IP='0.0.0.0/0' COMMENT='IMAP' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='5' ACTION='ACCEPT' PROTOCOL='TCP' PORT='110,995' IP='0.0.0.0/0' COMMENT='POP3' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='6' ACTION='ACCEPT' PROTOCOL='TCP' PORT='25,465,587,2525' IP='0.0.0.0/0' COMMENT='SMTP' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='7' ACTION='ACCEPT' PROTOCOL='UDP' PORT='53' IP='0.0.0.0/0' COMMENT='DNS' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='8' ACTION='ACCEPT' PROTOCOL='TCP' PORT='21,12000-12100' IP='0.0.0.0/0' COMMENT='FTP' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='9' ACTION='ACCEPT' PROTOCOL='TCP' PORT='80,443' IP='0.0.0.0/0' COMMENT='WEB' SUSPENDED='no' TIME='17:04:27' DATE='2014-09-24' +RULE='10' ACTION='ACCEPT' PROTOCOL='TCP' PORT='22' IP='0.0.0.0/0' COMMENT='SSH' SUSPENDED='no' TIME='17:14:41' DATE='2014-09-16' diff --git a/install/ubuntu/12.04/logrotate/apache2 b/install/ubuntu/12.04/logrotate/apache2 new file mode 100644 index 000000000..27629d0dd --- /dev/null +++ b/install/ubuntu/12.04/logrotate/apache2 @@ -0,0 +1,19 @@ +/var/log/apache2/*.log /var/log/apache2/domains/*log { + weekly + missingok + rotate 52 + compress + delaycompress + notifempty + create 640 root adm + sharedscripts + postrotate + /etc/init.d/apache2 reload > /dev/null || true + [ ! -f /var/run/nginx.pid ] || kill -USR1 `cat /var/run/nginx.pid` + endscript + prerotate + if [ -d /etc/logrotate.d/httpd-prerotate ]; then \ + run-parts /etc/logrotate.d/httpd-prerotate; \ + fi; \ + endscript +} diff --git a/install/ubuntu/12.04/logrotate/nginx b/install/ubuntu/12.04/logrotate/nginx new file mode 100644 index 000000000..d667f2135 --- /dev/null +++ b/install/ubuntu/12.04/logrotate/nginx @@ -0,0 +1,13 @@ +/var/log/nginx/*log /var/log/nginx/domains/*log { + daily + missingok + rotate 52 + compress + delaycompress + notifempty + create 640 nginx adm + sharedscripts + postrotate + [ -f /var/run/nginx.pid ] && kill -USR1 `cat /var/run/nginx.pid` + endscript +} diff --git a/install/ubuntu/12.04/logrotate/vesta b/install/ubuntu/12.04/logrotate/vesta new file mode 100644 index 000000000..027a34396 --- /dev/null +++ b/install/ubuntu/12.04/logrotate/vesta @@ -0,0 +1,7 @@ +/usr/local/vesta/log/*.log { + missingok + notifempty + size 30k + yearly + create 0600 root root +} diff --git a/install/ubuntu/12.04/mysql/my-large.cnf b/install/ubuntu/12.04/mysql/my-large.cnf new file mode 100644 index 000000000..d0bab3907 --- /dev/null +++ b/install/ubuntu/12.04/mysql/my-large.cnf @@ -0,0 +1,42 @@ +[client] +port=3306 +socket=/var/run/mysqld/mysqld.sock + +[mysqld_safe] +socket=/var/run/mysqld/mysqld.sock + +[mysqld] +user=mysql +pid-file=/var/run/mysqld/mysqld.pid +socket=/var/run/mysqld/mysqld.sock +port=3306 +basedir=/usr +datadir=/var/lib/mysql +tmpdir=/tmp +lc-messages-dir=/usr/share/mysql +log_error=/var/log/mysql/error.log + +symbolic-links=0 + +skip-external-locking +key_buffer_size = 256M +max_allowed_packet = 32M +table_open_cache = 256 +sort_buffer_size = 1M +read_buffer_size = 1M +read_rnd_buffer_size = 4M +myisam_sort_buffer_size = 64M +thread_cache_size = 8 +query_cache_size= 16M +thread_concurrency = 8 + +#innodb_use_native_aio = 0 +innodb_file_per_table + +max_connections=200 +max_user_connections=50 +wait_timeout=10 +interactive_timeout=50 +long_query_time=5 + +!includedir /etc/mysql/conf.d/ diff --git a/install/ubuntu/12.04/mysql/my-medium.cnf b/install/ubuntu/12.04/mysql/my-medium.cnf new file mode 100644 index 000000000..1c10ab9a6 --- /dev/null +++ b/install/ubuntu/12.04/mysql/my-medium.cnf @@ -0,0 +1,40 @@ +[client] +port=3306 +socket=/var/run/mysqld/mysqld.sock + +[mysqld_safe] +socket=/var/run/mysqld/mysqld.sock + +[mysqld] +user=mysql +pid-file=/var/run/mysqld/mysqld.pid +socket=/var/run/mysqld/mysqld.sock +port=3306 +basedir=/usr +datadir=/var/lib/mysql +tmpdir=/tmp +lc-messages-dir=/usr/share/mysql +log_error=/var/log/mysql/error.log + +symbolic-links=0 + +skip-external-locking +key_buffer_size = 16M +max_allowed_packet = 16M +table_open_cache = 64 +sort_buffer_size = 512K +net_buffer_length = 8K +read_buffer_size = 256K +read_rnd_buffer_size = 512K +myisam_sort_buffer_size = 8M + +#innodb_use_native_aio = 0 +innodb_file_per_table + +max_connections=70 +max_user_connections=30 +wait_timeout=10 +interactive_timeout=50 +long_query_time=5 + +!includedir /etc/mysql/conf.d/ diff --git a/install/ubuntu/12.04/mysql/my-small.cnf b/install/ubuntu/12.04/mysql/my-small.cnf new file mode 100644 index 000000000..26a804781 --- /dev/null +++ b/install/ubuntu/12.04/mysql/my-small.cnf @@ -0,0 +1,40 @@ +[client] +port=3306 +socket=/var/run/mysqld/mysqld.sock + +[mysqld_safe] +socket=/var/run/mysqld/mysqld.sock + +[mysqld] +user=mysql +pid-file=/var/run/mysqld/mysqld.pid +socket=/var/run/mysqld/mysqld.sock +port=3306 +basedir=/usr +datadir=/var/lib/mysql +tmpdir=/tmp +lc-messages-dir=/usr/share/mysql +log_error=/var/log/mysql/error.log + +symbolic-links=0 + +skip-external-locking +key_buffer_size = 16K +max_allowed_packet = 1M +table_open_cache = 4 +sort_buffer_size = 64K +read_buffer_size = 256K +read_rnd_buffer_size = 256K +net_buffer_length = 2K +thread_stack = 240K + +#innodb_use_native_aio = 0 +innodb_file_per_table + +max_connections=30 +max_user_connections=20 +wait_timeout=10 +interactive_timeout=50 +long_query_time=5 + +!includedir /etc/mysql/conf.d/ diff --git a/install/ubuntu/nginx.conf b/install/ubuntu/12.04/nginx/nginx.conf similarity index 99% rename from install/ubuntu/nginx.conf rename to install/ubuntu/12.04/nginx/nginx.conf index 1e0d321b2..7937301c1 100644 --- a/install/ubuntu/nginx.conf +++ b/install/ubuntu/12.04/nginx/nginx.conf @@ -1,5 +1,5 @@ # Server globals -user nginx; +user www-data; worker_processes 2; error_log /var/log/nginx/error.log; pid /var/run/nginx.pid; diff --git a/install/ubuntu/12.04/nginx/phpmyadmin.inc b/install/ubuntu/12.04/nginx/phpmyadmin.inc new file mode 100644 index 000000000..d70ca3e3c --- /dev/null +++ b/install/ubuntu/12.04/nginx/phpmyadmin.inc @@ -0,0 +1,15 @@ +location /phpmyadmin { + alias /usr/share/phpmyadmin/; + + location ~ /(libraries|setup) { + return 404; + } + + location ~ ^/phpmyadmin/(.*\.php)$ { + alias /usr/share/phpmyadmin/$1; + fastcgi_pass 127.0.0.1:9000; + fastcgi_index index.php; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $request_filename; + } +} diff --git a/install/ubuntu/12.04/nginx/phppgadmin.inc b/install/ubuntu/12.04/nginx/phppgadmin.inc new file mode 100644 index 000000000..cd1e5806b --- /dev/null +++ b/install/ubuntu/12.04/nginx/phppgadmin.inc @@ -0,0 +1,11 @@ +location /phppgadmin { + alias /usr/share/phppgadmin/; + + location ~ ^/phppgadmin/(.*\.php)$ { + alias /usr/share/phppgadmin/$1; + fastcgi_pass 127.0.0.1:9000; + fastcgi_index index.php; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $request_filename; + } +} diff --git a/install/ubuntu/12.04/nginx/status.conf b/install/ubuntu/12.04/nginx/status.conf new file mode 100644 index 000000000..c0bcd0691 --- /dev/null +++ b/install/ubuntu/12.04/nginx/status.conf @@ -0,0 +1,9 @@ +server { + listen 127.0.0.1:8084 default; + server_name _; + server_name_in_redirect off; + location / { + stub_status on; + access_log off; + } +} diff --git a/install/ubuntu/12.04/nginx/webmail.inc b/install/ubuntu/12.04/nginx/webmail.inc new file mode 100644 index 000000000..ad66895bc --- /dev/null +++ b/install/ubuntu/12.04/nginx/webmail.inc @@ -0,0 +1,15 @@ +location /webmail { + alias /var/lib/roundcube/; + + location ~ /(config|temp|logs) { + return 404; + } + + location ~ ^/webmail/(.*\.php)$ { + alias /var/lib/roundcube/$1; + fastcgi_pass 127.0.0.1:9000; + fastcgi_index index.php; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $request_filename; + } +} diff --git a/install/ubuntu/12.04/packages.tar.gz b/install/ubuntu/12.04/packages.tar.gz new file mode 100644 index 0000000000000000000000000000000000000000..4b778dadce20a61f03a8ca920ec81c55a8730fee GIT binary patch literal 562 zcmV-20?qv&iwFRHoJ3Lp1MQYgkD5>vhFSY7+_9e37(#VaFxE7E(hXh3fdi2rFJZkFya3gX^b)n zVXSCG>M9q!r;?X63%1>^6fD25GP?9(Zs8i zm#eSAOO(kSvCYUG8}`JzlNGcp7>;dtR#6ZOYcoV)W|{76R22A_Q=gJo4AXSy6Mw(T z@QvYNS99i079ZTgdF&uH#Hm!H2Tkno>k1^mATb^lABoBo#r=lG9NGXU~REdk0(83B2vo&kr_ zAp~{{4=IqJS7Kl{UdaJ`lmmICl^~$|AizYY10B;!5Re`k^vG)ug3|w@mF?UAH~v$N z5%B*SfdB3Ik9DT%#Rp2&fAy{S9|r3<{gP~x+kO96-v30?!2fG-8UK&;KeGQw{$uw~ zsNXQZA^ut3x1l|*XixdCp}qF{wFdwI0000000000000000RC})0(q@EkpL(F05 diff --git a/install/ubuntu/12.04/pga/phppgadmin.conf b/install/ubuntu/12.04/pga/phppgadmin.conf new file mode 100644 index 000000000..f39247d6f --- /dev/null +++ b/install/ubuntu/12.04/pga/phppgadmin.conf @@ -0,0 +1,31 @@ +Alias /phppgadmin /usr/share/phppgadmin + + + +DirectoryIndex index.php +AllowOverride None + +order deny,allow +deny from all +allow from 127.0.0.0/255.0.0.0 ::1/128 +allow from all + + + php_flag magic_quotes_gpc Off + php_flag track_vars On + php_value include_path . + + + + + AddType application/x-httpd-php .php + Action application/x-httpd-php /cgi-bin/php + + + AddType application/x-httpd-php .php + Action application/x-httpd-php /cgi-bin/php + + + + + diff --git a/install/ubuntu/12.04/php5-fpm/www.conf b/install/ubuntu/12.04/php5-fpm/www.conf new file mode 100644 index 000000000..d046bceef --- /dev/null +++ b/install/ubuntu/12.04/php5-fpm/www.conf @@ -0,0 +1,10 @@ +[www] +listen = 127.0.0.1:9000 +listen.allowed_clients = 127.0.0.1 +user = www-data +group = www-data +pm = dynamic +pm.max_children = 50 +pm.start_servers = 5 +pm.min_spare_servers = 3 +pm.max_spare_servers = 35 diff --git a/install/ubuntu/12.04/pma/apache.conf b/install/ubuntu/12.04/pma/apache.conf new file mode 100644 index 000000000..2a8f69e25 --- /dev/null +++ b/install/ubuntu/12.04/pma/apache.conf @@ -0,0 +1,42 @@ +# phpMyAdmin default Apache configuration + +Alias /phpmyadmin /usr/share/phpmyadmin + + + Options FollowSymLinks + DirectoryIndex index.php + + + AddType application/x-httpd-php .php + + php_flag magic_quotes_gpc Off + php_flag track_vars On + php_flag register_globals Off + php_admin_flag allow_url_fopen Off + php_value include_path . + php_admin_value upload_tmp_dir /var/lib/phpmyadmin/tmp + php_admin_value open_basedir /usr/share/phpmyadmin/:/etc/phpmyadmin/:/var/lib/phpmyadmin/:/usr/share/php/php-gettext + + + + +# Authorize for setup + + + AuthType Basic + AuthName "phpMyAdmin Setup" + AuthUserFile /etc/phpmyadmin/htpasswd.setup + + Require valid-user + + +# Disallow web access to directories that don't need it + + Order Deny,Allow + Deny from All + + + Order Deny,Allow + Deny from All + + diff --git a/install/ubuntu/12.04/pma/config.inc.php b/install/ubuntu/12.04/pma/config.inc.php new file mode 100644 index 000000000..a643a065b --- /dev/null +++ b/install/ubuntu/12.04/pma/config.inc.php @@ -0,0 +1,146 @@ + + VRootEngine on + VRootAlias /etc/security/pam_env.conf etc/security/pam_env.conf + + +AuthPAMConfig proftpd +AuthOrder mod_auth_pam.c* mod_auth_unix.c +UseReverseDNS off +User proftpd +Group nogroup +MaxInstances 20 +UseSendfile off +LogFormat default "%h %l %u %t \"%r\" %s %b" +LogFormat auth "%v [%P] %h %t \"%r\" %s" +ListOptions -a +RequireValidShell off +PassivePorts 12000 12100 + + + Umask 002 + IdentLookups off + AllowOverwrite yes + + AllowAll + + diff --git a/install/ubuntu/12.04/roundcube/apache.conf b/install/ubuntu/12.04/roundcube/apache.conf new file mode 100644 index 000000000..a0c87bcc6 --- /dev/null +++ b/install/ubuntu/12.04/roundcube/apache.conf @@ -0,0 +1,40 @@ +Alias /roundcube/program/js/tiny_mce/ /usr/share/tinymce/www/ +Alias /roundcube /var/lib/roundcube +Alias /webmail /var/lib/roundcube + +# Access to tinymce files + + Options Indexes MultiViews FollowSymLinks + AllowOverride None + Order allow,deny + allow from all + + + + Options +FollowSymLinks + # This is needed to parse /var/lib/roundcube/.htaccess. See its + # content before setting AllowOverride to None. + AllowOverride All + order allow,deny + allow from all + + +# Protecting basic directories: + + Options -FollowSymLinks + AllowOverride None + + + + Options -FollowSymLinks + AllowOverride None + Order allow,deny + Deny from all + + + + Options -FollowSymLinks + AllowOverride None + Order allow,deny + Deny from all + diff --git a/install/ubuntu/12.04/roundcube/config.inc.php b/install/ubuntu/12.04/roundcube/config.inc.php new file mode 100644 index 000000000..0c82b1bc1 --- /dev/null +++ b/install/ubuntu/12.04/roundcube/config.inc.php @@ -0,0 +1,33 @@ + diff --git a/install/ubuntu/roundcube-main.conf b/install/ubuntu/12.04/roundcube/main.inc.php similarity index 99% rename from install/ubuntu/roundcube-main.conf rename to install/ubuntu/12.04/roundcube/main.inc.php index a6e1fc2ee..97cdbf2df 100644 --- a/install/ubuntu/roundcube-main.conf +++ b/install/ubuntu/12.04/roundcube/main.inc.php @@ -175,6 +175,8 @@ $rcmail_config['smtp_timeout'] = 0; // ---------------------------------- // SYSTEM // ---------------------------------- +include_once("/etc/roundcube/debian-db-roundcube.php"); + // THIS OPTION WILL ALLOW THE INSTALLER TO RUN AND CAN EXPOSE SENSITIVE CONFIG DATA. // ONLY ENABLE IT IF YOU'RE REALLY SURE WHAT YOU'RE DOING! @@ -437,6 +439,7 @@ $rcmail_config['trash_mbox'] = 'Trash'; // these folders will also be displayed with localized names // NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP) $rcmail_config['default_folders'] = array('INBOX', 'Drafts', 'Sent', 'Spam', 'Trash'); +$rcmail_config['default_imap_folders'] = array('INBOX', 'Drafts', 'Sent', 'Spam', 'Trash'); // automatically create the above listed default folders on first login $rcmail_config['create_default_folders'] = true; diff --git a/install/ubuntu/12.04/roundcube/vesta.php b/install/ubuntu/12.04/roundcube/vesta.php new file mode 100644 index 000000000..8fb202a44 --- /dev/null +++ b/install/ubuntu/12.04/roundcube/vesta.php @@ -0,0 +1,62 @@ + + */ + + function password_save($curpass, $passwd) + { + $rcmail = rcmail::get_instance(); + $vesta_host = $rcmail->config->get('password_vesta_host'); + + if (empty($vesta_host)) + { + $vesta_host = 'localhost'; + } + + $vesta_port = $rcmail->config->get('password_vesta_port'); + if (empty($vesta_port)) + { + $vesta_port = '8083'; + } + + $postvars = array( + 'email' => $_SESSION['username'], + 'password' => $curpass, + 'new' => $passwd + ); + + $postdata = http_build_query($postvars); + + $send = 'POST /reset/mail/ HTTP/1.1' . PHP_EOL; + $send .= 'Host: ' . $vesta_host . PHP_EOL; + $send .= 'User-Agent: PHP Script' . PHP_EOL; + $send .= 'Content-length: ' . strlen($postdata) . PHP_EOL; + $send .= 'Content-type: application/x-www-form-urlencoded' . PHP_EOL; + $send .= 'Connection: close' . PHP_EOL; + $send .= PHP_EOL; + $send .= $postdata . PHP_EOL . PHP_EOL; + + $fp = fsockopen('ssl://' . $vesta_host, $vesta_port); + fputs($fp, $send); + $result = fread($fp, 2048); + fclose($fp); + + $fp = fopen("/tmp/roundcube.log", 'w'); + fwrite($fp, "test ok"); + fwrite($fp, "\n"); + fclose($fp); + + + if(strpos($result, 'ok') && !strpos($result, 'error')) + { + return PASSWORD_SUCCESS; + } + else { + return PASSWORD_ERROR; + } + + } diff --git a/install/ubuntu/12.04/sudo/admin b/install/ubuntu/12.04/sudo/admin new file mode 100644 index 000000000..47e16098c --- /dev/null +++ b/install/ubuntu/12.04/sudo/admin @@ -0,0 +1,7 @@ +# Created by vesta installer +Defaults env_keep="VESTA" +Defaults:admin !syslog +Defaults:admin !requiretty + +admin ALL=(ALL) ALL +admin ALL=NOPASSWD:/usr/local/vesta/bin/* diff --git a/install/ubuntu/12.04/templates.tar.gz b/install/ubuntu/12.04/templates.tar.gz new file mode 100644 index 0000000000000000000000000000000000000000..ce385d269736561780cb42d07b447572cebc7831 GIT binary patch literal 12935 zcmb8URZyHw7p{#YxCM6!?iL`pyF0-l1b6qr-ARz(?ruQ`4^D7`y9DZuAm^Lf{USGsP}RK+Ga`Vs-jJz6Gn9?|BB0`1J6{51&0u1-A(wAoe9`E z6vFFF9$veAdvSRue)_)Gm@QM;@XM>>0=l8*YwY(9{W9)%`RepE;+hLbGq^pv&)ZB8 z+UJ~^_R)U-TTXk!Dy_wd_uoOXH4L}g?^PzZPuwP_giL3A>ZWfDXn-)&+Nm*ctt9Ro zzkcM%b@(K34skWxW)xsdtReG-76iG!9zTrl!oGPF7;opAZ02sl{ChtK1-k6$74E0VejNdmSy38^P3J)Cf1-Zx6e}P#H|JTn7qDvR7!;<+EIe1bS^)*sfD>N50hnQeUnWn zFzTjnL@U1lj|+WjgiikibRW$cPRdAL&8qe8hhbL;eScs!{aa2e*ND-B@$C?!=FCH< z^~s6$i*H`*kGD%$(}!nN!-i^SK>feAX?tMl#;i>zYY8Z`ECzfKVqt*R8<=8~zX--| zp;5yq0um(a)tI)s77x-MFxzhqcEg>lUcYlUq3I%=BpHOc@9K0o`I|be`;KOZlPvIB zYPgu1K~sfidwaY51A@~Wj7>yn42>vAGk#;tx;$*i{Tj6kqc=v+*(I%@AYAhrX~N;| zsVvA7PqoV(G?;0HJg6vh&eRaE17Z&1XD^^m<9eM*0(N776F=<%FzIiF?uy&r%&Ith z($#hX`j!7uj9H2R{rU{N=PLxlanOBhsI7S?)T^%aha@c0@_qh;CBcDNWES-e-~)fv zKigBvPb(cGbwntTr}EF(Q@xXKhVB`e-a8%S*l`ESQcI($yR@DW58K>x`0eP=t{3FKGSRo{uR6e(#H$&Qk ziC(*DUd~E%L)b3adpbv^tUcfN-g!`|C&cJ1X1#Uf_)CxL)Nh*j`pF^P*h863`SqXQ zg13_gtU|4xc-=An4!LsgqoX7@RS6zE)~IG#7NVepDyvEys@ z*$PQ2+eaoBb0@g~!FfY{w&eW}2otfFH4Awx?+i4UTqKU9Msn|(jpkA`XF_p8f*;Gn z9L1&GhDc|*yuCLG-|=WcA)WpAU9RB1w;Ngfulms@WDka*s@ijS2qmv<#;))b^5lUU z=HFlCf<5Rae4^TxH~n=d+@}UT>ttwW+H7C9wHUk!zS2}Jn0%FsMP>-nm`%?Dvs3yy z??763L80Q*Rh#*37V&&Ki%&c8iRi;i0)q|h~vc@%bYbL1kN>=-s0)-cON^Yodi1Kp3KXZ?pJLJKh-(zS?3;W z_;?d?YEg^fIWXfiX5v%K>gFrBUWMWDt8$u757-_T*qr;5k05jG{9I(tE=SDl>LwbTE`79%21I)E>;jq#e6Zxg-5dBfX*LMqh0umSQ2o-uO{D#!-7F0 zt~unv(iXbV2M^9c5n7c7K$B>N6pd^P*}&%wtiwWZ{bfP9OHXMTl08vcbFrD z(tHawlPyRE$*!c`0m7l-Pvp5Q_Pat{0~Dh_4gZd`l}u@}M4~mv&SmMuS7^r%Wn~uq zDqKZF+?smlPthH3MLeow@zTVFU>x21VNhNwDk8cvhNkl@+9BPK*!M5L&+R0kee~yQ zPn}B|<6e{AKH)Dhip&S|Jk~lF8B&Q#0*H@e3Bvustg<_4jnw0wH|&nuh)5ZYv$8&$ ze0Ps<)-;-cSR$PHPBrE|Ixj&aUhNGLjt0Aq!;`_w4)LBhBGJL`c_AgtI_u458364a zyI=%x%|FrU9>hVO4BemNuI-QD|F$&GD+1kr=U;d8=%_LxVT@ayQ(F-=;QMZ8{vPKJ z?ukakSmd&E-!Ni-8iY&<_rjv>IVyWs?P&0iTHJnl&X`v}Ay>DqpoHQQ|s!d4G~E&r^`Y6YC@j@?kZMe1n5pC=`GcHJkG3W z5(?_>(qygL-S8?#O53fJl>}U2-MV%B57eWX!ymAeW%H;a+XqP)dTi2skTBzi%<~2v zxlZq}1SFPfDBdt;T&1y&x9|sD9Jxk2ZNhDT*5KkF`&pBM=fd07G|I9UGqc361TVIe zu~^RmxsUz2H)gt=vuhw!&|Iu^iP00M8eu^so#6dZ{g0D)KGogXh?!@MOR(*FPJ zm7qA-wlYTl3Ry^A)jHQYopA;vvH^9bKuyLG6wq>q zff!S2f&Z?Ll@N}|C=^mQKx9K!T-|pb*-AC)O|Kl<9aVNL&i@srzYQ29#R6!tZ`<$b z9>u@B3(S56Z9o4_A-eLUV|bMh@qMMb;JdPZ>nQxe>hUNZ3-}<8zqsJOi0>oq%%^iK zgwuWD2!@{=K@GIQaRF`~C42HM7$3pJ9%%tn3G; z?H;2Ge(>) z(=BPRn!e6)!2SX0KT1|(*)tWB!xgAc7>gIa=nR)oEH}?x#mJ+v?r^)}N2K4KAUbp| zUIj@q`cHAY4MrV4-i0#WQO>kjAdSD!O)9qY=Kg){Hv9bLl4r)fX1c8}BbsnYXI&2a z-^AuMfeo6ktzS=Z4dGsm^NHrTz26bpuX|5!jTfhTXKY)DSkHh152l+0`{(ixt-1}< zbcxD|X}Cn6+$4PvCs#n;9KHU?Soz__!yta#1Fk=gL{xHKT-`$@o%Z&QZUo=_fucBO zX%X!4T*$@URhRLQU5g(O5n}p!`F-s6VLJ~3jNC$DE>%Av|CPUCKphIW{HM!N>214K zPLRXxw<5aqh{A0-l&*iU2347mnmw?Rn==6ZFB&hAyorD^TD|_0m(2&&eOIaOu&{7A zbPBcNTLx1@-!|#9Vwn8d(ZN%9`jOL}MzkbP^qjAccW|JGyPrY7h&2umnN#_^dJHF{ zOB{p}ar*T6YLnODjtbtG58(3x8uaFBaL_YcVMA1+oq!J!4lPK))@Z}FDp|+LiYu@a zDhcT0{)c>eSVllD2-xGI$zn3BGz3RAl6R;i~4yG{UyOwT+XbQ(0Z@>8mFH@g7 ziUCEdW5>xZ$>UU4&YUx``3njQnH$%4&*_t&6rTdA_NWq~-QO(L#++e~3_y&ICmW%t zwWuzG&5QL5lUHGu$Xdoe#VF1nGjK3PhBB?zbg|kK*L3bD5>X0@dtyFXo9$yU$eDCS z4m8s#jO;GzQ$(VviZ;qIHPv1O1oDF@%(3Mc&y8!AGYYcw8C!53XW|V?A4U1i89d8a zfHX$Tg~$=r)@Hu7S=n8B1i5`Uo<;K?)DR|%utBHffOjx;Mb95{kT%i1c@A0%8k!-C zAlzjUf#S1gL==<2N>v@yp}YBg>T>oe_~#l#mF8co8Vh_+AF7$yXdD7`-@C+2Tx#SP zg_Hism7-12$uPu$Te@bYRq1;Mf0)h}Q*6@uS!kel9kq%N=F+6qHJAUSr3YeA_;t`A zCh%rjXP`mw(}pN@%&>NU#darNKr?JOc`Slin%wLcpOy^eS1bn5DoQf9tf97<>@%w) z%U{-vi4mnBwB68v4Vxn^a(f6glwJ08*T;d-oc!R&u!ZHpkVT%51c`h}QAP47|G}9i z%l(M240*qAMlJ786>N;f?A<*Zh1=5-hdCQu!#|WMPdkDu*teb#WqH{{YASc>N3Jz9 ztB{}ldKN$4GK<**IgiC()Q_7cfCavw85koN*v33hRrrRZlVWnjrKowDc$hyZ+rqZW z{<|U7ObZjrp|Na5NU?a0*gCrz@~#if@(4J$UeUkvm4fQC6Qx63h#I4y%7&+B2>5l{GtlExn3}7CZBn4L9P1oLF4yf;MU@j$x@+RDoSE?Yh-W@>dTTdZsAU+bF zzF?DvW%XkO5hs?eGlJ29$s5HoO|krX#8?(?YpFpTRr>qvxV}QWjOQqWspz$DqM4*P zMJoz=^20Q*j+#xJeNn@7T^rt>rZV}yks>B8wU868$B)DYg`^b0F5;7PpUeM6PO{D;%#AZ<&uCMl$~8h4S#zweCGPL%EW-cEa; zlJyhIO{&-**NGLL_jSk*xb7)uabTMVK#i(1P1N;+Z?%O20}+uOHsZyx-Yc!a5G=E; z!5Gf;8xS8kXbja?dj$C)Y=^#aI;@Ss3W}OX_eoWw{5A7}0<87>5!?2jG`b&d%+<`$ zDspmaE6JBW-QeMh?~*;?$t597P1woPcn@>l5@k$LXuZD9^PL|rS8fy55&%RUj)0dF z2aJ>c6)YTj)ejqjkpBg=Y1TJB{cUlAT3%bA5p>-%omgcm=G17f5G#wgE=O}k1jLr9 zv%Ni8o?5_Ejb36EiCs3Ya+6YmcS1Is`X{iLb9iHywh`F2fX&q#aK$-bTV@5=Fg8lT zaz4YJzTbhAV6i|)5CjVfK7g9J!>+pTf2ZAnP#wwiRsmIVAYkHI+(h{i9*AcrL{8$n>IJ~)+8beVHq_}#Sf=o6$M zUrU@c`ulZr#P=?13#d>j^~(&M-ghCH(RFr8ZRV9I8xOc9LV+FnXrek|QRi%}rPf-D zVxiN8+r_?*%cYfEoeQ_dEPrL>EEFvH5i!2R31S1mK1)5lwPv|cPHVbE8l2xRmV4eaqLbfa*X>9N==^WH#klhCO(?7%3)y!SA;LlZO zH+!?ky9K;)R31}&5GIu{@oegzO?w2lbAAE=O=#wvdWh%jI`9GUUi}_Vmy^-iuLUo= z7cn`9O{P#}2AOE9MLZl}_pLw?+7T3!3A*r#(R-EukMCjIVf;RKH zS=q_{rnO-f2yOXXUG6Yo<|R6EF;;q=P&hh-XpJZ%f`QVEzez-Z)K}ef)vbJ=1QO*? zW;gt~BA+TFW}umxS0kGy_%6TOKrZIBUvwlX{-2Qm#!*#Vu=$0NCN`83vi5IA7Ej-* zm-RO(2CH~@APZNj@aD5t{7G_LuE~mO<48WPs?bsj#)O=f;F&QR@D7x^4}WZi*tm8z zSTGy;J45gM?BS~GwtOZ=W-w83IKI-2-etNX?+s`1#3T#EPi z96E!g_>x)Ghe3mq?-l#7sorYH0SZm7eaE_9rS*EQZvrzQ+hTNd%#nDPq@KW_kkAGdp z8bvYu*BrDYc#Jg!zlx)U#Nmm7(JJjKD;^!%;>PPD=6O#d=-t7cf} zA(nJ*jXv5scRMt-A+MqOXRg8^=nBy@c>f}sv{)=s5@#AeYbLW6fJb7orLTP~nY19J z4AXq4cYlMFHcKuN>qY=^-igkn&ae6U;g`o9aQ@$s*7=*a!LQ7X?R#r#>~V_@0`+U< zRqOW~J!-j|y-%MKvDl?>$>J8%z7upPiNEH-Ll|V|GE~KdK6h7PU{Ssc&EAF!CmDD< zC{TT0M{nM&mUpP^%vs0}_3O%-_9QL^y}eG~T^&mQeyj+iV&DP&;p|!2A1;|n2V7yA zVkmb7!ssi?Hj4FE-%ic_WWI39n8JtK$0ECoJg1jp#R7;MbYp2UjGPwlETTx=1XJIO zgykH&9aY^2kbnO%6dKQQKK;Z9u->|A7MsVfCAzCmZ~IlBQb}w}Hq6`2uT+dPAfTq( z6PDv1^Xp~SUbH!c1>+|rj=fL?a~E_m(WH;i_{5%bW=G>`!s;g7kgTb#gSvJzPmTXx z^P*p4t6Wo~8;CcbRMgj)(Uph%^w;>Tyqr3`K(C&f_4yxBD0uTa1EqE>nQJ#ZbeFcZ zfh6Wf$eHd8XVrf1r;FoqssnR91-j#$>)~u_{G`h-aX5s+t*P|*opw^(%pMUR1yqS= zli1wu=@gSZxaFC1St@FR@*1w%7%?Srb>>)UiC4XM zV)x?=sGjGOtx=3A>1)@A{14O+9$C--P~87@&8zZ#+rKtl`M3QGrfYDO{jhz}reg?r zm4-bOn09axOvNT$(>W<~)@?;vzz}vE=0%kTErWU*-?vI)S*Sx`@UOJ~QR6;Gs;DN{ zD0(5(gj?dyVMk6vatr%}J0;}_C%0KaRe^rwOCPc|APbgmtH`y7;b8T;WB8rf7A zjl2?3#Pfykp^-*!#?}5_+cvH^M@Ln*@C{8Q>#WitdID9bOl)S zjPVW{R>8JMiFqiXuU9)}`q21&_vp=ejcVqyXYl8;-bXkbf(!BPO;hl?HeUkp=PCsN z47KK-eutxdc)Rf*1Uo}v7fA^~Wpz;7<|+E~Hsfoup%xD;IpJYJV@N?96LTN>Y3<|0 zY~ft&-s`6>v%uYFYU$(pyHiUhtadBo&u(!{Fsvgj9QEig&|Ji<6>qBnBzQ>J9R=P5MMb`t=J4Y`%7#a zaeXIwq=m^aGw9WB5tU}+3j4mw`weN5OK{n$ej2bzMziC>p^2BqRU+NZL-CRQTSl8R z(foTpQnu2Ui@qpl>?wbryH=q{Jb_8VnTtFdA?%L(=E`l37DL&NROMo3g0e)~h)>=^ zSn?t9THlSrhNyU*ph_<3Zce5~@YJOwlv4=$={o~j>{Gnl>8$i)(K95-Lp+NNig$^$ zd%9KXy3&bDIRMkEm)RGLg(|i8PxW8j69~9f)bNcU>NEIgV zF7`+8Wj7Jec`dZ1$yN1n)1ZT`wR_6GxuC^^Cq|V#xyHcqv%yjc0Tq!R#ltSzLSJQ{ zc=m0dAi?$>cIGSk%4jUPv8S50-*J0$w!P&GL1j5!nN++DxVy9KT{d$v#Y*H8J_0x1 z@*O0878_Xue;im_3q`$hxZJ;Qho>apEraSXu(CSVw?Ou_yNcN z-LG5GmSC4fu&PlAej>$%Twi*N{(7Gm#bS?qy@KZrTz&_tt2?|02uFZwM%{U!q4YI9 zSnWmd^tiMjJvca1I~5AnJH`gBI|2)txBtzqmI$9g4fLX}&s6hfiXv$c+8ZD75i_r6 z{a=8`wCN7Z8sNE@U+(>h;J+H=3sZg+7bs8y11?FtE%$Y9A-@j5TY$3BS=HQACd}-` zNeF0QbV>n8$_-6k7{A%bxhkoz@(`FzCxMh+(o{##EFXBvJfuE_TJRJ0z4MR#R*%yG zNgn)e%hu;~ayiVZdwHV<`PcDm#n-`D6Dw$%H+{tFaZuZHH*SC6SF_zio~!sV6dwaZ z-qAXV;cUj`W3kU?&oEsr3i+6is%3lnbG~pbBu>tEH$NaUPv>!(WUIj>wl{JqfvmhQ ztmsA$<``V~3451dM^@j%fe#$gH={2E-Oj0(!{fyslB!yrp(eX=i;(xifRAvirYps1 zsl0x`)q2Xro@lsoYkm5mOY4v!wk%53#WNgm!R!5UelhE^g$aT_kDzv8<1rfG4(!xA zM-00+4(}=WERwgpfvFN%zfV5W-n<|Xlu|Nmv2NO+CVyOU%CPAsnIfH!Qs(~YKVr4= z2?IU@ReR8vb19_*$%~<{1G%&ME_ojn_|pl zMUaLcGJk*HiO|~OkyC{aOi!0RyS+LUszMqT&PE{($q;aZ*9lCYJ@(p672?t_F_Bjy zUCr=v&5RJv92S~kaj2V8nuc?*l0Z2!xAN!57C9Gx_w?WFNaw*sOl=w!lyK7Wyy}yX zI(d;iHLPnopc=tOyP^IZ^eU4ut90Fl7z%4{@Iy}B_Cf$Vaj$X&pq&ieRP^(DQbk55 zbH5yX{OXbqws7a4sQ(J3l`$2}r7gD@IAPq%D$5CCEr@xsf}@|rl?<^8f3Lc892{_a zADziqLnJOP?C0fwI~je{5M4vWC@vaw^Y1};Oc*Zh=_LAMr?HeVLJ~Dx%mBkM4)_y0 zLmmY0>_cFS2wU*)HH`q)6e`-*tN
JXql@HLvN@Zghx7di_zx{Jl{l=j8>Rd0iuIDly5)|igW-~8Wh{82vJVRya(Gh28$Tg zNYvQTi%N?bCT;d~G|V4#+1?=$n)3*Hxd;vcbUYEFUd2Vb0A2Nu&?ll{P)8UPg|y7h zt|X>^>LNVb{#blXPfp^$?bprv6EHIeJC+ep4Snj{tkXIm5nFTt8ER^2OuVN!m)S0X zvQb6&n|xqJy&%>~Sa#2_Yw!4`{PZWwbk?(I*2wCsAP|b1st=@4l>#FI_0_}g{H+*3$S0l%u3ywW7$1|v! zaSpbH0u!@>L3X&jg3KQY$hH&phHZrY?~(zKk;K(>(uzNUH- zAZr2aY7}3oR5yTsUaxfjflMoKr|}3vF~{kr4v~c0PlCr#@)7#+3hHvro10o+MqFfo zt~mW?mKeRX>@k4lKg0BMFm;nxaf$PA{1_x*m9s`ei8?E;LBeQjPh;<^BC`vhy=8L5 z7V&1ruJ_U4bC3GCMbrm^YMib4{f-))$Pn`w@a>Pczvf0da-TC@FN1z}mO*A+i99yD z?0_qiI--5?Hby9TD1ip5FaHrL{|FqiUo?X}p29l2ChO3TRP!Rgae*d8XFjXt@lt+2 z(l{O@3MS9x?sg^QXz>(gRF%k(P@nrEjix>Us|FT-+Fwyk>$Q|s_U^a(#+sJf>R0Nk`o%iVEFD>Xu zX43CaBLt7SlSZr>sgwQU=RQ?pa1EU9vC%~c0OR;rBBGUX^6$}2?3>@PSr6go;#A(uRDeJ?r@yt7-{CNjWf$})#`?+ zFPi}mLdWU?k8*Asj=i8JW*@(>J$VC6@%xc~i?g{NFuI%b>=Cb=x3dd$gWg89atW(} zpW$UJH1jFz$K_|Mdo@4XPjjfTLC3Gi)5C_Tc`q8ZDaaS`YX<7~dyc5&+<)V>LrNWw zh|!H@H;_j8_QnQ8l%L8S%>>Q6l5&oGx5~mB7`a#+TWdF^-blaz8YHi*1i^s*##_FvY061=ALqeLd@J$ksHKP z6_vt~i+S&GRR-uk{ed{m2-yA_H6$NcWKeg!b{27o$qN>%+`hm|M zjQrW{eCJpuGlA6OeZNfM*=pe}a)<^~85he}>OE)56_#oGj@puBeg(|;|IxYaXiy&W z-AMMgq<11R%N9ux>R`07CGmPg{W}5dS5v*+RO%`%2QJ-e;6wr@WSo`q^vbpL23}{-71LD?wbSfJb|su5Qg-`CAXhJ6+on33>{I+|^K- zwa7vH3&QmHz2^_T7v2|u1D=jPRs7J?tysxYHt}Nodch%A_&)zMU(j;!`Bbyj0TGQZ zgoKK6jAUQ9a@LP44T9G;z`OFrKX#;sY}9qa3lXQEOut~tlYwZ(?ZXJ~+*(Uv8-?OC zK@NPFkb5V}86w*SD@mDPYD@YSWld@SMH-SkDS26r`r#wM>+(6gP5fS^a8F+sQQ$AA z4fhEU3Tg%Pg)azCL0)w80A(D^hvW*Ci3fRZR8*wwYt}`wMO=4aP7;2-&-EBPV(4cC zH*B^a>!6#azD6inJFwDaC@>201+*`Gm|-5GvFBj>dq9HttUjkJrGq6*7Q}3zGXi^! z+6TPWFZ3J%%rLWIfEKuFqgw;~m|n%79-+Vtadf%`#ET?~C{b#zg9h=&%IS%aFFo`# zNz8vjOOT+`_?p3T0XSE|Ij;d14@Pq^7o$@=1#quf2em$bvWY{l25Q3mFo194!B^Wsg34TJo+;u3;H zh)L68Y8_|n67v>dYp`@xip(ip-0eD;*)jEGuvc-g zmy*qWG(*DDS}Ym#Gs_tjzdh+(;~4jRG3r_pG74zmV*LXIOvP)OSizs4Wc%`@)hbqp5NwjpbcWEw62}W!p z*6|8cobtEeznxZ0F6#XOvo1E@jd zVB@0*+6D6lQ4$(WvC9keSb2MA9kh3)cKl`9lI2`X<_~1cx(V?8$?dig&%>`jKhcrH zGOhC<_!_p)3f}RjY-u8T-)7A%ex2|e`Rq7Da7~%Th32T?PtqT*=7(eaSVvv~-XwzU zrcyVdjp8A8p^dJmXd|m`kJnSJW01feAbrsqaPu~szeWfXH#`8EGGv~_Dbt?S*;r3P z+}1k^|A$;`Hk=Q!Cmfl|LH)`E&U7(tYJ?`&ZzQ9ySb(Eg9}x1|R_ir(zeM42xB=w)0Si$1$NjQTY`AjI?K{SLxzowsX7ZMHi$ zLFA$2ZD*1Z4Y)}Z#W9$I5IUBjLTV9>dp?^gk?KBz@EG=l>nNr+5t2=F1r$$z^twyC zNq{ZCUfd`A7U@Z{&xR!>o4_Fi9-f2LSp%6b(gEM6f_|W}=o0nyXB*!)CA5X?cic3J zQfWU@t(aj(LiOCyeCJL?@YViMMpdULAq2o{4EXP50tIP88CBjjggq-9$J2RU%|1>q zpK9HJ|NC{fQ9kR~e+8N762QdQ|MQ{p$7c{aOq^LnAo95Hae$Uw>hrTlC*Tu)^?A$3rSL#CItz$MK1{#+IIg(P~= zJ>=DZL*G&lxs#hoNz(_dN*L8V2j_f`aP`%iuGN*yF>+%qw-)11PM{Ar!r$TT66xe0 zJsjRCsn&DIEa4m7=bPVKn!*bfTNzcp&L<~ax@$1iqFZ}7yN0u?f+oy$MkR(f!+NWZ z(u|hpY)YTt9dFxTw(*2$}hHhUwJ08-EcnsmZ)-)(-JHS9zNH zKz3TfERImV)15?rnW04WX@E~}+rox?xSHL$^QCcO*4XBhp0L50c!+rg6KCGVIEZH< z+t~QG?0*37FdMe)O?Rm8h(vuncDQHxsj;!;~aoa;ky5pJO-1#@P4%gP=#nVflB&Rn9tL>xE=c2rAyI*><1|WYKK{@dlzKc(0vzK>Hzj6;_pI3=EkI&^?r z%~mU;QU1%QT{_gI%1{qhL;4q3N@E!ZSjS;&haPdV+Yz=5OS2lGrd+ev_TcPdT71{*QLSCls~=|+ynm} z-o9y$nn?iQ;7Um&Bp>mzL+}%Dk*DeLQvxUCHP@_(zF`DUGd5J*c*7E^@Y?4B`~c9eHy;l}b<2I*SECD}i)|-wJLnUGN}~_Ce$cmPWlvGO{qt{5 zuU{^}k9m*)tlyx`v5H1FHee|FjReBJAikh=v)yb9Tgln!p#qUigH#v`%S}~@s9fsh z3r`b*c;yokkH11-cCcrp1UWqGkLaQUs|R|BbzRST__8HjWQy%pcMXo=h8P>QhKn9; zszXG5{30ITQ>UfzkHZns5=6fz1B`yd(`Ds2SKN|eYsdXXIlQ%YPN~{AvNMq^gQkvMwNdVoXleSVR zlX;$}T{H>n{;XpA{b=84d{AQVR+*RIQs%f3!|w}zgK1AhRp`0PcGzz%%9-EkmzBK1 zmk2syi~NO4GPKo&JG(qM?Hes)SJK0go@%q&E9t+dkv1g;81K5OrgB8T7_6)BHlYN4 zShcQtoDHhOKluPAYVXEX1hb5NchbG3qfJ{x!h33I--$j;U#;Zp;%Cr#aN}L4XbE^$ zF{juQPJh$?b}jnX0amS$Qkf%&Oix~}CO{HVi&4ajtls!f2O~i!>A+ogm2@VY3;7-s zA=_=+jZ%6^(bY_;okh{_&%ZlwQa6EP7OB$N+iO2ba(^C_TirN2UWkYn@9th + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + SSLRequireSSL + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %docroot% + + + AllowOverride All + + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/12.04/templates/web/apache2/basedir.tpl b/install/ubuntu/12.04/templates/web/apache2/basedir.tpl new file mode 100755 index 000000000..75daf0e10 --- /dev/null +++ b/install/ubuntu/12.04/templates/web/apache2/basedir.tpl @@ -0,0 +1,35 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %docroot% + + + AllowOverride All + + + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/12.04/templates/web/apache2/default.stpl b/install/ubuntu/12.04/templates/web/apache2/default.stpl new file mode 100755 index 000000000..e884a95b9 --- /dev/null +++ b/install/ubuntu/12.04/templates/web/apache2/default.stpl @@ -0,0 +1,40 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + SSLRequireSSL + Options +Includes -Indexes +ExecCGI + + + AllowOverride All + + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/12.04/templates/web/apache2/default.tpl b/install/ubuntu/12.04/templates/web/apache2/default.tpl new file mode 100755 index 000000000..073724ce0 --- /dev/null +++ b/install/ubuntu/12.04/templates/web/apache2/default.tpl @@ -0,0 +1,34 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes +ExecCGI + + + AllowOverride All + + + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/12.04/templates/web/apache2/hosting.stpl b/install/ubuntu/12.04/templates/web/apache2/hosting.stpl new file mode 100755 index 000000000..7a5d7787f --- /dev/null +++ b/install/ubuntu/12.04/templates/web/apache2/hosting.stpl @@ -0,0 +1,49 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + SSLRequireSSL + Options +Includes -Indexes +ExecCGI + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value upload_max_filesize 10M + php_admin_value max_execution_time 20 + php_admin_value post_max_size 8M + php_admin_value memory_limit 32M + php_admin_flag mysql.allow_persistent off + php_admin_flag safe_mode off + php_admin_value session.save_path %home%/%user%/tmp + php_admin_value sendmail_path '/usr/sbin/sendmail -t -i -f %email%' + + + AllowOverride All + + php_admin_value open_basedir %home%/%user%/web:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/12.04/templates/web/apache2/hosting.tpl b/install/ubuntu/12.04/templates/web/apache2/hosting.tpl new file mode 100755 index 000000000..ab844dc74 --- /dev/null +++ b/install/ubuntu/12.04/templates/web/apache2/hosting.tpl @@ -0,0 +1,43 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value upload_max_filesize 10M + php_admin_value max_execution_time 20 + php_admin_value post_max_size 8M + php_admin_value memory_limit 32M + php_admin_flag mysql.allow_persistent off + php_admin_flag safe_mode off + php_admin_value session.save_path %home%/%user%/tmp + php_admin_value sendmail_path '/usr/sbin/sendmail -t -i -f %email%' + + + AllowOverride All + + php_admin_value open_basedir %home%/%user%/web:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/12.04/templates/web/apache2/phpcgi.sh b/install/ubuntu/12.04/templates/web/apache2/phpcgi.sh new file mode 100755 index 000000000..6565e103d --- /dev/null +++ b/install/ubuntu/12.04/templates/web/apache2/phpcgi.sh @@ -0,0 +1,16 @@ +#!/bin/bash +# Adding php wrapper +user="$1" +domain="$2" +ip="$3" +home_dir="$4" +docroot="$5" + +wrapper_script='#!/usr/bin/php-cgi -cphp5-cgi.ini' +wrapper_file="$home_dir/$user/web/$domain/cgi-bin/php" + +echo "$wrapper_script" > $wrapper_file +chown $user:$user $wrapper_file +chmod -f 751 $wrapper_file + +exit 0 diff --git a/install/ubuntu/12.04/templates/web/apache2/phpcgi.stpl b/install/ubuntu/12.04/templates/web/apache2/phpcgi.stpl new file mode 100755 index 000000000..aa5137308 --- /dev/null +++ b/install/ubuntu/12.04/templates/web/apache2/phpcgi.stpl @@ -0,0 +1,35 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + SSLRequireSSL + AllowOverride All + Options +Includes -Indexes +ExecCGI + Action phpcgi-script /cgi-bin/php + + SetHandler phpcgi-script + + + + AllowOverride All + + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/12.04/templates/web/apache2/phpcgi.tpl b/install/ubuntu/12.04/templates/web/apache2/phpcgi.tpl new file mode 100755 index 000000000..a05ff252d --- /dev/null +++ b/install/ubuntu/12.04/templates/web/apache2/phpcgi.tpl @@ -0,0 +1,28 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes +ExecCGI + Action phpcgi-script /cgi-bin/php + + SetHandler phpcgi-script + + + + AllowOverride All + + IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/12.04/templates/web/apache2/phpfcgid.sh b/install/ubuntu/12.04/templates/web/apache2/phpfcgid.sh new file mode 100755 index 000000000..e80582492 --- /dev/null +++ b/install/ubuntu/12.04/templates/web/apache2/phpfcgid.sh @@ -0,0 +1,22 @@ +#!/bin/bash +# Adding php wrapper +user="$1" +domain="$2" +ip="$3" +home_dir="$4" +docroot="$5" + +wrapper_script="#!/bin/sh +PHPRC=/usr/local/lib +export PHPRC +export PHP_FCGI_MAX_REQUESTS=1000 +export PHP_FCGI_CHILDREN=20 +exec /usr/bin/php-cgi +" +wrapper_file="$home_dir/$user/web/$domain/cgi-bin/fcgi-starter" + +echo "$wrapper_script" > $wrapper_file +chown $user:$user $wrapper_file +chmod -f 751 $wrapper_file + +exit 0 diff --git a/install/ubuntu/12.04/templates/web/apache2/phpfcgid.stpl b/install/ubuntu/12.04/templates/web/apache2/phpfcgid.stpl new file mode 100755 index 000000000..622495756 --- /dev/null +++ b/install/ubuntu/12.04/templates/web/apache2/phpfcgid.stpl @@ -0,0 +1,36 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + SSLRequireSSL + AllowOverride All + Options +Includes -Indexes +ExecCGI + + SetHandler fcgid-script + + FCGIWrapper %home%/%user%/web/%domain%/cgi-bin/fcgi-starter .php + + + AllowOverride All + + php_admin_value open_basedir none + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/12.04/templates/web/apache2/phpfcgid.tpl b/install/ubuntu/12.04/templates/web/apache2/phpfcgid.tpl new file mode 100755 index 000000000..5c1f16e20 --- /dev/null +++ b/install/ubuntu/12.04/templates/web/apache2/phpfcgid.tpl @@ -0,0 +1,28 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes +ExecCGI + + SetHandler fcgid-script + + FCGIWrapper %home%/%user%/web/%domain%/cgi-bin/fcgi-starter .php + + + AllowOverride All + + IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/12.04/templates/web/awstats/awstats.tpl b/install/ubuntu/12.04/templates/web/awstats/awstats.tpl new file mode 100755 index 000000000..9a92e0fd4 --- /dev/null +++ b/install/ubuntu/12.04/templates/web/awstats/awstats.tpl @@ -0,0 +1,133 @@ +LogFile="/var/log/%web_system%/domains/%domain%.log" +LogType=W +LogFormat=1 +LogSeparator=" " +SiteDomain="%domain_idn%" +HostAliases="%alias_idn%" +DirData="%home%/%user%/web/%domain%/stats" +DirCgi="/vstats" +DirIcons="/vstats/icon" +AllowToUpdateStatsFromBrowser=0 +AllowFullYearView=2 +EnableLockForUpdate=1 +DNSStaticCacheFile="dnscache.txt" +DNSLastUpdateCacheFile="dnscachelastupdate.txt" +SkipDNSLookupFor="" +AllowAccessFromWebToAuthenticatedUsersOnly=0 +AllowAccessFromWebToFollowingAuthenticatedUsers="" +AllowAccessFromWebToFollowingIPAddresses="" +CreateDirDataIfNotExists=0 +BuildHistoryFormat=text +BuildReportFormat=html +SaveDatabaseFilesWithPermissionsForEveryone=0 +PurgeLogFile=0 +ArchiveLogRecords=0 +KeepBackupOfHistoricFiles=1 +DefaultFile="index.php index.html" +SkipHosts="127.0.0.1 +SkipUserAgents="" +SkipFiles="" +SkipReferrersBlackList="" +OnlyHosts="" +OnlyUserAgents="" +OnlyUsers="" +OnlyFiles="" +NotPageList="css js class gif jpg jpeg png bmp ico rss xml swf" +ValidHTTPCodes="200 304" +ValidSMTPCodes="1 250" +AuthenticatedUsersNotCaseSensitive=0 +URLNotCaseSensitive=0 +URLWithAnchor=0 +URLQuerySeparators="?;" +URLWithQuery=0 +URLWithQueryWithOnlyFollowingParameters="" +URLWithQueryWithoutFollowingParameters="" +URLReferrerWithQuery=0 +WarningMessages=1 +ErrorMessages="" +DebugMessages=0 +NbOfLinesForCorruptedLog=50 +WrapperScript="" +DecodeUA=0 +MiscTrackerUrl="/js/awstats_misc_tracker.js" +UseFramesWhenCGI=1 +DetailedReportsOnNewWindows=1 +Expires=3600 +MaxRowsInHTMLOutput=1000 +Lang="auto" +DirLang="./lang" +ShowMenu=1 +ShowSummary=UVPHB +ShowMonthStats=UVPHB +ShowDaysOfMonthStats=VPHB +ShowDaysOfWeekStats=PHB +ShowHoursStats=PHB +ShowDomainsStats=PHB +ShowHostsStats=PHBL +ShowAuthenticatedUsers=0 +ShowRobotsStats=HBL +ShowWormsStats=0 +ShowEMailSenders=0 +ShowEMailReceivers=0 +ShowSessionsStats=1 +ShowPagesStats=PBEX +ShowFileTypesStats=HB +ShowFileSizesStats=0 +ShowDownloadsStats=HB +ShowOSStats=1 +ShowBrowsersStats=1 +ShowScreenSizeStats=0 +ShowOriginStats=PH +ShowKeyphrasesStats=1 +ShowKeywordsStats=1 +ShowMiscStats=a +ShowHTTPErrorsStats=1 +ShowSMTPErrorsStats=0 +ShowClusterStats=0 +AddDataArrayMonthStats=1 +AddDataArrayShowDaysOfMonthStats=1 +AddDataArrayShowDaysOfWeekStats=1 +AddDataArrayShowHoursStats=1 +IncludeInternalLinksInOriginSection=0 +MaxNbOfDomain = 10 +MinHitDomain = 1 +MaxNbOfHostsShown = 10 +MinHitHost = 1 +MaxNbOfLoginShown = 10 +MinHitLogin = 1 +MaxNbOfRobotShown = 10 +MinHitRobot = 1 +MaxNbOfDownloadsShown = 10 +MinHitDownloads = 1 +MaxNbOfPageShown = 10 +MinHitFile = 1 +MaxNbOfOsShown = 10 +MinHitOs = 1 +MaxNbOfBrowsersShown = 10 +MinHitBrowser = 1 +MaxNbOfScreenSizesShown = 5 +MinHitScreenSize = 1 +MaxNbOfWindowSizesShown = 5 +MinHitWindowSize = 1 +MaxNbOfRefererShown = 10 +MinHitRefer = 1 +MaxNbOfKeyphrasesShown = 10 +MinHitKeyphrase = 1 +MaxNbOfKeywordsShown = 10 +MinHitKeyword = 1 +MaxNbOfEMailsShown = 20 +MinHitEMail = 1 +FirstDayOfWeek=0 +ShowFlagLinks="" +ShowLinksOnUrl=1 +UseHTTPSLinkForUrl="" +MaxLengthOfShownURL=64 +HTMLHeadSection="" +HTMLEndSection="" +MetaRobot=0 +Logo="awstats_logo6.png" +LogoLink="http://awstats.sourceforge.net" +BarWidth = 260 +BarHeight = 90 +StyleSheet="" +ExtraTrackedRowsLimit=500 diff --git a/install/ubuntu/12.04/templates/web/awstats/index.tpl b/install/ubuntu/12.04/templates/web/awstats/index.tpl new file mode 100755 index 000000000..9df9bb5cb --- /dev/null +++ b/install/ubuntu/12.04/templates/web/awstats/index.tpl @@ -0,0 +1,10 @@ + + + + Awstats log analyzer + + + + + + diff --git a/install/ubuntu/12.04/templates/web/awstats/nav.tpl b/install/ubuntu/12.04/templates/web/awstats/nav.tpl new file mode 100755 index 000000000..f29bed68b --- /dev/null +++ b/install/ubuntu/12.04/templates/web/awstats/nav.tpl @@ -0,0 +1,23 @@ + + + Awstats navigation + + + + + + + + +
vesta
+ +
+
+ + diff --git a/install/ubuntu/12.04/templates/web/nginx/caching.sh b/install/ubuntu/12.04/templates/web/nginx/caching.sh new file mode 100755 index 000000000..6eb9126db --- /dev/null +++ b/install/ubuntu/12.04/templates/web/nginx/caching.sh @@ -0,0 +1,12 @@ +#!/bin/bash + +user=$1 +domain=$2 +ip=$3 +home=$4 +docroot=$5 + +str="proxy_cache_path /var/cache/nginx/$domain levels=2" +str="$str keys_zone=$domain:10m inactive=60m max_size=512m;" +echo "$str" >> /etc/nginx/conf.d/01_caching_pool.conf + diff --git a/install/ubuntu/templates/web/nginx/caching.stpl b/install/ubuntu/12.04/templates/web/nginx/caching.stpl similarity index 100% rename from install/ubuntu/templates/web/nginx/caching.stpl rename to install/ubuntu/12.04/templates/web/nginx/caching.stpl diff --git a/install/ubuntu/templates/web/nginx/caching.tpl b/install/ubuntu/12.04/templates/web/nginx/caching.tpl similarity index 95% rename from install/ubuntu/templates/web/nginx/caching.tpl rename to install/ubuntu/12.04/templates/web/nginx/caching.tpl index 1462f9e1f..36761b65c 100755 --- a/install/ubuntu/templates/web/nginx/caching.tpl +++ b/install/ubuntu/12.04/templates/web/nginx/caching.tpl @@ -37,5 +37,5 @@ server { location ~ /\.hg/ {return 404;} location ~ /\.bzr/ {return 404;} - include %home%/%user%/web/conf/nginx.%domain%.conf*; + include %home%/%user%/conf/web/nginx.%domain%.conf*; } diff --git a/install/ubuntu/12.04/templates/web/nginx/default.stpl b/install/ubuntu/12.04/templates/web/nginx/default.stpl new file mode 100755 index 000000000..fa5380606 --- /dev/null +++ b/install/ubuntu/12.04/templates/web/nginx/default.stpl @@ -0,0 +1,36 @@ +server { + listen %ip%:%proxy_ssl_port%; + server_name %domain_idn% %alias_idn%; + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass https://%ip%:%web_ssl_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %sdocroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass https://%ip%:%web_ssl_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} + diff --git a/install/ubuntu/12.04/templates/web/nginx/default.tpl b/install/ubuntu/12.04/templates/web/nginx/default.tpl new file mode 100755 index 000000000..4d5c774bc --- /dev/null +++ b/install/ubuntu/12.04/templates/web/nginx/default.tpl @@ -0,0 +1,33 @@ +server { + listen %ip%:%proxy_port%; + server_name %domain_idn% %alias_idn%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass http://%ip%:%web_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %docroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass http://%ip%:%web_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} + diff --git a/install/ubuntu/12.04/templates/web/nginx/hosting.sh b/install/ubuntu/12.04/templates/web/nginx/hosting.sh new file mode 100755 index 000000000..eeed37ef9 --- /dev/null +++ b/install/ubuntu/12.04/templates/web/nginx/hosting.sh @@ -0,0 +1,11 @@ +#!/bin/bash +# Changing public_html permission +user="$1" +domain="$2" +ip="$3" +home_dir="$4" +docroot="$5" + +chmod 755 $docroot + +exit 0 diff --git a/install/ubuntu/12.04/templates/web/nginx/hosting.stpl b/install/ubuntu/12.04/templates/web/nginx/hosting.stpl new file mode 100755 index 000000000..d778d6333 --- /dev/null +++ b/install/ubuntu/12.04/templates/web/nginx/hosting.stpl @@ -0,0 +1,38 @@ +server { + listen %ip%:%proxy_ssl_port%; + server_name %domain_idn% %alias_idn%; + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass https://%ip%:%web_ssl_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %sdocroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass https://%ip%:%web_ssl_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + disable_symlinks if_not_owner from=%docroot%; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} + diff --git a/install/ubuntu/12.04/templates/web/nginx/hosting.tpl b/install/ubuntu/12.04/templates/web/nginx/hosting.tpl new file mode 100755 index 000000000..15961c95c --- /dev/null +++ b/install/ubuntu/12.04/templates/web/nginx/hosting.tpl @@ -0,0 +1,35 @@ +server { + listen %ip%:%proxy_port%; + server_name %domain_idn% %alias_idn%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass http://%ip%:%web_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %docroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass http://%ip%:%web_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + disable_symlinks if_not_owner from=%docroot%; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} + diff --git a/install/ubuntu/12.04/templates/web/nginx/php5-fpm/cms_made_simple.stpl b/install/ubuntu/12.04/templates/web/nginx/php5-fpm/cms_made_simple.stpl new file mode 100644 index 000000000..01d82b603 --- /dev/null +++ b/install/ubuntu/12.04/templates/web/nginx/php5-fpm/cms_made_simple.stpl @@ -0,0 +1,51 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php?page=$request_uri; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.04/templates/web/nginx/php5-fpm/cms_made_simple.tpl b/install/ubuntu/12.04/templates/web/nginx/php5-fpm/cms_made_simple.tpl new file mode 100644 index 000000000..af452d19f --- /dev/null +++ b/install/ubuntu/12.04/templates/web/nginx/php5-fpm/cms_made_simple.tpl @@ -0,0 +1,47 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php?page=$request_uri; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.04/templates/web/nginx/php5-fpm/codeigniter2.stpl b/install/ubuntu/12.04/templates/web/nginx/php5-fpm/codeigniter2.stpl new file mode 100644 index 000000000..a592a652d --- /dev/null +++ b/install/ubuntu/12.04/templates/web/nginx/php5-fpm/codeigniter2.stpl @@ -0,0 +1,56 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location = /index.php { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME /var/www/html/ci$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location ~ \.php$ { + return 444; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.04/templates/web/nginx/php5-fpm/codeigniter2.tpl b/install/ubuntu/12.04/templates/web/nginx/php5-fpm/codeigniter2.tpl new file mode 100644 index 000000000..9b955aa6a --- /dev/null +++ b/install/ubuntu/12.04/templates/web/nginx/php5-fpm/codeigniter2.tpl @@ -0,0 +1,52 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location = /index.php { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME /var/www/html/ci$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location ~ \.php$ { + return 444; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.04/templates/web/nginx/php5-fpm/codeigniter3.stpl b/install/ubuntu/12.04/templates/web/nginx/php5-fpm/codeigniter3.stpl new file mode 100644 index 000000000..4d330d34f --- /dev/null +++ b/install/ubuntu/12.04/templates/web/nginx/php5-fpm/codeigniter3.stpl @@ -0,0 +1,51 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.04/templates/web/nginx/php5-fpm/codeigniter3.tpl b/install/ubuntu/12.04/templates/web/nginx/php5-fpm/codeigniter3.tpl new file mode 100644 index 000000000..1f446e5d3 --- /dev/null +++ b/install/ubuntu/12.04/templates/web/nginx/php5-fpm/codeigniter3.tpl @@ -0,0 +1,47 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.04/templates/web/nginx/php5-fpm/datalife_engine.stpl b/install/ubuntu/12.04/templates/web/nginx/php5-fpm/datalife_engine.stpl new file mode 100644 index 000000000..d1b5bcd24 --- /dev/null +++ b/install/ubuntu/12.04/templates/web/nginx/php5-fpm/datalife_engine.stpl @@ -0,0 +1,122 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + rewrite "^/page/([0-9]+)(/?)$" /index.php?cstart=$1 last; + + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&cstart=$5&news_name=$6&seourl=$6 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/print:page,([0-9]+),(.*).html(/?)+$" /engine/print.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_name=$4&seourl=$4 last; + + rewrite "^/([^.]+)/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$4&news_page=$2&cstart=$3&seourl=$5&seocat=$1 last; + rewrite "^/([^.]+)/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$2&seourl=$4&seocat=$1 last; + rewrite "^/([^.]+)/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$2&newsid=$3&seourl=$4&seocat=$1 last; + rewrite "^/([^.]+)/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&seourl=$3&seocat=$1 last; + + rewrite "^/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$1&cstart=$2&seourl=$4 last; + rewrite "^/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&news_page=$1&seourl=$3 last; + rewrite "^/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$1&newsid=$2&seourl=$3 last; + rewrite "^/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$1&seourl=$2 last; + + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2&day=$3 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&day=$3&cstart=$4 last; + + rewrite "^/([0-9]{4})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2 last; + rewrite "^/([0-9]{4})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&cstart=$3 last; + + rewrite "^/([0-9]{4})(/?)+$" /index.php?year=$1 last; + rewrite "^/([0-9]{4})/page/([0-9]+)(/?)+$" /index.php?year=$1&cstart=$2 last; + + rewrite "^/tags/([^/]*)(/?)+$" /index.php?do=tags&tag=$1 last; + rewrite "^/tags/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=tags&tag=$1&cstart=$2 last; + + rewrite "^/xfsearch/([^/]*)(/?)+$" /index.php?do=xfsearch&xf=$1 last; + rewrite "^/xfsearch/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=xfsearch&xf=$1&cstart=$2 last; + + rewrite "^/user/([^/]*)/rss.xml$" /engine/rss.php?subaction=allnews&user=$1 last; + rewrite "^/user/([^/]*)(/?)+$" /index.php?subaction=userinfo&user=$1 last; + rewrite "^/user/([^/]*)/page/([0-9]+)(/?)+$" /index.php?subaction=userinfo&user=$1&cstart=$2 last; + rewrite "^/user/([^/]*)/news(/?)+$" /index.php?subaction=allnews&user=$1 last; + rewrite "^/user/([^/]*)/news/page/([0-9]+)(/?)+$" /index.php?subaction=allnews&user=$1&cstart=$2 last; + rewrite "^/user/([^/]*)/news/rss.xml(/?)+$" /engine/rss.php?subaction=allnews&user=$1 last; + + rewrite "^/lastnews(/?)+$" /index.php?do=lastnews last; + rewrite "^/lastnews/page/([0-9]+)(/?)+$" /index.php?do=lastnews&cstart=$1 last; + + rewrite "^/catalog/([^/]*)/rss.xml$" /engine/rss.php?catalog=$1 last; + rewrite "^/catalog/([^/]*)(/?)+$" /index.php?catalog=$1 last; + rewrite "^/catalog/([^/]*)/page/([0-9]+)(/?)+$" /index.php?catalog=$1&cstart=$2 last; + + rewrite "^/newposts(/?)+$" /index.php?subaction=newposts last; + rewrite "^/newposts/page/([0-9]+)(/?)+$" /index.php?subaction=newposts&cstart=$1 last; + + rewrite "^/favorites(/?)+$" /index.php?do=favorites last; + rewrite "^/favorites/page/([0-9]+)(/?)+$" /index.php?do=favorites&cstart=$1 last; + + rewrite "^/rules.html$" /index.php?do=rules last; + rewrite "^/statistics.html$" /index.php?do=stats last; + rewrite "^/addnews.html$" /index.php?do=addnews last; + rewrite "^/rss.xml$" /engine/rss.php last; + rewrite "^/sitemap.xml$" /uploads/sitemap.xml last; + + if (!-d $request_filename) { + rewrite "^/([^.]+)/page/([0-9]+)(/?)+$" /index.php?do=cat&category=$1&cstart=$2 last; + rewrite "^/([^.]+)/?$" /index.php?do=cat&category=$1 last; + } + + if (!-f $request_filename) { + rewrite "^/([^.]+)/rss.xml$" /engine/rss.php?do=cat&category=$1 last; + rewrite "^/page,([0-9]+),([^/]+).html$" /index.php?do=static&page=$2&news_page=$1 last; + rewrite "^/print:([^/]+).html$" /engine/print.php?do=static&page=$1 last; + } + + if (!-f $request_filename) { + rewrite "^/([^/]+).html$" /index.php?do=static&page=$1 last; + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.04/templates/web/nginx/php5-fpm/datalife_engine.tpl b/install/ubuntu/12.04/templates/web/nginx/php5-fpm/datalife_engine.tpl new file mode 100644 index 000000000..ff33c2325 --- /dev/null +++ b/install/ubuntu/12.04/templates/web/nginx/php5-fpm/datalife_engine.tpl @@ -0,0 +1,118 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + rewrite "^/page/([0-9]+)(/?)$" /index.php?cstart=$1 last; + + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&cstart=$5&news_name=$6&seourl=$6 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/print:page,([0-9]+),(.*).html(/?)+$" /engine/print.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_name=$4&seourl=$4 last; + + rewrite "^/([^.]+)/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$4&news_page=$2&cstart=$3&seourl=$5&seocat=$1 last; + rewrite "^/([^.]+)/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$2&seourl=$4&seocat=$1 last; + rewrite "^/([^.]+)/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$2&newsid=$3&seourl=$4&seocat=$1 last; + rewrite "^/([^.]+)/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&seourl=$3&seocat=$1 last; + + rewrite "^/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$1&cstart=$2&seourl=$4 last; + rewrite "^/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&news_page=$1&seourl=$3 last; + rewrite "^/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$1&newsid=$2&seourl=$3 last; + rewrite "^/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$1&seourl=$2 last; + + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2&day=$3 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&day=$3&cstart=$4 last; + + rewrite "^/([0-9]{4})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2 last; + rewrite "^/([0-9]{4})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&cstart=$3 last; + + rewrite "^/([0-9]{4})(/?)+$" /index.php?year=$1 last; + rewrite "^/([0-9]{4})/page/([0-9]+)(/?)+$" /index.php?year=$1&cstart=$2 last; + + rewrite "^/tags/([^/]*)(/?)+$" /index.php?do=tags&tag=$1 last; + rewrite "^/tags/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=tags&tag=$1&cstart=$2 last; + + rewrite "^/xfsearch/([^/]*)(/?)+$" /index.php?do=xfsearch&xf=$1 last; + rewrite "^/xfsearch/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=xfsearch&xf=$1&cstart=$2 last; + + rewrite "^/user/([^/]*)/rss.xml$" /engine/rss.php?subaction=allnews&user=$1 last; + rewrite "^/user/([^/]*)(/?)+$" /index.php?subaction=userinfo&user=$1 last; + rewrite "^/user/([^/]*)/page/([0-9]+)(/?)+$" /index.php?subaction=userinfo&user=$1&cstart=$2 last; + rewrite "^/user/([^/]*)/news(/?)+$" /index.php?subaction=allnews&user=$1 last; + rewrite "^/user/([^/]*)/news/page/([0-9]+)(/?)+$" /index.php?subaction=allnews&user=$1&cstart=$2 last; + rewrite "^/user/([^/]*)/news/rss.xml(/?)+$" /engine/rss.php?subaction=allnews&user=$1 last; + + rewrite "^/lastnews(/?)+$" /index.php?do=lastnews last; + rewrite "^/lastnews/page/([0-9]+)(/?)+$" /index.php?do=lastnews&cstart=$1 last; + + rewrite "^/catalog/([^/]*)/rss.xml$" /engine/rss.php?catalog=$1 last; + rewrite "^/catalog/([^/]*)(/?)+$" /index.php?catalog=$1 last; + rewrite "^/catalog/([^/]*)/page/([0-9]+)(/?)+$" /index.php?catalog=$1&cstart=$2 last; + + rewrite "^/newposts(/?)+$" /index.php?subaction=newposts last; + rewrite "^/newposts/page/([0-9]+)(/?)+$" /index.php?subaction=newposts&cstart=$1 last; + + rewrite "^/favorites(/?)+$" /index.php?do=favorites last; + rewrite "^/favorites/page/([0-9]+)(/?)+$" /index.php?do=favorites&cstart=$1 last; + + rewrite "^/rules.html$" /index.php?do=rules last; + rewrite "^/statistics.html$" /index.php?do=stats last; + rewrite "^/addnews.html$" /index.php?do=addnews last; + rewrite "^/rss.xml$" /engine/rss.php last; + rewrite "^/sitemap.xml$" /uploads/sitemap.xml last; + + if (!-d $request_filename) { + rewrite "^/([^.]+)/page/([0-9]+)(/?)+$" /index.php?do=cat&category=$1&cstart=$2 last; + rewrite "^/([^.]+)/?$" /index.php?do=cat&category=$1 last; + } + + if (!-f $request_filename) { + rewrite "^/([^.]+)/rss.xml$" /engine/rss.php?do=cat&category=$1 last; + rewrite "^/page,([0-9]+),([^/]+).html$" /index.php?do=static&page=$2&news_page=$1 last; + rewrite "^/print:([^/]+).html$" /engine/print.php?do=static&page=$1 last; + } + + if (!-f $request_filename) { + rewrite "^/([^/]+).html$" /index.php?do=static&page=$1 last; + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.04/templates/web/nginx/php5-fpm/default.stpl b/install/ubuntu/12.04/templates/web/nginx/php5-fpm/default.stpl new file mode 100644 index 000000000..a68c99861 --- /dev/null +++ b/install/ubuntu/12.04/templates/web/nginx/php5-fpm/default.stpl @@ -0,0 +1,50 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.04/templates/web/nginx/php5-fpm/default.tpl b/install/ubuntu/12.04/templates/web/nginx/php5-fpm/default.tpl new file mode 100644 index 000000000..b143e53ba --- /dev/null +++ b/install/ubuntu/12.04/templates/web/nginx/php5-fpm/default.tpl @@ -0,0 +1,46 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.04/templates/web/nginx/php5-fpm/dokuwiki.stpl b/install/ubuntu/12.04/templates/web/nginx/php5-fpm/dokuwiki.stpl new file mode 100644 index 000000000..27483cd8c --- /dev/null +++ b/install/ubuntu/12.04/templates/web/nginx/php5-fpm/dokuwiki.stpl @@ -0,0 +1,67 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + index doku.php; + try_files $uri $uri/ @dokuwiki; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location ^~ /lib/ { + expires 30d; + } + + location ^~ /conf/ { return 403; } + location ^~ /data/ { return 403; } + + location @dokuwiki { + rewrite ^/_media/(.*) /lib/exe/fetch.php?media=$1 last; + rewrite ^/_detail/(.*) /lib/exe/detail.php?media=$1 last; + rewrite ^/_export/([^/]+)/(.*) /doku.php?do=export_$1&id=$2 last; + rewrite ^/(.*) /doku.php?id=$1 last; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.04/templates/web/nginx/php5-fpm/dokuwiki.tpl b/install/ubuntu/12.04/templates/web/nginx/php5-fpm/dokuwiki.tpl new file mode 100644 index 000000000..31647c9ff --- /dev/null +++ b/install/ubuntu/12.04/templates/web/nginx/php5-fpm/dokuwiki.tpl @@ -0,0 +1,62 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + index doku.php; + try_files $uri $uri/ @dokuwiki; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location ^~ /lib/ { + expires 30d; + } + + location ^~ /conf/ { return 403; } + location ^~ /data/ { return 403; } + location @dokuwiki { + rewrite ^/_media/(.*) /lib/exe/fetch.php?media=$1 last; + rewrite ^/_detail/(.*) /lib/exe/detail.php?media=$1 last; + rewrite ^/_export/([^/]+)/(.*) /doku.php?do=export_$1&id=$2 last; + rewrite ^/(.*) /doku.php?id=$1 last; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.04/templates/web/nginx/php5-fpm/drupal.stpl b/install/ubuntu/12.04/templates/web/nginx/php5-fpm/drupal.stpl new file mode 100644 index 000000000..9a5484396 --- /dev/null +++ b/install/ubuntu/12.04/templates/web/nginx/php5-fpm/drupal.stpl @@ -0,0 +1,101 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~* \.(txt|log)$ { + allow 192.168.0.0/16; + deny all; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + # No no for private + location ~ ^/sites/.*/private/ { + return 403; + } + + # Block access to "hidden" files and directories whose names begin with a + # period. This includes directories used by version control systems such + # as Subversion or Git to store control files. + location ~ (^|/)\. { + return 403; + } + + location / { + try_files $uri @rewrite; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $request_filename; + fastcgi_intercept_errors on; + include /etc/nginx/fastcgi_params; + } + } + + location @rewrite { + # You have 2 options here + # For D7 and above: + # Clean URLs are handled in drupal_environment_initialize(). + rewrite ^ /index.php; + + # For Drupal 6 and bwlow: + # Some modules enforce no slash (/) at the end of the URL + # Else this rewrite block wouldn't be needed (GlobalRedirect) + #rewrite ^/(.*)$ /index.php?q=$1; + } + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.04/templates/web/nginx/php5-fpm/drupal.tpl b/install/ubuntu/12.04/templates/web/nginx/php5-fpm/drupal.tpl new file mode 100644 index 000000000..417762c18 --- /dev/null +++ b/install/ubuntu/12.04/templates/web/nginx/php5-fpm/drupal.tpl @@ -0,0 +1,98 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + # Very rarely should these ever be accessed outside of your lan + location ~* \.(txt|log)$ { + allow 192.168.0.0/16; + deny all; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + # No no for private + location ~ ^/sites/.*/private/ { + return 403; + } + + # Block access to "hidden" files and directories whose names begin with a + # period. This includes directories used by version control systems such + # as Subversion or Git to store control files. + location ~ (^|/)\. { + return 403; + } + + location / { + try_files $uri @rewrite; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $request_filename; + fastcgi_intercept_errors on; + include /etc/nginx/fastcgi_params; + } + } + + location @rewrite { + # You have 2 options here + # For D7 and above: + # Clean URLs are handled in drupal_environment_initialize(). + rewrite ^ /index.php; + + # For Drupal 6 and bwlow: + # Some modules enforce no slash (/) at the end of the URL + # Else this rewrite block wouldn't be needed (GlobalRedirect) + #rewrite ^/(.*)$ /index.php?q=$1; + } + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.04/templates/web/nginx/php5-fpm/joomla.stpl b/install/ubuntu/12.04/templates/web/nginx/php5-fpm/joomla.stpl new file mode 100644 index 000000000..235a01216 --- /dev/null +++ b/install/ubuntu/12.04/templates/web/nginx/php5-fpm/joomla.stpl @@ -0,0 +1,58 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + # deny running scripts inside writable directories + location ~* /(images|cache|media|logs|tmp)/.*\.(php|pl|py|jsp|asp|sh|cgi)$ { + return 403; + error_page 403 /403_error.html; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.04/templates/web/nginx/php5-fpm/joomla.tpl b/install/ubuntu/12.04/templates/web/nginx/php5-fpm/joomla.tpl new file mode 100644 index 000000000..997c268de --- /dev/null +++ b/install/ubuntu/12.04/templates/web/nginx/php5-fpm/joomla.tpl @@ -0,0 +1,54 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + # deny running scripts inside writable directories + location ~* /(images|cache|media|logs|tmp)/.*\.(php|pl|py|jsp|asp|sh|cgi)$ { + return 403; + error_page 403 /403_error.html; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.04/templates/web/nginx/php5-fpm/owncloud.stpl b/install/ubuntu/12.04/templates/web/nginx/php5-fpm/owncloud.stpl new file mode 100644 index 000000000..8311ca43f --- /dev/null +++ b/install/ubuntu/12.04/templates/web/nginx/php5-fpm/owncloud.stpl @@ -0,0 +1,80 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect; + rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect; + rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect; + + error_page 403 = /core/templates/403.php; + error_page 404 = /core/templates/404.php; + + location ~ ^/(?:\.htaccess|data|config|db_structure\.xml|README){ + deny all; + } + + location / { + # The following 2 rules are only needed with webfinger + rewrite ^/.well-known/host-meta /public.php?service=host-meta last; + rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last; + rewrite ^/.well-known/carddav /remote.php/carddav/ redirect; + rewrite ^/.well-known/caldav /remote.php/caldav/ redirect; + rewrite ^(/core/doc/[^\/]+/)$ $1/index.html; + try_files $uri $uri/ /index.php; + + location ~ \.php(?:$|/) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param PATH_INFO $fastcgi_path_info; + #fastcgi_param HTTPS on; + fastcgi_pass %backend_lsnr%; + } + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + # Some basic cache-control for static files to be sent to the browser + add_header Pragma public; + add_header Cache-Control "public, must-revalidate, proxy-revalidate"; + } + + #error_page 403 /error/404.html; + #error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.04/templates/web/nginx/php5-fpm/owncloud.tpl b/install/ubuntu/12.04/templates/web/nginx/php5-fpm/owncloud.tpl new file mode 100644 index 000000000..57cac2f85 --- /dev/null +++ b/install/ubuntu/12.04/templates/web/nginx/php5-fpm/owncloud.tpl @@ -0,0 +1,76 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect; + rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect; + rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect; + + error_page 403 = /core/templates/403.php; + error_page 404 = /core/templates/404.php; + + location ~ ^/(?:\.htaccess|data|config|db_structure\.xml|README){ + deny all; + } + + location / { + # The following 2 rules are only needed with webfinger + rewrite ^/.well-known/host-meta /public.php?service=host-meta last; + rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last; + rewrite ^/.well-known/carddav /remote.php/carddav/ redirect; + rewrite ^/.well-known/caldav /remote.php/caldav/ redirect; + rewrite ^(/core/doc/[^\/]+/)$ $1/index.html; + try_files $uri $uri/ /index.php; + + location ~ \.php(?:$|/) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param PATH_INFO $fastcgi_path_info; + #fastcgi_param HTTPS on; + fastcgi_pass %backend_lsnr%; + } + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + # Some basic cache-control for static files to be sent to the browser + add_header Pragma public; + add_header Cache-Control "public, must-revalidate, proxy-revalidate"; + } + + #error_page 403 /error/404.html; + #error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.04/templates/web/nginx/php5-fpm/piwik.stpl b/install/ubuntu/12.04/templates/web/nginx/php5-fpm/piwik.stpl new file mode 100644 index 000000000..c53af4011 --- /dev/null +++ b/install/ubuntu/12.04/templates/web/nginx/php5-fpm/piwik.stpl @@ -0,0 +1,68 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + try_files /favicon.ico =204; + } + + location / { + try_files $uri /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + valid_referers none blocked %domain_idn% %alias_idn%; + if ($invalid_referer) { + return 444; + } + expires max; + } + + location ~* ^/(?:index|piwik)\.php$ { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + # Any other attempt to access PHP files returns a 404. + location ~* ^.+\.php$ { + return 404; + } + + # Return a 404 for all text files. + location ~* ^/(?:README|LICENSE[^.]*|LEGALNOTICE)(?:\.txt)*$ { + return 404; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.04/templates/web/nginx/php5-fpm/piwik.tpl b/install/ubuntu/12.04/templates/web/nginx/php5-fpm/piwik.tpl new file mode 100644 index 000000000..6b4a94a68 --- /dev/null +++ b/install/ubuntu/12.04/templates/web/nginx/php5-fpm/piwik.tpl @@ -0,0 +1,64 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + try_files /favicon.ico =204; + } + + location / { + try_files $uri /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + valid_referers none blocked %domain_idn% %alias_idn%; + if ($invalid_referer) { + return 444; + } + expires max; + } + + location ~* ^/(?:index|piwik)\.php$ { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + # Any other attempt to access PHP files returns a 404. + location ~* ^.+\.php$ { + return 404; + } + + # Return a 404 for all text files. + location ~* ^/(?:README|LICENSE[^.]*|LEGALNOTICE)(?:\.txt)*$ { + return 404; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.04/templates/web/nginx/php5-fpm/pyrocms.stpl b/install/ubuntu/12.04/templates/web/nginx/php5-fpm/pyrocms.stpl new file mode 100644 index 000000000..a6fc67556 --- /dev/null +++ b/install/ubuntu/12.04/templates/web/nginx/php5-fpm/pyrocms.stpl @@ -0,0 +1,61 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location /installer { + try_files $uri $uri/ /installer/index.php; + } + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location = /robots.txt { access_log off; log_not_found off; } + location = /favicon.ico { access_log off; log_not_found off; } + location ~ /\. { access_log off; log_not_found off; deny all; } + location ~ ~$ { access_log off; log_not_found off; deny all; } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.04/templates/web/nginx/php5-fpm/pyrocms.tpl b/install/ubuntu/12.04/templates/web/nginx/php5-fpm/pyrocms.tpl new file mode 100644 index 000000000..68b378efd --- /dev/null +++ b/install/ubuntu/12.04/templates/web/nginx/php5-fpm/pyrocms.tpl @@ -0,0 +1,57 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location /installer { + try_files $uri $uri/ /installer/index.php; + } + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location = /robots.txt { access_log off; log_not_found off; } + location = /favicon.ico { access_log off; log_not_found off; } + location ~ /\. { access_log off; log_not_found off; deny all; } + location ~ ~$ { access_log off; log_not_found off; deny all; } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.04/templates/web/nginx/php5-fpm/wordpress.stpl b/install/ubuntu/12.04/templates/web/nginx/php5-fpm/wordpress.stpl new file mode 100644 index 000000000..910c28b69 --- /dev/null +++ b/install/ubuntu/12.04/templates/web/nginx/php5-fpm/wordpress.stpl @@ -0,0 +1,50 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.04/templates/web/nginx/php5-fpm/wordpress.tpl b/install/ubuntu/12.04/templates/web/nginx/php5-fpm/wordpress.tpl new file mode 100644 index 000000000..b143e53ba --- /dev/null +++ b/install/ubuntu/12.04/templates/web/nginx/php5-fpm/wordpress.tpl @@ -0,0 +1,46 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.04/templates/web/nginx/php5-fpm/wordpress2.stpl b/install/ubuntu/12.04/templates/web/nginx/php5-fpm/wordpress2.stpl new file mode 100644 index 000000000..2822f8754 --- /dev/null +++ b/install/ubuntu/12.04/templates/web/nginx/php5-fpm/wordpress2.stpl @@ -0,0 +1,62 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.04/templates/web/nginx/php5-fpm/wordpress2.tpl b/install/ubuntu/12.04/templates/web/nginx/php5-fpm/wordpress2.tpl new file mode 100644 index 000000000..37b8be305 --- /dev/null +++ b/install/ubuntu/12.04/templates/web/nginx/php5-fpm/wordpress2.tpl @@ -0,0 +1,58 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.04/templates/web/nginx/proxy_ip.tpl b/install/ubuntu/12.04/templates/web/nginx/proxy_ip.tpl new file mode 100755 index 000000000..ae1956173 --- /dev/null +++ b/install/ubuntu/12.04/templates/web/nginx/proxy_ip.tpl @@ -0,0 +1,9 @@ +server { + listen %ip%:%proxy_port% default; + server_name _; + #access_log /var/log/nginx/%ip%.log main; + location / { + proxy_pass http://%ip%:%web_port%; + } +} + diff --git a/install/ubuntu/12.04/templates/web/php5-fpm/default.tpl b/install/ubuntu/12.04/templates/web/php5-fpm/default.tpl new file mode 100644 index 000000000..44ccf7a42 --- /dev/null +++ b/install/ubuntu/12.04/templates/web/php5-fpm/default.tpl @@ -0,0 +1,18 @@ +[%backend%] +listen = 127.0.0.1:%backend_port% +listen.allowed_clients = 127.0.0.1 + +user = %user% +group = %user% + +pm = dynamic +pm.max_children = 50 +pm.start_servers = 3 +pm.min_spare_servers = 2 +pm.max_spare_servers = 10 + +env[HOSTNAME] = $HOSTNAME +env[PATH] = /usr/local/bin:/usr/bin:/bin +env[TMP] = /tmp +env[TMPDIR] = /tmp +env[TEMP] = /tmp diff --git a/install/ubuntu/12.04/templates/web/php5-fpm/no-php.tpl b/install/ubuntu/12.04/templates/web/php5-fpm/no-php.tpl new file mode 100644 index 000000000..89487d5f5 --- /dev/null +++ b/install/ubuntu/12.04/templates/web/php5-fpm/no-php.tpl @@ -0,0 +1,13 @@ +#[%backend%] +#user = %user% +#group = %user% +#listen = /dev/null + +#listen.owner = %user% +#listen.group = nginx + +#pm = dynamic +#pm.max_children = 50 +#pm.start_servers = 3 +#pm.min_spare_servers = 2 +#pm.max_spare_servers = 10 diff --git a/install/ubuntu/12.04/templates/web/php5-fpm/socket.tpl b/install/ubuntu/12.04/templates/web/php5-fpm/socket.tpl new file mode 100644 index 000000000..f0513da3e --- /dev/null +++ b/install/ubuntu/12.04/templates/web/php5-fpm/socket.tpl @@ -0,0 +1,21 @@ +[%backend%] +listen = /var/run/php5-%backend%.sock +listen.allowed_clients = 127.0.0.1 + +user = %user% +group = %user% + +listen.owner = %user% +listen.group = nginx + +pm = dynamic +pm.max_children = 50 +pm.start_servers = 3 +pm.min_spare_servers = 2 +pm.max_spare_servers = 10 + +env[HOSTNAME] = $HOSTNAME +env[PATH] = /usr/local/bin:/usr/bin:/bin +env[TMP] = /tmp +env[TMPDIR] = /tmp +env[TEMP] = /tmp diff --git a/install/ubuntu/12.04/templates/web/skel/document_errors/403.html b/install/ubuntu/12.04/templates/web/skel/document_errors/403.html new file mode 100755 index 000000000..9c3f6baab --- /dev/null +++ b/install/ubuntu/12.04/templates/web/skel/document_errors/403.html @@ -0,0 +1,29 @@ + + + 403 — Forbidden + + + + + + +

%domain%

+ +

403

+

Forbidden

+
+ Unfortunately, you do not have permission to view this +
+ + + diff --git a/install/ubuntu/12.04/templates/web/skel/document_errors/404.html b/install/ubuntu/12.04/templates/web/skel/document_errors/404.html new file mode 100755 index 000000000..2cee77084 --- /dev/null +++ b/install/ubuntu/12.04/templates/web/skel/document_errors/404.html @@ -0,0 +1,28 @@ + + + 404 — Not Found + + + + + + +

%domain%

+

404

+

Page Not Found

+
+ It seems that the page you were trying to reach does not exist anymore, or maybe it has just moved. + You can start again from the home or go back to previous page. +
+ + diff --git a/install/ubuntu/12.04/templates/web/skel/document_errors/50x.html b/install/ubuntu/12.04/templates/web/skel/document_errors/50x.html new file mode 100755 index 000000000..85ba648b7 --- /dev/null +++ b/install/ubuntu/12.04/templates/web/skel/document_errors/50x.html @@ -0,0 +1,29 @@ + + + 500 — Internal Sever Error + + + + + + +

%domain%

+ +

500

+

Internal Server Error

+
+ Sorry, something went wrong :( +
+ + + diff --git a/install/ubuntu/12.04/templates/web/skel/public_html/index.html b/install/ubuntu/12.04/templates/web/skel/public_html/index.html new file mode 100755 index 000000000..4f5bb7244 --- /dev/null +++ b/install/ubuntu/12.04/templates/web/skel/public_html/index.html @@ -0,0 +1,26 @@ + + + %domain% — Coming Soon + + + + + + +

%domain%

+ + + + + diff --git a/install/ubuntu/12.04/templates/web/skel/public_html/robots.txt b/install/ubuntu/12.04/templates/web/skel/public_html/robots.txt new file mode 100755 index 000000000..00ee83dcf --- /dev/null +++ b/install/ubuntu/12.04/templates/web/skel/public_html/robots.txt @@ -0,0 +1,3 @@ +# vestacp autogenerated robots.txt +User-agent: * +Crawl-delay: 10 diff --git a/install/ubuntu/12.04/templates/web/skel/public_shtml/index.html b/install/ubuntu/12.04/templates/web/skel/public_shtml/index.html new file mode 100755 index 000000000..4f5bb7244 --- /dev/null +++ b/install/ubuntu/12.04/templates/web/skel/public_shtml/index.html @@ -0,0 +1,26 @@ + + + %domain% — Coming Soon + + + + + + +

%domain%

+ + + + + diff --git a/install/ubuntu/12.04/templates/web/skel/public_shtml/robots.txt b/install/ubuntu/12.04/templates/web/skel/public_shtml/robots.txt new file mode 100755 index 000000000..00ee83dcf --- /dev/null +++ b/install/ubuntu/12.04/templates/web/skel/public_shtml/robots.txt @@ -0,0 +1,3 @@ +# vestacp autogenerated robots.txt +User-agent: * +Crawl-delay: 10 diff --git a/install/ubuntu/12.04/templates/web/suspend/.htaccess b/install/ubuntu/12.04/templates/web/suspend/.htaccess new file mode 100755 index 000000000..5a6df83fb --- /dev/null +++ b/install/ubuntu/12.04/templates/web/suspend/.htaccess @@ -0,0 +1,2 @@ +ErrorDocument 403 /index.html +ErrorDocument 404 /index.html diff --git a/install/ubuntu/12.04/templates/web/suspend/index.html b/install/ubuntu/12.04/templates/web/suspend/index.html new file mode 100755 index 000000000..9d4fa67b3 --- /dev/null +++ b/install/ubuntu/12.04/templates/web/suspend/index.html @@ -0,0 +1,27 @@ + + + SUSPEND + + + + + + +

SUSPEND

+

This site has been suspended

+
+ Please contact technical support departament. +
+ + + diff --git a/install/ubuntu/12.04/templates/web/webalizer/webalizer.tpl b/install/ubuntu/12.04/templates/web/webalizer/webalizer.tpl new file mode 100755 index 000000000..068adcfb9 --- /dev/null +++ b/install/ubuntu/12.04/templates/web/webalizer/webalizer.tpl @@ -0,0 +1,110 @@ +HostName %domain_idn% +LogFile /var/log/%web_system%/domains/%domain%.log +OutputDir %home%/%user%/web/%domain%/stats +HistoryName %home%/%user%/web/%domain%/stats/%domain%.hist +Incremental yes +IncrementalName %home%/%user%/web/%domain%/stats/%domain%.current +PageType htm* +PageType cgi +PageType php +PageType shtml +DNSCache /var/lib/webalizer/dns_cache.db +DNSChildren 10 +Quiet yes +FoldSeqErr yes +IndexAlias index.php +HideURL *.gif +HideURL *.GIF +HideURL *.jpg +HideURL *.JPG +HideURL *.png +HideURL *.PNG +HideURL *.ra +SearchEngine abcsearch. terms= +SearchEngine alexa. q= +SearchEngine alltheweb. q= +SearchEngine alltheweb. query= +SearchEngine alot. q= +SearchEngine altavista. q= +SearchEngine aolsearch. query= +SearchEngine aport.ru r= +SearchEngine ask. q= +SearchEngine atlas.cz q= +SearchEngine bbc. q= +SearchEngine bing. q= +SearchEngine blingo. q= +SearchEngine blogs.yandex.ru text= +SearchEngine btopenworld query= +SearchEngine buscador.ya.com q= +SearchEngine busca. q= +SearchEngine business. query= +SearchEngine centrum.cz q= +SearchEngine chiff. q= +SearchEngine clusty. query= +SearchEngine comcast. q= +SearchEngine crawler. q= +SearchEngine cuil. q= +SearchEngine dmoz. search= +SearchEngine dogpile.com q= +SearchEngine dpxml qkw= +SearchEngine eureka. searchword= +SearchEngine euroseek. string= +SearchEngine exalead. q= +SearchEngine excite search= +SearchEngine ezilon. q= +SearchEngine fastbrowsersearch. q= +SearchEngine feedster.com q= +SearchEngine fireball.de q= +SearchEngine fireball. keyword= +SearchEngine freeserve. q= +SearchEngine gigablast. q= +SearchEngine gogo.ru q= +SearchEngine go.mail.ru q= +SearchEngine google. q= +SearchEngine hakia. q= +SearchEngine hotbot. query= +SearchEngine infoseek. qt= +SearchEngine iwon searchfor= +SearchEngine ixquick.com query= +SearchEngine joeant. keywords= +SearchEngine jyxo.cz s= +SearchEngine looksmart. key= +SearchEngine lycos. query= +SearchEngine mamma. q= +SearchEngine metacrawler q= +SearchEngine msn. MT= +SearchEngine msxml qkw= +SearchEngine mysearch. searchfor= +SearchEngine mywebsearch. searchfor= +SearchEngine netscape. q= +SearchEngine nigma.ru q= +SearchEngine northernlight. qr= +SearchEngine ntlworld. q= +SearchEngine orange. q= +SearchEngine overture. Keywords= +SearchEngine punto.ru text= +SearchEngine rambler. keyword= +SearchEngine search.aol. q= +SearchEngine search.babylon. q= +SearchEngine search.centrum. phrase= +SearchEngine search.conduit. q= +SearchEngine search.earthlink q= +SearchEngine search.icq. q= +SearchEngine search.live.com q= +SearchEngine search.rambler.ru words= +SearchEngine search.winamp. q= +SearchEngine searchy. q= +SearchEngine seznam.cz w= +SearchEngine snap. query= +SearchEngine teoma. q= +SearchEngine teradex.com q= +SearchEngine ukplus key= +SearchEngine verizon. q= +SearchEngine virginmedia. q= +SearchEngine voila. rdata= +SearchEngine webcrawler searchText= +SearchEngine web.search.naver. query= +SearchEngine wisenut q= +SearchEngine yahoo. p= +SearchEngine yandex. text= +SearchEngine yodao. q= diff --git a/install/ubuntu/12.04/vsftpd/vsftpd.conf b/install/ubuntu/12.04/vsftpd/vsftpd.conf new file mode 100644 index 000000000..0902899e7 --- /dev/null +++ b/install/ubuntu/12.04/vsftpd/vsftpd.conf @@ -0,0 +1,24 @@ +anonymous_enable=NO +local_enable=YES +write_enable=YES +local_umask=002 +anon_upload_enable=NO +dirmessage_enable=YES +xferlog_enable=YES +connect_from_port_20=YES +xferlog_std_format=YES +dual_log_enable=YES +chroot_local_user=YES +listen=YES +pam_service_name=vsftpd +userlist_enable=NO +tcp_wrappers=YES +force_dot_files=YES +ascii_upload_enable=YES +ascii_download_enable=YES +#allow_writable_chroot=YES +allow_writeable_chroot=YES +seccomp_sandbox=NO +pasv_enable=YES +pasv_max_port=12100 +pasv_min_port=12000 diff --git a/install/ubuntu/12.10/apache2/apache2.conf b/install/ubuntu/12.10/apache2/apache2.conf new file mode 100644 index 000000000..221780117 --- /dev/null +++ b/install/ubuntu/12.10/apache2/apache2.conf @@ -0,0 +1,86 @@ +# It is split into several files forming the configuration hierarchy outlined +# below, all located in the /etc/apache2/ directory: +# +# /etc/apache2/ +# |-- apache2.conf +# | `-- ports.conf +# |-- mods-enabled +# | |-- *.load +# | `-- *.conf +# |-- conf.d +# | `-- * + +# Global configuration +PidFile ${APACHE_PID_FILE} +Timeout 30 +KeepAlive Off +MaxKeepAliveRequests 100 +KeepAliveTimeout 10 + + + StartServers 8 + MinSpareServers 5 + MaxSpareServers 20 + ServerLimit 256 + MaxClients 200 + MaxRequestsPerChild 4000 + + + + StartServers 2 + MinSpareThreads 25 + MaxSpareThreads 75 + ThreadLimit 64 + ThreadsPerChild 25 + MaxClients 200 + MaxRequestsPerChild 4000 + + + + StartServers 2 + MinSpareThreads 25 + MaxSpareThreads 75 + ThreadLimit 64 + ThreadsPerChild 25 + MaxClients 200 + MaxRequestsPerChild 4000 + + +# These need to be set in /etc/apache2/envvars +User ${APACHE_RUN_USER} +Group ${APACHE_RUN_GROUP} +#User www-data +#Group www-data + +AccessFileName .htaccess + + + Order allow,deny + Deny from all + Satisfy all + + +DefaultType None +HostnameLookups Off + +ErrorLog ${APACHE_LOG_DIR}/error.log +LogLevel warn + +# Include module configuration: +Include mods-enabled/*.load +Include mods-enabled/*.conf + +# Include list of ports to listen on and which to use for name based vhosts +Include ports.conf + +LogFormat "%v:%p %h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined +LogFormat "%h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined +LogFormat "%h %l %u %t \"%r\" %>s %O" common +LogFormat "%{Referer}i -> %U" referer +LogFormat "%{User-agent}i" agent +LogFormat "%b" bytes + +Include conf.d/ + +# Include the virtual host configurations: +#Include sites-enabled/ diff --git a/install/ubuntu/12.10/apache2/status.conf b/install/ubuntu/12.10/apache2/status.conf new file mode 100644 index 000000000..da9d96333 --- /dev/null +++ b/install/ubuntu/12.10/apache2/status.conf @@ -0,0 +1,8 @@ +Listen 127.0.0.1:8081 + + SetHandler server-status + Order deny,allow + Deny from all + Allow from 127.0.0.1 + Allow from all + diff --git a/install/ubuntu/12.10/bind/named.conf b/install/ubuntu/12.10/bind/named.conf new file mode 100644 index 000000000..ed6ece885 --- /dev/null +++ b/install/ubuntu/12.10/bind/named.conf @@ -0,0 +1,12 @@ +// This is the primary configuration file for the BIND DNS server named. +// +// Please read /usr/share/doc/bind9/README.Debian.gz for information on the +// structure of BIND configuration files in Debian, *BEFORE* you customize +// this configuration file. +// +// If you are just adding zones, please do that in /etc/bind/named.conf.local + +include "/etc/bind/named.conf.options"; +include "/etc/bind/named.conf.local"; +include "/etc/bind/named.conf.default-zones"; + diff --git a/install/ubuntu/12.10/clamav/clamd.conf b/install/ubuntu/12.10/clamav/clamd.conf new file mode 100644 index 000000000..ea982697a --- /dev/null +++ b/install/ubuntu/12.10/clamav/clamd.conf @@ -0,0 +1,61 @@ +#Automatically Generated by clamav-base postinst +#To reconfigure clamd run #dpkg-reconfigure clamav-base +#Please read /usr/share/doc/clamav-base/README.Debian.gz for details +LocalSocket /var/run/clamav/clamd.ctl +FixStaleSocket true +LocalSocketGroup clamav +LocalSocketMode 666 +# TemporaryDirectory is not set to its default /tmp here to make overriding +# the default with environment variables TMPDIR/TMP/TEMP possible +User clamav +AllowSupplementaryGroups true +ScanMail true +ScanArchive true +ArchiveBlockEncrypted false +MaxDirectoryRecursion 15 +FollowDirectorySymlinks false +FollowFileSymlinks false +ReadTimeout 180 +MaxThreads 12 +MaxConnectionQueueLength 15 +LogSyslog false +LogFacility LOG_LOCAL6 +LogClean false +LogVerbose true +PidFile /var/run/clamav/clamd.pid +DatabaseDirectory /var/lib/clamav +SelfCheck 3600 +Foreground false +Debug false +ScanPE true +ScanOLE2 true +ScanHTML true +DetectBrokenExecutables false +ExitOnOOM false +LeaveTemporaryFiles false +AlgorithmicDetection true +ScanELF true +IdleTimeout 30 +PhishingSignatures true +PhishingScanURLs true +PhishingAlwaysBlockSSLMismatch false +PhishingAlwaysBlockCloak false +DetectPUA false +ScanPartialMessages false +HeuristicScanPrecedence false +StructuredDataDetection false +CommandReadTimeout 5 +SendBufTimeout 200 +MaxQueue 100 +ExtendedDetectionInfo true +OLE2BlockMacros false +StreamMaxLength 25M +LogFile /var/log/clamav/clamav.log +LogTime true +LogFileUnlock false +LogFileMaxSize 0 +Bytecode true +BytecodeSecurity TrustSigned +BytecodeTimeout 60000 +OfficialDatabaseOnly false +CrossFilesystems true diff --git a/install/ubuntu/12.10/deb_signing.key b/install/ubuntu/12.10/deb_signing.key new file mode 100644 index 000000000..2ad2db8bc --- /dev/null +++ b/install/ubuntu/12.10/deb_signing.key @@ -0,0 +1,30 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- +Version: GnuPG v1.4.12 (GNU/Linux) + +mQENBFJIGbEBCAC8SHOOFo7iDTbnC2GhNZ+uBGCh226Dn1QPoFZNFM/DNakHZ6rD +G3wzr8++eKz4fJual/VLllE2N9XDPuxbozb3LLkcyY1WzJqtIXbXhFGQ/SuIeT+x +QY90XU6t2Ckze2c+zUniAWmJ8GSyVmXOoc9JxAQ1u47wvGXLzrjWXc8u8PNRYXuf +fZplTL+dFu9P0d6lP8FGsV+r9wXvvazpRTz3+H8PKrGCYT55ZQIEdG9Jgamylto2 +oVPFXkwGML+TLw6oeCIBuz2y2vtivphW4MJ3ifQjDj7k3n+DTIxfDFs8lB6VRhhY +2nMHCrcZC6U2mhmXmr6O4s1fu6irBVx05ejPABEBAAG0IFNlcmdoZXkgUm9kaW4g +PHNraWRAdmVzdGFjcC5jb20+iQE4BBMBAgAiBQJSSBmxAhsDBgsJCAcDAgYVCAIJ +CgsEFgIDAQIeAQIXgAAKCRBCxbITCh93FPdqB/93GjV9g+wBfeZYLHQK9MDU2wBb +VloYOJJae6IvYKYQVAJayD3PbHdpxrF8s9e23vdnmb9jKu6jX6oV54EIyqP2HPiN +QYc8wcea+eSHerznBixCtoQh8mtdWGFeN71zU/ig7L5qlOVF/EmxDVZTFUeivFxh +IV6qyBnktQKktE45585yKZyyLtfGoXA54DGK69OtJFh+wdkKEMmUXocMl7wUrxW6 +Cx2CuKeEXEgvwu8mRHQi3S3T9XP456qWEn5dWyMVcP660IzEuZfSJApZusNK7zG3 +WMy0/EuX7xHNY3mcNxTOUN1LsO7iHnhHD9+iKWJo9parGkMZzc92MpjDK/g7uQEN +BFJIGbEBCAC7k5QEA9WQM7E3ceNaeLMrA9lXfuzaNCcySq7ONdVAa5PxzbSKdHvz +QFoL1VFqBTYQ038lbil1XqnoM0zvIfAI3LcpS8sq92El/vPxp6jZh2Ari9Uw7x95 +k2cZMgI67g+zQMGdjVRA155nFQRCgg000xU4F7JA6+WsuLlVUmccsDv7YWJExMtC +YPxiuz5DFu8RALnw4Ckts+dbwsrcvUHhkm9b6RAsdCKjjRpUZjLgdltjH83gUVvt +i1YmdjjsVpt95dtsaG+ad852g/Rk8EdxNMkjPF6HLA67CLADP9wYaj80yPcPtylS +ycvPtcclVeHkFBRVM8xZpQd4iD19MWI1ABEBAAGJAR8EGAECAAkFAlJIGbECGwwA +CgkQQsWyEwofdxQ7tQgAhB0FwTs7L8Qr63DHC2yAnXVxgtTAY1/36CccNXVculyR ++EkLcwahms9AKhz7eQb+Mud+5vH0GRohLp2npgO38CjVUfIP5d+Y6dsthmrkF6p8 +XdV1dVK9vWX+i/YZSw/Mded30Cq4P2Yhq9EaemMT0rtli8lz2NnkZ9dFJZk1lzJC +CZmRpbjSNWqRU4f7qyh21lYk/OC/0XE8fh8CaO23TZ+6gBionoCztwb7NyC9OArN +qYlNnbmh9iNqdblykPS3bkjf34n2xyMgnIehNrM89tk8PY4UfNPhgT1TMD9W3Svq +ynNZvLuF/FIDwDeC1qcfjGbfDn9fXO/lMIIRooQYKQ== +=J2HJ +-----END PGP PUBLIC KEY BLOCK----- diff --git a/install/ubuntu/12.10/dovecot.tar.gz b/install/ubuntu/12.10/dovecot.tar.gz new file mode 100644 index 0000000000000000000000000000000000000000..bfabaa030981d087ea4ccd8c7b86cc4d7ab1b7c6 GIT binary patch literal 3487 zcmV;Q4Pf#giwFRAz^+vQ1MM4YZyPrJESWH#l7u_ru?rTWOchsOV;5PJCsTFqMF@1q7J z@8Lu8?+=Fk(NVY80r~evgQH6Rj{$e&-|I9Jo%CDy^^@&^0v-(pACmu3uh#|ncRQo* z(dY>0bqAx~@CoaDG73Hde{=aieOi0^lwDn3^_fjXAZIdQR-~y^a|aq$g|DKQfwbnIX+x!UC0o24+8Ev1e?6`TyF z8`vq$jB@adI3@)oZi~NBA63I*Z>0~uk2KT zaHU4N^Mslf!x4zfNM=3)9v~#FmW9FwMovM>Qqk&A2kn)-mF@3y zG_7=ebDkGV094j@@Vs@0BEc@7@e)9w1lqm6#<#5dEoiE=m z@xRQ?I@Os$l_|q95)Rz0FPp%ZgQ-R*OzH}@2pfc;P;nNeTnTN9qnvI`X4%2lW7cbR zTm3_iDcc$Smm3}Aqsvx4A-9-ir}foWtu?zhA>BPnKH=r8;MprpW)8}EnWd=Ptk>xv zZ$wNMvfvPJARK}+#op!#f3DIl7_7MUF_H+{N8OxpIBtVkjrIw0*#{pt%}|=4)|}#i zlK@)fN@oy7fK{B$wRYhG42V-$TW~dZzNkgA$Vec}F7ibQ_$LtX40NJt`OMjEVY}## zC!XAK34ym>0Rsw56(X|5!=mP(gHmL#q$xf~(P8ePbmY17uP8?-2-eo4Yq8S|{0ePC z{%@rXcpy}2$J3Wi&9@E*NtxUUBtI;i4*_q;ryATy&))c2YhFE=mCZghykWlY>c z$`*4-IYg9zGgoBu+J$PTs?J72mMO7@v=QizHl?Ho^Q6trYBp`MA?apM!Dq&&Fw%;NZ>9uNV(Q;Ji1D zSC=o5I^LcO}XbK_ij~ctOc^?0jNp{bgsnFkh!dQ`x4_i~A(yWFTp;L}~+`2=c6K z3cll({3CicV6e|ZnwY%i*D{1yLZ+?e{=TLY6c|SC1fzpMzDZJI%5L+?v>Mfe#D|AM zu{H~_Ze62e^kh|%!fz>Q2_H!3659BJZVC(0Vjnu9`FU}gzn7>vr-tO$G^OH$ojEgYPB34n)nCN z6_up>=y0fnu2v=w9^ctv_X*FyQ{qy%dak!9@p03;bsS}E4*n(qZ-c&>9>6_P!1vB* z)S>Sb1jo$Vh9~sS!@r29x^Mp=wK=--Pv-z0vj5JYQ`rBokM&>pe^A-~V*p5dl5jAb zF>6B()Q0bEuM;i!{MS(O3O)$;`#>Hz_&+?N{?F*Bvj4{b*Z-lK^uDrs5Xa-jP|B-A`z+-YdcF%DyCW+}{uQ7yN8dB=smp0>#5MR`=XA`_M|@&2rY zZx3;qcSKw<4eRNIXYWR9hn<^w7Q@ziSccrYPi2Y|VUpNm!WeDfdNYG$fi5R_OuDV& z%!xY>ILFc8_Cq&nkN@v}qb4?dwsIDU?QXGzCXef~UH4_fOVB_gLqVlFBKY*=>g4(P z#re%UtS=?NLD9nMx$84TnP5{vXD0pJ|6<>@c0hzQWe!47Af$v-WgUAoa7#{glGpk@ zZ>{epa?OlGyuBkz|5C-&D zX>62B5bhh91xMVx7HNLb_;K4>S8Csx=x_yj>G+sP zYoJHLc3^{Pi~pL%ck9}<&CEpGF9Nl;%!vsdCTDtnY_DI_P0mWP6p-FC77Gq+7U;;R z_qKx!=CJW^E-!^5;+v)tDti>M$qK zMmnu|b$NMJAVUeBetUNMT~T|z0-^}BogfM`fY)aDoF=l zFMF--Ve4Me$(NX7#5m<475cGv?HcmvADsJ6x3wm4@D{7`xTjg;lm*- zO4=y45Y&e@WBcuWP~+K5uALR;b!oED-5MP=oo!)vr2}oHT*3-gpQ8UohXrhNy=W@A zO9iGU!=1fKT!?HoZPJScC9TDy{`g8;5kWx8UpoLTy10Jxob*!`{qijf$TcD#4)2si z-J1<%o&tptmg1?o0}&FNOl~vk2qPa!kx-KhTyrBfzd5u2ed#}{;xeAy8rjP#r?n6>GmN1 zKk8Tc|KkA4I-F8o9~!x&5|@*I6BPg+L!OMPYXh(-F@E`C*gSpx?&_vUSADuQt}E6S zY0wss9}n802Ct!PyB@Y3I;_;;l3%siZ^!+)`S@pr`}IF-qfdMNf6)HB!~UK3e+O6w ztnB|00Hh7}wt@T_K1~8)@ZR)wJF{2{40zOD3Sdwh2HQC3(oTpACZz?pV)Lu!!@SBw z|A=tk{xJo3)cPOT|IxPo-|4&hUuFM~0-?0@@^2DxEC#I83ANGaO)LB~fhax2m$#gg zphvO5S5~BrF;vq+Mye+;{o z{XYh{IxZyRV5V~sPIh|ZG{}QMSnCGt&Iktl)V+-F-%UQQFWUGKQ}ep2ef*u%&wca? zo^0(u@A-b(%-;do|L7z3-|zbT|ESaL;O{>N_>;iO{vQGI_8wX`b@3Y9jdImf(k0Apn?i2sGx!hDyX1>3M#0ef(kxA N{0}P55eWcL004dY&`|&Y literal 0 HcmV?d00001 diff --git a/install/ubuntu/12.10/dovecot/conf.d/10-auth.conf b/install/ubuntu/12.10/dovecot/conf.d/10-auth.conf new file mode 100644 index 000000000..dfcc83110 --- /dev/null +++ b/install/ubuntu/12.10/dovecot/conf.d/10-auth.conf @@ -0,0 +1,4 @@ +disable_plaintext_auth = no +auth_verbose = yes +auth_mechanisms = plain login +!include auth-passwdfile.conf.ext diff --git a/install/ubuntu/12.10/dovecot/conf.d/10-logging.conf b/install/ubuntu/12.10/dovecot/conf.d/10-logging.conf new file mode 100644 index 000000000..a5f207d51 --- /dev/null +++ b/install/ubuntu/12.10/dovecot/conf.d/10-logging.conf @@ -0,0 +1 @@ +log_path = /var/log/dovecot.log diff --git a/install/ubuntu/12.10/dovecot/conf.d/10-mail.conf b/install/ubuntu/12.10/dovecot/conf.d/10-mail.conf new file mode 100644 index 000000000..55313419e --- /dev/null +++ b/install/ubuntu/12.10/dovecot/conf.d/10-mail.conf @@ -0,0 +1,4 @@ +mail_privileged_group = mail +mail_access_groups = mail +mail_location = maildir:%h/mail/%d/%n +pop3_uidl_format = %08Xu%08Xv diff --git a/install/ubuntu/12.10/dovecot/conf.d/10-master.conf b/install/ubuntu/12.10/dovecot/conf.d/10-master.conf new file mode 100644 index 000000000..a75a9aaa4 --- /dev/null +++ b/install/ubuntu/12.10/dovecot/conf.d/10-master.conf @@ -0,0 +1,29 @@ +service imap-login { + inet_listener imap { + } + inet_listener imaps { + } +} + +service pop3-login { + inet_listener pop3 { + } + inet_listener pop3s { + } +} + + +service imap { +} + +service pop3 { +} + +service auth { + unix_listener auth-client { + group = mail + mode = 0660 + user = dovecot + } + user = dovecot +} diff --git a/install/ubuntu/12.10/dovecot/conf.d/10-ssl.conf b/install/ubuntu/12.10/dovecot/conf.d/10-ssl.conf new file mode 100644 index 000000000..3aaff6eec --- /dev/null +++ b/install/ubuntu/12.10/dovecot/conf.d/10-ssl.conf @@ -0,0 +1,3 @@ +ssl = yes +ssl_cert = = 2.1.4) : %v.%u + # Dovecot v0.99.x : %v.%u + # tpop3d : %Mf + # + # Note that Outlook 2003 seems to have problems with %v.%u format which was + # Dovecot's default, so if you're building a new server it would be a good + # idea to change this. %08Xu%08Xv should be pretty fail-safe. + # + #pop3_uidl_format = %08Xu%08Xv + + # Permanently save UIDLs sent to POP3 clients, so pop3_uidl_format changes + # won't change those UIDLs. Currently this works only with Maildir. + #pop3_save_uidl = no + + # What to do about duplicate UIDLs if they exist? + # allow: Show duplicates to clients. + # rename: Append a temporary -2, -3, etc. counter after the UIDL. + #pop3_uidl_duplicates = allow + + # POP3 logout format string: + # %i - total number of bytes read from client + # %o - total number of bytes sent to client + # %t - number of TOP commands + # %p - number of bytes sent to client as a result of TOP command + # %r - number of RETR commands + # %b - number of bytes sent to client as a result of RETR command + # %d - number of deleted messages + # %m - number of messages (before deletion) + # %s - mailbox size in bytes (before deletion) + # %u - old/new UIDL hash. may help finding out if UIDLs changed unexpectedly + #pop3_logout_format = top=%t/%p, retr=%r/%b, del=%d/%m, size=%s + + # Maximum number of POP3 connections allowed for a user from each IP address. + # NOTE: The username is compared case-sensitively. + #mail_max_userip_connections = 10 + + # Space separated list of plugins to load (default is global mail_plugins). + #mail_plugins = $mail_plugins + + # Workarounds for various client bugs: + # outlook-no-nuls: + # Outlook and Outlook Express hang if mails contain NUL characters. + # This setting replaces them with 0x80 character. + # oe-ns-eoh: + # Outlook Express and Netscape Mail breaks if end of headers-line is + # missing. This option simply sends it if it's missing. + # The list is space-separated. + #pop3_client_workarounds = +} diff --git a/install/ubuntu/12.10/dovecot/conf.d/auth-passwdfile.conf.ext b/install/ubuntu/12.10/dovecot/conf.d/auth-passwdfile.conf.ext new file mode 100644 index 000000000..75e6e1152 --- /dev/null +++ b/install/ubuntu/12.10/dovecot/conf.d/auth-passwdfile.conf.ext @@ -0,0 +1,9 @@ +passdb { + driver = passwd-file + args = scheme=MD5-CRYPT username_format=%n /etc/exim4/domains/%d/passwd +} + +userdb { + driver = passwd-file + args = username_format=%n /etc/exim4/domains/%d/passwd +} diff --git a/install/ubuntu/12.10/dovecot/dovecot.conf b/install/ubuntu/12.10/dovecot/dovecot.conf new file mode 100644 index 000000000..0a8553510 --- /dev/null +++ b/install/ubuntu/12.10/dovecot/dovecot.conf @@ -0,0 +1,4 @@ +protocols = imap pop3 +listen = *, :: +base_dir = /var/run/dovecot/ +!include conf.d/*.conf diff --git a/install/ubuntu/12.10/exim/dnsbl.conf b/install/ubuntu/12.10/exim/dnsbl.conf new file mode 100644 index 000000000..5166b255e --- /dev/null +++ b/install/ubuntu/12.10/exim/dnsbl.conf @@ -0,0 +1,2 @@ +bl.spamcop.net +zen.spamhaus.org diff --git a/install/ubuntu/12.10/exim/exim4.conf.template b/install/ubuntu/12.10/exim/exim4.conf.template new file mode 100644 index 000000000..742f0409e --- /dev/null +++ b/install/ubuntu/12.10/exim/exim4.conf.template @@ -0,0 +1,377 @@ +###################################################################### +# # +# Exim configuration file for Vesta Control Panel # +# # +###################################################################### + +#SPAMASSASSIN = yes +#SPAM_SCORE = 50 +#CLAMD = yes + +domainlist local_domains = dsearch;/etc/exim4/domains/ +domainlist relay_to_domains = dsearch;/etc/exim4/domains/ +hostlist relay_from_hosts = 127.0.0.1 +hostlist whitelist = net-iplsearch;/etc/exim4/white-blocks.conf +hostlist spammers = net-iplsearch;/etc/exim4/spam-blocks.conf +no_local_from_check +untrusted_set_sender = * +acl_smtp_connect = acl_check_spammers +acl_smtp_mail = acl_check_mail +acl_smtp_rcpt = acl_check_rcpt +acl_smtp_data = acl_check_data +acl_smtp_mime = acl_check_mime + +.ifdef SPAMASSASSIN +spamd_address = 127.0.0.1 783 +.endif + +.ifdef CLAMD +av_scanner = clamd: /var/run/clamav/clamd.ctl +.endif + +tls_advertise_hosts = * +tls_certificate = /usr/local/vesta/ssl/certificate.crt +tls_privatekey = /usr/local/vesta/ssl/certificate.key + +daemon_smtp_ports = 25 : 465 : 587 : 2525 +tls_on_connect_ports = 465 +never_users = root +host_lookup = * +rfc1413_hosts = * +rfc1413_query_timeout = 5s +ignore_bounce_errors_after = 2d +timeout_frozen_after = 7d + +DKIM_DOMAIN = ${lc:${domain:$h_from:}} +DKIM_FILE = /etc/exim4/domains/${lc:${domain:$h_from:}}/dkim.pem +DKIM_PRIVATE_KEY = ${if exists{DKIM_FILE}{DKIM_FILE}{0}} + + + +###################################################################### +# ACL CONFIGURATION # +# Specifies access control lists for incoming SMTP mail # +###################################################################### +begin acl + +acl_check_spammers: + accept hosts = +whitelist + + drop message = Your host in blacklist on this server. + log_message = Host in blacklist + hosts = +spammers + + accept + + +acl_check_mail: + deny condition = ${if eq{$sender_helo_name}{}} + message = HELO required before MAIL + + drop message = Helo name contains a ip address (HELO was $sender_helo_name) and not is valid + condition = ${if match{$sender_helo_name}{\N((\d{1,3}[.-]\d{1,3}[.-]\d{1,3}[.-]\d{1,3})|([0-9a-f]{8})|([0-9A-F]{8}))\N}{yes}{no}} + condition = ${if match {${lookup dnsdb{>: defer_never,ptr=$sender_host_address}}\}{$sender_helo_name}{no}{yes}} + delay = 45s + + drop condition = ${if isip{$sender_helo_name}} + message = Access denied - Invalid HELO name (See RFC2821 4.1.3) + + drop condition = ${if eq{[$interface_address]}{$sender_helo_name}} + message = $interface_address is _my_ address + + accept + + +acl_check_rcpt: + accept hosts = : + + deny message = Restricted characters in address + domains = +local_domains + local_parts = ^[.] : ^.*[@%!/|] + + deny message = Restricted characters in address + domains = !+local_domains + local_parts = ^[./|] : ^.*[@%!] : ^.*/\\.\\./ + + require verify = sender + + accept hosts = +relay_from_hosts + control = submission + + accept authenticated = * + control = submission/domain= + + deny message = Rejected because $sender_host_address is in a black list at $dnslist_domain\n$dnslist_text + hosts = !+whitelist + dnslists = ${readfile {/etc/exim4/dnsbl.conf}{:}} + + require message = relay not permitted + domains = +local_domains : +relay_to_domains + + deny message = smtp auth requried + sender_domains = +local_domains + !authenticated = * + + require verify = recipient + +.ifdef CLAMD + warn set acl_m0 = no + + warn condition = ${if exists {/etc/exim4/domains/$domain/antivirus}{yes}{no}} + set acl_m0 = yes +.endif + +.ifdef SPAMASSASSIN + warn set acl_m1 = no + + warn condition = ${if exists {/etc/exim4/domains/$domain/antispam}{yes}{no}} + set acl_m1 = yes +.endif + + accept + + +acl_check_data: +.ifdef CLAMD + deny message = Message contains a virus ($malware_name) and has been rejected + malware = * + condition = ${if eq{$acl_m0}{yes}{yes}{no}} +.endif + +.ifdef SPAMASSASSIN + warn !authenticated = * + hosts = !+relay_from_hosts + condition = ${if < {$message_size}{100K}} + condition = ${if eq{$acl_m1}{yes}{yes}{no}} + spam = nobody:true/defer_ok + add_header = X-Spam-Score: $spam_score_int + add_header = X-Spam-Bar: $spam_bar + add_header = X-Spam-Report: $spam_report + set acl_m2 = $spam_score_int + + warn condition = ${if !eq{$acl_m2}{} {yes}{no}} + condition = ${if >{$acl_m2}{SPAM_SCORE} {yes}{no}} + add_header = X-Spam-Status: Yes + message = SpamAssassin detected spam (from $sender_address to $recipients). +.endif + + accept + + +acl_check_mime: + deny message = Blacklisted file extension detected + condition = ${if match {${lc:$mime_filename}}{\N(\.ade|\.adp|\.bat|\.chm|\.cmd|\.com|\.cpl|\.exe|\.hta|\.ins|\.isp|\.jse|\.lib|\.lnk|\.mde|\.msc|\.msp|\.mst|\.pif|\.scr|\.sct|\.shb|\.sys|\.vb|\.vbe|\.vbs|\.vxd|\.wsc|\.wsf|\.wsh)$\N}{1}{0}} + + accept + + + +###################################################################### +# AUTHENTICATION CONFIGURATION # +###################################################################### +begin authenticators + +dovecot_plain: + driver = dovecot + public_name = PLAIN + server_socket = /var/run/dovecot/auth-client + server_set_id = $auth1 + +dovecot_login: + driver = dovecot + public_name = LOGIN + server_socket = /var/run/dovecot/auth-client + server_set_id = $auth1 + + + +###################################################################### +# ROUTERS CONFIGURATION # +# Specifies how addresses are handled # +###################################################################### +begin routers + +#smarthost: +# driver = manualroute +# domains = ! +local_domains +# transport = remote_smtp +# route_list = * smartrelay.vestacp.com +# no_more +# no_verify + +dnslookup: + driver = dnslookup + domains = !+local_domains + transport = remote_smtp + no_more + +userforward: + driver = redirect + check_local_user + file = $home/.forward + allow_filter + no_verify + no_expn + check_ancestor + file_transport = address_file + pipe_transport = address_pipe + reply_transport = address_reply + +procmail: + driver = accept + check_local_user + require_files = ${local_part}:+${home}/.procmailrc:/usr/bin/procmail + transport = procmail + no_verify + +autoreplay: + driver = accept + require_files = /etc/exim4/domains/$domain/autoreply.${local_part}.msg + condition = ${if exists{/etc/exim4/domains/$domain/autoreply.${local_part}.msg}}{yes}{no}} + retry_use_local_part + transport = userautoreply + unseen + +aliases: + driver = redirect + headers_add = X-redirected: yes + data = ${extract{1}{:}{${lookup{$local_part@$domain}lsearch{/etc/exim4/domains/$domain/aliases}}}} + require_files = /etc/exim4/domains/$domain/aliases + redirect_router = dnslookup + pipe_transport = address_pipe + unseen + +localuser_fwd_only: + driver = accept + transport = devnull + condition = ${if exists{/etc/exim/domains/$domain/fwd_only}{${lookup{$local_part}lsearch{/etc/exim/domains/$domain/fwd_only}{true}{false}}}} + +localuser_spam: + driver = accept + transport = local_spam_delivery + condition = ${if eq {${if match{$h_X-Spam-Status:}{\N^Yes\N}{yes}{no}}} {${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}{yes}{no_such_user}}}} + +localuser: + driver = accept + transport = local_delivery + condition = ${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}{true}{false}} + +catchall: + driver = redirect + headers_add = X-redirected: yes + require_files = /etc/exim4/domains/$domain/aliases + data = ${extract{1}{:}{${lookup{*@$domain}lsearch{/etc/exim4/domains/$domain/aliases}}}} + file_transport = local_delivery + redirect_router = dnslookup + +terminate_alias: + driver = accept + transport = devnull + condition = ${lookup{$local_part@$domain}lsearch{/etc/exim4/domains/$domain/aliases}{true}{false}} + + + +###################################################################### +# TRANSPORTS CONFIGURATION # +###################################################################### +begin transports + +remote_smtp: + driver = smtp + #helo_data = $sender_address_domain + dkim_domain = DKIM_DOMAIN + dkim_selector = mail + dkim_private_key = DKIM_PRIVATE_KEY + dkim_canon = relaxed + dkim_strict = 0 + +procmail: + driver = pipe + command = "/usr/bin/procmail -d $local_part" + return_path_add + delivery_date_add + envelope_to_add + user = $local_part + initgroups + return_output + +local_delivery: + driver = appendfile + maildir_format + maildir_use_size_file + user = ${extract{2}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}} + group = mail + create_directory + directory_mode = 770 + mode = 660 + use_lockfile = no + delivery_date_add + envelope_to_add + return_path_add + directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}/mail/$domain/$local_part" + quota = ${extract{6}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}M + quota_warn_threshold = 75% + +local_spam_delivery: + driver = appendfile + maildir_format + maildir_use_size_file + user = ${extract{2}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}} + group = mail + create_directory + directory_mode = 770 + mode = 660 + use_lockfile = no + delivery_date_add + envelope_to_add + return_path_add + directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}/mail/$domain/$local_part/.Spam" + quota = ${extract{6}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}M + quota_directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}/mail/$domain/$local_part" + quota_warn_threshold = 75% + +address_pipe: + driver = pipe + return_output + +address_file: + driver = appendfile + delivery_date_add + envelope_to_add + return_path_add + +address_reply: + driver = autoreply + +userautoreply: + driver = autoreply + file = /etc/exim4/domains/$domain/autoreply.${local_part}.msg + from = "${local_part}@${domain}" + subject = "${if def:h_Subject: {Autoreply: ${quote:${escape:$h_Subject:}}} {Autoreply Message}}" + to = "${sender_address}" + +devnull: + driver = appendfile + file = /dev/null + + + +###################################################################### +# RETRY CONFIGURATION # +###################################################################### +begin retry + +# Address or Domain Error Retries +# ----------------- ----- ------- +* * F,2h,15m; G,16h,1h,1.5; F,4d,6h + + + +###################################################################### +# REWRITE CONFIGURATION # +###################################################################### +begin rewrite + + + +###################################################################### diff --git a/install/ubuntu/12.10/exim/spam-blocks.conf b/install/ubuntu/12.10/exim/spam-blocks.conf new file mode 100644 index 000000000..e69de29bb diff --git a/install/ubuntu/12.10/fail2ban.tar.gz b/install/ubuntu/12.10/fail2ban.tar.gz new file mode 100644 index 0000000000000000000000000000000000000000..628545b6b12d83a4dfcf4529b41f62792c228c85 GIT binary patch literal 721 zcmV;?0xta@iwFR?P)1Y$1MQbhZ{jczhB^CJjMPJ=l>#Ira4D7AZL1=&Z6#&~ zz`KruB3xbg09_DCMo>VRAaZ-;y)^U@ z_5_W1em^5}=Uk3M(j5%0M~Fp}7>lVIYRqubkoOIoiK#qP6BOckLPYW;2OWgmSsIAg zuZ|mFmaYUYjJJfo8s1fhF1)IOlQ|75La(j33(9U0btUMJvtIut>QYeUVmCrexr&Qi zKbjFQ61zkzP2U-?^r{!(!l(3+?Yga{u}aaFy}dZE-rC%=GOfyYm&N9W)k}T291PDY z*P0t`IZ}uIjJ_-j{V$SH_dlT#cu)PeEcx8DI+m&H|328vfBu=(y@&@N72}Qi-)t}U ze|i14JEpGxd*KMK)CoAp98}8bBuj9v%2KQe1W{6IHF7UVKsi-oBUDPa+B%^mI!l#A z%iggR=`rPvnSp)Z2xvn7V8#q@Dyt%#D2+c|xJU7JZ=WzC$g2~0Q{w%WGdx!uFgO@} z=-u4i58*FN5)y;)2*=Nd+$g+V_$fxmCp11?eTVGz8P->^KFOi;zxe)( z;(T!ZH#>H&|F+iuy|9`8{p-KwZ0f&dYyIB`OZs27=SuT4o@Sm$(ja3D9@K#V)prvv zs8^H+ECdN-k)k768hSV1`}Y@@gAp1N=}x2^dQlk4c0wJawc4RhTtX&fF0G*c4Nk6a z2g6fPkL6zl5rJ&(DMxg| +actionstop = /usr/local/vesta/bin/v-delete-firewall-chain +actioncheck = iptables -n -L INPUT | grep -q 'fail2ban-[ \t]' +actionban = /usr/local/vesta/bin/v-add-firewall-ban +actionunban = /usr/local/vesta/bin/v-delete-firewall-ban diff --git a/install/ubuntu/12.10/fail2ban/filter.d/vesta.conf b/install/ubuntu/12.10/fail2ban/filter.d/vesta.conf new file mode 100644 index 000000000..69670a56e --- /dev/null +++ b/install/ubuntu/12.10/fail2ban/filter.d/vesta.conf @@ -0,0 +1,10 @@ +# Fail2Ban filter for unsuccesfull Vesta authentication attempts +# + +[INCLUDES] +before = common.conf + +[Definition] +failregex = .* failed to login +ignoreregex = + diff --git a/install/ubuntu/12.10/fail2ban/jail.local b/install/ubuntu/12.10/fail2ban/jail.local new file mode 100644 index 000000000..eccea0685 --- /dev/null +++ b/install/ubuntu/12.10/fail2ban/jail.local @@ -0,0 +1,39 @@ +[ssh-iptables] +enabled = true +filter = sshd +action = vesta[name=SSH] +logpath = /var/log/auth.log +maxretry = 5 + +[vsftpd-iptables] +enabled = false +filter = vsftpd +action = vesta[name=FTP] +logpath = /var/log/vsftpd.log +maxretry = 5 + +[exim-iptables] +enabled = true +filter = exim +action = vesta[name=MAIL] +logpath = /var/log/exim4/mainlog + +[dovecot-iptables] +enabled = true +filter = dovecot +action = vesta[name=MAIL] +logpath = /var/log/dovecot.log + +[mysqld-iptables] +enabled = false +filter = mysqld-auth +action = vesta[name=DB] +logpath = /var/log/mysql.log +maxretry = 5 + +[vesta-iptables] +enabled = true +filter = vesta +action = vesta[name=VESTA] +logpath = /var/log/vesta/auth.log +maxretry = 5 diff --git a/install/ubuntu/12.10/firewall.tar.gz b/install/ubuntu/12.10/firewall.tar.gz new file mode 100644 index 0000000000000000000000000000000000000000..e8556008077364323d7d6b6934e7a2cf7a734983 GIT binary patch literal 540 zcmV+%0^|K3iwFQ5XyQ}=1MQVdkJ>O4Mzij(@XnhsKo&*MSlh#7(1g=&0&FEG%?Me6ampuO4>y-_`!)kpP&FT0Pj|*j)GSV93 zG0u%P9?@5H>Ue&9TJ8w(mS4U;YbU>kw!5dto6pc!`1H`piz?!Qs? zZ2zTY(j)A}O)l`C?|(Hfn=&r%X0(YbN~&_+%&1`W&E*1z3IZzVUki(*D`*Kk5kQkG z1wFz!17_g@d9ch)G0;wCGL8I9sNtr~X-yEB=^d3PuoC0XT$oBik3eT~aJ zPYYM7vf@1@^`frQB1w}O-E1jovb=r04Y>?eKuHocY1?18ny~4FyPO>aM4!NUUOmFePy(-1M3SddTi>v8NVjB&*t=IgAYbgkDfmmx*FWy-yM^~-2uA1 z`-8QZ4$iCJUfZClsXi!k+gGp^gsj(jT}WJxQ(W4?Rswg^FKlTCd%;5d=XH e1VIo4K@bE%5ClOG1VIqwGCu%8Tmj4gC;$K)2?m1z literal 0 HcmV?d00001 diff --git a/install/ubuntu/12.10/firewall/ports.conf b/install/ubuntu/12.10/firewall/ports.conf new file mode 100644 index 000000000..a6ef4dae5 --- /dev/null +++ b/install/ubuntu/12.10/firewall/ports.conf @@ -0,0 +1,16 @@ +PROTOCOL='TCP' PORT='20' +PROTOCOL='TCP' PORT='21' +PROTOCOL='TCP' PORT='22' +PROTOCOL='TCP' PORT='25' +PROTOCOL='UDP' PORT='53' +PROTOCOL='TCP' PORT='80' +PROTOCOL='TCP' PORT='443' +PROTOCOL='TCP' PORT='110' +PROTOCOL='UDP' PORT='123' +PROTOCOL='TCP' PORT='143' +PROTOCOL='TCP' PORT='3306' +PROTOCOL='TCP' PORT='5432' +PROTOCOL='TCP' PORT='8080' +PROTOCOL='TCP' PORT='8433' +PROTOCOL='TCP' PORT='8083' +PROTOCOL='TCP' PORT='12000:12100' diff --git a/install/ubuntu/12.10/firewall/rules.conf b/install/ubuntu/12.10/firewall/rules.conf new file mode 100644 index 000000000..956c2e1d9 --- /dev/null +++ b/install/ubuntu/12.10/firewall/rules.conf @@ -0,0 +1,10 @@ +RULE='1' ACTION='ACCEPT' PROTOCOL='ICMP' PORT='0' IP='0.0.0.0/0' COMMENT='PING' SUSPENDED='no' TIME='17:13:48' DATE='2014-09-16' +RULE='2' ACTION='ACCEPT' PROTOCOL='TCP' PORT='8083' IP='0.0.0.0/0' COMMENT='VESTA' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='3' ACTION='ACCEPT' PROTOCOL='TCP' PORT='3306,5432' IP='0.0.0.0/0' COMMENT='DB' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='4' ACTION='ACCEPT' PROTOCOL='TCP' PORT='143,993' IP='0.0.0.0/0' COMMENT='IMAP' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='5' ACTION='ACCEPT' PROTOCOL='TCP' PORT='110,995' IP='0.0.0.0/0' COMMENT='POP3' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='6' ACTION='ACCEPT' PROTOCOL='TCP' PORT='25,465,587,2525' IP='0.0.0.0/0' COMMENT='SMTP' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='7' ACTION='ACCEPT' PROTOCOL='UDP' PORT='53' IP='0.0.0.0/0' COMMENT='DNS' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='8' ACTION='ACCEPT' PROTOCOL='TCP' PORT='21,12000-12100' IP='0.0.0.0/0' COMMENT='FTP' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='9' ACTION='ACCEPT' PROTOCOL='TCP' PORT='80,443' IP='0.0.0.0/0' COMMENT='WEB' SUSPENDED='no' TIME='17:04:27' DATE='2014-09-24' +RULE='10' ACTION='ACCEPT' PROTOCOL='TCP' PORT='22' IP='0.0.0.0/0' COMMENT='SSH' SUSPENDED='no' TIME='17:14:41' DATE='2014-09-16' diff --git a/install/ubuntu/12.10/logrotate/apache2 b/install/ubuntu/12.10/logrotate/apache2 new file mode 100644 index 000000000..27629d0dd --- /dev/null +++ b/install/ubuntu/12.10/logrotate/apache2 @@ -0,0 +1,19 @@ +/var/log/apache2/*.log /var/log/apache2/domains/*log { + weekly + missingok + rotate 52 + compress + delaycompress + notifempty + create 640 root adm + sharedscripts + postrotate + /etc/init.d/apache2 reload > /dev/null || true + [ ! -f /var/run/nginx.pid ] || kill -USR1 `cat /var/run/nginx.pid` + endscript + prerotate + if [ -d /etc/logrotate.d/httpd-prerotate ]; then \ + run-parts /etc/logrotate.d/httpd-prerotate; \ + fi; \ + endscript +} diff --git a/install/ubuntu/12.10/logrotate/nginx b/install/ubuntu/12.10/logrotate/nginx new file mode 100644 index 000000000..d667f2135 --- /dev/null +++ b/install/ubuntu/12.10/logrotate/nginx @@ -0,0 +1,13 @@ +/var/log/nginx/*log /var/log/nginx/domains/*log { + daily + missingok + rotate 52 + compress + delaycompress + notifempty + create 640 nginx adm + sharedscripts + postrotate + [ -f /var/run/nginx.pid ] && kill -USR1 `cat /var/run/nginx.pid` + endscript +} diff --git a/install/ubuntu/12.10/logrotate/vesta b/install/ubuntu/12.10/logrotate/vesta new file mode 100644 index 000000000..027a34396 --- /dev/null +++ b/install/ubuntu/12.10/logrotate/vesta @@ -0,0 +1,7 @@ +/usr/local/vesta/log/*.log { + missingok + notifempty + size 30k + yearly + create 0600 root root +} diff --git a/install/ubuntu/12.10/mysql/my-large.cnf b/install/ubuntu/12.10/mysql/my-large.cnf new file mode 100644 index 000000000..d0bab3907 --- /dev/null +++ b/install/ubuntu/12.10/mysql/my-large.cnf @@ -0,0 +1,42 @@ +[client] +port=3306 +socket=/var/run/mysqld/mysqld.sock + +[mysqld_safe] +socket=/var/run/mysqld/mysqld.sock + +[mysqld] +user=mysql +pid-file=/var/run/mysqld/mysqld.pid +socket=/var/run/mysqld/mysqld.sock +port=3306 +basedir=/usr +datadir=/var/lib/mysql +tmpdir=/tmp +lc-messages-dir=/usr/share/mysql +log_error=/var/log/mysql/error.log + +symbolic-links=0 + +skip-external-locking +key_buffer_size = 256M +max_allowed_packet = 32M +table_open_cache = 256 +sort_buffer_size = 1M +read_buffer_size = 1M +read_rnd_buffer_size = 4M +myisam_sort_buffer_size = 64M +thread_cache_size = 8 +query_cache_size= 16M +thread_concurrency = 8 + +#innodb_use_native_aio = 0 +innodb_file_per_table + +max_connections=200 +max_user_connections=50 +wait_timeout=10 +interactive_timeout=50 +long_query_time=5 + +!includedir /etc/mysql/conf.d/ diff --git a/install/ubuntu/12.10/mysql/my-medium.cnf b/install/ubuntu/12.10/mysql/my-medium.cnf new file mode 100644 index 000000000..1c10ab9a6 --- /dev/null +++ b/install/ubuntu/12.10/mysql/my-medium.cnf @@ -0,0 +1,40 @@ +[client] +port=3306 +socket=/var/run/mysqld/mysqld.sock + +[mysqld_safe] +socket=/var/run/mysqld/mysqld.sock + +[mysqld] +user=mysql +pid-file=/var/run/mysqld/mysqld.pid +socket=/var/run/mysqld/mysqld.sock +port=3306 +basedir=/usr +datadir=/var/lib/mysql +tmpdir=/tmp +lc-messages-dir=/usr/share/mysql +log_error=/var/log/mysql/error.log + +symbolic-links=0 + +skip-external-locking +key_buffer_size = 16M +max_allowed_packet = 16M +table_open_cache = 64 +sort_buffer_size = 512K +net_buffer_length = 8K +read_buffer_size = 256K +read_rnd_buffer_size = 512K +myisam_sort_buffer_size = 8M + +#innodb_use_native_aio = 0 +innodb_file_per_table + +max_connections=70 +max_user_connections=30 +wait_timeout=10 +interactive_timeout=50 +long_query_time=5 + +!includedir /etc/mysql/conf.d/ diff --git a/install/ubuntu/12.10/mysql/my-small.cnf b/install/ubuntu/12.10/mysql/my-small.cnf new file mode 100644 index 000000000..26a804781 --- /dev/null +++ b/install/ubuntu/12.10/mysql/my-small.cnf @@ -0,0 +1,40 @@ +[client] +port=3306 +socket=/var/run/mysqld/mysqld.sock + +[mysqld_safe] +socket=/var/run/mysqld/mysqld.sock + +[mysqld] +user=mysql +pid-file=/var/run/mysqld/mysqld.pid +socket=/var/run/mysqld/mysqld.sock +port=3306 +basedir=/usr +datadir=/var/lib/mysql +tmpdir=/tmp +lc-messages-dir=/usr/share/mysql +log_error=/var/log/mysql/error.log + +symbolic-links=0 + +skip-external-locking +key_buffer_size = 16K +max_allowed_packet = 1M +table_open_cache = 4 +sort_buffer_size = 64K +read_buffer_size = 256K +read_rnd_buffer_size = 256K +net_buffer_length = 2K +thread_stack = 240K + +#innodb_use_native_aio = 0 +innodb_file_per_table + +max_connections=30 +max_user_connections=20 +wait_timeout=10 +interactive_timeout=50 +long_query_time=5 + +!includedir /etc/mysql/conf.d/ diff --git a/install/ubuntu/12.10/nginx/nginx.conf b/install/ubuntu/12.10/nginx/nginx.conf new file mode 100644 index 000000000..7937301c1 --- /dev/null +++ b/install/ubuntu/12.10/nginx/nginx.conf @@ -0,0 +1,124 @@ +# Server globals +user www-data; +worker_processes 2; +error_log /var/log/nginx/error.log; +pid /var/run/nginx.pid; + + +# Worker config +events { + worker_connections 1024; + use epoll; +} + + +http { + # Main settings + sendfile on; + tcp_nopush on; + tcp_nodelay on; + client_header_timeout 1m; + client_body_timeout 1m; + client_header_buffer_size 2k; + client_body_buffer_size 256k; + client_max_body_size 100m; + large_client_header_buffers 4 8k; + send_timeout 30; + keepalive_timeout 60 60; + reset_timedout_connection on; + server_tokens off; + server_name_in_redirect off; + server_names_hash_max_size 512; + server_names_hash_bucket_size 512; + + + # Log format + log_format main '$remote_addr - $remote_user [$time_local] $request ' + '"$status" $body_bytes_sent "$http_referer" ' + '"$http_user_agent" "$http_x_forwarded_for"'; + log_format bytes '$body_bytes_sent'; + #access_log /var/log/nginx/access.log main; + access_log off; + + + # Mime settings + include /etc/nginx/mime.types; + default_type application/octet-stream; + + + # Compression + gzip on; + gzip_comp_level 9; + gzip_min_length 512; + gzip_buffers 8 64k; + gzip_types text/plain text/css text/javascript + application/x-javascript; + gzip_proxied any; + + + # Proxy settings + proxy_redirect off; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_pass_header Set-Cookie; + proxy_connect_timeout 90; + proxy_send_timeout 90; + proxy_read_timeout 90; + proxy_buffers 32 4k; + + + # Cloudflare https://www.cloudflare.com/ips + set_real_ip_from 199.27.128.0/21; + set_real_ip_from 173.245.48.0/20; + set_real_ip_from 103.21.244.0/22; + set_real_ip_from 103.22.200.0/22; + set_real_ip_from 103.31.4.0/22; + set_real_ip_from 141.101.64.0/18; + set_real_ip_from 108.162.192.0/18; + set_real_ip_from 190.93.240.0/20; + set_real_ip_from 188.114.96.0/20; + set_real_ip_from 197.234.240.0/22; + set_real_ip_from 198.41.128.0/17; + set_real_ip_from 162.158.0.0/15; + set_real_ip_from 104.16.0.0/12; + set_real_ip_from 172.64.0.0/13; + #set_real_ip_from 2400:cb00::/32; + #set_real_ip_from 2606:4700::/32; + #set_real_ip_from 2803:f800::/32; + #set_real_ip_from 2405:b500::/32; + #set_real_ip_from 2405:8100::/32; + real_ip_header CF-Connecting-IP; + + + # SSL PCI Compliance + ssl_session_cache shared:SSL:10m; + ssl_protocols TLSv1 TLSv1.1 TLSv1.2; + ssl_prefer_server_ciphers on; + ssl_ciphers "ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4"; + + + # Error pages + error_page 403 /error/403.html; + error_page 404 /error/404.html; + error_page 502 503 504 /error/50x.html; + + + # Cache + proxy_cache_path /var/cache/nginx levels=2 keys_zone=cache:10m inactive=60m max_size=512m; + proxy_cache_key "$host$request_uri $cookie_user"; + proxy_temp_path /var/cache/nginx/temp; + proxy_ignore_headers Expires Cache-Control; + proxy_cache_use_stale error timeout invalid_header http_502; + proxy_cache_valid any 3d; + + map $http_cookie $no_cache { + default 0; + ~SESS 1; + ~wordpress_logged_in 1; + } + + + # Wildcard include + include /etc/nginx/conf.d/*.conf; +} diff --git a/install/ubuntu/12.10/nginx/phpmyadmin.inc b/install/ubuntu/12.10/nginx/phpmyadmin.inc new file mode 100644 index 000000000..d70ca3e3c --- /dev/null +++ b/install/ubuntu/12.10/nginx/phpmyadmin.inc @@ -0,0 +1,15 @@ +location /phpmyadmin { + alias /usr/share/phpmyadmin/; + + location ~ /(libraries|setup) { + return 404; + } + + location ~ ^/phpmyadmin/(.*\.php)$ { + alias /usr/share/phpmyadmin/$1; + fastcgi_pass 127.0.0.1:9000; + fastcgi_index index.php; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $request_filename; + } +} diff --git a/install/ubuntu/12.10/nginx/phppgadmin.inc b/install/ubuntu/12.10/nginx/phppgadmin.inc new file mode 100644 index 000000000..cd1e5806b --- /dev/null +++ b/install/ubuntu/12.10/nginx/phppgadmin.inc @@ -0,0 +1,11 @@ +location /phppgadmin { + alias /usr/share/phppgadmin/; + + location ~ ^/phppgadmin/(.*\.php)$ { + alias /usr/share/phppgadmin/$1; + fastcgi_pass 127.0.0.1:9000; + fastcgi_index index.php; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $request_filename; + } +} diff --git a/install/ubuntu/12.10/nginx/status.conf b/install/ubuntu/12.10/nginx/status.conf new file mode 100644 index 000000000..c0bcd0691 --- /dev/null +++ b/install/ubuntu/12.10/nginx/status.conf @@ -0,0 +1,9 @@ +server { + listen 127.0.0.1:8084 default; + server_name _; + server_name_in_redirect off; + location / { + stub_status on; + access_log off; + } +} diff --git a/install/ubuntu/12.10/nginx/webmail.inc b/install/ubuntu/12.10/nginx/webmail.inc new file mode 100644 index 000000000..ad66895bc --- /dev/null +++ b/install/ubuntu/12.10/nginx/webmail.inc @@ -0,0 +1,15 @@ +location /webmail { + alias /var/lib/roundcube/; + + location ~ /(config|temp|logs) { + return 404; + } + + location ~ ^/webmail/(.*\.php)$ { + alias /var/lib/roundcube/$1; + fastcgi_pass 127.0.0.1:9000; + fastcgi_index index.php; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $request_filename; + } +} diff --git a/install/ubuntu/12.10/packages.tar.gz b/install/ubuntu/12.10/packages.tar.gz new file mode 100644 index 0000000000000000000000000000000000000000..4b778dadce20a61f03a8ca920ec81c55a8730fee GIT binary patch literal 562 zcmV-20?qv&iwFRHoJ3Lp1MQYgkD5>vhFSY7+_9e37(#VaFxE7E(hXh3fdi2rFJZkFya3gX^b)n zVXSCG>M9q!r;?X63%1>^6fD25GP?9(Zs8i zm#eSAOO(kSvCYUG8}`JzlNGcp7>;dtR#6ZOYcoV)W|{76R22A_Q=gJo4AXSy6Mw(T z@QvYNS99i079ZTgdF&uH#Hm!H2Tkno>k1^mATb^lABoBo#r=lG9NGXU~REdk0(83B2vo&kr_ zAp~{{4=IqJS7Kl{UdaJ`lmmICl^~$|AizYY10B;!5Re`k^vG)ug3|w@mF?UAH~v$N z5%B*SfdB3Ik9DT%#Rp2&fAy{S9|r3<{gP~x+kO96-v30?!2fG-8UK&;KeGQw{$uw~ zsNXQZA^ut3x1l|*XixdCp}qF{wFdwI0000000000000000RC})0(q@EkpL(F05 diff --git a/install/ubuntu/12.10/pga/phppgadmin.conf b/install/ubuntu/12.10/pga/phppgadmin.conf new file mode 100644 index 000000000..f39247d6f --- /dev/null +++ b/install/ubuntu/12.10/pga/phppgadmin.conf @@ -0,0 +1,31 @@ +Alias /phppgadmin /usr/share/phppgadmin + + + +DirectoryIndex index.php +AllowOverride None + +order deny,allow +deny from all +allow from 127.0.0.0/255.0.0.0 ::1/128 +allow from all + + + php_flag magic_quotes_gpc Off + php_flag track_vars On + php_value include_path . + + + + + AddType application/x-httpd-php .php + Action application/x-httpd-php /cgi-bin/php + + + AddType application/x-httpd-php .php + Action application/x-httpd-php /cgi-bin/php + + + + + diff --git a/install/ubuntu/12.10/php5-fpm/www.conf b/install/ubuntu/12.10/php5-fpm/www.conf new file mode 100644 index 000000000..d046bceef --- /dev/null +++ b/install/ubuntu/12.10/php5-fpm/www.conf @@ -0,0 +1,10 @@ +[www] +listen = 127.0.0.1:9000 +listen.allowed_clients = 127.0.0.1 +user = www-data +group = www-data +pm = dynamic +pm.max_children = 50 +pm.start_servers = 5 +pm.min_spare_servers = 3 +pm.max_spare_servers = 35 diff --git a/install/ubuntu/12.10/pma/apache.conf b/install/ubuntu/12.10/pma/apache.conf new file mode 100644 index 000000000..2a8f69e25 --- /dev/null +++ b/install/ubuntu/12.10/pma/apache.conf @@ -0,0 +1,42 @@ +# phpMyAdmin default Apache configuration + +Alias /phpmyadmin /usr/share/phpmyadmin + + + Options FollowSymLinks + DirectoryIndex index.php + + + AddType application/x-httpd-php .php + + php_flag magic_quotes_gpc Off + php_flag track_vars On + php_flag register_globals Off + php_admin_flag allow_url_fopen Off + php_value include_path . + php_admin_value upload_tmp_dir /var/lib/phpmyadmin/tmp + php_admin_value open_basedir /usr/share/phpmyadmin/:/etc/phpmyadmin/:/var/lib/phpmyadmin/:/usr/share/php/php-gettext + + + + +# Authorize for setup + + + AuthType Basic + AuthName "phpMyAdmin Setup" + AuthUserFile /etc/phpmyadmin/htpasswd.setup + + Require valid-user + + +# Disallow web access to directories that don't need it + + Order Deny,Allow + Deny from All + + + Order Deny,Allow + Deny from All + + diff --git a/install/ubuntu/12.10/pma/config.inc.php b/install/ubuntu/12.10/pma/config.inc.php new file mode 100644 index 000000000..a643a065b --- /dev/null +++ b/install/ubuntu/12.10/pma/config.inc.php @@ -0,0 +1,146 @@ + + VRootEngine on + VRootAlias /etc/security/pam_env.conf etc/security/pam_env.conf + + +AuthPAMConfig proftpd +AuthOrder mod_auth_pam.c* mod_auth_unix.c +UseReverseDNS off +User proftpd +Group nogroup +MaxInstances 20 +UseSendfile off +LogFormat default "%h %l %u %t \"%r\" %s %b" +LogFormat auth "%v [%P] %h %t \"%r\" %s" +ListOptions -a +RequireValidShell off +PassivePorts 12000 12100 + + + Umask 002 + IdentLookups off + AllowOverwrite yes + + AllowAll + + diff --git a/install/ubuntu/12.10/roundcube/apache.conf b/install/ubuntu/12.10/roundcube/apache.conf new file mode 100644 index 000000000..a0c87bcc6 --- /dev/null +++ b/install/ubuntu/12.10/roundcube/apache.conf @@ -0,0 +1,40 @@ +Alias /roundcube/program/js/tiny_mce/ /usr/share/tinymce/www/ +Alias /roundcube /var/lib/roundcube +Alias /webmail /var/lib/roundcube + +# Access to tinymce files + + Options Indexes MultiViews FollowSymLinks + AllowOverride None + Order allow,deny + allow from all + + + + Options +FollowSymLinks + # This is needed to parse /var/lib/roundcube/.htaccess. See its + # content before setting AllowOverride to None. + AllowOverride All + order allow,deny + allow from all + + +# Protecting basic directories: + + Options -FollowSymLinks + AllowOverride None + + + + Options -FollowSymLinks + AllowOverride None + Order allow,deny + Deny from all + + + + Options -FollowSymLinks + AllowOverride None + Order allow,deny + Deny from all + diff --git a/install/ubuntu/12.10/roundcube/config.inc.php b/install/ubuntu/12.10/roundcube/config.inc.php new file mode 100644 index 000000000..0c82b1bc1 --- /dev/null +++ b/install/ubuntu/12.10/roundcube/config.inc.php @@ -0,0 +1,33 @@ + diff --git a/install/ubuntu/12.10/roundcube/main.inc.php b/install/ubuntu/12.10/roundcube/main.inc.php new file mode 100644 index 000000000..97cdbf2df --- /dev/null +++ b/install/ubuntu/12.10/roundcube/main.inc.php @@ -0,0 +1,850 @@ +/sendmail or to syslog +$rcmail_config['smtp_log'] = true; + +// Log successful logins to /userlogins or to syslog +$rcmail_config['log_logins'] = false; + +// Log session authentication errors to /session or to syslog +$rcmail_config['log_session'] = false; + +// Log SQL queries to /sql or to syslog +$rcmail_config['sql_debug'] = false; + +// Log IMAP conversation to /imap or to syslog +$rcmail_config['imap_debug'] = false; + +// Log LDAP conversation to /ldap or to syslog +$rcmail_config['ldap_debug'] = false; + +// Log SMTP conversation to /smtp or to syslog +$rcmail_config['smtp_debug'] = false; + +// ---------------------------------- +// IMAP +// ---------------------------------- + +// the mail host chosen to perform the log-in +// leave blank to show a textbox at login, give a list of hosts +// to display a pulldown menu or set one host as string. +// To use SSL/TLS connection, enter hostname with prefix ssl:// or tls:// +// Supported replacement variables: +// %n - http hostname ($_SERVER['SERVER_NAME']) +// %d - domain (http hostname without the first part) +// %s - domain name after the '@' from e-mail address provided at login screen +// For example %n = mail.domain.tld, %d = domain.tld +$rcmail_config['default_host'] = 'localhost'; + +// TCP port used for IMAP connections +$rcmail_config['default_port'] = 143; + +// IMAP AUTH type (DIGEST-MD5, CRAM-MD5, LOGIN, PLAIN or empty to use +// best server supported one) +$rcmail_config['imap_auth_type'] = null; + +// If you know your imap's folder delimiter, you can specify it here. +// Otherwise it will be determined automatically +$rcmail_config['imap_delimiter'] = null; + +// If IMAP server doesn't support NAMESPACE extension, but you're +// using shared folders or personal root folder is non-empty, you'll need to +// set these options. All can be strings or arrays of strings. +// Folders need to be ended with directory separator, e.g. "INBOX." +// (special directory "~" is an exception to this rule) +// These can be used also to overwrite server's namespaces +$rcmail_config['imap_ns_personal'] = null; +$rcmail_config['imap_ns_other'] = null; +$rcmail_config['imap_ns_shared'] = null; + +// By default IMAP capabilities are readed after connection to IMAP server +// In some cases, e.g. when using IMAP proxy, there's a need to refresh the list +// after login. Set to True if you've got this case. +$rcmail_config['imap_force_caps'] = false; + +// By default list of subscribed folders is determined using LIST-EXTENDED +// extension if available. Some servers (dovecot 1.x) returns wrong results +// for shared namespaces in this case. http://trac.roundcube.net/ticket/1486225 +// Enable this option to force LSUB command usage instead. +$rcmail_config['imap_force_lsub'] = false; + +// Some server configurations (e.g. Courier) doesn't list folders in all namespaces +// Enable this option to force listing of folders in all namespaces +$rcmail_config['imap_force_ns'] = false; + +// IMAP connection timeout, in seconds. Default: 0 (no limit) +$rcmail_config['imap_timeout'] = 0; + +// Optional IMAP authentication identifier to be used as authorization proxy +$rcmail_config['imap_auth_cid'] = null; + +// Optional IMAP authentication password to be used for imap_auth_cid +$rcmail_config['imap_auth_pw'] = null; + +// Type of IMAP indexes cache. Supported values: 'db', 'apc' and 'memcache'. +$rcmail_config['imap_cache'] = null; + +// Enables messages cache. Only 'db' cache is supported. +$rcmail_config['messages_cache'] = false; + + +// ---------------------------------- +// SMTP +// ---------------------------------- + +// SMTP server host (for sending mails). +// To use SSL/TLS connection, enter hostname with prefix ssl:// or tls:// +// If left blank, the PHP mail() function is used +// Supported replacement variables: +// %h - user's IMAP hostname +// %n - http hostname ($_SERVER['SERVER_NAME']) +// %d - domain (http hostname without the first part) +// %z - IMAP domain (IMAP hostname without the first part) +// For example %n = mail.domain.tld, %d = domain.tld +$rcmail_config['smtp_server'] = ''; + +// SMTP port (default is 25; use 587 for STARTTLS or 465 for the +// deprecated SSL over SMTP (aka SMTPS)) +$rcmail_config['smtp_port'] = 25; + +// SMTP username (if required) if you use %u as the username Roundcube +// will use the current username for login +$rcmail_config['smtp_user'] = ''; + +// SMTP password (if required) if you use %p as the password Roundcube +// will use the current user's password for login +$rcmail_config['smtp_pass'] = ''; + +// SMTP AUTH type (DIGEST-MD5, CRAM-MD5, LOGIN, PLAIN or empty to use +// best server supported one) +$rcmail_config['smtp_auth_type'] = ''; + +// Optional SMTP authentication identifier to be used as authorization proxy +$rcmail_config['smtp_auth_cid'] = null; + +// Optional SMTP authentication password to be used for smtp_auth_cid +$rcmail_config['smtp_auth_pw'] = null; + +// SMTP HELO host +// Hostname to give to the remote server for SMTP 'HELO' or 'EHLO' messages +// Leave this blank and you will get the server variable 'server_name' or +// localhost if that isn't defined. +$rcmail_config['smtp_helo_host'] = ''; + +// SMTP connection timeout, in seconds. Default: 0 (no limit) +$rcmail_config['smtp_timeout'] = 0; + +// ---------------------------------- +// SYSTEM +// ---------------------------------- +include_once("/etc/roundcube/debian-db-roundcube.php"); + + +// THIS OPTION WILL ALLOW THE INSTALLER TO RUN AND CAN EXPOSE SENSITIVE CONFIG DATA. +// ONLY ENABLE IT IF YOU'RE REALLY SURE WHAT YOU'RE DOING! +$rcmail_config['enable_installer'] = false; + +// provide an URL where a user can get support for this Roundcube installation +// PLEASE DO NOT LINK TO THE ROUNDCUBE.NET WEBSITE HERE! +$rcmail_config['support_url'] = ''; + +// replace Roundcube logo with this image +// specify an URL relative to the document root of this Roundcube installation +$rcmail_config['skin_logo'] = null; + +// automatically create a new Roundcube user when log-in the first time. +// a new user will be created once the IMAP login succeeds. +// set to false if only registered users can use this service +$rcmail_config['auto_create_user'] = true; + +// use this folder to store log files (must be writeable for apache user) +// This is used by the 'file' log driver. +$rcmail_config['log_dir'] = '/var/log/roundcubemail/'; + +// use this folder to store temp files (must be writeable for apache user) +$rcmail_config['temp_dir'] = '/tmp'; + +// lifetime of message cache +// possible units: s, m, h, d, w +$rcmail_config['message_cache_lifetime'] = '10d'; + +// enforce connections over https +// with this option enabled, all non-secure connections will be redirected. +// set the port for the ssl connection as value of this option if it differs from the default 443 +$rcmail_config['force_https'] = false; + +// tell PHP that it should work as under secure connection +// even if it doesn't recognize it as secure ($_SERVER['HTTPS'] is not set) +// e.g. when you're running Roundcube behind a https proxy +// this option is mutually exclusive to 'force_https' and only either one of them should be set to true. +$rcmail_config['use_https'] = false; + +// Allow browser-autocompletion on login form. +// 0 - disabled, 1 - username and host only, 2 - username, host, password +$rcmail_config['login_autocomplete'] = 0; + +// Forces conversion of logins to lower case. +// 0 - disabled, 1 - only domain part, 2 - domain and local part. +// If users authentication is not case-sensitive this must be enabled. +// After enabling it all user records need to be updated, e.g. with query: +// UPDATE users SET username = LOWER(username); +$rcmail_config['login_lc'] = 0; + +// Includes should be interpreted as PHP files +$rcmail_config['skin_include_php'] = false; + +// display software version on login screen +$rcmail_config['display_version'] = false; + +// Session lifetime in minutes +// must be greater than 'keep_alive'/60 +$rcmail_config['session_lifetime'] = 10; + +// session domain: .example.org +$rcmail_config['session_domain'] = ''; + +// session name. Default: 'roundcube_sessid' +$rcmail_config['session_name'] = null; + +// Backend to use for session storage. Can either be 'db' (default) or 'memcache' +// If set to memcache, a list of servers need to be specified in 'memcache_hosts' +// Make sure the Memcache extension (http://pecl.php.net/package/memcache) version >= 2.0.0 is installed +$rcmail_config['session_storage'] = 'db'; + +// Use these hosts for accessing memcached +// Define any number of hosts in the form of hostname:port or unix:///path/to/sock.file +$rcmail_config['memcache_hosts'] = null; // e.g. array( 'localhost:11211', '192.168.1.12:11211', 'unix:///var/tmp/memcached.sock' ); + +// check client IP in session athorization +$rcmail_config['ip_check'] = false; + +// check referer of incoming requests +$rcmail_config['referer_check'] = false; + +// X-Frame-Options HTTP header value sent to prevent from Clickjacking. +// Possible values: sameorigin|deny. Set to false in order to disable sending them +$rcmail_config['x_frame_options'] = 'sameorigin'; + +// this key is used to encrypt the users imap password which is stored +// in the session record (and the client cookie if remember password is enabled). +// please provide a string of exactly 24 chars. +$rcmail_config['des_key'] = 'vtIOjLZo9kffJoqzpSbm5r1r'; + +// Automatically add this domain to user names for login +// Only for IMAP servers that require full e-mail addresses for login +// Specify an array with 'host' => 'domain' values to support multiple hosts +// Supported replacement variables: +// %h - user's IMAP hostname +// %n - http hostname ($_SERVER['SERVER_NAME']) +// %d - domain (http hostname without the first part) +// %z - IMAP domain (IMAP hostname without the first part) +// For example %n = mail.domain.tld, %d = domain.tld +$rcmail_config['username_domain'] = ''; + +// This domain will be used to form e-mail addresses of new users +// Specify an array with 'host' => 'domain' values to support multiple hosts +// Supported replacement variables: +// %h - user's IMAP hostname +// %n - http hostname ($_SERVER['SERVER_NAME']) +// %d - domain (http hostname without the first part) +// %z - IMAP domain (IMAP hostname without the first part) +// For example %n = mail.domain.tld, %d = domain.tld +$rcmail_config['mail_domain'] = ''; + +// Password charset. +// Use it if your authentication backend doesn't support UTF-8. +// Defaults to ISO-8859-1 for backward compatibility +$rcmail_config['password_charset'] = 'ISO-8859-1'; + +// How many seconds must pass between emails sent by a user +$rcmail_config['sendmail_delay'] = 0; + +// Maximum number of recipients per message. Default: 0 (no limit) +$rcmail_config['max_recipients'] = 0; + +// Maximum allowednumber of members of an address group. Default: 0 (no limit) +// If 'max_recipients' is set this value should be less or equal +$rcmail_config['max_group_members'] = 0; + +// add this user-agent to message headers when sending +$rcmail_config['useragent'] = 'Roundcube Webmail/'.RCMAIL_VERSION; + +// use this name to compose page titles +$rcmail_config['product_name'] = 'Roundcube Webmail'; + +// try to load host-specific configuration +// see http://trac.roundcube.net/wiki/Howto_Config for more details +$rcmail_config['include_host_config'] = false; + +// path to a text file which will be added to each sent message +// paths are relative to the Roundcube root folder +$rcmail_config['generic_message_footer'] = ''; + +// path to a text file which will be added to each sent HTML message +// paths are relative to the Roundcube root folder +$rcmail_config['generic_message_footer_html'] = ''; + +// add a received header to outgoing mails containing the creators IP and hostname +$rcmail_config['http_received_header'] = false; + +// Whether or not to encrypt the IP address and the host name +// these could, in some circles, be considered as sensitive information; +// however, for the administrator, these could be invaluable help +// when tracking down issues. +$rcmail_config['http_received_header_encrypt'] = false; + +// This string is used as a delimiter for message headers when sending +// a message via mail() function. Leave empty for auto-detection +$rcmail_config['mail_header_delimiter'] = NULL; + +// number of chars allowed for line when wrapping text. +// text wrapping is done when composing/sending messages +$rcmail_config['line_length'] = 72; + +// send plaintext messages as format=flowed +$rcmail_config['send_format_flowed'] = true; + +// don't allow these settings to be overriden by the user +$rcmail_config['dont_override'] = array(); + +// Set identities access level: +// 0 - many identities with possibility to edit all params +// 1 - many identities with possibility to edit all params but not email address +// 2 - one identity with possibility to edit all params +// 3 - one identity with possibility to edit all params but not email address +$rcmail_config['identities_level'] = 0; + +// Mimetypes supported by the browser. +// attachments of these types will open in a preview window +// either a comma-separated list or an array: 'text/plain,text/html,text/xml,image/jpeg,image/gif,image/png,application/pdf' +$rcmail_config['client_mimetypes'] = null; # null == default + +// mime magic database +$rcmail_config['mime_magic'] = null; + +// path to imagemagick identify binary +$rcmail_config['im_identify_path'] = null; + +// path to imagemagick convert binary +$rcmail_config['im_convert_path'] = null; + +// maximum size of uploaded contact photos in pixel +$rcmail_config['contact_photo_size'] = 160; + +// Enable DNS checking for e-mail address validation +$rcmail_config['email_dns_check'] = false; + +// ---------------------------------- +// PLUGINS +// ---------------------------------- + +// List of active plugins (in plugins/ directory) +$rcmail_config['plugins'] = array('password'); + +// ---------------------------------- +// USER INTERFACE +// ---------------------------------- + +// default messages sort column. Use empty value for default server's sorting, +// or 'arrival', 'date', 'subject', 'from', 'to', 'fromto', 'size', 'cc' +$rcmail_config['message_sort_col'] = ''; + +// default messages sort order +$rcmail_config['message_sort_order'] = 'DESC'; + +// These cols are shown in the message list. Available cols are: +// subject, from, to, fromto, cc, replyto, date, size, status, flag, attachment, 'priority' +$rcmail_config['list_cols'] = array('subject', 'status', 'fromto', 'date', 'size', 'flag', 'attachment'); + +// the default locale setting (leave empty for auto-detection) +// RFC1766 formatted language name like en_US, de_DE, de_CH, fr_FR, pt_BR +$rcmail_config['language'] = null; + +// use this format for date display (date or strftime format) +$rcmail_config['date_format'] = 'Y-m-d'; + +// give this choice of date formats to the user to select from +$rcmail_config['date_formats'] = array('Y-m-d', 'd-m-Y', 'Y/m/d', 'm/d/Y', 'd/m/Y', 'd.m.Y', 'j.n.Y'); + +// use this format for time display (date or strftime format) +$rcmail_config['time_format'] = 'H:i'; + +// give this choice of time formats to the user to select from +$rcmail_config['time_formats'] = array('G:i', 'H:i', 'g:i a', 'h:i A'); + +// use this format for short date display (derived from date_format and time_format) +$rcmail_config['date_short'] = 'D H:i'; + +// use this format for detailed date/time formatting (derived from date_format and time_format) +$rcmail_config['date_long'] = 'Y-m-d H:i'; + +// store draft message is this mailbox +// leave blank if draft messages should not be stored +// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP) +$rcmail_config['drafts_mbox'] = 'Drafts'; + +// store spam messages in this mailbox +// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP) +$rcmail_config['junk_mbox'] = 'Spam'; + +// store sent message is this mailbox +// leave blank if sent messages should not be stored +// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP) +$rcmail_config['sent_mbox'] = 'Sent'; + +// move messages to this folder when deleting them +// leave blank if they should be deleted directly +// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP) +$rcmail_config['trash_mbox'] = 'Trash'; + +// display these folders separately in the mailbox list. +// these folders will also be displayed with localized names +// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP) +$rcmail_config['default_folders'] = array('INBOX', 'Drafts', 'Sent', 'Spam', 'Trash'); +$rcmail_config['default_imap_folders'] = array('INBOX', 'Drafts', 'Sent', 'Spam', 'Trash'); + +// automatically create the above listed default folders on first login +$rcmail_config['create_default_folders'] = true; + +// protect the default folders from renames, deletes, and subscription changes +$rcmail_config['protect_default_folders'] = true; + +// if in your system 0 quota means no limit set this option to true +$rcmail_config['quota_zero_as_unlimited'] = false; + +// Make use of the built-in spell checker. It is based on GoogieSpell. +// Since Google only accepts connections over https your PHP installatation +// requires to be compiled with Open SSL support +$rcmail_config['enable_spellcheck'] = true; + +// Enables spellchecker exceptions dictionary. +// Setting it to 'shared' will make the dictionary shared by all users. +$rcmail_config['spellcheck_dictionary'] = false; + +// Set the spell checking engine. 'googie' is the default. 'pspell' is also available, +// but requires the Pspell extensions. When using Nox Spell Server, also set 'googie' here. +$rcmail_config['spellcheck_engine'] = 'googie'; + +// For a locally installed Nox Spell Server, please specify the URI to call it. +// Get Nox Spell Server from http://orangoo.com/labs/?page_id=72 +// Leave empty to use the Google spell checking service, what means +// that the message content will be sent to Google in order to check spelling +$rcmail_config['spellcheck_uri'] = ''; + +// These languages can be selected for spell checking. +// Configure as a PHP style hash array: array('en'=>'English', 'de'=>'Deutsch'); +// Leave empty for default set of available language. +$rcmail_config['spellcheck_languages'] = NULL; + +// Makes that words with all letters capitalized will be ignored (e.g. GOOGLE) +$rcmail_config['spellcheck_ignore_caps'] = false; + +// Makes that words with numbers will be ignored (e.g. g00gle) +$rcmail_config['spellcheck_ignore_nums'] = false; + +// Makes that words with symbols will be ignored (e.g. g@@gle) +$rcmail_config['spellcheck_ignore_syms'] = false; + +// Use this char/string to separate recipients when composing a new message +$rcmail_config['recipients_separator'] = ','; + +// don't let users set pagesize to more than this value if set +$rcmail_config['max_pagesize'] = 200; + +// Minimal value of user's 'keep_alive' setting (in seconds) +// Must be less than 'session_lifetime' +$rcmail_config['min_keep_alive'] = 60; + +// Enables files upload indicator. Requires APC installed and enabled apc.rfc1867 option. +// By default refresh time is set to 1 second. You can set this value to true +// or any integer value indicating number of seconds. +$rcmail_config['upload_progress'] = false; + +// Specifies for how many seconds the Undo button will be available +// after object delete action. Currently used with supporting address book sources. +// Setting it to 0, disables the feature. +$rcmail_config['undo_timeout'] = 0; + +// ---------------------------------- +// ADDRESSBOOK SETTINGS +// ---------------------------------- + +// This indicates which type of address book to use. Possible choises: +// 'sql' (default) and 'ldap'. +// If set to 'ldap' then it will look at using the first writable LDAP +// address book as the primary address book and it will not display the +// SQL address book in the 'Address Book' view. +$rcmail_config['address_book_type'] = 'sql'; + +// In order to enable public ldap search, configure an array like the Verisign +// example further below. if you would like to test, simply uncomment the example. +// Array key must contain only safe characters, ie. a-zA-Z0-9_ +$rcmail_config['ldap_public'] = array(); + +// If you are going to use LDAP for individual address books, you will need to +// set 'user_specific' to true and use the variables to generate the appropriate DNs to access it. +// +// The recommended directory structure for LDAP is to store all the address book entries +// under the users main entry, e.g.: +// +// o=root +// ou=people +// uid=user@domain +// mail=contact@contactdomain +// +// So the base_dn would be uid=%fu,ou=people,o=root +// The bind_dn would be the same as based_dn or some super user login. +/* + * example config for Verisign directory + * +$rcmail_config['ldap_public']['Verisign'] = array( + 'name' => 'Verisign.com', + // Replacement variables supported in host names: + // %h - user's IMAP hostname + // %n - http hostname ($_SERVER['SERVER_NAME']) + // %d - domain (http hostname without the first part) + // %z - IMAP domain (IMAP hostname without the first part) + // For example %n = mail.domain.tld, %d = domain.tld + 'hosts' => array('directory.verisign.com'), + 'port' => 389, + 'use_tls' => false, + 'ldap_version' => 3, // using LDAPv3 + 'user_specific' => false, // If true the base_dn, bind_dn and bind_pass default to the user's IMAP login. + // %fu - The full username provided, assumes the username is an email + // address, uses the username_domain value if not an email address. + // %u - The username prior to the '@'. + // %d - The domain name after the '@'. + // %dc - The domain name hierarchal string e.g. "dc=test,dc=domain,dc=com" + // %dn - DN found by ldap search when search_filter/search_base_dn are used + 'base_dn' => '', + 'bind_dn' => '', + 'bind_pass' => '', + // It's possible to bind for an individual address book + // The login name is used to search for the DN to bind with + 'search_base_dn' => '', + 'search_filter' => '', // e.g. '(&(objectClass=posixAccount)(uid=%u))' + // DN and password to bind as before searching for bind DN, if anonymous search is not allowed + 'search_bind_dn' => '', + 'search_bind_pw' => '', + // Default for %dn variable if search doesn't return DN value + 'search_dn_default' => '', + // Optional authentication identifier to be used as SASL authorization proxy + // bind_dn need to be empty + 'auth_cid' => '', + // SASL authentication method (for proxy auth), e.g. DIGEST-MD5 + 'auth_method' => '', + // Indicates if the addressbook shall be hidden from the list. + // With this option enabled you can still search/view contacts. + 'hidden' => false, + // Indicates if the addressbook shall not list contacts but only allows searching. + 'searchonly' => false, + // Indicates if we can write to the LDAP directory or not. + // If writable is true then these fields need to be populated: + // LDAP_Object_Classes, required_fields, LDAP_rdn + 'writable' => false, + // To create a new contact these are the object classes to specify + // (or any other classes you wish to use). + 'LDAP_Object_Classes' => array('top', 'inetOrgPerson'), + // The RDN field that is used for new entries, this field needs + // to be one of the search_fields, the base of base_dn is appended + // to the RDN to insert into the LDAP directory. + 'LDAP_rdn' => 'cn', + // The required fields needed to build a new contact as required by + // the object classes (can include additional fields not required by the object classes). + 'required_fields' => array('cn', 'sn', 'mail'), + 'search_fields' => array('mail', 'cn'), // fields to search in + // mapping of contact fields to directory attributes + // for every attribute one can specify the number of values (limit) allowed. + // default is 1, a wildcard * means unlimited + 'fieldmap' => array( + // Roundcube => LDAP:limit + 'name' => 'cn', + 'surname' => 'sn', + 'firstname' => 'givenName', + 'title' => 'title', + 'email' => 'mail:*', + 'phone:home' => 'homePhone', + 'phone:work' => 'telephoneNumber', + 'phone:mobile' => 'mobile', + 'phone:pager' => 'pager', + 'street' => 'street', + 'zipcode' => 'postalCode', + 'region' => 'st', + 'locality' => 'l', +// if you uncomment country, you need to modify 'sub_fields' above +// 'country' => 'c', + 'department' => 'departmentNumber', + 'notes' => 'description', +// these currently don't work: +// 'phone:workfax' => 'facsimileTelephoneNumber', +// 'photo' => 'jpegPhoto', +// 'organization' => 'o', +// 'manager' => 'manager', +// 'assistant' => 'secretary', + ), + // Map of contact sub-objects (attribute name => objectClass(es)), e.g. 'c' => 'country' + 'sub_fields' => array(), + 'sort' => 'cn', // The field to sort the listing by. + 'scope' => 'sub', // search mode: sub|base|list + 'filter' => '(objectClass=inetOrgPerson)', // used for basic listing (if not empty) and will be &'d with search queries. example: status=act + 'fuzzy_search' => true, // server allows wildcard search + 'vlv' => false, // Enable Virtual List View to more efficiently fetch paginated data (if server supports it) + 'numsub_filter' => '(objectClass=organizationalUnit)', // with VLV, we also use numSubOrdinates to query the total number of records. Set this filter to get all numSubOrdinates attributes for counting + 'sizelimit' => '0', // Enables you to limit the count of entries fetched. Setting this to 0 means no limit. + 'timelimit' => '0', // Sets the number of seconds how long is spend on the search. Setting this to 0 means no limit. + 'referrals' => true|false, // Sets the LDAP_OPT_REFERRALS option. Mostly used in multi-domain Active Directory setups + + // definition for contact groups (uncomment if no groups are supported) + // for the groups base_dn, the user replacements %fu, %u, $d and %dc work as for base_dn (see above) + // if the groups base_dn is empty, the contact base_dn is used for the groups as well + // -> in this case, assure that groups and contacts are separated due to the concernig filters! + 'groups' => array( + 'base_dn' => '', + 'scope' => 'sub', // search mode: sub|base|list + 'filter' => '(objectClass=groupOfNames)', + 'object_classes' => array("top", "groupOfNames"), + 'member_attr' => 'member', // name of the member attribute, e.g. uniqueMember + 'name_attr' => 'cn', // attribute to be used as group name + ), +); +*/ + +// An ordered array of the ids of the addressbooks that should be searched +// when populating address autocomplete fields server-side. ex: array('sql','Verisign'); +$rcmail_config['autocomplete_addressbooks'] = array('sql'); + +// The minimum number of characters required to be typed in an autocomplete field +// before address books will be searched. Most useful for LDAP directories that +// may need to do lengthy results building given overly-broad searches +$rcmail_config['autocomplete_min_length'] = 1; + +// Number of parallel autocomplete requests. +// If there's more than one address book, n parallel (async) requests will be created, +// where each request will search in one address book. By default (0), all address +// books are searched in one request. +$rcmail_config['autocomplete_threads'] = 0; + +// Max. numer of entries in autocomplete popup. Default: 15. +$rcmail_config['autocomplete_max'] = 15; + +// show address fields in this order +// available placeholders: {street}, {locality}, {zipcode}, {country}, {region} +$rcmail_config['address_template'] = '{street}
{locality} {zipcode}
{country} {region}'; + +// Matching mode for addressbook search (including autocompletion) +// 0 - partial (*abc*), default +// 1 - strict (abc) +// 2 - prefix (abc*) +// Note: For LDAP sources fuzzy_search must be enabled to use 'partial' or 'prefix' mode +$rcmail_config['addressbook_search_mode'] = 0; + +// ---------------------------------- +// USER PREFERENCES +// ---------------------------------- + +// Use this charset as fallback for message decoding +//$rcmail_config['default_charset'] = 'ISO-8859-1'; +$rcmail_config['default_charset'] = 'UTF-8'; + +// skin name: folder from skins/ +$rcmail_config['skin'] = 'larry'; + +// show up to X items in messages list view +$rcmail_config['mail_pagesize'] = 50; + +// show up to X items in contacts list view +$rcmail_config['addressbook_pagesize'] = 50; + +// sort contacts by this col (preferably either one of name, firstname, surname) +$rcmail_config['addressbook_sort_col'] = 'surname'; + +// the way how contact names are displayed in the list +// 0: display name +// 1: (prefix) firstname middlename surname (suffix) +// 2: (prefix) surname firstname middlename (suffix) +// 3: (prefix) surname, firstname middlename (suffix) +$rcmail_config['addressbook_name_listing'] = 0; + +// use this timezone to display date/time +// valid timezone identifers are listed here: php.net/manual/en/timezones.php +// 'auto' will use the browser's timezone settings +$rcmail_config['timezone'] = 'auto'; + +// prefer displaying HTML messages +$rcmail_config['prefer_html'] = true; + +// display remote inline images +// 0 - Never, always ask +// 1 - Ask if sender is not in address book +// 2 - Always show inline images +$rcmail_config['show_images'] = 0; + +// compose html formatted messages by default +// 0 - never, 1 - always, 2 - on reply to HTML message only +$rcmail_config['htmleditor'] = 0; + +// show pretty dates as standard +$rcmail_config['prettydate'] = true; + +// save compose message every 300 seconds (5min) +$rcmail_config['draft_autosave'] = 300; + +// default setting if preview pane is enabled +$rcmail_config['preview_pane'] = false; + +// Mark as read when viewed in preview pane (delay in seconds) +// Set to -1 if messages in preview pane should not be marked as read +$rcmail_config['preview_pane_mark_read'] = 0; + +// Clear Trash on logout +$rcmail_config['logout_purge'] = false; + +// Compact INBOX on logout +$rcmail_config['logout_expunge'] = false; + +// Display attached images below the message body +$rcmail_config['inline_images'] = true; + +// Encoding of long/non-ascii attachment names: +// 0 - Full RFC 2231 compatible +// 1 - RFC 2047 for 'name' and RFC 2231 for 'filename' parameter (Thunderbird's default) +// 2 - Full 2047 compatible +$rcmail_config['mime_param_folding'] = 1; + +// Set true if deleted messages should not be displayed +// This will make the application run slower +$rcmail_config['skip_deleted'] = false; + +// Set true to Mark deleted messages as read as well as deleted +// False means that a message's read status is not affected by marking it as deleted +$rcmail_config['read_when_deleted'] = true; + +// Set to true to never delete messages immediately +// Use 'Purge' to remove messages marked as deleted +$rcmail_config['flag_for_deletion'] = false; + +// Default interval for keep-alive/check-recent requests (in seconds) +// Must be greater than or equal to 'min_keep_alive' and less than 'session_lifetime' +$rcmail_config['keep_alive'] = 60; + +// If true all folders will be checked for recent messages +$rcmail_config['check_all_folders'] = false; + +// If true, after message delete/move, the next message will be displayed +$rcmail_config['display_next'] = false; + +// 0 - Do not expand threads +// 1 - Expand all threads automatically +// 2 - Expand only threads with unread messages +$rcmail_config['autoexpand_threads'] = 0; + +// When replying place cursor above original message (top posting) +$rcmail_config['top_posting'] = false; + +// When replying strip original signature from message +$rcmail_config['strip_existing_sig'] = true; + +// Show signature: +// 0 - Never +// 1 - Always +// 2 - New messages only +// 3 - Forwards and Replies only +$rcmail_config['show_sig'] = 1; + +// When replying or forwarding place sender's signature above existing message +$rcmail_config['sig_above'] = false; + +// Use MIME encoding (quoted-printable) for 8bit characters in message body +$rcmail_config['force_7bit'] = false; + +// Defaults of the search field configuration. +// The array can contain a per-folder list of header fields which should be considered when searching +// The entry with key '*' stands for all folders which do not have a specific list set. +// Please note that folder names should to be in sync with $rcmail_config['default_folders'] +$rcmail_config['search_mods'] = null; // Example: array('*' => array('subject'=>1, 'from'=>1), 'Sent' => array('subject'=>1, 'to'=>1)); + +// Defaults of the addressbook search field configuration. +$rcmail_config['addressbook_search_mods'] = null; // Example: array('name'=>1, 'firstname'=>1, 'surname'=>1, 'email'=>1, '*'=>1); + +// 'Delete always' +// This setting reflects if mail should be always deleted +// when moving to Trash fails. This is necessary in some setups +// when user is over quota and Trash is included in the quota. +$rcmail_config['delete_always'] = false; + +// Directly delete messages in Junk instead of moving to Trash +$rcmail_config['delete_junk'] = true; + +// Behavior if a received message requests a message delivery notification (read receipt) +// 0 = ask the user, 1 = send automatically, 2 = ignore (never send or ask) +// 3 = send automatically if sender is in addressbook, otherwise ask the user +// 4 = send automatically if sender is in addressbook, otherwise ignore +$rcmail_config['mdn_requests'] = 0; + +// Return receipt checkbox default state +$rcmail_config['mdn_default'] = 0; + +// Delivery Status Notification checkbox default state +$rcmail_config['dsn_default'] = 0; + +// Place replies in the folder of the message being replied to +$rcmail_config['reply_same_folder'] = false; + +// Sets default mode of Forward feature to "forward as attachment" +$rcmail_config['forward_attachment'] = false; + +// Defines address book (internal index) to which new contacts will be added +// By default it is the first writeable addressbook. +// Note: Use '0' for built-in address book. +$rcmail_config['default_addressbook'] = null; + +// Enables spell checking before sending a message. +$rcmail_config['spellcheck_before_send'] = false; + +// Skip alternative email addresses in autocompletion (show one address per contact) +$rcmail_config['autocomplete_single'] = false; + +// Default font for composed HTML message. +// Supported values: Andale Mono, Arial, Arial Black, Book Antiqua, Courier New, +// Georgia, Helvetica, Impact, Tahoma, Terminal, Times New Roman, Trebuchet MS, Verdana +$rcmail_config['default_font'] = ''; + +// end of config file diff --git a/install/ubuntu/12.10/roundcube/vesta.php b/install/ubuntu/12.10/roundcube/vesta.php new file mode 100644 index 000000000..8fb202a44 --- /dev/null +++ b/install/ubuntu/12.10/roundcube/vesta.php @@ -0,0 +1,62 @@ + + */ + + function password_save($curpass, $passwd) + { + $rcmail = rcmail::get_instance(); + $vesta_host = $rcmail->config->get('password_vesta_host'); + + if (empty($vesta_host)) + { + $vesta_host = 'localhost'; + } + + $vesta_port = $rcmail->config->get('password_vesta_port'); + if (empty($vesta_port)) + { + $vesta_port = '8083'; + } + + $postvars = array( + 'email' => $_SESSION['username'], + 'password' => $curpass, + 'new' => $passwd + ); + + $postdata = http_build_query($postvars); + + $send = 'POST /reset/mail/ HTTP/1.1' . PHP_EOL; + $send .= 'Host: ' . $vesta_host . PHP_EOL; + $send .= 'User-Agent: PHP Script' . PHP_EOL; + $send .= 'Content-length: ' . strlen($postdata) . PHP_EOL; + $send .= 'Content-type: application/x-www-form-urlencoded' . PHP_EOL; + $send .= 'Connection: close' . PHP_EOL; + $send .= PHP_EOL; + $send .= $postdata . PHP_EOL . PHP_EOL; + + $fp = fsockopen('ssl://' . $vesta_host, $vesta_port); + fputs($fp, $send); + $result = fread($fp, 2048); + fclose($fp); + + $fp = fopen("/tmp/roundcube.log", 'w'); + fwrite($fp, "test ok"); + fwrite($fp, "\n"); + fclose($fp); + + + if(strpos($result, 'ok') && !strpos($result, 'error')) + { + return PASSWORD_SUCCESS; + } + else { + return PASSWORD_ERROR; + } + + } diff --git a/install/ubuntu/12.10/sudo/admin b/install/ubuntu/12.10/sudo/admin new file mode 100644 index 000000000..47e16098c --- /dev/null +++ b/install/ubuntu/12.10/sudo/admin @@ -0,0 +1,7 @@ +# Created by vesta installer +Defaults env_keep="VESTA" +Defaults:admin !syslog +Defaults:admin !requiretty + +admin ALL=(ALL) ALL +admin ALL=NOPASSWD:/usr/local/vesta/bin/* diff --git a/install/ubuntu/12.10/templates.tar.gz b/install/ubuntu/12.10/templates.tar.gz new file mode 100644 index 0000000000000000000000000000000000000000..ce385d269736561780cb42d07b447572cebc7831 GIT binary patch literal 12935 zcmb8URZyHw7p{#YxCM6!?iL`pyF0-l1b6qr-ARz(?ruQ`4^D7`y9DZuAm^Lf{USGsP}RK+Ga`Vs-jJz6Gn9?|BB0`1J6{51&0u1-A(wAoe9`E z6vFFF9$veAdvSRue)_)Gm@QM;@XM>>0=l8*YwY(9{W9)%`RepE;+hLbGq^pv&)ZB8 z+UJ~^_R)U-TTXk!Dy_wd_uoOXH4L}g?^PzZPuwP_giL3A>ZWfDXn-)&+Nm*ctt9Ro zzkcM%b@(K34skWxW)xsdtReG-76iG!9zTrl!oGPF7;opAZ02sl{ChtK1-k6$74E0VejNdmSy38^P3J)Cf1-Zx6e}P#H|JTn7qDvR7!;<+EIe1bS^)*sfD>N50hnQeUnWn zFzTjnL@U1lj|+WjgiikibRW$cPRdAL&8qe8hhbL;eScs!{aa2e*ND-B@$C?!=FCH< z^~s6$i*H`*kGD%$(}!nN!-i^SK>feAX?tMl#;i>zYY8Z`ECzfKVqt*R8<=8~zX--| zp;5yq0um(a)tI)s77x-MFxzhqcEg>lUcYlUq3I%=BpHOc@9K0o`I|be`;KOZlPvIB zYPgu1K~sfidwaY51A@~Wj7>yn42>vAGk#;tx;$*i{Tj6kqc=v+*(I%@AYAhrX~N;| zsVvA7PqoV(G?;0HJg6vh&eRaE17Z&1XD^^m<9eM*0(N776F=<%FzIiF?uy&r%&Ith z($#hX`j!7uj9H2R{rU{N=PLxlanOBhsI7S?)T^%aha@c0@_qh;CBcDNWES-e-~)fv zKigBvPb(cGbwntTr}EF(Q@xXKhVB`e-a8%S*l`ESQcI($yR@DW58K>x`0eP=t{3FKGSRo{uR6e(#H$&Qk ziC(*DUd~E%L)b3adpbv^tUcfN-g!`|C&cJ1X1#Uf_)CxL)Nh*j`pF^P*h863`SqXQ zg13_gtU|4xc-=An4!LsgqoX7@RS6zE)~IG#7NVepDyvEys@ z*$PQ2+eaoBb0@g~!FfY{w&eW}2otfFH4Awx?+i4UTqKU9Msn|(jpkA`XF_p8f*;Gn z9L1&GhDc|*yuCLG-|=WcA)WpAU9RB1w;Ngfulms@WDka*s@ijS2qmv<#;))b^5lUU z=HFlCf<5Rae4^TxH~n=d+@}UT>ttwW+H7C9wHUk!zS2}Jn0%FsMP>-nm`%?Dvs3yy z??763L80Q*Rh#*37V&&Ki%&c8iRi;i0)q|h~vc@%bYbL1kN>=-s0)-cON^Yodi1Kp3KXZ?pJLJKh-(zS?3;W z_;?d?YEg^fIWXfiX5v%K>gFrBUWMWDt8$u757-_T*qr;5k05jG{9I(tE=SDl>LwbTE`79%21I)E>;jq#e6Zxg-5dBfX*LMqh0umSQ2o-uO{D#!-7F0 zt~unv(iXbV2M^9c5n7c7K$B>N6pd^P*}&%wtiwWZ{bfP9OHXMTl08vcbFrD z(tHawlPyRE$*!c`0m7l-Pvp5Q_Pat{0~Dh_4gZd`l}u@}M4~mv&SmMuS7^r%Wn~uq zDqKZF+?smlPthH3MLeow@zTVFU>x21VNhNwDk8cvhNkl@+9BPK*!M5L&+R0kee~yQ zPn}B|<6e{AKH)Dhip&S|Jk~lF8B&Q#0*H@e3Bvustg<_4jnw0wH|&nuh)5ZYv$8&$ ze0Ps<)-;-cSR$PHPBrE|Ixj&aUhNGLjt0Aq!;`_w4)LBhBGJL`c_AgtI_u458364a zyI=%x%|FrU9>hVO4BemNuI-QD|F$&GD+1kr=U;d8=%_LxVT@ayQ(F-=;QMZ8{vPKJ z?ukakSmd&E-!Ni-8iY&<_rjv>IVyWs?P&0iTHJnl&X`v}Ay>DqpoHQQ|s!d4G~E&r^`Y6YC@j@?kZMe1n5pC=`GcHJkG3W z5(?_>(qygL-S8?#O53fJl>}U2-MV%B57eWX!ymAeW%H;a+XqP)dTi2skTBzi%<~2v zxlZq}1SFPfDBdt;T&1y&x9|sD9Jxk2ZNhDT*5KkF`&pBM=fd07G|I9UGqc361TVIe zu~^RmxsUz2H)gt=vuhw!&|Iu^iP00M8eu^so#6dZ{g0D)KGogXh?!@MOR(*FPJ zm7qA-wlYTl3Ry^A)jHQYopA;vvH^9bKuyLG6wq>q zff!S2f&Z?Ll@N}|C=^mQKx9K!T-|pb*-AC)O|Kl<9aVNL&i@srzYQ29#R6!tZ`<$b z9>u@B3(S56Z9o4_A-eLUV|bMh@qMMb;JdPZ>nQxe>hUNZ3-}<8zqsJOi0>oq%%^iK zgwuWD2!@{=K@GIQaRF`~C42HM7$3pJ9%%tn3G; z?H;2Ge(>) z(=BPRn!e6)!2SX0KT1|(*)tWB!xgAc7>gIa=nR)oEH}?x#mJ+v?r^)}N2K4KAUbp| zUIj@q`cHAY4MrV4-i0#WQO>kjAdSD!O)9qY=Kg){Hv9bLl4r)fX1c8}BbsnYXI&2a z-^AuMfeo6ktzS=Z4dGsm^NHrTz26bpuX|5!jTfhTXKY)DSkHh152l+0`{(ixt-1}< zbcxD|X}Cn6+$4PvCs#n;9KHU?Soz__!yta#1Fk=gL{xHKT-`$@o%Z&QZUo=_fucBO zX%X!4T*$@URhRLQU5g(O5n}p!`F-s6VLJ~3jNC$DE>%Av|CPUCKphIW{HM!N>214K zPLRXxw<5aqh{A0-l&*iU2347mnmw?Rn==6ZFB&hAyorD^TD|_0m(2&&eOIaOu&{7A zbPBcNTLx1@-!|#9Vwn8d(ZN%9`jOL}MzkbP^qjAccW|JGyPrY7h&2umnN#_^dJHF{ zOB{p}ar*T6YLnODjtbtG58(3x8uaFBaL_YcVMA1+oq!J!4lPK))@Z}FDp|+LiYu@a zDhcT0{)c>eSVllD2-xGI$zn3BGz3RAl6R;i~4yG{UyOwT+XbQ(0Z@>8mFH@g7 ziUCEdW5>xZ$>UU4&YUx``3njQnH$%4&*_t&6rTdA_NWq~-QO(L#++e~3_y&ICmW%t zwWuzG&5QL5lUHGu$Xdoe#VF1nGjK3PhBB?zbg|kK*L3bD5>X0@dtyFXo9$yU$eDCS z4m8s#jO;GzQ$(VviZ;qIHPv1O1oDF@%(3Mc&y8!AGYYcw8C!53XW|V?A4U1i89d8a zfHX$Tg~$=r)@Hu7S=n8B1i5`Uo<;K?)DR|%utBHffOjx;Mb95{kT%i1c@A0%8k!-C zAlzjUf#S1gL==<2N>v@yp}YBg>T>oe_~#l#mF8co8Vh_+AF7$yXdD7`-@C+2Tx#SP zg_Hism7-12$uPu$Te@bYRq1;Mf0)h}Q*6@uS!kel9kq%N=F+6qHJAUSr3YeA_;t`A zCh%rjXP`mw(}pN@%&>NU#darNKr?JOc`Slin%wLcpOy^eS1bn5DoQf9tf97<>@%w) z%U{-vi4mnBwB68v4Vxn^a(f6glwJ08*T;d-oc!R&u!ZHpkVT%51c`h}QAP47|G}9i z%l(M240*qAMlJ786>N;f?A<*Zh1=5-hdCQu!#|WMPdkDu*teb#WqH{{YASc>N3Jz9 ztB{}ldKN$4GK<**IgiC()Q_7cfCavw85koN*v33hRrrRZlVWnjrKowDc$hyZ+rqZW z{<|U7ObZjrp|Na5NU?a0*gCrz@~#if@(4J$UeUkvm4fQC6Qx63h#I4y%7&+B2>5l{GtlExn3}7CZBn4L9P1oLF4yf;MU@j$x@+RDoSE?Yh-W@>dTTdZsAU+bF zzF?DvW%XkO5hs?eGlJ29$s5HoO|krX#8?(?YpFpTRr>qvxV}QWjOQqWspz$DqM4*P zMJoz=^20Q*j+#xJeNn@7T^rt>rZV}yks>B8wU868$B)DYg`^b0F5;7PpUeM6PO{D;%#AZ<&uCMl$~8h4S#zweCGPL%EW-cEa; zlJyhIO{&-**NGLL_jSk*xb7)uabTMVK#i(1P1N;+Z?%O20}+uOHsZyx-Yc!a5G=E; z!5Gf;8xS8kXbja?dj$C)Y=^#aI;@Ss3W}OX_eoWw{5A7}0<87>5!?2jG`b&d%+<`$ zDspmaE6JBW-QeMh?~*;?$t597P1woPcn@>l5@k$LXuZD9^PL|rS8fy55&%RUj)0dF z2aJ>c6)YTj)ejqjkpBg=Y1TJB{cUlAT3%bA5p>-%omgcm=G17f5G#wgE=O}k1jLr9 zv%Ni8o?5_Ejb36EiCs3Ya+6YmcS1Is`X{iLb9iHywh`F2fX&q#aK$-bTV@5=Fg8lT zaz4YJzTbhAV6i|)5CjVfK7g9J!>+pTf2ZAnP#wwiRsmIVAYkHI+(h{i9*AcrL{8$n>IJ~)+8beVHq_}#Sf=o6$M zUrU@c`ulZr#P=?13#d>j^~(&M-ghCH(RFr8ZRV9I8xOc9LV+FnXrek|QRi%}rPf-D zVxiN8+r_?*%cYfEoeQ_dEPrL>EEFvH5i!2R31S1mK1)5lwPv|cPHVbE8l2xRmV4eaqLbfa*X>9N==^WH#klhCO(?7%3)y!SA;LlZO zH+!?ky9K;)R31}&5GIu{@oegzO?w2lbAAE=O=#wvdWh%jI`9GUUi}_Vmy^-iuLUo= z7cn`9O{P#}2AOE9MLZl}_pLw?+7T3!3A*r#(R-EukMCjIVf;RKH zS=q_{rnO-f2yOXXUG6Yo<|R6EF;;q=P&hh-XpJZ%f`QVEzez-Z)K}ef)vbJ=1QO*? zW;gt~BA+TFW}umxS0kGy_%6TOKrZIBUvwlX{-2Qm#!*#Vu=$0NCN`83vi5IA7Ej-* zm-RO(2CH~@APZNj@aD5t{7G_LuE~mO<48WPs?bsj#)O=f;F&QR@D7x^4}WZi*tm8z zSTGy;J45gM?BS~GwtOZ=W-w83IKI-2-etNX?+s`1#3T#EPi z96E!g_>x)Ghe3mq?-l#7sorYH0SZm7eaE_9rS*EQZvrzQ+hTNd%#nDPq@KW_kkAGdp z8bvYu*BrDYc#Jg!zlx)U#Nmm7(JJjKD;^!%;>PPD=6O#d=-t7cf} zA(nJ*jXv5scRMt-A+MqOXRg8^=nBy@c>f}sv{)=s5@#AeYbLW6fJb7orLTP~nY19J z4AXq4cYlMFHcKuN>qY=^-igkn&ae6U;g`o9aQ@$s*7=*a!LQ7X?R#r#>~V_@0`+U< zRqOW~J!-j|y-%MKvDl?>$>J8%z7upPiNEH-Ll|V|GE~KdK6h7PU{Ssc&EAF!CmDD< zC{TT0M{nM&mUpP^%vs0}_3O%-_9QL^y}eG~T^&mQeyj+iV&DP&;p|!2A1;|n2V7yA zVkmb7!ssi?Hj4FE-%ic_WWI39n8JtK$0ECoJg1jp#R7;MbYp2UjGPwlETTx=1XJIO zgykH&9aY^2kbnO%6dKQQKK;Z9u->|A7MsVfCAzCmZ~IlBQb}w}Hq6`2uT+dPAfTq( z6PDv1^Xp~SUbH!c1>+|rj=fL?a~E_m(WH;i_{5%bW=G>`!s;g7kgTb#gSvJzPmTXx z^P*p4t6Wo~8;CcbRMgj)(Uph%^w;>Tyqr3`K(C&f_4yxBD0uTa1EqE>nQJ#ZbeFcZ zfh6Wf$eHd8XVrf1r;FoqssnR91-j#$>)~u_{G`h-aX5s+t*P|*opw^(%pMUR1yqS= zli1wu=@gSZxaFC1St@FR@*1w%7%?Srb>>)UiC4XM zV)x?=sGjGOtx=3A>1)@A{14O+9$C--P~87@&8zZ#+rKtl`M3QGrfYDO{jhz}reg?r zm4-bOn09axOvNT$(>W<~)@?;vzz}vE=0%kTErWU*-?vI)S*Sx`@UOJ~QR6;Gs;DN{ zD0(5(gj?dyVMk6vatr%}J0;}_C%0KaRe^rwOCPc|APbgmtH`y7;b8T;WB8rf7A zjl2?3#Pfykp^-*!#?}5_+cvH^M@Ln*@C{8Q>#WitdID9bOl)S zjPVW{R>8JMiFqiXuU9)}`q21&_vp=ejcVqyXYl8;-bXkbf(!BPO;hl?HeUkp=PCsN z47KK-eutxdc)Rf*1Uo}v7fA^~Wpz;7<|+E~Hsfoup%xD;IpJYJV@N?96LTN>Y3<|0 zY~ft&-s`6>v%uYFYU$(pyHiUhtadBo&u(!{Fsvgj9QEig&|Ji<6>qBnBzQ>J9R=P5MMb`t=J4Y`%7#a zaeXIwq=m^aGw9WB5tU}+3j4mw`weN5OK{n$ej2bzMziC>p^2BqRU+NZL-CRQTSl8R z(foTpQnu2Ui@qpl>?wbryH=q{Jb_8VnTtFdA?%L(=E`l37DL&NROMo3g0e)~h)>=^ zSn?t9THlSrhNyU*ph_<3Zce5~@YJOwlv4=$={o~j>{Gnl>8$i)(K95-Lp+NNig$^$ zd%9KXy3&bDIRMkEm)RGLg(|i8PxW8j69~9f)bNcU>NEIgV zF7`+8Wj7Jec`dZ1$yN1n)1ZT`wR_6GxuC^^Cq|V#xyHcqv%yjc0Tq!R#ltSzLSJQ{ zc=m0dAi?$>cIGSk%4jUPv8S50-*J0$w!P&GL1j5!nN++DxVy9KT{d$v#Y*H8J_0x1 z@*O0878_Xue;im_3q`$hxZJ;Qho>apEraSXu(CSVw?Ou_yNcN z-LG5GmSC4fu&PlAej>$%Twi*N{(7Gm#bS?qy@KZrTz&_tt2?|02uFZwM%{U!q4YI9 zSnWmd^tiMjJvca1I~5AnJH`gBI|2)txBtzqmI$9g4fLX}&s6hfiXv$c+8ZD75i_r6 z{a=8`wCN7Z8sNE@U+(>h;J+H=3sZg+7bs8y11?FtE%$Y9A-@j5TY$3BS=HQACd}-` zNeF0QbV>n8$_-6k7{A%bxhkoz@(`FzCxMh+(o{##EFXBvJfuE_TJRJ0z4MR#R*%yG zNgn)e%hu;~ayiVZdwHV<`PcDm#n-`D6Dw$%H+{tFaZuZHH*SC6SF_zio~!sV6dwaZ z-qAXV;cUj`W3kU?&oEsr3i+6is%3lnbG~pbBu>tEH$NaUPv>!(WUIj>wl{JqfvmhQ ztmsA$<``V~3451dM^@j%fe#$gH={2E-Oj0(!{fyslB!yrp(eX=i;(xifRAvirYps1 zsl0x`)q2Xro@lsoYkm5mOY4v!wk%53#WNgm!R!5UelhE^g$aT_kDzv8<1rfG4(!xA zM-00+4(}=WERwgpfvFN%zfV5W-n<|Xlu|Nmv2NO+CVyOU%CPAsnIfH!Qs(~YKVr4= z2?IU@ReR8vb19_*$%~<{1G%&ME_ojn_|pl zMUaLcGJk*HiO|~OkyC{aOi!0RyS+LUszMqT&PE{($q;aZ*9lCYJ@(p672?t_F_Bjy zUCr=v&5RJv92S~kaj2V8nuc?*l0Z2!xAN!57C9Gx_w?WFNaw*sOl=w!lyK7Wyy}yX zI(d;iHLPnopc=tOyP^IZ^eU4ut90Fl7z%4{@Iy}B_Cf$Vaj$X&pq&ieRP^(DQbk55 zbH5yX{OXbqws7a4sQ(J3l`$2}r7gD@IAPq%D$5CCEr@xsf}@|rl?<^8f3Lc892{_a zADziqLnJOP?C0fwI~je{5M4vWC@vaw^Y1};Oc*Zh=_LAMr?HeVLJ~Dx%mBkM4)_y0 zLmmY0>_cFS2wU*)HH`q)6e`-*tN
JXql@HLvN@Zghx7di_zx{Jl{l=j8>Rd0iuIDly5)|igW-~8Wh{82vJVRya(Gh28$Tg zNYvQTi%N?bCT;d~G|V4#+1?=$n)3*Hxd;vcbUYEFUd2Vb0A2Nu&?ll{P)8UPg|y7h zt|X>^>LNVb{#blXPfp^$?bprv6EHIeJC+ep4Snj{tkXIm5nFTt8ER^2OuVN!m)S0X zvQb6&n|xqJy&%>~Sa#2_Yw!4`{PZWwbk?(I*2wCsAP|b1st=@4l>#FI_0_}g{H+*3$S0l%u3ywW7$1|v! zaSpbH0u!@>L3X&jg3KQY$hH&phHZrY?~(zKk;K(>(uzNUH- zAZr2aY7}3oR5yTsUaxfjflMoKr|}3vF~{kr4v~c0PlCr#@)7#+3hHvro10o+MqFfo zt~mW?mKeRX>@k4lKg0BMFm;nxaf$PA{1_x*m9s`ei8?E;LBeQjPh;<^BC`vhy=8L5 z7V&1ruJ_U4bC3GCMbrm^YMib4{f-))$Pn`w@a>Pczvf0da-TC@FN1z}mO*A+i99yD z?0_qiI--5?Hby9TD1ip5FaHrL{|FqiUo?X}p29l2ChO3TRP!Rgae*d8XFjXt@lt+2 z(l{O@3MS9x?sg^QXz>(gRF%k(P@nrEjix>Us|FT-+Fwyk>$Q|s_U^a(#+sJf>R0Nk`o%iVEFD>Xu zX43CaBLt7SlSZr>sgwQU=RQ?pa1EU9vC%~c0OR;rBBGUX^6$}2?3>@PSr6go;#A(uRDeJ?r@yt7-{CNjWf$})#`?+ zFPi}mLdWU?k8*Asj=i8JW*@(>J$VC6@%xc~i?g{NFuI%b>=Cb=x3dd$gWg89atW(} zpW$UJH1jFz$K_|Mdo@4XPjjfTLC3Gi)5C_Tc`q8ZDaaS`YX<7~dyc5&+<)V>LrNWw zh|!H@H;_j8_QnQ8l%L8S%>>Q6l5&oGx5~mB7`a#+TWdF^-blaz8YHi*1i^s*##_FvY061=ALqeLd@J$ksHKP z6_vt~i+S&GRR-uk{ed{m2-yA_H6$NcWKeg!b{27o$qN>%+`hm|M zjQrW{eCJpuGlA6OeZNfM*=pe}a)<^~85he}>OE)56_#oGj@puBeg(|;|IxYaXiy&W z-AMMgq<11R%N9ux>R`07CGmPg{W}5dS5v*+RO%`%2QJ-e;6wr@WSo`q^vbpL23}{-71LD?wbSfJb|su5Qg-`CAXhJ6+on33>{I+|^K- zwa7vH3&QmHz2^_T7v2|u1D=jPRs7J?tysxYHt}Nodch%A_&)zMU(j;!`Bbyj0TGQZ zgoKK6jAUQ9a@LP44T9G;z`OFrKX#;sY}9qa3lXQEOut~tlYwZ(?ZXJ~+*(Uv8-?OC zK@NPFkb5V}86w*SD@mDPYD@YSWld@SMH-SkDS26r`r#wM>+(6gP5fS^a8F+sQQ$AA z4fhEU3Tg%Pg)azCL0)w80A(D^hvW*Ci3fRZR8*wwYt}`wMO=4aP7;2-&-EBPV(4cC zH*B^a>!6#azD6inJFwDaC@>201+*`Gm|-5GvFBj>dq9HttUjkJrGq6*7Q}3zGXi^! z+6TPWFZ3J%%rLWIfEKuFqgw;~m|n%79-+Vtadf%`#ET?~C{b#zg9h=&%IS%aFFo`# zNz8vjOOT+`_?p3T0XSE|Ij;d14@Pq^7o$@=1#quf2em$bvWY{l25Q3mFo194!B^Wsg34TJo+;u3;H zh)L68Y8_|n67v>dYp`@xip(ip-0eD;*)jEGuvc-g zmy*qWG(*DDS}Ym#Gs_tjzdh+(;~4jRG3r_pG74zmV*LXIOvP)OSizs4Wc%`@)hbqp5NwjpbcWEw62}W!p z*6|8cobtEeznxZ0F6#XOvo1E@jd zVB@0*+6D6lQ4$(WvC9keSb2MA9kh3)cKl`9lI2`X<_~1cx(V?8$?dig&%>`jKhcrH zGOhC<_!_p)3f}RjY-u8T-)7A%ex2|e`Rq7Da7~%Th32T?PtqT*=7(eaSVvv~-XwzU zrcyVdjp8A8p^dJmXd|m`kJnSJW01feAbrsqaPu~szeWfXH#`8EGGv~_Dbt?S*;r3P z+}1k^|A$;`Hk=Q!Cmfl|LH)`E&U7(tYJ?`&ZzQ9ySb(Eg9}x1|R_ir(zeM42xB=w)0Si$1$NjQTY`AjI?K{SLxzowsX7ZMHi$ zLFA$2ZD*1Z4Y)}Z#W9$I5IUBjLTV9>dp?^gk?KBz@EG=l>nNr+5t2=F1r$$z^twyC zNq{ZCUfd`A7U@Z{&xR!>o4_Fi9-f2LSp%6b(gEM6f_|W}=o0nyXB*!)CA5X?cic3J zQfWU@t(aj(LiOCyeCJL?@YViMMpdULAq2o{4EXP50tIP88CBjjggq-9$J2RU%|1>q zpK9HJ|NC{fQ9kR~e+8N762QdQ|MQ{p$7c{aOq^LnAo95Hae$Uw>hrTlC*Tu)^?A$3rSL#CItz$MK1{#+IIg(P~= zJ>=DZL*G&lxs#hoNz(_dN*L8V2j_f`aP`%iuGN*yF>+%qw-)11PM{Ar!r$TT66xe0 zJsjRCsn&DIEa4m7=bPVKn!*bfTNzcp&L<~ax@$1iqFZ}7yN0u?f+oy$MkR(f!+NWZ z(u|hpY)YTt9dFxTw(*2$}hHhUwJ08-EcnsmZ)-)(-JHS9zNH zKz3TfERImV)15?rnW04WX@E~}+rox?xSHL$^QCcO*4XBhp0L50c!+rg6KCGVIEZH< z+t~QG?0*37FdMe)O?Rm8h(vuncDQHxsj;!;~aoa;ky5pJO-1#@P4%gP=#nVflB&Rn9tL>xE=c2rAyI*><1|WYKK{@dlzKc(0vzK>Hzj6;_pI3=EkI&^?r z%~mU;QU1%QT{_gI%1{qhL;4q3N@E!ZSjS;&haPdV+Yz=5OS2lGrd+ev_TcPdT71{*QLSCls~=|+ynm} z-o9y$nn?iQ;7Um&Bp>mzL+}%Dk*DeLQvxUCHP@_(zF`DUGd5J*c*7E^@Y?4B`~c9eHy;l}b<2I*SECD}i)|-wJLnUGN}~_Ce$cmPWlvGO{qt{5 zuU{^}k9m*)tlyx`v5H1FHee|FjReBJAikh=v)yb9Tgln!p#qUigH#v`%S}~@s9fsh z3r`b*c;yokkH11-cCcrp1UWqGkLaQUs|R|BbzRST__8HjWQy%pcMXo=h8P>QhKn9; zszXG5{30ITQ>UfzkHZns5=6fz1B`yd(`Ds2SKN|eYsdXXIlQ%YPN~{AvNMq^gQkvMwNdVoXleSVR zlX;$}T{H>n{;XpA{b=84d{AQVR+*RIQs%f3!|w}zgK1AhRp`0PcGzz%%9-EkmzBK1 zmk2syi~NO4GPKo&JG(qM?Hes)SJK0go@%q&E9t+dkv1g;81K5OrgB8T7_6)BHlYN4 zShcQtoDHhOKluPAYVXEX1hb5NchbG3qfJ{x!h33I--$j;U#;Zp;%Cr#aN}L4XbE^$ zF{juQPJh$?b}jnX0amS$Qkf%&Oix~}CO{HVi&4ajtls!f2O~i!>A+ogm2@VY3;7-s zA=_=+jZ%6^(bY_;okh{_&%ZlwQa6EP7OB$N+iO2ba(^C_TirN2UWkYn@9th + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + SSLRequireSSL + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %docroot% + + + AllowOverride All + + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/12.10/templates/web/apache2/basedir.tpl b/install/ubuntu/12.10/templates/web/apache2/basedir.tpl new file mode 100755 index 000000000..75daf0e10 --- /dev/null +++ b/install/ubuntu/12.10/templates/web/apache2/basedir.tpl @@ -0,0 +1,35 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %docroot% + + + AllowOverride All + + + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/12.10/templates/web/apache2/default.stpl b/install/ubuntu/12.10/templates/web/apache2/default.stpl new file mode 100755 index 000000000..e884a95b9 --- /dev/null +++ b/install/ubuntu/12.10/templates/web/apache2/default.stpl @@ -0,0 +1,40 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + SSLRequireSSL + Options +Includes -Indexes +ExecCGI + + + AllowOverride All + + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/12.10/templates/web/apache2/default.tpl b/install/ubuntu/12.10/templates/web/apache2/default.tpl new file mode 100755 index 000000000..073724ce0 --- /dev/null +++ b/install/ubuntu/12.10/templates/web/apache2/default.tpl @@ -0,0 +1,34 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes +ExecCGI + + + AllowOverride All + + + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/12.10/templates/web/apache2/hosting.stpl b/install/ubuntu/12.10/templates/web/apache2/hosting.stpl new file mode 100755 index 000000000..7a5d7787f --- /dev/null +++ b/install/ubuntu/12.10/templates/web/apache2/hosting.stpl @@ -0,0 +1,49 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + SSLRequireSSL + Options +Includes -Indexes +ExecCGI + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value upload_max_filesize 10M + php_admin_value max_execution_time 20 + php_admin_value post_max_size 8M + php_admin_value memory_limit 32M + php_admin_flag mysql.allow_persistent off + php_admin_flag safe_mode off + php_admin_value session.save_path %home%/%user%/tmp + php_admin_value sendmail_path '/usr/sbin/sendmail -t -i -f %email%' + + + AllowOverride All + + php_admin_value open_basedir %home%/%user%/web:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/12.10/templates/web/apache2/hosting.tpl b/install/ubuntu/12.10/templates/web/apache2/hosting.tpl new file mode 100755 index 000000000..ab844dc74 --- /dev/null +++ b/install/ubuntu/12.10/templates/web/apache2/hosting.tpl @@ -0,0 +1,43 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value upload_max_filesize 10M + php_admin_value max_execution_time 20 + php_admin_value post_max_size 8M + php_admin_value memory_limit 32M + php_admin_flag mysql.allow_persistent off + php_admin_flag safe_mode off + php_admin_value session.save_path %home%/%user%/tmp + php_admin_value sendmail_path '/usr/sbin/sendmail -t -i -f %email%' + + + AllowOverride All + + php_admin_value open_basedir %home%/%user%/web:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/12.10/templates/web/apache2/phpcgi.sh b/install/ubuntu/12.10/templates/web/apache2/phpcgi.sh new file mode 100755 index 000000000..6565e103d --- /dev/null +++ b/install/ubuntu/12.10/templates/web/apache2/phpcgi.sh @@ -0,0 +1,16 @@ +#!/bin/bash +# Adding php wrapper +user="$1" +domain="$2" +ip="$3" +home_dir="$4" +docroot="$5" + +wrapper_script='#!/usr/bin/php-cgi -cphp5-cgi.ini' +wrapper_file="$home_dir/$user/web/$domain/cgi-bin/php" + +echo "$wrapper_script" > $wrapper_file +chown $user:$user $wrapper_file +chmod -f 751 $wrapper_file + +exit 0 diff --git a/install/ubuntu/12.10/templates/web/apache2/phpcgi.stpl b/install/ubuntu/12.10/templates/web/apache2/phpcgi.stpl new file mode 100755 index 000000000..aa5137308 --- /dev/null +++ b/install/ubuntu/12.10/templates/web/apache2/phpcgi.stpl @@ -0,0 +1,35 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + SSLRequireSSL + AllowOverride All + Options +Includes -Indexes +ExecCGI + Action phpcgi-script /cgi-bin/php + + SetHandler phpcgi-script + + + + AllowOverride All + + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/12.10/templates/web/apache2/phpcgi.tpl b/install/ubuntu/12.10/templates/web/apache2/phpcgi.tpl new file mode 100755 index 000000000..a05ff252d --- /dev/null +++ b/install/ubuntu/12.10/templates/web/apache2/phpcgi.tpl @@ -0,0 +1,28 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes +ExecCGI + Action phpcgi-script /cgi-bin/php + + SetHandler phpcgi-script + + + + AllowOverride All + + IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/12.10/templates/web/apache2/phpfcgid.sh b/install/ubuntu/12.10/templates/web/apache2/phpfcgid.sh new file mode 100755 index 000000000..e80582492 --- /dev/null +++ b/install/ubuntu/12.10/templates/web/apache2/phpfcgid.sh @@ -0,0 +1,22 @@ +#!/bin/bash +# Adding php wrapper +user="$1" +domain="$2" +ip="$3" +home_dir="$4" +docroot="$5" + +wrapper_script="#!/bin/sh +PHPRC=/usr/local/lib +export PHPRC +export PHP_FCGI_MAX_REQUESTS=1000 +export PHP_FCGI_CHILDREN=20 +exec /usr/bin/php-cgi +" +wrapper_file="$home_dir/$user/web/$domain/cgi-bin/fcgi-starter" + +echo "$wrapper_script" > $wrapper_file +chown $user:$user $wrapper_file +chmod -f 751 $wrapper_file + +exit 0 diff --git a/install/ubuntu/12.10/templates/web/apache2/phpfcgid.stpl b/install/ubuntu/12.10/templates/web/apache2/phpfcgid.stpl new file mode 100755 index 000000000..622495756 --- /dev/null +++ b/install/ubuntu/12.10/templates/web/apache2/phpfcgid.stpl @@ -0,0 +1,36 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + SSLRequireSSL + AllowOverride All + Options +Includes -Indexes +ExecCGI + + SetHandler fcgid-script + + FCGIWrapper %home%/%user%/web/%domain%/cgi-bin/fcgi-starter .php + + + AllowOverride All + + php_admin_value open_basedir none + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/12.10/templates/web/apache2/phpfcgid.tpl b/install/ubuntu/12.10/templates/web/apache2/phpfcgid.tpl new file mode 100755 index 000000000..5c1f16e20 --- /dev/null +++ b/install/ubuntu/12.10/templates/web/apache2/phpfcgid.tpl @@ -0,0 +1,28 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes +ExecCGI + + SetHandler fcgid-script + + FCGIWrapper %home%/%user%/web/%domain%/cgi-bin/fcgi-starter .php + + + AllowOverride All + + IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/12.10/templates/web/awstats/awstats.tpl b/install/ubuntu/12.10/templates/web/awstats/awstats.tpl new file mode 100755 index 000000000..9a92e0fd4 --- /dev/null +++ b/install/ubuntu/12.10/templates/web/awstats/awstats.tpl @@ -0,0 +1,133 @@ +LogFile="/var/log/%web_system%/domains/%domain%.log" +LogType=W +LogFormat=1 +LogSeparator=" " +SiteDomain="%domain_idn%" +HostAliases="%alias_idn%" +DirData="%home%/%user%/web/%domain%/stats" +DirCgi="/vstats" +DirIcons="/vstats/icon" +AllowToUpdateStatsFromBrowser=0 +AllowFullYearView=2 +EnableLockForUpdate=1 +DNSStaticCacheFile="dnscache.txt" +DNSLastUpdateCacheFile="dnscachelastupdate.txt" +SkipDNSLookupFor="" +AllowAccessFromWebToAuthenticatedUsersOnly=0 +AllowAccessFromWebToFollowingAuthenticatedUsers="" +AllowAccessFromWebToFollowingIPAddresses="" +CreateDirDataIfNotExists=0 +BuildHistoryFormat=text +BuildReportFormat=html +SaveDatabaseFilesWithPermissionsForEveryone=0 +PurgeLogFile=0 +ArchiveLogRecords=0 +KeepBackupOfHistoricFiles=1 +DefaultFile="index.php index.html" +SkipHosts="127.0.0.1 +SkipUserAgents="" +SkipFiles="" +SkipReferrersBlackList="" +OnlyHosts="" +OnlyUserAgents="" +OnlyUsers="" +OnlyFiles="" +NotPageList="css js class gif jpg jpeg png bmp ico rss xml swf" +ValidHTTPCodes="200 304" +ValidSMTPCodes="1 250" +AuthenticatedUsersNotCaseSensitive=0 +URLNotCaseSensitive=0 +URLWithAnchor=0 +URLQuerySeparators="?;" +URLWithQuery=0 +URLWithQueryWithOnlyFollowingParameters="" +URLWithQueryWithoutFollowingParameters="" +URLReferrerWithQuery=0 +WarningMessages=1 +ErrorMessages="" +DebugMessages=0 +NbOfLinesForCorruptedLog=50 +WrapperScript="" +DecodeUA=0 +MiscTrackerUrl="/js/awstats_misc_tracker.js" +UseFramesWhenCGI=1 +DetailedReportsOnNewWindows=1 +Expires=3600 +MaxRowsInHTMLOutput=1000 +Lang="auto" +DirLang="./lang" +ShowMenu=1 +ShowSummary=UVPHB +ShowMonthStats=UVPHB +ShowDaysOfMonthStats=VPHB +ShowDaysOfWeekStats=PHB +ShowHoursStats=PHB +ShowDomainsStats=PHB +ShowHostsStats=PHBL +ShowAuthenticatedUsers=0 +ShowRobotsStats=HBL +ShowWormsStats=0 +ShowEMailSenders=0 +ShowEMailReceivers=0 +ShowSessionsStats=1 +ShowPagesStats=PBEX +ShowFileTypesStats=HB +ShowFileSizesStats=0 +ShowDownloadsStats=HB +ShowOSStats=1 +ShowBrowsersStats=1 +ShowScreenSizeStats=0 +ShowOriginStats=PH +ShowKeyphrasesStats=1 +ShowKeywordsStats=1 +ShowMiscStats=a +ShowHTTPErrorsStats=1 +ShowSMTPErrorsStats=0 +ShowClusterStats=0 +AddDataArrayMonthStats=1 +AddDataArrayShowDaysOfMonthStats=1 +AddDataArrayShowDaysOfWeekStats=1 +AddDataArrayShowHoursStats=1 +IncludeInternalLinksInOriginSection=0 +MaxNbOfDomain = 10 +MinHitDomain = 1 +MaxNbOfHostsShown = 10 +MinHitHost = 1 +MaxNbOfLoginShown = 10 +MinHitLogin = 1 +MaxNbOfRobotShown = 10 +MinHitRobot = 1 +MaxNbOfDownloadsShown = 10 +MinHitDownloads = 1 +MaxNbOfPageShown = 10 +MinHitFile = 1 +MaxNbOfOsShown = 10 +MinHitOs = 1 +MaxNbOfBrowsersShown = 10 +MinHitBrowser = 1 +MaxNbOfScreenSizesShown = 5 +MinHitScreenSize = 1 +MaxNbOfWindowSizesShown = 5 +MinHitWindowSize = 1 +MaxNbOfRefererShown = 10 +MinHitRefer = 1 +MaxNbOfKeyphrasesShown = 10 +MinHitKeyphrase = 1 +MaxNbOfKeywordsShown = 10 +MinHitKeyword = 1 +MaxNbOfEMailsShown = 20 +MinHitEMail = 1 +FirstDayOfWeek=0 +ShowFlagLinks="" +ShowLinksOnUrl=1 +UseHTTPSLinkForUrl="" +MaxLengthOfShownURL=64 +HTMLHeadSection="" +HTMLEndSection="" +MetaRobot=0 +Logo="awstats_logo6.png" +LogoLink="http://awstats.sourceforge.net" +BarWidth = 260 +BarHeight = 90 +StyleSheet="" +ExtraTrackedRowsLimit=500 diff --git a/install/ubuntu/12.10/templates/web/awstats/index.tpl b/install/ubuntu/12.10/templates/web/awstats/index.tpl new file mode 100755 index 000000000..9df9bb5cb --- /dev/null +++ b/install/ubuntu/12.10/templates/web/awstats/index.tpl @@ -0,0 +1,10 @@ + + + + Awstats log analyzer + + + + + + diff --git a/install/ubuntu/12.10/templates/web/awstats/nav.tpl b/install/ubuntu/12.10/templates/web/awstats/nav.tpl new file mode 100755 index 000000000..f29bed68b --- /dev/null +++ b/install/ubuntu/12.10/templates/web/awstats/nav.tpl @@ -0,0 +1,23 @@ + + + Awstats navigation + + + + + + + + +
vesta
+ +
+
+ + diff --git a/install/ubuntu/12.10/templates/web/nginx/caching.sh b/install/ubuntu/12.10/templates/web/nginx/caching.sh new file mode 100755 index 000000000..6eb9126db --- /dev/null +++ b/install/ubuntu/12.10/templates/web/nginx/caching.sh @@ -0,0 +1,12 @@ +#!/bin/bash + +user=$1 +domain=$2 +ip=$3 +home=$4 +docroot=$5 + +str="proxy_cache_path /var/cache/nginx/$domain levels=2" +str="$str keys_zone=$domain:10m inactive=60m max_size=512m;" +echo "$str" >> /etc/nginx/conf.d/01_caching_pool.conf + diff --git a/install/ubuntu/12.10/templates/web/nginx/caching.stpl b/install/ubuntu/12.10/templates/web/nginx/caching.stpl new file mode 100755 index 000000000..ca6cffe32 --- /dev/null +++ b/install/ubuntu/12.10/templates/web/nginx/caching.stpl @@ -0,0 +1,44 @@ +server { + listen %ip%:%proxy_ssl_port%; + server_name %domain_idn% %alias_idn%; + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass http://%ip%:%web_port%; + + proxy_cache cache; + proxy_cache_valid 15m; + proxy_cache_valid 404 1m; + proxy_no_cache $no_cache; + proxy_cache_bypass $no_cache; + proxy_cache_bypass $cookie_session $http_x_update; + + location ~* ^.+\.(%proxy_extentions%)$ { + proxy_cache off; + root %docroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass http://%ip%:%web_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.10/templates/web/nginx/caching.tpl b/install/ubuntu/12.10/templates/web/nginx/caching.tpl new file mode 100755 index 000000000..36761b65c --- /dev/null +++ b/install/ubuntu/12.10/templates/web/nginx/caching.tpl @@ -0,0 +1,41 @@ +server { + listen %ip%:%proxy_port%; + server_name %domain_idn% %alias_idn%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass http://%ip%:%web_port%; + + proxy_cache cache; + proxy_cache_valid 15m; + proxy_cache_valid 404 1m; + proxy_no_cache $no_cache; + proxy_cache_bypass $no_cache; + proxy_cache_bypass $cookie_session $http_x_update; + + location ~* ^.+\.(%proxy_extentions%)$ { + proxy_cache off; + root %docroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass http://%ip%:%web_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.10/templates/web/nginx/default.stpl b/install/ubuntu/12.10/templates/web/nginx/default.stpl new file mode 100755 index 000000000..fa5380606 --- /dev/null +++ b/install/ubuntu/12.10/templates/web/nginx/default.stpl @@ -0,0 +1,36 @@ +server { + listen %ip%:%proxy_ssl_port%; + server_name %domain_idn% %alias_idn%; + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass https://%ip%:%web_ssl_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %sdocroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass https://%ip%:%web_ssl_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} + diff --git a/install/ubuntu/12.10/templates/web/nginx/default.tpl b/install/ubuntu/12.10/templates/web/nginx/default.tpl new file mode 100755 index 000000000..4d5c774bc --- /dev/null +++ b/install/ubuntu/12.10/templates/web/nginx/default.tpl @@ -0,0 +1,33 @@ +server { + listen %ip%:%proxy_port%; + server_name %domain_idn% %alias_idn%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass http://%ip%:%web_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %docroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass http://%ip%:%web_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} + diff --git a/install/ubuntu/12.10/templates/web/nginx/hosting.sh b/install/ubuntu/12.10/templates/web/nginx/hosting.sh new file mode 100755 index 000000000..eeed37ef9 --- /dev/null +++ b/install/ubuntu/12.10/templates/web/nginx/hosting.sh @@ -0,0 +1,11 @@ +#!/bin/bash +# Changing public_html permission +user="$1" +domain="$2" +ip="$3" +home_dir="$4" +docroot="$5" + +chmod 755 $docroot + +exit 0 diff --git a/install/ubuntu/12.10/templates/web/nginx/hosting.stpl b/install/ubuntu/12.10/templates/web/nginx/hosting.stpl new file mode 100755 index 000000000..d778d6333 --- /dev/null +++ b/install/ubuntu/12.10/templates/web/nginx/hosting.stpl @@ -0,0 +1,38 @@ +server { + listen %ip%:%proxy_ssl_port%; + server_name %domain_idn% %alias_idn%; + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass https://%ip%:%web_ssl_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %sdocroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass https://%ip%:%web_ssl_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + disable_symlinks if_not_owner from=%docroot%; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} + diff --git a/install/ubuntu/12.10/templates/web/nginx/hosting.tpl b/install/ubuntu/12.10/templates/web/nginx/hosting.tpl new file mode 100755 index 000000000..15961c95c --- /dev/null +++ b/install/ubuntu/12.10/templates/web/nginx/hosting.tpl @@ -0,0 +1,35 @@ +server { + listen %ip%:%proxy_port%; + server_name %domain_idn% %alias_idn%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass http://%ip%:%web_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %docroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass http://%ip%:%web_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + disable_symlinks if_not_owner from=%docroot%; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} + diff --git a/install/ubuntu/12.10/templates/web/nginx/php5-fpm/cms_made_simple.stpl b/install/ubuntu/12.10/templates/web/nginx/php5-fpm/cms_made_simple.stpl new file mode 100644 index 000000000..01d82b603 --- /dev/null +++ b/install/ubuntu/12.10/templates/web/nginx/php5-fpm/cms_made_simple.stpl @@ -0,0 +1,51 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php?page=$request_uri; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.10/templates/web/nginx/php5-fpm/cms_made_simple.tpl b/install/ubuntu/12.10/templates/web/nginx/php5-fpm/cms_made_simple.tpl new file mode 100644 index 000000000..af452d19f --- /dev/null +++ b/install/ubuntu/12.10/templates/web/nginx/php5-fpm/cms_made_simple.tpl @@ -0,0 +1,47 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php?page=$request_uri; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.10/templates/web/nginx/php5-fpm/codeigniter2.stpl b/install/ubuntu/12.10/templates/web/nginx/php5-fpm/codeigniter2.stpl new file mode 100644 index 000000000..a592a652d --- /dev/null +++ b/install/ubuntu/12.10/templates/web/nginx/php5-fpm/codeigniter2.stpl @@ -0,0 +1,56 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location = /index.php { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME /var/www/html/ci$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location ~ \.php$ { + return 444; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.10/templates/web/nginx/php5-fpm/codeigniter2.tpl b/install/ubuntu/12.10/templates/web/nginx/php5-fpm/codeigniter2.tpl new file mode 100644 index 000000000..9b955aa6a --- /dev/null +++ b/install/ubuntu/12.10/templates/web/nginx/php5-fpm/codeigniter2.tpl @@ -0,0 +1,52 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location = /index.php { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME /var/www/html/ci$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location ~ \.php$ { + return 444; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.10/templates/web/nginx/php5-fpm/codeigniter3.stpl b/install/ubuntu/12.10/templates/web/nginx/php5-fpm/codeigniter3.stpl new file mode 100644 index 000000000..4d330d34f --- /dev/null +++ b/install/ubuntu/12.10/templates/web/nginx/php5-fpm/codeigniter3.stpl @@ -0,0 +1,51 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.10/templates/web/nginx/php5-fpm/codeigniter3.tpl b/install/ubuntu/12.10/templates/web/nginx/php5-fpm/codeigniter3.tpl new file mode 100644 index 000000000..1f446e5d3 --- /dev/null +++ b/install/ubuntu/12.10/templates/web/nginx/php5-fpm/codeigniter3.tpl @@ -0,0 +1,47 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.10/templates/web/nginx/php5-fpm/datalife_engine.stpl b/install/ubuntu/12.10/templates/web/nginx/php5-fpm/datalife_engine.stpl new file mode 100644 index 000000000..d1b5bcd24 --- /dev/null +++ b/install/ubuntu/12.10/templates/web/nginx/php5-fpm/datalife_engine.stpl @@ -0,0 +1,122 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + rewrite "^/page/([0-9]+)(/?)$" /index.php?cstart=$1 last; + + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&cstart=$5&news_name=$6&seourl=$6 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/print:page,([0-9]+),(.*).html(/?)+$" /engine/print.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_name=$4&seourl=$4 last; + + rewrite "^/([^.]+)/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$4&news_page=$2&cstart=$3&seourl=$5&seocat=$1 last; + rewrite "^/([^.]+)/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$2&seourl=$4&seocat=$1 last; + rewrite "^/([^.]+)/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$2&newsid=$3&seourl=$4&seocat=$1 last; + rewrite "^/([^.]+)/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&seourl=$3&seocat=$1 last; + + rewrite "^/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$1&cstart=$2&seourl=$4 last; + rewrite "^/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&news_page=$1&seourl=$3 last; + rewrite "^/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$1&newsid=$2&seourl=$3 last; + rewrite "^/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$1&seourl=$2 last; + + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2&day=$3 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&day=$3&cstart=$4 last; + + rewrite "^/([0-9]{4})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2 last; + rewrite "^/([0-9]{4})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&cstart=$3 last; + + rewrite "^/([0-9]{4})(/?)+$" /index.php?year=$1 last; + rewrite "^/([0-9]{4})/page/([0-9]+)(/?)+$" /index.php?year=$1&cstart=$2 last; + + rewrite "^/tags/([^/]*)(/?)+$" /index.php?do=tags&tag=$1 last; + rewrite "^/tags/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=tags&tag=$1&cstart=$2 last; + + rewrite "^/xfsearch/([^/]*)(/?)+$" /index.php?do=xfsearch&xf=$1 last; + rewrite "^/xfsearch/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=xfsearch&xf=$1&cstart=$2 last; + + rewrite "^/user/([^/]*)/rss.xml$" /engine/rss.php?subaction=allnews&user=$1 last; + rewrite "^/user/([^/]*)(/?)+$" /index.php?subaction=userinfo&user=$1 last; + rewrite "^/user/([^/]*)/page/([0-9]+)(/?)+$" /index.php?subaction=userinfo&user=$1&cstart=$2 last; + rewrite "^/user/([^/]*)/news(/?)+$" /index.php?subaction=allnews&user=$1 last; + rewrite "^/user/([^/]*)/news/page/([0-9]+)(/?)+$" /index.php?subaction=allnews&user=$1&cstart=$2 last; + rewrite "^/user/([^/]*)/news/rss.xml(/?)+$" /engine/rss.php?subaction=allnews&user=$1 last; + + rewrite "^/lastnews(/?)+$" /index.php?do=lastnews last; + rewrite "^/lastnews/page/([0-9]+)(/?)+$" /index.php?do=lastnews&cstart=$1 last; + + rewrite "^/catalog/([^/]*)/rss.xml$" /engine/rss.php?catalog=$1 last; + rewrite "^/catalog/([^/]*)(/?)+$" /index.php?catalog=$1 last; + rewrite "^/catalog/([^/]*)/page/([0-9]+)(/?)+$" /index.php?catalog=$1&cstart=$2 last; + + rewrite "^/newposts(/?)+$" /index.php?subaction=newposts last; + rewrite "^/newposts/page/([0-9]+)(/?)+$" /index.php?subaction=newposts&cstart=$1 last; + + rewrite "^/favorites(/?)+$" /index.php?do=favorites last; + rewrite "^/favorites/page/([0-9]+)(/?)+$" /index.php?do=favorites&cstart=$1 last; + + rewrite "^/rules.html$" /index.php?do=rules last; + rewrite "^/statistics.html$" /index.php?do=stats last; + rewrite "^/addnews.html$" /index.php?do=addnews last; + rewrite "^/rss.xml$" /engine/rss.php last; + rewrite "^/sitemap.xml$" /uploads/sitemap.xml last; + + if (!-d $request_filename) { + rewrite "^/([^.]+)/page/([0-9]+)(/?)+$" /index.php?do=cat&category=$1&cstart=$2 last; + rewrite "^/([^.]+)/?$" /index.php?do=cat&category=$1 last; + } + + if (!-f $request_filename) { + rewrite "^/([^.]+)/rss.xml$" /engine/rss.php?do=cat&category=$1 last; + rewrite "^/page,([0-9]+),([^/]+).html$" /index.php?do=static&page=$2&news_page=$1 last; + rewrite "^/print:([^/]+).html$" /engine/print.php?do=static&page=$1 last; + } + + if (!-f $request_filename) { + rewrite "^/([^/]+).html$" /index.php?do=static&page=$1 last; + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.10/templates/web/nginx/php5-fpm/datalife_engine.tpl b/install/ubuntu/12.10/templates/web/nginx/php5-fpm/datalife_engine.tpl new file mode 100644 index 000000000..ff33c2325 --- /dev/null +++ b/install/ubuntu/12.10/templates/web/nginx/php5-fpm/datalife_engine.tpl @@ -0,0 +1,118 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + rewrite "^/page/([0-9]+)(/?)$" /index.php?cstart=$1 last; + + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&cstart=$5&news_name=$6&seourl=$6 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/print:page,([0-9]+),(.*).html(/?)+$" /engine/print.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_name=$4&seourl=$4 last; + + rewrite "^/([^.]+)/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$4&news_page=$2&cstart=$3&seourl=$5&seocat=$1 last; + rewrite "^/([^.]+)/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$2&seourl=$4&seocat=$1 last; + rewrite "^/([^.]+)/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$2&newsid=$3&seourl=$4&seocat=$1 last; + rewrite "^/([^.]+)/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&seourl=$3&seocat=$1 last; + + rewrite "^/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$1&cstart=$2&seourl=$4 last; + rewrite "^/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&news_page=$1&seourl=$3 last; + rewrite "^/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$1&newsid=$2&seourl=$3 last; + rewrite "^/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$1&seourl=$2 last; + + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2&day=$3 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&day=$3&cstart=$4 last; + + rewrite "^/([0-9]{4})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2 last; + rewrite "^/([0-9]{4})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&cstart=$3 last; + + rewrite "^/([0-9]{4})(/?)+$" /index.php?year=$1 last; + rewrite "^/([0-9]{4})/page/([0-9]+)(/?)+$" /index.php?year=$1&cstart=$2 last; + + rewrite "^/tags/([^/]*)(/?)+$" /index.php?do=tags&tag=$1 last; + rewrite "^/tags/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=tags&tag=$1&cstart=$2 last; + + rewrite "^/xfsearch/([^/]*)(/?)+$" /index.php?do=xfsearch&xf=$1 last; + rewrite "^/xfsearch/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=xfsearch&xf=$1&cstart=$2 last; + + rewrite "^/user/([^/]*)/rss.xml$" /engine/rss.php?subaction=allnews&user=$1 last; + rewrite "^/user/([^/]*)(/?)+$" /index.php?subaction=userinfo&user=$1 last; + rewrite "^/user/([^/]*)/page/([0-9]+)(/?)+$" /index.php?subaction=userinfo&user=$1&cstart=$2 last; + rewrite "^/user/([^/]*)/news(/?)+$" /index.php?subaction=allnews&user=$1 last; + rewrite "^/user/([^/]*)/news/page/([0-9]+)(/?)+$" /index.php?subaction=allnews&user=$1&cstart=$2 last; + rewrite "^/user/([^/]*)/news/rss.xml(/?)+$" /engine/rss.php?subaction=allnews&user=$1 last; + + rewrite "^/lastnews(/?)+$" /index.php?do=lastnews last; + rewrite "^/lastnews/page/([0-9]+)(/?)+$" /index.php?do=lastnews&cstart=$1 last; + + rewrite "^/catalog/([^/]*)/rss.xml$" /engine/rss.php?catalog=$1 last; + rewrite "^/catalog/([^/]*)(/?)+$" /index.php?catalog=$1 last; + rewrite "^/catalog/([^/]*)/page/([0-9]+)(/?)+$" /index.php?catalog=$1&cstart=$2 last; + + rewrite "^/newposts(/?)+$" /index.php?subaction=newposts last; + rewrite "^/newposts/page/([0-9]+)(/?)+$" /index.php?subaction=newposts&cstart=$1 last; + + rewrite "^/favorites(/?)+$" /index.php?do=favorites last; + rewrite "^/favorites/page/([0-9]+)(/?)+$" /index.php?do=favorites&cstart=$1 last; + + rewrite "^/rules.html$" /index.php?do=rules last; + rewrite "^/statistics.html$" /index.php?do=stats last; + rewrite "^/addnews.html$" /index.php?do=addnews last; + rewrite "^/rss.xml$" /engine/rss.php last; + rewrite "^/sitemap.xml$" /uploads/sitemap.xml last; + + if (!-d $request_filename) { + rewrite "^/([^.]+)/page/([0-9]+)(/?)+$" /index.php?do=cat&category=$1&cstart=$2 last; + rewrite "^/([^.]+)/?$" /index.php?do=cat&category=$1 last; + } + + if (!-f $request_filename) { + rewrite "^/([^.]+)/rss.xml$" /engine/rss.php?do=cat&category=$1 last; + rewrite "^/page,([0-9]+),([^/]+).html$" /index.php?do=static&page=$2&news_page=$1 last; + rewrite "^/print:([^/]+).html$" /engine/print.php?do=static&page=$1 last; + } + + if (!-f $request_filename) { + rewrite "^/([^/]+).html$" /index.php?do=static&page=$1 last; + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.10/templates/web/nginx/php5-fpm/default.stpl b/install/ubuntu/12.10/templates/web/nginx/php5-fpm/default.stpl new file mode 100644 index 000000000..a68c99861 --- /dev/null +++ b/install/ubuntu/12.10/templates/web/nginx/php5-fpm/default.stpl @@ -0,0 +1,50 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.10/templates/web/nginx/php5-fpm/default.tpl b/install/ubuntu/12.10/templates/web/nginx/php5-fpm/default.tpl new file mode 100644 index 000000000..b143e53ba --- /dev/null +++ b/install/ubuntu/12.10/templates/web/nginx/php5-fpm/default.tpl @@ -0,0 +1,46 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.10/templates/web/nginx/php5-fpm/dokuwiki.stpl b/install/ubuntu/12.10/templates/web/nginx/php5-fpm/dokuwiki.stpl new file mode 100644 index 000000000..27483cd8c --- /dev/null +++ b/install/ubuntu/12.10/templates/web/nginx/php5-fpm/dokuwiki.stpl @@ -0,0 +1,67 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + index doku.php; + try_files $uri $uri/ @dokuwiki; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location ^~ /lib/ { + expires 30d; + } + + location ^~ /conf/ { return 403; } + location ^~ /data/ { return 403; } + + location @dokuwiki { + rewrite ^/_media/(.*) /lib/exe/fetch.php?media=$1 last; + rewrite ^/_detail/(.*) /lib/exe/detail.php?media=$1 last; + rewrite ^/_export/([^/]+)/(.*) /doku.php?do=export_$1&id=$2 last; + rewrite ^/(.*) /doku.php?id=$1 last; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.10/templates/web/nginx/php5-fpm/dokuwiki.tpl b/install/ubuntu/12.10/templates/web/nginx/php5-fpm/dokuwiki.tpl new file mode 100644 index 000000000..31647c9ff --- /dev/null +++ b/install/ubuntu/12.10/templates/web/nginx/php5-fpm/dokuwiki.tpl @@ -0,0 +1,62 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + index doku.php; + try_files $uri $uri/ @dokuwiki; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location ^~ /lib/ { + expires 30d; + } + + location ^~ /conf/ { return 403; } + location ^~ /data/ { return 403; } + location @dokuwiki { + rewrite ^/_media/(.*) /lib/exe/fetch.php?media=$1 last; + rewrite ^/_detail/(.*) /lib/exe/detail.php?media=$1 last; + rewrite ^/_export/([^/]+)/(.*) /doku.php?do=export_$1&id=$2 last; + rewrite ^/(.*) /doku.php?id=$1 last; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.10/templates/web/nginx/php5-fpm/drupal.stpl b/install/ubuntu/12.10/templates/web/nginx/php5-fpm/drupal.stpl new file mode 100644 index 000000000..9a5484396 --- /dev/null +++ b/install/ubuntu/12.10/templates/web/nginx/php5-fpm/drupal.stpl @@ -0,0 +1,101 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~* \.(txt|log)$ { + allow 192.168.0.0/16; + deny all; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + # No no for private + location ~ ^/sites/.*/private/ { + return 403; + } + + # Block access to "hidden" files and directories whose names begin with a + # period. This includes directories used by version control systems such + # as Subversion or Git to store control files. + location ~ (^|/)\. { + return 403; + } + + location / { + try_files $uri @rewrite; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $request_filename; + fastcgi_intercept_errors on; + include /etc/nginx/fastcgi_params; + } + } + + location @rewrite { + # You have 2 options here + # For D7 and above: + # Clean URLs are handled in drupal_environment_initialize(). + rewrite ^ /index.php; + + # For Drupal 6 and bwlow: + # Some modules enforce no slash (/) at the end of the URL + # Else this rewrite block wouldn't be needed (GlobalRedirect) + #rewrite ^/(.*)$ /index.php?q=$1; + } + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.10/templates/web/nginx/php5-fpm/drupal.tpl b/install/ubuntu/12.10/templates/web/nginx/php5-fpm/drupal.tpl new file mode 100644 index 000000000..417762c18 --- /dev/null +++ b/install/ubuntu/12.10/templates/web/nginx/php5-fpm/drupal.tpl @@ -0,0 +1,98 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + # Very rarely should these ever be accessed outside of your lan + location ~* \.(txt|log)$ { + allow 192.168.0.0/16; + deny all; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + # No no for private + location ~ ^/sites/.*/private/ { + return 403; + } + + # Block access to "hidden" files and directories whose names begin with a + # period. This includes directories used by version control systems such + # as Subversion or Git to store control files. + location ~ (^|/)\. { + return 403; + } + + location / { + try_files $uri @rewrite; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $request_filename; + fastcgi_intercept_errors on; + include /etc/nginx/fastcgi_params; + } + } + + location @rewrite { + # You have 2 options here + # For D7 and above: + # Clean URLs are handled in drupal_environment_initialize(). + rewrite ^ /index.php; + + # For Drupal 6 and bwlow: + # Some modules enforce no slash (/) at the end of the URL + # Else this rewrite block wouldn't be needed (GlobalRedirect) + #rewrite ^/(.*)$ /index.php?q=$1; + } + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.10/templates/web/nginx/php5-fpm/joomla.stpl b/install/ubuntu/12.10/templates/web/nginx/php5-fpm/joomla.stpl new file mode 100644 index 000000000..235a01216 --- /dev/null +++ b/install/ubuntu/12.10/templates/web/nginx/php5-fpm/joomla.stpl @@ -0,0 +1,58 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + # deny running scripts inside writable directories + location ~* /(images|cache|media|logs|tmp)/.*\.(php|pl|py|jsp|asp|sh|cgi)$ { + return 403; + error_page 403 /403_error.html; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.10/templates/web/nginx/php5-fpm/joomla.tpl b/install/ubuntu/12.10/templates/web/nginx/php5-fpm/joomla.tpl new file mode 100644 index 000000000..997c268de --- /dev/null +++ b/install/ubuntu/12.10/templates/web/nginx/php5-fpm/joomla.tpl @@ -0,0 +1,54 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + # deny running scripts inside writable directories + location ~* /(images|cache|media|logs|tmp)/.*\.(php|pl|py|jsp|asp|sh|cgi)$ { + return 403; + error_page 403 /403_error.html; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.10/templates/web/nginx/php5-fpm/owncloud.stpl b/install/ubuntu/12.10/templates/web/nginx/php5-fpm/owncloud.stpl new file mode 100644 index 000000000..8311ca43f --- /dev/null +++ b/install/ubuntu/12.10/templates/web/nginx/php5-fpm/owncloud.stpl @@ -0,0 +1,80 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect; + rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect; + rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect; + + error_page 403 = /core/templates/403.php; + error_page 404 = /core/templates/404.php; + + location ~ ^/(?:\.htaccess|data|config|db_structure\.xml|README){ + deny all; + } + + location / { + # The following 2 rules are only needed with webfinger + rewrite ^/.well-known/host-meta /public.php?service=host-meta last; + rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last; + rewrite ^/.well-known/carddav /remote.php/carddav/ redirect; + rewrite ^/.well-known/caldav /remote.php/caldav/ redirect; + rewrite ^(/core/doc/[^\/]+/)$ $1/index.html; + try_files $uri $uri/ /index.php; + + location ~ \.php(?:$|/) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param PATH_INFO $fastcgi_path_info; + #fastcgi_param HTTPS on; + fastcgi_pass %backend_lsnr%; + } + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + # Some basic cache-control for static files to be sent to the browser + add_header Pragma public; + add_header Cache-Control "public, must-revalidate, proxy-revalidate"; + } + + #error_page 403 /error/404.html; + #error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.10/templates/web/nginx/php5-fpm/owncloud.tpl b/install/ubuntu/12.10/templates/web/nginx/php5-fpm/owncloud.tpl new file mode 100644 index 000000000..57cac2f85 --- /dev/null +++ b/install/ubuntu/12.10/templates/web/nginx/php5-fpm/owncloud.tpl @@ -0,0 +1,76 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect; + rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect; + rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect; + + error_page 403 = /core/templates/403.php; + error_page 404 = /core/templates/404.php; + + location ~ ^/(?:\.htaccess|data|config|db_structure\.xml|README){ + deny all; + } + + location / { + # The following 2 rules are only needed with webfinger + rewrite ^/.well-known/host-meta /public.php?service=host-meta last; + rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last; + rewrite ^/.well-known/carddav /remote.php/carddav/ redirect; + rewrite ^/.well-known/caldav /remote.php/caldav/ redirect; + rewrite ^(/core/doc/[^\/]+/)$ $1/index.html; + try_files $uri $uri/ /index.php; + + location ~ \.php(?:$|/) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param PATH_INFO $fastcgi_path_info; + #fastcgi_param HTTPS on; + fastcgi_pass %backend_lsnr%; + } + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + # Some basic cache-control for static files to be sent to the browser + add_header Pragma public; + add_header Cache-Control "public, must-revalidate, proxy-revalidate"; + } + + #error_page 403 /error/404.html; + #error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.10/templates/web/nginx/php5-fpm/piwik.stpl b/install/ubuntu/12.10/templates/web/nginx/php5-fpm/piwik.stpl new file mode 100644 index 000000000..c53af4011 --- /dev/null +++ b/install/ubuntu/12.10/templates/web/nginx/php5-fpm/piwik.stpl @@ -0,0 +1,68 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + try_files /favicon.ico =204; + } + + location / { + try_files $uri /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + valid_referers none blocked %domain_idn% %alias_idn%; + if ($invalid_referer) { + return 444; + } + expires max; + } + + location ~* ^/(?:index|piwik)\.php$ { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + # Any other attempt to access PHP files returns a 404. + location ~* ^.+\.php$ { + return 404; + } + + # Return a 404 for all text files. + location ~* ^/(?:README|LICENSE[^.]*|LEGALNOTICE)(?:\.txt)*$ { + return 404; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.10/templates/web/nginx/php5-fpm/piwik.tpl b/install/ubuntu/12.10/templates/web/nginx/php5-fpm/piwik.tpl new file mode 100644 index 000000000..6b4a94a68 --- /dev/null +++ b/install/ubuntu/12.10/templates/web/nginx/php5-fpm/piwik.tpl @@ -0,0 +1,64 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + try_files /favicon.ico =204; + } + + location / { + try_files $uri /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + valid_referers none blocked %domain_idn% %alias_idn%; + if ($invalid_referer) { + return 444; + } + expires max; + } + + location ~* ^/(?:index|piwik)\.php$ { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + # Any other attempt to access PHP files returns a 404. + location ~* ^.+\.php$ { + return 404; + } + + # Return a 404 for all text files. + location ~* ^/(?:README|LICENSE[^.]*|LEGALNOTICE)(?:\.txt)*$ { + return 404; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.10/templates/web/nginx/php5-fpm/pyrocms.stpl b/install/ubuntu/12.10/templates/web/nginx/php5-fpm/pyrocms.stpl new file mode 100644 index 000000000..a6fc67556 --- /dev/null +++ b/install/ubuntu/12.10/templates/web/nginx/php5-fpm/pyrocms.stpl @@ -0,0 +1,61 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location /installer { + try_files $uri $uri/ /installer/index.php; + } + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location = /robots.txt { access_log off; log_not_found off; } + location = /favicon.ico { access_log off; log_not_found off; } + location ~ /\. { access_log off; log_not_found off; deny all; } + location ~ ~$ { access_log off; log_not_found off; deny all; } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.10/templates/web/nginx/php5-fpm/pyrocms.tpl b/install/ubuntu/12.10/templates/web/nginx/php5-fpm/pyrocms.tpl new file mode 100644 index 000000000..68b378efd --- /dev/null +++ b/install/ubuntu/12.10/templates/web/nginx/php5-fpm/pyrocms.tpl @@ -0,0 +1,57 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location /installer { + try_files $uri $uri/ /installer/index.php; + } + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location = /robots.txt { access_log off; log_not_found off; } + location = /favicon.ico { access_log off; log_not_found off; } + location ~ /\. { access_log off; log_not_found off; deny all; } + location ~ ~$ { access_log off; log_not_found off; deny all; } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.10/templates/web/nginx/php5-fpm/wordpress.stpl b/install/ubuntu/12.10/templates/web/nginx/php5-fpm/wordpress.stpl new file mode 100644 index 000000000..910c28b69 --- /dev/null +++ b/install/ubuntu/12.10/templates/web/nginx/php5-fpm/wordpress.stpl @@ -0,0 +1,50 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.10/templates/web/nginx/php5-fpm/wordpress.tpl b/install/ubuntu/12.10/templates/web/nginx/php5-fpm/wordpress.tpl new file mode 100644 index 000000000..b143e53ba --- /dev/null +++ b/install/ubuntu/12.10/templates/web/nginx/php5-fpm/wordpress.tpl @@ -0,0 +1,46 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.10/templates/web/nginx/php5-fpm/wordpress2.stpl b/install/ubuntu/12.10/templates/web/nginx/php5-fpm/wordpress2.stpl new file mode 100644 index 000000000..2822f8754 --- /dev/null +++ b/install/ubuntu/12.10/templates/web/nginx/php5-fpm/wordpress2.stpl @@ -0,0 +1,62 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.10/templates/web/nginx/php5-fpm/wordpress2.tpl b/install/ubuntu/12.10/templates/web/nginx/php5-fpm/wordpress2.tpl new file mode 100644 index 000000000..37b8be305 --- /dev/null +++ b/install/ubuntu/12.10/templates/web/nginx/php5-fpm/wordpress2.tpl @@ -0,0 +1,58 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/12.10/templates/web/nginx/proxy_ip.tpl b/install/ubuntu/12.10/templates/web/nginx/proxy_ip.tpl new file mode 100755 index 000000000..ae1956173 --- /dev/null +++ b/install/ubuntu/12.10/templates/web/nginx/proxy_ip.tpl @@ -0,0 +1,9 @@ +server { + listen %ip%:%proxy_port% default; + server_name _; + #access_log /var/log/nginx/%ip%.log main; + location / { + proxy_pass http://%ip%:%web_port%; + } +} + diff --git a/install/ubuntu/12.10/templates/web/php5-fpm/default.tpl b/install/ubuntu/12.10/templates/web/php5-fpm/default.tpl new file mode 100644 index 000000000..44ccf7a42 --- /dev/null +++ b/install/ubuntu/12.10/templates/web/php5-fpm/default.tpl @@ -0,0 +1,18 @@ +[%backend%] +listen = 127.0.0.1:%backend_port% +listen.allowed_clients = 127.0.0.1 + +user = %user% +group = %user% + +pm = dynamic +pm.max_children = 50 +pm.start_servers = 3 +pm.min_spare_servers = 2 +pm.max_spare_servers = 10 + +env[HOSTNAME] = $HOSTNAME +env[PATH] = /usr/local/bin:/usr/bin:/bin +env[TMP] = /tmp +env[TMPDIR] = /tmp +env[TEMP] = /tmp diff --git a/install/ubuntu/12.10/templates/web/php5-fpm/no-php.tpl b/install/ubuntu/12.10/templates/web/php5-fpm/no-php.tpl new file mode 100644 index 000000000..89487d5f5 --- /dev/null +++ b/install/ubuntu/12.10/templates/web/php5-fpm/no-php.tpl @@ -0,0 +1,13 @@ +#[%backend%] +#user = %user% +#group = %user% +#listen = /dev/null + +#listen.owner = %user% +#listen.group = nginx + +#pm = dynamic +#pm.max_children = 50 +#pm.start_servers = 3 +#pm.min_spare_servers = 2 +#pm.max_spare_servers = 10 diff --git a/install/ubuntu/12.10/templates/web/php5-fpm/socket.tpl b/install/ubuntu/12.10/templates/web/php5-fpm/socket.tpl new file mode 100644 index 000000000..f0513da3e --- /dev/null +++ b/install/ubuntu/12.10/templates/web/php5-fpm/socket.tpl @@ -0,0 +1,21 @@ +[%backend%] +listen = /var/run/php5-%backend%.sock +listen.allowed_clients = 127.0.0.1 + +user = %user% +group = %user% + +listen.owner = %user% +listen.group = nginx + +pm = dynamic +pm.max_children = 50 +pm.start_servers = 3 +pm.min_spare_servers = 2 +pm.max_spare_servers = 10 + +env[HOSTNAME] = $HOSTNAME +env[PATH] = /usr/local/bin:/usr/bin:/bin +env[TMP] = /tmp +env[TMPDIR] = /tmp +env[TEMP] = /tmp diff --git a/install/ubuntu/12.10/templates/web/skel/document_errors/403.html b/install/ubuntu/12.10/templates/web/skel/document_errors/403.html new file mode 100755 index 000000000..9c3f6baab --- /dev/null +++ b/install/ubuntu/12.10/templates/web/skel/document_errors/403.html @@ -0,0 +1,29 @@ + + + 403 — Forbidden + + + + + + +

%domain%

+ +

403

+

Forbidden

+
+ Unfortunately, you do not have permission to view this +
+ + + diff --git a/install/ubuntu/12.10/templates/web/skel/document_errors/404.html b/install/ubuntu/12.10/templates/web/skel/document_errors/404.html new file mode 100755 index 000000000..2cee77084 --- /dev/null +++ b/install/ubuntu/12.10/templates/web/skel/document_errors/404.html @@ -0,0 +1,28 @@ + + + 404 — Not Found + + + + + + +

%domain%

+

404

+

Page Not Found

+
+ It seems that the page you were trying to reach does not exist anymore, or maybe it has just moved. + You can start again from the home or go back to previous page. +
+ + diff --git a/install/ubuntu/12.10/templates/web/skel/document_errors/50x.html b/install/ubuntu/12.10/templates/web/skel/document_errors/50x.html new file mode 100755 index 000000000..85ba648b7 --- /dev/null +++ b/install/ubuntu/12.10/templates/web/skel/document_errors/50x.html @@ -0,0 +1,29 @@ + + + 500 — Internal Sever Error + + + + + + +

%domain%

+ +

500

+

Internal Server Error

+
+ Sorry, something went wrong :( +
+ + + diff --git a/install/ubuntu/12.10/templates/web/skel/public_html/index.html b/install/ubuntu/12.10/templates/web/skel/public_html/index.html new file mode 100755 index 000000000..4f5bb7244 --- /dev/null +++ b/install/ubuntu/12.10/templates/web/skel/public_html/index.html @@ -0,0 +1,26 @@ + + + %domain% — Coming Soon + + + + + + +

%domain%

+ + + + + diff --git a/install/ubuntu/12.10/templates/web/skel/public_html/robots.txt b/install/ubuntu/12.10/templates/web/skel/public_html/robots.txt new file mode 100755 index 000000000..00ee83dcf --- /dev/null +++ b/install/ubuntu/12.10/templates/web/skel/public_html/robots.txt @@ -0,0 +1,3 @@ +# vestacp autogenerated robots.txt +User-agent: * +Crawl-delay: 10 diff --git a/install/ubuntu/12.10/templates/web/skel/public_shtml/index.html b/install/ubuntu/12.10/templates/web/skel/public_shtml/index.html new file mode 100755 index 000000000..4f5bb7244 --- /dev/null +++ b/install/ubuntu/12.10/templates/web/skel/public_shtml/index.html @@ -0,0 +1,26 @@ + + + %domain% — Coming Soon + + + + + + +

%domain%

+ + + + + diff --git a/install/ubuntu/12.10/templates/web/skel/public_shtml/robots.txt b/install/ubuntu/12.10/templates/web/skel/public_shtml/robots.txt new file mode 100755 index 000000000..00ee83dcf --- /dev/null +++ b/install/ubuntu/12.10/templates/web/skel/public_shtml/robots.txt @@ -0,0 +1,3 @@ +# vestacp autogenerated robots.txt +User-agent: * +Crawl-delay: 10 diff --git a/install/ubuntu/12.10/templates/web/suspend/.htaccess b/install/ubuntu/12.10/templates/web/suspend/.htaccess new file mode 100755 index 000000000..5a6df83fb --- /dev/null +++ b/install/ubuntu/12.10/templates/web/suspend/.htaccess @@ -0,0 +1,2 @@ +ErrorDocument 403 /index.html +ErrorDocument 404 /index.html diff --git a/install/ubuntu/12.10/templates/web/suspend/index.html b/install/ubuntu/12.10/templates/web/suspend/index.html new file mode 100755 index 000000000..9d4fa67b3 --- /dev/null +++ b/install/ubuntu/12.10/templates/web/suspend/index.html @@ -0,0 +1,27 @@ + + + SUSPEND + + + + + + +

SUSPEND

+

This site has been suspended

+
+ Please contact technical support departament. +
+ + + diff --git a/install/ubuntu/12.10/templates/web/webalizer/webalizer.tpl b/install/ubuntu/12.10/templates/web/webalizer/webalizer.tpl new file mode 100755 index 000000000..068adcfb9 --- /dev/null +++ b/install/ubuntu/12.10/templates/web/webalizer/webalizer.tpl @@ -0,0 +1,110 @@ +HostName %domain_idn% +LogFile /var/log/%web_system%/domains/%domain%.log +OutputDir %home%/%user%/web/%domain%/stats +HistoryName %home%/%user%/web/%domain%/stats/%domain%.hist +Incremental yes +IncrementalName %home%/%user%/web/%domain%/stats/%domain%.current +PageType htm* +PageType cgi +PageType php +PageType shtml +DNSCache /var/lib/webalizer/dns_cache.db +DNSChildren 10 +Quiet yes +FoldSeqErr yes +IndexAlias index.php +HideURL *.gif +HideURL *.GIF +HideURL *.jpg +HideURL *.JPG +HideURL *.png +HideURL *.PNG +HideURL *.ra +SearchEngine abcsearch. terms= +SearchEngine alexa. q= +SearchEngine alltheweb. q= +SearchEngine alltheweb. query= +SearchEngine alot. q= +SearchEngine altavista. q= +SearchEngine aolsearch. query= +SearchEngine aport.ru r= +SearchEngine ask. q= +SearchEngine atlas.cz q= +SearchEngine bbc. q= +SearchEngine bing. q= +SearchEngine blingo. q= +SearchEngine blogs.yandex.ru text= +SearchEngine btopenworld query= +SearchEngine buscador.ya.com q= +SearchEngine busca. q= +SearchEngine business. query= +SearchEngine centrum.cz q= +SearchEngine chiff. q= +SearchEngine clusty. query= +SearchEngine comcast. q= +SearchEngine crawler. q= +SearchEngine cuil. q= +SearchEngine dmoz. search= +SearchEngine dogpile.com q= +SearchEngine dpxml qkw= +SearchEngine eureka. searchword= +SearchEngine euroseek. string= +SearchEngine exalead. q= +SearchEngine excite search= +SearchEngine ezilon. q= +SearchEngine fastbrowsersearch. q= +SearchEngine feedster.com q= +SearchEngine fireball.de q= +SearchEngine fireball. keyword= +SearchEngine freeserve. q= +SearchEngine gigablast. q= +SearchEngine gogo.ru q= +SearchEngine go.mail.ru q= +SearchEngine google. q= +SearchEngine hakia. q= +SearchEngine hotbot. query= +SearchEngine infoseek. qt= +SearchEngine iwon searchfor= +SearchEngine ixquick.com query= +SearchEngine joeant. keywords= +SearchEngine jyxo.cz s= +SearchEngine looksmart. key= +SearchEngine lycos. query= +SearchEngine mamma. q= +SearchEngine metacrawler q= +SearchEngine msn. MT= +SearchEngine msxml qkw= +SearchEngine mysearch. searchfor= +SearchEngine mywebsearch. searchfor= +SearchEngine netscape. q= +SearchEngine nigma.ru q= +SearchEngine northernlight. qr= +SearchEngine ntlworld. q= +SearchEngine orange. q= +SearchEngine overture. Keywords= +SearchEngine punto.ru text= +SearchEngine rambler. keyword= +SearchEngine search.aol. q= +SearchEngine search.babylon. q= +SearchEngine search.centrum. phrase= +SearchEngine search.conduit. q= +SearchEngine search.earthlink q= +SearchEngine search.icq. q= +SearchEngine search.live.com q= +SearchEngine search.rambler.ru words= +SearchEngine search.winamp. q= +SearchEngine searchy. q= +SearchEngine seznam.cz w= +SearchEngine snap. query= +SearchEngine teoma. q= +SearchEngine teradex.com q= +SearchEngine ukplus key= +SearchEngine verizon. q= +SearchEngine virginmedia. q= +SearchEngine voila. rdata= +SearchEngine webcrawler searchText= +SearchEngine web.search.naver. query= +SearchEngine wisenut q= +SearchEngine yahoo. p= +SearchEngine yandex. text= +SearchEngine yodao. q= diff --git a/install/ubuntu/12.10/vsftpd/vsftpd.conf b/install/ubuntu/12.10/vsftpd/vsftpd.conf new file mode 100644 index 000000000..0902899e7 --- /dev/null +++ b/install/ubuntu/12.10/vsftpd/vsftpd.conf @@ -0,0 +1,24 @@ +anonymous_enable=NO +local_enable=YES +write_enable=YES +local_umask=002 +anon_upload_enable=NO +dirmessage_enable=YES +xferlog_enable=YES +connect_from_port_20=YES +xferlog_std_format=YES +dual_log_enable=YES +chroot_local_user=YES +listen=YES +pam_service_name=vsftpd +userlist_enable=NO +tcp_wrappers=YES +force_dot_files=YES +ascii_upload_enable=YES +ascii_download_enable=YES +#allow_writable_chroot=YES +allow_writeable_chroot=YES +seccomp_sandbox=NO +pasv_enable=YES +pasv_max_port=12100 +pasv_min_port=12000 diff --git a/install/ubuntu/13.04/apache2/apache2.conf b/install/ubuntu/13.04/apache2/apache2.conf new file mode 100644 index 000000000..221780117 --- /dev/null +++ b/install/ubuntu/13.04/apache2/apache2.conf @@ -0,0 +1,86 @@ +# It is split into several files forming the configuration hierarchy outlined +# below, all located in the /etc/apache2/ directory: +# +# /etc/apache2/ +# |-- apache2.conf +# | `-- ports.conf +# |-- mods-enabled +# | |-- *.load +# | `-- *.conf +# |-- conf.d +# | `-- * + +# Global configuration +PidFile ${APACHE_PID_FILE} +Timeout 30 +KeepAlive Off +MaxKeepAliveRequests 100 +KeepAliveTimeout 10 + + + StartServers 8 + MinSpareServers 5 + MaxSpareServers 20 + ServerLimit 256 + MaxClients 200 + MaxRequestsPerChild 4000 + + + + StartServers 2 + MinSpareThreads 25 + MaxSpareThreads 75 + ThreadLimit 64 + ThreadsPerChild 25 + MaxClients 200 + MaxRequestsPerChild 4000 + + + + StartServers 2 + MinSpareThreads 25 + MaxSpareThreads 75 + ThreadLimit 64 + ThreadsPerChild 25 + MaxClients 200 + MaxRequestsPerChild 4000 + + +# These need to be set in /etc/apache2/envvars +User ${APACHE_RUN_USER} +Group ${APACHE_RUN_GROUP} +#User www-data +#Group www-data + +AccessFileName .htaccess + + + Order allow,deny + Deny from all + Satisfy all + + +DefaultType None +HostnameLookups Off + +ErrorLog ${APACHE_LOG_DIR}/error.log +LogLevel warn + +# Include module configuration: +Include mods-enabled/*.load +Include mods-enabled/*.conf + +# Include list of ports to listen on and which to use for name based vhosts +Include ports.conf + +LogFormat "%v:%p %h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined +LogFormat "%h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined +LogFormat "%h %l %u %t \"%r\" %>s %O" common +LogFormat "%{Referer}i -> %U" referer +LogFormat "%{User-agent}i" agent +LogFormat "%b" bytes + +Include conf.d/ + +# Include the virtual host configurations: +#Include sites-enabled/ diff --git a/install/ubuntu/13.04/apache2/status.conf b/install/ubuntu/13.04/apache2/status.conf new file mode 100644 index 000000000..da9d96333 --- /dev/null +++ b/install/ubuntu/13.04/apache2/status.conf @@ -0,0 +1,8 @@ +Listen 127.0.0.1:8081 + + SetHandler server-status + Order deny,allow + Deny from all + Allow from 127.0.0.1 + Allow from all + diff --git a/install/ubuntu/13.04/bind/named.conf b/install/ubuntu/13.04/bind/named.conf new file mode 100644 index 000000000..ed6ece885 --- /dev/null +++ b/install/ubuntu/13.04/bind/named.conf @@ -0,0 +1,12 @@ +// This is the primary configuration file for the BIND DNS server named. +// +// Please read /usr/share/doc/bind9/README.Debian.gz for information on the +// structure of BIND configuration files in Debian, *BEFORE* you customize +// this configuration file. +// +// If you are just adding zones, please do that in /etc/bind/named.conf.local + +include "/etc/bind/named.conf.options"; +include "/etc/bind/named.conf.local"; +include "/etc/bind/named.conf.default-zones"; + diff --git a/install/ubuntu/13.04/clamav/clamd.conf b/install/ubuntu/13.04/clamav/clamd.conf new file mode 100644 index 000000000..ea982697a --- /dev/null +++ b/install/ubuntu/13.04/clamav/clamd.conf @@ -0,0 +1,61 @@ +#Automatically Generated by clamav-base postinst +#To reconfigure clamd run #dpkg-reconfigure clamav-base +#Please read /usr/share/doc/clamav-base/README.Debian.gz for details +LocalSocket /var/run/clamav/clamd.ctl +FixStaleSocket true +LocalSocketGroup clamav +LocalSocketMode 666 +# TemporaryDirectory is not set to its default /tmp here to make overriding +# the default with environment variables TMPDIR/TMP/TEMP possible +User clamav +AllowSupplementaryGroups true +ScanMail true +ScanArchive true +ArchiveBlockEncrypted false +MaxDirectoryRecursion 15 +FollowDirectorySymlinks false +FollowFileSymlinks false +ReadTimeout 180 +MaxThreads 12 +MaxConnectionQueueLength 15 +LogSyslog false +LogFacility LOG_LOCAL6 +LogClean false +LogVerbose true +PidFile /var/run/clamav/clamd.pid +DatabaseDirectory /var/lib/clamav +SelfCheck 3600 +Foreground false +Debug false +ScanPE true +ScanOLE2 true +ScanHTML true +DetectBrokenExecutables false +ExitOnOOM false +LeaveTemporaryFiles false +AlgorithmicDetection true +ScanELF true +IdleTimeout 30 +PhishingSignatures true +PhishingScanURLs true +PhishingAlwaysBlockSSLMismatch false +PhishingAlwaysBlockCloak false +DetectPUA false +ScanPartialMessages false +HeuristicScanPrecedence false +StructuredDataDetection false +CommandReadTimeout 5 +SendBufTimeout 200 +MaxQueue 100 +ExtendedDetectionInfo true +OLE2BlockMacros false +StreamMaxLength 25M +LogFile /var/log/clamav/clamav.log +LogTime true +LogFileUnlock false +LogFileMaxSize 0 +Bytecode true +BytecodeSecurity TrustSigned +BytecodeTimeout 60000 +OfficialDatabaseOnly false +CrossFilesystems true diff --git a/install/ubuntu/13.04/deb_signing.key b/install/ubuntu/13.04/deb_signing.key new file mode 100644 index 000000000..2ad2db8bc --- /dev/null +++ b/install/ubuntu/13.04/deb_signing.key @@ -0,0 +1,30 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- +Version: GnuPG v1.4.12 (GNU/Linux) + +mQENBFJIGbEBCAC8SHOOFo7iDTbnC2GhNZ+uBGCh226Dn1QPoFZNFM/DNakHZ6rD +G3wzr8++eKz4fJual/VLllE2N9XDPuxbozb3LLkcyY1WzJqtIXbXhFGQ/SuIeT+x +QY90XU6t2Ckze2c+zUniAWmJ8GSyVmXOoc9JxAQ1u47wvGXLzrjWXc8u8PNRYXuf +fZplTL+dFu9P0d6lP8FGsV+r9wXvvazpRTz3+H8PKrGCYT55ZQIEdG9Jgamylto2 +oVPFXkwGML+TLw6oeCIBuz2y2vtivphW4MJ3ifQjDj7k3n+DTIxfDFs8lB6VRhhY +2nMHCrcZC6U2mhmXmr6O4s1fu6irBVx05ejPABEBAAG0IFNlcmdoZXkgUm9kaW4g +PHNraWRAdmVzdGFjcC5jb20+iQE4BBMBAgAiBQJSSBmxAhsDBgsJCAcDAgYVCAIJ +CgsEFgIDAQIeAQIXgAAKCRBCxbITCh93FPdqB/93GjV9g+wBfeZYLHQK9MDU2wBb +VloYOJJae6IvYKYQVAJayD3PbHdpxrF8s9e23vdnmb9jKu6jX6oV54EIyqP2HPiN +QYc8wcea+eSHerznBixCtoQh8mtdWGFeN71zU/ig7L5qlOVF/EmxDVZTFUeivFxh +IV6qyBnktQKktE45585yKZyyLtfGoXA54DGK69OtJFh+wdkKEMmUXocMl7wUrxW6 +Cx2CuKeEXEgvwu8mRHQi3S3T9XP456qWEn5dWyMVcP660IzEuZfSJApZusNK7zG3 +WMy0/EuX7xHNY3mcNxTOUN1LsO7iHnhHD9+iKWJo9parGkMZzc92MpjDK/g7uQEN +BFJIGbEBCAC7k5QEA9WQM7E3ceNaeLMrA9lXfuzaNCcySq7ONdVAa5PxzbSKdHvz +QFoL1VFqBTYQ038lbil1XqnoM0zvIfAI3LcpS8sq92El/vPxp6jZh2Ari9Uw7x95 +k2cZMgI67g+zQMGdjVRA155nFQRCgg000xU4F7JA6+WsuLlVUmccsDv7YWJExMtC +YPxiuz5DFu8RALnw4Ckts+dbwsrcvUHhkm9b6RAsdCKjjRpUZjLgdltjH83gUVvt +i1YmdjjsVpt95dtsaG+ad852g/Rk8EdxNMkjPF6HLA67CLADP9wYaj80yPcPtylS +ycvPtcclVeHkFBRVM8xZpQd4iD19MWI1ABEBAAGJAR8EGAECAAkFAlJIGbECGwwA +CgkQQsWyEwofdxQ7tQgAhB0FwTs7L8Qr63DHC2yAnXVxgtTAY1/36CccNXVculyR ++EkLcwahms9AKhz7eQb+Mud+5vH0GRohLp2npgO38CjVUfIP5d+Y6dsthmrkF6p8 +XdV1dVK9vWX+i/YZSw/Mded30Cq4P2Yhq9EaemMT0rtli8lz2NnkZ9dFJZk1lzJC +CZmRpbjSNWqRU4f7qyh21lYk/OC/0XE8fh8CaO23TZ+6gBionoCztwb7NyC9OArN +qYlNnbmh9iNqdblykPS3bkjf34n2xyMgnIehNrM89tk8PY4UfNPhgT1TMD9W3Svq +ynNZvLuF/FIDwDeC1qcfjGbfDn9fXO/lMIIRooQYKQ== +=J2HJ +-----END PGP PUBLIC KEY BLOCK----- diff --git a/install/ubuntu/13.04/dovecot.tar.gz b/install/ubuntu/13.04/dovecot.tar.gz new file mode 100644 index 0000000000000000000000000000000000000000..bfabaa030981d087ea4ccd8c7b86cc4d7ab1b7c6 GIT binary patch literal 3487 zcmV;Q4Pf#giwFRAz^+vQ1MM4YZyPrJESWH#l7u_ru?rTWOchsOV;5PJCsTFqMF@1q7J z@8Lu8?+=Fk(NVY80r~evgQH6Rj{$e&-|I9Jo%CDy^^@&^0v-(pACmu3uh#|ncRQo* z(dY>0bqAx~@CoaDG73Hde{=aieOi0^lwDn3^_fjXAZIdQR-~y^a|aq$g|DKQfwbnIX+x!UC0o24+8Ev1e?6`TyF z8`vq$jB@adI3@)oZi~NBA63I*Z>0~uk2KT zaHU4N^Mslf!x4zfNM=3)9v~#FmW9FwMovM>Qqk&A2kn)-mF@3y zG_7=ebDkGV094j@@Vs@0BEc@7@e)9w1lqm6#<#5dEoiE=m z@xRQ?I@Os$l_|q95)Rz0FPp%ZgQ-R*OzH}@2pfc;P;nNeTnTN9qnvI`X4%2lW7cbR zTm3_iDcc$Smm3}Aqsvx4A-9-ir}foWtu?zhA>BPnKH=r8;MprpW)8}EnWd=Ptk>xv zZ$wNMvfvPJARK}+#op!#f3DIl7_7MUF_H+{N8OxpIBtVkjrIw0*#{pt%}|=4)|}#i zlK@)fN@oy7fK{B$wRYhG42V-$TW~dZzNkgA$Vec}F7ibQ_$LtX40NJt`OMjEVY}## zC!XAK34ym>0Rsw56(X|5!=mP(gHmL#q$xf~(P8ePbmY17uP8?-2-eo4Yq8S|{0ePC z{%@rXcpy}2$J3Wi&9@E*NtxUUBtI;i4*_q;ryATy&))c2YhFE=mCZghykWlY>c z$`*4-IYg9zGgoBu+J$PTs?J72mMO7@v=QizHl?Ho^Q6trYBp`MA?apM!Dq&&Fw%;NZ>9uNV(Q;Ji1D zSC=o5I^LcO}XbK_ij~ctOc^?0jNp{bgsnFkh!dQ`x4_i~A(yWFTp;L}~+`2=c6K z3cll({3CicV6e|ZnwY%i*D{1yLZ+?e{=TLY6c|SC1fzpMzDZJI%5L+?v>Mfe#D|AM zu{H~_Ze62e^kh|%!fz>Q2_H!3659BJZVC(0Vjnu9`FU}gzn7>vr-tO$G^OH$ojEgYPB34n)nCN z6_up>=y0fnu2v=w9^ctv_X*FyQ{qy%dak!9@p03;bsS}E4*n(qZ-c&>9>6_P!1vB* z)S>Sb1jo$Vh9~sS!@r29x^Mp=wK=--Pv-z0vj5JYQ`rBokM&>pe^A-~V*p5dl5jAb zF>6B()Q0bEuM;i!{MS(O3O)$;`#>Hz_&+?N{?F*Bvj4{b*Z-lK^uDrs5Xa-jP|B-A`z+-YdcF%DyCW+}{uQ7yN8dB=smp0>#5MR`=XA`_M|@&2rY zZx3;qcSKw<4eRNIXYWR9hn<^w7Q@ziSccrYPi2Y|VUpNm!WeDfdNYG$fi5R_OuDV& z%!xY>ILFc8_Cq&nkN@v}qb4?dwsIDU?QXGzCXef~UH4_fOVB_gLqVlFBKY*=>g4(P z#re%UtS=?NLD9nMx$84TnP5{vXD0pJ|6<>@c0hzQWe!47Af$v-WgUAoa7#{glGpk@ zZ>{epa?OlGyuBkz|5C-&D zX>62B5bhh91xMVx7HNLb_;K4>S8Csx=x_yj>G+sP zYoJHLc3^{Pi~pL%ck9}<&CEpGF9Nl;%!vsdCTDtnY_DI_P0mWP6p-FC77Gq+7U;;R z_qKx!=CJW^E-!^5;+v)tDti>M$qK zMmnu|b$NMJAVUeBetUNMT~T|z0-^}BogfM`fY)aDoF=l zFMF--Ve4Me$(NX7#5m<475cGv?HcmvADsJ6x3wm4@D{7`xTjg;lm*- zO4=y45Y&e@WBcuWP~+K5uALR;b!oED-5MP=oo!)vr2}oHT*3-gpQ8UohXrhNy=W@A zO9iGU!=1fKT!?HoZPJScC9TDy{`g8;5kWx8UpoLTy10Jxob*!`{qijf$TcD#4)2si z-J1<%o&tptmg1?o0}&FNOl~vk2qPa!kx-KhTyrBfzd5u2ed#}{;xeAy8rjP#r?n6>GmN1 zKk8Tc|KkA4I-F8o9~!x&5|@*I6BPg+L!OMPYXh(-F@E`C*gSpx?&_vUSADuQt}E6S zY0wss9}n802Ct!PyB@Y3I;_;;l3%siZ^!+)`S@pr`}IF-qfdMNf6)HB!~UK3e+O6w ztnB|00Hh7}wt@T_K1~8)@ZR)wJF{2{40zOD3Sdwh2HQC3(oTpACZz?pV)Lu!!@SBw z|A=tk{xJo3)cPOT|IxPo-|4&hUuFM~0-?0@@^2DxEC#I83ANGaO)LB~fhax2m$#gg zphvO5S5~BrF;vq+Mye+;{o z{XYh{IxZyRV5V~sPIh|ZG{}QMSnCGt&Iktl)V+-F-%UQQFWUGKQ}ep2ef*u%&wca? zo^0(u@A-b(%-;do|L7z3-|zbT|ESaL;O{>N_>;iO{vQGI_8wX`b@3Y9jdImf(k0Apn?i2sGx!hDyX1>3M#0ef(kxA N{0}P55eWcL004dY&`|&Y literal 0 HcmV?d00001 diff --git a/install/ubuntu/13.04/dovecot/conf.d/10-auth.conf b/install/ubuntu/13.04/dovecot/conf.d/10-auth.conf new file mode 100644 index 000000000..dfcc83110 --- /dev/null +++ b/install/ubuntu/13.04/dovecot/conf.d/10-auth.conf @@ -0,0 +1,4 @@ +disable_plaintext_auth = no +auth_verbose = yes +auth_mechanisms = plain login +!include auth-passwdfile.conf.ext diff --git a/install/ubuntu/13.04/dovecot/conf.d/10-logging.conf b/install/ubuntu/13.04/dovecot/conf.d/10-logging.conf new file mode 100644 index 000000000..a5f207d51 --- /dev/null +++ b/install/ubuntu/13.04/dovecot/conf.d/10-logging.conf @@ -0,0 +1 @@ +log_path = /var/log/dovecot.log diff --git a/install/ubuntu/13.04/dovecot/conf.d/10-mail.conf b/install/ubuntu/13.04/dovecot/conf.d/10-mail.conf new file mode 100644 index 000000000..55313419e --- /dev/null +++ b/install/ubuntu/13.04/dovecot/conf.d/10-mail.conf @@ -0,0 +1,4 @@ +mail_privileged_group = mail +mail_access_groups = mail +mail_location = maildir:%h/mail/%d/%n +pop3_uidl_format = %08Xu%08Xv diff --git a/install/ubuntu/13.04/dovecot/conf.d/10-master.conf b/install/ubuntu/13.04/dovecot/conf.d/10-master.conf new file mode 100644 index 000000000..a75a9aaa4 --- /dev/null +++ b/install/ubuntu/13.04/dovecot/conf.d/10-master.conf @@ -0,0 +1,29 @@ +service imap-login { + inet_listener imap { + } + inet_listener imaps { + } +} + +service pop3-login { + inet_listener pop3 { + } + inet_listener pop3s { + } +} + + +service imap { +} + +service pop3 { +} + +service auth { + unix_listener auth-client { + group = mail + mode = 0660 + user = dovecot + } + user = dovecot +} diff --git a/install/ubuntu/13.04/dovecot/conf.d/10-ssl.conf b/install/ubuntu/13.04/dovecot/conf.d/10-ssl.conf new file mode 100644 index 000000000..3aaff6eec --- /dev/null +++ b/install/ubuntu/13.04/dovecot/conf.d/10-ssl.conf @@ -0,0 +1,3 @@ +ssl = yes +ssl_cert = = 2.1.4) : %v.%u + # Dovecot v0.99.x : %v.%u + # tpop3d : %Mf + # + # Note that Outlook 2003 seems to have problems with %v.%u format which was + # Dovecot's default, so if you're building a new server it would be a good + # idea to change this. %08Xu%08Xv should be pretty fail-safe. + # + #pop3_uidl_format = %08Xu%08Xv + + # Permanently save UIDLs sent to POP3 clients, so pop3_uidl_format changes + # won't change those UIDLs. Currently this works only with Maildir. + #pop3_save_uidl = no + + # What to do about duplicate UIDLs if they exist? + # allow: Show duplicates to clients. + # rename: Append a temporary -2, -3, etc. counter after the UIDL. + #pop3_uidl_duplicates = allow + + # POP3 logout format string: + # %i - total number of bytes read from client + # %o - total number of bytes sent to client + # %t - number of TOP commands + # %p - number of bytes sent to client as a result of TOP command + # %r - number of RETR commands + # %b - number of bytes sent to client as a result of RETR command + # %d - number of deleted messages + # %m - number of messages (before deletion) + # %s - mailbox size in bytes (before deletion) + # %u - old/new UIDL hash. may help finding out if UIDLs changed unexpectedly + #pop3_logout_format = top=%t/%p, retr=%r/%b, del=%d/%m, size=%s + + # Maximum number of POP3 connections allowed for a user from each IP address. + # NOTE: The username is compared case-sensitively. + #mail_max_userip_connections = 10 + + # Space separated list of plugins to load (default is global mail_plugins). + #mail_plugins = $mail_plugins + + # Workarounds for various client bugs: + # outlook-no-nuls: + # Outlook and Outlook Express hang if mails contain NUL characters. + # This setting replaces them with 0x80 character. + # oe-ns-eoh: + # Outlook Express and Netscape Mail breaks if end of headers-line is + # missing. This option simply sends it if it's missing. + # The list is space-separated. + #pop3_client_workarounds = +} diff --git a/install/ubuntu/13.04/dovecot/conf.d/auth-passwdfile.conf.ext b/install/ubuntu/13.04/dovecot/conf.d/auth-passwdfile.conf.ext new file mode 100644 index 000000000..75e6e1152 --- /dev/null +++ b/install/ubuntu/13.04/dovecot/conf.d/auth-passwdfile.conf.ext @@ -0,0 +1,9 @@ +passdb { + driver = passwd-file + args = scheme=MD5-CRYPT username_format=%n /etc/exim4/domains/%d/passwd +} + +userdb { + driver = passwd-file + args = username_format=%n /etc/exim4/domains/%d/passwd +} diff --git a/install/ubuntu/13.04/dovecot/dovecot.conf b/install/ubuntu/13.04/dovecot/dovecot.conf new file mode 100644 index 000000000..0a8553510 --- /dev/null +++ b/install/ubuntu/13.04/dovecot/dovecot.conf @@ -0,0 +1,4 @@ +protocols = imap pop3 +listen = *, :: +base_dir = /var/run/dovecot/ +!include conf.d/*.conf diff --git a/install/ubuntu/13.04/exim/dnsbl.conf b/install/ubuntu/13.04/exim/dnsbl.conf new file mode 100644 index 000000000..5166b255e --- /dev/null +++ b/install/ubuntu/13.04/exim/dnsbl.conf @@ -0,0 +1,2 @@ +bl.spamcop.net +zen.spamhaus.org diff --git a/install/ubuntu/13.04/exim/exim4.conf.template b/install/ubuntu/13.04/exim/exim4.conf.template new file mode 100644 index 000000000..742f0409e --- /dev/null +++ b/install/ubuntu/13.04/exim/exim4.conf.template @@ -0,0 +1,377 @@ +###################################################################### +# # +# Exim configuration file for Vesta Control Panel # +# # +###################################################################### + +#SPAMASSASSIN = yes +#SPAM_SCORE = 50 +#CLAMD = yes + +domainlist local_domains = dsearch;/etc/exim4/domains/ +domainlist relay_to_domains = dsearch;/etc/exim4/domains/ +hostlist relay_from_hosts = 127.0.0.1 +hostlist whitelist = net-iplsearch;/etc/exim4/white-blocks.conf +hostlist spammers = net-iplsearch;/etc/exim4/spam-blocks.conf +no_local_from_check +untrusted_set_sender = * +acl_smtp_connect = acl_check_spammers +acl_smtp_mail = acl_check_mail +acl_smtp_rcpt = acl_check_rcpt +acl_smtp_data = acl_check_data +acl_smtp_mime = acl_check_mime + +.ifdef SPAMASSASSIN +spamd_address = 127.0.0.1 783 +.endif + +.ifdef CLAMD +av_scanner = clamd: /var/run/clamav/clamd.ctl +.endif + +tls_advertise_hosts = * +tls_certificate = /usr/local/vesta/ssl/certificate.crt +tls_privatekey = /usr/local/vesta/ssl/certificate.key + +daemon_smtp_ports = 25 : 465 : 587 : 2525 +tls_on_connect_ports = 465 +never_users = root +host_lookup = * +rfc1413_hosts = * +rfc1413_query_timeout = 5s +ignore_bounce_errors_after = 2d +timeout_frozen_after = 7d + +DKIM_DOMAIN = ${lc:${domain:$h_from:}} +DKIM_FILE = /etc/exim4/domains/${lc:${domain:$h_from:}}/dkim.pem +DKIM_PRIVATE_KEY = ${if exists{DKIM_FILE}{DKIM_FILE}{0}} + + + +###################################################################### +# ACL CONFIGURATION # +# Specifies access control lists for incoming SMTP mail # +###################################################################### +begin acl + +acl_check_spammers: + accept hosts = +whitelist + + drop message = Your host in blacklist on this server. + log_message = Host in blacklist + hosts = +spammers + + accept + + +acl_check_mail: + deny condition = ${if eq{$sender_helo_name}{}} + message = HELO required before MAIL + + drop message = Helo name contains a ip address (HELO was $sender_helo_name) and not is valid + condition = ${if match{$sender_helo_name}{\N((\d{1,3}[.-]\d{1,3}[.-]\d{1,3}[.-]\d{1,3})|([0-9a-f]{8})|([0-9A-F]{8}))\N}{yes}{no}} + condition = ${if match {${lookup dnsdb{>: defer_never,ptr=$sender_host_address}}\}{$sender_helo_name}{no}{yes}} + delay = 45s + + drop condition = ${if isip{$sender_helo_name}} + message = Access denied - Invalid HELO name (See RFC2821 4.1.3) + + drop condition = ${if eq{[$interface_address]}{$sender_helo_name}} + message = $interface_address is _my_ address + + accept + + +acl_check_rcpt: + accept hosts = : + + deny message = Restricted characters in address + domains = +local_domains + local_parts = ^[.] : ^.*[@%!/|] + + deny message = Restricted characters in address + domains = !+local_domains + local_parts = ^[./|] : ^.*[@%!] : ^.*/\\.\\./ + + require verify = sender + + accept hosts = +relay_from_hosts + control = submission + + accept authenticated = * + control = submission/domain= + + deny message = Rejected because $sender_host_address is in a black list at $dnslist_domain\n$dnslist_text + hosts = !+whitelist + dnslists = ${readfile {/etc/exim4/dnsbl.conf}{:}} + + require message = relay not permitted + domains = +local_domains : +relay_to_domains + + deny message = smtp auth requried + sender_domains = +local_domains + !authenticated = * + + require verify = recipient + +.ifdef CLAMD + warn set acl_m0 = no + + warn condition = ${if exists {/etc/exim4/domains/$domain/antivirus}{yes}{no}} + set acl_m0 = yes +.endif + +.ifdef SPAMASSASSIN + warn set acl_m1 = no + + warn condition = ${if exists {/etc/exim4/domains/$domain/antispam}{yes}{no}} + set acl_m1 = yes +.endif + + accept + + +acl_check_data: +.ifdef CLAMD + deny message = Message contains a virus ($malware_name) and has been rejected + malware = * + condition = ${if eq{$acl_m0}{yes}{yes}{no}} +.endif + +.ifdef SPAMASSASSIN + warn !authenticated = * + hosts = !+relay_from_hosts + condition = ${if < {$message_size}{100K}} + condition = ${if eq{$acl_m1}{yes}{yes}{no}} + spam = nobody:true/defer_ok + add_header = X-Spam-Score: $spam_score_int + add_header = X-Spam-Bar: $spam_bar + add_header = X-Spam-Report: $spam_report + set acl_m2 = $spam_score_int + + warn condition = ${if !eq{$acl_m2}{} {yes}{no}} + condition = ${if >{$acl_m2}{SPAM_SCORE} {yes}{no}} + add_header = X-Spam-Status: Yes + message = SpamAssassin detected spam (from $sender_address to $recipients). +.endif + + accept + + +acl_check_mime: + deny message = Blacklisted file extension detected + condition = ${if match {${lc:$mime_filename}}{\N(\.ade|\.adp|\.bat|\.chm|\.cmd|\.com|\.cpl|\.exe|\.hta|\.ins|\.isp|\.jse|\.lib|\.lnk|\.mde|\.msc|\.msp|\.mst|\.pif|\.scr|\.sct|\.shb|\.sys|\.vb|\.vbe|\.vbs|\.vxd|\.wsc|\.wsf|\.wsh)$\N}{1}{0}} + + accept + + + +###################################################################### +# AUTHENTICATION CONFIGURATION # +###################################################################### +begin authenticators + +dovecot_plain: + driver = dovecot + public_name = PLAIN + server_socket = /var/run/dovecot/auth-client + server_set_id = $auth1 + +dovecot_login: + driver = dovecot + public_name = LOGIN + server_socket = /var/run/dovecot/auth-client + server_set_id = $auth1 + + + +###################################################################### +# ROUTERS CONFIGURATION # +# Specifies how addresses are handled # +###################################################################### +begin routers + +#smarthost: +# driver = manualroute +# domains = ! +local_domains +# transport = remote_smtp +# route_list = * smartrelay.vestacp.com +# no_more +# no_verify + +dnslookup: + driver = dnslookup + domains = !+local_domains + transport = remote_smtp + no_more + +userforward: + driver = redirect + check_local_user + file = $home/.forward + allow_filter + no_verify + no_expn + check_ancestor + file_transport = address_file + pipe_transport = address_pipe + reply_transport = address_reply + +procmail: + driver = accept + check_local_user + require_files = ${local_part}:+${home}/.procmailrc:/usr/bin/procmail + transport = procmail + no_verify + +autoreplay: + driver = accept + require_files = /etc/exim4/domains/$domain/autoreply.${local_part}.msg + condition = ${if exists{/etc/exim4/domains/$domain/autoreply.${local_part}.msg}}{yes}{no}} + retry_use_local_part + transport = userautoreply + unseen + +aliases: + driver = redirect + headers_add = X-redirected: yes + data = ${extract{1}{:}{${lookup{$local_part@$domain}lsearch{/etc/exim4/domains/$domain/aliases}}}} + require_files = /etc/exim4/domains/$domain/aliases + redirect_router = dnslookup + pipe_transport = address_pipe + unseen + +localuser_fwd_only: + driver = accept + transport = devnull + condition = ${if exists{/etc/exim/domains/$domain/fwd_only}{${lookup{$local_part}lsearch{/etc/exim/domains/$domain/fwd_only}{true}{false}}}} + +localuser_spam: + driver = accept + transport = local_spam_delivery + condition = ${if eq {${if match{$h_X-Spam-Status:}{\N^Yes\N}{yes}{no}}} {${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}{yes}{no_such_user}}}} + +localuser: + driver = accept + transport = local_delivery + condition = ${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}{true}{false}} + +catchall: + driver = redirect + headers_add = X-redirected: yes + require_files = /etc/exim4/domains/$domain/aliases + data = ${extract{1}{:}{${lookup{*@$domain}lsearch{/etc/exim4/domains/$domain/aliases}}}} + file_transport = local_delivery + redirect_router = dnslookup + +terminate_alias: + driver = accept + transport = devnull + condition = ${lookup{$local_part@$domain}lsearch{/etc/exim4/domains/$domain/aliases}{true}{false}} + + + +###################################################################### +# TRANSPORTS CONFIGURATION # +###################################################################### +begin transports + +remote_smtp: + driver = smtp + #helo_data = $sender_address_domain + dkim_domain = DKIM_DOMAIN + dkim_selector = mail + dkim_private_key = DKIM_PRIVATE_KEY + dkim_canon = relaxed + dkim_strict = 0 + +procmail: + driver = pipe + command = "/usr/bin/procmail -d $local_part" + return_path_add + delivery_date_add + envelope_to_add + user = $local_part + initgroups + return_output + +local_delivery: + driver = appendfile + maildir_format + maildir_use_size_file + user = ${extract{2}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}} + group = mail + create_directory + directory_mode = 770 + mode = 660 + use_lockfile = no + delivery_date_add + envelope_to_add + return_path_add + directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}/mail/$domain/$local_part" + quota = ${extract{6}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}M + quota_warn_threshold = 75% + +local_spam_delivery: + driver = appendfile + maildir_format + maildir_use_size_file + user = ${extract{2}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}} + group = mail + create_directory + directory_mode = 770 + mode = 660 + use_lockfile = no + delivery_date_add + envelope_to_add + return_path_add + directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}/mail/$domain/$local_part/.Spam" + quota = ${extract{6}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}M + quota_directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}/mail/$domain/$local_part" + quota_warn_threshold = 75% + +address_pipe: + driver = pipe + return_output + +address_file: + driver = appendfile + delivery_date_add + envelope_to_add + return_path_add + +address_reply: + driver = autoreply + +userautoreply: + driver = autoreply + file = /etc/exim4/domains/$domain/autoreply.${local_part}.msg + from = "${local_part}@${domain}" + subject = "${if def:h_Subject: {Autoreply: ${quote:${escape:$h_Subject:}}} {Autoreply Message}}" + to = "${sender_address}" + +devnull: + driver = appendfile + file = /dev/null + + + +###################################################################### +# RETRY CONFIGURATION # +###################################################################### +begin retry + +# Address or Domain Error Retries +# ----------------- ----- ------- +* * F,2h,15m; G,16h,1h,1.5; F,4d,6h + + + +###################################################################### +# REWRITE CONFIGURATION # +###################################################################### +begin rewrite + + + +###################################################################### diff --git a/install/ubuntu/13.04/exim/spam-blocks.conf b/install/ubuntu/13.04/exim/spam-blocks.conf new file mode 100644 index 000000000..e69de29bb diff --git a/install/ubuntu/13.04/fail2ban.tar.gz b/install/ubuntu/13.04/fail2ban.tar.gz new file mode 100644 index 0000000000000000000000000000000000000000..628545b6b12d83a4dfcf4529b41f62792c228c85 GIT binary patch literal 721 zcmV;?0xta@iwFR?P)1Y$1MQbhZ{jczhB^CJjMPJ=l>#Ira4D7AZL1=&Z6#&~ zz`KruB3xbg09_DCMo>VRAaZ-;y)^U@ z_5_W1em^5}=Uk3M(j5%0M~Fp}7>lVIYRqubkoOIoiK#qP6BOckLPYW;2OWgmSsIAg zuZ|mFmaYUYjJJfo8s1fhF1)IOlQ|75La(j33(9U0btUMJvtIut>QYeUVmCrexr&Qi zKbjFQ61zkzP2U-?^r{!(!l(3+?Yga{u}aaFy}dZE-rC%=GOfyYm&N9W)k}T291PDY z*P0t`IZ}uIjJ_-j{V$SH_dlT#cu)PeEcx8DI+m&H|328vfBu=(y@&@N72}Qi-)t}U ze|i14JEpGxd*KMK)CoAp98}8bBuj9v%2KQe1W{6IHF7UVKsi-oBUDPa+B%^mI!l#A z%iggR=`rPvnSp)Z2xvn7V8#q@Dyt%#D2+c|xJU7JZ=WzC$g2~0Q{w%WGdx!uFgO@} z=-u4i58*FN5)y;)2*=Nd+$g+V_$fxmCp11?eTVGz8P->^KFOi;zxe)( z;(T!ZH#>H&|F+iuy|9`8{p-KwZ0f&dYyIB`OZs27=SuT4o@Sm$(ja3D9@K#V)prvv zs8^H+ECdN-k)k768hSV1`}Y@@gAp1N=}x2^dQlk4c0wJawc4RhTtX&fF0G*c4Nk6a z2g6fPkL6zl5rJ&(DMxg| +actionstop = /usr/local/vesta/bin/v-delete-firewall-chain +actioncheck = iptables -n -L INPUT | grep -q 'fail2ban-[ \t]' +actionban = /usr/local/vesta/bin/v-add-firewall-ban +actionunban = /usr/local/vesta/bin/v-delete-firewall-ban diff --git a/install/ubuntu/13.04/fail2ban/filter.d/vesta.conf b/install/ubuntu/13.04/fail2ban/filter.d/vesta.conf new file mode 100644 index 000000000..69670a56e --- /dev/null +++ b/install/ubuntu/13.04/fail2ban/filter.d/vesta.conf @@ -0,0 +1,10 @@ +# Fail2Ban filter for unsuccesfull Vesta authentication attempts +# + +[INCLUDES] +before = common.conf + +[Definition] +failregex = .* failed to login +ignoreregex = + diff --git a/install/ubuntu/13.04/fail2ban/jail.local b/install/ubuntu/13.04/fail2ban/jail.local new file mode 100644 index 000000000..eccea0685 --- /dev/null +++ b/install/ubuntu/13.04/fail2ban/jail.local @@ -0,0 +1,39 @@ +[ssh-iptables] +enabled = true +filter = sshd +action = vesta[name=SSH] +logpath = /var/log/auth.log +maxretry = 5 + +[vsftpd-iptables] +enabled = false +filter = vsftpd +action = vesta[name=FTP] +logpath = /var/log/vsftpd.log +maxretry = 5 + +[exim-iptables] +enabled = true +filter = exim +action = vesta[name=MAIL] +logpath = /var/log/exim4/mainlog + +[dovecot-iptables] +enabled = true +filter = dovecot +action = vesta[name=MAIL] +logpath = /var/log/dovecot.log + +[mysqld-iptables] +enabled = false +filter = mysqld-auth +action = vesta[name=DB] +logpath = /var/log/mysql.log +maxretry = 5 + +[vesta-iptables] +enabled = true +filter = vesta +action = vesta[name=VESTA] +logpath = /var/log/vesta/auth.log +maxretry = 5 diff --git a/install/ubuntu/13.04/firewall.tar.gz b/install/ubuntu/13.04/firewall.tar.gz new file mode 100644 index 0000000000000000000000000000000000000000..e8556008077364323d7d6b6934e7a2cf7a734983 GIT binary patch literal 540 zcmV+%0^|K3iwFQ5XyQ}=1MQVdkJ>O4Mzij(@XnhsKo&*MSlh#7(1g=&0&FEG%?Me6ampuO4>y-_`!)kpP&FT0Pj|*j)GSV93 zG0u%P9?@5H>Ue&9TJ8w(mS4U;YbU>kw!5dto6pc!`1H`piz?!Qs? zZ2zTY(j)A}O)l`C?|(Hfn=&r%X0(YbN~&_+%&1`W&E*1z3IZzVUki(*D`*Kk5kQkG z1wFz!17_g@d9ch)G0;wCGL8I9sNtr~X-yEB=^d3PuoC0XT$oBik3eT~aJ zPYYM7vf@1@^`frQB1w}O-E1jovb=r04Y>?eKuHocY1?18ny~4FyPO>aM4!NUUOmFePy(-1M3SddTi>v8NVjB&*t=IgAYbgkDfmmx*FWy-yM^~-2uA1 z`-8QZ4$iCJUfZClsXi!k+gGp^gsj(jT}WJxQ(W4?Rswg^FKlTCd%;5d=XH e1VIo4K@bE%5ClOG1VIqwGCu%8Tmj4gC;$K)2?m1z literal 0 HcmV?d00001 diff --git a/install/ubuntu/13.04/firewall/ports.conf b/install/ubuntu/13.04/firewall/ports.conf new file mode 100644 index 000000000..a6ef4dae5 --- /dev/null +++ b/install/ubuntu/13.04/firewall/ports.conf @@ -0,0 +1,16 @@ +PROTOCOL='TCP' PORT='20' +PROTOCOL='TCP' PORT='21' +PROTOCOL='TCP' PORT='22' +PROTOCOL='TCP' PORT='25' +PROTOCOL='UDP' PORT='53' +PROTOCOL='TCP' PORT='80' +PROTOCOL='TCP' PORT='443' +PROTOCOL='TCP' PORT='110' +PROTOCOL='UDP' PORT='123' +PROTOCOL='TCP' PORT='143' +PROTOCOL='TCP' PORT='3306' +PROTOCOL='TCP' PORT='5432' +PROTOCOL='TCP' PORT='8080' +PROTOCOL='TCP' PORT='8433' +PROTOCOL='TCP' PORT='8083' +PROTOCOL='TCP' PORT='12000:12100' diff --git a/install/ubuntu/13.04/firewall/rules.conf b/install/ubuntu/13.04/firewall/rules.conf new file mode 100644 index 000000000..956c2e1d9 --- /dev/null +++ b/install/ubuntu/13.04/firewall/rules.conf @@ -0,0 +1,10 @@ +RULE='1' ACTION='ACCEPT' PROTOCOL='ICMP' PORT='0' IP='0.0.0.0/0' COMMENT='PING' SUSPENDED='no' TIME='17:13:48' DATE='2014-09-16' +RULE='2' ACTION='ACCEPT' PROTOCOL='TCP' PORT='8083' IP='0.0.0.0/0' COMMENT='VESTA' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='3' ACTION='ACCEPT' PROTOCOL='TCP' PORT='3306,5432' IP='0.0.0.0/0' COMMENT='DB' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='4' ACTION='ACCEPT' PROTOCOL='TCP' PORT='143,993' IP='0.0.0.0/0' COMMENT='IMAP' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='5' ACTION='ACCEPT' PROTOCOL='TCP' PORT='110,995' IP='0.0.0.0/0' COMMENT='POP3' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='6' ACTION='ACCEPT' PROTOCOL='TCP' PORT='25,465,587,2525' IP='0.0.0.0/0' COMMENT='SMTP' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='7' ACTION='ACCEPT' PROTOCOL='UDP' PORT='53' IP='0.0.0.0/0' COMMENT='DNS' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='8' ACTION='ACCEPT' PROTOCOL='TCP' PORT='21,12000-12100' IP='0.0.0.0/0' COMMENT='FTP' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='9' ACTION='ACCEPT' PROTOCOL='TCP' PORT='80,443' IP='0.0.0.0/0' COMMENT='WEB' SUSPENDED='no' TIME='17:04:27' DATE='2014-09-24' +RULE='10' ACTION='ACCEPT' PROTOCOL='TCP' PORT='22' IP='0.0.0.0/0' COMMENT='SSH' SUSPENDED='no' TIME='17:14:41' DATE='2014-09-16' diff --git a/install/ubuntu/13.04/logrotate/apache2 b/install/ubuntu/13.04/logrotate/apache2 new file mode 100644 index 000000000..27629d0dd --- /dev/null +++ b/install/ubuntu/13.04/logrotate/apache2 @@ -0,0 +1,19 @@ +/var/log/apache2/*.log /var/log/apache2/domains/*log { + weekly + missingok + rotate 52 + compress + delaycompress + notifempty + create 640 root adm + sharedscripts + postrotate + /etc/init.d/apache2 reload > /dev/null || true + [ ! -f /var/run/nginx.pid ] || kill -USR1 `cat /var/run/nginx.pid` + endscript + prerotate + if [ -d /etc/logrotate.d/httpd-prerotate ]; then \ + run-parts /etc/logrotate.d/httpd-prerotate; \ + fi; \ + endscript +} diff --git a/install/ubuntu/13.04/logrotate/nginx b/install/ubuntu/13.04/logrotate/nginx new file mode 100644 index 000000000..d667f2135 --- /dev/null +++ b/install/ubuntu/13.04/logrotate/nginx @@ -0,0 +1,13 @@ +/var/log/nginx/*log /var/log/nginx/domains/*log { + daily + missingok + rotate 52 + compress + delaycompress + notifempty + create 640 nginx adm + sharedscripts + postrotate + [ -f /var/run/nginx.pid ] && kill -USR1 `cat /var/run/nginx.pid` + endscript +} diff --git a/install/ubuntu/13.04/logrotate/vesta b/install/ubuntu/13.04/logrotate/vesta new file mode 100644 index 000000000..027a34396 --- /dev/null +++ b/install/ubuntu/13.04/logrotate/vesta @@ -0,0 +1,7 @@ +/usr/local/vesta/log/*.log { + missingok + notifempty + size 30k + yearly + create 0600 root root +} diff --git a/install/ubuntu/13.04/mysql/my-large.cnf b/install/ubuntu/13.04/mysql/my-large.cnf new file mode 100644 index 000000000..d0bab3907 --- /dev/null +++ b/install/ubuntu/13.04/mysql/my-large.cnf @@ -0,0 +1,42 @@ +[client] +port=3306 +socket=/var/run/mysqld/mysqld.sock + +[mysqld_safe] +socket=/var/run/mysqld/mysqld.sock + +[mysqld] +user=mysql +pid-file=/var/run/mysqld/mysqld.pid +socket=/var/run/mysqld/mysqld.sock +port=3306 +basedir=/usr +datadir=/var/lib/mysql +tmpdir=/tmp +lc-messages-dir=/usr/share/mysql +log_error=/var/log/mysql/error.log + +symbolic-links=0 + +skip-external-locking +key_buffer_size = 256M +max_allowed_packet = 32M +table_open_cache = 256 +sort_buffer_size = 1M +read_buffer_size = 1M +read_rnd_buffer_size = 4M +myisam_sort_buffer_size = 64M +thread_cache_size = 8 +query_cache_size= 16M +thread_concurrency = 8 + +#innodb_use_native_aio = 0 +innodb_file_per_table + +max_connections=200 +max_user_connections=50 +wait_timeout=10 +interactive_timeout=50 +long_query_time=5 + +!includedir /etc/mysql/conf.d/ diff --git a/install/ubuntu/13.04/mysql/my-medium.cnf b/install/ubuntu/13.04/mysql/my-medium.cnf new file mode 100644 index 000000000..1c10ab9a6 --- /dev/null +++ b/install/ubuntu/13.04/mysql/my-medium.cnf @@ -0,0 +1,40 @@ +[client] +port=3306 +socket=/var/run/mysqld/mysqld.sock + +[mysqld_safe] +socket=/var/run/mysqld/mysqld.sock + +[mysqld] +user=mysql +pid-file=/var/run/mysqld/mysqld.pid +socket=/var/run/mysqld/mysqld.sock +port=3306 +basedir=/usr +datadir=/var/lib/mysql +tmpdir=/tmp +lc-messages-dir=/usr/share/mysql +log_error=/var/log/mysql/error.log + +symbolic-links=0 + +skip-external-locking +key_buffer_size = 16M +max_allowed_packet = 16M +table_open_cache = 64 +sort_buffer_size = 512K +net_buffer_length = 8K +read_buffer_size = 256K +read_rnd_buffer_size = 512K +myisam_sort_buffer_size = 8M + +#innodb_use_native_aio = 0 +innodb_file_per_table + +max_connections=70 +max_user_connections=30 +wait_timeout=10 +interactive_timeout=50 +long_query_time=5 + +!includedir /etc/mysql/conf.d/ diff --git a/install/ubuntu/13.04/mysql/my-small.cnf b/install/ubuntu/13.04/mysql/my-small.cnf new file mode 100644 index 000000000..26a804781 --- /dev/null +++ b/install/ubuntu/13.04/mysql/my-small.cnf @@ -0,0 +1,40 @@ +[client] +port=3306 +socket=/var/run/mysqld/mysqld.sock + +[mysqld_safe] +socket=/var/run/mysqld/mysqld.sock + +[mysqld] +user=mysql +pid-file=/var/run/mysqld/mysqld.pid +socket=/var/run/mysqld/mysqld.sock +port=3306 +basedir=/usr +datadir=/var/lib/mysql +tmpdir=/tmp +lc-messages-dir=/usr/share/mysql +log_error=/var/log/mysql/error.log + +symbolic-links=0 + +skip-external-locking +key_buffer_size = 16K +max_allowed_packet = 1M +table_open_cache = 4 +sort_buffer_size = 64K +read_buffer_size = 256K +read_rnd_buffer_size = 256K +net_buffer_length = 2K +thread_stack = 240K + +#innodb_use_native_aio = 0 +innodb_file_per_table + +max_connections=30 +max_user_connections=20 +wait_timeout=10 +interactive_timeout=50 +long_query_time=5 + +!includedir /etc/mysql/conf.d/ diff --git a/install/ubuntu/13.04/nginx/nginx.conf b/install/ubuntu/13.04/nginx/nginx.conf new file mode 100644 index 000000000..7937301c1 --- /dev/null +++ b/install/ubuntu/13.04/nginx/nginx.conf @@ -0,0 +1,124 @@ +# Server globals +user www-data; +worker_processes 2; +error_log /var/log/nginx/error.log; +pid /var/run/nginx.pid; + + +# Worker config +events { + worker_connections 1024; + use epoll; +} + + +http { + # Main settings + sendfile on; + tcp_nopush on; + tcp_nodelay on; + client_header_timeout 1m; + client_body_timeout 1m; + client_header_buffer_size 2k; + client_body_buffer_size 256k; + client_max_body_size 100m; + large_client_header_buffers 4 8k; + send_timeout 30; + keepalive_timeout 60 60; + reset_timedout_connection on; + server_tokens off; + server_name_in_redirect off; + server_names_hash_max_size 512; + server_names_hash_bucket_size 512; + + + # Log format + log_format main '$remote_addr - $remote_user [$time_local] $request ' + '"$status" $body_bytes_sent "$http_referer" ' + '"$http_user_agent" "$http_x_forwarded_for"'; + log_format bytes '$body_bytes_sent'; + #access_log /var/log/nginx/access.log main; + access_log off; + + + # Mime settings + include /etc/nginx/mime.types; + default_type application/octet-stream; + + + # Compression + gzip on; + gzip_comp_level 9; + gzip_min_length 512; + gzip_buffers 8 64k; + gzip_types text/plain text/css text/javascript + application/x-javascript; + gzip_proxied any; + + + # Proxy settings + proxy_redirect off; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_pass_header Set-Cookie; + proxy_connect_timeout 90; + proxy_send_timeout 90; + proxy_read_timeout 90; + proxy_buffers 32 4k; + + + # Cloudflare https://www.cloudflare.com/ips + set_real_ip_from 199.27.128.0/21; + set_real_ip_from 173.245.48.0/20; + set_real_ip_from 103.21.244.0/22; + set_real_ip_from 103.22.200.0/22; + set_real_ip_from 103.31.4.0/22; + set_real_ip_from 141.101.64.0/18; + set_real_ip_from 108.162.192.0/18; + set_real_ip_from 190.93.240.0/20; + set_real_ip_from 188.114.96.0/20; + set_real_ip_from 197.234.240.0/22; + set_real_ip_from 198.41.128.0/17; + set_real_ip_from 162.158.0.0/15; + set_real_ip_from 104.16.0.0/12; + set_real_ip_from 172.64.0.0/13; + #set_real_ip_from 2400:cb00::/32; + #set_real_ip_from 2606:4700::/32; + #set_real_ip_from 2803:f800::/32; + #set_real_ip_from 2405:b500::/32; + #set_real_ip_from 2405:8100::/32; + real_ip_header CF-Connecting-IP; + + + # SSL PCI Compliance + ssl_session_cache shared:SSL:10m; + ssl_protocols TLSv1 TLSv1.1 TLSv1.2; + ssl_prefer_server_ciphers on; + ssl_ciphers "ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4"; + + + # Error pages + error_page 403 /error/403.html; + error_page 404 /error/404.html; + error_page 502 503 504 /error/50x.html; + + + # Cache + proxy_cache_path /var/cache/nginx levels=2 keys_zone=cache:10m inactive=60m max_size=512m; + proxy_cache_key "$host$request_uri $cookie_user"; + proxy_temp_path /var/cache/nginx/temp; + proxy_ignore_headers Expires Cache-Control; + proxy_cache_use_stale error timeout invalid_header http_502; + proxy_cache_valid any 3d; + + map $http_cookie $no_cache { + default 0; + ~SESS 1; + ~wordpress_logged_in 1; + } + + + # Wildcard include + include /etc/nginx/conf.d/*.conf; +} diff --git a/install/ubuntu/13.04/nginx/phpmyadmin.inc b/install/ubuntu/13.04/nginx/phpmyadmin.inc new file mode 100644 index 000000000..d70ca3e3c --- /dev/null +++ b/install/ubuntu/13.04/nginx/phpmyadmin.inc @@ -0,0 +1,15 @@ +location /phpmyadmin { + alias /usr/share/phpmyadmin/; + + location ~ /(libraries|setup) { + return 404; + } + + location ~ ^/phpmyadmin/(.*\.php)$ { + alias /usr/share/phpmyadmin/$1; + fastcgi_pass 127.0.0.1:9000; + fastcgi_index index.php; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $request_filename; + } +} diff --git a/install/ubuntu/13.04/nginx/phppgadmin.inc b/install/ubuntu/13.04/nginx/phppgadmin.inc new file mode 100644 index 000000000..cd1e5806b --- /dev/null +++ b/install/ubuntu/13.04/nginx/phppgadmin.inc @@ -0,0 +1,11 @@ +location /phppgadmin { + alias /usr/share/phppgadmin/; + + location ~ ^/phppgadmin/(.*\.php)$ { + alias /usr/share/phppgadmin/$1; + fastcgi_pass 127.0.0.1:9000; + fastcgi_index index.php; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $request_filename; + } +} diff --git a/install/ubuntu/13.04/nginx/status.conf b/install/ubuntu/13.04/nginx/status.conf new file mode 100644 index 000000000..c0bcd0691 --- /dev/null +++ b/install/ubuntu/13.04/nginx/status.conf @@ -0,0 +1,9 @@ +server { + listen 127.0.0.1:8084 default; + server_name _; + server_name_in_redirect off; + location / { + stub_status on; + access_log off; + } +} diff --git a/install/ubuntu/13.04/nginx/webmail.inc b/install/ubuntu/13.04/nginx/webmail.inc new file mode 100644 index 000000000..ad66895bc --- /dev/null +++ b/install/ubuntu/13.04/nginx/webmail.inc @@ -0,0 +1,15 @@ +location /webmail { + alias /var/lib/roundcube/; + + location ~ /(config|temp|logs) { + return 404; + } + + location ~ ^/webmail/(.*\.php)$ { + alias /var/lib/roundcube/$1; + fastcgi_pass 127.0.0.1:9000; + fastcgi_index index.php; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $request_filename; + } +} diff --git a/install/ubuntu/13.04/packages.tar.gz b/install/ubuntu/13.04/packages.tar.gz new file mode 100644 index 0000000000000000000000000000000000000000..4b778dadce20a61f03a8ca920ec81c55a8730fee GIT binary patch literal 562 zcmV-20?qv&iwFRHoJ3Lp1MQYgkD5>vhFSY7+_9e37(#VaFxE7E(hXh3fdi2rFJZkFya3gX^b)n zVXSCG>M9q!r;?X63%1>^6fD25GP?9(Zs8i zm#eSAOO(kSvCYUG8}`JzlNGcp7>;dtR#6ZOYcoV)W|{76R22A_Q=gJo4AXSy6Mw(T z@QvYNS99i079ZTgdF&uH#Hm!H2Tkno>k1^mATb^lABoBo#r=lG9NGXU~REdk0(83B2vo&kr_ zAp~{{4=IqJS7Kl{UdaJ`lmmICl^~$|AizYY10B;!5Re`k^vG)ug3|w@mF?UAH~v$N z5%B*SfdB3Ik9DT%#Rp2&fAy{S9|r3<{gP~x+kO96-v30?!2fG-8UK&;KeGQw{$uw~ zsNXQZA^ut3x1l|*XixdCp}qF{wFdwI0000000000000000RC})0(q@EkpL(F05 diff --git a/install/ubuntu/13.04/pga/phppgadmin.conf b/install/ubuntu/13.04/pga/phppgadmin.conf new file mode 100644 index 000000000..f39247d6f --- /dev/null +++ b/install/ubuntu/13.04/pga/phppgadmin.conf @@ -0,0 +1,31 @@ +Alias /phppgadmin /usr/share/phppgadmin + + + +DirectoryIndex index.php +AllowOverride None + +order deny,allow +deny from all +allow from 127.0.0.0/255.0.0.0 ::1/128 +allow from all + + + php_flag magic_quotes_gpc Off + php_flag track_vars On + php_value include_path . + + + + + AddType application/x-httpd-php .php + Action application/x-httpd-php /cgi-bin/php + + + AddType application/x-httpd-php .php + Action application/x-httpd-php /cgi-bin/php + + + + + diff --git a/install/ubuntu/13.04/php5-fpm/www.conf b/install/ubuntu/13.04/php5-fpm/www.conf new file mode 100644 index 000000000..d046bceef --- /dev/null +++ b/install/ubuntu/13.04/php5-fpm/www.conf @@ -0,0 +1,10 @@ +[www] +listen = 127.0.0.1:9000 +listen.allowed_clients = 127.0.0.1 +user = www-data +group = www-data +pm = dynamic +pm.max_children = 50 +pm.start_servers = 5 +pm.min_spare_servers = 3 +pm.max_spare_servers = 35 diff --git a/install/ubuntu/13.04/pma/apache.conf b/install/ubuntu/13.04/pma/apache.conf new file mode 100644 index 000000000..2a8f69e25 --- /dev/null +++ b/install/ubuntu/13.04/pma/apache.conf @@ -0,0 +1,42 @@ +# phpMyAdmin default Apache configuration + +Alias /phpmyadmin /usr/share/phpmyadmin + + + Options FollowSymLinks + DirectoryIndex index.php + + + AddType application/x-httpd-php .php + + php_flag magic_quotes_gpc Off + php_flag track_vars On + php_flag register_globals Off + php_admin_flag allow_url_fopen Off + php_value include_path . + php_admin_value upload_tmp_dir /var/lib/phpmyadmin/tmp + php_admin_value open_basedir /usr/share/phpmyadmin/:/etc/phpmyadmin/:/var/lib/phpmyadmin/:/usr/share/php/php-gettext + + + + +# Authorize for setup + + + AuthType Basic + AuthName "phpMyAdmin Setup" + AuthUserFile /etc/phpmyadmin/htpasswd.setup + + Require valid-user + + +# Disallow web access to directories that don't need it + + Order Deny,Allow + Deny from All + + + Order Deny,Allow + Deny from All + + diff --git a/install/ubuntu/13.04/pma/config.inc.php b/install/ubuntu/13.04/pma/config.inc.php new file mode 100644 index 000000000..a643a065b --- /dev/null +++ b/install/ubuntu/13.04/pma/config.inc.php @@ -0,0 +1,146 @@ + + VRootEngine on + VRootAlias /etc/security/pam_env.conf etc/security/pam_env.conf + + +AuthPAMConfig proftpd +AuthOrder mod_auth_pam.c* mod_auth_unix.c +UseReverseDNS off +User proftpd +Group nogroup +MaxInstances 20 +UseSendfile off +LogFormat default "%h %l %u %t \"%r\" %s %b" +LogFormat auth "%v [%P] %h %t \"%r\" %s" +ListOptions -a +RequireValidShell off +PassivePorts 12000 12100 + + + Umask 002 + IdentLookups off + AllowOverwrite yes + + AllowAll + + diff --git a/install/ubuntu/13.04/roundcube/apache.conf b/install/ubuntu/13.04/roundcube/apache.conf new file mode 100644 index 000000000..a0c87bcc6 --- /dev/null +++ b/install/ubuntu/13.04/roundcube/apache.conf @@ -0,0 +1,40 @@ +Alias /roundcube/program/js/tiny_mce/ /usr/share/tinymce/www/ +Alias /roundcube /var/lib/roundcube +Alias /webmail /var/lib/roundcube + +# Access to tinymce files + + Options Indexes MultiViews FollowSymLinks + AllowOverride None + Order allow,deny + allow from all + + + + Options +FollowSymLinks + # This is needed to parse /var/lib/roundcube/.htaccess. See its + # content before setting AllowOverride to None. + AllowOverride All + order allow,deny + allow from all + + +# Protecting basic directories: + + Options -FollowSymLinks + AllowOverride None + + + + Options -FollowSymLinks + AllowOverride None + Order allow,deny + Deny from all + + + + Options -FollowSymLinks + AllowOverride None + Order allow,deny + Deny from all + diff --git a/install/ubuntu/13.04/roundcube/config.inc.php b/install/ubuntu/13.04/roundcube/config.inc.php new file mode 100644 index 000000000..0c82b1bc1 --- /dev/null +++ b/install/ubuntu/13.04/roundcube/config.inc.php @@ -0,0 +1,33 @@ + diff --git a/install/ubuntu/13.04/roundcube/main.inc.php b/install/ubuntu/13.04/roundcube/main.inc.php new file mode 100644 index 000000000..97cdbf2df --- /dev/null +++ b/install/ubuntu/13.04/roundcube/main.inc.php @@ -0,0 +1,850 @@ +/sendmail or to syslog +$rcmail_config['smtp_log'] = true; + +// Log successful logins to /userlogins or to syslog +$rcmail_config['log_logins'] = false; + +// Log session authentication errors to /session or to syslog +$rcmail_config['log_session'] = false; + +// Log SQL queries to /sql or to syslog +$rcmail_config['sql_debug'] = false; + +// Log IMAP conversation to /imap or to syslog +$rcmail_config['imap_debug'] = false; + +// Log LDAP conversation to /ldap or to syslog +$rcmail_config['ldap_debug'] = false; + +// Log SMTP conversation to /smtp or to syslog +$rcmail_config['smtp_debug'] = false; + +// ---------------------------------- +// IMAP +// ---------------------------------- + +// the mail host chosen to perform the log-in +// leave blank to show a textbox at login, give a list of hosts +// to display a pulldown menu or set one host as string. +// To use SSL/TLS connection, enter hostname with prefix ssl:// or tls:// +// Supported replacement variables: +// %n - http hostname ($_SERVER['SERVER_NAME']) +// %d - domain (http hostname without the first part) +// %s - domain name after the '@' from e-mail address provided at login screen +// For example %n = mail.domain.tld, %d = domain.tld +$rcmail_config['default_host'] = 'localhost'; + +// TCP port used for IMAP connections +$rcmail_config['default_port'] = 143; + +// IMAP AUTH type (DIGEST-MD5, CRAM-MD5, LOGIN, PLAIN or empty to use +// best server supported one) +$rcmail_config['imap_auth_type'] = null; + +// If you know your imap's folder delimiter, you can specify it here. +// Otherwise it will be determined automatically +$rcmail_config['imap_delimiter'] = null; + +// If IMAP server doesn't support NAMESPACE extension, but you're +// using shared folders or personal root folder is non-empty, you'll need to +// set these options. All can be strings or arrays of strings. +// Folders need to be ended with directory separator, e.g. "INBOX." +// (special directory "~" is an exception to this rule) +// These can be used also to overwrite server's namespaces +$rcmail_config['imap_ns_personal'] = null; +$rcmail_config['imap_ns_other'] = null; +$rcmail_config['imap_ns_shared'] = null; + +// By default IMAP capabilities are readed after connection to IMAP server +// In some cases, e.g. when using IMAP proxy, there's a need to refresh the list +// after login. Set to True if you've got this case. +$rcmail_config['imap_force_caps'] = false; + +// By default list of subscribed folders is determined using LIST-EXTENDED +// extension if available. Some servers (dovecot 1.x) returns wrong results +// for shared namespaces in this case. http://trac.roundcube.net/ticket/1486225 +// Enable this option to force LSUB command usage instead. +$rcmail_config['imap_force_lsub'] = false; + +// Some server configurations (e.g. Courier) doesn't list folders in all namespaces +// Enable this option to force listing of folders in all namespaces +$rcmail_config['imap_force_ns'] = false; + +// IMAP connection timeout, in seconds. Default: 0 (no limit) +$rcmail_config['imap_timeout'] = 0; + +// Optional IMAP authentication identifier to be used as authorization proxy +$rcmail_config['imap_auth_cid'] = null; + +// Optional IMAP authentication password to be used for imap_auth_cid +$rcmail_config['imap_auth_pw'] = null; + +// Type of IMAP indexes cache. Supported values: 'db', 'apc' and 'memcache'. +$rcmail_config['imap_cache'] = null; + +// Enables messages cache. Only 'db' cache is supported. +$rcmail_config['messages_cache'] = false; + + +// ---------------------------------- +// SMTP +// ---------------------------------- + +// SMTP server host (for sending mails). +// To use SSL/TLS connection, enter hostname with prefix ssl:// or tls:// +// If left blank, the PHP mail() function is used +// Supported replacement variables: +// %h - user's IMAP hostname +// %n - http hostname ($_SERVER['SERVER_NAME']) +// %d - domain (http hostname without the first part) +// %z - IMAP domain (IMAP hostname without the first part) +// For example %n = mail.domain.tld, %d = domain.tld +$rcmail_config['smtp_server'] = ''; + +// SMTP port (default is 25; use 587 for STARTTLS or 465 for the +// deprecated SSL over SMTP (aka SMTPS)) +$rcmail_config['smtp_port'] = 25; + +// SMTP username (if required) if you use %u as the username Roundcube +// will use the current username for login +$rcmail_config['smtp_user'] = ''; + +// SMTP password (if required) if you use %p as the password Roundcube +// will use the current user's password for login +$rcmail_config['smtp_pass'] = ''; + +// SMTP AUTH type (DIGEST-MD5, CRAM-MD5, LOGIN, PLAIN or empty to use +// best server supported one) +$rcmail_config['smtp_auth_type'] = ''; + +// Optional SMTP authentication identifier to be used as authorization proxy +$rcmail_config['smtp_auth_cid'] = null; + +// Optional SMTP authentication password to be used for smtp_auth_cid +$rcmail_config['smtp_auth_pw'] = null; + +// SMTP HELO host +// Hostname to give to the remote server for SMTP 'HELO' or 'EHLO' messages +// Leave this blank and you will get the server variable 'server_name' or +// localhost if that isn't defined. +$rcmail_config['smtp_helo_host'] = ''; + +// SMTP connection timeout, in seconds. Default: 0 (no limit) +$rcmail_config['smtp_timeout'] = 0; + +// ---------------------------------- +// SYSTEM +// ---------------------------------- +include_once("/etc/roundcube/debian-db-roundcube.php"); + + +// THIS OPTION WILL ALLOW THE INSTALLER TO RUN AND CAN EXPOSE SENSITIVE CONFIG DATA. +// ONLY ENABLE IT IF YOU'RE REALLY SURE WHAT YOU'RE DOING! +$rcmail_config['enable_installer'] = false; + +// provide an URL where a user can get support for this Roundcube installation +// PLEASE DO NOT LINK TO THE ROUNDCUBE.NET WEBSITE HERE! +$rcmail_config['support_url'] = ''; + +// replace Roundcube logo with this image +// specify an URL relative to the document root of this Roundcube installation +$rcmail_config['skin_logo'] = null; + +// automatically create a new Roundcube user when log-in the first time. +// a new user will be created once the IMAP login succeeds. +// set to false if only registered users can use this service +$rcmail_config['auto_create_user'] = true; + +// use this folder to store log files (must be writeable for apache user) +// This is used by the 'file' log driver. +$rcmail_config['log_dir'] = '/var/log/roundcubemail/'; + +// use this folder to store temp files (must be writeable for apache user) +$rcmail_config['temp_dir'] = '/tmp'; + +// lifetime of message cache +// possible units: s, m, h, d, w +$rcmail_config['message_cache_lifetime'] = '10d'; + +// enforce connections over https +// with this option enabled, all non-secure connections will be redirected. +// set the port for the ssl connection as value of this option if it differs from the default 443 +$rcmail_config['force_https'] = false; + +// tell PHP that it should work as under secure connection +// even if it doesn't recognize it as secure ($_SERVER['HTTPS'] is not set) +// e.g. when you're running Roundcube behind a https proxy +// this option is mutually exclusive to 'force_https' and only either one of them should be set to true. +$rcmail_config['use_https'] = false; + +// Allow browser-autocompletion on login form. +// 0 - disabled, 1 - username and host only, 2 - username, host, password +$rcmail_config['login_autocomplete'] = 0; + +// Forces conversion of logins to lower case. +// 0 - disabled, 1 - only domain part, 2 - domain and local part. +// If users authentication is not case-sensitive this must be enabled. +// After enabling it all user records need to be updated, e.g. with query: +// UPDATE users SET username = LOWER(username); +$rcmail_config['login_lc'] = 0; + +// Includes should be interpreted as PHP files +$rcmail_config['skin_include_php'] = false; + +// display software version on login screen +$rcmail_config['display_version'] = false; + +// Session lifetime in minutes +// must be greater than 'keep_alive'/60 +$rcmail_config['session_lifetime'] = 10; + +// session domain: .example.org +$rcmail_config['session_domain'] = ''; + +// session name. Default: 'roundcube_sessid' +$rcmail_config['session_name'] = null; + +// Backend to use for session storage. Can either be 'db' (default) or 'memcache' +// If set to memcache, a list of servers need to be specified in 'memcache_hosts' +// Make sure the Memcache extension (http://pecl.php.net/package/memcache) version >= 2.0.0 is installed +$rcmail_config['session_storage'] = 'db'; + +// Use these hosts for accessing memcached +// Define any number of hosts in the form of hostname:port or unix:///path/to/sock.file +$rcmail_config['memcache_hosts'] = null; // e.g. array( 'localhost:11211', '192.168.1.12:11211', 'unix:///var/tmp/memcached.sock' ); + +// check client IP in session athorization +$rcmail_config['ip_check'] = false; + +// check referer of incoming requests +$rcmail_config['referer_check'] = false; + +// X-Frame-Options HTTP header value sent to prevent from Clickjacking. +// Possible values: sameorigin|deny. Set to false in order to disable sending them +$rcmail_config['x_frame_options'] = 'sameorigin'; + +// this key is used to encrypt the users imap password which is stored +// in the session record (and the client cookie if remember password is enabled). +// please provide a string of exactly 24 chars. +$rcmail_config['des_key'] = 'vtIOjLZo9kffJoqzpSbm5r1r'; + +// Automatically add this domain to user names for login +// Only for IMAP servers that require full e-mail addresses for login +// Specify an array with 'host' => 'domain' values to support multiple hosts +// Supported replacement variables: +// %h - user's IMAP hostname +// %n - http hostname ($_SERVER['SERVER_NAME']) +// %d - domain (http hostname without the first part) +// %z - IMAP domain (IMAP hostname without the first part) +// For example %n = mail.domain.tld, %d = domain.tld +$rcmail_config['username_domain'] = ''; + +// This domain will be used to form e-mail addresses of new users +// Specify an array with 'host' => 'domain' values to support multiple hosts +// Supported replacement variables: +// %h - user's IMAP hostname +// %n - http hostname ($_SERVER['SERVER_NAME']) +// %d - domain (http hostname without the first part) +// %z - IMAP domain (IMAP hostname without the first part) +// For example %n = mail.domain.tld, %d = domain.tld +$rcmail_config['mail_domain'] = ''; + +// Password charset. +// Use it if your authentication backend doesn't support UTF-8. +// Defaults to ISO-8859-1 for backward compatibility +$rcmail_config['password_charset'] = 'ISO-8859-1'; + +// How many seconds must pass between emails sent by a user +$rcmail_config['sendmail_delay'] = 0; + +// Maximum number of recipients per message. Default: 0 (no limit) +$rcmail_config['max_recipients'] = 0; + +// Maximum allowednumber of members of an address group. Default: 0 (no limit) +// If 'max_recipients' is set this value should be less or equal +$rcmail_config['max_group_members'] = 0; + +// add this user-agent to message headers when sending +$rcmail_config['useragent'] = 'Roundcube Webmail/'.RCMAIL_VERSION; + +// use this name to compose page titles +$rcmail_config['product_name'] = 'Roundcube Webmail'; + +// try to load host-specific configuration +// see http://trac.roundcube.net/wiki/Howto_Config for more details +$rcmail_config['include_host_config'] = false; + +// path to a text file which will be added to each sent message +// paths are relative to the Roundcube root folder +$rcmail_config['generic_message_footer'] = ''; + +// path to a text file which will be added to each sent HTML message +// paths are relative to the Roundcube root folder +$rcmail_config['generic_message_footer_html'] = ''; + +// add a received header to outgoing mails containing the creators IP and hostname +$rcmail_config['http_received_header'] = false; + +// Whether or not to encrypt the IP address and the host name +// these could, in some circles, be considered as sensitive information; +// however, for the administrator, these could be invaluable help +// when tracking down issues. +$rcmail_config['http_received_header_encrypt'] = false; + +// This string is used as a delimiter for message headers when sending +// a message via mail() function. Leave empty for auto-detection +$rcmail_config['mail_header_delimiter'] = NULL; + +// number of chars allowed for line when wrapping text. +// text wrapping is done when composing/sending messages +$rcmail_config['line_length'] = 72; + +// send plaintext messages as format=flowed +$rcmail_config['send_format_flowed'] = true; + +// don't allow these settings to be overriden by the user +$rcmail_config['dont_override'] = array(); + +// Set identities access level: +// 0 - many identities with possibility to edit all params +// 1 - many identities with possibility to edit all params but not email address +// 2 - one identity with possibility to edit all params +// 3 - one identity with possibility to edit all params but not email address +$rcmail_config['identities_level'] = 0; + +// Mimetypes supported by the browser. +// attachments of these types will open in a preview window +// either a comma-separated list or an array: 'text/plain,text/html,text/xml,image/jpeg,image/gif,image/png,application/pdf' +$rcmail_config['client_mimetypes'] = null; # null == default + +// mime magic database +$rcmail_config['mime_magic'] = null; + +// path to imagemagick identify binary +$rcmail_config['im_identify_path'] = null; + +// path to imagemagick convert binary +$rcmail_config['im_convert_path'] = null; + +// maximum size of uploaded contact photos in pixel +$rcmail_config['contact_photo_size'] = 160; + +// Enable DNS checking for e-mail address validation +$rcmail_config['email_dns_check'] = false; + +// ---------------------------------- +// PLUGINS +// ---------------------------------- + +// List of active plugins (in plugins/ directory) +$rcmail_config['plugins'] = array('password'); + +// ---------------------------------- +// USER INTERFACE +// ---------------------------------- + +// default messages sort column. Use empty value for default server's sorting, +// or 'arrival', 'date', 'subject', 'from', 'to', 'fromto', 'size', 'cc' +$rcmail_config['message_sort_col'] = ''; + +// default messages sort order +$rcmail_config['message_sort_order'] = 'DESC'; + +// These cols are shown in the message list. Available cols are: +// subject, from, to, fromto, cc, replyto, date, size, status, flag, attachment, 'priority' +$rcmail_config['list_cols'] = array('subject', 'status', 'fromto', 'date', 'size', 'flag', 'attachment'); + +// the default locale setting (leave empty for auto-detection) +// RFC1766 formatted language name like en_US, de_DE, de_CH, fr_FR, pt_BR +$rcmail_config['language'] = null; + +// use this format for date display (date or strftime format) +$rcmail_config['date_format'] = 'Y-m-d'; + +// give this choice of date formats to the user to select from +$rcmail_config['date_formats'] = array('Y-m-d', 'd-m-Y', 'Y/m/d', 'm/d/Y', 'd/m/Y', 'd.m.Y', 'j.n.Y'); + +// use this format for time display (date or strftime format) +$rcmail_config['time_format'] = 'H:i'; + +// give this choice of time formats to the user to select from +$rcmail_config['time_formats'] = array('G:i', 'H:i', 'g:i a', 'h:i A'); + +// use this format for short date display (derived from date_format and time_format) +$rcmail_config['date_short'] = 'D H:i'; + +// use this format for detailed date/time formatting (derived from date_format and time_format) +$rcmail_config['date_long'] = 'Y-m-d H:i'; + +// store draft message is this mailbox +// leave blank if draft messages should not be stored +// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP) +$rcmail_config['drafts_mbox'] = 'Drafts'; + +// store spam messages in this mailbox +// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP) +$rcmail_config['junk_mbox'] = 'Spam'; + +// store sent message is this mailbox +// leave blank if sent messages should not be stored +// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP) +$rcmail_config['sent_mbox'] = 'Sent'; + +// move messages to this folder when deleting them +// leave blank if they should be deleted directly +// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP) +$rcmail_config['trash_mbox'] = 'Trash'; + +// display these folders separately in the mailbox list. +// these folders will also be displayed with localized names +// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP) +$rcmail_config['default_folders'] = array('INBOX', 'Drafts', 'Sent', 'Spam', 'Trash'); +$rcmail_config['default_imap_folders'] = array('INBOX', 'Drafts', 'Sent', 'Spam', 'Trash'); + +// automatically create the above listed default folders on first login +$rcmail_config['create_default_folders'] = true; + +// protect the default folders from renames, deletes, and subscription changes +$rcmail_config['protect_default_folders'] = true; + +// if in your system 0 quota means no limit set this option to true +$rcmail_config['quota_zero_as_unlimited'] = false; + +// Make use of the built-in spell checker. It is based on GoogieSpell. +// Since Google only accepts connections over https your PHP installatation +// requires to be compiled with Open SSL support +$rcmail_config['enable_spellcheck'] = true; + +// Enables spellchecker exceptions dictionary. +// Setting it to 'shared' will make the dictionary shared by all users. +$rcmail_config['spellcheck_dictionary'] = false; + +// Set the spell checking engine. 'googie' is the default. 'pspell' is also available, +// but requires the Pspell extensions. When using Nox Spell Server, also set 'googie' here. +$rcmail_config['spellcheck_engine'] = 'googie'; + +// For a locally installed Nox Spell Server, please specify the URI to call it. +// Get Nox Spell Server from http://orangoo.com/labs/?page_id=72 +// Leave empty to use the Google spell checking service, what means +// that the message content will be sent to Google in order to check spelling +$rcmail_config['spellcheck_uri'] = ''; + +// These languages can be selected for spell checking. +// Configure as a PHP style hash array: array('en'=>'English', 'de'=>'Deutsch'); +// Leave empty for default set of available language. +$rcmail_config['spellcheck_languages'] = NULL; + +// Makes that words with all letters capitalized will be ignored (e.g. GOOGLE) +$rcmail_config['spellcheck_ignore_caps'] = false; + +// Makes that words with numbers will be ignored (e.g. g00gle) +$rcmail_config['spellcheck_ignore_nums'] = false; + +// Makes that words with symbols will be ignored (e.g. g@@gle) +$rcmail_config['spellcheck_ignore_syms'] = false; + +// Use this char/string to separate recipients when composing a new message +$rcmail_config['recipients_separator'] = ','; + +// don't let users set pagesize to more than this value if set +$rcmail_config['max_pagesize'] = 200; + +// Minimal value of user's 'keep_alive' setting (in seconds) +// Must be less than 'session_lifetime' +$rcmail_config['min_keep_alive'] = 60; + +// Enables files upload indicator. Requires APC installed and enabled apc.rfc1867 option. +// By default refresh time is set to 1 second. You can set this value to true +// or any integer value indicating number of seconds. +$rcmail_config['upload_progress'] = false; + +// Specifies for how many seconds the Undo button will be available +// after object delete action. Currently used with supporting address book sources. +// Setting it to 0, disables the feature. +$rcmail_config['undo_timeout'] = 0; + +// ---------------------------------- +// ADDRESSBOOK SETTINGS +// ---------------------------------- + +// This indicates which type of address book to use. Possible choises: +// 'sql' (default) and 'ldap'. +// If set to 'ldap' then it will look at using the first writable LDAP +// address book as the primary address book and it will not display the +// SQL address book in the 'Address Book' view. +$rcmail_config['address_book_type'] = 'sql'; + +// In order to enable public ldap search, configure an array like the Verisign +// example further below. if you would like to test, simply uncomment the example. +// Array key must contain only safe characters, ie. a-zA-Z0-9_ +$rcmail_config['ldap_public'] = array(); + +// If you are going to use LDAP for individual address books, you will need to +// set 'user_specific' to true and use the variables to generate the appropriate DNs to access it. +// +// The recommended directory structure for LDAP is to store all the address book entries +// under the users main entry, e.g.: +// +// o=root +// ou=people +// uid=user@domain +// mail=contact@contactdomain +// +// So the base_dn would be uid=%fu,ou=people,o=root +// The bind_dn would be the same as based_dn or some super user login. +/* + * example config for Verisign directory + * +$rcmail_config['ldap_public']['Verisign'] = array( + 'name' => 'Verisign.com', + // Replacement variables supported in host names: + // %h - user's IMAP hostname + // %n - http hostname ($_SERVER['SERVER_NAME']) + // %d - domain (http hostname without the first part) + // %z - IMAP domain (IMAP hostname without the first part) + // For example %n = mail.domain.tld, %d = domain.tld + 'hosts' => array('directory.verisign.com'), + 'port' => 389, + 'use_tls' => false, + 'ldap_version' => 3, // using LDAPv3 + 'user_specific' => false, // If true the base_dn, bind_dn and bind_pass default to the user's IMAP login. + // %fu - The full username provided, assumes the username is an email + // address, uses the username_domain value if not an email address. + // %u - The username prior to the '@'. + // %d - The domain name after the '@'. + // %dc - The domain name hierarchal string e.g. "dc=test,dc=domain,dc=com" + // %dn - DN found by ldap search when search_filter/search_base_dn are used + 'base_dn' => '', + 'bind_dn' => '', + 'bind_pass' => '', + // It's possible to bind for an individual address book + // The login name is used to search for the DN to bind with + 'search_base_dn' => '', + 'search_filter' => '', // e.g. '(&(objectClass=posixAccount)(uid=%u))' + // DN and password to bind as before searching for bind DN, if anonymous search is not allowed + 'search_bind_dn' => '', + 'search_bind_pw' => '', + // Default for %dn variable if search doesn't return DN value + 'search_dn_default' => '', + // Optional authentication identifier to be used as SASL authorization proxy + // bind_dn need to be empty + 'auth_cid' => '', + // SASL authentication method (for proxy auth), e.g. DIGEST-MD5 + 'auth_method' => '', + // Indicates if the addressbook shall be hidden from the list. + // With this option enabled you can still search/view contacts. + 'hidden' => false, + // Indicates if the addressbook shall not list contacts but only allows searching. + 'searchonly' => false, + // Indicates if we can write to the LDAP directory or not. + // If writable is true then these fields need to be populated: + // LDAP_Object_Classes, required_fields, LDAP_rdn + 'writable' => false, + // To create a new contact these are the object classes to specify + // (or any other classes you wish to use). + 'LDAP_Object_Classes' => array('top', 'inetOrgPerson'), + // The RDN field that is used for new entries, this field needs + // to be one of the search_fields, the base of base_dn is appended + // to the RDN to insert into the LDAP directory. + 'LDAP_rdn' => 'cn', + // The required fields needed to build a new contact as required by + // the object classes (can include additional fields not required by the object classes). + 'required_fields' => array('cn', 'sn', 'mail'), + 'search_fields' => array('mail', 'cn'), // fields to search in + // mapping of contact fields to directory attributes + // for every attribute one can specify the number of values (limit) allowed. + // default is 1, a wildcard * means unlimited + 'fieldmap' => array( + // Roundcube => LDAP:limit + 'name' => 'cn', + 'surname' => 'sn', + 'firstname' => 'givenName', + 'title' => 'title', + 'email' => 'mail:*', + 'phone:home' => 'homePhone', + 'phone:work' => 'telephoneNumber', + 'phone:mobile' => 'mobile', + 'phone:pager' => 'pager', + 'street' => 'street', + 'zipcode' => 'postalCode', + 'region' => 'st', + 'locality' => 'l', +// if you uncomment country, you need to modify 'sub_fields' above +// 'country' => 'c', + 'department' => 'departmentNumber', + 'notes' => 'description', +// these currently don't work: +// 'phone:workfax' => 'facsimileTelephoneNumber', +// 'photo' => 'jpegPhoto', +// 'organization' => 'o', +// 'manager' => 'manager', +// 'assistant' => 'secretary', + ), + // Map of contact sub-objects (attribute name => objectClass(es)), e.g. 'c' => 'country' + 'sub_fields' => array(), + 'sort' => 'cn', // The field to sort the listing by. + 'scope' => 'sub', // search mode: sub|base|list + 'filter' => '(objectClass=inetOrgPerson)', // used for basic listing (if not empty) and will be &'d with search queries. example: status=act + 'fuzzy_search' => true, // server allows wildcard search + 'vlv' => false, // Enable Virtual List View to more efficiently fetch paginated data (if server supports it) + 'numsub_filter' => '(objectClass=organizationalUnit)', // with VLV, we also use numSubOrdinates to query the total number of records. Set this filter to get all numSubOrdinates attributes for counting + 'sizelimit' => '0', // Enables you to limit the count of entries fetched. Setting this to 0 means no limit. + 'timelimit' => '0', // Sets the number of seconds how long is spend on the search. Setting this to 0 means no limit. + 'referrals' => true|false, // Sets the LDAP_OPT_REFERRALS option. Mostly used in multi-domain Active Directory setups + + // definition for contact groups (uncomment if no groups are supported) + // for the groups base_dn, the user replacements %fu, %u, $d and %dc work as for base_dn (see above) + // if the groups base_dn is empty, the contact base_dn is used for the groups as well + // -> in this case, assure that groups and contacts are separated due to the concernig filters! + 'groups' => array( + 'base_dn' => '', + 'scope' => 'sub', // search mode: sub|base|list + 'filter' => '(objectClass=groupOfNames)', + 'object_classes' => array("top", "groupOfNames"), + 'member_attr' => 'member', // name of the member attribute, e.g. uniqueMember + 'name_attr' => 'cn', // attribute to be used as group name + ), +); +*/ + +// An ordered array of the ids of the addressbooks that should be searched +// when populating address autocomplete fields server-side. ex: array('sql','Verisign'); +$rcmail_config['autocomplete_addressbooks'] = array('sql'); + +// The minimum number of characters required to be typed in an autocomplete field +// before address books will be searched. Most useful for LDAP directories that +// may need to do lengthy results building given overly-broad searches +$rcmail_config['autocomplete_min_length'] = 1; + +// Number of parallel autocomplete requests. +// If there's more than one address book, n parallel (async) requests will be created, +// where each request will search in one address book. By default (0), all address +// books are searched in one request. +$rcmail_config['autocomplete_threads'] = 0; + +// Max. numer of entries in autocomplete popup. Default: 15. +$rcmail_config['autocomplete_max'] = 15; + +// show address fields in this order +// available placeholders: {street}, {locality}, {zipcode}, {country}, {region} +$rcmail_config['address_template'] = '{street}
{locality} {zipcode}
{country} {region}'; + +// Matching mode for addressbook search (including autocompletion) +// 0 - partial (*abc*), default +// 1 - strict (abc) +// 2 - prefix (abc*) +// Note: For LDAP sources fuzzy_search must be enabled to use 'partial' or 'prefix' mode +$rcmail_config['addressbook_search_mode'] = 0; + +// ---------------------------------- +// USER PREFERENCES +// ---------------------------------- + +// Use this charset as fallback for message decoding +//$rcmail_config['default_charset'] = 'ISO-8859-1'; +$rcmail_config['default_charset'] = 'UTF-8'; + +// skin name: folder from skins/ +$rcmail_config['skin'] = 'larry'; + +// show up to X items in messages list view +$rcmail_config['mail_pagesize'] = 50; + +// show up to X items in contacts list view +$rcmail_config['addressbook_pagesize'] = 50; + +// sort contacts by this col (preferably either one of name, firstname, surname) +$rcmail_config['addressbook_sort_col'] = 'surname'; + +// the way how contact names are displayed in the list +// 0: display name +// 1: (prefix) firstname middlename surname (suffix) +// 2: (prefix) surname firstname middlename (suffix) +// 3: (prefix) surname, firstname middlename (suffix) +$rcmail_config['addressbook_name_listing'] = 0; + +// use this timezone to display date/time +// valid timezone identifers are listed here: php.net/manual/en/timezones.php +// 'auto' will use the browser's timezone settings +$rcmail_config['timezone'] = 'auto'; + +// prefer displaying HTML messages +$rcmail_config['prefer_html'] = true; + +// display remote inline images +// 0 - Never, always ask +// 1 - Ask if sender is not in address book +// 2 - Always show inline images +$rcmail_config['show_images'] = 0; + +// compose html formatted messages by default +// 0 - never, 1 - always, 2 - on reply to HTML message only +$rcmail_config['htmleditor'] = 0; + +// show pretty dates as standard +$rcmail_config['prettydate'] = true; + +// save compose message every 300 seconds (5min) +$rcmail_config['draft_autosave'] = 300; + +// default setting if preview pane is enabled +$rcmail_config['preview_pane'] = false; + +// Mark as read when viewed in preview pane (delay in seconds) +// Set to -1 if messages in preview pane should not be marked as read +$rcmail_config['preview_pane_mark_read'] = 0; + +// Clear Trash on logout +$rcmail_config['logout_purge'] = false; + +// Compact INBOX on logout +$rcmail_config['logout_expunge'] = false; + +// Display attached images below the message body +$rcmail_config['inline_images'] = true; + +// Encoding of long/non-ascii attachment names: +// 0 - Full RFC 2231 compatible +// 1 - RFC 2047 for 'name' and RFC 2231 for 'filename' parameter (Thunderbird's default) +// 2 - Full 2047 compatible +$rcmail_config['mime_param_folding'] = 1; + +// Set true if deleted messages should not be displayed +// This will make the application run slower +$rcmail_config['skip_deleted'] = false; + +// Set true to Mark deleted messages as read as well as deleted +// False means that a message's read status is not affected by marking it as deleted +$rcmail_config['read_when_deleted'] = true; + +// Set to true to never delete messages immediately +// Use 'Purge' to remove messages marked as deleted +$rcmail_config['flag_for_deletion'] = false; + +// Default interval for keep-alive/check-recent requests (in seconds) +// Must be greater than or equal to 'min_keep_alive' and less than 'session_lifetime' +$rcmail_config['keep_alive'] = 60; + +// If true all folders will be checked for recent messages +$rcmail_config['check_all_folders'] = false; + +// If true, after message delete/move, the next message will be displayed +$rcmail_config['display_next'] = false; + +// 0 - Do not expand threads +// 1 - Expand all threads automatically +// 2 - Expand only threads with unread messages +$rcmail_config['autoexpand_threads'] = 0; + +// When replying place cursor above original message (top posting) +$rcmail_config['top_posting'] = false; + +// When replying strip original signature from message +$rcmail_config['strip_existing_sig'] = true; + +// Show signature: +// 0 - Never +// 1 - Always +// 2 - New messages only +// 3 - Forwards and Replies only +$rcmail_config['show_sig'] = 1; + +// When replying or forwarding place sender's signature above existing message +$rcmail_config['sig_above'] = false; + +// Use MIME encoding (quoted-printable) for 8bit characters in message body +$rcmail_config['force_7bit'] = false; + +// Defaults of the search field configuration. +// The array can contain a per-folder list of header fields which should be considered when searching +// The entry with key '*' stands for all folders which do not have a specific list set. +// Please note that folder names should to be in sync with $rcmail_config['default_folders'] +$rcmail_config['search_mods'] = null; // Example: array('*' => array('subject'=>1, 'from'=>1), 'Sent' => array('subject'=>1, 'to'=>1)); + +// Defaults of the addressbook search field configuration. +$rcmail_config['addressbook_search_mods'] = null; // Example: array('name'=>1, 'firstname'=>1, 'surname'=>1, 'email'=>1, '*'=>1); + +// 'Delete always' +// This setting reflects if mail should be always deleted +// when moving to Trash fails. This is necessary in some setups +// when user is over quota and Trash is included in the quota. +$rcmail_config['delete_always'] = false; + +// Directly delete messages in Junk instead of moving to Trash +$rcmail_config['delete_junk'] = true; + +// Behavior if a received message requests a message delivery notification (read receipt) +// 0 = ask the user, 1 = send automatically, 2 = ignore (never send or ask) +// 3 = send automatically if sender is in addressbook, otherwise ask the user +// 4 = send automatically if sender is in addressbook, otherwise ignore +$rcmail_config['mdn_requests'] = 0; + +// Return receipt checkbox default state +$rcmail_config['mdn_default'] = 0; + +// Delivery Status Notification checkbox default state +$rcmail_config['dsn_default'] = 0; + +// Place replies in the folder of the message being replied to +$rcmail_config['reply_same_folder'] = false; + +// Sets default mode of Forward feature to "forward as attachment" +$rcmail_config['forward_attachment'] = false; + +// Defines address book (internal index) to which new contacts will be added +// By default it is the first writeable addressbook. +// Note: Use '0' for built-in address book. +$rcmail_config['default_addressbook'] = null; + +// Enables spell checking before sending a message. +$rcmail_config['spellcheck_before_send'] = false; + +// Skip alternative email addresses in autocompletion (show one address per contact) +$rcmail_config['autocomplete_single'] = false; + +// Default font for composed HTML message. +// Supported values: Andale Mono, Arial, Arial Black, Book Antiqua, Courier New, +// Georgia, Helvetica, Impact, Tahoma, Terminal, Times New Roman, Trebuchet MS, Verdana +$rcmail_config['default_font'] = ''; + +// end of config file diff --git a/install/ubuntu/13.04/roundcube/vesta.php b/install/ubuntu/13.04/roundcube/vesta.php new file mode 100644 index 000000000..8fb202a44 --- /dev/null +++ b/install/ubuntu/13.04/roundcube/vesta.php @@ -0,0 +1,62 @@ + + */ + + function password_save($curpass, $passwd) + { + $rcmail = rcmail::get_instance(); + $vesta_host = $rcmail->config->get('password_vesta_host'); + + if (empty($vesta_host)) + { + $vesta_host = 'localhost'; + } + + $vesta_port = $rcmail->config->get('password_vesta_port'); + if (empty($vesta_port)) + { + $vesta_port = '8083'; + } + + $postvars = array( + 'email' => $_SESSION['username'], + 'password' => $curpass, + 'new' => $passwd + ); + + $postdata = http_build_query($postvars); + + $send = 'POST /reset/mail/ HTTP/1.1' . PHP_EOL; + $send .= 'Host: ' . $vesta_host . PHP_EOL; + $send .= 'User-Agent: PHP Script' . PHP_EOL; + $send .= 'Content-length: ' . strlen($postdata) . PHP_EOL; + $send .= 'Content-type: application/x-www-form-urlencoded' . PHP_EOL; + $send .= 'Connection: close' . PHP_EOL; + $send .= PHP_EOL; + $send .= $postdata . PHP_EOL . PHP_EOL; + + $fp = fsockopen('ssl://' . $vesta_host, $vesta_port); + fputs($fp, $send); + $result = fread($fp, 2048); + fclose($fp); + + $fp = fopen("/tmp/roundcube.log", 'w'); + fwrite($fp, "test ok"); + fwrite($fp, "\n"); + fclose($fp); + + + if(strpos($result, 'ok') && !strpos($result, 'error')) + { + return PASSWORD_SUCCESS; + } + else { + return PASSWORD_ERROR; + } + + } diff --git a/install/ubuntu/13.04/sudo/admin b/install/ubuntu/13.04/sudo/admin new file mode 100644 index 000000000..47e16098c --- /dev/null +++ b/install/ubuntu/13.04/sudo/admin @@ -0,0 +1,7 @@ +# Created by vesta installer +Defaults env_keep="VESTA" +Defaults:admin !syslog +Defaults:admin !requiretty + +admin ALL=(ALL) ALL +admin ALL=NOPASSWD:/usr/local/vesta/bin/* diff --git a/install/ubuntu/13.04/templates.tar.gz b/install/ubuntu/13.04/templates.tar.gz new file mode 100644 index 0000000000000000000000000000000000000000..ce385d269736561780cb42d07b447572cebc7831 GIT binary patch literal 12935 zcmb8URZyHw7p{#YxCM6!?iL`pyF0-l1b6qr-ARz(?ruQ`4^D7`y9DZuAm^Lf{USGsP}RK+Ga`Vs-jJz6Gn9?|BB0`1J6{51&0u1-A(wAoe9`E z6vFFF9$veAdvSRue)_)Gm@QM;@XM>>0=l8*YwY(9{W9)%`RepE;+hLbGq^pv&)ZB8 z+UJ~^_R)U-TTXk!Dy_wd_uoOXH4L}g?^PzZPuwP_giL3A>ZWfDXn-)&+Nm*ctt9Ro zzkcM%b@(K34skWxW)xsdtReG-76iG!9zTrl!oGPF7;opAZ02sl{ChtK1-k6$74E0VejNdmSy38^P3J)Cf1-Zx6e}P#H|JTn7qDvR7!;<+EIe1bS^)*sfD>N50hnQeUnWn zFzTjnL@U1lj|+WjgiikibRW$cPRdAL&8qe8hhbL;eScs!{aa2e*ND-B@$C?!=FCH< z^~s6$i*H`*kGD%$(}!nN!-i^SK>feAX?tMl#;i>zYY8Z`ECzfKVqt*R8<=8~zX--| zp;5yq0um(a)tI)s77x-MFxzhqcEg>lUcYlUq3I%=BpHOc@9K0o`I|be`;KOZlPvIB zYPgu1K~sfidwaY51A@~Wj7>yn42>vAGk#;tx;$*i{Tj6kqc=v+*(I%@AYAhrX~N;| zsVvA7PqoV(G?;0HJg6vh&eRaE17Z&1XD^^m<9eM*0(N776F=<%FzIiF?uy&r%&Ith z($#hX`j!7uj9H2R{rU{N=PLxlanOBhsI7S?)T^%aha@c0@_qh;CBcDNWES-e-~)fv zKigBvPb(cGbwntTr}EF(Q@xXKhVB`e-a8%S*l`ESQcI($yR@DW58K>x`0eP=t{3FKGSRo{uR6e(#H$&Qk ziC(*DUd~E%L)b3adpbv^tUcfN-g!`|C&cJ1X1#Uf_)CxL)Nh*j`pF^P*h863`SqXQ zg13_gtU|4xc-=An4!LsgqoX7@RS6zE)~IG#7NVepDyvEys@ z*$PQ2+eaoBb0@g~!FfY{w&eW}2otfFH4Awx?+i4UTqKU9Msn|(jpkA`XF_p8f*;Gn z9L1&GhDc|*yuCLG-|=WcA)WpAU9RB1w;Ngfulms@WDka*s@ijS2qmv<#;))b^5lUU z=HFlCf<5Rae4^TxH~n=d+@}UT>ttwW+H7C9wHUk!zS2}Jn0%FsMP>-nm`%?Dvs3yy z??763L80Q*Rh#*37V&&Ki%&c8iRi;i0)q|h~vc@%bYbL1kN>=-s0)-cON^Yodi1Kp3KXZ?pJLJKh-(zS?3;W z_;?d?YEg^fIWXfiX5v%K>gFrBUWMWDt8$u757-_T*qr;5k05jG{9I(tE=SDl>LwbTE`79%21I)E>;jq#e6Zxg-5dBfX*LMqh0umSQ2o-uO{D#!-7F0 zt~unv(iXbV2M^9c5n7c7K$B>N6pd^P*}&%wtiwWZ{bfP9OHXMTl08vcbFrD z(tHawlPyRE$*!c`0m7l-Pvp5Q_Pat{0~Dh_4gZd`l}u@}M4~mv&SmMuS7^r%Wn~uq zDqKZF+?smlPthH3MLeow@zTVFU>x21VNhNwDk8cvhNkl@+9BPK*!M5L&+R0kee~yQ zPn}B|<6e{AKH)Dhip&S|Jk~lF8B&Q#0*H@e3Bvustg<_4jnw0wH|&nuh)5ZYv$8&$ ze0Ps<)-;-cSR$PHPBrE|Ixj&aUhNGLjt0Aq!;`_w4)LBhBGJL`c_AgtI_u458364a zyI=%x%|FrU9>hVO4BemNuI-QD|F$&GD+1kr=U;d8=%_LxVT@ayQ(F-=;QMZ8{vPKJ z?ukakSmd&E-!Ni-8iY&<_rjv>IVyWs?P&0iTHJnl&X`v}Ay>DqpoHQQ|s!d4G~E&r^`Y6YC@j@?kZMe1n5pC=`GcHJkG3W z5(?_>(qygL-S8?#O53fJl>}U2-MV%B57eWX!ymAeW%H;a+XqP)dTi2skTBzi%<~2v zxlZq}1SFPfDBdt;T&1y&x9|sD9Jxk2ZNhDT*5KkF`&pBM=fd07G|I9UGqc361TVIe zu~^RmxsUz2H)gt=vuhw!&|Iu^iP00M8eu^so#6dZ{g0D)KGogXh?!@MOR(*FPJ zm7qA-wlYTl3Ry^A)jHQYopA;vvH^9bKuyLG6wq>q zff!S2f&Z?Ll@N}|C=^mQKx9K!T-|pb*-AC)O|Kl<9aVNL&i@srzYQ29#R6!tZ`<$b z9>u@B3(S56Z9o4_A-eLUV|bMh@qMMb;JdPZ>nQxe>hUNZ3-}<8zqsJOi0>oq%%^iK zgwuWD2!@{=K@GIQaRF`~C42HM7$3pJ9%%tn3G; z?H;2Ge(>) z(=BPRn!e6)!2SX0KT1|(*)tWB!xgAc7>gIa=nR)oEH}?x#mJ+v?r^)}N2K4KAUbp| zUIj@q`cHAY4MrV4-i0#WQO>kjAdSD!O)9qY=Kg){Hv9bLl4r)fX1c8}BbsnYXI&2a z-^AuMfeo6ktzS=Z4dGsm^NHrTz26bpuX|5!jTfhTXKY)DSkHh152l+0`{(ixt-1}< zbcxD|X}Cn6+$4PvCs#n;9KHU?Soz__!yta#1Fk=gL{xHKT-`$@o%Z&QZUo=_fucBO zX%X!4T*$@URhRLQU5g(O5n}p!`F-s6VLJ~3jNC$DE>%Av|CPUCKphIW{HM!N>214K zPLRXxw<5aqh{A0-l&*iU2347mnmw?Rn==6ZFB&hAyorD^TD|_0m(2&&eOIaOu&{7A zbPBcNTLx1@-!|#9Vwn8d(ZN%9`jOL}MzkbP^qjAccW|JGyPrY7h&2umnN#_^dJHF{ zOB{p}ar*T6YLnODjtbtG58(3x8uaFBaL_YcVMA1+oq!J!4lPK))@Z}FDp|+LiYu@a zDhcT0{)c>eSVllD2-xGI$zn3BGz3RAl6R;i~4yG{UyOwT+XbQ(0Z@>8mFH@g7 ziUCEdW5>xZ$>UU4&YUx``3njQnH$%4&*_t&6rTdA_NWq~-QO(L#++e~3_y&ICmW%t zwWuzG&5QL5lUHGu$Xdoe#VF1nGjK3PhBB?zbg|kK*L3bD5>X0@dtyFXo9$yU$eDCS z4m8s#jO;GzQ$(VviZ;qIHPv1O1oDF@%(3Mc&y8!AGYYcw8C!53XW|V?A4U1i89d8a zfHX$Tg~$=r)@Hu7S=n8B1i5`Uo<;K?)DR|%utBHffOjx;Mb95{kT%i1c@A0%8k!-C zAlzjUf#S1gL==<2N>v@yp}YBg>T>oe_~#l#mF8co8Vh_+AF7$yXdD7`-@C+2Tx#SP zg_Hism7-12$uPu$Te@bYRq1;Mf0)h}Q*6@uS!kel9kq%N=F+6qHJAUSr3YeA_;t`A zCh%rjXP`mw(}pN@%&>NU#darNKr?JOc`Slin%wLcpOy^eS1bn5DoQf9tf97<>@%w) z%U{-vi4mnBwB68v4Vxn^a(f6glwJ08*T;d-oc!R&u!ZHpkVT%51c`h}QAP47|G}9i z%l(M240*qAMlJ786>N;f?A<*Zh1=5-hdCQu!#|WMPdkDu*teb#WqH{{YASc>N3Jz9 ztB{}ldKN$4GK<**IgiC()Q_7cfCavw85koN*v33hRrrRZlVWnjrKowDc$hyZ+rqZW z{<|U7ObZjrp|Na5NU?a0*gCrz@~#if@(4J$UeUkvm4fQC6Qx63h#I4y%7&+B2>5l{GtlExn3}7CZBn4L9P1oLF4yf;MU@j$x@+RDoSE?Yh-W@>dTTdZsAU+bF zzF?DvW%XkO5hs?eGlJ29$s5HoO|krX#8?(?YpFpTRr>qvxV}QWjOQqWspz$DqM4*P zMJoz=^20Q*j+#xJeNn@7T^rt>rZV}yks>B8wU868$B)DYg`^b0F5;7PpUeM6PO{D;%#AZ<&uCMl$~8h4S#zweCGPL%EW-cEa; zlJyhIO{&-**NGLL_jSk*xb7)uabTMVK#i(1P1N;+Z?%O20}+uOHsZyx-Yc!a5G=E; z!5Gf;8xS8kXbja?dj$C)Y=^#aI;@Ss3W}OX_eoWw{5A7}0<87>5!?2jG`b&d%+<`$ zDspmaE6JBW-QeMh?~*;?$t597P1woPcn@>l5@k$LXuZD9^PL|rS8fy55&%RUj)0dF z2aJ>c6)YTj)ejqjkpBg=Y1TJB{cUlAT3%bA5p>-%omgcm=G17f5G#wgE=O}k1jLr9 zv%Ni8o?5_Ejb36EiCs3Ya+6YmcS1Is`X{iLb9iHywh`F2fX&q#aK$-bTV@5=Fg8lT zaz4YJzTbhAV6i|)5CjVfK7g9J!>+pTf2ZAnP#wwiRsmIVAYkHI+(h{i9*AcrL{8$n>IJ~)+8beVHq_}#Sf=o6$M zUrU@c`ulZr#P=?13#d>j^~(&M-ghCH(RFr8ZRV9I8xOc9LV+FnXrek|QRi%}rPf-D zVxiN8+r_?*%cYfEoeQ_dEPrL>EEFvH5i!2R31S1mK1)5lwPv|cPHVbE8l2xRmV4eaqLbfa*X>9N==^WH#klhCO(?7%3)y!SA;LlZO zH+!?ky9K;)R31}&5GIu{@oegzO?w2lbAAE=O=#wvdWh%jI`9GUUi}_Vmy^-iuLUo= z7cn`9O{P#}2AOE9MLZl}_pLw?+7T3!3A*r#(R-EukMCjIVf;RKH zS=q_{rnO-f2yOXXUG6Yo<|R6EF;;q=P&hh-XpJZ%f`QVEzez-Z)K}ef)vbJ=1QO*? zW;gt~BA+TFW}umxS0kGy_%6TOKrZIBUvwlX{-2Qm#!*#Vu=$0NCN`83vi5IA7Ej-* zm-RO(2CH~@APZNj@aD5t{7G_LuE~mO<48WPs?bsj#)O=f;F&QR@D7x^4}WZi*tm8z zSTGy;J45gM?BS~GwtOZ=W-w83IKI-2-etNX?+s`1#3T#EPi z96E!g_>x)Ghe3mq?-l#7sorYH0SZm7eaE_9rS*EQZvrzQ+hTNd%#nDPq@KW_kkAGdp z8bvYu*BrDYc#Jg!zlx)U#Nmm7(JJjKD;^!%;>PPD=6O#d=-t7cf} zA(nJ*jXv5scRMt-A+MqOXRg8^=nBy@c>f}sv{)=s5@#AeYbLW6fJb7orLTP~nY19J z4AXq4cYlMFHcKuN>qY=^-igkn&ae6U;g`o9aQ@$s*7=*a!LQ7X?R#r#>~V_@0`+U< zRqOW~J!-j|y-%MKvDl?>$>J8%z7upPiNEH-Ll|V|GE~KdK6h7PU{Ssc&EAF!CmDD< zC{TT0M{nM&mUpP^%vs0}_3O%-_9QL^y}eG~T^&mQeyj+iV&DP&;p|!2A1;|n2V7yA zVkmb7!ssi?Hj4FE-%ic_WWI39n8JtK$0ECoJg1jp#R7;MbYp2UjGPwlETTx=1XJIO zgykH&9aY^2kbnO%6dKQQKK;Z9u->|A7MsVfCAzCmZ~IlBQb}w}Hq6`2uT+dPAfTq( z6PDv1^Xp~SUbH!c1>+|rj=fL?a~E_m(WH;i_{5%bW=G>`!s;g7kgTb#gSvJzPmTXx z^P*p4t6Wo~8;CcbRMgj)(Uph%^w;>Tyqr3`K(C&f_4yxBD0uTa1EqE>nQJ#ZbeFcZ zfh6Wf$eHd8XVrf1r;FoqssnR91-j#$>)~u_{G`h-aX5s+t*P|*opw^(%pMUR1yqS= zli1wu=@gSZxaFC1St@FR@*1w%7%?Srb>>)UiC4XM zV)x?=sGjGOtx=3A>1)@A{14O+9$C--P~87@&8zZ#+rKtl`M3QGrfYDO{jhz}reg?r zm4-bOn09axOvNT$(>W<~)@?;vzz}vE=0%kTErWU*-?vI)S*Sx`@UOJ~QR6;Gs;DN{ zD0(5(gj?dyVMk6vatr%}J0;}_C%0KaRe^rwOCPc|APbgmtH`y7;b8T;WB8rf7A zjl2?3#Pfykp^-*!#?}5_+cvH^M@Ln*@C{8Q>#WitdID9bOl)S zjPVW{R>8JMiFqiXuU9)}`q21&_vp=ejcVqyXYl8;-bXkbf(!BPO;hl?HeUkp=PCsN z47KK-eutxdc)Rf*1Uo}v7fA^~Wpz;7<|+E~Hsfoup%xD;IpJYJV@N?96LTN>Y3<|0 zY~ft&-s`6>v%uYFYU$(pyHiUhtadBo&u(!{Fsvgj9QEig&|Ji<6>qBnBzQ>J9R=P5MMb`t=J4Y`%7#a zaeXIwq=m^aGw9WB5tU}+3j4mw`weN5OK{n$ej2bzMziC>p^2BqRU+NZL-CRQTSl8R z(foTpQnu2Ui@qpl>?wbryH=q{Jb_8VnTtFdA?%L(=E`l37DL&NROMo3g0e)~h)>=^ zSn?t9THlSrhNyU*ph_<3Zce5~@YJOwlv4=$={o~j>{Gnl>8$i)(K95-Lp+NNig$^$ zd%9KXy3&bDIRMkEm)RGLg(|i8PxW8j69~9f)bNcU>NEIgV zF7`+8Wj7Jec`dZ1$yN1n)1ZT`wR_6GxuC^^Cq|V#xyHcqv%yjc0Tq!R#ltSzLSJQ{ zc=m0dAi?$>cIGSk%4jUPv8S50-*J0$w!P&GL1j5!nN++DxVy9KT{d$v#Y*H8J_0x1 z@*O0878_Xue;im_3q`$hxZJ;Qho>apEraSXu(CSVw?Ou_yNcN z-LG5GmSC4fu&PlAej>$%Twi*N{(7Gm#bS?qy@KZrTz&_tt2?|02uFZwM%{U!q4YI9 zSnWmd^tiMjJvca1I~5AnJH`gBI|2)txBtzqmI$9g4fLX}&s6hfiXv$c+8ZD75i_r6 z{a=8`wCN7Z8sNE@U+(>h;J+H=3sZg+7bs8y11?FtE%$Y9A-@j5TY$3BS=HQACd}-` zNeF0QbV>n8$_-6k7{A%bxhkoz@(`FzCxMh+(o{##EFXBvJfuE_TJRJ0z4MR#R*%yG zNgn)e%hu;~ayiVZdwHV<`PcDm#n-`D6Dw$%H+{tFaZuZHH*SC6SF_zio~!sV6dwaZ z-qAXV;cUj`W3kU?&oEsr3i+6is%3lnbG~pbBu>tEH$NaUPv>!(WUIj>wl{JqfvmhQ ztmsA$<``V~3451dM^@j%fe#$gH={2E-Oj0(!{fyslB!yrp(eX=i;(xifRAvirYps1 zsl0x`)q2Xro@lsoYkm5mOY4v!wk%53#WNgm!R!5UelhE^g$aT_kDzv8<1rfG4(!xA zM-00+4(}=WERwgpfvFN%zfV5W-n<|Xlu|Nmv2NO+CVyOU%CPAsnIfH!Qs(~YKVr4= z2?IU@ReR8vb19_*$%~<{1G%&ME_ojn_|pl zMUaLcGJk*HiO|~OkyC{aOi!0RyS+LUszMqT&PE{($q;aZ*9lCYJ@(p672?t_F_Bjy zUCr=v&5RJv92S~kaj2V8nuc?*l0Z2!xAN!57C9Gx_w?WFNaw*sOl=w!lyK7Wyy}yX zI(d;iHLPnopc=tOyP^IZ^eU4ut90Fl7z%4{@Iy}B_Cf$Vaj$X&pq&ieRP^(DQbk55 zbH5yX{OXbqws7a4sQ(J3l`$2}r7gD@IAPq%D$5CCEr@xsf}@|rl?<^8f3Lc892{_a zADziqLnJOP?C0fwI~je{5M4vWC@vaw^Y1};Oc*Zh=_LAMr?HeVLJ~Dx%mBkM4)_y0 zLmmY0>_cFS2wU*)HH`q)6e`-*tN
JXql@HLvN@Zghx7di_zx{Jl{l=j8>Rd0iuIDly5)|igW-~8Wh{82vJVRya(Gh28$Tg zNYvQTi%N?bCT;d~G|V4#+1?=$n)3*Hxd;vcbUYEFUd2Vb0A2Nu&?ll{P)8UPg|y7h zt|X>^>LNVb{#blXPfp^$?bprv6EHIeJC+ep4Snj{tkXIm5nFTt8ER^2OuVN!m)S0X zvQb6&n|xqJy&%>~Sa#2_Yw!4`{PZWwbk?(I*2wCsAP|b1st=@4l>#FI_0_}g{H+*3$S0l%u3ywW7$1|v! zaSpbH0u!@>L3X&jg3KQY$hH&phHZrY?~(zKk;K(>(uzNUH- zAZr2aY7}3oR5yTsUaxfjflMoKr|}3vF~{kr4v~c0PlCr#@)7#+3hHvro10o+MqFfo zt~mW?mKeRX>@k4lKg0BMFm;nxaf$PA{1_x*m9s`ei8?E;LBeQjPh;<^BC`vhy=8L5 z7V&1ruJ_U4bC3GCMbrm^YMib4{f-))$Pn`w@a>Pczvf0da-TC@FN1z}mO*A+i99yD z?0_qiI--5?Hby9TD1ip5FaHrL{|FqiUo?X}p29l2ChO3TRP!Rgae*d8XFjXt@lt+2 z(l{O@3MS9x?sg^QXz>(gRF%k(P@nrEjix>Us|FT-+Fwyk>$Q|s_U^a(#+sJf>R0Nk`o%iVEFD>Xu zX43CaBLt7SlSZr>sgwQU=RQ?pa1EU9vC%~c0OR;rBBGUX^6$}2?3>@PSr6go;#A(uRDeJ?r@yt7-{CNjWf$})#`?+ zFPi}mLdWU?k8*Asj=i8JW*@(>J$VC6@%xc~i?g{NFuI%b>=Cb=x3dd$gWg89atW(} zpW$UJH1jFz$K_|Mdo@4XPjjfTLC3Gi)5C_Tc`q8ZDaaS`YX<7~dyc5&+<)V>LrNWw zh|!H@H;_j8_QnQ8l%L8S%>>Q6l5&oGx5~mB7`a#+TWdF^-blaz8YHi*1i^s*##_FvY061=ALqeLd@J$ksHKP z6_vt~i+S&GRR-uk{ed{m2-yA_H6$NcWKeg!b{27o$qN>%+`hm|M zjQrW{eCJpuGlA6OeZNfM*=pe}a)<^~85he}>OE)56_#oGj@puBeg(|;|IxYaXiy&W z-AMMgq<11R%N9ux>R`07CGmPg{W}5dS5v*+RO%`%2QJ-e;6wr@WSo`q^vbpL23}{-71LD?wbSfJb|su5Qg-`CAXhJ6+on33>{I+|^K- zwa7vH3&QmHz2^_T7v2|u1D=jPRs7J?tysxYHt}Nodch%A_&)zMU(j;!`Bbyj0TGQZ zgoKK6jAUQ9a@LP44T9G;z`OFrKX#;sY}9qa3lXQEOut~tlYwZ(?ZXJ~+*(Uv8-?OC zK@NPFkb5V}86w*SD@mDPYD@YSWld@SMH-SkDS26r`r#wM>+(6gP5fS^a8F+sQQ$AA z4fhEU3Tg%Pg)azCL0)w80A(D^hvW*Ci3fRZR8*wwYt}`wMO=4aP7;2-&-EBPV(4cC zH*B^a>!6#azD6inJFwDaC@>201+*`Gm|-5GvFBj>dq9HttUjkJrGq6*7Q}3zGXi^! z+6TPWFZ3J%%rLWIfEKuFqgw;~m|n%79-+Vtadf%`#ET?~C{b#zg9h=&%IS%aFFo`# zNz8vjOOT+`_?p3T0XSE|Ij;d14@Pq^7o$@=1#quf2em$bvWY{l25Q3mFo194!B^Wsg34TJo+;u3;H zh)L68Y8_|n67v>dYp`@xip(ip-0eD;*)jEGuvc-g zmy*qWG(*DDS}Ym#Gs_tjzdh+(;~4jRG3r_pG74zmV*LXIOvP)OSizs4Wc%`@)hbqp5NwjpbcWEw62}W!p z*6|8cobtEeznxZ0F6#XOvo1E@jd zVB@0*+6D6lQ4$(WvC9keSb2MA9kh3)cKl`9lI2`X<_~1cx(V?8$?dig&%>`jKhcrH zGOhC<_!_p)3f}RjY-u8T-)7A%ex2|e`Rq7Da7~%Th32T?PtqT*=7(eaSVvv~-XwzU zrcyVdjp8A8p^dJmXd|m`kJnSJW01feAbrsqaPu~szeWfXH#`8EGGv~_Dbt?S*;r3P z+}1k^|A$;`Hk=Q!Cmfl|LH)`E&U7(tYJ?`&ZzQ9ySb(Eg9}x1|R_ir(zeM42xB=w)0Si$1$NjQTY`AjI?K{SLxzowsX7ZMHi$ zLFA$2ZD*1Z4Y)}Z#W9$I5IUBjLTV9>dp?^gk?KBz@EG=l>nNr+5t2=F1r$$z^twyC zNq{ZCUfd`A7U@Z{&xR!>o4_Fi9-f2LSp%6b(gEM6f_|W}=o0nyXB*!)CA5X?cic3J zQfWU@t(aj(LiOCyeCJL?@YViMMpdULAq2o{4EXP50tIP88CBjjggq-9$J2RU%|1>q zpK9HJ|NC{fQ9kR~e+8N762QdQ|MQ{p$7c{aOq^LnAo95Hae$Uw>hrTlC*Tu)^?A$3rSL#CItz$MK1{#+IIg(P~= zJ>=DZL*G&lxs#hoNz(_dN*L8V2j_f`aP`%iuGN*yF>+%qw-)11PM{Ar!r$TT66xe0 zJsjRCsn&DIEa4m7=bPVKn!*bfTNzcp&L<~ax@$1iqFZ}7yN0u?f+oy$MkR(f!+NWZ z(u|hpY)YTt9dFxTw(*2$}hHhUwJ08-EcnsmZ)-)(-JHS9zNH zKz3TfERImV)15?rnW04WX@E~}+rox?xSHL$^QCcO*4XBhp0L50c!+rg6KCGVIEZH< z+t~QG?0*37FdMe)O?Rm8h(vuncDQHxsj;!;~aoa;ky5pJO-1#@P4%gP=#nVflB&Rn9tL>xE=c2rAyI*><1|WYKK{@dlzKc(0vzK>Hzj6;_pI3=EkI&^?r z%~mU;QU1%QT{_gI%1{qhL;4q3N@E!ZSjS;&haPdV+Yz=5OS2lGrd+ev_TcPdT71{*QLSCls~=|+ynm} z-o9y$nn?iQ;7Um&Bp>mzL+}%Dk*DeLQvxUCHP@_(zF`DUGd5J*c*7E^@Y?4B`~c9eHy;l}b<2I*SECD}i)|-wJLnUGN}~_Ce$cmPWlvGO{qt{5 zuU{^}k9m*)tlyx`v5H1FHee|FjReBJAikh=v)yb9Tgln!p#qUigH#v`%S}~@s9fsh z3r`b*c;yokkH11-cCcrp1UWqGkLaQUs|R|BbzRST__8HjWQy%pcMXo=h8P>QhKn9; zszXG5{30ITQ>UfzkHZns5=6fz1B`yd(`Ds2SKN|eYsdXXIlQ%YPN~{AvNMq^gQkvMwNdVoXleSVR zlX;$}T{H>n{;XpA{b=84d{AQVR+*RIQs%f3!|w}zgK1AhRp`0PcGzz%%9-EkmzBK1 zmk2syi~NO4GPKo&JG(qM?Hes)SJK0go@%q&E9t+dkv1g;81K5OrgB8T7_6)BHlYN4 zShcQtoDHhOKluPAYVXEX1hb5NchbG3qfJ{x!h33I--$j;U#;Zp;%Cr#aN}L4XbE^$ zF{juQPJh$?b}jnX0amS$Qkf%&Oix~}CO{HVi&4ajtls!f2O~i!>A+ogm2@VY3;7-s zA=_=+jZ%6^(bY_;okh{_&%ZlwQa6EP7OB$N+iO2ba(^C_TirN2UWkYn@9th + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + SSLRequireSSL + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %docroot% + + + AllowOverride All + + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/13.04/templates/web/apache2/basedir.tpl b/install/ubuntu/13.04/templates/web/apache2/basedir.tpl new file mode 100755 index 000000000..75daf0e10 --- /dev/null +++ b/install/ubuntu/13.04/templates/web/apache2/basedir.tpl @@ -0,0 +1,35 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %docroot% + + + AllowOverride All + + + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/13.04/templates/web/apache2/default.stpl b/install/ubuntu/13.04/templates/web/apache2/default.stpl new file mode 100755 index 000000000..e884a95b9 --- /dev/null +++ b/install/ubuntu/13.04/templates/web/apache2/default.stpl @@ -0,0 +1,40 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + SSLRequireSSL + Options +Includes -Indexes +ExecCGI + + + AllowOverride All + + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/13.04/templates/web/apache2/default.tpl b/install/ubuntu/13.04/templates/web/apache2/default.tpl new file mode 100755 index 000000000..073724ce0 --- /dev/null +++ b/install/ubuntu/13.04/templates/web/apache2/default.tpl @@ -0,0 +1,34 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes +ExecCGI + + + AllowOverride All + + + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/13.04/templates/web/apache2/hosting.stpl b/install/ubuntu/13.04/templates/web/apache2/hosting.stpl new file mode 100755 index 000000000..7a5d7787f --- /dev/null +++ b/install/ubuntu/13.04/templates/web/apache2/hosting.stpl @@ -0,0 +1,49 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + SSLRequireSSL + Options +Includes -Indexes +ExecCGI + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value upload_max_filesize 10M + php_admin_value max_execution_time 20 + php_admin_value post_max_size 8M + php_admin_value memory_limit 32M + php_admin_flag mysql.allow_persistent off + php_admin_flag safe_mode off + php_admin_value session.save_path %home%/%user%/tmp + php_admin_value sendmail_path '/usr/sbin/sendmail -t -i -f %email%' + + + AllowOverride All + + php_admin_value open_basedir %home%/%user%/web:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/13.04/templates/web/apache2/hosting.tpl b/install/ubuntu/13.04/templates/web/apache2/hosting.tpl new file mode 100755 index 000000000..ab844dc74 --- /dev/null +++ b/install/ubuntu/13.04/templates/web/apache2/hosting.tpl @@ -0,0 +1,43 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value upload_max_filesize 10M + php_admin_value max_execution_time 20 + php_admin_value post_max_size 8M + php_admin_value memory_limit 32M + php_admin_flag mysql.allow_persistent off + php_admin_flag safe_mode off + php_admin_value session.save_path %home%/%user%/tmp + php_admin_value sendmail_path '/usr/sbin/sendmail -t -i -f %email%' + + + AllowOverride All + + php_admin_value open_basedir %home%/%user%/web:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/13.04/templates/web/apache2/phpcgi.sh b/install/ubuntu/13.04/templates/web/apache2/phpcgi.sh new file mode 100755 index 000000000..6565e103d --- /dev/null +++ b/install/ubuntu/13.04/templates/web/apache2/phpcgi.sh @@ -0,0 +1,16 @@ +#!/bin/bash +# Adding php wrapper +user="$1" +domain="$2" +ip="$3" +home_dir="$4" +docroot="$5" + +wrapper_script='#!/usr/bin/php-cgi -cphp5-cgi.ini' +wrapper_file="$home_dir/$user/web/$domain/cgi-bin/php" + +echo "$wrapper_script" > $wrapper_file +chown $user:$user $wrapper_file +chmod -f 751 $wrapper_file + +exit 0 diff --git a/install/ubuntu/13.04/templates/web/apache2/phpcgi.stpl b/install/ubuntu/13.04/templates/web/apache2/phpcgi.stpl new file mode 100755 index 000000000..aa5137308 --- /dev/null +++ b/install/ubuntu/13.04/templates/web/apache2/phpcgi.stpl @@ -0,0 +1,35 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + SSLRequireSSL + AllowOverride All + Options +Includes -Indexes +ExecCGI + Action phpcgi-script /cgi-bin/php + + SetHandler phpcgi-script + + + + AllowOverride All + + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/13.04/templates/web/apache2/phpcgi.tpl b/install/ubuntu/13.04/templates/web/apache2/phpcgi.tpl new file mode 100755 index 000000000..a05ff252d --- /dev/null +++ b/install/ubuntu/13.04/templates/web/apache2/phpcgi.tpl @@ -0,0 +1,28 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes +ExecCGI + Action phpcgi-script /cgi-bin/php + + SetHandler phpcgi-script + + + + AllowOverride All + + IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/13.04/templates/web/apache2/phpfcgid.sh b/install/ubuntu/13.04/templates/web/apache2/phpfcgid.sh new file mode 100755 index 000000000..e80582492 --- /dev/null +++ b/install/ubuntu/13.04/templates/web/apache2/phpfcgid.sh @@ -0,0 +1,22 @@ +#!/bin/bash +# Adding php wrapper +user="$1" +domain="$2" +ip="$3" +home_dir="$4" +docroot="$5" + +wrapper_script="#!/bin/sh +PHPRC=/usr/local/lib +export PHPRC +export PHP_FCGI_MAX_REQUESTS=1000 +export PHP_FCGI_CHILDREN=20 +exec /usr/bin/php-cgi +" +wrapper_file="$home_dir/$user/web/$domain/cgi-bin/fcgi-starter" + +echo "$wrapper_script" > $wrapper_file +chown $user:$user $wrapper_file +chmod -f 751 $wrapper_file + +exit 0 diff --git a/install/ubuntu/13.04/templates/web/apache2/phpfcgid.stpl b/install/ubuntu/13.04/templates/web/apache2/phpfcgid.stpl new file mode 100755 index 000000000..622495756 --- /dev/null +++ b/install/ubuntu/13.04/templates/web/apache2/phpfcgid.stpl @@ -0,0 +1,36 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + SSLRequireSSL + AllowOverride All + Options +Includes -Indexes +ExecCGI + + SetHandler fcgid-script + + FCGIWrapper %home%/%user%/web/%domain%/cgi-bin/fcgi-starter .php + + + AllowOverride All + + php_admin_value open_basedir none + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/13.04/templates/web/apache2/phpfcgid.tpl b/install/ubuntu/13.04/templates/web/apache2/phpfcgid.tpl new file mode 100755 index 000000000..5c1f16e20 --- /dev/null +++ b/install/ubuntu/13.04/templates/web/apache2/phpfcgid.tpl @@ -0,0 +1,28 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes +ExecCGI + + SetHandler fcgid-script + + FCGIWrapper %home%/%user%/web/%domain%/cgi-bin/fcgi-starter .php + + + AllowOverride All + + IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/13.04/templates/web/awstats/awstats.tpl b/install/ubuntu/13.04/templates/web/awstats/awstats.tpl new file mode 100755 index 000000000..9a92e0fd4 --- /dev/null +++ b/install/ubuntu/13.04/templates/web/awstats/awstats.tpl @@ -0,0 +1,133 @@ +LogFile="/var/log/%web_system%/domains/%domain%.log" +LogType=W +LogFormat=1 +LogSeparator=" " +SiteDomain="%domain_idn%" +HostAliases="%alias_idn%" +DirData="%home%/%user%/web/%domain%/stats" +DirCgi="/vstats" +DirIcons="/vstats/icon" +AllowToUpdateStatsFromBrowser=0 +AllowFullYearView=2 +EnableLockForUpdate=1 +DNSStaticCacheFile="dnscache.txt" +DNSLastUpdateCacheFile="dnscachelastupdate.txt" +SkipDNSLookupFor="" +AllowAccessFromWebToAuthenticatedUsersOnly=0 +AllowAccessFromWebToFollowingAuthenticatedUsers="" +AllowAccessFromWebToFollowingIPAddresses="" +CreateDirDataIfNotExists=0 +BuildHistoryFormat=text +BuildReportFormat=html +SaveDatabaseFilesWithPermissionsForEveryone=0 +PurgeLogFile=0 +ArchiveLogRecords=0 +KeepBackupOfHistoricFiles=1 +DefaultFile="index.php index.html" +SkipHosts="127.0.0.1 +SkipUserAgents="" +SkipFiles="" +SkipReferrersBlackList="" +OnlyHosts="" +OnlyUserAgents="" +OnlyUsers="" +OnlyFiles="" +NotPageList="css js class gif jpg jpeg png bmp ico rss xml swf" +ValidHTTPCodes="200 304" +ValidSMTPCodes="1 250" +AuthenticatedUsersNotCaseSensitive=0 +URLNotCaseSensitive=0 +URLWithAnchor=0 +URLQuerySeparators="?;" +URLWithQuery=0 +URLWithQueryWithOnlyFollowingParameters="" +URLWithQueryWithoutFollowingParameters="" +URLReferrerWithQuery=0 +WarningMessages=1 +ErrorMessages="" +DebugMessages=0 +NbOfLinesForCorruptedLog=50 +WrapperScript="" +DecodeUA=0 +MiscTrackerUrl="/js/awstats_misc_tracker.js" +UseFramesWhenCGI=1 +DetailedReportsOnNewWindows=1 +Expires=3600 +MaxRowsInHTMLOutput=1000 +Lang="auto" +DirLang="./lang" +ShowMenu=1 +ShowSummary=UVPHB +ShowMonthStats=UVPHB +ShowDaysOfMonthStats=VPHB +ShowDaysOfWeekStats=PHB +ShowHoursStats=PHB +ShowDomainsStats=PHB +ShowHostsStats=PHBL +ShowAuthenticatedUsers=0 +ShowRobotsStats=HBL +ShowWormsStats=0 +ShowEMailSenders=0 +ShowEMailReceivers=0 +ShowSessionsStats=1 +ShowPagesStats=PBEX +ShowFileTypesStats=HB +ShowFileSizesStats=0 +ShowDownloadsStats=HB +ShowOSStats=1 +ShowBrowsersStats=1 +ShowScreenSizeStats=0 +ShowOriginStats=PH +ShowKeyphrasesStats=1 +ShowKeywordsStats=1 +ShowMiscStats=a +ShowHTTPErrorsStats=1 +ShowSMTPErrorsStats=0 +ShowClusterStats=0 +AddDataArrayMonthStats=1 +AddDataArrayShowDaysOfMonthStats=1 +AddDataArrayShowDaysOfWeekStats=1 +AddDataArrayShowHoursStats=1 +IncludeInternalLinksInOriginSection=0 +MaxNbOfDomain = 10 +MinHitDomain = 1 +MaxNbOfHostsShown = 10 +MinHitHost = 1 +MaxNbOfLoginShown = 10 +MinHitLogin = 1 +MaxNbOfRobotShown = 10 +MinHitRobot = 1 +MaxNbOfDownloadsShown = 10 +MinHitDownloads = 1 +MaxNbOfPageShown = 10 +MinHitFile = 1 +MaxNbOfOsShown = 10 +MinHitOs = 1 +MaxNbOfBrowsersShown = 10 +MinHitBrowser = 1 +MaxNbOfScreenSizesShown = 5 +MinHitScreenSize = 1 +MaxNbOfWindowSizesShown = 5 +MinHitWindowSize = 1 +MaxNbOfRefererShown = 10 +MinHitRefer = 1 +MaxNbOfKeyphrasesShown = 10 +MinHitKeyphrase = 1 +MaxNbOfKeywordsShown = 10 +MinHitKeyword = 1 +MaxNbOfEMailsShown = 20 +MinHitEMail = 1 +FirstDayOfWeek=0 +ShowFlagLinks="" +ShowLinksOnUrl=1 +UseHTTPSLinkForUrl="" +MaxLengthOfShownURL=64 +HTMLHeadSection="" +HTMLEndSection="" +MetaRobot=0 +Logo="awstats_logo6.png" +LogoLink="http://awstats.sourceforge.net" +BarWidth = 260 +BarHeight = 90 +StyleSheet="" +ExtraTrackedRowsLimit=500 diff --git a/install/ubuntu/13.04/templates/web/awstats/index.tpl b/install/ubuntu/13.04/templates/web/awstats/index.tpl new file mode 100755 index 000000000..9df9bb5cb --- /dev/null +++ b/install/ubuntu/13.04/templates/web/awstats/index.tpl @@ -0,0 +1,10 @@ + + + + Awstats log analyzer + + + + + + diff --git a/install/ubuntu/13.04/templates/web/awstats/nav.tpl b/install/ubuntu/13.04/templates/web/awstats/nav.tpl new file mode 100755 index 000000000..f29bed68b --- /dev/null +++ b/install/ubuntu/13.04/templates/web/awstats/nav.tpl @@ -0,0 +1,23 @@ + + + Awstats navigation + + + + + + + + +
vesta
+ +
+
+ + diff --git a/install/ubuntu/13.04/templates/web/nginx/caching.sh b/install/ubuntu/13.04/templates/web/nginx/caching.sh new file mode 100755 index 000000000..6eb9126db --- /dev/null +++ b/install/ubuntu/13.04/templates/web/nginx/caching.sh @@ -0,0 +1,12 @@ +#!/bin/bash + +user=$1 +domain=$2 +ip=$3 +home=$4 +docroot=$5 + +str="proxy_cache_path /var/cache/nginx/$domain levels=2" +str="$str keys_zone=$domain:10m inactive=60m max_size=512m;" +echo "$str" >> /etc/nginx/conf.d/01_caching_pool.conf + diff --git a/install/ubuntu/13.04/templates/web/nginx/caching.stpl b/install/ubuntu/13.04/templates/web/nginx/caching.stpl new file mode 100755 index 000000000..ca6cffe32 --- /dev/null +++ b/install/ubuntu/13.04/templates/web/nginx/caching.stpl @@ -0,0 +1,44 @@ +server { + listen %ip%:%proxy_ssl_port%; + server_name %domain_idn% %alias_idn%; + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass http://%ip%:%web_port%; + + proxy_cache cache; + proxy_cache_valid 15m; + proxy_cache_valid 404 1m; + proxy_no_cache $no_cache; + proxy_cache_bypass $no_cache; + proxy_cache_bypass $cookie_session $http_x_update; + + location ~* ^.+\.(%proxy_extentions%)$ { + proxy_cache off; + root %docroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass http://%ip%:%web_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.04/templates/web/nginx/caching.tpl b/install/ubuntu/13.04/templates/web/nginx/caching.tpl new file mode 100755 index 000000000..36761b65c --- /dev/null +++ b/install/ubuntu/13.04/templates/web/nginx/caching.tpl @@ -0,0 +1,41 @@ +server { + listen %ip%:%proxy_port%; + server_name %domain_idn% %alias_idn%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass http://%ip%:%web_port%; + + proxy_cache cache; + proxy_cache_valid 15m; + proxy_cache_valid 404 1m; + proxy_no_cache $no_cache; + proxy_cache_bypass $no_cache; + proxy_cache_bypass $cookie_session $http_x_update; + + location ~* ^.+\.(%proxy_extentions%)$ { + proxy_cache off; + root %docroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass http://%ip%:%web_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.04/templates/web/nginx/default.stpl b/install/ubuntu/13.04/templates/web/nginx/default.stpl new file mode 100755 index 000000000..fa5380606 --- /dev/null +++ b/install/ubuntu/13.04/templates/web/nginx/default.stpl @@ -0,0 +1,36 @@ +server { + listen %ip%:%proxy_ssl_port%; + server_name %domain_idn% %alias_idn%; + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass https://%ip%:%web_ssl_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %sdocroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass https://%ip%:%web_ssl_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} + diff --git a/install/ubuntu/13.04/templates/web/nginx/default.tpl b/install/ubuntu/13.04/templates/web/nginx/default.tpl new file mode 100755 index 000000000..4d5c774bc --- /dev/null +++ b/install/ubuntu/13.04/templates/web/nginx/default.tpl @@ -0,0 +1,33 @@ +server { + listen %ip%:%proxy_port%; + server_name %domain_idn% %alias_idn%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass http://%ip%:%web_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %docroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass http://%ip%:%web_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} + diff --git a/install/ubuntu/13.04/templates/web/nginx/hosting.sh b/install/ubuntu/13.04/templates/web/nginx/hosting.sh new file mode 100755 index 000000000..eeed37ef9 --- /dev/null +++ b/install/ubuntu/13.04/templates/web/nginx/hosting.sh @@ -0,0 +1,11 @@ +#!/bin/bash +# Changing public_html permission +user="$1" +domain="$2" +ip="$3" +home_dir="$4" +docroot="$5" + +chmod 755 $docroot + +exit 0 diff --git a/install/ubuntu/13.04/templates/web/nginx/hosting.stpl b/install/ubuntu/13.04/templates/web/nginx/hosting.stpl new file mode 100755 index 000000000..d778d6333 --- /dev/null +++ b/install/ubuntu/13.04/templates/web/nginx/hosting.stpl @@ -0,0 +1,38 @@ +server { + listen %ip%:%proxy_ssl_port%; + server_name %domain_idn% %alias_idn%; + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass https://%ip%:%web_ssl_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %sdocroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass https://%ip%:%web_ssl_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + disable_symlinks if_not_owner from=%docroot%; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} + diff --git a/install/ubuntu/13.04/templates/web/nginx/hosting.tpl b/install/ubuntu/13.04/templates/web/nginx/hosting.tpl new file mode 100755 index 000000000..15961c95c --- /dev/null +++ b/install/ubuntu/13.04/templates/web/nginx/hosting.tpl @@ -0,0 +1,35 @@ +server { + listen %ip%:%proxy_port%; + server_name %domain_idn% %alias_idn%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass http://%ip%:%web_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %docroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass http://%ip%:%web_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + disable_symlinks if_not_owner from=%docroot%; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} + diff --git a/install/ubuntu/13.04/templates/web/nginx/php5-fpm/cms_made_simple.stpl b/install/ubuntu/13.04/templates/web/nginx/php5-fpm/cms_made_simple.stpl new file mode 100644 index 000000000..01d82b603 --- /dev/null +++ b/install/ubuntu/13.04/templates/web/nginx/php5-fpm/cms_made_simple.stpl @@ -0,0 +1,51 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php?page=$request_uri; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.04/templates/web/nginx/php5-fpm/cms_made_simple.tpl b/install/ubuntu/13.04/templates/web/nginx/php5-fpm/cms_made_simple.tpl new file mode 100644 index 000000000..af452d19f --- /dev/null +++ b/install/ubuntu/13.04/templates/web/nginx/php5-fpm/cms_made_simple.tpl @@ -0,0 +1,47 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php?page=$request_uri; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.04/templates/web/nginx/php5-fpm/codeigniter2.stpl b/install/ubuntu/13.04/templates/web/nginx/php5-fpm/codeigniter2.stpl new file mode 100644 index 000000000..a592a652d --- /dev/null +++ b/install/ubuntu/13.04/templates/web/nginx/php5-fpm/codeigniter2.stpl @@ -0,0 +1,56 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location = /index.php { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME /var/www/html/ci$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location ~ \.php$ { + return 444; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.04/templates/web/nginx/php5-fpm/codeigniter2.tpl b/install/ubuntu/13.04/templates/web/nginx/php5-fpm/codeigniter2.tpl new file mode 100644 index 000000000..9b955aa6a --- /dev/null +++ b/install/ubuntu/13.04/templates/web/nginx/php5-fpm/codeigniter2.tpl @@ -0,0 +1,52 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location = /index.php { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME /var/www/html/ci$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location ~ \.php$ { + return 444; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.04/templates/web/nginx/php5-fpm/codeigniter3.stpl b/install/ubuntu/13.04/templates/web/nginx/php5-fpm/codeigniter3.stpl new file mode 100644 index 000000000..4d330d34f --- /dev/null +++ b/install/ubuntu/13.04/templates/web/nginx/php5-fpm/codeigniter3.stpl @@ -0,0 +1,51 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.04/templates/web/nginx/php5-fpm/codeigniter3.tpl b/install/ubuntu/13.04/templates/web/nginx/php5-fpm/codeigniter3.tpl new file mode 100644 index 000000000..1f446e5d3 --- /dev/null +++ b/install/ubuntu/13.04/templates/web/nginx/php5-fpm/codeigniter3.tpl @@ -0,0 +1,47 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.04/templates/web/nginx/php5-fpm/datalife_engine.stpl b/install/ubuntu/13.04/templates/web/nginx/php5-fpm/datalife_engine.stpl new file mode 100644 index 000000000..d1b5bcd24 --- /dev/null +++ b/install/ubuntu/13.04/templates/web/nginx/php5-fpm/datalife_engine.stpl @@ -0,0 +1,122 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + rewrite "^/page/([0-9]+)(/?)$" /index.php?cstart=$1 last; + + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&cstart=$5&news_name=$6&seourl=$6 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/print:page,([0-9]+),(.*).html(/?)+$" /engine/print.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_name=$4&seourl=$4 last; + + rewrite "^/([^.]+)/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$4&news_page=$2&cstart=$3&seourl=$5&seocat=$1 last; + rewrite "^/([^.]+)/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$2&seourl=$4&seocat=$1 last; + rewrite "^/([^.]+)/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$2&newsid=$3&seourl=$4&seocat=$1 last; + rewrite "^/([^.]+)/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&seourl=$3&seocat=$1 last; + + rewrite "^/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$1&cstart=$2&seourl=$4 last; + rewrite "^/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&news_page=$1&seourl=$3 last; + rewrite "^/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$1&newsid=$2&seourl=$3 last; + rewrite "^/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$1&seourl=$2 last; + + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2&day=$3 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&day=$3&cstart=$4 last; + + rewrite "^/([0-9]{4})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2 last; + rewrite "^/([0-9]{4})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&cstart=$3 last; + + rewrite "^/([0-9]{4})(/?)+$" /index.php?year=$1 last; + rewrite "^/([0-9]{4})/page/([0-9]+)(/?)+$" /index.php?year=$1&cstart=$2 last; + + rewrite "^/tags/([^/]*)(/?)+$" /index.php?do=tags&tag=$1 last; + rewrite "^/tags/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=tags&tag=$1&cstart=$2 last; + + rewrite "^/xfsearch/([^/]*)(/?)+$" /index.php?do=xfsearch&xf=$1 last; + rewrite "^/xfsearch/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=xfsearch&xf=$1&cstart=$2 last; + + rewrite "^/user/([^/]*)/rss.xml$" /engine/rss.php?subaction=allnews&user=$1 last; + rewrite "^/user/([^/]*)(/?)+$" /index.php?subaction=userinfo&user=$1 last; + rewrite "^/user/([^/]*)/page/([0-9]+)(/?)+$" /index.php?subaction=userinfo&user=$1&cstart=$2 last; + rewrite "^/user/([^/]*)/news(/?)+$" /index.php?subaction=allnews&user=$1 last; + rewrite "^/user/([^/]*)/news/page/([0-9]+)(/?)+$" /index.php?subaction=allnews&user=$1&cstart=$2 last; + rewrite "^/user/([^/]*)/news/rss.xml(/?)+$" /engine/rss.php?subaction=allnews&user=$1 last; + + rewrite "^/lastnews(/?)+$" /index.php?do=lastnews last; + rewrite "^/lastnews/page/([0-9]+)(/?)+$" /index.php?do=lastnews&cstart=$1 last; + + rewrite "^/catalog/([^/]*)/rss.xml$" /engine/rss.php?catalog=$1 last; + rewrite "^/catalog/([^/]*)(/?)+$" /index.php?catalog=$1 last; + rewrite "^/catalog/([^/]*)/page/([0-9]+)(/?)+$" /index.php?catalog=$1&cstart=$2 last; + + rewrite "^/newposts(/?)+$" /index.php?subaction=newposts last; + rewrite "^/newposts/page/([0-9]+)(/?)+$" /index.php?subaction=newposts&cstart=$1 last; + + rewrite "^/favorites(/?)+$" /index.php?do=favorites last; + rewrite "^/favorites/page/([0-9]+)(/?)+$" /index.php?do=favorites&cstart=$1 last; + + rewrite "^/rules.html$" /index.php?do=rules last; + rewrite "^/statistics.html$" /index.php?do=stats last; + rewrite "^/addnews.html$" /index.php?do=addnews last; + rewrite "^/rss.xml$" /engine/rss.php last; + rewrite "^/sitemap.xml$" /uploads/sitemap.xml last; + + if (!-d $request_filename) { + rewrite "^/([^.]+)/page/([0-9]+)(/?)+$" /index.php?do=cat&category=$1&cstart=$2 last; + rewrite "^/([^.]+)/?$" /index.php?do=cat&category=$1 last; + } + + if (!-f $request_filename) { + rewrite "^/([^.]+)/rss.xml$" /engine/rss.php?do=cat&category=$1 last; + rewrite "^/page,([0-9]+),([^/]+).html$" /index.php?do=static&page=$2&news_page=$1 last; + rewrite "^/print:([^/]+).html$" /engine/print.php?do=static&page=$1 last; + } + + if (!-f $request_filename) { + rewrite "^/([^/]+).html$" /index.php?do=static&page=$1 last; + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.04/templates/web/nginx/php5-fpm/datalife_engine.tpl b/install/ubuntu/13.04/templates/web/nginx/php5-fpm/datalife_engine.tpl new file mode 100644 index 000000000..ff33c2325 --- /dev/null +++ b/install/ubuntu/13.04/templates/web/nginx/php5-fpm/datalife_engine.tpl @@ -0,0 +1,118 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + rewrite "^/page/([0-9]+)(/?)$" /index.php?cstart=$1 last; + + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&cstart=$5&news_name=$6&seourl=$6 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/print:page,([0-9]+),(.*).html(/?)+$" /engine/print.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_name=$4&seourl=$4 last; + + rewrite "^/([^.]+)/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$4&news_page=$2&cstart=$3&seourl=$5&seocat=$1 last; + rewrite "^/([^.]+)/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$2&seourl=$4&seocat=$1 last; + rewrite "^/([^.]+)/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$2&newsid=$3&seourl=$4&seocat=$1 last; + rewrite "^/([^.]+)/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&seourl=$3&seocat=$1 last; + + rewrite "^/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$1&cstart=$2&seourl=$4 last; + rewrite "^/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&news_page=$1&seourl=$3 last; + rewrite "^/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$1&newsid=$2&seourl=$3 last; + rewrite "^/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$1&seourl=$2 last; + + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2&day=$3 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&day=$3&cstart=$4 last; + + rewrite "^/([0-9]{4})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2 last; + rewrite "^/([0-9]{4})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&cstart=$3 last; + + rewrite "^/([0-9]{4})(/?)+$" /index.php?year=$1 last; + rewrite "^/([0-9]{4})/page/([0-9]+)(/?)+$" /index.php?year=$1&cstart=$2 last; + + rewrite "^/tags/([^/]*)(/?)+$" /index.php?do=tags&tag=$1 last; + rewrite "^/tags/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=tags&tag=$1&cstart=$2 last; + + rewrite "^/xfsearch/([^/]*)(/?)+$" /index.php?do=xfsearch&xf=$1 last; + rewrite "^/xfsearch/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=xfsearch&xf=$1&cstart=$2 last; + + rewrite "^/user/([^/]*)/rss.xml$" /engine/rss.php?subaction=allnews&user=$1 last; + rewrite "^/user/([^/]*)(/?)+$" /index.php?subaction=userinfo&user=$1 last; + rewrite "^/user/([^/]*)/page/([0-9]+)(/?)+$" /index.php?subaction=userinfo&user=$1&cstart=$2 last; + rewrite "^/user/([^/]*)/news(/?)+$" /index.php?subaction=allnews&user=$1 last; + rewrite "^/user/([^/]*)/news/page/([0-9]+)(/?)+$" /index.php?subaction=allnews&user=$1&cstart=$2 last; + rewrite "^/user/([^/]*)/news/rss.xml(/?)+$" /engine/rss.php?subaction=allnews&user=$1 last; + + rewrite "^/lastnews(/?)+$" /index.php?do=lastnews last; + rewrite "^/lastnews/page/([0-9]+)(/?)+$" /index.php?do=lastnews&cstart=$1 last; + + rewrite "^/catalog/([^/]*)/rss.xml$" /engine/rss.php?catalog=$1 last; + rewrite "^/catalog/([^/]*)(/?)+$" /index.php?catalog=$1 last; + rewrite "^/catalog/([^/]*)/page/([0-9]+)(/?)+$" /index.php?catalog=$1&cstart=$2 last; + + rewrite "^/newposts(/?)+$" /index.php?subaction=newposts last; + rewrite "^/newposts/page/([0-9]+)(/?)+$" /index.php?subaction=newposts&cstart=$1 last; + + rewrite "^/favorites(/?)+$" /index.php?do=favorites last; + rewrite "^/favorites/page/([0-9]+)(/?)+$" /index.php?do=favorites&cstart=$1 last; + + rewrite "^/rules.html$" /index.php?do=rules last; + rewrite "^/statistics.html$" /index.php?do=stats last; + rewrite "^/addnews.html$" /index.php?do=addnews last; + rewrite "^/rss.xml$" /engine/rss.php last; + rewrite "^/sitemap.xml$" /uploads/sitemap.xml last; + + if (!-d $request_filename) { + rewrite "^/([^.]+)/page/([0-9]+)(/?)+$" /index.php?do=cat&category=$1&cstart=$2 last; + rewrite "^/([^.]+)/?$" /index.php?do=cat&category=$1 last; + } + + if (!-f $request_filename) { + rewrite "^/([^.]+)/rss.xml$" /engine/rss.php?do=cat&category=$1 last; + rewrite "^/page,([0-9]+),([^/]+).html$" /index.php?do=static&page=$2&news_page=$1 last; + rewrite "^/print:([^/]+).html$" /engine/print.php?do=static&page=$1 last; + } + + if (!-f $request_filename) { + rewrite "^/([^/]+).html$" /index.php?do=static&page=$1 last; + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.04/templates/web/nginx/php5-fpm/default.stpl b/install/ubuntu/13.04/templates/web/nginx/php5-fpm/default.stpl new file mode 100644 index 000000000..a68c99861 --- /dev/null +++ b/install/ubuntu/13.04/templates/web/nginx/php5-fpm/default.stpl @@ -0,0 +1,50 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.04/templates/web/nginx/php5-fpm/default.tpl b/install/ubuntu/13.04/templates/web/nginx/php5-fpm/default.tpl new file mode 100644 index 000000000..b143e53ba --- /dev/null +++ b/install/ubuntu/13.04/templates/web/nginx/php5-fpm/default.tpl @@ -0,0 +1,46 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.04/templates/web/nginx/php5-fpm/dokuwiki.stpl b/install/ubuntu/13.04/templates/web/nginx/php5-fpm/dokuwiki.stpl new file mode 100644 index 000000000..27483cd8c --- /dev/null +++ b/install/ubuntu/13.04/templates/web/nginx/php5-fpm/dokuwiki.stpl @@ -0,0 +1,67 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + index doku.php; + try_files $uri $uri/ @dokuwiki; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location ^~ /lib/ { + expires 30d; + } + + location ^~ /conf/ { return 403; } + location ^~ /data/ { return 403; } + + location @dokuwiki { + rewrite ^/_media/(.*) /lib/exe/fetch.php?media=$1 last; + rewrite ^/_detail/(.*) /lib/exe/detail.php?media=$1 last; + rewrite ^/_export/([^/]+)/(.*) /doku.php?do=export_$1&id=$2 last; + rewrite ^/(.*) /doku.php?id=$1 last; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.04/templates/web/nginx/php5-fpm/dokuwiki.tpl b/install/ubuntu/13.04/templates/web/nginx/php5-fpm/dokuwiki.tpl new file mode 100644 index 000000000..31647c9ff --- /dev/null +++ b/install/ubuntu/13.04/templates/web/nginx/php5-fpm/dokuwiki.tpl @@ -0,0 +1,62 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + index doku.php; + try_files $uri $uri/ @dokuwiki; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location ^~ /lib/ { + expires 30d; + } + + location ^~ /conf/ { return 403; } + location ^~ /data/ { return 403; } + location @dokuwiki { + rewrite ^/_media/(.*) /lib/exe/fetch.php?media=$1 last; + rewrite ^/_detail/(.*) /lib/exe/detail.php?media=$1 last; + rewrite ^/_export/([^/]+)/(.*) /doku.php?do=export_$1&id=$2 last; + rewrite ^/(.*) /doku.php?id=$1 last; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.04/templates/web/nginx/php5-fpm/drupal.stpl b/install/ubuntu/13.04/templates/web/nginx/php5-fpm/drupal.stpl new file mode 100644 index 000000000..9a5484396 --- /dev/null +++ b/install/ubuntu/13.04/templates/web/nginx/php5-fpm/drupal.stpl @@ -0,0 +1,101 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~* \.(txt|log)$ { + allow 192.168.0.0/16; + deny all; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + # No no for private + location ~ ^/sites/.*/private/ { + return 403; + } + + # Block access to "hidden" files and directories whose names begin with a + # period. This includes directories used by version control systems such + # as Subversion or Git to store control files. + location ~ (^|/)\. { + return 403; + } + + location / { + try_files $uri @rewrite; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $request_filename; + fastcgi_intercept_errors on; + include /etc/nginx/fastcgi_params; + } + } + + location @rewrite { + # You have 2 options here + # For D7 and above: + # Clean URLs are handled in drupal_environment_initialize(). + rewrite ^ /index.php; + + # For Drupal 6 and bwlow: + # Some modules enforce no slash (/) at the end of the URL + # Else this rewrite block wouldn't be needed (GlobalRedirect) + #rewrite ^/(.*)$ /index.php?q=$1; + } + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.04/templates/web/nginx/php5-fpm/drupal.tpl b/install/ubuntu/13.04/templates/web/nginx/php5-fpm/drupal.tpl new file mode 100644 index 000000000..417762c18 --- /dev/null +++ b/install/ubuntu/13.04/templates/web/nginx/php5-fpm/drupal.tpl @@ -0,0 +1,98 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + # Very rarely should these ever be accessed outside of your lan + location ~* \.(txt|log)$ { + allow 192.168.0.0/16; + deny all; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + # No no for private + location ~ ^/sites/.*/private/ { + return 403; + } + + # Block access to "hidden" files and directories whose names begin with a + # period. This includes directories used by version control systems such + # as Subversion or Git to store control files. + location ~ (^|/)\. { + return 403; + } + + location / { + try_files $uri @rewrite; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $request_filename; + fastcgi_intercept_errors on; + include /etc/nginx/fastcgi_params; + } + } + + location @rewrite { + # You have 2 options here + # For D7 and above: + # Clean URLs are handled in drupal_environment_initialize(). + rewrite ^ /index.php; + + # For Drupal 6 and bwlow: + # Some modules enforce no slash (/) at the end of the URL + # Else this rewrite block wouldn't be needed (GlobalRedirect) + #rewrite ^/(.*)$ /index.php?q=$1; + } + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.04/templates/web/nginx/php5-fpm/joomla.stpl b/install/ubuntu/13.04/templates/web/nginx/php5-fpm/joomla.stpl new file mode 100644 index 000000000..235a01216 --- /dev/null +++ b/install/ubuntu/13.04/templates/web/nginx/php5-fpm/joomla.stpl @@ -0,0 +1,58 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + # deny running scripts inside writable directories + location ~* /(images|cache|media|logs|tmp)/.*\.(php|pl|py|jsp|asp|sh|cgi)$ { + return 403; + error_page 403 /403_error.html; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.04/templates/web/nginx/php5-fpm/joomla.tpl b/install/ubuntu/13.04/templates/web/nginx/php5-fpm/joomla.tpl new file mode 100644 index 000000000..997c268de --- /dev/null +++ b/install/ubuntu/13.04/templates/web/nginx/php5-fpm/joomla.tpl @@ -0,0 +1,54 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + # deny running scripts inside writable directories + location ~* /(images|cache|media|logs|tmp)/.*\.(php|pl|py|jsp|asp|sh|cgi)$ { + return 403; + error_page 403 /403_error.html; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.04/templates/web/nginx/php5-fpm/owncloud.stpl b/install/ubuntu/13.04/templates/web/nginx/php5-fpm/owncloud.stpl new file mode 100644 index 000000000..8311ca43f --- /dev/null +++ b/install/ubuntu/13.04/templates/web/nginx/php5-fpm/owncloud.stpl @@ -0,0 +1,80 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect; + rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect; + rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect; + + error_page 403 = /core/templates/403.php; + error_page 404 = /core/templates/404.php; + + location ~ ^/(?:\.htaccess|data|config|db_structure\.xml|README){ + deny all; + } + + location / { + # The following 2 rules are only needed with webfinger + rewrite ^/.well-known/host-meta /public.php?service=host-meta last; + rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last; + rewrite ^/.well-known/carddav /remote.php/carddav/ redirect; + rewrite ^/.well-known/caldav /remote.php/caldav/ redirect; + rewrite ^(/core/doc/[^\/]+/)$ $1/index.html; + try_files $uri $uri/ /index.php; + + location ~ \.php(?:$|/) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param PATH_INFO $fastcgi_path_info; + #fastcgi_param HTTPS on; + fastcgi_pass %backend_lsnr%; + } + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + # Some basic cache-control for static files to be sent to the browser + add_header Pragma public; + add_header Cache-Control "public, must-revalidate, proxy-revalidate"; + } + + #error_page 403 /error/404.html; + #error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.04/templates/web/nginx/php5-fpm/owncloud.tpl b/install/ubuntu/13.04/templates/web/nginx/php5-fpm/owncloud.tpl new file mode 100644 index 000000000..57cac2f85 --- /dev/null +++ b/install/ubuntu/13.04/templates/web/nginx/php5-fpm/owncloud.tpl @@ -0,0 +1,76 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect; + rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect; + rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect; + + error_page 403 = /core/templates/403.php; + error_page 404 = /core/templates/404.php; + + location ~ ^/(?:\.htaccess|data|config|db_structure\.xml|README){ + deny all; + } + + location / { + # The following 2 rules are only needed with webfinger + rewrite ^/.well-known/host-meta /public.php?service=host-meta last; + rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last; + rewrite ^/.well-known/carddav /remote.php/carddav/ redirect; + rewrite ^/.well-known/caldav /remote.php/caldav/ redirect; + rewrite ^(/core/doc/[^\/]+/)$ $1/index.html; + try_files $uri $uri/ /index.php; + + location ~ \.php(?:$|/) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param PATH_INFO $fastcgi_path_info; + #fastcgi_param HTTPS on; + fastcgi_pass %backend_lsnr%; + } + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + # Some basic cache-control for static files to be sent to the browser + add_header Pragma public; + add_header Cache-Control "public, must-revalidate, proxy-revalidate"; + } + + #error_page 403 /error/404.html; + #error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.04/templates/web/nginx/php5-fpm/piwik.stpl b/install/ubuntu/13.04/templates/web/nginx/php5-fpm/piwik.stpl new file mode 100644 index 000000000..c53af4011 --- /dev/null +++ b/install/ubuntu/13.04/templates/web/nginx/php5-fpm/piwik.stpl @@ -0,0 +1,68 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + try_files /favicon.ico =204; + } + + location / { + try_files $uri /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + valid_referers none blocked %domain_idn% %alias_idn%; + if ($invalid_referer) { + return 444; + } + expires max; + } + + location ~* ^/(?:index|piwik)\.php$ { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + # Any other attempt to access PHP files returns a 404. + location ~* ^.+\.php$ { + return 404; + } + + # Return a 404 for all text files. + location ~* ^/(?:README|LICENSE[^.]*|LEGALNOTICE)(?:\.txt)*$ { + return 404; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.04/templates/web/nginx/php5-fpm/piwik.tpl b/install/ubuntu/13.04/templates/web/nginx/php5-fpm/piwik.tpl new file mode 100644 index 000000000..6b4a94a68 --- /dev/null +++ b/install/ubuntu/13.04/templates/web/nginx/php5-fpm/piwik.tpl @@ -0,0 +1,64 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + try_files /favicon.ico =204; + } + + location / { + try_files $uri /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + valid_referers none blocked %domain_idn% %alias_idn%; + if ($invalid_referer) { + return 444; + } + expires max; + } + + location ~* ^/(?:index|piwik)\.php$ { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + # Any other attempt to access PHP files returns a 404. + location ~* ^.+\.php$ { + return 404; + } + + # Return a 404 for all text files. + location ~* ^/(?:README|LICENSE[^.]*|LEGALNOTICE)(?:\.txt)*$ { + return 404; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.04/templates/web/nginx/php5-fpm/pyrocms.stpl b/install/ubuntu/13.04/templates/web/nginx/php5-fpm/pyrocms.stpl new file mode 100644 index 000000000..a6fc67556 --- /dev/null +++ b/install/ubuntu/13.04/templates/web/nginx/php5-fpm/pyrocms.stpl @@ -0,0 +1,61 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location /installer { + try_files $uri $uri/ /installer/index.php; + } + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location = /robots.txt { access_log off; log_not_found off; } + location = /favicon.ico { access_log off; log_not_found off; } + location ~ /\. { access_log off; log_not_found off; deny all; } + location ~ ~$ { access_log off; log_not_found off; deny all; } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.04/templates/web/nginx/php5-fpm/pyrocms.tpl b/install/ubuntu/13.04/templates/web/nginx/php5-fpm/pyrocms.tpl new file mode 100644 index 000000000..68b378efd --- /dev/null +++ b/install/ubuntu/13.04/templates/web/nginx/php5-fpm/pyrocms.tpl @@ -0,0 +1,57 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location /installer { + try_files $uri $uri/ /installer/index.php; + } + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location = /robots.txt { access_log off; log_not_found off; } + location = /favicon.ico { access_log off; log_not_found off; } + location ~ /\. { access_log off; log_not_found off; deny all; } + location ~ ~$ { access_log off; log_not_found off; deny all; } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.04/templates/web/nginx/php5-fpm/wordpress.stpl b/install/ubuntu/13.04/templates/web/nginx/php5-fpm/wordpress.stpl new file mode 100644 index 000000000..910c28b69 --- /dev/null +++ b/install/ubuntu/13.04/templates/web/nginx/php5-fpm/wordpress.stpl @@ -0,0 +1,50 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.04/templates/web/nginx/php5-fpm/wordpress.tpl b/install/ubuntu/13.04/templates/web/nginx/php5-fpm/wordpress.tpl new file mode 100644 index 000000000..b143e53ba --- /dev/null +++ b/install/ubuntu/13.04/templates/web/nginx/php5-fpm/wordpress.tpl @@ -0,0 +1,46 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.04/templates/web/nginx/php5-fpm/wordpress2.stpl b/install/ubuntu/13.04/templates/web/nginx/php5-fpm/wordpress2.stpl new file mode 100644 index 000000000..2822f8754 --- /dev/null +++ b/install/ubuntu/13.04/templates/web/nginx/php5-fpm/wordpress2.stpl @@ -0,0 +1,62 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.04/templates/web/nginx/php5-fpm/wordpress2.tpl b/install/ubuntu/13.04/templates/web/nginx/php5-fpm/wordpress2.tpl new file mode 100644 index 000000000..37b8be305 --- /dev/null +++ b/install/ubuntu/13.04/templates/web/nginx/php5-fpm/wordpress2.tpl @@ -0,0 +1,58 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.04/templates/web/nginx/proxy_ip.tpl b/install/ubuntu/13.04/templates/web/nginx/proxy_ip.tpl new file mode 100755 index 000000000..ae1956173 --- /dev/null +++ b/install/ubuntu/13.04/templates/web/nginx/proxy_ip.tpl @@ -0,0 +1,9 @@ +server { + listen %ip%:%proxy_port% default; + server_name _; + #access_log /var/log/nginx/%ip%.log main; + location / { + proxy_pass http://%ip%:%web_port%; + } +} + diff --git a/install/ubuntu/13.04/templates/web/php5-fpm/default.tpl b/install/ubuntu/13.04/templates/web/php5-fpm/default.tpl new file mode 100644 index 000000000..44ccf7a42 --- /dev/null +++ b/install/ubuntu/13.04/templates/web/php5-fpm/default.tpl @@ -0,0 +1,18 @@ +[%backend%] +listen = 127.0.0.1:%backend_port% +listen.allowed_clients = 127.0.0.1 + +user = %user% +group = %user% + +pm = dynamic +pm.max_children = 50 +pm.start_servers = 3 +pm.min_spare_servers = 2 +pm.max_spare_servers = 10 + +env[HOSTNAME] = $HOSTNAME +env[PATH] = /usr/local/bin:/usr/bin:/bin +env[TMP] = /tmp +env[TMPDIR] = /tmp +env[TEMP] = /tmp diff --git a/install/ubuntu/13.04/templates/web/php5-fpm/no-php.tpl b/install/ubuntu/13.04/templates/web/php5-fpm/no-php.tpl new file mode 100644 index 000000000..89487d5f5 --- /dev/null +++ b/install/ubuntu/13.04/templates/web/php5-fpm/no-php.tpl @@ -0,0 +1,13 @@ +#[%backend%] +#user = %user% +#group = %user% +#listen = /dev/null + +#listen.owner = %user% +#listen.group = nginx + +#pm = dynamic +#pm.max_children = 50 +#pm.start_servers = 3 +#pm.min_spare_servers = 2 +#pm.max_spare_servers = 10 diff --git a/install/ubuntu/13.04/templates/web/php5-fpm/socket.tpl b/install/ubuntu/13.04/templates/web/php5-fpm/socket.tpl new file mode 100644 index 000000000..f0513da3e --- /dev/null +++ b/install/ubuntu/13.04/templates/web/php5-fpm/socket.tpl @@ -0,0 +1,21 @@ +[%backend%] +listen = /var/run/php5-%backend%.sock +listen.allowed_clients = 127.0.0.1 + +user = %user% +group = %user% + +listen.owner = %user% +listen.group = nginx + +pm = dynamic +pm.max_children = 50 +pm.start_servers = 3 +pm.min_spare_servers = 2 +pm.max_spare_servers = 10 + +env[HOSTNAME] = $HOSTNAME +env[PATH] = /usr/local/bin:/usr/bin:/bin +env[TMP] = /tmp +env[TMPDIR] = /tmp +env[TEMP] = /tmp diff --git a/install/ubuntu/13.04/templates/web/skel/document_errors/403.html b/install/ubuntu/13.04/templates/web/skel/document_errors/403.html new file mode 100755 index 000000000..9c3f6baab --- /dev/null +++ b/install/ubuntu/13.04/templates/web/skel/document_errors/403.html @@ -0,0 +1,29 @@ + + + 403 — Forbidden + + + + + + +

%domain%

+ +

403

+

Forbidden

+
+ Unfortunately, you do not have permission to view this +
+ + + diff --git a/install/ubuntu/13.04/templates/web/skel/document_errors/404.html b/install/ubuntu/13.04/templates/web/skel/document_errors/404.html new file mode 100755 index 000000000..2cee77084 --- /dev/null +++ b/install/ubuntu/13.04/templates/web/skel/document_errors/404.html @@ -0,0 +1,28 @@ + + + 404 — Not Found + + + + + + +

%domain%

+

404

+

Page Not Found

+
+ It seems that the page you were trying to reach does not exist anymore, or maybe it has just moved. + You can start again from the home or go back to previous page. +
+ + diff --git a/install/ubuntu/13.04/templates/web/skel/document_errors/50x.html b/install/ubuntu/13.04/templates/web/skel/document_errors/50x.html new file mode 100755 index 000000000..85ba648b7 --- /dev/null +++ b/install/ubuntu/13.04/templates/web/skel/document_errors/50x.html @@ -0,0 +1,29 @@ + + + 500 — Internal Sever Error + + + + + + +

%domain%

+ +

500

+

Internal Server Error

+
+ Sorry, something went wrong :( +
+ + + diff --git a/install/ubuntu/13.04/templates/web/skel/public_html/index.html b/install/ubuntu/13.04/templates/web/skel/public_html/index.html new file mode 100755 index 000000000..4f5bb7244 --- /dev/null +++ b/install/ubuntu/13.04/templates/web/skel/public_html/index.html @@ -0,0 +1,26 @@ + + + %domain% — Coming Soon + + + + + + +

%domain%

+ + + + + diff --git a/install/ubuntu/13.04/templates/web/skel/public_html/robots.txt b/install/ubuntu/13.04/templates/web/skel/public_html/robots.txt new file mode 100755 index 000000000..00ee83dcf --- /dev/null +++ b/install/ubuntu/13.04/templates/web/skel/public_html/robots.txt @@ -0,0 +1,3 @@ +# vestacp autogenerated robots.txt +User-agent: * +Crawl-delay: 10 diff --git a/install/ubuntu/13.04/templates/web/skel/public_shtml/index.html b/install/ubuntu/13.04/templates/web/skel/public_shtml/index.html new file mode 100755 index 000000000..4f5bb7244 --- /dev/null +++ b/install/ubuntu/13.04/templates/web/skel/public_shtml/index.html @@ -0,0 +1,26 @@ + + + %domain% — Coming Soon + + + + + + +

%domain%

+ + + + + diff --git a/install/ubuntu/13.04/templates/web/skel/public_shtml/robots.txt b/install/ubuntu/13.04/templates/web/skel/public_shtml/robots.txt new file mode 100755 index 000000000..00ee83dcf --- /dev/null +++ b/install/ubuntu/13.04/templates/web/skel/public_shtml/robots.txt @@ -0,0 +1,3 @@ +# vestacp autogenerated robots.txt +User-agent: * +Crawl-delay: 10 diff --git a/install/ubuntu/13.04/templates/web/suspend/.htaccess b/install/ubuntu/13.04/templates/web/suspend/.htaccess new file mode 100755 index 000000000..5a6df83fb --- /dev/null +++ b/install/ubuntu/13.04/templates/web/suspend/.htaccess @@ -0,0 +1,2 @@ +ErrorDocument 403 /index.html +ErrorDocument 404 /index.html diff --git a/install/ubuntu/13.04/templates/web/suspend/index.html b/install/ubuntu/13.04/templates/web/suspend/index.html new file mode 100755 index 000000000..9d4fa67b3 --- /dev/null +++ b/install/ubuntu/13.04/templates/web/suspend/index.html @@ -0,0 +1,27 @@ + + + SUSPEND + + + + + + +

SUSPEND

+

This site has been suspended

+
+ Please contact technical support departament. +
+ + + diff --git a/install/ubuntu/13.04/templates/web/webalizer/webalizer.tpl b/install/ubuntu/13.04/templates/web/webalizer/webalizer.tpl new file mode 100755 index 000000000..068adcfb9 --- /dev/null +++ b/install/ubuntu/13.04/templates/web/webalizer/webalizer.tpl @@ -0,0 +1,110 @@ +HostName %domain_idn% +LogFile /var/log/%web_system%/domains/%domain%.log +OutputDir %home%/%user%/web/%domain%/stats +HistoryName %home%/%user%/web/%domain%/stats/%domain%.hist +Incremental yes +IncrementalName %home%/%user%/web/%domain%/stats/%domain%.current +PageType htm* +PageType cgi +PageType php +PageType shtml +DNSCache /var/lib/webalizer/dns_cache.db +DNSChildren 10 +Quiet yes +FoldSeqErr yes +IndexAlias index.php +HideURL *.gif +HideURL *.GIF +HideURL *.jpg +HideURL *.JPG +HideURL *.png +HideURL *.PNG +HideURL *.ra +SearchEngine abcsearch. terms= +SearchEngine alexa. q= +SearchEngine alltheweb. q= +SearchEngine alltheweb. query= +SearchEngine alot. q= +SearchEngine altavista. q= +SearchEngine aolsearch. query= +SearchEngine aport.ru r= +SearchEngine ask. q= +SearchEngine atlas.cz q= +SearchEngine bbc. q= +SearchEngine bing. q= +SearchEngine blingo. q= +SearchEngine blogs.yandex.ru text= +SearchEngine btopenworld query= +SearchEngine buscador.ya.com q= +SearchEngine busca. q= +SearchEngine business. query= +SearchEngine centrum.cz q= +SearchEngine chiff. q= +SearchEngine clusty. query= +SearchEngine comcast. q= +SearchEngine crawler. q= +SearchEngine cuil. q= +SearchEngine dmoz. search= +SearchEngine dogpile.com q= +SearchEngine dpxml qkw= +SearchEngine eureka. searchword= +SearchEngine euroseek. string= +SearchEngine exalead. q= +SearchEngine excite search= +SearchEngine ezilon. q= +SearchEngine fastbrowsersearch. q= +SearchEngine feedster.com q= +SearchEngine fireball.de q= +SearchEngine fireball. keyword= +SearchEngine freeserve. q= +SearchEngine gigablast. q= +SearchEngine gogo.ru q= +SearchEngine go.mail.ru q= +SearchEngine google. q= +SearchEngine hakia. q= +SearchEngine hotbot. query= +SearchEngine infoseek. qt= +SearchEngine iwon searchfor= +SearchEngine ixquick.com query= +SearchEngine joeant. keywords= +SearchEngine jyxo.cz s= +SearchEngine looksmart. key= +SearchEngine lycos. query= +SearchEngine mamma. q= +SearchEngine metacrawler q= +SearchEngine msn. MT= +SearchEngine msxml qkw= +SearchEngine mysearch. searchfor= +SearchEngine mywebsearch. searchfor= +SearchEngine netscape. q= +SearchEngine nigma.ru q= +SearchEngine northernlight. qr= +SearchEngine ntlworld. q= +SearchEngine orange. q= +SearchEngine overture. Keywords= +SearchEngine punto.ru text= +SearchEngine rambler. keyword= +SearchEngine search.aol. q= +SearchEngine search.babylon. q= +SearchEngine search.centrum. phrase= +SearchEngine search.conduit. q= +SearchEngine search.earthlink q= +SearchEngine search.icq. q= +SearchEngine search.live.com q= +SearchEngine search.rambler.ru words= +SearchEngine search.winamp. q= +SearchEngine searchy. q= +SearchEngine seznam.cz w= +SearchEngine snap. query= +SearchEngine teoma. q= +SearchEngine teradex.com q= +SearchEngine ukplus key= +SearchEngine verizon. q= +SearchEngine virginmedia. q= +SearchEngine voila. rdata= +SearchEngine webcrawler searchText= +SearchEngine web.search.naver. query= +SearchEngine wisenut q= +SearchEngine yahoo. p= +SearchEngine yandex. text= +SearchEngine yodao. q= diff --git a/install/ubuntu/13.04/vsftpd/vsftpd.conf b/install/ubuntu/13.04/vsftpd/vsftpd.conf new file mode 100644 index 000000000..0902899e7 --- /dev/null +++ b/install/ubuntu/13.04/vsftpd/vsftpd.conf @@ -0,0 +1,24 @@ +anonymous_enable=NO +local_enable=YES +write_enable=YES +local_umask=002 +anon_upload_enable=NO +dirmessage_enable=YES +xferlog_enable=YES +connect_from_port_20=YES +xferlog_std_format=YES +dual_log_enable=YES +chroot_local_user=YES +listen=YES +pam_service_name=vsftpd +userlist_enable=NO +tcp_wrappers=YES +force_dot_files=YES +ascii_upload_enable=YES +ascii_download_enable=YES +#allow_writable_chroot=YES +allow_writeable_chroot=YES +seccomp_sandbox=NO +pasv_enable=YES +pasv_max_port=12100 +pasv_min_port=12000 diff --git a/install/ubuntu/13.10/apache2/apache2.conf b/install/ubuntu/13.10/apache2/apache2.conf new file mode 100644 index 000000000..221780117 --- /dev/null +++ b/install/ubuntu/13.10/apache2/apache2.conf @@ -0,0 +1,86 @@ +# It is split into several files forming the configuration hierarchy outlined +# below, all located in the /etc/apache2/ directory: +# +# /etc/apache2/ +# |-- apache2.conf +# | `-- ports.conf +# |-- mods-enabled +# | |-- *.load +# | `-- *.conf +# |-- conf.d +# | `-- * + +# Global configuration +PidFile ${APACHE_PID_FILE} +Timeout 30 +KeepAlive Off +MaxKeepAliveRequests 100 +KeepAliveTimeout 10 + + + StartServers 8 + MinSpareServers 5 + MaxSpareServers 20 + ServerLimit 256 + MaxClients 200 + MaxRequestsPerChild 4000 + + + + StartServers 2 + MinSpareThreads 25 + MaxSpareThreads 75 + ThreadLimit 64 + ThreadsPerChild 25 + MaxClients 200 + MaxRequestsPerChild 4000 + + + + StartServers 2 + MinSpareThreads 25 + MaxSpareThreads 75 + ThreadLimit 64 + ThreadsPerChild 25 + MaxClients 200 + MaxRequestsPerChild 4000 + + +# These need to be set in /etc/apache2/envvars +User ${APACHE_RUN_USER} +Group ${APACHE_RUN_GROUP} +#User www-data +#Group www-data + +AccessFileName .htaccess + + + Order allow,deny + Deny from all + Satisfy all + + +DefaultType None +HostnameLookups Off + +ErrorLog ${APACHE_LOG_DIR}/error.log +LogLevel warn + +# Include module configuration: +Include mods-enabled/*.load +Include mods-enabled/*.conf + +# Include list of ports to listen on and which to use for name based vhosts +Include ports.conf + +LogFormat "%v:%p %h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined +LogFormat "%h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined +LogFormat "%h %l %u %t \"%r\" %>s %O" common +LogFormat "%{Referer}i -> %U" referer +LogFormat "%{User-agent}i" agent +LogFormat "%b" bytes + +Include conf.d/ + +# Include the virtual host configurations: +#Include sites-enabled/ diff --git a/install/ubuntu/13.10/apache2/status.conf b/install/ubuntu/13.10/apache2/status.conf new file mode 100644 index 000000000..da9d96333 --- /dev/null +++ b/install/ubuntu/13.10/apache2/status.conf @@ -0,0 +1,8 @@ +Listen 127.0.0.1:8081 + + SetHandler server-status + Order deny,allow + Deny from all + Allow from 127.0.0.1 + Allow from all + diff --git a/install/ubuntu/13.10/bind/named.conf b/install/ubuntu/13.10/bind/named.conf new file mode 100644 index 000000000..ed6ece885 --- /dev/null +++ b/install/ubuntu/13.10/bind/named.conf @@ -0,0 +1,12 @@ +// This is the primary configuration file for the BIND DNS server named. +// +// Please read /usr/share/doc/bind9/README.Debian.gz for information on the +// structure of BIND configuration files in Debian, *BEFORE* you customize +// this configuration file. +// +// If you are just adding zones, please do that in /etc/bind/named.conf.local + +include "/etc/bind/named.conf.options"; +include "/etc/bind/named.conf.local"; +include "/etc/bind/named.conf.default-zones"; + diff --git a/install/ubuntu/13.10/clamav/clamd.conf b/install/ubuntu/13.10/clamav/clamd.conf new file mode 100644 index 000000000..ea982697a --- /dev/null +++ b/install/ubuntu/13.10/clamav/clamd.conf @@ -0,0 +1,61 @@ +#Automatically Generated by clamav-base postinst +#To reconfigure clamd run #dpkg-reconfigure clamav-base +#Please read /usr/share/doc/clamav-base/README.Debian.gz for details +LocalSocket /var/run/clamav/clamd.ctl +FixStaleSocket true +LocalSocketGroup clamav +LocalSocketMode 666 +# TemporaryDirectory is not set to its default /tmp here to make overriding +# the default with environment variables TMPDIR/TMP/TEMP possible +User clamav +AllowSupplementaryGroups true +ScanMail true +ScanArchive true +ArchiveBlockEncrypted false +MaxDirectoryRecursion 15 +FollowDirectorySymlinks false +FollowFileSymlinks false +ReadTimeout 180 +MaxThreads 12 +MaxConnectionQueueLength 15 +LogSyslog false +LogFacility LOG_LOCAL6 +LogClean false +LogVerbose true +PidFile /var/run/clamav/clamd.pid +DatabaseDirectory /var/lib/clamav +SelfCheck 3600 +Foreground false +Debug false +ScanPE true +ScanOLE2 true +ScanHTML true +DetectBrokenExecutables false +ExitOnOOM false +LeaveTemporaryFiles false +AlgorithmicDetection true +ScanELF true +IdleTimeout 30 +PhishingSignatures true +PhishingScanURLs true +PhishingAlwaysBlockSSLMismatch false +PhishingAlwaysBlockCloak false +DetectPUA false +ScanPartialMessages false +HeuristicScanPrecedence false +StructuredDataDetection false +CommandReadTimeout 5 +SendBufTimeout 200 +MaxQueue 100 +ExtendedDetectionInfo true +OLE2BlockMacros false +StreamMaxLength 25M +LogFile /var/log/clamav/clamav.log +LogTime true +LogFileUnlock false +LogFileMaxSize 0 +Bytecode true +BytecodeSecurity TrustSigned +BytecodeTimeout 60000 +OfficialDatabaseOnly false +CrossFilesystems true diff --git a/install/ubuntu/13.10/deb_signing.key b/install/ubuntu/13.10/deb_signing.key new file mode 100644 index 000000000..2ad2db8bc --- /dev/null +++ b/install/ubuntu/13.10/deb_signing.key @@ -0,0 +1,30 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- +Version: GnuPG v1.4.12 (GNU/Linux) + +mQENBFJIGbEBCAC8SHOOFo7iDTbnC2GhNZ+uBGCh226Dn1QPoFZNFM/DNakHZ6rD +G3wzr8++eKz4fJual/VLllE2N9XDPuxbozb3LLkcyY1WzJqtIXbXhFGQ/SuIeT+x +QY90XU6t2Ckze2c+zUniAWmJ8GSyVmXOoc9JxAQ1u47wvGXLzrjWXc8u8PNRYXuf +fZplTL+dFu9P0d6lP8FGsV+r9wXvvazpRTz3+H8PKrGCYT55ZQIEdG9Jgamylto2 +oVPFXkwGML+TLw6oeCIBuz2y2vtivphW4MJ3ifQjDj7k3n+DTIxfDFs8lB6VRhhY +2nMHCrcZC6U2mhmXmr6O4s1fu6irBVx05ejPABEBAAG0IFNlcmdoZXkgUm9kaW4g +PHNraWRAdmVzdGFjcC5jb20+iQE4BBMBAgAiBQJSSBmxAhsDBgsJCAcDAgYVCAIJ +CgsEFgIDAQIeAQIXgAAKCRBCxbITCh93FPdqB/93GjV9g+wBfeZYLHQK9MDU2wBb +VloYOJJae6IvYKYQVAJayD3PbHdpxrF8s9e23vdnmb9jKu6jX6oV54EIyqP2HPiN +QYc8wcea+eSHerznBixCtoQh8mtdWGFeN71zU/ig7L5qlOVF/EmxDVZTFUeivFxh +IV6qyBnktQKktE45585yKZyyLtfGoXA54DGK69OtJFh+wdkKEMmUXocMl7wUrxW6 +Cx2CuKeEXEgvwu8mRHQi3S3T9XP456qWEn5dWyMVcP660IzEuZfSJApZusNK7zG3 +WMy0/EuX7xHNY3mcNxTOUN1LsO7iHnhHD9+iKWJo9parGkMZzc92MpjDK/g7uQEN +BFJIGbEBCAC7k5QEA9WQM7E3ceNaeLMrA9lXfuzaNCcySq7ONdVAa5PxzbSKdHvz +QFoL1VFqBTYQ038lbil1XqnoM0zvIfAI3LcpS8sq92El/vPxp6jZh2Ari9Uw7x95 +k2cZMgI67g+zQMGdjVRA155nFQRCgg000xU4F7JA6+WsuLlVUmccsDv7YWJExMtC +YPxiuz5DFu8RALnw4Ckts+dbwsrcvUHhkm9b6RAsdCKjjRpUZjLgdltjH83gUVvt +i1YmdjjsVpt95dtsaG+ad852g/Rk8EdxNMkjPF6HLA67CLADP9wYaj80yPcPtylS +ycvPtcclVeHkFBRVM8xZpQd4iD19MWI1ABEBAAGJAR8EGAECAAkFAlJIGbECGwwA +CgkQQsWyEwofdxQ7tQgAhB0FwTs7L8Qr63DHC2yAnXVxgtTAY1/36CccNXVculyR ++EkLcwahms9AKhz7eQb+Mud+5vH0GRohLp2npgO38CjVUfIP5d+Y6dsthmrkF6p8 +XdV1dVK9vWX+i/YZSw/Mded30Cq4P2Yhq9EaemMT0rtli8lz2NnkZ9dFJZk1lzJC +CZmRpbjSNWqRU4f7qyh21lYk/OC/0XE8fh8CaO23TZ+6gBionoCztwb7NyC9OArN +qYlNnbmh9iNqdblykPS3bkjf34n2xyMgnIehNrM89tk8PY4UfNPhgT1TMD9W3Svq +ynNZvLuF/FIDwDeC1qcfjGbfDn9fXO/lMIIRooQYKQ== +=J2HJ +-----END PGP PUBLIC KEY BLOCK----- diff --git a/install/ubuntu/13.10/dovecot.tar.gz b/install/ubuntu/13.10/dovecot.tar.gz new file mode 100644 index 0000000000000000000000000000000000000000..bfabaa030981d087ea4ccd8c7b86cc4d7ab1b7c6 GIT binary patch literal 3487 zcmV;Q4Pf#giwFRAz^+vQ1MM4YZyPrJESWH#l7u_ru?rTWOchsOV;5PJCsTFqMF@1q7J z@8Lu8?+=Fk(NVY80r~evgQH6Rj{$e&-|I9Jo%CDy^^@&^0v-(pACmu3uh#|ncRQo* z(dY>0bqAx~@CoaDG73Hde{=aieOi0^lwDn3^_fjXAZIdQR-~y^a|aq$g|DKQfwbnIX+x!UC0o24+8Ev1e?6`TyF z8`vq$jB@adI3@)oZi~NBA63I*Z>0~uk2KT zaHU4N^Mslf!x4zfNM=3)9v~#FmW9FwMovM>Qqk&A2kn)-mF@3y zG_7=ebDkGV094j@@Vs@0BEc@7@e)9w1lqm6#<#5dEoiE=m z@xRQ?I@Os$l_|q95)Rz0FPp%ZgQ-R*OzH}@2pfc;P;nNeTnTN9qnvI`X4%2lW7cbR zTm3_iDcc$Smm3}Aqsvx4A-9-ir}foWtu?zhA>BPnKH=r8;MprpW)8}EnWd=Ptk>xv zZ$wNMvfvPJARK}+#op!#f3DIl7_7MUF_H+{N8OxpIBtVkjrIw0*#{pt%}|=4)|}#i zlK@)fN@oy7fK{B$wRYhG42V-$TW~dZzNkgA$Vec}F7ibQ_$LtX40NJt`OMjEVY}## zC!XAK34ym>0Rsw56(X|5!=mP(gHmL#q$xf~(P8ePbmY17uP8?-2-eo4Yq8S|{0ePC z{%@rXcpy}2$J3Wi&9@E*NtxUUBtI;i4*_q;ryATy&))c2YhFE=mCZghykWlY>c z$`*4-IYg9zGgoBu+J$PTs?J72mMO7@v=QizHl?Ho^Q6trYBp`MA?apM!Dq&&Fw%;NZ>9uNV(Q;Ji1D zSC=o5I^LcO}XbK_ij~ctOc^?0jNp{bgsnFkh!dQ`x4_i~A(yWFTp;L}~+`2=c6K z3cll({3CicV6e|ZnwY%i*D{1yLZ+?e{=TLY6c|SC1fzpMzDZJI%5L+?v>Mfe#D|AM zu{H~_Ze62e^kh|%!fz>Q2_H!3659BJZVC(0Vjnu9`FU}gzn7>vr-tO$G^OH$ojEgYPB34n)nCN z6_up>=y0fnu2v=w9^ctv_X*FyQ{qy%dak!9@p03;bsS}E4*n(qZ-c&>9>6_P!1vB* z)S>Sb1jo$Vh9~sS!@r29x^Mp=wK=--Pv-z0vj5JYQ`rBokM&>pe^A-~V*p5dl5jAb zF>6B()Q0bEuM;i!{MS(O3O)$;`#>Hz_&+?N{?F*Bvj4{b*Z-lK^uDrs5Xa-jP|B-A`z+-YdcF%DyCW+}{uQ7yN8dB=smp0>#5MR`=XA`_M|@&2rY zZx3;qcSKw<4eRNIXYWR9hn<^w7Q@ziSccrYPi2Y|VUpNm!WeDfdNYG$fi5R_OuDV& z%!xY>ILFc8_Cq&nkN@v}qb4?dwsIDU?QXGzCXef~UH4_fOVB_gLqVlFBKY*=>g4(P z#re%UtS=?NLD9nMx$84TnP5{vXD0pJ|6<>@c0hzQWe!47Af$v-WgUAoa7#{glGpk@ zZ>{epa?OlGyuBkz|5C-&D zX>62B5bhh91xMVx7HNLb_;K4>S8Csx=x_yj>G+sP zYoJHLc3^{Pi~pL%ck9}<&CEpGF9Nl;%!vsdCTDtnY_DI_P0mWP6p-FC77Gq+7U;;R z_qKx!=CJW^E-!^5;+v)tDti>M$qK zMmnu|b$NMJAVUeBetUNMT~T|z0-^}BogfM`fY)aDoF=l zFMF--Ve4Me$(NX7#5m<475cGv?HcmvADsJ6x3wm4@D{7`xTjg;lm*- zO4=y45Y&e@WBcuWP~+K5uALR;b!oED-5MP=oo!)vr2}oHT*3-gpQ8UohXrhNy=W@A zO9iGU!=1fKT!?HoZPJScC9TDy{`g8;5kWx8UpoLTy10Jxob*!`{qijf$TcD#4)2si z-J1<%o&tptmg1?o0}&FNOl~vk2qPa!kx-KhTyrBfzd5u2ed#}{;xeAy8rjP#r?n6>GmN1 zKk8Tc|KkA4I-F8o9~!x&5|@*I6BPg+L!OMPYXh(-F@E`C*gSpx?&_vUSADuQt}E6S zY0wss9}n802Ct!PyB@Y3I;_;;l3%siZ^!+)`S@pr`}IF-qfdMNf6)HB!~UK3e+O6w ztnB|00Hh7}wt@T_K1~8)@ZR)wJF{2{40zOD3Sdwh2HQC3(oTpACZz?pV)Lu!!@SBw z|A=tk{xJo3)cPOT|IxPo-|4&hUuFM~0-?0@@^2DxEC#I83ANGaO)LB~fhax2m$#gg zphvO5S5~BrF;vq+Mye+;{o z{XYh{IxZyRV5V~sPIh|ZG{}QMSnCGt&Iktl)V+-F-%UQQFWUGKQ}ep2ef*u%&wca? zo^0(u@A-b(%-;do|L7z3-|zbT|ESaL;O{>N_>;iO{vQGI_8wX`b@3Y9jdImf(k0Apn?i2sGx!hDyX1>3M#0ef(kxA N{0}P55eWcL004dY&`|&Y literal 0 HcmV?d00001 diff --git a/install/ubuntu/13.10/dovecot/conf.d/10-auth.conf b/install/ubuntu/13.10/dovecot/conf.d/10-auth.conf new file mode 100644 index 000000000..dfcc83110 --- /dev/null +++ b/install/ubuntu/13.10/dovecot/conf.d/10-auth.conf @@ -0,0 +1,4 @@ +disable_plaintext_auth = no +auth_verbose = yes +auth_mechanisms = plain login +!include auth-passwdfile.conf.ext diff --git a/install/ubuntu/13.10/dovecot/conf.d/10-logging.conf b/install/ubuntu/13.10/dovecot/conf.d/10-logging.conf new file mode 100644 index 000000000..a5f207d51 --- /dev/null +++ b/install/ubuntu/13.10/dovecot/conf.d/10-logging.conf @@ -0,0 +1 @@ +log_path = /var/log/dovecot.log diff --git a/install/ubuntu/13.10/dovecot/conf.d/10-mail.conf b/install/ubuntu/13.10/dovecot/conf.d/10-mail.conf new file mode 100644 index 000000000..55313419e --- /dev/null +++ b/install/ubuntu/13.10/dovecot/conf.d/10-mail.conf @@ -0,0 +1,4 @@ +mail_privileged_group = mail +mail_access_groups = mail +mail_location = maildir:%h/mail/%d/%n +pop3_uidl_format = %08Xu%08Xv diff --git a/install/ubuntu/13.10/dovecot/conf.d/10-master.conf b/install/ubuntu/13.10/dovecot/conf.d/10-master.conf new file mode 100644 index 000000000..a75a9aaa4 --- /dev/null +++ b/install/ubuntu/13.10/dovecot/conf.d/10-master.conf @@ -0,0 +1,29 @@ +service imap-login { + inet_listener imap { + } + inet_listener imaps { + } +} + +service pop3-login { + inet_listener pop3 { + } + inet_listener pop3s { + } +} + + +service imap { +} + +service pop3 { +} + +service auth { + unix_listener auth-client { + group = mail + mode = 0660 + user = dovecot + } + user = dovecot +} diff --git a/install/ubuntu/13.10/dovecot/conf.d/10-ssl.conf b/install/ubuntu/13.10/dovecot/conf.d/10-ssl.conf new file mode 100644 index 000000000..3aaff6eec --- /dev/null +++ b/install/ubuntu/13.10/dovecot/conf.d/10-ssl.conf @@ -0,0 +1,3 @@ +ssl = yes +ssl_cert = = 2.1.4) : %v.%u + # Dovecot v0.99.x : %v.%u + # tpop3d : %Mf + # + # Note that Outlook 2003 seems to have problems with %v.%u format which was + # Dovecot's default, so if you're building a new server it would be a good + # idea to change this. %08Xu%08Xv should be pretty fail-safe. + # + #pop3_uidl_format = %08Xu%08Xv + + # Permanently save UIDLs sent to POP3 clients, so pop3_uidl_format changes + # won't change those UIDLs. Currently this works only with Maildir. + #pop3_save_uidl = no + + # What to do about duplicate UIDLs if they exist? + # allow: Show duplicates to clients. + # rename: Append a temporary -2, -3, etc. counter after the UIDL. + #pop3_uidl_duplicates = allow + + # POP3 logout format string: + # %i - total number of bytes read from client + # %o - total number of bytes sent to client + # %t - number of TOP commands + # %p - number of bytes sent to client as a result of TOP command + # %r - number of RETR commands + # %b - number of bytes sent to client as a result of RETR command + # %d - number of deleted messages + # %m - number of messages (before deletion) + # %s - mailbox size in bytes (before deletion) + # %u - old/new UIDL hash. may help finding out if UIDLs changed unexpectedly + #pop3_logout_format = top=%t/%p, retr=%r/%b, del=%d/%m, size=%s + + # Maximum number of POP3 connections allowed for a user from each IP address. + # NOTE: The username is compared case-sensitively. + #mail_max_userip_connections = 10 + + # Space separated list of plugins to load (default is global mail_plugins). + #mail_plugins = $mail_plugins + + # Workarounds for various client bugs: + # outlook-no-nuls: + # Outlook and Outlook Express hang if mails contain NUL characters. + # This setting replaces them with 0x80 character. + # oe-ns-eoh: + # Outlook Express and Netscape Mail breaks if end of headers-line is + # missing. This option simply sends it if it's missing. + # The list is space-separated. + #pop3_client_workarounds = +} diff --git a/install/ubuntu/13.10/dovecot/conf.d/auth-passwdfile.conf.ext b/install/ubuntu/13.10/dovecot/conf.d/auth-passwdfile.conf.ext new file mode 100644 index 000000000..75e6e1152 --- /dev/null +++ b/install/ubuntu/13.10/dovecot/conf.d/auth-passwdfile.conf.ext @@ -0,0 +1,9 @@ +passdb { + driver = passwd-file + args = scheme=MD5-CRYPT username_format=%n /etc/exim4/domains/%d/passwd +} + +userdb { + driver = passwd-file + args = username_format=%n /etc/exim4/domains/%d/passwd +} diff --git a/install/ubuntu/13.10/dovecot/dovecot.conf b/install/ubuntu/13.10/dovecot/dovecot.conf new file mode 100644 index 000000000..0a8553510 --- /dev/null +++ b/install/ubuntu/13.10/dovecot/dovecot.conf @@ -0,0 +1,4 @@ +protocols = imap pop3 +listen = *, :: +base_dir = /var/run/dovecot/ +!include conf.d/*.conf diff --git a/install/ubuntu/13.10/exim/dnsbl.conf b/install/ubuntu/13.10/exim/dnsbl.conf new file mode 100644 index 000000000..5166b255e --- /dev/null +++ b/install/ubuntu/13.10/exim/dnsbl.conf @@ -0,0 +1,2 @@ +bl.spamcop.net +zen.spamhaus.org diff --git a/install/ubuntu/13.10/exim/exim4.conf.template b/install/ubuntu/13.10/exim/exim4.conf.template new file mode 100644 index 000000000..742f0409e --- /dev/null +++ b/install/ubuntu/13.10/exim/exim4.conf.template @@ -0,0 +1,377 @@ +###################################################################### +# # +# Exim configuration file for Vesta Control Panel # +# # +###################################################################### + +#SPAMASSASSIN = yes +#SPAM_SCORE = 50 +#CLAMD = yes + +domainlist local_domains = dsearch;/etc/exim4/domains/ +domainlist relay_to_domains = dsearch;/etc/exim4/domains/ +hostlist relay_from_hosts = 127.0.0.1 +hostlist whitelist = net-iplsearch;/etc/exim4/white-blocks.conf +hostlist spammers = net-iplsearch;/etc/exim4/spam-blocks.conf +no_local_from_check +untrusted_set_sender = * +acl_smtp_connect = acl_check_spammers +acl_smtp_mail = acl_check_mail +acl_smtp_rcpt = acl_check_rcpt +acl_smtp_data = acl_check_data +acl_smtp_mime = acl_check_mime + +.ifdef SPAMASSASSIN +spamd_address = 127.0.0.1 783 +.endif + +.ifdef CLAMD +av_scanner = clamd: /var/run/clamav/clamd.ctl +.endif + +tls_advertise_hosts = * +tls_certificate = /usr/local/vesta/ssl/certificate.crt +tls_privatekey = /usr/local/vesta/ssl/certificate.key + +daemon_smtp_ports = 25 : 465 : 587 : 2525 +tls_on_connect_ports = 465 +never_users = root +host_lookup = * +rfc1413_hosts = * +rfc1413_query_timeout = 5s +ignore_bounce_errors_after = 2d +timeout_frozen_after = 7d + +DKIM_DOMAIN = ${lc:${domain:$h_from:}} +DKIM_FILE = /etc/exim4/domains/${lc:${domain:$h_from:}}/dkim.pem +DKIM_PRIVATE_KEY = ${if exists{DKIM_FILE}{DKIM_FILE}{0}} + + + +###################################################################### +# ACL CONFIGURATION # +# Specifies access control lists for incoming SMTP mail # +###################################################################### +begin acl + +acl_check_spammers: + accept hosts = +whitelist + + drop message = Your host in blacklist on this server. + log_message = Host in blacklist + hosts = +spammers + + accept + + +acl_check_mail: + deny condition = ${if eq{$sender_helo_name}{}} + message = HELO required before MAIL + + drop message = Helo name contains a ip address (HELO was $sender_helo_name) and not is valid + condition = ${if match{$sender_helo_name}{\N((\d{1,3}[.-]\d{1,3}[.-]\d{1,3}[.-]\d{1,3})|([0-9a-f]{8})|([0-9A-F]{8}))\N}{yes}{no}} + condition = ${if match {${lookup dnsdb{>: defer_never,ptr=$sender_host_address}}\}{$sender_helo_name}{no}{yes}} + delay = 45s + + drop condition = ${if isip{$sender_helo_name}} + message = Access denied - Invalid HELO name (See RFC2821 4.1.3) + + drop condition = ${if eq{[$interface_address]}{$sender_helo_name}} + message = $interface_address is _my_ address + + accept + + +acl_check_rcpt: + accept hosts = : + + deny message = Restricted characters in address + domains = +local_domains + local_parts = ^[.] : ^.*[@%!/|] + + deny message = Restricted characters in address + domains = !+local_domains + local_parts = ^[./|] : ^.*[@%!] : ^.*/\\.\\./ + + require verify = sender + + accept hosts = +relay_from_hosts + control = submission + + accept authenticated = * + control = submission/domain= + + deny message = Rejected because $sender_host_address is in a black list at $dnslist_domain\n$dnslist_text + hosts = !+whitelist + dnslists = ${readfile {/etc/exim4/dnsbl.conf}{:}} + + require message = relay not permitted + domains = +local_domains : +relay_to_domains + + deny message = smtp auth requried + sender_domains = +local_domains + !authenticated = * + + require verify = recipient + +.ifdef CLAMD + warn set acl_m0 = no + + warn condition = ${if exists {/etc/exim4/domains/$domain/antivirus}{yes}{no}} + set acl_m0 = yes +.endif + +.ifdef SPAMASSASSIN + warn set acl_m1 = no + + warn condition = ${if exists {/etc/exim4/domains/$domain/antispam}{yes}{no}} + set acl_m1 = yes +.endif + + accept + + +acl_check_data: +.ifdef CLAMD + deny message = Message contains a virus ($malware_name) and has been rejected + malware = * + condition = ${if eq{$acl_m0}{yes}{yes}{no}} +.endif + +.ifdef SPAMASSASSIN + warn !authenticated = * + hosts = !+relay_from_hosts + condition = ${if < {$message_size}{100K}} + condition = ${if eq{$acl_m1}{yes}{yes}{no}} + spam = nobody:true/defer_ok + add_header = X-Spam-Score: $spam_score_int + add_header = X-Spam-Bar: $spam_bar + add_header = X-Spam-Report: $spam_report + set acl_m2 = $spam_score_int + + warn condition = ${if !eq{$acl_m2}{} {yes}{no}} + condition = ${if >{$acl_m2}{SPAM_SCORE} {yes}{no}} + add_header = X-Spam-Status: Yes + message = SpamAssassin detected spam (from $sender_address to $recipients). +.endif + + accept + + +acl_check_mime: + deny message = Blacklisted file extension detected + condition = ${if match {${lc:$mime_filename}}{\N(\.ade|\.adp|\.bat|\.chm|\.cmd|\.com|\.cpl|\.exe|\.hta|\.ins|\.isp|\.jse|\.lib|\.lnk|\.mde|\.msc|\.msp|\.mst|\.pif|\.scr|\.sct|\.shb|\.sys|\.vb|\.vbe|\.vbs|\.vxd|\.wsc|\.wsf|\.wsh)$\N}{1}{0}} + + accept + + + +###################################################################### +# AUTHENTICATION CONFIGURATION # +###################################################################### +begin authenticators + +dovecot_plain: + driver = dovecot + public_name = PLAIN + server_socket = /var/run/dovecot/auth-client + server_set_id = $auth1 + +dovecot_login: + driver = dovecot + public_name = LOGIN + server_socket = /var/run/dovecot/auth-client + server_set_id = $auth1 + + + +###################################################################### +# ROUTERS CONFIGURATION # +# Specifies how addresses are handled # +###################################################################### +begin routers + +#smarthost: +# driver = manualroute +# domains = ! +local_domains +# transport = remote_smtp +# route_list = * smartrelay.vestacp.com +# no_more +# no_verify + +dnslookup: + driver = dnslookup + domains = !+local_domains + transport = remote_smtp + no_more + +userforward: + driver = redirect + check_local_user + file = $home/.forward + allow_filter + no_verify + no_expn + check_ancestor + file_transport = address_file + pipe_transport = address_pipe + reply_transport = address_reply + +procmail: + driver = accept + check_local_user + require_files = ${local_part}:+${home}/.procmailrc:/usr/bin/procmail + transport = procmail + no_verify + +autoreplay: + driver = accept + require_files = /etc/exim4/domains/$domain/autoreply.${local_part}.msg + condition = ${if exists{/etc/exim4/domains/$domain/autoreply.${local_part}.msg}}{yes}{no}} + retry_use_local_part + transport = userautoreply + unseen + +aliases: + driver = redirect + headers_add = X-redirected: yes + data = ${extract{1}{:}{${lookup{$local_part@$domain}lsearch{/etc/exim4/domains/$domain/aliases}}}} + require_files = /etc/exim4/domains/$domain/aliases + redirect_router = dnslookup + pipe_transport = address_pipe + unseen + +localuser_fwd_only: + driver = accept + transport = devnull + condition = ${if exists{/etc/exim/domains/$domain/fwd_only}{${lookup{$local_part}lsearch{/etc/exim/domains/$domain/fwd_only}{true}{false}}}} + +localuser_spam: + driver = accept + transport = local_spam_delivery + condition = ${if eq {${if match{$h_X-Spam-Status:}{\N^Yes\N}{yes}{no}}} {${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}{yes}{no_such_user}}}} + +localuser: + driver = accept + transport = local_delivery + condition = ${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}{true}{false}} + +catchall: + driver = redirect + headers_add = X-redirected: yes + require_files = /etc/exim4/domains/$domain/aliases + data = ${extract{1}{:}{${lookup{*@$domain}lsearch{/etc/exim4/domains/$domain/aliases}}}} + file_transport = local_delivery + redirect_router = dnslookup + +terminate_alias: + driver = accept + transport = devnull + condition = ${lookup{$local_part@$domain}lsearch{/etc/exim4/domains/$domain/aliases}{true}{false}} + + + +###################################################################### +# TRANSPORTS CONFIGURATION # +###################################################################### +begin transports + +remote_smtp: + driver = smtp + #helo_data = $sender_address_domain + dkim_domain = DKIM_DOMAIN + dkim_selector = mail + dkim_private_key = DKIM_PRIVATE_KEY + dkim_canon = relaxed + dkim_strict = 0 + +procmail: + driver = pipe + command = "/usr/bin/procmail -d $local_part" + return_path_add + delivery_date_add + envelope_to_add + user = $local_part + initgroups + return_output + +local_delivery: + driver = appendfile + maildir_format + maildir_use_size_file + user = ${extract{2}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}} + group = mail + create_directory + directory_mode = 770 + mode = 660 + use_lockfile = no + delivery_date_add + envelope_to_add + return_path_add + directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}/mail/$domain/$local_part" + quota = ${extract{6}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}M + quota_warn_threshold = 75% + +local_spam_delivery: + driver = appendfile + maildir_format + maildir_use_size_file + user = ${extract{2}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}} + group = mail + create_directory + directory_mode = 770 + mode = 660 + use_lockfile = no + delivery_date_add + envelope_to_add + return_path_add + directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}/mail/$domain/$local_part/.Spam" + quota = ${extract{6}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}M + quota_directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}/mail/$domain/$local_part" + quota_warn_threshold = 75% + +address_pipe: + driver = pipe + return_output + +address_file: + driver = appendfile + delivery_date_add + envelope_to_add + return_path_add + +address_reply: + driver = autoreply + +userautoreply: + driver = autoreply + file = /etc/exim4/domains/$domain/autoreply.${local_part}.msg + from = "${local_part}@${domain}" + subject = "${if def:h_Subject: {Autoreply: ${quote:${escape:$h_Subject:}}} {Autoreply Message}}" + to = "${sender_address}" + +devnull: + driver = appendfile + file = /dev/null + + + +###################################################################### +# RETRY CONFIGURATION # +###################################################################### +begin retry + +# Address or Domain Error Retries +# ----------------- ----- ------- +* * F,2h,15m; G,16h,1h,1.5; F,4d,6h + + + +###################################################################### +# REWRITE CONFIGURATION # +###################################################################### +begin rewrite + + + +###################################################################### diff --git a/install/ubuntu/13.10/exim/spam-blocks.conf b/install/ubuntu/13.10/exim/spam-blocks.conf new file mode 100644 index 000000000..e69de29bb diff --git a/install/ubuntu/13.10/fail2ban.tar.gz b/install/ubuntu/13.10/fail2ban.tar.gz new file mode 100644 index 0000000000000000000000000000000000000000..628545b6b12d83a4dfcf4529b41f62792c228c85 GIT binary patch literal 721 zcmV;?0xta@iwFR?P)1Y$1MQbhZ{jczhB^CJjMPJ=l>#Ira4D7AZL1=&Z6#&~ zz`KruB3xbg09_DCMo>VRAaZ-;y)^U@ z_5_W1em^5}=Uk3M(j5%0M~Fp}7>lVIYRqubkoOIoiK#qP6BOckLPYW;2OWgmSsIAg zuZ|mFmaYUYjJJfo8s1fhF1)IOlQ|75La(j33(9U0btUMJvtIut>QYeUVmCrexr&Qi zKbjFQ61zkzP2U-?^r{!(!l(3+?Yga{u}aaFy}dZE-rC%=GOfyYm&N9W)k}T291PDY z*P0t`IZ}uIjJ_-j{V$SH_dlT#cu)PeEcx8DI+m&H|328vfBu=(y@&@N72}Qi-)t}U ze|i14JEpGxd*KMK)CoAp98}8bBuj9v%2KQe1W{6IHF7UVKsi-oBUDPa+B%^mI!l#A z%iggR=`rPvnSp)Z2xvn7V8#q@Dyt%#D2+c|xJU7JZ=WzC$g2~0Q{w%WGdx!uFgO@} z=-u4i58*FN5)y;)2*=Nd+$g+V_$fxmCp11?eTVGz8P->^KFOi;zxe)( z;(T!ZH#>H&|F+iuy|9`8{p-KwZ0f&dYyIB`OZs27=SuT4o@Sm$(ja3D9@K#V)prvv zs8^H+ECdN-k)k768hSV1`}Y@@gAp1N=}x2^dQlk4c0wJawc4RhTtX&fF0G*c4Nk6a z2g6fPkL6zl5rJ&(DMxg| +actionstop = /usr/local/vesta/bin/v-delete-firewall-chain +actioncheck = iptables -n -L INPUT | grep -q 'fail2ban-[ \t]' +actionban = /usr/local/vesta/bin/v-add-firewall-ban +actionunban = /usr/local/vesta/bin/v-delete-firewall-ban diff --git a/install/ubuntu/13.10/fail2ban/filter.d/vesta.conf b/install/ubuntu/13.10/fail2ban/filter.d/vesta.conf new file mode 100644 index 000000000..69670a56e --- /dev/null +++ b/install/ubuntu/13.10/fail2ban/filter.d/vesta.conf @@ -0,0 +1,10 @@ +# Fail2Ban filter for unsuccesfull Vesta authentication attempts +# + +[INCLUDES] +before = common.conf + +[Definition] +failregex = .* failed to login +ignoreregex = + diff --git a/install/ubuntu/13.10/fail2ban/jail.local b/install/ubuntu/13.10/fail2ban/jail.local new file mode 100644 index 000000000..eccea0685 --- /dev/null +++ b/install/ubuntu/13.10/fail2ban/jail.local @@ -0,0 +1,39 @@ +[ssh-iptables] +enabled = true +filter = sshd +action = vesta[name=SSH] +logpath = /var/log/auth.log +maxretry = 5 + +[vsftpd-iptables] +enabled = false +filter = vsftpd +action = vesta[name=FTP] +logpath = /var/log/vsftpd.log +maxretry = 5 + +[exim-iptables] +enabled = true +filter = exim +action = vesta[name=MAIL] +logpath = /var/log/exim4/mainlog + +[dovecot-iptables] +enabled = true +filter = dovecot +action = vesta[name=MAIL] +logpath = /var/log/dovecot.log + +[mysqld-iptables] +enabled = false +filter = mysqld-auth +action = vesta[name=DB] +logpath = /var/log/mysql.log +maxretry = 5 + +[vesta-iptables] +enabled = true +filter = vesta +action = vesta[name=VESTA] +logpath = /var/log/vesta/auth.log +maxretry = 5 diff --git a/install/ubuntu/13.10/firewall.tar.gz b/install/ubuntu/13.10/firewall.tar.gz new file mode 100644 index 0000000000000000000000000000000000000000..e8556008077364323d7d6b6934e7a2cf7a734983 GIT binary patch literal 540 zcmV+%0^|K3iwFQ5XyQ}=1MQVdkJ>O4Mzij(@XnhsKo&*MSlh#7(1g=&0&FEG%?Me6ampuO4>y-_`!)kpP&FT0Pj|*j)GSV93 zG0u%P9?@5H>Ue&9TJ8w(mS4U;YbU>kw!5dto6pc!`1H`piz?!Qs? zZ2zTY(j)A}O)l`C?|(Hfn=&r%X0(YbN~&_+%&1`W&E*1z3IZzVUki(*D`*Kk5kQkG z1wFz!17_g@d9ch)G0;wCGL8I9sNtr~X-yEB=^d3PuoC0XT$oBik3eT~aJ zPYYM7vf@1@^`frQB1w}O-E1jovb=r04Y>?eKuHocY1?18ny~4FyPO>aM4!NUUOmFePy(-1M3SddTi>v8NVjB&*t=IgAYbgkDfmmx*FWy-yM^~-2uA1 z`-8QZ4$iCJUfZClsXi!k+gGp^gsj(jT}WJxQ(W4?Rswg^FKlTCd%;5d=XH e1VIo4K@bE%5ClOG1VIqwGCu%8Tmj4gC;$K)2?m1z literal 0 HcmV?d00001 diff --git a/install/ubuntu/13.10/firewall/ports.conf b/install/ubuntu/13.10/firewall/ports.conf new file mode 100644 index 000000000..a6ef4dae5 --- /dev/null +++ b/install/ubuntu/13.10/firewall/ports.conf @@ -0,0 +1,16 @@ +PROTOCOL='TCP' PORT='20' +PROTOCOL='TCP' PORT='21' +PROTOCOL='TCP' PORT='22' +PROTOCOL='TCP' PORT='25' +PROTOCOL='UDP' PORT='53' +PROTOCOL='TCP' PORT='80' +PROTOCOL='TCP' PORT='443' +PROTOCOL='TCP' PORT='110' +PROTOCOL='UDP' PORT='123' +PROTOCOL='TCP' PORT='143' +PROTOCOL='TCP' PORT='3306' +PROTOCOL='TCP' PORT='5432' +PROTOCOL='TCP' PORT='8080' +PROTOCOL='TCP' PORT='8433' +PROTOCOL='TCP' PORT='8083' +PROTOCOL='TCP' PORT='12000:12100' diff --git a/install/ubuntu/13.10/firewall/rules.conf b/install/ubuntu/13.10/firewall/rules.conf new file mode 100644 index 000000000..956c2e1d9 --- /dev/null +++ b/install/ubuntu/13.10/firewall/rules.conf @@ -0,0 +1,10 @@ +RULE='1' ACTION='ACCEPT' PROTOCOL='ICMP' PORT='0' IP='0.0.0.0/0' COMMENT='PING' SUSPENDED='no' TIME='17:13:48' DATE='2014-09-16' +RULE='2' ACTION='ACCEPT' PROTOCOL='TCP' PORT='8083' IP='0.0.0.0/0' COMMENT='VESTA' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='3' ACTION='ACCEPT' PROTOCOL='TCP' PORT='3306,5432' IP='0.0.0.0/0' COMMENT='DB' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='4' ACTION='ACCEPT' PROTOCOL='TCP' PORT='143,993' IP='0.0.0.0/0' COMMENT='IMAP' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='5' ACTION='ACCEPT' PROTOCOL='TCP' PORT='110,995' IP='0.0.0.0/0' COMMENT='POP3' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='6' ACTION='ACCEPT' PROTOCOL='TCP' PORT='25,465,587,2525' IP='0.0.0.0/0' COMMENT='SMTP' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='7' ACTION='ACCEPT' PROTOCOL='UDP' PORT='53' IP='0.0.0.0/0' COMMENT='DNS' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='8' ACTION='ACCEPT' PROTOCOL='TCP' PORT='21,12000-12100' IP='0.0.0.0/0' COMMENT='FTP' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='9' ACTION='ACCEPT' PROTOCOL='TCP' PORT='80,443' IP='0.0.0.0/0' COMMENT='WEB' SUSPENDED='no' TIME='17:04:27' DATE='2014-09-24' +RULE='10' ACTION='ACCEPT' PROTOCOL='TCP' PORT='22' IP='0.0.0.0/0' COMMENT='SSH' SUSPENDED='no' TIME='17:14:41' DATE='2014-09-16' diff --git a/install/ubuntu/13.10/logrotate/apache2 b/install/ubuntu/13.10/logrotate/apache2 new file mode 100644 index 000000000..27629d0dd --- /dev/null +++ b/install/ubuntu/13.10/logrotate/apache2 @@ -0,0 +1,19 @@ +/var/log/apache2/*.log /var/log/apache2/domains/*log { + weekly + missingok + rotate 52 + compress + delaycompress + notifempty + create 640 root adm + sharedscripts + postrotate + /etc/init.d/apache2 reload > /dev/null || true + [ ! -f /var/run/nginx.pid ] || kill -USR1 `cat /var/run/nginx.pid` + endscript + prerotate + if [ -d /etc/logrotate.d/httpd-prerotate ]; then \ + run-parts /etc/logrotate.d/httpd-prerotate; \ + fi; \ + endscript +} diff --git a/install/ubuntu/13.10/logrotate/nginx b/install/ubuntu/13.10/logrotate/nginx new file mode 100644 index 000000000..d667f2135 --- /dev/null +++ b/install/ubuntu/13.10/logrotate/nginx @@ -0,0 +1,13 @@ +/var/log/nginx/*log /var/log/nginx/domains/*log { + daily + missingok + rotate 52 + compress + delaycompress + notifempty + create 640 nginx adm + sharedscripts + postrotate + [ -f /var/run/nginx.pid ] && kill -USR1 `cat /var/run/nginx.pid` + endscript +} diff --git a/install/ubuntu/13.10/logrotate/vesta b/install/ubuntu/13.10/logrotate/vesta new file mode 100644 index 000000000..027a34396 --- /dev/null +++ b/install/ubuntu/13.10/logrotate/vesta @@ -0,0 +1,7 @@ +/usr/local/vesta/log/*.log { + missingok + notifempty + size 30k + yearly + create 0600 root root +} diff --git a/install/ubuntu/13.10/mysql/my-large.cnf b/install/ubuntu/13.10/mysql/my-large.cnf new file mode 100644 index 000000000..d0bab3907 --- /dev/null +++ b/install/ubuntu/13.10/mysql/my-large.cnf @@ -0,0 +1,42 @@ +[client] +port=3306 +socket=/var/run/mysqld/mysqld.sock + +[mysqld_safe] +socket=/var/run/mysqld/mysqld.sock + +[mysqld] +user=mysql +pid-file=/var/run/mysqld/mysqld.pid +socket=/var/run/mysqld/mysqld.sock +port=3306 +basedir=/usr +datadir=/var/lib/mysql +tmpdir=/tmp +lc-messages-dir=/usr/share/mysql +log_error=/var/log/mysql/error.log + +symbolic-links=0 + +skip-external-locking +key_buffer_size = 256M +max_allowed_packet = 32M +table_open_cache = 256 +sort_buffer_size = 1M +read_buffer_size = 1M +read_rnd_buffer_size = 4M +myisam_sort_buffer_size = 64M +thread_cache_size = 8 +query_cache_size= 16M +thread_concurrency = 8 + +#innodb_use_native_aio = 0 +innodb_file_per_table + +max_connections=200 +max_user_connections=50 +wait_timeout=10 +interactive_timeout=50 +long_query_time=5 + +!includedir /etc/mysql/conf.d/ diff --git a/install/ubuntu/13.10/mysql/my-medium.cnf b/install/ubuntu/13.10/mysql/my-medium.cnf new file mode 100644 index 000000000..1c10ab9a6 --- /dev/null +++ b/install/ubuntu/13.10/mysql/my-medium.cnf @@ -0,0 +1,40 @@ +[client] +port=3306 +socket=/var/run/mysqld/mysqld.sock + +[mysqld_safe] +socket=/var/run/mysqld/mysqld.sock + +[mysqld] +user=mysql +pid-file=/var/run/mysqld/mysqld.pid +socket=/var/run/mysqld/mysqld.sock +port=3306 +basedir=/usr +datadir=/var/lib/mysql +tmpdir=/tmp +lc-messages-dir=/usr/share/mysql +log_error=/var/log/mysql/error.log + +symbolic-links=0 + +skip-external-locking +key_buffer_size = 16M +max_allowed_packet = 16M +table_open_cache = 64 +sort_buffer_size = 512K +net_buffer_length = 8K +read_buffer_size = 256K +read_rnd_buffer_size = 512K +myisam_sort_buffer_size = 8M + +#innodb_use_native_aio = 0 +innodb_file_per_table + +max_connections=70 +max_user_connections=30 +wait_timeout=10 +interactive_timeout=50 +long_query_time=5 + +!includedir /etc/mysql/conf.d/ diff --git a/install/ubuntu/13.10/mysql/my-small.cnf b/install/ubuntu/13.10/mysql/my-small.cnf new file mode 100644 index 000000000..26a804781 --- /dev/null +++ b/install/ubuntu/13.10/mysql/my-small.cnf @@ -0,0 +1,40 @@ +[client] +port=3306 +socket=/var/run/mysqld/mysqld.sock + +[mysqld_safe] +socket=/var/run/mysqld/mysqld.sock + +[mysqld] +user=mysql +pid-file=/var/run/mysqld/mysqld.pid +socket=/var/run/mysqld/mysqld.sock +port=3306 +basedir=/usr +datadir=/var/lib/mysql +tmpdir=/tmp +lc-messages-dir=/usr/share/mysql +log_error=/var/log/mysql/error.log + +symbolic-links=0 + +skip-external-locking +key_buffer_size = 16K +max_allowed_packet = 1M +table_open_cache = 4 +sort_buffer_size = 64K +read_buffer_size = 256K +read_rnd_buffer_size = 256K +net_buffer_length = 2K +thread_stack = 240K + +#innodb_use_native_aio = 0 +innodb_file_per_table + +max_connections=30 +max_user_connections=20 +wait_timeout=10 +interactive_timeout=50 +long_query_time=5 + +!includedir /etc/mysql/conf.d/ diff --git a/install/ubuntu/13.10/nginx/nginx.conf b/install/ubuntu/13.10/nginx/nginx.conf new file mode 100644 index 000000000..7937301c1 --- /dev/null +++ b/install/ubuntu/13.10/nginx/nginx.conf @@ -0,0 +1,124 @@ +# Server globals +user www-data; +worker_processes 2; +error_log /var/log/nginx/error.log; +pid /var/run/nginx.pid; + + +# Worker config +events { + worker_connections 1024; + use epoll; +} + + +http { + # Main settings + sendfile on; + tcp_nopush on; + tcp_nodelay on; + client_header_timeout 1m; + client_body_timeout 1m; + client_header_buffer_size 2k; + client_body_buffer_size 256k; + client_max_body_size 100m; + large_client_header_buffers 4 8k; + send_timeout 30; + keepalive_timeout 60 60; + reset_timedout_connection on; + server_tokens off; + server_name_in_redirect off; + server_names_hash_max_size 512; + server_names_hash_bucket_size 512; + + + # Log format + log_format main '$remote_addr - $remote_user [$time_local] $request ' + '"$status" $body_bytes_sent "$http_referer" ' + '"$http_user_agent" "$http_x_forwarded_for"'; + log_format bytes '$body_bytes_sent'; + #access_log /var/log/nginx/access.log main; + access_log off; + + + # Mime settings + include /etc/nginx/mime.types; + default_type application/octet-stream; + + + # Compression + gzip on; + gzip_comp_level 9; + gzip_min_length 512; + gzip_buffers 8 64k; + gzip_types text/plain text/css text/javascript + application/x-javascript; + gzip_proxied any; + + + # Proxy settings + proxy_redirect off; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_pass_header Set-Cookie; + proxy_connect_timeout 90; + proxy_send_timeout 90; + proxy_read_timeout 90; + proxy_buffers 32 4k; + + + # Cloudflare https://www.cloudflare.com/ips + set_real_ip_from 199.27.128.0/21; + set_real_ip_from 173.245.48.0/20; + set_real_ip_from 103.21.244.0/22; + set_real_ip_from 103.22.200.0/22; + set_real_ip_from 103.31.4.0/22; + set_real_ip_from 141.101.64.0/18; + set_real_ip_from 108.162.192.0/18; + set_real_ip_from 190.93.240.0/20; + set_real_ip_from 188.114.96.0/20; + set_real_ip_from 197.234.240.0/22; + set_real_ip_from 198.41.128.0/17; + set_real_ip_from 162.158.0.0/15; + set_real_ip_from 104.16.0.0/12; + set_real_ip_from 172.64.0.0/13; + #set_real_ip_from 2400:cb00::/32; + #set_real_ip_from 2606:4700::/32; + #set_real_ip_from 2803:f800::/32; + #set_real_ip_from 2405:b500::/32; + #set_real_ip_from 2405:8100::/32; + real_ip_header CF-Connecting-IP; + + + # SSL PCI Compliance + ssl_session_cache shared:SSL:10m; + ssl_protocols TLSv1 TLSv1.1 TLSv1.2; + ssl_prefer_server_ciphers on; + ssl_ciphers "ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4"; + + + # Error pages + error_page 403 /error/403.html; + error_page 404 /error/404.html; + error_page 502 503 504 /error/50x.html; + + + # Cache + proxy_cache_path /var/cache/nginx levels=2 keys_zone=cache:10m inactive=60m max_size=512m; + proxy_cache_key "$host$request_uri $cookie_user"; + proxy_temp_path /var/cache/nginx/temp; + proxy_ignore_headers Expires Cache-Control; + proxy_cache_use_stale error timeout invalid_header http_502; + proxy_cache_valid any 3d; + + map $http_cookie $no_cache { + default 0; + ~SESS 1; + ~wordpress_logged_in 1; + } + + + # Wildcard include + include /etc/nginx/conf.d/*.conf; +} diff --git a/install/ubuntu/13.10/nginx/phpmyadmin.inc b/install/ubuntu/13.10/nginx/phpmyadmin.inc new file mode 100644 index 000000000..d70ca3e3c --- /dev/null +++ b/install/ubuntu/13.10/nginx/phpmyadmin.inc @@ -0,0 +1,15 @@ +location /phpmyadmin { + alias /usr/share/phpmyadmin/; + + location ~ /(libraries|setup) { + return 404; + } + + location ~ ^/phpmyadmin/(.*\.php)$ { + alias /usr/share/phpmyadmin/$1; + fastcgi_pass 127.0.0.1:9000; + fastcgi_index index.php; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $request_filename; + } +} diff --git a/install/ubuntu/13.10/nginx/phppgadmin.inc b/install/ubuntu/13.10/nginx/phppgadmin.inc new file mode 100644 index 000000000..cd1e5806b --- /dev/null +++ b/install/ubuntu/13.10/nginx/phppgadmin.inc @@ -0,0 +1,11 @@ +location /phppgadmin { + alias /usr/share/phppgadmin/; + + location ~ ^/phppgadmin/(.*\.php)$ { + alias /usr/share/phppgadmin/$1; + fastcgi_pass 127.0.0.1:9000; + fastcgi_index index.php; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $request_filename; + } +} diff --git a/install/ubuntu/13.10/nginx/status.conf b/install/ubuntu/13.10/nginx/status.conf new file mode 100644 index 000000000..c0bcd0691 --- /dev/null +++ b/install/ubuntu/13.10/nginx/status.conf @@ -0,0 +1,9 @@ +server { + listen 127.0.0.1:8084 default; + server_name _; + server_name_in_redirect off; + location / { + stub_status on; + access_log off; + } +} diff --git a/install/ubuntu/13.10/nginx/webmail.inc b/install/ubuntu/13.10/nginx/webmail.inc new file mode 100644 index 000000000..ad66895bc --- /dev/null +++ b/install/ubuntu/13.10/nginx/webmail.inc @@ -0,0 +1,15 @@ +location /webmail { + alias /var/lib/roundcube/; + + location ~ /(config|temp|logs) { + return 404; + } + + location ~ ^/webmail/(.*\.php)$ { + alias /var/lib/roundcube/$1; + fastcgi_pass 127.0.0.1:9000; + fastcgi_index index.php; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $request_filename; + } +} diff --git a/install/ubuntu/13.10/packages.tar.gz b/install/ubuntu/13.10/packages.tar.gz new file mode 100644 index 0000000000000000000000000000000000000000..4b778dadce20a61f03a8ca920ec81c55a8730fee GIT binary patch literal 562 zcmV-20?qv&iwFRHoJ3Lp1MQYgkD5>vhFSY7+_9e37(#VaFxE7E(hXh3fdi2rFJZkFya3gX^b)n zVXSCG>M9q!r;?X63%1>^6fD25GP?9(Zs8i zm#eSAOO(kSvCYUG8}`JzlNGcp7>;dtR#6ZOYcoV)W|{76R22A_Q=gJo4AXSy6Mw(T z@QvYNS99i079ZTgdF&uH#Hm!H2Tkno>k1^mATb^lABoBo#r=lG9NGXU~REdk0(83B2vo&kr_ zAp~{{4=IqJS7Kl{UdaJ`lmmICl^~$|AizYY10B;!5Re`k^vG)ug3|w@mF?UAH~v$N z5%B*SfdB3Ik9DT%#Rp2&fAy{S9|r3<{gP~x+kO96-v30?!2fG-8UK&;KeGQw{$uw~ zsNXQZA^ut3x1l|*XixdCp}qF{wFdwI0000000000000000RC})0(q@EkpL(F05 diff --git a/install/ubuntu/13.10/pga/phppgadmin.conf b/install/ubuntu/13.10/pga/phppgadmin.conf new file mode 100644 index 000000000..f39247d6f --- /dev/null +++ b/install/ubuntu/13.10/pga/phppgadmin.conf @@ -0,0 +1,31 @@ +Alias /phppgadmin /usr/share/phppgadmin + + + +DirectoryIndex index.php +AllowOverride None + +order deny,allow +deny from all +allow from 127.0.0.0/255.0.0.0 ::1/128 +allow from all + + + php_flag magic_quotes_gpc Off + php_flag track_vars On + php_value include_path . + + + + + AddType application/x-httpd-php .php + Action application/x-httpd-php /cgi-bin/php + + + AddType application/x-httpd-php .php + Action application/x-httpd-php /cgi-bin/php + + + + + diff --git a/install/ubuntu/13.10/php5-fpm/www.conf b/install/ubuntu/13.10/php5-fpm/www.conf new file mode 100644 index 000000000..d046bceef --- /dev/null +++ b/install/ubuntu/13.10/php5-fpm/www.conf @@ -0,0 +1,10 @@ +[www] +listen = 127.0.0.1:9000 +listen.allowed_clients = 127.0.0.1 +user = www-data +group = www-data +pm = dynamic +pm.max_children = 50 +pm.start_servers = 5 +pm.min_spare_servers = 3 +pm.max_spare_servers = 35 diff --git a/install/ubuntu/13.10/pma/apache.conf b/install/ubuntu/13.10/pma/apache.conf new file mode 100644 index 000000000..2a8f69e25 --- /dev/null +++ b/install/ubuntu/13.10/pma/apache.conf @@ -0,0 +1,42 @@ +# phpMyAdmin default Apache configuration + +Alias /phpmyadmin /usr/share/phpmyadmin + + + Options FollowSymLinks + DirectoryIndex index.php + + + AddType application/x-httpd-php .php + + php_flag magic_quotes_gpc Off + php_flag track_vars On + php_flag register_globals Off + php_admin_flag allow_url_fopen Off + php_value include_path . + php_admin_value upload_tmp_dir /var/lib/phpmyadmin/tmp + php_admin_value open_basedir /usr/share/phpmyadmin/:/etc/phpmyadmin/:/var/lib/phpmyadmin/:/usr/share/php/php-gettext + + + + +# Authorize for setup + + + AuthType Basic + AuthName "phpMyAdmin Setup" + AuthUserFile /etc/phpmyadmin/htpasswd.setup + + Require valid-user + + +# Disallow web access to directories that don't need it + + Order Deny,Allow + Deny from All + + + Order Deny,Allow + Deny from All + + diff --git a/install/ubuntu/13.10/pma/config.inc.php b/install/ubuntu/13.10/pma/config.inc.php new file mode 100644 index 000000000..a643a065b --- /dev/null +++ b/install/ubuntu/13.10/pma/config.inc.php @@ -0,0 +1,146 @@ + + VRootEngine on + VRootAlias /etc/security/pam_env.conf etc/security/pam_env.conf + + +AuthPAMConfig proftpd +AuthOrder mod_auth_pam.c* mod_auth_unix.c +UseReverseDNS off +User proftpd +Group nogroup +MaxInstances 20 +UseSendfile off +LogFormat default "%h %l %u %t \"%r\" %s %b" +LogFormat auth "%v [%P] %h %t \"%r\" %s" +ListOptions -a +RequireValidShell off +PassivePorts 12000 12100 + + + Umask 002 + IdentLookups off + AllowOverwrite yes + + AllowAll + + diff --git a/install/ubuntu/13.10/roundcube/apache.conf b/install/ubuntu/13.10/roundcube/apache.conf new file mode 100644 index 000000000..a0c87bcc6 --- /dev/null +++ b/install/ubuntu/13.10/roundcube/apache.conf @@ -0,0 +1,40 @@ +Alias /roundcube/program/js/tiny_mce/ /usr/share/tinymce/www/ +Alias /roundcube /var/lib/roundcube +Alias /webmail /var/lib/roundcube + +# Access to tinymce files + + Options Indexes MultiViews FollowSymLinks + AllowOverride None + Order allow,deny + allow from all + + + + Options +FollowSymLinks + # This is needed to parse /var/lib/roundcube/.htaccess. See its + # content before setting AllowOverride to None. + AllowOverride All + order allow,deny + allow from all + + +# Protecting basic directories: + + Options -FollowSymLinks + AllowOverride None + + + + Options -FollowSymLinks + AllowOverride None + Order allow,deny + Deny from all + + + + Options -FollowSymLinks + AllowOverride None + Order allow,deny + Deny from all + diff --git a/install/ubuntu/13.10/roundcube/config.inc.php b/install/ubuntu/13.10/roundcube/config.inc.php new file mode 100644 index 000000000..0c82b1bc1 --- /dev/null +++ b/install/ubuntu/13.10/roundcube/config.inc.php @@ -0,0 +1,33 @@ + diff --git a/install/ubuntu/13.10/roundcube/main.inc.php b/install/ubuntu/13.10/roundcube/main.inc.php new file mode 100644 index 000000000..97cdbf2df --- /dev/null +++ b/install/ubuntu/13.10/roundcube/main.inc.php @@ -0,0 +1,850 @@ +/sendmail or to syslog +$rcmail_config['smtp_log'] = true; + +// Log successful logins to /userlogins or to syslog +$rcmail_config['log_logins'] = false; + +// Log session authentication errors to /session or to syslog +$rcmail_config['log_session'] = false; + +// Log SQL queries to /sql or to syslog +$rcmail_config['sql_debug'] = false; + +// Log IMAP conversation to /imap or to syslog +$rcmail_config['imap_debug'] = false; + +// Log LDAP conversation to /ldap or to syslog +$rcmail_config['ldap_debug'] = false; + +// Log SMTP conversation to /smtp or to syslog +$rcmail_config['smtp_debug'] = false; + +// ---------------------------------- +// IMAP +// ---------------------------------- + +// the mail host chosen to perform the log-in +// leave blank to show a textbox at login, give a list of hosts +// to display a pulldown menu or set one host as string. +// To use SSL/TLS connection, enter hostname with prefix ssl:// or tls:// +// Supported replacement variables: +// %n - http hostname ($_SERVER['SERVER_NAME']) +// %d - domain (http hostname without the first part) +// %s - domain name after the '@' from e-mail address provided at login screen +// For example %n = mail.domain.tld, %d = domain.tld +$rcmail_config['default_host'] = 'localhost'; + +// TCP port used for IMAP connections +$rcmail_config['default_port'] = 143; + +// IMAP AUTH type (DIGEST-MD5, CRAM-MD5, LOGIN, PLAIN or empty to use +// best server supported one) +$rcmail_config['imap_auth_type'] = null; + +// If you know your imap's folder delimiter, you can specify it here. +// Otherwise it will be determined automatically +$rcmail_config['imap_delimiter'] = null; + +// If IMAP server doesn't support NAMESPACE extension, but you're +// using shared folders or personal root folder is non-empty, you'll need to +// set these options. All can be strings or arrays of strings. +// Folders need to be ended with directory separator, e.g. "INBOX." +// (special directory "~" is an exception to this rule) +// These can be used also to overwrite server's namespaces +$rcmail_config['imap_ns_personal'] = null; +$rcmail_config['imap_ns_other'] = null; +$rcmail_config['imap_ns_shared'] = null; + +// By default IMAP capabilities are readed after connection to IMAP server +// In some cases, e.g. when using IMAP proxy, there's a need to refresh the list +// after login. Set to True if you've got this case. +$rcmail_config['imap_force_caps'] = false; + +// By default list of subscribed folders is determined using LIST-EXTENDED +// extension if available. Some servers (dovecot 1.x) returns wrong results +// for shared namespaces in this case. http://trac.roundcube.net/ticket/1486225 +// Enable this option to force LSUB command usage instead. +$rcmail_config['imap_force_lsub'] = false; + +// Some server configurations (e.g. Courier) doesn't list folders in all namespaces +// Enable this option to force listing of folders in all namespaces +$rcmail_config['imap_force_ns'] = false; + +// IMAP connection timeout, in seconds. Default: 0 (no limit) +$rcmail_config['imap_timeout'] = 0; + +// Optional IMAP authentication identifier to be used as authorization proxy +$rcmail_config['imap_auth_cid'] = null; + +// Optional IMAP authentication password to be used for imap_auth_cid +$rcmail_config['imap_auth_pw'] = null; + +// Type of IMAP indexes cache. Supported values: 'db', 'apc' and 'memcache'. +$rcmail_config['imap_cache'] = null; + +// Enables messages cache. Only 'db' cache is supported. +$rcmail_config['messages_cache'] = false; + + +// ---------------------------------- +// SMTP +// ---------------------------------- + +// SMTP server host (for sending mails). +// To use SSL/TLS connection, enter hostname with prefix ssl:// or tls:// +// If left blank, the PHP mail() function is used +// Supported replacement variables: +// %h - user's IMAP hostname +// %n - http hostname ($_SERVER['SERVER_NAME']) +// %d - domain (http hostname without the first part) +// %z - IMAP domain (IMAP hostname without the first part) +// For example %n = mail.domain.tld, %d = domain.tld +$rcmail_config['smtp_server'] = ''; + +// SMTP port (default is 25; use 587 for STARTTLS or 465 for the +// deprecated SSL over SMTP (aka SMTPS)) +$rcmail_config['smtp_port'] = 25; + +// SMTP username (if required) if you use %u as the username Roundcube +// will use the current username for login +$rcmail_config['smtp_user'] = ''; + +// SMTP password (if required) if you use %p as the password Roundcube +// will use the current user's password for login +$rcmail_config['smtp_pass'] = ''; + +// SMTP AUTH type (DIGEST-MD5, CRAM-MD5, LOGIN, PLAIN or empty to use +// best server supported one) +$rcmail_config['smtp_auth_type'] = ''; + +// Optional SMTP authentication identifier to be used as authorization proxy +$rcmail_config['smtp_auth_cid'] = null; + +// Optional SMTP authentication password to be used for smtp_auth_cid +$rcmail_config['smtp_auth_pw'] = null; + +// SMTP HELO host +// Hostname to give to the remote server for SMTP 'HELO' or 'EHLO' messages +// Leave this blank and you will get the server variable 'server_name' or +// localhost if that isn't defined. +$rcmail_config['smtp_helo_host'] = ''; + +// SMTP connection timeout, in seconds. Default: 0 (no limit) +$rcmail_config['smtp_timeout'] = 0; + +// ---------------------------------- +// SYSTEM +// ---------------------------------- +include_once("/etc/roundcube/debian-db-roundcube.php"); + + +// THIS OPTION WILL ALLOW THE INSTALLER TO RUN AND CAN EXPOSE SENSITIVE CONFIG DATA. +// ONLY ENABLE IT IF YOU'RE REALLY SURE WHAT YOU'RE DOING! +$rcmail_config['enable_installer'] = false; + +// provide an URL where a user can get support for this Roundcube installation +// PLEASE DO NOT LINK TO THE ROUNDCUBE.NET WEBSITE HERE! +$rcmail_config['support_url'] = ''; + +// replace Roundcube logo with this image +// specify an URL relative to the document root of this Roundcube installation +$rcmail_config['skin_logo'] = null; + +// automatically create a new Roundcube user when log-in the first time. +// a new user will be created once the IMAP login succeeds. +// set to false if only registered users can use this service +$rcmail_config['auto_create_user'] = true; + +// use this folder to store log files (must be writeable for apache user) +// This is used by the 'file' log driver. +$rcmail_config['log_dir'] = '/var/log/roundcubemail/'; + +// use this folder to store temp files (must be writeable for apache user) +$rcmail_config['temp_dir'] = '/tmp'; + +// lifetime of message cache +// possible units: s, m, h, d, w +$rcmail_config['message_cache_lifetime'] = '10d'; + +// enforce connections over https +// with this option enabled, all non-secure connections will be redirected. +// set the port for the ssl connection as value of this option if it differs from the default 443 +$rcmail_config['force_https'] = false; + +// tell PHP that it should work as under secure connection +// even if it doesn't recognize it as secure ($_SERVER['HTTPS'] is not set) +// e.g. when you're running Roundcube behind a https proxy +// this option is mutually exclusive to 'force_https' and only either one of them should be set to true. +$rcmail_config['use_https'] = false; + +// Allow browser-autocompletion on login form. +// 0 - disabled, 1 - username and host only, 2 - username, host, password +$rcmail_config['login_autocomplete'] = 0; + +// Forces conversion of logins to lower case. +// 0 - disabled, 1 - only domain part, 2 - domain and local part. +// If users authentication is not case-sensitive this must be enabled. +// After enabling it all user records need to be updated, e.g. with query: +// UPDATE users SET username = LOWER(username); +$rcmail_config['login_lc'] = 0; + +// Includes should be interpreted as PHP files +$rcmail_config['skin_include_php'] = false; + +// display software version on login screen +$rcmail_config['display_version'] = false; + +// Session lifetime in minutes +// must be greater than 'keep_alive'/60 +$rcmail_config['session_lifetime'] = 10; + +// session domain: .example.org +$rcmail_config['session_domain'] = ''; + +// session name. Default: 'roundcube_sessid' +$rcmail_config['session_name'] = null; + +// Backend to use for session storage. Can either be 'db' (default) or 'memcache' +// If set to memcache, a list of servers need to be specified in 'memcache_hosts' +// Make sure the Memcache extension (http://pecl.php.net/package/memcache) version >= 2.0.0 is installed +$rcmail_config['session_storage'] = 'db'; + +// Use these hosts for accessing memcached +// Define any number of hosts in the form of hostname:port or unix:///path/to/sock.file +$rcmail_config['memcache_hosts'] = null; // e.g. array( 'localhost:11211', '192.168.1.12:11211', 'unix:///var/tmp/memcached.sock' ); + +// check client IP in session athorization +$rcmail_config['ip_check'] = false; + +// check referer of incoming requests +$rcmail_config['referer_check'] = false; + +// X-Frame-Options HTTP header value sent to prevent from Clickjacking. +// Possible values: sameorigin|deny. Set to false in order to disable sending them +$rcmail_config['x_frame_options'] = 'sameorigin'; + +// this key is used to encrypt the users imap password which is stored +// in the session record (and the client cookie if remember password is enabled). +// please provide a string of exactly 24 chars. +$rcmail_config['des_key'] = 'vtIOjLZo9kffJoqzpSbm5r1r'; + +// Automatically add this domain to user names for login +// Only for IMAP servers that require full e-mail addresses for login +// Specify an array with 'host' => 'domain' values to support multiple hosts +// Supported replacement variables: +// %h - user's IMAP hostname +// %n - http hostname ($_SERVER['SERVER_NAME']) +// %d - domain (http hostname without the first part) +// %z - IMAP domain (IMAP hostname without the first part) +// For example %n = mail.domain.tld, %d = domain.tld +$rcmail_config['username_domain'] = ''; + +// This domain will be used to form e-mail addresses of new users +// Specify an array with 'host' => 'domain' values to support multiple hosts +// Supported replacement variables: +// %h - user's IMAP hostname +// %n - http hostname ($_SERVER['SERVER_NAME']) +// %d - domain (http hostname without the first part) +// %z - IMAP domain (IMAP hostname without the first part) +// For example %n = mail.domain.tld, %d = domain.tld +$rcmail_config['mail_domain'] = ''; + +// Password charset. +// Use it if your authentication backend doesn't support UTF-8. +// Defaults to ISO-8859-1 for backward compatibility +$rcmail_config['password_charset'] = 'ISO-8859-1'; + +// How many seconds must pass between emails sent by a user +$rcmail_config['sendmail_delay'] = 0; + +// Maximum number of recipients per message. Default: 0 (no limit) +$rcmail_config['max_recipients'] = 0; + +// Maximum allowednumber of members of an address group. Default: 0 (no limit) +// If 'max_recipients' is set this value should be less or equal +$rcmail_config['max_group_members'] = 0; + +// add this user-agent to message headers when sending +$rcmail_config['useragent'] = 'Roundcube Webmail/'.RCMAIL_VERSION; + +// use this name to compose page titles +$rcmail_config['product_name'] = 'Roundcube Webmail'; + +// try to load host-specific configuration +// see http://trac.roundcube.net/wiki/Howto_Config for more details +$rcmail_config['include_host_config'] = false; + +// path to a text file which will be added to each sent message +// paths are relative to the Roundcube root folder +$rcmail_config['generic_message_footer'] = ''; + +// path to a text file which will be added to each sent HTML message +// paths are relative to the Roundcube root folder +$rcmail_config['generic_message_footer_html'] = ''; + +// add a received header to outgoing mails containing the creators IP and hostname +$rcmail_config['http_received_header'] = false; + +// Whether or not to encrypt the IP address and the host name +// these could, in some circles, be considered as sensitive information; +// however, for the administrator, these could be invaluable help +// when tracking down issues. +$rcmail_config['http_received_header_encrypt'] = false; + +// This string is used as a delimiter for message headers when sending +// a message via mail() function. Leave empty for auto-detection +$rcmail_config['mail_header_delimiter'] = NULL; + +// number of chars allowed for line when wrapping text. +// text wrapping is done when composing/sending messages +$rcmail_config['line_length'] = 72; + +// send plaintext messages as format=flowed +$rcmail_config['send_format_flowed'] = true; + +// don't allow these settings to be overriden by the user +$rcmail_config['dont_override'] = array(); + +// Set identities access level: +// 0 - many identities with possibility to edit all params +// 1 - many identities with possibility to edit all params but not email address +// 2 - one identity with possibility to edit all params +// 3 - one identity with possibility to edit all params but not email address +$rcmail_config['identities_level'] = 0; + +// Mimetypes supported by the browser. +// attachments of these types will open in a preview window +// either a comma-separated list or an array: 'text/plain,text/html,text/xml,image/jpeg,image/gif,image/png,application/pdf' +$rcmail_config['client_mimetypes'] = null; # null == default + +// mime magic database +$rcmail_config['mime_magic'] = null; + +// path to imagemagick identify binary +$rcmail_config['im_identify_path'] = null; + +// path to imagemagick convert binary +$rcmail_config['im_convert_path'] = null; + +// maximum size of uploaded contact photos in pixel +$rcmail_config['contact_photo_size'] = 160; + +// Enable DNS checking for e-mail address validation +$rcmail_config['email_dns_check'] = false; + +// ---------------------------------- +// PLUGINS +// ---------------------------------- + +// List of active plugins (in plugins/ directory) +$rcmail_config['plugins'] = array('password'); + +// ---------------------------------- +// USER INTERFACE +// ---------------------------------- + +// default messages sort column. Use empty value for default server's sorting, +// or 'arrival', 'date', 'subject', 'from', 'to', 'fromto', 'size', 'cc' +$rcmail_config['message_sort_col'] = ''; + +// default messages sort order +$rcmail_config['message_sort_order'] = 'DESC'; + +// These cols are shown in the message list. Available cols are: +// subject, from, to, fromto, cc, replyto, date, size, status, flag, attachment, 'priority' +$rcmail_config['list_cols'] = array('subject', 'status', 'fromto', 'date', 'size', 'flag', 'attachment'); + +// the default locale setting (leave empty for auto-detection) +// RFC1766 formatted language name like en_US, de_DE, de_CH, fr_FR, pt_BR +$rcmail_config['language'] = null; + +// use this format for date display (date or strftime format) +$rcmail_config['date_format'] = 'Y-m-d'; + +// give this choice of date formats to the user to select from +$rcmail_config['date_formats'] = array('Y-m-d', 'd-m-Y', 'Y/m/d', 'm/d/Y', 'd/m/Y', 'd.m.Y', 'j.n.Y'); + +// use this format for time display (date or strftime format) +$rcmail_config['time_format'] = 'H:i'; + +// give this choice of time formats to the user to select from +$rcmail_config['time_formats'] = array('G:i', 'H:i', 'g:i a', 'h:i A'); + +// use this format for short date display (derived from date_format and time_format) +$rcmail_config['date_short'] = 'D H:i'; + +// use this format for detailed date/time formatting (derived from date_format and time_format) +$rcmail_config['date_long'] = 'Y-m-d H:i'; + +// store draft message is this mailbox +// leave blank if draft messages should not be stored +// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP) +$rcmail_config['drafts_mbox'] = 'Drafts'; + +// store spam messages in this mailbox +// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP) +$rcmail_config['junk_mbox'] = 'Spam'; + +// store sent message is this mailbox +// leave blank if sent messages should not be stored +// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP) +$rcmail_config['sent_mbox'] = 'Sent'; + +// move messages to this folder when deleting them +// leave blank if they should be deleted directly +// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP) +$rcmail_config['trash_mbox'] = 'Trash'; + +// display these folders separately in the mailbox list. +// these folders will also be displayed with localized names +// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP) +$rcmail_config['default_folders'] = array('INBOX', 'Drafts', 'Sent', 'Spam', 'Trash'); +$rcmail_config['default_imap_folders'] = array('INBOX', 'Drafts', 'Sent', 'Spam', 'Trash'); + +// automatically create the above listed default folders on first login +$rcmail_config['create_default_folders'] = true; + +// protect the default folders from renames, deletes, and subscription changes +$rcmail_config['protect_default_folders'] = true; + +// if in your system 0 quota means no limit set this option to true +$rcmail_config['quota_zero_as_unlimited'] = false; + +// Make use of the built-in spell checker. It is based on GoogieSpell. +// Since Google only accepts connections over https your PHP installatation +// requires to be compiled with Open SSL support +$rcmail_config['enable_spellcheck'] = true; + +// Enables spellchecker exceptions dictionary. +// Setting it to 'shared' will make the dictionary shared by all users. +$rcmail_config['spellcheck_dictionary'] = false; + +// Set the spell checking engine. 'googie' is the default. 'pspell' is also available, +// but requires the Pspell extensions. When using Nox Spell Server, also set 'googie' here. +$rcmail_config['spellcheck_engine'] = 'googie'; + +// For a locally installed Nox Spell Server, please specify the URI to call it. +// Get Nox Spell Server from http://orangoo.com/labs/?page_id=72 +// Leave empty to use the Google spell checking service, what means +// that the message content will be sent to Google in order to check spelling +$rcmail_config['spellcheck_uri'] = ''; + +// These languages can be selected for spell checking. +// Configure as a PHP style hash array: array('en'=>'English', 'de'=>'Deutsch'); +// Leave empty for default set of available language. +$rcmail_config['spellcheck_languages'] = NULL; + +// Makes that words with all letters capitalized will be ignored (e.g. GOOGLE) +$rcmail_config['spellcheck_ignore_caps'] = false; + +// Makes that words with numbers will be ignored (e.g. g00gle) +$rcmail_config['spellcheck_ignore_nums'] = false; + +// Makes that words with symbols will be ignored (e.g. g@@gle) +$rcmail_config['spellcheck_ignore_syms'] = false; + +// Use this char/string to separate recipients when composing a new message +$rcmail_config['recipients_separator'] = ','; + +// don't let users set pagesize to more than this value if set +$rcmail_config['max_pagesize'] = 200; + +// Minimal value of user's 'keep_alive' setting (in seconds) +// Must be less than 'session_lifetime' +$rcmail_config['min_keep_alive'] = 60; + +// Enables files upload indicator. Requires APC installed and enabled apc.rfc1867 option. +// By default refresh time is set to 1 second. You can set this value to true +// or any integer value indicating number of seconds. +$rcmail_config['upload_progress'] = false; + +// Specifies for how many seconds the Undo button will be available +// after object delete action. Currently used with supporting address book sources. +// Setting it to 0, disables the feature. +$rcmail_config['undo_timeout'] = 0; + +// ---------------------------------- +// ADDRESSBOOK SETTINGS +// ---------------------------------- + +// This indicates which type of address book to use. Possible choises: +// 'sql' (default) and 'ldap'. +// If set to 'ldap' then it will look at using the first writable LDAP +// address book as the primary address book and it will not display the +// SQL address book in the 'Address Book' view. +$rcmail_config['address_book_type'] = 'sql'; + +// In order to enable public ldap search, configure an array like the Verisign +// example further below. if you would like to test, simply uncomment the example. +// Array key must contain only safe characters, ie. a-zA-Z0-9_ +$rcmail_config['ldap_public'] = array(); + +// If you are going to use LDAP for individual address books, you will need to +// set 'user_specific' to true and use the variables to generate the appropriate DNs to access it. +// +// The recommended directory structure for LDAP is to store all the address book entries +// under the users main entry, e.g.: +// +// o=root +// ou=people +// uid=user@domain +// mail=contact@contactdomain +// +// So the base_dn would be uid=%fu,ou=people,o=root +// The bind_dn would be the same as based_dn or some super user login. +/* + * example config for Verisign directory + * +$rcmail_config['ldap_public']['Verisign'] = array( + 'name' => 'Verisign.com', + // Replacement variables supported in host names: + // %h - user's IMAP hostname + // %n - http hostname ($_SERVER['SERVER_NAME']) + // %d - domain (http hostname without the first part) + // %z - IMAP domain (IMAP hostname without the first part) + // For example %n = mail.domain.tld, %d = domain.tld + 'hosts' => array('directory.verisign.com'), + 'port' => 389, + 'use_tls' => false, + 'ldap_version' => 3, // using LDAPv3 + 'user_specific' => false, // If true the base_dn, bind_dn and bind_pass default to the user's IMAP login. + // %fu - The full username provided, assumes the username is an email + // address, uses the username_domain value if not an email address. + // %u - The username prior to the '@'. + // %d - The domain name after the '@'. + // %dc - The domain name hierarchal string e.g. "dc=test,dc=domain,dc=com" + // %dn - DN found by ldap search when search_filter/search_base_dn are used + 'base_dn' => '', + 'bind_dn' => '', + 'bind_pass' => '', + // It's possible to bind for an individual address book + // The login name is used to search for the DN to bind with + 'search_base_dn' => '', + 'search_filter' => '', // e.g. '(&(objectClass=posixAccount)(uid=%u))' + // DN and password to bind as before searching for bind DN, if anonymous search is not allowed + 'search_bind_dn' => '', + 'search_bind_pw' => '', + // Default for %dn variable if search doesn't return DN value + 'search_dn_default' => '', + // Optional authentication identifier to be used as SASL authorization proxy + // bind_dn need to be empty + 'auth_cid' => '', + // SASL authentication method (for proxy auth), e.g. DIGEST-MD5 + 'auth_method' => '', + // Indicates if the addressbook shall be hidden from the list. + // With this option enabled you can still search/view contacts. + 'hidden' => false, + // Indicates if the addressbook shall not list contacts but only allows searching. + 'searchonly' => false, + // Indicates if we can write to the LDAP directory or not. + // If writable is true then these fields need to be populated: + // LDAP_Object_Classes, required_fields, LDAP_rdn + 'writable' => false, + // To create a new contact these are the object classes to specify + // (or any other classes you wish to use). + 'LDAP_Object_Classes' => array('top', 'inetOrgPerson'), + // The RDN field that is used for new entries, this field needs + // to be one of the search_fields, the base of base_dn is appended + // to the RDN to insert into the LDAP directory. + 'LDAP_rdn' => 'cn', + // The required fields needed to build a new contact as required by + // the object classes (can include additional fields not required by the object classes). + 'required_fields' => array('cn', 'sn', 'mail'), + 'search_fields' => array('mail', 'cn'), // fields to search in + // mapping of contact fields to directory attributes + // for every attribute one can specify the number of values (limit) allowed. + // default is 1, a wildcard * means unlimited + 'fieldmap' => array( + // Roundcube => LDAP:limit + 'name' => 'cn', + 'surname' => 'sn', + 'firstname' => 'givenName', + 'title' => 'title', + 'email' => 'mail:*', + 'phone:home' => 'homePhone', + 'phone:work' => 'telephoneNumber', + 'phone:mobile' => 'mobile', + 'phone:pager' => 'pager', + 'street' => 'street', + 'zipcode' => 'postalCode', + 'region' => 'st', + 'locality' => 'l', +// if you uncomment country, you need to modify 'sub_fields' above +// 'country' => 'c', + 'department' => 'departmentNumber', + 'notes' => 'description', +// these currently don't work: +// 'phone:workfax' => 'facsimileTelephoneNumber', +// 'photo' => 'jpegPhoto', +// 'organization' => 'o', +// 'manager' => 'manager', +// 'assistant' => 'secretary', + ), + // Map of contact sub-objects (attribute name => objectClass(es)), e.g. 'c' => 'country' + 'sub_fields' => array(), + 'sort' => 'cn', // The field to sort the listing by. + 'scope' => 'sub', // search mode: sub|base|list + 'filter' => '(objectClass=inetOrgPerson)', // used for basic listing (if not empty) and will be &'d with search queries. example: status=act + 'fuzzy_search' => true, // server allows wildcard search + 'vlv' => false, // Enable Virtual List View to more efficiently fetch paginated data (if server supports it) + 'numsub_filter' => '(objectClass=organizationalUnit)', // with VLV, we also use numSubOrdinates to query the total number of records. Set this filter to get all numSubOrdinates attributes for counting + 'sizelimit' => '0', // Enables you to limit the count of entries fetched. Setting this to 0 means no limit. + 'timelimit' => '0', // Sets the number of seconds how long is spend on the search. Setting this to 0 means no limit. + 'referrals' => true|false, // Sets the LDAP_OPT_REFERRALS option. Mostly used in multi-domain Active Directory setups + + // definition for contact groups (uncomment if no groups are supported) + // for the groups base_dn, the user replacements %fu, %u, $d and %dc work as for base_dn (see above) + // if the groups base_dn is empty, the contact base_dn is used for the groups as well + // -> in this case, assure that groups and contacts are separated due to the concernig filters! + 'groups' => array( + 'base_dn' => '', + 'scope' => 'sub', // search mode: sub|base|list + 'filter' => '(objectClass=groupOfNames)', + 'object_classes' => array("top", "groupOfNames"), + 'member_attr' => 'member', // name of the member attribute, e.g. uniqueMember + 'name_attr' => 'cn', // attribute to be used as group name + ), +); +*/ + +// An ordered array of the ids of the addressbooks that should be searched +// when populating address autocomplete fields server-side. ex: array('sql','Verisign'); +$rcmail_config['autocomplete_addressbooks'] = array('sql'); + +// The minimum number of characters required to be typed in an autocomplete field +// before address books will be searched. Most useful for LDAP directories that +// may need to do lengthy results building given overly-broad searches +$rcmail_config['autocomplete_min_length'] = 1; + +// Number of parallel autocomplete requests. +// If there's more than one address book, n parallel (async) requests will be created, +// where each request will search in one address book. By default (0), all address +// books are searched in one request. +$rcmail_config['autocomplete_threads'] = 0; + +// Max. numer of entries in autocomplete popup. Default: 15. +$rcmail_config['autocomplete_max'] = 15; + +// show address fields in this order +// available placeholders: {street}, {locality}, {zipcode}, {country}, {region} +$rcmail_config['address_template'] = '{street}
{locality} {zipcode}
{country} {region}'; + +// Matching mode for addressbook search (including autocompletion) +// 0 - partial (*abc*), default +// 1 - strict (abc) +// 2 - prefix (abc*) +// Note: For LDAP sources fuzzy_search must be enabled to use 'partial' or 'prefix' mode +$rcmail_config['addressbook_search_mode'] = 0; + +// ---------------------------------- +// USER PREFERENCES +// ---------------------------------- + +// Use this charset as fallback for message decoding +//$rcmail_config['default_charset'] = 'ISO-8859-1'; +$rcmail_config['default_charset'] = 'UTF-8'; + +// skin name: folder from skins/ +$rcmail_config['skin'] = 'larry'; + +// show up to X items in messages list view +$rcmail_config['mail_pagesize'] = 50; + +// show up to X items in contacts list view +$rcmail_config['addressbook_pagesize'] = 50; + +// sort contacts by this col (preferably either one of name, firstname, surname) +$rcmail_config['addressbook_sort_col'] = 'surname'; + +// the way how contact names are displayed in the list +// 0: display name +// 1: (prefix) firstname middlename surname (suffix) +// 2: (prefix) surname firstname middlename (suffix) +// 3: (prefix) surname, firstname middlename (suffix) +$rcmail_config['addressbook_name_listing'] = 0; + +// use this timezone to display date/time +// valid timezone identifers are listed here: php.net/manual/en/timezones.php +// 'auto' will use the browser's timezone settings +$rcmail_config['timezone'] = 'auto'; + +// prefer displaying HTML messages +$rcmail_config['prefer_html'] = true; + +// display remote inline images +// 0 - Never, always ask +// 1 - Ask if sender is not in address book +// 2 - Always show inline images +$rcmail_config['show_images'] = 0; + +// compose html formatted messages by default +// 0 - never, 1 - always, 2 - on reply to HTML message only +$rcmail_config['htmleditor'] = 0; + +// show pretty dates as standard +$rcmail_config['prettydate'] = true; + +// save compose message every 300 seconds (5min) +$rcmail_config['draft_autosave'] = 300; + +// default setting if preview pane is enabled +$rcmail_config['preview_pane'] = false; + +// Mark as read when viewed in preview pane (delay in seconds) +// Set to -1 if messages in preview pane should not be marked as read +$rcmail_config['preview_pane_mark_read'] = 0; + +// Clear Trash on logout +$rcmail_config['logout_purge'] = false; + +// Compact INBOX on logout +$rcmail_config['logout_expunge'] = false; + +// Display attached images below the message body +$rcmail_config['inline_images'] = true; + +// Encoding of long/non-ascii attachment names: +// 0 - Full RFC 2231 compatible +// 1 - RFC 2047 for 'name' and RFC 2231 for 'filename' parameter (Thunderbird's default) +// 2 - Full 2047 compatible +$rcmail_config['mime_param_folding'] = 1; + +// Set true if deleted messages should not be displayed +// This will make the application run slower +$rcmail_config['skip_deleted'] = false; + +// Set true to Mark deleted messages as read as well as deleted +// False means that a message's read status is not affected by marking it as deleted +$rcmail_config['read_when_deleted'] = true; + +// Set to true to never delete messages immediately +// Use 'Purge' to remove messages marked as deleted +$rcmail_config['flag_for_deletion'] = false; + +// Default interval for keep-alive/check-recent requests (in seconds) +// Must be greater than or equal to 'min_keep_alive' and less than 'session_lifetime' +$rcmail_config['keep_alive'] = 60; + +// If true all folders will be checked for recent messages +$rcmail_config['check_all_folders'] = false; + +// If true, after message delete/move, the next message will be displayed +$rcmail_config['display_next'] = false; + +// 0 - Do not expand threads +// 1 - Expand all threads automatically +// 2 - Expand only threads with unread messages +$rcmail_config['autoexpand_threads'] = 0; + +// When replying place cursor above original message (top posting) +$rcmail_config['top_posting'] = false; + +// When replying strip original signature from message +$rcmail_config['strip_existing_sig'] = true; + +// Show signature: +// 0 - Never +// 1 - Always +// 2 - New messages only +// 3 - Forwards and Replies only +$rcmail_config['show_sig'] = 1; + +// When replying or forwarding place sender's signature above existing message +$rcmail_config['sig_above'] = false; + +// Use MIME encoding (quoted-printable) for 8bit characters in message body +$rcmail_config['force_7bit'] = false; + +// Defaults of the search field configuration. +// The array can contain a per-folder list of header fields which should be considered when searching +// The entry with key '*' stands for all folders which do not have a specific list set. +// Please note that folder names should to be in sync with $rcmail_config['default_folders'] +$rcmail_config['search_mods'] = null; // Example: array('*' => array('subject'=>1, 'from'=>1), 'Sent' => array('subject'=>1, 'to'=>1)); + +// Defaults of the addressbook search field configuration. +$rcmail_config['addressbook_search_mods'] = null; // Example: array('name'=>1, 'firstname'=>1, 'surname'=>1, 'email'=>1, '*'=>1); + +// 'Delete always' +// This setting reflects if mail should be always deleted +// when moving to Trash fails. This is necessary in some setups +// when user is over quota and Trash is included in the quota. +$rcmail_config['delete_always'] = false; + +// Directly delete messages in Junk instead of moving to Trash +$rcmail_config['delete_junk'] = true; + +// Behavior if a received message requests a message delivery notification (read receipt) +// 0 = ask the user, 1 = send automatically, 2 = ignore (never send or ask) +// 3 = send automatically if sender is in addressbook, otherwise ask the user +// 4 = send automatically if sender is in addressbook, otherwise ignore +$rcmail_config['mdn_requests'] = 0; + +// Return receipt checkbox default state +$rcmail_config['mdn_default'] = 0; + +// Delivery Status Notification checkbox default state +$rcmail_config['dsn_default'] = 0; + +// Place replies in the folder of the message being replied to +$rcmail_config['reply_same_folder'] = false; + +// Sets default mode of Forward feature to "forward as attachment" +$rcmail_config['forward_attachment'] = false; + +// Defines address book (internal index) to which new contacts will be added +// By default it is the first writeable addressbook. +// Note: Use '0' for built-in address book. +$rcmail_config['default_addressbook'] = null; + +// Enables spell checking before sending a message. +$rcmail_config['spellcheck_before_send'] = false; + +// Skip alternative email addresses in autocompletion (show one address per contact) +$rcmail_config['autocomplete_single'] = false; + +// Default font for composed HTML message. +// Supported values: Andale Mono, Arial, Arial Black, Book Antiqua, Courier New, +// Georgia, Helvetica, Impact, Tahoma, Terminal, Times New Roman, Trebuchet MS, Verdana +$rcmail_config['default_font'] = ''; + +// end of config file diff --git a/install/ubuntu/13.10/roundcube/vesta.php b/install/ubuntu/13.10/roundcube/vesta.php new file mode 100644 index 000000000..8fb202a44 --- /dev/null +++ b/install/ubuntu/13.10/roundcube/vesta.php @@ -0,0 +1,62 @@ + + */ + + function password_save($curpass, $passwd) + { + $rcmail = rcmail::get_instance(); + $vesta_host = $rcmail->config->get('password_vesta_host'); + + if (empty($vesta_host)) + { + $vesta_host = 'localhost'; + } + + $vesta_port = $rcmail->config->get('password_vesta_port'); + if (empty($vesta_port)) + { + $vesta_port = '8083'; + } + + $postvars = array( + 'email' => $_SESSION['username'], + 'password' => $curpass, + 'new' => $passwd + ); + + $postdata = http_build_query($postvars); + + $send = 'POST /reset/mail/ HTTP/1.1' . PHP_EOL; + $send .= 'Host: ' . $vesta_host . PHP_EOL; + $send .= 'User-Agent: PHP Script' . PHP_EOL; + $send .= 'Content-length: ' . strlen($postdata) . PHP_EOL; + $send .= 'Content-type: application/x-www-form-urlencoded' . PHP_EOL; + $send .= 'Connection: close' . PHP_EOL; + $send .= PHP_EOL; + $send .= $postdata . PHP_EOL . PHP_EOL; + + $fp = fsockopen('ssl://' . $vesta_host, $vesta_port); + fputs($fp, $send); + $result = fread($fp, 2048); + fclose($fp); + + $fp = fopen("/tmp/roundcube.log", 'w'); + fwrite($fp, "test ok"); + fwrite($fp, "\n"); + fclose($fp); + + + if(strpos($result, 'ok') && !strpos($result, 'error')) + { + return PASSWORD_SUCCESS; + } + else { + return PASSWORD_ERROR; + } + + } diff --git a/install/ubuntu/13.10/sudo/admin b/install/ubuntu/13.10/sudo/admin new file mode 100644 index 000000000..47e16098c --- /dev/null +++ b/install/ubuntu/13.10/sudo/admin @@ -0,0 +1,7 @@ +# Created by vesta installer +Defaults env_keep="VESTA" +Defaults:admin !syslog +Defaults:admin !requiretty + +admin ALL=(ALL) ALL +admin ALL=NOPASSWD:/usr/local/vesta/bin/* diff --git a/install/ubuntu/13.10/templates.tar.gz b/install/ubuntu/13.10/templates.tar.gz new file mode 100644 index 0000000000000000000000000000000000000000..ce385d269736561780cb42d07b447572cebc7831 GIT binary patch literal 12935 zcmb8URZyHw7p{#YxCM6!?iL`pyF0-l1b6qr-ARz(?ruQ`4^D7`y9DZuAm^Lf{USGsP}RK+Ga`Vs-jJz6Gn9?|BB0`1J6{51&0u1-A(wAoe9`E z6vFFF9$veAdvSRue)_)Gm@QM;@XM>>0=l8*YwY(9{W9)%`RepE;+hLbGq^pv&)ZB8 z+UJ~^_R)U-TTXk!Dy_wd_uoOXH4L}g?^PzZPuwP_giL3A>ZWfDXn-)&+Nm*ctt9Ro zzkcM%b@(K34skWxW)xsdtReG-76iG!9zTrl!oGPF7;opAZ02sl{ChtK1-k6$74E0VejNdmSy38^P3J)Cf1-Zx6e}P#H|JTn7qDvR7!;<+EIe1bS^)*sfD>N50hnQeUnWn zFzTjnL@U1lj|+WjgiikibRW$cPRdAL&8qe8hhbL;eScs!{aa2e*ND-B@$C?!=FCH< z^~s6$i*H`*kGD%$(}!nN!-i^SK>feAX?tMl#;i>zYY8Z`ECzfKVqt*R8<=8~zX--| zp;5yq0um(a)tI)s77x-MFxzhqcEg>lUcYlUq3I%=BpHOc@9K0o`I|be`;KOZlPvIB zYPgu1K~sfidwaY51A@~Wj7>yn42>vAGk#;tx;$*i{Tj6kqc=v+*(I%@AYAhrX~N;| zsVvA7PqoV(G?;0HJg6vh&eRaE17Z&1XD^^m<9eM*0(N776F=<%FzIiF?uy&r%&Ith z($#hX`j!7uj9H2R{rU{N=PLxlanOBhsI7S?)T^%aha@c0@_qh;CBcDNWES-e-~)fv zKigBvPb(cGbwntTr}EF(Q@xXKhVB`e-a8%S*l`ESQcI($yR@DW58K>x`0eP=t{3FKGSRo{uR6e(#H$&Qk ziC(*DUd~E%L)b3adpbv^tUcfN-g!`|C&cJ1X1#Uf_)CxL)Nh*j`pF^P*h863`SqXQ zg13_gtU|4xc-=An4!LsgqoX7@RS6zE)~IG#7NVepDyvEys@ z*$PQ2+eaoBb0@g~!FfY{w&eW}2otfFH4Awx?+i4UTqKU9Msn|(jpkA`XF_p8f*;Gn z9L1&GhDc|*yuCLG-|=WcA)WpAU9RB1w;Ngfulms@WDka*s@ijS2qmv<#;))b^5lUU z=HFlCf<5Rae4^TxH~n=d+@}UT>ttwW+H7C9wHUk!zS2}Jn0%FsMP>-nm`%?Dvs3yy z??763L80Q*Rh#*37V&&Ki%&c8iRi;i0)q|h~vc@%bYbL1kN>=-s0)-cON^Yodi1Kp3KXZ?pJLJKh-(zS?3;W z_;?d?YEg^fIWXfiX5v%K>gFrBUWMWDt8$u757-_T*qr;5k05jG{9I(tE=SDl>LwbTE`79%21I)E>;jq#e6Zxg-5dBfX*LMqh0umSQ2o-uO{D#!-7F0 zt~unv(iXbV2M^9c5n7c7K$B>N6pd^P*}&%wtiwWZ{bfP9OHXMTl08vcbFrD z(tHawlPyRE$*!c`0m7l-Pvp5Q_Pat{0~Dh_4gZd`l}u@}M4~mv&SmMuS7^r%Wn~uq zDqKZF+?smlPthH3MLeow@zTVFU>x21VNhNwDk8cvhNkl@+9BPK*!M5L&+R0kee~yQ zPn}B|<6e{AKH)Dhip&S|Jk~lF8B&Q#0*H@e3Bvustg<_4jnw0wH|&nuh)5ZYv$8&$ ze0Ps<)-;-cSR$PHPBrE|Ixj&aUhNGLjt0Aq!;`_w4)LBhBGJL`c_AgtI_u458364a zyI=%x%|FrU9>hVO4BemNuI-QD|F$&GD+1kr=U;d8=%_LxVT@ayQ(F-=;QMZ8{vPKJ z?ukakSmd&E-!Ni-8iY&<_rjv>IVyWs?P&0iTHJnl&X`v}Ay>DqpoHQQ|s!d4G~E&r^`Y6YC@j@?kZMe1n5pC=`GcHJkG3W z5(?_>(qygL-S8?#O53fJl>}U2-MV%B57eWX!ymAeW%H;a+XqP)dTi2skTBzi%<~2v zxlZq}1SFPfDBdt;T&1y&x9|sD9Jxk2ZNhDT*5KkF`&pBM=fd07G|I9UGqc361TVIe zu~^RmxsUz2H)gt=vuhw!&|Iu^iP00M8eu^so#6dZ{g0D)KGogXh?!@MOR(*FPJ zm7qA-wlYTl3Ry^A)jHQYopA;vvH^9bKuyLG6wq>q zff!S2f&Z?Ll@N}|C=^mQKx9K!T-|pb*-AC)O|Kl<9aVNL&i@srzYQ29#R6!tZ`<$b z9>u@B3(S56Z9o4_A-eLUV|bMh@qMMb;JdPZ>nQxe>hUNZ3-}<8zqsJOi0>oq%%^iK zgwuWD2!@{=K@GIQaRF`~C42HM7$3pJ9%%tn3G; z?H;2Ge(>) z(=BPRn!e6)!2SX0KT1|(*)tWB!xgAc7>gIa=nR)oEH}?x#mJ+v?r^)}N2K4KAUbp| zUIj@q`cHAY4MrV4-i0#WQO>kjAdSD!O)9qY=Kg){Hv9bLl4r)fX1c8}BbsnYXI&2a z-^AuMfeo6ktzS=Z4dGsm^NHrTz26bpuX|5!jTfhTXKY)DSkHh152l+0`{(ixt-1}< zbcxD|X}Cn6+$4PvCs#n;9KHU?Soz__!yta#1Fk=gL{xHKT-`$@o%Z&QZUo=_fucBO zX%X!4T*$@URhRLQU5g(O5n}p!`F-s6VLJ~3jNC$DE>%Av|CPUCKphIW{HM!N>214K zPLRXxw<5aqh{A0-l&*iU2347mnmw?Rn==6ZFB&hAyorD^TD|_0m(2&&eOIaOu&{7A zbPBcNTLx1@-!|#9Vwn8d(ZN%9`jOL}MzkbP^qjAccW|JGyPrY7h&2umnN#_^dJHF{ zOB{p}ar*T6YLnODjtbtG58(3x8uaFBaL_YcVMA1+oq!J!4lPK))@Z}FDp|+LiYu@a zDhcT0{)c>eSVllD2-xGI$zn3BGz3RAl6R;i~4yG{UyOwT+XbQ(0Z@>8mFH@g7 ziUCEdW5>xZ$>UU4&YUx``3njQnH$%4&*_t&6rTdA_NWq~-QO(L#++e~3_y&ICmW%t zwWuzG&5QL5lUHGu$Xdoe#VF1nGjK3PhBB?zbg|kK*L3bD5>X0@dtyFXo9$yU$eDCS z4m8s#jO;GzQ$(VviZ;qIHPv1O1oDF@%(3Mc&y8!AGYYcw8C!53XW|V?A4U1i89d8a zfHX$Tg~$=r)@Hu7S=n8B1i5`Uo<;K?)DR|%utBHffOjx;Mb95{kT%i1c@A0%8k!-C zAlzjUf#S1gL==<2N>v@yp}YBg>T>oe_~#l#mF8co8Vh_+AF7$yXdD7`-@C+2Tx#SP zg_Hism7-12$uPu$Te@bYRq1;Mf0)h}Q*6@uS!kel9kq%N=F+6qHJAUSr3YeA_;t`A zCh%rjXP`mw(}pN@%&>NU#darNKr?JOc`Slin%wLcpOy^eS1bn5DoQf9tf97<>@%w) z%U{-vi4mnBwB68v4Vxn^a(f6glwJ08*T;d-oc!R&u!ZHpkVT%51c`h}QAP47|G}9i z%l(M240*qAMlJ786>N;f?A<*Zh1=5-hdCQu!#|WMPdkDu*teb#WqH{{YASc>N3Jz9 ztB{}ldKN$4GK<**IgiC()Q_7cfCavw85koN*v33hRrrRZlVWnjrKowDc$hyZ+rqZW z{<|U7ObZjrp|Na5NU?a0*gCrz@~#if@(4J$UeUkvm4fQC6Qx63h#I4y%7&+B2>5l{GtlExn3}7CZBn4L9P1oLF4yf;MU@j$x@+RDoSE?Yh-W@>dTTdZsAU+bF zzF?DvW%XkO5hs?eGlJ29$s5HoO|krX#8?(?YpFpTRr>qvxV}QWjOQqWspz$DqM4*P zMJoz=^20Q*j+#xJeNn@7T^rt>rZV}yks>B8wU868$B)DYg`^b0F5;7PpUeM6PO{D;%#AZ<&uCMl$~8h4S#zweCGPL%EW-cEa; zlJyhIO{&-**NGLL_jSk*xb7)uabTMVK#i(1P1N;+Z?%O20}+uOHsZyx-Yc!a5G=E; z!5Gf;8xS8kXbja?dj$C)Y=^#aI;@Ss3W}OX_eoWw{5A7}0<87>5!?2jG`b&d%+<`$ zDspmaE6JBW-QeMh?~*;?$t597P1woPcn@>l5@k$LXuZD9^PL|rS8fy55&%RUj)0dF z2aJ>c6)YTj)ejqjkpBg=Y1TJB{cUlAT3%bA5p>-%omgcm=G17f5G#wgE=O}k1jLr9 zv%Ni8o?5_Ejb36EiCs3Ya+6YmcS1Is`X{iLb9iHywh`F2fX&q#aK$-bTV@5=Fg8lT zaz4YJzTbhAV6i|)5CjVfK7g9J!>+pTf2ZAnP#wwiRsmIVAYkHI+(h{i9*AcrL{8$n>IJ~)+8beVHq_}#Sf=o6$M zUrU@c`ulZr#P=?13#d>j^~(&M-ghCH(RFr8ZRV9I8xOc9LV+FnXrek|QRi%}rPf-D zVxiN8+r_?*%cYfEoeQ_dEPrL>EEFvH5i!2R31S1mK1)5lwPv|cPHVbE8l2xRmV4eaqLbfa*X>9N==^WH#klhCO(?7%3)y!SA;LlZO zH+!?ky9K;)R31}&5GIu{@oegzO?w2lbAAE=O=#wvdWh%jI`9GUUi}_Vmy^-iuLUo= z7cn`9O{P#}2AOE9MLZl}_pLw?+7T3!3A*r#(R-EukMCjIVf;RKH zS=q_{rnO-f2yOXXUG6Yo<|R6EF;;q=P&hh-XpJZ%f`QVEzez-Z)K}ef)vbJ=1QO*? zW;gt~BA+TFW}umxS0kGy_%6TOKrZIBUvwlX{-2Qm#!*#Vu=$0NCN`83vi5IA7Ej-* zm-RO(2CH~@APZNj@aD5t{7G_LuE~mO<48WPs?bsj#)O=f;F&QR@D7x^4}WZi*tm8z zSTGy;J45gM?BS~GwtOZ=W-w83IKI-2-etNX?+s`1#3T#EPi z96E!g_>x)Ghe3mq?-l#7sorYH0SZm7eaE_9rS*EQZvrzQ+hTNd%#nDPq@KW_kkAGdp z8bvYu*BrDYc#Jg!zlx)U#Nmm7(JJjKD;^!%;>PPD=6O#d=-t7cf} zA(nJ*jXv5scRMt-A+MqOXRg8^=nBy@c>f}sv{)=s5@#AeYbLW6fJb7orLTP~nY19J z4AXq4cYlMFHcKuN>qY=^-igkn&ae6U;g`o9aQ@$s*7=*a!LQ7X?R#r#>~V_@0`+U< zRqOW~J!-j|y-%MKvDl?>$>J8%z7upPiNEH-Ll|V|GE~KdK6h7PU{Ssc&EAF!CmDD< zC{TT0M{nM&mUpP^%vs0}_3O%-_9QL^y}eG~T^&mQeyj+iV&DP&;p|!2A1;|n2V7yA zVkmb7!ssi?Hj4FE-%ic_WWI39n8JtK$0ECoJg1jp#R7;MbYp2UjGPwlETTx=1XJIO zgykH&9aY^2kbnO%6dKQQKK;Z9u->|A7MsVfCAzCmZ~IlBQb}w}Hq6`2uT+dPAfTq( z6PDv1^Xp~SUbH!c1>+|rj=fL?a~E_m(WH;i_{5%bW=G>`!s;g7kgTb#gSvJzPmTXx z^P*p4t6Wo~8;CcbRMgj)(Uph%^w;>Tyqr3`K(C&f_4yxBD0uTa1EqE>nQJ#ZbeFcZ zfh6Wf$eHd8XVrf1r;FoqssnR91-j#$>)~u_{G`h-aX5s+t*P|*opw^(%pMUR1yqS= zli1wu=@gSZxaFC1St@FR@*1w%7%?Srb>>)UiC4XM zV)x?=sGjGOtx=3A>1)@A{14O+9$C--P~87@&8zZ#+rKtl`M3QGrfYDO{jhz}reg?r zm4-bOn09axOvNT$(>W<~)@?;vzz}vE=0%kTErWU*-?vI)S*Sx`@UOJ~QR6;Gs;DN{ zD0(5(gj?dyVMk6vatr%}J0;}_C%0KaRe^rwOCPc|APbgmtH`y7;b8T;WB8rf7A zjl2?3#Pfykp^-*!#?}5_+cvH^M@Ln*@C{8Q>#WitdID9bOl)S zjPVW{R>8JMiFqiXuU9)}`q21&_vp=ejcVqyXYl8;-bXkbf(!BPO;hl?HeUkp=PCsN z47KK-eutxdc)Rf*1Uo}v7fA^~Wpz;7<|+E~Hsfoup%xD;IpJYJV@N?96LTN>Y3<|0 zY~ft&-s`6>v%uYFYU$(pyHiUhtadBo&u(!{Fsvgj9QEig&|Ji<6>qBnBzQ>J9R=P5MMb`t=J4Y`%7#a zaeXIwq=m^aGw9WB5tU}+3j4mw`weN5OK{n$ej2bzMziC>p^2BqRU+NZL-CRQTSl8R z(foTpQnu2Ui@qpl>?wbryH=q{Jb_8VnTtFdA?%L(=E`l37DL&NROMo3g0e)~h)>=^ zSn?t9THlSrhNyU*ph_<3Zce5~@YJOwlv4=$={o~j>{Gnl>8$i)(K95-Lp+NNig$^$ zd%9KXy3&bDIRMkEm)RGLg(|i8PxW8j69~9f)bNcU>NEIgV zF7`+8Wj7Jec`dZ1$yN1n)1ZT`wR_6GxuC^^Cq|V#xyHcqv%yjc0Tq!R#ltSzLSJQ{ zc=m0dAi?$>cIGSk%4jUPv8S50-*J0$w!P&GL1j5!nN++DxVy9KT{d$v#Y*H8J_0x1 z@*O0878_Xue;im_3q`$hxZJ;Qho>apEraSXu(CSVw?Ou_yNcN z-LG5GmSC4fu&PlAej>$%Twi*N{(7Gm#bS?qy@KZrTz&_tt2?|02uFZwM%{U!q4YI9 zSnWmd^tiMjJvca1I~5AnJH`gBI|2)txBtzqmI$9g4fLX}&s6hfiXv$c+8ZD75i_r6 z{a=8`wCN7Z8sNE@U+(>h;J+H=3sZg+7bs8y11?FtE%$Y9A-@j5TY$3BS=HQACd}-` zNeF0QbV>n8$_-6k7{A%bxhkoz@(`FzCxMh+(o{##EFXBvJfuE_TJRJ0z4MR#R*%yG zNgn)e%hu;~ayiVZdwHV<`PcDm#n-`D6Dw$%H+{tFaZuZHH*SC6SF_zio~!sV6dwaZ z-qAXV;cUj`W3kU?&oEsr3i+6is%3lnbG~pbBu>tEH$NaUPv>!(WUIj>wl{JqfvmhQ ztmsA$<``V~3451dM^@j%fe#$gH={2E-Oj0(!{fyslB!yrp(eX=i;(xifRAvirYps1 zsl0x`)q2Xro@lsoYkm5mOY4v!wk%53#WNgm!R!5UelhE^g$aT_kDzv8<1rfG4(!xA zM-00+4(}=WERwgpfvFN%zfV5W-n<|Xlu|Nmv2NO+CVyOU%CPAsnIfH!Qs(~YKVr4= z2?IU@ReR8vb19_*$%~<{1G%&ME_ojn_|pl zMUaLcGJk*HiO|~OkyC{aOi!0RyS+LUszMqT&PE{($q;aZ*9lCYJ@(p672?t_F_Bjy zUCr=v&5RJv92S~kaj2V8nuc?*l0Z2!xAN!57C9Gx_w?WFNaw*sOl=w!lyK7Wyy}yX zI(d;iHLPnopc=tOyP^IZ^eU4ut90Fl7z%4{@Iy}B_Cf$Vaj$X&pq&ieRP^(DQbk55 zbH5yX{OXbqws7a4sQ(J3l`$2}r7gD@IAPq%D$5CCEr@xsf}@|rl?<^8f3Lc892{_a zADziqLnJOP?C0fwI~je{5M4vWC@vaw^Y1};Oc*Zh=_LAMr?HeVLJ~Dx%mBkM4)_y0 zLmmY0>_cFS2wU*)HH`q)6e`-*tN
JXql@HLvN@Zghx7di_zx{Jl{l=j8>Rd0iuIDly5)|igW-~8Wh{82vJVRya(Gh28$Tg zNYvQTi%N?bCT;d~G|V4#+1?=$n)3*Hxd;vcbUYEFUd2Vb0A2Nu&?ll{P)8UPg|y7h zt|X>^>LNVb{#blXPfp^$?bprv6EHIeJC+ep4Snj{tkXIm5nFTt8ER^2OuVN!m)S0X zvQb6&n|xqJy&%>~Sa#2_Yw!4`{PZWwbk?(I*2wCsAP|b1st=@4l>#FI_0_}g{H+*3$S0l%u3ywW7$1|v! zaSpbH0u!@>L3X&jg3KQY$hH&phHZrY?~(zKk;K(>(uzNUH- zAZr2aY7}3oR5yTsUaxfjflMoKr|}3vF~{kr4v~c0PlCr#@)7#+3hHvro10o+MqFfo zt~mW?mKeRX>@k4lKg0BMFm;nxaf$PA{1_x*m9s`ei8?E;LBeQjPh;<^BC`vhy=8L5 z7V&1ruJ_U4bC3GCMbrm^YMib4{f-))$Pn`w@a>Pczvf0da-TC@FN1z}mO*A+i99yD z?0_qiI--5?Hby9TD1ip5FaHrL{|FqiUo?X}p29l2ChO3TRP!Rgae*d8XFjXt@lt+2 z(l{O@3MS9x?sg^QXz>(gRF%k(P@nrEjix>Us|FT-+Fwyk>$Q|s_U^a(#+sJf>R0Nk`o%iVEFD>Xu zX43CaBLt7SlSZr>sgwQU=RQ?pa1EU9vC%~c0OR;rBBGUX^6$}2?3>@PSr6go;#A(uRDeJ?r@yt7-{CNjWf$})#`?+ zFPi}mLdWU?k8*Asj=i8JW*@(>J$VC6@%xc~i?g{NFuI%b>=Cb=x3dd$gWg89atW(} zpW$UJH1jFz$K_|Mdo@4XPjjfTLC3Gi)5C_Tc`q8ZDaaS`YX<7~dyc5&+<)V>LrNWw zh|!H@H;_j8_QnQ8l%L8S%>>Q6l5&oGx5~mB7`a#+TWdF^-blaz8YHi*1i^s*##_FvY061=ALqeLd@J$ksHKP z6_vt~i+S&GRR-uk{ed{m2-yA_H6$NcWKeg!b{27o$qN>%+`hm|M zjQrW{eCJpuGlA6OeZNfM*=pe}a)<^~85he}>OE)56_#oGj@puBeg(|;|IxYaXiy&W z-AMMgq<11R%N9ux>R`07CGmPg{W}5dS5v*+RO%`%2QJ-e;6wr@WSo`q^vbpL23}{-71LD?wbSfJb|su5Qg-`CAXhJ6+on33>{I+|^K- zwa7vH3&QmHz2^_T7v2|u1D=jPRs7J?tysxYHt}Nodch%A_&)zMU(j;!`Bbyj0TGQZ zgoKK6jAUQ9a@LP44T9G;z`OFrKX#;sY}9qa3lXQEOut~tlYwZ(?ZXJ~+*(Uv8-?OC zK@NPFkb5V}86w*SD@mDPYD@YSWld@SMH-SkDS26r`r#wM>+(6gP5fS^a8F+sQQ$AA z4fhEU3Tg%Pg)azCL0)w80A(D^hvW*Ci3fRZR8*wwYt}`wMO=4aP7;2-&-EBPV(4cC zH*B^a>!6#azD6inJFwDaC@>201+*`Gm|-5GvFBj>dq9HttUjkJrGq6*7Q}3zGXi^! z+6TPWFZ3J%%rLWIfEKuFqgw;~m|n%79-+Vtadf%`#ET?~C{b#zg9h=&%IS%aFFo`# zNz8vjOOT+`_?p3T0XSE|Ij;d14@Pq^7o$@=1#quf2em$bvWY{l25Q3mFo194!B^Wsg34TJo+;u3;H zh)L68Y8_|n67v>dYp`@xip(ip-0eD;*)jEGuvc-g zmy*qWG(*DDS}Ym#Gs_tjzdh+(;~4jRG3r_pG74zmV*LXIOvP)OSizs4Wc%`@)hbqp5NwjpbcWEw62}W!p z*6|8cobtEeznxZ0F6#XOvo1E@jd zVB@0*+6D6lQ4$(WvC9keSb2MA9kh3)cKl`9lI2`X<_~1cx(V?8$?dig&%>`jKhcrH zGOhC<_!_p)3f}RjY-u8T-)7A%ex2|e`Rq7Da7~%Th32T?PtqT*=7(eaSVvv~-XwzU zrcyVdjp8A8p^dJmXd|m`kJnSJW01feAbrsqaPu~szeWfXH#`8EGGv~_Dbt?S*;r3P z+}1k^|A$;`Hk=Q!Cmfl|LH)`E&U7(tYJ?`&ZzQ9ySb(Eg9}x1|R_ir(zeM42xB=w)0Si$1$NjQTY`AjI?K{SLxzowsX7ZMHi$ zLFA$2ZD*1Z4Y)}Z#W9$I5IUBjLTV9>dp?^gk?KBz@EG=l>nNr+5t2=F1r$$z^twyC zNq{ZCUfd`A7U@Z{&xR!>o4_Fi9-f2LSp%6b(gEM6f_|W}=o0nyXB*!)CA5X?cic3J zQfWU@t(aj(LiOCyeCJL?@YViMMpdULAq2o{4EXP50tIP88CBjjggq-9$J2RU%|1>q zpK9HJ|NC{fQ9kR~e+8N762QdQ|MQ{p$7c{aOq^LnAo95Hae$Uw>hrTlC*Tu)^?A$3rSL#CItz$MK1{#+IIg(P~= zJ>=DZL*G&lxs#hoNz(_dN*L8V2j_f`aP`%iuGN*yF>+%qw-)11PM{Ar!r$TT66xe0 zJsjRCsn&DIEa4m7=bPVKn!*bfTNzcp&L<~ax@$1iqFZ}7yN0u?f+oy$MkR(f!+NWZ z(u|hpY)YTt9dFxTw(*2$}hHhUwJ08-EcnsmZ)-)(-JHS9zNH zKz3TfERImV)15?rnW04WX@E~}+rox?xSHL$^QCcO*4XBhp0L50c!+rg6KCGVIEZH< z+t~QG?0*37FdMe)O?Rm8h(vuncDQHxsj;!;~aoa;ky5pJO-1#@P4%gP=#nVflB&Rn9tL>xE=c2rAyI*><1|WYKK{@dlzKc(0vzK>Hzj6;_pI3=EkI&^?r z%~mU;QU1%QT{_gI%1{qhL;4q3N@E!ZSjS;&haPdV+Yz=5OS2lGrd+ev_TcPdT71{*QLSCls~=|+ynm} z-o9y$nn?iQ;7Um&Bp>mzL+}%Dk*DeLQvxUCHP@_(zF`DUGd5J*c*7E^@Y?4B`~c9eHy;l}b<2I*SECD}i)|-wJLnUGN}~_Ce$cmPWlvGO{qt{5 zuU{^}k9m*)tlyx`v5H1FHee|FjReBJAikh=v)yb9Tgln!p#qUigH#v`%S}~@s9fsh z3r`b*c;yokkH11-cCcrp1UWqGkLaQUs|R|BbzRST__8HjWQy%pcMXo=h8P>QhKn9; zszXG5{30ITQ>UfzkHZns5=6fz1B`yd(`Ds2SKN|eYsdXXIlQ%YPN~{AvNMq^gQkvMwNdVoXleSVR zlX;$}T{H>n{;XpA{b=84d{AQVR+*RIQs%f3!|w}zgK1AhRp`0PcGzz%%9-EkmzBK1 zmk2syi~NO4GPKo&JG(qM?Hes)SJK0go@%q&E9t+dkv1g;81K5OrgB8T7_6)BHlYN4 zShcQtoDHhOKluPAYVXEX1hb5NchbG3qfJ{x!h33I--$j;U#;Zp;%Cr#aN}L4XbE^$ zF{juQPJh$?b}jnX0amS$Qkf%&Oix~}CO{HVi&4ajtls!f2O~i!>A+ogm2@VY3;7-s zA=_=+jZ%6^(bY_;okh{_&%ZlwQa6EP7OB$N+iO2ba(^C_TirN2UWkYn@9th + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + SSLRequireSSL + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %docroot% + + + AllowOverride All + + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/13.10/templates/web/apache2/basedir.tpl b/install/ubuntu/13.10/templates/web/apache2/basedir.tpl new file mode 100755 index 000000000..75daf0e10 --- /dev/null +++ b/install/ubuntu/13.10/templates/web/apache2/basedir.tpl @@ -0,0 +1,35 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %docroot% + + + AllowOverride All + + + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/13.10/templates/web/apache2/default.stpl b/install/ubuntu/13.10/templates/web/apache2/default.stpl new file mode 100755 index 000000000..e884a95b9 --- /dev/null +++ b/install/ubuntu/13.10/templates/web/apache2/default.stpl @@ -0,0 +1,40 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + SSLRequireSSL + Options +Includes -Indexes +ExecCGI + + + AllowOverride All + + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/13.10/templates/web/apache2/default.tpl b/install/ubuntu/13.10/templates/web/apache2/default.tpl new file mode 100755 index 000000000..073724ce0 --- /dev/null +++ b/install/ubuntu/13.10/templates/web/apache2/default.tpl @@ -0,0 +1,34 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes +ExecCGI + + + AllowOverride All + + + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/13.10/templates/web/apache2/hosting.stpl b/install/ubuntu/13.10/templates/web/apache2/hosting.stpl new file mode 100755 index 000000000..7a5d7787f --- /dev/null +++ b/install/ubuntu/13.10/templates/web/apache2/hosting.stpl @@ -0,0 +1,49 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + SSLRequireSSL + Options +Includes -Indexes +ExecCGI + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value upload_max_filesize 10M + php_admin_value max_execution_time 20 + php_admin_value post_max_size 8M + php_admin_value memory_limit 32M + php_admin_flag mysql.allow_persistent off + php_admin_flag safe_mode off + php_admin_value session.save_path %home%/%user%/tmp + php_admin_value sendmail_path '/usr/sbin/sendmail -t -i -f %email%' + + + AllowOverride All + + php_admin_value open_basedir %home%/%user%/web:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/13.10/templates/web/apache2/hosting.tpl b/install/ubuntu/13.10/templates/web/apache2/hosting.tpl new file mode 100755 index 000000000..ab844dc74 --- /dev/null +++ b/install/ubuntu/13.10/templates/web/apache2/hosting.tpl @@ -0,0 +1,43 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value upload_max_filesize 10M + php_admin_value max_execution_time 20 + php_admin_value post_max_size 8M + php_admin_value memory_limit 32M + php_admin_flag mysql.allow_persistent off + php_admin_flag safe_mode off + php_admin_value session.save_path %home%/%user%/tmp + php_admin_value sendmail_path '/usr/sbin/sendmail -t -i -f %email%' + + + AllowOverride All + + php_admin_value open_basedir %home%/%user%/web:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/13.10/templates/web/apache2/phpcgi.sh b/install/ubuntu/13.10/templates/web/apache2/phpcgi.sh new file mode 100755 index 000000000..6565e103d --- /dev/null +++ b/install/ubuntu/13.10/templates/web/apache2/phpcgi.sh @@ -0,0 +1,16 @@ +#!/bin/bash +# Adding php wrapper +user="$1" +domain="$2" +ip="$3" +home_dir="$4" +docroot="$5" + +wrapper_script='#!/usr/bin/php-cgi -cphp5-cgi.ini' +wrapper_file="$home_dir/$user/web/$domain/cgi-bin/php" + +echo "$wrapper_script" > $wrapper_file +chown $user:$user $wrapper_file +chmod -f 751 $wrapper_file + +exit 0 diff --git a/install/ubuntu/13.10/templates/web/apache2/phpcgi.stpl b/install/ubuntu/13.10/templates/web/apache2/phpcgi.stpl new file mode 100755 index 000000000..aa5137308 --- /dev/null +++ b/install/ubuntu/13.10/templates/web/apache2/phpcgi.stpl @@ -0,0 +1,35 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + SSLRequireSSL + AllowOverride All + Options +Includes -Indexes +ExecCGI + Action phpcgi-script /cgi-bin/php + + SetHandler phpcgi-script + + + + AllowOverride All + + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/13.10/templates/web/apache2/phpcgi.tpl b/install/ubuntu/13.10/templates/web/apache2/phpcgi.tpl new file mode 100755 index 000000000..a05ff252d --- /dev/null +++ b/install/ubuntu/13.10/templates/web/apache2/phpcgi.tpl @@ -0,0 +1,28 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes +ExecCGI + Action phpcgi-script /cgi-bin/php + + SetHandler phpcgi-script + + + + AllowOverride All + + IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/13.10/templates/web/apache2/phpfcgid.sh b/install/ubuntu/13.10/templates/web/apache2/phpfcgid.sh new file mode 100755 index 000000000..e80582492 --- /dev/null +++ b/install/ubuntu/13.10/templates/web/apache2/phpfcgid.sh @@ -0,0 +1,22 @@ +#!/bin/bash +# Adding php wrapper +user="$1" +domain="$2" +ip="$3" +home_dir="$4" +docroot="$5" + +wrapper_script="#!/bin/sh +PHPRC=/usr/local/lib +export PHPRC +export PHP_FCGI_MAX_REQUESTS=1000 +export PHP_FCGI_CHILDREN=20 +exec /usr/bin/php-cgi +" +wrapper_file="$home_dir/$user/web/$domain/cgi-bin/fcgi-starter" + +echo "$wrapper_script" > $wrapper_file +chown $user:$user $wrapper_file +chmod -f 751 $wrapper_file + +exit 0 diff --git a/install/ubuntu/13.10/templates/web/apache2/phpfcgid.stpl b/install/ubuntu/13.10/templates/web/apache2/phpfcgid.stpl new file mode 100755 index 000000000..622495756 --- /dev/null +++ b/install/ubuntu/13.10/templates/web/apache2/phpfcgid.stpl @@ -0,0 +1,36 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + SSLRequireSSL + AllowOverride All + Options +Includes -Indexes +ExecCGI + + SetHandler fcgid-script + + FCGIWrapper %home%/%user%/web/%domain%/cgi-bin/fcgi-starter .php + + + AllowOverride All + + php_admin_value open_basedir none + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/13.10/templates/web/apache2/phpfcgid.tpl b/install/ubuntu/13.10/templates/web/apache2/phpfcgid.tpl new file mode 100755 index 000000000..5c1f16e20 --- /dev/null +++ b/install/ubuntu/13.10/templates/web/apache2/phpfcgid.tpl @@ -0,0 +1,28 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes +ExecCGI + + SetHandler fcgid-script + + FCGIWrapper %home%/%user%/web/%domain%/cgi-bin/fcgi-starter .php + + + AllowOverride All + + IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/13.10/templates/web/awstats/awstats.tpl b/install/ubuntu/13.10/templates/web/awstats/awstats.tpl new file mode 100755 index 000000000..9a92e0fd4 --- /dev/null +++ b/install/ubuntu/13.10/templates/web/awstats/awstats.tpl @@ -0,0 +1,133 @@ +LogFile="/var/log/%web_system%/domains/%domain%.log" +LogType=W +LogFormat=1 +LogSeparator=" " +SiteDomain="%domain_idn%" +HostAliases="%alias_idn%" +DirData="%home%/%user%/web/%domain%/stats" +DirCgi="/vstats" +DirIcons="/vstats/icon" +AllowToUpdateStatsFromBrowser=0 +AllowFullYearView=2 +EnableLockForUpdate=1 +DNSStaticCacheFile="dnscache.txt" +DNSLastUpdateCacheFile="dnscachelastupdate.txt" +SkipDNSLookupFor="" +AllowAccessFromWebToAuthenticatedUsersOnly=0 +AllowAccessFromWebToFollowingAuthenticatedUsers="" +AllowAccessFromWebToFollowingIPAddresses="" +CreateDirDataIfNotExists=0 +BuildHistoryFormat=text +BuildReportFormat=html +SaveDatabaseFilesWithPermissionsForEveryone=0 +PurgeLogFile=0 +ArchiveLogRecords=0 +KeepBackupOfHistoricFiles=1 +DefaultFile="index.php index.html" +SkipHosts="127.0.0.1 +SkipUserAgents="" +SkipFiles="" +SkipReferrersBlackList="" +OnlyHosts="" +OnlyUserAgents="" +OnlyUsers="" +OnlyFiles="" +NotPageList="css js class gif jpg jpeg png bmp ico rss xml swf" +ValidHTTPCodes="200 304" +ValidSMTPCodes="1 250" +AuthenticatedUsersNotCaseSensitive=0 +URLNotCaseSensitive=0 +URLWithAnchor=0 +URLQuerySeparators="?;" +URLWithQuery=0 +URLWithQueryWithOnlyFollowingParameters="" +URLWithQueryWithoutFollowingParameters="" +URLReferrerWithQuery=0 +WarningMessages=1 +ErrorMessages="" +DebugMessages=0 +NbOfLinesForCorruptedLog=50 +WrapperScript="" +DecodeUA=0 +MiscTrackerUrl="/js/awstats_misc_tracker.js" +UseFramesWhenCGI=1 +DetailedReportsOnNewWindows=1 +Expires=3600 +MaxRowsInHTMLOutput=1000 +Lang="auto" +DirLang="./lang" +ShowMenu=1 +ShowSummary=UVPHB +ShowMonthStats=UVPHB +ShowDaysOfMonthStats=VPHB +ShowDaysOfWeekStats=PHB +ShowHoursStats=PHB +ShowDomainsStats=PHB +ShowHostsStats=PHBL +ShowAuthenticatedUsers=0 +ShowRobotsStats=HBL +ShowWormsStats=0 +ShowEMailSenders=0 +ShowEMailReceivers=0 +ShowSessionsStats=1 +ShowPagesStats=PBEX +ShowFileTypesStats=HB +ShowFileSizesStats=0 +ShowDownloadsStats=HB +ShowOSStats=1 +ShowBrowsersStats=1 +ShowScreenSizeStats=0 +ShowOriginStats=PH +ShowKeyphrasesStats=1 +ShowKeywordsStats=1 +ShowMiscStats=a +ShowHTTPErrorsStats=1 +ShowSMTPErrorsStats=0 +ShowClusterStats=0 +AddDataArrayMonthStats=1 +AddDataArrayShowDaysOfMonthStats=1 +AddDataArrayShowDaysOfWeekStats=1 +AddDataArrayShowHoursStats=1 +IncludeInternalLinksInOriginSection=0 +MaxNbOfDomain = 10 +MinHitDomain = 1 +MaxNbOfHostsShown = 10 +MinHitHost = 1 +MaxNbOfLoginShown = 10 +MinHitLogin = 1 +MaxNbOfRobotShown = 10 +MinHitRobot = 1 +MaxNbOfDownloadsShown = 10 +MinHitDownloads = 1 +MaxNbOfPageShown = 10 +MinHitFile = 1 +MaxNbOfOsShown = 10 +MinHitOs = 1 +MaxNbOfBrowsersShown = 10 +MinHitBrowser = 1 +MaxNbOfScreenSizesShown = 5 +MinHitScreenSize = 1 +MaxNbOfWindowSizesShown = 5 +MinHitWindowSize = 1 +MaxNbOfRefererShown = 10 +MinHitRefer = 1 +MaxNbOfKeyphrasesShown = 10 +MinHitKeyphrase = 1 +MaxNbOfKeywordsShown = 10 +MinHitKeyword = 1 +MaxNbOfEMailsShown = 20 +MinHitEMail = 1 +FirstDayOfWeek=0 +ShowFlagLinks="" +ShowLinksOnUrl=1 +UseHTTPSLinkForUrl="" +MaxLengthOfShownURL=64 +HTMLHeadSection="" +HTMLEndSection="" +MetaRobot=0 +Logo="awstats_logo6.png" +LogoLink="http://awstats.sourceforge.net" +BarWidth = 260 +BarHeight = 90 +StyleSheet="" +ExtraTrackedRowsLimit=500 diff --git a/install/ubuntu/13.10/templates/web/awstats/index.tpl b/install/ubuntu/13.10/templates/web/awstats/index.tpl new file mode 100755 index 000000000..9df9bb5cb --- /dev/null +++ b/install/ubuntu/13.10/templates/web/awstats/index.tpl @@ -0,0 +1,10 @@ + + + + Awstats log analyzer + + + + + + diff --git a/install/ubuntu/13.10/templates/web/awstats/nav.tpl b/install/ubuntu/13.10/templates/web/awstats/nav.tpl new file mode 100755 index 000000000..f29bed68b --- /dev/null +++ b/install/ubuntu/13.10/templates/web/awstats/nav.tpl @@ -0,0 +1,23 @@ + + + Awstats navigation + + + + + + + + +
vesta
+ +
+
+ + diff --git a/install/ubuntu/13.10/templates/web/nginx/caching.sh b/install/ubuntu/13.10/templates/web/nginx/caching.sh new file mode 100755 index 000000000..6eb9126db --- /dev/null +++ b/install/ubuntu/13.10/templates/web/nginx/caching.sh @@ -0,0 +1,12 @@ +#!/bin/bash + +user=$1 +domain=$2 +ip=$3 +home=$4 +docroot=$5 + +str="proxy_cache_path /var/cache/nginx/$domain levels=2" +str="$str keys_zone=$domain:10m inactive=60m max_size=512m;" +echo "$str" >> /etc/nginx/conf.d/01_caching_pool.conf + diff --git a/install/ubuntu/13.10/templates/web/nginx/caching.stpl b/install/ubuntu/13.10/templates/web/nginx/caching.stpl new file mode 100755 index 000000000..ca6cffe32 --- /dev/null +++ b/install/ubuntu/13.10/templates/web/nginx/caching.stpl @@ -0,0 +1,44 @@ +server { + listen %ip%:%proxy_ssl_port%; + server_name %domain_idn% %alias_idn%; + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass http://%ip%:%web_port%; + + proxy_cache cache; + proxy_cache_valid 15m; + proxy_cache_valid 404 1m; + proxy_no_cache $no_cache; + proxy_cache_bypass $no_cache; + proxy_cache_bypass $cookie_session $http_x_update; + + location ~* ^.+\.(%proxy_extentions%)$ { + proxy_cache off; + root %docroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass http://%ip%:%web_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.10/templates/web/nginx/caching.tpl b/install/ubuntu/13.10/templates/web/nginx/caching.tpl new file mode 100755 index 000000000..36761b65c --- /dev/null +++ b/install/ubuntu/13.10/templates/web/nginx/caching.tpl @@ -0,0 +1,41 @@ +server { + listen %ip%:%proxy_port%; + server_name %domain_idn% %alias_idn%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass http://%ip%:%web_port%; + + proxy_cache cache; + proxy_cache_valid 15m; + proxy_cache_valid 404 1m; + proxy_no_cache $no_cache; + proxy_cache_bypass $no_cache; + proxy_cache_bypass $cookie_session $http_x_update; + + location ~* ^.+\.(%proxy_extentions%)$ { + proxy_cache off; + root %docroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass http://%ip%:%web_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.10/templates/web/nginx/default.stpl b/install/ubuntu/13.10/templates/web/nginx/default.stpl new file mode 100755 index 000000000..fa5380606 --- /dev/null +++ b/install/ubuntu/13.10/templates/web/nginx/default.stpl @@ -0,0 +1,36 @@ +server { + listen %ip%:%proxy_ssl_port%; + server_name %domain_idn% %alias_idn%; + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass https://%ip%:%web_ssl_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %sdocroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass https://%ip%:%web_ssl_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} + diff --git a/install/ubuntu/13.10/templates/web/nginx/default.tpl b/install/ubuntu/13.10/templates/web/nginx/default.tpl new file mode 100755 index 000000000..4d5c774bc --- /dev/null +++ b/install/ubuntu/13.10/templates/web/nginx/default.tpl @@ -0,0 +1,33 @@ +server { + listen %ip%:%proxy_port%; + server_name %domain_idn% %alias_idn%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass http://%ip%:%web_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %docroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass http://%ip%:%web_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} + diff --git a/install/ubuntu/13.10/templates/web/nginx/hosting.sh b/install/ubuntu/13.10/templates/web/nginx/hosting.sh new file mode 100755 index 000000000..eeed37ef9 --- /dev/null +++ b/install/ubuntu/13.10/templates/web/nginx/hosting.sh @@ -0,0 +1,11 @@ +#!/bin/bash +# Changing public_html permission +user="$1" +domain="$2" +ip="$3" +home_dir="$4" +docroot="$5" + +chmod 755 $docroot + +exit 0 diff --git a/install/ubuntu/13.10/templates/web/nginx/hosting.stpl b/install/ubuntu/13.10/templates/web/nginx/hosting.stpl new file mode 100755 index 000000000..d778d6333 --- /dev/null +++ b/install/ubuntu/13.10/templates/web/nginx/hosting.stpl @@ -0,0 +1,38 @@ +server { + listen %ip%:%proxy_ssl_port%; + server_name %domain_idn% %alias_idn%; + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass https://%ip%:%web_ssl_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %sdocroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass https://%ip%:%web_ssl_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + disable_symlinks if_not_owner from=%docroot%; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} + diff --git a/install/ubuntu/13.10/templates/web/nginx/hosting.tpl b/install/ubuntu/13.10/templates/web/nginx/hosting.tpl new file mode 100755 index 000000000..15961c95c --- /dev/null +++ b/install/ubuntu/13.10/templates/web/nginx/hosting.tpl @@ -0,0 +1,35 @@ +server { + listen %ip%:%proxy_port%; + server_name %domain_idn% %alias_idn%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass http://%ip%:%web_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %docroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass http://%ip%:%web_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + disable_symlinks if_not_owner from=%docroot%; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} + diff --git a/install/ubuntu/13.10/templates/web/nginx/php5-fpm/cms_made_simple.stpl b/install/ubuntu/13.10/templates/web/nginx/php5-fpm/cms_made_simple.stpl new file mode 100644 index 000000000..01d82b603 --- /dev/null +++ b/install/ubuntu/13.10/templates/web/nginx/php5-fpm/cms_made_simple.stpl @@ -0,0 +1,51 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php?page=$request_uri; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.10/templates/web/nginx/php5-fpm/cms_made_simple.tpl b/install/ubuntu/13.10/templates/web/nginx/php5-fpm/cms_made_simple.tpl new file mode 100644 index 000000000..af452d19f --- /dev/null +++ b/install/ubuntu/13.10/templates/web/nginx/php5-fpm/cms_made_simple.tpl @@ -0,0 +1,47 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php?page=$request_uri; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.10/templates/web/nginx/php5-fpm/codeigniter2.stpl b/install/ubuntu/13.10/templates/web/nginx/php5-fpm/codeigniter2.stpl new file mode 100644 index 000000000..a592a652d --- /dev/null +++ b/install/ubuntu/13.10/templates/web/nginx/php5-fpm/codeigniter2.stpl @@ -0,0 +1,56 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location = /index.php { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME /var/www/html/ci$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location ~ \.php$ { + return 444; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.10/templates/web/nginx/php5-fpm/codeigniter2.tpl b/install/ubuntu/13.10/templates/web/nginx/php5-fpm/codeigniter2.tpl new file mode 100644 index 000000000..9b955aa6a --- /dev/null +++ b/install/ubuntu/13.10/templates/web/nginx/php5-fpm/codeigniter2.tpl @@ -0,0 +1,52 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location = /index.php { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME /var/www/html/ci$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location ~ \.php$ { + return 444; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.10/templates/web/nginx/php5-fpm/codeigniter3.stpl b/install/ubuntu/13.10/templates/web/nginx/php5-fpm/codeigniter3.stpl new file mode 100644 index 000000000..4d330d34f --- /dev/null +++ b/install/ubuntu/13.10/templates/web/nginx/php5-fpm/codeigniter3.stpl @@ -0,0 +1,51 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.10/templates/web/nginx/php5-fpm/codeigniter3.tpl b/install/ubuntu/13.10/templates/web/nginx/php5-fpm/codeigniter3.tpl new file mode 100644 index 000000000..1f446e5d3 --- /dev/null +++ b/install/ubuntu/13.10/templates/web/nginx/php5-fpm/codeigniter3.tpl @@ -0,0 +1,47 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.10/templates/web/nginx/php5-fpm/datalife_engine.stpl b/install/ubuntu/13.10/templates/web/nginx/php5-fpm/datalife_engine.stpl new file mode 100644 index 000000000..d1b5bcd24 --- /dev/null +++ b/install/ubuntu/13.10/templates/web/nginx/php5-fpm/datalife_engine.stpl @@ -0,0 +1,122 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + rewrite "^/page/([0-9]+)(/?)$" /index.php?cstart=$1 last; + + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&cstart=$5&news_name=$6&seourl=$6 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/print:page,([0-9]+),(.*).html(/?)+$" /engine/print.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_name=$4&seourl=$4 last; + + rewrite "^/([^.]+)/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$4&news_page=$2&cstart=$3&seourl=$5&seocat=$1 last; + rewrite "^/([^.]+)/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$2&seourl=$4&seocat=$1 last; + rewrite "^/([^.]+)/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$2&newsid=$3&seourl=$4&seocat=$1 last; + rewrite "^/([^.]+)/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&seourl=$3&seocat=$1 last; + + rewrite "^/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$1&cstart=$2&seourl=$4 last; + rewrite "^/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&news_page=$1&seourl=$3 last; + rewrite "^/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$1&newsid=$2&seourl=$3 last; + rewrite "^/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$1&seourl=$2 last; + + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2&day=$3 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&day=$3&cstart=$4 last; + + rewrite "^/([0-9]{4})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2 last; + rewrite "^/([0-9]{4})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&cstart=$3 last; + + rewrite "^/([0-9]{4})(/?)+$" /index.php?year=$1 last; + rewrite "^/([0-9]{4})/page/([0-9]+)(/?)+$" /index.php?year=$1&cstart=$2 last; + + rewrite "^/tags/([^/]*)(/?)+$" /index.php?do=tags&tag=$1 last; + rewrite "^/tags/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=tags&tag=$1&cstart=$2 last; + + rewrite "^/xfsearch/([^/]*)(/?)+$" /index.php?do=xfsearch&xf=$1 last; + rewrite "^/xfsearch/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=xfsearch&xf=$1&cstart=$2 last; + + rewrite "^/user/([^/]*)/rss.xml$" /engine/rss.php?subaction=allnews&user=$1 last; + rewrite "^/user/([^/]*)(/?)+$" /index.php?subaction=userinfo&user=$1 last; + rewrite "^/user/([^/]*)/page/([0-9]+)(/?)+$" /index.php?subaction=userinfo&user=$1&cstart=$2 last; + rewrite "^/user/([^/]*)/news(/?)+$" /index.php?subaction=allnews&user=$1 last; + rewrite "^/user/([^/]*)/news/page/([0-9]+)(/?)+$" /index.php?subaction=allnews&user=$1&cstart=$2 last; + rewrite "^/user/([^/]*)/news/rss.xml(/?)+$" /engine/rss.php?subaction=allnews&user=$1 last; + + rewrite "^/lastnews(/?)+$" /index.php?do=lastnews last; + rewrite "^/lastnews/page/([0-9]+)(/?)+$" /index.php?do=lastnews&cstart=$1 last; + + rewrite "^/catalog/([^/]*)/rss.xml$" /engine/rss.php?catalog=$1 last; + rewrite "^/catalog/([^/]*)(/?)+$" /index.php?catalog=$1 last; + rewrite "^/catalog/([^/]*)/page/([0-9]+)(/?)+$" /index.php?catalog=$1&cstart=$2 last; + + rewrite "^/newposts(/?)+$" /index.php?subaction=newposts last; + rewrite "^/newposts/page/([0-9]+)(/?)+$" /index.php?subaction=newposts&cstart=$1 last; + + rewrite "^/favorites(/?)+$" /index.php?do=favorites last; + rewrite "^/favorites/page/([0-9]+)(/?)+$" /index.php?do=favorites&cstart=$1 last; + + rewrite "^/rules.html$" /index.php?do=rules last; + rewrite "^/statistics.html$" /index.php?do=stats last; + rewrite "^/addnews.html$" /index.php?do=addnews last; + rewrite "^/rss.xml$" /engine/rss.php last; + rewrite "^/sitemap.xml$" /uploads/sitemap.xml last; + + if (!-d $request_filename) { + rewrite "^/([^.]+)/page/([0-9]+)(/?)+$" /index.php?do=cat&category=$1&cstart=$2 last; + rewrite "^/([^.]+)/?$" /index.php?do=cat&category=$1 last; + } + + if (!-f $request_filename) { + rewrite "^/([^.]+)/rss.xml$" /engine/rss.php?do=cat&category=$1 last; + rewrite "^/page,([0-9]+),([^/]+).html$" /index.php?do=static&page=$2&news_page=$1 last; + rewrite "^/print:([^/]+).html$" /engine/print.php?do=static&page=$1 last; + } + + if (!-f $request_filename) { + rewrite "^/([^/]+).html$" /index.php?do=static&page=$1 last; + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.10/templates/web/nginx/php5-fpm/datalife_engine.tpl b/install/ubuntu/13.10/templates/web/nginx/php5-fpm/datalife_engine.tpl new file mode 100644 index 000000000..ff33c2325 --- /dev/null +++ b/install/ubuntu/13.10/templates/web/nginx/php5-fpm/datalife_engine.tpl @@ -0,0 +1,118 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + rewrite "^/page/([0-9]+)(/?)$" /index.php?cstart=$1 last; + + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&cstart=$5&news_name=$6&seourl=$6 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/print:page,([0-9]+),(.*).html(/?)+$" /engine/print.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_name=$4&seourl=$4 last; + + rewrite "^/([^.]+)/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$4&news_page=$2&cstart=$3&seourl=$5&seocat=$1 last; + rewrite "^/([^.]+)/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$2&seourl=$4&seocat=$1 last; + rewrite "^/([^.]+)/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$2&newsid=$3&seourl=$4&seocat=$1 last; + rewrite "^/([^.]+)/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&seourl=$3&seocat=$1 last; + + rewrite "^/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$1&cstart=$2&seourl=$4 last; + rewrite "^/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&news_page=$1&seourl=$3 last; + rewrite "^/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$1&newsid=$2&seourl=$3 last; + rewrite "^/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$1&seourl=$2 last; + + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2&day=$3 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&day=$3&cstart=$4 last; + + rewrite "^/([0-9]{4})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2 last; + rewrite "^/([0-9]{4})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&cstart=$3 last; + + rewrite "^/([0-9]{4})(/?)+$" /index.php?year=$1 last; + rewrite "^/([0-9]{4})/page/([0-9]+)(/?)+$" /index.php?year=$1&cstart=$2 last; + + rewrite "^/tags/([^/]*)(/?)+$" /index.php?do=tags&tag=$1 last; + rewrite "^/tags/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=tags&tag=$1&cstart=$2 last; + + rewrite "^/xfsearch/([^/]*)(/?)+$" /index.php?do=xfsearch&xf=$1 last; + rewrite "^/xfsearch/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=xfsearch&xf=$1&cstart=$2 last; + + rewrite "^/user/([^/]*)/rss.xml$" /engine/rss.php?subaction=allnews&user=$1 last; + rewrite "^/user/([^/]*)(/?)+$" /index.php?subaction=userinfo&user=$1 last; + rewrite "^/user/([^/]*)/page/([0-9]+)(/?)+$" /index.php?subaction=userinfo&user=$1&cstart=$2 last; + rewrite "^/user/([^/]*)/news(/?)+$" /index.php?subaction=allnews&user=$1 last; + rewrite "^/user/([^/]*)/news/page/([0-9]+)(/?)+$" /index.php?subaction=allnews&user=$1&cstart=$2 last; + rewrite "^/user/([^/]*)/news/rss.xml(/?)+$" /engine/rss.php?subaction=allnews&user=$1 last; + + rewrite "^/lastnews(/?)+$" /index.php?do=lastnews last; + rewrite "^/lastnews/page/([0-9]+)(/?)+$" /index.php?do=lastnews&cstart=$1 last; + + rewrite "^/catalog/([^/]*)/rss.xml$" /engine/rss.php?catalog=$1 last; + rewrite "^/catalog/([^/]*)(/?)+$" /index.php?catalog=$1 last; + rewrite "^/catalog/([^/]*)/page/([0-9]+)(/?)+$" /index.php?catalog=$1&cstart=$2 last; + + rewrite "^/newposts(/?)+$" /index.php?subaction=newposts last; + rewrite "^/newposts/page/([0-9]+)(/?)+$" /index.php?subaction=newposts&cstart=$1 last; + + rewrite "^/favorites(/?)+$" /index.php?do=favorites last; + rewrite "^/favorites/page/([0-9]+)(/?)+$" /index.php?do=favorites&cstart=$1 last; + + rewrite "^/rules.html$" /index.php?do=rules last; + rewrite "^/statistics.html$" /index.php?do=stats last; + rewrite "^/addnews.html$" /index.php?do=addnews last; + rewrite "^/rss.xml$" /engine/rss.php last; + rewrite "^/sitemap.xml$" /uploads/sitemap.xml last; + + if (!-d $request_filename) { + rewrite "^/([^.]+)/page/([0-9]+)(/?)+$" /index.php?do=cat&category=$1&cstart=$2 last; + rewrite "^/([^.]+)/?$" /index.php?do=cat&category=$1 last; + } + + if (!-f $request_filename) { + rewrite "^/([^.]+)/rss.xml$" /engine/rss.php?do=cat&category=$1 last; + rewrite "^/page,([0-9]+),([^/]+).html$" /index.php?do=static&page=$2&news_page=$1 last; + rewrite "^/print:([^/]+).html$" /engine/print.php?do=static&page=$1 last; + } + + if (!-f $request_filename) { + rewrite "^/([^/]+).html$" /index.php?do=static&page=$1 last; + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.10/templates/web/nginx/php5-fpm/default.stpl b/install/ubuntu/13.10/templates/web/nginx/php5-fpm/default.stpl new file mode 100644 index 000000000..a68c99861 --- /dev/null +++ b/install/ubuntu/13.10/templates/web/nginx/php5-fpm/default.stpl @@ -0,0 +1,50 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.10/templates/web/nginx/php5-fpm/default.tpl b/install/ubuntu/13.10/templates/web/nginx/php5-fpm/default.tpl new file mode 100644 index 000000000..b143e53ba --- /dev/null +++ b/install/ubuntu/13.10/templates/web/nginx/php5-fpm/default.tpl @@ -0,0 +1,46 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.10/templates/web/nginx/php5-fpm/dokuwiki.stpl b/install/ubuntu/13.10/templates/web/nginx/php5-fpm/dokuwiki.stpl new file mode 100644 index 000000000..27483cd8c --- /dev/null +++ b/install/ubuntu/13.10/templates/web/nginx/php5-fpm/dokuwiki.stpl @@ -0,0 +1,67 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + index doku.php; + try_files $uri $uri/ @dokuwiki; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location ^~ /lib/ { + expires 30d; + } + + location ^~ /conf/ { return 403; } + location ^~ /data/ { return 403; } + + location @dokuwiki { + rewrite ^/_media/(.*) /lib/exe/fetch.php?media=$1 last; + rewrite ^/_detail/(.*) /lib/exe/detail.php?media=$1 last; + rewrite ^/_export/([^/]+)/(.*) /doku.php?do=export_$1&id=$2 last; + rewrite ^/(.*) /doku.php?id=$1 last; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.10/templates/web/nginx/php5-fpm/dokuwiki.tpl b/install/ubuntu/13.10/templates/web/nginx/php5-fpm/dokuwiki.tpl new file mode 100644 index 000000000..31647c9ff --- /dev/null +++ b/install/ubuntu/13.10/templates/web/nginx/php5-fpm/dokuwiki.tpl @@ -0,0 +1,62 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + index doku.php; + try_files $uri $uri/ @dokuwiki; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location ^~ /lib/ { + expires 30d; + } + + location ^~ /conf/ { return 403; } + location ^~ /data/ { return 403; } + location @dokuwiki { + rewrite ^/_media/(.*) /lib/exe/fetch.php?media=$1 last; + rewrite ^/_detail/(.*) /lib/exe/detail.php?media=$1 last; + rewrite ^/_export/([^/]+)/(.*) /doku.php?do=export_$1&id=$2 last; + rewrite ^/(.*) /doku.php?id=$1 last; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.10/templates/web/nginx/php5-fpm/drupal.stpl b/install/ubuntu/13.10/templates/web/nginx/php5-fpm/drupal.stpl new file mode 100644 index 000000000..9a5484396 --- /dev/null +++ b/install/ubuntu/13.10/templates/web/nginx/php5-fpm/drupal.stpl @@ -0,0 +1,101 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~* \.(txt|log)$ { + allow 192.168.0.0/16; + deny all; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + # No no for private + location ~ ^/sites/.*/private/ { + return 403; + } + + # Block access to "hidden" files and directories whose names begin with a + # period. This includes directories used by version control systems such + # as Subversion or Git to store control files. + location ~ (^|/)\. { + return 403; + } + + location / { + try_files $uri @rewrite; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $request_filename; + fastcgi_intercept_errors on; + include /etc/nginx/fastcgi_params; + } + } + + location @rewrite { + # You have 2 options here + # For D7 and above: + # Clean URLs are handled in drupal_environment_initialize(). + rewrite ^ /index.php; + + # For Drupal 6 and bwlow: + # Some modules enforce no slash (/) at the end of the URL + # Else this rewrite block wouldn't be needed (GlobalRedirect) + #rewrite ^/(.*)$ /index.php?q=$1; + } + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.10/templates/web/nginx/php5-fpm/drupal.tpl b/install/ubuntu/13.10/templates/web/nginx/php5-fpm/drupal.tpl new file mode 100644 index 000000000..417762c18 --- /dev/null +++ b/install/ubuntu/13.10/templates/web/nginx/php5-fpm/drupal.tpl @@ -0,0 +1,98 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + # Very rarely should these ever be accessed outside of your lan + location ~* \.(txt|log)$ { + allow 192.168.0.0/16; + deny all; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + # No no for private + location ~ ^/sites/.*/private/ { + return 403; + } + + # Block access to "hidden" files and directories whose names begin with a + # period. This includes directories used by version control systems such + # as Subversion or Git to store control files. + location ~ (^|/)\. { + return 403; + } + + location / { + try_files $uri @rewrite; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $request_filename; + fastcgi_intercept_errors on; + include /etc/nginx/fastcgi_params; + } + } + + location @rewrite { + # You have 2 options here + # For D7 and above: + # Clean URLs are handled in drupal_environment_initialize(). + rewrite ^ /index.php; + + # For Drupal 6 and bwlow: + # Some modules enforce no slash (/) at the end of the URL + # Else this rewrite block wouldn't be needed (GlobalRedirect) + #rewrite ^/(.*)$ /index.php?q=$1; + } + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.10/templates/web/nginx/php5-fpm/joomla.stpl b/install/ubuntu/13.10/templates/web/nginx/php5-fpm/joomla.stpl new file mode 100644 index 000000000..235a01216 --- /dev/null +++ b/install/ubuntu/13.10/templates/web/nginx/php5-fpm/joomla.stpl @@ -0,0 +1,58 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + # deny running scripts inside writable directories + location ~* /(images|cache|media|logs|tmp)/.*\.(php|pl|py|jsp|asp|sh|cgi)$ { + return 403; + error_page 403 /403_error.html; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.10/templates/web/nginx/php5-fpm/joomla.tpl b/install/ubuntu/13.10/templates/web/nginx/php5-fpm/joomla.tpl new file mode 100644 index 000000000..997c268de --- /dev/null +++ b/install/ubuntu/13.10/templates/web/nginx/php5-fpm/joomla.tpl @@ -0,0 +1,54 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + # deny running scripts inside writable directories + location ~* /(images|cache|media|logs|tmp)/.*\.(php|pl|py|jsp|asp|sh|cgi)$ { + return 403; + error_page 403 /403_error.html; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.10/templates/web/nginx/php5-fpm/owncloud.stpl b/install/ubuntu/13.10/templates/web/nginx/php5-fpm/owncloud.stpl new file mode 100644 index 000000000..8311ca43f --- /dev/null +++ b/install/ubuntu/13.10/templates/web/nginx/php5-fpm/owncloud.stpl @@ -0,0 +1,80 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect; + rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect; + rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect; + + error_page 403 = /core/templates/403.php; + error_page 404 = /core/templates/404.php; + + location ~ ^/(?:\.htaccess|data|config|db_structure\.xml|README){ + deny all; + } + + location / { + # The following 2 rules are only needed with webfinger + rewrite ^/.well-known/host-meta /public.php?service=host-meta last; + rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last; + rewrite ^/.well-known/carddav /remote.php/carddav/ redirect; + rewrite ^/.well-known/caldav /remote.php/caldav/ redirect; + rewrite ^(/core/doc/[^\/]+/)$ $1/index.html; + try_files $uri $uri/ /index.php; + + location ~ \.php(?:$|/) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param PATH_INFO $fastcgi_path_info; + #fastcgi_param HTTPS on; + fastcgi_pass %backend_lsnr%; + } + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + # Some basic cache-control for static files to be sent to the browser + add_header Pragma public; + add_header Cache-Control "public, must-revalidate, proxy-revalidate"; + } + + #error_page 403 /error/404.html; + #error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.10/templates/web/nginx/php5-fpm/owncloud.tpl b/install/ubuntu/13.10/templates/web/nginx/php5-fpm/owncloud.tpl new file mode 100644 index 000000000..57cac2f85 --- /dev/null +++ b/install/ubuntu/13.10/templates/web/nginx/php5-fpm/owncloud.tpl @@ -0,0 +1,76 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect; + rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect; + rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect; + + error_page 403 = /core/templates/403.php; + error_page 404 = /core/templates/404.php; + + location ~ ^/(?:\.htaccess|data|config|db_structure\.xml|README){ + deny all; + } + + location / { + # The following 2 rules are only needed with webfinger + rewrite ^/.well-known/host-meta /public.php?service=host-meta last; + rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last; + rewrite ^/.well-known/carddav /remote.php/carddav/ redirect; + rewrite ^/.well-known/caldav /remote.php/caldav/ redirect; + rewrite ^(/core/doc/[^\/]+/)$ $1/index.html; + try_files $uri $uri/ /index.php; + + location ~ \.php(?:$|/) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param PATH_INFO $fastcgi_path_info; + #fastcgi_param HTTPS on; + fastcgi_pass %backend_lsnr%; + } + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + # Some basic cache-control for static files to be sent to the browser + add_header Pragma public; + add_header Cache-Control "public, must-revalidate, proxy-revalidate"; + } + + #error_page 403 /error/404.html; + #error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.10/templates/web/nginx/php5-fpm/piwik.stpl b/install/ubuntu/13.10/templates/web/nginx/php5-fpm/piwik.stpl new file mode 100644 index 000000000..c53af4011 --- /dev/null +++ b/install/ubuntu/13.10/templates/web/nginx/php5-fpm/piwik.stpl @@ -0,0 +1,68 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + try_files /favicon.ico =204; + } + + location / { + try_files $uri /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + valid_referers none blocked %domain_idn% %alias_idn%; + if ($invalid_referer) { + return 444; + } + expires max; + } + + location ~* ^/(?:index|piwik)\.php$ { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + # Any other attempt to access PHP files returns a 404. + location ~* ^.+\.php$ { + return 404; + } + + # Return a 404 for all text files. + location ~* ^/(?:README|LICENSE[^.]*|LEGALNOTICE)(?:\.txt)*$ { + return 404; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.10/templates/web/nginx/php5-fpm/piwik.tpl b/install/ubuntu/13.10/templates/web/nginx/php5-fpm/piwik.tpl new file mode 100644 index 000000000..6b4a94a68 --- /dev/null +++ b/install/ubuntu/13.10/templates/web/nginx/php5-fpm/piwik.tpl @@ -0,0 +1,64 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + try_files /favicon.ico =204; + } + + location / { + try_files $uri /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + valid_referers none blocked %domain_idn% %alias_idn%; + if ($invalid_referer) { + return 444; + } + expires max; + } + + location ~* ^/(?:index|piwik)\.php$ { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + # Any other attempt to access PHP files returns a 404. + location ~* ^.+\.php$ { + return 404; + } + + # Return a 404 for all text files. + location ~* ^/(?:README|LICENSE[^.]*|LEGALNOTICE)(?:\.txt)*$ { + return 404; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.10/templates/web/nginx/php5-fpm/pyrocms.stpl b/install/ubuntu/13.10/templates/web/nginx/php5-fpm/pyrocms.stpl new file mode 100644 index 000000000..a6fc67556 --- /dev/null +++ b/install/ubuntu/13.10/templates/web/nginx/php5-fpm/pyrocms.stpl @@ -0,0 +1,61 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location /installer { + try_files $uri $uri/ /installer/index.php; + } + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location = /robots.txt { access_log off; log_not_found off; } + location = /favicon.ico { access_log off; log_not_found off; } + location ~ /\. { access_log off; log_not_found off; deny all; } + location ~ ~$ { access_log off; log_not_found off; deny all; } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.10/templates/web/nginx/php5-fpm/pyrocms.tpl b/install/ubuntu/13.10/templates/web/nginx/php5-fpm/pyrocms.tpl new file mode 100644 index 000000000..68b378efd --- /dev/null +++ b/install/ubuntu/13.10/templates/web/nginx/php5-fpm/pyrocms.tpl @@ -0,0 +1,57 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location /installer { + try_files $uri $uri/ /installer/index.php; + } + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location = /robots.txt { access_log off; log_not_found off; } + location = /favicon.ico { access_log off; log_not_found off; } + location ~ /\. { access_log off; log_not_found off; deny all; } + location ~ ~$ { access_log off; log_not_found off; deny all; } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.10/templates/web/nginx/php5-fpm/wordpress.stpl b/install/ubuntu/13.10/templates/web/nginx/php5-fpm/wordpress.stpl new file mode 100644 index 000000000..910c28b69 --- /dev/null +++ b/install/ubuntu/13.10/templates/web/nginx/php5-fpm/wordpress.stpl @@ -0,0 +1,50 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.10/templates/web/nginx/php5-fpm/wordpress.tpl b/install/ubuntu/13.10/templates/web/nginx/php5-fpm/wordpress.tpl new file mode 100644 index 000000000..b143e53ba --- /dev/null +++ b/install/ubuntu/13.10/templates/web/nginx/php5-fpm/wordpress.tpl @@ -0,0 +1,46 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.10/templates/web/nginx/php5-fpm/wordpress2.stpl b/install/ubuntu/13.10/templates/web/nginx/php5-fpm/wordpress2.stpl new file mode 100644 index 000000000..2822f8754 --- /dev/null +++ b/install/ubuntu/13.10/templates/web/nginx/php5-fpm/wordpress2.stpl @@ -0,0 +1,62 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.10/templates/web/nginx/php5-fpm/wordpress2.tpl b/install/ubuntu/13.10/templates/web/nginx/php5-fpm/wordpress2.tpl new file mode 100644 index 000000000..37b8be305 --- /dev/null +++ b/install/ubuntu/13.10/templates/web/nginx/php5-fpm/wordpress2.tpl @@ -0,0 +1,58 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/13.10/templates/web/nginx/proxy_ip.tpl b/install/ubuntu/13.10/templates/web/nginx/proxy_ip.tpl new file mode 100755 index 000000000..ae1956173 --- /dev/null +++ b/install/ubuntu/13.10/templates/web/nginx/proxy_ip.tpl @@ -0,0 +1,9 @@ +server { + listen %ip%:%proxy_port% default; + server_name _; + #access_log /var/log/nginx/%ip%.log main; + location / { + proxy_pass http://%ip%:%web_port%; + } +} + diff --git a/install/ubuntu/13.10/templates/web/php5-fpm/default.tpl b/install/ubuntu/13.10/templates/web/php5-fpm/default.tpl new file mode 100644 index 000000000..44ccf7a42 --- /dev/null +++ b/install/ubuntu/13.10/templates/web/php5-fpm/default.tpl @@ -0,0 +1,18 @@ +[%backend%] +listen = 127.0.0.1:%backend_port% +listen.allowed_clients = 127.0.0.1 + +user = %user% +group = %user% + +pm = dynamic +pm.max_children = 50 +pm.start_servers = 3 +pm.min_spare_servers = 2 +pm.max_spare_servers = 10 + +env[HOSTNAME] = $HOSTNAME +env[PATH] = /usr/local/bin:/usr/bin:/bin +env[TMP] = /tmp +env[TMPDIR] = /tmp +env[TEMP] = /tmp diff --git a/install/ubuntu/13.10/templates/web/php5-fpm/no-php.tpl b/install/ubuntu/13.10/templates/web/php5-fpm/no-php.tpl new file mode 100644 index 000000000..89487d5f5 --- /dev/null +++ b/install/ubuntu/13.10/templates/web/php5-fpm/no-php.tpl @@ -0,0 +1,13 @@ +#[%backend%] +#user = %user% +#group = %user% +#listen = /dev/null + +#listen.owner = %user% +#listen.group = nginx + +#pm = dynamic +#pm.max_children = 50 +#pm.start_servers = 3 +#pm.min_spare_servers = 2 +#pm.max_spare_servers = 10 diff --git a/install/ubuntu/13.10/templates/web/php5-fpm/socket.tpl b/install/ubuntu/13.10/templates/web/php5-fpm/socket.tpl new file mode 100644 index 000000000..f0513da3e --- /dev/null +++ b/install/ubuntu/13.10/templates/web/php5-fpm/socket.tpl @@ -0,0 +1,21 @@ +[%backend%] +listen = /var/run/php5-%backend%.sock +listen.allowed_clients = 127.0.0.1 + +user = %user% +group = %user% + +listen.owner = %user% +listen.group = nginx + +pm = dynamic +pm.max_children = 50 +pm.start_servers = 3 +pm.min_spare_servers = 2 +pm.max_spare_servers = 10 + +env[HOSTNAME] = $HOSTNAME +env[PATH] = /usr/local/bin:/usr/bin:/bin +env[TMP] = /tmp +env[TMPDIR] = /tmp +env[TEMP] = /tmp diff --git a/install/ubuntu/13.10/templates/web/skel/document_errors/403.html b/install/ubuntu/13.10/templates/web/skel/document_errors/403.html new file mode 100755 index 000000000..9c3f6baab --- /dev/null +++ b/install/ubuntu/13.10/templates/web/skel/document_errors/403.html @@ -0,0 +1,29 @@ + + + 403 — Forbidden + + + + + + +

%domain%

+ +

403

+

Forbidden

+
+ Unfortunately, you do not have permission to view this +
+ + + diff --git a/install/ubuntu/13.10/templates/web/skel/document_errors/404.html b/install/ubuntu/13.10/templates/web/skel/document_errors/404.html new file mode 100755 index 000000000..2cee77084 --- /dev/null +++ b/install/ubuntu/13.10/templates/web/skel/document_errors/404.html @@ -0,0 +1,28 @@ + + + 404 — Not Found + + + + + + +

%domain%

+

404

+

Page Not Found

+
+ It seems that the page you were trying to reach does not exist anymore, or maybe it has just moved. + You can start again from the home or go back to previous page. +
+ + diff --git a/install/ubuntu/13.10/templates/web/skel/document_errors/50x.html b/install/ubuntu/13.10/templates/web/skel/document_errors/50x.html new file mode 100755 index 000000000..85ba648b7 --- /dev/null +++ b/install/ubuntu/13.10/templates/web/skel/document_errors/50x.html @@ -0,0 +1,29 @@ + + + 500 — Internal Sever Error + + + + + + +

%domain%

+ +

500

+

Internal Server Error

+
+ Sorry, something went wrong :( +
+ + + diff --git a/install/ubuntu/13.10/templates/web/skel/public_html/index.html b/install/ubuntu/13.10/templates/web/skel/public_html/index.html new file mode 100755 index 000000000..4f5bb7244 --- /dev/null +++ b/install/ubuntu/13.10/templates/web/skel/public_html/index.html @@ -0,0 +1,26 @@ + + + %domain% — Coming Soon + + + + + + +

%domain%

+ + + + + diff --git a/install/ubuntu/13.10/templates/web/skel/public_html/robots.txt b/install/ubuntu/13.10/templates/web/skel/public_html/robots.txt new file mode 100755 index 000000000..00ee83dcf --- /dev/null +++ b/install/ubuntu/13.10/templates/web/skel/public_html/robots.txt @@ -0,0 +1,3 @@ +# vestacp autogenerated robots.txt +User-agent: * +Crawl-delay: 10 diff --git a/install/ubuntu/13.10/templates/web/skel/public_shtml/index.html b/install/ubuntu/13.10/templates/web/skel/public_shtml/index.html new file mode 100755 index 000000000..4f5bb7244 --- /dev/null +++ b/install/ubuntu/13.10/templates/web/skel/public_shtml/index.html @@ -0,0 +1,26 @@ + + + %domain% — Coming Soon + + + + + + +

%domain%

+ + + + + diff --git a/install/ubuntu/13.10/templates/web/skel/public_shtml/robots.txt b/install/ubuntu/13.10/templates/web/skel/public_shtml/robots.txt new file mode 100755 index 000000000..00ee83dcf --- /dev/null +++ b/install/ubuntu/13.10/templates/web/skel/public_shtml/robots.txt @@ -0,0 +1,3 @@ +# vestacp autogenerated robots.txt +User-agent: * +Crawl-delay: 10 diff --git a/install/ubuntu/13.10/templates/web/suspend/.htaccess b/install/ubuntu/13.10/templates/web/suspend/.htaccess new file mode 100755 index 000000000..5a6df83fb --- /dev/null +++ b/install/ubuntu/13.10/templates/web/suspend/.htaccess @@ -0,0 +1,2 @@ +ErrorDocument 403 /index.html +ErrorDocument 404 /index.html diff --git a/install/ubuntu/13.10/templates/web/suspend/index.html b/install/ubuntu/13.10/templates/web/suspend/index.html new file mode 100755 index 000000000..9d4fa67b3 --- /dev/null +++ b/install/ubuntu/13.10/templates/web/suspend/index.html @@ -0,0 +1,27 @@ + + + SUSPEND + + + + + + +

SUSPEND

+

This site has been suspended

+
+ Please contact technical support departament. +
+ + + diff --git a/install/ubuntu/13.10/templates/web/webalizer/webalizer.tpl b/install/ubuntu/13.10/templates/web/webalizer/webalizer.tpl new file mode 100755 index 000000000..068adcfb9 --- /dev/null +++ b/install/ubuntu/13.10/templates/web/webalizer/webalizer.tpl @@ -0,0 +1,110 @@ +HostName %domain_idn% +LogFile /var/log/%web_system%/domains/%domain%.log +OutputDir %home%/%user%/web/%domain%/stats +HistoryName %home%/%user%/web/%domain%/stats/%domain%.hist +Incremental yes +IncrementalName %home%/%user%/web/%domain%/stats/%domain%.current +PageType htm* +PageType cgi +PageType php +PageType shtml +DNSCache /var/lib/webalizer/dns_cache.db +DNSChildren 10 +Quiet yes +FoldSeqErr yes +IndexAlias index.php +HideURL *.gif +HideURL *.GIF +HideURL *.jpg +HideURL *.JPG +HideURL *.png +HideURL *.PNG +HideURL *.ra +SearchEngine abcsearch. terms= +SearchEngine alexa. q= +SearchEngine alltheweb. q= +SearchEngine alltheweb. query= +SearchEngine alot. q= +SearchEngine altavista. q= +SearchEngine aolsearch. query= +SearchEngine aport.ru r= +SearchEngine ask. q= +SearchEngine atlas.cz q= +SearchEngine bbc. q= +SearchEngine bing. q= +SearchEngine blingo. q= +SearchEngine blogs.yandex.ru text= +SearchEngine btopenworld query= +SearchEngine buscador.ya.com q= +SearchEngine busca. q= +SearchEngine business. query= +SearchEngine centrum.cz q= +SearchEngine chiff. q= +SearchEngine clusty. query= +SearchEngine comcast. q= +SearchEngine crawler. q= +SearchEngine cuil. q= +SearchEngine dmoz. search= +SearchEngine dogpile.com q= +SearchEngine dpxml qkw= +SearchEngine eureka. searchword= +SearchEngine euroseek. string= +SearchEngine exalead. q= +SearchEngine excite search= +SearchEngine ezilon. q= +SearchEngine fastbrowsersearch. q= +SearchEngine feedster.com q= +SearchEngine fireball.de q= +SearchEngine fireball. keyword= +SearchEngine freeserve. q= +SearchEngine gigablast. q= +SearchEngine gogo.ru q= +SearchEngine go.mail.ru q= +SearchEngine google. q= +SearchEngine hakia. q= +SearchEngine hotbot. query= +SearchEngine infoseek. qt= +SearchEngine iwon searchfor= +SearchEngine ixquick.com query= +SearchEngine joeant. keywords= +SearchEngine jyxo.cz s= +SearchEngine looksmart. key= +SearchEngine lycos. query= +SearchEngine mamma. q= +SearchEngine metacrawler q= +SearchEngine msn. MT= +SearchEngine msxml qkw= +SearchEngine mysearch. searchfor= +SearchEngine mywebsearch. searchfor= +SearchEngine netscape. q= +SearchEngine nigma.ru q= +SearchEngine northernlight. qr= +SearchEngine ntlworld. q= +SearchEngine orange. q= +SearchEngine overture. Keywords= +SearchEngine punto.ru text= +SearchEngine rambler. keyword= +SearchEngine search.aol. q= +SearchEngine search.babylon. q= +SearchEngine search.centrum. phrase= +SearchEngine search.conduit. q= +SearchEngine search.earthlink q= +SearchEngine search.icq. q= +SearchEngine search.live.com q= +SearchEngine search.rambler.ru words= +SearchEngine search.winamp. q= +SearchEngine searchy. q= +SearchEngine seznam.cz w= +SearchEngine snap. query= +SearchEngine teoma. q= +SearchEngine teradex.com q= +SearchEngine ukplus key= +SearchEngine verizon. q= +SearchEngine virginmedia. q= +SearchEngine voila. rdata= +SearchEngine webcrawler searchText= +SearchEngine web.search.naver. query= +SearchEngine wisenut q= +SearchEngine yahoo. p= +SearchEngine yandex. text= +SearchEngine yodao. q= diff --git a/install/ubuntu/13.10/vsftpd/vsftpd.conf b/install/ubuntu/13.10/vsftpd/vsftpd.conf new file mode 100644 index 000000000..0902899e7 --- /dev/null +++ b/install/ubuntu/13.10/vsftpd/vsftpd.conf @@ -0,0 +1,24 @@ +anonymous_enable=NO +local_enable=YES +write_enable=YES +local_umask=002 +anon_upload_enable=NO +dirmessage_enable=YES +xferlog_enable=YES +connect_from_port_20=YES +xferlog_std_format=YES +dual_log_enable=YES +chroot_local_user=YES +listen=YES +pam_service_name=vsftpd +userlist_enable=NO +tcp_wrappers=YES +force_dot_files=YES +ascii_upload_enable=YES +ascii_download_enable=YES +#allow_writable_chroot=YES +allow_writeable_chroot=YES +seccomp_sandbox=NO +pasv_enable=YES +pasv_max_port=12100 +pasv_min_port=12000 diff --git a/install/ubuntu/14.04/apache2/apache2.conf b/install/ubuntu/14.04/apache2/apache2.conf new file mode 100644 index 000000000..221780117 --- /dev/null +++ b/install/ubuntu/14.04/apache2/apache2.conf @@ -0,0 +1,86 @@ +# It is split into several files forming the configuration hierarchy outlined +# below, all located in the /etc/apache2/ directory: +# +# /etc/apache2/ +# |-- apache2.conf +# | `-- ports.conf +# |-- mods-enabled +# | |-- *.load +# | `-- *.conf +# |-- conf.d +# | `-- * + +# Global configuration +PidFile ${APACHE_PID_FILE} +Timeout 30 +KeepAlive Off +MaxKeepAliveRequests 100 +KeepAliveTimeout 10 + + + StartServers 8 + MinSpareServers 5 + MaxSpareServers 20 + ServerLimit 256 + MaxClients 200 + MaxRequestsPerChild 4000 + + + + StartServers 2 + MinSpareThreads 25 + MaxSpareThreads 75 + ThreadLimit 64 + ThreadsPerChild 25 + MaxClients 200 + MaxRequestsPerChild 4000 + + + + StartServers 2 + MinSpareThreads 25 + MaxSpareThreads 75 + ThreadLimit 64 + ThreadsPerChild 25 + MaxClients 200 + MaxRequestsPerChild 4000 + + +# These need to be set in /etc/apache2/envvars +User ${APACHE_RUN_USER} +Group ${APACHE_RUN_GROUP} +#User www-data +#Group www-data + +AccessFileName .htaccess + + + Order allow,deny + Deny from all + Satisfy all + + +DefaultType None +HostnameLookups Off + +ErrorLog ${APACHE_LOG_DIR}/error.log +LogLevel warn + +# Include module configuration: +Include mods-enabled/*.load +Include mods-enabled/*.conf + +# Include list of ports to listen on and which to use for name based vhosts +Include ports.conf + +LogFormat "%v:%p %h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined +LogFormat "%h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined +LogFormat "%h %l %u %t \"%r\" %>s %O" common +LogFormat "%{Referer}i -> %U" referer +LogFormat "%{User-agent}i" agent +LogFormat "%b" bytes + +Include conf.d/ + +# Include the virtual host configurations: +#Include sites-enabled/ diff --git a/install/ubuntu/14.04/apache2/status.conf b/install/ubuntu/14.04/apache2/status.conf new file mode 100644 index 000000000..da9d96333 --- /dev/null +++ b/install/ubuntu/14.04/apache2/status.conf @@ -0,0 +1,8 @@ +Listen 127.0.0.1:8081 + + SetHandler server-status + Order deny,allow + Deny from all + Allow from 127.0.0.1 + Allow from all + diff --git a/install/ubuntu/14.04/bind/named.conf b/install/ubuntu/14.04/bind/named.conf new file mode 100644 index 000000000..ed6ece885 --- /dev/null +++ b/install/ubuntu/14.04/bind/named.conf @@ -0,0 +1,12 @@ +// This is the primary configuration file for the BIND DNS server named. +// +// Please read /usr/share/doc/bind9/README.Debian.gz for information on the +// structure of BIND configuration files in Debian, *BEFORE* you customize +// this configuration file. +// +// If you are just adding zones, please do that in /etc/bind/named.conf.local + +include "/etc/bind/named.conf.options"; +include "/etc/bind/named.conf.local"; +include "/etc/bind/named.conf.default-zones"; + diff --git a/install/ubuntu/14.04/clamav/clamd.conf b/install/ubuntu/14.04/clamav/clamd.conf new file mode 100644 index 000000000..ea982697a --- /dev/null +++ b/install/ubuntu/14.04/clamav/clamd.conf @@ -0,0 +1,61 @@ +#Automatically Generated by clamav-base postinst +#To reconfigure clamd run #dpkg-reconfigure clamav-base +#Please read /usr/share/doc/clamav-base/README.Debian.gz for details +LocalSocket /var/run/clamav/clamd.ctl +FixStaleSocket true +LocalSocketGroup clamav +LocalSocketMode 666 +# TemporaryDirectory is not set to its default /tmp here to make overriding +# the default with environment variables TMPDIR/TMP/TEMP possible +User clamav +AllowSupplementaryGroups true +ScanMail true +ScanArchive true +ArchiveBlockEncrypted false +MaxDirectoryRecursion 15 +FollowDirectorySymlinks false +FollowFileSymlinks false +ReadTimeout 180 +MaxThreads 12 +MaxConnectionQueueLength 15 +LogSyslog false +LogFacility LOG_LOCAL6 +LogClean false +LogVerbose true +PidFile /var/run/clamav/clamd.pid +DatabaseDirectory /var/lib/clamav +SelfCheck 3600 +Foreground false +Debug false +ScanPE true +ScanOLE2 true +ScanHTML true +DetectBrokenExecutables false +ExitOnOOM false +LeaveTemporaryFiles false +AlgorithmicDetection true +ScanELF true +IdleTimeout 30 +PhishingSignatures true +PhishingScanURLs true +PhishingAlwaysBlockSSLMismatch false +PhishingAlwaysBlockCloak false +DetectPUA false +ScanPartialMessages false +HeuristicScanPrecedence false +StructuredDataDetection false +CommandReadTimeout 5 +SendBufTimeout 200 +MaxQueue 100 +ExtendedDetectionInfo true +OLE2BlockMacros false +StreamMaxLength 25M +LogFile /var/log/clamav/clamav.log +LogTime true +LogFileUnlock false +LogFileMaxSize 0 +Bytecode true +BytecodeSecurity TrustSigned +BytecodeTimeout 60000 +OfficialDatabaseOnly false +CrossFilesystems true diff --git a/install/ubuntu/14.04/deb_signing.key b/install/ubuntu/14.04/deb_signing.key new file mode 100644 index 000000000..2ad2db8bc --- /dev/null +++ b/install/ubuntu/14.04/deb_signing.key @@ -0,0 +1,30 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- +Version: GnuPG v1.4.12 (GNU/Linux) + +mQENBFJIGbEBCAC8SHOOFo7iDTbnC2GhNZ+uBGCh226Dn1QPoFZNFM/DNakHZ6rD +G3wzr8++eKz4fJual/VLllE2N9XDPuxbozb3LLkcyY1WzJqtIXbXhFGQ/SuIeT+x +QY90XU6t2Ckze2c+zUniAWmJ8GSyVmXOoc9JxAQ1u47wvGXLzrjWXc8u8PNRYXuf +fZplTL+dFu9P0d6lP8FGsV+r9wXvvazpRTz3+H8PKrGCYT55ZQIEdG9Jgamylto2 +oVPFXkwGML+TLw6oeCIBuz2y2vtivphW4MJ3ifQjDj7k3n+DTIxfDFs8lB6VRhhY +2nMHCrcZC6U2mhmXmr6O4s1fu6irBVx05ejPABEBAAG0IFNlcmdoZXkgUm9kaW4g +PHNraWRAdmVzdGFjcC5jb20+iQE4BBMBAgAiBQJSSBmxAhsDBgsJCAcDAgYVCAIJ +CgsEFgIDAQIeAQIXgAAKCRBCxbITCh93FPdqB/93GjV9g+wBfeZYLHQK9MDU2wBb +VloYOJJae6IvYKYQVAJayD3PbHdpxrF8s9e23vdnmb9jKu6jX6oV54EIyqP2HPiN +QYc8wcea+eSHerznBixCtoQh8mtdWGFeN71zU/ig7L5qlOVF/EmxDVZTFUeivFxh +IV6qyBnktQKktE45585yKZyyLtfGoXA54DGK69OtJFh+wdkKEMmUXocMl7wUrxW6 +Cx2CuKeEXEgvwu8mRHQi3S3T9XP456qWEn5dWyMVcP660IzEuZfSJApZusNK7zG3 +WMy0/EuX7xHNY3mcNxTOUN1LsO7iHnhHD9+iKWJo9parGkMZzc92MpjDK/g7uQEN +BFJIGbEBCAC7k5QEA9WQM7E3ceNaeLMrA9lXfuzaNCcySq7ONdVAa5PxzbSKdHvz +QFoL1VFqBTYQ038lbil1XqnoM0zvIfAI3LcpS8sq92El/vPxp6jZh2Ari9Uw7x95 +k2cZMgI67g+zQMGdjVRA155nFQRCgg000xU4F7JA6+WsuLlVUmccsDv7YWJExMtC +YPxiuz5DFu8RALnw4Ckts+dbwsrcvUHhkm9b6RAsdCKjjRpUZjLgdltjH83gUVvt +i1YmdjjsVpt95dtsaG+ad852g/Rk8EdxNMkjPF6HLA67CLADP9wYaj80yPcPtylS +ycvPtcclVeHkFBRVM8xZpQd4iD19MWI1ABEBAAGJAR8EGAECAAkFAlJIGbECGwwA +CgkQQsWyEwofdxQ7tQgAhB0FwTs7L8Qr63DHC2yAnXVxgtTAY1/36CccNXVculyR ++EkLcwahms9AKhz7eQb+Mud+5vH0GRohLp2npgO38CjVUfIP5d+Y6dsthmrkF6p8 +XdV1dVK9vWX+i/YZSw/Mded30Cq4P2Yhq9EaemMT0rtli8lz2NnkZ9dFJZk1lzJC +CZmRpbjSNWqRU4f7qyh21lYk/OC/0XE8fh8CaO23TZ+6gBionoCztwb7NyC9OArN +qYlNnbmh9iNqdblykPS3bkjf34n2xyMgnIehNrM89tk8PY4UfNPhgT1TMD9W3Svq +ynNZvLuF/FIDwDeC1qcfjGbfDn9fXO/lMIIRooQYKQ== +=J2HJ +-----END PGP PUBLIC KEY BLOCK----- diff --git a/install/ubuntu/14.04/dovecot.tar.gz b/install/ubuntu/14.04/dovecot.tar.gz new file mode 100644 index 0000000000000000000000000000000000000000..bfabaa030981d087ea4ccd8c7b86cc4d7ab1b7c6 GIT binary patch literal 3487 zcmV;Q4Pf#giwFRAz^+vQ1MM4YZyPrJESWH#l7u_ru?rTWOchsOV;5PJCsTFqMF@1q7J z@8Lu8?+=Fk(NVY80r~evgQH6Rj{$e&-|I9Jo%CDy^^@&^0v-(pACmu3uh#|ncRQo* z(dY>0bqAx~@CoaDG73Hde{=aieOi0^lwDn3^_fjXAZIdQR-~y^a|aq$g|DKQfwbnIX+x!UC0o24+8Ev1e?6`TyF z8`vq$jB@adI3@)oZi~NBA63I*Z>0~uk2KT zaHU4N^Mslf!x4zfNM=3)9v~#FmW9FwMovM>Qqk&A2kn)-mF@3y zG_7=ebDkGV094j@@Vs@0BEc@7@e)9w1lqm6#<#5dEoiE=m z@xRQ?I@Os$l_|q95)Rz0FPp%ZgQ-R*OzH}@2pfc;P;nNeTnTN9qnvI`X4%2lW7cbR zTm3_iDcc$Smm3}Aqsvx4A-9-ir}foWtu?zhA>BPnKH=r8;MprpW)8}EnWd=Ptk>xv zZ$wNMvfvPJARK}+#op!#f3DIl7_7MUF_H+{N8OxpIBtVkjrIw0*#{pt%}|=4)|}#i zlK@)fN@oy7fK{B$wRYhG42V-$TW~dZzNkgA$Vec}F7ibQ_$LtX40NJt`OMjEVY}## zC!XAK34ym>0Rsw56(X|5!=mP(gHmL#q$xf~(P8ePbmY17uP8?-2-eo4Yq8S|{0ePC z{%@rXcpy}2$J3Wi&9@E*NtxUUBtI;i4*_q;ryATy&))c2YhFE=mCZghykWlY>c z$`*4-IYg9zGgoBu+J$PTs?J72mMO7@v=QizHl?Ho^Q6trYBp`MA?apM!Dq&&Fw%;NZ>9uNV(Q;Ji1D zSC=o5I^LcO}XbK_ij~ctOc^?0jNp{bgsnFkh!dQ`x4_i~A(yWFTp;L}~+`2=c6K z3cll({3CicV6e|ZnwY%i*D{1yLZ+?e{=TLY6c|SC1fzpMzDZJI%5L+?v>Mfe#D|AM zu{H~_Ze62e^kh|%!fz>Q2_H!3659BJZVC(0Vjnu9`FU}gzn7>vr-tO$G^OH$ojEgYPB34n)nCN z6_up>=y0fnu2v=w9^ctv_X*FyQ{qy%dak!9@p03;bsS}E4*n(qZ-c&>9>6_P!1vB* z)S>Sb1jo$Vh9~sS!@r29x^Mp=wK=--Pv-z0vj5JYQ`rBokM&>pe^A-~V*p5dl5jAb zF>6B()Q0bEuM;i!{MS(O3O)$;`#>Hz_&+?N{?F*Bvj4{b*Z-lK^uDrs5Xa-jP|B-A`z+-YdcF%DyCW+}{uQ7yN8dB=smp0>#5MR`=XA`_M|@&2rY zZx3;qcSKw<4eRNIXYWR9hn<^w7Q@ziSccrYPi2Y|VUpNm!WeDfdNYG$fi5R_OuDV& z%!xY>ILFc8_Cq&nkN@v}qb4?dwsIDU?QXGzCXef~UH4_fOVB_gLqVlFBKY*=>g4(P z#re%UtS=?NLD9nMx$84TnP5{vXD0pJ|6<>@c0hzQWe!47Af$v-WgUAoa7#{glGpk@ zZ>{epa?OlGyuBkz|5C-&D zX>62B5bhh91xMVx7HNLb_;K4>S8Csx=x_yj>G+sP zYoJHLc3^{Pi~pL%ck9}<&CEpGF9Nl;%!vsdCTDtnY_DI_P0mWP6p-FC77Gq+7U;;R z_qKx!=CJW^E-!^5;+v)tDti>M$qK zMmnu|b$NMJAVUeBetUNMT~T|z0-^}BogfM`fY)aDoF=l zFMF--Ve4Me$(NX7#5m<475cGv?HcmvADsJ6x3wm4@D{7`xTjg;lm*- zO4=y45Y&e@WBcuWP~+K5uALR;b!oED-5MP=oo!)vr2}oHT*3-gpQ8UohXrhNy=W@A zO9iGU!=1fKT!?HoZPJScC9TDy{`g8;5kWx8UpoLTy10Jxob*!`{qijf$TcD#4)2si z-J1<%o&tptmg1?o0}&FNOl~vk2qPa!kx-KhTyrBfzd5u2ed#}{;xeAy8rjP#r?n6>GmN1 zKk8Tc|KkA4I-F8o9~!x&5|@*I6BPg+L!OMPYXh(-F@E`C*gSpx?&_vUSADuQt}E6S zY0wss9}n802Ct!PyB@Y3I;_;;l3%siZ^!+)`S@pr`}IF-qfdMNf6)HB!~UK3e+O6w ztnB|00Hh7}wt@T_K1~8)@ZR)wJF{2{40zOD3Sdwh2HQC3(oTpACZz?pV)Lu!!@SBw z|A=tk{xJo3)cPOT|IxPo-|4&hUuFM~0-?0@@^2DxEC#I83ANGaO)LB~fhax2m$#gg zphvO5S5~BrF;vq+Mye+;{o z{XYh{IxZyRV5V~sPIh|ZG{}QMSnCGt&Iktl)V+-F-%UQQFWUGKQ}ep2ef*u%&wca? zo^0(u@A-b(%-;do|L7z3-|zbT|ESaL;O{>N_>;iO{vQGI_8wX`b@3Y9jdImf(k0Apn?i2sGx!hDyX1>3M#0ef(kxA N{0}P55eWcL004dY&`|&Y literal 0 HcmV?d00001 diff --git a/install/ubuntu/14.04/dovecot/conf.d/10-auth.conf b/install/ubuntu/14.04/dovecot/conf.d/10-auth.conf new file mode 100644 index 000000000..dfcc83110 --- /dev/null +++ b/install/ubuntu/14.04/dovecot/conf.d/10-auth.conf @@ -0,0 +1,4 @@ +disable_plaintext_auth = no +auth_verbose = yes +auth_mechanisms = plain login +!include auth-passwdfile.conf.ext diff --git a/install/ubuntu/14.04/dovecot/conf.d/10-logging.conf b/install/ubuntu/14.04/dovecot/conf.d/10-logging.conf new file mode 100644 index 000000000..a5f207d51 --- /dev/null +++ b/install/ubuntu/14.04/dovecot/conf.d/10-logging.conf @@ -0,0 +1 @@ +log_path = /var/log/dovecot.log diff --git a/install/ubuntu/14.04/dovecot/conf.d/10-mail.conf b/install/ubuntu/14.04/dovecot/conf.d/10-mail.conf new file mode 100644 index 000000000..55313419e --- /dev/null +++ b/install/ubuntu/14.04/dovecot/conf.d/10-mail.conf @@ -0,0 +1,4 @@ +mail_privileged_group = mail +mail_access_groups = mail +mail_location = maildir:%h/mail/%d/%n +pop3_uidl_format = %08Xu%08Xv diff --git a/install/ubuntu/14.04/dovecot/conf.d/10-master.conf b/install/ubuntu/14.04/dovecot/conf.d/10-master.conf new file mode 100644 index 000000000..a75a9aaa4 --- /dev/null +++ b/install/ubuntu/14.04/dovecot/conf.d/10-master.conf @@ -0,0 +1,29 @@ +service imap-login { + inet_listener imap { + } + inet_listener imaps { + } +} + +service pop3-login { + inet_listener pop3 { + } + inet_listener pop3s { + } +} + + +service imap { +} + +service pop3 { +} + +service auth { + unix_listener auth-client { + group = mail + mode = 0660 + user = dovecot + } + user = dovecot +} diff --git a/install/ubuntu/14.04/dovecot/conf.d/10-ssl.conf b/install/ubuntu/14.04/dovecot/conf.d/10-ssl.conf new file mode 100644 index 000000000..3aaff6eec --- /dev/null +++ b/install/ubuntu/14.04/dovecot/conf.d/10-ssl.conf @@ -0,0 +1,3 @@ +ssl = yes +ssl_cert = = 2.1.4) : %v.%u + # Dovecot v0.99.x : %v.%u + # tpop3d : %Mf + # + # Note that Outlook 2003 seems to have problems with %v.%u format which was + # Dovecot's default, so if you're building a new server it would be a good + # idea to change this. %08Xu%08Xv should be pretty fail-safe. + # + #pop3_uidl_format = %08Xu%08Xv + + # Permanently save UIDLs sent to POP3 clients, so pop3_uidl_format changes + # won't change those UIDLs. Currently this works only with Maildir. + #pop3_save_uidl = no + + # What to do about duplicate UIDLs if they exist? + # allow: Show duplicates to clients. + # rename: Append a temporary -2, -3, etc. counter after the UIDL. + #pop3_uidl_duplicates = allow + + # POP3 logout format string: + # %i - total number of bytes read from client + # %o - total number of bytes sent to client + # %t - number of TOP commands + # %p - number of bytes sent to client as a result of TOP command + # %r - number of RETR commands + # %b - number of bytes sent to client as a result of RETR command + # %d - number of deleted messages + # %m - number of messages (before deletion) + # %s - mailbox size in bytes (before deletion) + # %u - old/new UIDL hash. may help finding out if UIDLs changed unexpectedly + #pop3_logout_format = top=%t/%p, retr=%r/%b, del=%d/%m, size=%s + + # Maximum number of POP3 connections allowed for a user from each IP address. + # NOTE: The username is compared case-sensitively. + #mail_max_userip_connections = 10 + + # Space separated list of plugins to load (default is global mail_plugins). + #mail_plugins = $mail_plugins + + # Workarounds for various client bugs: + # outlook-no-nuls: + # Outlook and Outlook Express hang if mails contain NUL characters. + # This setting replaces them with 0x80 character. + # oe-ns-eoh: + # Outlook Express and Netscape Mail breaks if end of headers-line is + # missing. This option simply sends it if it's missing. + # The list is space-separated. + #pop3_client_workarounds = +} diff --git a/install/ubuntu/14.04/dovecot/conf.d/auth-passwdfile.conf.ext b/install/ubuntu/14.04/dovecot/conf.d/auth-passwdfile.conf.ext new file mode 100644 index 000000000..75e6e1152 --- /dev/null +++ b/install/ubuntu/14.04/dovecot/conf.d/auth-passwdfile.conf.ext @@ -0,0 +1,9 @@ +passdb { + driver = passwd-file + args = scheme=MD5-CRYPT username_format=%n /etc/exim4/domains/%d/passwd +} + +userdb { + driver = passwd-file + args = username_format=%n /etc/exim4/domains/%d/passwd +} diff --git a/install/ubuntu/14.04/dovecot/dovecot.conf b/install/ubuntu/14.04/dovecot/dovecot.conf new file mode 100644 index 000000000..0a8553510 --- /dev/null +++ b/install/ubuntu/14.04/dovecot/dovecot.conf @@ -0,0 +1,4 @@ +protocols = imap pop3 +listen = *, :: +base_dir = /var/run/dovecot/ +!include conf.d/*.conf diff --git a/install/ubuntu/14.04/exim/dnsbl.conf b/install/ubuntu/14.04/exim/dnsbl.conf new file mode 100644 index 000000000..5166b255e --- /dev/null +++ b/install/ubuntu/14.04/exim/dnsbl.conf @@ -0,0 +1,2 @@ +bl.spamcop.net +zen.spamhaus.org diff --git a/install/ubuntu/14.04/exim/exim4.conf.template b/install/ubuntu/14.04/exim/exim4.conf.template new file mode 100644 index 000000000..742f0409e --- /dev/null +++ b/install/ubuntu/14.04/exim/exim4.conf.template @@ -0,0 +1,377 @@ +###################################################################### +# # +# Exim configuration file for Vesta Control Panel # +# # +###################################################################### + +#SPAMASSASSIN = yes +#SPAM_SCORE = 50 +#CLAMD = yes + +domainlist local_domains = dsearch;/etc/exim4/domains/ +domainlist relay_to_domains = dsearch;/etc/exim4/domains/ +hostlist relay_from_hosts = 127.0.0.1 +hostlist whitelist = net-iplsearch;/etc/exim4/white-blocks.conf +hostlist spammers = net-iplsearch;/etc/exim4/spam-blocks.conf +no_local_from_check +untrusted_set_sender = * +acl_smtp_connect = acl_check_spammers +acl_smtp_mail = acl_check_mail +acl_smtp_rcpt = acl_check_rcpt +acl_smtp_data = acl_check_data +acl_smtp_mime = acl_check_mime + +.ifdef SPAMASSASSIN +spamd_address = 127.0.0.1 783 +.endif + +.ifdef CLAMD +av_scanner = clamd: /var/run/clamav/clamd.ctl +.endif + +tls_advertise_hosts = * +tls_certificate = /usr/local/vesta/ssl/certificate.crt +tls_privatekey = /usr/local/vesta/ssl/certificate.key + +daemon_smtp_ports = 25 : 465 : 587 : 2525 +tls_on_connect_ports = 465 +never_users = root +host_lookup = * +rfc1413_hosts = * +rfc1413_query_timeout = 5s +ignore_bounce_errors_after = 2d +timeout_frozen_after = 7d + +DKIM_DOMAIN = ${lc:${domain:$h_from:}} +DKIM_FILE = /etc/exim4/domains/${lc:${domain:$h_from:}}/dkim.pem +DKIM_PRIVATE_KEY = ${if exists{DKIM_FILE}{DKIM_FILE}{0}} + + + +###################################################################### +# ACL CONFIGURATION # +# Specifies access control lists for incoming SMTP mail # +###################################################################### +begin acl + +acl_check_spammers: + accept hosts = +whitelist + + drop message = Your host in blacklist on this server. + log_message = Host in blacklist + hosts = +spammers + + accept + + +acl_check_mail: + deny condition = ${if eq{$sender_helo_name}{}} + message = HELO required before MAIL + + drop message = Helo name contains a ip address (HELO was $sender_helo_name) and not is valid + condition = ${if match{$sender_helo_name}{\N((\d{1,3}[.-]\d{1,3}[.-]\d{1,3}[.-]\d{1,3})|([0-9a-f]{8})|([0-9A-F]{8}))\N}{yes}{no}} + condition = ${if match {${lookup dnsdb{>: defer_never,ptr=$sender_host_address}}\}{$sender_helo_name}{no}{yes}} + delay = 45s + + drop condition = ${if isip{$sender_helo_name}} + message = Access denied - Invalid HELO name (See RFC2821 4.1.3) + + drop condition = ${if eq{[$interface_address]}{$sender_helo_name}} + message = $interface_address is _my_ address + + accept + + +acl_check_rcpt: + accept hosts = : + + deny message = Restricted characters in address + domains = +local_domains + local_parts = ^[.] : ^.*[@%!/|] + + deny message = Restricted characters in address + domains = !+local_domains + local_parts = ^[./|] : ^.*[@%!] : ^.*/\\.\\./ + + require verify = sender + + accept hosts = +relay_from_hosts + control = submission + + accept authenticated = * + control = submission/domain= + + deny message = Rejected because $sender_host_address is in a black list at $dnslist_domain\n$dnslist_text + hosts = !+whitelist + dnslists = ${readfile {/etc/exim4/dnsbl.conf}{:}} + + require message = relay not permitted + domains = +local_domains : +relay_to_domains + + deny message = smtp auth requried + sender_domains = +local_domains + !authenticated = * + + require verify = recipient + +.ifdef CLAMD + warn set acl_m0 = no + + warn condition = ${if exists {/etc/exim4/domains/$domain/antivirus}{yes}{no}} + set acl_m0 = yes +.endif + +.ifdef SPAMASSASSIN + warn set acl_m1 = no + + warn condition = ${if exists {/etc/exim4/domains/$domain/antispam}{yes}{no}} + set acl_m1 = yes +.endif + + accept + + +acl_check_data: +.ifdef CLAMD + deny message = Message contains a virus ($malware_name) and has been rejected + malware = * + condition = ${if eq{$acl_m0}{yes}{yes}{no}} +.endif + +.ifdef SPAMASSASSIN + warn !authenticated = * + hosts = !+relay_from_hosts + condition = ${if < {$message_size}{100K}} + condition = ${if eq{$acl_m1}{yes}{yes}{no}} + spam = nobody:true/defer_ok + add_header = X-Spam-Score: $spam_score_int + add_header = X-Spam-Bar: $spam_bar + add_header = X-Spam-Report: $spam_report + set acl_m2 = $spam_score_int + + warn condition = ${if !eq{$acl_m2}{} {yes}{no}} + condition = ${if >{$acl_m2}{SPAM_SCORE} {yes}{no}} + add_header = X-Spam-Status: Yes + message = SpamAssassin detected spam (from $sender_address to $recipients). +.endif + + accept + + +acl_check_mime: + deny message = Blacklisted file extension detected + condition = ${if match {${lc:$mime_filename}}{\N(\.ade|\.adp|\.bat|\.chm|\.cmd|\.com|\.cpl|\.exe|\.hta|\.ins|\.isp|\.jse|\.lib|\.lnk|\.mde|\.msc|\.msp|\.mst|\.pif|\.scr|\.sct|\.shb|\.sys|\.vb|\.vbe|\.vbs|\.vxd|\.wsc|\.wsf|\.wsh)$\N}{1}{0}} + + accept + + + +###################################################################### +# AUTHENTICATION CONFIGURATION # +###################################################################### +begin authenticators + +dovecot_plain: + driver = dovecot + public_name = PLAIN + server_socket = /var/run/dovecot/auth-client + server_set_id = $auth1 + +dovecot_login: + driver = dovecot + public_name = LOGIN + server_socket = /var/run/dovecot/auth-client + server_set_id = $auth1 + + + +###################################################################### +# ROUTERS CONFIGURATION # +# Specifies how addresses are handled # +###################################################################### +begin routers + +#smarthost: +# driver = manualroute +# domains = ! +local_domains +# transport = remote_smtp +# route_list = * smartrelay.vestacp.com +# no_more +# no_verify + +dnslookup: + driver = dnslookup + domains = !+local_domains + transport = remote_smtp + no_more + +userforward: + driver = redirect + check_local_user + file = $home/.forward + allow_filter + no_verify + no_expn + check_ancestor + file_transport = address_file + pipe_transport = address_pipe + reply_transport = address_reply + +procmail: + driver = accept + check_local_user + require_files = ${local_part}:+${home}/.procmailrc:/usr/bin/procmail + transport = procmail + no_verify + +autoreplay: + driver = accept + require_files = /etc/exim4/domains/$domain/autoreply.${local_part}.msg + condition = ${if exists{/etc/exim4/domains/$domain/autoreply.${local_part}.msg}}{yes}{no}} + retry_use_local_part + transport = userautoreply + unseen + +aliases: + driver = redirect + headers_add = X-redirected: yes + data = ${extract{1}{:}{${lookup{$local_part@$domain}lsearch{/etc/exim4/domains/$domain/aliases}}}} + require_files = /etc/exim4/domains/$domain/aliases + redirect_router = dnslookup + pipe_transport = address_pipe + unseen + +localuser_fwd_only: + driver = accept + transport = devnull + condition = ${if exists{/etc/exim/domains/$domain/fwd_only}{${lookup{$local_part}lsearch{/etc/exim/domains/$domain/fwd_only}{true}{false}}}} + +localuser_spam: + driver = accept + transport = local_spam_delivery + condition = ${if eq {${if match{$h_X-Spam-Status:}{\N^Yes\N}{yes}{no}}} {${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}{yes}{no_such_user}}}} + +localuser: + driver = accept + transport = local_delivery + condition = ${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}{true}{false}} + +catchall: + driver = redirect + headers_add = X-redirected: yes + require_files = /etc/exim4/domains/$domain/aliases + data = ${extract{1}{:}{${lookup{*@$domain}lsearch{/etc/exim4/domains/$domain/aliases}}}} + file_transport = local_delivery + redirect_router = dnslookup + +terminate_alias: + driver = accept + transport = devnull + condition = ${lookup{$local_part@$domain}lsearch{/etc/exim4/domains/$domain/aliases}{true}{false}} + + + +###################################################################### +# TRANSPORTS CONFIGURATION # +###################################################################### +begin transports + +remote_smtp: + driver = smtp + #helo_data = $sender_address_domain + dkim_domain = DKIM_DOMAIN + dkim_selector = mail + dkim_private_key = DKIM_PRIVATE_KEY + dkim_canon = relaxed + dkim_strict = 0 + +procmail: + driver = pipe + command = "/usr/bin/procmail -d $local_part" + return_path_add + delivery_date_add + envelope_to_add + user = $local_part + initgroups + return_output + +local_delivery: + driver = appendfile + maildir_format + maildir_use_size_file + user = ${extract{2}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}} + group = mail + create_directory + directory_mode = 770 + mode = 660 + use_lockfile = no + delivery_date_add + envelope_to_add + return_path_add + directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}/mail/$domain/$local_part" + quota = ${extract{6}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}M + quota_warn_threshold = 75% + +local_spam_delivery: + driver = appendfile + maildir_format + maildir_use_size_file + user = ${extract{2}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}} + group = mail + create_directory + directory_mode = 770 + mode = 660 + use_lockfile = no + delivery_date_add + envelope_to_add + return_path_add + directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}/mail/$domain/$local_part/.Spam" + quota = ${extract{6}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}M + quota_directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}/mail/$domain/$local_part" + quota_warn_threshold = 75% + +address_pipe: + driver = pipe + return_output + +address_file: + driver = appendfile + delivery_date_add + envelope_to_add + return_path_add + +address_reply: + driver = autoreply + +userautoreply: + driver = autoreply + file = /etc/exim4/domains/$domain/autoreply.${local_part}.msg + from = "${local_part}@${domain}" + subject = "${if def:h_Subject: {Autoreply: ${quote:${escape:$h_Subject:}}} {Autoreply Message}}" + to = "${sender_address}" + +devnull: + driver = appendfile + file = /dev/null + + + +###################################################################### +# RETRY CONFIGURATION # +###################################################################### +begin retry + +# Address or Domain Error Retries +# ----------------- ----- ------- +* * F,2h,15m; G,16h,1h,1.5; F,4d,6h + + + +###################################################################### +# REWRITE CONFIGURATION # +###################################################################### +begin rewrite + + + +###################################################################### diff --git a/install/ubuntu/14.04/exim/spam-blocks.conf b/install/ubuntu/14.04/exim/spam-blocks.conf new file mode 100644 index 000000000..e69de29bb diff --git a/install/ubuntu/14.04/fail2ban.tar.gz b/install/ubuntu/14.04/fail2ban.tar.gz new file mode 100644 index 0000000000000000000000000000000000000000..628545b6b12d83a4dfcf4529b41f62792c228c85 GIT binary patch literal 721 zcmV;?0xta@iwFR?P)1Y$1MQbhZ{jczhB^CJjMPJ=l>#Ira4D7AZL1=&Z6#&~ zz`KruB3xbg09_DCMo>VRAaZ-;y)^U@ z_5_W1em^5}=Uk3M(j5%0M~Fp}7>lVIYRqubkoOIoiK#qP6BOckLPYW;2OWgmSsIAg zuZ|mFmaYUYjJJfo8s1fhF1)IOlQ|75La(j33(9U0btUMJvtIut>QYeUVmCrexr&Qi zKbjFQ61zkzP2U-?^r{!(!l(3+?Yga{u}aaFy}dZE-rC%=GOfyYm&N9W)k}T291PDY z*P0t`IZ}uIjJ_-j{V$SH_dlT#cu)PeEcx8DI+m&H|328vfBu=(y@&@N72}Qi-)t}U ze|i14JEpGxd*KMK)CoAp98}8bBuj9v%2KQe1W{6IHF7UVKsi-oBUDPa+B%^mI!l#A z%iggR=`rPvnSp)Z2xvn7V8#q@Dyt%#D2+c|xJU7JZ=WzC$g2~0Q{w%WGdx!uFgO@} z=-u4i58*FN5)y;)2*=Nd+$g+V_$fxmCp11?eTVGz8P->^KFOi;zxe)( z;(T!ZH#>H&|F+iuy|9`8{p-KwZ0f&dYyIB`OZs27=SuT4o@Sm$(ja3D9@K#V)prvv zs8^H+ECdN-k)k768hSV1`}Y@@gAp1N=}x2^dQlk4c0wJawc4RhTtX&fF0G*c4Nk6a z2g6fPkL6zl5rJ&(DMxg| +actionstop = /usr/local/vesta/bin/v-delete-firewall-chain +actioncheck = iptables -n -L INPUT | grep -q 'fail2ban-[ \t]' +actionban = /usr/local/vesta/bin/v-add-firewall-ban +actionunban = /usr/local/vesta/bin/v-delete-firewall-ban diff --git a/install/ubuntu/14.04/fail2ban/filter.d/vesta.conf b/install/ubuntu/14.04/fail2ban/filter.d/vesta.conf new file mode 100644 index 000000000..69670a56e --- /dev/null +++ b/install/ubuntu/14.04/fail2ban/filter.d/vesta.conf @@ -0,0 +1,10 @@ +# Fail2Ban filter for unsuccesfull Vesta authentication attempts +# + +[INCLUDES] +before = common.conf + +[Definition] +failregex = .* failed to login +ignoreregex = + diff --git a/install/ubuntu/14.04/fail2ban/jail.local b/install/ubuntu/14.04/fail2ban/jail.local new file mode 100644 index 000000000..eccea0685 --- /dev/null +++ b/install/ubuntu/14.04/fail2ban/jail.local @@ -0,0 +1,39 @@ +[ssh-iptables] +enabled = true +filter = sshd +action = vesta[name=SSH] +logpath = /var/log/auth.log +maxretry = 5 + +[vsftpd-iptables] +enabled = false +filter = vsftpd +action = vesta[name=FTP] +logpath = /var/log/vsftpd.log +maxretry = 5 + +[exim-iptables] +enabled = true +filter = exim +action = vesta[name=MAIL] +logpath = /var/log/exim4/mainlog + +[dovecot-iptables] +enabled = true +filter = dovecot +action = vesta[name=MAIL] +logpath = /var/log/dovecot.log + +[mysqld-iptables] +enabled = false +filter = mysqld-auth +action = vesta[name=DB] +logpath = /var/log/mysql.log +maxretry = 5 + +[vesta-iptables] +enabled = true +filter = vesta +action = vesta[name=VESTA] +logpath = /var/log/vesta/auth.log +maxretry = 5 diff --git a/install/ubuntu/14.04/firewall.tar.gz b/install/ubuntu/14.04/firewall.tar.gz new file mode 100644 index 0000000000000000000000000000000000000000..e8556008077364323d7d6b6934e7a2cf7a734983 GIT binary patch literal 540 zcmV+%0^|K3iwFQ5XyQ}=1MQVdkJ>O4Mzij(@XnhsKo&*MSlh#7(1g=&0&FEG%?Me6ampuO4>y-_`!)kpP&FT0Pj|*j)GSV93 zG0u%P9?@5H>Ue&9TJ8w(mS4U;YbU>kw!5dto6pc!`1H`piz?!Qs? zZ2zTY(j)A}O)l`C?|(Hfn=&r%X0(YbN~&_+%&1`W&E*1z3IZzVUki(*D`*Kk5kQkG z1wFz!17_g@d9ch)G0;wCGL8I9sNtr~X-yEB=^d3PuoC0XT$oBik3eT~aJ zPYYM7vf@1@^`frQB1w}O-E1jovb=r04Y>?eKuHocY1?18ny~4FyPO>aM4!NUUOmFePy(-1M3SddTi>v8NVjB&*t=IgAYbgkDfmmx*FWy-yM^~-2uA1 z`-8QZ4$iCJUfZClsXi!k+gGp^gsj(jT}WJxQ(W4?Rswg^FKlTCd%;5d=XH e1VIo4K@bE%5ClOG1VIqwGCu%8Tmj4gC;$K)2?m1z literal 0 HcmV?d00001 diff --git a/install/ubuntu/14.04/firewall/ports.conf b/install/ubuntu/14.04/firewall/ports.conf new file mode 100644 index 000000000..a6ef4dae5 --- /dev/null +++ b/install/ubuntu/14.04/firewall/ports.conf @@ -0,0 +1,16 @@ +PROTOCOL='TCP' PORT='20' +PROTOCOL='TCP' PORT='21' +PROTOCOL='TCP' PORT='22' +PROTOCOL='TCP' PORT='25' +PROTOCOL='UDP' PORT='53' +PROTOCOL='TCP' PORT='80' +PROTOCOL='TCP' PORT='443' +PROTOCOL='TCP' PORT='110' +PROTOCOL='UDP' PORT='123' +PROTOCOL='TCP' PORT='143' +PROTOCOL='TCP' PORT='3306' +PROTOCOL='TCP' PORT='5432' +PROTOCOL='TCP' PORT='8080' +PROTOCOL='TCP' PORT='8433' +PROTOCOL='TCP' PORT='8083' +PROTOCOL='TCP' PORT='12000:12100' diff --git a/install/ubuntu/14.04/firewall/rules.conf b/install/ubuntu/14.04/firewall/rules.conf new file mode 100644 index 000000000..956c2e1d9 --- /dev/null +++ b/install/ubuntu/14.04/firewall/rules.conf @@ -0,0 +1,10 @@ +RULE='1' ACTION='ACCEPT' PROTOCOL='ICMP' PORT='0' IP='0.0.0.0/0' COMMENT='PING' SUSPENDED='no' TIME='17:13:48' DATE='2014-09-16' +RULE='2' ACTION='ACCEPT' PROTOCOL='TCP' PORT='8083' IP='0.0.0.0/0' COMMENT='VESTA' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='3' ACTION='ACCEPT' PROTOCOL='TCP' PORT='3306,5432' IP='0.0.0.0/0' COMMENT='DB' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='4' ACTION='ACCEPT' PROTOCOL='TCP' PORT='143,993' IP='0.0.0.0/0' COMMENT='IMAP' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='5' ACTION='ACCEPT' PROTOCOL='TCP' PORT='110,995' IP='0.0.0.0/0' COMMENT='POP3' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='6' ACTION='ACCEPT' PROTOCOL='TCP' PORT='25,465,587,2525' IP='0.0.0.0/0' COMMENT='SMTP' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='7' ACTION='ACCEPT' PROTOCOL='UDP' PORT='53' IP='0.0.0.0/0' COMMENT='DNS' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='8' ACTION='ACCEPT' PROTOCOL='TCP' PORT='21,12000-12100' IP='0.0.0.0/0' COMMENT='FTP' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='9' ACTION='ACCEPT' PROTOCOL='TCP' PORT='80,443' IP='0.0.0.0/0' COMMENT='WEB' SUSPENDED='no' TIME='17:04:27' DATE='2014-09-24' +RULE='10' ACTION='ACCEPT' PROTOCOL='TCP' PORT='22' IP='0.0.0.0/0' COMMENT='SSH' SUSPENDED='no' TIME='17:14:41' DATE='2014-09-16' diff --git a/install/ubuntu/14.04/logrotate/apache2 b/install/ubuntu/14.04/logrotate/apache2 new file mode 100644 index 000000000..27629d0dd --- /dev/null +++ b/install/ubuntu/14.04/logrotate/apache2 @@ -0,0 +1,19 @@ +/var/log/apache2/*.log /var/log/apache2/domains/*log { + weekly + missingok + rotate 52 + compress + delaycompress + notifempty + create 640 root adm + sharedscripts + postrotate + /etc/init.d/apache2 reload > /dev/null || true + [ ! -f /var/run/nginx.pid ] || kill -USR1 `cat /var/run/nginx.pid` + endscript + prerotate + if [ -d /etc/logrotate.d/httpd-prerotate ]; then \ + run-parts /etc/logrotate.d/httpd-prerotate; \ + fi; \ + endscript +} diff --git a/install/ubuntu/14.04/logrotate/nginx b/install/ubuntu/14.04/logrotate/nginx new file mode 100644 index 000000000..d667f2135 --- /dev/null +++ b/install/ubuntu/14.04/logrotate/nginx @@ -0,0 +1,13 @@ +/var/log/nginx/*log /var/log/nginx/domains/*log { + daily + missingok + rotate 52 + compress + delaycompress + notifempty + create 640 nginx adm + sharedscripts + postrotate + [ -f /var/run/nginx.pid ] && kill -USR1 `cat /var/run/nginx.pid` + endscript +} diff --git a/install/ubuntu/14.04/logrotate/vesta b/install/ubuntu/14.04/logrotate/vesta new file mode 100644 index 000000000..027a34396 --- /dev/null +++ b/install/ubuntu/14.04/logrotate/vesta @@ -0,0 +1,7 @@ +/usr/local/vesta/log/*.log { + missingok + notifempty + size 30k + yearly + create 0600 root root +} diff --git a/install/ubuntu/14.04/mysql/my-large.cnf b/install/ubuntu/14.04/mysql/my-large.cnf new file mode 100644 index 000000000..d0bab3907 --- /dev/null +++ b/install/ubuntu/14.04/mysql/my-large.cnf @@ -0,0 +1,42 @@ +[client] +port=3306 +socket=/var/run/mysqld/mysqld.sock + +[mysqld_safe] +socket=/var/run/mysqld/mysqld.sock + +[mysqld] +user=mysql +pid-file=/var/run/mysqld/mysqld.pid +socket=/var/run/mysqld/mysqld.sock +port=3306 +basedir=/usr +datadir=/var/lib/mysql +tmpdir=/tmp +lc-messages-dir=/usr/share/mysql +log_error=/var/log/mysql/error.log + +symbolic-links=0 + +skip-external-locking +key_buffer_size = 256M +max_allowed_packet = 32M +table_open_cache = 256 +sort_buffer_size = 1M +read_buffer_size = 1M +read_rnd_buffer_size = 4M +myisam_sort_buffer_size = 64M +thread_cache_size = 8 +query_cache_size= 16M +thread_concurrency = 8 + +#innodb_use_native_aio = 0 +innodb_file_per_table + +max_connections=200 +max_user_connections=50 +wait_timeout=10 +interactive_timeout=50 +long_query_time=5 + +!includedir /etc/mysql/conf.d/ diff --git a/install/ubuntu/14.04/mysql/my-medium.cnf b/install/ubuntu/14.04/mysql/my-medium.cnf new file mode 100644 index 000000000..1c10ab9a6 --- /dev/null +++ b/install/ubuntu/14.04/mysql/my-medium.cnf @@ -0,0 +1,40 @@ +[client] +port=3306 +socket=/var/run/mysqld/mysqld.sock + +[mysqld_safe] +socket=/var/run/mysqld/mysqld.sock + +[mysqld] +user=mysql +pid-file=/var/run/mysqld/mysqld.pid +socket=/var/run/mysqld/mysqld.sock +port=3306 +basedir=/usr +datadir=/var/lib/mysql +tmpdir=/tmp +lc-messages-dir=/usr/share/mysql +log_error=/var/log/mysql/error.log + +symbolic-links=0 + +skip-external-locking +key_buffer_size = 16M +max_allowed_packet = 16M +table_open_cache = 64 +sort_buffer_size = 512K +net_buffer_length = 8K +read_buffer_size = 256K +read_rnd_buffer_size = 512K +myisam_sort_buffer_size = 8M + +#innodb_use_native_aio = 0 +innodb_file_per_table + +max_connections=70 +max_user_connections=30 +wait_timeout=10 +interactive_timeout=50 +long_query_time=5 + +!includedir /etc/mysql/conf.d/ diff --git a/install/ubuntu/14.04/mysql/my-small.cnf b/install/ubuntu/14.04/mysql/my-small.cnf new file mode 100644 index 000000000..26a804781 --- /dev/null +++ b/install/ubuntu/14.04/mysql/my-small.cnf @@ -0,0 +1,40 @@ +[client] +port=3306 +socket=/var/run/mysqld/mysqld.sock + +[mysqld_safe] +socket=/var/run/mysqld/mysqld.sock + +[mysqld] +user=mysql +pid-file=/var/run/mysqld/mysqld.pid +socket=/var/run/mysqld/mysqld.sock +port=3306 +basedir=/usr +datadir=/var/lib/mysql +tmpdir=/tmp +lc-messages-dir=/usr/share/mysql +log_error=/var/log/mysql/error.log + +symbolic-links=0 + +skip-external-locking +key_buffer_size = 16K +max_allowed_packet = 1M +table_open_cache = 4 +sort_buffer_size = 64K +read_buffer_size = 256K +read_rnd_buffer_size = 256K +net_buffer_length = 2K +thread_stack = 240K + +#innodb_use_native_aio = 0 +innodb_file_per_table + +max_connections=30 +max_user_connections=20 +wait_timeout=10 +interactive_timeout=50 +long_query_time=5 + +!includedir /etc/mysql/conf.d/ diff --git a/install/ubuntu/14.04/nginx/nginx.conf b/install/ubuntu/14.04/nginx/nginx.conf new file mode 100644 index 000000000..7937301c1 --- /dev/null +++ b/install/ubuntu/14.04/nginx/nginx.conf @@ -0,0 +1,124 @@ +# Server globals +user www-data; +worker_processes 2; +error_log /var/log/nginx/error.log; +pid /var/run/nginx.pid; + + +# Worker config +events { + worker_connections 1024; + use epoll; +} + + +http { + # Main settings + sendfile on; + tcp_nopush on; + tcp_nodelay on; + client_header_timeout 1m; + client_body_timeout 1m; + client_header_buffer_size 2k; + client_body_buffer_size 256k; + client_max_body_size 100m; + large_client_header_buffers 4 8k; + send_timeout 30; + keepalive_timeout 60 60; + reset_timedout_connection on; + server_tokens off; + server_name_in_redirect off; + server_names_hash_max_size 512; + server_names_hash_bucket_size 512; + + + # Log format + log_format main '$remote_addr - $remote_user [$time_local] $request ' + '"$status" $body_bytes_sent "$http_referer" ' + '"$http_user_agent" "$http_x_forwarded_for"'; + log_format bytes '$body_bytes_sent'; + #access_log /var/log/nginx/access.log main; + access_log off; + + + # Mime settings + include /etc/nginx/mime.types; + default_type application/octet-stream; + + + # Compression + gzip on; + gzip_comp_level 9; + gzip_min_length 512; + gzip_buffers 8 64k; + gzip_types text/plain text/css text/javascript + application/x-javascript; + gzip_proxied any; + + + # Proxy settings + proxy_redirect off; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_pass_header Set-Cookie; + proxy_connect_timeout 90; + proxy_send_timeout 90; + proxy_read_timeout 90; + proxy_buffers 32 4k; + + + # Cloudflare https://www.cloudflare.com/ips + set_real_ip_from 199.27.128.0/21; + set_real_ip_from 173.245.48.0/20; + set_real_ip_from 103.21.244.0/22; + set_real_ip_from 103.22.200.0/22; + set_real_ip_from 103.31.4.0/22; + set_real_ip_from 141.101.64.0/18; + set_real_ip_from 108.162.192.0/18; + set_real_ip_from 190.93.240.0/20; + set_real_ip_from 188.114.96.0/20; + set_real_ip_from 197.234.240.0/22; + set_real_ip_from 198.41.128.0/17; + set_real_ip_from 162.158.0.0/15; + set_real_ip_from 104.16.0.0/12; + set_real_ip_from 172.64.0.0/13; + #set_real_ip_from 2400:cb00::/32; + #set_real_ip_from 2606:4700::/32; + #set_real_ip_from 2803:f800::/32; + #set_real_ip_from 2405:b500::/32; + #set_real_ip_from 2405:8100::/32; + real_ip_header CF-Connecting-IP; + + + # SSL PCI Compliance + ssl_session_cache shared:SSL:10m; + ssl_protocols TLSv1 TLSv1.1 TLSv1.2; + ssl_prefer_server_ciphers on; + ssl_ciphers "ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4"; + + + # Error pages + error_page 403 /error/403.html; + error_page 404 /error/404.html; + error_page 502 503 504 /error/50x.html; + + + # Cache + proxy_cache_path /var/cache/nginx levels=2 keys_zone=cache:10m inactive=60m max_size=512m; + proxy_cache_key "$host$request_uri $cookie_user"; + proxy_temp_path /var/cache/nginx/temp; + proxy_ignore_headers Expires Cache-Control; + proxy_cache_use_stale error timeout invalid_header http_502; + proxy_cache_valid any 3d; + + map $http_cookie $no_cache { + default 0; + ~SESS 1; + ~wordpress_logged_in 1; + } + + + # Wildcard include + include /etc/nginx/conf.d/*.conf; +} diff --git a/install/ubuntu/14.04/nginx/phpmyadmin.inc b/install/ubuntu/14.04/nginx/phpmyadmin.inc new file mode 100644 index 000000000..d70ca3e3c --- /dev/null +++ b/install/ubuntu/14.04/nginx/phpmyadmin.inc @@ -0,0 +1,15 @@ +location /phpmyadmin { + alias /usr/share/phpmyadmin/; + + location ~ /(libraries|setup) { + return 404; + } + + location ~ ^/phpmyadmin/(.*\.php)$ { + alias /usr/share/phpmyadmin/$1; + fastcgi_pass 127.0.0.1:9000; + fastcgi_index index.php; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $request_filename; + } +} diff --git a/install/ubuntu/14.04/nginx/phppgadmin.inc b/install/ubuntu/14.04/nginx/phppgadmin.inc new file mode 100644 index 000000000..cd1e5806b --- /dev/null +++ b/install/ubuntu/14.04/nginx/phppgadmin.inc @@ -0,0 +1,11 @@ +location /phppgadmin { + alias /usr/share/phppgadmin/; + + location ~ ^/phppgadmin/(.*\.php)$ { + alias /usr/share/phppgadmin/$1; + fastcgi_pass 127.0.0.1:9000; + fastcgi_index index.php; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $request_filename; + } +} diff --git a/install/ubuntu/14.04/nginx/status.conf b/install/ubuntu/14.04/nginx/status.conf new file mode 100644 index 000000000..c0bcd0691 --- /dev/null +++ b/install/ubuntu/14.04/nginx/status.conf @@ -0,0 +1,9 @@ +server { + listen 127.0.0.1:8084 default; + server_name _; + server_name_in_redirect off; + location / { + stub_status on; + access_log off; + } +} diff --git a/install/ubuntu/14.04/nginx/webmail.inc b/install/ubuntu/14.04/nginx/webmail.inc new file mode 100644 index 000000000..ad66895bc --- /dev/null +++ b/install/ubuntu/14.04/nginx/webmail.inc @@ -0,0 +1,15 @@ +location /webmail { + alias /var/lib/roundcube/; + + location ~ /(config|temp|logs) { + return 404; + } + + location ~ ^/webmail/(.*\.php)$ { + alias /var/lib/roundcube/$1; + fastcgi_pass 127.0.0.1:9000; + fastcgi_index index.php; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $request_filename; + } +} diff --git a/install/ubuntu/14.04/packages.tar.gz b/install/ubuntu/14.04/packages.tar.gz new file mode 100644 index 0000000000000000000000000000000000000000..4b778dadce20a61f03a8ca920ec81c55a8730fee GIT binary patch literal 562 zcmV-20?qv&iwFRHoJ3Lp1MQYgkD5>vhFSY7+_9e37(#VaFxE7E(hXh3fdi2rFJZkFya3gX^b)n zVXSCG>M9q!r;?X63%1>^6fD25GP?9(Zs8i zm#eSAOO(kSvCYUG8}`JzlNGcp7>;dtR#6ZOYcoV)W|{76R22A_Q=gJo4AXSy6Mw(T z@QvYNS99i079ZTgdF&uH#Hm!H2Tkno>k1^mATb^lABoBo#r=lG9NGXU~REdk0(83B2vo&kr_ zAp~{{4=IqJS7Kl{UdaJ`lmmICl^~$|AizYY10B;!5Re`k^vG)ug3|w@mF?UAH~v$N z5%B*SfdB3Ik9DT%#Rp2&fAy{S9|r3<{gP~x+kO96-v30?!2fG-8UK&;KeGQw{$uw~ zsNXQZA^ut3x1l|*XixdCp}qF{wFdwI0000000000000000RC})0(q@EkpL(F05 diff --git a/install/ubuntu/14.04/pga/phppgadmin.conf b/install/ubuntu/14.04/pga/phppgadmin.conf new file mode 100644 index 000000000..f39247d6f --- /dev/null +++ b/install/ubuntu/14.04/pga/phppgadmin.conf @@ -0,0 +1,31 @@ +Alias /phppgadmin /usr/share/phppgadmin + + + +DirectoryIndex index.php +AllowOverride None + +order deny,allow +deny from all +allow from 127.0.0.0/255.0.0.0 ::1/128 +allow from all + + + php_flag magic_quotes_gpc Off + php_flag track_vars On + php_value include_path . + + + + + AddType application/x-httpd-php .php + Action application/x-httpd-php /cgi-bin/php + + + AddType application/x-httpd-php .php + Action application/x-httpd-php /cgi-bin/php + + + + + diff --git a/install/ubuntu/14.04/php5-fpm/www.conf b/install/ubuntu/14.04/php5-fpm/www.conf new file mode 100644 index 000000000..d046bceef --- /dev/null +++ b/install/ubuntu/14.04/php5-fpm/www.conf @@ -0,0 +1,10 @@ +[www] +listen = 127.0.0.1:9000 +listen.allowed_clients = 127.0.0.1 +user = www-data +group = www-data +pm = dynamic +pm.max_children = 50 +pm.start_servers = 5 +pm.min_spare_servers = 3 +pm.max_spare_servers = 35 diff --git a/install/ubuntu/14.04/pma/apache.conf b/install/ubuntu/14.04/pma/apache.conf new file mode 100644 index 000000000..2a8f69e25 --- /dev/null +++ b/install/ubuntu/14.04/pma/apache.conf @@ -0,0 +1,42 @@ +# phpMyAdmin default Apache configuration + +Alias /phpmyadmin /usr/share/phpmyadmin + + + Options FollowSymLinks + DirectoryIndex index.php + + + AddType application/x-httpd-php .php + + php_flag magic_quotes_gpc Off + php_flag track_vars On + php_flag register_globals Off + php_admin_flag allow_url_fopen Off + php_value include_path . + php_admin_value upload_tmp_dir /var/lib/phpmyadmin/tmp + php_admin_value open_basedir /usr/share/phpmyadmin/:/etc/phpmyadmin/:/var/lib/phpmyadmin/:/usr/share/php/php-gettext + + + + +# Authorize for setup + + + AuthType Basic + AuthName "phpMyAdmin Setup" + AuthUserFile /etc/phpmyadmin/htpasswd.setup + + Require valid-user + + +# Disallow web access to directories that don't need it + + Order Deny,Allow + Deny from All + + + Order Deny,Allow + Deny from All + + diff --git a/install/ubuntu/14.04/pma/config.inc.php b/install/ubuntu/14.04/pma/config.inc.php new file mode 100644 index 000000000..a643a065b --- /dev/null +++ b/install/ubuntu/14.04/pma/config.inc.php @@ -0,0 +1,146 @@ + + VRootEngine on + VRootAlias /etc/security/pam_env.conf etc/security/pam_env.conf + + +AuthPAMConfig proftpd +AuthOrder mod_auth_pam.c* mod_auth_unix.c +UseReverseDNS off +User proftpd +Group nogroup +MaxInstances 20 +UseSendfile off +LogFormat default "%h %l %u %t \"%r\" %s %b" +LogFormat auth "%v [%P] %h %t \"%r\" %s" +ListOptions -a +RequireValidShell off +PassivePorts 12000 12100 + + + Umask 002 + IdentLookups off + AllowOverwrite yes + + AllowAll + + diff --git a/install/ubuntu/14.04/roundcube/apache.conf b/install/ubuntu/14.04/roundcube/apache.conf new file mode 100644 index 000000000..a0c87bcc6 --- /dev/null +++ b/install/ubuntu/14.04/roundcube/apache.conf @@ -0,0 +1,40 @@ +Alias /roundcube/program/js/tiny_mce/ /usr/share/tinymce/www/ +Alias /roundcube /var/lib/roundcube +Alias /webmail /var/lib/roundcube + +# Access to tinymce files + + Options Indexes MultiViews FollowSymLinks + AllowOverride None + Order allow,deny + allow from all + + + + Options +FollowSymLinks + # This is needed to parse /var/lib/roundcube/.htaccess. See its + # content before setting AllowOverride to None. + AllowOverride All + order allow,deny + allow from all + + +# Protecting basic directories: + + Options -FollowSymLinks + AllowOverride None + + + + Options -FollowSymLinks + AllowOverride None + Order allow,deny + Deny from all + + + + Options -FollowSymLinks + AllowOverride None + Order allow,deny + Deny from all + diff --git a/install/ubuntu/14.04/roundcube/config.inc.php b/install/ubuntu/14.04/roundcube/config.inc.php new file mode 100644 index 000000000..0c82b1bc1 --- /dev/null +++ b/install/ubuntu/14.04/roundcube/config.inc.php @@ -0,0 +1,33 @@ + diff --git a/install/ubuntu/14.04/roundcube/main.inc.php b/install/ubuntu/14.04/roundcube/main.inc.php new file mode 100644 index 000000000..97cdbf2df --- /dev/null +++ b/install/ubuntu/14.04/roundcube/main.inc.php @@ -0,0 +1,850 @@ +/sendmail or to syslog +$rcmail_config['smtp_log'] = true; + +// Log successful logins to /userlogins or to syslog +$rcmail_config['log_logins'] = false; + +// Log session authentication errors to /session or to syslog +$rcmail_config['log_session'] = false; + +// Log SQL queries to /sql or to syslog +$rcmail_config['sql_debug'] = false; + +// Log IMAP conversation to /imap or to syslog +$rcmail_config['imap_debug'] = false; + +// Log LDAP conversation to /ldap or to syslog +$rcmail_config['ldap_debug'] = false; + +// Log SMTP conversation to /smtp or to syslog +$rcmail_config['smtp_debug'] = false; + +// ---------------------------------- +// IMAP +// ---------------------------------- + +// the mail host chosen to perform the log-in +// leave blank to show a textbox at login, give a list of hosts +// to display a pulldown menu or set one host as string. +// To use SSL/TLS connection, enter hostname with prefix ssl:// or tls:// +// Supported replacement variables: +// %n - http hostname ($_SERVER['SERVER_NAME']) +// %d - domain (http hostname without the first part) +// %s - domain name after the '@' from e-mail address provided at login screen +// For example %n = mail.domain.tld, %d = domain.tld +$rcmail_config['default_host'] = 'localhost'; + +// TCP port used for IMAP connections +$rcmail_config['default_port'] = 143; + +// IMAP AUTH type (DIGEST-MD5, CRAM-MD5, LOGIN, PLAIN or empty to use +// best server supported one) +$rcmail_config['imap_auth_type'] = null; + +// If you know your imap's folder delimiter, you can specify it here. +// Otherwise it will be determined automatically +$rcmail_config['imap_delimiter'] = null; + +// If IMAP server doesn't support NAMESPACE extension, but you're +// using shared folders or personal root folder is non-empty, you'll need to +// set these options. All can be strings or arrays of strings. +// Folders need to be ended with directory separator, e.g. "INBOX." +// (special directory "~" is an exception to this rule) +// These can be used also to overwrite server's namespaces +$rcmail_config['imap_ns_personal'] = null; +$rcmail_config['imap_ns_other'] = null; +$rcmail_config['imap_ns_shared'] = null; + +// By default IMAP capabilities are readed after connection to IMAP server +// In some cases, e.g. when using IMAP proxy, there's a need to refresh the list +// after login. Set to True if you've got this case. +$rcmail_config['imap_force_caps'] = false; + +// By default list of subscribed folders is determined using LIST-EXTENDED +// extension if available. Some servers (dovecot 1.x) returns wrong results +// for shared namespaces in this case. http://trac.roundcube.net/ticket/1486225 +// Enable this option to force LSUB command usage instead. +$rcmail_config['imap_force_lsub'] = false; + +// Some server configurations (e.g. Courier) doesn't list folders in all namespaces +// Enable this option to force listing of folders in all namespaces +$rcmail_config['imap_force_ns'] = false; + +// IMAP connection timeout, in seconds. Default: 0 (no limit) +$rcmail_config['imap_timeout'] = 0; + +// Optional IMAP authentication identifier to be used as authorization proxy +$rcmail_config['imap_auth_cid'] = null; + +// Optional IMAP authentication password to be used for imap_auth_cid +$rcmail_config['imap_auth_pw'] = null; + +// Type of IMAP indexes cache. Supported values: 'db', 'apc' and 'memcache'. +$rcmail_config['imap_cache'] = null; + +// Enables messages cache. Only 'db' cache is supported. +$rcmail_config['messages_cache'] = false; + + +// ---------------------------------- +// SMTP +// ---------------------------------- + +// SMTP server host (for sending mails). +// To use SSL/TLS connection, enter hostname with prefix ssl:// or tls:// +// If left blank, the PHP mail() function is used +// Supported replacement variables: +// %h - user's IMAP hostname +// %n - http hostname ($_SERVER['SERVER_NAME']) +// %d - domain (http hostname without the first part) +// %z - IMAP domain (IMAP hostname without the first part) +// For example %n = mail.domain.tld, %d = domain.tld +$rcmail_config['smtp_server'] = ''; + +// SMTP port (default is 25; use 587 for STARTTLS or 465 for the +// deprecated SSL over SMTP (aka SMTPS)) +$rcmail_config['smtp_port'] = 25; + +// SMTP username (if required) if you use %u as the username Roundcube +// will use the current username for login +$rcmail_config['smtp_user'] = ''; + +// SMTP password (if required) if you use %p as the password Roundcube +// will use the current user's password for login +$rcmail_config['smtp_pass'] = ''; + +// SMTP AUTH type (DIGEST-MD5, CRAM-MD5, LOGIN, PLAIN or empty to use +// best server supported one) +$rcmail_config['smtp_auth_type'] = ''; + +// Optional SMTP authentication identifier to be used as authorization proxy +$rcmail_config['smtp_auth_cid'] = null; + +// Optional SMTP authentication password to be used for smtp_auth_cid +$rcmail_config['smtp_auth_pw'] = null; + +// SMTP HELO host +// Hostname to give to the remote server for SMTP 'HELO' or 'EHLO' messages +// Leave this blank and you will get the server variable 'server_name' or +// localhost if that isn't defined. +$rcmail_config['smtp_helo_host'] = ''; + +// SMTP connection timeout, in seconds. Default: 0 (no limit) +$rcmail_config['smtp_timeout'] = 0; + +// ---------------------------------- +// SYSTEM +// ---------------------------------- +include_once("/etc/roundcube/debian-db-roundcube.php"); + + +// THIS OPTION WILL ALLOW THE INSTALLER TO RUN AND CAN EXPOSE SENSITIVE CONFIG DATA. +// ONLY ENABLE IT IF YOU'RE REALLY SURE WHAT YOU'RE DOING! +$rcmail_config['enable_installer'] = false; + +// provide an URL where a user can get support for this Roundcube installation +// PLEASE DO NOT LINK TO THE ROUNDCUBE.NET WEBSITE HERE! +$rcmail_config['support_url'] = ''; + +// replace Roundcube logo with this image +// specify an URL relative to the document root of this Roundcube installation +$rcmail_config['skin_logo'] = null; + +// automatically create a new Roundcube user when log-in the first time. +// a new user will be created once the IMAP login succeeds. +// set to false if only registered users can use this service +$rcmail_config['auto_create_user'] = true; + +// use this folder to store log files (must be writeable for apache user) +// This is used by the 'file' log driver. +$rcmail_config['log_dir'] = '/var/log/roundcubemail/'; + +// use this folder to store temp files (must be writeable for apache user) +$rcmail_config['temp_dir'] = '/tmp'; + +// lifetime of message cache +// possible units: s, m, h, d, w +$rcmail_config['message_cache_lifetime'] = '10d'; + +// enforce connections over https +// with this option enabled, all non-secure connections will be redirected. +// set the port for the ssl connection as value of this option if it differs from the default 443 +$rcmail_config['force_https'] = false; + +// tell PHP that it should work as under secure connection +// even if it doesn't recognize it as secure ($_SERVER['HTTPS'] is not set) +// e.g. when you're running Roundcube behind a https proxy +// this option is mutually exclusive to 'force_https' and only either one of them should be set to true. +$rcmail_config['use_https'] = false; + +// Allow browser-autocompletion on login form. +// 0 - disabled, 1 - username and host only, 2 - username, host, password +$rcmail_config['login_autocomplete'] = 0; + +// Forces conversion of logins to lower case. +// 0 - disabled, 1 - only domain part, 2 - domain and local part. +// If users authentication is not case-sensitive this must be enabled. +// After enabling it all user records need to be updated, e.g. with query: +// UPDATE users SET username = LOWER(username); +$rcmail_config['login_lc'] = 0; + +// Includes should be interpreted as PHP files +$rcmail_config['skin_include_php'] = false; + +// display software version on login screen +$rcmail_config['display_version'] = false; + +// Session lifetime in minutes +// must be greater than 'keep_alive'/60 +$rcmail_config['session_lifetime'] = 10; + +// session domain: .example.org +$rcmail_config['session_domain'] = ''; + +// session name. Default: 'roundcube_sessid' +$rcmail_config['session_name'] = null; + +// Backend to use for session storage. Can either be 'db' (default) or 'memcache' +// If set to memcache, a list of servers need to be specified in 'memcache_hosts' +// Make sure the Memcache extension (http://pecl.php.net/package/memcache) version >= 2.0.0 is installed +$rcmail_config['session_storage'] = 'db'; + +// Use these hosts for accessing memcached +// Define any number of hosts in the form of hostname:port or unix:///path/to/sock.file +$rcmail_config['memcache_hosts'] = null; // e.g. array( 'localhost:11211', '192.168.1.12:11211', 'unix:///var/tmp/memcached.sock' ); + +// check client IP in session athorization +$rcmail_config['ip_check'] = false; + +// check referer of incoming requests +$rcmail_config['referer_check'] = false; + +// X-Frame-Options HTTP header value sent to prevent from Clickjacking. +// Possible values: sameorigin|deny. Set to false in order to disable sending them +$rcmail_config['x_frame_options'] = 'sameorigin'; + +// this key is used to encrypt the users imap password which is stored +// in the session record (and the client cookie if remember password is enabled). +// please provide a string of exactly 24 chars. +$rcmail_config['des_key'] = 'vtIOjLZo9kffJoqzpSbm5r1r'; + +// Automatically add this domain to user names for login +// Only for IMAP servers that require full e-mail addresses for login +// Specify an array with 'host' => 'domain' values to support multiple hosts +// Supported replacement variables: +// %h - user's IMAP hostname +// %n - http hostname ($_SERVER['SERVER_NAME']) +// %d - domain (http hostname without the first part) +// %z - IMAP domain (IMAP hostname without the first part) +// For example %n = mail.domain.tld, %d = domain.tld +$rcmail_config['username_domain'] = ''; + +// This domain will be used to form e-mail addresses of new users +// Specify an array with 'host' => 'domain' values to support multiple hosts +// Supported replacement variables: +// %h - user's IMAP hostname +// %n - http hostname ($_SERVER['SERVER_NAME']) +// %d - domain (http hostname without the first part) +// %z - IMAP domain (IMAP hostname without the first part) +// For example %n = mail.domain.tld, %d = domain.tld +$rcmail_config['mail_domain'] = ''; + +// Password charset. +// Use it if your authentication backend doesn't support UTF-8. +// Defaults to ISO-8859-1 for backward compatibility +$rcmail_config['password_charset'] = 'ISO-8859-1'; + +// How many seconds must pass between emails sent by a user +$rcmail_config['sendmail_delay'] = 0; + +// Maximum number of recipients per message. Default: 0 (no limit) +$rcmail_config['max_recipients'] = 0; + +// Maximum allowednumber of members of an address group. Default: 0 (no limit) +// If 'max_recipients' is set this value should be less or equal +$rcmail_config['max_group_members'] = 0; + +// add this user-agent to message headers when sending +$rcmail_config['useragent'] = 'Roundcube Webmail/'.RCMAIL_VERSION; + +// use this name to compose page titles +$rcmail_config['product_name'] = 'Roundcube Webmail'; + +// try to load host-specific configuration +// see http://trac.roundcube.net/wiki/Howto_Config for more details +$rcmail_config['include_host_config'] = false; + +// path to a text file which will be added to each sent message +// paths are relative to the Roundcube root folder +$rcmail_config['generic_message_footer'] = ''; + +// path to a text file which will be added to each sent HTML message +// paths are relative to the Roundcube root folder +$rcmail_config['generic_message_footer_html'] = ''; + +// add a received header to outgoing mails containing the creators IP and hostname +$rcmail_config['http_received_header'] = false; + +// Whether or not to encrypt the IP address and the host name +// these could, in some circles, be considered as sensitive information; +// however, for the administrator, these could be invaluable help +// when tracking down issues. +$rcmail_config['http_received_header_encrypt'] = false; + +// This string is used as a delimiter for message headers when sending +// a message via mail() function. Leave empty for auto-detection +$rcmail_config['mail_header_delimiter'] = NULL; + +// number of chars allowed for line when wrapping text. +// text wrapping is done when composing/sending messages +$rcmail_config['line_length'] = 72; + +// send plaintext messages as format=flowed +$rcmail_config['send_format_flowed'] = true; + +// don't allow these settings to be overriden by the user +$rcmail_config['dont_override'] = array(); + +// Set identities access level: +// 0 - many identities with possibility to edit all params +// 1 - many identities with possibility to edit all params but not email address +// 2 - one identity with possibility to edit all params +// 3 - one identity with possibility to edit all params but not email address +$rcmail_config['identities_level'] = 0; + +// Mimetypes supported by the browser. +// attachments of these types will open in a preview window +// either a comma-separated list or an array: 'text/plain,text/html,text/xml,image/jpeg,image/gif,image/png,application/pdf' +$rcmail_config['client_mimetypes'] = null; # null == default + +// mime magic database +$rcmail_config['mime_magic'] = null; + +// path to imagemagick identify binary +$rcmail_config['im_identify_path'] = null; + +// path to imagemagick convert binary +$rcmail_config['im_convert_path'] = null; + +// maximum size of uploaded contact photos in pixel +$rcmail_config['contact_photo_size'] = 160; + +// Enable DNS checking for e-mail address validation +$rcmail_config['email_dns_check'] = false; + +// ---------------------------------- +// PLUGINS +// ---------------------------------- + +// List of active plugins (in plugins/ directory) +$rcmail_config['plugins'] = array('password'); + +// ---------------------------------- +// USER INTERFACE +// ---------------------------------- + +// default messages sort column. Use empty value for default server's sorting, +// or 'arrival', 'date', 'subject', 'from', 'to', 'fromto', 'size', 'cc' +$rcmail_config['message_sort_col'] = ''; + +// default messages sort order +$rcmail_config['message_sort_order'] = 'DESC'; + +// These cols are shown in the message list. Available cols are: +// subject, from, to, fromto, cc, replyto, date, size, status, flag, attachment, 'priority' +$rcmail_config['list_cols'] = array('subject', 'status', 'fromto', 'date', 'size', 'flag', 'attachment'); + +// the default locale setting (leave empty for auto-detection) +// RFC1766 formatted language name like en_US, de_DE, de_CH, fr_FR, pt_BR +$rcmail_config['language'] = null; + +// use this format for date display (date or strftime format) +$rcmail_config['date_format'] = 'Y-m-d'; + +// give this choice of date formats to the user to select from +$rcmail_config['date_formats'] = array('Y-m-d', 'd-m-Y', 'Y/m/d', 'm/d/Y', 'd/m/Y', 'd.m.Y', 'j.n.Y'); + +// use this format for time display (date or strftime format) +$rcmail_config['time_format'] = 'H:i'; + +// give this choice of time formats to the user to select from +$rcmail_config['time_formats'] = array('G:i', 'H:i', 'g:i a', 'h:i A'); + +// use this format for short date display (derived from date_format and time_format) +$rcmail_config['date_short'] = 'D H:i'; + +// use this format for detailed date/time formatting (derived from date_format and time_format) +$rcmail_config['date_long'] = 'Y-m-d H:i'; + +// store draft message is this mailbox +// leave blank if draft messages should not be stored +// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP) +$rcmail_config['drafts_mbox'] = 'Drafts'; + +// store spam messages in this mailbox +// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP) +$rcmail_config['junk_mbox'] = 'Spam'; + +// store sent message is this mailbox +// leave blank if sent messages should not be stored +// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP) +$rcmail_config['sent_mbox'] = 'Sent'; + +// move messages to this folder when deleting them +// leave blank if they should be deleted directly +// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP) +$rcmail_config['trash_mbox'] = 'Trash'; + +// display these folders separately in the mailbox list. +// these folders will also be displayed with localized names +// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP) +$rcmail_config['default_folders'] = array('INBOX', 'Drafts', 'Sent', 'Spam', 'Trash'); +$rcmail_config['default_imap_folders'] = array('INBOX', 'Drafts', 'Sent', 'Spam', 'Trash'); + +// automatically create the above listed default folders on first login +$rcmail_config['create_default_folders'] = true; + +// protect the default folders from renames, deletes, and subscription changes +$rcmail_config['protect_default_folders'] = true; + +// if in your system 0 quota means no limit set this option to true +$rcmail_config['quota_zero_as_unlimited'] = false; + +// Make use of the built-in spell checker. It is based on GoogieSpell. +// Since Google only accepts connections over https your PHP installatation +// requires to be compiled with Open SSL support +$rcmail_config['enable_spellcheck'] = true; + +// Enables spellchecker exceptions dictionary. +// Setting it to 'shared' will make the dictionary shared by all users. +$rcmail_config['spellcheck_dictionary'] = false; + +// Set the spell checking engine. 'googie' is the default. 'pspell' is also available, +// but requires the Pspell extensions. When using Nox Spell Server, also set 'googie' here. +$rcmail_config['spellcheck_engine'] = 'googie'; + +// For a locally installed Nox Spell Server, please specify the URI to call it. +// Get Nox Spell Server from http://orangoo.com/labs/?page_id=72 +// Leave empty to use the Google spell checking service, what means +// that the message content will be sent to Google in order to check spelling +$rcmail_config['spellcheck_uri'] = ''; + +// These languages can be selected for spell checking. +// Configure as a PHP style hash array: array('en'=>'English', 'de'=>'Deutsch'); +// Leave empty for default set of available language. +$rcmail_config['spellcheck_languages'] = NULL; + +// Makes that words with all letters capitalized will be ignored (e.g. GOOGLE) +$rcmail_config['spellcheck_ignore_caps'] = false; + +// Makes that words with numbers will be ignored (e.g. g00gle) +$rcmail_config['spellcheck_ignore_nums'] = false; + +// Makes that words with symbols will be ignored (e.g. g@@gle) +$rcmail_config['spellcheck_ignore_syms'] = false; + +// Use this char/string to separate recipients when composing a new message +$rcmail_config['recipients_separator'] = ','; + +// don't let users set pagesize to more than this value if set +$rcmail_config['max_pagesize'] = 200; + +// Minimal value of user's 'keep_alive' setting (in seconds) +// Must be less than 'session_lifetime' +$rcmail_config['min_keep_alive'] = 60; + +// Enables files upload indicator. Requires APC installed and enabled apc.rfc1867 option. +// By default refresh time is set to 1 second. You can set this value to true +// or any integer value indicating number of seconds. +$rcmail_config['upload_progress'] = false; + +// Specifies for how many seconds the Undo button will be available +// after object delete action. Currently used with supporting address book sources. +// Setting it to 0, disables the feature. +$rcmail_config['undo_timeout'] = 0; + +// ---------------------------------- +// ADDRESSBOOK SETTINGS +// ---------------------------------- + +// This indicates which type of address book to use. Possible choises: +// 'sql' (default) and 'ldap'. +// If set to 'ldap' then it will look at using the first writable LDAP +// address book as the primary address book and it will not display the +// SQL address book in the 'Address Book' view. +$rcmail_config['address_book_type'] = 'sql'; + +// In order to enable public ldap search, configure an array like the Verisign +// example further below. if you would like to test, simply uncomment the example. +// Array key must contain only safe characters, ie. a-zA-Z0-9_ +$rcmail_config['ldap_public'] = array(); + +// If you are going to use LDAP for individual address books, you will need to +// set 'user_specific' to true and use the variables to generate the appropriate DNs to access it. +// +// The recommended directory structure for LDAP is to store all the address book entries +// under the users main entry, e.g.: +// +// o=root +// ou=people +// uid=user@domain +// mail=contact@contactdomain +// +// So the base_dn would be uid=%fu,ou=people,o=root +// The bind_dn would be the same as based_dn or some super user login. +/* + * example config for Verisign directory + * +$rcmail_config['ldap_public']['Verisign'] = array( + 'name' => 'Verisign.com', + // Replacement variables supported in host names: + // %h - user's IMAP hostname + // %n - http hostname ($_SERVER['SERVER_NAME']) + // %d - domain (http hostname without the first part) + // %z - IMAP domain (IMAP hostname without the first part) + // For example %n = mail.domain.tld, %d = domain.tld + 'hosts' => array('directory.verisign.com'), + 'port' => 389, + 'use_tls' => false, + 'ldap_version' => 3, // using LDAPv3 + 'user_specific' => false, // If true the base_dn, bind_dn and bind_pass default to the user's IMAP login. + // %fu - The full username provided, assumes the username is an email + // address, uses the username_domain value if not an email address. + // %u - The username prior to the '@'. + // %d - The domain name after the '@'. + // %dc - The domain name hierarchal string e.g. "dc=test,dc=domain,dc=com" + // %dn - DN found by ldap search when search_filter/search_base_dn are used + 'base_dn' => '', + 'bind_dn' => '', + 'bind_pass' => '', + // It's possible to bind for an individual address book + // The login name is used to search for the DN to bind with + 'search_base_dn' => '', + 'search_filter' => '', // e.g. '(&(objectClass=posixAccount)(uid=%u))' + // DN and password to bind as before searching for bind DN, if anonymous search is not allowed + 'search_bind_dn' => '', + 'search_bind_pw' => '', + // Default for %dn variable if search doesn't return DN value + 'search_dn_default' => '', + // Optional authentication identifier to be used as SASL authorization proxy + // bind_dn need to be empty + 'auth_cid' => '', + // SASL authentication method (for proxy auth), e.g. DIGEST-MD5 + 'auth_method' => '', + // Indicates if the addressbook shall be hidden from the list. + // With this option enabled you can still search/view contacts. + 'hidden' => false, + // Indicates if the addressbook shall not list contacts but only allows searching. + 'searchonly' => false, + // Indicates if we can write to the LDAP directory or not. + // If writable is true then these fields need to be populated: + // LDAP_Object_Classes, required_fields, LDAP_rdn + 'writable' => false, + // To create a new contact these are the object classes to specify + // (or any other classes you wish to use). + 'LDAP_Object_Classes' => array('top', 'inetOrgPerson'), + // The RDN field that is used for new entries, this field needs + // to be one of the search_fields, the base of base_dn is appended + // to the RDN to insert into the LDAP directory. + 'LDAP_rdn' => 'cn', + // The required fields needed to build a new contact as required by + // the object classes (can include additional fields not required by the object classes). + 'required_fields' => array('cn', 'sn', 'mail'), + 'search_fields' => array('mail', 'cn'), // fields to search in + // mapping of contact fields to directory attributes + // for every attribute one can specify the number of values (limit) allowed. + // default is 1, a wildcard * means unlimited + 'fieldmap' => array( + // Roundcube => LDAP:limit + 'name' => 'cn', + 'surname' => 'sn', + 'firstname' => 'givenName', + 'title' => 'title', + 'email' => 'mail:*', + 'phone:home' => 'homePhone', + 'phone:work' => 'telephoneNumber', + 'phone:mobile' => 'mobile', + 'phone:pager' => 'pager', + 'street' => 'street', + 'zipcode' => 'postalCode', + 'region' => 'st', + 'locality' => 'l', +// if you uncomment country, you need to modify 'sub_fields' above +// 'country' => 'c', + 'department' => 'departmentNumber', + 'notes' => 'description', +// these currently don't work: +// 'phone:workfax' => 'facsimileTelephoneNumber', +// 'photo' => 'jpegPhoto', +// 'organization' => 'o', +// 'manager' => 'manager', +// 'assistant' => 'secretary', + ), + // Map of contact sub-objects (attribute name => objectClass(es)), e.g. 'c' => 'country' + 'sub_fields' => array(), + 'sort' => 'cn', // The field to sort the listing by. + 'scope' => 'sub', // search mode: sub|base|list + 'filter' => '(objectClass=inetOrgPerson)', // used for basic listing (if not empty) and will be &'d with search queries. example: status=act + 'fuzzy_search' => true, // server allows wildcard search + 'vlv' => false, // Enable Virtual List View to more efficiently fetch paginated data (if server supports it) + 'numsub_filter' => '(objectClass=organizationalUnit)', // with VLV, we also use numSubOrdinates to query the total number of records. Set this filter to get all numSubOrdinates attributes for counting + 'sizelimit' => '0', // Enables you to limit the count of entries fetched. Setting this to 0 means no limit. + 'timelimit' => '0', // Sets the number of seconds how long is spend on the search. Setting this to 0 means no limit. + 'referrals' => true|false, // Sets the LDAP_OPT_REFERRALS option. Mostly used in multi-domain Active Directory setups + + // definition for contact groups (uncomment if no groups are supported) + // for the groups base_dn, the user replacements %fu, %u, $d and %dc work as for base_dn (see above) + // if the groups base_dn is empty, the contact base_dn is used for the groups as well + // -> in this case, assure that groups and contacts are separated due to the concernig filters! + 'groups' => array( + 'base_dn' => '', + 'scope' => 'sub', // search mode: sub|base|list + 'filter' => '(objectClass=groupOfNames)', + 'object_classes' => array("top", "groupOfNames"), + 'member_attr' => 'member', // name of the member attribute, e.g. uniqueMember + 'name_attr' => 'cn', // attribute to be used as group name + ), +); +*/ + +// An ordered array of the ids of the addressbooks that should be searched +// when populating address autocomplete fields server-side. ex: array('sql','Verisign'); +$rcmail_config['autocomplete_addressbooks'] = array('sql'); + +// The minimum number of characters required to be typed in an autocomplete field +// before address books will be searched. Most useful for LDAP directories that +// may need to do lengthy results building given overly-broad searches +$rcmail_config['autocomplete_min_length'] = 1; + +// Number of parallel autocomplete requests. +// If there's more than one address book, n parallel (async) requests will be created, +// where each request will search in one address book. By default (0), all address +// books are searched in one request. +$rcmail_config['autocomplete_threads'] = 0; + +// Max. numer of entries in autocomplete popup. Default: 15. +$rcmail_config['autocomplete_max'] = 15; + +// show address fields in this order +// available placeholders: {street}, {locality}, {zipcode}, {country}, {region} +$rcmail_config['address_template'] = '{street}
{locality} {zipcode}
{country} {region}'; + +// Matching mode for addressbook search (including autocompletion) +// 0 - partial (*abc*), default +// 1 - strict (abc) +// 2 - prefix (abc*) +// Note: For LDAP sources fuzzy_search must be enabled to use 'partial' or 'prefix' mode +$rcmail_config['addressbook_search_mode'] = 0; + +// ---------------------------------- +// USER PREFERENCES +// ---------------------------------- + +// Use this charset as fallback for message decoding +//$rcmail_config['default_charset'] = 'ISO-8859-1'; +$rcmail_config['default_charset'] = 'UTF-8'; + +// skin name: folder from skins/ +$rcmail_config['skin'] = 'larry'; + +// show up to X items in messages list view +$rcmail_config['mail_pagesize'] = 50; + +// show up to X items in contacts list view +$rcmail_config['addressbook_pagesize'] = 50; + +// sort contacts by this col (preferably either one of name, firstname, surname) +$rcmail_config['addressbook_sort_col'] = 'surname'; + +// the way how contact names are displayed in the list +// 0: display name +// 1: (prefix) firstname middlename surname (suffix) +// 2: (prefix) surname firstname middlename (suffix) +// 3: (prefix) surname, firstname middlename (suffix) +$rcmail_config['addressbook_name_listing'] = 0; + +// use this timezone to display date/time +// valid timezone identifers are listed here: php.net/manual/en/timezones.php +// 'auto' will use the browser's timezone settings +$rcmail_config['timezone'] = 'auto'; + +// prefer displaying HTML messages +$rcmail_config['prefer_html'] = true; + +// display remote inline images +// 0 - Never, always ask +// 1 - Ask if sender is not in address book +// 2 - Always show inline images +$rcmail_config['show_images'] = 0; + +// compose html formatted messages by default +// 0 - never, 1 - always, 2 - on reply to HTML message only +$rcmail_config['htmleditor'] = 0; + +// show pretty dates as standard +$rcmail_config['prettydate'] = true; + +// save compose message every 300 seconds (5min) +$rcmail_config['draft_autosave'] = 300; + +// default setting if preview pane is enabled +$rcmail_config['preview_pane'] = false; + +// Mark as read when viewed in preview pane (delay in seconds) +// Set to -1 if messages in preview pane should not be marked as read +$rcmail_config['preview_pane_mark_read'] = 0; + +// Clear Trash on logout +$rcmail_config['logout_purge'] = false; + +// Compact INBOX on logout +$rcmail_config['logout_expunge'] = false; + +// Display attached images below the message body +$rcmail_config['inline_images'] = true; + +// Encoding of long/non-ascii attachment names: +// 0 - Full RFC 2231 compatible +// 1 - RFC 2047 for 'name' and RFC 2231 for 'filename' parameter (Thunderbird's default) +// 2 - Full 2047 compatible +$rcmail_config['mime_param_folding'] = 1; + +// Set true if deleted messages should not be displayed +// This will make the application run slower +$rcmail_config['skip_deleted'] = false; + +// Set true to Mark deleted messages as read as well as deleted +// False means that a message's read status is not affected by marking it as deleted +$rcmail_config['read_when_deleted'] = true; + +// Set to true to never delete messages immediately +// Use 'Purge' to remove messages marked as deleted +$rcmail_config['flag_for_deletion'] = false; + +// Default interval for keep-alive/check-recent requests (in seconds) +// Must be greater than or equal to 'min_keep_alive' and less than 'session_lifetime' +$rcmail_config['keep_alive'] = 60; + +// If true all folders will be checked for recent messages +$rcmail_config['check_all_folders'] = false; + +// If true, after message delete/move, the next message will be displayed +$rcmail_config['display_next'] = false; + +// 0 - Do not expand threads +// 1 - Expand all threads automatically +// 2 - Expand only threads with unread messages +$rcmail_config['autoexpand_threads'] = 0; + +// When replying place cursor above original message (top posting) +$rcmail_config['top_posting'] = false; + +// When replying strip original signature from message +$rcmail_config['strip_existing_sig'] = true; + +// Show signature: +// 0 - Never +// 1 - Always +// 2 - New messages only +// 3 - Forwards and Replies only +$rcmail_config['show_sig'] = 1; + +// When replying or forwarding place sender's signature above existing message +$rcmail_config['sig_above'] = false; + +// Use MIME encoding (quoted-printable) for 8bit characters in message body +$rcmail_config['force_7bit'] = false; + +// Defaults of the search field configuration. +// The array can contain a per-folder list of header fields which should be considered when searching +// The entry with key '*' stands for all folders which do not have a specific list set. +// Please note that folder names should to be in sync with $rcmail_config['default_folders'] +$rcmail_config['search_mods'] = null; // Example: array('*' => array('subject'=>1, 'from'=>1), 'Sent' => array('subject'=>1, 'to'=>1)); + +// Defaults of the addressbook search field configuration. +$rcmail_config['addressbook_search_mods'] = null; // Example: array('name'=>1, 'firstname'=>1, 'surname'=>1, 'email'=>1, '*'=>1); + +// 'Delete always' +// This setting reflects if mail should be always deleted +// when moving to Trash fails. This is necessary in some setups +// when user is over quota and Trash is included in the quota. +$rcmail_config['delete_always'] = false; + +// Directly delete messages in Junk instead of moving to Trash +$rcmail_config['delete_junk'] = true; + +// Behavior if a received message requests a message delivery notification (read receipt) +// 0 = ask the user, 1 = send automatically, 2 = ignore (never send or ask) +// 3 = send automatically if sender is in addressbook, otherwise ask the user +// 4 = send automatically if sender is in addressbook, otherwise ignore +$rcmail_config['mdn_requests'] = 0; + +// Return receipt checkbox default state +$rcmail_config['mdn_default'] = 0; + +// Delivery Status Notification checkbox default state +$rcmail_config['dsn_default'] = 0; + +// Place replies in the folder of the message being replied to +$rcmail_config['reply_same_folder'] = false; + +// Sets default mode of Forward feature to "forward as attachment" +$rcmail_config['forward_attachment'] = false; + +// Defines address book (internal index) to which new contacts will be added +// By default it is the first writeable addressbook. +// Note: Use '0' for built-in address book. +$rcmail_config['default_addressbook'] = null; + +// Enables spell checking before sending a message. +$rcmail_config['spellcheck_before_send'] = false; + +// Skip alternative email addresses in autocompletion (show one address per contact) +$rcmail_config['autocomplete_single'] = false; + +// Default font for composed HTML message. +// Supported values: Andale Mono, Arial, Arial Black, Book Antiqua, Courier New, +// Georgia, Helvetica, Impact, Tahoma, Terminal, Times New Roman, Trebuchet MS, Verdana +$rcmail_config['default_font'] = ''; + +// end of config file diff --git a/install/ubuntu/14.04/roundcube/vesta.php b/install/ubuntu/14.04/roundcube/vesta.php new file mode 100644 index 000000000..8fb202a44 --- /dev/null +++ b/install/ubuntu/14.04/roundcube/vesta.php @@ -0,0 +1,62 @@ + + */ + + function password_save($curpass, $passwd) + { + $rcmail = rcmail::get_instance(); + $vesta_host = $rcmail->config->get('password_vesta_host'); + + if (empty($vesta_host)) + { + $vesta_host = 'localhost'; + } + + $vesta_port = $rcmail->config->get('password_vesta_port'); + if (empty($vesta_port)) + { + $vesta_port = '8083'; + } + + $postvars = array( + 'email' => $_SESSION['username'], + 'password' => $curpass, + 'new' => $passwd + ); + + $postdata = http_build_query($postvars); + + $send = 'POST /reset/mail/ HTTP/1.1' . PHP_EOL; + $send .= 'Host: ' . $vesta_host . PHP_EOL; + $send .= 'User-Agent: PHP Script' . PHP_EOL; + $send .= 'Content-length: ' . strlen($postdata) . PHP_EOL; + $send .= 'Content-type: application/x-www-form-urlencoded' . PHP_EOL; + $send .= 'Connection: close' . PHP_EOL; + $send .= PHP_EOL; + $send .= $postdata . PHP_EOL . PHP_EOL; + + $fp = fsockopen('ssl://' . $vesta_host, $vesta_port); + fputs($fp, $send); + $result = fread($fp, 2048); + fclose($fp); + + $fp = fopen("/tmp/roundcube.log", 'w'); + fwrite($fp, "test ok"); + fwrite($fp, "\n"); + fclose($fp); + + + if(strpos($result, 'ok') && !strpos($result, 'error')) + { + return PASSWORD_SUCCESS; + } + else { + return PASSWORD_ERROR; + } + + } diff --git a/install/ubuntu/14.04/sudo/admin b/install/ubuntu/14.04/sudo/admin new file mode 100644 index 000000000..47e16098c --- /dev/null +++ b/install/ubuntu/14.04/sudo/admin @@ -0,0 +1,7 @@ +# Created by vesta installer +Defaults env_keep="VESTA" +Defaults:admin !syslog +Defaults:admin !requiretty + +admin ALL=(ALL) ALL +admin ALL=NOPASSWD:/usr/local/vesta/bin/* diff --git a/install/ubuntu/14.04/templates.tar.gz b/install/ubuntu/14.04/templates.tar.gz new file mode 100644 index 0000000000000000000000000000000000000000..ce385d269736561780cb42d07b447572cebc7831 GIT binary patch literal 12935 zcmb8URZyHw7p{#YxCM6!?iL`pyF0-l1b6qr-ARz(?ruQ`4^D7`y9DZuAm^Lf{USGsP}RK+Ga`Vs-jJz6Gn9?|BB0`1J6{51&0u1-A(wAoe9`E z6vFFF9$veAdvSRue)_)Gm@QM;@XM>>0=l8*YwY(9{W9)%`RepE;+hLbGq^pv&)ZB8 z+UJ~^_R)U-TTXk!Dy_wd_uoOXH4L}g?^PzZPuwP_giL3A>ZWfDXn-)&+Nm*ctt9Ro zzkcM%b@(K34skWxW)xsdtReG-76iG!9zTrl!oGPF7;opAZ02sl{ChtK1-k6$74E0VejNdmSy38^P3J)Cf1-Zx6e}P#H|JTn7qDvR7!;<+EIe1bS^)*sfD>N50hnQeUnWn zFzTjnL@U1lj|+WjgiikibRW$cPRdAL&8qe8hhbL;eScs!{aa2e*ND-B@$C?!=FCH< z^~s6$i*H`*kGD%$(}!nN!-i^SK>feAX?tMl#;i>zYY8Z`ECzfKVqt*R8<=8~zX--| zp;5yq0um(a)tI)s77x-MFxzhqcEg>lUcYlUq3I%=BpHOc@9K0o`I|be`;KOZlPvIB zYPgu1K~sfidwaY51A@~Wj7>yn42>vAGk#;tx;$*i{Tj6kqc=v+*(I%@AYAhrX~N;| zsVvA7PqoV(G?;0HJg6vh&eRaE17Z&1XD^^m<9eM*0(N776F=<%FzIiF?uy&r%&Ith z($#hX`j!7uj9H2R{rU{N=PLxlanOBhsI7S?)T^%aha@c0@_qh;CBcDNWES-e-~)fv zKigBvPb(cGbwntTr}EF(Q@xXKhVB`e-a8%S*l`ESQcI($yR@DW58K>x`0eP=t{3FKGSRo{uR6e(#H$&Qk ziC(*DUd~E%L)b3adpbv^tUcfN-g!`|C&cJ1X1#Uf_)CxL)Nh*j`pF^P*h863`SqXQ zg13_gtU|4xc-=An4!LsgqoX7@RS6zE)~IG#7NVepDyvEys@ z*$PQ2+eaoBb0@g~!FfY{w&eW}2otfFH4Awx?+i4UTqKU9Msn|(jpkA`XF_p8f*;Gn z9L1&GhDc|*yuCLG-|=WcA)WpAU9RB1w;Ngfulms@WDka*s@ijS2qmv<#;))b^5lUU z=HFlCf<5Rae4^TxH~n=d+@}UT>ttwW+H7C9wHUk!zS2}Jn0%FsMP>-nm`%?Dvs3yy z??763L80Q*Rh#*37V&&Ki%&c8iRi;i0)q|h~vc@%bYbL1kN>=-s0)-cON^Yodi1Kp3KXZ?pJLJKh-(zS?3;W z_;?d?YEg^fIWXfiX5v%K>gFrBUWMWDt8$u757-_T*qr;5k05jG{9I(tE=SDl>LwbTE`79%21I)E>;jq#e6Zxg-5dBfX*LMqh0umSQ2o-uO{D#!-7F0 zt~unv(iXbV2M^9c5n7c7K$B>N6pd^P*}&%wtiwWZ{bfP9OHXMTl08vcbFrD z(tHawlPyRE$*!c`0m7l-Pvp5Q_Pat{0~Dh_4gZd`l}u@}M4~mv&SmMuS7^r%Wn~uq zDqKZF+?smlPthH3MLeow@zTVFU>x21VNhNwDk8cvhNkl@+9BPK*!M5L&+R0kee~yQ zPn}B|<6e{AKH)Dhip&S|Jk~lF8B&Q#0*H@e3Bvustg<_4jnw0wH|&nuh)5ZYv$8&$ ze0Ps<)-;-cSR$PHPBrE|Ixj&aUhNGLjt0Aq!;`_w4)LBhBGJL`c_AgtI_u458364a zyI=%x%|FrU9>hVO4BemNuI-QD|F$&GD+1kr=U;d8=%_LxVT@ayQ(F-=;QMZ8{vPKJ z?ukakSmd&E-!Ni-8iY&<_rjv>IVyWs?P&0iTHJnl&X`v}Ay>DqpoHQQ|s!d4G~E&r^`Y6YC@j@?kZMe1n5pC=`GcHJkG3W z5(?_>(qygL-S8?#O53fJl>}U2-MV%B57eWX!ymAeW%H;a+XqP)dTi2skTBzi%<~2v zxlZq}1SFPfDBdt;T&1y&x9|sD9Jxk2ZNhDT*5KkF`&pBM=fd07G|I9UGqc361TVIe zu~^RmxsUz2H)gt=vuhw!&|Iu^iP00M8eu^so#6dZ{g0D)KGogXh?!@MOR(*FPJ zm7qA-wlYTl3Ry^A)jHQYopA;vvH^9bKuyLG6wq>q zff!S2f&Z?Ll@N}|C=^mQKx9K!T-|pb*-AC)O|Kl<9aVNL&i@srzYQ29#R6!tZ`<$b z9>u@B3(S56Z9o4_A-eLUV|bMh@qMMb;JdPZ>nQxe>hUNZ3-}<8zqsJOi0>oq%%^iK zgwuWD2!@{=K@GIQaRF`~C42HM7$3pJ9%%tn3G; z?H;2Ge(>) z(=BPRn!e6)!2SX0KT1|(*)tWB!xgAc7>gIa=nR)oEH}?x#mJ+v?r^)}N2K4KAUbp| zUIj@q`cHAY4MrV4-i0#WQO>kjAdSD!O)9qY=Kg){Hv9bLl4r)fX1c8}BbsnYXI&2a z-^AuMfeo6ktzS=Z4dGsm^NHrTz26bpuX|5!jTfhTXKY)DSkHh152l+0`{(ixt-1}< zbcxD|X}Cn6+$4PvCs#n;9KHU?Soz__!yta#1Fk=gL{xHKT-`$@o%Z&QZUo=_fucBO zX%X!4T*$@URhRLQU5g(O5n}p!`F-s6VLJ~3jNC$DE>%Av|CPUCKphIW{HM!N>214K zPLRXxw<5aqh{A0-l&*iU2347mnmw?Rn==6ZFB&hAyorD^TD|_0m(2&&eOIaOu&{7A zbPBcNTLx1@-!|#9Vwn8d(ZN%9`jOL}MzkbP^qjAccW|JGyPrY7h&2umnN#_^dJHF{ zOB{p}ar*T6YLnODjtbtG58(3x8uaFBaL_YcVMA1+oq!J!4lPK))@Z}FDp|+LiYu@a zDhcT0{)c>eSVllD2-xGI$zn3BGz3RAl6R;i~4yG{UyOwT+XbQ(0Z@>8mFH@g7 ziUCEdW5>xZ$>UU4&YUx``3njQnH$%4&*_t&6rTdA_NWq~-QO(L#++e~3_y&ICmW%t zwWuzG&5QL5lUHGu$Xdoe#VF1nGjK3PhBB?zbg|kK*L3bD5>X0@dtyFXo9$yU$eDCS z4m8s#jO;GzQ$(VviZ;qIHPv1O1oDF@%(3Mc&y8!AGYYcw8C!53XW|V?A4U1i89d8a zfHX$Tg~$=r)@Hu7S=n8B1i5`Uo<;K?)DR|%utBHffOjx;Mb95{kT%i1c@A0%8k!-C zAlzjUf#S1gL==<2N>v@yp}YBg>T>oe_~#l#mF8co8Vh_+AF7$yXdD7`-@C+2Tx#SP zg_Hism7-12$uPu$Te@bYRq1;Mf0)h}Q*6@uS!kel9kq%N=F+6qHJAUSr3YeA_;t`A zCh%rjXP`mw(}pN@%&>NU#darNKr?JOc`Slin%wLcpOy^eS1bn5DoQf9tf97<>@%w) z%U{-vi4mnBwB68v4Vxn^a(f6glwJ08*T;d-oc!R&u!ZHpkVT%51c`h}QAP47|G}9i z%l(M240*qAMlJ786>N;f?A<*Zh1=5-hdCQu!#|WMPdkDu*teb#WqH{{YASc>N3Jz9 ztB{}ldKN$4GK<**IgiC()Q_7cfCavw85koN*v33hRrrRZlVWnjrKowDc$hyZ+rqZW z{<|U7ObZjrp|Na5NU?a0*gCrz@~#if@(4J$UeUkvm4fQC6Qx63h#I4y%7&+B2>5l{GtlExn3}7CZBn4L9P1oLF4yf;MU@j$x@+RDoSE?Yh-W@>dTTdZsAU+bF zzF?DvW%XkO5hs?eGlJ29$s5HoO|krX#8?(?YpFpTRr>qvxV}QWjOQqWspz$DqM4*P zMJoz=^20Q*j+#xJeNn@7T^rt>rZV}yks>B8wU868$B)DYg`^b0F5;7PpUeM6PO{D;%#AZ<&uCMl$~8h4S#zweCGPL%EW-cEa; zlJyhIO{&-**NGLL_jSk*xb7)uabTMVK#i(1P1N;+Z?%O20}+uOHsZyx-Yc!a5G=E; z!5Gf;8xS8kXbja?dj$C)Y=^#aI;@Ss3W}OX_eoWw{5A7}0<87>5!?2jG`b&d%+<`$ zDspmaE6JBW-QeMh?~*;?$t597P1woPcn@>l5@k$LXuZD9^PL|rS8fy55&%RUj)0dF z2aJ>c6)YTj)ejqjkpBg=Y1TJB{cUlAT3%bA5p>-%omgcm=G17f5G#wgE=O}k1jLr9 zv%Ni8o?5_Ejb36EiCs3Ya+6YmcS1Is`X{iLb9iHywh`F2fX&q#aK$-bTV@5=Fg8lT zaz4YJzTbhAV6i|)5CjVfK7g9J!>+pTf2ZAnP#wwiRsmIVAYkHI+(h{i9*AcrL{8$n>IJ~)+8beVHq_}#Sf=o6$M zUrU@c`ulZr#P=?13#d>j^~(&M-ghCH(RFr8ZRV9I8xOc9LV+FnXrek|QRi%}rPf-D zVxiN8+r_?*%cYfEoeQ_dEPrL>EEFvH5i!2R31S1mK1)5lwPv|cPHVbE8l2xRmV4eaqLbfa*X>9N==^WH#klhCO(?7%3)y!SA;LlZO zH+!?ky9K;)R31}&5GIu{@oegzO?w2lbAAE=O=#wvdWh%jI`9GUUi}_Vmy^-iuLUo= z7cn`9O{P#}2AOE9MLZl}_pLw?+7T3!3A*r#(R-EukMCjIVf;RKH zS=q_{rnO-f2yOXXUG6Yo<|R6EF;;q=P&hh-XpJZ%f`QVEzez-Z)K}ef)vbJ=1QO*? zW;gt~BA+TFW}umxS0kGy_%6TOKrZIBUvwlX{-2Qm#!*#Vu=$0NCN`83vi5IA7Ej-* zm-RO(2CH~@APZNj@aD5t{7G_LuE~mO<48WPs?bsj#)O=f;F&QR@D7x^4}WZi*tm8z zSTGy;J45gM?BS~GwtOZ=W-w83IKI-2-etNX?+s`1#3T#EPi z96E!g_>x)Ghe3mq?-l#7sorYH0SZm7eaE_9rS*EQZvrzQ+hTNd%#nDPq@KW_kkAGdp z8bvYu*BrDYc#Jg!zlx)U#Nmm7(JJjKD;^!%;>PPD=6O#d=-t7cf} zA(nJ*jXv5scRMt-A+MqOXRg8^=nBy@c>f}sv{)=s5@#AeYbLW6fJb7orLTP~nY19J z4AXq4cYlMFHcKuN>qY=^-igkn&ae6U;g`o9aQ@$s*7=*a!LQ7X?R#r#>~V_@0`+U< zRqOW~J!-j|y-%MKvDl?>$>J8%z7upPiNEH-Ll|V|GE~KdK6h7PU{Ssc&EAF!CmDD< zC{TT0M{nM&mUpP^%vs0}_3O%-_9QL^y}eG~T^&mQeyj+iV&DP&;p|!2A1;|n2V7yA zVkmb7!ssi?Hj4FE-%ic_WWI39n8JtK$0ECoJg1jp#R7;MbYp2UjGPwlETTx=1XJIO zgykH&9aY^2kbnO%6dKQQKK;Z9u->|A7MsVfCAzCmZ~IlBQb}w}Hq6`2uT+dPAfTq( z6PDv1^Xp~SUbH!c1>+|rj=fL?a~E_m(WH;i_{5%bW=G>`!s;g7kgTb#gSvJzPmTXx z^P*p4t6Wo~8;CcbRMgj)(Uph%^w;>Tyqr3`K(C&f_4yxBD0uTa1EqE>nQJ#ZbeFcZ zfh6Wf$eHd8XVrf1r;FoqssnR91-j#$>)~u_{G`h-aX5s+t*P|*opw^(%pMUR1yqS= zli1wu=@gSZxaFC1St@FR@*1w%7%?Srb>>)UiC4XM zV)x?=sGjGOtx=3A>1)@A{14O+9$C--P~87@&8zZ#+rKtl`M3QGrfYDO{jhz}reg?r zm4-bOn09axOvNT$(>W<~)@?;vzz}vE=0%kTErWU*-?vI)S*Sx`@UOJ~QR6;Gs;DN{ zD0(5(gj?dyVMk6vatr%}J0;}_C%0KaRe^rwOCPc|APbgmtH`y7;b8T;WB8rf7A zjl2?3#Pfykp^-*!#?}5_+cvH^M@Ln*@C{8Q>#WitdID9bOl)S zjPVW{R>8JMiFqiXuU9)}`q21&_vp=ejcVqyXYl8;-bXkbf(!BPO;hl?HeUkp=PCsN z47KK-eutxdc)Rf*1Uo}v7fA^~Wpz;7<|+E~Hsfoup%xD;IpJYJV@N?96LTN>Y3<|0 zY~ft&-s`6>v%uYFYU$(pyHiUhtadBo&u(!{Fsvgj9QEig&|Ji<6>qBnBzQ>J9R=P5MMb`t=J4Y`%7#a zaeXIwq=m^aGw9WB5tU}+3j4mw`weN5OK{n$ej2bzMziC>p^2BqRU+NZL-CRQTSl8R z(foTpQnu2Ui@qpl>?wbryH=q{Jb_8VnTtFdA?%L(=E`l37DL&NROMo3g0e)~h)>=^ zSn?t9THlSrhNyU*ph_<3Zce5~@YJOwlv4=$={o~j>{Gnl>8$i)(K95-Lp+NNig$^$ zd%9KXy3&bDIRMkEm)RGLg(|i8PxW8j69~9f)bNcU>NEIgV zF7`+8Wj7Jec`dZ1$yN1n)1ZT`wR_6GxuC^^Cq|V#xyHcqv%yjc0Tq!R#ltSzLSJQ{ zc=m0dAi?$>cIGSk%4jUPv8S50-*J0$w!P&GL1j5!nN++DxVy9KT{d$v#Y*H8J_0x1 z@*O0878_Xue;im_3q`$hxZJ;Qho>apEraSXu(CSVw?Ou_yNcN z-LG5GmSC4fu&PlAej>$%Twi*N{(7Gm#bS?qy@KZrTz&_tt2?|02uFZwM%{U!q4YI9 zSnWmd^tiMjJvca1I~5AnJH`gBI|2)txBtzqmI$9g4fLX}&s6hfiXv$c+8ZD75i_r6 z{a=8`wCN7Z8sNE@U+(>h;J+H=3sZg+7bs8y11?FtE%$Y9A-@j5TY$3BS=HQACd}-` zNeF0QbV>n8$_-6k7{A%bxhkoz@(`FzCxMh+(o{##EFXBvJfuE_TJRJ0z4MR#R*%yG zNgn)e%hu;~ayiVZdwHV<`PcDm#n-`D6Dw$%H+{tFaZuZHH*SC6SF_zio~!sV6dwaZ z-qAXV;cUj`W3kU?&oEsr3i+6is%3lnbG~pbBu>tEH$NaUPv>!(WUIj>wl{JqfvmhQ ztmsA$<``V~3451dM^@j%fe#$gH={2E-Oj0(!{fyslB!yrp(eX=i;(xifRAvirYps1 zsl0x`)q2Xro@lsoYkm5mOY4v!wk%53#WNgm!R!5UelhE^g$aT_kDzv8<1rfG4(!xA zM-00+4(}=WERwgpfvFN%zfV5W-n<|Xlu|Nmv2NO+CVyOU%CPAsnIfH!Qs(~YKVr4= z2?IU@ReR8vb19_*$%~<{1G%&ME_ojn_|pl zMUaLcGJk*HiO|~OkyC{aOi!0RyS+LUszMqT&PE{($q;aZ*9lCYJ@(p672?t_F_Bjy zUCr=v&5RJv92S~kaj2V8nuc?*l0Z2!xAN!57C9Gx_w?WFNaw*sOl=w!lyK7Wyy}yX zI(d;iHLPnopc=tOyP^IZ^eU4ut90Fl7z%4{@Iy}B_Cf$Vaj$X&pq&ieRP^(DQbk55 zbH5yX{OXbqws7a4sQ(J3l`$2}r7gD@IAPq%D$5CCEr@xsf}@|rl?<^8f3Lc892{_a zADziqLnJOP?C0fwI~je{5M4vWC@vaw^Y1};Oc*Zh=_LAMr?HeVLJ~Dx%mBkM4)_y0 zLmmY0>_cFS2wU*)HH`q)6e`-*tN
JXql@HLvN@Zghx7di_zx{Jl{l=j8>Rd0iuIDly5)|igW-~8Wh{82vJVRya(Gh28$Tg zNYvQTi%N?bCT;d~G|V4#+1?=$n)3*Hxd;vcbUYEFUd2Vb0A2Nu&?ll{P)8UPg|y7h zt|X>^>LNVb{#blXPfp^$?bprv6EHIeJC+ep4Snj{tkXIm5nFTt8ER^2OuVN!m)S0X zvQb6&n|xqJy&%>~Sa#2_Yw!4`{PZWwbk?(I*2wCsAP|b1st=@4l>#FI_0_}g{H+*3$S0l%u3ywW7$1|v! zaSpbH0u!@>L3X&jg3KQY$hH&phHZrY?~(zKk;K(>(uzNUH- zAZr2aY7}3oR5yTsUaxfjflMoKr|}3vF~{kr4v~c0PlCr#@)7#+3hHvro10o+MqFfo zt~mW?mKeRX>@k4lKg0BMFm;nxaf$PA{1_x*m9s`ei8?E;LBeQjPh;<^BC`vhy=8L5 z7V&1ruJ_U4bC3GCMbrm^YMib4{f-))$Pn`w@a>Pczvf0da-TC@FN1z}mO*A+i99yD z?0_qiI--5?Hby9TD1ip5FaHrL{|FqiUo?X}p29l2ChO3TRP!Rgae*d8XFjXt@lt+2 z(l{O@3MS9x?sg^QXz>(gRF%k(P@nrEjix>Us|FT-+Fwyk>$Q|s_U^a(#+sJf>R0Nk`o%iVEFD>Xu zX43CaBLt7SlSZr>sgwQU=RQ?pa1EU9vC%~c0OR;rBBGUX^6$}2?3>@PSr6go;#A(uRDeJ?r@yt7-{CNjWf$})#`?+ zFPi}mLdWU?k8*Asj=i8JW*@(>J$VC6@%xc~i?g{NFuI%b>=Cb=x3dd$gWg89atW(} zpW$UJH1jFz$K_|Mdo@4XPjjfTLC3Gi)5C_Tc`q8ZDaaS`YX<7~dyc5&+<)V>LrNWw zh|!H@H;_j8_QnQ8l%L8S%>>Q6l5&oGx5~mB7`a#+TWdF^-blaz8YHi*1i^s*##_FvY061=ALqeLd@J$ksHKP z6_vt~i+S&GRR-uk{ed{m2-yA_H6$NcWKeg!b{27o$qN>%+`hm|M zjQrW{eCJpuGlA6OeZNfM*=pe}a)<^~85he}>OE)56_#oGj@puBeg(|;|IxYaXiy&W z-AMMgq<11R%N9ux>R`07CGmPg{W}5dS5v*+RO%`%2QJ-e;6wr@WSo`q^vbpL23}{-71LD?wbSfJb|su5Qg-`CAXhJ6+on33>{I+|^K- zwa7vH3&QmHz2^_T7v2|u1D=jPRs7J?tysxYHt}Nodch%A_&)zMU(j;!`Bbyj0TGQZ zgoKK6jAUQ9a@LP44T9G;z`OFrKX#;sY}9qa3lXQEOut~tlYwZ(?ZXJ~+*(Uv8-?OC zK@NPFkb5V}86w*SD@mDPYD@YSWld@SMH-SkDS26r`r#wM>+(6gP5fS^a8F+sQQ$AA z4fhEU3Tg%Pg)azCL0)w80A(D^hvW*Ci3fRZR8*wwYt}`wMO=4aP7;2-&-EBPV(4cC zH*B^a>!6#azD6inJFwDaC@>201+*`Gm|-5GvFBj>dq9HttUjkJrGq6*7Q}3zGXi^! z+6TPWFZ3J%%rLWIfEKuFqgw;~m|n%79-+Vtadf%`#ET?~C{b#zg9h=&%IS%aFFo`# zNz8vjOOT+`_?p3T0XSE|Ij;d14@Pq^7o$@=1#quf2em$bvWY{l25Q3mFo194!B^Wsg34TJo+;u3;H zh)L68Y8_|n67v>dYp`@xip(ip-0eD;*)jEGuvc-g zmy*qWG(*DDS}Ym#Gs_tjzdh+(;~4jRG3r_pG74zmV*LXIOvP)OSizs4Wc%`@)hbqp5NwjpbcWEw62}W!p z*6|8cobtEeznxZ0F6#XOvo1E@jd zVB@0*+6D6lQ4$(WvC9keSb2MA9kh3)cKl`9lI2`X<_~1cx(V?8$?dig&%>`jKhcrH zGOhC<_!_p)3f}RjY-u8T-)7A%ex2|e`Rq7Da7~%Th32T?PtqT*=7(eaSVvv~-XwzU zrcyVdjp8A8p^dJmXd|m`kJnSJW01feAbrsqaPu~szeWfXH#`8EGGv~_Dbt?S*;r3P z+}1k^|A$;`Hk=Q!Cmfl|LH)`E&U7(tYJ?`&ZzQ9ySb(Eg9}x1|R_ir(zeM42xB=w)0Si$1$NjQTY`AjI?K{SLxzowsX7ZMHi$ zLFA$2ZD*1Z4Y)}Z#W9$I5IUBjLTV9>dp?^gk?KBz@EG=l>nNr+5t2=F1r$$z^twyC zNq{ZCUfd`A7U@Z{&xR!>o4_Fi9-f2LSp%6b(gEM6f_|W}=o0nyXB*!)CA5X?cic3J zQfWU@t(aj(LiOCyeCJL?@YViMMpdULAq2o{4EXP50tIP88CBjjggq-9$J2RU%|1>q zpK9HJ|NC{fQ9kR~e+8N762QdQ|MQ{p$7c{aOq^LnAo95Hae$Uw>hrTlC*Tu)^?A$3rSL#CItz$MK1{#+IIg(P~= zJ>=DZL*G&lxs#hoNz(_dN*L8V2j_f`aP`%iuGN*yF>+%qw-)11PM{Ar!r$TT66xe0 zJsjRCsn&DIEa4m7=bPVKn!*bfTNzcp&L<~ax@$1iqFZ}7yN0u?f+oy$MkR(f!+NWZ z(u|hpY)YTt9dFxTw(*2$}hHhUwJ08-EcnsmZ)-)(-JHS9zNH zKz3TfERImV)15?rnW04WX@E~}+rox?xSHL$^QCcO*4XBhp0L50c!+rg6KCGVIEZH< z+t~QG?0*37FdMe)O?Rm8h(vuncDQHxsj;!;~aoa;ky5pJO-1#@P4%gP=#nVflB&Rn9tL>xE=c2rAyI*><1|WYKK{@dlzKc(0vzK>Hzj6;_pI3=EkI&^?r z%~mU;QU1%QT{_gI%1{qhL;4q3N@E!ZSjS;&haPdV+Yz=5OS2lGrd+ev_TcPdT71{*QLSCls~=|+ynm} z-o9y$nn?iQ;7Um&Bp>mzL+}%Dk*DeLQvxUCHP@_(zF`DUGd5J*c*7E^@Y?4B`~c9eHy;l}b<2I*SECD}i)|-wJLnUGN}~_Ce$cmPWlvGO{qt{5 zuU{^}k9m*)tlyx`v5H1FHee|FjReBJAikh=v)yb9Tgln!p#qUigH#v`%S}~@s9fsh z3r`b*c;yokkH11-cCcrp1UWqGkLaQUs|R|BbzRST__8HjWQy%pcMXo=h8P>QhKn9; zszXG5{30ITQ>UfzkHZns5=6fz1B`yd(`Ds2SKN|eYsdXXIlQ%YPN~{AvNMq^gQkvMwNdVoXleSVR zlX;$}T{H>n{;XpA{b=84d{AQVR+*RIQs%f3!|w}zgK1AhRp`0PcGzz%%9-EkmzBK1 zmk2syi~NO4GPKo&JG(qM?Hes)SJK0go@%q&E9t+dkv1g;81K5OrgB8T7_6)BHlYN4 zShcQtoDHhOKluPAYVXEX1hb5NchbG3qfJ{x!h33I--$j;U#;Zp;%Cr#aN}L4XbE^$ zF{juQPJh$?b}jnX0amS$Qkf%&Oix~}CO{HVi&4ajtls!f2O~i!>A+ogm2@VY3;7-s zA=_=+jZ%6^(bY_;okh{_&%ZlwQa6EP7OB$N+iO2ba(^C_TirN2UWkYn@9th + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + SSLRequireSSL + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %docroot% + + + AllowOverride All + + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/14.04/templates/web/apache2/basedir.tpl b/install/ubuntu/14.04/templates/web/apache2/basedir.tpl new file mode 100755 index 000000000..75daf0e10 --- /dev/null +++ b/install/ubuntu/14.04/templates/web/apache2/basedir.tpl @@ -0,0 +1,35 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %docroot% + + + AllowOverride All + + + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/14.04/templates/web/apache2/default.stpl b/install/ubuntu/14.04/templates/web/apache2/default.stpl new file mode 100755 index 000000000..e884a95b9 --- /dev/null +++ b/install/ubuntu/14.04/templates/web/apache2/default.stpl @@ -0,0 +1,40 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + SSLRequireSSL + Options +Includes -Indexes +ExecCGI + + + AllowOverride All + + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/14.04/templates/web/apache2/default.tpl b/install/ubuntu/14.04/templates/web/apache2/default.tpl new file mode 100755 index 000000000..073724ce0 --- /dev/null +++ b/install/ubuntu/14.04/templates/web/apache2/default.tpl @@ -0,0 +1,34 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes +ExecCGI + + + AllowOverride All + + + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/14.04/templates/web/apache2/hosting.stpl b/install/ubuntu/14.04/templates/web/apache2/hosting.stpl new file mode 100755 index 000000000..7a5d7787f --- /dev/null +++ b/install/ubuntu/14.04/templates/web/apache2/hosting.stpl @@ -0,0 +1,49 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + SSLRequireSSL + Options +Includes -Indexes +ExecCGI + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value upload_max_filesize 10M + php_admin_value max_execution_time 20 + php_admin_value post_max_size 8M + php_admin_value memory_limit 32M + php_admin_flag mysql.allow_persistent off + php_admin_flag safe_mode off + php_admin_value session.save_path %home%/%user%/tmp + php_admin_value sendmail_path '/usr/sbin/sendmail -t -i -f %email%' + + + AllowOverride All + + php_admin_value open_basedir %home%/%user%/web:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/14.04/templates/web/apache2/hosting.tpl b/install/ubuntu/14.04/templates/web/apache2/hosting.tpl new file mode 100755 index 000000000..ab844dc74 --- /dev/null +++ b/install/ubuntu/14.04/templates/web/apache2/hosting.tpl @@ -0,0 +1,43 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value upload_max_filesize 10M + php_admin_value max_execution_time 20 + php_admin_value post_max_size 8M + php_admin_value memory_limit 32M + php_admin_flag mysql.allow_persistent off + php_admin_flag safe_mode off + php_admin_value session.save_path %home%/%user%/tmp + php_admin_value sendmail_path '/usr/sbin/sendmail -t -i -f %email%' + + + AllowOverride All + + php_admin_value open_basedir %home%/%user%/web:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/14.04/templates/web/apache2/phpcgi.sh b/install/ubuntu/14.04/templates/web/apache2/phpcgi.sh new file mode 100755 index 000000000..6565e103d --- /dev/null +++ b/install/ubuntu/14.04/templates/web/apache2/phpcgi.sh @@ -0,0 +1,16 @@ +#!/bin/bash +# Adding php wrapper +user="$1" +domain="$2" +ip="$3" +home_dir="$4" +docroot="$5" + +wrapper_script='#!/usr/bin/php-cgi -cphp5-cgi.ini' +wrapper_file="$home_dir/$user/web/$domain/cgi-bin/php" + +echo "$wrapper_script" > $wrapper_file +chown $user:$user $wrapper_file +chmod -f 751 $wrapper_file + +exit 0 diff --git a/install/ubuntu/14.04/templates/web/apache2/phpcgi.stpl b/install/ubuntu/14.04/templates/web/apache2/phpcgi.stpl new file mode 100755 index 000000000..aa5137308 --- /dev/null +++ b/install/ubuntu/14.04/templates/web/apache2/phpcgi.stpl @@ -0,0 +1,35 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + SSLRequireSSL + AllowOverride All + Options +Includes -Indexes +ExecCGI + Action phpcgi-script /cgi-bin/php + + SetHandler phpcgi-script + + + + AllowOverride All + + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/14.04/templates/web/apache2/phpcgi.tpl b/install/ubuntu/14.04/templates/web/apache2/phpcgi.tpl new file mode 100755 index 000000000..a05ff252d --- /dev/null +++ b/install/ubuntu/14.04/templates/web/apache2/phpcgi.tpl @@ -0,0 +1,28 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes +ExecCGI + Action phpcgi-script /cgi-bin/php + + SetHandler phpcgi-script + + + + AllowOverride All + + IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/14.04/templates/web/apache2/phpfcgid.sh b/install/ubuntu/14.04/templates/web/apache2/phpfcgid.sh new file mode 100755 index 000000000..e80582492 --- /dev/null +++ b/install/ubuntu/14.04/templates/web/apache2/phpfcgid.sh @@ -0,0 +1,22 @@ +#!/bin/bash +# Adding php wrapper +user="$1" +domain="$2" +ip="$3" +home_dir="$4" +docroot="$5" + +wrapper_script="#!/bin/sh +PHPRC=/usr/local/lib +export PHPRC +export PHP_FCGI_MAX_REQUESTS=1000 +export PHP_FCGI_CHILDREN=20 +exec /usr/bin/php-cgi +" +wrapper_file="$home_dir/$user/web/$domain/cgi-bin/fcgi-starter" + +echo "$wrapper_script" > $wrapper_file +chown $user:$user $wrapper_file +chmod -f 751 $wrapper_file + +exit 0 diff --git a/install/ubuntu/14.04/templates/web/apache2/phpfcgid.stpl b/install/ubuntu/14.04/templates/web/apache2/phpfcgid.stpl new file mode 100755 index 000000000..622495756 --- /dev/null +++ b/install/ubuntu/14.04/templates/web/apache2/phpfcgid.stpl @@ -0,0 +1,36 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + SSLRequireSSL + AllowOverride All + Options +Includes -Indexes +ExecCGI + + SetHandler fcgid-script + + FCGIWrapper %home%/%user%/web/%domain%/cgi-bin/fcgi-starter .php + + + AllowOverride All + + php_admin_value open_basedir none + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/14.04/templates/web/apache2/phpfcgid.tpl b/install/ubuntu/14.04/templates/web/apache2/phpfcgid.tpl new file mode 100755 index 000000000..5c1f16e20 --- /dev/null +++ b/install/ubuntu/14.04/templates/web/apache2/phpfcgid.tpl @@ -0,0 +1,28 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes +ExecCGI + + SetHandler fcgid-script + + FCGIWrapper %home%/%user%/web/%domain%/cgi-bin/fcgi-starter .php + + + AllowOverride All + + IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/14.04/templates/web/awstats/awstats.tpl b/install/ubuntu/14.04/templates/web/awstats/awstats.tpl new file mode 100755 index 000000000..9a92e0fd4 --- /dev/null +++ b/install/ubuntu/14.04/templates/web/awstats/awstats.tpl @@ -0,0 +1,133 @@ +LogFile="/var/log/%web_system%/domains/%domain%.log" +LogType=W +LogFormat=1 +LogSeparator=" " +SiteDomain="%domain_idn%" +HostAliases="%alias_idn%" +DirData="%home%/%user%/web/%domain%/stats" +DirCgi="/vstats" +DirIcons="/vstats/icon" +AllowToUpdateStatsFromBrowser=0 +AllowFullYearView=2 +EnableLockForUpdate=1 +DNSStaticCacheFile="dnscache.txt" +DNSLastUpdateCacheFile="dnscachelastupdate.txt" +SkipDNSLookupFor="" +AllowAccessFromWebToAuthenticatedUsersOnly=0 +AllowAccessFromWebToFollowingAuthenticatedUsers="" +AllowAccessFromWebToFollowingIPAddresses="" +CreateDirDataIfNotExists=0 +BuildHistoryFormat=text +BuildReportFormat=html +SaveDatabaseFilesWithPermissionsForEveryone=0 +PurgeLogFile=0 +ArchiveLogRecords=0 +KeepBackupOfHistoricFiles=1 +DefaultFile="index.php index.html" +SkipHosts="127.0.0.1 +SkipUserAgents="" +SkipFiles="" +SkipReferrersBlackList="" +OnlyHosts="" +OnlyUserAgents="" +OnlyUsers="" +OnlyFiles="" +NotPageList="css js class gif jpg jpeg png bmp ico rss xml swf" +ValidHTTPCodes="200 304" +ValidSMTPCodes="1 250" +AuthenticatedUsersNotCaseSensitive=0 +URLNotCaseSensitive=0 +URLWithAnchor=0 +URLQuerySeparators="?;" +URLWithQuery=0 +URLWithQueryWithOnlyFollowingParameters="" +URLWithQueryWithoutFollowingParameters="" +URLReferrerWithQuery=0 +WarningMessages=1 +ErrorMessages="" +DebugMessages=0 +NbOfLinesForCorruptedLog=50 +WrapperScript="" +DecodeUA=0 +MiscTrackerUrl="/js/awstats_misc_tracker.js" +UseFramesWhenCGI=1 +DetailedReportsOnNewWindows=1 +Expires=3600 +MaxRowsInHTMLOutput=1000 +Lang="auto" +DirLang="./lang" +ShowMenu=1 +ShowSummary=UVPHB +ShowMonthStats=UVPHB +ShowDaysOfMonthStats=VPHB +ShowDaysOfWeekStats=PHB +ShowHoursStats=PHB +ShowDomainsStats=PHB +ShowHostsStats=PHBL +ShowAuthenticatedUsers=0 +ShowRobotsStats=HBL +ShowWormsStats=0 +ShowEMailSenders=0 +ShowEMailReceivers=0 +ShowSessionsStats=1 +ShowPagesStats=PBEX +ShowFileTypesStats=HB +ShowFileSizesStats=0 +ShowDownloadsStats=HB +ShowOSStats=1 +ShowBrowsersStats=1 +ShowScreenSizeStats=0 +ShowOriginStats=PH +ShowKeyphrasesStats=1 +ShowKeywordsStats=1 +ShowMiscStats=a +ShowHTTPErrorsStats=1 +ShowSMTPErrorsStats=0 +ShowClusterStats=0 +AddDataArrayMonthStats=1 +AddDataArrayShowDaysOfMonthStats=1 +AddDataArrayShowDaysOfWeekStats=1 +AddDataArrayShowHoursStats=1 +IncludeInternalLinksInOriginSection=0 +MaxNbOfDomain = 10 +MinHitDomain = 1 +MaxNbOfHostsShown = 10 +MinHitHost = 1 +MaxNbOfLoginShown = 10 +MinHitLogin = 1 +MaxNbOfRobotShown = 10 +MinHitRobot = 1 +MaxNbOfDownloadsShown = 10 +MinHitDownloads = 1 +MaxNbOfPageShown = 10 +MinHitFile = 1 +MaxNbOfOsShown = 10 +MinHitOs = 1 +MaxNbOfBrowsersShown = 10 +MinHitBrowser = 1 +MaxNbOfScreenSizesShown = 5 +MinHitScreenSize = 1 +MaxNbOfWindowSizesShown = 5 +MinHitWindowSize = 1 +MaxNbOfRefererShown = 10 +MinHitRefer = 1 +MaxNbOfKeyphrasesShown = 10 +MinHitKeyphrase = 1 +MaxNbOfKeywordsShown = 10 +MinHitKeyword = 1 +MaxNbOfEMailsShown = 20 +MinHitEMail = 1 +FirstDayOfWeek=0 +ShowFlagLinks="" +ShowLinksOnUrl=1 +UseHTTPSLinkForUrl="" +MaxLengthOfShownURL=64 +HTMLHeadSection="" +HTMLEndSection="" +MetaRobot=0 +Logo="awstats_logo6.png" +LogoLink="http://awstats.sourceforge.net" +BarWidth = 260 +BarHeight = 90 +StyleSheet="" +ExtraTrackedRowsLimit=500 diff --git a/install/ubuntu/14.04/templates/web/awstats/index.tpl b/install/ubuntu/14.04/templates/web/awstats/index.tpl new file mode 100755 index 000000000..9df9bb5cb --- /dev/null +++ b/install/ubuntu/14.04/templates/web/awstats/index.tpl @@ -0,0 +1,10 @@ + + + + Awstats log analyzer + + + + + + diff --git a/install/ubuntu/14.04/templates/web/awstats/nav.tpl b/install/ubuntu/14.04/templates/web/awstats/nav.tpl new file mode 100755 index 000000000..f29bed68b --- /dev/null +++ b/install/ubuntu/14.04/templates/web/awstats/nav.tpl @@ -0,0 +1,23 @@ + + + Awstats navigation + + + + + + + + +
vesta
+ +
+
+ + diff --git a/install/ubuntu/14.04/templates/web/nginx/caching.sh b/install/ubuntu/14.04/templates/web/nginx/caching.sh new file mode 100755 index 000000000..6eb9126db --- /dev/null +++ b/install/ubuntu/14.04/templates/web/nginx/caching.sh @@ -0,0 +1,12 @@ +#!/bin/bash + +user=$1 +domain=$2 +ip=$3 +home=$4 +docroot=$5 + +str="proxy_cache_path /var/cache/nginx/$domain levels=2" +str="$str keys_zone=$domain:10m inactive=60m max_size=512m;" +echo "$str" >> /etc/nginx/conf.d/01_caching_pool.conf + diff --git a/install/ubuntu/14.04/templates/web/nginx/caching.stpl b/install/ubuntu/14.04/templates/web/nginx/caching.stpl new file mode 100755 index 000000000..ca6cffe32 --- /dev/null +++ b/install/ubuntu/14.04/templates/web/nginx/caching.stpl @@ -0,0 +1,44 @@ +server { + listen %ip%:%proxy_ssl_port%; + server_name %domain_idn% %alias_idn%; + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass http://%ip%:%web_port%; + + proxy_cache cache; + proxy_cache_valid 15m; + proxy_cache_valid 404 1m; + proxy_no_cache $no_cache; + proxy_cache_bypass $no_cache; + proxy_cache_bypass $cookie_session $http_x_update; + + location ~* ^.+\.(%proxy_extentions%)$ { + proxy_cache off; + root %docroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass http://%ip%:%web_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.04/templates/web/nginx/caching.tpl b/install/ubuntu/14.04/templates/web/nginx/caching.tpl new file mode 100755 index 000000000..36761b65c --- /dev/null +++ b/install/ubuntu/14.04/templates/web/nginx/caching.tpl @@ -0,0 +1,41 @@ +server { + listen %ip%:%proxy_port%; + server_name %domain_idn% %alias_idn%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass http://%ip%:%web_port%; + + proxy_cache cache; + proxy_cache_valid 15m; + proxy_cache_valid 404 1m; + proxy_no_cache $no_cache; + proxy_cache_bypass $no_cache; + proxy_cache_bypass $cookie_session $http_x_update; + + location ~* ^.+\.(%proxy_extentions%)$ { + proxy_cache off; + root %docroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass http://%ip%:%web_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.04/templates/web/nginx/default.stpl b/install/ubuntu/14.04/templates/web/nginx/default.stpl new file mode 100755 index 000000000..fa5380606 --- /dev/null +++ b/install/ubuntu/14.04/templates/web/nginx/default.stpl @@ -0,0 +1,36 @@ +server { + listen %ip%:%proxy_ssl_port%; + server_name %domain_idn% %alias_idn%; + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass https://%ip%:%web_ssl_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %sdocroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass https://%ip%:%web_ssl_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} + diff --git a/install/ubuntu/14.04/templates/web/nginx/default.tpl b/install/ubuntu/14.04/templates/web/nginx/default.tpl new file mode 100755 index 000000000..4d5c774bc --- /dev/null +++ b/install/ubuntu/14.04/templates/web/nginx/default.tpl @@ -0,0 +1,33 @@ +server { + listen %ip%:%proxy_port%; + server_name %domain_idn% %alias_idn%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass http://%ip%:%web_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %docroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass http://%ip%:%web_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} + diff --git a/install/ubuntu/14.04/templates/web/nginx/hosting.sh b/install/ubuntu/14.04/templates/web/nginx/hosting.sh new file mode 100755 index 000000000..eeed37ef9 --- /dev/null +++ b/install/ubuntu/14.04/templates/web/nginx/hosting.sh @@ -0,0 +1,11 @@ +#!/bin/bash +# Changing public_html permission +user="$1" +domain="$2" +ip="$3" +home_dir="$4" +docroot="$5" + +chmod 755 $docroot + +exit 0 diff --git a/install/ubuntu/14.04/templates/web/nginx/hosting.stpl b/install/ubuntu/14.04/templates/web/nginx/hosting.stpl new file mode 100755 index 000000000..d778d6333 --- /dev/null +++ b/install/ubuntu/14.04/templates/web/nginx/hosting.stpl @@ -0,0 +1,38 @@ +server { + listen %ip%:%proxy_ssl_port%; + server_name %domain_idn% %alias_idn%; + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass https://%ip%:%web_ssl_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %sdocroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass https://%ip%:%web_ssl_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + disable_symlinks if_not_owner from=%docroot%; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} + diff --git a/install/ubuntu/14.04/templates/web/nginx/hosting.tpl b/install/ubuntu/14.04/templates/web/nginx/hosting.tpl new file mode 100755 index 000000000..15961c95c --- /dev/null +++ b/install/ubuntu/14.04/templates/web/nginx/hosting.tpl @@ -0,0 +1,35 @@ +server { + listen %ip%:%proxy_port%; + server_name %domain_idn% %alias_idn%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass http://%ip%:%web_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %docroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass http://%ip%:%web_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + disable_symlinks if_not_owner from=%docroot%; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} + diff --git a/install/ubuntu/14.04/templates/web/nginx/php5-fpm/cms_made_simple.stpl b/install/ubuntu/14.04/templates/web/nginx/php5-fpm/cms_made_simple.stpl new file mode 100644 index 000000000..01d82b603 --- /dev/null +++ b/install/ubuntu/14.04/templates/web/nginx/php5-fpm/cms_made_simple.stpl @@ -0,0 +1,51 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php?page=$request_uri; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.04/templates/web/nginx/php5-fpm/cms_made_simple.tpl b/install/ubuntu/14.04/templates/web/nginx/php5-fpm/cms_made_simple.tpl new file mode 100644 index 000000000..af452d19f --- /dev/null +++ b/install/ubuntu/14.04/templates/web/nginx/php5-fpm/cms_made_simple.tpl @@ -0,0 +1,47 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php?page=$request_uri; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.04/templates/web/nginx/php5-fpm/codeigniter2.stpl b/install/ubuntu/14.04/templates/web/nginx/php5-fpm/codeigniter2.stpl new file mode 100644 index 000000000..a592a652d --- /dev/null +++ b/install/ubuntu/14.04/templates/web/nginx/php5-fpm/codeigniter2.stpl @@ -0,0 +1,56 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location = /index.php { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME /var/www/html/ci$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location ~ \.php$ { + return 444; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.04/templates/web/nginx/php5-fpm/codeigniter2.tpl b/install/ubuntu/14.04/templates/web/nginx/php5-fpm/codeigniter2.tpl new file mode 100644 index 000000000..9b955aa6a --- /dev/null +++ b/install/ubuntu/14.04/templates/web/nginx/php5-fpm/codeigniter2.tpl @@ -0,0 +1,52 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location = /index.php { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME /var/www/html/ci$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location ~ \.php$ { + return 444; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.04/templates/web/nginx/php5-fpm/codeigniter3.stpl b/install/ubuntu/14.04/templates/web/nginx/php5-fpm/codeigniter3.stpl new file mode 100644 index 000000000..4d330d34f --- /dev/null +++ b/install/ubuntu/14.04/templates/web/nginx/php5-fpm/codeigniter3.stpl @@ -0,0 +1,51 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.04/templates/web/nginx/php5-fpm/codeigniter3.tpl b/install/ubuntu/14.04/templates/web/nginx/php5-fpm/codeigniter3.tpl new file mode 100644 index 000000000..1f446e5d3 --- /dev/null +++ b/install/ubuntu/14.04/templates/web/nginx/php5-fpm/codeigniter3.tpl @@ -0,0 +1,47 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.04/templates/web/nginx/php5-fpm/datalife_engine.stpl b/install/ubuntu/14.04/templates/web/nginx/php5-fpm/datalife_engine.stpl new file mode 100644 index 000000000..d1b5bcd24 --- /dev/null +++ b/install/ubuntu/14.04/templates/web/nginx/php5-fpm/datalife_engine.stpl @@ -0,0 +1,122 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + rewrite "^/page/([0-9]+)(/?)$" /index.php?cstart=$1 last; + + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&cstart=$5&news_name=$6&seourl=$6 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/print:page,([0-9]+),(.*).html(/?)+$" /engine/print.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_name=$4&seourl=$4 last; + + rewrite "^/([^.]+)/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$4&news_page=$2&cstart=$3&seourl=$5&seocat=$1 last; + rewrite "^/([^.]+)/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$2&seourl=$4&seocat=$1 last; + rewrite "^/([^.]+)/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$2&newsid=$3&seourl=$4&seocat=$1 last; + rewrite "^/([^.]+)/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&seourl=$3&seocat=$1 last; + + rewrite "^/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$1&cstart=$2&seourl=$4 last; + rewrite "^/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&news_page=$1&seourl=$3 last; + rewrite "^/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$1&newsid=$2&seourl=$3 last; + rewrite "^/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$1&seourl=$2 last; + + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2&day=$3 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&day=$3&cstart=$4 last; + + rewrite "^/([0-9]{4})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2 last; + rewrite "^/([0-9]{4})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&cstart=$3 last; + + rewrite "^/([0-9]{4})(/?)+$" /index.php?year=$1 last; + rewrite "^/([0-9]{4})/page/([0-9]+)(/?)+$" /index.php?year=$1&cstart=$2 last; + + rewrite "^/tags/([^/]*)(/?)+$" /index.php?do=tags&tag=$1 last; + rewrite "^/tags/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=tags&tag=$1&cstart=$2 last; + + rewrite "^/xfsearch/([^/]*)(/?)+$" /index.php?do=xfsearch&xf=$1 last; + rewrite "^/xfsearch/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=xfsearch&xf=$1&cstart=$2 last; + + rewrite "^/user/([^/]*)/rss.xml$" /engine/rss.php?subaction=allnews&user=$1 last; + rewrite "^/user/([^/]*)(/?)+$" /index.php?subaction=userinfo&user=$1 last; + rewrite "^/user/([^/]*)/page/([0-9]+)(/?)+$" /index.php?subaction=userinfo&user=$1&cstart=$2 last; + rewrite "^/user/([^/]*)/news(/?)+$" /index.php?subaction=allnews&user=$1 last; + rewrite "^/user/([^/]*)/news/page/([0-9]+)(/?)+$" /index.php?subaction=allnews&user=$1&cstart=$2 last; + rewrite "^/user/([^/]*)/news/rss.xml(/?)+$" /engine/rss.php?subaction=allnews&user=$1 last; + + rewrite "^/lastnews(/?)+$" /index.php?do=lastnews last; + rewrite "^/lastnews/page/([0-9]+)(/?)+$" /index.php?do=lastnews&cstart=$1 last; + + rewrite "^/catalog/([^/]*)/rss.xml$" /engine/rss.php?catalog=$1 last; + rewrite "^/catalog/([^/]*)(/?)+$" /index.php?catalog=$1 last; + rewrite "^/catalog/([^/]*)/page/([0-9]+)(/?)+$" /index.php?catalog=$1&cstart=$2 last; + + rewrite "^/newposts(/?)+$" /index.php?subaction=newposts last; + rewrite "^/newposts/page/([0-9]+)(/?)+$" /index.php?subaction=newposts&cstart=$1 last; + + rewrite "^/favorites(/?)+$" /index.php?do=favorites last; + rewrite "^/favorites/page/([0-9]+)(/?)+$" /index.php?do=favorites&cstart=$1 last; + + rewrite "^/rules.html$" /index.php?do=rules last; + rewrite "^/statistics.html$" /index.php?do=stats last; + rewrite "^/addnews.html$" /index.php?do=addnews last; + rewrite "^/rss.xml$" /engine/rss.php last; + rewrite "^/sitemap.xml$" /uploads/sitemap.xml last; + + if (!-d $request_filename) { + rewrite "^/([^.]+)/page/([0-9]+)(/?)+$" /index.php?do=cat&category=$1&cstart=$2 last; + rewrite "^/([^.]+)/?$" /index.php?do=cat&category=$1 last; + } + + if (!-f $request_filename) { + rewrite "^/([^.]+)/rss.xml$" /engine/rss.php?do=cat&category=$1 last; + rewrite "^/page,([0-9]+),([^/]+).html$" /index.php?do=static&page=$2&news_page=$1 last; + rewrite "^/print:([^/]+).html$" /engine/print.php?do=static&page=$1 last; + } + + if (!-f $request_filename) { + rewrite "^/([^/]+).html$" /index.php?do=static&page=$1 last; + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.04/templates/web/nginx/php5-fpm/datalife_engine.tpl b/install/ubuntu/14.04/templates/web/nginx/php5-fpm/datalife_engine.tpl new file mode 100644 index 000000000..ff33c2325 --- /dev/null +++ b/install/ubuntu/14.04/templates/web/nginx/php5-fpm/datalife_engine.tpl @@ -0,0 +1,118 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + rewrite "^/page/([0-9]+)(/?)$" /index.php?cstart=$1 last; + + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&cstart=$5&news_name=$6&seourl=$6 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/print:page,([0-9]+),(.*).html(/?)+$" /engine/print.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_name=$4&seourl=$4 last; + + rewrite "^/([^.]+)/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$4&news_page=$2&cstart=$3&seourl=$5&seocat=$1 last; + rewrite "^/([^.]+)/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$2&seourl=$4&seocat=$1 last; + rewrite "^/([^.]+)/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$2&newsid=$3&seourl=$4&seocat=$1 last; + rewrite "^/([^.]+)/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&seourl=$3&seocat=$1 last; + + rewrite "^/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$1&cstart=$2&seourl=$4 last; + rewrite "^/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&news_page=$1&seourl=$3 last; + rewrite "^/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$1&newsid=$2&seourl=$3 last; + rewrite "^/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$1&seourl=$2 last; + + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2&day=$3 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&day=$3&cstart=$4 last; + + rewrite "^/([0-9]{4})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2 last; + rewrite "^/([0-9]{4})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&cstart=$3 last; + + rewrite "^/([0-9]{4})(/?)+$" /index.php?year=$1 last; + rewrite "^/([0-9]{4})/page/([0-9]+)(/?)+$" /index.php?year=$1&cstart=$2 last; + + rewrite "^/tags/([^/]*)(/?)+$" /index.php?do=tags&tag=$1 last; + rewrite "^/tags/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=tags&tag=$1&cstart=$2 last; + + rewrite "^/xfsearch/([^/]*)(/?)+$" /index.php?do=xfsearch&xf=$1 last; + rewrite "^/xfsearch/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=xfsearch&xf=$1&cstart=$2 last; + + rewrite "^/user/([^/]*)/rss.xml$" /engine/rss.php?subaction=allnews&user=$1 last; + rewrite "^/user/([^/]*)(/?)+$" /index.php?subaction=userinfo&user=$1 last; + rewrite "^/user/([^/]*)/page/([0-9]+)(/?)+$" /index.php?subaction=userinfo&user=$1&cstart=$2 last; + rewrite "^/user/([^/]*)/news(/?)+$" /index.php?subaction=allnews&user=$1 last; + rewrite "^/user/([^/]*)/news/page/([0-9]+)(/?)+$" /index.php?subaction=allnews&user=$1&cstart=$2 last; + rewrite "^/user/([^/]*)/news/rss.xml(/?)+$" /engine/rss.php?subaction=allnews&user=$1 last; + + rewrite "^/lastnews(/?)+$" /index.php?do=lastnews last; + rewrite "^/lastnews/page/([0-9]+)(/?)+$" /index.php?do=lastnews&cstart=$1 last; + + rewrite "^/catalog/([^/]*)/rss.xml$" /engine/rss.php?catalog=$1 last; + rewrite "^/catalog/([^/]*)(/?)+$" /index.php?catalog=$1 last; + rewrite "^/catalog/([^/]*)/page/([0-9]+)(/?)+$" /index.php?catalog=$1&cstart=$2 last; + + rewrite "^/newposts(/?)+$" /index.php?subaction=newposts last; + rewrite "^/newposts/page/([0-9]+)(/?)+$" /index.php?subaction=newposts&cstart=$1 last; + + rewrite "^/favorites(/?)+$" /index.php?do=favorites last; + rewrite "^/favorites/page/([0-9]+)(/?)+$" /index.php?do=favorites&cstart=$1 last; + + rewrite "^/rules.html$" /index.php?do=rules last; + rewrite "^/statistics.html$" /index.php?do=stats last; + rewrite "^/addnews.html$" /index.php?do=addnews last; + rewrite "^/rss.xml$" /engine/rss.php last; + rewrite "^/sitemap.xml$" /uploads/sitemap.xml last; + + if (!-d $request_filename) { + rewrite "^/([^.]+)/page/([0-9]+)(/?)+$" /index.php?do=cat&category=$1&cstart=$2 last; + rewrite "^/([^.]+)/?$" /index.php?do=cat&category=$1 last; + } + + if (!-f $request_filename) { + rewrite "^/([^.]+)/rss.xml$" /engine/rss.php?do=cat&category=$1 last; + rewrite "^/page,([0-9]+),([^/]+).html$" /index.php?do=static&page=$2&news_page=$1 last; + rewrite "^/print:([^/]+).html$" /engine/print.php?do=static&page=$1 last; + } + + if (!-f $request_filename) { + rewrite "^/([^/]+).html$" /index.php?do=static&page=$1 last; + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.04/templates/web/nginx/php5-fpm/default.stpl b/install/ubuntu/14.04/templates/web/nginx/php5-fpm/default.stpl new file mode 100644 index 000000000..a68c99861 --- /dev/null +++ b/install/ubuntu/14.04/templates/web/nginx/php5-fpm/default.stpl @@ -0,0 +1,50 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.04/templates/web/nginx/php5-fpm/default.tpl b/install/ubuntu/14.04/templates/web/nginx/php5-fpm/default.tpl new file mode 100644 index 000000000..b143e53ba --- /dev/null +++ b/install/ubuntu/14.04/templates/web/nginx/php5-fpm/default.tpl @@ -0,0 +1,46 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.04/templates/web/nginx/php5-fpm/dokuwiki.stpl b/install/ubuntu/14.04/templates/web/nginx/php5-fpm/dokuwiki.stpl new file mode 100644 index 000000000..27483cd8c --- /dev/null +++ b/install/ubuntu/14.04/templates/web/nginx/php5-fpm/dokuwiki.stpl @@ -0,0 +1,67 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + index doku.php; + try_files $uri $uri/ @dokuwiki; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location ^~ /lib/ { + expires 30d; + } + + location ^~ /conf/ { return 403; } + location ^~ /data/ { return 403; } + + location @dokuwiki { + rewrite ^/_media/(.*) /lib/exe/fetch.php?media=$1 last; + rewrite ^/_detail/(.*) /lib/exe/detail.php?media=$1 last; + rewrite ^/_export/([^/]+)/(.*) /doku.php?do=export_$1&id=$2 last; + rewrite ^/(.*) /doku.php?id=$1 last; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.04/templates/web/nginx/php5-fpm/dokuwiki.tpl b/install/ubuntu/14.04/templates/web/nginx/php5-fpm/dokuwiki.tpl new file mode 100644 index 000000000..31647c9ff --- /dev/null +++ b/install/ubuntu/14.04/templates/web/nginx/php5-fpm/dokuwiki.tpl @@ -0,0 +1,62 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + index doku.php; + try_files $uri $uri/ @dokuwiki; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location ^~ /lib/ { + expires 30d; + } + + location ^~ /conf/ { return 403; } + location ^~ /data/ { return 403; } + location @dokuwiki { + rewrite ^/_media/(.*) /lib/exe/fetch.php?media=$1 last; + rewrite ^/_detail/(.*) /lib/exe/detail.php?media=$1 last; + rewrite ^/_export/([^/]+)/(.*) /doku.php?do=export_$1&id=$2 last; + rewrite ^/(.*) /doku.php?id=$1 last; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.04/templates/web/nginx/php5-fpm/drupal.stpl b/install/ubuntu/14.04/templates/web/nginx/php5-fpm/drupal.stpl new file mode 100644 index 000000000..9a5484396 --- /dev/null +++ b/install/ubuntu/14.04/templates/web/nginx/php5-fpm/drupal.stpl @@ -0,0 +1,101 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~* \.(txt|log)$ { + allow 192.168.0.0/16; + deny all; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + # No no for private + location ~ ^/sites/.*/private/ { + return 403; + } + + # Block access to "hidden" files and directories whose names begin with a + # period. This includes directories used by version control systems such + # as Subversion or Git to store control files. + location ~ (^|/)\. { + return 403; + } + + location / { + try_files $uri @rewrite; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $request_filename; + fastcgi_intercept_errors on; + include /etc/nginx/fastcgi_params; + } + } + + location @rewrite { + # You have 2 options here + # For D7 and above: + # Clean URLs are handled in drupal_environment_initialize(). + rewrite ^ /index.php; + + # For Drupal 6 and bwlow: + # Some modules enforce no slash (/) at the end of the URL + # Else this rewrite block wouldn't be needed (GlobalRedirect) + #rewrite ^/(.*)$ /index.php?q=$1; + } + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.04/templates/web/nginx/php5-fpm/drupal.tpl b/install/ubuntu/14.04/templates/web/nginx/php5-fpm/drupal.tpl new file mode 100644 index 000000000..417762c18 --- /dev/null +++ b/install/ubuntu/14.04/templates/web/nginx/php5-fpm/drupal.tpl @@ -0,0 +1,98 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + # Very rarely should these ever be accessed outside of your lan + location ~* \.(txt|log)$ { + allow 192.168.0.0/16; + deny all; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + # No no for private + location ~ ^/sites/.*/private/ { + return 403; + } + + # Block access to "hidden" files and directories whose names begin with a + # period. This includes directories used by version control systems such + # as Subversion or Git to store control files. + location ~ (^|/)\. { + return 403; + } + + location / { + try_files $uri @rewrite; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $request_filename; + fastcgi_intercept_errors on; + include /etc/nginx/fastcgi_params; + } + } + + location @rewrite { + # You have 2 options here + # For D7 and above: + # Clean URLs are handled in drupal_environment_initialize(). + rewrite ^ /index.php; + + # For Drupal 6 and bwlow: + # Some modules enforce no slash (/) at the end of the URL + # Else this rewrite block wouldn't be needed (GlobalRedirect) + #rewrite ^/(.*)$ /index.php?q=$1; + } + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.04/templates/web/nginx/php5-fpm/joomla.stpl b/install/ubuntu/14.04/templates/web/nginx/php5-fpm/joomla.stpl new file mode 100644 index 000000000..235a01216 --- /dev/null +++ b/install/ubuntu/14.04/templates/web/nginx/php5-fpm/joomla.stpl @@ -0,0 +1,58 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + # deny running scripts inside writable directories + location ~* /(images|cache|media|logs|tmp)/.*\.(php|pl|py|jsp|asp|sh|cgi)$ { + return 403; + error_page 403 /403_error.html; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.04/templates/web/nginx/php5-fpm/joomla.tpl b/install/ubuntu/14.04/templates/web/nginx/php5-fpm/joomla.tpl new file mode 100644 index 000000000..997c268de --- /dev/null +++ b/install/ubuntu/14.04/templates/web/nginx/php5-fpm/joomla.tpl @@ -0,0 +1,54 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + # deny running scripts inside writable directories + location ~* /(images|cache|media|logs|tmp)/.*\.(php|pl|py|jsp|asp|sh|cgi)$ { + return 403; + error_page 403 /403_error.html; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.04/templates/web/nginx/php5-fpm/owncloud.stpl b/install/ubuntu/14.04/templates/web/nginx/php5-fpm/owncloud.stpl new file mode 100644 index 000000000..8311ca43f --- /dev/null +++ b/install/ubuntu/14.04/templates/web/nginx/php5-fpm/owncloud.stpl @@ -0,0 +1,80 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect; + rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect; + rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect; + + error_page 403 = /core/templates/403.php; + error_page 404 = /core/templates/404.php; + + location ~ ^/(?:\.htaccess|data|config|db_structure\.xml|README){ + deny all; + } + + location / { + # The following 2 rules are only needed with webfinger + rewrite ^/.well-known/host-meta /public.php?service=host-meta last; + rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last; + rewrite ^/.well-known/carddav /remote.php/carddav/ redirect; + rewrite ^/.well-known/caldav /remote.php/caldav/ redirect; + rewrite ^(/core/doc/[^\/]+/)$ $1/index.html; + try_files $uri $uri/ /index.php; + + location ~ \.php(?:$|/) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param PATH_INFO $fastcgi_path_info; + #fastcgi_param HTTPS on; + fastcgi_pass %backend_lsnr%; + } + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + # Some basic cache-control for static files to be sent to the browser + add_header Pragma public; + add_header Cache-Control "public, must-revalidate, proxy-revalidate"; + } + + #error_page 403 /error/404.html; + #error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.04/templates/web/nginx/php5-fpm/owncloud.tpl b/install/ubuntu/14.04/templates/web/nginx/php5-fpm/owncloud.tpl new file mode 100644 index 000000000..57cac2f85 --- /dev/null +++ b/install/ubuntu/14.04/templates/web/nginx/php5-fpm/owncloud.tpl @@ -0,0 +1,76 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect; + rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect; + rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect; + + error_page 403 = /core/templates/403.php; + error_page 404 = /core/templates/404.php; + + location ~ ^/(?:\.htaccess|data|config|db_structure\.xml|README){ + deny all; + } + + location / { + # The following 2 rules are only needed with webfinger + rewrite ^/.well-known/host-meta /public.php?service=host-meta last; + rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last; + rewrite ^/.well-known/carddav /remote.php/carddav/ redirect; + rewrite ^/.well-known/caldav /remote.php/caldav/ redirect; + rewrite ^(/core/doc/[^\/]+/)$ $1/index.html; + try_files $uri $uri/ /index.php; + + location ~ \.php(?:$|/) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param PATH_INFO $fastcgi_path_info; + #fastcgi_param HTTPS on; + fastcgi_pass %backend_lsnr%; + } + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + # Some basic cache-control for static files to be sent to the browser + add_header Pragma public; + add_header Cache-Control "public, must-revalidate, proxy-revalidate"; + } + + #error_page 403 /error/404.html; + #error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.04/templates/web/nginx/php5-fpm/piwik.stpl b/install/ubuntu/14.04/templates/web/nginx/php5-fpm/piwik.stpl new file mode 100644 index 000000000..c53af4011 --- /dev/null +++ b/install/ubuntu/14.04/templates/web/nginx/php5-fpm/piwik.stpl @@ -0,0 +1,68 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + try_files /favicon.ico =204; + } + + location / { + try_files $uri /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + valid_referers none blocked %domain_idn% %alias_idn%; + if ($invalid_referer) { + return 444; + } + expires max; + } + + location ~* ^/(?:index|piwik)\.php$ { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + # Any other attempt to access PHP files returns a 404. + location ~* ^.+\.php$ { + return 404; + } + + # Return a 404 for all text files. + location ~* ^/(?:README|LICENSE[^.]*|LEGALNOTICE)(?:\.txt)*$ { + return 404; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.04/templates/web/nginx/php5-fpm/piwik.tpl b/install/ubuntu/14.04/templates/web/nginx/php5-fpm/piwik.tpl new file mode 100644 index 000000000..6b4a94a68 --- /dev/null +++ b/install/ubuntu/14.04/templates/web/nginx/php5-fpm/piwik.tpl @@ -0,0 +1,64 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + try_files /favicon.ico =204; + } + + location / { + try_files $uri /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + valid_referers none blocked %domain_idn% %alias_idn%; + if ($invalid_referer) { + return 444; + } + expires max; + } + + location ~* ^/(?:index|piwik)\.php$ { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + # Any other attempt to access PHP files returns a 404. + location ~* ^.+\.php$ { + return 404; + } + + # Return a 404 for all text files. + location ~* ^/(?:README|LICENSE[^.]*|LEGALNOTICE)(?:\.txt)*$ { + return 404; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.04/templates/web/nginx/php5-fpm/pyrocms.stpl b/install/ubuntu/14.04/templates/web/nginx/php5-fpm/pyrocms.stpl new file mode 100644 index 000000000..a6fc67556 --- /dev/null +++ b/install/ubuntu/14.04/templates/web/nginx/php5-fpm/pyrocms.stpl @@ -0,0 +1,61 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location /installer { + try_files $uri $uri/ /installer/index.php; + } + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location = /robots.txt { access_log off; log_not_found off; } + location = /favicon.ico { access_log off; log_not_found off; } + location ~ /\. { access_log off; log_not_found off; deny all; } + location ~ ~$ { access_log off; log_not_found off; deny all; } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.04/templates/web/nginx/php5-fpm/pyrocms.tpl b/install/ubuntu/14.04/templates/web/nginx/php5-fpm/pyrocms.tpl new file mode 100644 index 000000000..68b378efd --- /dev/null +++ b/install/ubuntu/14.04/templates/web/nginx/php5-fpm/pyrocms.tpl @@ -0,0 +1,57 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location /installer { + try_files $uri $uri/ /installer/index.php; + } + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location = /robots.txt { access_log off; log_not_found off; } + location = /favicon.ico { access_log off; log_not_found off; } + location ~ /\. { access_log off; log_not_found off; deny all; } + location ~ ~$ { access_log off; log_not_found off; deny all; } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.04/templates/web/nginx/php5-fpm/wordpress.stpl b/install/ubuntu/14.04/templates/web/nginx/php5-fpm/wordpress.stpl new file mode 100644 index 000000000..910c28b69 --- /dev/null +++ b/install/ubuntu/14.04/templates/web/nginx/php5-fpm/wordpress.stpl @@ -0,0 +1,50 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.04/templates/web/nginx/php5-fpm/wordpress.tpl b/install/ubuntu/14.04/templates/web/nginx/php5-fpm/wordpress.tpl new file mode 100644 index 000000000..b143e53ba --- /dev/null +++ b/install/ubuntu/14.04/templates/web/nginx/php5-fpm/wordpress.tpl @@ -0,0 +1,46 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.04/templates/web/nginx/php5-fpm/wordpress2.stpl b/install/ubuntu/14.04/templates/web/nginx/php5-fpm/wordpress2.stpl new file mode 100644 index 000000000..2822f8754 --- /dev/null +++ b/install/ubuntu/14.04/templates/web/nginx/php5-fpm/wordpress2.stpl @@ -0,0 +1,62 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.04/templates/web/nginx/php5-fpm/wordpress2.tpl b/install/ubuntu/14.04/templates/web/nginx/php5-fpm/wordpress2.tpl new file mode 100644 index 000000000..37b8be305 --- /dev/null +++ b/install/ubuntu/14.04/templates/web/nginx/php5-fpm/wordpress2.tpl @@ -0,0 +1,58 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.04/templates/web/nginx/proxy_ip.tpl b/install/ubuntu/14.04/templates/web/nginx/proxy_ip.tpl new file mode 100755 index 000000000..ae1956173 --- /dev/null +++ b/install/ubuntu/14.04/templates/web/nginx/proxy_ip.tpl @@ -0,0 +1,9 @@ +server { + listen %ip%:%proxy_port% default; + server_name _; + #access_log /var/log/nginx/%ip%.log main; + location / { + proxy_pass http://%ip%:%web_port%; + } +} + diff --git a/install/ubuntu/14.04/templates/web/php5-fpm/default.tpl b/install/ubuntu/14.04/templates/web/php5-fpm/default.tpl new file mode 100644 index 000000000..44ccf7a42 --- /dev/null +++ b/install/ubuntu/14.04/templates/web/php5-fpm/default.tpl @@ -0,0 +1,18 @@ +[%backend%] +listen = 127.0.0.1:%backend_port% +listen.allowed_clients = 127.0.0.1 + +user = %user% +group = %user% + +pm = dynamic +pm.max_children = 50 +pm.start_servers = 3 +pm.min_spare_servers = 2 +pm.max_spare_servers = 10 + +env[HOSTNAME] = $HOSTNAME +env[PATH] = /usr/local/bin:/usr/bin:/bin +env[TMP] = /tmp +env[TMPDIR] = /tmp +env[TEMP] = /tmp diff --git a/install/ubuntu/14.04/templates/web/php5-fpm/no-php.tpl b/install/ubuntu/14.04/templates/web/php5-fpm/no-php.tpl new file mode 100644 index 000000000..89487d5f5 --- /dev/null +++ b/install/ubuntu/14.04/templates/web/php5-fpm/no-php.tpl @@ -0,0 +1,13 @@ +#[%backend%] +#user = %user% +#group = %user% +#listen = /dev/null + +#listen.owner = %user% +#listen.group = nginx + +#pm = dynamic +#pm.max_children = 50 +#pm.start_servers = 3 +#pm.min_spare_servers = 2 +#pm.max_spare_servers = 10 diff --git a/install/ubuntu/14.04/templates/web/php5-fpm/socket.tpl b/install/ubuntu/14.04/templates/web/php5-fpm/socket.tpl new file mode 100644 index 000000000..f0513da3e --- /dev/null +++ b/install/ubuntu/14.04/templates/web/php5-fpm/socket.tpl @@ -0,0 +1,21 @@ +[%backend%] +listen = /var/run/php5-%backend%.sock +listen.allowed_clients = 127.0.0.1 + +user = %user% +group = %user% + +listen.owner = %user% +listen.group = nginx + +pm = dynamic +pm.max_children = 50 +pm.start_servers = 3 +pm.min_spare_servers = 2 +pm.max_spare_servers = 10 + +env[HOSTNAME] = $HOSTNAME +env[PATH] = /usr/local/bin:/usr/bin:/bin +env[TMP] = /tmp +env[TMPDIR] = /tmp +env[TEMP] = /tmp diff --git a/install/ubuntu/14.04/templates/web/skel/document_errors/403.html b/install/ubuntu/14.04/templates/web/skel/document_errors/403.html new file mode 100755 index 000000000..9c3f6baab --- /dev/null +++ b/install/ubuntu/14.04/templates/web/skel/document_errors/403.html @@ -0,0 +1,29 @@ + + + 403 — Forbidden + + + + + + +

%domain%

+ +

403

+

Forbidden

+
+ Unfortunately, you do not have permission to view this +
+ + + diff --git a/install/ubuntu/14.04/templates/web/skel/document_errors/404.html b/install/ubuntu/14.04/templates/web/skel/document_errors/404.html new file mode 100755 index 000000000..2cee77084 --- /dev/null +++ b/install/ubuntu/14.04/templates/web/skel/document_errors/404.html @@ -0,0 +1,28 @@ + + + 404 — Not Found + + + + + + +

%domain%

+

404

+

Page Not Found

+
+ It seems that the page you were trying to reach does not exist anymore, or maybe it has just moved. + You can start again from the home or go back to previous page. +
+ + diff --git a/install/ubuntu/14.04/templates/web/skel/document_errors/50x.html b/install/ubuntu/14.04/templates/web/skel/document_errors/50x.html new file mode 100755 index 000000000..85ba648b7 --- /dev/null +++ b/install/ubuntu/14.04/templates/web/skel/document_errors/50x.html @@ -0,0 +1,29 @@ + + + 500 — Internal Sever Error + + + + + + +

%domain%

+ +

500

+

Internal Server Error

+
+ Sorry, something went wrong :( +
+ + + diff --git a/install/ubuntu/14.04/templates/web/skel/public_html/index.html b/install/ubuntu/14.04/templates/web/skel/public_html/index.html new file mode 100755 index 000000000..4f5bb7244 --- /dev/null +++ b/install/ubuntu/14.04/templates/web/skel/public_html/index.html @@ -0,0 +1,26 @@ + + + %domain% — Coming Soon + + + + + + +

%domain%

+ + + + + diff --git a/install/ubuntu/14.04/templates/web/skel/public_html/robots.txt b/install/ubuntu/14.04/templates/web/skel/public_html/robots.txt new file mode 100755 index 000000000..00ee83dcf --- /dev/null +++ b/install/ubuntu/14.04/templates/web/skel/public_html/robots.txt @@ -0,0 +1,3 @@ +# vestacp autogenerated robots.txt +User-agent: * +Crawl-delay: 10 diff --git a/install/ubuntu/14.04/templates/web/skel/public_shtml/index.html b/install/ubuntu/14.04/templates/web/skel/public_shtml/index.html new file mode 100755 index 000000000..4f5bb7244 --- /dev/null +++ b/install/ubuntu/14.04/templates/web/skel/public_shtml/index.html @@ -0,0 +1,26 @@ + + + %domain% — Coming Soon + + + + + + +

%domain%

+ + + + + diff --git a/install/ubuntu/14.04/templates/web/skel/public_shtml/robots.txt b/install/ubuntu/14.04/templates/web/skel/public_shtml/robots.txt new file mode 100755 index 000000000..00ee83dcf --- /dev/null +++ b/install/ubuntu/14.04/templates/web/skel/public_shtml/robots.txt @@ -0,0 +1,3 @@ +# vestacp autogenerated robots.txt +User-agent: * +Crawl-delay: 10 diff --git a/install/ubuntu/14.04/templates/web/suspend/.htaccess b/install/ubuntu/14.04/templates/web/suspend/.htaccess new file mode 100755 index 000000000..5a6df83fb --- /dev/null +++ b/install/ubuntu/14.04/templates/web/suspend/.htaccess @@ -0,0 +1,2 @@ +ErrorDocument 403 /index.html +ErrorDocument 404 /index.html diff --git a/install/ubuntu/14.04/templates/web/suspend/index.html b/install/ubuntu/14.04/templates/web/suspend/index.html new file mode 100755 index 000000000..9d4fa67b3 --- /dev/null +++ b/install/ubuntu/14.04/templates/web/suspend/index.html @@ -0,0 +1,27 @@ + + + SUSPEND + + + + + + +

SUSPEND

+

This site has been suspended

+
+ Please contact technical support departament. +
+ + + diff --git a/install/ubuntu/14.04/templates/web/webalizer/webalizer.tpl b/install/ubuntu/14.04/templates/web/webalizer/webalizer.tpl new file mode 100755 index 000000000..068adcfb9 --- /dev/null +++ b/install/ubuntu/14.04/templates/web/webalizer/webalizer.tpl @@ -0,0 +1,110 @@ +HostName %domain_idn% +LogFile /var/log/%web_system%/domains/%domain%.log +OutputDir %home%/%user%/web/%domain%/stats +HistoryName %home%/%user%/web/%domain%/stats/%domain%.hist +Incremental yes +IncrementalName %home%/%user%/web/%domain%/stats/%domain%.current +PageType htm* +PageType cgi +PageType php +PageType shtml +DNSCache /var/lib/webalizer/dns_cache.db +DNSChildren 10 +Quiet yes +FoldSeqErr yes +IndexAlias index.php +HideURL *.gif +HideURL *.GIF +HideURL *.jpg +HideURL *.JPG +HideURL *.png +HideURL *.PNG +HideURL *.ra +SearchEngine abcsearch. terms= +SearchEngine alexa. q= +SearchEngine alltheweb. q= +SearchEngine alltheweb. query= +SearchEngine alot. q= +SearchEngine altavista. q= +SearchEngine aolsearch. query= +SearchEngine aport.ru r= +SearchEngine ask. q= +SearchEngine atlas.cz q= +SearchEngine bbc. q= +SearchEngine bing. q= +SearchEngine blingo. q= +SearchEngine blogs.yandex.ru text= +SearchEngine btopenworld query= +SearchEngine buscador.ya.com q= +SearchEngine busca. q= +SearchEngine business. query= +SearchEngine centrum.cz q= +SearchEngine chiff. q= +SearchEngine clusty. query= +SearchEngine comcast. q= +SearchEngine crawler. q= +SearchEngine cuil. q= +SearchEngine dmoz. search= +SearchEngine dogpile.com q= +SearchEngine dpxml qkw= +SearchEngine eureka. searchword= +SearchEngine euroseek. string= +SearchEngine exalead. q= +SearchEngine excite search= +SearchEngine ezilon. q= +SearchEngine fastbrowsersearch. q= +SearchEngine feedster.com q= +SearchEngine fireball.de q= +SearchEngine fireball. keyword= +SearchEngine freeserve. q= +SearchEngine gigablast. q= +SearchEngine gogo.ru q= +SearchEngine go.mail.ru q= +SearchEngine google. q= +SearchEngine hakia. q= +SearchEngine hotbot. query= +SearchEngine infoseek. qt= +SearchEngine iwon searchfor= +SearchEngine ixquick.com query= +SearchEngine joeant. keywords= +SearchEngine jyxo.cz s= +SearchEngine looksmart. key= +SearchEngine lycos. query= +SearchEngine mamma. q= +SearchEngine metacrawler q= +SearchEngine msn. MT= +SearchEngine msxml qkw= +SearchEngine mysearch. searchfor= +SearchEngine mywebsearch. searchfor= +SearchEngine netscape. q= +SearchEngine nigma.ru q= +SearchEngine northernlight. qr= +SearchEngine ntlworld. q= +SearchEngine orange. q= +SearchEngine overture. Keywords= +SearchEngine punto.ru text= +SearchEngine rambler. keyword= +SearchEngine search.aol. q= +SearchEngine search.babylon. q= +SearchEngine search.centrum. phrase= +SearchEngine search.conduit. q= +SearchEngine search.earthlink q= +SearchEngine search.icq. q= +SearchEngine search.live.com q= +SearchEngine search.rambler.ru words= +SearchEngine search.winamp. q= +SearchEngine searchy. q= +SearchEngine seznam.cz w= +SearchEngine snap. query= +SearchEngine teoma. q= +SearchEngine teradex.com q= +SearchEngine ukplus key= +SearchEngine verizon. q= +SearchEngine virginmedia. q= +SearchEngine voila. rdata= +SearchEngine webcrawler searchText= +SearchEngine web.search.naver. query= +SearchEngine wisenut q= +SearchEngine yahoo. p= +SearchEngine yandex. text= +SearchEngine yodao. q= diff --git a/install/ubuntu/14.04/vsftpd/vsftpd.conf b/install/ubuntu/14.04/vsftpd/vsftpd.conf new file mode 100644 index 000000000..0902899e7 --- /dev/null +++ b/install/ubuntu/14.04/vsftpd/vsftpd.conf @@ -0,0 +1,24 @@ +anonymous_enable=NO +local_enable=YES +write_enable=YES +local_umask=002 +anon_upload_enable=NO +dirmessage_enable=YES +xferlog_enable=YES +connect_from_port_20=YES +xferlog_std_format=YES +dual_log_enable=YES +chroot_local_user=YES +listen=YES +pam_service_name=vsftpd +userlist_enable=NO +tcp_wrappers=YES +force_dot_files=YES +ascii_upload_enable=YES +ascii_download_enable=YES +#allow_writable_chroot=YES +allow_writeable_chroot=YES +seccomp_sandbox=NO +pasv_enable=YES +pasv_max_port=12100 +pasv_min_port=12000 diff --git a/install/ubuntu/14.10/apache2/apache2.conf b/install/ubuntu/14.10/apache2/apache2.conf new file mode 100644 index 000000000..221780117 --- /dev/null +++ b/install/ubuntu/14.10/apache2/apache2.conf @@ -0,0 +1,86 @@ +# It is split into several files forming the configuration hierarchy outlined +# below, all located in the /etc/apache2/ directory: +# +# /etc/apache2/ +# |-- apache2.conf +# | `-- ports.conf +# |-- mods-enabled +# | |-- *.load +# | `-- *.conf +# |-- conf.d +# | `-- * + +# Global configuration +PidFile ${APACHE_PID_FILE} +Timeout 30 +KeepAlive Off +MaxKeepAliveRequests 100 +KeepAliveTimeout 10 + + + StartServers 8 + MinSpareServers 5 + MaxSpareServers 20 + ServerLimit 256 + MaxClients 200 + MaxRequestsPerChild 4000 + + + + StartServers 2 + MinSpareThreads 25 + MaxSpareThreads 75 + ThreadLimit 64 + ThreadsPerChild 25 + MaxClients 200 + MaxRequestsPerChild 4000 + + + + StartServers 2 + MinSpareThreads 25 + MaxSpareThreads 75 + ThreadLimit 64 + ThreadsPerChild 25 + MaxClients 200 + MaxRequestsPerChild 4000 + + +# These need to be set in /etc/apache2/envvars +User ${APACHE_RUN_USER} +Group ${APACHE_RUN_GROUP} +#User www-data +#Group www-data + +AccessFileName .htaccess + + + Order allow,deny + Deny from all + Satisfy all + + +DefaultType None +HostnameLookups Off + +ErrorLog ${APACHE_LOG_DIR}/error.log +LogLevel warn + +# Include module configuration: +Include mods-enabled/*.load +Include mods-enabled/*.conf + +# Include list of ports to listen on and which to use for name based vhosts +Include ports.conf + +LogFormat "%v:%p %h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined +LogFormat "%h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined +LogFormat "%h %l %u %t \"%r\" %>s %O" common +LogFormat "%{Referer}i -> %U" referer +LogFormat "%{User-agent}i" agent +LogFormat "%b" bytes + +Include conf.d/ + +# Include the virtual host configurations: +#Include sites-enabled/ diff --git a/install/ubuntu/14.10/apache2/status.conf b/install/ubuntu/14.10/apache2/status.conf new file mode 100644 index 000000000..da9d96333 --- /dev/null +++ b/install/ubuntu/14.10/apache2/status.conf @@ -0,0 +1,8 @@ +Listen 127.0.0.1:8081 + + SetHandler server-status + Order deny,allow + Deny from all + Allow from 127.0.0.1 + Allow from all + diff --git a/install/ubuntu/14.10/bind/named.conf b/install/ubuntu/14.10/bind/named.conf new file mode 100644 index 000000000..ed6ece885 --- /dev/null +++ b/install/ubuntu/14.10/bind/named.conf @@ -0,0 +1,12 @@ +// This is the primary configuration file for the BIND DNS server named. +// +// Please read /usr/share/doc/bind9/README.Debian.gz for information on the +// structure of BIND configuration files in Debian, *BEFORE* you customize +// this configuration file. +// +// If you are just adding zones, please do that in /etc/bind/named.conf.local + +include "/etc/bind/named.conf.options"; +include "/etc/bind/named.conf.local"; +include "/etc/bind/named.conf.default-zones"; + diff --git a/install/ubuntu/14.10/clamav/clamd.conf b/install/ubuntu/14.10/clamav/clamd.conf new file mode 100644 index 000000000..ea982697a --- /dev/null +++ b/install/ubuntu/14.10/clamav/clamd.conf @@ -0,0 +1,61 @@ +#Automatically Generated by clamav-base postinst +#To reconfigure clamd run #dpkg-reconfigure clamav-base +#Please read /usr/share/doc/clamav-base/README.Debian.gz for details +LocalSocket /var/run/clamav/clamd.ctl +FixStaleSocket true +LocalSocketGroup clamav +LocalSocketMode 666 +# TemporaryDirectory is not set to its default /tmp here to make overriding +# the default with environment variables TMPDIR/TMP/TEMP possible +User clamav +AllowSupplementaryGroups true +ScanMail true +ScanArchive true +ArchiveBlockEncrypted false +MaxDirectoryRecursion 15 +FollowDirectorySymlinks false +FollowFileSymlinks false +ReadTimeout 180 +MaxThreads 12 +MaxConnectionQueueLength 15 +LogSyslog false +LogFacility LOG_LOCAL6 +LogClean false +LogVerbose true +PidFile /var/run/clamav/clamd.pid +DatabaseDirectory /var/lib/clamav +SelfCheck 3600 +Foreground false +Debug false +ScanPE true +ScanOLE2 true +ScanHTML true +DetectBrokenExecutables false +ExitOnOOM false +LeaveTemporaryFiles false +AlgorithmicDetection true +ScanELF true +IdleTimeout 30 +PhishingSignatures true +PhishingScanURLs true +PhishingAlwaysBlockSSLMismatch false +PhishingAlwaysBlockCloak false +DetectPUA false +ScanPartialMessages false +HeuristicScanPrecedence false +StructuredDataDetection false +CommandReadTimeout 5 +SendBufTimeout 200 +MaxQueue 100 +ExtendedDetectionInfo true +OLE2BlockMacros false +StreamMaxLength 25M +LogFile /var/log/clamav/clamav.log +LogTime true +LogFileUnlock false +LogFileMaxSize 0 +Bytecode true +BytecodeSecurity TrustSigned +BytecodeTimeout 60000 +OfficialDatabaseOnly false +CrossFilesystems true diff --git a/install/ubuntu/14.10/deb_signing.key b/install/ubuntu/14.10/deb_signing.key new file mode 100644 index 000000000..2ad2db8bc --- /dev/null +++ b/install/ubuntu/14.10/deb_signing.key @@ -0,0 +1,30 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- +Version: GnuPG v1.4.12 (GNU/Linux) + +mQENBFJIGbEBCAC8SHOOFo7iDTbnC2GhNZ+uBGCh226Dn1QPoFZNFM/DNakHZ6rD +G3wzr8++eKz4fJual/VLllE2N9XDPuxbozb3LLkcyY1WzJqtIXbXhFGQ/SuIeT+x +QY90XU6t2Ckze2c+zUniAWmJ8GSyVmXOoc9JxAQ1u47wvGXLzrjWXc8u8PNRYXuf +fZplTL+dFu9P0d6lP8FGsV+r9wXvvazpRTz3+H8PKrGCYT55ZQIEdG9Jgamylto2 +oVPFXkwGML+TLw6oeCIBuz2y2vtivphW4MJ3ifQjDj7k3n+DTIxfDFs8lB6VRhhY +2nMHCrcZC6U2mhmXmr6O4s1fu6irBVx05ejPABEBAAG0IFNlcmdoZXkgUm9kaW4g +PHNraWRAdmVzdGFjcC5jb20+iQE4BBMBAgAiBQJSSBmxAhsDBgsJCAcDAgYVCAIJ +CgsEFgIDAQIeAQIXgAAKCRBCxbITCh93FPdqB/93GjV9g+wBfeZYLHQK9MDU2wBb +VloYOJJae6IvYKYQVAJayD3PbHdpxrF8s9e23vdnmb9jKu6jX6oV54EIyqP2HPiN +QYc8wcea+eSHerznBixCtoQh8mtdWGFeN71zU/ig7L5qlOVF/EmxDVZTFUeivFxh +IV6qyBnktQKktE45585yKZyyLtfGoXA54DGK69OtJFh+wdkKEMmUXocMl7wUrxW6 +Cx2CuKeEXEgvwu8mRHQi3S3T9XP456qWEn5dWyMVcP660IzEuZfSJApZusNK7zG3 +WMy0/EuX7xHNY3mcNxTOUN1LsO7iHnhHD9+iKWJo9parGkMZzc92MpjDK/g7uQEN +BFJIGbEBCAC7k5QEA9WQM7E3ceNaeLMrA9lXfuzaNCcySq7ONdVAa5PxzbSKdHvz +QFoL1VFqBTYQ038lbil1XqnoM0zvIfAI3LcpS8sq92El/vPxp6jZh2Ari9Uw7x95 +k2cZMgI67g+zQMGdjVRA155nFQRCgg000xU4F7JA6+WsuLlVUmccsDv7YWJExMtC +YPxiuz5DFu8RALnw4Ckts+dbwsrcvUHhkm9b6RAsdCKjjRpUZjLgdltjH83gUVvt +i1YmdjjsVpt95dtsaG+ad852g/Rk8EdxNMkjPF6HLA67CLADP9wYaj80yPcPtylS +ycvPtcclVeHkFBRVM8xZpQd4iD19MWI1ABEBAAGJAR8EGAECAAkFAlJIGbECGwwA +CgkQQsWyEwofdxQ7tQgAhB0FwTs7L8Qr63DHC2yAnXVxgtTAY1/36CccNXVculyR ++EkLcwahms9AKhz7eQb+Mud+5vH0GRohLp2npgO38CjVUfIP5d+Y6dsthmrkF6p8 +XdV1dVK9vWX+i/YZSw/Mded30Cq4P2Yhq9EaemMT0rtli8lz2NnkZ9dFJZk1lzJC +CZmRpbjSNWqRU4f7qyh21lYk/OC/0XE8fh8CaO23TZ+6gBionoCztwb7NyC9OArN +qYlNnbmh9iNqdblykPS3bkjf34n2xyMgnIehNrM89tk8PY4UfNPhgT1TMD9W3Svq +ynNZvLuF/FIDwDeC1qcfjGbfDn9fXO/lMIIRooQYKQ== +=J2HJ +-----END PGP PUBLIC KEY BLOCK----- diff --git a/install/ubuntu/14.10/dovecot.tar.gz b/install/ubuntu/14.10/dovecot.tar.gz new file mode 100644 index 0000000000000000000000000000000000000000..bfabaa030981d087ea4ccd8c7b86cc4d7ab1b7c6 GIT binary patch literal 3487 zcmV;Q4Pf#giwFRAz^+vQ1MM4YZyPrJESWH#l7u_ru?rTWOchsOV;5PJCsTFqMF@1q7J z@8Lu8?+=Fk(NVY80r~evgQH6Rj{$e&-|I9Jo%CDy^^@&^0v-(pACmu3uh#|ncRQo* z(dY>0bqAx~@CoaDG73Hde{=aieOi0^lwDn3^_fjXAZIdQR-~y^a|aq$g|DKQfwbnIX+x!UC0o24+8Ev1e?6`TyF z8`vq$jB@adI3@)oZi~NBA63I*Z>0~uk2KT zaHU4N^Mslf!x4zfNM=3)9v~#FmW9FwMovM>Qqk&A2kn)-mF@3y zG_7=ebDkGV094j@@Vs@0BEc@7@e)9w1lqm6#<#5dEoiE=m z@xRQ?I@Os$l_|q95)Rz0FPp%ZgQ-R*OzH}@2pfc;P;nNeTnTN9qnvI`X4%2lW7cbR zTm3_iDcc$Smm3}Aqsvx4A-9-ir}foWtu?zhA>BPnKH=r8;MprpW)8}EnWd=Ptk>xv zZ$wNMvfvPJARK}+#op!#f3DIl7_7MUF_H+{N8OxpIBtVkjrIw0*#{pt%}|=4)|}#i zlK@)fN@oy7fK{B$wRYhG42V-$TW~dZzNkgA$Vec}F7ibQ_$LtX40NJt`OMjEVY}## zC!XAK34ym>0Rsw56(X|5!=mP(gHmL#q$xf~(P8ePbmY17uP8?-2-eo4Yq8S|{0ePC z{%@rXcpy}2$J3Wi&9@E*NtxUUBtI;i4*_q;ryATy&))c2YhFE=mCZghykWlY>c z$`*4-IYg9zGgoBu+J$PTs?J72mMO7@v=QizHl?Ho^Q6trYBp`MA?apM!Dq&&Fw%;NZ>9uNV(Q;Ji1D zSC=o5I^LcO}XbK_ij~ctOc^?0jNp{bgsnFkh!dQ`x4_i~A(yWFTp;L}~+`2=c6K z3cll({3CicV6e|ZnwY%i*D{1yLZ+?e{=TLY6c|SC1fzpMzDZJI%5L+?v>Mfe#D|AM zu{H~_Ze62e^kh|%!fz>Q2_H!3659BJZVC(0Vjnu9`FU}gzn7>vr-tO$G^OH$ojEgYPB34n)nCN z6_up>=y0fnu2v=w9^ctv_X*FyQ{qy%dak!9@p03;bsS}E4*n(qZ-c&>9>6_P!1vB* z)S>Sb1jo$Vh9~sS!@r29x^Mp=wK=--Pv-z0vj5JYQ`rBokM&>pe^A-~V*p5dl5jAb zF>6B()Q0bEuM;i!{MS(O3O)$;`#>Hz_&+?N{?F*Bvj4{b*Z-lK^uDrs5Xa-jP|B-A`z+-YdcF%DyCW+}{uQ7yN8dB=smp0>#5MR`=XA`_M|@&2rY zZx3;qcSKw<4eRNIXYWR9hn<^w7Q@ziSccrYPi2Y|VUpNm!WeDfdNYG$fi5R_OuDV& z%!xY>ILFc8_Cq&nkN@v}qb4?dwsIDU?QXGzCXef~UH4_fOVB_gLqVlFBKY*=>g4(P z#re%UtS=?NLD9nMx$84TnP5{vXD0pJ|6<>@c0hzQWe!47Af$v-WgUAoa7#{glGpk@ zZ>{epa?OlGyuBkz|5C-&D zX>62B5bhh91xMVx7HNLb_;K4>S8Csx=x_yj>G+sP zYoJHLc3^{Pi~pL%ck9}<&CEpGF9Nl;%!vsdCTDtnY_DI_P0mWP6p-FC77Gq+7U;;R z_qKx!=CJW^E-!^5;+v)tDti>M$qK zMmnu|b$NMJAVUeBetUNMT~T|z0-^}BogfM`fY)aDoF=l zFMF--Ve4Me$(NX7#5m<475cGv?HcmvADsJ6x3wm4@D{7`xTjg;lm*- zO4=y45Y&e@WBcuWP~+K5uALR;b!oED-5MP=oo!)vr2}oHT*3-gpQ8UohXrhNy=W@A zO9iGU!=1fKT!?HoZPJScC9TDy{`g8;5kWx8UpoLTy10Jxob*!`{qijf$TcD#4)2si z-J1<%o&tptmg1?o0}&FNOl~vk2qPa!kx-KhTyrBfzd5u2ed#}{;xeAy8rjP#r?n6>GmN1 zKk8Tc|KkA4I-F8o9~!x&5|@*I6BPg+L!OMPYXh(-F@E`C*gSpx?&_vUSADuQt}E6S zY0wss9}n802Ct!PyB@Y3I;_;;l3%siZ^!+)`S@pr`}IF-qfdMNf6)HB!~UK3e+O6w ztnB|00Hh7}wt@T_K1~8)@ZR)wJF{2{40zOD3Sdwh2HQC3(oTpACZz?pV)Lu!!@SBw z|A=tk{xJo3)cPOT|IxPo-|4&hUuFM~0-?0@@^2DxEC#I83ANGaO)LB~fhax2m$#gg zphvO5S5~BrF;vq+Mye+;{o z{XYh{IxZyRV5V~sPIh|ZG{}QMSnCGt&Iktl)V+-F-%UQQFWUGKQ}ep2ef*u%&wca? zo^0(u@A-b(%-;do|L7z3-|zbT|ESaL;O{>N_>;iO{vQGI_8wX`b@3Y9jdImf(k0Apn?i2sGx!hDyX1>3M#0ef(kxA N{0}P55eWcL004dY&`|&Y literal 0 HcmV?d00001 diff --git a/install/ubuntu/14.10/dovecot/conf.d/10-auth.conf b/install/ubuntu/14.10/dovecot/conf.d/10-auth.conf new file mode 100644 index 000000000..dfcc83110 --- /dev/null +++ b/install/ubuntu/14.10/dovecot/conf.d/10-auth.conf @@ -0,0 +1,4 @@ +disable_plaintext_auth = no +auth_verbose = yes +auth_mechanisms = plain login +!include auth-passwdfile.conf.ext diff --git a/install/ubuntu/14.10/dovecot/conf.d/10-logging.conf b/install/ubuntu/14.10/dovecot/conf.d/10-logging.conf new file mode 100644 index 000000000..a5f207d51 --- /dev/null +++ b/install/ubuntu/14.10/dovecot/conf.d/10-logging.conf @@ -0,0 +1 @@ +log_path = /var/log/dovecot.log diff --git a/install/ubuntu/14.10/dovecot/conf.d/10-mail.conf b/install/ubuntu/14.10/dovecot/conf.d/10-mail.conf new file mode 100644 index 000000000..55313419e --- /dev/null +++ b/install/ubuntu/14.10/dovecot/conf.d/10-mail.conf @@ -0,0 +1,4 @@ +mail_privileged_group = mail +mail_access_groups = mail +mail_location = maildir:%h/mail/%d/%n +pop3_uidl_format = %08Xu%08Xv diff --git a/install/ubuntu/14.10/dovecot/conf.d/10-master.conf b/install/ubuntu/14.10/dovecot/conf.d/10-master.conf new file mode 100644 index 000000000..a75a9aaa4 --- /dev/null +++ b/install/ubuntu/14.10/dovecot/conf.d/10-master.conf @@ -0,0 +1,29 @@ +service imap-login { + inet_listener imap { + } + inet_listener imaps { + } +} + +service pop3-login { + inet_listener pop3 { + } + inet_listener pop3s { + } +} + + +service imap { +} + +service pop3 { +} + +service auth { + unix_listener auth-client { + group = mail + mode = 0660 + user = dovecot + } + user = dovecot +} diff --git a/install/ubuntu/14.10/dovecot/conf.d/10-ssl.conf b/install/ubuntu/14.10/dovecot/conf.d/10-ssl.conf new file mode 100644 index 000000000..3aaff6eec --- /dev/null +++ b/install/ubuntu/14.10/dovecot/conf.d/10-ssl.conf @@ -0,0 +1,3 @@ +ssl = yes +ssl_cert = = 2.1.4) : %v.%u + # Dovecot v0.99.x : %v.%u + # tpop3d : %Mf + # + # Note that Outlook 2003 seems to have problems with %v.%u format which was + # Dovecot's default, so if you're building a new server it would be a good + # idea to change this. %08Xu%08Xv should be pretty fail-safe. + # + #pop3_uidl_format = %08Xu%08Xv + + # Permanently save UIDLs sent to POP3 clients, so pop3_uidl_format changes + # won't change those UIDLs. Currently this works only with Maildir. + #pop3_save_uidl = no + + # What to do about duplicate UIDLs if they exist? + # allow: Show duplicates to clients. + # rename: Append a temporary -2, -3, etc. counter after the UIDL. + #pop3_uidl_duplicates = allow + + # POP3 logout format string: + # %i - total number of bytes read from client + # %o - total number of bytes sent to client + # %t - number of TOP commands + # %p - number of bytes sent to client as a result of TOP command + # %r - number of RETR commands + # %b - number of bytes sent to client as a result of RETR command + # %d - number of deleted messages + # %m - number of messages (before deletion) + # %s - mailbox size in bytes (before deletion) + # %u - old/new UIDL hash. may help finding out if UIDLs changed unexpectedly + #pop3_logout_format = top=%t/%p, retr=%r/%b, del=%d/%m, size=%s + + # Maximum number of POP3 connections allowed for a user from each IP address. + # NOTE: The username is compared case-sensitively. + #mail_max_userip_connections = 10 + + # Space separated list of plugins to load (default is global mail_plugins). + #mail_plugins = $mail_plugins + + # Workarounds for various client bugs: + # outlook-no-nuls: + # Outlook and Outlook Express hang if mails contain NUL characters. + # This setting replaces them with 0x80 character. + # oe-ns-eoh: + # Outlook Express and Netscape Mail breaks if end of headers-line is + # missing. This option simply sends it if it's missing. + # The list is space-separated. + #pop3_client_workarounds = +} diff --git a/install/ubuntu/14.10/dovecot/conf.d/auth-passwdfile.conf.ext b/install/ubuntu/14.10/dovecot/conf.d/auth-passwdfile.conf.ext new file mode 100644 index 000000000..75e6e1152 --- /dev/null +++ b/install/ubuntu/14.10/dovecot/conf.d/auth-passwdfile.conf.ext @@ -0,0 +1,9 @@ +passdb { + driver = passwd-file + args = scheme=MD5-CRYPT username_format=%n /etc/exim4/domains/%d/passwd +} + +userdb { + driver = passwd-file + args = username_format=%n /etc/exim4/domains/%d/passwd +} diff --git a/install/ubuntu/14.10/dovecot/dovecot.conf b/install/ubuntu/14.10/dovecot/dovecot.conf new file mode 100644 index 000000000..0a8553510 --- /dev/null +++ b/install/ubuntu/14.10/dovecot/dovecot.conf @@ -0,0 +1,4 @@ +protocols = imap pop3 +listen = *, :: +base_dir = /var/run/dovecot/ +!include conf.d/*.conf diff --git a/install/ubuntu/14.10/exim/dnsbl.conf b/install/ubuntu/14.10/exim/dnsbl.conf new file mode 100644 index 000000000..5166b255e --- /dev/null +++ b/install/ubuntu/14.10/exim/dnsbl.conf @@ -0,0 +1,2 @@ +bl.spamcop.net +zen.spamhaus.org diff --git a/install/ubuntu/14.10/exim/exim4.conf.template b/install/ubuntu/14.10/exim/exim4.conf.template new file mode 100644 index 000000000..742f0409e --- /dev/null +++ b/install/ubuntu/14.10/exim/exim4.conf.template @@ -0,0 +1,377 @@ +###################################################################### +# # +# Exim configuration file for Vesta Control Panel # +# # +###################################################################### + +#SPAMASSASSIN = yes +#SPAM_SCORE = 50 +#CLAMD = yes + +domainlist local_domains = dsearch;/etc/exim4/domains/ +domainlist relay_to_domains = dsearch;/etc/exim4/domains/ +hostlist relay_from_hosts = 127.0.0.1 +hostlist whitelist = net-iplsearch;/etc/exim4/white-blocks.conf +hostlist spammers = net-iplsearch;/etc/exim4/spam-blocks.conf +no_local_from_check +untrusted_set_sender = * +acl_smtp_connect = acl_check_spammers +acl_smtp_mail = acl_check_mail +acl_smtp_rcpt = acl_check_rcpt +acl_smtp_data = acl_check_data +acl_smtp_mime = acl_check_mime + +.ifdef SPAMASSASSIN +spamd_address = 127.0.0.1 783 +.endif + +.ifdef CLAMD +av_scanner = clamd: /var/run/clamav/clamd.ctl +.endif + +tls_advertise_hosts = * +tls_certificate = /usr/local/vesta/ssl/certificate.crt +tls_privatekey = /usr/local/vesta/ssl/certificate.key + +daemon_smtp_ports = 25 : 465 : 587 : 2525 +tls_on_connect_ports = 465 +never_users = root +host_lookup = * +rfc1413_hosts = * +rfc1413_query_timeout = 5s +ignore_bounce_errors_after = 2d +timeout_frozen_after = 7d + +DKIM_DOMAIN = ${lc:${domain:$h_from:}} +DKIM_FILE = /etc/exim4/domains/${lc:${domain:$h_from:}}/dkim.pem +DKIM_PRIVATE_KEY = ${if exists{DKIM_FILE}{DKIM_FILE}{0}} + + + +###################################################################### +# ACL CONFIGURATION # +# Specifies access control lists for incoming SMTP mail # +###################################################################### +begin acl + +acl_check_spammers: + accept hosts = +whitelist + + drop message = Your host in blacklist on this server. + log_message = Host in blacklist + hosts = +spammers + + accept + + +acl_check_mail: + deny condition = ${if eq{$sender_helo_name}{}} + message = HELO required before MAIL + + drop message = Helo name contains a ip address (HELO was $sender_helo_name) and not is valid + condition = ${if match{$sender_helo_name}{\N((\d{1,3}[.-]\d{1,3}[.-]\d{1,3}[.-]\d{1,3})|([0-9a-f]{8})|([0-9A-F]{8}))\N}{yes}{no}} + condition = ${if match {${lookup dnsdb{>: defer_never,ptr=$sender_host_address}}\}{$sender_helo_name}{no}{yes}} + delay = 45s + + drop condition = ${if isip{$sender_helo_name}} + message = Access denied - Invalid HELO name (See RFC2821 4.1.3) + + drop condition = ${if eq{[$interface_address]}{$sender_helo_name}} + message = $interface_address is _my_ address + + accept + + +acl_check_rcpt: + accept hosts = : + + deny message = Restricted characters in address + domains = +local_domains + local_parts = ^[.] : ^.*[@%!/|] + + deny message = Restricted characters in address + domains = !+local_domains + local_parts = ^[./|] : ^.*[@%!] : ^.*/\\.\\./ + + require verify = sender + + accept hosts = +relay_from_hosts + control = submission + + accept authenticated = * + control = submission/domain= + + deny message = Rejected because $sender_host_address is in a black list at $dnslist_domain\n$dnslist_text + hosts = !+whitelist + dnslists = ${readfile {/etc/exim4/dnsbl.conf}{:}} + + require message = relay not permitted + domains = +local_domains : +relay_to_domains + + deny message = smtp auth requried + sender_domains = +local_domains + !authenticated = * + + require verify = recipient + +.ifdef CLAMD + warn set acl_m0 = no + + warn condition = ${if exists {/etc/exim4/domains/$domain/antivirus}{yes}{no}} + set acl_m0 = yes +.endif + +.ifdef SPAMASSASSIN + warn set acl_m1 = no + + warn condition = ${if exists {/etc/exim4/domains/$domain/antispam}{yes}{no}} + set acl_m1 = yes +.endif + + accept + + +acl_check_data: +.ifdef CLAMD + deny message = Message contains a virus ($malware_name) and has been rejected + malware = * + condition = ${if eq{$acl_m0}{yes}{yes}{no}} +.endif + +.ifdef SPAMASSASSIN + warn !authenticated = * + hosts = !+relay_from_hosts + condition = ${if < {$message_size}{100K}} + condition = ${if eq{$acl_m1}{yes}{yes}{no}} + spam = nobody:true/defer_ok + add_header = X-Spam-Score: $spam_score_int + add_header = X-Spam-Bar: $spam_bar + add_header = X-Spam-Report: $spam_report + set acl_m2 = $spam_score_int + + warn condition = ${if !eq{$acl_m2}{} {yes}{no}} + condition = ${if >{$acl_m2}{SPAM_SCORE} {yes}{no}} + add_header = X-Spam-Status: Yes + message = SpamAssassin detected spam (from $sender_address to $recipients). +.endif + + accept + + +acl_check_mime: + deny message = Blacklisted file extension detected + condition = ${if match {${lc:$mime_filename}}{\N(\.ade|\.adp|\.bat|\.chm|\.cmd|\.com|\.cpl|\.exe|\.hta|\.ins|\.isp|\.jse|\.lib|\.lnk|\.mde|\.msc|\.msp|\.mst|\.pif|\.scr|\.sct|\.shb|\.sys|\.vb|\.vbe|\.vbs|\.vxd|\.wsc|\.wsf|\.wsh)$\N}{1}{0}} + + accept + + + +###################################################################### +# AUTHENTICATION CONFIGURATION # +###################################################################### +begin authenticators + +dovecot_plain: + driver = dovecot + public_name = PLAIN + server_socket = /var/run/dovecot/auth-client + server_set_id = $auth1 + +dovecot_login: + driver = dovecot + public_name = LOGIN + server_socket = /var/run/dovecot/auth-client + server_set_id = $auth1 + + + +###################################################################### +# ROUTERS CONFIGURATION # +# Specifies how addresses are handled # +###################################################################### +begin routers + +#smarthost: +# driver = manualroute +# domains = ! +local_domains +# transport = remote_smtp +# route_list = * smartrelay.vestacp.com +# no_more +# no_verify + +dnslookup: + driver = dnslookup + domains = !+local_domains + transport = remote_smtp + no_more + +userforward: + driver = redirect + check_local_user + file = $home/.forward + allow_filter + no_verify + no_expn + check_ancestor + file_transport = address_file + pipe_transport = address_pipe + reply_transport = address_reply + +procmail: + driver = accept + check_local_user + require_files = ${local_part}:+${home}/.procmailrc:/usr/bin/procmail + transport = procmail + no_verify + +autoreplay: + driver = accept + require_files = /etc/exim4/domains/$domain/autoreply.${local_part}.msg + condition = ${if exists{/etc/exim4/domains/$domain/autoreply.${local_part}.msg}}{yes}{no}} + retry_use_local_part + transport = userautoreply + unseen + +aliases: + driver = redirect + headers_add = X-redirected: yes + data = ${extract{1}{:}{${lookup{$local_part@$domain}lsearch{/etc/exim4/domains/$domain/aliases}}}} + require_files = /etc/exim4/domains/$domain/aliases + redirect_router = dnslookup + pipe_transport = address_pipe + unseen + +localuser_fwd_only: + driver = accept + transport = devnull + condition = ${if exists{/etc/exim/domains/$domain/fwd_only}{${lookup{$local_part}lsearch{/etc/exim/domains/$domain/fwd_only}{true}{false}}}} + +localuser_spam: + driver = accept + transport = local_spam_delivery + condition = ${if eq {${if match{$h_X-Spam-Status:}{\N^Yes\N}{yes}{no}}} {${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}{yes}{no_such_user}}}} + +localuser: + driver = accept + transport = local_delivery + condition = ${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}{true}{false}} + +catchall: + driver = redirect + headers_add = X-redirected: yes + require_files = /etc/exim4/domains/$domain/aliases + data = ${extract{1}{:}{${lookup{*@$domain}lsearch{/etc/exim4/domains/$domain/aliases}}}} + file_transport = local_delivery + redirect_router = dnslookup + +terminate_alias: + driver = accept + transport = devnull + condition = ${lookup{$local_part@$domain}lsearch{/etc/exim4/domains/$domain/aliases}{true}{false}} + + + +###################################################################### +# TRANSPORTS CONFIGURATION # +###################################################################### +begin transports + +remote_smtp: + driver = smtp + #helo_data = $sender_address_domain + dkim_domain = DKIM_DOMAIN + dkim_selector = mail + dkim_private_key = DKIM_PRIVATE_KEY + dkim_canon = relaxed + dkim_strict = 0 + +procmail: + driver = pipe + command = "/usr/bin/procmail -d $local_part" + return_path_add + delivery_date_add + envelope_to_add + user = $local_part + initgroups + return_output + +local_delivery: + driver = appendfile + maildir_format + maildir_use_size_file + user = ${extract{2}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}} + group = mail + create_directory + directory_mode = 770 + mode = 660 + use_lockfile = no + delivery_date_add + envelope_to_add + return_path_add + directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}/mail/$domain/$local_part" + quota = ${extract{6}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}M + quota_warn_threshold = 75% + +local_spam_delivery: + driver = appendfile + maildir_format + maildir_use_size_file + user = ${extract{2}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}} + group = mail + create_directory + directory_mode = 770 + mode = 660 + use_lockfile = no + delivery_date_add + envelope_to_add + return_path_add + directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}/mail/$domain/$local_part/.Spam" + quota = ${extract{6}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}M + quota_directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}/mail/$domain/$local_part" + quota_warn_threshold = 75% + +address_pipe: + driver = pipe + return_output + +address_file: + driver = appendfile + delivery_date_add + envelope_to_add + return_path_add + +address_reply: + driver = autoreply + +userautoreply: + driver = autoreply + file = /etc/exim4/domains/$domain/autoreply.${local_part}.msg + from = "${local_part}@${domain}" + subject = "${if def:h_Subject: {Autoreply: ${quote:${escape:$h_Subject:}}} {Autoreply Message}}" + to = "${sender_address}" + +devnull: + driver = appendfile + file = /dev/null + + + +###################################################################### +# RETRY CONFIGURATION # +###################################################################### +begin retry + +# Address or Domain Error Retries +# ----------------- ----- ------- +* * F,2h,15m; G,16h,1h,1.5; F,4d,6h + + + +###################################################################### +# REWRITE CONFIGURATION # +###################################################################### +begin rewrite + + + +###################################################################### diff --git a/install/ubuntu/14.10/exim/spam-blocks.conf b/install/ubuntu/14.10/exim/spam-blocks.conf new file mode 100644 index 000000000..e69de29bb diff --git a/install/ubuntu/14.10/fail2ban.tar.gz b/install/ubuntu/14.10/fail2ban.tar.gz new file mode 100644 index 0000000000000000000000000000000000000000..628545b6b12d83a4dfcf4529b41f62792c228c85 GIT binary patch literal 721 zcmV;?0xta@iwFR?P)1Y$1MQbhZ{jczhB^CJjMPJ=l>#Ira4D7AZL1=&Z6#&~ zz`KruB3xbg09_DCMo>VRAaZ-;y)^U@ z_5_W1em^5}=Uk3M(j5%0M~Fp}7>lVIYRqubkoOIoiK#qP6BOckLPYW;2OWgmSsIAg zuZ|mFmaYUYjJJfo8s1fhF1)IOlQ|75La(j33(9U0btUMJvtIut>QYeUVmCrexr&Qi zKbjFQ61zkzP2U-?^r{!(!l(3+?Yga{u}aaFy}dZE-rC%=GOfyYm&N9W)k}T291PDY z*P0t`IZ}uIjJ_-j{V$SH_dlT#cu)PeEcx8DI+m&H|328vfBu=(y@&@N72}Qi-)t}U ze|i14JEpGxd*KMK)CoAp98}8bBuj9v%2KQe1W{6IHF7UVKsi-oBUDPa+B%^mI!l#A z%iggR=`rPvnSp)Z2xvn7V8#q@Dyt%#D2+c|xJU7JZ=WzC$g2~0Q{w%WGdx!uFgO@} z=-u4i58*FN5)y;)2*=Nd+$g+V_$fxmCp11?eTVGz8P->^KFOi;zxe)( z;(T!ZH#>H&|F+iuy|9`8{p-KwZ0f&dYyIB`OZs27=SuT4o@Sm$(ja3D9@K#V)prvv zs8^H+ECdN-k)k768hSV1`}Y@@gAp1N=}x2^dQlk4c0wJawc4RhTtX&fF0G*c4Nk6a z2g6fPkL6zl5rJ&(DMxg| +actionstop = /usr/local/vesta/bin/v-delete-firewall-chain +actioncheck = iptables -n -L INPUT | grep -q 'fail2ban-[ \t]' +actionban = /usr/local/vesta/bin/v-add-firewall-ban +actionunban = /usr/local/vesta/bin/v-delete-firewall-ban diff --git a/install/ubuntu/14.10/fail2ban/filter.d/vesta.conf b/install/ubuntu/14.10/fail2ban/filter.d/vesta.conf new file mode 100644 index 000000000..69670a56e --- /dev/null +++ b/install/ubuntu/14.10/fail2ban/filter.d/vesta.conf @@ -0,0 +1,10 @@ +# Fail2Ban filter for unsuccesfull Vesta authentication attempts +# + +[INCLUDES] +before = common.conf + +[Definition] +failregex = .* failed to login +ignoreregex = + diff --git a/install/ubuntu/14.10/fail2ban/jail.local b/install/ubuntu/14.10/fail2ban/jail.local new file mode 100644 index 000000000..eccea0685 --- /dev/null +++ b/install/ubuntu/14.10/fail2ban/jail.local @@ -0,0 +1,39 @@ +[ssh-iptables] +enabled = true +filter = sshd +action = vesta[name=SSH] +logpath = /var/log/auth.log +maxretry = 5 + +[vsftpd-iptables] +enabled = false +filter = vsftpd +action = vesta[name=FTP] +logpath = /var/log/vsftpd.log +maxretry = 5 + +[exim-iptables] +enabled = true +filter = exim +action = vesta[name=MAIL] +logpath = /var/log/exim4/mainlog + +[dovecot-iptables] +enabled = true +filter = dovecot +action = vesta[name=MAIL] +logpath = /var/log/dovecot.log + +[mysqld-iptables] +enabled = false +filter = mysqld-auth +action = vesta[name=DB] +logpath = /var/log/mysql.log +maxretry = 5 + +[vesta-iptables] +enabled = true +filter = vesta +action = vesta[name=VESTA] +logpath = /var/log/vesta/auth.log +maxretry = 5 diff --git a/install/ubuntu/14.10/firewall.tar.gz b/install/ubuntu/14.10/firewall.tar.gz new file mode 100644 index 0000000000000000000000000000000000000000..e8556008077364323d7d6b6934e7a2cf7a734983 GIT binary patch literal 540 zcmV+%0^|K3iwFQ5XyQ}=1MQVdkJ>O4Mzij(@XnhsKo&*MSlh#7(1g=&0&FEG%?Me6ampuO4>y-_`!)kpP&FT0Pj|*j)GSV93 zG0u%P9?@5H>Ue&9TJ8w(mS4U;YbU>kw!5dto6pc!`1H`piz?!Qs? zZ2zTY(j)A}O)l`C?|(Hfn=&r%X0(YbN~&_+%&1`W&E*1z3IZzVUki(*D`*Kk5kQkG z1wFz!17_g@d9ch)G0;wCGL8I9sNtr~X-yEB=^d3PuoC0XT$oBik3eT~aJ zPYYM7vf@1@^`frQB1w}O-E1jovb=r04Y>?eKuHocY1?18ny~4FyPO>aM4!NUUOmFePy(-1M3SddTi>v8NVjB&*t=IgAYbgkDfmmx*FWy-yM^~-2uA1 z`-8QZ4$iCJUfZClsXi!k+gGp^gsj(jT}WJxQ(W4?Rswg^FKlTCd%;5d=XH e1VIo4K@bE%5ClOG1VIqwGCu%8Tmj4gC;$K)2?m1z literal 0 HcmV?d00001 diff --git a/install/ubuntu/14.10/firewall/ports.conf b/install/ubuntu/14.10/firewall/ports.conf new file mode 100644 index 000000000..a6ef4dae5 --- /dev/null +++ b/install/ubuntu/14.10/firewall/ports.conf @@ -0,0 +1,16 @@ +PROTOCOL='TCP' PORT='20' +PROTOCOL='TCP' PORT='21' +PROTOCOL='TCP' PORT='22' +PROTOCOL='TCP' PORT='25' +PROTOCOL='UDP' PORT='53' +PROTOCOL='TCP' PORT='80' +PROTOCOL='TCP' PORT='443' +PROTOCOL='TCP' PORT='110' +PROTOCOL='UDP' PORT='123' +PROTOCOL='TCP' PORT='143' +PROTOCOL='TCP' PORT='3306' +PROTOCOL='TCP' PORT='5432' +PROTOCOL='TCP' PORT='8080' +PROTOCOL='TCP' PORT='8433' +PROTOCOL='TCP' PORT='8083' +PROTOCOL='TCP' PORT='12000:12100' diff --git a/install/ubuntu/14.10/firewall/rules.conf b/install/ubuntu/14.10/firewall/rules.conf new file mode 100644 index 000000000..956c2e1d9 --- /dev/null +++ b/install/ubuntu/14.10/firewall/rules.conf @@ -0,0 +1,10 @@ +RULE='1' ACTION='ACCEPT' PROTOCOL='ICMP' PORT='0' IP='0.0.0.0/0' COMMENT='PING' SUSPENDED='no' TIME='17:13:48' DATE='2014-09-16' +RULE='2' ACTION='ACCEPT' PROTOCOL='TCP' PORT='8083' IP='0.0.0.0/0' COMMENT='VESTA' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='3' ACTION='ACCEPT' PROTOCOL='TCP' PORT='3306,5432' IP='0.0.0.0/0' COMMENT='DB' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='4' ACTION='ACCEPT' PROTOCOL='TCP' PORT='143,993' IP='0.0.0.0/0' COMMENT='IMAP' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='5' ACTION='ACCEPT' PROTOCOL='TCP' PORT='110,995' IP='0.0.0.0/0' COMMENT='POP3' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='6' ACTION='ACCEPT' PROTOCOL='TCP' PORT='25,465,587,2525' IP='0.0.0.0/0' COMMENT='SMTP' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='7' ACTION='ACCEPT' PROTOCOL='UDP' PORT='53' IP='0.0.0.0/0' COMMENT='DNS' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='8' ACTION='ACCEPT' PROTOCOL='TCP' PORT='21,12000-12100' IP='0.0.0.0/0' COMMENT='FTP' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='9' ACTION='ACCEPT' PROTOCOL='TCP' PORT='80,443' IP='0.0.0.0/0' COMMENT='WEB' SUSPENDED='no' TIME='17:04:27' DATE='2014-09-24' +RULE='10' ACTION='ACCEPT' PROTOCOL='TCP' PORT='22' IP='0.0.0.0/0' COMMENT='SSH' SUSPENDED='no' TIME='17:14:41' DATE='2014-09-16' diff --git a/install/ubuntu/14.10/logrotate/apache2 b/install/ubuntu/14.10/logrotate/apache2 new file mode 100644 index 000000000..27629d0dd --- /dev/null +++ b/install/ubuntu/14.10/logrotate/apache2 @@ -0,0 +1,19 @@ +/var/log/apache2/*.log /var/log/apache2/domains/*log { + weekly + missingok + rotate 52 + compress + delaycompress + notifempty + create 640 root adm + sharedscripts + postrotate + /etc/init.d/apache2 reload > /dev/null || true + [ ! -f /var/run/nginx.pid ] || kill -USR1 `cat /var/run/nginx.pid` + endscript + prerotate + if [ -d /etc/logrotate.d/httpd-prerotate ]; then \ + run-parts /etc/logrotate.d/httpd-prerotate; \ + fi; \ + endscript +} diff --git a/install/ubuntu/14.10/logrotate/nginx b/install/ubuntu/14.10/logrotate/nginx new file mode 100644 index 000000000..d667f2135 --- /dev/null +++ b/install/ubuntu/14.10/logrotate/nginx @@ -0,0 +1,13 @@ +/var/log/nginx/*log /var/log/nginx/domains/*log { + daily + missingok + rotate 52 + compress + delaycompress + notifempty + create 640 nginx adm + sharedscripts + postrotate + [ -f /var/run/nginx.pid ] && kill -USR1 `cat /var/run/nginx.pid` + endscript +} diff --git a/install/ubuntu/14.10/logrotate/vesta b/install/ubuntu/14.10/logrotate/vesta new file mode 100644 index 000000000..027a34396 --- /dev/null +++ b/install/ubuntu/14.10/logrotate/vesta @@ -0,0 +1,7 @@ +/usr/local/vesta/log/*.log { + missingok + notifempty + size 30k + yearly + create 0600 root root +} diff --git a/install/ubuntu/14.10/mysql/my-large.cnf b/install/ubuntu/14.10/mysql/my-large.cnf new file mode 100644 index 000000000..d0bab3907 --- /dev/null +++ b/install/ubuntu/14.10/mysql/my-large.cnf @@ -0,0 +1,42 @@ +[client] +port=3306 +socket=/var/run/mysqld/mysqld.sock + +[mysqld_safe] +socket=/var/run/mysqld/mysqld.sock + +[mysqld] +user=mysql +pid-file=/var/run/mysqld/mysqld.pid +socket=/var/run/mysqld/mysqld.sock +port=3306 +basedir=/usr +datadir=/var/lib/mysql +tmpdir=/tmp +lc-messages-dir=/usr/share/mysql +log_error=/var/log/mysql/error.log + +symbolic-links=0 + +skip-external-locking +key_buffer_size = 256M +max_allowed_packet = 32M +table_open_cache = 256 +sort_buffer_size = 1M +read_buffer_size = 1M +read_rnd_buffer_size = 4M +myisam_sort_buffer_size = 64M +thread_cache_size = 8 +query_cache_size= 16M +thread_concurrency = 8 + +#innodb_use_native_aio = 0 +innodb_file_per_table + +max_connections=200 +max_user_connections=50 +wait_timeout=10 +interactive_timeout=50 +long_query_time=5 + +!includedir /etc/mysql/conf.d/ diff --git a/install/ubuntu/14.10/mysql/my-medium.cnf b/install/ubuntu/14.10/mysql/my-medium.cnf new file mode 100644 index 000000000..1c10ab9a6 --- /dev/null +++ b/install/ubuntu/14.10/mysql/my-medium.cnf @@ -0,0 +1,40 @@ +[client] +port=3306 +socket=/var/run/mysqld/mysqld.sock + +[mysqld_safe] +socket=/var/run/mysqld/mysqld.sock + +[mysqld] +user=mysql +pid-file=/var/run/mysqld/mysqld.pid +socket=/var/run/mysqld/mysqld.sock +port=3306 +basedir=/usr +datadir=/var/lib/mysql +tmpdir=/tmp +lc-messages-dir=/usr/share/mysql +log_error=/var/log/mysql/error.log + +symbolic-links=0 + +skip-external-locking +key_buffer_size = 16M +max_allowed_packet = 16M +table_open_cache = 64 +sort_buffer_size = 512K +net_buffer_length = 8K +read_buffer_size = 256K +read_rnd_buffer_size = 512K +myisam_sort_buffer_size = 8M + +#innodb_use_native_aio = 0 +innodb_file_per_table + +max_connections=70 +max_user_connections=30 +wait_timeout=10 +interactive_timeout=50 +long_query_time=5 + +!includedir /etc/mysql/conf.d/ diff --git a/install/ubuntu/14.10/mysql/my-small.cnf b/install/ubuntu/14.10/mysql/my-small.cnf new file mode 100644 index 000000000..26a804781 --- /dev/null +++ b/install/ubuntu/14.10/mysql/my-small.cnf @@ -0,0 +1,40 @@ +[client] +port=3306 +socket=/var/run/mysqld/mysqld.sock + +[mysqld_safe] +socket=/var/run/mysqld/mysqld.sock + +[mysqld] +user=mysql +pid-file=/var/run/mysqld/mysqld.pid +socket=/var/run/mysqld/mysqld.sock +port=3306 +basedir=/usr +datadir=/var/lib/mysql +tmpdir=/tmp +lc-messages-dir=/usr/share/mysql +log_error=/var/log/mysql/error.log + +symbolic-links=0 + +skip-external-locking +key_buffer_size = 16K +max_allowed_packet = 1M +table_open_cache = 4 +sort_buffer_size = 64K +read_buffer_size = 256K +read_rnd_buffer_size = 256K +net_buffer_length = 2K +thread_stack = 240K + +#innodb_use_native_aio = 0 +innodb_file_per_table + +max_connections=30 +max_user_connections=20 +wait_timeout=10 +interactive_timeout=50 +long_query_time=5 + +!includedir /etc/mysql/conf.d/ diff --git a/install/ubuntu/14.10/nginx/nginx.conf b/install/ubuntu/14.10/nginx/nginx.conf new file mode 100644 index 000000000..7937301c1 --- /dev/null +++ b/install/ubuntu/14.10/nginx/nginx.conf @@ -0,0 +1,124 @@ +# Server globals +user www-data; +worker_processes 2; +error_log /var/log/nginx/error.log; +pid /var/run/nginx.pid; + + +# Worker config +events { + worker_connections 1024; + use epoll; +} + + +http { + # Main settings + sendfile on; + tcp_nopush on; + tcp_nodelay on; + client_header_timeout 1m; + client_body_timeout 1m; + client_header_buffer_size 2k; + client_body_buffer_size 256k; + client_max_body_size 100m; + large_client_header_buffers 4 8k; + send_timeout 30; + keepalive_timeout 60 60; + reset_timedout_connection on; + server_tokens off; + server_name_in_redirect off; + server_names_hash_max_size 512; + server_names_hash_bucket_size 512; + + + # Log format + log_format main '$remote_addr - $remote_user [$time_local] $request ' + '"$status" $body_bytes_sent "$http_referer" ' + '"$http_user_agent" "$http_x_forwarded_for"'; + log_format bytes '$body_bytes_sent'; + #access_log /var/log/nginx/access.log main; + access_log off; + + + # Mime settings + include /etc/nginx/mime.types; + default_type application/octet-stream; + + + # Compression + gzip on; + gzip_comp_level 9; + gzip_min_length 512; + gzip_buffers 8 64k; + gzip_types text/plain text/css text/javascript + application/x-javascript; + gzip_proxied any; + + + # Proxy settings + proxy_redirect off; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_pass_header Set-Cookie; + proxy_connect_timeout 90; + proxy_send_timeout 90; + proxy_read_timeout 90; + proxy_buffers 32 4k; + + + # Cloudflare https://www.cloudflare.com/ips + set_real_ip_from 199.27.128.0/21; + set_real_ip_from 173.245.48.0/20; + set_real_ip_from 103.21.244.0/22; + set_real_ip_from 103.22.200.0/22; + set_real_ip_from 103.31.4.0/22; + set_real_ip_from 141.101.64.0/18; + set_real_ip_from 108.162.192.0/18; + set_real_ip_from 190.93.240.0/20; + set_real_ip_from 188.114.96.0/20; + set_real_ip_from 197.234.240.0/22; + set_real_ip_from 198.41.128.0/17; + set_real_ip_from 162.158.0.0/15; + set_real_ip_from 104.16.0.0/12; + set_real_ip_from 172.64.0.0/13; + #set_real_ip_from 2400:cb00::/32; + #set_real_ip_from 2606:4700::/32; + #set_real_ip_from 2803:f800::/32; + #set_real_ip_from 2405:b500::/32; + #set_real_ip_from 2405:8100::/32; + real_ip_header CF-Connecting-IP; + + + # SSL PCI Compliance + ssl_session_cache shared:SSL:10m; + ssl_protocols TLSv1 TLSv1.1 TLSv1.2; + ssl_prefer_server_ciphers on; + ssl_ciphers "ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4"; + + + # Error pages + error_page 403 /error/403.html; + error_page 404 /error/404.html; + error_page 502 503 504 /error/50x.html; + + + # Cache + proxy_cache_path /var/cache/nginx levels=2 keys_zone=cache:10m inactive=60m max_size=512m; + proxy_cache_key "$host$request_uri $cookie_user"; + proxy_temp_path /var/cache/nginx/temp; + proxy_ignore_headers Expires Cache-Control; + proxy_cache_use_stale error timeout invalid_header http_502; + proxy_cache_valid any 3d; + + map $http_cookie $no_cache { + default 0; + ~SESS 1; + ~wordpress_logged_in 1; + } + + + # Wildcard include + include /etc/nginx/conf.d/*.conf; +} diff --git a/install/ubuntu/14.10/nginx/phpmyadmin.inc b/install/ubuntu/14.10/nginx/phpmyadmin.inc new file mode 100644 index 000000000..d70ca3e3c --- /dev/null +++ b/install/ubuntu/14.10/nginx/phpmyadmin.inc @@ -0,0 +1,15 @@ +location /phpmyadmin { + alias /usr/share/phpmyadmin/; + + location ~ /(libraries|setup) { + return 404; + } + + location ~ ^/phpmyadmin/(.*\.php)$ { + alias /usr/share/phpmyadmin/$1; + fastcgi_pass 127.0.0.1:9000; + fastcgi_index index.php; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $request_filename; + } +} diff --git a/install/ubuntu/14.10/nginx/phppgadmin.inc b/install/ubuntu/14.10/nginx/phppgadmin.inc new file mode 100644 index 000000000..cd1e5806b --- /dev/null +++ b/install/ubuntu/14.10/nginx/phppgadmin.inc @@ -0,0 +1,11 @@ +location /phppgadmin { + alias /usr/share/phppgadmin/; + + location ~ ^/phppgadmin/(.*\.php)$ { + alias /usr/share/phppgadmin/$1; + fastcgi_pass 127.0.0.1:9000; + fastcgi_index index.php; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $request_filename; + } +} diff --git a/install/ubuntu/14.10/nginx/status.conf b/install/ubuntu/14.10/nginx/status.conf new file mode 100644 index 000000000..c0bcd0691 --- /dev/null +++ b/install/ubuntu/14.10/nginx/status.conf @@ -0,0 +1,9 @@ +server { + listen 127.0.0.1:8084 default; + server_name _; + server_name_in_redirect off; + location / { + stub_status on; + access_log off; + } +} diff --git a/install/ubuntu/14.10/nginx/webmail.inc b/install/ubuntu/14.10/nginx/webmail.inc new file mode 100644 index 000000000..ad66895bc --- /dev/null +++ b/install/ubuntu/14.10/nginx/webmail.inc @@ -0,0 +1,15 @@ +location /webmail { + alias /var/lib/roundcube/; + + location ~ /(config|temp|logs) { + return 404; + } + + location ~ ^/webmail/(.*\.php)$ { + alias /var/lib/roundcube/$1; + fastcgi_pass 127.0.0.1:9000; + fastcgi_index index.php; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $request_filename; + } +} diff --git a/install/ubuntu/14.10/packages.tar.gz b/install/ubuntu/14.10/packages.tar.gz new file mode 100644 index 0000000000000000000000000000000000000000..4b778dadce20a61f03a8ca920ec81c55a8730fee GIT binary patch literal 562 zcmV-20?qv&iwFRHoJ3Lp1MQYgkD5>vhFSY7+_9e37(#VaFxE7E(hXh3fdi2rFJZkFya3gX^b)n zVXSCG>M9q!r;?X63%1>^6fD25GP?9(Zs8i zm#eSAOO(kSvCYUG8}`JzlNGcp7>;dtR#6ZOYcoV)W|{76R22A_Q=gJo4AXSy6Mw(T z@QvYNS99i079ZTgdF&uH#Hm!H2Tkno>k1^mATb^lABoBo#r=lG9NGXU~REdk0(83B2vo&kr_ zAp~{{4=IqJS7Kl{UdaJ`lmmICl^~$|AizYY10B;!5Re`k^vG)ug3|w@mF?UAH~v$N z5%B*SfdB3Ik9DT%#Rp2&fAy{S9|r3<{gP~x+kO96-v30?!2fG-8UK&;KeGQw{$uw~ zsNXQZA^ut3x1l|*XixdCp}qF{wFdwI0000000000000000RC})0(q@EkpL(F05 diff --git a/install/ubuntu/14.10/pga/phppgadmin.conf b/install/ubuntu/14.10/pga/phppgadmin.conf new file mode 100644 index 000000000..f39247d6f --- /dev/null +++ b/install/ubuntu/14.10/pga/phppgadmin.conf @@ -0,0 +1,31 @@ +Alias /phppgadmin /usr/share/phppgadmin + + + +DirectoryIndex index.php +AllowOverride None + +order deny,allow +deny from all +allow from 127.0.0.0/255.0.0.0 ::1/128 +allow from all + + + php_flag magic_quotes_gpc Off + php_flag track_vars On + php_value include_path . + + + + + AddType application/x-httpd-php .php + Action application/x-httpd-php /cgi-bin/php + + + AddType application/x-httpd-php .php + Action application/x-httpd-php /cgi-bin/php + + + + + diff --git a/install/ubuntu/14.10/php5-fpm/www.conf b/install/ubuntu/14.10/php5-fpm/www.conf new file mode 100644 index 000000000..d046bceef --- /dev/null +++ b/install/ubuntu/14.10/php5-fpm/www.conf @@ -0,0 +1,10 @@ +[www] +listen = 127.0.0.1:9000 +listen.allowed_clients = 127.0.0.1 +user = www-data +group = www-data +pm = dynamic +pm.max_children = 50 +pm.start_servers = 5 +pm.min_spare_servers = 3 +pm.max_spare_servers = 35 diff --git a/install/ubuntu/14.10/pma/apache.conf b/install/ubuntu/14.10/pma/apache.conf new file mode 100644 index 000000000..2a8f69e25 --- /dev/null +++ b/install/ubuntu/14.10/pma/apache.conf @@ -0,0 +1,42 @@ +# phpMyAdmin default Apache configuration + +Alias /phpmyadmin /usr/share/phpmyadmin + + + Options FollowSymLinks + DirectoryIndex index.php + + + AddType application/x-httpd-php .php + + php_flag magic_quotes_gpc Off + php_flag track_vars On + php_flag register_globals Off + php_admin_flag allow_url_fopen Off + php_value include_path . + php_admin_value upload_tmp_dir /var/lib/phpmyadmin/tmp + php_admin_value open_basedir /usr/share/phpmyadmin/:/etc/phpmyadmin/:/var/lib/phpmyadmin/:/usr/share/php/php-gettext + + + + +# Authorize for setup + + + AuthType Basic + AuthName "phpMyAdmin Setup" + AuthUserFile /etc/phpmyadmin/htpasswd.setup + + Require valid-user + + +# Disallow web access to directories that don't need it + + Order Deny,Allow + Deny from All + + + Order Deny,Allow + Deny from All + + diff --git a/install/ubuntu/14.10/pma/config.inc.php b/install/ubuntu/14.10/pma/config.inc.php new file mode 100644 index 000000000..a643a065b --- /dev/null +++ b/install/ubuntu/14.10/pma/config.inc.php @@ -0,0 +1,146 @@ + + VRootEngine on + VRootAlias /etc/security/pam_env.conf etc/security/pam_env.conf + + +AuthPAMConfig proftpd +AuthOrder mod_auth_pam.c* mod_auth_unix.c +UseReverseDNS off +User proftpd +Group nogroup +MaxInstances 20 +UseSendfile off +LogFormat default "%h %l %u %t \"%r\" %s %b" +LogFormat auth "%v [%P] %h %t \"%r\" %s" +ListOptions -a +RequireValidShell off +PassivePorts 12000 12100 + + + Umask 002 + IdentLookups off + AllowOverwrite yes + + AllowAll + + diff --git a/install/ubuntu/14.10/roundcube/apache.conf b/install/ubuntu/14.10/roundcube/apache.conf new file mode 100644 index 000000000..a0c87bcc6 --- /dev/null +++ b/install/ubuntu/14.10/roundcube/apache.conf @@ -0,0 +1,40 @@ +Alias /roundcube/program/js/tiny_mce/ /usr/share/tinymce/www/ +Alias /roundcube /var/lib/roundcube +Alias /webmail /var/lib/roundcube + +# Access to tinymce files + + Options Indexes MultiViews FollowSymLinks + AllowOverride None + Order allow,deny + allow from all + + + + Options +FollowSymLinks + # This is needed to parse /var/lib/roundcube/.htaccess. See its + # content before setting AllowOverride to None. + AllowOverride All + order allow,deny + allow from all + + +# Protecting basic directories: + + Options -FollowSymLinks + AllowOverride None + + + + Options -FollowSymLinks + AllowOverride None + Order allow,deny + Deny from all + + + + Options -FollowSymLinks + AllowOverride None + Order allow,deny + Deny from all + diff --git a/install/ubuntu/14.10/roundcube/config.inc.php b/install/ubuntu/14.10/roundcube/config.inc.php new file mode 100644 index 000000000..0c82b1bc1 --- /dev/null +++ b/install/ubuntu/14.10/roundcube/config.inc.php @@ -0,0 +1,33 @@ + diff --git a/install/ubuntu/14.10/roundcube/main.inc.php b/install/ubuntu/14.10/roundcube/main.inc.php new file mode 100644 index 000000000..97cdbf2df --- /dev/null +++ b/install/ubuntu/14.10/roundcube/main.inc.php @@ -0,0 +1,850 @@ +/sendmail or to syslog +$rcmail_config['smtp_log'] = true; + +// Log successful logins to /userlogins or to syslog +$rcmail_config['log_logins'] = false; + +// Log session authentication errors to /session or to syslog +$rcmail_config['log_session'] = false; + +// Log SQL queries to /sql or to syslog +$rcmail_config['sql_debug'] = false; + +// Log IMAP conversation to /imap or to syslog +$rcmail_config['imap_debug'] = false; + +// Log LDAP conversation to /ldap or to syslog +$rcmail_config['ldap_debug'] = false; + +// Log SMTP conversation to /smtp or to syslog +$rcmail_config['smtp_debug'] = false; + +// ---------------------------------- +// IMAP +// ---------------------------------- + +// the mail host chosen to perform the log-in +// leave blank to show a textbox at login, give a list of hosts +// to display a pulldown menu or set one host as string. +// To use SSL/TLS connection, enter hostname with prefix ssl:// or tls:// +// Supported replacement variables: +// %n - http hostname ($_SERVER['SERVER_NAME']) +// %d - domain (http hostname without the first part) +// %s - domain name after the '@' from e-mail address provided at login screen +// For example %n = mail.domain.tld, %d = domain.tld +$rcmail_config['default_host'] = 'localhost'; + +// TCP port used for IMAP connections +$rcmail_config['default_port'] = 143; + +// IMAP AUTH type (DIGEST-MD5, CRAM-MD5, LOGIN, PLAIN or empty to use +// best server supported one) +$rcmail_config['imap_auth_type'] = null; + +// If you know your imap's folder delimiter, you can specify it here. +// Otherwise it will be determined automatically +$rcmail_config['imap_delimiter'] = null; + +// If IMAP server doesn't support NAMESPACE extension, but you're +// using shared folders or personal root folder is non-empty, you'll need to +// set these options. All can be strings or arrays of strings. +// Folders need to be ended with directory separator, e.g. "INBOX." +// (special directory "~" is an exception to this rule) +// These can be used also to overwrite server's namespaces +$rcmail_config['imap_ns_personal'] = null; +$rcmail_config['imap_ns_other'] = null; +$rcmail_config['imap_ns_shared'] = null; + +// By default IMAP capabilities are readed after connection to IMAP server +// In some cases, e.g. when using IMAP proxy, there's a need to refresh the list +// after login. Set to True if you've got this case. +$rcmail_config['imap_force_caps'] = false; + +// By default list of subscribed folders is determined using LIST-EXTENDED +// extension if available. Some servers (dovecot 1.x) returns wrong results +// for shared namespaces in this case. http://trac.roundcube.net/ticket/1486225 +// Enable this option to force LSUB command usage instead. +$rcmail_config['imap_force_lsub'] = false; + +// Some server configurations (e.g. Courier) doesn't list folders in all namespaces +// Enable this option to force listing of folders in all namespaces +$rcmail_config['imap_force_ns'] = false; + +// IMAP connection timeout, in seconds. Default: 0 (no limit) +$rcmail_config['imap_timeout'] = 0; + +// Optional IMAP authentication identifier to be used as authorization proxy +$rcmail_config['imap_auth_cid'] = null; + +// Optional IMAP authentication password to be used for imap_auth_cid +$rcmail_config['imap_auth_pw'] = null; + +// Type of IMAP indexes cache. Supported values: 'db', 'apc' and 'memcache'. +$rcmail_config['imap_cache'] = null; + +// Enables messages cache. Only 'db' cache is supported. +$rcmail_config['messages_cache'] = false; + + +// ---------------------------------- +// SMTP +// ---------------------------------- + +// SMTP server host (for sending mails). +// To use SSL/TLS connection, enter hostname with prefix ssl:// or tls:// +// If left blank, the PHP mail() function is used +// Supported replacement variables: +// %h - user's IMAP hostname +// %n - http hostname ($_SERVER['SERVER_NAME']) +// %d - domain (http hostname without the first part) +// %z - IMAP domain (IMAP hostname without the first part) +// For example %n = mail.domain.tld, %d = domain.tld +$rcmail_config['smtp_server'] = ''; + +// SMTP port (default is 25; use 587 for STARTTLS or 465 for the +// deprecated SSL over SMTP (aka SMTPS)) +$rcmail_config['smtp_port'] = 25; + +// SMTP username (if required) if you use %u as the username Roundcube +// will use the current username for login +$rcmail_config['smtp_user'] = ''; + +// SMTP password (if required) if you use %p as the password Roundcube +// will use the current user's password for login +$rcmail_config['smtp_pass'] = ''; + +// SMTP AUTH type (DIGEST-MD5, CRAM-MD5, LOGIN, PLAIN or empty to use +// best server supported one) +$rcmail_config['smtp_auth_type'] = ''; + +// Optional SMTP authentication identifier to be used as authorization proxy +$rcmail_config['smtp_auth_cid'] = null; + +// Optional SMTP authentication password to be used for smtp_auth_cid +$rcmail_config['smtp_auth_pw'] = null; + +// SMTP HELO host +// Hostname to give to the remote server for SMTP 'HELO' or 'EHLO' messages +// Leave this blank and you will get the server variable 'server_name' or +// localhost if that isn't defined. +$rcmail_config['smtp_helo_host'] = ''; + +// SMTP connection timeout, in seconds. Default: 0 (no limit) +$rcmail_config['smtp_timeout'] = 0; + +// ---------------------------------- +// SYSTEM +// ---------------------------------- +include_once("/etc/roundcube/debian-db-roundcube.php"); + + +// THIS OPTION WILL ALLOW THE INSTALLER TO RUN AND CAN EXPOSE SENSITIVE CONFIG DATA. +// ONLY ENABLE IT IF YOU'RE REALLY SURE WHAT YOU'RE DOING! +$rcmail_config['enable_installer'] = false; + +// provide an URL where a user can get support for this Roundcube installation +// PLEASE DO NOT LINK TO THE ROUNDCUBE.NET WEBSITE HERE! +$rcmail_config['support_url'] = ''; + +// replace Roundcube logo with this image +// specify an URL relative to the document root of this Roundcube installation +$rcmail_config['skin_logo'] = null; + +// automatically create a new Roundcube user when log-in the first time. +// a new user will be created once the IMAP login succeeds. +// set to false if only registered users can use this service +$rcmail_config['auto_create_user'] = true; + +// use this folder to store log files (must be writeable for apache user) +// This is used by the 'file' log driver. +$rcmail_config['log_dir'] = '/var/log/roundcubemail/'; + +// use this folder to store temp files (must be writeable for apache user) +$rcmail_config['temp_dir'] = '/tmp'; + +// lifetime of message cache +// possible units: s, m, h, d, w +$rcmail_config['message_cache_lifetime'] = '10d'; + +// enforce connections over https +// with this option enabled, all non-secure connections will be redirected. +// set the port for the ssl connection as value of this option if it differs from the default 443 +$rcmail_config['force_https'] = false; + +// tell PHP that it should work as under secure connection +// even if it doesn't recognize it as secure ($_SERVER['HTTPS'] is not set) +// e.g. when you're running Roundcube behind a https proxy +// this option is mutually exclusive to 'force_https' and only either one of them should be set to true. +$rcmail_config['use_https'] = false; + +// Allow browser-autocompletion on login form. +// 0 - disabled, 1 - username and host only, 2 - username, host, password +$rcmail_config['login_autocomplete'] = 0; + +// Forces conversion of logins to lower case. +// 0 - disabled, 1 - only domain part, 2 - domain and local part. +// If users authentication is not case-sensitive this must be enabled. +// After enabling it all user records need to be updated, e.g. with query: +// UPDATE users SET username = LOWER(username); +$rcmail_config['login_lc'] = 0; + +// Includes should be interpreted as PHP files +$rcmail_config['skin_include_php'] = false; + +// display software version on login screen +$rcmail_config['display_version'] = false; + +// Session lifetime in minutes +// must be greater than 'keep_alive'/60 +$rcmail_config['session_lifetime'] = 10; + +// session domain: .example.org +$rcmail_config['session_domain'] = ''; + +// session name. Default: 'roundcube_sessid' +$rcmail_config['session_name'] = null; + +// Backend to use for session storage. Can either be 'db' (default) or 'memcache' +// If set to memcache, a list of servers need to be specified in 'memcache_hosts' +// Make sure the Memcache extension (http://pecl.php.net/package/memcache) version >= 2.0.0 is installed +$rcmail_config['session_storage'] = 'db'; + +// Use these hosts for accessing memcached +// Define any number of hosts in the form of hostname:port or unix:///path/to/sock.file +$rcmail_config['memcache_hosts'] = null; // e.g. array( 'localhost:11211', '192.168.1.12:11211', 'unix:///var/tmp/memcached.sock' ); + +// check client IP in session athorization +$rcmail_config['ip_check'] = false; + +// check referer of incoming requests +$rcmail_config['referer_check'] = false; + +// X-Frame-Options HTTP header value sent to prevent from Clickjacking. +// Possible values: sameorigin|deny. Set to false in order to disable sending them +$rcmail_config['x_frame_options'] = 'sameorigin'; + +// this key is used to encrypt the users imap password which is stored +// in the session record (and the client cookie if remember password is enabled). +// please provide a string of exactly 24 chars. +$rcmail_config['des_key'] = 'vtIOjLZo9kffJoqzpSbm5r1r'; + +// Automatically add this domain to user names for login +// Only for IMAP servers that require full e-mail addresses for login +// Specify an array with 'host' => 'domain' values to support multiple hosts +// Supported replacement variables: +// %h - user's IMAP hostname +// %n - http hostname ($_SERVER['SERVER_NAME']) +// %d - domain (http hostname without the first part) +// %z - IMAP domain (IMAP hostname without the first part) +// For example %n = mail.domain.tld, %d = domain.tld +$rcmail_config['username_domain'] = ''; + +// This domain will be used to form e-mail addresses of new users +// Specify an array with 'host' => 'domain' values to support multiple hosts +// Supported replacement variables: +// %h - user's IMAP hostname +// %n - http hostname ($_SERVER['SERVER_NAME']) +// %d - domain (http hostname without the first part) +// %z - IMAP domain (IMAP hostname without the first part) +// For example %n = mail.domain.tld, %d = domain.tld +$rcmail_config['mail_domain'] = ''; + +// Password charset. +// Use it if your authentication backend doesn't support UTF-8. +// Defaults to ISO-8859-1 for backward compatibility +$rcmail_config['password_charset'] = 'ISO-8859-1'; + +// How many seconds must pass between emails sent by a user +$rcmail_config['sendmail_delay'] = 0; + +// Maximum number of recipients per message. Default: 0 (no limit) +$rcmail_config['max_recipients'] = 0; + +// Maximum allowednumber of members of an address group. Default: 0 (no limit) +// If 'max_recipients' is set this value should be less or equal +$rcmail_config['max_group_members'] = 0; + +// add this user-agent to message headers when sending +$rcmail_config['useragent'] = 'Roundcube Webmail/'.RCMAIL_VERSION; + +// use this name to compose page titles +$rcmail_config['product_name'] = 'Roundcube Webmail'; + +// try to load host-specific configuration +// see http://trac.roundcube.net/wiki/Howto_Config for more details +$rcmail_config['include_host_config'] = false; + +// path to a text file which will be added to each sent message +// paths are relative to the Roundcube root folder +$rcmail_config['generic_message_footer'] = ''; + +// path to a text file which will be added to each sent HTML message +// paths are relative to the Roundcube root folder +$rcmail_config['generic_message_footer_html'] = ''; + +// add a received header to outgoing mails containing the creators IP and hostname +$rcmail_config['http_received_header'] = false; + +// Whether or not to encrypt the IP address and the host name +// these could, in some circles, be considered as sensitive information; +// however, for the administrator, these could be invaluable help +// when tracking down issues. +$rcmail_config['http_received_header_encrypt'] = false; + +// This string is used as a delimiter for message headers when sending +// a message via mail() function. Leave empty for auto-detection +$rcmail_config['mail_header_delimiter'] = NULL; + +// number of chars allowed for line when wrapping text. +// text wrapping is done when composing/sending messages +$rcmail_config['line_length'] = 72; + +// send plaintext messages as format=flowed +$rcmail_config['send_format_flowed'] = true; + +// don't allow these settings to be overriden by the user +$rcmail_config['dont_override'] = array(); + +// Set identities access level: +// 0 - many identities with possibility to edit all params +// 1 - many identities with possibility to edit all params but not email address +// 2 - one identity with possibility to edit all params +// 3 - one identity with possibility to edit all params but not email address +$rcmail_config['identities_level'] = 0; + +// Mimetypes supported by the browser. +// attachments of these types will open in a preview window +// either a comma-separated list or an array: 'text/plain,text/html,text/xml,image/jpeg,image/gif,image/png,application/pdf' +$rcmail_config['client_mimetypes'] = null; # null == default + +// mime magic database +$rcmail_config['mime_magic'] = null; + +// path to imagemagick identify binary +$rcmail_config['im_identify_path'] = null; + +// path to imagemagick convert binary +$rcmail_config['im_convert_path'] = null; + +// maximum size of uploaded contact photos in pixel +$rcmail_config['contact_photo_size'] = 160; + +// Enable DNS checking for e-mail address validation +$rcmail_config['email_dns_check'] = false; + +// ---------------------------------- +// PLUGINS +// ---------------------------------- + +// List of active plugins (in plugins/ directory) +$rcmail_config['plugins'] = array('password'); + +// ---------------------------------- +// USER INTERFACE +// ---------------------------------- + +// default messages sort column. Use empty value for default server's sorting, +// or 'arrival', 'date', 'subject', 'from', 'to', 'fromto', 'size', 'cc' +$rcmail_config['message_sort_col'] = ''; + +// default messages sort order +$rcmail_config['message_sort_order'] = 'DESC'; + +// These cols are shown in the message list. Available cols are: +// subject, from, to, fromto, cc, replyto, date, size, status, flag, attachment, 'priority' +$rcmail_config['list_cols'] = array('subject', 'status', 'fromto', 'date', 'size', 'flag', 'attachment'); + +// the default locale setting (leave empty for auto-detection) +// RFC1766 formatted language name like en_US, de_DE, de_CH, fr_FR, pt_BR +$rcmail_config['language'] = null; + +// use this format for date display (date or strftime format) +$rcmail_config['date_format'] = 'Y-m-d'; + +// give this choice of date formats to the user to select from +$rcmail_config['date_formats'] = array('Y-m-d', 'd-m-Y', 'Y/m/d', 'm/d/Y', 'd/m/Y', 'd.m.Y', 'j.n.Y'); + +// use this format for time display (date or strftime format) +$rcmail_config['time_format'] = 'H:i'; + +// give this choice of time formats to the user to select from +$rcmail_config['time_formats'] = array('G:i', 'H:i', 'g:i a', 'h:i A'); + +// use this format for short date display (derived from date_format and time_format) +$rcmail_config['date_short'] = 'D H:i'; + +// use this format for detailed date/time formatting (derived from date_format and time_format) +$rcmail_config['date_long'] = 'Y-m-d H:i'; + +// store draft message is this mailbox +// leave blank if draft messages should not be stored +// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP) +$rcmail_config['drafts_mbox'] = 'Drafts'; + +// store spam messages in this mailbox +// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP) +$rcmail_config['junk_mbox'] = 'Spam'; + +// store sent message is this mailbox +// leave blank if sent messages should not be stored +// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP) +$rcmail_config['sent_mbox'] = 'Sent'; + +// move messages to this folder when deleting them +// leave blank if they should be deleted directly +// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP) +$rcmail_config['trash_mbox'] = 'Trash'; + +// display these folders separately in the mailbox list. +// these folders will also be displayed with localized names +// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP) +$rcmail_config['default_folders'] = array('INBOX', 'Drafts', 'Sent', 'Spam', 'Trash'); +$rcmail_config['default_imap_folders'] = array('INBOX', 'Drafts', 'Sent', 'Spam', 'Trash'); + +// automatically create the above listed default folders on first login +$rcmail_config['create_default_folders'] = true; + +// protect the default folders from renames, deletes, and subscription changes +$rcmail_config['protect_default_folders'] = true; + +// if in your system 0 quota means no limit set this option to true +$rcmail_config['quota_zero_as_unlimited'] = false; + +// Make use of the built-in spell checker. It is based on GoogieSpell. +// Since Google only accepts connections over https your PHP installatation +// requires to be compiled with Open SSL support +$rcmail_config['enable_spellcheck'] = true; + +// Enables spellchecker exceptions dictionary. +// Setting it to 'shared' will make the dictionary shared by all users. +$rcmail_config['spellcheck_dictionary'] = false; + +// Set the spell checking engine. 'googie' is the default. 'pspell' is also available, +// but requires the Pspell extensions. When using Nox Spell Server, also set 'googie' here. +$rcmail_config['spellcheck_engine'] = 'googie'; + +// For a locally installed Nox Spell Server, please specify the URI to call it. +// Get Nox Spell Server from http://orangoo.com/labs/?page_id=72 +// Leave empty to use the Google spell checking service, what means +// that the message content will be sent to Google in order to check spelling +$rcmail_config['spellcheck_uri'] = ''; + +// These languages can be selected for spell checking. +// Configure as a PHP style hash array: array('en'=>'English', 'de'=>'Deutsch'); +// Leave empty for default set of available language. +$rcmail_config['spellcheck_languages'] = NULL; + +// Makes that words with all letters capitalized will be ignored (e.g. GOOGLE) +$rcmail_config['spellcheck_ignore_caps'] = false; + +// Makes that words with numbers will be ignored (e.g. g00gle) +$rcmail_config['spellcheck_ignore_nums'] = false; + +// Makes that words with symbols will be ignored (e.g. g@@gle) +$rcmail_config['spellcheck_ignore_syms'] = false; + +// Use this char/string to separate recipients when composing a new message +$rcmail_config['recipients_separator'] = ','; + +// don't let users set pagesize to more than this value if set +$rcmail_config['max_pagesize'] = 200; + +// Minimal value of user's 'keep_alive' setting (in seconds) +// Must be less than 'session_lifetime' +$rcmail_config['min_keep_alive'] = 60; + +// Enables files upload indicator. Requires APC installed and enabled apc.rfc1867 option. +// By default refresh time is set to 1 second. You can set this value to true +// or any integer value indicating number of seconds. +$rcmail_config['upload_progress'] = false; + +// Specifies for how many seconds the Undo button will be available +// after object delete action. Currently used with supporting address book sources. +// Setting it to 0, disables the feature. +$rcmail_config['undo_timeout'] = 0; + +// ---------------------------------- +// ADDRESSBOOK SETTINGS +// ---------------------------------- + +// This indicates which type of address book to use. Possible choises: +// 'sql' (default) and 'ldap'. +// If set to 'ldap' then it will look at using the first writable LDAP +// address book as the primary address book and it will not display the +// SQL address book in the 'Address Book' view. +$rcmail_config['address_book_type'] = 'sql'; + +// In order to enable public ldap search, configure an array like the Verisign +// example further below. if you would like to test, simply uncomment the example. +// Array key must contain only safe characters, ie. a-zA-Z0-9_ +$rcmail_config['ldap_public'] = array(); + +// If you are going to use LDAP for individual address books, you will need to +// set 'user_specific' to true and use the variables to generate the appropriate DNs to access it. +// +// The recommended directory structure for LDAP is to store all the address book entries +// under the users main entry, e.g.: +// +// o=root +// ou=people +// uid=user@domain +// mail=contact@contactdomain +// +// So the base_dn would be uid=%fu,ou=people,o=root +// The bind_dn would be the same as based_dn or some super user login. +/* + * example config for Verisign directory + * +$rcmail_config['ldap_public']['Verisign'] = array( + 'name' => 'Verisign.com', + // Replacement variables supported in host names: + // %h - user's IMAP hostname + // %n - http hostname ($_SERVER['SERVER_NAME']) + // %d - domain (http hostname without the first part) + // %z - IMAP domain (IMAP hostname without the first part) + // For example %n = mail.domain.tld, %d = domain.tld + 'hosts' => array('directory.verisign.com'), + 'port' => 389, + 'use_tls' => false, + 'ldap_version' => 3, // using LDAPv3 + 'user_specific' => false, // If true the base_dn, bind_dn and bind_pass default to the user's IMAP login. + // %fu - The full username provided, assumes the username is an email + // address, uses the username_domain value if not an email address. + // %u - The username prior to the '@'. + // %d - The domain name after the '@'. + // %dc - The domain name hierarchal string e.g. "dc=test,dc=domain,dc=com" + // %dn - DN found by ldap search when search_filter/search_base_dn are used + 'base_dn' => '', + 'bind_dn' => '', + 'bind_pass' => '', + // It's possible to bind for an individual address book + // The login name is used to search for the DN to bind with + 'search_base_dn' => '', + 'search_filter' => '', // e.g. '(&(objectClass=posixAccount)(uid=%u))' + // DN and password to bind as before searching for bind DN, if anonymous search is not allowed + 'search_bind_dn' => '', + 'search_bind_pw' => '', + // Default for %dn variable if search doesn't return DN value + 'search_dn_default' => '', + // Optional authentication identifier to be used as SASL authorization proxy + // bind_dn need to be empty + 'auth_cid' => '', + // SASL authentication method (for proxy auth), e.g. DIGEST-MD5 + 'auth_method' => '', + // Indicates if the addressbook shall be hidden from the list. + // With this option enabled you can still search/view contacts. + 'hidden' => false, + // Indicates if the addressbook shall not list contacts but only allows searching. + 'searchonly' => false, + // Indicates if we can write to the LDAP directory or not. + // If writable is true then these fields need to be populated: + // LDAP_Object_Classes, required_fields, LDAP_rdn + 'writable' => false, + // To create a new contact these are the object classes to specify + // (or any other classes you wish to use). + 'LDAP_Object_Classes' => array('top', 'inetOrgPerson'), + // The RDN field that is used for new entries, this field needs + // to be one of the search_fields, the base of base_dn is appended + // to the RDN to insert into the LDAP directory. + 'LDAP_rdn' => 'cn', + // The required fields needed to build a new contact as required by + // the object classes (can include additional fields not required by the object classes). + 'required_fields' => array('cn', 'sn', 'mail'), + 'search_fields' => array('mail', 'cn'), // fields to search in + // mapping of contact fields to directory attributes + // for every attribute one can specify the number of values (limit) allowed. + // default is 1, a wildcard * means unlimited + 'fieldmap' => array( + // Roundcube => LDAP:limit + 'name' => 'cn', + 'surname' => 'sn', + 'firstname' => 'givenName', + 'title' => 'title', + 'email' => 'mail:*', + 'phone:home' => 'homePhone', + 'phone:work' => 'telephoneNumber', + 'phone:mobile' => 'mobile', + 'phone:pager' => 'pager', + 'street' => 'street', + 'zipcode' => 'postalCode', + 'region' => 'st', + 'locality' => 'l', +// if you uncomment country, you need to modify 'sub_fields' above +// 'country' => 'c', + 'department' => 'departmentNumber', + 'notes' => 'description', +// these currently don't work: +// 'phone:workfax' => 'facsimileTelephoneNumber', +// 'photo' => 'jpegPhoto', +// 'organization' => 'o', +// 'manager' => 'manager', +// 'assistant' => 'secretary', + ), + // Map of contact sub-objects (attribute name => objectClass(es)), e.g. 'c' => 'country' + 'sub_fields' => array(), + 'sort' => 'cn', // The field to sort the listing by. + 'scope' => 'sub', // search mode: sub|base|list + 'filter' => '(objectClass=inetOrgPerson)', // used for basic listing (if not empty) and will be &'d with search queries. example: status=act + 'fuzzy_search' => true, // server allows wildcard search + 'vlv' => false, // Enable Virtual List View to more efficiently fetch paginated data (if server supports it) + 'numsub_filter' => '(objectClass=organizationalUnit)', // with VLV, we also use numSubOrdinates to query the total number of records. Set this filter to get all numSubOrdinates attributes for counting + 'sizelimit' => '0', // Enables you to limit the count of entries fetched. Setting this to 0 means no limit. + 'timelimit' => '0', // Sets the number of seconds how long is spend on the search. Setting this to 0 means no limit. + 'referrals' => true|false, // Sets the LDAP_OPT_REFERRALS option. Mostly used in multi-domain Active Directory setups + + // definition for contact groups (uncomment if no groups are supported) + // for the groups base_dn, the user replacements %fu, %u, $d and %dc work as for base_dn (see above) + // if the groups base_dn is empty, the contact base_dn is used for the groups as well + // -> in this case, assure that groups and contacts are separated due to the concernig filters! + 'groups' => array( + 'base_dn' => '', + 'scope' => 'sub', // search mode: sub|base|list + 'filter' => '(objectClass=groupOfNames)', + 'object_classes' => array("top", "groupOfNames"), + 'member_attr' => 'member', // name of the member attribute, e.g. uniqueMember + 'name_attr' => 'cn', // attribute to be used as group name + ), +); +*/ + +// An ordered array of the ids of the addressbooks that should be searched +// when populating address autocomplete fields server-side. ex: array('sql','Verisign'); +$rcmail_config['autocomplete_addressbooks'] = array('sql'); + +// The minimum number of characters required to be typed in an autocomplete field +// before address books will be searched. Most useful for LDAP directories that +// may need to do lengthy results building given overly-broad searches +$rcmail_config['autocomplete_min_length'] = 1; + +// Number of parallel autocomplete requests. +// If there's more than one address book, n parallel (async) requests will be created, +// where each request will search in one address book. By default (0), all address +// books are searched in one request. +$rcmail_config['autocomplete_threads'] = 0; + +// Max. numer of entries in autocomplete popup. Default: 15. +$rcmail_config['autocomplete_max'] = 15; + +// show address fields in this order +// available placeholders: {street}, {locality}, {zipcode}, {country}, {region} +$rcmail_config['address_template'] = '{street}
{locality} {zipcode}
{country} {region}'; + +// Matching mode for addressbook search (including autocompletion) +// 0 - partial (*abc*), default +// 1 - strict (abc) +// 2 - prefix (abc*) +// Note: For LDAP sources fuzzy_search must be enabled to use 'partial' or 'prefix' mode +$rcmail_config['addressbook_search_mode'] = 0; + +// ---------------------------------- +// USER PREFERENCES +// ---------------------------------- + +// Use this charset as fallback for message decoding +//$rcmail_config['default_charset'] = 'ISO-8859-1'; +$rcmail_config['default_charset'] = 'UTF-8'; + +// skin name: folder from skins/ +$rcmail_config['skin'] = 'larry'; + +// show up to X items in messages list view +$rcmail_config['mail_pagesize'] = 50; + +// show up to X items in contacts list view +$rcmail_config['addressbook_pagesize'] = 50; + +// sort contacts by this col (preferably either one of name, firstname, surname) +$rcmail_config['addressbook_sort_col'] = 'surname'; + +// the way how contact names are displayed in the list +// 0: display name +// 1: (prefix) firstname middlename surname (suffix) +// 2: (prefix) surname firstname middlename (suffix) +// 3: (prefix) surname, firstname middlename (suffix) +$rcmail_config['addressbook_name_listing'] = 0; + +// use this timezone to display date/time +// valid timezone identifers are listed here: php.net/manual/en/timezones.php +// 'auto' will use the browser's timezone settings +$rcmail_config['timezone'] = 'auto'; + +// prefer displaying HTML messages +$rcmail_config['prefer_html'] = true; + +// display remote inline images +// 0 - Never, always ask +// 1 - Ask if sender is not in address book +// 2 - Always show inline images +$rcmail_config['show_images'] = 0; + +// compose html formatted messages by default +// 0 - never, 1 - always, 2 - on reply to HTML message only +$rcmail_config['htmleditor'] = 0; + +// show pretty dates as standard +$rcmail_config['prettydate'] = true; + +// save compose message every 300 seconds (5min) +$rcmail_config['draft_autosave'] = 300; + +// default setting if preview pane is enabled +$rcmail_config['preview_pane'] = false; + +// Mark as read when viewed in preview pane (delay in seconds) +// Set to -1 if messages in preview pane should not be marked as read +$rcmail_config['preview_pane_mark_read'] = 0; + +// Clear Trash on logout +$rcmail_config['logout_purge'] = false; + +// Compact INBOX on logout +$rcmail_config['logout_expunge'] = false; + +// Display attached images below the message body +$rcmail_config['inline_images'] = true; + +// Encoding of long/non-ascii attachment names: +// 0 - Full RFC 2231 compatible +// 1 - RFC 2047 for 'name' and RFC 2231 for 'filename' parameter (Thunderbird's default) +// 2 - Full 2047 compatible +$rcmail_config['mime_param_folding'] = 1; + +// Set true if deleted messages should not be displayed +// This will make the application run slower +$rcmail_config['skip_deleted'] = false; + +// Set true to Mark deleted messages as read as well as deleted +// False means that a message's read status is not affected by marking it as deleted +$rcmail_config['read_when_deleted'] = true; + +// Set to true to never delete messages immediately +// Use 'Purge' to remove messages marked as deleted +$rcmail_config['flag_for_deletion'] = false; + +// Default interval for keep-alive/check-recent requests (in seconds) +// Must be greater than or equal to 'min_keep_alive' and less than 'session_lifetime' +$rcmail_config['keep_alive'] = 60; + +// If true all folders will be checked for recent messages +$rcmail_config['check_all_folders'] = false; + +// If true, after message delete/move, the next message will be displayed +$rcmail_config['display_next'] = false; + +// 0 - Do not expand threads +// 1 - Expand all threads automatically +// 2 - Expand only threads with unread messages +$rcmail_config['autoexpand_threads'] = 0; + +// When replying place cursor above original message (top posting) +$rcmail_config['top_posting'] = false; + +// When replying strip original signature from message +$rcmail_config['strip_existing_sig'] = true; + +// Show signature: +// 0 - Never +// 1 - Always +// 2 - New messages only +// 3 - Forwards and Replies only +$rcmail_config['show_sig'] = 1; + +// When replying or forwarding place sender's signature above existing message +$rcmail_config['sig_above'] = false; + +// Use MIME encoding (quoted-printable) for 8bit characters in message body +$rcmail_config['force_7bit'] = false; + +// Defaults of the search field configuration. +// The array can contain a per-folder list of header fields which should be considered when searching +// The entry with key '*' stands for all folders which do not have a specific list set. +// Please note that folder names should to be in sync with $rcmail_config['default_folders'] +$rcmail_config['search_mods'] = null; // Example: array('*' => array('subject'=>1, 'from'=>1), 'Sent' => array('subject'=>1, 'to'=>1)); + +// Defaults of the addressbook search field configuration. +$rcmail_config['addressbook_search_mods'] = null; // Example: array('name'=>1, 'firstname'=>1, 'surname'=>1, 'email'=>1, '*'=>1); + +// 'Delete always' +// This setting reflects if mail should be always deleted +// when moving to Trash fails. This is necessary in some setups +// when user is over quota and Trash is included in the quota. +$rcmail_config['delete_always'] = false; + +// Directly delete messages in Junk instead of moving to Trash +$rcmail_config['delete_junk'] = true; + +// Behavior if a received message requests a message delivery notification (read receipt) +// 0 = ask the user, 1 = send automatically, 2 = ignore (never send or ask) +// 3 = send automatically if sender is in addressbook, otherwise ask the user +// 4 = send automatically if sender is in addressbook, otherwise ignore +$rcmail_config['mdn_requests'] = 0; + +// Return receipt checkbox default state +$rcmail_config['mdn_default'] = 0; + +// Delivery Status Notification checkbox default state +$rcmail_config['dsn_default'] = 0; + +// Place replies in the folder of the message being replied to +$rcmail_config['reply_same_folder'] = false; + +// Sets default mode of Forward feature to "forward as attachment" +$rcmail_config['forward_attachment'] = false; + +// Defines address book (internal index) to which new contacts will be added +// By default it is the first writeable addressbook. +// Note: Use '0' for built-in address book. +$rcmail_config['default_addressbook'] = null; + +// Enables spell checking before sending a message. +$rcmail_config['spellcheck_before_send'] = false; + +// Skip alternative email addresses in autocompletion (show one address per contact) +$rcmail_config['autocomplete_single'] = false; + +// Default font for composed HTML message. +// Supported values: Andale Mono, Arial, Arial Black, Book Antiqua, Courier New, +// Georgia, Helvetica, Impact, Tahoma, Terminal, Times New Roman, Trebuchet MS, Verdana +$rcmail_config['default_font'] = ''; + +// end of config file diff --git a/install/ubuntu/14.10/roundcube/vesta.php b/install/ubuntu/14.10/roundcube/vesta.php new file mode 100644 index 000000000..8fb202a44 --- /dev/null +++ b/install/ubuntu/14.10/roundcube/vesta.php @@ -0,0 +1,62 @@ + + */ + + function password_save($curpass, $passwd) + { + $rcmail = rcmail::get_instance(); + $vesta_host = $rcmail->config->get('password_vesta_host'); + + if (empty($vesta_host)) + { + $vesta_host = 'localhost'; + } + + $vesta_port = $rcmail->config->get('password_vesta_port'); + if (empty($vesta_port)) + { + $vesta_port = '8083'; + } + + $postvars = array( + 'email' => $_SESSION['username'], + 'password' => $curpass, + 'new' => $passwd + ); + + $postdata = http_build_query($postvars); + + $send = 'POST /reset/mail/ HTTP/1.1' . PHP_EOL; + $send .= 'Host: ' . $vesta_host . PHP_EOL; + $send .= 'User-Agent: PHP Script' . PHP_EOL; + $send .= 'Content-length: ' . strlen($postdata) . PHP_EOL; + $send .= 'Content-type: application/x-www-form-urlencoded' . PHP_EOL; + $send .= 'Connection: close' . PHP_EOL; + $send .= PHP_EOL; + $send .= $postdata . PHP_EOL . PHP_EOL; + + $fp = fsockopen('ssl://' . $vesta_host, $vesta_port); + fputs($fp, $send); + $result = fread($fp, 2048); + fclose($fp); + + $fp = fopen("/tmp/roundcube.log", 'w'); + fwrite($fp, "test ok"); + fwrite($fp, "\n"); + fclose($fp); + + + if(strpos($result, 'ok') && !strpos($result, 'error')) + { + return PASSWORD_SUCCESS; + } + else { + return PASSWORD_ERROR; + } + + } diff --git a/install/ubuntu/14.10/sudo/admin b/install/ubuntu/14.10/sudo/admin new file mode 100644 index 000000000..47e16098c --- /dev/null +++ b/install/ubuntu/14.10/sudo/admin @@ -0,0 +1,7 @@ +# Created by vesta installer +Defaults env_keep="VESTA" +Defaults:admin !syslog +Defaults:admin !requiretty + +admin ALL=(ALL) ALL +admin ALL=NOPASSWD:/usr/local/vesta/bin/* diff --git a/install/ubuntu/14.10/templates.tar.gz b/install/ubuntu/14.10/templates.tar.gz new file mode 100644 index 0000000000000000000000000000000000000000..ce385d269736561780cb42d07b447572cebc7831 GIT binary patch literal 12935 zcmb8URZyHw7p{#YxCM6!?iL`pyF0-l1b6qr-ARz(?ruQ`4^D7`y9DZuAm^Lf{USGsP}RK+Ga`Vs-jJz6Gn9?|BB0`1J6{51&0u1-A(wAoe9`E z6vFFF9$veAdvSRue)_)Gm@QM;@XM>>0=l8*YwY(9{W9)%`RepE;+hLbGq^pv&)ZB8 z+UJ~^_R)U-TTXk!Dy_wd_uoOXH4L}g?^PzZPuwP_giL3A>ZWfDXn-)&+Nm*ctt9Ro zzkcM%b@(K34skWxW)xsdtReG-76iG!9zTrl!oGPF7;opAZ02sl{ChtK1-k6$74E0VejNdmSy38^P3J)Cf1-Zx6e}P#H|JTn7qDvR7!;<+EIe1bS^)*sfD>N50hnQeUnWn zFzTjnL@U1lj|+WjgiikibRW$cPRdAL&8qe8hhbL;eScs!{aa2e*ND-B@$C?!=FCH< z^~s6$i*H`*kGD%$(}!nN!-i^SK>feAX?tMl#;i>zYY8Z`ECzfKVqt*R8<=8~zX--| zp;5yq0um(a)tI)s77x-MFxzhqcEg>lUcYlUq3I%=BpHOc@9K0o`I|be`;KOZlPvIB zYPgu1K~sfidwaY51A@~Wj7>yn42>vAGk#;tx;$*i{Tj6kqc=v+*(I%@AYAhrX~N;| zsVvA7PqoV(G?;0HJg6vh&eRaE17Z&1XD^^m<9eM*0(N776F=<%FzIiF?uy&r%&Ith z($#hX`j!7uj9H2R{rU{N=PLxlanOBhsI7S?)T^%aha@c0@_qh;CBcDNWES-e-~)fv zKigBvPb(cGbwntTr}EF(Q@xXKhVB`e-a8%S*l`ESQcI($yR@DW58K>x`0eP=t{3FKGSRo{uR6e(#H$&Qk ziC(*DUd~E%L)b3adpbv^tUcfN-g!`|C&cJ1X1#Uf_)CxL)Nh*j`pF^P*h863`SqXQ zg13_gtU|4xc-=An4!LsgqoX7@RS6zE)~IG#7NVepDyvEys@ z*$PQ2+eaoBb0@g~!FfY{w&eW}2otfFH4Awx?+i4UTqKU9Msn|(jpkA`XF_p8f*;Gn z9L1&GhDc|*yuCLG-|=WcA)WpAU9RB1w;Ngfulms@WDka*s@ijS2qmv<#;))b^5lUU z=HFlCf<5Rae4^TxH~n=d+@}UT>ttwW+H7C9wHUk!zS2}Jn0%FsMP>-nm`%?Dvs3yy z??763L80Q*Rh#*37V&&Ki%&c8iRi;i0)q|h~vc@%bYbL1kN>=-s0)-cON^Yodi1Kp3KXZ?pJLJKh-(zS?3;W z_;?d?YEg^fIWXfiX5v%K>gFrBUWMWDt8$u757-_T*qr;5k05jG{9I(tE=SDl>LwbTE`79%21I)E>;jq#e6Zxg-5dBfX*LMqh0umSQ2o-uO{D#!-7F0 zt~unv(iXbV2M^9c5n7c7K$B>N6pd^P*}&%wtiwWZ{bfP9OHXMTl08vcbFrD z(tHawlPyRE$*!c`0m7l-Pvp5Q_Pat{0~Dh_4gZd`l}u@}M4~mv&SmMuS7^r%Wn~uq zDqKZF+?smlPthH3MLeow@zTVFU>x21VNhNwDk8cvhNkl@+9BPK*!M5L&+R0kee~yQ zPn}B|<6e{AKH)Dhip&S|Jk~lF8B&Q#0*H@e3Bvustg<_4jnw0wH|&nuh)5ZYv$8&$ ze0Ps<)-;-cSR$PHPBrE|Ixj&aUhNGLjt0Aq!;`_w4)LBhBGJL`c_AgtI_u458364a zyI=%x%|FrU9>hVO4BemNuI-QD|F$&GD+1kr=U;d8=%_LxVT@ayQ(F-=;QMZ8{vPKJ z?ukakSmd&E-!Ni-8iY&<_rjv>IVyWs?P&0iTHJnl&X`v}Ay>DqpoHQQ|s!d4G~E&r^`Y6YC@j@?kZMe1n5pC=`GcHJkG3W z5(?_>(qygL-S8?#O53fJl>}U2-MV%B57eWX!ymAeW%H;a+XqP)dTi2skTBzi%<~2v zxlZq}1SFPfDBdt;T&1y&x9|sD9Jxk2ZNhDT*5KkF`&pBM=fd07G|I9UGqc361TVIe zu~^RmxsUz2H)gt=vuhw!&|Iu^iP00M8eu^so#6dZ{g0D)KGogXh?!@MOR(*FPJ zm7qA-wlYTl3Ry^A)jHQYopA;vvH^9bKuyLG6wq>q zff!S2f&Z?Ll@N}|C=^mQKx9K!T-|pb*-AC)O|Kl<9aVNL&i@srzYQ29#R6!tZ`<$b z9>u@B3(S56Z9o4_A-eLUV|bMh@qMMb;JdPZ>nQxe>hUNZ3-}<8zqsJOi0>oq%%^iK zgwuWD2!@{=K@GIQaRF`~C42HM7$3pJ9%%tn3G; z?H;2Ge(>) z(=BPRn!e6)!2SX0KT1|(*)tWB!xgAc7>gIa=nR)oEH}?x#mJ+v?r^)}N2K4KAUbp| zUIj@q`cHAY4MrV4-i0#WQO>kjAdSD!O)9qY=Kg){Hv9bLl4r)fX1c8}BbsnYXI&2a z-^AuMfeo6ktzS=Z4dGsm^NHrTz26bpuX|5!jTfhTXKY)DSkHh152l+0`{(ixt-1}< zbcxD|X}Cn6+$4PvCs#n;9KHU?Soz__!yta#1Fk=gL{xHKT-`$@o%Z&QZUo=_fucBO zX%X!4T*$@URhRLQU5g(O5n}p!`F-s6VLJ~3jNC$DE>%Av|CPUCKphIW{HM!N>214K zPLRXxw<5aqh{A0-l&*iU2347mnmw?Rn==6ZFB&hAyorD^TD|_0m(2&&eOIaOu&{7A zbPBcNTLx1@-!|#9Vwn8d(ZN%9`jOL}MzkbP^qjAccW|JGyPrY7h&2umnN#_^dJHF{ zOB{p}ar*T6YLnODjtbtG58(3x8uaFBaL_YcVMA1+oq!J!4lPK))@Z}FDp|+LiYu@a zDhcT0{)c>eSVllD2-xGI$zn3BGz3RAl6R;i~4yG{UyOwT+XbQ(0Z@>8mFH@g7 ziUCEdW5>xZ$>UU4&YUx``3njQnH$%4&*_t&6rTdA_NWq~-QO(L#++e~3_y&ICmW%t zwWuzG&5QL5lUHGu$Xdoe#VF1nGjK3PhBB?zbg|kK*L3bD5>X0@dtyFXo9$yU$eDCS z4m8s#jO;GzQ$(VviZ;qIHPv1O1oDF@%(3Mc&y8!AGYYcw8C!53XW|V?A4U1i89d8a zfHX$Tg~$=r)@Hu7S=n8B1i5`Uo<;K?)DR|%utBHffOjx;Mb95{kT%i1c@A0%8k!-C zAlzjUf#S1gL==<2N>v@yp}YBg>T>oe_~#l#mF8co8Vh_+AF7$yXdD7`-@C+2Tx#SP zg_Hism7-12$uPu$Te@bYRq1;Mf0)h}Q*6@uS!kel9kq%N=F+6qHJAUSr3YeA_;t`A zCh%rjXP`mw(}pN@%&>NU#darNKr?JOc`Slin%wLcpOy^eS1bn5DoQf9tf97<>@%w) z%U{-vi4mnBwB68v4Vxn^a(f6glwJ08*T;d-oc!R&u!ZHpkVT%51c`h}QAP47|G}9i z%l(M240*qAMlJ786>N;f?A<*Zh1=5-hdCQu!#|WMPdkDu*teb#WqH{{YASc>N3Jz9 ztB{}ldKN$4GK<**IgiC()Q_7cfCavw85koN*v33hRrrRZlVWnjrKowDc$hyZ+rqZW z{<|U7ObZjrp|Na5NU?a0*gCrz@~#if@(4J$UeUkvm4fQC6Qx63h#I4y%7&+B2>5l{GtlExn3}7CZBn4L9P1oLF4yf;MU@j$x@+RDoSE?Yh-W@>dTTdZsAU+bF zzF?DvW%XkO5hs?eGlJ29$s5HoO|krX#8?(?YpFpTRr>qvxV}QWjOQqWspz$DqM4*P zMJoz=^20Q*j+#xJeNn@7T^rt>rZV}yks>B8wU868$B)DYg`^b0F5;7PpUeM6PO{D;%#AZ<&uCMl$~8h4S#zweCGPL%EW-cEa; zlJyhIO{&-**NGLL_jSk*xb7)uabTMVK#i(1P1N;+Z?%O20}+uOHsZyx-Yc!a5G=E; z!5Gf;8xS8kXbja?dj$C)Y=^#aI;@Ss3W}OX_eoWw{5A7}0<87>5!?2jG`b&d%+<`$ zDspmaE6JBW-QeMh?~*;?$t597P1woPcn@>l5@k$LXuZD9^PL|rS8fy55&%RUj)0dF z2aJ>c6)YTj)ejqjkpBg=Y1TJB{cUlAT3%bA5p>-%omgcm=G17f5G#wgE=O}k1jLr9 zv%Ni8o?5_Ejb36EiCs3Ya+6YmcS1Is`X{iLb9iHywh`F2fX&q#aK$-bTV@5=Fg8lT zaz4YJzTbhAV6i|)5CjVfK7g9J!>+pTf2ZAnP#wwiRsmIVAYkHI+(h{i9*AcrL{8$n>IJ~)+8beVHq_}#Sf=o6$M zUrU@c`ulZr#P=?13#d>j^~(&M-ghCH(RFr8ZRV9I8xOc9LV+FnXrek|QRi%}rPf-D zVxiN8+r_?*%cYfEoeQ_dEPrL>EEFvH5i!2R31S1mK1)5lwPv|cPHVbE8l2xRmV4eaqLbfa*X>9N==^WH#klhCO(?7%3)y!SA;LlZO zH+!?ky9K;)R31}&5GIu{@oegzO?w2lbAAE=O=#wvdWh%jI`9GUUi}_Vmy^-iuLUo= z7cn`9O{P#}2AOE9MLZl}_pLw?+7T3!3A*r#(R-EukMCjIVf;RKH zS=q_{rnO-f2yOXXUG6Yo<|R6EF;;q=P&hh-XpJZ%f`QVEzez-Z)K}ef)vbJ=1QO*? zW;gt~BA+TFW}umxS0kGy_%6TOKrZIBUvwlX{-2Qm#!*#Vu=$0NCN`83vi5IA7Ej-* zm-RO(2CH~@APZNj@aD5t{7G_LuE~mO<48WPs?bsj#)O=f;F&QR@D7x^4}WZi*tm8z zSTGy;J45gM?BS~GwtOZ=W-w83IKI-2-etNX?+s`1#3T#EPi z96E!g_>x)Ghe3mq?-l#7sorYH0SZm7eaE_9rS*EQZvrzQ+hTNd%#nDPq@KW_kkAGdp z8bvYu*BrDYc#Jg!zlx)U#Nmm7(JJjKD;^!%;>PPD=6O#d=-t7cf} zA(nJ*jXv5scRMt-A+MqOXRg8^=nBy@c>f}sv{)=s5@#AeYbLW6fJb7orLTP~nY19J z4AXq4cYlMFHcKuN>qY=^-igkn&ae6U;g`o9aQ@$s*7=*a!LQ7X?R#r#>~V_@0`+U< zRqOW~J!-j|y-%MKvDl?>$>J8%z7upPiNEH-Ll|V|GE~KdK6h7PU{Ssc&EAF!CmDD< zC{TT0M{nM&mUpP^%vs0}_3O%-_9QL^y}eG~T^&mQeyj+iV&DP&;p|!2A1;|n2V7yA zVkmb7!ssi?Hj4FE-%ic_WWI39n8JtK$0ECoJg1jp#R7;MbYp2UjGPwlETTx=1XJIO zgykH&9aY^2kbnO%6dKQQKK;Z9u->|A7MsVfCAzCmZ~IlBQb}w}Hq6`2uT+dPAfTq( z6PDv1^Xp~SUbH!c1>+|rj=fL?a~E_m(WH;i_{5%bW=G>`!s;g7kgTb#gSvJzPmTXx z^P*p4t6Wo~8;CcbRMgj)(Uph%^w;>Tyqr3`K(C&f_4yxBD0uTa1EqE>nQJ#ZbeFcZ zfh6Wf$eHd8XVrf1r;FoqssnR91-j#$>)~u_{G`h-aX5s+t*P|*opw^(%pMUR1yqS= zli1wu=@gSZxaFC1St@FR@*1w%7%?Srb>>)UiC4XM zV)x?=sGjGOtx=3A>1)@A{14O+9$C--P~87@&8zZ#+rKtl`M3QGrfYDO{jhz}reg?r zm4-bOn09axOvNT$(>W<~)@?;vzz}vE=0%kTErWU*-?vI)S*Sx`@UOJ~QR6;Gs;DN{ zD0(5(gj?dyVMk6vatr%}J0;}_C%0KaRe^rwOCPc|APbgmtH`y7;b8T;WB8rf7A zjl2?3#Pfykp^-*!#?}5_+cvH^M@Ln*@C{8Q>#WitdID9bOl)S zjPVW{R>8JMiFqiXuU9)}`q21&_vp=ejcVqyXYl8;-bXkbf(!BPO;hl?HeUkp=PCsN z47KK-eutxdc)Rf*1Uo}v7fA^~Wpz;7<|+E~Hsfoup%xD;IpJYJV@N?96LTN>Y3<|0 zY~ft&-s`6>v%uYFYU$(pyHiUhtadBo&u(!{Fsvgj9QEig&|Ji<6>qBnBzQ>J9R=P5MMb`t=J4Y`%7#a zaeXIwq=m^aGw9WB5tU}+3j4mw`weN5OK{n$ej2bzMziC>p^2BqRU+NZL-CRQTSl8R z(foTpQnu2Ui@qpl>?wbryH=q{Jb_8VnTtFdA?%L(=E`l37DL&NROMo3g0e)~h)>=^ zSn?t9THlSrhNyU*ph_<3Zce5~@YJOwlv4=$={o~j>{Gnl>8$i)(K95-Lp+NNig$^$ zd%9KXy3&bDIRMkEm)RGLg(|i8PxW8j69~9f)bNcU>NEIgV zF7`+8Wj7Jec`dZ1$yN1n)1ZT`wR_6GxuC^^Cq|V#xyHcqv%yjc0Tq!R#ltSzLSJQ{ zc=m0dAi?$>cIGSk%4jUPv8S50-*J0$w!P&GL1j5!nN++DxVy9KT{d$v#Y*H8J_0x1 z@*O0878_Xue;im_3q`$hxZJ;Qho>apEraSXu(CSVw?Ou_yNcN z-LG5GmSC4fu&PlAej>$%Twi*N{(7Gm#bS?qy@KZrTz&_tt2?|02uFZwM%{U!q4YI9 zSnWmd^tiMjJvca1I~5AnJH`gBI|2)txBtzqmI$9g4fLX}&s6hfiXv$c+8ZD75i_r6 z{a=8`wCN7Z8sNE@U+(>h;J+H=3sZg+7bs8y11?FtE%$Y9A-@j5TY$3BS=HQACd}-` zNeF0QbV>n8$_-6k7{A%bxhkoz@(`FzCxMh+(o{##EFXBvJfuE_TJRJ0z4MR#R*%yG zNgn)e%hu;~ayiVZdwHV<`PcDm#n-`D6Dw$%H+{tFaZuZHH*SC6SF_zio~!sV6dwaZ z-qAXV;cUj`W3kU?&oEsr3i+6is%3lnbG~pbBu>tEH$NaUPv>!(WUIj>wl{JqfvmhQ ztmsA$<``V~3451dM^@j%fe#$gH={2E-Oj0(!{fyslB!yrp(eX=i;(xifRAvirYps1 zsl0x`)q2Xro@lsoYkm5mOY4v!wk%53#WNgm!R!5UelhE^g$aT_kDzv8<1rfG4(!xA zM-00+4(}=WERwgpfvFN%zfV5W-n<|Xlu|Nmv2NO+CVyOU%CPAsnIfH!Qs(~YKVr4= z2?IU@ReR8vb19_*$%~<{1G%&ME_ojn_|pl zMUaLcGJk*HiO|~OkyC{aOi!0RyS+LUszMqT&PE{($q;aZ*9lCYJ@(p672?t_F_Bjy zUCr=v&5RJv92S~kaj2V8nuc?*l0Z2!xAN!57C9Gx_w?WFNaw*sOl=w!lyK7Wyy}yX zI(d;iHLPnopc=tOyP^IZ^eU4ut90Fl7z%4{@Iy}B_Cf$Vaj$X&pq&ieRP^(DQbk55 zbH5yX{OXbqws7a4sQ(J3l`$2}r7gD@IAPq%D$5CCEr@xsf}@|rl?<^8f3Lc892{_a zADziqLnJOP?C0fwI~je{5M4vWC@vaw^Y1};Oc*Zh=_LAMr?HeVLJ~Dx%mBkM4)_y0 zLmmY0>_cFS2wU*)HH`q)6e`-*tN
JXql@HLvN@Zghx7di_zx{Jl{l=j8>Rd0iuIDly5)|igW-~8Wh{82vJVRya(Gh28$Tg zNYvQTi%N?bCT;d~G|V4#+1?=$n)3*Hxd;vcbUYEFUd2Vb0A2Nu&?ll{P)8UPg|y7h zt|X>^>LNVb{#blXPfp^$?bprv6EHIeJC+ep4Snj{tkXIm5nFTt8ER^2OuVN!m)S0X zvQb6&n|xqJy&%>~Sa#2_Yw!4`{PZWwbk?(I*2wCsAP|b1st=@4l>#FI_0_}g{H+*3$S0l%u3ywW7$1|v! zaSpbH0u!@>L3X&jg3KQY$hH&phHZrY?~(zKk;K(>(uzNUH- zAZr2aY7}3oR5yTsUaxfjflMoKr|}3vF~{kr4v~c0PlCr#@)7#+3hHvro10o+MqFfo zt~mW?mKeRX>@k4lKg0BMFm;nxaf$PA{1_x*m9s`ei8?E;LBeQjPh;<^BC`vhy=8L5 z7V&1ruJ_U4bC3GCMbrm^YMib4{f-))$Pn`w@a>Pczvf0da-TC@FN1z}mO*A+i99yD z?0_qiI--5?Hby9TD1ip5FaHrL{|FqiUo?X}p29l2ChO3TRP!Rgae*d8XFjXt@lt+2 z(l{O@3MS9x?sg^QXz>(gRF%k(P@nrEjix>Us|FT-+Fwyk>$Q|s_U^a(#+sJf>R0Nk`o%iVEFD>Xu zX43CaBLt7SlSZr>sgwQU=RQ?pa1EU9vC%~c0OR;rBBGUX^6$}2?3>@PSr6go;#A(uRDeJ?r@yt7-{CNjWf$})#`?+ zFPi}mLdWU?k8*Asj=i8JW*@(>J$VC6@%xc~i?g{NFuI%b>=Cb=x3dd$gWg89atW(} zpW$UJH1jFz$K_|Mdo@4XPjjfTLC3Gi)5C_Tc`q8ZDaaS`YX<7~dyc5&+<)V>LrNWw zh|!H@H;_j8_QnQ8l%L8S%>>Q6l5&oGx5~mB7`a#+TWdF^-blaz8YHi*1i^s*##_FvY061=ALqeLd@J$ksHKP z6_vt~i+S&GRR-uk{ed{m2-yA_H6$NcWKeg!b{27o$qN>%+`hm|M zjQrW{eCJpuGlA6OeZNfM*=pe}a)<^~85he}>OE)56_#oGj@puBeg(|;|IxYaXiy&W z-AMMgq<11R%N9ux>R`07CGmPg{W}5dS5v*+RO%`%2QJ-e;6wr@WSo`q^vbpL23}{-71LD?wbSfJb|su5Qg-`CAXhJ6+on33>{I+|^K- zwa7vH3&QmHz2^_T7v2|u1D=jPRs7J?tysxYHt}Nodch%A_&)zMU(j;!`Bbyj0TGQZ zgoKK6jAUQ9a@LP44T9G;z`OFrKX#;sY}9qa3lXQEOut~tlYwZ(?ZXJ~+*(Uv8-?OC zK@NPFkb5V}86w*SD@mDPYD@YSWld@SMH-SkDS26r`r#wM>+(6gP5fS^a8F+sQQ$AA z4fhEU3Tg%Pg)azCL0)w80A(D^hvW*Ci3fRZR8*wwYt}`wMO=4aP7;2-&-EBPV(4cC zH*B^a>!6#azD6inJFwDaC@>201+*`Gm|-5GvFBj>dq9HttUjkJrGq6*7Q}3zGXi^! z+6TPWFZ3J%%rLWIfEKuFqgw;~m|n%79-+Vtadf%`#ET?~C{b#zg9h=&%IS%aFFo`# zNz8vjOOT+`_?p3T0XSE|Ij;d14@Pq^7o$@=1#quf2em$bvWY{l25Q3mFo194!B^Wsg34TJo+;u3;H zh)L68Y8_|n67v>dYp`@xip(ip-0eD;*)jEGuvc-g zmy*qWG(*DDS}Ym#Gs_tjzdh+(;~4jRG3r_pG74zmV*LXIOvP)OSizs4Wc%`@)hbqp5NwjpbcWEw62}W!p z*6|8cobtEeznxZ0F6#XOvo1E@jd zVB@0*+6D6lQ4$(WvC9keSb2MA9kh3)cKl`9lI2`X<_~1cx(V?8$?dig&%>`jKhcrH zGOhC<_!_p)3f}RjY-u8T-)7A%ex2|e`Rq7Da7~%Th32T?PtqT*=7(eaSVvv~-XwzU zrcyVdjp8A8p^dJmXd|m`kJnSJW01feAbrsqaPu~szeWfXH#`8EGGv~_Dbt?S*;r3P z+}1k^|A$;`Hk=Q!Cmfl|LH)`E&U7(tYJ?`&ZzQ9ySb(Eg9}x1|R_ir(zeM42xB=w)0Si$1$NjQTY`AjI?K{SLxzowsX7ZMHi$ zLFA$2ZD*1Z4Y)}Z#W9$I5IUBjLTV9>dp?^gk?KBz@EG=l>nNr+5t2=F1r$$z^twyC zNq{ZCUfd`A7U@Z{&xR!>o4_Fi9-f2LSp%6b(gEM6f_|W}=o0nyXB*!)CA5X?cic3J zQfWU@t(aj(LiOCyeCJL?@YViMMpdULAq2o{4EXP50tIP88CBjjggq-9$J2RU%|1>q zpK9HJ|NC{fQ9kR~e+8N762QdQ|MQ{p$7c{aOq^LnAo95Hae$Uw>hrTlC*Tu)^?A$3rSL#CItz$MK1{#+IIg(P~= zJ>=DZL*G&lxs#hoNz(_dN*L8V2j_f`aP`%iuGN*yF>+%qw-)11PM{Ar!r$TT66xe0 zJsjRCsn&DIEa4m7=bPVKn!*bfTNzcp&L<~ax@$1iqFZ}7yN0u?f+oy$MkR(f!+NWZ z(u|hpY)YTt9dFxTw(*2$}hHhUwJ08-EcnsmZ)-)(-JHS9zNH zKz3TfERImV)15?rnW04WX@E~}+rox?xSHL$^QCcO*4XBhp0L50c!+rg6KCGVIEZH< z+t~QG?0*37FdMe)O?Rm8h(vuncDQHxsj;!;~aoa;ky5pJO-1#@P4%gP=#nVflB&Rn9tL>xE=c2rAyI*><1|WYKK{@dlzKc(0vzK>Hzj6;_pI3=EkI&^?r z%~mU;QU1%QT{_gI%1{qhL;4q3N@E!ZSjS;&haPdV+Yz=5OS2lGrd+ev_TcPdT71{*QLSCls~=|+ynm} z-o9y$nn?iQ;7Um&Bp>mzL+}%Dk*DeLQvxUCHP@_(zF`DUGd5J*c*7E^@Y?4B`~c9eHy;l}b<2I*SECD}i)|-wJLnUGN}~_Ce$cmPWlvGO{qt{5 zuU{^}k9m*)tlyx`v5H1FHee|FjReBJAikh=v)yb9Tgln!p#qUigH#v`%S}~@s9fsh z3r`b*c;yokkH11-cCcrp1UWqGkLaQUs|R|BbzRST__8HjWQy%pcMXo=h8P>QhKn9; zszXG5{30ITQ>UfzkHZns5=6fz1B`yd(`Ds2SKN|eYsdXXIlQ%YPN~{AvNMq^gQkvMwNdVoXleSVR zlX;$}T{H>n{;XpA{b=84d{AQVR+*RIQs%f3!|w}zgK1AhRp`0PcGzz%%9-EkmzBK1 zmk2syi~NO4GPKo&JG(qM?Hes)SJK0go@%q&E9t+dkv1g;81K5OrgB8T7_6)BHlYN4 zShcQtoDHhOKluPAYVXEX1hb5NchbG3qfJ{x!h33I--$j;U#;Zp;%Cr#aN}L4XbE^$ zF{juQPJh$?b}jnX0amS$Qkf%&Oix~}CO{HVi&4ajtls!f2O~i!>A+ogm2@VY3;7-s zA=_=+jZ%6^(bY_;okh{_&%ZlwQa6EP7OB$N+iO2ba(^C_TirN2UWkYn@9th + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + SSLRequireSSL + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %docroot% + + + AllowOverride All + + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/14.10/templates/web/apache2/basedir.tpl b/install/ubuntu/14.10/templates/web/apache2/basedir.tpl new file mode 100755 index 000000000..75daf0e10 --- /dev/null +++ b/install/ubuntu/14.10/templates/web/apache2/basedir.tpl @@ -0,0 +1,35 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %docroot% + + + AllowOverride All + + + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/14.10/templates/web/apache2/default.stpl b/install/ubuntu/14.10/templates/web/apache2/default.stpl new file mode 100755 index 000000000..e884a95b9 --- /dev/null +++ b/install/ubuntu/14.10/templates/web/apache2/default.stpl @@ -0,0 +1,40 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + SSLRequireSSL + Options +Includes -Indexes +ExecCGI + + + AllowOverride All + + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/14.10/templates/web/apache2/default.tpl b/install/ubuntu/14.10/templates/web/apache2/default.tpl new file mode 100755 index 000000000..073724ce0 --- /dev/null +++ b/install/ubuntu/14.10/templates/web/apache2/default.tpl @@ -0,0 +1,34 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes +ExecCGI + + + AllowOverride All + + + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/14.10/templates/web/apache2/hosting.stpl b/install/ubuntu/14.10/templates/web/apache2/hosting.stpl new file mode 100755 index 000000000..7a5d7787f --- /dev/null +++ b/install/ubuntu/14.10/templates/web/apache2/hosting.stpl @@ -0,0 +1,49 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + SSLRequireSSL + Options +Includes -Indexes +ExecCGI + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value upload_max_filesize 10M + php_admin_value max_execution_time 20 + php_admin_value post_max_size 8M + php_admin_value memory_limit 32M + php_admin_flag mysql.allow_persistent off + php_admin_flag safe_mode off + php_admin_value session.save_path %home%/%user%/tmp + php_admin_value sendmail_path '/usr/sbin/sendmail -t -i -f %email%' + + + AllowOverride All + + php_admin_value open_basedir %home%/%user%/web:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/14.10/templates/web/apache2/hosting.tpl b/install/ubuntu/14.10/templates/web/apache2/hosting.tpl new file mode 100755 index 000000000..ab844dc74 --- /dev/null +++ b/install/ubuntu/14.10/templates/web/apache2/hosting.tpl @@ -0,0 +1,43 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value upload_max_filesize 10M + php_admin_value max_execution_time 20 + php_admin_value post_max_size 8M + php_admin_value memory_limit 32M + php_admin_flag mysql.allow_persistent off + php_admin_flag safe_mode off + php_admin_value session.save_path %home%/%user%/tmp + php_admin_value sendmail_path '/usr/sbin/sendmail -t -i -f %email%' + + + AllowOverride All + + php_admin_value open_basedir %home%/%user%/web:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/14.10/templates/web/apache2/phpcgi.sh b/install/ubuntu/14.10/templates/web/apache2/phpcgi.sh new file mode 100755 index 000000000..6565e103d --- /dev/null +++ b/install/ubuntu/14.10/templates/web/apache2/phpcgi.sh @@ -0,0 +1,16 @@ +#!/bin/bash +# Adding php wrapper +user="$1" +domain="$2" +ip="$3" +home_dir="$4" +docroot="$5" + +wrapper_script='#!/usr/bin/php-cgi -cphp5-cgi.ini' +wrapper_file="$home_dir/$user/web/$domain/cgi-bin/php" + +echo "$wrapper_script" > $wrapper_file +chown $user:$user $wrapper_file +chmod -f 751 $wrapper_file + +exit 0 diff --git a/install/ubuntu/14.10/templates/web/apache2/phpcgi.stpl b/install/ubuntu/14.10/templates/web/apache2/phpcgi.stpl new file mode 100755 index 000000000..aa5137308 --- /dev/null +++ b/install/ubuntu/14.10/templates/web/apache2/phpcgi.stpl @@ -0,0 +1,35 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + SSLRequireSSL + AllowOverride All + Options +Includes -Indexes +ExecCGI + Action phpcgi-script /cgi-bin/php + + SetHandler phpcgi-script + + + + AllowOverride All + + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/14.10/templates/web/apache2/phpcgi.tpl b/install/ubuntu/14.10/templates/web/apache2/phpcgi.tpl new file mode 100755 index 000000000..a05ff252d --- /dev/null +++ b/install/ubuntu/14.10/templates/web/apache2/phpcgi.tpl @@ -0,0 +1,28 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes +ExecCGI + Action phpcgi-script /cgi-bin/php + + SetHandler phpcgi-script + + + + AllowOverride All + + IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/14.10/templates/web/apache2/phpfcgid.sh b/install/ubuntu/14.10/templates/web/apache2/phpfcgid.sh new file mode 100755 index 000000000..e80582492 --- /dev/null +++ b/install/ubuntu/14.10/templates/web/apache2/phpfcgid.sh @@ -0,0 +1,22 @@ +#!/bin/bash +# Adding php wrapper +user="$1" +domain="$2" +ip="$3" +home_dir="$4" +docroot="$5" + +wrapper_script="#!/bin/sh +PHPRC=/usr/local/lib +export PHPRC +export PHP_FCGI_MAX_REQUESTS=1000 +export PHP_FCGI_CHILDREN=20 +exec /usr/bin/php-cgi +" +wrapper_file="$home_dir/$user/web/$domain/cgi-bin/fcgi-starter" + +echo "$wrapper_script" > $wrapper_file +chown $user:$user $wrapper_file +chmod -f 751 $wrapper_file + +exit 0 diff --git a/install/ubuntu/14.10/templates/web/apache2/phpfcgid.stpl b/install/ubuntu/14.10/templates/web/apache2/phpfcgid.stpl new file mode 100755 index 000000000..622495756 --- /dev/null +++ b/install/ubuntu/14.10/templates/web/apache2/phpfcgid.stpl @@ -0,0 +1,36 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + SSLRequireSSL + AllowOverride All + Options +Includes -Indexes +ExecCGI + + SetHandler fcgid-script + + FCGIWrapper %home%/%user%/web/%domain%/cgi-bin/fcgi-starter .php + + + AllowOverride All + + php_admin_value open_basedir none + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/14.10/templates/web/apache2/phpfcgid.tpl b/install/ubuntu/14.10/templates/web/apache2/phpfcgid.tpl new file mode 100755 index 000000000..5c1f16e20 --- /dev/null +++ b/install/ubuntu/14.10/templates/web/apache2/phpfcgid.tpl @@ -0,0 +1,28 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes +ExecCGI + + SetHandler fcgid-script + + FCGIWrapper %home%/%user%/web/%domain%/cgi-bin/fcgi-starter .php + + + AllowOverride All + + IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/14.10/templates/web/awstats/awstats.tpl b/install/ubuntu/14.10/templates/web/awstats/awstats.tpl new file mode 100755 index 000000000..9a92e0fd4 --- /dev/null +++ b/install/ubuntu/14.10/templates/web/awstats/awstats.tpl @@ -0,0 +1,133 @@ +LogFile="/var/log/%web_system%/domains/%domain%.log" +LogType=W +LogFormat=1 +LogSeparator=" " +SiteDomain="%domain_idn%" +HostAliases="%alias_idn%" +DirData="%home%/%user%/web/%domain%/stats" +DirCgi="/vstats" +DirIcons="/vstats/icon" +AllowToUpdateStatsFromBrowser=0 +AllowFullYearView=2 +EnableLockForUpdate=1 +DNSStaticCacheFile="dnscache.txt" +DNSLastUpdateCacheFile="dnscachelastupdate.txt" +SkipDNSLookupFor="" +AllowAccessFromWebToAuthenticatedUsersOnly=0 +AllowAccessFromWebToFollowingAuthenticatedUsers="" +AllowAccessFromWebToFollowingIPAddresses="" +CreateDirDataIfNotExists=0 +BuildHistoryFormat=text +BuildReportFormat=html +SaveDatabaseFilesWithPermissionsForEveryone=0 +PurgeLogFile=0 +ArchiveLogRecords=0 +KeepBackupOfHistoricFiles=1 +DefaultFile="index.php index.html" +SkipHosts="127.0.0.1 +SkipUserAgents="" +SkipFiles="" +SkipReferrersBlackList="" +OnlyHosts="" +OnlyUserAgents="" +OnlyUsers="" +OnlyFiles="" +NotPageList="css js class gif jpg jpeg png bmp ico rss xml swf" +ValidHTTPCodes="200 304" +ValidSMTPCodes="1 250" +AuthenticatedUsersNotCaseSensitive=0 +URLNotCaseSensitive=0 +URLWithAnchor=0 +URLQuerySeparators="?;" +URLWithQuery=0 +URLWithQueryWithOnlyFollowingParameters="" +URLWithQueryWithoutFollowingParameters="" +URLReferrerWithQuery=0 +WarningMessages=1 +ErrorMessages="" +DebugMessages=0 +NbOfLinesForCorruptedLog=50 +WrapperScript="" +DecodeUA=0 +MiscTrackerUrl="/js/awstats_misc_tracker.js" +UseFramesWhenCGI=1 +DetailedReportsOnNewWindows=1 +Expires=3600 +MaxRowsInHTMLOutput=1000 +Lang="auto" +DirLang="./lang" +ShowMenu=1 +ShowSummary=UVPHB +ShowMonthStats=UVPHB +ShowDaysOfMonthStats=VPHB +ShowDaysOfWeekStats=PHB +ShowHoursStats=PHB +ShowDomainsStats=PHB +ShowHostsStats=PHBL +ShowAuthenticatedUsers=0 +ShowRobotsStats=HBL +ShowWormsStats=0 +ShowEMailSenders=0 +ShowEMailReceivers=0 +ShowSessionsStats=1 +ShowPagesStats=PBEX +ShowFileTypesStats=HB +ShowFileSizesStats=0 +ShowDownloadsStats=HB +ShowOSStats=1 +ShowBrowsersStats=1 +ShowScreenSizeStats=0 +ShowOriginStats=PH +ShowKeyphrasesStats=1 +ShowKeywordsStats=1 +ShowMiscStats=a +ShowHTTPErrorsStats=1 +ShowSMTPErrorsStats=0 +ShowClusterStats=0 +AddDataArrayMonthStats=1 +AddDataArrayShowDaysOfMonthStats=1 +AddDataArrayShowDaysOfWeekStats=1 +AddDataArrayShowHoursStats=1 +IncludeInternalLinksInOriginSection=0 +MaxNbOfDomain = 10 +MinHitDomain = 1 +MaxNbOfHostsShown = 10 +MinHitHost = 1 +MaxNbOfLoginShown = 10 +MinHitLogin = 1 +MaxNbOfRobotShown = 10 +MinHitRobot = 1 +MaxNbOfDownloadsShown = 10 +MinHitDownloads = 1 +MaxNbOfPageShown = 10 +MinHitFile = 1 +MaxNbOfOsShown = 10 +MinHitOs = 1 +MaxNbOfBrowsersShown = 10 +MinHitBrowser = 1 +MaxNbOfScreenSizesShown = 5 +MinHitScreenSize = 1 +MaxNbOfWindowSizesShown = 5 +MinHitWindowSize = 1 +MaxNbOfRefererShown = 10 +MinHitRefer = 1 +MaxNbOfKeyphrasesShown = 10 +MinHitKeyphrase = 1 +MaxNbOfKeywordsShown = 10 +MinHitKeyword = 1 +MaxNbOfEMailsShown = 20 +MinHitEMail = 1 +FirstDayOfWeek=0 +ShowFlagLinks="" +ShowLinksOnUrl=1 +UseHTTPSLinkForUrl="" +MaxLengthOfShownURL=64 +HTMLHeadSection="" +HTMLEndSection="" +MetaRobot=0 +Logo="awstats_logo6.png" +LogoLink="http://awstats.sourceforge.net" +BarWidth = 260 +BarHeight = 90 +StyleSheet="" +ExtraTrackedRowsLimit=500 diff --git a/install/ubuntu/14.10/templates/web/awstats/index.tpl b/install/ubuntu/14.10/templates/web/awstats/index.tpl new file mode 100755 index 000000000..9df9bb5cb --- /dev/null +++ b/install/ubuntu/14.10/templates/web/awstats/index.tpl @@ -0,0 +1,10 @@ + + + + Awstats log analyzer + + + + + + diff --git a/install/ubuntu/14.10/templates/web/awstats/nav.tpl b/install/ubuntu/14.10/templates/web/awstats/nav.tpl new file mode 100755 index 000000000..f29bed68b --- /dev/null +++ b/install/ubuntu/14.10/templates/web/awstats/nav.tpl @@ -0,0 +1,23 @@ + + + Awstats navigation + + + + + + + + +
vesta
+ +
+
+ + diff --git a/install/ubuntu/14.10/templates/web/nginx/caching.sh b/install/ubuntu/14.10/templates/web/nginx/caching.sh new file mode 100755 index 000000000..6eb9126db --- /dev/null +++ b/install/ubuntu/14.10/templates/web/nginx/caching.sh @@ -0,0 +1,12 @@ +#!/bin/bash + +user=$1 +domain=$2 +ip=$3 +home=$4 +docroot=$5 + +str="proxy_cache_path /var/cache/nginx/$domain levels=2" +str="$str keys_zone=$domain:10m inactive=60m max_size=512m;" +echo "$str" >> /etc/nginx/conf.d/01_caching_pool.conf + diff --git a/install/ubuntu/14.10/templates/web/nginx/caching.stpl b/install/ubuntu/14.10/templates/web/nginx/caching.stpl new file mode 100755 index 000000000..ca6cffe32 --- /dev/null +++ b/install/ubuntu/14.10/templates/web/nginx/caching.stpl @@ -0,0 +1,44 @@ +server { + listen %ip%:%proxy_ssl_port%; + server_name %domain_idn% %alias_idn%; + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass http://%ip%:%web_port%; + + proxy_cache cache; + proxy_cache_valid 15m; + proxy_cache_valid 404 1m; + proxy_no_cache $no_cache; + proxy_cache_bypass $no_cache; + proxy_cache_bypass $cookie_session $http_x_update; + + location ~* ^.+\.(%proxy_extentions%)$ { + proxy_cache off; + root %docroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass http://%ip%:%web_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.10/templates/web/nginx/caching.tpl b/install/ubuntu/14.10/templates/web/nginx/caching.tpl new file mode 100755 index 000000000..36761b65c --- /dev/null +++ b/install/ubuntu/14.10/templates/web/nginx/caching.tpl @@ -0,0 +1,41 @@ +server { + listen %ip%:%proxy_port%; + server_name %domain_idn% %alias_idn%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass http://%ip%:%web_port%; + + proxy_cache cache; + proxy_cache_valid 15m; + proxy_cache_valid 404 1m; + proxy_no_cache $no_cache; + proxy_cache_bypass $no_cache; + proxy_cache_bypass $cookie_session $http_x_update; + + location ~* ^.+\.(%proxy_extentions%)$ { + proxy_cache off; + root %docroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass http://%ip%:%web_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.10/templates/web/nginx/default.stpl b/install/ubuntu/14.10/templates/web/nginx/default.stpl new file mode 100755 index 000000000..fa5380606 --- /dev/null +++ b/install/ubuntu/14.10/templates/web/nginx/default.stpl @@ -0,0 +1,36 @@ +server { + listen %ip%:%proxy_ssl_port%; + server_name %domain_idn% %alias_idn%; + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass https://%ip%:%web_ssl_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %sdocroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass https://%ip%:%web_ssl_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} + diff --git a/install/ubuntu/14.10/templates/web/nginx/default.tpl b/install/ubuntu/14.10/templates/web/nginx/default.tpl new file mode 100755 index 000000000..4d5c774bc --- /dev/null +++ b/install/ubuntu/14.10/templates/web/nginx/default.tpl @@ -0,0 +1,33 @@ +server { + listen %ip%:%proxy_port%; + server_name %domain_idn% %alias_idn%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass http://%ip%:%web_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %docroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass http://%ip%:%web_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} + diff --git a/install/ubuntu/14.10/templates/web/nginx/hosting.sh b/install/ubuntu/14.10/templates/web/nginx/hosting.sh new file mode 100755 index 000000000..eeed37ef9 --- /dev/null +++ b/install/ubuntu/14.10/templates/web/nginx/hosting.sh @@ -0,0 +1,11 @@ +#!/bin/bash +# Changing public_html permission +user="$1" +domain="$2" +ip="$3" +home_dir="$4" +docroot="$5" + +chmod 755 $docroot + +exit 0 diff --git a/install/ubuntu/14.10/templates/web/nginx/hosting.stpl b/install/ubuntu/14.10/templates/web/nginx/hosting.stpl new file mode 100755 index 000000000..d778d6333 --- /dev/null +++ b/install/ubuntu/14.10/templates/web/nginx/hosting.stpl @@ -0,0 +1,38 @@ +server { + listen %ip%:%proxy_ssl_port%; + server_name %domain_idn% %alias_idn%; + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass https://%ip%:%web_ssl_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %sdocroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass https://%ip%:%web_ssl_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + disable_symlinks if_not_owner from=%docroot%; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} + diff --git a/install/ubuntu/14.10/templates/web/nginx/hosting.tpl b/install/ubuntu/14.10/templates/web/nginx/hosting.tpl new file mode 100755 index 000000000..15961c95c --- /dev/null +++ b/install/ubuntu/14.10/templates/web/nginx/hosting.tpl @@ -0,0 +1,35 @@ +server { + listen %ip%:%proxy_port%; + server_name %domain_idn% %alias_idn%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass http://%ip%:%web_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %docroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass http://%ip%:%web_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + disable_symlinks if_not_owner from=%docroot%; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} + diff --git a/install/ubuntu/14.10/templates/web/nginx/php5-fpm/cms_made_simple.stpl b/install/ubuntu/14.10/templates/web/nginx/php5-fpm/cms_made_simple.stpl new file mode 100644 index 000000000..01d82b603 --- /dev/null +++ b/install/ubuntu/14.10/templates/web/nginx/php5-fpm/cms_made_simple.stpl @@ -0,0 +1,51 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php?page=$request_uri; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.10/templates/web/nginx/php5-fpm/cms_made_simple.tpl b/install/ubuntu/14.10/templates/web/nginx/php5-fpm/cms_made_simple.tpl new file mode 100644 index 000000000..af452d19f --- /dev/null +++ b/install/ubuntu/14.10/templates/web/nginx/php5-fpm/cms_made_simple.tpl @@ -0,0 +1,47 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php?page=$request_uri; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.10/templates/web/nginx/php5-fpm/codeigniter2.stpl b/install/ubuntu/14.10/templates/web/nginx/php5-fpm/codeigniter2.stpl new file mode 100644 index 000000000..a592a652d --- /dev/null +++ b/install/ubuntu/14.10/templates/web/nginx/php5-fpm/codeigniter2.stpl @@ -0,0 +1,56 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location = /index.php { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME /var/www/html/ci$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location ~ \.php$ { + return 444; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.10/templates/web/nginx/php5-fpm/codeigniter2.tpl b/install/ubuntu/14.10/templates/web/nginx/php5-fpm/codeigniter2.tpl new file mode 100644 index 000000000..9b955aa6a --- /dev/null +++ b/install/ubuntu/14.10/templates/web/nginx/php5-fpm/codeigniter2.tpl @@ -0,0 +1,52 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location = /index.php { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME /var/www/html/ci$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location ~ \.php$ { + return 444; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.10/templates/web/nginx/php5-fpm/codeigniter3.stpl b/install/ubuntu/14.10/templates/web/nginx/php5-fpm/codeigniter3.stpl new file mode 100644 index 000000000..4d330d34f --- /dev/null +++ b/install/ubuntu/14.10/templates/web/nginx/php5-fpm/codeigniter3.stpl @@ -0,0 +1,51 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.10/templates/web/nginx/php5-fpm/codeigniter3.tpl b/install/ubuntu/14.10/templates/web/nginx/php5-fpm/codeigniter3.tpl new file mode 100644 index 000000000..1f446e5d3 --- /dev/null +++ b/install/ubuntu/14.10/templates/web/nginx/php5-fpm/codeigniter3.tpl @@ -0,0 +1,47 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.10/templates/web/nginx/php5-fpm/datalife_engine.stpl b/install/ubuntu/14.10/templates/web/nginx/php5-fpm/datalife_engine.stpl new file mode 100644 index 000000000..d1b5bcd24 --- /dev/null +++ b/install/ubuntu/14.10/templates/web/nginx/php5-fpm/datalife_engine.stpl @@ -0,0 +1,122 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + rewrite "^/page/([0-9]+)(/?)$" /index.php?cstart=$1 last; + + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&cstart=$5&news_name=$6&seourl=$6 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/print:page,([0-9]+),(.*).html(/?)+$" /engine/print.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_name=$4&seourl=$4 last; + + rewrite "^/([^.]+)/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$4&news_page=$2&cstart=$3&seourl=$5&seocat=$1 last; + rewrite "^/([^.]+)/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$2&seourl=$4&seocat=$1 last; + rewrite "^/([^.]+)/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$2&newsid=$3&seourl=$4&seocat=$1 last; + rewrite "^/([^.]+)/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&seourl=$3&seocat=$1 last; + + rewrite "^/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$1&cstart=$2&seourl=$4 last; + rewrite "^/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&news_page=$1&seourl=$3 last; + rewrite "^/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$1&newsid=$2&seourl=$3 last; + rewrite "^/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$1&seourl=$2 last; + + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2&day=$3 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&day=$3&cstart=$4 last; + + rewrite "^/([0-9]{4})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2 last; + rewrite "^/([0-9]{4})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&cstart=$3 last; + + rewrite "^/([0-9]{4})(/?)+$" /index.php?year=$1 last; + rewrite "^/([0-9]{4})/page/([0-9]+)(/?)+$" /index.php?year=$1&cstart=$2 last; + + rewrite "^/tags/([^/]*)(/?)+$" /index.php?do=tags&tag=$1 last; + rewrite "^/tags/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=tags&tag=$1&cstart=$2 last; + + rewrite "^/xfsearch/([^/]*)(/?)+$" /index.php?do=xfsearch&xf=$1 last; + rewrite "^/xfsearch/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=xfsearch&xf=$1&cstart=$2 last; + + rewrite "^/user/([^/]*)/rss.xml$" /engine/rss.php?subaction=allnews&user=$1 last; + rewrite "^/user/([^/]*)(/?)+$" /index.php?subaction=userinfo&user=$1 last; + rewrite "^/user/([^/]*)/page/([0-9]+)(/?)+$" /index.php?subaction=userinfo&user=$1&cstart=$2 last; + rewrite "^/user/([^/]*)/news(/?)+$" /index.php?subaction=allnews&user=$1 last; + rewrite "^/user/([^/]*)/news/page/([0-9]+)(/?)+$" /index.php?subaction=allnews&user=$1&cstart=$2 last; + rewrite "^/user/([^/]*)/news/rss.xml(/?)+$" /engine/rss.php?subaction=allnews&user=$1 last; + + rewrite "^/lastnews(/?)+$" /index.php?do=lastnews last; + rewrite "^/lastnews/page/([0-9]+)(/?)+$" /index.php?do=lastnews&cstart=$1 last; + + rewrite "^/catalog/([^/]*)/rss.xml$" /engine/rss.php?catalog=$1 last; + rewrite "^/catalog/([^/]*)(/?)+$" /index.php?catalog=$1 last; + rewrite "^/catalog/([^/]*)/page/([0-9]+)(/?)+$" /index.php?catalog=$1&cstart=$2 last; + + rewrite "^/newposts(/?)+$" /index.php?subaction=newposts last; + rewrite "^/newposts/page/([0-9]+)(/?)+$" /index.php?subaction=newposts&cstart=$1 last; + + rewrite "^/favorites(/?)+$" /index.php?do=favorites last; + rewrite "^/favorites/page/([0-9]+)(/?)+$" /index.php?do=favorites&cstart=$1 last; + + rewrite "^/rules.html$" /index.php?do=rules last; + rewrite "^/statistics.html$" /index.php?do=stats last; + rewrite "^/addnews.html$" /index.php?do=addnews last; + rewrite "^/rss.xml$" /engine/rss.php last; + rewrite "^/sitemap.xml$" /uploads/sitemap.xml last; + + if (!-d $request_filename) { + rewrite "^/([^.]+)/page/([0-9]+)(/?)+$" /index.php?do=cat&category=$1&cstart=$2 last; + rewrite "^/([^.]+)/?$" /index.php?do=cat&category=$1 last; + } + + if (!-f $request_filename) { + rewrite "^/([^.]+)/rss.xml$" /engine/rss.php?do=cat&category=$1 last; + rewrite "^/page,([0-9]+),([^/]+).html$" /index.php?do=static&page=$2&news_page=$1 last; + rewrite "^/print:([^/]+).html$" /engine/print.php?do=static&page=$1 last; + } + + if (!-f $request_filename) { + rewrite "^/([^/]+).html$" /index.php?do=static&page=$1 last; + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.10/templates/web/nginx/php5-fpm/datalife_engine.tpl b/install/ubuntu/14.10/templates/web/nginx/php5-fpm/datalife_engine.tpl new file mode 100644 index 000000000..ff33c2325 --- /dev/null +++ b/install/ubuntu/14.10/templates/web/nginx/php5-fpm/datalife_engine.tpl @@ -0,0 +1,118 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + rewrite "^/page/([0-9]+)(/?)$" /index.php?cstart=$1 last; + + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&cstart=$5&news_name=$6&seourl=$6 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/print:page,([0-9]+),(.*).html(/?)+$" /engine/print.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_name=$4&seourl=$4 last; + + rewrite "^/([^.]+)/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$4&news_page=$2&cstart=$3&seourl=$5&seocat=$1 last; + rewrite "^/([^.]+)/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$2&seourl=$4&seocat=$1 last; + rewrite "^/([^.]+)/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$2&newsid=$3&seourl=$4&seocat=$1 last; + rewrite "^/([^.]+)/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&seourl=$3&seocat=$1 last; + + rewrite "^/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$1&cstart=$2&seourl=$4 last; + rewrite "^/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&news_page=$1&seourl=$3 last; + rewrite "^/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$1&newsid=$2&seourl=$3 last; + rewrite "^/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$1&seourl=$2 last; + + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2&day=$3 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&day=$3&cstart=$4 last; + + rewrite "^/([0-9]{4})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2 last; + rewrite "^/([0-9]{4})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&cstart=$3 last; + + rewrite "^/([0-9]{4})(/?)+$" /index.php?year=$1 last; + rewrite "^/([0-9]{4})/page/([0-9]+)(/?)+$" /index.php?year=$1&cstart=$2 last; + + rewrite "^/tags/([^/]*)(/?)+$" /index.php?do=tags&tag=$1 last; + rewrite "^/tags/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=tags&tag=$1&cstart=$2 last; + + rewrite "^/xfsearch/([^/]*)(/?)+$" /index.php?do=xfsearch&xf=$1 last; + rewrite "^/xfsearch/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=xfsearch&xf=$1&cstart=$2 last; + + rewrite "^/user/([^/]*)/rss.xml$" /engine/rss.php?subaction=allnews&user=$1 last; + rewrite "^/user/([^/]*)(/?)+$" /index.php?subaction=userinfo&user=$1 last; + rewrite "^/user/([^/]*)/page/([0-9]+)(/?)+$" /index.php?subaction=userinfo&user=$1&cstart=$2 last; + rewrite "^/user/([^/]*)/news(/?)+$" /index.php?subaction=allnews&user=$1 last; + rewrite "^/user/([^/]*)/news/page/([0-9]+)(/?)+$" /index.php?subaction=allnews&user=$1&cstart=$2 last; + rewrite "^/user/([^/]*)/news/rss.xml(/?)+$" /engine/rss.php?subaction=allnews&user=$1 last; + + rewrite "^/lastnews(/?)+$" /index.php?do=lastnews last; + rewrite "^/lastnews/page/([0-9]+)(/?)+$" /index.php?do=lastnews&cstart=$1 last; + + rewrite "^/catalog/([^/]*)/rss.xml$" /engine/rss.php?catalog=$1 last; + rewrite "^/catalog/([^/]*)(/?)+$" /index.php?catalog=$1 last; + rewrite "^/catalog/([^/]*)/page/([0-9]+)(/?)+$" /index.php?catalog=$1&cstart=$2 last; + + rewrite "^/newposts(/?)+$" /index.php?subaction=newposts last; + rewrite "^/newposts/page/([0-9]+)(/?)+$" /index.php?subaction=newposts&cstart=$1 last; + + rewrite "^/favorites(/?)+$" /index.php?do=favorites last; + rewrite "^/favorites/page/([0-9]+)(/?)+$" /index.php?do=favorites&cstart=$1 last; + + rewrite "^/rules.html$" /index.php?do=rules last; + rewrite "^/statistics.html$" /index.php?do=stats last; + rewrite "^/addnews.html$" /index.php?do=addnews last; + rewrite "^/rss.xml$" /engine/rss.php last; + rewrite "^/sitemap.xml$" /uploads/sitemap.xml last; + + if (!-d $request_filename) { + rewrite "^/([^.]+)/page/([0-9]+)(/?)+$" /index.php?do=cat&category=$1&cstart=$2 last; + rewrite "^/([^.]+)/?$" /index.php?do=cat&category=$1 last; + } + + if (!-f $request_filename) { + rewrite "^/([^.]+)/rss.xml$" /engine/rss.php?do=cat&category=$1 last; + rewrite "^/page,([0-9]+),([^/]+).html$" /index.php?do=static&page=$2&news_page=$1 last; + rewrite "^/print:([^/]+).html$" /engine/print.php?do=static&page=$1 last; + } + + if (!-f $request_filename) { + rewrite "^/([^/]+).html$" /index.php?do=static&page=$1 last; + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.10/templates/web/nginx/php5-fpm/default.stpl b/install/ubuntu/14.10/templates/web/nginx/php5-fpm/default.stpl new file mode 100644 index 000000000..a68c99861 --- /dev/null +++ b/install/ubuntu/14.10/templates/web/nginx/php5-fpm/default.stpl @@ -0,0 +1,50 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.10/templates/web/nginx/php5-fpm/default.tpl b/install/ubuntu/14.10/templates/web/nginx/php5-fpm/default.tpl new file mode 100644 index 000000000..b143e53ba --- /dev/null +++ b/install/ubuntu/14.10/templates/web/nginx/php5-fpm/default.tpl @@ -0,0 +1,46 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.10/templates/web/nginx/php5-fpm/dokuwiki.stpl b/install/ubuntu/14.10/templates/web/nginx/php5-fpm/dokuwiki.stpl new file mode 100644 index 000000000..27483cd8c --- /dev/null +++ b/install/ubuntu/14.10/templates/web/nginx/php5-fpm/dokuwiki.stpl @@ -0,0 +1,67 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + index doku.php; + try_files $uri $uri/ @dokuwiki; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location ^~ /lib/ { + expires 30d; + } + + location ^~ /conf/ { return 403; } + location ^~ /data/ { return 403; } + + location @dokuwiki { + rewrite ^/_media/(.*) /lib/exe/fetch.php?media=$1 last; + rewrite ^/_detail/(.*) /lib/exe/detail.php?media=$1 last; + rewrite ^/_export/([^/]+)/(.*) /doku.php?do=export_$1&id=$2 last; + rewrite ^/(.*) /doku.php?id=$1 last; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.10/templates/web/nginx/php5-fpm/dokuwiki.tpl b/install/ubuntu/14.10/templates/web/nginx/php5-fpm/dokuwiki.tpl new file mode 100644 index 000000000..31647c9ff --- /dev/null +++ b/install/ubuntu/14.10/templates/web/nginx/php5-fpm/dokuwiki.tpl @@ -0,0 +1,62 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + index doku.php; + try_files $uri $uri/ @dokuwiki; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location ^~ /lib/ { + expires 30d; + } + + location ^~ /conf/ { return 403; } + location ^~ /data/ { return 403; } + location @dokuwiki { + rewrite ^/_media/(.*) /lib/exe/fetch.php?media=$1 last; + rewrite ^/_detail/(.*) /lib/exe/detail.php?media=$1 last; + rewrite ^/_export/([^/]+)/(.*) /doku.php?do=export_$1&id=$2 last; + rewrite ^/(.*) /doku.php?id=$1 last; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.10/templates/web/nginx/php5-fpm/drupal.stpl b/install/ubuntu/14.10/templates/web/nginx/php5-fpm/drupal.stpl new file mode 100644 index 000000000..9a5484396 --- /dev/null +++ b/install/ubuntu/14.10/templates/web/nginx/php5-fpm/drupal.stpl @@ -0,0 +1,101 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~* \.(txt|log)$ { + allow 192.168.0.0/16; + deny all; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + # No no for private + location ~ ^/sites/.*/private/ { + return 403; + } + + # Block access to "hidden" files and directories whose names begin with a + # period. This includes directories used by version control systems such + # as Subversion or Git to store control files. + location ~ (^|/)\. { + return 403; + } + + location / { + try_files $uri @rewrite; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $request_filename; + fastcgi_intercept_errors on; + include /etc/nginx/fastcgi_params; + } + } + + location @rewrite { + # You have 2 options here + # For D7 and above: + # Clean URLs are handled in drupal_environment_initialize(). + rewrite ^ /index.php; + + # For Drupal 6 and bwlow: + # Some modules enforce no slash (/) at the end of the URL + # Else this rewrite block wouldn't be needed (GlobalRedirect) + #rewrite ^/(.*)$ /index.php?q=$1; + } + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.10/templates/web/nginx/php5-fpm/drupal.tpl b/install/ubuntu/14.10/templates/web/nginx/php5-fpm/drupal.tpl new file mode 100644 index 000000000..417762c18 --- /dev/null +++ b/install/ubuntu/14.10/templates/web/nginx/php5-fpm/drupal.tpl @@ -0,0 +1,98 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + # Very rarely should these ever be accessed outside of your lan + location ~* \.(txt|log)$ { + allow 192.168.0.0/16; + deny all; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + # No no for private + location ~ ^/sites/.*/private/ { + return 403; + } + + # Block access to "hidden" files and directories whose names begin with a + # period. This includes directories used by version control systems such + # as Subversion or Git to store control files. + location ~ (^|/)\. { + return 403; + } + + location / { + try_files $uri @rewrite; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $request_filename; + fastcgi_intercept_errors on; + include /etc/nginx/fastcgi_params; + } + } + + location @rewrite { + # You have 2 options here + # For D7 and above: + # Clean URLs are handled in drupal_environment_initialize(). + rewrite ^ /index.php; + + # For Drupal 6 and bwlow: + # Some modules enforce no slash (/) at the end of the URL + # Else this rewrite block wouldn't be needed (GlobalRedirect) + #rewrite ^/(.*)$ /index.php?q=$1; + } + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.10/templates/web/nginx/php5-fpm/joomla.stpl b/install/ubuntu/14.10/templates/web/nginx/php5-fpm/joomla.stpl new file mode 100644 index 000000000..235a01216 --- /dev/null +++ b/install/ubuntu/14.10/templates/web/nginx/php5-fpm/joomla.stpl @@ -0,0 +1,58 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + # deny running scripts inside writable directories + location ~* /(images|cache|media|logs|tmp)/.*\.(php|pl|py|jsp|asp|sh|cgi)$ { + return 403; + error_page 403 /403_error.html; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.10/templates/web/nginx/php5-fpm/joomla.tpl b/install/ubuntu/14.10/templates/web/nginx/php5-fpm/joomla.tpl new file mode 100644 index 000000000..997c268de --- /dev/null +++ b/install/ubuntu/14.10/templates/web/nginx/php5-fpm/joomla.tpl @@ -0,0 +1,54 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + # deny running scripts inside writable directories + location ~* /(images|cache|media|logs|tmp)/.*\.(php|pl|py|jsp|asp|sh|cgi)$ { + return 403; + error_page 403 /403_error.html; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.10/templates/web/nginx/php5-fpm/owncloud.stpl b/install/ubuntu/14.10/templates/web/nginx/php5-fpm/owncloud.stpl new file mode 100644 index 000000000..8311ca43f --- /dev/null +++ b/install/ubuntu/14.10/templates/web/nginx/php5-fpm/owncloud.stpl @@ -0,0 +1,80 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect; + rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect; + rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect; + + error_page 403 = /core/templates/403.php; + error_page 404 = /core/templates/404.php; + + location ~ ^/(?:\.htaccess|data|config|db_structure\.xml|README){ + deny all; + } + + location / { + # The following 2 rules are only needed with webfinger + rewrite ^/.well-known/host-meta /public.php?service=host-meta last; + rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last; + rewrite ^/.well-known/carddav /remote.php/carddav/ redirect; + rewrite ^/.well-known/caldav /remote.php/caldav/ redirect; + rewrite ^(/core/doc/[^\/]+/)$ $1/index.html; + try_files $uri $uri/ /index.php; + + location ~ \.php(?:$|/) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param PATH_INFO $fastcgi_path_info; + #fastcgi_param HTTPS on; + fastcgi_pass %backend_lsnr%; + } + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + # Some basic cache-control for static files to be sent to the browser + add_header Pragma public; + add_header Cache-Control "public, must-revalidate, proxy-revalidate"; + } + + #error_page 403 /error/404.html; + #error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.10/templates/web/nginx/php5-fpm/owncloud.tpl b/install/ubuntu/14.10/templates/web/nginx/php5-fpm/owncloud.tpl new file mode 100644 index 000000000..57cac2f85 --- /dev/null +++ b/install/ubuntu/14.10/templates/web/nginx/php5-fpm/owncloud.tpl @@ -0,0 +1,76 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect; + rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect; + rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect; + + error_page 403 = /core/templates/403.php; + error_page 404 = /core/templates/404.php; + + location ~ ^/(?:\.htaccess|data|config|db_structure\.xml|README){ + deny all; + } + + location / { + # The following 2 rules are only needed with webfinger + rewrite ^/.well-known/host-meta /public.php?service=host-meta last; + rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last; + rewrite ^/.well-known/carddav /remote.php/carddav/ redirect; + rewrite ^/.well-known/caldav /remote.php/caldav/ redirect; + rewrite ^(/core/doc/[^\/]+/)$ $1/index.html; + try_files $uri $uri/ /index.php; + + location ~ \.php(?:$|/) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param PATH_INFO $fastcgi_path_info; + #fastcgi_param HTTPS on; + fastcgi_pass %backend_lsnr%; + } + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + # Some basic cache-control for static files to be sent to the browser + add_header Pragma public; + add_header Cache-Control "public, must-revalidate, proxy-revalidate"; + } + + #error_page 403 /error/404.html; + #error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.10/templates/web/nginx/php5-fpm/piwik.stpl b/install/ubuntu/14.10/templates/web/nginx/php5-fpm/piwik.stpl new file mode 100644 index 000000000..c53af4011 --- /dev/null +++ b/install/ubuntu/14.10/templates/web/nginx/php5-fpm/piwik.stpl @@ -0,0 +1,68 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + try_files /favicon.ico =204; + } + + location / { + try_files $uri /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + valid_referers none blocked %domain_idn% %alias_idn%; + if ($invalid_referer) { + return 444; + } + expires max; + } + + location ~* ^/(?:index|piwik)\.php$ { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + # Any other attempt to access PHP files returns a 404. + location ~* ^.+\.php$ { + return 404; + } + + # Return a 404 for all text files. + location ~* ^/(?:README|LICENSE[^.]*|LEGALNOTICE)(?:\.txt)*$ { + return 404; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.10/templates/web/nginx/php5-fpm/piwik.tpl b/install/ubuntu/14.10/templates/web/nginx/php5-fpm/piwik.tpl new file mode 100644 index 000000000..6b4a94a68 --- /dev/null +++ b/install/ubuntu/14.10/templates/web/nginx/php5-fpm/piwik.tpl @@ -0,0 +1,64 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + try_files /favicon.ico =204; + } + + location / { + try_files $uri /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + valid_referers none blocked %domain_idn% %alias_idn%; + if ($invalid_referer) { + return 444; + } + expires max; + } + + location ~* ^/(?:index|piwik)\.php$ { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + # Any other attempt to access PHP files returns a 404. + location ~* ^.+\.php$ { + return 404; + } + + # Return a 404 for all text files. + location ~* ^/(?:README|LICENSE[^.]*|LEGALNOTICE)(?:\.txt)*$ { + return 404; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.10/templates/web/nginx/php5-fpm/pyrocms.stpl b/install/ubuntu/14.10/templates/web/nginx/php5-fpm/pyrocms.stpl new file mode 100644 index 000000000..a6fc67556 --- /dev/null +++ b/install/ubuntu/14.10/templates/web/nginx/php5-fpm/pyrocms.stpl @@ -0,0 +1,61 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location /installer { + try_files $uri $uri/ /installer/index.php; + } + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location = /robots.txt { access_log off; log_not_found off; } + location = /favicon.ico { access_log off; log_not_found off; } + location ~ /\. { access_log off; log_not_found off; deny all; } + location ~ ~$ { access_log off; log_not_found off; deny all; } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.10/templates/web/nginx/php5-fpm/pyrocms.tpl b/install/ubuntu/14.10/templates/web/nginx/php5-fpm/pyrocms.tpl new file mode 100644 index 000000000..68b378efd --- /dev/null +++ b/install/ubuntu/14.10/templates/web/nginx/php5-fpm/pyrocms.tpl @@ -0,0 +1,57 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location /installer { + try_files $uri $uri/ /installer/index.php; + } + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location = /robots.txt { access_log off; log_not_found off; } + location = /favicon.ico { access_log off; log_not_found off; } + location ~ /\. { access_log off; log_not_found off; deny all; } + location ~ ~$ { access_log off; log_not_found off; deny all; } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.10/templates/web/nginx/php5-fpm/wordpress.stpl b/install/ubuntu/14.10/templates/web/nginx/php5-fpm/wordpress.stpl new file mode 100644 index 000000000..910c28b69 --- /dev/null +++ b/install/ubuntu/14.10/templates/web/nginx/php5-fpm/wordpress.stpl @@ -0,0 +1,50 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.10/templates/web/nginx/php5-fpm/wordpress.tpl b/install/ubuntu/14.10/templates/web/nginx/php5-fpm/wordpress.tpl new file mode 100644 index 000000000..b143e53ba --- /dev/null +++ b/install/ubuntu/14.10/templates/web/nginx/php5-fpm/wordpress.tpl @@ -0,0 +1,46 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.10/templates/web/nginx/php5-fpm/wordpress2.stpl b/install/ubuntu/14.10/templates/web/nginx/php5-fpm/wordpress2.stpl new file mode 100644 index 000000000..2822f8754 --- /dev/null +++ b/install/ubuntu/14.10/templates/web/nginx/php5-fpm/wordpress2.stpl @@ -0,0 +1,62 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.10/templates/web/nginx/php5-fpm/wordpress2.tpl b/install/ubuntu/14.10/templates/web/nginx/php5-fpm/wordpress2.tpl new file mode 100644 index 000000000..37b8be305 --- /dev/null +++ b/install/ubuntu/14.10/templates/web/nginx/php5-fpm/wordpress2.tpl @@ -0,0 +1,58 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/14.10/templates/web/nginx/proxy_ip.tpl b/install/ubuntu/14.10/templates/web/nginx/proxy_ip.tpl new file mode 100755 index 000000000..ae1956173 --- /dev/null +++ b/install/ubuntu/14.10/templates/web/nginx/proxy_ip.tpl @@ -0,0 +1,9 @@ +server { + listen %ip%:%proxy_port% default; + server_name _; + #access_log /var/log/nginx/%ip%.log main; + location / { + proxy_pass http://%ip%:%web_port%; + } +} + diff --git a/install/ubuntu/14.10/templates/web/php5-fpm/default.tpl b/install/ubuntu/14.10/templates/web/php5-fpm/default.tpl new file mode 100644 index 000000000..44ccf7a42 --- /dev/null +++ b/install/ubuntu/14.10/templates/web/php5-fpm/default.tpl @@ -0,0 +1,18 @@ +[%backend%] +listen = 127.0.0.1:%backend_port% +listen.allowed_clients = 127.0.0.1 + +user = %user% +group = %user% + +pm = dynamic +pm.max_children = 50 +pm.start_servers = 3 +pm.min_spare_servers = 2 +pm.max_spare_servers = 10 + +env[HOSTNAME] = $HOSTNAME +env[PATH] = /usr/local/bin:/usr/bin:/bin +env[TMP] = /tmp +env[TMPDIR] = /tmp +env[TEMP] = /tmp diff --git a/install/ubuntu/14.10/templates/web/php5-fpm/no-php.tpl b/install/ubuntu/14.10/templates/web/php5-fpm/no-php.tpl new file mode 100644 index 000000000..89487d5f5 --- /dev/null +++ b/install/ubuntu/14.10/templates/web/php5-fpm/no-php.tpl @@ -0,0 +1,13 @@ +#[%backend%] +#user = %user% +#group = %user% +#listen = /dev/null + +#listen.owner = %user% +#listen.group = nginx + +#pm = dynamic +#pm.max_children = 50 +#pm.start_servers = 3 +#pm.min_spare_servers = 2 +#pm.max_spare_servers = 10 diff --git a/install/ubuntu/14.10/templates/web/php5-fpm/socket.tpl b/install/ubuntu/14.10/templates/web/php5-fpm/socket.tpl new file mode 100644 index 000000000..f0513da3e --- /dev/null +++ b/install/ubuntu/14.10/templates/web/php5-fpm/socket.tpl @@ -0,0 +1,21 @@ +[%backend%] +listen = /var/run/php5-%backend%.sock +listen.allowed_clients = 127.0.0.1 + +user = %user% +group = %user% + +listen.owner = %user% +listen.group = nginx + +pm = dynamic +pm.max_children = 50 +pm.start_servers = 3 +pm.min_spare_servers = 2 +pm.max_spare_servers = 10 + +env[HOSTNAME] = $HOSTNAME +env[PATH] = /usr/local/bin:/usr/bin:/bin +env[TMP] = /tmp +env[TMPDIR] = /tmp +env[TEMP] = /tmp diff --git a/install/ubuntu/14.10/templates/web/skel/document_errors/403.html b/install/ubuntu/14.10/templates/web/skel/document_errors/403.html new file mode 100755 index 000000000..9c3f6baab --- /dev/null +++ b/install/ubuntu/14.10/templates/web/skel/document_errors/403.html @@ -0,0 +1,29 @@ + + + 403 — Forbidden + + + + + + +

%domain%

+ +

403

+

Forbidden

+
+ Unfortunately, you do not have permission to view this +
+ + + diff --git a/install/ubuntu/14.10/templates/web/skel/document_errors/404.html b/install/ubuntu/14.10/templates/web/skel/document_errors/404.html new file mode 100755 index 000000000..2cee77084 --- /dev/null +++ b/install/ubuntu/14.10/templates/web/skel/document_errors/404.html @@ -0,0 +1,28 @@ + + + 404 — Not Found + + + + + + +

%domain%

+

404

+

Page Not Found

+
+ It seems that the page you were trying to reach does not exist anymore, or maybe it has just moved. + You can start again from the home or go back to previous page. +
+ + diff --git a/install/ubuntu/14.10/templates/web/skel/document_errors/50x.html b/install/ubuntu/14.10/templates/web/skel/document_errors/50x.html new file mode 100755 index 000000000..85ba648b7 --- /dev/null +++ b/install/ubuntu/14.10/templates/web/skel/document_errors/50x.html @@ -0,0 +1,29 @@ + + + 500 — Internal Sever Error + + + + + + +

%domain%

+ +

500

+

Internal Server Error

+
+ Sorry, something went wrong :( +
+ + + diff --git a/install/ubuntu/14.10/templates/web/skel/public_html/index.html b/install/ubuntu/14.10/templates/web/skel/public_html/index.html new file mode 100755 index 000000000..4f5bb7244 --- /dev/null +++ b/install/ubuntu/14.10/templates/web/skel/public_html/index.html @@ -0,0 +1,26 @@ + + + %domain% — Coming Soon + + + + + + +

%domain%

+ + + + + diff --git a/install/ubuntu/14.10/templates/web/skel/public_html/robots.txt b/install/ubuntu/14.10/templates/web/skel/public_html/robots.txt new file mode 100755 index 000000000..00ee83dcf --- /dev/null +++ b/install/ubuntu/14.10/templates/web/skel/public_html/robots.txt @@ -0,0 +1,3 @@ +# vestacp autogenerated robots.txt +User-agent: * +Crawl-delay: 10 diff --git a/install/ubuntu/14.10/templates/web/skel/public_shtml/index.html b/install/ubuntu/14.10/templates/web/skel/public_shtml/index.html new file mode 100755 index 000000000..4f5bb7244 --- /dev/null +++ b/install/ubuntu/14.10/templates/web/skel/public_shtml/index.html @@ -0,0 +1,26 @@ + + + %domain% — Coming Soon + + + + + + +

%domain%

+ + + + + diff --git a/install/ubuntu/14.10/templates/web/skel/public_shtml/robots.txt b/install/ubuntu/14.10/templates/web/skel/public_shtml/robots.txt new file mode 100755 index 000000000..00ee83dcf --- /dev/null +++ b/install/ubuntu/14.10/templates/web/skel/public_shtml/robots.txt @@ -0,0 +1,3 @@ +# vestacp autogenerated robots.txt +User-agent: * +Crawl-delay: 10 diff --git a/install/ubuntu/14.10/templates/web/suspend/.htaccess b/install/ubuntu/14.10/templates/web/suspend/.htaccess new file mode 100755 index 000000000..5a6df83fb --- /dev/null +++ b/install/ubuntu/14.10/templates/web/suspend/.htaccess @@ -0,0 +1,2 @@ +ErrorDocument 403 /index.html +ErrorDocument 404 /index.html diff --git a/install/ubuntu/14.10/templates/web/suspend/index.html b/install/ubuntu/14.10/templates/web/suspend/index.html new file mode 100755 index 000000000..9d4fa67b3 --- /dev/null +++ b/install/ubuntu/14.10/templates/web/suspend/index.html @@ -0,0 +1,27 @@ + + + SUSPEND + + + + + + +

SUSPEND

+

This site has been suspended

+
+ Please contact technical support departament. +
+ + + diff --git a/install/ubuntu/14.10/templates/web/webalizer/webalizer.tpl b/install/ubuntu/14.10/templates/web/webalizer/webalizer.tpl new file mode 100755 index 000000000..068adcfb9 --- /dev/null +++ b/install/ubuntu/14.10/templates/web/webalizer/webalizer.tpl @@ -0,0 +1,110 @@ +HostName %domain_idn% +LogFile /var/log/%web_system%/domains/%domain%.log +OutputDir %home%/%user%/web/%domain%/stats +HistoryName %home%/%user%/web/%domain%/stats/%domain%.hist +Incremental yes +IncrementalName %home%/%user%/web/%domain%/stats/%domain%.current +PageType htm* +PageType cgi +PageType php +PageType shtml +DNSCache /var/lib/webalizer/dns_cache.db +DNSChildren 10 +Quiet yes +FoldSeqErr yes +IndexAlias index.php +HideURL *.gif +HideURL *.GIF +HideURL *.jpg +HideURL *.JPG +HideURL *.png +HideURL *.PNG +HideURL *.ra +SearchEngine abcsearch. terms= +SearchEngine alexa. q= +SearchEngine alltheweb. q= +SearchEngine alltheweb. query= +SearchEngine alot. q= +SearchEngine altavista. q= +SearchEngine aolsearch. query= +SearchEngine aport.ru r= +SearchEngine ask. q= +SearchEngine atlas.cz q= +SearchEngine bbc. q= +SearchEngine bing. q= +SearchEngine blingo. q= +SearchEngine blogs.yandex.ru text= +SearchEngine btopenworld query= +SearchEngine buscador.ya.com q= +SearchEngine busca. q= +SearchEngine business. query= +SearchEngine centrum.cz q= +SearchEngine chiff. q= +SearchEngine clusty. query= +SearchEngine comcast. q= +SearchEngine crawler. q= +SearchEngine cuil. q= +SearchEngine dmoz. search= +SearchEngine dogpile.com q= +SearchEngine dpxml qkw= +SearchEngine eureka. searchword= +SearchEngine euroseek. string= +SearchEngine exalead. q= +SearchEngine excite search= +SearchEngine ezilon. q= +SearchEngine fastbrowsersearch. q= +SearchEngine feedster.com q= +SearchEngine fireball.de q= +SearchEngine fireball. keyword= +SearchEngine freeserve. q= +SearchEngine gigablast. q= +SearchEngine gogo.ru q= +SearchEngine go.mail.ru q= +SearchEngine google. q= +SearchEngine hakia. q= +SearchEngine hotbot. query= +SearchEngine infoseek. qt= +SearchEngine iwon searchfor= +SearchEngine ixquick.com query= +SearchEngine joeant. keywords= +SearchEngine jyxo.cz s= +SearchEngine looksmart. key= +SearchEngine lycos. query= +SearchEngine mamma. q= +SearchEngine metacrawler q= +SearchEngine msn. MT= +SearchEngine msxml qkw= +SearchEngine mysearch. searchfor= +SearchEngine mywebsearch. searchfor= +SearchEngine netscape. q= +SearchEngine nigma.ru q= +SearchEngine northernlight. qr= +SearchEngine ntlworld. q= +SearchEngine orange. q= +SearchEngine overture. Keywords= +SearchEngine punto.ru text= +SearchEngine rambler. keyword= +SearchEngine search.aol. q= +SearchEngine search.babylon. q= +SearchEngine search.centrum. phrase= +SearchEngine search.conduit. q= +SearchEngine search.earthlink q= +SearchEngine search.icq. q= +SearchEngine search.live.com q= +SearchEngine search.rambler.ru words= +SearchEngine search.winamp. q= +SearchEngine searchy. q= +SearchEngine seznam.cz w= +SearchEngine snap. query= +SearchEngine teoma. q= +SearchEngine teradex.com q= +SearchEngine ukplus key= +SearchEngine verizon. q= +SearchEngine virginmedia. q= +SearchEngine voila. rdata= +SearchEngine webcrawler searchText= +SearchEngine web.search.naver. query= +SearchEngine wisenut q= +SearchEngine yahoo. p= +SearchEngine yandex. text= +SearchEngine yodao. q= diff --git a/install/ubuntu/14.10/vsftpd/vsftpd.conf b/install/ubuntu/14.10/vsftpd/vsftpd.conf new file mode 100644 index 000000000..0902899e7 --- /dev/null +++ b/install/ubuntu/14.10/vsftpd/vsftpd.conf @@ -0,0 +1,24 @@ +anonymous_enable=NO +local_enable=YES +write_enable=YES +local_umask=002 +anon_upload_enable=NO +dirmessage_enable=YES +xferlog_enable=YES +connect_from_port_20=YES +xferlog_std_format=YES +dual_log_enable=YES +chroot_local_user=YES +listen=YES +pam_service_name=vsftpd +userlist_enable=NO +tcp_wrappers=YES +force_dot_files=YES +ascii_upload_enable=YES +ascii_download_enable=YES +#allow_writable_chroot=YES +allow_writeable_chroot=YES +seccomp_sandbox=NO +pasv_enable=YES +pasv_max_port=12100 +pasv_min_port=12000 diff --git a/install/ubuntu/15.04/apache2/apache2.conf b/install/ubuntu/15.04/apache2/apache2.conf new file mode 100644 index 000000000..221780117 --- /dev/null +++ b/install/ubuntu/15.04/apache2/apache2.conf @@ -0,0 +1,86 @@ +# It is split into several files forming the configuration hierarchy outlined +# below, all located in the /etc/apache2/ directory: +# +# /etc/apache2/ +# |-- apache2.conf +# | `-- ports.conf +# |-- mods-enabled +# | |-- *.load +# | `-- *.conf +# |-- conf.d +# | `-- * + +# Global configuration +PidFile ${APACHE_PID_FILE} +Timeout 30 +KeepAlive Off +MaxKeepAliveRequests 100 +KeepAliveTimeout 10 + + + StartServers 8 + MinSpareServers 5 + MaxSpareServers 20 + ServerLimit 256 + MaxClients 200 + MaxRequestsPerChild 4000 + + + + StartServers 2 + MinSpareThreads 25 + MaxSpareThreads 75 + ThreadLimit 64 + ThreadsPerChild 25 + MaxClients 200 + MaxRequestsPerChild 4000 + + + + StartServers 2 + MinSpareThreads 25 + MaxSpareThreads 75 + ThreadLimit 64 + ThreadsPerChild 25 + MaxClients 200 + MaxRequestsPerChild 4000 + + +# These need to be set in /etc/apache2/envvars +User ${APACHE_RUN_USER} +Group ${APACHE_RUN_GROUP} +#User www-data +#Group www-data + +AccessFileName .htaccess + + + Order allow,deny + Deny from all + Satisfy all + + +DefaultType None +HostnameLookups Off + +ErrorLog ${APACHE_LOG_DIR}/error.log +LogLevel warn + +# Include module configuration: +Include mods-enabled/*.load +Include mods-enabled/*.conf + +# Include list of ports to listen on and which to use for name based vhosts +Include ports.conf + +LogFormat "%v:%p %h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined +LogFormat "%h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined +LogFormat "%h %l %u %t \"%r\" %>s %O" common +LogFormat "%{Referer}i -> %U" referer +LogFormat "%{User-agent}i" agent +LogFormat "%b" bytes + +Include conf.d/ + +# Include the virtual host configurations: +#Include sites-enabled/ diff --git a/install/ubuntu/15.04/apache2/status.conf b/install/ubuntu/15.04/apache2/status.conf new file mode 100644 index 000000000..da9d96333 --- /dev/null +++ b/install/ubuntu/15.04/apache2/status.conf @@ -0,0 +1,8 @@ +Listen 127.0.0.1:8081 + + SetHandler server-status + Order deny,allow + Deny from all + Allow from 127.0.0.1 + Allow from all + diff --git a/install/ubuntu/15.04/bind/named.conf b/install/ubuntu/15.04/bind/named.conf new file mode 100644 index 000000000..ed6ece885 --- /dev/null +++ b/install/ubuntu/15.04/bind/named.conf @@ -0,0 +1,12 @@ +// This is the primary configuration file for the BIND DNS server named. +// +// Please read /usr/share/doc/bind9/README.Debian.gz for information on the +// structure of BIND configuration files in Debian, *BEFORE* you customize +// this configuration file. +// +// If you are just adding zones, please do that in /etc/bind/named.conf.local + +include "/etc/bind/named.conf.options"; +include "/etc/bind/named.conf.local"; +include "/etc/bind/named.conf.default-zones"; + diff --git a/install/ubuntu/15.04/clamav/clamd.conf b/install/ubuntu/15.04/clamav/clamd.conf new file mode 100644 index 000000000..ea982697a --- /dev/null +++ b/install/ubuntu/15.04/clamav/clamd.conf @@ -0,0 +1,61 @@ +#Automatically Generated by clamav-base postinst +#To reconfigure clamd run #dpkg-reconfigure clamav-base +#Please read /usr/share/doc/clamav-base/README.Debian.gz for details +LocalSocket /var/run/clamav/clamd.ctl +FixStaleSocket true +LocalSocketGroup clamav +LocalSocketMode 666 +# TemporaryDirectory is not set to its default /tmp here to make overriding +# the default with environment variables TMPDIR/TMP/TEMP possible +User clamav +AllowSupplementaryGroups true +ScanMail true +ScanArchive true +ArchiveBlockEncrypted false +MaxDirectoryRecursion 15 +FollowDirectorySymlinks false +FollowFileSymlinks false +ReadTimeout 180 +MaxThreads 12 +MaxConnectionQueueLength 15 +LogSyslog false +LogFacility LOG_LOCAL6 +LogClean false +LogVerbose true +PidFile /var/run/clamav/clamd.pid +DatabaseDirectory /var/lib/clamav +SelfCheck 3600 +Foreground false +Debug false +ScanPE true +ScanOLE2 true +ScanHTML true +DetectBrokenExecutables false +ExitOnOOM false +LeaveTemporaryFiles false +AlgorithmicDetection true +ScanELF true +IdleTimeout 30 +PhishingSignatures true +PhishingScanURLs true +PhishingAlwaysBlockSSLMismatch false +PhishingAlwaysBlockCloak false +DetectPUA false +ScanPartialMessages false +HeuristicScanPrecedence false +StructuredDataDetection false +CommandReadTimeout 5 +SendBufTimeout 200 +MaxQueue 100 +ExtendedDetectionInfo true +OLE2BlockMacros false +StreamMaxLength 25M +LogFile /var/log/clamav/clamav.log +LogTime true +LogFileUnlock false +LogFileMaxSize 0 +Bytecode true +BytecodeSecurity TrustSigned +BytecodeTimeout 60000 +OfficialDatabaseOnly false +CrossFilesystems true diff --git a/install/ubuntu/15.04/deb_signing.key b/install/ubuntu/15.04/deb_signing.key new file mode 100644 index 000000000..2ad2db8bc --- /dev/null +++ b/install/ubuntu/15.04/deb_signing.key @@ -0,0 +1,30 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- +Version: GnuPG v1.4.12 (GNU/Linux) + +mQENBFJIGbEBCAC8SHOOFo7iDTbnC2GhNZ+uBGCh226Dn1QPoFZNFM/DNakHZ6rD +G3wzr8++eKz4fJual/VLllE2N9XDPuxbozb3LLkcyY1WzJqtIXbXhFGQ/SuIeT+x +QY90XU6t2Ckze2c+zUniAWmJ8GSyVmXOoc9JxAQ1u47wvGXLzrjWXc8u8PNRYXuf +fZplTL+dFu9P0d6lP8FGsV+r9wXvvazpRTz3+H8PKrGCYT55ZQIEdG9Jgamylto2 +oVPFXkwGML+TLw6oeCIBuz2y2vtivphW4MJ3ifQjDj7k3n+DTIxfDFs8lB6VRhhY +2nMHCrcZC6U2mhmXmr6O4s1fu6irBVx05ejPABEBAAG0IFNlcmdoZXkgUm9kaW4g +PHNraWRAdmVzdGFjcC5jb20+iQE4BBMBAgAiBQJSSBmxAhsDBgsJCAcDAgYVCAIJ +CgsEFgIDAQIeAQIXgAAKCRBCxbITCh93FPdqB/93GjV9g+wBfeZYLHQK9MDU2wBb +VloYOJJae6IvYKYQVAJayD3PbHdpxrF8s9e23vdnmb9jKu6jX6oV54EIyqP2HPiN +QYc8wcea+eSHerznBixCtoQh8mtdWGFeN71zU/ig7L5qlOVF/EmxDVZTFUeivFxh +IV6qyBnktQKktE45585yKZyyLtfGoXA54DGK69OtJFh+wdkKEMmUXocMl7wUrxW6 +Cx2CuKeEXEgvwu8mRHQi3S3T9XP456qWEn5dWyMVcP660IzEuZfSJApZusNK7zG3 +WMy0/EuX7xHNY3mcNxTOUN1LsO7iHnhHD9+iKWJo9parGkMZzc92MpjDK/g7uQEN +BFJIGbEBCAC7k5QEA9WQM7E3ceNaeLMrA9lXfuzaNCcySq7ONdVAa5PxzbSKdHvz +QFoL1VFqBTYQ038lbil1XqnoM0zvIfAI3LcpS8sq92El/vPxp6jZh2Ari9Uw7x95 +k2cZMgI67g+zQMGdjVRA155nFQRCgg000xU4F7JA6+WsuLlVUmccsDv7YWJExMtC +YPxiuz5DFu8RALnw4Ckts+dbwsrcvUHhkm9b6RAsdCKjjRpUZjLgdltjH83gUVvt +i1YmdjjsVpt95dtsaG+ad852g/Rk8EdxNMkjPF6HLA67CLADP9wYaj80yPcPtylS +ycvPtcclVeHkFBRVM8xZpQd4iD19MWI1ABEBAAGJAR8EGAECAAkFAlJIGbECGwwA +CgkQQsWyEwofdxQ7tQgAhB0FwTs7L8Qr63DHC2yAnXVxgtTAY1/36CccNXVculyR ++EkLcwahms9AKhz7eQb+Mud+5vH0GRohLp2npgO38CjVUfIP5d+Y6dsthmrkF6p8 +XdV1dVK9vWX+i/YZSw/Mded30Cq4P2Yhq9EaemMT0rtli8lz2NnkZ9dFJZk1lzJC +CZmRpbjSNWqRU4f7qyh21lYk/OC/0XE8fh8CaO23TZ+6gBionoCztwb7NyC9OArN +qYlNnbmh9iNqdblykPS3bkjf34n2xyMgnIehNrM89tk8PY4UfNPhgT1TMD9W3Svq +ynNZvLuF/FIDwDeC1qcfjGbfDn9fXO/lMIIRooQYKQ== +=J2HJ +-----END PGP PUBLIC KEY BLOCK----- diff --git a/install/ubuntu/15.04/dovecot.tar.gz b/install/ubuntu/15.04/dovecot.tar.gz new file mode 100644 index 0000000000000000000000000000000000000000..bfabaa030981d087ea4ccd8c7b86cc4d7ab1b7c6 GIT binary patch literal 3487 zcmV;Q4Pf#giwFRAz^+vQ1MM4YZyPrJESWH#l7u_ru?rTWOchsOV;5PJCsTFqMF@1q7J z@8Lu8?+=Fk(NVY80r~evgQH6Rj{$e&-|I9Jo%CDy^^@&^0v-(pACmu3uh#|ncRQo* z(dY>0bqAx~@CoaDG73Hde{=aieOi0^lwDn3^_fjXAZIdQR-~y^a|aq$g|DKQfwbnIX+x!UC0o24+8Ev1e?6`TyF z8`vq$jB@adI3@)oZi~NBA63I*Z>0~uk2KT zaHU4N^Mslf!x4zfNM=3)9v~#FmW9FwMovM>Qqk&A2kn)-mF@3y zG_7=ebDkGV094j@@Vs@0BEc@7@e)9w1lqm6#<#5dEoiE=m z@xRQ?I@Os$l_|q95)Rz0FPp%ZgQ-R*OzH}@2pfc;P;nNeTnTN9qnvI`X4%2lW7cbR zTm3_iDcc$Smm3}Aqsvx4A-9-ir}foWtu?zhA>BPnKH=r8;MprpW)8}EnWd=Ptk>xv zZ$wNMvfvPJARK}+#op!#f3DIl7_7MUF_H+{N8OxpIBtVkjrIw0*#{pt%}|=4)|}#i zlK@)fN@oy7fK{B$wRYhG42V-$TW~dZzNkgA$Vec}F7ibQ_$LtX40NJt`OMjEVY}## zC!XAK34ym>0Rsw56(X|5!=mP(gHmL#q$xf~(P8ePbmY17uP8?-2-eo4Yq8S|{0ePC z{%@rXcpy}2$J3Wi&9@E*NtxUUBtI;i4*_q;ryATy&))c2YhFE=mCZghykWlY>c z$`*4-IYg9zGgoBu+J$PTs?J72mMO7@v=QizHl?Ho^Q6trYBp`MA?apM!Dq&&Fw%;NZ>9uNV(Q;Ji1D zSC=o5I^LcO}XbK_ij~ctOc^?0jNp{bgsnFkh!dQ`x4_i~A(yWFTp;L}~+`2=c6K z3cll({3CicV6e|ZnwY%i*D{1yLZ+?e{=TLY6c|SC1fzpMzDZJI%5L+?v>Mfe#D|AM zu{H~_Ze62e^kh|%!fz>Q2_H!3659BJZVC(0Vjnu9`FU}gzn7>vr-tO$G^OH$ojEgYPB34n)nCN z6_up>=y0fnu2v=w9^ctv_X*FyQ{qy%dak!9@p03;bsS}E4*n(qZ-c&>9>6_P!1vB* z)S>Sb1jo$Vh9~sS!@r29x^Mp=wK=--Pv-z0vj5JYQ`rBokM&>pe^A-~V*p5dl5jAb zF>6B()Q0bEuM;i!{MS(O3O)$;`#>Hz_&+?N{?F*Bvj4{b*Z-lK^uDrs5Xa-jP|B-A`z+-YdcF%DyCW+}{uQ7yN8dB=smp0>#5MR`=XA`_M|@&2rY zZx3;qcSKw<4eRNIXYWR9hn<^w7Q@ziSccrYPi2Y|VUpNm!WeDfdNYG$fi5R_OuDV& z%!xY>ILFc8_Cq&nkN@v}qb4?dwsIDU?QXGzCXef~UH4_fOVB_gLqVlFBKY*=>g4(P z#re%UtS=?NLD9nMx$84TnP5{vXD0pJ|6<>@c0hzQWe!47Af$v-WgUAoa7#{glGpk@ zZ>{epa?OlGyuBkz|5C-&D zX>62B5bhh91xMVx7HNLb_;K4>S8Csx=x_yj>G+sP zYoJHLc3^{Pi~pL%ck9}<&CEpGF9Nl;%!vsdCTDtnY_DI_P0mWP6p-FC77Gq+7U;;R z_qKx!=CJW^E-!^5;+v)tDti>M$qK zMmnu|b$NMJAVUeBetUNMT~T|z0-^}BogfM`fY)aDoF=l zFMF--Ve4Me$(NX7#5m<475cGv?HcmvADsJ6x3wm4@D{7`xTjg;lm*- zO4=y45Y&e@WBcuWP~+K5uALR;b!oED-5MP=oo!)vr2}oHT*3-gpQ8UohXrhNy=W@A zO9iGU!=1fKT!?HoZPJScC9TDy{`g8;5kWx8UpoLTy10Jxob*!`{qijf$TcD#4)2si z-J1<%o&tptmg1?o0}&FNOl~vk2qPa!kx-KhTyrBfzd5u2ed#}{;xeAy8rjP#r?n6>GmN1 zKk8Tc|KkA4I-F8o9~!x&5|@*I6BPg+L!OMPYXh(-F@E`C*gSpx?&_vUSADuQt}E6S zY0wss9}n802Ct!PyB@Y3I;_;;l3%siZ^!+)`S@pr`}IF-qfdMNf6)HB!~UK3e+O6w ztnB|00Hh7}wt@T_K1~8)@ZR)wJF{2{40zOD3Sdwh2HQC3(oTpACZz?pV)Lu!!@SBw z|A=tk{xJo3)cPOT|IxPo-|4&hUuFM~0-?0@@^2DxEC#I83ANGaO)LB~fhax2m$#gg zphvO5S5~BrF;vq+Mye+;{o z{XYh{IxZyRV5V~sPIh|ZG{}QMSnCGt&Iktl)V+-F-%UQQFWUGKQ}ep2ef*u%&wca? zo^0(u@A-b(%-;do|L7z3-|zbT|ESaL;O{>N_>;iO{vQGI_8wX`b@3Y9jdImf(k0Apn?i2sGx!hDyX1>3M#0ef(kxA N{0}P55eWcL004dY&`|&Y literal 0 HcmV?d00001 diff --git a/install/ubuntu/15.04/dovecot/conf.d/10-auth.conf b/install/ubuntu/15.04/dovecot/conf.d/10-auth.conf new file mode 100644 index 000000000..dfcc83110 --- /dev/null +++ b/install/ubuntu/15.04/dovecot/conf.d/10-auth.conf @@ -0,0 +1,4 @@ +disable_plaintext_auth = no +auth_verbose = yes +auth_mechanisms = plain login +!include auth-passwdfile.conf.ext diff --git a/install/ubuntu/15.04/dovecot/conf.d/10-logging.conf b/install/ubuntu/15.04/dovecot/conf.d/10-logging.conf new file mode 100644 index 000000000..a5f207d51 --- /dev/null +++ b/install/ubuntu/15.04/dovecot/conf.d/10-logging.conf @@ -0,0 +1 @@ +log_path = /var/log/dovecot.log diff --git a/install/ubuntu/15.04/dovecot/conf.d/10-mail.conf b/install/ubuntu/15.04/dovecot/conf.d/10-mail.conf new file mode 100644 index 000000000..55313419e --- /dev/null +++ b/install/ubuntu/15.04/dovecot/conf.d/10-mail.conf @@ -0,0 +1,4 @@ +mail_privileged_group = mail +mail_access_groups = mail +mail_location = maildir:%h/mail/%d/%n +pop3_uidl_format = %08Xu%08Xv diff --git a/install/ubuntu/15.04/dovecot/conf.d/10-master.conf b/install/ubuntu/15.04/dovecot/conf.d/10-master.conf new file mode 100644 index 000000000..a75a9aaa4 --- /dev/null +++ b/install/ubuntu/15.04/dovecot/conf.d/10-master.conf @@ -0,0 +1,29 @@ +service imap-login { + inet_listener imap { + } + inet_listener imaps { + } +} + +service pop3-login { + inet_listener pop3 { + } + inet_listener pop3s { + } +} + + +service imap { +} + +service pop3 { +} + +service auth { + unix_listener auth-client { + group = mail + mode = 0660 + user = dovecot + } + user = dovecot +} diff --git a/install/ubuntu/15.04/dovecot/conf.d/10-ssl.conf b/install/ubuntu/15.04/dovecot/conf.d/10-ssl.conf new file mode 100644 index 000000000..3aaff6eec --- /dev/null +++ b/install/ubuntu/15.04/dovecot/conf.d/10-ssl.conf @@ -0,0 +1,3 @@ +ssl = yes +ssl_cert = = 2.1.4) : %v.%u + # Dovecot v0.99.x : %v.%u + # tpop3d : %Mf + # + # Note that Outlook 2003 seems to have problems with %v.%u format which was + # Dovecot's default, so if you're building a new server it would be a good + # idea to change this. %08Xu%08Xv should be pretty fail-safe. + # + #pop3_uidl_format = %08Xu%08Xv + + # Permanently save UIDLs sent to POP3 clients, so pop3_uidl_format changes + # won't change those UIDLs. Currently this works only with Maildir. + #pop3_save_uidl = no + + # What to do about duplicate UIDLs if they exist? + # allow: Show duplicates to clients. + # rename: Append a temporary -2, -3, etc. counter after the UIDL. + #pop3_uidl_duplicates = allow + + # POP3 logout format string: + # %i - total number of bytes read from client + # %o - total number of bytes sent to client + # %t - number of TOP commands + # %p - number of bytes sent to client as a result of TOP command + # %r - number of RETR commands + # %b - number of bytes sent to client as a result of RETR command + # %d - number of deleted messages + # %m - number of messages (before deletion) + # %s - mailbox size in bytes (before deletion) + # %u - old/new UIDL hash. may help finding out if UIDLs changed unexpectedly + #pop3_logout_format = top=%t/%p, retr=%r/%b, del=%d/%m, size=%s + + # Maximum number of POP3 connections allowed for a user from each IP address. + # NOTE: The username is compared case-sensitively. + #mail_max_userip_connections = 10 + + # Space separated list of plugins to load (default is global mail_plugins). + #mail_plugins = $mail_plugins + + # Workarounds for various client bugs: + # outlook-no-nuls: + # Outlook and Outlook Express hang if mails contain NUL characters. + # This setting replaces them with 0x80 character. + # oe-ns-eoh: + # Outlook Express and Netscape Mail breaks if end of headers-line is + # missing. This option simply sends it if it's missing. + # The list is space-separated. + #pop3_client_workarounds = +} diff --git a/install/ubuntu/15.04/dovecot/conf.d/auth-passwdfile.conf.ext b/install/ubuntu/15.04/dovecot/conf.d/auth-passwdfile.conf.ext new file mode 100644 index 000000000..75e6e1152 --- /dev/null +++ b/install/ubuntu/15.04/dovecot/conf.d/auth-passwdfile.conf.ext @@ -0,0 +1,9 @@ +passdb { + driver = passwd-file + args = scheme=MD5-CRYPT username_format=%n /etc/exim4/domains/%d/passwd +} + +userdb { + driver = passwd-file + args = username_format=%n /etc/exim4/domains/%d/passwd +} diff --git a/install/ubuntu/15.04/dovecot/dovecot.conf b/install/ubuntu/15.04/dovecot/dovecot.conf new file mode 100644 index 000000000..0a8553510 --- /dev/null +++ b/install/ubuntu/15.04/dovecot/dovecot.conf @@ -0,0 +1,4 @@ +protocols = imap pop3 +listen = *, :: +base_dir = /var/run/dovecot/ +!include conf.d/*.conf diff --git a/install/ubuntu/15.04/exim/dnsbl.conf b/install/ubuntu/15.04/exim/dnsbl.conf new file mode 100644 index 000000000..5166b255e --- /dev/null +++ b/install/ubuntu/15.04/exim/dnsbl.conf @@ -0,0 +1,2 @@ +bl.spamcop.net +zen.spamhaus.org diff --git a/install/ubuntu/15.04/exim/exim4.conf.template b/install/ubuntu/15.04/exim/exim4.conf.template new file mode 100644 index 000000000..742f0409e --- /dev/null +++ b/install/ubuntu/15.04/exim/exim4.conf.template @@ -0,0 +1,377 @@ +###################################################################### +# # +# Exim configuration file for Vesta Control Panel # +# # +###################################################################### + +#SPAMASSASSIN = yes +#SPAM_SCORE = 50 +#CLAMD = yes + +domainlist local_domains = dsearch;/etc/exim4/domains/ +domainlist relay_to_domains = dsearch;/etc/exim4/domains/ +hostlist relay_from_hosts = 127.0.0.1 +hostlist whitelist = net-iplsearch;/etc/exim4/white-blocks.conf +hostlist spammers = net-iplsearch;/etc/exim4/spam-blocks.conf +no_local_from_check +untrusted_set_sender = * +acl_smtp_connect = acl_check_spammers +acl_smtp_mail = acl_check_mail +acl_smtp_rcpt = acl_check_rcpt +acl_smtp_data = acl_check_data +acl_smtp_mime = acl_check_mime + +.ifdef SPAMASSASSIN +spamd_address = 127.0.0.1 783 +.endif + +.ifdef CLAMD +av_scanner = clamd: /var/run/clamav/clamd.ctl +.endif + +tls_advertise_hosts = * +tls_certificate = /usr/local/vesta/ssl/certificate.crt +tls_privatekey = /usr/local/vesta/ssl/certificate.key + +daemon_smtp_ports = 25 : 465 : 587 : 2525 +tls_on_connect_ports = 465 +never_users = root +host_lookup = * +rfc1413_hosts = * +rfc1413_query_timeout = 5s +ignore_bounce_errors_after = 2d +timeout_frozen_after = 7d + +DKIM_DOMAIN = ${lc:${domain:$h_from:}} +DKIM_FILE = /etc/exim4/domains/${lc:${domain:$h_from:}}/dkim.pem +DKIM_PRIVATE_KEY = ${if exists{DKIM_FILE}{DKIM_FILE}{0}} + + + +###################################################################### +# ACL CONFIGURATION # +# Specifies access control lists for incoming SMTP mail # +###################################################################### +begin acl + +acl_check_spammers: + accept hosts = +whitelist + + drop message = Your host in blacklist on this server. + log_message = Host in blacklist + hosts = +spammers + + accept + + +acl_check_mail: + deny condition = ${if eq{$sender_helo_name}{}} + message = HELO required before MAIL + + drop message = Helo name contains a ip address (HELO was $sender_helo_name) and not is valid + condition = ${if match{$sender_helo_name}{\N((\d{1,3}[.-]\d{1,3}[.-]\d{1,3}[.-]\d{1,3})|([0-9a-f]{8})|([0-9A-F]{8}))\N}{yes}{no}} + condition = ${if match {${lookup dnsdb{>: defer_never,ptr=$sender_host_address}}\}{$sender_helo_name}{no}{yes}} + delay = 45s + + drop condition = ${if isip{$sender_helo_name}} + message = Access denied - Invalid HELO name (See RFC2821 4.1.3) + + drop condition = ${if eq{[$interface_address]}{$sender_helo_name}} + message = $interface_address is _my_ address + + accept + + +acl_check_rcpt: + accept hosts = : + + deny message = Restricted characters in address + domains = +local_domains + local_parts = ^[.] : ^.*[@%!/|] + + deny message = Restricted characters in address + domains = !+local_domains + local_parts = ^[./|] : ^.*[@%!] : ^.*/\\.\\./ + + require verify = sender + + accept hosts = +relay_from_hosts + control = submission + + accept authenticated = * + control = submission/domain= + + deny message = Rejected because $sender_host_address is in a black list at $dnslist_domain\n$dnslist_text + hosts = !+whitelist + dnslists = ${readfile {/etc/exim4/dnsbl.conf}{:}} + + require message = relay not permitted + domains = +local_domains : +relay_to_domains + + deny message = smtp auth requried + sender_domains = +local_domains + !authenticated = * + + require verify = recipient + +.ifdef CLAMD + warn set acl_m0 = no + + warn condition = ${if exists {/etc/exim4/domains/$domain/antivirus}{yes}{no}} + set acl_m0 = yes +.endif + +.ifdef SPAMASSASSIN + warn set acl_m1 = no + + warn condition = ${if exists {/etc/exim4/domains/$domain/antispam}{yes}{no}} + set acl_m1 = yes +.endif + + accept + + +acl_check_data: +.ifdef CLAMD + deny message = Message contains a virus ($malware_name) and has been rejected + malware = * + condition = ${if eq{$acl_m0}{yes}{yes}{no}} +.endif + +.ifdef SPAMASSASSIN + warn !authenticated = * + hosts = !+relay_from_hosts + condition = ${if < {$message_size}{100K}} + condition = ${if eq{$acl_m1}{yes}{yes}{no}} + spam = nobody:true/defer_ok + add_header = X-Spam-Score: $spam_score_int + add_header = X-Spam-Bar: $spam_bar + add_header = X-Spam-Report: $spam_report + set acl_m2 = $spam_score_int + + warn condition = ${if !eq{$acl_m2}{} {yes}{no}} + condition = ${if >{$acl_m2}{SPAM_SCORE} {yes}{no}} + add_header = X-Spam-Status: Yes + message = SpamAssassin detected spam (from $sender_address to $recipients). +.endif + + accept + + +acl_check_mime: + deny message = Blacklisted file extension detected + condition = ${if match {${lc:$mime_filename}}{\N(\.ade|\.adp|\.bat|\.chm|\.cmd|\.com|\.cpl|\.exe|\.hta|\.ins|\.isp|\.jse|\.lib|\.lnk|\.mde|\.msc|\.msp|\.mst|\.pif|\.scr|\.sct|\.shb|\.sys|\.vb|\.vbe|\.vbs|\.vxd|\.wsc|\.wsf|\.wsh)$\N}{1}{0}} + + accept + + + +###################################################################### +# AUTHENTICATION CONFIGURATION # +###################################################################### +begin authenticators + +dovecot_plain: + driver = dovecot + public_name = PLAIN + server_socket = /var/run/dovecot/auth-client + server_set_id = $auth1 + +dovecot_login: + driver = dovecot + public_name = LOGIN + server_socket = /var/run/dovecot/auth-client + server_set_id = $auth1 + + + +###################################################################### +# ROUTERS CONFIGURATION # +# Specifies how addresses are handled # +###################################################################### +begin routers + +#smarthost: +# driver = manualroute +# domains = ! +local_domains +# transport = remote_smtp +# route_list = * smartrelay.vestacp.com +# no_more +# no_verify + +dnslookup: + driver = dnslookup + domains = !+local_domains + transport = remote_smtp + no_more + +userforward: + driver = redirect + check_local_user + file = $home/.forward + allow_filter + no_verify + no_expn + check_ancestor + file_transport = address_file + pipe_transport = address_pipe + reply_transport = address_reply + +procmail: + driver = accept + check_local_user + require_files = ${local_part}:+${home}/.procmailrc:/usr/bin/procmail + transport = procmail + no_verify + +autoreplay: + driver = accept + require_files = /etc/exim4/domains/$domain/autoreply.${local_part}.msg + condition = ${if exists{/etc/exim4/domains/$domain/autoreply.${local_part}.msg}}{yes}{no}} + retry_use_local_part + transport = userautoreply + unseen + +aliases: + driver = redirect + headers_add = X-redirected: yes + data = ${extract{1}{:}{${lookup{$local_part@$domain}lsearch{/etc/exim4/domains/$domain/aliases}}}} + require_files = /etc/exim4/domains/$domain/aliases + redirect_router = dnslookup + pipe_transport = address_pipe + unseen + +localuser_fwd_only: + driver = accept + transport = devnull + condition = ${if exists{/etc/exim/domains/$domain/fwd_only}{${lookup{$local_part}lsearch{/etc/exim/domains/$domain/fwd_only}{true}{false}}}} + +localuser_spam: + driver = accept + transport = local_spam_delivery + condition = ${if eq {${if match{$h_X-Spam-Status:}{\N^Yes\N}{yes}{no}}} {${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}{yes}{no_such_user}}}} + +localuser: + driver = accept + transport = local_delivery + condition = ${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}{true}{false}} + +catchall: + driver = redirect + headers_add = X-redirected: yes + require_files = /etc/exim4/domains/$domain/aliases + data = ${extract{1}{:}{${lookup{*@$domain}lsearch{/etc/exim4/domains/$domain/aliases}}}} + file_transport = local_delivery + redirect_router = dnslookup + +terminate_alias: + driver = accept + transport = devnull + condition = ${lookup{$local_part@$domain}lsearch{/etc/exim4/domains/$domain/aliases}{true}{false}} + + + +###################################################################### +# TRANSPORTS CONFIGURATION # +###################################################################### +begin transports + +remote_smtp: + driver = smtp + #helo_data = $sender_address_domain + dkim_domain = DKIM_DOMAIN + dkim_selector = mail + dkim_private_key = DKIM_PRIVATE_KEY + dkim_canon = relaxed + dkim_strict = 0 + +procmail: + driver = pipe + command = "/usr/bin/procmail -d $local_part" + return_path_add + delivery_date_add + envelope_to_add + user = $local_part + initgroups + return_output + +local_delivery: + driver = appendfile + maildir_format + maildir_use_size_file + user = ${extract{2}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}} + group = mail + create_directory + directory_mode = 770 + mode = 660 + use_lockfile = no + delivery_date_add + envelope_to_add + return_path_add + directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}/mail/$domain/$local_part" + quota = ${extract{6}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}M + quota_warn_threshold = 75% + +local_spam_delivery: + driver = appendfile + maildir_format + maildir_use_size_file + user = ${extract{2}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}} + group = mail + create_directory + directory_mode = 770 + mode = 660 + use_lockfile = no + delivery_date_add + envelope_to_add + return_path_add + directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}/mail/$domain/$local_part/.Spam" + quota = ${extract{6}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}M + quota_directory = "${extract{5}{:}{${lookup{$local_part}lsearch{/etc/exim4/domains/$domain/passwd}}}}/mail/$domain/$local_part" + quota_warn_threshold = 75% + +address_pipe: + driver = pipe + return_output + +address_file: + driver = appendfile + delivery_date_add + envelope_to_add + return_path_add + +address_reply: + driver = autoreply + +userautoreply: + driver = autoreply + file = /etc/exim4/domains/$domain/autoreply.${local_part}.msg + from = "${local_part}@${domain}" + subject = "${if def:h_Subject: {Autoreply: ${quote:${escape:$h_Subject:}}} {Autoreply Message}}" + to = "${sender_address}" + +devnull: + driver = appendfile + file = /dev/null + + + +###################################################################### +# RETRY CONFIGURATION # +###################################################################### +begin retry + +# Address or Domain Error Retries +# ----------------- ----- ------- +* * F,2h,15m; G,16h,1h,1.5; F,4d,6h + + + +###################################################################### +# REWRITE CONFIGURATION # +###################################################################### +begin rewrite + + + +###################################################################### diff --git a/install/ubuntu/15.04/exim/spam-blocks.conf b/install/ubuntu/15.04/exim/spam-blocks.conf new file mode 100644 index 000000000..e69de29bb diff --git a/install/ubuntu/15.04/fail2ban.tar.gz b/install/ubuntu/15.04/fail2ban.tar.gz new file mode 100644 index 0000000000000000000000000000000000000000..628545b6b12d83a4dfcf4529b41f62792c228c85 GIT binary patch literal 721 zcmV;?0xta@iwFR?P)1Y$1MQbhZ{jczhB^CJjMPJ=l>#Ira4D7AZL1=&Z6#&~ zz`KruB3xbg09_DCMo>VRAaZ-;y)^U@ z_5_W1em^5}=Uk3M(j5%0M~Fp}7>lVIYRqubkoOIoiK#qP6BOckLPYW;2OWgmSsIAg zuZ|mFmaYUYjJJfo8s1fhF1)IOlQ|75La(j33(9U0btUMJvtIut>QYeUVmCrexr&Qi zKbjFQ61zkzP2U-?^r{!(!l(3+?Yga{u}aaFy}dZE-rC%=GOfyYm&N9W)k}T291PDY z*P0t`IZ}uIjJ_-j{V$SH_dlT#cu)PeEcx8DI+m&H|328vfBu=(y@&@N72}Qi-)t}U ze|i14JEpGxd*KMK)CoAp98}8bBuj9v%2KQe1W{6IHF7UVKsi-oBUDPa+B%^mI!l#A z%iggR=`rPvnSp)Z2xvn7V8#q@Dyt%#D2+c|xJU7JZ=WzC$g2~0Q{w%WGdx!uFgO@} z=-u4i58*FN5)y;)2*=Nd+$g+V_$fxmCp11?eTVGz8P->^KFOi;zxe)( z;(T!ZH#>H&|F+iuy|9`8{p-KwZ0f&dYyIB`OZs27=SuT4o@Sm$(ja3D9@K#V)prvv zs8^H+ECdN-k)k768hSV1`}Y@@gAp1N=}x2^dQlk4c0wJawc4RhTtX&fF0G*c4Nk6a z2g6fPkL6zl5rJ&(DMxg| +actionstop = /usr/local/vesta/bin/v-delete-firewall-chain +actioncheck = iptables -n -L INPUT | grep -q 'fail2ban-[ \t]' +actionban = /usr/local/vesta/bin/v-add-firewall-ban +actionunban = /usr/local/vesta/bin/v-delete-firewall-ban diff --git a/install/ubuntu/15.04/fail2ban/filter.d/vesta.conf b/install/ubuntu/15.04/fail2ban/filter.d/vesta.conf new file mode 100644 index 000000000..69670a56e --- /dev/null +++ b/install/ubuntu/15.04/fail2ban/filter.d/vesta.conf @@ -0,0 +1,10 @@ +# Fail2Ban filter for unsuccesfull Vesta authentication attempts +# + +[INCLUDES] +before = common.conf + +[Definition] +failregex = .* failed to login +ignoreregex = + diff --git a/install/ubuntu/15.04/fail2ban/jail.local b/install/ubuntu/15.04/fail2ban/jail.local new file mode 100644 index 000000000..eccea0685 --- /dev/null +++ b/install/ubuntu/15.04/fail2ban/jail.local @@ -0,0 +1,39 @@ +[ssh-iptables] +enabled = true +filter = sshd +action = vesta[name=SSH] +logpath = /var/log/auth.log +maxretry = 5 + +[vsftpd-iptables] +enabled = false +filter = vsftpd +action = vesta[name=FTP] +logpath = /var/log/vsftpd.log +maxretry = 5 + +[exim-iptables] +enabled = true +filter = exim +action = vesta[name=MAIL] +logpath = /var/log/exim4/mainlog + +[dovecot-iptables] +enabled = true +filter = dovecot +action = vesta[name=MAIL] +logpath = /var/log/dovecot.log + +[mysqld-iptables] +enabled = false +filter = mysqld-auth +action = vesta[name=DB] +logpath = /var/log/mysql.log +maxretry = 5 + +[vesta-iptables] +enabled = true +filter = vesta +action = vesta[name=VESTA] +logpath = /var/log/vesta/auth.log +maxretry = 5 diff --git a/install/ubuntu/15.04/firewall.tar.gz b/install/ubuntu/15.04/firewall.tar.gz new file mode 100644 index 0000000000000000000000000000000000000000..e8556008077364323d7d6b6934e7a2cf7a734983 GIT binary patch literal 540 zcmV+%0^|K3iwFQ5XyQ}=1MQVdkJ>O4Mzij(@XnhsKo&*MSlh#7(1g=&0&FEG%?Me6ampuO4>y-_`!)kpP&FT0Pj|*j)GSV93 zG0u%P9?@5H>Ue&9TJ8w(mS4U;YbU>kw!5dto6pc!`1H`piz?!Qs? zZ2zTY(j)A}O)l`C?|(Hfn=&r%X0(YbN~&_+%&1`W&E*1z3IZzVUki(*D`*Kk5kQkG z1wFz!17_g@d9ch)G0;wCGL8I9sNtr~X-yEB=^d3PuoC0XT$oBik3eT~aJ zPYYM7vf@1@^`frQB1w}O-E1jovb=r04Y>?eKuHocY1?18ny~4FyPO>aM4!NUUOmFePy(-1M3SddTi>v8NVjB&*t=IgAYbgkDfmmx*FWy-yM^~-2uA1 z`-8QZ4$iCJUfZClsXi!k+gGp^gsj(jT}WJxQ(W4?Rswg^FKlTCd%;5d=XH e1VIo4K@bE%5ClOG1VIqwGCu%8Tmj4gC;$K)2?m1z literal 0 HcmV?d00001 diff --git a/install/ubuntu/15.04/firewall/ports.conf b/install/ubuntu/15.04/firewall/ports.conf new file mode 100644 index 000000000..a6ef4dae5 --- /dev/null +++ b/install/ubuntu/15.04/firewall/ports.conf @@ -0,0 +1,16 @@ +PROTOCOL='TCP' PORT='20' +PROTOCOL='TCP' PORT='21' +PROTOCOL='TCP' PORT='22' +PROTOCOL='TCP' PORT='25' +PROTOCOL='UDP' PORT='53' +PROTOCOL='TCP' PORT='80' +PROTOCOL='TCP' PORT='443' +PROTOCOL='TCP' PORT='110' +PROTOCOL='UDP' PORT='123' +PROTOCOL='TCP' PORT='143' +PROTOCOL='TCP' PORT='3306' +PROTOCOL='TCP' PORT='5432' +PROTOCOL='TCP' PORT='8080' +PROTOCOL='TCP' PORT='8433' +PROTOCOL='TCP' PORT='8083' +PROTOCOL='TCP' PORT='12000:12100' diff --git a/install/ubuntu/15.04/firewall/rules.conf b/install/ubuntu/15.04/firewall/rules.conf new file mode 100644 index 000000000..956c2e1d9 --- /dev/null +++ b/install/ubuntu/15.04/firewall/rules.conf @@ -0,0 +1,10 @@ +RULE='1' ACTION='ACCEPT' PROTOCOL='ICMP' PORT='0' IP='0.0.0.0/0' COMMENT='PING' SUSPENDED='no' TIME='17:13:48' DATE='2014-09-16' +RULE='2' ACTION='ACCEPT' PROTOCOL='TCP' PORT='8083' IP='0.0.0.0/0' COMMENT='VESTA' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='3' ACTION='ACCEPT' PROTOCOL='TCP' PORT='3306,5432' IP='0.0.0.0/0' COMMENT='DB' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='4' ACTION='ACCEPT' PROTOCOL='TCP' PORT='143,993' IP='0.0.0.0/0' COMMENT='IMAP' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='5' ACTION='ACCEPT' PROTOCOL='TCP' PORT='110,995' IP='0.0.0.0/0' COMMENT='POP3' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='6' ACTION='ACCEPT' PROTOCOL='TCP' PORT='25,465,587,2525' IP='0.0.0.0/0' COMMENT='SMTP' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='7' ACTION='ACCEPT' PROTOCOL='UDP' PORT='53' IP='0.0.0.0/0' COMMENT='DNS' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='8' ACTION='ACCEPT' PROTOCOL='TCP' PORT='21,12000-12100' IP='0.0.0.0/0' COMMENT='FTP' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25' +RULE='9' ACTION='ACCEPT' PROTOCOL='TCP' PORT='80,443' IP='0.0.0.0/0' COMMENT='WEB' SUSPENDED='no' TIME='17:04:27' DATE='2014-09-24' +RULE='10' ACTION='ACCEPT' PROTOCOL='TCP' PORT='22' IP='0.0.0.0/0' COMMENT='SSH' SUSPENDED='no' TIME='17:14:41' DATE='2014-09-16' diff --git a/install/ubuntu/15.04/logrotate/apache2 b/install/ubuntu/15.04/logrotate/apache2 new file mode 100644 index 000000000..27629d0dd --- /dev/null +++ b/install/ubuntu/15.04/logrotate/apache2 @@ -0,0 +1,19 @@ +/var/log/apache2/*.log /var/log/apache2/domains/*log { + weekly + missingok + rotate 52 + compress + delaycompress + notifempty + create 640 root adm + sharedscripts + postrotate + /etc/init.d/apache2 reload > /dev/null || true + [ ! -f /var/run/nginx.pid ] || kill -USR1 `cat /var/run/nginx.pid` + endscript + prerotate + if [ -d /etc/logrotate.d/httpd-prerotate ]; then \ + run-parts /etc/logrotate.d/httpd-prerotate; \ + fi; \ + endscript +} diff --git a/install/ubuntu/15.04/logrotate/nginx b/install/ubuntu/15.04/logrotate/nginx new file mode 100644 index 000000000..d667f2135 --- /dev/null +++ b/install/ubuntu/15.04/logrotate/nginx @@ -0,0 +1,13 @@ +/var/log/nginx/*log /var/log/nginx/domains/*log { + daily + missingok + rotate 52 + compress + delaycompress + notifempty + create 640 nginx adm + sharedscripts + postrotate + [ -f /var/run/nginx.pid ] && kill -USR1 `cat /var/run/nginx.pid` + endscript +} diff --git a/install/ubuntu/15.04/logrotate/vesta b/install/ubuntu/15.04/logrotate/vesta new file mode 100644 index 000000000..027a34396 --- /dev/null +++ b/install/ubuntu/15.04/logrotate/vesta @@ -0,0 +1,7 @@ +/usr/local/vesta/log/*.log { + missingok + notifempty + size 30k + yearly + create 0600 root root +} diff --git a/install/ubuntu/15.04/mysql/my-large.cnf b/install/ubuntu/15.04/mysql/my-large.cnf new file mode 100644 index 000000000..d0bab3907 --- /dev/null +++ b/install/ubuntu/15.04/mysql/my-large.cnf @@ -0,0 +1,42 @@ +[client] +port=3306 +socket=/var/run/mysqld/mysqld.sock + +[mysqld_safe] +socket=/var/run/mysqld/mysqld.sock + +[mysqld] +user=mysql +pid-file=/var/run/mysqld/mysqld.pid +socket=/var/run/mysqld/mysqld.sock +port=3306 +basedir=/usr +datadir=/var/lib/mysql +tmpdir=/tmp +lc-messages-dir=/usr/share/mysql +log_error=/var/log/mysql/error.log + +symbolic-links=0 + +skip-external-locking +key_buffer_size = 256M +max_allowed_packet = 32M +table_open_cache = 256 +sort_buffer_size = 1M +read_buffer_size = 1M +read_rnd_buffer_size = 4M +myisam_sort_buffer_size = 64M +thread_cache_size = 8 +query_cache_size= 16M +thread_concurrency = 8 + +#innodb_use_native_aio = 0 +innodb_file_per_table + +max_connections=200 +max_user_connections=50 +wait_timeout=10 +interactive_timeout=50 +long_query_time=5 + +!includedir /etc/mysql/conf.d/ diff --git a/install/ubuntu/15.04/mysql/my-medium.cnf b/install/ubuntu/15.04/mysql/my-medium.cnf new file mode 100644 index 000000000..1c10ab9a6 --- /dev/null +++ b/install/ubuntu/15.04/mysql/my-medium.cnf @@ -0,0 +1,40 @@ +[client] +port=3306 +socket=/var/run/mysqld/mysqld.sock + +[mysqld_safe] +socket=/var/run/mysqld/mysqld.sock + +[mysqld] +user=mysql +pid-file=/var/run/mysqld/mysqld.pid +socket=/var/run/mysqld/mysqld.sock +port=3306 +basedir=/usr +datadir=/var/lib/mysql +tmpdir=/tmp +lc-messages-dir=/usr/share/mysql +log_error=/var/log/mysql/error.log + +symbolic-links=0 + +skip-external-locking +key_buffer_size = 16M +max_allowed_packet = 16M +table_open_cache = 64 +sort_buffer_size = 512K +net_buffer_length = 8K +read_buffer_size = 256K +read_rnd_buffer_size = 512K +myisam_sort_buffer_size = 8M + +#innodb_use_native_aio = 0 +innodb_file_per_table + +max_connections=70 +max_user_connections=30 +wait_timeout=10 +interactive_timeout=50 +long_query_time=5 + +!includedir /etc/mysql/conf.d/ diff --git a/install/ubuntu/15.04/mysql/my-small.cnf b/install/ubuntu/15.04/mysql/my-small.cnf new file mode 100644 index 000000000..26a804781 --- /dev/null +++ b/install/ubuntu/15.04/mysql/my-small.cnf @@ -0,0 +1,40 @@ +[client] +port=3306 +socket=/var/run/mysqld/mysqld.sock + +[mysqld_safe] +socket=/var/run/mysqld/mysqld.sock + +[mysqld] +user=mysql +pid-file=/var/run/mysqld/mysqld.pid +socket=/var/run/mysqld/mysqld.sock +port=3306 +basedir=/usr +datadir=/var/lib/mysql +tmpdir=/tmp +lc-messages-dir=/usr/share/mysql +log_error=/var/log/mysql/error.log + +symbolic-links=0 + +skip-external-locking +key_buffer_size = 16K +max_allowed_packet = 1M +table_open_cache = 4 +sort_buffer_size = 64K +read_buffer_size = 256K +read_rnd_buffer_size = 256K +net_buffer_length = 2K +thread_stack = 240K + +#innodb_use_native_aio = 0 +innodb_file_per_table + +max_connections=30 +max_user_connections=20 +wait_timeout=10 +interactive_timeout=50 +long_query_time=5 + +!includedir /etc/mysql/conf.d/ diff --git a/install/ubuntu/15.04/nginx/nginx.conf b/install/ubuntu/15.04/nginx/nginx.conf new file mode 100644 index 000000000..7937301c1 --- /dev/null +++ b/install/ubuntu/15.04/nginx/nginx.conf @@ -0,0 +1,124 @@ +# Server globals +user www-data; +worker_processes 2; +error_log /var/log/nginx/error.log; +pid /var/run/nginx.pid; + + +# Worker config +events { + worker_connections 1024; + use epoll; +} + + +http { + # Main settings + sendfile on; + tcp_nopush on; + tcp_nodelay on; + client_header_timeout 1m; + client_body_timeout 1m; + client_header_buffer_size 2k; + client_body_buffer_size 256k; + client_max_body_size 100m; + large_client_header_buffers 4 8k; + send_timeout 30; + keepalive_timeout 60 60; + reset_timedout_connection on; + server_tokens off; + server_name_in_redirect off; + server_names_hash_max_size 512; + server_names_hash_bucket_size 512; + + + # Log format + log_format main '$remote_addr - $remote_user [$time_local] $request ' + '"$status" $body_bytes_sent "$http_referer" ' + '"$http_user_agent" "$http_x_forwarded_for"'; + log_format bytes '$body_bytes_sent'; + #access_log /var/log/nginx/access.log main; + access_log off; + + + # Mime settings + include /etc/nginx/mime.types; + default_type application/octet-stream; + + + # Compression + gzip on; + gzip_comp_level 9; + gzip_min_length 512; + gzip_buffers 8 64k; + gzip_types text/plain text/css text/javascript + application/x-javascript; + gzip_proxied any; + + + # Proxy settings + proxy_redirect off; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_pass_header Set-Cookie; + proxy_connect_timeout 90; + proxy_send_timeout 90; + proxy_read_timeout 90; + proxy_buffers 32 4k; + + + # Cloudflare https://www.cloudflare.com/ips + set_real_ip_from 199.27.128.0/21; + set_real_ip_from 173.245.48.0/20; + set_real_ip_from 103.21.244.0/22; + set_real_ip_from 103.22.200.0/22; + set_real_ip_from 103.31.4.0/22; + set_real_ip_from 141.101.64.0/18; + set_real_ip_from 108.162.192.0/18; + set_real_ip_from 190.93.240.0/20; + set_real_ip_from 188.114.96.0/20; + set_real_ip_from 197.234.240.0/22; + set_real_ip_from 198.41.128.0/17; + set_real_ip_from 162.158.0.0/15; + set_real_ip_from 104.16.0.0/12; + set_real_ip_from 172.64.0.0/13; + #set_real_ip_from 2400:cb00::/32; + #set_real_ip_from 2606:4700::/32; + #set_real_ip_from 2803:f800::/32; + #set_real_ip_from 2405:b500::/32; + #set_real_ip_from 2405:8100::/32; + real_ip_header CF-Connecting-IP; + + + # SSL PCI Compliance + ssl_session_cache shared:SSL:10m; + ssl_protocols TLSv1 TLSv1.1 TLSv1.2; + ssl_prefer_server_ciphers on; + ssl_ciphers "ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4"; + + + # Error pages + error_page 403 /error/403.html; + error_page 404 /error/404.html; + error_page 502 503 504 /error/50x.html; + + + # Cache + proxy_cache_path /var/cache/nginx levels=2 keys_zone=cache:10m inactive=60m max_size=512m; + proxy_cache_key "$host$request_uri $cookie_user"; + proxy_temp_path /var/cache/nginx/temp; + proxy_ignore_headers Expires Cache-Control; + proxy_cache_use_stale error timeout invalid_header http_502; + proxy_cache_valid any 3d; + + map $http_cookie $no_cache { + default 0; + ~SESS 1; + ~wordpress_logged_in 1; + } + + + # Wildcard include + include /etc/nginx/conf.d/*.conf; +} diff --git a/install/ubuntu/15.04/nginx/phpmyadmin.inc b/install/ubuntu/15.04/nginx/phpmyadmin.inc new file mode 100644 index 000000000..d70ca3e3c --- /dev/null +++ b/install/ubuntu/15.04/nginx/phpmyadmin.inc @@ -0,0 +1,15 @@ +location /phpmyadmin { + alias /usr/share/phpmyadmin/; + + location ~ /(libraries|setup) { + return 404; + } + + location ~ ^/phpmyadmin/(.*\.php)$ { + alias /usr/share/phpmyadmin/$1; + fastcgi_pass 127.0.0.1:9000; + fastcgi_index index.php; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $request_filename; + } +} diff --git a/install/ubuntu/15.04/nginx/phppgadmin.inc b/install/ubuntu/15.04/nginx/phppgadmin.inc new file mode 100644 index 000000000..cd1e5806b --- /dev/null +++ b/install/ubuntu/15.04/nginx/phppgadmin.inc @@ -0,0 +1,11 @@ +location /phppgadmin { + alias /usr/share/phppgadmin/; + + location ~ ^/phppgadmin/(.*\.php)$ { + alias /usr/share/phppgadmin/$1; + fastcgi_pass 127.0.0.1:9000; + fastcgi_index index.php; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $request_filename; + } +} diff --git a/install/ubuntu/15.04/nginx/status.conf b/install/ubuntu/15.04/nginx/status.conf new file mode 100644 index 000000000..c0bcd0691 --- /dev/null +++ b/install/ubuntu/15.04/nginx/status.conf @@ -0,0 +1,9 @@ +server { + listen 127.0.0.1:8084 default; + server_name _; + server_name_in_redirect off; + location / { + stub_status on; + access_log off; + } +} diff --git a/install/ubuntu/15.04/nginx/webmail.inc b/install/ubuntu/15.04/nginx/webmail.inc new file mode 100644 index 000000000..ad66895bc --- /dev/null +++ b/install/ubuntu/15.04/nginx/webmail.inc @@ -0,0 +1,15 @@ +location /webmail { + alias /var/lib/roundcube/; + + location ~ /(config|temp|logs) { + return 404; + } + + location ~ ^/webmail/(.*\.php)$ { + alias /var/lib/roundcube/$1; + fastcgi_pass 127.0.0.1:9000; + fastcgi_index index.php; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $request_filename; + } +} diff --git a/install/ubuntu/15.04/packages.tar.gz b/install/ubuntu/15.04/packages.tar.gz new file mode 100644 index 0000000000000000000000000000000000000000..4b778dadce20a61f03a8ca920ec81c55a8730fee GIT binary patch literal 562 zcmV-20?qv&iwFRHoJ3Lp1MQYgkD5>vhFSY7+_9e37(#VaFxE7E(hXh3fdi2rFJZkFya3gX^b)n zVXSCG>M9q!r;?X63%1>^6fD25GP?9(Zs8i zm#eSAOO(kSvCYUG8}`JzlNGcp7>;dtR#6ZOYcoV)W|{76R22A_Q=gJo4AXSy6Mw(T z@QvYNS99i079ZTgdF&uH#Hm!H2Tkno>k1^mATb^lABoBo#r=lG9NGXU~REdk0(83B2vo&kr_ zAp~{{4=IqJS7Kl{UdaJ`lmmICl^~$|AizYY10B;!5Re`k^vG)ug3|w@mF?UAH~v$N z5%B*SfdB3Ik9DT%#Rp2&fAy{S9|r3<{gP~x+kO96-v30?!2fG-8UK&;KeGQw{$uw~ zsNXQZA^ut3x1l|*XixdCp}qF{wFdwI0000000000000000RC})0(q@EkpL(F05 diff --git a/install/ubuntu/15.04/pga/phppgadmin.conf b/install/ubuntu/15.04/pga/phppgadmin.conf new file mode 100644 index 000000000..f39247d6f --- /dev/null +++ b/install/ubuntu/15.04/pga/phppgadmin.conf @@ -0,0 +1,31 @@ +Alias /phppgadmin /usr/share/phppgadmin + + + +DirectoryIndex index.php +AllowOverride None + +order deny,allow +deny from all +allow from 127.0.0.0/255.0.0.0 ::1/128 +allow from all + + + php_flag magic_quotes_gpc Off + php_flag track_vars On + php_value include_path . + + + + + AddType application/x-httpd-php .php + Action application/x-httpd-php /cgi-bin/php + + + AddType application/x-httpd-php .php + Action application/x-httpd-php /cgi-bin/php + + + + + diff --git a/install/ubuntu/15.04/php5-fpm/www.conf b/install/ubuntu/15.04/php5-fpm/www.conf new file mode 100644 index 000000000..d046bceef --- /dev/null +++ b/install/ubuntu/15.04/php5-fpm/www.conf @@ -0,0 +1,10 @@ +[www] +listen = 127.0.0.1:9000 +listen.allowed_clients = 127.0.0.1 +user = www-data +group = www-data +pm = dynamic +pm.max_children = 50 +pm.start_servers = 5 +pm.min_spare_servers = 3 +pm.max_spare_servers = 35 diff --git a/install/ubuntu/15.04/pma/apache.conf b/install/ubuntu/15.04/pma/apache.conf new file mode 100644 index 000000000..2a8f69e25 --- /dev/null +++ b/install/ubuntu/15.04/pma/apache.conf @@ -0,0 +1,42 @@ +# phpMyAdmin default Apache configuration + +Alias /phpmyadmin /usr/share/phpmyadmin + + + Options FollowSymLinks + DirectoryIndex index.php + + + AddType application/x-httpd-php .php + + php_flag magic_quotes_gpc Off + php_flag track_vars On + php_flag register_globals Off + php_admin_flag allow_url_fopen Off + php_value include_path . + php_admin_value upload_tmp_dir /var/lib/phpmyadmin/tmp + php_admin_value open_basedir /usr/share/phpmyadmin/:/etc/phpmyadmin/:/var/lib/phpmyadmin/:/usr/share/php/php-gettext + + + + +# Authorize for setup + + + AuthType Basic + AuthName "phpMyAdmin Setup" + AuthUserFile /etc/phpmyadmin/htpasswd.setup + + Require valid-user + + +# Disallow web access to directories that don't need it + + Order Deny,Allow + Deny from All + + + Order Deny,Allow + Deny from All + + diff --git a/install/ubuntu/15.04/pma/config.inc.php b/install/ubuntu/15.04/pma/config.inc.php new file mode 100644 index 000000000..a643a065b --- /dev/null +++ b/install/ubuntu/15.04/pma/config.inc.php @@ -0,0 +1,146 @@ + + VRootEngine on + VRootAlias /etc/security/pam_env.conf etc/security/pam_env.conf + + +AuthPAMConfig proftpd +AuthOrder mod_auth_pam.c* mod_auth_unix.c +UseReverseDNS off +User proftpd +Group nogroup +MaxInstances 20 +UseSendfile off +LogFormat default "%h %l %u %t \"%r\" %s %b" +LogFormat auth "%v [%P] %h %t \"%r\" %s" +ListOptions -a +RequireValidShell off +PassivePorts 12000 12100 + + + Umask 002 + IdentLookups off + AllowOverwrite yes + + AllowAll + + diff --git a/install/ubuntu/15.04/roundcube/apache.conf b/install/ubuntu/15.04/roundcube/apache.conf new file mode 100644 index 000000000..a0c87bcc6 --- /dev/null +++ b/install/ubuntu/15.04/roundcube/apache.conf @@ -0,0 +1,40 @@ +Alias /roundcube/program/js/tiny_mce/ /usr/share/tinymce/www/ +Alias /roundcube /var/lib/roundcube +Alias /webmail /var/lib/roundcube + +# Access to tinymce files + + Options Indexes MultiViews FollowSymLinks + AllowOverride None + Order allow,deny + allow from all + + + + Options +FollowSymLinks + # This is needed to parse /var/lib/roundcube/.htaccess. See its + # content before setting AllowOverride to None. + AllowOverride All + order allow,deny + allow from all + + +# Protecting basic directories: + + Options -FollowSymLinks + AllowOverride None + + + + Options -FollowSymLinks + AllowOverride None + Order allow,deny + Deny from all + + + + Options -FollowSymLinks + AllowOverride None + Order allow,deny + Deny from all + diff --git a/install/ubuntu/15.04/roundcube/config.inc.php b/install/ubuntu/15.04/roundcube/config.inc.php new file mode 100644 index 000000000..0c82b1bc1 --- /dev/null +++ b/install/ubuntu/15.04/roundcube/config.inc.php @@ -0,0 +1,33 @@ + diff --git a/install/ubuntu/15.04/roundcube/main.inc.php b/install/ubuntu/15.04/roundcube/main.inc.php new file mode 100644 index 000000000..97cdbf2df --- /dev/null +++ b/install/ubuntu/15.04/roundcube/main.inc.php @@ -0,0 +1,850 @@ +/sendmail or to syslog +$rcmail_config['smtp_log'] = true; + +// Log successful logins to /userlogins or to syslog +$rcmail_config['log_logins'] = false; + +// Log session authentication errors to /session or to syslog +$rcmail_config['log_session'] = false; + +// Log SQL queries to /sql or to syslog +$rcmail_config['sql_debug'] = false; + +// Log IMAP conversation to /imap or to syslog +$rcmail_config['imap_debug'] = false; + +// Log LDAP conversation to /ldap or to syslog +$rcmail_config['ldap_debug'] = false; + +// Log SMTP conversation to /smtp or to syslog +$rcmail_config['smtp_debug'] = false; + +// ---------------------------------- +// IMAP +// ---------------------------------- + +// the mail host chosen to perform the log-in +// leave blank to show a textbox at login, give a list of hosts +// to display a pulldown menu or set one host as string. +// To use SSL/TLS connection, enter hostname with prefix ssl:// or tls:// +// Supported replacement variables: +// %n - http hostname ($_SERVER['SERVER_NAME']) +// %d - domain (http hostname without the first part) +// %s - domain name after the '@' from e-mail address provided at login screen +// For example %n = mail.domain.tld, %d = domain.tld +$rcmail_config['default_host'] = 'localhost'; + +// TCP port used for IMAP connections +$rcmail_config['default_port'] = 143; + +// IMAP AUTH type (DIGEST-MD5, CRAM-MD5, LOGIN, PLAIN or empty to use +// best server supported one) +$rcmail_config['imap_auth_type'] = null; + +// If you know your imap's folder delimiter, you can specify it here. +// Otherwise it will be determined automatically +$rcmail_config['imap_delimiter'] = null; + +// If IMAP server doesn't support NAMESPACE extension, but you're +// using shared folders or personal root folder is non-empty, you'll need to +// set these options. All can be strings or arrays of strings. +// Folders need to be ended with directory separator, e.g. "INBOX." +// (special directory "~" is an exception to this rule) +// These can be used also to overwrite server's namespaces +$rcmail_config['imap_ns_personal'] = null; +$rcmail_config['imap_ns_other'] = null; +$rcmail_config['imap_ns_shared'] = null; + +// By default IMAP capabilities are readed after connection to IMAP server +// In some cases, e.g. when using IMAP proxy, there's a need to refresh the list +// after login. Set to True if you've got this case. +$rcmail_config['imap_force_caps'] = false; + +// By default list of subscribed folders is determined using LIST-EXTENDED +// extension if available. Some servers (dovecot 1.x) returns wrong results +// for shared namespaces in this case. http://trac.roundcube.net/ticket/1486225 +// Enable this option to force LSUB command usage instead. +$rcmail_config['imap_force_lsub'] = false; + +// Some server configurations (e.g. Courier) doesn't list folders in all namespaces +// Enable this option to force listing of folders in all namespaces +$rcmail_config['imap_force_ns'] = false; + +// IMAP connection timeout, in seconds. Default: 0 (no limit) +$rcmail_config['imap_timeout'] = 0; + +// Optional IMAP authentication identifier to be used as authorization proxy +$rcmail_config['imap_auth_cid'] = null; + +// Optional IMAP authentication password to be used for imap_auth_cid +$rcmail_config['imap_auth_pw'] = null; + +// Type of IMAP indexes cache. Supported values: 'db', 'apc' and 'memcache'. +$rcmail_config['imap_cache'] = null; + +// Enables messages cache. Only 'db' cache is supported. +$rcmail_config['messages_cache'] = false; + + +// ---------------------------------- +// SMTP +// ---------------------------------- + +// SMTP server host (for sending mails). +// To use SSL/TLS connection, enter hostname with prefix ssl:// or tls:// +// If left blank, the PHP mail() function is used +// Supported replacement variables: +// %h - user's IMAP hostname +// %n - http hostname ($_SERVER['SERVER_NAME']) +// %d - domain (http hostname without the first part) +// %z - IMAP domain (IMAP hostname without the first part) +// For example %n = mail.domain.tld, %d = domain.tld +$rcmail_config['smtp_server'] = ''; + +// SMTP port (default is 25; use 587 for STARTTLS or 465 for the +// deprecated SSL over SMTP (aka SMTPS)) +$rcmail_config['smtp_port'] = 25; + +// SMTP username (if required) if you use %u as the username Roundcube +// will use the current username for login +$rcmail_config['smtp_user'] = ''; + +// SMTP password (if required) if you use %p as the password Roundcube +// will use the current user's password for login +$rcmail_config['smtp_pass'] = ''; + +// SMTP AUTH type (DIGEST-MD5, CRAM-MD5, LOGIN, PLAIN or empty to use +// best server supported one) +$rcmail_config['smtp_auth_type'] = ''; + +// Optional SMTP authentication identifier to be used as authorization proxy +$rcmail_config['smtp_auth_cid'] = null; + +// Optional SMTP authentication password to be used for smtp_auth_cid +$rcmail_config['smtp_auth_pw'] = null; + +// SMTP HELO host +// Hostname to give to the remote server for SMTP 'HELO' or 'EHLO' messages +// Leave this blank and you will get the server variable 'server_name' or +// localhost if that isn't defined. +$rcmail_config['smtp_helo_host'] = ''; + +// SMTP connection timeout, in seconds. Default: 0 (no limit) +$rcmail_config['smtp_timeout'] = 0; + +// ---------------------------------- +// SYSTEM +// ---------------------------------- +include_once("/etc/roundcube/debian-db-roundcube.php"); + + +// THIS OPTION WILL ALLOW THE INSTALLER TO RUN AND CAN EXPOSE SENSITIVE CONFIG DATA. +// ONLY ENABLE IT IF YOU'RE REALLY SURE WHAT YOU'RE DOING! +$rcmail_config['enable_installer'] = false; + +// provide an URL where a user can get support for this Roundcube installation +// PLEASE DO NOT LINK TO THE ROUNDCUBE.NET WEBSITE HERE! +$rcmail_config['support_url'] = ''; + +// replace Roundcube logo with this image +// specify an URL relative to the document root of this Roundcube installation +$rcmail_config['skin_logo'] = null; + +// automatically create a new Roundcube user when log-in the first time. +// a new user will be created once the IMAP login succeeds. +// set to false if only registered users can use this service +$rcmail_config['auto_create_user'] = true; + +// use this folder to store log files (must be writeable for apache user) +// This is used by the 'file' log driver. +$rcmail_config['log_dir'] = '/var/log/roundcubemail/'; + +// use this folder to store temp files (must be writeable for apache user) +$rcmail_config['temp_dir'] = '/tmp'; + +// lifetime of message cache +// possible units: s, m, h, d, w +$rcmail_config['message_cache_lifetime'] = '10d'; + +// enforce connections over https +// with this option enabled, all non-secure connections will be redirected. +// set the port for the ssl connection as value of this option if it differs from the default 443 +$rcmail_config['force_https'] = false; + +// tell PHP that it should work as under secure connection +// even if it doesn't recognize it as secure ($_SERVER['HTTPS'] is not set) +// e.g. when you're running Roundcube behind a https proxy +// this option is mutually exclusive to 'force_https' and only either one of them should be set to true. +$rcmail_config['use_https'] = false; + +// Allow browser-autocompletion on login form. +// 0 - disabled, 1 - username and host only, 2 - username, host, password +$rcmail_config['login_autocomplete'] = 0; + +// Forces conversion of logins to lower case. +// 0 - disabled, 1 - only domain part, 2 - domain and local part. +// If users authentication is not case-sensitive this must be enabled. +// After enabling it all user records need to be updated, e.g. with query: +// UPDATE users SET username = LOWER(username); +$rcmail_config['login_lc'] = 0; + +// Includes should be interpreted as PHP files +$rcmail_config['skin_include_php'] = false; + +// display software version on login screen +$rcmail_config['display_version'] = false; + +// Session lifetime in minutes +// must be greater than 'keep_alive'/60 +$rcmail_config['session_lifetime'] = 10; + +// session domain: .example.org +$rcmail_config['session_domain'] = ''; + +// session name. Default: 'roundcube_sessid' +$rcmail_config['session_name'] = null; + +// Backend to use for session storage. Can either be 'db' (default) or 'memcache' +// If set to memcache, a list of servers need to be specified in 'memcache_hosts' +// Make sure the Memcache extension (http://pecl.php.net/package/memcache) version >= 2.0.0 is installed +$rcmail_config['session_storage'] = 'db'; + +// Use these hosts for accessing memcached +// Define any number of hosts in the form of hostname:port or unix:///path/to/sock.file +$rcmail_config['memcache_hosts'] = null; // e.g. array( 'localhost:11211', '192.168.1.12:11211', 'unix:///var/tmp/memcached.sock' ); + +// check client IP in session athorization +$rcmail_config['ip_check'] = false; + +// check referer of incoming requests +$rcmail_config['referer_check'] = false; + +// X-Frame-Options HTTP header value sent to prevent from Clickjacking. +// Possible values: sameorigin|deny. Set to false in order to disable sending them +$rcmail_config['x_frame_options'] = 'sameorigin'; + +// this key is used to encrypt the users imap password which is stored +// in the session record (and the client cookie if remember password is enabled). +// please provide a string of exactly 24 chars. +$rcmail_config['des_key'] = 'vtIOjLZo9kffJoqzpSbm5r1r'; + +// Automatically add this domain to user names for login +// Only for IMAP servers that require full e-mail addresses for login +// Specify an array with 'host' => 'domain' values to support multiple hosts +// Supported replacement variables: +// %h - user's IMAP hostname +// %n - http hostname ($_SERVER['SERVER_NAME']) +// %d - domain (http hostname without the first part) +// %z - IMAP domain (IMAP hostname without the first part) +// For example %n = mail.domain.tld, %d = domain.tld +$rcmail_config['username_domain'] = ''; + +// This domain will be used to form e-mail addresses of new users +// Specify an array with 'host' => 'domain' values to support multiple hosts +// Supported replacement variables: +// %h - user's IMAP hostname +// %n - http hostname ($_SERVER['SERVER_NAME']) +// %d - domain (http hostname without the first part) +// %z - IMAP domain (IMAP hostname without the first part) +// For example %n = mail.domain.tld, %d = domain.tld +$rcmail_config['mail_domain'] = ''; + +// Password charset. +// Use it if your authentication backend doesn't support UTF-8. +// Defaults to ISO-8859-1 for backward compatibility +$rcmail_config['password_charset'] = 'ISO-8859-1'; + +// How many seconds must pass between emails sent by a user +$rcmail_config['sendmail_delay'] = 0; + +// Maximum number of recipients per message. Default: 0 (no limit) +$rcmail_config['max_recipients'] = 0; + +// Maximum allowednumber of members of an address group. Default: 0 (no limit) +// If 'max_recipients' is set this value should be less or equal +$rcmail_config['max_group_members'] = 0; + +// add this user-agent to message headers when sending +$rcmail_config['useragent'] = 'Roundcube Webmail/'.RCMAIL_VERSION; + +// use this name to compose page titles +$rcmail_config['product_name'] = 'Roundcube Webmail'; + +// try to load host-specific configuration +// see http://trac.roundcube.net/wiki/Howto_Config for more details +$rcmail_config['include_host_config'] = false; + +// path to a text file which will be added to each sent message +// paths are relative to the Roundcube root folder +$rcmail_config['generic_message_footer'] = ''; + +// path to a text file which will be added to each sent HTML message +// paths are relative to the Roundcube root folder +$rcmail_config['generic_message_footer_html'] = ''; + +// add a received header to outgoing mails containing the creators IP and hostname +$rcmail_config['http_received_header'] = false; + +// Whether or not to encrypt the IP address and the host name +// these could, in some circles, be considered as sensitive information; +// however, for the administrator, these could be invaluable help +// when tracking down issues. +$rcmail_config['http_received_header_encrypt'] = false; + +// This string is used as a delimiter for message headers when sending +// a message via mail() function. Leave empty for auto-detection +$rcmail_config['mail_header_delimiter'] = NULL; + +// number of chars allowed for line when wrapping text. +// text wrapping is done when composing/sending messages +$rcmail_config['line_length'] = 72; + +// send plaintext messages as format=flowed +$rcmail_config['send_format_flowed'] = true; + +// don't allow these settings to be overriden by the user +$rcmail_config['dont_override'] = array(); + +// Set identities access level: +// 0 - many identities with possibility to edit all params +// 1 - many identities with possibility to edit all params but not email address +// 2 - one identity with possibility to edit all params +// 3 - one identity with possibility to edit all params but not email address +$rcmail_config['identities_level'] = 0; + +// Mimetypes supported by the browser. +// attachments of these types will open in a preview window +// either a comma-separated list or an array: 'text/plain,text/html,text/xml,image/jpeg,image/gif,image/png,application/pdf' +$rcmail_config['client_mimetypes'] = null; # null == default + +// mime magic database +$rcmail_config['mime_magic'] = null; + +// path to imagemagick identify binary +$rcmail_config['im_identify_path'] = null; + +// path to imagemagick convert binary +$rcmail_config['im_convert_path'] = null; + +// maximum size of uploaded contact photos in pixel +$rcmail_config['contact_photo_size'] = 160; + +// Enable DNS checking for e-mail address validation +$rcmail_config['email_dns_check'] = false; + +// ---------------------------------- +// PLUGINS +// ---------------------------------- + +// List of active plugins (in plugins/ directory) +$rcmail_config['plugins'] = array('password'); + +// ---------------------------------- +// USER INTERFACE +// ---------------------------------- + +// default messages sort column. Use empty value for default server's sorting, +// or 'arrival', 'date', 'subject', 'from', 'to', 'fromto', 'size', 'cc' +$rcmail_config['message_sort_col'] = ''; + +// default messages sort order +$rcmail_config['message_sort_order'] = 'DESC'; + +// These cols are shown in the message list. Available cols are: +// subject, from, to, fromto, cc, replyto, date, size, status, flag, attachment, 'priority' +$rcmail_config['list_cols'] = array('subject', 'status', 'fromto', 'date', 'size', 'flag', 'attachment'); + +// the default locale setting (leave empty for auto-detection) +// RFC1766 formatted language name like en_US, de_DE, de_CH, fr_FR, pt_BR +$rcmail_config['language'] = null; + +// use this format for date display (date or strftime format) +$rcmail_config['date_format'] = 'Y-m-d'; + +// give this choice of date formats to the user to select from +$rcmail_config['date_formats'] = array('Y-m-d', 'd-m-Y', 'Y/m/d', 'm/d/Y', 'd/m/Y', 'd.m.Y', 'j.n.Y'); + +// use this format for time display (date or strftime format) +$rcmail_config['time_format'] = 'H:i'; + +// give this choice of time formats to the user to select from +$rcmail_config['time_formats'] = array('G:i', 'H:i', 'g:i a', 'h:i A'); + +// use this format for short date display (derived from date_format and time_format) +$rcmail_config['date_short'] = 'D H:i'; + +// use this format for detailed date/time formatting (derived from date_format and time_format) +$rcmail_config['date_long'] = 'Y-m-d H:i'; + +// store draft message is this mailbox +// leave blank if draft messages should not be stored +// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP) +$rcmail_config['drafts_mbox'] = 'Drafts'; + +// store spam messages in this mailbox +// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP) +$rcmail_config['junk_mbox'] = 'Spam'; + +// store sent message is this mailbox +// leave blank if sent messages should not be stored +// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP) +$rcmail_config['sent_mbox'] = 'Sent'; + +// move messages to this folder when deleting them +// leave blank if they should be deleted directly +// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP) +$rcmail_config['trash_mbox'] = 'Trash'; + +// display these folders separately in the mailbox list. +// these folders will also be displayed with localized names +// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP) +$rcmail_config['default_folders'] = array('INBOX', 'Drafts', 'Sent', 'Spam', 'Trash'); +$rcmail_config['default_imap_folders'] = array('INBOX', 'Drafts', 'Sent', 'Spam', 'Trash'); + +// automatically create the above listed default folders on first login +$rcmail_config['create_default_folders'] = true; + +// protect the default folders from renames, deletes, and subscription changes +$rcmail_config['protect_default_folders'] = true; + +// if in your system 0 quota means no limit set this option to true +$rcmail_config['quota_zero_as_unlimited'] = false; + +// Make use of the built-in spell checker. It is based on GoogieSpell. +// Since Google only accepts connections over https your PHP installatation +// requires to be compiled with Open SSL support +$rcmail_config['enable_spellcheck'] = true; + +// Enables spellchecker exceptions dictionary. +// Setting it to 'shared' will make the dictionary shared by all users. +$rcmail_config['spellcheck_dictionary'] = false; + +// Set the spell checking engine. 'googie' is the default. 'pspell' is also available, +// but requires the Pspell extensions. When using Nox Spell Server, also set 'googie' here. +$rcmail_config['spellcheck_engine'] = 'googie'; + +// For a locally installed Nox Spell Server, please specify the URI to call it. +// Get Nox Spell Server from http://orangoo.com/labs/?page_id=72 +// Leave empty to use the Google spell checking service, what means +// that the message content will be sent to Google in order to check spelling +$rcmail_config['spellcheck_uri'] = ''; + +// These languages can be selected for spell checking. +// Configure as a PHP style hash array: array('en'=>'English', 'de'=>'Deutsch'); +// Leave empty for default set of available language. +$rcmail_config['spellcheck_languages'] = NULL; + +// Makes that words with all letters capitalized will be ignored (e.g. GOOGLE) +$rcmail_config['spellcheck_ignore_caps'] = false; + +// Makes that words with numbers will be ignored (e.g. g00gle) +$rcmail_config['spellcheck_ignore_nums'] = false; + +// Makes that words with symbols will be ignored (e.g. g@@gle) +$rcmail_config['spellcheck_ignore_syms'] = false; + +// Use this char/string to separate recipients when composing a new message +$rcmail_config['recipients_separator'] = ','; + +// don't let users set pagesize to more than this value if set +$rcmail_config['max_pagesize'] = 200; + +// Minimal value of user's 'keep_alive' setting (in seconds) +// Must be less than 'session_lifetime' +$rcmail_config['min_keep_alive'] = 60; + +// Enables files upload indicator. Requires APC installed and enabled apc.rfc1867 option. +// By default refresh time is set to 1 second. You can set this value to true +// or any integer value indicating number of seconds. +$rcmail_config['upload_progress'] = false; + +// Specifies for how many seconds the Undo button will be available +// after object delete action. Currently used with supporting address book sources. +// Setting it to 0, disables the feature. +$rcmail_config['undo_timeout'] = 0; + +// ---------------------------------- +// ADDRESSBOOK SETTINGS +// ---------------------------------- + +// This indicates which type of address book to use. Possible choises: +// 'sql' (default) and 'ldap'. +// If set to 'ldap' then it will look at using the first writable LDAP +// address book as the primary address book and it will not display the +// SQL address book in the 'Address Book' view. +$rcmail_config['address_book_type'] = 'sql'; + +// In order to enable public ldap search, configure an array like the Verisign +// example further below. if you would like to test, simply uncomment the example. +// Array key must contain only safe characters, ie. a-zA-Z0-9_ +$rcmail_config['ldap_public'] = array(); + +// If you are going to use LDAP for individual address books, you will need to +// set 'user_specific' to true and use the variables to generate the appropriate DNs to access it. +// +// The recommended directory structure for LDAP is to store all the address book entries +// under the users main entry, e.g.: +// +// o=root +// ou=people +// uid=user@domain +// mail=contact@contactdomain +// +// So the base_dn would be uid=%fu,ou=people,o=root +// The bind_dn would be the same as based_dn or some super user login. +/* + * example config for Verisign directory + * +$rcmail_config['ldap_public']['Verisign'] = array( + 'name' => 'Verisign.com', + // Replacement variables supported in host names: + // %h - user's IMAP hostname + // %n - http hostname ($_SERVER['SERVER_NAME']) + // %d - domain (http hostname without the first part) + // %z - IMAP domain (IMAP hostname without the first part) + // For example %n = mail.domain.tld, %d = domain.tld + 'hosts' => array('directory.verisign.com'), + 'port' => 389, + 'use_tls' => false, + 'ldap_version' => 3, // using LDAPv3 + 'user_specific' => false, // If true the base_dn, bind_dn and bind_pass default to the user's IMAP login. + // %fu - The full username provided, assumes the username is an email + // address, uses the username_domain value if not an email address. + // %u - The username prior to the '@'. + // %d - The domain name after the '@'. + // %dc - The domain name hierarchal string e.g. "dc=test,dc=domain,dc=com" + // %dn - DN found by ldap search when search_filter/search_base_dn are used + 'base_dn' => '', + 'bind_dn' => '', + 'bind_pass' => '', + // It's possible to bind for an individual address book + // The login name is used to search for the DN to bind with + 'search_base_dn' => '', + 'search_filter' => '', // e.g. '(&(objectClass=posixAccount)(uid=%u))' + // DN and password to bind as before searching for bind DN, if anonymous search is not allowed + 'search_bind_dn' => '', + 'search_bind_pw' => '', + // Default for %dn variable if search doesn't return DN value + 'search_dn_default' => '', + // Optional authentication identifier to be used as SASL authorization proxy + // bind_dn need to be empty + 'auth_cid' => '', + // SASL authentication method (for proxy auth), e.g. DIGEST-MD5 + 'auth_method' => '', + // Indicates if the addressbook shall be hidden from the list. + // With this option enabled you can still search/view contacts. + 'hidden' => false, + // Indicates if the addressbook shall not list contacts but only allows searching. + 'searchonly' => false, + // Indicates if we can write to the LDAP directory or not. + // If writable is true then these fields need to be populated: + // LDAP_Object_Classes, required_fields, LDAP_rdn + 'writable' => false, + // To create a new contact these are the object classes to specify + // (or any other classes you wish to use). + 'LDAP_Object_Classes' => array('top', 'inetOrgPerson'), + // The RDN field that is used for new entries, this field needs + // to be one of the search_fields, the base of base_dn is appended + // to the RDN to insert into the LDAP directory. + 'LDAP_rdn' => 'cn', + // The required fields needed to build a new contact as required by + // the object classes (can include additional fields not required by the object classes). + 'required_fields' => array('cn', 'sn', 'mail'), + 'search_fields' => array('mail', 'cn'), // fields to search in + // mapping of contact fields to directory attributes + // for every attribute one can specify the number of values (limit) allowed. + // default is 1, a wildcard * means unlimited + 'fieldmap' => array( + // Roundcube => LDAP:limit + 'name' => 'cn', + 'surname' => 'sn', + 'firstname' => 'givenName', + 'title' => 'title', + 'email' => 'mail:*', + 'phone:home' => 'homePhone', + 'phone:work' => 'telephoneNumber', + 'phone:mobile' => 'mobile', + 'phone:pager' => 'pager', + 'street' => 'street', + 'zipcode' => 'postalCode', + 'region' => 'st', + 'locality' => 'l', +// if you uncomment country, you need to modify 'sub_fields' above +// 'country' => 'c', + 'department' => 'departmentNumber', + 'notes' => 'description', +// these currently don't work: +// 'phone:workfax' => 'facsimileTelephoneNumber', +// 'photo' => 'jpegPhoto', +// 'organization' => 'o', +// 'manager' => 'manager', +// 'assistant' => 'secretary', + ), + // Map of contact sub-objects (attribute name => objectClass(es)), e.g. 'c' => 'country' + 'sub_fields' => array(), + 'sort' => 'cn', // The field to sort the listing by. + 'scope' => 'sub', // search mode: sub|base|list + 'filter' => '(objectClass=inetOrgPerson)', // used for basic listing (if not empty) and will be &'d with search queries. example: status=act + 'fuzzy_search' => true, // server allows wildcard search + 'vlv' => false, // Enable Virtual List View to more efficiently fetch paginated data (if server supports it) + 'numsub_filter' => '(objectClass=organizationalUnit)', // with VLV, we also use numSubOrdinates to query the total number of records. Set this filter to get all numSubOrdinates attributes for counting + 'sizelimit' => '0', // Enables you to limit the count of entries fetched. Setting this to 0 means no limit. + 'timelimit' => '0', // Sets the number of seconds how long is spend on the search. Setting this to 0 means no limit. + 'referrals' => true|false, // Sets the LDAP_OPT_REFERRALS option. Mostly used in multi-domain Active Directory setups + + // definition for contact groups (uncomment if no groups are supported) + // for the groups base_dn, the user replacements %fu, %u, $d and %dc work as for base_dn (see above) + // if the groups base_dn is empty, the contact base_dn is used for the groups as well + // -> in this case, assure that groups and contacts are separated due to the concernig filters! + 'groups' => array( + 'base_dn' => '', + 'scope' => 'sub', // search mode: sub|base|list + 'filter' => '(objectClass=groupOfNames)', + 'object_classes' => array("top", "groupOfNames"), + 'member_attr' => 'member', // name of the member attribute, e.g. uniqueMember + 'name_attr' => 'cn', // attribute to be used as group name + ), +); +*/ + +// An ordered array of the ids of the addressbooks that should be searched +// when populating address autocomplete fields server-side. ex: array('sql','Verisign'); +$rcmail_config['autocomplete_addressbooks'] = array('sql'); + +// The minimum number of characters required to be typed in an autocomplete field +// before address books will be searched. Most useful for LDAP directories that +// may need to do lengthy results building given overly-broad searches +$rcmail_config['autocomplete_min_length'] = 1; + +// Number of parallel autocomplete requests. +// If there's more than one address book, n parallel (async) requests will be created, +// where each request will search in one address book. By default (0), all address +// books are searched in one request. +$rcmail_config['autocomplete_threads'] = 0; + +// Max. numer of entries in autocomplete popup. Default: 15. +$rcmail_config['autocomplete_max'] = 15; + +// show address fields in this order +// available placeholders: {street}, {locality}, {zipcode}, {country}, {region} +$rcmail_config['address_template'] = '{street}
{locality} {zipcode}
{country} {region}'; + +// Matching mode for addressbook search (including autocompletion) +// 0 - partial (*abc*), default +// 1 - strict (abc) +// 2 - prefix (abc*) +// Note: For LDAP sources fuzzy_search must be enabled to use 'partial' or 'prefix' mode +$rcmail_config['addressbook_search_mode'] = 0; + +// ---------------------------------- +// USER PREFERENCES +// ---------------------------------- + +// Use this charset as fallback for message decoding +//$rcmail_config['default_charset'] = 'ISO-8859-1'; +$rcmail_config['default_charset'] = 'UTF-8'; + +// skin name: folder from skins/ +$rcmail_config['skin'] = 'larry'; + +// show up to X items in messages list view +$rcmail_config['mail_pagesize'] = 50; + +// show up to X items in contacts list view +$rcmail_config['addressbook_pagesize'] = 50; + +// sort contacts by this col (preferably either one of name, firstname, surname) +$rcmail_config['addressbook_sort_col'] = 'surname'; + +// the way how contact names are displayed in the list +// 0: display name +// 1: (prefix) firstname middlename surname (suffix) +// 2: (prefix) surname firstname middlename (suffix) +// 3: (prefix) surname, firstname middlename (suffix) +$rcmail_config['addressbook_name_listing'] = 0; + +// use this timezone to display date/time +// valid timezone identifers are listed here: php.net/manual/en/timezones.php +// 'auto' will use the browser's timezone settings +$rcmail_config['timezone'] = 'auto'; + +// prefer displaying HTML messages +$rcmail_config['prefer_html'] = true; + +// display remote inline images +// 0 - Never, always ask +// 1 - Ask if sender is not in address book +// 2 - Always show inline images +$rcmail_config['show_images'] = 0; + +// compose html formatted messages by default +// 0 - never, 1 - always, 2 - on reply to HTML message only +$rcmail_config['htmleditor'] = 0; + +// show pretty dates as standard +$rcmail_config['prettydate'] = true; + +// save compose message every 300 seconds (5min) +$rcmail_config['draft_autosave'] = 300; + +// default setting if preview pane is enabled +$rcmail_config['preview_pane'] = false; + +// Mark as read when viewed in preview pane (delay in seconds) +// Set to -1 if messages in preview pane should not be marked as read +$rcmail_config['preview_pane_mark_read'] = 0; + +// Clear Trash on logout +$rcmail_config['logout_purge'] = false; + +// Compact INBOX on logout +$rcmail_config['logout_expunge'] = false; + +// Display attached images below the message body +$rcmail_config['inline_images'] = true; + +// Encoding of long/non-ascii attachment names: +// 0 - Full RFC 2231 compatible +// 1 - RFC 2047 for 'name' and RFC 2231 for 'filename' parameter (Thunderbird's default) +// 2 - Full 2047 compatible +$rcmail_config['mime_param_folding'] = 1; + +// Set true if deleted messages should not be displayed +// This will make the application run slower +$rcmail_config['skip_deleted'] = false; + +// Set true to Mark deleted messages as read as well as deleted +// False means that a message's read status is not affected by marking it as deleted +$rcmail_config['read_when_deleted'] = true; + +// Set to true to never delete messages immediately +// Use 'Purge' to remove messages marked as deleted +$rcmail_config['flag_for_deletion'] = false; + +// Default interval for keep-alive/check-recent requests (in seconds) +// Must be greater than or equal to 'min_keep_alive' and less than 'session_lifetime' +$rcmail_config['keep_alive'] = 60; + +// If true all folders will be checked for recent messages +$rcmail_config['check_all_folders'] = false; + +// If true, after message delete/move, the next message will be displayed +$rcmail_config['display_next'] = false; + +// 0 - Do not expand threads +// 1 - Expand all threads automatically +// 2 - Expand only threads with unread messages +$rcmail_config['autoexpand_threads'] = 0; + +// When replying place cursor above original message (top posting) +$rcmail_config['top_posting'] = false; + +// When replying strip original signature from message +$rcmail_config['strip_existing_sig'] = true; + +// Show signature: +// 0 - Never +// 1 - Always +// 2 - New messages only +// 3 - Forwards and Replies only +$rcmail_config['show_sig'] = 1; + +// When replying or forwarding place sender's signature above existing message +$rcmail_config['sig_above'] = false; + +// Use MIME encoding (quoted-printable) for 8bit characters in message body +$rcmail_config['force_7bit'] = false; + +// Defaults of the search field configuration. +// The array can contain a per-folder list of header fields which should be considered when searching +// The entry with key '*' stands for all folders which do not have a specific list set. +// Please note that folder names should to be in sync with $rcmail_config['default_folders'] +$rcmail_config['search_mods'] = null; // Example: array('*' => array('subject'=>1, 'from'=>1), 'Sent' => array('subject'=>1, 'to'=>1)); + +// Defaults of the addressbook search field configuration. +$rcmail_config['addressbook_search_mods'] = null; // Example: array('name'=>1, 'firstname'=>1, 'surname'=>1, 'email'=>1, '*'=>1); + +// 'Delete always' +// This setting reflects if mail should be always deleted +// when moving to Trash fails. This is necessary in some setups +// when user is over quota and Trash is included in the quota. +$rcmail_config['delete_always'] = false; + +// Directly delete messages in Junk instead of moving to Trash +$rcmail_config['delete_junk'] = true; + +// Behavior if a received message requests a message delivery notification (read receipt) +// 0 = ask the user, 1 = send automatically, 2 = ignore (never send or ask) +// 3 = send automatically if sender is in addressbook, otherwise ask the user +// 4 = send automatically if sender is in addressbook, otherwise ignore +$rcmail_config['mdn_requests'] = 0; + +// Return receipt checkbox default state +$rcmail_config['mdn_default'] = 0; + +// Delivery Status Notification checkbox default state +$rcmail_config['dsn_default'] = 0; + +// Place replies in the folder of the message being replied to +$rcmail_config['reply_same_folder'] = false; + +// Sets default mode of Forward feature to "forward as attachment" +$rcmail_config['forward_attachment'] = false; + +// Defines address book (internal index) to which new contacts will be added +// By default it is the first writeable addressbook. +// Note: Use '0' for built-in address book. +$rcmail_config['default_addressbook'] = null; + +// Enables spell checking before sending a message. +$rcmail_config['spellcheck_before_send'] = false; + +// Skip alternative email addresses in autocompletion (show one address per contact) +$rcmail_config['autocomplete_single'] = false; + +// Default font for composed HTML message. +// Supported values: Andale Mono, Arial, Arial Black, Book Antiqua, Courier New, +// Georgia, Helvetica, Impact, Tahoma, Terminal, Times New Roman, Trebuchet MS, Verdana +$rcmail_config['default_font'] = ''; + +// end of config file diff --git a/install/ubuntu/15.04/roundcube/vesta.php b/install/ubuntu/15.04/roundcube/vesta.php new file mode 100644 index 000000000..8fb202a44 --- /dev/null +++ b/install/ubuntu/15.04/roundcube/vesta.php @@ -0,0 +1,62 @@ + + */ + + function password_save($curpass, $passwd) + { + $rcmail = rcmail::get_instance(); + $vesta_host = $rcmail->config->get('password_vesta_host'); + + if (empty($vesta_host)) + { + $vesta_host = 'localhost'; + } + + $vesta_port = $rcmail->config->get('password_vesta_port'); + if (empty($vesta_port)) + { + $vesta_port = '8083'; + } + + $postvars = array( + 'email' => $_SESSION['username'], + 'password' => $curpass, + 'new' => $passwd + ); + + $postdata = http_build_query($postvars); + + $send = 'POST /reset/mail/ HTTP/1.1' . PHP_EOL; + $send .= 'Host: ' . $vesta_host . PHP_EOL; + $send .= 'User-Agent: PHP Script' . PHP_EOL; + $send .= 'Content-length: ' . strlen($postdata) . PHP_EOL; + $send .= 'Content-type: application/x-www-form-urlencoded' . PHP_EOL; + $send .= 'Connection: close' . PHP_EOL; + $send .= PHP_EOL; + $send .= $postdata . PHP_EOL . PHP_EOL; + + $fp = fsockopen('ssl://' . $vesta_host, $vesta_port); + fputs($fp, $send); + $result = fread($fp, 2048); + fclose($fp); + + $fp = fopen("/tmp/roundcube.log", 'w'); + fwrite($fp, "test ok"); + fwrite($fp, "\n"); + fclose($fp); + + + if(strpos($result, 'ok') && !strpos($result, 'error')) + { + return PASSWORD_SUCCESS; + } + else { + return PASSWORD_ERROR; + } + + } diff --git a/install/ubuntu/15.04/sudo/admin b/install/ubuntu/15.04/sudo/admin new file mode 100644 index 000000000..47e16098c --- /dev/null +++ b/install/ubuntu/15.04/sudo/admin @@ -0,0 +1,7 @@ +# Created by vesta installer +Defaults env_keep="VESTA" +Defaults:admin !syslog +Defaults:admin !requiretty + +admin ALL=(ALL) ALL +admin ALL=NOPASSWD:/usr/local/vesta/bin/* diff --git a/install/ubuntu/15.04/templates.tar.gz b/install/ubuntu/15.04/templates.tar.gz new file mode 100644 index 0000000000000000000000000000000000000000..ce385d269736561780cb42d07b447572cebc7831 GIT binary patch literal 12935 zcmb8URZyHw7p{#YxCM6!?iL`pyF0-l1b6qr-ARz(?ruQ`4^D7`y9DZuAm^Lf{USGsP}RK+Ga`Vs-jJz6Gn9?|BB0`1J6{51&0u1-A(wAoe9`E z6vFFF9$veAdvSRue)_)Gm@QM;@XM>>0=l8*YwY(9{W9)%`RepE;+hLbGq^pv&)ZB8 z+UJ~^_R)U-TTXk!Dy_wd_uoOXH4L}g?^PzZPuwP_giL3A>ZWfDXn-)&+Nm*ctt9Ro zzkcM%b@(K34skWxW)xsdtReG-76iG!9zTrl!oGPF7;opAZ02sl{ChtK1-k6$74E0VejNdmSy38^P3J)Cf1-Zx6e}P#H|JTn7qDvR7!;<+EIe1bS^)*sfD>N50hnQeUnWn zFzTjnL@U1lj|+WjgiikibRW$cPRdAL&8qe8hhbL;eScs!{aa2e*ND-B@$C?!=FCH< z^~s6$i*H`*kGD%$(}!nN!-i^SK>feAX?tMl#;i>zYY8Z`ECzfKVqt*R8<=8~zX--| zp;5yq0um(a)tI)s77x-MFxzhqcEg>lUcYlUq3I%=BpHOc@9K0o`I|be`;KOZlPvIB zYPgu1K~sfidwaY51A@~Wj7>yn42>vAGk#;tx;$*i{Tj6kqc=v+*(I%@AYAhrX~N;| zsVvA7PqoV(G?;0HJg6vh&eRaE17Z&1XD^^m<9eM*0(N776F=<%FzIiF?uy&r%&Ith z($#hX`j!7uj9H2R{rU{N=PLxlanOBhsI7S?)T^%aha@c0@_qh;CBcDNWES-e-~)fv zKigBvPb(cGbwntTr}EF(Q@xXKhVB`e-a8%S*l`ESQcI($yR@DW58K>x`0eP=t{3FKGSRo{uR6e(#H$&Qk ziC(*DUd~E%L)b3adpbv^tUcfN-g!`|C&cJ1X1#Uf_)CxL)Nh*j`pF^P*h863`SqXQ zg13_gtU|4xc-=An4!LsgqoX7@RS6zE)~IG#7NVepDyvEys@ z*$PQ2+eaoBb0@g~!FfY{w&eW}2otfFH4Awx?+i4UTqKU9Msn|(jpkA`XF_p8f*;Gn z9L1&GhDc|*yuCLG-|=WcA)WpAU9RB1w;Ngfulms@WDka*s@ijS2qmv<#;))b^5lUU z=HFlCf<5Rae4^TxH~n=d+@}UT>ttwW+H7C9wHUk!zS2}Jn0%FsMP>-nm`%?Dvs3yy z??763L80Q*Rh#*37V&&Ki%&c8iRi;i0)q|h~vc@%bYbL1kN>=-s0)-cON^Yodi1Kp3KXZ?pJLJKh-(zS?3;W z_;?d?YEg^fIWXfiX5v%K>gFrBUWMWDt8$u757-_T*qr;5k05jG{9I(tE=SDl>LwbTE`79%21I)E>;jq#e6Zxg-5dBfX*LMqh0umSQ2o-uO{D#!-7F0 zt~unv(iXbV2M^9c5n7c7K$B>N6pd^P*}&%wtiwWZ{bfP9OHXMTl08vcbFrD z(tHawlPyRE$*!c`0m7l-Pvp5Q_Pat{0~Dh_4gZd`l}u@}M4~mv&SmMuS7^r%Wn~uq zDqKZF+?smlPthH3MLeow@zTVFU>x21VNhNwDk8cvhNkl@+9BPK*!M5L&+R0kee~yQ zPn}B|<6e{AKH)Dhip&S|Jk~lF8B&Q#0*H@e3Bvustg<_4jnw0wH|&nuh)5ZYv$8&$ ze0Ps<)-;-cSR$PHPBrE|Ixj&aUhNGLjt0Aq!;`_w4)LBhBGJL`c_AgtI_u458364a zyI=%x%|FrU9>hVO4BemNuI-QD|F$&GD+1kr=U;d8=%_LxVT@ayQ(F-=;QMZ8{vPKJ z?ukakSmd&E-!Ni-8iY&<_rjv>IVyWs?P&0iTHJnl&X`v}Ay>DqpoHQQ|s!d4G~E&r^`Y6YC@j@?kZMe1n5pC=`GcHJkG3W z5(?_>(qygL-S8?#O53fJl>}U2-MV%B57eWX!ymAeW%H;a+XqP)dTi2skTBzi%<~2v zxlZq}1SFPfDBdt;T&1y&x9|sD9Jxk2ZNhDT*5KkF`&pBM=fd07G|I9UGqc361TVIe zu~^RmxsUz2H)gt=vuhw!&|Iu^iP00M8eu^so#6dZ{g0D)KGogXh?!@MOR(*FPJ zm7qA-wlYTl3Ry^A)jHQYopA;vvH^9bKuyLG6wq>q zff!S2f&Z?Ll@N}|C=^mQKx9K!T-|pb*-AC)O|Kl<9aVNL&i@srzYQ29#R6!tZ`<$b z9>u@B3(S56Z9o4_A-eLUV|bMh@qMMb;JdPZ>nQxe>hUNZ3-}<8zqsJOi0>oq%%^iK zgwuWD2!@{=K@GIQaRF`~C42HM7$3pJ9%%tn3G; z?H;2Ge(>) z(=BPRn!e6)!2SX0KT1|(*)tWB!xgAc7>gIa=nR)oEH}?x#mJ+v?r^)}N2K4KAUbp| zUIj@q`cHAY4MrV4-i0#WQO>kjAdSD!O)9qY=Kg){Hv9bLl4r)fX1c8}BbsnYXI&2a z-^AuMfeo6ktzS=Z4dGsm^NHrTz26bpuX|5!jTfhTXKY)DSkHh152l+0`{(ixt-1}< zbcxD|X}Cn6+$4PvCs#n;9KHU?Soz__!yta#1Fk=gL{xHKT-`$@o%Z&QZUo=_fucBO zX%X!4T*$@URhRLQU5g(O5n}p!`F-s6VLJ~3jNC$DE>%Av|CPUCKphIW{HM!N>214K zPLRXxw<5aqh{A0-l&*iU2347mnmw?Rn==6ZFB&hAyorD^TD|_0m(2&&eOIaOu&{7A zbPBcNTLx1@-!|#9Vwn8d(ZN%9`jOL}MzkbP^qjAccW|JGyPrY7h&2umnN#_^dJHF{ zOB{p}ar*T6YLnODjtbtG58(3x8uaFBaL_YcVMA1+oq!J!4lPK))@Z}FDp|+LiYu@a zDhcT0{)c>eSVllD2-xGI$zn3BGz3RAl6R;i~4yG{UyOwT+XbQ(0Z@>8mFH@g7 ziUCEdW5>xZ$>UU4&YUx``3njQnH$%4&*_t&6rTdA_NWq~-QO(L#++e~3_y&ICmW%t zwWuzG&5QL5lUHGu$Xdoe#VF1nGjK3PhBB?zbg|kK*L3bD5>X0@dtyFXo9$yU$eDCS z4m8s#jO;GzQ$(VviZ;qIHPv1O1oDF@%(3Mc&y8!AGYYcw8C!53XW|V?A4U1i89d8a zfHX$Tg~$=r)@Hu7S=n8B1i5`Uo<;K?)DR|%utBHffOjx;Mb95{kT%i1c@A0%8k!-C zAlzjUf#S1gL==<2N>v@yp}YBg>T>oe_~#l#mF8co8Vh_+AF7$yXdD7`-@C+2Tx#SP zg_Hism7-12$uPu$Te@bYRq1;Mf0)h}Q*6@uS!kel9kq%N=F+6qHJAUSr3YeA_;t`A zCh%rjXP`mw(}pN@%&>NU#darNKr?JOc`Slin%wLcpOy^eS1bn5DoQf9tf97<>@%w) z%U{-vi4mnBwB68v4Vxn^a(f6glwJ08*T;d-oc!R&u!ZHpkVT%51c`h}QAP47|G}9i z%l(M240*qAMlJ786>N;f?A<*Zh1=5-hdCQu!#|WMPdkDu*teb#WqH{{YASc>N3Jz9 ztB{}ldKN$4GK<**IgiC()Q_7cfCavw85koN*v33hRrrRZlVWnjrKowDc$hyZ+rqZW z{<|U7ObZjrp|Na5NU?a0*gCrz@~#if@(4J$UeUkvm4fQC6Qx63h#I4y%7&+B2>5l{GtlExn3}7CZBn4L9P1oLF4yf;MU@j$x@+RDoSE?Yh-W@>dTTdZsAU+bF zzF?DvW%XkO5hs?eGlJ29$s5HoO|krX#8?(?YpFpTRr>qvxV}QWjOQqWspz$DqM4*P zMJoz=^20Q*j+#xJeNn@7T^rt>rZV}yks>B8wU868$B)DYg`^b0F5;7PpUeM6PO{D;%#AZ<&uCMl$~8h4S#zweCGPL%EW-cEa; zlJyhIO{&-**NGLL_jSk*xb7)uabTMVK#i(1P1N;+Z?%O20}+uOHsZyx-Yc!a5G=E; z!5Gf;8xS8kXbja?dj$C)Y=^#aI;@Ss3W}OX_eoWw{5A7}0<87>5!?2jG`b&d%+<`$ zDspmaE6JBW-QeMh?~*;?$t597P1woPcn@>l5@k$LXuZD9^PL|rS8fy55&%RUj)0dF z2aJ>c6)YTj)ejqjkpBg=Y1TJB{cUlAT3%bA5p>-%omgcm=G17f5G#wgE=O}k1jLr9 zv%Ni8o?5_Ejb36EiCs3Ya+6YmcS1Is`X{iLb9iHywh`F2fX&q#aK$-bTV@5=Fg8lT zaz4YJzTbhAV6i|)5CjVfK7g9J!>+pTf2ZAnP#wwiRsmIVAYkHI+(h{i9*AcrL{8$n>IJ~)+8beVHq_}#Sf=o6$M zUrU@c`ulZr#P=?13#d>j^~(&M-ghCH(RFr8ZRV9I8xOc9LV+FnXrek|QRi%}rPf-D zVxiN8+r_?*%cYfEoeQ_dEPrL>EEFvH5i!2R31S1mK1)5lwPv|cPHVbE8l2xRmV4eaqLbfa*X>9N==^WH#klhCO(?7%3)y!SA;LlZO zH+!?ky9K;)R31}&5GIu{@oegzO?w2lbAAE=O=#wvdWh%jI`9GUUi}_Vmy^-iuLUo= z7cn`9O{P#}2AOE9MLZl}_pLw?+7T3!3A*r#(R-EukMCjIVf;RKH zS=q_{rnO-f2yOXXUG6Yo<|R6EF;;q=P&hh-XpJZ%f`QVEzez-Z)K}ef)vbJ=1QO*? zW;gt~BA+TFW}umxS0kGy_%6TOKrZIBUvwlX{-2Qm#!*#Vu=$0NCN`83vi5IA7Ej-* zm-RO(2CH~@APZNj@aD5t{7G_LuE~mO<48WPs?bsj#)O=f;F&QR@D7x^4}WZi*tm8z zSTGy;J45gM?BS~GwtOZ=W-w83IKI-2-etNX?+s`1#3T#EPi z96E!g_>x)Ghe3mq?-l#7sorYH0SZm7eaE_9rS*EQZvrzQ+hTNd%#nDPq@KW_kkAGdp z8bvYu*BrDYc#Jg!zlx)U#Nmm7(JJjKD;^!%;>PPD=6O#d=-t7cf} zA(nJ*jXv5scRMt-A+MqOXRg8^=nBy@c>f}sv{)=s5@#AeYbLW6fJb7orLTP~nY19J z4AXq4cYlMFHcKuN>qY=^-igkn&ae6U;g`o9aQ@$s*7=*a!LQ7X?R#r#>~V_@0`+U< zRqOW~J!-j|y-%MKvDl?>$>J8%z7upPiNEH-Ll|V|GE~KdK6h7PU{Ssc&EAF!CmDD< zC{TT0M{nM&mUpP^%vs0}_3O%-_9QL^y}eG~T^&mQeyj+iV&DP&;p|!2A1;|n2V7yA zVkmb7!ssi?Hj4FE-%ic_WWI39n8JtK$0ECoJg1jp#R7;MbYp2UjGPwlETTx=1XJIO zgykH&9aY^2kbnO%6dKQQKK;Z9u->|A7MsVfCAzCmZ~IlBQb}w}Hq6`2uT+dPAfTq( z6PDv1^Xp~SUbH!c1>+|rj=fL?a~E_m(WH;i_{5%bW=G>`!s;g7kgTb#gSvJzPmTXx z^P*p4t6Wo~8;CcbRMgj)(Uph%^w;>Tyqr3`K(C&f_4yxBD0uTa1EqE>nQJ#ZbeFcZ zfh6Wf$eHd8XVrf1r;FoqssnR91-j#$>)~u_{G`h-aX5s+t*P|*opw^(%pMUR1yqS= zli1wu=@gSZxaFC1St@FR@*1w%7%?Srb>>)UiC4XM zV)x?=sGjGOtx=3A>1)@A{14O+9$C--P~87@&8zZ#+rKtl`M3QGrfYDO{jhz}reg?r zm4-bOn09axOvNT$(>W<~)@?;vzz}vE=0%kTErWU*-?vI)S*Sx`@UOJ~QR6;Gs;DN{ zD0(5(gj?dyVMk6vatr%}J0;}_C%0KaRe^rwOCPc|APbgmtH`y7;b8T;WB8rf7A zjl2?3#Pfykp^-*!#?}5_+cvH^M@Ln*@C{8Q>#WitdID9bOl)S zjPVW{R>8JMiFqiXuU9)}`q21&_vp=ejcVqyXYl8;-bXkbf(!BPO;hl?HeUkp=PCsN z47KK-eutxdc)Rf*1Uo}v7fA^~Wpz;7<|+E~Hsfoup%xD;IpJYJV@N?96LTN>Y3<|0 zY~ft&-s`6>v%uYFYU$(pyHiUhtadBo&u(!{Fsvgj9QEig&|Ji<6>qBnBzQ>J9R=P5MMb`t=J4Y`%7#a zaeXIwq=m^aGw9WB5tU}+3j4mw`weN5OK{n$ej2bzMziC>p^2BqRU+NZL-CRQTSl8R z(foTpQnu2Ui@qpl>?wbryH=q{Jb_8VnTtFdA?%L(=E`l37DL&NROMo3g0e)~h)>=^ zSn?t9THlSrhNyU*ph_<3Zce5~@YJOwlv4=$={o~j>{Gnl>8$i)(K95-Lp+NNig$^$ zd%9KXy3&bDIRMkEm)RGLg(|i8PxW8j69~9f)bNcU>NEIgV zF7`+8Wj7Jec`dZ1$yN1n)1ZT`wR_6GxuC^^Cq|V#xyHcqv%yjc0Tq!R#ltSzLSJQ{ zc=m0dAi?$>cIGSk%4jUPv8S50-*J0$w!P&GL1j5!nN++DxVy9KT{d$v#Y*H8J_0x1 z@*O0878_Xue;im_3q`$hxZJ;Qho>apEraSXu(CSVw?Ou_yNcN z-LG5GmSC4fu&PlAej>$%Twi*N{(7Gm#bS?qy@KZrTz&_tt2?|02uFZwM%{U!q4YI9 zSnWmd^tiMjJvca1I~5AnJH`gBI|2)txBtzqmI$9g4fLX}&s6hfiXv$c+8ZD75i_r6 z{a=8`wCN7Z8sNE@U+(>h;J+H=3sZg+7bs8y11?FtE%$Y9A-@j5TY$3BS=HQACd}-` zNeF0QbV>n8$_-6k7{A%bxhkoz@(`FzCxMh+(o{##EFXBvJfuE_TJRJ0z4MR#R*%yG zNgn)e%hu;~ayiVZdwHV<`PcDm#n-`D6Dw$%H+{tFaZuZHH*SC6SF_zio~!sV6dwaZ z-qAXV;cUj`W3kU?&oEsr3i+6is%3lnbG~pbBu>tEH$NaUPv>!(WUIj>wl{JqfvmhQ ztmsA$<``V~3451dM^@j%fe#$gH={2E-Oj0(!{fyslB!yrp(eX=i;(xifRAvirYps1 zsl0x`)q2Xro@lsoYkm5mOY4v!wk%53#WNgm!R!5UelhE^g$aT_kDzv8<1rfG4(!xA zM-00+4(}=WERwgpfvFN%zfV5W-n<|Xlu|Nmv2NO+CVyOU%CPAsnIfH!Qs(~YKVr4= z2?IU@ReR8vb19_*$%~<{1G%&ME_ojn_|pl zMUaLcGJk*HiO|~OkyC{aOi!0RyS+LUszMqT&PE{($q;aZ*9lCYJ@(p672?t_F_Bjy zUCr=v&5RJv92S~kaj2V8nuc?*l0Z2!xAN!57C9Gx_w?WFNaw*sOl=w!lyK7Wyy}yX zI(d;iHLPnopc=tOyP^IZ^eU4ut90Fl7z%4{@Iy}B_Cf$Vaj$X&pq&ieRP^(DQbk55 zbH5yX{OXbqws7a4sQ(J3l`$2}r7gD@IAPq%D$5CCEr@xsf}@|rl?<^8f3Lc892{_a zADziqLnJOP?C0fwI~je{5M4vWC@vaw^Y1};Oc*Zh=_LAMr?HeVLJ~Dx%mBkM4)_y0 zLmmY0>_cFS2wU*)HH`q)6e`-*tN
JXql@HLvN@Zghx7di_zx{Jl{l=j8>Rd0iuIDly5)|igW-~8Wh{82vJVRya(Gh28$Tg zNYvQTi%N?bCT;d~G|V4#+1?=$n)3*Hxd;vcbUYEFUd2Vb0A2Nu&?ll{P)8UPg|y7h zt|X>^>LNVb{#blXPfp^$?bprv6EHIeJC+ep4Snj{tkXIm5nFTt8ER^2OuVN!m)S0X zvQb6&n|xqJy&%>~Sa#2_Yw!4`{PZWwbk?(I*2wCsAP|b1st=@4l>#FI_0_}g{H+*3$S0l%u3ywW7$1|v! zaSpbH0u!@>L3X&jg3KQY$hH&phHZrY?~(zKk;K(>(uzNUH- zAZr2aY7}3oR5yTsUaxfjflMoKr|}3vF~{kr4v~c0PlCr#@)7#+3hHvro10o+MqFfo zt~mW?mKeRX>@k4lKg0BMFm;nxaf$PA{1_x*m9s`ei8?E;LBeQjPh;<^BC`vhy=8L5 z7V&1ruJ_U4bC3GCMbrm^YMib4{f-))$Pn`w@a>Pczvf0da-TC@FN1z}mO*A+i99yD z?0_qiI--5?Hby9TD1ip5FaHrL{|FqiUo?X}p29l2ChO3TRP!Rgae*d8XFjXt@lt+2 z(l{O@3MS9x?sg^QXz>(gRF%k(P@nrEjix>Us|FT-+Fwyk>$Q|s_U^a(#+sJf>R0Nk`o%iVEFD>Xu zX43CaBLt7SlSZr>sgwQU=RQ?pa1EU9vC%~c0OR;rBBGUX^6$}2?3>@PSr6go;#A(uRDeJ?r@yt7-{CNjWf$})#`?+ zFPi}mLdWU?k8*Asj=i8JW*@(>J$VC6@%xc~i?g{NFuI%b>=Cb=x3dd$gWg89atW(} zpW$UJH1jFz$K_|Mdo@4XPjjfTLC3Gi)5C_Tc`q8ZDaaS`YX<7~dyc5&+<)V>LrNWw zh|!H@H;_j8_QnQ8l%L8S%>>Q6l5&oGx5~mB7`a#+TWdF^-blaz8YHi*1i^s*##_FvY061=ALqeLd@J$ksHKP z6_vt~i+S&GRR-uk{ed{m2-yA_H6$NcWKeg!b{27o$qN>%+`hm|M zjQrW{eCJpuGlA6OeZNfM*=pe}a)<^~85he}>OE)56_#oGj@puBeg(|;|IxYaXiy&W z-AMMgq<11R%N9ux>R`07CGmPg{W}5dS5v*+RO%`%2QJ-e;6wr@WSo`q^vbpL23}{-71LD?wbSfJb|su5Qg-`CAXhJ6+on33>{I+|^K- zwa7vH3&QmHz2^_T7v2|u1D=jPRs7J?tysxYHt}Nodch%A_&)zMU(j;!`Bbyj0TGQZ zgoKK6jAUQ9a@LP44T9G;z`OFrKX#;sY}9qa3lXQEOut~tlYwZ(?ZXJ~+*(Uv8-?OC zK@NPFkb5V}86w*SD@mDPYD@YSWld@SMH-SkDS26r`r#wM>+(6gP5fS^a8F+sQQ$AA z4fhEU3Tg%Pg)azCL0)w80A(D^hvW*Ci3fRZR8*wwYt}`wMO=4aP7;2-&-EBPV(4cC zH*B^a>!6#azD6inJFwDaC@>201+*`Gm|-5GvFBj>dq9HttUjkJrGq6*7Q}3zGXi^! z+6TPWFZ3J%%rLWIfEKuFqgw;~m|n%79-+Vtadf%`#ET?~C{b#zg9h=&%IS%aFFo`# zNz8vjOOT+`_?p3T0XSE|Ij;d14@Pq^7o$@=1#quf2em$bvWY{l25Q3mFo194!B^Wsg34TJo+;u3;H zh)L68Y8_|n67v>dYp`@xip(ip-0eD;*)jEGuvc-g zmy*qWG(*DDS}Ym#Gs_tjzdh+(;~4jRG3r_pG74zmV*LXIOvP)OSizs4Wc%`@)hbqp5NwjpbcWEw62}W!p z*6|8cobtEeznxZ0F6#XOvo1E@jd zVB@0*+6D6lQ4$(WvC9keSb2MA9kh3)cKl`9lI2`X<_~1cx(V?8$?dig&%>`jKhcrH zGOhC<_!_p)3f}RjY-u8T-)7A%ex2|e`Rq7Da7~%Th32T?PtqT*=7(eaSVvv~-XwzU zrcyVdjp8A8p^dJmXd|m`kJnSJW01feAbrsqaPu~szeWfXH#`8EGGv~_Dbt?S*;r3P z+}1k^|A$;`Hk=Q!Cmfl|LH)`E&U7(tYJ?`&ZzQ9ySb(Eg9}x1|R_ir(zeM42xB=w)0Si$1$NjQTY`AjI?K{SLxzowsX7ZMHi$ zLFA$2ZD*1Z4Y)}Z#W9$I5IUBjLTV9>dp?^gk?KBz@EG=l>nNr+5t2=F1r$$z^twyC zNq{ZCUfd`A7U@Z{&xR!>o4_Fi9-f2LSp%6b(gEM6f_|W}=o0nyXB*!)CA5X?cic3J zQfWU@t(aj(LiOCyeCJL?@YViMMpdULAq2o{4EXP50tIP88CBjjggq-9$J2RU%|1>q zpK9HJ|NC{fQ9kR~e+8N762QdQ|MQ{p$7c{aOq^LnAo95Hae$Uw>hrTlC*Tu)^?A$3rSL#CItz$MK1{#+IIg(P~= zJ>=DZL*G&lxs#hoNz(_dN*L8V2j_f`aP`%iuGN*yF>+%qw-)11PM{Ar!r$TT66xe0 zJsjRCsn&DIEa4m7=bPVKn!*bfTNzcp&L<~ax@$1iqFZ}7yN0u?f+oy$MkR(f!+NWZ z(u|hpY)YTt9dFxTw(*2$}hHhUwJ08-EcnsmZ)-)(-JHS9zNH zKz3TfERImV)15?rnW04WX@E~}+rox?xSHL$^QCcO*4XBhp0L50c!+rg6KCGVIEZH< z+t~QG?0*37FdMe)O?Rm8h(vuncDQHxsj;!;~aoa;ky5pJO-1#@P4%gP=#nVflB&Rn9tL>xE=c2rAyI*><1|WYKK{@dlzKc(0vzK>Hzj6;_pI3=EkI&^?r z%~mU;QU1%QT{_gI%1{qhL;4q3N@E!ZSjS;&haPdV+Yz=5OS2lGrd+ev_TcPdT71{*QLSCls~=|+ynm} z-o9y$nn?iQ;7Um&Bp>mzL+}%Dk*DeLQvxUCHP@_(zF`DUGd5J*c*7E^@Y?4B`~c9eHy;l}b<2I*SECD}i)|-wJLnUGN}~_Ce$cmPWlvGO{qt{5 zuU{^}k9m*)tlyx`v5H1FHee|FjReBJAikh=v)yb9Tgln!p#qUigH#v`%S}~@s9fsh z3r`b*c;yokkH11-cCcrp1UWqGkLaQUs|R|BbzRST__8HjWQy%pcMXo=h8P>QhKn9; zszXG5{30ITQ>UfzkHZns5=6fz1B`yd(`Ds2SKN|eYsdXXIlQ%YPN~{AvNMq^gQkvMwNdVoXleSVR zlX;$}T{H>n{;XpA{b=84d{AQVR+*RIQs%f3!|w}zgK1AhRp`0PcGzz%%9-EkmzBK1 zmk2syi~NO4GPKo&JG(qM?Hes)SJK0go@%q&E9t+dkv1g;81K5OrgB8T7_6)BHlYN4 zShcQtoDHhOKluPAYVXEX1hb5NchbG3qfJ{x!h33I--$j;U#;Zp;%Cr#aN}L4XbE^$ zF{juQPJh$?b}jnX0amS$Qkf%&Oix~}CO{HVi&4ajtls!f2O~i!>A+ogm2@VY3;7-s zA=_=+jZ%6^(bY_;okh{_&%ZlwQa6EP7OB$N+iO2ba(^C_TirN2UWkYn@9th + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + SSLRequireSSL + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %docroot% + + + AllowOverride All + + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/15.04/templates/web/apache2/basedir.tpl b/install/ubuntu/15.04/templates/web/apache2/basedir.tpl new file mode 100755 index 000000000..75daf0e10 --- /dev/null +++ b/install/ubuntu/15.04/templates/web/apache2/basedir.tpl @@ -0,0 +1,35 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value open_basedir %docroot% + + + AllowOverride All + + + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/15.04/templates/web/apache2/default.stpl b/install/ubuntu/15.04/templates/web/apache2/default.stpl new file mode 100755 index 000000000..e884a95b9 --- /dev/null +++ b/install/ubuntu/15.04/templates/web/apache2/default.stpl @@ -0,0 +1,40 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + SSLRequireSSL + Options +Includes -Indexes +ExecCGI + + + AllowOverride All + + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/15.04/templates/web/apache2/default.tpl b/install/ubuntu/15.04/templates/web/apache2/default.tpl new file mode 100755 index 000000000..073724ce0 --- /dev/null +++ b/install/ubuntu/15.04/templates/web/apache2/default.tpl @@ -0,0 +1,34 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes +ExecCGI + + + AllowOverride All + + + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/15.04/templates/web/apache2/hosting.stpl b/install/ubuntu/15.04/templates/web/apache2/hosting.stpl new file mode 100755 index 000000000..7a5d7787f --- /dev/null +++ b/install/ubuntu/15.04/templates/web/apache2/hosting.stpl @@ -0,0 +1,49 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + SSLRequireSSL + Options +Includes -Indexes +ExecCGI + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value upload_max_filesize 10M + php_admin_value max_execution_time 20 + php_admin_value post_max_size 8M + php_admin_value memory_limit 32M + php_admin_flag mysql.allow_persistent off + php_admin_flag safe_mode off + php_admin_value session.save_path %home%/%user%/tmp + php_admin_value sendmail_path '/usr/sbin/sendmail -t -i -f %email%' + + + AllowOverride All + + php_admin_value open_basedir %home%/%user%/web:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/15.04/templates/web/apache2/hosting.tpl b/install/ubuntu/15.04/templates/web/apache2/hosting.tpl new file mode 100755 index 000000000..ab844dc74 --- /dev/null +++ b/install/ubuntu/15.04/templates/web/apache2/hosting.tpl @@ -0,0 +1,43 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + #SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes +ExecCGI + php_admin_value upload_tmp_dir %home%/%user%/tmp + php_admin_value upload_max_filesize 10M + php_admin_value max_execution_time 20 + php_admin_value post_max_size 8M + php_admin_value memory_limit 32M + php_admin_flag mysql.allow_persistent off + php_admin_flag safe_mode off + php_admin_value session.save_path %home%/%user%/tmp + php_admin_value sendmail_path '/usr/sbin/sendmail -t -i -f %email%' + + + AllowOverride All + + php_admin_value open_basedir %home%/%user%/web:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube + + RMode config + RUidGid %user% %group% + RGroups www-data + + + AssignUserID %user% %group% + + + IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/15.04/templates/web/apache2/phpcgi.sh b/install/ubuntu/15.04/templates/web/apache2/phpcgi.sh new file mode 100755 index 000000000..6565e103d --- /dev/null +++ b/install/ubuntu/15.04/templates/web/apache2/phpcgi.sh @@ -0,0 +1,16 @@ +#!/bin/bash +# Adding php wrapper +user="$1" +domain="$2" +ip="$3" +home_dir="$4" +docroot="$5" + +wrapper_script='#!/usr/bin/php-cgi -cphp5-cgi.ini' +wrapper_file="$home_dir/$user/web/$domain/cgi-bin/php" + +echo "$wrapper_script" > $wrapper_file +chown $user:$user $wrapper_file +chmod -f 751 $wrapper_file + +exit 0 diff --git a/install/ubuntu/15.04/templates/web/apache2/phpcgi.stpl b/install/ubuntu/15.04/templates/web/apache2/phpcgi.stpl new file mode 100755 index 000000000..aa5137308 --- /dev/null +++ b/install/ubuntu/15.04/templates/web/apache2/phpcgi.stpl @@ -0,0 +1,35 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + SSLRequireSSL + AllowOverride All + Options +Includes -Indexes +ExecCGI + Action phpcgi-script /cgi-bin/php + + SetHandler phpcgi-script + + + + AllowOverride All + + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/15.04/templates/web/apache2/phpcgi.tpl b/install/ubuntu/15.04/templates/web/apache2/phpcgi.tpl new file mode 100755 index 000000000..a05ff252d --- /dev/null +++ b/install/ubuntu/15.04/templates/web/apache2/phpcgi.tpl @@ -0,0 +1,28 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes +ExecCGI + Action phpcgi-script /cgi-bin/php + + SetHandler phpcgi-script + + + + AllowOverride All + + IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/15.04/templates/web/apache2/phpfcgid.sh b/install/ubuntu/15.04/templates/web/apache2/phpfcgid.sh new file mode 100755 index 000000000..e80582492 --- /dev/null +++ b/install/ubuntu/15.04/templates/web/apache2/phpfcgid.sh @@ -0,0 +1,22 @@ +#!/bin/bash +# Adding php wrapper +user="$1" +domain="$2" +ip="$3" +home_dir="$4" +docroot="$5" + +wrapper_script="#!/bin/sh +PHPRC=/usr/local/lib +export PHPRC +export PHP_FCGI_MAX_REQUESTS=1000 +export PHP_FCGI_CHILDREN=20 +exec /usr/bin/php-cgi +" +wrapper_file="$home_dir/$user/web/$domain/cgi-bin/fcgi-starter" + +echo "$wrapper_script" > $wrapper_file +chown $user:$user $wrapper_file +chmod -f 751 $wrapper_file + +exit 0 diff --git a/install/ubuntu/15.04/templates/web/apache2/phpfcgid.stpl b/install/ubuntu/15.04/templates/web/apache2/phpfcgid.stpl new file mode 100755 index 000000000..622495756 --- /dev/null +++ b/install/ubuntu/15.04/templates/web/apache2/phpfcgid.stpl @@ -0,0 +1,36 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %sdocroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + SSLRequireSSL + AllowOverride All + Options +Includes -Indexes +ExecCGI + + SetHandler fcgid-script + + FCGIWrapper %home%/%user%/web/%domain%/cgi-bin/fcgi-starter .php + + + AllowOverride All + + php_admin_value open_basedir none + SSLEngine on + SSLVerifyClient none + SSLCertificateFile %ssl_crt% + SSLCertificateKeyFile %ssl_key% + %ssl_ca_str%SSLCertificateChainFile %ssl_ca% + + IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/15.04/templates/web/apache2/phpfcgid.tpl b/install/ubuntu/15.04/templates/web/apache2/phpfcgid.tpl new file mode 100755 index 000000000..5c1f16e20 --- /dev/null +++ b/install/ubuntu/15.04/templates/web/apache2/phpfcgid.tpl @@ -0,0 +1,28 @@ + + + ServerName %domain_idn% + %alias_string% + ServerAdmin %email% + DocumentRoot %docroot% + ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/ + Alias /vstats/ %home%/%user%/web/%domain%/stats/ + Alias /error/ %home%/%user%/web/%domain%/document_errors/ + SuexecUserGroup %user% %group% + CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes + CustomLog /var/log/%web_system%/domains/%domain%.log combined + ErrorLog /var/log/%web_system%/domains/%domain%.error.log + + AllowOverride All + Options +Includes -Indexes +ExecCGI + + SetHandler fcgid-script + + FCGIWrapper %home%/%user%/web/%domain%/cgi-bin/fcgi-starter .php + + + AllowOverride All + + IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf* + + + diff --git a/install/ubuntu/15.04/templates/web/awstats/awstats.tpl b/install/ubuntu/15.04/templates/web/awstats/awstats.tpl new file mode 100755 index 000000000..9a92e0fd4 --- /dev/null +++ b/install/ubuntu/15.04/templates/web/awstats/awstats.tpl @@ -0,0 +1,133 @@ +LogFile="/var/log/%web_system%/domains/%domain%.log" +LogType=W +LogFormat=1 +LogSeparator=" " +SiteDomain="%domain_idn%" +HostAliases="%alias_idn%" +DirData="%home%/%user%/web/%domain%/stats" +DirCgi="/vstats" +DirIcons="/vstats/icon" +AllowToUpdateStatsFromBrowser=0 +AllowFullYearView=2 +EnableLockForUpdate=1 +DNSStaticCacheFile="dnscache.txt" +DNSLastUpdateCacheFile="dnscachelastupdate.txt" +SkipDNSLookupFor="" +AllowAccessFromWebToAuthenticatedUsersOnly=0 +AllowAccessFromWebToFollowingAuthenticatedUsers="" +AllowAccessFromWebToFollowingIPAddresses="" +CreateDirDataIfNotExists=0 +BuildHistoryFormat=text +BuildReportFormat=html +SaveDatabaseFilesWithPermissionsForEveryone=0 +PurgeLogFile=0 +ArchiveLogRecords=0 +KeepBackupOfHistoricFiles=1 +DefaultFile="index.php index.html" +SkipHosts="127.0.0.1 +SkipUserAgents="" +SkipFiles="" +SkipReferrersBlackList="" +OnlyHosts="" +OnlyUserAgents="" +OnlyUsers="" +OnlyFiles="" +NotPageList="css js class gif jpg jpeg png bmp ico rss xml swf" +ValidHTTPCodes="200 304" +ValidSMTPCodes="1 250" +AuthenticatedUsersNotCaseSensitive=0 +URLNotCaseSensitive=0 +URLWithAnchor=0 +URLQuerySeparators="?;" +URLWithQuery=0 +URLWithQueryWithOnlyFollowingParameters="" +URLWithQueryWithoutFollowingParameters="" +URLReferrerWithQuery=0 +WarningMessages=1 +ErrorMessages="" +DebugMessages=0 +NbOfLinesForCorruptedLog=50 +WrapperScript="" +DecodeUA=0 +MiscTrackerUrl="/js/awstats_misc_tracker.js" +UseFramesWhenCGI=1 +DetailedReportsOnNewWindows=1 +Expires=3600 +MaxRowsInHTMLOutput=1000 +Lang="auto" +DirLang="./lang" +ShowMenu=1 +ShowSummary=UVPHB +ShowMonthStats=UVPHB +ShowDaysOfMonthStats=VPHB +ShowDaysOfWeekStats=PHB +ShowHoursStats=PHB +ShowDomainsStats=PHB +ShowHostsStats=PHBL +ShowAuthenticatedUsers=0 +ShowRobotsStats=HBL +ShowWormsStats=0 +ShowEMailSenders=0 +ShowEMailReceivers=0 +ShowSessionsStats=1 +ShowPagesStats=PBEX +ShowFileTypesStats=HB +ShowFileSizesStats=0 +ShowDownloadsStats=HB +ShowOSStats=1 +ShowBrowsersStats=1 +ShowScreenSizeStats=0 +ShowOriginStats=PH +ShowKeyphrasesStats=1 +ShowKeywordsStats=1 +ShowMiscStats=a +ShowHTTPErrorsStats=1 +ShowSMTPErrorsStats=0 +ShowClusterStats=0 +AddDataArrayMonthStats=1 +AddDataArrayShowDaysOfMonthStats=1 +AddDataArrayShowDaysOfWeekStats=1 +AddDataArrayShowHoursStats=1 +IncludeInternalLinksInOriginSection=0 +MaxNbOfDomain = 10 +MinHitDomain = 1 +MaxNbOfHostsShown = 10 +MinHitHost = 1 +MaxNbOfLoginShown = 10 +MinHitLogin = 1 +MaxNbOfRobotShown = 10 +MinHitRobot = 1 +MaxNbOfDownloadsShown = 10 +MinHitDownloads = 1 +MaxNbOfPageShown = 10 +MinHitFile = 1 +MaxNbOfOsShown = 10 +MinHitOs = 1 +MaxNbOfBrowsersShown = 10 +MinHitBrowser = 1 +MaxNbOfScreenSizesShown = 5 +MinHitScreenSize = 1 +MaxNbOfWindowSizesShown = 5 +MinHitWindowSize = 1 +MaxNbOfRefererShown = 10 +MinHitRefer = 1 +MaxNbOfKeyphrasesShown = 10 +MinHitKeyphrase = 1 +MaxNbOfKeywordsShown = 10 +MinHitKeyword = 1 +MaxNbOfEMailsShown = 20 +MinHitEMail = 1 +FirstDayOfWeek=0 +ShowFlagLinks="" +ShowLinksOnUrl=1 +UseHTTPSLinkForUrl="" +MaxLengthOfShownURL=64 +HTMLHeadSection="" +HTMLEndSection="" +MetaRobot=0 +Logo="awstats_logo6.png" +LogoLink="http://awstats.sourceforge.net" +BarWidth = 260 +BarHeight = 90 +StyleSheet="" +ExtraTrackedRowsLimit=500 diff --git a/install/ubuntu/15.04/templates/web/awstats/index.tpl b/install/ubuntu/15.04/templates/web/awstats/index.tpl new file mode 100755 index 000000000..9df9bb5cb --- /dev/null +++ b/install/ubuntu/15.04/templates/web/awstats/index.tpl @@ -0,0 +1,10 @@ + + + + Awstats log analyzer + + + + + + diff --git a/install/ubuntu/15.04/templates/web/awstats/nav.tpl b/install/ubuntu/15.04/templates/web/awstats/nav.tpl new file mode 100755 index 000000000..f29bed68b --- /dev/null +++ b/install/ubuntu/15.04/templates/web/awstats/nav.tpl @@ -0,0 +1,23 @@ + + + Awstats navigation + + + + + + + + +
vesta
+ +
+
+ + diff --git a/install/ubuntu/15.04/templates/web/nginx/caching.sh b/install/ubuntu/15.04/templates/web/nginx/caching.sh new file mode 100755 index 000000000..6eb9126db --- /dev/null +++ b/install/ubuntu/15.04/templates/web/nginx/caching.sh @@ -0,0 +1,12 @@ +#!/bin/bash + +user=$1 +domain=$2 +ip=$3 +home=$4 +docroot=$5 + +str="proxy_cache_path /var/cache/nginx/$domain levels=2" +str="$str keys_zone=$domain:10m inactive=60m max_size=512m;" +echo "$str" >> /etc/nginx/conf.d/01_caching_pool.conf + diff --git a/install/ubuntu/15.04/templates/web/nginx/caching.stpl b/install/ubuntu/15.04/templates/web/nginx/caching.stpl new file mode 100755 index 000000000..ca6cffe32 --- /dev/null +++ b/install/ubuntu/15.04/templates/web/nginx/caching.stpl @@ -0,0 +1,44 @@ +server { + listen %ip%:%proxy_ssl_port%; + server_name %domain_idn% %alias_idn%; + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass http://%ip%:%web_port%; + + proxy_cache cache; + proxy_cache_valid 15m; + proxy_cache_valid 404 1m; + proxy_no_cache $no_cache; + proxy_cache_bypass $no_cache; + proxy_cache_bypass $cookie_session $http_x_update; + + location ~* ^.+\.(%proxy_extentions%)$ { + proxy_cache off; + root %docroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass http://%ip%:%web_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/15.04/templates/web/nginx/caching.tpl b/install/ubuntu/15.04/templates/web/nginx/caching.tpl new file mode 100755 index 000000000..36761b65c --- /dev/null +++ b/install/ubuntu/15.04/templates/web/nginx/caching.tpl @@ -0,0 +1,41 @@ +server { + listen %ip%:%proxy_port%; + server_name %domain_idn% %alias_idn%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass http://%ip%:%web_port%; + + proxy_cache cache; + proxy_cache_valid 15m; + proxy_cache_valid 404 1m; + proxy_no_cache $no_cache; + proxy_cache_bypass $no_cache; + proxy_cache_bypass $cookie_session $http_x_update; + + location ~* ^.+\.(%proxy_extentions%)$ { + proxy_cache off; + root %docroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass http://%ip%:%web_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/15.04/templates/web/nginx/default.stpl b/install/ubuntu/15.04/templates/web/nginx/default.stpl new file mode 100755 index 000000000..fa5380606 --- /dev/null +++ b/install/ubuntu/15.04/templates/web/nginx/default.stpl @@ -0,0 +1,36 @@ +server { + listen %ip%:%proxy_ssl_port%; + server_name %domain_idn% %alias_idn%; + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass https://%ip%:%web_ssl_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %sdocroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass https://%ip%:%web_ssl_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} + diff --git a/install/ubuntu/15.04/templates/web/nginx/default.tpl b/install/ubuntu/15.04/templates/web/nginx/default.tpl new file mode 100755 index 000000000..4d5c774bc --- /dev/null +++ b/install/ubuntu/15.04/templates/web/nginx/default.tpl @@ -0,0 +1,33 @@ +server { + listen %ip%:%proxy_port%; + server_name %domain_idn% %alias_idn%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass http://%ip%:%web_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %docroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass http://%ip%:%web_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} + diff --git a/install/ubuntu/15.04/templates/web/nginx/hosting.sh b/install/ubuntu/15.04/templates/web/nginx/hosting.sh new file mode 100755 index 000000000..eeed37ef9 --- /dev/null +++ b/install/ubuntu/15.04/templates/web/nginx/hosting.sh @@ -0,0 +1,11 @@ +#!/bin/bash +# Changing public_html permission +user="$1" +domain="$2" +ip="$3" +home_dir="$4" +docroot="$5" + +chmod 755 $docroot + +exit 0 diff --git a/install/ubuntu/15.04/templates/web/nginx/hosting.stpl b/install/ubuntu/15.04/templates/web/nginx/hosting.stpl new file mode 100755 index 000000000..d778d6333 --- /dev/null +++ b/install/ubuntu/15.04/templates/web/nginx/hosting.stpl @@ -0,0 +1,38 @@ +server { + listen %ip%:%proxy_ssl_port%; + server_name %domain_idn% %alias_idn%; + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass https://%ip%:%web_ssl_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %sdocroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass https://%ip%:%web_ssl_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + disable_symlinks if_not_owner from=%docroot%; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} + diff --git a/install/ubuntu/15.04/templates/web/nginx/hosting.tpl b/install/ubuntu/15.04/templates/web/nginx/hosting.tpl new file mode 100755 index 000000000..15961c95c --- /dev/null +++ b/install/ubuntu/15.04/templates/web/nginx/hosting.tpl @@ -0,0 +1,35 @@ +server { + listen %ip%:%proxy_port%; + server_name %domain_idn% %alias_idn%; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + location / { + proxy_pass http://%ip%:%web_port%; + location ~* ^.+\.(%proxy_extentions%)$ { + root %docroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass http://%ip%:%web_port%; + } + + location ~ /\.ht {return 404;} + location ~ /\.svn/ {return 404;} + location ~ /\.git/ {return 404;} + location ~ /\.hg/ {return 404;} + location ~ /\.bzr/ {return 404;} + + disable_symlinks if_not_owner from=%docroot%; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} + diff --git a/install/ubuntu/15.04/templates/web/nginx/php5-fpm/cms_made_simple.stpl b/install/ubuntu/15.04/templates/web/nginx/php5-fpm/cms_made_simple.stpl new file mode 100644 index 000000000..01d82b603 --- /dev/null +++ b/install/ubuntu/15.04/templates/web/nginx/php5-fpm/cms_made_simple.stpl @@ -0,0 +1,51 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php?page=$request_uri; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/15.04/templates/web/nginx/php5-fpm/cms_made_simple.tpl b/install/ubuntu/15.04/templates/web/nginx/php5-fpm/cms_made_simple.tpl new file mode 100644 index 000000000..af452d19f --- /dev/null +++ b/install/ubuntu/15.04/templates/web/nginx/php5-fpm/cms_made_simple.tpl @@ -0,0 +1,47 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php?page=$request_uri; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/15.04/templates/web/nginx/php5-fpm/codeigniter2.stpl b/install/ubuntu/15.04/templates/web/nginx/php5-fpm/codeigniter2.stpl new file mode 100644 index 000000000..a592a652d --- /dev/null +++ b/install/ubuntu/15.04/templates/web/nginx/php5-fpm/codeigniter2.stpl @@ -0,0 +1,56 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location = /index.php { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME /var/www/html/ci$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location ~ \.php$ { + return 444; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/15.04/templates/web/nginx/php5-fpm/codeigniter2.tpl b/install/ubuntu/15.04/templates/web/nginx/php5-fpm/codeigniter2.tpl new file mode 100644 index 000000000..9b955aa6a --- /dev/null +++ b/install/ubuntu/15.04/templates/web/nginx/php5-fpm/codeigniter2.tpl @@ -0,0 +1,52 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location = /index.php { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME /var/www/html/ci$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location ~ \.php$ { + return 444; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/15.04/templates/web/nginx/php5-fpm/codeigniter3.stpl b/install/ubuntu/15.04/templates/web/nginx/php5-fpm/codeigniter3.stpl new file mode 100644 index 000000000..4d330d34f --- /dev/null +++ b/install/ubuntu/15.04/templates/web/nginx/php5-fpm/codeigniter3.stpl @@ -0,0 +1,51 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/15.04/templates/web/nginx/php5-fpm/codeigniter3.tpl b/install/ubuntu/15.04/templates/web/nginx/php5-fpm/codeigniter3.tpl new file mode 100644 index 000000000..1f446e5d3 --- /dev/null +++ b/install/ubuntu/15.04/templates/web/nginx/php5-fpm/codeigniter3.tpl @@ -0,0 +1,47 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/15.04/templates/web/nginx/php5-fpm/datalife_engine.stpl b/install/ubuntu/15.04/templates/web/nginx/php5-fpm/datalife_engine.stpl new file mode 100644 index 000000000..d1b5bcd24 --- /dev/null +++ b/install/ubuntu/15.04/templates/web/nginx/php5-fpm/datalife_engine.stpl @@ -0,0 +1,122 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + rewrite "^/page/([0-9]+)(/?)$" /index.php?cstart=$1 last; + + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&cstart=$5&news_name=$6&seourl=$6 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/print:page,([0-9]+),(.*).html(/?)+$" /engine/print.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_name=$4&seourl=$4 last; + + rewrite "^/([^.]+)/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$4&news_page=$2&cstart=$3&seourl=$5&seocat=$1 last; + rewrite "^/([^.]+)/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$2&seourl=$4&seocat=$1 last; + rewrite "^/([^.]+)/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$2&newsid=$3&seourl=$4&seocat=$1 last; + rewrite "^/([^.]+)/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&seourl=$3&seocat=$1 last; + + rewrite "^/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$1&cstart=$2&seourl=$4 last; + rewrite "^/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&news_page=$1&seourl=$3 last; + rewrite "^/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$1&newsid=$2&seourl=$3 last; + rewrite "^/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$1&seourl=$2 last; + + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2&day=$3 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&day=$3&cstart=$4 last; + + rewrite "^/([0-9]{4})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2 last; + rewrite "^/([0-9]{4})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&cstart=$3 last; + + rewrite "^/([0-9]{4})(/?)+$" /index.php?year=$1 last; + rewrite "^/([0-9]{4})/page/([0-9]+)(/?)+$" /index.php?year=$1&cstart=$2 last; + + rewrite "^/tags/([^/]*)(/?)+$" /index.php?do=tags&tag=$1 last; + rewrite "^/tags/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=tags&tag=$1&cstart=$2 last; + + rewrite "^/xfsearch/([^/]*)(/?)+$" /index.php?do=xfsearch&xf=$1 last; + rewrite "^/xfsearch/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=xfsearch&xf=$1&cstart=$2 last; + + rewrite "^/user/([^/]*)/rss.xml$" /engine/rss.php?subaction=allnews&user=$1 last; + rewrite "^/user/([^/]*)(/?)+$" /index.php?subaction=userinfo&user=$1 last; + rewrite "^/user/([^/]*)/page/([0-9]+)(/?)+$" /index.php?subaction=userinfo&user=$1&cstart=$2 last; + rewrite "^/user/([^/]*)/news(/?)+$" /index.php?subaction=allnews&user=$1 last; + rewrite "^/user/([^/]*)/news/page/([0-9]+)(/?)+$" /index.php?subaction=allnews&user=$1&cstart=$2 last; + rewrite "^/user/([^/]*)/news/rss.xml(/?)+$" /engine/rss.php?subaction=allnews&user=$1 last; + + rewrite "^/lastnews(/?)+$" /index.php?do=lastnews last; + rewrite "^/lastnews/page/([0-9]+)(/?)+$" /index.php?do=lastnews&cstart=$1 last; + + rewrite "^/catalog/([^/]*)/rss.xml$" /engine/rss.php?catalog=$1 last; + rewrite "^/catalog/([^/]*)(/?)+$" /index.php?catalog=$1 last; + rewrite "^/catalog/([^/]*)/page/([0-9]+)(/?)+$" /index.php?catalog=$1&cstart=$2 last; + + rewrite "^/newposts(/?)+$" /index.php?subaction=newposts last; + rewrite "^/newposts/page/([0-9]+)(/?)+$" /index.php?subaction=newposts&cstart=$1 last; + + rewrite "^/favorites(/?)+$" /index.php?do=favorites last; + rewrite "^/favorites/page/([0-9]+)(/?)+$" /index.php?do=favorites&cstart=$1 last; + + rewrite "^/rules.html$" /index.php?do=rules last; + rewrite "^/statistics.html$" /index.php?do=stats last; + rewrite "^/addnews.html$" /index.php?do=addnews last; + rewrite "^/rss.xml$" /engine/rss.php last; + rewrite "^/sitemap.xml$" /uploads/sitemap.xml last; + + if (!-d $request_filename) { + rewrite "^/([^.]+)/page/([0-9]+)(/?)+$" /index.php?do=cat&category=$1&cstart=$2 last; + rewrite "^/([^.]+)/?$" /index.php?do=cat&category=$1 last; + } + + if (!-f $request_filename) { + rewrite "^/([^.]+)/rss.xml$" /engine/rss.php?do=cat&category=$1 last; + rewrite "^/page,([0-9]+),([^/]+).html$" /index.php?do=static&page=$2&news_page=$1 last; + rewrite "^/print:([^/]+).html$" /engine/print.php?do=static&page=$1 last; + } + + if (!-f $request_filename) { + rewrite "^/([^/]+).html$" /index.php?do=static&page=$1 last; + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/15.04/templates/web/nginx/php5-fpm/datalife_engine.tpl b/install/ubuntu/15.04/templates/web/nginx/php5-fpm/datalife_engine.tpl new file mode 100644 index 000000000..ff33c2325 --- /dev/null +++ b/install/ubuntu/15.04/templates/web/nginx/php5-fpm/datalife_engine.tpl @@ -0,0 +1,118 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + rewrite "^/page/([0-9]+)(/?)$" /index.php?cstart=$1 last; + + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&cstart=$5&news_name=$6&seourl=$6 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/print:page,([0-9]+),(.*).html(/?)+$" /engine/print.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_name=$4&seourl=$4 last; + + rewrite "^/([^.]+)/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$4&news_page=$2&cstart=$3&seourl=$5&seocat=$1 last; + rewrite "^/([^.]+)/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$2&seourl=$4&seocat=$1 last; + rewrite "^/([^.]+)/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$2&newsid=$3&seourl=$4&seocat=$1 last; + rewrite "^/([^.]+)/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&seourl=$3&seocat=$1 last; + + rewrite "^/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$1&cstart=$2&seourl=$4 last; + rewrite "^/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&news_page=$1&seourl=$3 last; + rewrite "^/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$1&newsid=$2&seourl=$3 last; + rewrite "^/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$1&seourl=$2 last; + + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2&day=$3 last; + rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&day=$3&cstart=$4 last; + + rewrite "^/([0-9]{4})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2 last; + rewrite "^/([0-9]{4})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&cstart=$3 last; + + rewrite "^/([0-9]{4})(/?)+$" /index.php?year=$1 last; + rewrite "^/([0-9]{4})/page/([0-9]+)(/?)+$" /index.php?year=$1&cstart=$2 last; + + rewrite "^/tags/([^/]*)(/?)+$" /index.php?do=tags&tag=$1 last; + rewrite "^/tags/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=tags&tag=$1&cstart=$2 last; + + rewrite "^/xfsearch/([^/]*)(/?)+$" /index.php?do=xfsearch&xf=$1 last; + rewrite "^/xfsearch/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=xfsearch&xf=$1&cstart=$2 last; + + rewrite "^/user/([^/]*)/rss.xml$" /engine/rss.php?subaction=allnews&user=$1 last; + rewrite "^/user/([^/]*)(/?)+$" /index.php?subaction=userinfo&user=$1 last; + rewrite "^/user/([^/]*)/page/([0-9]+)(/?)+$" /index.php?subaction=userinfo&user=$1&cstart=$2 last; + rewrite "^/user/([^/]*)/news(/?)+$" /index.php?subaction=allnews&user=$1 last; + rewrite "^/user/([^/]*)/news/page/([0-9]+)(/?)+$" /index.php?subaction=allnews&user=$1&cstart=$2 last; + rewrite "^/user/([^/]*)/news/rss.xml(/?)+$" /engine/rss.php?subaction=allnews&user=$1 last; + + rewrite "^/lastnews(/?)+$" /index.php?do=lastnews last; + rewrite "^/lastnews/page/([0-9]+)(/?)+$" /index.php?do=lastnews&cstart=$1 last; + + rewrite "^/catalog/([^/]*)/rss.xml$" /engine/rss.php?catalog=$1 last; + rewrite "^/catalog/([^/]*)(/?)+$" /index.php?catalog=$1 last; + rewrite "^/catalog/([^/]*)/page/([0-9]+)(/?)+$" /index.php?catalog=$1&cstart=$2 last; + + rewrite "^/newposts(/?)+$" /index.php?subaction=newposts last; + rewrite "^/newposts/page/([0-9]+)(/?)+$" /index.php?subaction=newposts&cstart=$1 last; + + rewrite "^/favorites(/?)+$" /index.php?do=favorites last; + rewrite "^/favorites/page/([0-9]+)(/?)+$" /index.php?do=favorites&cstart=$1 last; + + rewrite "^/rules.html$" /index.php?do=rules last; + rewrite "^/statistics.html$" /index.php?do=stats last; + rewrite "^/addnews.html$" /index.php?do=addnews last; + rewrite "^/rss.xml$" /engine/rss.php last; + rewrite "^/sitemap.xml$" /uploads/sitemap.xml last; + + if (!-d $request_filename) { + rewrite "^/([^.]+)/page/([0-9]+)(/?)+$" /index.php?do=cat&category=$1&cstart=$2 last; + rewrite "^/([^.]+)/?$" /index.php?do=cat&category=$1 last; + } + + if (!-f $request_filename) { + rewrite "^/([^.]+)/rss.xml$" /engine/rss.php?do=cat&category=$1 last; + rewrite "^/page,([0-9]+),([^/]+).html$" /index.php?do=static&page=$2&news_page=$1 last; + rewrite "^/print:([^/]+).html$" /engine/print.php?do=static&page=$1 last; + } + + if (!-f $request_filename) { + rewrite "^/([^/]+).html$" /index.php?do=static&page=$1 last; + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/15.04/templates/web/nginx/php5-fpm/default.stpl b/install/ubuntu/15.04/templates/web/nginx/php5-fpm/default.stpl new file mode 100644 index 000000000..a68c99861 --- /dev/null +++ b/install/ubuntu/15.04/templates/web/nginx/php5-fpm/default.stpl @@ -0,0 +1,50 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %sdocroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/snginx.%domain%.conf*; +} diff --git a/install/ubuntu/15.04/templates/web/nginx/php5-fpm/default.tpl b/install/ubuntu/15.04/templates/web/nginx/php5-fpm/default.tpl new file mode 100644 index 000000000..b143e53ba --- /dev/null +++ b/install/ubuntu/15.04/templates/web/nginx/php5-fpm/default.tpl @@ -0,0 +1,46 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/15.04/templates/web/nginx/php5-fpm/dokuwiki.stpl b/install/ubuntu/15.04/templates/web/nginx/php5-fpm/dokuwiki.stpl new file mode 100644 index 000000000..27483cd8c --- /dev/null +++ b/install/ubuntu/15.04/templates/web/nginx/php5-fpm/dokuwiki.stpl @@ -0,0 +1,67 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + index doku.php; + try_files $uri $uri/ @dokuwiki; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location ^~ /lib/ { + expires 30d; + } + + location ^~ /conf/ { return 403; } + location ^~ /data/ { return 403; } + + location @dokuwiki { + rewrite ^/_media/(.*) /lib/exe/fetch.php?media=$1 last; + rewrite ^/_detail/(.*) /lib/exe/detail.php?media=$1 last; + rewrite ^/_export/([^/]+)/(.*) /doku.php?do=export_$1&id=$2 last; + rewrite ^/(.*) /doku.php?id=$1 last; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/15.04/templates/web/nginx/php5-fpm/dokuwiki.tpl b/install/ubuntu/15.04/templates/web/nginx/php5-fpm/dokuwiki.tpl new file mode 100644 index 000000000..31647c9ff --- /dev/null +++ b/install/ubuntu/15.04/templates/web/nginx/php5-fpm/dokuwiki.tpl @@ -0,0 +1,62 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + index doku.php; + try_files $uri $uri/ @dokuwiki; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location ^~ /lib/ { + expires 30d; + } + + location ^~ /conf/ { return 403; } + location ^~ /data/ { return 403; } + location @dokuwiki { + rewrite ^/_media/(.*) /lib/exe/fetch.php?media=$1 last; + rewrite ^/_detail/(.*) /lib/exe/detail.php?media=$1 last; + rewrite ^/_export/([^/]+)/(.*) /doku.php?do=export_$1&id=$2 last; + rewrite ^/(.*) /doku.php?id=$1 last; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/15.04/templates/web/nginx/php5-fpm/drupal.stpl b/install/ubuntu/15.04/templates/web/nginx/php5-fpm/drupal.stpl new file mode 100644 index 000000000..9a5484396 --- /dev/null +++ b/install/ubuntu/15.04/templates/web/nginx/php5-fpm/drupal.stpl @@ -0,0 +1,101 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~* \.(txt|log)$ { + allow 192.168.0.0/16; + deny all; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + # No no for private + location ~ ^/sites/.*/private/ { + return 403; + } + + # Block access to "hidden" files and directories whose names begin with a + # period. This includes directories used by version control systems such + # as Subversion or Git to store control files. + location ~ (^|/)\. { + return 403; + } + + location / { + try_files $uri @rewrite; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $request_filename; + fastcgi_intercept_errors on; + include /etc/nginx/fastcgi_params; + } + } + + location @rewrite { + # You have 2 options here + # For D7 and above: + # Clean URLs are handled in drupal_environment_initialize(). + rewrite ^ /index.php; + + # For Drupal 6 and bwlow: + # Some modules enforce no slash (/) at the end of the URL + # Else this rewrite block wouldn't be needed (GlobalRedirect) + #rewrite ^/(.*)$ /index.php?q=$1; + } + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/15.04/templates/web/nginx/php5-fpm/drupal.tpl b/install/ubuntu/15.04/templates/web/nginx/php5-fpm/drupal.tpl new file mode 100644 index 000000000..417762c18 --- /dev/null +++ b/install/ubuntu/15.04/templates/web/nginx/php5-fpm/drupal.tpl @@ -0,0 +1,98 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + # Very rarely should these ever be accessed outside of your lan + location ~* \.(txt|log)$ { + allow 192.168.0.0/16; + deny all; + } + + location ~ \..*/.*\.php$ { + return 403; + } + + # No no for private + location ~ ^/sites/.*/private/ { + return 403; + } + + # Block access to "hidden" files and directories whose names begin with a + # period. This includes directories used by version control systems such + # as Subversion or Git to store control files. + location ~ (^|/)\. { + return 403; + } + + location / { + try_files $uri @rewrite; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $request_filename; + fastcgi_intercept_errors on; + include /etc/nginx/fastcgi_params; + } + } + + location @rewrite { + # You have 2 options here + # For D7 and above: + # Clean URLs are handled in drupal_environment_initialize(). + rewrite ^ /index.php; + + # For Drupal 6 and bwlow: + # Some modules enforce no slash (/) at the end of the URL + # Else this rewrite block wouldn't be needed (GlobalRedirect) + #rewrite ^/(.*)$ /index.php?q=$1; + } + + location ~ ^/sites/.*/files/styles/ { + try_files $uri @rewrite; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/15.04/templates/web/nginx/php5-fpm/joomla.stpl b/install/ubuntu/15.04/templates/web/nginx/php5-fpm/joomla.stpl new file mode 100644 index 000000000..235a01216 --- /dev/null +++ b/install/ubuntu/15.04/templates/web/nginx/php5-fpm/joomla.stpl @@ -0,0 +1,58 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + try_files $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + # deny running scripts inside writable directories + location ~* /(images|cache|media|logs|tmp)/.*\.(php|pl|py|jsp|asp|sh|cgi)$ { + return 403; + error_page 403 /403_error.html; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/15.04/templates/web/nginx/php5-fpm/joomla.tpl b/install/ubuntu/15.04/templates/web/nginx/php5-fpm/joomla.tpl new file mode 100644 index 000000000..997c268de --- /dev/null +++ b/install/ubuntu/15.04/templates/web/nginx/php5-fpm/joomla.tpl @@ -0,0 +1,54 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + try_files $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + # deny running scripts inside writable directories + location ~* /(images|cache|media|logs|tmp)/.*\.(php|pl|py|jsp|asp|sh|cgi)$ { + return 403; + error_page 403 /403_error.html; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/15.04/templates/web/nginx/php5-fpm/owncloud.stpl b/install/ubuntu/15.04/templates/web/nginx/php5-fpm/owncloud.stpl new file mode 100644 index 000000000..8311ca43f --- /dev/null +++ b/install/ubuntu/15.04/templates/web/nginx/php5-fpm/owncloud.stpl @@ -0,0 +1,80 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect; + rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect; + rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect; + + error_page 403 = /core/templates/403.php; + error_page 404 = /core/templates/404.php; + + location ~ ^/(?:\.htaccess|data|config|db_structure\.xml|README){ + deny all; + } + + location / { + # The following 2 rules are only needed with webfinger + rewrite ^/.well-known/host-meta /public.php?service=host-meta last; + rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last; + rewrite ^/.well-known/carddav /remote.php/carddav/ redirect; + rewrite ^/.well-known/caldav /remote.php/caldav/ redirect; + rewrite ^(/core/doc/[^\/]+/)$ $1/index.html; + try_files $uri $uri/ /index.php; + + location ~ \.php(?:$|/) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param PATH_INFO $fastcgi_path_info; + #fastcgi_param HTTPS on; + fastcgi_pass %backend_lsnr%; + } + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + # Some basic cache-control for static files to be sent to the browser + add_header Pragma public; + add_header Cache-Control "public, must-revalidate, proxy-revalidate"; + } + + #error_page 403 /error/404.html; + #error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/15.04/templates/web/nginx/php5-fpm/owncloud.tpl b/install/ubuntu/15.04/templates/web/nginx/php5-fpm/owncloud.tpl new file mode 100644 index 000000000..57cac2f85 --- /dev/null +++ b/install/ubuntu/15.04/templates/web/nginx/php5-fpm/owncloud.tpl @@ -0,0 +1,76 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect; + rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect; + rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect; + + error_page 403 = /core/templates/403.php; + error_page 404 = /core/templates/404.php; + + location ~ ^/(?:\.htaccess|data|config|db_structure\.xml|README){ + deny all; + } + + location / { + # The following 2 rules are only needed with webfinger + rewrite ^/.well-known/host-meta /public.php?service=host-meta last; + rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last; + rewrite ^/.well-known/carddav /remote.php/carddav/ redirect; + rewrite ^/.well-known/caldav /remote.php/caldav/ redirect; + rewrite ^(/core/doc/[^\/]+/)$ $1/index.html; + try_files $uri $uri/ /index.php; + + location ~ \.php(?:$|/) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param PATH_INFO $fastcgi_path_info; + #fastcgi_param HTTPS on; + fastcgi_pass %backend_lsnr%; + } + } + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + # Some basic cache-control for static files to be sent to the browser + add_header Pragma public; + add_header Cache-Control "public, must-revalidate, proxy-revalidate"; + } + + #error_page 403 /error/404.html; + #error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/15.04/templates/web/nginx/php5-fpm/piwik.stpl b/install/ubuntu/15.04/templates/web/nginx/php5-fpm/piwik.stpl new file mode 100644 index 000000000..c53af4011 --- /dev/null +++ b/install/ubuntu/15.04/templates/web/nginx/php5-fpm/piwik.stpl @@ -0,0 +1,68 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + try_files /favicon.ico =204; + } + + location / { + try_files $uri /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + valid_referers none blocked %domain_idn% %alias_idn%; + if ($invalid_referer) { + return 444; + } + expires max; + } + + location ~* ^/(?:index|piwik)\.php$ { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + # Any other attempt to access PHP files returns a 404. + location ~* ^.+\.php$ { + return 404; + } + + # Return a 404 for all text files. + location ~* ^/(?:README|LICENSE[^.]*|LEGALNOTICE)(?:\.txt)*$ { + return 404; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/15.04/templates/web/nginx/php5-fpm/piwik.tpl b/install/ubuntu/15.04/templates/web/nginx/php5-fpm/piwik.tpl new file mode 100644 index 000000000..6b4a94a68 --- /dev/null +++ b/install/ubuntu/15.04/templates/web/nginx/php5-fpm/piwik.tpl @@ -0,0 +1,64 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + try_files /favicon.ico =204; + } + + location / { + try_files $uri /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + valid_referers none blocked %domain_idn% %alias_idn%; + if ($invalid_referer) { + return 444; + } + expires max; + } + + location ~* ^/(?:index|piwik)\.php$ { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + include /etc/nginx/fastcgi_params; + } + } + + # Any other attempt to access PHP files returns a 404. + location ~* ^.+\.php$ { + return 404; + } + + # Return a 404 for all text files. + location ~* ^/(?:README|LICENSE[^.]*|LEGALNOTICE)(?:\.txt)*$ { + return 404; + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/15.04/templates/web/nginx/php5-fpm/pyrocms.stpl b/install/ubuntu/15.04/templates/web/nginx/php5-fpm/pyrocms.stpl new file mode 100644 index 000000000..a6fc67556 --- /dev/null +++ b/install/ubuntu/15.04/templates/web/nginx/php5-fpm/pyrocms.stpl @@ -0,0 +1,61 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location /installer { + try_files $uri $uri/ /installer/index.php; + } + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location = /robots.txt { access_log off; log_not_found off; } + location = /favicon.ico { access_log off; log_not_found off; } + location ~ /\. { access_log off; log_not_found off; deny all; } + location ~ ~$ { access_log off; log_not_found off; deny all; } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/15.04/templates/web/nginx/php5-fpm/pyrocms.tpl b/install/ubuntu/15.04/templates/web/nginx/php5-fpm/pyrocms.tpl new file mode 100644 index 000000000..68b378efd --- /dev/null +++ b/install/ubuntu/15.04/templates/web/nginx/php5-fpm/pyrocms.tpl @@ -0,0 +1,57 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location /installer { + try_files $uri $uri/ /installer/index.php; + } + + location / { + try_files $uri $uri/ /index.php; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include /etc/nginx/fastcgi_params; + } + } + + location = /robots.txt { access_log off; log_not_found off; } + location = /favicon.ico { access_log off; log_not_found off; } + location ~ /\. { access_log off; log_not_found off; deny all; } + location ~ ~$ { access_log off; log_not_found off; deny all; } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/15.04/templates/web/nginx/php5-fpm/wordpress.stpl b/install/ubuntu/15.04/templates/web/nginx/php5-fpm/wordpress.stpl new file mode 100644 index 000000000..910c28b69 --- /dev/null +++ b/install/ubuntu/15.04/templates/web/nginx/php5-fpm/wordpress.stpl @@ -0,0 +1,50 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location / { + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/15.04/templates/web/nginx/php5-fpm/wordpress.tpl b/install/ubuntu/15.04/templates/web/nginx/php5-fpm/wordpress.tpl new file mode 100644 index 000000000..b143e53ba --- /dev/null +++ b/install/ubuntu/15.04/templates/web/nginx/php5-fpm/wordpress.tpl @@ -0,0 +1,46 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location / { + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/15.04/templates/web/nginx/php5-fpm/wordpress2.stpl b/install/ubuntu/15.04/templates/web/nginx/php5-fpm/wordpress2.stpl new file mode 100644 index 000000000..2822f8754 --- /dev/null +++ b/install/ubuntu/15.04/templates/web/nginx/php5-fpm/wordpress2.stpl @@ -0,0 +1,62 @@ +server { + listen %ip%:%web_ssl_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + ssl on; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/15.04/templates/web/nginx/php5-fpm/wordpress2.tpl b/install/ubuntu/15.04/templates/web/nginx/php5-fpm/wordpress2.tpl new file mode 100644 index 000000000..37b8be305 --- /dev/null +++ b/install/ubuntu/15.04/templates/web/nginx/php5-fpm/wordpress2.tpl @@ -0,0 +1,58 @@ +server { + listen %ip%:%web_port%; + server_name %domain_idn% %alias_idn%; + root %docroot%; + index index.php index.html index.htm; + access_log /var/log/nginx/domains/%domain%.log combined; + access_log /var/log/nginx/domains/%domain%.bytes bytes; + error_log /var/log/nginx/domains/%domain%.error.log error; + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location / { + try_files $uri $uri/ /index.php?$args; + + location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { + expires max; + } + + location ~ [^/]\.php(/|$) { + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + if (!-f $document_root$fastcgi_script_name) { + return 404; + } + + fastcgi_pass %backend_lsnr%; + fastcgi_index index.php; + include /etc/nginx/fastcgi_params; + } + } + + error_page 403 /error/404.html; + error_page 404 /error/404.html; + error_page 500 502 503 504 /error/50x.html; + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location ~* "/\.(htaccess|htpasswd)$" { + deny all; + return 404; + } + + include /etc/nginx/conf.d/phpmyadmin.inc*; + include /etc/nginx/conf.d/phppgadmin.inc*; + include /etc/nginx/conf.d/webmail.inc*; + + include %home%/%user%/conf/web/nginx.%domain%.conf*; +} diff --git a/install/ubuntu/15.04/templates/web/nginx/proxy_ip.tpl b/install/ubuntu/15.04/templates/web/nginx/proxy_ip.tpl new file mode 100755 index 000000000..ae1956173 --- /dev/null +++ b/install/ubuntu/15.04/templates/web/nginx/proxy_ip.tpl @@ -0,0 +1,9 @@ +server { + listen %ip%:%proxy_port% default; + server_name _; + #access_log /var/log/nginx/%ip%.log main; + location / { + proxy_pass http://%ip%:%web_port%; + } +} + diff --git a/install/ubuntu/15.04/templates/web/php5-fpm/default.tpl b/install/ubuntu/15.04/templates/web/php5-fpm/default.tpl new file mode 100644 index 000000000..44ccf7a42 --- /dev/null +++ b/install/ubuntu/15.04/templates/web/php5-fpm/default.tpl @@ -0,0 +1,18 @@ +[%backend%] +listen = 127.0.0.1:%backend_port% +listen.allowed_clients = 127.0.0.1 + +user = %user% +group = %user% + +pm = dynamic +pm.max_children = 50 +pm.start_servers = 3 +pm.min_spare_servers = 2 +pm.max_spare_servers = 10 + +env[HOSTNAME] = $HOSTNAME +env[PATH] = /usr/local/bin:/usr/bin:/bin +env[TMP] = /tmp +env[TMPDIR] = /tmp +env[TEMP] = /tmp diff --git a/install/ubuntu/15.04/templates/web/php5-fpm/no-php.tpl b/install/ubuntu/15.04/templates/web/php5-fpm/no-php.tpl new file mode 100644 index 000000000..89487d5f5 --- /dev/null +++ b/install/ubuntu/15.04/templates/web/php5-fpm/no-php.tpl @@ -0,0 +1,13 @@ +#[%backend%] +#user = %user% +#group = %user% +#listen = /dev/null + +#listen.owner = %user% +#listen.group = nginx + +#pm = dynamic +#pm.max_children = 50 +#pm.start_servers = 3 +#pm.min_spare_servers = 2 +#pm.max_spare_servers = 10 diff --git a/install/ubuntu/15.04/templates/web/php5-fpm/socket.tpl b/install/ubuntu/15.04/templates/web/php5-fpm/socket.tpl new file mode 100644 index 000000000..f0513da3e --- /dev/null +++ b/install/ubuntu/15.04/templates/web/php5-fpm/socket.tpl @@ -0,0 +1,21 @@ +[%backend%] +listen = /var/run/php5-%backend%.sock +listen.allowed_clients = 127.0.0.1 + +user = %user% +group = %user% + +listen.owner = %user% +listen.group = nginx + +pm = dynamic +pm.max_children = 50 +pm.start_servers = 3 +pm.min_spare_servers = 2 +pm.max_spare_servers = 10 + +env[HOSTNAME] = $HOSTNAME +env[PATH] = /usr/local/bin:/usr/bin:/bin +env[TMP] = /tmp +env[TMPDIR] = /tmp +env[TEMP] = /tmp diff --git a/install/ubuntu/15.04/templates/web/skel/document_errors/403.html b/install/ubuntu/15.04/templates/web/skel/document_errors/403.html new file mode 100755 index 000000000..9c3f6baab --- /dev/null +++ b/install/ubuntu/15.04/templates/web/skel/document_errors/403.html @@ -0,0 +1,29 @@ + + + 403 — Forbidden + + + + + + +

%domain%

+ +

403

+

Forbidden

+
+ Unfortunately, you do not have permission to view this +
+ + + diff --git a/install/ubuntu/15.04/templates/web/skel/document_errors/404.html b/install/ubuntu/15.04/templates/web/skel/document_errors/404.html new file mode 100755 index 000000000..2cee77084 --- /dev/null +++ b/install/ubuntu/15.04/templates/web/skel/document_errors/404.html @@ -0,0 +1,28 @@ + + + 404 — Not Found + + + + + + +

%domain%

+

404

+

Page Not Found

+
+ It seems that the page you were trying to reach does not exist anymore, or maybe it has just moved. + You can start again from the home or go back to previous page. +
+ + diff --git a/install/ubuntu/15.04/templates/web/skel/document_errors/50x.html b/install/ubuntu/15.04/templates/web/skel/document_errors/50x.html new file mode 100755 index 000000000..85ba648b7 --- /dev/null +++ b/install/ubuntu/15.04/templates/web/skel/document_errors/50x.html @@ -0,0 +1,29 @@ + + + 500 — Internal Sever Error + + + + + + +

%domain%

+ +

500

+

Internal Server Error

+
+ Sorry, something went wrong :( +
+ + + diff --git a/install/ubuntu/15.04/templates/web/skel/public_html/index.html b/install/ubuntu/15.04/templates/web/skel/public_html/index.html new file mode 100755 index 000000000..4f5bb7244 --- /dev/null +++ b/install/ubuntu/15.04/templates/web/skel/public_html/index.html @@ -0,0 +1,26 @@ + + + %domain% — Coming Soon + + + + + + +

%domain%

+ + + + + diff --git a/install/ubuntu/15.04/templates/web/skel/public_html/robots.txt b/install/ubuntu/15.04/templates/web/skel/public_html/robots.txt new file mode 100755 index 000000000..00ee83dcf --- /dev/null +++ b/install/ubuntu/15.04/templates/web/skel/public_html/robots.txt @@ -0,0 +1,3 @@ +# vestacp autogenerated robots.txt +User-agent: * +Crawl-delay: 10 diff --git a/install/ubuntu/15.04/templates/web/skel/public_shtml/index.html b/install/ubuntu/15.04/templates/web/skel/public_shtml/index.html new file mode 100755 index 000000000..4f5bb7244 --- /dev/null +++ b/install/ubuntu/15.04/templates/web/skel/public_shtml/index.html @@ -0,0 +1,26 @@ + + + %domain% — Coming Soon + + + + + + +

%domain%

+ + + + + diff --git a/install/ubuntu/15.04/templates/web/skel/public_shtml/robots.txt b/install/ubuntu/15.04/templates/web/skel/public_shtml/robots.txt new file mode 100755 index 000000000..00ee83dcf --- /dev/null +++ b/install/ubuntu/15.04/templates/web/skel/public_shtml/robots.txt @@ -0,0 +1,3 @@ +# vestacp autogenerated robots.txt +User-agent: * +Crawl-delay: 10 diff --git a/install/ubuntu/15.04/templates/web/suspend/.htaccess b/install/ubuntu/15.04/templates/web/suspend/.htaccess new file mode 100755 index 000000000..5a6df83fb --- /dev/null +++ b/install/ubuntu/15.04/templates/web/suspend/.htaccess @@ -0,0 +1,2 @@ +ErrorDocument 403 /index.html +ErrorDocument 404 /index.html diff --git a/install/ubuntu/15.04/templates/web/suspend/index.html b/install/ubuntu/15.04/templates/web/suspend/index.html new file mode 100755 index 000000000..9d4fa67b3 --- /dev/null +++ b/install/ubuntu/15.04/templates/web/suspend/index.html @@ -0,0 +1,27 @@ + + + SUSPEND + + + + + + +

SUSPEND

+

This site has been suspended

+
+ Please contact technical support departament. +
+ + + diff --git a/install/ubuntu/15.04/templates/web/webalizer/webalizer.tpl b/install/ubuntu/15.04/templates/web/webalizer/webalizer.tpl new file mode 100755 index 000000000..068adcfb9 --- /dev/null +++ b/install/ubuntu/15.04/templates/web/webalizer/webalizer.tpl @@ -0,0 +1,110 @@ +HostName %domain_idn% +LogFile /var/log/%web_system%/domains/%domain%.log +OutputDir %home%/%user%/web/%domain%/stats +HistoryName %home%/%user%/web/%domain%/stats/%domain%.hist +Incremental yes +IncrementalName %home%/%user%/web/%domain%/stats/%domain%.current +PageType htm* +PageType cgi +PageType php +PageType shtml +DNSCache /var/lib/webalizer/dns_cache.db +DNSChildren 10 +Quiet yes +FoldSeqErr yes +IndexAlias index.php +HideURL *.gif +HideURL *.GIF +HideURL *.jpg +HideURL *.JPG +HideURL *.png +HideURL *.PNG +HideURL *.ra +SearchEngine abcsearch. terms= +SearchEngine alexa. q= +SearchEngine alltheweb. q= +SearchEngine alltheweb. query= +SearchEngine alot. q= +SearchEngine altavista. q= +SearchEngine aolsearch. query= +SearchEngine aport.ru r= +SearchEngine ask. q= +SearchEngine atlas.cz q= +SearchEngine bbc. q= +SearchEngine bing. q= +SearchEngine blingo. q= +SearchEngine blogs.yandex.ru text= +SearchEngine btopenworld query= +SearchEngine buscador.ya.com q= +SearchEngine busca. q= +SearchEngine business. query= +SearchEngine centrum.cz q= +SearchEngine chiff. q= +SearchEngine clusty. query= +SearchEngine comcast. q= +SearchEngine crawler. q= +SearchEngine cuil. q= +SearchEngine dmoz. search= +SearchEngine dogpile.com q= +SearchEngine dpxml qkw= +SearchEngine eureka. searchword= +SearchEngine euroseek. string= +SearchEngine exalead. q= +SearchEngine excite search= +SearchEngine ezilon. q= +SearchEngine fastbrowsersearch. q= +SearchEngine feedster.com q= +SearchEngine fireball.de q= +SearchEngine fireball. keyword= +SearchEngine freeserve. q= +SearchEngine gigablast. q= +SearchEngine gogo.ru q= +SearchEngine go.mail.ru q= +SearchEngine google. q= +SearchEngine hakia. q= +SearchEngine hotbot. query= +SearchEngine infoseek. qt= +SearchEngine iwon searchfor= +SearchEngine ixquick.com query= +SearchEngine joeant. keywords= +SearchEngine jyxo.cz s= +SearchEngine looksmart. key= +SearchEngine lycos. query= +SearchEngine mamma. q= +SearchEngine metacrawler q= +SearchEngine msn. MT= +SearchEngine msxml qkw= +SearchEngine mysearch. searchfor= +SearchEngine mywebsearch. searchfor= +SearchEngine netscape. q= +SearchEngine nigma.ru q= +SearchEngine northernlight. qr= +SearchEngine ntlworld. q= +SearchEngine orange. q= +SearchEngine overture. Keywords= +SearchEngine punto.ru text= +SearchEngine rambler. keyword= +SearchEngine search.aol. q= +SearchEngine search.babylon. q= +SearchEngine search.centrum. phrase= +SearchEngine search.conduit. q= +SearchEngine search.earthlink q= +SearchEngine search.icq. q= +SearchEngine search.live.com q= +SearchEngine search.rambler.ru words= +SearchEngine search.winamp. q= +SearchEngine searchy. q= +SearchEngine seznam.cz w= +SearchEngine snap. query= +SearchEngine teoma. q= +SearchEngine teradex.com q= +SearchEngine ukplus key= +SearchEngine verizon. q= +SearchEngine virginmedia. q= +SearchEngine voila. rdata= +SearchEngine webcrawler searchText= +SearchEngine web.search.naver. query= +SearchEngine wisenut q= +SearchEngine yahoo. p= +SearchEngine yandex. text= +SearchEngine yodao. q= diff --git a/install/ubuntu/15.04/vsftpd/vsftpd.conf b/install/ubuntu/15.04/vsftpd/vsftpd.conf new file mode 100644 index 000000000..0902899e7 --- /dev/null +++ b/install/ubuntu/15.04/vsftpd/vsftpd.conf @@ -0,0 +1,24 @@ +anonymous_enable=NO +local_enable=YES +write_enable=YES +local_umask=002 +anon_upload_enable=NO +dirmessage_enable=YES +xferlog_enable=YES +connect_from_port_20=YES +xferlog_std_format=YES +dual_log_enable=YES +chroot_local_user=YES +listen=YES +pam_service_name=vsftpd +userlist_enable=NO +tcp_wrappers=YES +force_dot_files=YES +ascii_upload_enable=YES +ascii_download_enable=YES +#allow_writable_chroot=YES +allow_writeable_chroot=YES +seccomp_sandbox=NO +pasv_enable=YES +pasv_max_port=12100 +pasv_min_port=12000 diff --git a/install/ubuntu/apache2.readme.txt b/install/ubuntu/apache2.readme.txt deleted file mode 100644 index b8d05cbe1..000000000 --- a/install/ubuntu/apache2.readme.txt +++ /dev/null @@ -1,11 +0,0 @@ -# -# _| _| _|_|_|_| _|_|_| _|_|_|_|_| _|_| -# _| _| _| _| _| _| _| -# _| _| _|_|_| _|_| _| _|_|_|_| -# _| _| _| _| _| _| _| -# _| _|_|_|_| _|_|_| _| _| _| -# -# -# Server is manager by Vesta Control Panel. -# See /etc/apache2/conf.d/vesta.conf to get a full list of running vhosts. -# diff --git a/install/ubuntu/certificate.crt b/install/ubuntu/certificate.crt deleted file mode 100644 index 4a3230ac2..000000000 --- a/install/ubuntu/certificate.crt +++ /dev/null @@ -1,22 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDqjCCApICCQCBAQdAxoNnAjANBgkqhkiG9w0BAQUFADCBljELMAkGA1UEBhMC -VVMxFjAUBgNVBAgMDU1hc3NhY2h1c2V0dHMxEzARBgNVBAcMClN3YW1wc2NvdHQx -EDAOBgNVBAoMB1Zlc3RhQ1AxCzAJBgNVBAsMAklUMRowGAYDVQQDDBFwYW5lbC52 -ZXN0YWNwLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B2ZXN0YWNwLmNvbTAeFw0x -MzA5MjMwNzA0NDVaFw0xNDA5MjMwNzA0NDVaMIGWMQswCQYDVQQGEwJVUzEWMBQG -A1UECAwNTWFzc2FjaHVzZXR0czETMBEGA1UEBwwKU3dhbXBzY290dDEQMA4GA1UE -CgwHVmVzdGFDUDELMAkGA1UECwwCSVQxGjAYBgNVBAMMEXBhbmVsLnZlc3RhY3Au -Y29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHZlc3RhY3AuY29tMIIBIjANBgkqhkiG -9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvu84meigHrwPmzEbFpKe/o8FTKwO5w1VL0HU -ILVW5EBGT76VEBqpWC+x0QrChHit14FV7m+hZRvhhkulXrknChTTNA500EVNZ5Wb -UpDWezZDivTKAHzzq0aUwKB230Tz+k3j+duBcbzwFwirnDXb5dE5RqzBOhiIvDw9 -mjP66UyH8RxFF+pTAPlcF18zWak7KnaDreyGknzy7m+Zqs07uLnb0wTgcwIcqREP -eqgw0E8xrEdjz1N9HIvxi+glfnjNgHja3cCYhe9ZCpDDr9ERXrEcULrqRuch6Zfv -QKoscG4dankbq0V4DfpMBYMTvFvFLLp/uWvwLjunzfu37XmBLQIDAQABMA0GCSqG -SIb3DQEBBQUAA4IBAQBl+GF4Ii+7cW0tWVTsDh0Kw+rjc9bEA0eF4p3LBLEsFRkP -Yeqp2t0g8RTAAiq3OyUWYISzOX8xu0i56/3jUFazABBjz0P0w2A0BfRZS5TAEwxJ -TS9zAgobBuLtTh3FDJJIRXLJOKLJZVUmi6D+8QIQVOox0925tMIxGc9CxLK05bIc -HUYdHsn1gDwmTWem/XED559eWV/vGnvf3Ea0EHU76kTQaLPkul2y8BTbbLaHSw96 -1xFc8x9gqxWTT70YmBpZIApmSzvOGVXqTduMY/CeEbmigo1/1i2YMVjePFEDYnmE -/f6rNQrtM9kgtE+glWdA7zHlaigKl3SVof1ETStB ------END CERTIFICATE----- diff --git a/install/ubuntu/certificate.key b/install/ubuntu/certificate.key deleted file mode 100644 index eb913d684..000000000 --- a/install/ubuntu/certificate.key +++ /dev/null @@ -1,27 +0,0 @@ ------BEGIN RSA PRIVATE KEY----- -MIIEowIBAAKCAQEAvu84meigHrwPmzEbFpKe/o8FTKwO5w1VL0HUILVW5EBGT76V -EBqpWC+x0QrChHit14FV7m+hZRvhhkulXrknChTTNA500EVNZ5WbUpDWezZDivTK -AHzzq0aUwKB230Tz+k3j+duBcbzwFwirnDXb5dE5RqzBOhiIvDw9mjP66UyH8RxF -F+pTAPlcF18zWak7KnaDreyGknzy7m+Zqs07uLnb0wTgcwIcqREPeqgw0E8xrEdj -z1N9HIvxi+glfnjNgHja3cCYhe9ZCpDDr9ERXrEcULrqRuch6ZfvQKoscG4dankb -q0V4DfpMBYMTvFvFLLp/uWvwLjunzfu37XmBLQIDAQABAoIBAF59YsSAJCWxqgOC -dMZh/z85JkVAbQuZRIvjhwg81eiVinZSedCDcUUMLXKnYYZPdrDM9+rM4dF4z843 -R3quJIzPq4n6kYK0mU7m8fwVY5+MRjbRV9qP+8LKZjlB8DIkHJ3FyEnRgKj5+NNd -Xhgra0y7kx3Pxrxqgdit80qJ6OVlN2gsMjUcDBhqQev9Xs8cKYjYc1uPtFw14B2G -5fsNE8cHJA+hH/aym7xTaEQlz/JOKn2GsH/dOhm3RM2QygdyrVOBBj6rKSi03LMb -7QOkDvZ3nBltxQKOqs2PkYyEAdqR4dMZIPNxye/k21iVovLeMVe4lG7BmNOD6XwB -+TOhYh0CgYEA9WyUeSNPP309Br65wg61GdapWmQIaj7HSZE06BWhp82PPwHaF1yY -p9hWgo6fDxwHiTSLeUqEPXJMaPG+RxvYFc7Lc3JjOKU4ezR9fqz01LLtWXHVVT/x -RZuogMyaDhIjhwMyu4mybpUMkBQ/B3DFufrzTv0y8ljAc0nlFsuXaPMCgYEAxymI -btxZFGES6UNG7ldEaihll9MpP22/VghUeAaia0qgnXlYkbngIIhGpGJUkvZ2pduE -tfw2S20k38qvrWXx/NhLxmiVSIvq5TFi/22dfT20kfrdCcnkrp/tRpeR72IrQ6Kx -+6l7QHV5Gjcc4rvNc8mw7itVu+StgCYx+koD9V8CgYA8sThaaLf9XGxOEbaAXgC9 -Pg+tcdV+6L2B3O33gvnyNGx7SWr0ogqCX4atTLXbF7RpYtwnB52CUJTC0x2aGjGq -2vQHPb95z6oTFdz/CaiWPRVjLDp0lZaF/0OBbpeeaS/uAIV4SUod/LAZpVgc7++F -2aB35TfHJNma6ShFJd3wrwKBgBH444DtjXRTVjuKgKodYeUahCBxQ7Wfl7aRxd2W -66027MuJGb78wQbuhUFsRimE6CwLZSxu+A9SaBNx3OyO2Ilyk1PyOBZ12dqY3FAk -eiPFH7hUpQGvIF3JvMW0A81QVIsj8V++aYrljuoYsxiaze128+pqKrBr8GQyDiyB -5V2NAoGBAIPWovM20cbx6LpEuFN5Pmkl500F6sTc8F3DQVRe3JhwVhqHQXv7tUE1 -VHMqpMybUQin8q/RXvJ0vr2sQEe2fVC2a0FWJTqww1eMwu1V9ppUJAfXfaYWY+XJ -4d3myajakr0Eh3ia+IrSBcMRJ2sD3sL5KQC6jbD0R8odex4syiu2 ------END RSA PRIVATE KEY----- diff --git a/install/ubuntu/freshclam.conf b/install/ubuntu/freshclam.conf deleted file mode 100644 index 5e6ca56c1..000000000 --- a/install/ubuntu/freshclam.conf +++ /dev/null @@ -1,27 +0,0 @@ -# Automatically created by the clamav-freshclam postinst -# Comments will get lost when you reconfigure the clamav-freshclam package - -DatabaseOwner clamav -UpdateLogFile /var/log/clamav/freshclam.log -LogVerbose false -LogSyslog false -LogFacility LOG_LOCAL6 -LogFileMaxSize 0 -LogTime true -Foreground false -Debug false -MaxAttempts 5 -DatabaseDirectory /var/lib/clamav -DNSDatabaseInfo current.cvd.clamav.net -AllowSupplementaryGroups false -PidFile /var/run/clamav/freshclam.pid -ConnectTimeout 30 -ReceiveTimeout 30 -TestDatabases yes -ScriptedUpdates yes -CompressLocalDatabase no -Bytecode true -# Check for new database 24 times a day -Checks 24 -DatabaseMirror db.local.clamav.net -DatabaseMirror database.clamav.net diff --git a/install/ubuntu/nginx.readme.txt b/install/ubuntu/nginx.readme.txt deleted file mode 100644 index e5db79e79..000000000 --- a/install/ubuntu/nginx.readme.txt +++ /dev/null @@ -1,11 +0,0 @@ -# -# _| _| _|_|_|_| _|_|_| _|_|_|_|_| _|_| -# _| _| _| _| _| _| _| -# _| _| _|_|_| _|_| _| _|_|_|_| -# _| _| _| _| _| _| _| -# _| _|_|_|_| _|_|_| _| _| _| -# -# -# Server is manager by Vesta Control Panel. -# See /etc/nginx/conf.d/vesta.conf to get a full list of running vhosts. -# diff --git a/install/ubuntu/sudoers.vestacp.conf b/install/ubuntu/sudoers.vestacp.conf deleted file mode 100644 index fc1782282..000000000 --- a/install/ubuntu/sudoers.vestacp.conf +++ /dev/null @@ -1 +0,0 @@ -Defaults env_keep="VESTA" diff --git a/install/ubuntu/vesta.conf b/install/ubuntu/vesta.conf deleted file mode 100644 index 6c148bd17..000000000 --- a/install/ubuntu/vesta.conf +++ /dev/null @@ -1,24 +0,0 @@ -WEB_SYSTEM='apache2' -WEB_RGROUPS='www-data' -WEB_PORT='8080' -WEB_SSL='mod_ssl' -WEB_SSL_PORT='8443' -PROXY_SYSTEM='nginx' -PROXY_PORT='80' -PROXY_SSL_PORT='443' -FTP_SYSTEM='vsftpd' -MAIL_SYSTEM='exim4' -IMAP_SYSTEM='dovecot' -ANTIVIRUS_SYSTEM='clamav-daemon' -ANTISPAM_SYSTEM='spamassassin' -DB_SYSTEM='mysql' -DNS_SYSTEM='bind9' -STATS_SYSTEM='webalizer,awstats' -BACKUP_SYSTEM='local' -CRON_SYSTEM='cron' -DISK_QUOTA='no' -FIREWALL_SYSTEM='iptables' -FIREWALL_EXTENSION='fail2ban' -REPOSITORY='cmmnt' -VERSION='0.9.8' -LANGUAGE='en' diff --git a/install/ubuntu/whmcs-module.php b/install/ubuntu/whmcs-module.php deleted file mode 100644 index 1cb250611..000000000 --- a/install/ubuntu/whmcs-module.php +++ /dev/null @@ -1,359 +0,0 @@ - array( "Type" => "text", "Default" => "default"), - "SSH Access" => array( "Type" => "yesno", "Description" => "Tick to grant access", ), - "IP Address (optional)" => array( "Type" => "text" ), - ); - return $configarray; - -} - -function vesta_CreateAccount($params) { - - // Execute only if there is assigned server - if ($params["server"] == 1) { - - // Prepare variables - $postvars = array( - 'user' => $params["serverusername"], - 'password' => $params["serverpassword"], - 'hash' => $params["serveraccesshash"], - 'cmd' => 'v-add-user', - 'arg1' => $params["username"], - 'arg2' => $params["password"], - 'arg3' => $params["clientsdetails"]["email"], - 'arg4' => $params["configoption1"], - 'arg5' => $params["clientsdetails"]["firstname"], - 'arg6' => $params["clientsdetails"]["lastname"], - ); - $postdata = http_build_query($postvars); - - // Create user account - $curl = curl_init(); - curl_setopt($curl, CURLOPT_URL, 'https://' . $params["serverhostname"] . ':8083/api/'); - curl_setopt($curl, CURLOPT_RETURNTRANSFER,true); - curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false); - curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false); - curl_setopt($curl, CURLOPT_POST, true); - curl_setopt($curl, CURLOPT_POSTFIELDS, $postdata); - $answer = curl_exec($curl); - - logModuleCall('vesta','CreateAccount_UserAccount','https://'.$params["serverhostname"].':8083/api/'.$postdata,$answer); - - // Enable ssh access - if(($answer == 'OK') && ($params["configoption2"] == 'on')) { - $postvars = array( - 'user' => $params["serverusername"], - 'password' => $params["serverpassword"], - 'hash' => $params["serveraccesshash"], - 'cmd' => 'v-change-user-shell', - 'arg1' => $params["username"], - 'arg2' => 'bash' - ); - $postdata = http_build_query($postvars); - $curl = curl_init(); - curl_setopt($curl, CURLOPT_URL, 'https://' . $params["serverhostname"] . ':8083/api/'); - curl_setopt($curl, CURLOPT_RETURNTRANSFER,true); - curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false); - curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false); - curl_setopt($curl, CURLOPT_POST, true); - curl_setopt($curl, CURLOPT_POSTFIELDS, $postdata); - $answer = curl_exec($curl); - - logModuleCall('vesta','CreateAccount_EnableSSH','https://'.$params["serverhostname"].':8083/api/'.$postdata,$answer); - } - - // Add domain - if(($answer == 'OK') && (!empty($params["domain"]))) { - $postvars = array( - 'user' => $params["serverusername"], - 'password' => $params["serverpassword"], - 'hash' => $params["serveraccesshash"], - 'cmd' => 'v-add-domain', - 'arg1' => $params["username"], - 'arg2' => $params["domain"], - 'arg3' => $params["configoption3"], - ); - $postdata = http_build_query($postvars); - $curl = curl_init(); - curl_setopt($curl, CURLOPT_URL, 'https://' . $params["serverhostname"] . ':8083/api/'); - curl_setopt($curl, CURLOPT_RETURNTRANSFER,true); - curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false); - curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false); - curl_setopt($curl, CURLOPT_POST, true); - curl_setopt($curl, CURLOPT_POSTFIELDS, $postdata); - $answer = curl_exec($curl); - - logModuleCall('vesta','CreateAccount_AddDomain','https://'.$params["serverhostname"].':8083/api/'.$postdata,$answer); - } - } - - if($answer == 'OK') { - $result = "success"; - } else { - $result = $answer; - } - - return $result; -} - -function vesta_TerminateAccount($params) { - - // Execute only if there is assigned server - if ($params["server"] == 1) { - - // Prepare variables - $postvars = array( - 'user' => $params["serverusername"], - 'password' => $params["serverpassword"], - 'hash' => $params["serveraccesshash"], - 'cmd' => 'v-delete-user', - 'arg1' => $params["username"] - ); - $postdata = http_build_query($postvars); - - // Delete user account - $curl = curl_init(); - curl_setopt($curl, CURLOPT_URL, 'https://' . $params["serverhostname"] . ':8083/api/'); - curl_setopt($curl, CURLOPT_RETURNTRANSFER,true); - curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false); - curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false); - curl_setopt($curl, CURLOPT_POST, true); - curl_setopt($curl, CURLOPT_POSTFIELDS, $postdata); - $answer = curl_exec($curl); - } - - logModuleCall('vesta','TerminateAccount','https://'.$params["serverhostname"].':8083/api/'.$postdata,$answer); - - if($answer == 'OK') { - $result = "success"; - } else { - $result = $answer; - } - - return $result; -} - -function vesta_SuspendAccount($params) { - - // Execute only if there is assigned server - if ($params["server"] == 1) { - - // Prepare variables - $postvars = array( - 'user' => $params["serverusername"], - 'password' => $params["serverpassword"], - 'hash' => $params["serveraccesshash"], - 'cmd' => 'v-suspend-user', - 'arg1' => $params["username"] - ); - $postdata = http_build_query($postvars); - - // Susupend user account - $curl = curl_init(); - curl_setopt($curl, CURLOPT_URL, 'https://' . $params["serverhostname"] . ':8083/api/'); - curl_setopt($curl, CURLOPT_RETURNTRANSFER,true); - curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false); - curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false); - curl_setopt($curl, CURLOPT_POST, true); - curl_setopt($curl, CURLOPT_POSTFIELDS, $postdata); - $answer = curl_exec($curl); - } - - logModuleCall('vesta','SuspendAccount','https://'.$params["serverhostname"].':8083/api/'.$postdata,$answer); - - if($answer == 'OK') { - $result = "success"; - } else { - $result = $answer; - } - - return $result; -} - -function vesta_UnsuspendAccount($params) { - - // Execute only if there is assigned server - if ($params["server"] == 1) { - - // Prepare variables - $postvars = array( - 'user' => $params["serverusername"], - 'password' => $params["serverpassword"], - 'hash' => $params["serveraccesshash"], - 'cmd' => 'v-unsuspend-user', - 'arg1' => $params["username"] - ); - $postdata = http_build_query($postvars); - - // Unsusupend user account - $curl = curl_init(); - curl_setopt($curl, CURLOPT_URL, 'https://' . $params["serverhostname"] . ':8083/api/'); - curl_setopt($curl, CURLOPT_RETURNTRANSFER,true); - curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false); - curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false); - curl_setopt($curl, CURLOPT_POST, true); - curl_setopt($curl, CURLOPT_POSTFIELDS, $postdata); - $answer = curl_exec($curl); - } - - logModuleCall('vesta','UnsuspendAccount','https://'.$params["serverhostname"].':8083/api/'.$postdata,$answer); - - if($answer == 'OK') { - $result = "success"; - } else { - $result = $answer; - } - - return $result; -} - -function vesta_ChangePassword($params) { - - // Execute only if there is assigned server - if ($params["server"] == 1) { - - // Prepare variables - $postvars = array( - 'user' => $params["serverusername"], - 'password' => $params["serverpassword"], - 'hash' => $params["serveraccesshash"], - 'cmd' => 'v-change-user-password', - 'arg1' => $params["username"], - 'arg2' => $params["password"] - ); - $postdata = http_build_query($postvars); - - // Change user package - $curl = curl_init(); - curl_setopt($curl, CURLOPT_URL, 'https://' . $params["serverhostname"] . ':8083/api/'); - curl_setopt($curl, CURLOPT_RETURNTRANSFER,true); - curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false); - curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false); - curl_setopt($curl, CURLOPT_POST, true); - curl_setopt($curl, CURLOPT_POSTFIELDS, $postdata); - $answer = curl_exec($curl); - } - - logModuleCall('vesta','ChangePassword','https://'.$params["serverhostname"].':8083/api/'.$postdata,$answer); - - if($answer == 'OK') { - $result = "success"; - } else { - $result = $answer; - } - - return $result; -} - -function vesta_ChangePackage($params) { - - // Execute only if there is assigned server - if ($params["server"] == 1) { - - // Prepare variables - $postvars = array( - 'user' => $params["serverusername"], - 'password' => $params["serverpassword"], - 'hash' => $params["serveraccesshash"], - 'cmd' => 'v-change-user-package', - 'arg1' => $params["username"], - 'arg2' => $params["configoption1"] - ); - $postdata = http_build_query($postvars); - - // Change user package - $curl = curl_init(); - curl_setopt($curl, CURLOPT_URL, 'https://' . $params["serverhostname"] . ':8083/api/'); - curl_setopt($curl, CURLOPT_RETURNTRANSFER,true); - curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false); - curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false); - curl_setopt($curl, CURLOPT_POST, true); - curl_setopt($curl, CURLOPT_POSTFIELDS, $postdata); - $answer = curl_exec($curl); - } - - logModuleCall('vesta','ChangePackage','https://'.$params["serverhostname"].':8083/api/'.$postdata,$answer); - - if($answer == 'OK') { - $result = "success"; - } else { - $result = $answer; - } - - return $result; -} - -function vesta_ClientArea($params) { - - $code = '
- - - - -
'; - return $code; - -} - -function vesta_AdminLink($params) { - - $code = '
- - - -
'; - return $code; - -} - -function vesta_LoginLink($params) { - - echo "control panel"; - -} - -function vesta_UsageUpdate($params) { - - // Prepare variables - $postvars = array( - 'user' => $params["serverusername"], - 'password' => $params["serverpassword"], - 'hash' => $params["serveraccesshash"], - 'cmd' => 'v-list-users', - 'arg1' => 'json' - ); - $postdata = http_build_query($postvars); - - // Get user stats - $curl = curl_init(); - curl_setopt($curl, CURLOPT_URL, 'https://' . $params["serverhostname"] . ':8083/api/'); - curl_setopt($curl, CURLOPT_RETURNTRANSFER,true); - curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false); - curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false); - curl_setopt($curl, CURLOPT_POST, true); - curl_setopt($curl, CURLOPT_POSTFIELDS, $postdata); - $answer = curl_exec($curl); - - // Decode json data - $results = json_decode($answer, true); - - // Loop through results and update DB - foreach ($results AS $user=>$values) { - update_query("tblhosting",array( - "diskusage"=>$values['U_DISK'], - "disklimit"=>$values['DISK_QUOTA'], - "bwusage"=>$values['U_BANDWIDTH'], - "bwlimit"=>$values['BANDWIDTH'], - "lastupdate"=>"now()", - ),array("server"=>$params['serverid'], "username"=>$user)); - } - -} - -?> diff --git a/install/vst-install-debian.sh b/install/vst-install-debian.sh old mode 100644 new mode 100755 index c8afb93ff..103a4cf19 --- a/install/vst-install-debian.sh +++ b/install/vst-install-debian.sh @@ -1,6 +1,6 @@ #!/bin/bash -# Vesta Debian installer v.04 +# Vesta Debian installer v.05 #----------------------------------------------------------# # Variables&Functions # @@ -10,32 +10,72 @@ export DEBIAN_FRONTEND=noninteractive RHOST='apt.vestacp.com' CHOST='c.vestacp.com' VERSION='0.9.8/debian' -software="nginx apache2 apache2-utils apache2.2-common bsdutils e2fsprogs - apache2-suexec-custom libapache2-mod-ruid2 libapache2-mod-rpaf - libapache2-mod-fcgid bind9 idn mysql-server mysql-common - mysql-client php5-common php5-cgi php5-mysql php5-curl - libapache2-mod-php5 vsftpd mc exim4 exim4-daemon-heavy clamav-daemon - flex dovecot-imapd dovecot-pop3d phpMyAdmin awstats webalizer - jwhois rssh git spamassassin roundcube roundcube-mysql - roundcube-plugins sudo bc ftp lsof ntpdate rrdtool quota e2fslibs - fail2ban dnsutils vesta vesta-nginx vesta-php" +memory=$(grep 'MemTotal' /proc/meminfo |tr ' ' '\n' |grep [0-9]) +arch=$(uname -i) +os='debian' +release=$(cat /etc/issue|grep -o [0-9]|head -n1) +codename="$(cat /etc/os-release |grep VERSION= |cut -f 2 -d \(|cut -f 1 -d \))" +vestacp="http://$CHOST/$VERSION/$release" +if [ "$release" -eq 8 ]; then + software="nginx apache2 apache2-utils apache2.2-common + apache2-suexec-custom libapache2-mod-ruid2 libapache2-mod-rpaf + libapache2-mod-fcgid libapache2-mod-php5 php5 php5-common php5-cgi + php5-mysql php5-curl php5-fpm php5-pgsql awstats webalizer vsftpd + proftpd-basic bind9 exim4 exim4-daemon-heavy clamav-daemon + spamassassin dovecot-imapd dovecot-pop3d roundcube-core + roundcube-mysql roundcube-plugins mysql-server mysql-common + mysql-client postgresql postgresql-contrib phppgadmin phpMyAdmin mc + flex whois rssh git idn zip sudo bc ftp lsof ntpdate rrdtool quota + e2fslibs bsdutils e2fsprogs curl imagemagick fail2ban dnsutils + bsdmainutils vesta vesta-nginx vesta-php" +else + software="nginx apache2 apache2-utils apache2.2-common + apache2-suexec-custom libapache2-mod-ruid2 libapache2-mod-rpaf + libapache2-mod-fcgid libapache2-mod-php5 php5 php5-common php5-cgi + php5-mysql php5-curl php5-fpm php5-pgsql awstats webalizer vsftpd + proftpd-basic proftpd-mod-vroot bind9 exim4 exim4-daemon-heavy + clamav-daemon spamassassin dovecot-imapd dovecot-pop3d roundcube-core + roundcube-mysql roundcube-plugins mysql-server mysql-common + mysql-client postgresql postgresql-contrib phppgadmin phpMyAdmin mc + flex whois rssh git idn zip sudo bc ftp lsof ntpdate rrdtool quota + e2fslibs bsdutils e2fsprogs curl imagemagick fail2ban dnsutils + bsdmainutils vesta vesta-nginx vesta-php" +fi + +# Defining help function help() { - echo "usage: $0 [OPTIONS] - -h, --help Print this help and exit - -f, --force Force installation - -i, --disable-iptables Disable iptables support - -b, --disable-fail2ban Disable fail2ban protection - -n, --noupdate Do not run apt-get upgrade command - -s, --hostname Set server hostname - -e, --email Set email address - -p, --password Set admin password instead of generating it - -m, --mysql-password Set MySQL password instead of generating it - -q, --quota Enable File System Quota" + echo "Usage: $0 [OPTIONS] + -a, --apache Install Apache [yes|no] default: yes + -n, --nginx Install Nginx [yes|no] default: yes + -w, --phpfpm Install PHP-FPM [yes|no] default: no + -v, --vsftpd Install Vsftpd [yes|no] default: yes + -j, --proftpd Install ProFTPD [yes|no] default: no + -k, --named Install Bind [yes|no] default: yes + -m, --mysql Install MySQL [yes|no] default: yes + -g, --postgresql Install PostgreSQL [yes|no] default: no + -d, --mongodb Install MongoDB [yes|no] unsupported + -x, --exim Install Exim [yes|no] default: yes + -z, --dovecot Install Dovecot [yes|no] default: yes + -c, --clamav Install ClamAV [yes|no] default: yes + -t, --spamassassin Install SpamAssassin [yes|no] default: yes + -i, --iptables Install Iptables [yes|no] default: yes + -b, --fail2ban Install Fail2ban [yes|no] default: yes + -q, --quota Filesystem Quota [yes|no] default: no + -l, --lang Default language default: en + -y, --interactive Interactive install [yes|no] default: yes + -s, --hostname Set hostname + -e, --email Set admin email + -p, --password Set admin password + -f, --force Force installation + -h, --help Print this help + + Example: bash $0 -e demo@vestacp.com -p p4ssw0rd --apache no --phpfpm yes" exit 1 } -# Password generator + +# Defining password-gen function gen_pass() { MATRIX='0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz' LENGTH=10 @@ -46,111 +86,159 @@ gen_pass() { echo "$PASS" } +# Defning return code check function +check_result() { + if [ $1 -ne 0 ]; then + echo "Error: $2" + exit $1 + fi +} + +# Defining function to set default value +set_default_value() { + eval variable=\$$1 + if [ -z "$variable" ]; then + eval $1=$2 + fi + if [ "$variable" != 'yes' ] && [ "$variable" != 'no' ]; then + eval $1=$2 + fi +} #----------------------------------------------------------# # Verifications # #----------------------------------------------------------# +# Creating temporary file +tmpfile=$(mktemp -p /tmp) + # Translating argument to --gnu-long-options for arg; do delim="" case "$arg" in - --help) args="${args}-h " ;; - --force) args="${args}-f " ;; - --disable-fail2ban) args="${args}-b " ;; - --disable-iptables) args="${args}-i " ;; - --noupdate) args="${args}-n " ;; + --apache) args="${args}-a " ;; + --nginx) args="${args}-n " ;; + --phpfpm) args="${args}-w " ;; + --vsftpd) args="${args}-v " ;; + --proftpd) args="${args}-j " ;; + --named) args="${args}-k " ;; + --mysql) args="${args}-m " ;; + --postgresql) args="${args}-g " ;; + --mongodb) args="${args}-d " ;; + --exim) args="${args}-x " ;; + --dovecot) args="${args}-z " ;; + --clamav) args="${args}-c " ;; + --spamassassin) args="${args}-t " ;; + --iptables) args="${args}-i " ;; + --fail2ban) args="${args}-b " ;; + --quota) args="${args}-q " ;; + --lang) args="${args}-l " ;; + --interactive) args="${args}-y " ;; --hostname) args="${args}-s " ;; --email) args="${args}-e " ;; --password) args="${args}-p " ;; - --mysql-password) args="${args}-m " ;; - --quota) args="${args}-q " ;; - *) [[ "${arg:0:1}" == "-" ]] || delim="\"" - args="${args}${delim}${arg}${delim} ";; + --force) args="${args}-f " ;; + --help) args="${args}-h " ;; + *) [[ "${arg:0:1}" == "-" ]] || delim="\"" + args="${args}${delim}${arg}${delim} ";; esac done eval set -- "$args" -# Getopt -while getopts "hfibdnqe:m:p:s:" Option; do +# Parsing arguments +while getopts "a:n:w:v:j:k:m:g:d:x:z:c:t:i:b:r:q:l:y:s:e:p:fh" Option; do case $Option in - h) help ;; # Help - f) force='yes' ;; # Force install - i) disable_iptables='yes' ;; # Disable iptables - b) disable_fail2ban='yes' ;; # Disable fail2ban - n) noupdate='yes' ;; # Disable apt-get upgrade - s) servername=$OPTARG ;; # Server hostname - e) email=$OPTARG ;; # Set email - p) vpass=$OPTARG ;; # Admin password - m) mpass=$OPTARG ;; # MySQL pasword - q) quota='yes' ;; # Enable quota - *) help ;; # Default + a) apache=$OPTARG ;; # Apache + n) nginx=$OPTARG ;; # Nginx + w) phpfpm=$OPTARG ;; # PHP-FPM + v) vsftpd=$OPTARG ;; # Vsftpd + j) proftpd=$OPTARG ;; # Proftpd + k) named=$OPTARG ;; # Named + m) mysql=$OPTARG ;; # MySQL + g) postgresql=$OPTARG ;; # PostgreSQL + d) mongodb=$OPTARG ;; # MongoDB (unsupported) + x) exim=$OPTARG ;; # Exim + z) dovecot=$OPTARG ;; # Dovecot + c) clamd=$OPTARG ;; # ClamAV + t) spamd=$OPTARG ;; # SpamAssassin + i) iptables=$OPTARG ;; # Iptables + b) fail2ban=$OPTARG ;; # Fail2ban + q) quota=$OPTARG ;; # FS Quota + l) lang=$OPTARG ;; # Language + y) interactive=$OPTARG ;; # Interactive install + s) servername=$OPTARG ;; # Hostname + e) email=$OPTARG ;; # Admin email + p) vpass=$OPTARG ;; # Admin password + f) force='yes' ;; # Force install + h) help ;; # Help + *) help ;; # Print help (default) esac done -# Am I root? -if [ "x$(id -u)" != 'x0' ]; then - echo 'Error: this script can only be executed by root' - exit 1 -fi - -# Check supported version -if [ -e '/etc/redhat-release' ] || [ "$(lsb_release -si)" == "Ubuntu" ]; then - echo 'Error: sorry, this installer works only on Debian 7' - exit 1 -fi - -# Check supported OS -if [ "$(arch)" != 'x86_64' ]; then - arch='i386' +# Defining default software stack +set_default_value 'nginx' 'yes' +set_default_value 'apache' 'yes' +set_default_value 'phpfpm' 'no' +set_default_value 'vsftpd' 'yes' +set_default_value 'proftpd' 'no' +set_default_value 'named' 'yes' +set_default_value 'mysql' 'yes' +set_default_value 'postgresql' 'no' +set_default_value 'mongodb' 'no' +set_default_value 'exim' 'yes' +set_default_value 'dovecot' 'yes' +if [ $memory -lt 1500000 ]; then + set_default_value 'clamd' 'no' + set_default_value 'spamd' 'no' else - arch="amd64" + set_default_value 'clamd' 'yes' + set_default_value 'spamd' 'yes' fi -os=$(head -n1 /etc/issue | cut -f 1 -d ' ') -if [[ "$(cut -f 1 -d . /etc/debian_version)" -eq '7' ]]; then - release="7" - codename="wheezy" +set_default_value 'iptables' 'yes' +set_default_value 'fail2ban' 'yes' +set_default_value 'quota' 'no' +set_default_value 'lang' 'en' +set_default_value 'interactive' 'yes' + +# Checking software conflicts +if [ "$phpfpm" = 'yes' ]; then + apache='no' + nginx='yes' fi -if [ $codename != 'wheezy' ]; then - echo 'Error: only Debian 7 is supported' - exit 1 +if [ "$proftpd" = 'yes' ]; then + vsftpd='no' +fi +if [ "$exim" = 'no' ]; then + clamd='no' + spamd='no' + dovecot='no' +fi +if [ "$iptables" = 'no' ]; then + fail2ban='no' fi -# Check admin user account -if [ ! -z "$(grep ^admin: /etc/passwd)" ] && [ "$force" != 'yes' ]; then - echo "Error: user admin exists" - echo +# Checking root permissions +if [ "x$(id -u)" != 'x0' ]; then + check_error 1 "Script can be run executed only by root" +fi + +# Checking admin user account +if [ ! -z "$(grep ^admin: /etc/passwd /etc/group)" ] && [ -z "$force" ]; then echo 'Please remove admin user account before proceeding.' echo 'If you want to do it automatically run installer with -f option:' - echo "Example: bash $0 --force" - exit 1 + echo -e "Example: bash $0 --force\n" + check_result 1 "User admin exists" fi -# Check admin group -if [ ! -z "$(grep ^admin: /etc/group)" ] && [ "$force" != 'yes' ]; then - echo "Error: group admin exists" - echo - echo 'Please remove admin group before proceeding.' - echo 'If you want to do it automatically run installer with -f option:' - echo "Example: bash $0 --force" - exit 1 -fi - -# Check wget +# Checking wget if [ ! -e '/usr/bin/wget' ]; then apt-get -y install wget - if [ $? -ne 0 ]; then - echo "Error: can't install wget" - exit 1 - fi + check_result $? "Can't install wget" fi -# Check repo availability -wget -q "$CHOST/$VERSION/vesta.conf" -O /dev/null -if [ $? -ne 0 ]; then - echo "Error: no access to repository" - exit 1 -fi +# Checking repository availability +wget -q "$vestacp/deb_signing.key" -O /dev/null +check_result $? "No access to Vesta repository" # Check installed packages tmpfile=$(mktemp -p /tmp) @@ -173,211 +261,306 @@ if [ ! -z "$conflicts" ] && [ -z "$force" ]; then echo echo '!!! !!! !!! !!! !!! !!! !!! !!! !!! !!! !!! !!! !!! !!! !!! !!! !!!' echo - exit 1 + check_result 1 "Control Panel should be installed on clean server." fi -# Check server type -memory=$(grep 'MemTotal' /proc/meminfo |tr ' ' '\n' |grep [0-9]) -if [ "$memory" -lt '350000' ] && [ -z "$force" ]; then - echo "Error: not enough memory to install Vesta Control Panel." - echo -e "\nMinimum RAM required: 350Mb" - echo 'If you want to force installation run this script with -f option:' - echo "Example: bash $0 --force" - exit 1 -fi -srv_type='micro' -if [ "$memory" -gt '1000000' ]; then - srv_type='small' +#----------------------------------------------------------# +# Brief Info # +#----------------------------------------------------------# + +# Printing nice ascii aslogo +clear +echo +echo ' _| _| _|_|_|_| _|_|_| _|_|_|_|_| _|_|' +echo ' _| _| _| _| _| _| _|' +echo ' _| _| _|_|_| _|_| _| _|_|_|_|' +echo ' _| _| _| _| _| _| _|' +echo ' _| _|_|_|_| _|_|_| _| _| _|' +echo +echo ' Vesta Control Panel' +echo -e "\n\n" + +echo 'Following software will be installed on your system:' + +# Web stack +if [ "$nginx" = 'yes' ]; then + echo ' - Nginx Web Server' +fi +if [ "$apache" = 'yes' ] && [ "$nginx" = 'no' ] ; then + echo ' - Apache Web Server' +fi +if [ "$apache" = 'yes' ] && [ "$nginx" = 'yes' ] ; then + echo ' - Apache Web Server (as backend)' +fi +if [ "$phpfpm" = 'yes' ]; then + echo ' - PHP-FPM Application Server' fi -if [ "$memory" -gt '3000000' ]; then - srv_type='medium' +# DNS stack +if [ "$named" = 'yes' ]; then + echo ' - Bind DNS Server' fi -if [ "$memory" -gt '7000000' ]; then - srv_type='large' -fi - -# Are you sure ? -if [ -z $email ]; then - clear - echo - echo ' _| _| _|_|_|_| _|_|_| _|_|_|_|_| _|_| ' - echo ' _| _| _| _| _| _| _| ' - echo ' _| _| _|_|_| _|_| _| _|_|_|_| ' - echo ' _| _| _| _| _| _| _| ' - echo ' _| _|_|_|_| _|_|_| _| _| _| ' - echo - echo ' Vesta Control Panel' - echo - echo - echo 'Following software will be installed on your system:' - echo ' - Nginx frontend web server' - echo ' - Apache application web server' - echo ' - Bind DNS server' - echo ' - Exim mail server' - echo ' - Dovecot IMAP and POP3 server' - if [ "$srv_type" = 'medium' ] || [ "$srv_type" = 'large' ]; then - echo ' - Clam mail antivirus' - echo ' - SpamAssassin antispam' +# Mail Stack +if [ "$exim" = 'yes' ]; then + echo -n ' - Exim mail server' + if [ "$clamd" = 'yes' ] || [ "$spamd" = 'yes' ] ; then + echo -n ' + ' + if [ "$clamd" = 'yes' ]; then + echo -n 'Antivirus ' + fi + if [ "$spamd" = 'yes' ]; then + echo -n 'Antispam' + fi fi - echo ' - MySQL database server' - echo ' - Vsftpd FTP server' - echo - echo + echo + if [ "$dovecot" = 'yes' ]; then + echo ' - Dovecot POP3/IMAP Server' + fi +fi - read -p 'Do you want to proceed? [y/n]): ' answer +# DB stack +if [ "$mysql" = 'yes' ]; then + echo ' - MySQL Database Server' +fi +if [ "$postgresql" = 'yes' ]; then + echo ' - PostgreSQL Database Server' +fi +if [ "$mongodb" = 'yes' ]; then + echo ' - MongoDB Database Server' +fi + +# FTP stack +if [ "$vsftpd" = 'yes' ]; then + echo ' - Vsftpd FTP Server' +fi +if [ "$proftpd" = 'yes' ]; then + echo ' - ProFTPD FTP Server' +fi + +# Firewall stack +if [ "$iptables" = 'yes' ]; then + echo -n ' - Iptables Firewall' +fi +if [ "$iptables" = 'yes' ] && [ "$fail2ban" = 'yes' ]; then + echo -n ' + Fail2Ban' +fi +echo -e "\n\n" + +# Asking for confirmation to proceed +if [ "$interactive" = 'yes' ]; then + read -p 'Would you like to continue [y/n]: ' answer if [ "$answer" != 'y' ] && [ "$answer" != 'Y' ]; then echo 'Goodbye' exit 1 fi - # Check email - read -p 'Please enter valid email address: ' email + # Asking for contact email + if [ -z "$email" ]; then + read -p 'Please enter admin email address: ' email + fi - # Define server hostname + # Asking to set FQDN hostname if [ -z "$servername" ]; then - read -p "Please enter hostname [$(hostname)]: " servername + read -p "Please enter FQDN hostname [$(hostname)]: " servername fi fi -# Validate email -local_part=$(echo $email | cut -s -f1 -d\@) -remote_host=$(echo $email | cut -s -f2 -d\@) -mx_failed=1 -if [ ! -z "$remote_host" ] && [ ! -z "$local_part" ]; then - /usr/bin/host -t mx "$remote_host" > /dev/null 2>&1 - mx_failed="$?" +# Generating admin password if it wasn't set +if [ -z "$vpass" ]; then + vpass=$(gen_pass) fi -if [ "$mx_failed" -eq 1 ]; then - echo "Error: email $email is not valid" - exit 1 +# Set hostname if it wasn't set +if [ -z "$servername" ]; then + servername=$(hostname -f) +fi + +# Set email if it wasn't set +if [ -z "$email" ]; then + email="admin@$servername" +fi + +# Defining backup directory +vst_backups="/root/vst_install_backups/$(date +%s)" +echo "Installation backup directory: $vst_backups" + +# Printing start message and sleeping for 5 seconds +echo -e "\n\n\n\nInstallation will take about 15 minutes ...\n" +sleep 5 + + +#----------------------------------------------------------# +# Checking swap # +#----------------------------------------------------------# + +# Checking swap on small instances +if [ -z "$(swapon -s)" ] && [ $memory -lt 1000000 ]; then + fallocate -l 1G /swapfile + chmod 600 /swapfile + mkswap /swapfile + swapon /swapfile + echo "/swapfile none swap sw 0 0" >> /etc/fstab fi #----------------------------------------------------------# # Install repository # #----------------------------------------------------------# -# Let's start -echo -e "\n\n\n\nInstallation will take about 15 minutes ...\n" -sleep 5 -# Update system -if [ -z "$noupdate" ]; then - apt-get -y upgrade - if [ $? -ne 0 ]; then - echo 'Error: apt-get upgrade failed' - exit 1 - fi -fi +# Updating system +apt-get -y upgrade +check_result $? 'apt-get upgrade failed' -# Install nginx repo +# Installing nginx repo apt=/etc/apt/sources.list.d echo "deb http://nginx.org/packages/debian/ $codename nginx" > $apt/nginx.list wget http://nginx.org/keys/nginx_signing.key -O /tmp/nginx_signing.key apt-key add /tmp/nginx_signing.key -# Install vesta repo +# Installing vesta repo echo "deb http://$RHOST/$codename/ $codename vesta" > $apt/vesta.list wget $CHOST/deb_signing.key -O deb_signing.key apt-key add deb_signing.key #----------------------------------------------------------# -# Backups # +# Backup # #----------------------------------------------------------# -# Prepare backup tree -vst_backups="/root/vst_install_backups/$(date +%s)" -mkdir -p $vst_backups/nginx -mkdir -p $vst_backups/apache2 -mkdir -p $vst_backups/mysql -mkdir -p $vst_backups/exim4 -mkdir -p $vst_backups/dovecot -mkdir -p $vst_backups/clamav -mkdir -p $vst_backups/spamassassin -mkdir -p $vst_backups/vsftpd -mkdir -p $vst_backups/bind -mkdir -p $vst_backups/vesta -mkdir -p $vst_backups/home +# Creating backup directory tree +mkdir -p $vst_backups +cd $vst_backups +mkdir nginx apache2 php5 php5-fpm vsftpd proftpd bind exim4 dovecot clamd +mkdir spamassassin mysql postgresql mongodb vesta -# Backup sudoers -if [ -e '/etc/sudoers' ]; then - cp /etc/sudoers $vst_backups/ -fi - -# Backup nginx +# Backing up Nginx configuration service nginx stop > /dev/null 2>&1 -if [ -e '/etc/nginx/nginx.conf' ]; then - cp -r /etc/nginx/* $vst_backups/nginx/ -fi +cp -r /etc/nginx/* $vst_backups/nginx >/dev/null 2>&1 -# Backup apache2 +# Backing up Apache configuration service apache2 stop > /dev/null 2>&1 -if [ -e '/etc/apache2/apache2.conf' ]; then - cp -r /etc/apache2/* $vst_backups/apache2/ -fi +cp -r /etc/apache2/* $vst_backups/apache2 > /dev/null 2>&1 +rm -f /etc/apache2/conf.d/* > /dev/null 2>&1 -# Backup bind9 +# Backing up PHP configuration +cp /etc/php.ini $vst_backups/php > /dev/null 2>&1 +cp -r /etc/php.d $vst_backups/php > /dev/null 2>&1 + +# Backing up PHP configuration +service php5-fpm stop >/dev/null 2>&1 +cp /etc/php5/* $vst_backups/php5 > /dev/null 2>&1 +rm -f /etc/php5/fpm/pool.d/* >/dev/null 2>&1 + +# Backing up Bind configuration service bind9 stop > /dev/null 2>&1 -if [ -e '/etc/bind/named.conf' ]; then - cp -r /etc/bind/* $vst_backups/bind/ -fi +cp -r /etc/bind/* $vst_backups/bind > /dev/null 2>&1 -# Backup vsftpd +# Backing up Vsftpd configuration service vsftpd stop > /dev/null 2>&1 -if [ -e '/etc/vsftpd.conf' ]; then - cp /etc/vsftpd.conf $vst_backups/vsftpd/ -fi +cp /etc/vsftpd.conf $vst_backups/vsftpd > /dev/null 2>&1 -# Backup exim4 +# Backing up ProFTPD configuration +service proftpd stop > /dev/null 2>&1 +cp /etc/proftpd.conf $vst_backups/proftpd >/dev/null 2>&1 + +# Backing up Exim configuration service exim4 stop > /dev/null 2>&1 -if [ -e '/etc/exim4/exim4.conf.template' ]; then - cp -r /etc/exim4/* $vst_backups/exim4/ -fi +cp -r /etc/exim4/* $vst_backups/exim4 > /dev/null 2>&1 -# Backup clamav +# Backing up ClamAV configuration service clamav-daemon stop > /dev/null 2>&1 -if [ -e '/etc/clamav/clamd.conf' ]; then - cp -r /etc/clamav/* $vst_backups/clamav/ -fi +cp -r /etc/clamav/* $vst_backups/clamav > /dev/null 2>&1 -# Backup SpamAssassin +# Backing up SpamAssassin configuration service spamassassin stop > /dev/null 2>&1 -if [ -e '/etc/spamassassin/local.cf' ]; then - cp -r /etc/spamassassin/* $vst_backups/spamassassin/ -fi +cp -r /etc/spamassassin/* $vst_backups/spamassassin > /dev/null 2>&1 -# Backup dovecot +# Backing up Dovecot configuration service dovecot stop > /dev/null 2>&1 -if [ -e '/etc/dovecot.conf' ]; then - cp /etc/dovecot.conf $vst_backups/dovecot/ -fi -if [ -e '/etc/dovecot' ]; then - cp -r /etc/dovecot/* $vst_backups/dovecot/ -fi +cp /etc/dovecot.conf $vst_backups/dovecot > /dev/null 2>&1 +cp -r /etc/dovecot/* $vst_backups/dovecot > /dev/null 2>&1 -# Backup MySQL stuff +# Backing up MySQL/MariaDB configuration and data service mysql stop > /dev/null 2>&1 -if [ -e '/var/lib/mysql' ]; then - mv /var/lib/mysql $vst_backups/mysql/mysql_datadir -fi -if [ -e '/etc/mysql/my.cnf' ]; then - cp -r /etc/mysql/* $vst_backups/mysql/ -fi -if [ -e '/root/.my.cnf' ]; then - mv /root/.my.cnf $vst_backups/mysql/ -fi +killall -9 mysqld > /dev/null 2>&1 +mv /var/lib/mysql $vst_backups/mysql/mysql_datadir > /dev/null 2>&1 +cp -r /etc/mysql/* $vst_backups/mysql > /dev/null 2>&1 +mv -f /root/.my.cnf $vst_backups/mysql > /dev/null 2>&1 # Backup vesta service vesta stop > /dev/null 2>&1 -if [ -e '/usr/local/vesta' ]; then - cp -r /usr/local/vesta/* $vst_backups/vesta/ - apt-get -y remove vesta* - apt-get -y purge vesta* - rm -rf /usr/local/vesta +cp -r /usr/local/vesta/* $vst_backups/vesta > /dev/null 2>&1 +apt-get -y remove vesta vesta-nginx vesta-php > /dev/null 2>&1 +apt-get -y purge vesta vesta-nginx vesta-php > /dev/null 2>&1 +rm -rf /usr/local/vesta > /dev/null 2>&1 + + +#----------------------------------------------------------# +# Package Exludes # +#----------------------------------------------------------# + +# Excluding packages +if [ "$nginx" = 'no' ]; then + software=$(echo "$software" | sed -e "s/^nginx//") +fi +if [ "$apache" = 'no' ]; then + software=$(echo "$software" | sed -e "s/apache2 //") + software=$(echo "$software" | sed -e "s/apache2-utils//") + software=$(echo "$software" | sed -e "s/apache2-suexec-custom//") + software=$(echo "$software" | sed -e "s/apache2.2-common//") + software=$(echo "$software" | sed -e "s/libapache2-mod-ruid2//") + software=$(echo "$software" | sed -e "s/libapache2-mod-rpaf//") + software=$(echo "$software" | sed -e "s/libapache2-mod-fcgid//") + software=$(echo "$software" | sed -e "s/libapache2-mod-php5//") +fi +if [ "$phpfpm" = 'no' ]; then + software=$(echo "$software" | sed -e "s/php5-fpm//") +fi +if [ "$vsftpd" = 'no' ]; then + software=$(echo "$software" | sed -e "s/vsftpd//") +fi +if [ "$proftpd" = 'no' ]; then + software=$(echo "$software" | sed -e "s/proftpd-basic//") + software=$(echo "$software" | sed -e "s/proftpd-mod-vroot//") +fi +if [ "$named" = 'no' ]; then + software=$(echo "$software" | sed -e "s/bind9//") +fi +if [ "$exim" = 'no' ]; then + software=$(echo "$software" | sed -e "s/exim4 //") + software=$(echo "$software" | sed -e "s/exim4-daemon-heavy//") + software=$(echo "$software" | sed -e "s/dovecot-imapd//") + software=$(echo "$software" | sed -e "s/dovecot-pop3d//") + software=$(echo "$software" | sed -e "s/clamav-daemon//") + software=$(echo "$software" | sed -e "s/spamassassin//") +fi +if [ "$clamd" = 'no' ]; then + software=$(echo "$software" | sed -e "s/clamav-daemon//") +fi +if [ "$spamd" = 'no' ]; then + software=$(echo "$software" | sed -e "s/spamassassin//") +fi +if [ "$dovecot" = 'no' ]; then + software=$(echo "$software" | sed -e "s/dovecot-imapd//") + software=$(echo "$software" | sed -e "s/dovecot-pop3d//") +fi +if [ "$mysql" = 'no' ]; then + software=$(echo "$software" | sed -e 's/mysql-server//') + software=$(echo "$software" | sed -e 's/mysql-client//') + software=$(echo "$software" | sed -e 's/mysql-common//') + software=$(echo "$software" | sed -e 's/php5-mysql//') + software=$(echo "$software" | sed -e 's/phpMyAdmin//') +fi +if [ "$postgresql" = 'no' ]; then + software=$(echo "$software" | sed -e 's/postgresql-contrib//') + software=$(echo "$software" | sed -e 's/postgresql//') + software=$(echo "$software" | sed -e 's/php5-pgsql//') + software=$(echo "$software" | sed -e 's/phppgadmin//') +fi +if [ "$iptables" = 'no' ] || [ "$fail2ban" = 'no' ]; then + software=$(echo "$software" | sed -e 's/fail2ban//') fi @@ -385,37 +568,16 @@ fi # Install packages # #----------------------------------------------------------# -# Exclude heavy packages -if [ "$srv_type" = 'micro' ]; then - software=$(echo "$software" | sed -e 's/libapache2-mod-fcgid//') - software=$(echo "$software" | sed -e 's/clamav-daemon//') - software=$(echo "$software" | sed -e 's/spamassassin//') -fi - -if [ "$srv_type" = 'small' ]; then - software=$(echo "$software" | sed -e 's/clamav-daemon//') - software=$(echo "$software" | sed -e 's/spamassassin//') -fi - -# Exclude fail2ban -if [ "$disable_fail2ban" = 'yes' ]; then - software=$(echo "$software" | sed -e 's/fail2ban//') -fi - # Update system packages apt-get update -# Disable daemon autostart -# For more details /usr/share/doc/sysv-rc/README.policy-rc.d.gz +# Disable daemon autostart /usr/share/doc/sysv-rc/README.policy-rc.d.gz echo -e '#!/bin/sh \nexit 101' > /usr/sbin/policy-rc.d chmod a+x /usr/sbin/policy-rc.d -# Install Vesta packages +# Install apt packages apt-get -y install $software -if [ $? -ne 0 ]; then - echo 'Error: apt-get install failed' - exit 1 -fi +check_result $? "apt-get install failed" # Restore policy rm -f /usr/sbin/policy-rc.d @@ -425,93 +587,6 @@ rm -f /usr/sbin/policy-rc.d # Configure system # #----------------------------------------------------------# -# Set writable permission on tmp directory -chmod 777 /tmp - -# Vesta configuration -echo "export VESTA='/usr/local/vesta'" > /etc/profile.d/vesta.sh -chmod 755 /etc/profile.d/vesta.sh -source /etc/profile.d/vesta.sh -echo 'PATH=$PATH:/usr/local/vesta/bin' >> /root/.bash_profile -echo 'export PATH' >> /root/.bash_profile -source /root/.bash_profile -wget $CHOST/$VERSION/vesta.log -O /etc/logrotate.d/vesta - -# Directory tree -mkdir -p $VESTA/conf -mkdir -p $VESTA/log -mkdir -p $VESTA/ssl -mkdir -p $VESTA/data -mkdir -p $VESTA/data/ips -mkdir -p $VESTA/data/queue -mkdir -p $VESTA/data/users -mkdir -p $VESTA/data/firewall -touch $VESTA/data/queue/backup.pipe -touch $VESTA/data/queue/disk.pipe -touch $VESTA/data/queue/webstats.pipe -touch $VESTA/data/queue/restart.pipe -touch $VESTA/data/queue/traffic.pipe -chmod 750 $VESTA/conf -chmod 750 $VESTA/data/users -chmod 750 $VESTA/data/ips -chmod -R 750 $VESTA/data/queue -ln -s /usr/local/vesta/log /var/log/vesta -touch /var/log/vesta/system.log -touch /var/log/vesta/nginx-error.log -touch /var/log/vesta/auth.log -chmod 660 /var/log/vesta/* -adduser backup > /dev/null 2>&1 -mkdir -p /home/backup -chown backup:backup /home/backup -ln -s /home/backup /backup -chmod a+x /backup - -# vesta.conf -wget $CHOST/$VERSION/vesta.conf -O $VESTA/conf/vesta.conf -if [ "$srv_type" = 'micro' ] || [ "$srv_type" = 'small' ]; then - sed -i "s/clamav-daemon//g" $VESTA/conf/vesta.conf - sed -i "s/spamassassin//g" $VESTA/conf/vesta.conf -fi - -# Set server hostname -if [ -z "$servername" ]; then - servername=$(hostname) -fi -/usr/local/vesta/bin/v-change-sys-hostname $servername 2>/dev/null - -# Templates -cd /usr/local/vesta/data -wget $CHOST/$VERSION/packages.tar.gz -O packages.tar.gz -tar -xzf packages.tar.gz -rm -f packages.tar.gz -cd /usr/local/vesta/data -wget $CHOST/$VERSION/templates.tar.gz -O templates.tar.gz -tar -xzf templates.tar.gz -rm -f templates.tar.gz -chmod -R 755 /usr/local/vesta/data/templates -cp templates/web/skel/public_html/index.html /var/www/ -sed -i 's/%domain%/It worked!/g' /var/www/index.html -if [ "$srv_type" = 'micro' ]; then - rm -f /usr/local/vesta/data/templates/web/apache2/phpfcgid.* -fi - -# Generating SSL certificate -$VESTA/bin/v-generate-ssl-cert $(hostname) $email 'US' 'California' \ - 'San Francisco' 'Vesta Control Panel' 'IT' > /tmp/vst.pem - -# Parsing merged certificate file -crt_end=$(grep -n "END CERTIFICATE-" /tmp/vst.pem |cut -f 1 -d:) -key_start=$(grep -n "BEGIN RSA" /tmp/vst.pem |cut -f 1 -d:) -key_end=$(grep -n "END RSA" /tmp/vst.pem |cut -f 1 -d:) - -# Adding SSL certificate -cd /usr/local/vesta/ssl -sed -n "1,${crt_end}p" /tmp/vst.pem > certificate.crt -sed -n "$key_start,${key_end}p" /tmp/vst.pem > certificate.key -chown root:mail /usr/local/vesta/ssl/* -chmod 660 /usr/local/vesta/ssl/* -rm /tmp/vst.pem - # Enable SSH password auth sed -i "s/rdAuthentication no/rdAuthentication yes/g" /etc/ssh/sshd_config service ssh restart @@ -528,13 +603,6 @@ echo 'LS_COLORS="$LS_COLORS:di=00;33"' >> /etc/profile # Register /sbin/nologin echo "/sbin/nologin" >> /etc/shells -# Sudo configuration -wget $CHOST/$VERSION/sudoers.conf -O /etc/sudoers -wget $CHOST/$VERSION/sudoers.admin.conf -O /etc/sudoers.d/admin -chmod 440 /etc/sudoers -chmod 440 /etc/sudoers.d/admin -echo 'Defaults:admin !syslog' >>/etc/sudoers.d/admin - # NTP Synchronization echo '#!/bin/sh' > /etc/cron.daily/ntpdate echo "$(which ntpdate) -s pool.ntp.org" >> /etc/cron.daily/ntpdate @@ -550,279 +618,532 @@ sed -i 's/#allowsftp/allowsftp/' /etc/rssh.conf sed -i 's/#allowrsync/allowrsync/' /etc/rssh.conf chmod 755 /usr/bin/rssh -# Nginx configuration -rm -f /etc/nginx/conf.d/*.conf -wget $CHOST/$VERSION/nginx.conf -O /etc/nginx/nginx.conf -wget $CHOST/$VERSION/nginx-status.conf -O /etc/nginx/conf.d/status.conf -touch /etc/nginx/conf.d/vesta.conf -update-rc.d nginx defaults -service nginx stop > /dev/null 2>&1 -service nginx start -if [ "$?" -ne 0 ]; then - echo "Error: nginx start failed" - exit 1 + +#----------------------------------------------------------# +# Configure VESTA # +#----------------------------------------------------------# + +# Downlading sudo configuration +mkdir -p /etc/sudoers.d +wget $vestacp/sudo/admin -O /etc/sudoers.d/admin +chmod 440 /etc/sudoers.d/admin + +# Configuring system env +echo "export VESTA='/usr/local/vesta'" > /etc/profile.d/vesta.sh +chmod 755 /etc/profile.d/vesta.sh +source /etc/profile.d/vesta.sh +echo 'PATH=$PATH:/usr/local/vesta/bin' >> /root/.bash_profile +echo 'export PATH' >> /root/.bash_profile +source /root/.bash_profile + +# Configuring logrotate for vesta logs +wget $vestacp/logrotate/vesta -O /etc/logrotate.d/vesta + +# Buidling directory tree and creating some blank files for vesta +mkdir -p $VESTA/conf $VESTA/log $VESTA/ssl $VESTA/data/ips \ + $VESTA/data/queue $VESTA/data/users $VESTA/data/firewall +touch $VESTA/data/queue/backup.pipe $VESTA/data/queue/disk.pipe \ + $VESTA/data/queue/webstats.pipe $VESTA/data/queue/restart.pipe \ + $VESTA/data/queue/traffic.pipe $VESTA/log/system.log \ + $VESTA/log/nginx-error.log $VESTA/log/auth.log +chmod 750 $VESTA/conf $VESTA/data/users $VESTA/data/ips $VESTA/log +chmod -R 750 $VESTA/data/queue +chmod 660 /var/log/vesta/* +rm -f /var/log/vesta +ln -s /usr/local/vesta/log /var/log/vesta + +# Generating vesta configuration +rm -f $VESTA/conf/vesta.conf 2>/dev/null +touch $VESTA/conf/vesta.conf +chmod 660 $VESTA/conf/vesta.conf + +# WEB stack +if [ "$apache" = 'yes' ] && [ "$nginx" = 'no' ] ; then + echo "WEB_SYSTEM='apache2'" >> $VESTA/conf/vesta.conf + echo "WEB_RGROUPS='www-data'" >> $VESTA/conf/vesta.conf + echo "WEB_PORT='80'" >> $VESTA/conf/vesta.conf + echo "WEB_SSL_PORT='443'" >> $VESTA/conf/vesta.conf + echo "WEB_SSL='mod_ssl'" >> $VESTA/conf/vesta.conf + echo "STATS_SYSTEM='webalizer,awstats'" >> $VESTA/conf/vesta.conf +fi +if [ "$apache" = 'yes' ] && [ "$nginx" = 'yes' ] ; then + echo "WEB_SYSTEM='apache2'" >> $VESTA/conf/vesta.conf + echo "WEB_RGROUPS='www-data'" >> $VESTA/conf/vesta.conf + echo "WEB_PORT='8080'" >> $VESTA/conf/vesta.conf + echo "WEB_SSL_PORT='8443'" >> $VESTA/conf/vesta.conf + echo "WEB_SSL='mod_ssl'" >> $VESTA/conf/vesta.conf + echo "PROXY_SYSTEM='nginx'" >> $VESTA/conf/vesta.conf + echo "PROXY_PORT='80'" >> $VESTA/conf/vesta.conf + echo "PROXY_SSL_PORT='443'" >> $VESTA/conf/vesta.conf + echo "STATS_SYSTEM='webalizer,awstats'" >> $VESTA/conf/vesta.conf +fi +if [ "$apache" = 'no' ] && [ "$nginx" = 'yes' ]; then + echo "WEB_SYSTEM='nginx'" >> $VESTA/conf/vesta.conf + echo "WEB_PORT='80'" >> $VESTA/conf/vesta.conf + echo "WEB_SSL_PORT='443'" >> $VESTA/conf/vesta.conf + echo "WEB_SSL='openssl'" >> $VESTA/conf/vesta.conf + if [ "$phpfpm" = 'yes' ]; then + echo "WEB_BACKEND='php5-fpm'" >> $VESTA/conf/vesta.conf + fi + echo "STATS_SYSTEM='webalizer,awstats'" >> $VESTA/conf/vesta.conf fi -# Apache configuration -wget $CHOST/$VERSION/apache2.conf -O /etc/apache2/apache2.conf -wget $CHOST/$VERSION/apache2-status.conf \ - -O /etc/apache2/mods-enabled/status.conf -wget $CHOST/$VERSION/apache2.log -O /etc/logrotate.d/apache2 -rm -f /etc/apache2/conf.d/vesta.conf -echo > /etc/apache2/conf.d/vesta.conf -echo "# Powered by vesta" > /etc/apache2/sites-available/default -echo "# Powered by vesta" > /etc/apache2/sites-available/default-ssl -echo "# Powered by vesta" > /etc/apache2/ports.conf -touch /var/log/apache2/access.log -touch /var/log/apache2/error.log -mkdir -p /var/log/apache2/domains -chmod a+x /var/log/apache2 -chmod 640 /var/log/apache2/access.log -chmod 640 /var/log/apache2/error.log -chmod 751 /var/log/apache2/domains -a2enmod rewrite -a2enmod suexec -a2enmod ssl -a2enmod actions -a2enmod ruid2 -echo -e "/home\npublic_html/cgi-bin" > /etc/apache2/suexec/www-data -update-rc.d apache2 defaults -service apache2 stop > /dev/null 2>&1 -service apache2 start -if [ "$?" -ne 0 ]; then - echo "Error: apache2 start failed" - exit 1 +# FTP stack +if [ "$vsftpd" = 'yes' ]; then + echo "FTP_SYSTEM='vsftpd'" >> $VESTA/conf/vesta.conf +fi +if [ "$proftpd" = 'yes' ]; then + echo "FTP_SYSTEM='proftpd'" >> $VESTA/conf/vesta.conf fi -# Vsftpd configuration -wget $CHOST/$VERSION/vsftpd.conf -O /etc/vsftpd.conf -update-rc.d vsftpd defaults -service vsftpd stop > /dev/null 2>&1 -service vsftpd start -if [ "$?" -ne 0 ]; then - echo "Error: vsftpd start failed" - exit 1 +# DNS stack +if [ "$named" = 'yes' ]; then + echo "DNS_SYSTEM='bind9'" >> $VESTA/conf/vesta.conf fi -# Generating MySQL password if it wasn't set -if [ -z "$mpass" ]; then - mpass=$(gen_pass) +# Mail stack +if [ "$exim" = 'yes' ]; then + echo "MAIL_SYSTEM='exim4'" >> $VESTA/conf/vesta.conf + if [ "$clamd" = 'yes' ]; then + echo "ANTIVIRUS_SYSTEM='clamav-daemon'" >> $VESTA/conf/vesta.conf + fi + if [ "$spamd" = 'yes' ]; then + echo "ANTISPAM_SYSTEM='spamassassin'" >> $VESTA/conf/vesta.conf + fi + if [ "$dovecot" = 'yes' ]; then + echo "IMAP_SYSTEM='dovecot'" >> $VESTA/conf/vesta.conf + fi fi -# MySQL configuration -wget $CHOST/$VERSION/my.cnf -O /etc/mysql/my.cnf -mysql_install_db -update-rc.d mysql defaults -service mysql stop > /dev/null 2>&1 -service mysql start -if [ "$?" -ne 0 ]; then - echo "Error: mysql start failed" - exit 1 -fi -mysqladmin -u root password $mpass -echo -e "[client]\npassword='$mpass'\n" > /root/.my.cnf -chmod 600 /root/.my.cnf -mysql -e "DELETE FROM mysql.user WHERE User=''" -mysql -e "DROP DATABASE test" > /dev/null 2>&1 -mysql -e "DELETE FROM mysql.db WHERE Db='test' OR Db='test\\_%'" -mysql -e "DELETE FROM mysql.user WHERE user='' or password='';" -mysql -e "FLUSH PRIVILEGES" +# CRON daemon +echo "CRON_SYSTEM='cron'" >> $VESTA/conf/vesta.conf -# Bind configuration -wget $CHOST/$VERSION/named.conf -O /etc/bind/named.conf -sed -i "s%listen-on%//listen%" /etc/bind/named.conf.options -chown root:bind /etc/bind/named.conf -chmod 640 /etc/bind/named.conf -update-rc.d bind9 defaults -service bind9 stop > /dev/null 2>&1 -service bind9 start -if [ "$?" -ne 0 ]; then - echo "Error: bind9 start failed" - exit 1 +# Firewall stack +if [ "$iptables" = 'yes' ]; then + echo "FIREWALL_SYSTEM='iptables'" >> $VESTA/conf/vesta.conf +fi +if [ "$iptables" = 'yes' ] && [ "$fail2ban" = 'yes' ]; then + echo "FIREWALL_EXTENSION='fail2ban'" >> $VESTA/conf/vesta.conf fi -# Exim -wget $CHOST/$VERSION/exim4.conf.template -O /etc/exim4/exim4.conf.template -if [ "$srv_type" != 'micro' ] && [ "$srv_type" != 'small' ]; then - sed -i "s/#SPAM/SPAM/g" /etc/exim4/exim4.conf.template - sed -i "s/#CLAMD/CLAMD/g" /etc/exim4/exim4.conf.template -fi -wget $CHOST/$VERSION/dnsbl.conf -O /etc/exim4/dnsbl.conf -wget $CHOST/$VERSION/spam-blocks.conf -O /etc/exim4/spam-blocks.conf -touch /etc/exim4/white-blocks.conf -rm -rf /etc/exim4/domains -mkdir -p /etc/exim4/domains -chmod 640 /etc/exim4/exim4.conf.template -gpasswd -a Debian-exim mail -if [ -e /etc/init.d/sendmail ]; then - update-rc.d -f sendmail remove - service sendmail stop -fi -if [ -e /etc/init.d/postfix ]; then - update-rc.d -f postfix remove - service postfix stop -fi -rm -f /etc/alternatives/mta -ln -s /usr/sbin/exim4 /etc/alternatives/mta -update-rc.d exim4 defaults -service exim4 stop > /dev/null 2>&1 -service exim4 start -if [ "$?" -ne 0 ]; then - echo "Error: exim start failed" - exit +# Disk quota +if [ "$quota" = 'yes' ]; then + echo "DISK_QUOTA='yes'" >> $VESTA/conf/vesta.conf fi -# Dovecot configuration -wget $CHOST/$VERSION/dovecot.conf -O /etc/dovecot/dovecot.conf -cd /etc/dovecot/ -wget $CHOST/$VERSION/dovecot-conf.d.tar.gz -rm -rf conf.d *.ext README -tar -xzf dovecot-conf.d.tar.gz -rm -f dovecot-conf.d.tar.gz -chown -R root:root /etc/dovecot -gpasswd -a dovecot mail -update-rc.d dovecot defaults -service dovecot stop > /dev/null 2>&1 -service dovecot start -if [ "$?" -ne 0 ]; then - echo "Error: dovecot start failed" - exit 1 +# Backups +echo "BACKUP_SYSTEM='local'" >> $VESTA/conf/vesta.conf + +# Language +echo "LANGUAGE='$lang'" >> $VESTA/conf/vesta.conf + +# Version +echo "VERSION='0.9.8'" >> $VESTA/conf/vesta.conf + +# Downloading hosting packages +cd $VESTA/data +wget $vestacp/packages.tar.gz -O packages.tar.gz +tar -xzf packages.tar.gz +rm -f packages.tar.gz + +# Downloading templates +wget $vestacp/templates.tar.gz -O templates.tar.gz +tar -xzf templates.tar.gz +rm -f templates.tar.gz + +# Copying index.html to default documentroot +cp templates/web/skel/public_html/index.html /var/www/ +sed -i 's/%domain%/It worked!/g' /var/www/index.html + +# Downloading firewall rules +wget $vestacp/firewall.tar.gz -O firewall.tar.gz +tar -xzf firewall.tar.gz +rm -f firewall.tar.gz + +# Configuring server hostname +$VESTA/bin/v-change-sys-hostname $servername 2>/dev/null + +# Generating SSL certificate +$VESTA/bin/v-generate-ssl-cert $(hostname) $email 'US' 'California' \ + 'San Francisco' 'Vesta Control Panel' 'IT' > /tmp/vst.pem + +# Parsing certificate file +crt_end=$(grep -n "END CERTIFICATE-" /tmp/vst.pem |cut -f 1 -d:) +key_start=$(grep -n "BEGIN RSA" /tmp/vst.pem |cut -f 1 -d:) +key_end=$(grep -n "END RSA" /tmp/vst.pem |cut -f 1 -d:) + +# Adding SSL certificate +cd $VESTA/ssl +sed -n "1,${crt_end}p" /tmp/vst.pem > certificate.crt +sed -n "$key_start,${key_end}p" /tmp/vst.pem > certificate.key +chown root:mail $VESTA/ssl/* +chmod 660 $VESTA/ssl/* +rm /tmp/vst.pem + + +#----------------------------------------------------------# +# Configure Nginx # +#----------------------------------------------------------# + +if [ "$nginx" = 'yes' ]; then + rm -f /etc/nginx/conf.d/*.conf + wget $vestacp/nginx/nginx.conf -O /etc/nginx/nginx.conf + wget $vestacp/nginx/status.conf -O /etc/nginx/conf.d/status.conf + wget $vestacp/nginx/phpmyadmin.inc -O /etc/nginx/conf.d/phpmyadmin.inc + wget $vestacp/nginx/phppgadmin.inc -O /etc/nginx/conf.d/phppgadmin.inc + wget $vestacp/nginx/webmail.inc -O /etc/nginx/conf.d/webmail.inc + wget $vestacp/logrotate/nginx -O /etc/logrotate.d/nginx + echo > /etc/nginx/conf.d/vesta.conf + mkdir -p /var/log/nginx/domains + update-rc.d nginx defaults + service nginx start + check_result $? "nginx start failed" fi -# ClamAV configuration -if [ "$srv_type" = 'medium' ] || [ "$srv_type" = 'large' ]; then - wget $CHOST/$VERSION/clamd.conf -O /etc/clamav/clamd.conf + +#----------------------------------------------------------# +# Configure Apache # +#----------------------------------------------------------# + +if [ "$apache" = 'yes' ]; then + wget $vestacp/apache2/apache2.conf -O /etc/apache2/apache2.conf + wget $vestacp/apache2/status.conf -O /etc/apache2/mods-enabled/status.conf + wget $vestacp/logrotate/apache2 -O /etc/logrotate.d/apache2 + a2enmod rewrite + a2enmod suexec + a2enmod ssl + a2enmod actions + a2enmod ruid2 + mkdir -p /etc/apache2/conf.d + echo > /etc/apache2/conf.d/vesta.conf + echo "# Powered by vesta" > /etc/apache2/sites-available/default + echo "# Powered by vesta" > /etc/apache2/sites-available/default-ssl + echo "# Powered by vesta" > /etc/apache2/ports.conf + echo -e "/home\npublic_html/cgi-bin" > /etc/apache2/suexec/www-data + touch /var/log/apache2/access.log /var/log/apache2/error.log + mkdir -p /var/log/apache2/domains + chmod a+x /var/log/apache2 + chmod 640 /var/log/apache2/access.log /var/log/apache2/error.log + chmod 751 /var/log/apache2/domains + update-rc.d apache2 defaults + service apache2 start + check_result $? "apache2 start failed" +fi + + +#----------------------------------------------------------# +# Configure PHP-FPM # +#----------------------------------------------------------# + +if [ "$phpfpm" = 'yes' ]; then + wget $vestacp/php5-fpm/www.conf -O /etc/php5/fpm/pool.d/www.conf + update-rc.d php5-fpm defaults + service php5-fpm start + check_result $? "php-fpm start failed" +fi + + +#----------------------------------------------------------# +# Configure PHP # +#----------------------------------------------------------# + +ZONE=$(timedatectl 2>/dev/null|grep Timezone|awk '{print $2}') +if [ -z "$ZONE" ]; then + ZONE='UTC' +fi +sed -i "s/;date.timezone =/date.timezone = $ZONE/g" /etc/php5/apache2/php.ini +sed -i "s/;date.timezone =/date.timezone = $ZONE/g" /etc/php5/cli/php.ini +sed -i 's%_open_tag = Off%_open_tag = On%g' /etc/php5/apache2/php.ini +sed -i 's%_open_tag = Off%_open_tag = On%g' /etc/php5/cli/php.ini + + +#----------------------------------------------------------# +# Configure VSFTPD # +#----------------------------------------------------------# + +if [ "$vsftpd" = 'yes' ]; then + wget $vestacp/vsftpd/vsftpd.conf -O /etc/vsftpd.conf + update-rc.d vsftpd defaults + service vsftpd start + check_result $? "vsftpd start failed" +fi + + +#----------------------------------------------------------# +# Configure ProFTPD # +#----------------------------------------------------------# + +if [ "$proftpd" = 'yes' ]; then + echo "127.0.0.1 $servername" >> /etc/hosts + wget $vestacp/proftpd/proftpd.conf -O /etc/proftpd/proftpd.conf + update-rc.d proftpd defaults + service proftpd start + check_result $? "proftpd start failed" +fi + + +#----------------------------------------------------------# +# Configure MySQL/MariaDB # +#----------------------------------------------------------# + +if [ "$mysql" = 'yes' ]; then + mycnf="my-small.cnf" + if [ $memory -gt 1200000 ]; then + mycnf="my-medium.cnf" + fi + if [ $memory -gt 3900000 ]; then + mycnf="my-large.cnf" + fi + + # MySQL configuration + wget $vestacp/mysql/$mycnf -O /etc/mysql/my.cnf + mysql_install_db + update-rc.d mysql defaults + service mysql start + check_result $? "mysql start failed" + + # Securing MySQL installation + mysqladmin -u root password $vpass + echo -e "[client]\npassword='$vpass'\n" > /root/.my.cnf + chmod 600 /root/.my.cnf + mysql -e "DELETE FROM mysql.user WHERE User=''" + mysql -e "DROP DATABASE test" >/dev/null 2>&1 + mysql -e "DELETE FROM mysql.db WHERE Db='test' OR Db='test\\_%'" + mysql -e "DELETE FROM mysql.user WHERE user='' or password='';" + mysql -e "FLUSH PRIVILEGES" + + # Configuring phpMyAdmin + if [ "$apache" = 'yes' ]; then + wget $vestacp/pma/apache.conf -O /etc/phpmyadmin/apache.conf + ln -s /etc/phpmyadmin/apache.conf /etc/apache2/conf.d/phpmyadmin.conf + fi + wget $vestacp/pma/config.inc.php -O /etc/phpmyadmin/config.inc.php + chmod 777 /var/lib/phpmyadmin/tmp +fi + +#----------------------------------------------------------# +# Configure PostgreSQL # +#----------------------------------------------------------# + +if [ "$postgresql" = 'yes' ]; then + wget $vestacp/postgresql/pg_hba.conf -O /etc/postgresql/*/main/pg_hba.conf + service postgresql restart + sudo -u postgres psql -c "ALTER USER postgres WITH PASSWORD '$vpass'" 2>/dev/null + + # Configuring phpPgAdmin + if [ "$apache" = 'yes' ]; then + wget $vestacp/pga/phppgadmin.conf -O /etc/apache2/conf.d/phppgadmin.conf + fi + wget $vestacp/pga/config.inc.php -O /etc/phppgadmin/config.inc.php +fi + + +#----------------------------------------------------------# +# Configure Bind # +#----------------------------------------------------------# + +if [ "$named" = 'yes' ]; then + wget $vestacp/bind/named.conf -O /etc/bind/named.conf + sed -i "s%listen-on%//listen%" /etc/bind/named.conf.options + chown root:bind /etc/bind/named.conf + chmod 640 /etc/bind/named.conf + update-rc.d bind9 defaults + service bind9 start + check_result $? "bind9 start failed" +fi + +#----------------------------------------------------------# +# Configure Exim # +#----------------------------------------------------------# + +if [ "$exim" = 'yes' ]; then + gpasswd -a Debian-exim mail + wget $vestacp/exim/exim4.conf.template -O /etc/exim4/exim4.conf.template + wget $vestacp/exim/dnsbl.conf -O /etc/exim4/dnsbl.conf + wget $vestacp/exim/spam-blocks.conf -O /etc/exim4/spam-blocks.conf + touch /etc/exim4/white-blocks.conf + + if [ "$spamd" = 'yes' ]; then + sed -i "s/#SPAM/SPAM/g" /etc/exim4/exim4.conf.template + fi + if [ "$clamd" = 'yes' ]; then + sed -i "s/#CLAMD/CLAMD/g" /etc/exim4/exim4.conf.template + fi + + chmod 640 /etc/exim4/exim4.conf.template + rm -rf /etc/exim4/domains + mkdir -p /etc/exim4/domains + + rm -f /etc/alternatives/mta + ln -s /usr/sbin/exim4 /etc/alternatives/mta + update-rc.d -f sendmail remove > /dev/null 2>&1 + service sendmail stop > /dev/null 2>&1 + update-rc.d -f postfix remove > /dev/null 2>&1 + service postfix stop > /dev/null 2>&1 + + update-rc.d exim4 defaults + service exim4 start + check_result $? "exim4 start failed" +fi + + +#----------------------------------------------------------# +# Configure Dovecot # +#----------------------------------------------------------# + +if [ "$dovecot" = 'yes' ]; then + gpasswd -a dovecot mail + wget $vestacp/dovecot.tar.gz -O /etc/dovecot.tar.gz + cd /etc + rm -rf dovecot dovecot.conf + tar -xzf dovecot.tar.gz + rm -f dovecot.tar.gz + chown -R root:root /etc/dovecot* + update-rc.d dovecot defaults + service dovecot start + check_result $? "dovecot start failed" +fi + + +#----------------------------------------------------------# +# Configure ClamAV # +#----------------------------------------------------------# + +if [ "$clamd" = 'yes' ]; then gpasswd -a clamav mail gpasswd -a clamav Debian-exim + wget $vestacp/clamav/clamd.conf -O /etc/clamav/clamd.conf /usr/bin/freshclam update-rc.d clamav-daemon defaults - service clamav-daemon stop > /dev/null 2>&1 service clamav-daemon start - if [ "$?" -ne 0 ]; then - echo "Error: clamav start failed" - exit 1 - fi + check_result $? "clamav-daeom start failed" fi -# SpamAssassin configuration -if [ "$srv_type" = 'medium' ] || [ "$srv_type" = 'large' ]; then + +#----------------------------------------------------------# +# Configure SpamAssassin # +#----------------------------------------------------------# + +if [ "$spamd" = 'yes' ]; then update-rc.d spamassassin defaults sed -i "s/ENABLED=0/ENABLED=1/" /etc/default/spamassassin - service spamassassin stop > /dev/null 2>&1 service spamassassin start - if [ "$?" -ne 0 ]; then - echo "Error: spamassassin start failed" - exit 1 + check_result $? "spamassassin start failed" +fi + + +#----------------------------------------------------------# +# Configure RoundCube # +#----------------------------------------------------------# + +if [ "$exim" = 'yes' ] && [ "$mysql" = 'yes' ]; then + if [ "$apache" = 'yes' ]; then + wget $vestacp/roundcube/apache.conf -O /etc/roundcube/apache.conf + ln -s /etc/roundcube/apache.conf /etc/apache2/conf.d/roundcube.conf + fi + wget $vestacp/roundcube/main.inc.php -O /etc/roundcube/main.inc.php + wget $vestacp/roundcube/db.inc.php -O /etc/roundcube/db.inc.php + wget $vestacp/roundcube/vesta.php -O \ + /usr/share/roundcube/plugins/password/drivers/vesta.php + wget $vestacp/roundcube/config.inc.php -O \ + /etc/roundcube/plugins/password/config.inc.php + r="$(gen_pass)" + mysql -e "CREATE DATABASE roundcube" + mysql -e "GRANT ALL ON roundcube.* TO roundcube@localhost IDENTIFIED BY '$r'" + sed -i "s/%password%/$r/g" /etc/roundcube/db.inc.php + mysql roundcube < /usr/share/dbconfig-common/data/roundcube/install/mysql + chmod a+r /etc/roundcube/main.inc.php + if [ "$release" -eq 8 ]; then + mv -f /etc/roundcube/main.inc.php /etc/roundcube/config.inc.php + mv -f /etc/roundcube/db.inc.php /etc/roundcube/debian-db-roundcube.php fi fi -# Fail2ban configuration -if [ -z "$disable_fail2ban" ]; then + +#----------------------------------------------------------# +# Configure Fail2Ban # +#----------------------------------------------------------# + +if [ "$fail2ban" = 'yes' ]; then cd /etc - wget $CHOST/$VERSION/fail2ban.tar.gz -O fail2ban.tar.gz + wget $vestacp/fail2ban.tar.gz -O fail2ban.tar.gz tar -xzf fail2ban.tar.gz rm -f fail2ban.tar.gz - chkconfig fail2ban on + if [ "$dovecot" = 'no' ]; then + fline=$(cat /etc/fail2ban/jail.local |grep -n dovecot-iptables -A 2) + fline=$(echo "$fline" |tail -n1 |cut -f 1 -d -) + sed -i "${fline}s/true/false/" /etc/fail2ban/jail.local + fi + if [ "$exim" = 'no' ]; then + fline=$(cat /etc/fail2ban/jail.local |grep -n exim-iptables -A 2) + fline=$(echo "$fline" |tail -n1 |cut -f 1 -d -) + sed -i "${fline}s/true/false/" /etc/fail2ban/jail.local + fi + update-rc.d fail2ban defaults service fail2ban start -else - sed -i "s/fail2ban//" $VESTA/conf/vesta.conf + check_result $? "fail2ban start failed" fi -# php configuration -sed -i "s/;date.timezone =/date.timezone = UTC/g" /etc/php5/apache2/php.ini -sed -i "s/;date.timezone =/date.timezone = UTC/g" /etc/php5/cli/php.ini -# phpMyAdmin configuration -wget $CHOST/$VERSION/apache2-pma.conf -O /etc/phpmyadmin/apache.conf -wget $CHOST/$VERSION/pma.conf -O /etc/phpmyadmin/config.inc.php -ln -s /etc/phpmyadmin/apache.conf /etc/apache2/conf.d/phpmyadmin.conf -mv -f /etc/phpmyadmin/config-db.php /etc/phpmyadmin/config-db.php_ -chmod 777 /var/lib/phpmyadmin/tmp -# Roundcube configuration -wget $CHOST/$VERSION/apache2-webmail.conf -O /etc/roundcube/apache.conf -wget $CHOST/$VERSION/roundcube-main.conf -O /etc/roundcube/main.inc.php -wget $CHOST/$VERSION/roundcube-db.conf -O /etc/roundcube/db.inc.php -wget $CHOST/$VERSION/roundcube-driver.php -O \ - /usr/share/roundcube/plugins/password/drivers/vesta.php -wget $CHOST/$VERSION/roundcube-pw.conf -O \ - /etc/roundcube/plugins/password/config.inc.php -r="$(gen_pass)" -mysql -e "DROP DATABASE roundcube" > /dev/null 2>&1 -mysql -e "CREATE DATABASE roundcube" -mysql -e "GRANT ALL ON roundcube.* TO roundcube@localhost IDENTIFIED BY '$r'" -sed -i "s/%password%/$r/g" /etc/roundcube/db.inc.php -mysql roundcube < /usr/share/dbconfig-common/data/roundcube/install/mysql -mkdir -p /var/log/roundcube/error -chmod -R 777 /var/log/roundcube +#----------------------------------------------------------# +# Configure Admin User # +#----------------------------------------------------------# -# Deleting old admin user account if exists +# Deleting old admin user if [ ! -z "$(grep ^admin: /etc/passwd)" ] && [ "$force" = 'yes' ]; then chattr -i /home/admin/conf > /dev/null 2>&1 - userdel -f admin - chattr -i /home/admin/conf - mv -f /home/admin $vst_backups/home/ - rm -f /tmp/sess_* + userdel -f admin >/dev/null 2>&1 + chattr -i /home/admin/conf >/dev/null 2>&1 + mv -f /home/admin $vst_backups/home/ >/dev/null 2>&1 + rm -f /tmp/sess_* >/dev/null 2>&1 fi -if [ ! -z "$(grep ^admin: /etc/group)" ]; then +if [ ! -z "$(grep ^admin: /etc/group)" ] && [ "$force" = 'yes' ]; then groupdel admin > /dev/null 2>&1 fi -# Generating admin password if it wasn't set -if [ -z "$vpass" ]; then - vpass=$(gen_pass) -fi - -# Adding admin account +# Adding vesta account $VESTA/bin/v-add-user admin $vpass $email default System Administrator -if [ $? -ne 0 ]; then - echo "Error: can't create admin user" - exit 1 -fi +check_result $? "can't create admin user" $VESTA/bin/v-change-user-shell admin bash -$VESTA/bin/v-change-user-language admin en - -# Configure mysql host -$VESTA/bin/v-add-database-host mysql localhost root $mpass -$VESTA/bin/v-add-database admin default default $(gen_pass) mysql +$VESTA/bin/v-change-user-language admin $lang # Configuring system ips $VESTA/bin/v-update-sys-ip -# Firewall configuartion -cd $VESTA/data -wget $CHOST/$VERSION/firewall.tar.gz -O firewall.tar.gz -tar -xzf firewall.tar.gz -rm -f firewall.tar.gz -if [ "$disable_iptables" = 'yes' ]; then - sed -i "s/iptables//" $VESTA/conf/vesta.conf -else - /usr/local/vesta/bin/v-update-firewall -fi - # Get main ip -main_ip=$(ifconfig |grep 'inet addr:' |grep -v 127.0.0.1 |head -n1 | \ - cut -f2 -d: | cut -f1 -d ' ') +ip=$(ip addr|grep 'inet '|grep global|head -n1|awk '{print $2}'|cut -f1 -d/) -# Get remote ip -vst_ip=$(wget vestacp.com/what-is-my-ip/ -O - 2>/dev/null) -if [ ! -z "$vst_ip" ] && [ "$vst_ip" != "$main_ip" ]; then - # Set NAT association - $VESTA/bin/v-change-sys-ip-nat $main_ip $vst_ip +# Get public ip +pub_ip=$(wget vestacp.com/what-is-my-ip/ -O - 2>/dev/null) +if [ ! -z "$pub_ip" ] && [ "$pub_ip" != "$ip" ]; then + $VESTA/bin/v-change-sys-ip-nat $ip $pub_ip fi -if [ -z "$vst_ip" ]; then - vst_ip=$main_ip +if [ -z "$pub_ip" ]; then + ip=$main_ip fi -# Add default web domain -$VESTA/bin/v-add-web-domain admin default.domain $vst_ip +# Firewall configuration +if [ "$iptables" = 'yes' ]; then + $VESTA/bin/v-update-firewall +fi -# Add default dns domain -$VESTA/bin/v-add-dns-domain admin default.domain $vst_ip +# Configuring mysql host +if [ "$mysql" = 'yes' ]; then + $VESTA/bin/v-add-database-host mysql localhost root $vpass + $VESTA/bin/v-add-database admin default default $(gen_pass) mysql +fi -# Add default mail domain -$VESTA/bin/v-add-mail-domain admin default.domain +# Configuring pgsql host +if [ "$postgresql" = 'yes' ]; then + $VESTA/bin/v-add-database-host pgsql localhost postgres $vpass + $VESTA/bin/v-add-database admin db db $(gen_pass) pgsql +fi -# Configuring cron jobs +# Adding default domain +$VESTA/bin/v-add-domain admin $servername +check_result $? "can't create $servername domain" + +# Adding cron jobs command='sudo /usr/local/vesta/bin/v-update-sys-queue disk' $VESTA/bin/v-add-cron-job 'admin' '15' '02' '*' '*' '*' "$command" command='sudo /usr/local/vesta/bin/v-update-sys-queue traffic' @@ -837,35 +1158,42 @@ command='sudo /usr/local/vesta/bin/v-update-user-stats' $VESTA/bin/v-add-cron-job 'admin' '20' '00' '*' '*' '*' "$command" command='sudo /usr/local/vesta/bin/v-update-sys-rrd' $VESTA/bin/v-add-cron-job 'admin' '*/5' '*' '*' '*' '*' "$command" +service cron restart # Building inititall rrd images $VESTA/bin/v-update-sys-rrd -# Enable file system quota +# Enabling file system quota if [ "$quota" = 'yes' ]; then $VESTA/bin/v-add-sys-quota fi -# Start system service +# Starting vesta service update-rc.d vesta defaults -service vesta stop > /dev/null 2>&1 service vesta start -if [ "$?" -ne 0 ]; then - echo "Error: vesta start failed" - exit 1 +check_result $? "vesta start failed" + + +#----------------------------------------------------------# +# Vesta Access Info # +#----------------------------------------------------------# + +# Sending install notification to vestacp.com +wget vestacp.com/notify/?$codename -O /dev/null -q + +# Comparing hostname and ip +host_ip=$(host $servername| head -n 1 | awk '{print $NF}') +if [ "$host_ip" = "$ip" ]; then + ip="$servername" fi -# Send notification to vestacp.com -wget vestacp.com/notify/?$codename -O /dev/null - -# Send notification to admin email +# Sending notification to admin email echo -e "Congratulations, you have just successfully installed \ -the Vesta Control Panel +Vesta Control Panel -You can login in Vesta with following credentials: + https://$ip:8083 username: admin password: $vpass - https://$vst_ip:8083 We hope that you enjoy your installation of Vesta. Please \ feel free to contact us anytime if you have any questions. @@ -878,12 +1206,10 @@ vestacp.com team send_mail="$VESTA/web/inc/mail-wrapper.php" cat $tmpfile | $send_mail -s "Vesta Control Panel" $email -rm -f $tmpfile # Congrats echo '=======================================================' echo -echo echo ' _| _| _|_|_|_| _|_|_| _|_|_|_|_| _|_| ' echo ' _| _| _| _| _| _| _| ' echo ' _| _| _|_|_| _|_| _| _|_|_|_| ' @@ -891,20 +1217,7 @@ echo ' _| _| _| _| _| _| _| ' echo ' _| _|_|_|_| _|_|_| _| _| _| ' echo echo -echo '-------------------------------' -echo " https://$vst_ip:8083" -echo ' username: admin' -echo " password: $vpass" -echo '-------------------------------' -echo -echo -echo 'Congratulations,' -echo 'you have successfully installed Vesta Control Panel.' -echo -echo +cat $tmpfile +rm -f $tmpfile -# Tricky way to get new PATH variable -cd -bash - -#EOF +# EOF diff --git a/install/vst-install-rhel.sh b/install/vst-install-rhel.sh old mode 100644 new mode 100755 index b90320cbd..9aa438570 --- a/install/vst-install-rhel.sh +++ b/install/vst-install-rhel.sh @@ -1,6 +1,6 @@ #!/bin/bash -# Vesta RHEL/CentOS installer v.04 +# Vesta RHEL/CentOS installer v.05 #----------------------------------------------------------# # Variables&Functions # @@ -10,34 +10,68 @@ RHOST='r.vestacp.com' CHOST='c.vestacp.com' REPO='cmmnt' VERSION='0.9.8/rhel' -YUM_REPO='/etc/yum.repos.d/vesta.repo' -software="nginx httpd mod_ssl mod_ruid2 mod_extract_forwarded mod_fcgid - php php-bcmath php-cli php-common php-gd php-imap php-mbstring php-mcrypt - php-mysql php-pdo php-soap php-tidy php-xml php-xmlrpc quota e2fsprogs - phpMyAdmin awstats webalizer vsftpd mysql mysql-server exim dovecot clamd - spamassassin curl roundcubemail bind bind-utils bind-libs mc screen ftp - libpng libjpeg libmcrypt mhash zip unzip openssl flex rssh libxml2 - ImageMagick sqlite pcre sudo bc jwhois mailx lsof tar telnet rrdtool - fail2ban GeoIP freetype ntp openssh-clients vesta vesta-nginx vesta-php" +memory=$(grep 'MemTotal' /proc/meminfo |tr ' ' '\n' |grep [0-9]) +arch=$(uname -i) +os=$(cut -f 1 -d ' ' /etc/redhat-release) +release=$(grep -o "[0-9]" /etc/redhat-release |head -n1) +codename="${os}_$release" +vestacp="http://$CHOST/$VERSION/$release" -# Help +if [ "$release" -eq 7 ]; then + software="nginx httpd mod_ssl mod_ruid2 mod_fcgid php php-common php-cli + php-bcmath php-gd php-imap php-mbstring php-mcrypt php-mysql php-pdo + php-soap php-tidy php-xml php-xmlrpc php-fpm php-pgsql awstats webalizer + vsftpd proftpd bind bind-utils bind-libs exim dovecot clamav-server + clamav-update spamassassin roundcubemail mariadb mariadb-server phpMyAdmin + postgresql postgresql-server postgresql-contrib phpPgAdmin e2fsprogs + openssh-clients ImageMagick curl mc screen ftp zip unzip flex sqlite pcre + sudo bc jwhois mailx lsof tar telnet rrdtool net-tools ntp GeoIP freetype + fail2ban rsyslog iptables-services which vesta vesta-nginx vesta-php" +else + software="nginx httpd mod_ssl mod_ruid2 mod_fcgid mod_extract_forwarded + php php-common php-cli php-bcmath php-gd php-imap php-mbstring php-mcrypt + php-mysql php-pdo php-soap php-tidy php-xml php-xmlrpc php-fpm php-pgsql + awstats webalizer vsftpd proftpd bind bind-utils bind-libs exim dovecot + clamd spamassassin roundcubemail mysql mysql-server phpMyAdmin postgresql + postgresql-server postgresql-contrib phpPgAdmin e2fsprogs openssh-clients + ImageMagick curl mc screen ftp zip unzip flex sqlite pcre sudo bc jwhois + mailx lsof tar telnet rrdtool net-tools ntp GeoIP freetype fail2ban + which vesta vesta-nginx vesta-php" +fi + +# Defining help function help() { - echo "usage: $0 [OPTIONS] - -h, --help Print this help and exit - -f, --force Force installation - -i, --disable-iptables Disable iptables support - -b, --disable-fail2ban Disable fail2ban protection - -d, --disable-remi Disable remi repository - -n, --noupdate Do not run yum update command - -s, --hostname Set server hostname - -e, --email Set email address - -p, --password Set admin password instead of generating it - -m, --mysql-password Set MySQL password instead of generating it - -q, --quota Enable File System Quota" + echo "Usage: $0 [OPTIONS] + -a, --apache Install Apache [yes|no] default: yes + -n, --nginx Install Nginx [yes|no] default: yes + -w, --phpfpm Install PHP-FPM [yes|no] default: no + -v, --vsftpd Install Vsftpd [yes|no] default: yes + -j, --proftpd Install ProFTPD [yes|no] default: no + -k, --named Install Bind [yes|no] default: yes + -m, --mysql Install MySQL [yes|no] default: yes + -g, --postgresql Install PostgreSQL [yes|no] default: no + -d, --mongodb Install MongoDB [yes|no] unsupported + -x, --exim Install Exim [yes|no] default: yes + -z, --dovecot Install Dovecot [yes|no] default: yes + -c, --clamav Install ClamAV [yes|no] default: yes + -t, --spamassassin Install SpamAssassin [yes|no] default: yes + -i, --iptables Install Iptables [yes|no] default: yes + -b, --fail2ban Install Fail2ban [yes|no] default: yes + -r, --remi Install Remi repo [yes|no] default: yes + -q, --quota Filesystem Quota [yes|no] default: no + -l, --lang Default language default: en + -y, --interactive Interactive install [yes|no] default: yes + -s, --hostname Set hostname + -e, --email Set admin email + -p, --password Set admin password + -f, --force Force installation + -h, --help Print this help + + Example: bash $0 -e demo@vestacp.com -p p4ssw0rd --apache no --phpfpm yes" exit 1 } -# Password generator +# Defining password-gen function gen_pass() { MATRIX='0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz' LENGTH=10 @@ -48,117 +82,172 @@ gen_pass() { echo "$PASS" } +# Defning return code check function +check_result() { + if [ $1 -ne 0 ]; then + echo "Error: $2" + exit $1 + fi +} + +# Defining function to set default value +set_default_value() { + eval variable=\$$1 + if [ -z "$variable" ]; then + eval $1=$2 + fi + if [ "$variable" != 'yes' ] && [ "$variable" != 'no' ]; then + eval $1=$2 + fi +} + #----------------------------------------------------------# # Verifications # #----------------------------------------------------------# +# Creating temporary file +tmpfile=$(mktemp -p /tmp) + # Translating argument to --gnu-long-options for arg; do delim="" case "$arg" in - --help) args="${args}-h " ;; - --force) args="${args}-f " ;; - --disable-fail2ban) args="${args}-b " ;; - --disable-remi) args="${args}-d " ;; - --disable-iptables) args="${args}-i " ;; - --noupdate) args="${args}-n " ;; + --apache) args="${args}-a " ;; + --nginx) args="${args}-n " ;; + --phpfpm) args="${args}-w " ;; + --vsftpd) args="${args}-v " ;; + --proftpd) args="${args}-j " ;; + --named) args="${args}-k " ;; + --mysql) args="${args}-m " ;; + --postgresql) args="${args}-g " ;; + --mongodb) args="${args}-d " ;; + --exim) args="${args}-x " ;; + --dovecot) args="${args}-z " ;; + --clamav) args="${args}-c " ;; + --spamassassin) args="${args}-t " ;; + --iptables) args="${args}-i " ;; + --fail2ban) args="${args}-b " ;; + --remi) args="${args}-r " ;; + --quota) args="${args}-q " ;; + --lang) args="${args}-l " ;; + --interactive) args="${args}-y " ;; --hostname) args="${args}-s " ;; --email) args="${args}-e " ;; --password) args="${args}-p " ;; - --mysql-password) args="${args}-m " ;; - --quota) args="${args}-q " ;; - *) [[ "${arg:0:1}" == "-" ]] || delim="\"" - args="${args}${delim}${arg}${delim} ";; + --force) args="${args}-f " ;; + --help) args="${args}-h " ;; + *) [[ "${arg:0:1}" == "-" ]] || delim="\"" + args="${args}${delim}${arg}${delim} ";; esac done eval set -- "$args" -# Getopt -while getopts "hfibdnqe:m:p:s:" Option; do +# Parsing arguments +while getopts "a:n:w:v:j:k:m:g:d:x:z:c:t:i:b:r:q:l:y:s:e:p:fh" Option; do case $Option in - h) help ;; # Help - f) force='yes' ;; # Force install - i) disable_iptables='yes' ;; # Disable iptables - b) disable_fail2ban='yes' ;; # Disable fail2ban - d) disable_remi='yes' ;; # Disable remi repo - n) noupdate='yes' ;; # Disable yum update - s) servername=$OPTARG ;; # Server hostname - e) email=$OPTARG ;; # Set email - p) vpass=$OPTARG ;; # Admin password - m) mpass=$OPTARG ;; # MySQL pasword - q) quota='yes' ;; # Enable quota - *) help ;; # Default + a) apache=$OPTARG ;; # Apache + n) nginx=$OPTARG ;; # Nginx + w) phpfpm=$OPTARG ;; # PHP-FPM + v) vsftpd=$OPTARG ;; # Vsftpd + j) proftpd=$OPTARG ;; # Proftpd + k) named=$OPTARG ;; # Named + m) mysql=$OPTARG ;; # MySQL + g) postgresql=$OPTARG ;; # PostgreSQL + d) mongodb=$OPTARG ;; # MongoDB (unsupported) + x) exim=$OPTARG ;; # Exim + z) dovecot=$OPTARG ;; # Dovecot + c) clamd=$OPTARG ;; # ClamAV + t) spamd=$OPTARG ;; # SpamAssassin + i) iptables=$OPTARG ;; # Iptables + b) fail2ban=$OPTARG ;; # Fail2ban + r) remi=$OPTARG ;; # Remi repo + q) quota=$OPTARG ;; # FS Quota + l) lang=$OPTARG ;; # Language + y) interactive=$OPTARG ;; # Interactive install + s) servername=$OPTARG ;; # Hostname + e) email=$OPTARG ;; # Admin email + p) vpass=$OPTARG ;; # Admin password + f) force='yes' ;; # Force install + h) help ;; # Help + *) help ;; # Print help (default) esac done -# Am I root? +# Defining default software stack +set_default_value 'nginx' 'yes' +set_default_value 'apache' 'yes' +set_default_value 'phpfpm' 'no' +set_default_value 'vsftpd' 'yes' +set_default_value 'proftpd' 'no' +set_default_value 'named' 'yes' +set_default_value 'mysql' 'yes' +set_default_value 'postgresql' 'no' +set_default_value 'mongodb' 'no' +set_default_value 'exim' 'yes' +set_default_value 'dovecot' 'yes' +if [ $memory -lt 1500000 ]; then + set_default_value 'clamd' 'no' + set_default_value 'spamd' 'no' +else + set_default_value 'clamd' 'yes' + set_default_value 'spamd' 'yes' +fi +set_default_value 'iptables' 'yes' +set_default_value 'fail2ban' 'yes' +set_default_value 'remi' 'yes' +set_default_value 'quota' 'no' +set_default_value 'lang' 'en' +set_default_value 'interactive' 'yes' + +# Checking software conflicts +if [ "$phpfpm" = 'yes' ]; then + apache='no' + nginx='yes' +fi +if [ "$proftpd" = 'yes' ]; then + vsftpd='no' +fi +if [ "$exim" = 'no' ]; then + clamd='no' + spamd='no' + dovecot='no' +fi +if [ "$iptables" = 'no' ]; then + fail2ban='no' +fi + + +# Checking root permissions if [ "x$(id -u)" != 'x0' ]; then - echo 'Error: this script can only be executed by root' - exit 1 + check_error 1 "Script can be run executed only by root" fi -# Check supported version -if [ ! -e '/etc/redhat-release' ]; then - echo 'Error: sorry, we currently support RHEL and CentOS only' - exit 1 -fi - -# Check supported OS -arch=$(uname -i) -os=$(cut -f 1 -d ' ' /etc/redhat-release) -release=$(grep -o "[0-9]" /etc/redhat-release |head -n1) -codename="${os}_$release" -if [ $os != 'CentOS' ] && [ $os != 'Red' ]; then - echo 'Error: sorry, we currently support RHEL and CentOS only' - exit -fi - -# Check admin user account -if [ ! -z "$(grep ^admin: /etc/passwd)" ] && [ "$force" != 'yes' ]; then - echo "Error: user admin exists" - echo +# Checking admin user account +if [ ! -z "$(grep ^admin: /etc/passwd /etc/group)" ] && [ -z "$force" ]; then echo 'Please remove admin user account before proceeding.' echo 'If you want to do it automatically run installer with -f option:' - echo "Example: bash $0 --force" - exit 1 + echo -e "Example: bash $0 --force\n" + check_result 1 "User admin exists" fi -# Check admin group -if [ ! -z "$(grep ^admin: /etc/group)" ] && [ "$force" != 'yes' ]; then - echo "Error: group admin exists" - echo - echo 'Please remove admin group before proceeding.' - echo 'If you want to do it automatically run installer with -f option:' - echo "Example: bash $0 --force" - exit 1 -fi - -# Check wget +# Checking wget if [ ! -e '/usr/bin/wget' ]; then yum -y install wget - if [ $? -ne 0 ]; then - echo "Error: can't install wget" - exit 1 - fi + check_result $? "Can't install wget" fi -# Check repo availability -wget -q "$CHOST/$VERSION/vesta.conf" -O /dev/null -if [ $? -ne 0 ]; then - echo "Error: no access to $REPO repository" - exit 1 -fi +# Checking repository availability +wget -q "$vestacp/GPG.txt" -O /dev/null +check_result $? "No access to Vesta repository" -# Check installed packages -tmpfile=$(mktemp -p /tmp) +# Checking installed packages rpm -qa > $tmpfile -for pkg in exim bind-9 mysql-server httpd nginx vesta; do +for pkg in exim mysql-server httpd nginx vesta; do if [ ! -z "$(grep $pkg $tmpfile)" ]; then conflicts="$pkg $conflicts" fi done -rm -f $tmpfile if [ ! -z "$conflicts" ] && [ -z "$force" ]; then echo '!!! !!! !!! !!! !!! !!! !!! !!! !!! !!! !!! !!! !!! !!! !!! !!! !!!' echo @@ -171,92 +260,357 @@ if [ ! -z "$conflicts" ] && [ -z "$force" ]; then echo echo '!!! !!! !!! !!! !!! !!! !!! !!! !!! !!! !!! !!! !!! !!! !!! !!! !!!' echo - exit 1 + check_result 1 "Control Panel should be installed on clean server." fi -# Check server type -memory=$(grep 'MemTotal' /proc/meminfo |tr ' ' '\n' |grep [0-9]) -if [ "$memory" -lt '350000' ] && [ -z "$force" ]; then - echo "Error: not enough memory to install Vesta Control Panel." - echo -e "\nMinimum RAM required: 350Mb" - echo 'If you want to force installation run this script with -f option:' - echo "Example: bash $0 --force" - exit 1 -fi -srv_type='micro' -if [ "$memory" -gt '1000000' ]; then - srv_type='small' +#----------------------------------------------------------# +# Brief Info # +#----------------------------------------------------------# + +# Printing nice ascii aslogo +clear +echo +echo ' _| _| _|_|_|_| _|_|_| _|_|_|_|_| _|_|' +echo ' _| _| _| _| _| _| _|' +echo ' _| _| _|_|_| _|_| _| _|_|_|_|' +echo ' _| _| _| _| _| _| _|' +echo ' _| _|_|_|_| _|_|_| _| _| _|' +echo +echo ' Vesta Control Panel' +echo -e "\n\n" + +echo 'Following software will be installed on your system:' + +# Web stack +if [ "$nginx" = 'yes' ]; then + echo ' - Nginx Web Server' +fi +if [ "$apache" = 'yes' ] && [ "$nginx" = 'no' ] ; then + echo ' - Apache Web Server' +fi +if [ "$apache" = 'yes' ] && [ "$nginx" = 'yes' ] ; then + echo ' - Apache Web Server (as backend)' +fi +if [ "$phpfpm" = 'yes' ]; then + echo ' - PHP-FPM Application Server' fi -if [ "$memory" -gt '3000000' ]; then - srv_type='medium' +# DNS stack +if [ "$named" = 'yes' ]; then + echo ' - Bind DNS Server' fi -if [ "$memory" -gt '7000000' ]; then - srv_type='large' -fi - -# Are you sure ? -if [ -z $email ]; then - clear - echo - echo ' _| _| _|_|_|_| _|_|_| _|_|_|_|_| _|_| ' - echo ' _| _| _| _| _| _| _| ' - echo ' _| _| _|_|_| _|_| _| _|_|_|_| ' - echo ' _| _| _| _| _| _| _| ' - echo ' _| _|_|_|_| _|_|_| _| _| _| ' - echo - echo ' Vesta Control Panel' - echo - echo - echo 'Following software will be installed on your system:' - echo ' - Nginx frontend web server' - echo ' - Apache application web server' - echo ' - Bind DNS server' - echo ' - Exim mail server' - echo ' - Dovecot IMAP and POP3 server' - if [ "$srv_type" = 'medium' ] || [ "$srv_type" = 'large' ]; then - echo ' - Clam mail antivirus' - echo ' - SpamAssassin antispam' +# Mail Stack +if [ "$exim" = 'yes' ]; then + echo -n ' - Exim mail server' + if [ "$clamd" = 'yes' ] || [ "$spamd" = 'yes' ] ; then + echo -n ' + ' + if [ "$clamd" = 'yes' ]; then + echo -n 'Antivirus ' + fi + if [ "$spamd" = 'yes' ]; then + echo -n 'Antispam' + fi fi - echo ' - MySQL database server' - echo ' - Vsftpd FTP server' - echo - echo ' * SELinux and Iptables will be disabled' - echo + echo + if [ "$dovecot" = 'yes' ]; then + echo ' - Dovecot POP3/IMAP Server' + fi +fi - read -p 'Do you want to proceed? [y/n]): ' answer +# DB stack +if [ "$mysql" = 'yes' ]; then + if [ $release = 7 ]; then + echo ' - MariaDB Database Server' + else + echo ' - MySQL Database Server' + fi +fi +if [ "$postgresql" = 'yes' ]; then + echo ' - PostgreSQL Database Server' +fi +if [ "$mongodb" = 'yes' ]; then + echo ' - MongoDB Database Server' +fi + +# FTP stack +if [ "$vsftpd" = 'yes' ]; then + echo ' - Vsftpd FTP Server' +fi +if [ "$proftpd" = 'yes' ]; then + echo ' - ProFTPD FTP Server' +fi + +# Firewall stack +if [ "$iptables" = 'yes' ]; then + echo -n ' - Iptables Firewall' +fi +if [ "$iptables" = 'yes' ] && [ "$fail2ban" = 'yes' ]; then + echo -n ' + Fail2Ban' +fi +echo -e "\n\n" + +# Asking for confirmation to proceed +if [ "$interactive" = 'yes' ]; then + read -p 'Would you like to continue [y/n]: ' answer if [ "$answer" != 'y' ] && [ "$answer" != 'Y' ]; then echo 'Goodbye' exit 1 fi - # Define email - read -p 'Please enter valid email address: ' email + # Asking for contact email + if [ -z "$email" ]; then + read -p 'Please enter admin email address: ' email + fi - # Define server hostname + # Asking to set FQDN hostname if [ -z "$servername" ]; then - read -p "Please enter hostname [$(hostname)]: " servername + read -p "Please enter FQDN hostname [$(hostname)]: " servername fi fi -# Validate email -local_part=$(echo $email | cut -s -f1 -d\@) -remote_host=$(echo $email | cut -s -f2 -d\@) -mx_failed=1 -if [ ! -z "$remote_host" ] && [ ! -z "$local_part" ]; then - /usr/bin/host -t mx "$remote_host" > /dev/null 2>&1 - mx_failed="$?" +# Generating admin password if it wasn't set +if [ -z "$vpass" ]; then + vpass=$(gen_pass) fi -if [ "$mx_failed" -eq 1 ]; then - echo "Error: email $email is not valid" - exit 1 +# Set hostname if it wasn't set +if [ -z "$servername" ]; then + servername=$(hostname -f) fi -# Check for ipv6 on loopback interface -check_lo_ipv6=$(/sbin/ifconfig lo| grep 'inet6 addr') +# Set email if it wasn't set +if [ -z "$email" ]; then + email="admin@$servername" +fi + +# Defining backup directory +vst_backups="/root/vst_install_backups/$(date +%s)" +echo "Installation backup directory: $vst_backups" + +# Printing start message and sleeping for 5 seconds +echo -e "\n\n\n\nInstallation will take about 15 minutes ...\n" +sleep 5 + + +#----------------------------------------------------------# +# Checking swap # +#----------------------------------------------------------# + +# Checking swap on small instances +if [ -z "$(swapon -s)" ] && [ $memory -lt 1000000 ]; then + fallocate -l 1G /swapfile + chmod 600 /swapfile + mkswap /swapfile + swapon /swapfile + echo "/swapfile none swap sw 0 0" >> /etc/fstab +fi + + +#----------------------------------------------------------# +# Install repositories # +#----------------------------------------------------------# + +# Updating system packages +yum -y update +check_result $? 'yum update failed' + +# Installing EPEL repository +rpm -Uvh --force $vestacp/epel-release.rpm +check_result $? "Can't install EPEL repository" + +# Installing Remi repository +if [ "$remi" = 'yes' ]; then + rpm -Uvh --force $vestacp/remi-release.rpm + check_result $? "Can't install REMI repository" +fi + +# Installing Nginx repository +nrepo="/etc/yum.repos.d/nginx.repo" +echo "[nginx]" > $nrepo +echo "name=nginx repo" >> $nrepo +echo "baseurl=http://nginx.org/packages/centos/$release/\$basearch/" >> $nrepo +echo "gpgcheck=0" >> $nrepo +echo "enabled=1" >> $nrepo + +# Installing Vesta repository +vrepo='/etc/yum.repos.d/vesta.repo' +echo "[vesta]" > $vrepo +echo "name=Vesta - $REPO" >> $vrepo +echo "baseurl=http://$RHOST/$REPO/$release/\$basearch/" >> $vrepo +echo "enabled=1" >> $vrepo +echo "gpgcheck=1" >> $vrepo +echo "gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-VESTA" >> $vrepo +wget $vestacp/GPG.txt -O /etc/pki/rpm-gpg/RPM-GPG-KEY-VESTA + + +#----------------------------------------------------------# +# Backup # +#----------------------------------------------------------# + +# Creating backup directory tree +mkdir -p $vst_backups +cd $vst_backups +mkdir nginx httpd php php-fpm vsftpd proftpd named exim dovecot clamd \ + spamassassin mysql postgresql mongodb vesta + +# Backing up Nginx configuration +service nginx stop > /dev/null 2>&1 +cp -r /etc/nginx/* $vst_backups/nginx > /dev/null 2>&1 + +# Backing up Apache configuration +service httpd stop > /dev/null 2>&1 +cp -r /etc/httpd/* $vst_backups/httpd > /dev/null 2>&1 + +# Backing up PHP configuration +service php-fpm stop >/dev/null 2>&1 +cp /etc/php.ini $vst_backups/php > /dev/null 2>&1 +cp -r /etc/php.d $vst_backups/php > /dev/null 2>&1 +cp /etc/php-fpm.conf $vst_backups/php-fpm > /dev/null 2>&1 +mv -f /etc/php-fpm.d/* $vst_backups/php-fpm/ > /dev/null 2>&1 + +# Backing up Bind configuration +service named stop > /dev/null 2>&1 +cp /etc/named.conf $vst_backups/named >/dev/null 2>&1 + +# Backing up Vsftpd configuration +service vsftpd stop > /dev/null 2>&1 +cp /etc/vsftpd/vsftpd.conf $vst_backups/vsftpd >/dev/null 2>&1 + +# Backing up ProFTPD configuration +service proftpd stop > /dev/null 2>&1 +cp /etc/proftpd.conf $vst_backups/proftpd >/dev/null 2>&1 + +# Backing up Exim configuration +service exim stop > /dev/null 2>&1 +cp -r /etc/exim/* $vst_backups/exim >/dev/null 2>&1 + +# Backing up ClamAV configuration +service clamd stop > /dev/null 2>&1 +cp /etc/clamd.conf $vst_backups/clamd >/dev/null 2>&1 +cp -r /etc/clamd.d $vst_backups/clamd >/dev/null 2>&1 + +# Backing up SpamAssassin configuration +service spamassassin stop > /dev/null 2>&1 +cp -r /etc/mail/spamassassin/* $vst_backups/spamassassin >/dev/null 2>&1 + +# Backing up Dovecot configuration +service dovecot stop > /dev/null 2>&1 +cp /etc/dovecot.conf $vst_backups/dovecot > /dev/null 2>&1 +cp -r /etc/dovecot/* $vst_backups/dovecot > /dev/null 2>&1 + +# Backing up MySQL/MariaDB configuration and data +service mysql stop > /dev/null 2>&1 +service mysqld stop > /dev/null 2>&1 +service mariadb stop > /dev/null 2>&1 +mv /var/lib/mysql $vst_backups/mysql/mysql_datadir >/dev/null 2>&1 +cp /etc/my.cnf $vst_backups/mysql > /dev/null 2>&1 +cp /etc/my.cnf.d $vst_backups/mysql > /dev/null 2>&1 +mv /root/.my.cnf $vst_backups/mysql > /dev/null 2>&1 + +# Backing up MySQL/MariaDB configuration and data +service postgresql stop > /dev/null 2>&1 +mv /var/lib/pgsql/data $vst_backups/postgresql/ >/dev/null 2>&1 + +# Backing up Vesta configuration and data +service vesta stop > /dev/null 2>&1 +mv /usr/local/vesta/data/* $vst_backups/vesta > /dev/null 2>&1 +mv /usr/local/vesta/conf/* $vst_backups/vesta > /dev/null 2>&1 + + +#----------------------------------------------------------# +# Package Exludes # +#----------------------------------------------------------# + +# Excluding packages +if [ "$nginx" = 'no' ]; then + software=$(echo "$software" | sed -e "s/^nginx//") +fi +if [ "$apache" = 'no' ]; then + software=$(echo "$software" | sed -e "s/httpd//") + software=$(echo "$software" | sed -e "s/mod_ssl//") + software=$(echo "$software" | sed -e "s/mod_fcgid//") + software=$(echo "$software" | sed -e "s/mod_ruid2//") +fi +if [ "$phpfpm" = 'no' ]; then + software=$(echo "$software" | sed -e "s/php-fpm//") +fi +if [ "$vsftpd" = 'no' ]; then + software=$(echo "$software" | sed -e "s/vsftpd//") +fi +if [ "$proftpd" = 'no' ]; then + software=$(echo "$software" | sed -e "s/proftpd//") +fi +if [ "$named" = 'no' ]; then + software=$(echo "$software" | sed -e "s/bind //") +fi +if [ "$exim" = 'no' ]; then + software=$(echo "$software" | sed -e "s/exim//") + software=$(echo "$software" | sed -e "s/dovecot//") + software=$(echo "$software" | sed -e "s/clamd//") + software=$(echo "$software" | sed -e "s/clamav-server//") + software=$(echo "$software" | sed -e "s/clamav-update//") + software=$(echo "$software" | sed -e "s/spamassassin//") + software=$(echo "$software" | sed -e "s/dovecot//") + software=$(echo "$software" | sed -e "s/roundcubemail//") +fi +if [ "$clamd" = 'no' ]; then + software=$(echo "$software" | sed -e "s/clamd//") + software=$(echo "$software" | sed -e "s/clamav-server//") + software=$(echo "$software" | sed -e "s/clamav-update//") +fi +if [ "$spamd" = 'no' ]; then + software=$(echo "$software" | sed -e 's/spamassassin//') +fi +if [ "$dovecot" = 'no' ]; then + software=$(echo "$software" | sed -e "s/dovecot//") +fi +if [ "$mysql" = 'no' ]; then + software=$(echo "$software" | sed -e 's/mysql //') + software=$(echo "$software" | sed -e 's/mysql-server//') + software=$(echo "$software" | sed -e 's/mariadb //') + software=$(echo "$software" | sed -e 's/mariadb-server//') + software=$(echo "$software" | sed -e 's/php-mysql//') + software=$(echo "$software" | sed -e 's/phpMyAdmin//') + software=$(echo "$software" | sed -e 's/roundcubemail//') +fi +if [ "$postgresql" = 'no' ]; then + software=$(echo "$software" | sed -e 's/postgresql //') + software=$(echo "$software" | sed -e 's/postgresql-server//') + software=$(echo "$software" | sed -e 's/postgresql-contrib//') + software=$(echo "$software" | sed -e 's/php-pgsql//') + software=$(echo "$software" | sed -e 's/phpPgAdmin//') +fi +if [ "$iptables" = 'no' ] || [ "$fail2ban" = 'no' ]; then + software=$(echo "$software" | sed -e 's/fail2ban//') +fi + + +#----------------------------------------------------------# +# Install packages # +#----------------------------------------------------------# + +# Installing rpm packages +if [ -z "$disable_remi" ]; then + yum -y --disablerepo=* --enablerepo="base,updates,nginx,epel,vesta,remi" \ + install $software +else + yum -y --disablerepo=* --enablerepo="base,updates,nginx,epel,vesta" \ + install $software +fi +check_result $? "yum install failed" + + +#----------------------------------------------------------# +# Configure system # +#----------------------------------------------------------# + +# Restarting rsyslog +service rsyslog restart > /dev/null 2>&1 + +# Checking ipv6 on loopback interface +check_lo_ipv6=$(/sbin/ip addr | grep 'inet6') check_rc_ipv6=$(grep 'scope global dev lo' /etc/rc.local) if [ ! -z "$check_lo_ipv6)" ] && [ -z "$check_rc_ipv6" ]; then ip addr add ::2/128 scope global dev lo @@ -265,621 +619,601 @@ if [ ! -z "$check_lo_ipv6)" ] && [ -z "$check_rc_ipv6" ]; then chmod a+x /etc/rc.local fi - -#----------------------------------------------------------# -# Install repository # -#----------------------------------------------------------# -# Let's start -echo -e "\n\n\n\nInstallation will take about 15 minutes ...\n" -sleep 5 - -# Update system -if [ -z "$noupdate" ]; then - yum -y update - if [ $? -ne 0 ]; then - echo 'Error: yum update failed' - exit 1 - fi -fi - -# Install EPEL repo -if [ ! -e '/etc/yum.repos.d/epel.repo' ]; then - if [ "$release" -eq '5' ]; then - epel="5/$arch/epel-release-5-4.noarch.rpm" - fi - - if [ "$release" -eq '6' ]; then - epel="6/$arch/epel-release-6-8.noarch.rpm" - fi - - rpm -ivh http://dl.fedoraproject.org/pub/epel/$epel - if [ $? -ne 0 ]; then - echo "Error: can't install EPEL repository" - exit 1 - fi -fi - -# Install remi repo -if [ ! -e '/etc/yum.repos.d/remi.repo' ]; then - if [ "$release" -eq '5' ]; then - remi="remi-release-5.rpm" - fi - - if [ "$release" -eq '6' ]; then - remi="remi-release-6.rpm" - fi - - rpm -ivh http://rpms.famillecollet.com/enterprise/$remi - if [ $? -ne 0 ]; then - echo "Error: can't install remi repository" - exit 1 - fi -fi - -# Install nginx repo -if [ ! -e '/etc/yum.repos.d/nginx.repo' ]; then - echo "[nginx]" > /etc/yum.repos.d/nginx.repo - echo "name=nginx repo" >> /etc/yum.repos.d/nginx.repo - echo "baseurl=http://nginx.org/packages/centos/$release/\$basearch/" \ - >> /etc/yum.repos.d/nginx.repo - echo "gpgcheck=0" >> /etc/yum.repos.d/nginx.repo - echo "enabled=1" >> /etc/yum.repos.d/nginx.repo -fi - -# Install vesta repo -echo "[vesta]" > $YUM_REPO -echo "name=Vesta - $REPO" >> $YUM_REPO -echo "baseurl=http://$RHOST/$REPO/$release/\$basearch/" >> $YUM_REPO -echo "enabled=1" >> $YUM_REPO -echo "gpgcheck=1" >> $YUM_REPO -echo "gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-VESTA" >> $YUM_REPO -wget $CHOST/GPG.txt -O /etc/pki/rpm-gpg/RPM-GPG-KEY-VESTA - - -#----------------------------------------------------------# -# Backups # -#----------------------------------------------------------# - -# Prepare backup tree -vst_backups="/root/vst_install_backups/$(date +%s)" -mkdir -p $vst_backups/nginx -mkdir -p $vst_backups/httpd -mkdir -p $vst_backups/mysql -mkdir -p $vst_backups/exim -mkdir -p $vst_backups/dovecot -mkdir -p $vst_backups/clamd -mkdir -p $vst_backups/spamassassin -mkdir -p $vst_backups/vsftpd -mkdir -p $vst_backups/named -mkdir -p $vst_backups/vesta/admin -mkdir -p $vst_backups/home - -# Backup sudoers -if [ -e '/etc/sudoers' ]; then - cp /etc/sudoers $vst_backups/ -fi - -# Backup nginx -service nginx stop > /dev/null 2>&1 -if [ -e '/etc/nginx/nginx.conf' ]; then - cp -r /etc/nginx/* $vst_backups/nginx/ -fi - -# Backup httpd -service httpd stop > /dev/null 2>&1 -if [ -e '/etc/httpd/conf/httpd.conf' ]; then - cp -r /etc/httpd/* $vst_backups/httpd/ -fi - -# Backup bind -service named stop > /dev/null 2>&1 -if [ -e '/etc/named.conf' ]; then - cp /etc/named.conf $vst_backups/named/ -fi - -# Backup vsftpd -service vsftpd stop > /dev/null 2>&1 -if [ -e '/etc/vsftpd/vsftpd.conf' ]; then - cp /etc/vsftpd/vsftpd.conf $vst_backups/vsftpd/ -fi - -# Backup exim -service exim stop > /dev/null 2>&1 -if [ -e '/etc/exim/exim.conf' ]; then - cp -r /etc/exim/* $vst_backups/exim/ -fi - -# Backup clamav -service clamd stop > /dev/null 2>&1 -if [ -e '/etc/clamd.conf' ]; then - cp /etc/clamd.conf $vst_backups/clamd/ -fi - -# Backup SpamAssassin -service spamassassin stop > /dev/null 2>&1 -if [ -e '/etc/mail/spamassassin' ]; then - cp -r /etc/mail/spamassassin/* $vst_backups/spamassassin/ -fi - -# Backup dovecot -service dovecot stop > /dev/null 2>&1 -if [ -e '/etc/dovecot.conf' ]; then - cp /etc/dovecot.conf $vst_backups/dovecot/ -fi -if [ -e '/etc/dovecot' ]; then - cp -r /etc/dovecot/* $vst_backups/dovecot/ -fi - -# Backup MySQL stuff -service mysqld stop > /dev/null 2>&1 -if [ -e '/var/lib/mysql' ]; then - mv /var/lib/mysql $vst_backups/mysql/mysql_datadir -fi -if [ -e '/etc/my.cnf' ]; then - cp /etc/my.cnf $vst_backups/mysql/ -fi -if [ -e '/root/.my.cnf' ]; then - mv /root/.my.cnf $vst_backups/mysql/ -fi - -# Backup vesta -service vesta stop > /dev/null 2>&1 -if [ -e '/usr/local/vesta/data' ]; then - mv /usr/local/vesta/data $vst_backups/vesta/ -fi - -if [ -e '/usr/local/vesta/conf' ]; then - mv /usr/local/vesta/conf $vst_backups/vesta/ -fi - -if [ -e '/home/admin/conf/' ]; then - mv /home/admin/conf/ $vst_backups/vesta/admin -fi - - -#----------------------------------------------------------# -# Install packages # -#----------------------------------------------------------# - -# Exclude heavy packages -if [ "$srv_type" = 'micro' ]; then - software=$(echo "$software" | sed -e 's/mod_fcgid//') - software=$(echo "$software" | sed -e 's/clamd//') - software=$(echo "$software" | sed -e 's/spamassassin//') -fi - -if [ "$srv_type" = 'small' ]; then - software=$(echo "$software" | sed -e 's/clamd//') - software=$(echo "$software" | sed -e 's/spamassassin//') -fi - -# Exclude fail2ban -if [ "$disable_fail2ban" = 'yes' ]; then - software=$(echo "$software" | sed -e 's/fail2ban//') -fi - -# Install Vesta packages -if [ -z "$disable_remi" ]; then - yum -y --disablerepo=* --enablerepo="base,updates,nginx,epel,vesta,remi" \ - install $software -else - yum -y --disablerepo=* --enablerepo="base,updates,nginx,epel,vesta" \ - install $software -fi -if [ $? -ne 0 ]; then - echo 'Error: yum install failed' - exit 1 -fi - - -#----------------------------------------------------------# -# Configure system # -#----------------------------------------------------------# - -# Set writable permission on tmp directory -chmod 777 /tmp - # Disabling SELinux if [ -e '/etc/sysconfig/selinux' ]; then sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/sysconfig/selinux - setenforce 0 -fi -if [ -e '/etc/selinux/config' ]; then sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config - setenforce 0 + setenforce 0 2>/dev/null fi -# Vesta configuration +# Disable iptables +service iptables stop + +# Configuring NTP synchronization +echo '#!/bin/sh' > /etc/cron.daily/ntpdate +echo "$(which ntpdate) -s pool.ntp.org" >> /etc/cron.daily/ntpdate +chmod 775 /etc/cron.daily/ntpdate +ntpdate -s pool.ntp.org + +# Disabling webalizer routine +rm -f /etc/cron.daily/00webalizer + +# Adding backup user +adduser backup 2>/dev/null +ln -sf /home/backup /backup +chmod a+x /backup + +# Chaning default directory color +echo 'LS_COLORS="$LS_COLORS:di=00;33"' >> /etc/profile + +# Changing default systemd interval +if [ "$release" -eq '7' ]; then + # Hi Lennart + echo "DefaultStartLimitInterval=1s" >> /etc/systemd/system.conf + echo "DefaultStartLimitBurst=60" >> /etc/systemd/system.conf + systemctl daemon-reexec +fi + + +#----------------------------------------------------------# +# Configure VESTA # +#----------------------------------------------------------# + +# Downlading sudo configuration +mkdir -p /etc/sudoers.d +wget $vestacp/sudo/admin -O /etc/sudoers.d/admin +chmod 440 /etc/sudoers.d/admin + +# Configuring system env echo "export VESTA='/usr/local/vesta'" > /etc/profile.d/vesta.sh chmod 755 /etc/profile.d/vesta.sh source /etc/profile.d/vesta.sh echo 'PATH=$PATH:/usr/local/vesta/bin' >> /root/.bash_profile echo 'export PATH' >> /root/.bash_profile source /root/.bash_profile -wget $CHOST/$VERSION/vesta.log -O /etc/logrotate.d/vesta -# Directory tree -mkdir -p $VESTA/conf -mkdir -p $VESTA/log -mkdir -p $VESTA/ssl -mkdir -p $VESTA/data -mkdir -p $VESTA/data/ips -mkdir -p $VESTA/data/queue -mkdir -p $VESTA/data/users -mkdir -p $VESTA/data/firewall -touch $VESTA/data/queue/backup.pipe -touch $VESTA/data/queue/disk.pipe -touch $VESTA/data/queue/webstats.pipe -touch $VESTA/data/queue/restart.pipe -touch $VESTA/data/queue/traffic.pipe -chmod 750 $VESTA/conf -chmod 750 $VESTA/data/users -chmod 750 $VESTA/data/ips +# Configuring logrotate for vesta logs +wget $vestacp/logrotate/vesta -O /etc/logrotate.d/vesta + +# Buidling directory tree and creating some blank files for vesta +mkdir -p $VESTA/conf $VESTA/log $VESTA/ssl $VESTA/data/ips \ + $VESTA/data/queue $VESTA/data/users $VESTA/data/firewall +touch $VESTA/data/queue/backup.pipe $VESTA/data/queue/disk.pipe \ + $VESTA/data/queue/webstats.pipe $VESTA/data/queue/restart.pipe \ + $VESTA/data/queue/traffic.pipe $VESTA/log/system.log \ + $VESTA/log/nginx-error.log $VESTA/log/auth.log +chmod 750 $VESTA/conf $VESTA/data/users $VESTA/data/ips $VESTA/log chmod -R 750 $VESTA/data/queue -ln -s /usr/local/vesta/log /var/log/vesta -touch /var/log/vesta/system.log -touch /var/log/vesta/nginx-error.log -touch /var/log/vesta/auth.log chmod 660 /var/log/vesta/* -adduser backup -ln -s /home/backup /backup -chmod a+x /backup +rm -f /var/log/vesta +ln -s /usr/local/vesta/log /var/log/vesta -# vesta.conf -wget $CHOST/$VERSION/vesta.conf -O $VESTA/conf/vesta.conf -if [ "$srv_type" = 'micro' ] || [ "$srv_type" = 'small' ]; then - sed -i "s/clamav//g" $VESTA/conf/vesta.conf - sed -i "s/spamassassin//g" $VESTA/conf/vesta.conf +# Generating vesta configuration +rm -f $VESTA/conf/vesta.conf 2>/dev/null +touch $VESTA/conf/vesta.conf +chmod 660 $VESTA/conf/vesta.conf + +# WEB stack +if [ "$apache" = 'yes' ] && [ "$nginx" = 'no' ] ; then + echo "WEB_SYSTEM='httpd'" >> $VESTA/conf/vesta.conf + echo "WEB_RGROUPS='apache'" >> $VESTA/conf/vesta.conf + echo "WEB_PORT='80'" >> $VESTA/conf/vesta.conf + echo "WEB_SSL_PORT='443'" >> $VESTA/conf/vesta.conf + echo "WEB_SSL='mod_ssl'" >> $VESTA/conf/vesta.conf + echo "STATS_SYSTEM='webalizer,awstats'" >> $VESTA/conf/vesta.conf +fi +if [ "$apache" = 'yes' ] && [ "$nginx" = 'yes' ] ; then + echo "WEB_SYSTEM='httpd'" >> $VESTA/conf/vesta.conf + echo "WEB_RGROUPS='apache'" >> $VESTA/conf/vesta.conf + echo "WEB_PORT='8080'" >> $VESTA/conf/vesta.conf + echo "WEB_SSL_PORT='8443'" >> $VESTA/conf/vesta.conf + echo "WEB_SSL='mod_ssl'" >> $VESTA/conf/vesta.conf + echo "PROXY_SYSTEM='nginx'" >> $VESTA/conf/vesta.conf + echo "PROXY_PORT='80'" >> $VESTA/conf/vesta.conf + echo "PROXY_SSL_PORT='443'" >> $VESTA/conf/vesta.conf + echo "STATS_SYSTEM='webalizer,awstats'" >> $VESTA/conf/vesta.conf +fi +if [ "$apache" = 'no' ] && [ "$nginx" = 'yes' ]; then + echo "WEB_SYSTEM='nginx'" >> $VESTA/conf/vesta.conf + echo "WEB_PORT='80'" >> $VESTA/conf/vesta.conf + echo "WEB_SSL_PORT='443'" >> $VESTA/conf/vesta.conf + echo "WEB_SSL='openssl'" >> $VESTA/conf/vesta.conf + if [ "$phpfpm" = 'yes' ]; then + echo "WEB_BACKEND='php-fpm'" >> $VESTA/conf/vesta.conf + fi + echo "STATS_SYSTEM='webalizer,awstats'" >> $VESTA/conf/vesta.conf fi -# Set server hostname -if [ -z "$servername" ]; then - servername=$(hostname) +# FTP stack +if [ "$vsftpd" = 'yes' ]; then + echo "FTP_SYSTEM='vsftpd'" >> $VESTA/conf/vesta.conf +fi +if [ "$proftpd" = 'yes' ]; then + echo "FTP_SYSTEM='proftpd'" >> $VESTA/conf/vesta.conf fi -/usr/local/vesta/bin/v-change-sys-hostname $servername 2>/dev/null -# Templates -cd /usr/local/vesta/data -wget $CHOST/$VERSION/packages.tar.gz -O packages.tar.gz +# DNS stack +if [ "$named" = 'yes' ]; then + echo "DNS_SYSTEM='named'" >> $VESTA/conf/vesta.conf +fi + +# Mail stack +if [ "$exim" = 'yes' ]; then + echo "MAIL_SYSTEM='exim'" >> $VESTA/conf/vesta.conf + if [ "$clamd" = 'yes' ]; then + echo "ANTIVIRUS_SYSTEM='clamav'" >> $VESTA/conf/vesta.conf + fi + if [ "$spamd" = 'yes' ]; then + echo "ANTISPAM_SYSTEM='spamassassin'" >> $VESTA/conf/vesta.conf + fi + if [ "$dovecot" = 'yes' ]; then + echo "IMAP_SYSTEM='dovecot'" >> $VESTA/conf/vesta.conf + fi +fi + +# CRON daemon +echo "CRON_SYSTEM='crond'" >> $VESTA/conf/vesta.conf + +# Firewall stack +if [ "$iptables" = 'yes' ]; then + echo "FIREWALL_SYSTEM='iptables'" >> $VESTA/conf/vesta.conf +fi +if [ "$iptables" = 'yes' ] && [ "$fail2ban" = 'yes' ]; then + echo "FIREWALL_EXTENSION='fail2ban'" >> $VESTA/conf/vesta.conf +fi + +# Disk quota +if [ "$quota" = 'yes' ]; then + echo "DISK_QUOTA='yes'" >> $VESTA/conf/vesta.conf +fi + +# Backups +echo "BACKUP_SYSTEM='local'" >> $VESTA/conf/vesta.conf + +# Language +echo "LANGUAGE='$lang'" >> $VESTA/conf/vesta.conf + +# Version +echo "VERSION='0.9.8'" >> $VESTA/conf/vesta.conf + +# Downloading hosting packages +cd $VESTA/data +wget $vestacp/packages.tar.gz -O packages.tar.gz tar -xzf packages.tar.gz rm -f packages.tar.gz -cd /usr/local/vesta/data -wget $CHOST/$VERSION/templates.tar.gz -O templates.tar.gz + +# Downloading templates +wget $vestacp/templates.tar.gz -O templates.tar.gz tar -xzf templates.tar.gz rm -f templates.tar.gz -chmod -R 755 /usr/local/vesta/data/templates + +# Copying index.html to default documentroot cp templates/web/skel/public_html/index.html /var/www/html/ sed -i 's/%domain%/It worked!/g' /var/www/html/index.html -if [ "$srv_type" = 'micro' ]; then - rm -f /usr/local/vesta/data/templates/web/httpd/phpfcgid.* -fi + +# Downloading firewall rules +wget $vestacp/firewall.tar.gz -O firewall.tar.gz +tar -xzf firewall.tar.gz +rm -f firewall.tar.gz + +# Configuring server hostname +$VESTA/bin/v-change-sys-hostname $servername 2>/dev/null # Generating SSL certificate $VESTA/bin/v-generate-ssl-cert $(hostname) $email 'US' 'California' \ 'San Francisco' 'Vesta Control Panel' 'IT' > /tmp/vst.pem -# Parsing merged certificate file +# Parsing certificate file crt_end=$(grep -n "END CERTIFICATE-" /tmp/vst.pem |cut -f 1 -d:) key_start=$(grep -n "BEGIN RSA" /tmp/vst.pem |cut -f 1 -d:) key_end=$(grep -n "END RSA" /tmp/vst.pem |cut -f 1 -d:) # Adding SSL certificate -cd /usr/local/vesta/ssl +cd $VESTA/ssl sed -n "1,${crt_end}p" /tmp/vst.pem > certificate.crt sed -n "$key_start,${key_end}p" /tmp/vst.pem > certificate.key -chown root:mail /usr/local/vesta/ssl/* -chmod 660 /usr/local/vesta/ssl/* +chown root:mail $VESTA/ssl/* +chmod 660 $VESTA/ssl/* rm /tmp/vst.pem -# Disabling webalizer routine -rm -f /etc/cron.daily/00webalizer -# Set directory color -echo 'LS_COLORS="$LS_COLORS:di=00;33"' >> /etc/profile +#----------------------------------------------------------# +# Configure Nginx # +#----------------------------------------------------------# -# Sudo configuration -wget $CHOST/$VERSION/sudoers.conf -O /etc/sudoers -wget $CHOST/$VERSION/sudoers.admin.conf -O /etc/sudoers.d/admin -chmod 440 /etc/sudoers -chmod 440 /etc/sudoers.d/admin - -# NTP Synchronization -echo '#!/bin/sh' > /etc/cron.daily/ntpdate -echo "$(which ntpdate) -s pool.ntp.org" >> /etc/cron.daily/ntpdate -chmod 775 /etc/cron.daily/ntpdate -ntpdate -s pool.ntp.org - -# Setup rssh -if [ -z "$(grep /usr/bin/rssh /etc/shells)" ]; then - echo /usr/bin/rssh >> /etc/shells -fi -sed -i 's/#allowscp/allowscp/' /etc/rssh.conf -sed -i 's/#allowsftp/allowsftp/' /etc/rssh.conf -sed -i 's/#allowrsync/allowrsync/' /etc/rssh.conf -chmod 755 /usr/bin/rssh - -# Nginx configuration -rm -f /etc/nginx/conf.d/*.conf -wget $CHOST/$VERSION/nginx.conf -O /etc/nginx/nginx.conf -wget $CHOST/$VERSION/nginx-status.conf -O /etc/nginx/conf.d/status.conf -touch /etc/nginx/conf.d/vesta.conf -chkconfig nginx on -service nginx start -if [ "$?" -ne 0 ]; then - echo "Error: nginx start failed" - exit 1 +if [ "$nginx" = 'yes' ]; then + rm -f /etc/nginx/conf.d/*.conf + wget $vestacp/nginx/nginx.conf -O /etc/nginx/nginx.conf + wget $vestacp/nginx/status.conf -O /etc/nginx/conf.d/status.conf + wget $vestacp/nginx/phpmyadmin.inc -O /etc/nginx/conf.d/phpmyadmin.inc + wget $vestacp/nginx/phppgadmin.inc -O /etc/nginx/conf.d/phppgadmin.inc + wget $vestacp/nginx/webmail.inc -O /etc/nginx/conf.d/webmail.inc + wget $vestacp/logrotate/nginx -O /etc/logrotate.d/nginx + echo > /etc/nginx/conf.d/vesta.conf + mkdir -p /var/log/nginx/domains + chkconfig nginx on + service nginx start + check_result $? "nginx start failed" fi -# Apache configuration -wget $CHOST/$VERSION/httpd.conf -O /etc/httpd/conf/httpd.conf -wget $CHOST/$VERSION/httpd-status.conf -O /etc/httpd/conf.d/status.conf -wget $CHOST/$VERSION/httpd-ssl.conf -O /etc/httpd/conf.d/ssl.conf -wget $CHOST/$VERSION/httpd.log -O /etc/logrotate.d/httpd -echo "MEFaccept 127.0.0.1" >> /etc/httpd/conf.d/mod_extract_forwarded.conf -rm -f /etc/httpd/conf.d/proxy_ajp.conf -echo > /etc/httpd/conf.d/proxy_ajp.conf -rm -f /etc/httpd/conf.d/vesta.conf -echo > /etc/httpd/conf.d/vesta.conf -touch /var/log/httpd/access_log -touch /var/log/httpd/error_log -touch /var/log/httpd/suexec.log -mkdir -p /var/log/httpd/domains -chmod a+x /var/log/httpd -chmod 640 /var/log/httpd/access_log -chmod 640 /var/log/httpd/error_log -chmod 640 /var/log/httpd/suexec.log -chmod 751 /var/log/httpd/domains -chkconfig httpd on -service httpd start -if [ "$?" -ne 0 ]; then - echo "Error: httpd start failed" - exit 1 + +#----------------------------------------------------------# +# Configure Apache # +#----------------------------------------------------------# + +if [ "$apache" = 'yes' ]; then + cd /etc/httpd + wget $vestacp/httpd/httpd.conf -O conf/httpd.conf + wget $vestacp/httpd/status.conf -O conf.d/status.conf + wget $vestacp/httpd/ssl.conf -O conf.d/ssl.conf + wget $vestacp/httpd/ruid2.conf -O conf.d/ruid2.conf + wget $vestacp/logrotate/httpd -O /etc/logrotate.d/httpd + if [ $release -ne 7 ]; then + echo "MEFaccept 127.0.0.1" >> conf.d/mod_extract_forwarded.conf + echo > conf.d/proxy_ajp.conf + fi + if [ -e "conf.modules.d/00-dav.conf" ]; then + sed -i "s/^/#/" conf.modules.d/00-dav.conf conf.modules.d/00-lua.conf + sed -i "s/^/#/" conf.modules.d/00-proxy.conf + fi + echo > conf.d/vesta.conf + touch logs/access_log logs/error_log logs/error_log logs/suexec.log + chmod 640 logs/access_log logs/error_log logs/error_log logs/suexec.log + chmod -f 777 /var/lib/php/session + chmod a+x /var/log/httpd + mkdir -p /var/log/httpd/domains + chmod 751 /var/log/httpd/domains + chkconfig httpd on + service httpd start + check_result $? "httpd start failed" fi -# Vsftpd configuration -wget $CHOST/$VERSION/vsftpd.conf -O /etc/vsftpd/vsftpd.conf -chkconfig vsftpd on -service vsftpd start -if [ "$?" -ne 0 ]; then - echo "Error: vsftpd start failed" - exit 1 + +#----------------------------------------------------------# +# Configure PHP-FPM # +#----------------------------------------------------------# + +if [ "$phpfpm" = 'yes' ]; then + wget $vestacp/php-fpm/www.conf -O /etc/php-fpm.d/www.conf + chkconfig nginx on + service php-fpm start + check_result $? "php-fpm start failed" fi -# MySQL configuration -if [ "$srv_type" = 'micro' ]; then - wget $CHOST/$VERSION/mysql-512.cnf -O /etc/my.cnf -else - wget $CHOST/$VERSION/mysql.cnf -O /etc/my.cnf + +#----------------------------------------------------------# +# Configure PHP # +#----------------------------------------------------------# + +ZONE=$(timedatectl 2>/dev/null|grep Timezone|awk '{print $2}') +if [ -e '/etc/sysconfig/clock' ]; then + source /etc/sysconfig/clock fi -chkconfig mysqld on -service mysqld start -if [ "$?" -ne 0 ]; then - # Fix for aio on OpenVZ - if [ -e "/proc/user_beancounters" ]; then - sed -i "s/#innodb_use_native_aio/innodb_use_native_aio/g" /etc/my.cnf +if [ -z "$ZONE" ]; then + ZONE='UTC' +fi +sed -i 's%short_open_tag = Off%short_open_tag = On%g' /etc/php.ini +sed -i "s%;date.timezone =%date.timezone = $ZONE%g" /etc/php.ini + + +#----------------------------------------------------------# +# Configure VSFTPD # +#----------------------------------------------------------# + +if [ "$vsftpd" = 'yes' ]; then + wget $vestacp/vsftpd/vsftpd.conf -O /etc/vsftpd/vsftpd.conf + chkconfig vsftpd on + service vsftpd start + check_result $? "vsftpd start failed" +fi + + +#----------------------------------------------------------# +# Configure ProFTPD # +#----------------------------------------------------------# + +if [ "$proftpd" = 'yes' ]; then + wget $vestacp/proftpd/proftpd.conf -O /etc/proftpd.conf + chkconfig proftpd on + service proftpd start + check_result $? "proftpd start failed" +fi + + +#----------------------------------------------------------# +# Configure MySQL/MariaDB # +#----------------------------------------------------------# + +if [ "$mysql" = 'yes' ]; then + + mycnf="my-small.cnf" + if [ $memory -gt 1200000 ]; then + mycnf="my-medium.cnf" + fi + if [ $memory -gt 3900000 ]; then + mycnf="my-large.cnf" fi - service mysqld start + mkdir -p /var/lib/mysql + chown mysql:mysql /var/lib/mysql + + if [ $release -ne 7 ]; then + service='mysqld' + else + service='mariadb' + fi + + wget $vestacp/$service/$mycnf -O /etc/my.cnf + chkconfig $service on + service $service start if [ "$?" -ne 0 ]; then - echo "Error: mysqld start failed" - exit 1 + if [ -e "/proc/user_beancounters" ]; then + # Fix for aio on OpenVZ + sed -i "s/#innodb_use_native/innodb_use_native/g" /etc/my.cnf + fi + service $service start + check_result $? "$service start failed" fi + + # Securing MySQL installation + mysqladmin -u root password $vpass + echo -e "[client]\npassword='$vpass'\n" > /root/.my.cnf + chmod 600 /root/.my.cnf + mysql -e "DELETE FROM mysql.user WHERE User=''" + mysql -e "DROP DATABASE test" >/dev/null 2>&1 + mysql -e "DELETE FROM mysql.db WHERE Db='test' OR Db='test\\_%'" + mysql -e "DELETE FROM mysql.user WHERE user='' or password='';" + mysql -e "FLUSH PRIVILEGES" + + # Configuring phpMyAdmin + if [ "$apache" = 'yes' ]; then + wget $vestacp/pma/phpMyAdmin.conf -O /etc/httpd/conf.d/phpMyAdmin.conf + fi + wget $vestacp/pma/config.inc.conf -O /etc/phpMyAdmin/config.inc.php + sed -i "s/%blowfish_secret%/$(gen_pass)/g" /etc/phpMyAdmin/config.inc.php fi -# Generating MySQL password if it wasn't set -if [ -z "$mpass" ]; then - mpass=$(gen_pass) + +#----------------------------------------------------------# +# Configure PostgreSQL # +#----------------------------------------------------------# + +if [ "$postgresql" = 'yes' ]; then + if [ $release = 5 ]; then + service postgresql start + sudo -u postgres psql -c "ALTER USER postgres WITH PASSWORD '$vpass'" + service postgresql stop + wget $vestacp/postgresql/pg_hba.conf -O /var/lib/pgsql/data/pg_hba.conf + service postgresql start + else + service postgresql initdb + wget $vestacp/postgresql/pg_hba.conf -O /var/lib/pgsql/data/pg_hba.conf + service postgresql start + sudo -u postgres psql -c "ALTER USER postgres WITH PASSWORD '$vpass'" + fi + # Configuring phpPgAdmin + if [ "$apache" = 'yes' ]; then + wget $vestacp/pga/phpPgAdmin.conf -O /etc/httpd/conf.d/phpPgAdmin.conf + fi + wget $vestacp/pga/config.inc.php -O /etc/phpPgAdmin/config.inc.php fi -mysqladmin -u root password $mpass -echo -e "[client]\npassword='$mpass'\n" > /root/.my.cnf -chmod 600 /root/.my.cnf -mysql -e "DELETE FROM mysql.user WHERE User=''" -mysql -e "DROP DATABASE test" -mysql -e "DELETE FROM mysql.db WHERE Db='test' OR Db='test\\_%'" -mysql -e "DELETE FROM mysql.user WHERE user='' or password='';" -mysql -e "FLUSH PRIVILEGES" -# Bind configuration -wget $CHOST/$VERSION/named.conf -O /etc/named.conf -chown root:named /etc/named.conf -chmod 640 /etc/named.conf -chkconfig named on -service named start -if [ "$?" -ne 0 ]; then - echo "Error: named start failed" - exit 1 +#----------------------------------------------------------# +# Configure Bind # +#----------------------------------------------------------# + +if [ "$named" = 'yes' ]; then + wget $vestacp/named/named.conf -O /etc/named.conf + chown root:named /etc/named.conf + chmod 640 /etc/named.conf + chkconfig named on + service named start + check_result $? "named start failed" fi -# Exim -wget $CHOST/$VERSION/exim.conf -O /etc/exim/exim.conf -if [ "$srv_type" != 'micro' ] && [ "$srv_type" != 'small' ]; then - sed -i "s/#SPAM/SPAM/g" /etc/exim/exim.conf - sed -i "s/#CLAMD/CLAMD/g" /etc/exim/exim.conf -fi -wget $CHOST/$VERSION/dnsbl.conf -O /etc/exim/dnsbl.conf -wget $CHOST/$VERSION/spam-blocks.conf -O /etc/exim/spam-blocks.conf -touch /etc/exim/white-blocks.conf -rm -rf /etc/exim/domains -mkdir -p /etc/exim/domains -chmod 640 /etc/exim/exim.conf -gpasswd -a exim mail -if [ -e /etc/init.d/sendmail ]; then - chkconfig sendmail off - service sendmail stop -fi -if [ -e /etc/init.d/postfix ]; then - chkconfig postfix off - service postfix stop -fi -rm -f /etc/alternatives/mta -ln -s /usr/sbin/sendmail.exim /etc/alternatives/mta -chkconfig exim on -service exim start -if [ "$?" -ne 0 ]; then - echo "Error: exim start failed" - exit 1 + +#----------------------------------------------------------# +# Configure Exim # +#----------------------------------------------------------# + +if [ "$exim" = 'yes' ]; then + gpasswd -a exim mail + wget $vestacp/exim/exim.conf -O /etc/exim/exim.conf + wget $vestacp/exim/dnsbl.conf -O /etc/exim/dnsbl.conf + wget $vestacp/exim/spam-blocks.conf -O /etc/exim/spam-blocks.conf + touch /etc/exim/white-blocks.conf + + if [ "$spamd" = 'yes' ]; then + sed -i "s/#SPAM/SPAM/g" /etc/exim/exim.conf + fi + if [ "$clamd" = 'yes' ]; then + sed -i "s/#CLAMD/CLAMD/g" /etc/exim/exim.conf + fi + + chmod 640 /etc/exim/exim.conf + rm -rf /etc/exim/domains + mkdir -p /etc/exim/domains + + rm -f /etc/alternatives/mta + ln -s /usr/sbin/sendmail.exim /etc/alternatives/mta + chkconfig sendmail off 2>/dev/null + service sendmail stop 2>/dev/null + chkconfig postfix off 2>/dev/null + service postfix stop 2>/dev/null + + chkconfig exim on + service exim start + check_result $? "exim start failed" fi -# Dovecot configuration -if [ "$release" -eq '5' ]; then - wget $CHOST/$VERSION/dovecot.conf -O /etc/dovecot.conf -else - wget $CHOST/$VERSION/$release/dovecot.tar.gz -O /etc/dovecot.tar.gz + +#----------------------------------------------------------# +# Configure Dovecot # +#----------------------------------------------------------# + +if [ "$dovecot" = 'yes' ]; then + gpasswd -a dovecot mail + wget $vestacp/dovecot.tar.gz -O /etc/dovecot.tar.gz cd /etc - if [ -d /etc/dovecot ]; then - rm -rf /etc/dovecot - fi - if [ -f /etc/dovecot.conf ]; then - rm /etc/dovecot.conf - fi + rm -rf dovecot dovecot.conf tar -xzf dovecot.tar.gz rm -f dovecot.tar.gz - if [ -d /etc/dovecot ]; then - chown -R root:root /etc/dovecot - fi -fi -gpasswd -a dovecot mail -chkconfig dovecot on -service dovecot start -if [ "$?" -ne 0 ]; then - echo "Error: dovecot start failed" - exit 1 + chown -R root:root /etc/dovecot* + chkconfig dovecot on + service dovecot start + check_result $? "dovecot start failed" fi -# ClamAV configuration -if [ "$srv_type" = 'medium' ] || [ "$srv_type" = 'large' ]; then - wget $CHOST/$VERSION/clamd.conf -O /etc/clamd.conf - wget $CHOST/$VERSION/freshclam.conf -O /etc/freshclam.conf + +#----------------------------------------------------------# +# Configure ClamAV # +#----------------------------------------------------------# + +if [ "$clamd" = 'yes' ]; then + useradd clam -s /sbin/nologin -d /var/lib/clamav 2>/dev/null gpasswd -a clam exim gpasswd -a clam mail + wget $vestacp/clamav/clamd.conf -O /etc/clamd.conf + wget $vestacp/clamav/freshclam.conf -O /etc/freshclam.conf + mkdir -p /var/log/clamav + mkdir -p /var/run/clamav + chown clam:clam /var/log/clamav + chown -R clam:clam /var/lib/clamav + if [ "$release" -eq '7' ]; then + wget $vestacp/clamav/clamd.service -O \ + /usr/lib/systemd/system/clamd.service + systemctl --system daemon-reload + fi /usr/bin/freshclam chkconfig clamd on service clamd start - if [ "$?" -ne 0 ]; then - echo "Error: clamd start failed" - exit 1 - fi + #check_result $? "clamd start failed" fi -# SpamAssassin configuration -if [ "$srv_type" = 'medium' ] || [ "$srv_type" = 'large' ]; then + +#----------------------------------------------------------# +# Configure SpamAssassin # +#----------------------------------------------------------# + +if [ "$spamd" = 'yes' ]; then chkconfig spamassassin on service spamassassin start - if [ "$?" -ne 0 ]; then - echo "Error: spamassassin start failed" - exit 1 + check_result $? "spamassassin start failed" +fi + + +#----------------------------------------------------------# +# Configure RoundCube # +#----------------------------------------------------------# + +if [ "$exim" = 'yes' ] && [ "$mysql" = 'yes' ]; then + if [ "$apache" = 'yes' ]; then + wget $vestacp/roundcube/roundcubemail.conf \ + -O /etc/httpd/conf.d/roundcubemail.conf + fi + wget $vestacp/roundcube/main.inc.php -O /etc/roundcubemail/config.inc.php + cd /usr/share/roundcubemail/plugins/password + wget $vestacp/roundcube/vesta.php -O drivers/vesta.php + wget $vestacp/roundcube/config.inc.php -O config.inc.php + chmod a+r /etc/roundcubemail/* + chmod -f 777 /var/log/roundcubemail + r="$(gen_pass)" + mysql -e "CREATE DATABASE roundcube" + mysql -e "GRANT ALL ON roundcube.* TO roundcube@localhost IDENTIFIED BY '$r'" + sed -i "s/%password%/$r/g" /etc/roundcubemail/config.inc.php + if [ -e "/usr/share/roundcubemail/SQL/mysql.initial.sql" ]; then + mysql roundcube < /usr/share/roundcubemail/SQL/mysql.initial.sql + else + mysql roundcube < /usr/share/doc/roundcubemail-*/SQL/mysql.initial.sql fi fi -# Fail2ban configuration -if [ -z "$disable_fail2ban" ]; then + +#----------------------------------------------------------# +# Configure Fail2Ban # +#----------------------------------------------------------# + +if [ "$fail2ban" = 'yes' ]; then cd /etc - wget $CHOST/$VERSION/fail2ban.tar.gz -O fail2ban.tar.gz + wget $vestacp/fail2ban.tar.gz -O fail2ban.tar.gz tar -xzf fail2ban.tar.gz rm -f fail2ban.tar.gz + if [ "$dovecot" = 'no' ]; then + fline=$(cat /etc/fail2ban/jail.local |grep -n dovecot-iptables -A 2) + fline=$(echo "$fline" |tail -n1 |cut -f 1 -d -) + sed -i "${fline}s/true/false/" /etc/fail2ban/jail.local + fi + if [ "$exim" = 'no' ]; then + fline=$(cat /etc/fail2ban/jail.local |grep -n exim-iptables -A 2) + fline=$(echo "$fline" |tail -n1 |cut -f 1 -d -) + sed -i "${fline}s/true/false/" /etc/fail2ban/jail.local + fi chkconfig fail2ban on service fail2ban start -else - sed -i "s/fail2ban//" $VESTA/conf/vestac.conf + check_result $? "fail2ban start failed" fi -# php configuration -sed -i 's/short_open_tag = Off/short_open_tag = On/g' /etc/php.ini -sed -i "s/;date.timezone =/date.timezone = UTC/g" /etc/php.ini -# phpMyAdmin configuration -wget $CHOST/$VERSION/httpd-pma.conf -O /etc/httpd/conf.d/phpMyAdmin.conf -wget $CHOST/$VERSION/pma.conf -O /etc/phpMyAdmin/config.inc.php -sed -i "s/%blowfish_secret%/$(gen_pass)/g" /etc/phpMyAdmin/config.inc.php +#----------------------------------------------------------# +# Configure Admin User # +#----------------------------------------------------------# -# Roundcube configuration -wget $CHOST/$VERSION/httpd-webmail.conf -O /etc/httpd/conf.d/roundcubemail.conf -wget $CHOST/$VERSION/roundcube-main.conf -O /etc/roundcubemail/main.inc.php -wget $CHOST/$VERSION/roundcube-db.conf -O /etc/roundcubemail/db.inc.php -wget $CHOST/$VERSION/roundcube-driver.php -O \ - /usr/share/roundcubemail/plugins/password/drivers/vesta.php -wget $CHOST/$VERSION/roundcube-pw.conf -O \ - /usr/share/roundcubemail/plugins/password/config.inc.php -r="$(gen_pass)" -mysql -e "CREATE DATABASE roundcube" -mysql -e "GRANT ALL ON roundcube.* TO roundcube@localhost IDENTIFIED BY '$r'" -sed -i "s/%password%/$r/g" /etc/roundcubemail/db.inc.php -if [ -e "/usr/share/roundcubemail/SQL/mysql.initial.sql" ]; then - mysql roundcube < /usr/share/roundcubemail/SQL/mysql.initial.sql -else - mysql roundcube < /usr/share/doc/roundcubemail-*/SQL/mysql.initial.sql -fi - -# Adding admin user +# Deleting old admin user if [ ! -z "$(grep ^admin: /etc/passwd)" ] && [ "$force" = 'yes' ]; then chattr -i /home/admin/conf > /dev/null 2>&1 - userdel -f admin - chattr -i /home/admin/conf - mv -f /home/admin $vst_backups/home/ - rm -f /tmp/sess_* + userdel -f admin >/dev/null 2>&1 + chattr -i /home/admin/conf >/dev/null 2>&1 + mv -f /home/admin $vst_backups/home/ >/dev/null 2>&1 + rm -f /tmp/sess_* >/dev/null 2>&1 fi if [ ! -z "$(grep ^admin: /etc/group)" ] && [ "$force" = 'yes' ]; then groupdel admin > /dev/null 2>&1 fi -# Generating admin password if it wasn't set -if [ -z "$vpass" ]; then - vpass=$(gen_pass) -fi - # Adding vesta account $VESTA/bin/v-add-user admin $vpass $email default System Administrator -if [ $? -ne 0 ]; then - echo "Error: can't create admin user" - exit 1 -fi +check_result $? "can't create admin user" $VESTA/bin/v-change-user-shell admin bash -$VESTA/bin/v-change-user-language admin en - -# Configuring mysql host -$VESTA/bin/v-add-database-host mysql localhost root $mpass -$VESTA/bin/v-add-database admin default default $(gen_pass) mysql +$VESTA/bin/v-change-user-language admin $lang # Configuring system ips $VESTA/bin/v-update-sys-ip -# Firewall configuration -wget $CHOST/$VERSION/firewall.tar.gz -O firewall.tar.gz -tar -xzf firewall.tar.gz -rm -f firewall.tar.gz -if [ "$disable_iptables" = 'yes' ]; then - sed -i "s/iptables//" $VESTA/conf/vesta.conf - chkconfig iptables off - service iptables stop -else - /usr/local/vesta/bin/v-update-firewall -fi - # Get main ip -main_ip=$(ifconfig |grep 'inet addr:' |grep -v 127.0.0.1 |head -n1 | \ - cut -f2 -d: | cut -f1 -d ' ') +ip=$(ip addr|grep 'inet '|grep global|head -n1|awk '{print $2}'|cut -f1 -d/) -# Get remote ip -vst_ip=$(wget vestacp.com/what-is-my-ip/ -O - 2>/dev/null) -if [ ! -z "$vst_ip" ] && [ "$vst_ip" != "$main_ip" ]; then - # Set NAT association - $VESTA/bin/v-change-sys-ip-nat $main_ip $vst_ip +# Get public ip +pub_ip=$(wget vestacp.com/what-is-my-ip/ -O - 2>/dev/null) +if [ ! -z "$pub_ip" ] && [ "$pub_ip" != "$ip" ]; then + $VESTA/bin/v-change-sys-ip-nat $ip $pub_ip fi -if [ -z "$vst_ip" ]; then - vst_ip=$main_ip +if [ -z "$pub_ip" ]; then + ip=$main_ip fi -# Add default web domain -$VESTA/bin/v-add-web-domain admin default.domain $vst_ip +# Firewall configuration +if [ "$iptables" = 'yes' ]; then + $VESTA/bin/v-update-firewall +fi -# Add default dns domain -$VESTA/bin/v-add-dns-domain admin default.domain $vst_ip +# Configuring mysql host +if [ "$mysql" = 'yes' ]; then + $VESTA/bin/v-add-database-host mysql localhost root $vpass + $VESTA/bin/v-add-database admin default default $(gen_pass) mysql +fi -# Add default mail domain -$VESTA/bin/v-add-mail-domain admin default.domain +# Configuring pgsql host +if [ "$postgresql" = 'yes' ]; then + $VESTA/bin/v-add-database-host pgsql localhost postgres $vpass + $VESTA/bin/v-add-database admin db db $(gen_pass) pgsql +fi -# Configuring crond +# Adding default domain +$VESTA/bin/v-add-domain admin $servername +check_result $? "can't create $servername domain" + +# Adding cron jobs command='sudo /usr/local/vesta/bin/v-update-sys-queue disk' $VESTA/bin/v-add-cron-job 'admin' '15' '02' '*' '*' '*' "$command" command='sudo /usr/local/vesta/bin/v-update-sys-queue traffic' @@ -894,34 +1228,42 @@ command='sudo /usr/local/vesta/bin/v-update-user-stats' $VESTA/bin/v-add-cron-job 'admin' '20' '00' '*' '*' '*' "$command" command='sudo /usr/local/vesta/bin/v-update-sys-rrd' $VESTA/bin/v-add-cron-job 'admin' '*/5' '*' '*' '*' '*' "$command" +service crond restart -# Build inititall rrd images +# Building inititall rrd images $VESTA/bin/v-update-sys-rrd -# Enable file system quota +# Enabling file system quota if [ "$quota" = 'yes' ]; then $VESTA/bin/v-add-sys-quota fi -# Start system service +# Starting vesta service chkconfig vesta on service vesta start -if [ "$?" -ne 0 ]; then - echo "Error: vesta start failed" - exit 1 +check_result $? "vesta start failed" + + +#----------------------------------------------------------# +# Vesta Access Info # +#----------------------------------------------------------# + +# Sending install notification to vestacp.com +wget vestacp.com/notify/?$codename -O /dev/null -q + +# Comparing hostname and ip +host_ip=$(host $servername| head -n 1 | awk '{print $NF}') +if [ "$host_ip" = "$ip" ]; then + ip="$servername" fi -# Send notification to vestacp.com -wget vestacp.com/notify/?$codename -O /dev/null - -# Send notification to admin email +# Sending notification to admin email echo -e "Congratulations, you have just successfully installed \ -the Vesta Control Panel +Vesta Control Panel -You can login in Vesta with following credentials: + https://$ip:8083 username: admin password: $vpass - https://$vst_ip:8083 We hope that you enjoy your installation of Vesta. Please \ feel free to contact us anytime if you have any questions. @@ -934,12 +1276,10 @@ vestacp.com team send_mail="$VESTA/web/inc/mail-wrapper.php" cat $tmpfile | $send_mail -s "Vesta Control Panel" $email -rm -f $tmpfile # Congrats echo '=======================================================' echo -echo echo ' _| _| _|_|_|_| _|_|_| _|_|_|_|_| _|_| ' echo ' _| _| _| _| _| _| _| ' echo ' _| _| _|_|_| _|_| _| _|_|_|_| ' @@ -947,16 +1287,7 @@ echo ' _| _| _| _| _| _| _| ' echo ' _| _|_|_|_| _|_|_| _| _| _| ' echo echo -echo '-------------------------------' -echo " https://$vst_ip:8083" -echo ' username: admin' -echo " password: $vpass" -echo '-------------------------------' -echo -echo -echo 'Congratulations,' -echo 'you have successfully installed Vesta Control Panel.' -echo -echo +cat $tmpfile +rm -f $tmpfile # EOF diff --git a/install/vst-install-ubuntu.sh b/install/vst-install-ubuntu.sh old mode 100644 new mode 100755 index da443348d..5fb068861 --- a/install/vst-install-ubuntu.sh +++ b/install/vst-install-ubuntu.sh @@ -1,6 +1,6 @@ #!/bin/bash -# Vesta Ubuntu installer v.04 +# Vesta Ubuntu installer v.05 #----------------------------------------------------------# # Variables&Functions # @@ -10,31 +10,57 @@ export DEBIAN_FRONTEND=noninteractive RHOST='apt.vestacp.com' CHOST='c.vestacp.com' VERSION='0.9.8/ubuntu' -software="nginx apache2 apache2-utils apache2-suexec-custom bsdutils e2fsprogs - libapache2-mod-ruid2 libapache2-mod-rpaf libapache2-mod-fcgid bind9 idn - mysql-server mysql-common mysql-client php5-common php5-cgi php5-mysql - php5-curl libapache2-mod-php5 vsftpd mc exim4 exim4-daemon-heavy - clamav-daemon flex dovecot-imapd dovecot-pop3d phpMyAdmin awstats e2fslibs - webalizer jwhois rssh git spamassassin roundcube roundcube-mysql quota - roundcube-plugins apparmor-utils sudo bc ftp lsof ntpdate rrdtool - fail2ban dnsutils vesta vesta-nginx vesta-php" +memory=$(grep 'MemTotal' /proc/meminfo |tr ' ' '\n' |grep [0-9]) +arch=$(uname -i) +os='ubuntu' +release="$(lsb_release -r|awk '{print $2}')" +codename="$(lsb_release -c|awk '{print $2}')" +vestacp="http://$CHOST/$VERSION/$release" +software="nginx apache2 apache2-utils apache2.2-common + apache2-suexec-custom libapache2-mod-ruid2 libapache2-mod-rpaf + libapache2-mod-fcgid libapache2-mod-php5 php5 php5-common php5-cgi + php5-mysql php5-curl php5-fpm php5-pgsql awstats webalizer vsftpd + proftpd-basic bind9 exim4 exim4-daemon-heavy clamav-daemon + spamassassin dovecot-imapd dovecot-pop3d roundcube-core + roundcube-mysql roundcube-plugins mysql-server mysql-common + mysql-client postgresql postgresql-contrib phppgadmin phpMyAdmin mc + flex whois rssh git idn zip sudo bc ftp lsof ntpdate rrdtool quota + e2fslibs bsdutils e2fsprogs curl imagemagick fail2ban dnsutils + bsdmainutils vesta vesta-nginx vesta-php" +# Defining help function help() { - echo "usage: $0 [OPTIONS] - -h, --help Print this help and exit - -f, --force Force installation - -i, --disable-iptables Disable iptables support - -b, --disable-fail2ban Disable fail2ban protection - -n, --noupdate Do not run apt-get upgrade command - -s, --hostname Set server hostname - -e, --email Set email address - -p, --password Set admin password instead of generating it - -m, --mysql-password Set MySQL password instead of generating it - -q, --quota Enable File System Quota" + echo "Usage: $0 [OPTIONS] + -a, --apache Install Apache [yes|no] default: yes + -n, --nginx Install Nginx [yes|no] default: yes + -w, --phpfpm Install PHP-FPM [yes|no] default: no + -v, --vsftpd Install Vsftpd [yes|no] default: yes + -j, --proftpd Install ProFTPD [yes|no] default: no + -k, --named Install Bind [yes|no] default: yes + -m, --mysql Install MySQL [yes|no] default: yes + -g, --postgresql Install PostgreSQL [yes|no] default: no + -d, --mongodb Install MongoDB [yes|no] unsupported + -x, --exim Install Exim [yes|no] default: yes + -z, --dovecot Install Dovecot [yes|no] default: yes + -c, --clamav Install ClamAV [yes|no] default: yes + -t, --spamassassin Install SpamAssassin [yes|no] default: yes + -i, --iptables Install Iptables [yes|no] default: yes + -b, --fail2ban Install Fail2ban [yes|no] default: yes + -q, --quota Filesystem Quota [yes|no] default: no + -l, --lang Default language default: en + -y, --interactive Interactive install [yes|no] default: yes + -s, --hostname Set hostname + -e, --email Set admin email + -p, --password Set admin password + -f, --force Force installation + -h, --help Print this help + + Example: bash $0 -e demo@vestacp.com -p p4ssw0rd --apache no --phpfpm yes" exit 1 } -# Password generator + +# Defining password-gen function gen_pass() { MATRIX='0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz' LENGTH=10 @@ -45,109 +71,159 @@ gen_pass() { echo "$PASS" } +# Defning return code check function +check_result() { + if [ $1 -ne 0 ]; then + echo "Error: $2" + exit $1 + fi +} + +# Defining function to set default value +set_default_value() { + eval variable=\$$1 + if [ -z "$variable" ]; then + eval $1=$2 + fi + if [ "$variable" != 'yes' ] && [ "$variable" != 'no' ]; then + eval $1=$2 + fi +} #----------------------------------------------------------# # Verifications # #----------------------------------------------------------# +# Creating temporary file +tmpfile=$(mktemp -p /tmp) + # Translating argument to --gnu-long-options for arg; do delim="" case "$arg" in - --help) args="${args}-h " ;; - --force) args="${args}-f " ;; - --disable-fail2ban) args="${args}-b " ;; - --disable-iptables) args="${args}-i " ;; - --noupdate) args="${args}-n " ;; + --apache) args="${args}-a " ;; + --nginx) args="${args}-n " ;; + --phpfpm) args="${args}-w " ;; + --vsftpd) args="${args}-v " ;; + --proftpd) args="${args}-j " ;; + --named) args="${args}-k " ;; + --mysql) args="${args}-m " ;; + --postgresql) args="${args}-g " ;; + --mongodb) args="${args}-d " ;; + --exim) args="${args}-x " ;; + --dovecot) args="${args}-z " ;; + --clamav) args="${args}-c " ;; + --spamassassin) args="${args}-t " ;; + --iptables) args="${args}-i " ;; + --fail2ban) args="${args}-b " ;; + --quota) args="${args}-q " ;; + --lang) args="${args}-l " ;; + --interactive) args="${args}-y " ;; --hostname) args="${args}-s " ;; --email) args="${args}-e " ;; --password) args="${args}-p " ;; - --mysql-password) args="${args}-m " ;; - --quota) args="${args}-q " ;; - *) [[ "${arg:0:1}" == "-" ]] || delim="\"" - args="${args}${delim}${arg}${delim} ";; + --force) args="${args}-f " ;; + --help) args="${args}-h " ;; + *) [[ "${arg:0:1}" == "-" ]] || delim="\"" + args="${args}${delim}${arg}${delim} ";; esac done eval set -- "$args" -# Getopt -while getopts "hfibdnqe:m:p:s:" Option; do +# Parsing arguments +while getopts "a:n:w:v:j:k:m:g:d:x:z:c:t:i:b:r:q:l:y:s:e:p:fh" Option; do case $Option in - h) help ;; # Help - f) force='yes' ;; # Force install - i) disable_iptables='yes' ;; # Disable iptables - b) disable_fail2ban='yes' ;; # Disable fail2ban - n) noupdate='yes' ;; # Disable apt-get upgrade - s) servername=$OPTARG ;; # Server hostname - e) email=$OPTARG ;; # Set email - p) vpass=$OPTARG ;; # Admin password - m) mpass=$OPTARG ;; # MySQL pasword - q) quota='yes' ;; # Enable quota - *) help ;; # Default + a) apache=$OPTARG ;; # Apache + n) nginx=$OPTARG ;; # Nginx + w) phpfpm=$OPTARG ;; # PHP-FPM + v) vsftpd=$OPTARG ;; # Vsftpd + j) proftpd=$OPTARG ;; # Proftpd + k) named=$OPTARG ;; # Named + m) mysql=$OPTARG ;; # MySQL + g) postgresql=$OPTARG ;; # PostgreSQL + d) mongodb=$OPTARG ;; # MongoDB (unsupported) + x) exim=$OPTARG ;; # Exim + z) dovecot=$OPTARG ;; # Dovecot + c) clamd=$OPTARG ;; # ClamAV + t) spamd=$OPTARG ;; # SpamAssassin + i) iptables=$OPTARG ;; # Iptables + b) fail2ban=$OPTARG ;; # Fail2ban + q) quota=$OPTARG ;; # FS Quota + l) lang=$OPTARG ;; # Language + y) interactive=$OPTARG ;; # Interactive install + s) servername=$OPTARG ;; # Hostname + e) email=$OPTARG ;; # Admin email + p) vpass=$OPTARG ;; # Admin password + f) force='yes' ;; # Force install + h) help ;; # Help + *) help ;; # Print help (default) esac done -# Am I root? -if [ "x$(id -u)" != 'x0' ]; then - echo 'Error: this script can only be executed by root' - exit 1 -fi - -# Check supported version -if [ -e '/etc/redhat-release' ]; then - echo 'Error: sorry, this installer works only on Ubuntu' - exit 1 -fi - -# Check supported OS -if [ "$(arch)" != 'x86_64' ]; then - arch='i386' +# Defining default software stack +set_default_value 'nginx' 'yes' +set_default_value 'apache' 'yes' +set_default_value 'phpfpm' 'no' +set_default_value 'vsftpd' 'yes' +set_default_value 'proftpd' 'no' +set_default_value 'named' 'yes' +set_default_value 'mysql' 'yes' +set_default_value 'postgresql' 'no' +set_default_value 'mongodb' 'no' +set_default_value 'exim' 'yes' +set_default_value 'dovecot' 'yes' +if [ $memory -lt 1500000 ]; then + set_default_value 'clamd' 'no' + set_default_value 'spamd' 'no' else - arch="amd64" + set_default_value 'clamd' 'yes' + set_default_value 'spamd' 'yes' fi -os=$(head -n 1 /etc/issue | cut -f 1 -d ' ') -release=$(head -n 1 /etc/issue | cut -f 2 -d ' ' ) -codename=$(lsb_release -cs | egrep "precise|quantal|raring|saucy|trusty") -if [ -z "$codename" ]; then - echo "Error: Ubuntu $(lsb_release -r|awk '{print $2}') is not supported" - exit 1 +set_default_value 'iptables' 'yes' +set_default_value 'fail2ban' 'yes' +set_default_value 'quota' 'no' +set_default_value 'lang' 'en' +set_default_value 'interactive' 'yes' + +# Checking software conflicts +if [ "$phpfpm" = 'yes' ]; then + apache='no' + nginx='yes' +fi +if [ "$proftpd" = 'yes' ]; then + vsftpd='no' +fi +if [ "$exim" = 'no' ]; then + clamd='no' + spamd='no' + dovecot='no' +fi +if [ "$iptables" = 'no' ]; then + fail2ban='no' fi -# Check admin user account -if [ ! -z "$(grep ^admin: /etc/passwd)" ] && [ "$force" != 'yes' ]; then - echo "Error: user admin exists" - echo +# Checking root permissions +if [ "x$(id -u)" != 'x0' ]; then + check_error 1 "Script can be run executed only by root" +fi + +# Checking admin user account +if [ ! -z "$(grep ^admin: /etc/passwd /etc/group)" ] && [ -z "$force" ]; then echo 'Please remove admin user account before proceeding.' echo 'If you want to do it automatically run installer with -f option:' - echo "Example: bash $0 --force" - exit 1 + echo -e "Example: bash $0 --force\n" + check_result 1 "User admin exists" fi -# Check admin group -if [ ! -z "$(grep ^admin: /etc/group)" ] && [ "$force" != 'yes' ]; then - echo "Error: group admin exists" - echo - echo 'Please remove admin group before proceeding.' - echo 'If you want to do it automatically run installer with -f option:' - echo "Example: bash $0 --force" - exit 1 -fi - -# Check wget +# Checking wget if [ ! -e '/usr/bin/wget' ]; then apt-get -y install wget - if [ $? -ne 0 ]; then - echo "Error: can't install wget" - exit 1 - fi + check_result $? "Can't install wget" fi -# Check repo availability -wget -q "$CHOST/$VERSION/vesta.conf" -O /dev/null -if [ $? -ne 0 ]; then - echo "Error: no access to repository" - exit 1 -fi +# Checking repository availability +wget -q "$vestacp/deb_signing.key" -O /dev/null +check_result $? "No access to Vesta repository" # Check installed packages tmpfile=$(mktemp -p /tmp) @@ -170,206 +246,306 @@ if [ ! -z "$conflicts" ] && [ -z "$force" ]; then echo echo '!!! !!! !!! !!! !!! !!! !!! !!! !!! !!! !!! !!! !!! !!! !!! !!! !!!' echo - exit 1 + check_result 1 "Control Panel should be installed on clean server." fi -# Check server type -memory=$(grep 'MemTotal' /proc/meminfo |tr ' ' '\n' |grep [0-9]) -if [ "$memory" -lt '350000' ] && [ -z "$force" ]; then - echo "Error: not enough memory to install Vesta Control Panel." - echo -e "\nMinimum RAM required: 350Mb" - echo 'If you want to force installation run this script with -f option:' - echo "Example: bash $0 --force" - exit 1 -fi -srv_type='micro' -if [ "$memory" -gt '1000000' ]; then - srv_type='small' +#----------------------------------------------------------# +# Brief Info # +#----------------------------------------------------------# + +# Printing nice ascii aslogo +clear +echo +echo ' _| _| _|_|_|_| _|_|_| _|_|_|_|_| _|_|' +echo ' _| _| _| _| _| _| _|' +echo ' _| _| _|_|_| _|_| _| _|_|_|_|' +echo ' _| _| _| _| _| _| _|' +echo ' _| _|_|_|_| _|_|_| _| _| _|' +echo +echo ' Vesta Control Panel' +echo -e "\n\n" + +echo 'Following software will be installed on your system:' + +# Web stack +if [ "$nginx" = 'yes' ]; then + echo ' - Nginx Web Server' +fi +if [ "$apache" = 'yes' ] && [ "$nginx" = 'no' ] ; then + echo ' - Apache Web Server' +fi +if [ "$apache" = 'yes' ] && [ "$nginx" = 'yes' ] ; then + echo ' - Apache Web Server (as backend)' +fi +if [ "$phpfpm" = 'yes' ]; then + echo ' - PHP-FPM Application Server' fi -if [ "$memory" -gt '3000000' ]; then - srv_type='medium' +# DNS stack +if [ "$named" = 'yes' ]; then + echo ' - Bind DNS Server' fi -if [ "$memory" -gt '7000000' ]; then - srv_type='large' -fi - -# Are you sure ? -if [ -z $email ]; then - clear - echo - echo ' _| _| _|_|_|_| _|_|_| _|_|_|_|_| _|_| ' - echo ' _| _| _| _| _| _| _| ' - echo ' _| _| _|_|_| _|_| _| _|_|_|_| ' - echo ' _| _| _| _| _| _| _| ' - echo ' _| _|_|_|_| _|_|_| _| _| _| ' - echo - echo ' Vesta Control Panel' - echo - echo - echo 'Following software will be installed on your system:' - echo ' - Nginx frontend web server' - echo ' - Apache application web server' - echo ' - Bind DNS server' - echo ' - Exim mail server' - echo ' - Dovecot IMAP and POP3 server' - if [ "$srv_type" = 'medium' ] || [ "$srv_type" = 'large' ]; then - echo ' - Clam mail antivirus' - echo ' - SpamAssassin antispam' +# Mail Stack +if [ "$exim" = 'yes' ]; then + echo -n ' - Exim mail server' + if [ "$clamd" = 'yes' ] || [ "$spamd" = 'yes' ] ; then + echo -n ' + ' + if [ "$clamd" = 'yes' ]; then + echo -n 'Antivirus ' + fi + if [ "$spamd" = 'yes' ]; then + echo -n 'Antispam' + fi fi - echo ' - MySQL database server' - echo ' - Vsftpd FTP server' - echo - echo + echo + if [ "$dovecot" = 'yes' ]; then + echo ' - Dovecot POP3/IMAP Server' + fi +fi - read -p 'Do you want to proceed? [y/n]): ' answer +# DB stack +if [ "$mysql" = 'yes' ]; then + echo ' - MySQL Database Server' +fi +if [ "$postgresql" = 'yes' ]; then + echo ' - PostgreSQL Database Server' +fi +if [ "$mongodb" = 'yes' ]; then + echo ' - MongoDB Database Server' +fi + +# FTP stack +if [ "$vsftpd" = 'yes' ]; then + echo ' - Vsftpd FTP Server' +fi +if [ "$proftpd" = 'yes' ]; then + echo ' - ProFTPD FTP Server' +fi + +# Firewall stack +if [ "$iptables" = 'yes' ]; then + echo -n ' - Iptables Firewall' +fi +if [ "$iptables" = 'yes' ] && [ "$fail2ban" = 'yes' ]; then + echo -n ' + Fail2Ban' +fi +echo -e "\n\n" + +# Asking for confirmation to proceed +if [ "$interactive" = 'yes' ]; then + read -p 'Would you like to continue [y/n]: ' answer if [ "$answer" != 'y' ] && [ "$answer" != 'Y' ]; then echo 'Goodbye' exit 1 fi - # Check email - read -p 'Please enter valid email address: ' email + # Asking for contact email + if [ -z "$email" ]; then + read -p 'Please enter admin email address: ' email + fi - # Define server hostname + # Asking to set FQDN hostname if [ -z "$servername" ]; then - read -p "Please enter hostname [$(hostname)]: " servername + read -p "Please enter FQDN hostname [$(hostname -f)]: " servername fi fi -# Validate email -local_part=$(echo $email | cut -s -f1 -d\@) -remote_host=$(echo $email | cut -s -f2 -d\@) -mx_failed=1 -if [ ! -z "$remote_host" ] && [ ! -z "$local_part" ]; then - /usr/bin/host -t mx "$remote_host" > /dev/null 2>&1 - mx_failed="$?" +# Generating admin password if it wasn't set +if [ -z "$vpass" ]; then + vpass=$(gen_pass) fi -if [ "$mx_failed" -eq 1 ]; then - echo "Error: email $email is not valid" - exit 1 +# Set hostname if it wasn't set +if [ -z "$servername" ]; then + servername=$(hostname -f) +fi + +# Set email if it wasn't set +if [ -z "$email" ]; then + email="admin@$servername" +fi + +# Defining backup directory +vst_backups="/root/vst_install_backups/$(date +%s)" +echo "Installation backup directory: $vst_backups" + +# Printing start message and sleeping for 5 seconds +echo -e "\n\n\n\nInstallation will take about 15 minutes ...\n" +sleep 5 + + +#----------------------------------------------------------# +# Checking swap # +#----------------------------------------------------------# + +# Checking swap on small instances +if [ -z "$(swapon -s)" ] && [ $memory -lt 1000000 ]; then + fallocate -l 1G /swapfile + chmod 600 /swapfile + mkswap /swapfile + swapon /swapfile + echo "/swapfile none swap sw 0 0" >> /etc/fstab fi #----------------------------------------------------------# # Install repository # #----------------------------------------------------------# -# Let's start -echo -e "\n\n\n\nInstallation will take about 15 minutes ...\n" -sleep 5 -# Update system -if [ -z "$noupdate" ]; then - apt-get -y upgrade - if [ $? -ne 0 ]; then - echo 'Error: apt-get upgrade failed' - exit 1 - fi -fi +# Updating system +apt-get -y upgrade +check_result $? 'apt-get upgrade failed' -# Install nginx repo +# Installing nginx repo apt=/etc/apt/sources.list.d -echo "deb http://nginx.org/packages/ubuntu/ $codename nginx" > $apt/nginx.list +echo "deb http://nginx.org/packages/debian/ $codename nginx" > $apt/nginx.list wget http://nginx.org/keys/nginx_signing.key -O /tmp/nginx_signing.key apt-key add /tmp/nginx_signing.key -# Install vesta repo +# Installing vesta repo echo "deb http://$RHOST/$codename/ $codename vesta" > $apt/vesta.list wget $CHOST/deb_signing.key -O deb_signing.key apt-key add deb_signing.key #----------------------------------------------------------# -# Backups # +# Backup # #----------------------------------------------------------# -# Prepare backup tree -vst_backups="/root/vst_install_backups/$(date +%s)" -mkdir -p $vst_backups/nginx -mkdir -p $vst_backups/apache2 -mkdir -p $vst_backups/mysql -mkdir -p $vst_backups/exim4 -mkdir -p $vst_backups/dovecot -mkdir -p $vst_backups/clamav -mkdir -p $vst_backups/spamassassin -mkdir -p $vst_backups/vsftpd -mkdir -p $vst_backups/bind -mkdir -p $vst_backups/vesta -mkdir -p $vst_backups/home +# Creating backup directory tree +mkdir -p $vst_backups +cd $vst_backups +mkdir nginx apache2 php5 php5-fpm vsftpd proftpd bind exim4 dovecot clamd +mkdir spamassassin mysql postgresql mongodb vesta -# Backup nginx +# Backing up Nginx configuration service nginx stop > /dev/null 2>&1 -if [ -e '/etc/nginx/nginx.conf' ]; then - cp -r /etc/nginx/* $vst_backups/nginx/ -fi +cp -r /etc/nginx/* $vst_backups/nginx >/dev/null 2>&1 -# Backup apache2 +# Backing up Apache configuration service apache2 stop > /dev/null 2>&1 -if [ -e '/etc/apache2/apache2.conf' ]; then - cp -r /etc/apache2/* $vst_backups/apache2/ -fi +cp -r /etc/apache2/* $vst_backups/apache2 > /dev/null 2>&1 +rm -f /etc/apache2/conf.d/* > /dev/null 2>&1 -# Backup bind9 +# Backing up PHP configuration +cp /etc/php.ini $vst_backups/php > /dev/null 2>&1 +cp -r /etc/php.d $vst_backups/php > /dev/null 2>&1 + +# Backing up PHP configuration +service php5-fpm stop >/dev/null 2>&1 +cp /etc/php5/* $vst_backups/php5 > /dev/null 2>&1 +rm -f /etc/php5/fpm/pool.d/* >/dev/null 2>&1 + +# Backing up Bind configuration service bind9 stop > /dev/null 2>&1 -if [ -e '/etc/bind/named.conf' ]; then - cp -r /etc/bind/* $vst_backups/bind/ -fi +cp -r /etc/bind/* $vst_backups/bind > /dev/null 2>&1 -# Backup vsftpd +# Backing up Vsftpd configuration service vsftpd stop > /dev/null 2>&1 -if [ -e '/etc/vsftpd.conf' ]; then - cp /etc/vsftpd.conf $vst_backups/vsftpd/ -fi +cp /etc/vsftpd.conf $vst_backups/vsftpd > /dev/null 2>&1 -# Backup exim4 +# Backing up ProFTPD configuration +service proftpd stop > /dev/null 2>&1 +cp /etc/proftpd.conf $vst_backups/proftpd >/dev/null 2>&1 + +# Backing up Exim configuration service exim4 stop > /dev/null 2>&1 -if [ -e '/etc/exim4/exim4.conf.template' ]; then - cp -r /etc/exim4/* $vst_backups/exim4/ -fi +cp -r /etc/exim4/* $vst_backups/exim4 > /dev/null 2>&1 -# Backup clamav +# Backing up ClamAV configuration service clamav-daemon stop > /dev/null 2>&1 -if [ -e '/etc/clamav/clamd.conf' ]; then - cp -r /etc/clamav/* $vst_backups/clamav/ -fi +cp -r /etc/clamav/* $vst_backups/clamav > /dev/null 2>&1 -# Backup SpamAssassin +# Backing up SpamAssassin configuration service spamassassin stop > /dev/null 2>&1 -if [ -e '/etc/spamassassin/local.cf' ]; then - cp -r /etc/spamassassin/* $vst_backups/spamassassin/ -fi +cp -r /etc/spamassassin/* $vst_backups/spamassassin > /dev/null 2>&1 -# Backup dovecot +# Backing up Dovecot configuration service dovecot stop > /dev/null 2>&1 -if [ -e '/etc/dovecot.conf' ]; then - cp /etc/dovecot.conf $vst_backups/dovecot/ -fi -if [ -e '/etc/dovecot' ]; then - cp -r /etc/dovecot/* $vst_backups/dovecot/ -fi +cp /etc/dovecot.conf $vst_backups/dovecot > /dev/null 2>&1 +cp -r /etc/dovecot/* $vst_backups/dovecot > /dev/null 2>&1 -# Backup MySQL stuff +# Backing up MySQL/MariaDB configuration and data service mysql stop > /dev/null 2>&1 -if [ -e '/var/lib/mysql' ]; then - mv /var/lib/mysql $vst_backups/mysql/mysql_datadir -fi -if [ -e '/etc/mysql/my.cnf' ]; then - cp -r /etc/mysql/* $vst_backups/mysql/ -fi -if [ -e '/root/.my.cnf' ]; then - mv /root/.my.cnf $vst_backups/mysql/ -fi +killall -9 mysqld > /dev/null 2>&1 +mv /var/lib/mysql $vst_backups/mysql/mysql_datadir > /dev/null 2>&1 +cp -r /etc/mysql/* $vst_backups/mysql > /dev/null 2>&1 +mv -f /root/.my.cnf $vst_backups/mysql > /dev/null 2>&1 # Backup vesta service vesta stop > /dev/null 2>&1 -if [ -e '/usr/local/vesta' ]; then - cp -r /usr/local/vesta/* $vst_backups/vesta/ - apt-get -y remove vesta* - apt-get -y purge vesta* - rm -rf /usr/local/vesta +cp -r /usr/local/vesta/* $vst_backups/vesta > /dev/null 2>&1 +apt-get -y remove vesta vesta-nginx vesta-php > /dev/null 2>&1 +apt-get -y purge vesta vesta-nginx vesta-php > /dev/null 2>&1 +rm -rf /usr/local/vesta > /dev/null 2>&1 + + +#----------------------------------------------------------# +# Package Exludes # +#----------------------------------------------------------# + +# Excluding packages +if [ "$nginx" = 'no' ]; then + software=$(echo "$software" | sed -e "s/^nginx//") +fi +if [ "$apache" = 'no' ]; then + software=$(echo "$software" | sed -e "s/apache2 //") + software=$(echo "$software" | sed -e "s/apache2-utils//") + software=$(echo "$software" | sed -e "s/apache2-suexec-custom//") + software=$(echo "$software" | sed -e "s/apache2.2-common//") + software=$(echo "$software" | sed -e "s/libapache2-mod-ruid2//") + software=$(echo "$software" | sed -e "s/libapache2-mod-rpaf//") + software=$(echo "$software" | sed -e "s/libapache2-mod-fcgid//") + software=$(echo "$software" | sed -e "s/libapache2-mod-php5//") +fi +if [ "$phpfpm" = 'no' ]; then + software=$(echo "$software" | sed -e "s/php5-fpm//") +fi +if [ "$vsftpd" = 'no' ]; then + software=$(echo "$software" | sed -e "s/vsftpd//") +fi +if [ "$proftpd" = 'no' ]; then + software=$(echo "$software" | sed -e "s/proftpd-basic//") + software=$(echo "$software" | sed -e "s/proftpd-mod-vroot//") +fi +if [ "$named" = 'no' ]; then + software=$(echo "$software" | sed -e "s/bind9//") +fi +if [ "$exim" = 'no' ]; then + software=$(echo "$software" | sed -e "s/exim4 //") + software=$(echo "$software" | sed -e "s/exim4-daemon-heavy//") + software=$(echo "$software" | sed -e "s/dovecot-imapd//") + software=$(echo "$software" | sed -e "s/dovecot-pop3d//") + software=$(echo "$software" | sed -e "s/clamav-daemon//") + software=$(echo "$software" | sed -e "s/spamassassin//") +fi +if [ "$clamd" = 'no' ]; then + software=$(echo "$software" | sed -e "s/clamav-daemon//") +fi +if [ "$spamd" = 'no' ]; then + software=$(echo "$software" | sed -e "s/spamassassin//") +fi +if [ "$dovecot" = 'no' ]; then + software=$(echo "$software" | sed -e "s/dovecot-imapd//") + software=$(echo "$software" | sed -e "s/dovecot-pop3d//") +fi +if [ "$mysql" = 'no' ]; then + software=$(echo "$software" | sed -e 's/mysql-server//') + software=$(echo "$software" | sed -e 's/mysql-client//') + software=$(echo "$software" | sed -e 's/mysql-common//') + software=$(echo "$software" | sed -e 's/php5-mysql//') + software=$(echo "$software" | sed -e 's/phpMyAdmin//') +fi +if [ "$postgresql" = 'no' ]; then + software=$(echo "$software" | sed -e 's/postgresql-contrib//') + software=$(echo "$software" | sed -e 's/postgresql//') + software=$(echo "$software" | sed -e 's/php5-pgsql//') + software=$(echo "$software" | sed -e 's/phppgadmin//') +fi +if [ "$iptables" = 'no' ] || [ "$fail2ban" = 'no' ]; then + software=$(echo "$software" | sed -e 's/fail2ban//') fi @@ -377,37 +553,16 @@ fi # Install packages # #----------------------------------------------------------# -# Exclude heavy packages -if [ "$srv_type" = 'micro' ]; then - software=$(echo "$software" | sed -e 's/libapache2-mod-fcgid//') - software=$(echo "$software" | sed -e 's/clamav-daemon//') - software=$(echo "$software" | sed -e 's/spamassassin//') -fi - -if [ "$srv_type" = 'small' ]; then - software=$(echo "$software" | sed -e 's/clamav-daemon//') - software=$(echo "$software" | sed -e 's/spamassassin//') -fi - -# Exclude fail2ban -if [ "$disable_fail2ban" = 'yes' ]; then - software=$(echo "$software" | sed -e 's/fail2ban//') -fi - # Update system packages apt-get update -# Disable daemon autostart -# For more details /usr/share/doc/sysv-rc/README.policy-rc.d.gz +# Disable daemon autostart /usr/share/doc/sysv-rc/README.policy-rc.d.gz echo -e '#!/bin/sh \nexit 101' > /usr/sbin/policy-rc.d chmod a+x /usr/sbin/policy-rc.d -# Install Vesta packages +# Install apt packages apt-get -y install $software -if [ $? -ne 0 ]; then - echo 'Error: apt-get install failed' - exit 1 -fi +check_result $? "apt-get install failed" # Restore policy rm -f /usr/sbin/policy-rc.d @@ -417,108 +572,12 @@ rm -f /usr/sbin/policy-rc.d # Configure system # #----------------------------------------------------------# -# Set writable permission on tmp directory -chmod 777 /tmp - -# Vesta configuration -echo "export VESTA='/usr/local/vesta'" > /etc/profile.d/vesta.sh -chmod 755 /etc/profile.d/vesta.sh -source /etc/profile.d/vesta.sh -echo 'PATH=$PATH:/usr/local/vesta/bin' >> /root/.bash_profile -echo 'export PATH' >> /root/.bash_profile -source /root/.bash_profile -wget $CHOST/$VERSION/vesta.log -O /etc/logrotate.d/vesta - -# Directory tree -mkdir -p $VESTA/conf -mkdir -p $VESTA/log -mkdir -p $VESTA/ssl -mkdir -p $VESTA/data -mkdir -p $VESTA/data/ips -mkdir -p $VESTA/data/queue -mkdir -p $VESTA/data/users -mkdir -p $VESTA/data/firewall -touch $VESTA/data/queue/backup.pipe -touch $VESTA/data/queue/disk.pipe -touch $VESTA/data/queue/webstats.pipe -touch $VESTA/data/queue/restart.pipe -touch $VESTA/data/queue/traffic.pipe -chmod 750 $VESTA/conf -chmod 750 $VESTA/data/users -chmod 750 $VESTA/data/ips -chmod -R 750 $VESTA/data/queue -ln -s /usr/local/vesta/log /var/log/vesta -touch /var/log/vesta/system.log -touch /var/log/vesta/nginx-error.log -touch /var/log/vesta/auth.log -chmod 660 /var/log/vesta/* -adduser backup > /dev/null 2>&1 -mkdir -p /home/backup -chown backup:backup /home/backup -ln -s /home/backup /backup -chmod a+x /backup - -# vesta.conf -wget $CHOST/$VERSION/vesta.conf -O $VESTA/conf/vesta.conf -if [ "$srv_type" = 'micro' ] || [ "$srv_type" = 'small' ]; then - sed -i "s/clamav-daemon//g" $VESTA/conf/vesta.conf - sed -i "s/spamassassin//g" $VESTA/conf/vesta.conf -fi - -# Set server hostname -if [ -z "$servername" ]; then - servername=$(hostname) -fi -/usr/local/vesta/bin/v-change-sys-hostname $servername 2>/dev/null - -# Templates, packages -cd /usr/local/vesta/data -wget $CHOST/$VERSION/packages.tar.gz -O packages.tar.gz -tar -xzf packages.tar.gz -rm -f packages.tar.gz -cd /usr/local/vesta/data -wget $CHOST/$VERSION/templates.tar.gz -O templates.tar.gz -tar -xzf templates.tar.gz -rm -f templates.tar.gz -if [ "$codename" = 'saucy' ] || [ "$codename" = 'trusty' ]; then - sed -i "s/Include /IncludeOptional /g" \ - $VESTA/data/templates/web/apache2/*tpl -fi -chmod -R 755 /usr/local/vesta/data/templates -cp templates/web/skel/public_html/index.html /var/www/ -sed -i 's/%domain%/It worked!/g' /var/www/index.html -if [ "$srv_type" = 'micro' ]; then - rm -f /usr/local/vesta/data/templates/web/apache2/phpfcgid.* -fi - -# Removing CGI templates -if [ "$codename" = 'trusty' ]; then - rm -f /usr/local/vesta/data/templates/web/apache2/phpcgi.* -fi - -# Generating SSL certificate -$VESTA/bin/v-generate-ssl-cert $(hostname) $email 'US' 'California' \ - 'San Francisco' 'Vesta Control Panel' 'IT' > /tmp/vst.pem - -# Parsing merged certificate file -crt_end=$(grep -n "END CERTIFICATE-" /tmp/vst.pem |cut -f 1 -d:) -key_start=$(grep -n "BEGIN RSA" /tmp/vst.pem |cut -f 1 -d:) -key_end=$(grep -n "END RSA" /tmp/vst.pem |cut -f 1 -d:) - -# Adding SSL certificate -cd /usr/local/vesta/ssl -sed -n "1,${crt_end}p" /tmp/vst.pem > certificate.crt -sed -n "$key_start,${key_end}p" /tmp/vst.pem > certificate.key -chown root:mail /usr/local/vesta/ssl/* -chmod 660 /usr/local/vesta/ssl/* -rm /tmp/vst.pem - # Enable SSH password auth sed -i "s/rdAuthentication no/rdAuthentication yes/g" /etc/ssh/sshd_config service ssh restart # AppArmor -aa-complain /usr/sbin/named +#aa-complain /usr/sbin/named # Disable awstats cron rm -f /etc/cron.d/awstats @@ -529,13 +588,6 @@ echo 'LS_COLORS="$LS_COLORS:di=00;33"' >> /etc/profile # Register /sbin/nologin echo "/sbin/nologin" >> /etc/shells -# Sudo configuration -wget $CHOST/$VERSION/sudoers.vestacp.conf -O /etc/sudoers.d/vestacp -wget $CHOST/$VERSION/sudoers.admin.conf -O /etc/sudoers.d/admin -chmod 440 /etc/sudoers.d/vestacp -chmod 440 /etc/sudoers.d/admin -echo 'Defaults:admin !syslog' >>/etc/sudoers.d/admin - # NTP Synchronization echo '#!/bin/sh' > /etc/cron.daily/ntpdate echo "$(which ntpdate) -s pool.ntp.org" >> /etc/cron.daily/ntpdate @@ -551,295 +603,536 @@ sed -i 's/#allowsftp/allowsftp/' /etc/rssh.conf sed -i 's/#allowrsync/allowrsync/' /etc/rssh.conf chmod 755 /usr/bin/rssh -# Nginx configuration -rm -f /etc/nginx/conf.d/*.conf -wget $CHOST/$VERSION/nginx.conf -O /etc/nginx/nginx.conf -wget $CHOST/$VERSION/nginx-status.conf -O /etc/nginx/conf.d/status.conf -touch /etc/nginx/conf.d/vesta.conf -update-rc.d nginx defaults -service nginx stop > /dev/null 2>&1 -service nginx start -if [ "$?" -ne 0 ]; then - echo "Error: nginx start failed" - exit 1 + +#----------------------------------------------------------# +# Configure VESTA # +#----------------------------------------------------------# + +# AppArmor +aa-complain /usr/sbin/named 2>/dev/null + +# Downlading sudo configuration +mkdir -p /etc/sudoers.d +wget $vestacp/sudo/admin -O /etc/sudoers.d/admin +chmod 440 /etc/sudoers.d/admin + +# Configuring system env +echo "export VESTA='/usr/local/vesta'" > /etc/profile.d/vesta.sh +chmod 755 /etc/profile.d/vesta.sh +source /etc/profile.d/vesta.sh +echo 'PATH=$PATH:/usr/local/vesta/bin' >> /root/.bash_profile +echo 'export PATH' >> /root/.bash_profile +source /root/.bash_profile + +# Configuring logrotate for vesta logs +wget $vestacp/logrotate/vesta -O /etc/logrotate.d/vesta + +# Buidling directory tree and creating some blank files for vesta +mkdir -p $VESTA/conf $VESTA/log $VESTA/ssl $VESTA/data/ips \ + $VESTA/data/queue $VESTA/data/users $VESTA/data/firewall +touch $VESTA/data/queue/backup.pipe $VESTA/data/queue/disk.pipe \ + $VESTA/data/queue/webstats.pipe $VESTA/data/queue/restart.pipe \ + $VESTA/data/queue/traffic.pipe $VESTA/log/system.log \ + $VESTA/log/nginx-error.log $VESTA/log/auth.log +chmod 750 $VESTA/conf $VESTA/data/users $VESTA/data/ips $VESTA/log +chmod -R 750 $VESTA/data/queue +chmod 660 /var/log/vesta/* +rm -f /var/log/vesta +ln -s /usr/local/vesta/log /var/log/vesta + +# Generating vesta configuration +rm -f $VESTA/conf/vesta.conf 2>/dev/null +touch $VESTA/conf/vesta.conf +chmod 660 $VESTA/conf/vesta.conf + +# WEB stack +if [ "$apache" = 'yes' ] && [ "$nginx" = 'no' ] ; then + echo "WEB_SYSTEM='apache2'" >> $VESTA/conf/vesta.conf + echo "WEB_RGROUPS='www-data'" >> $VESTA/conf/vesta.conf + echo "WEB_PORT='80'" >> $VESTA/conf/vesta.conf + echo "WEB_SSL_PORT='443'" >> $VESTA/conf/vesta.conf + echo "WEB_SSL='mod_ssl'" >> $VESTA/conf/vesta.conf + echo "STATS_SYSTEM='webalizer,awstats'" >> $VESTA/conf/vesta.conf +fi +if [ "$apache" = 'yes' ] && [ "$nginx" = 'yes' ] ; then + echo "WEB_SYSTEM='apache2'" >> $VESTA/conf/vesta.conf + echo "WEB_RGROUPS='www-data'" >> $VESTA/conf/vesta.conf + echo "WEB_PORT='8080'" >> $VESTA/conf/vesta.conf + echo "WEB_SSL_PORT='8443'" >> $VESTA/conf/vesta.conf + echo "WEB_SSL='mod_ssl'" >> $VESTA/conf/vesta.conf + echo "PROXY_SYSTEM='nginx'" >> $VESTA/conf/vesta.conf + echo "PROXY_PORT='80'" >> $VESTA/conf/vesta.conf + echo "PROXY_SSL_PORT='443'" >> $VESTA/conf/vesta.conf + echo "STATS_SYSTEM='webalizer,awstats'" >> $VESTA/conf/vesta.conf +fi +if [ "$apache" = 'no' ] && [ "$nginx" = 'yes' ]; then + echo "WEB_SYSTEM='nginx'" >> $VESTA/conf/vesta.conf + echo "WEB_PORT='80'" >> $VESTA/conf/vesta.conf + echo "WEB_SSL_PORT='443'" >> $VESTA/conf/vesta.conf + echo "WEB_SSL='openssl'" >> $VESTA/conf/vesta.conf + if [ "$phpfpm" = 'yes' ]; then + echo "WEB_BACKEND='php5-fpm'" >> $VESTA/conf/vesta.conf + fi + echo "STATS_SYSTEM='webalizer,awstats'" >> $VESTA/conf/vesta.conf fi -# Apache configuration -wget $CHOST/$VERSION/apache2.conf -O /etc/apache2/apache2.conf -if [ "$codename" = 'saucy' ] || [ "$codename" = 'trusty' ]; then - sed -i "/^LockFile /d" /etc/apache2/apache2.conf +# FTP stack +if [ "$vsftpd" = 'yes' ]; then + echo "FTP_SYSTEM='vsftpd'" >> $VESTA/conf/vesta.conf fi -wget $CHOST/$VERSION/apache2-status.conf \ - -O /etc/apache2/mods-enabled/status.conf -wget $CHOST/$VERSION/apache2.log -O /etc/logrotate.d/apache2 -echo "# Powered by vesta" > /etc/apache2/sites-available/default -echo "# Powered by vesta" > /etc/apache2/sites-available/default-ssl -echo "# Powered by vesta" > /etc/apache2/ports.conf -mkdir -p /etc/apache2/conf.d -rm -f /etc/apache2/conf.d/vesta.conf -echo > /etc/apache2/conf.d/vesta.conf -touch /var/log/apache2/access.log -touch /var/log/apache2/error.log -mkdir -p /var/log/apache2/domains -chmod a+x /var/log/apache2 -chmod 640 /var/log/apache2/access.log -chmod 640 /var/log/apache2/error.log -chmod 751 /var/log/apache2/domains -a2enmod rewrite -a2enmod ssl -a2enmod suexec -echo -e "/home\npublic_html/cgi-bin" > /etc/apache2/suexec/www-data -update-rc.d apache2 defaults -service apache2 stop > /dev/null 2>&1 -service apache2 start -if [ "$?" -ne 0 ]; then - echo "Error: apache2 start failed" - exit 1 +if [ "$proftpd" = 'yes' ]; then + echo "FTP_SYSTEM='proftpd'" >> $VESTA/conf/vesta.conf fi -# Vsftpd configuration -wget $CHOST/$VERSION/vsftpd.conf -O /etc/vsftpd.conf -update-rc.d vsftpd defaults -service vsftpd stop > /dev/null 2>&1 -service vsftpd start -if [ "$?" -ne 0 ]; then - echo "Error: vsftpd start failed" - exit 1 +# DNS stack +if [ "$named" = 'yes' ]; then + echo "DNS_SYSTEM='bind9'" >> $VESTA/conf/vesta.conf fi -# Generating MySQL password if it wasn't set -if [ -z "$mpass" ]; then - mpass=$(gen_pass) +# Mail stack +if [ "$exim" = 'yes' ]; then + echo "MAIL_SYSTEM='exim4'" >> $VESTA/conf/vesta.conf + if [ "$clamd" = 'yes' ]; then + echo "ANTIVIRUS_SYSTEM='clamav-daemon'" >> $VESTA/conf/vesta.conf + fi + if [ "$spamd" = 'yes' ]; then + echo "ANTISPAM_SYSTEM='spamassassin'" >> $VESTA/conf/vesta.conf + fi + if [ "$dovecot" = 'yes' ]; then + echo "IMAP_SYSTEM='dovecot'" >> $VESTA/conf/vesta.conf + fi fi -# MySQL configuration -wget $CHOST/$VERSION/my.cnf -O /etc/mysql/my.cnf -mysql_install_db -if [ "$release" != '14.04' ]; then +# CRON daemon +echo "CRON_SYSTEM='cron'" >> $VESTA/conf/vesta.conf + +# Firewall stack +if [ "$iptables" = 'yes' ]; then + echo "FIREWALL_SYSTEM='iptables'" >> $VESTA/conf/vesta.conf +fi +if [ "$iptables" = 'yes' ] && [ "$fail2ban" = 'yes' ]; then + echo "FIREWALL_EXTENSION='fail2ban'" >> $VESTA/conf/vesta.conf +fi + +# Disk quota +if [ "$quota" = 'yes' ]; then + echo "DISK_QUOTA='yes'" >> $VESTA/conf/vesta.conf +fi + +# Backups +echo "BACKUP_SYSTEM='local'" >> $VESTA/conf/vesta.conf + +# Language +echo "LANGUAGE='$lang'" >> $VESTA/conf/vesta.conf + +# Version +echo "VERSION='0.9.8'" >> $VESTA/conf/vesta.conf + +# Downloading hosting packages +cd $VESTA/data +wget $vestacp/packages.tar.gz -O packages.tar.gz +tar -xzf packages.tar.gz +rm -f packages.tar.gz + +# Downloading templates +wget $vestacp/templates.tar.gz -O templates.tar.gz +tar -xzf templates.tar.gz +rm -f templates.tar.gz + +# Copying index.html to default documentroot +cp templates/web/skel/public_html/index.html /var/www/ +sed -i 's/%domain%/It worked!/g' /var/www/index.html + +# Downloading firewall rules +wget $vestacp/firewall.tar.gz -O firewall.tar.gz +tar -xzf firewall.tar.gz +rm -f firewall.tar.gz + +# Configuring server hostname +$VESTA/bin/v-change-sys-hostname $servername 2>/dev/null + +# Generating SSL certificate +$VESTA/bin/v-generate-ssl-cert $(hostname) $email 'US' 'California' \ + 'San Francisco' 'Vesta Control Panel' 'IT' > /tmp/vst.pem + +# Parsing certificate file +crt_end=$(grep -n "END CERTIFICATE-" /tmp/vst.pem |cut -f 1 -d:) +key_start=$(grep -n "BEGIN RSA" /tmp/vst.pem |cut -f 1 -d:) +key_end=$(grep -n "END RSA" /tmp/vst.pem |cut -f 1 -d:) + +# Adding SSL certificate +cd $VESTA/ssl +sed -n "1,${crt_end}p" /tmp/vst.pem > certificate.crt +sed -n "$key_start,${key_end}p" /tmp/vst.pem > certificate.key +chown root:mail $VESTA/ssl/* +chmod 660 $VESTA/ssl/* +rm /tmp/vst.pem + + +#----------------------------------------------------------# +# Configure Nginx # +#----------------------------------------------------------# + +if [ "$nginx" = 'yes' ]; then + rm -f /etc/nginx/conf.d/*.conf + wget $vestacp/nginx/nginx.conf -O /etc/nginx/nginx.conf + wget $vestacp/nginx/status.conf -O /etc/nginx/conf.d/status.conf + wget $vestacp/nginx/phpmyadmin.inc -O /etc/nginx/conf.d/phpmyadmin.inc + wget $vestacp/nginx/phppgadmin.inc -O /etc/nginx/conf.d/phppgadmin.inc + wget $vestacp/nginx/webmail.inc -O /etc/nginx/conf.d/webmail.inc + wget $vestacp/logrotate/nginx -O /etc/logrotate.d/nginx + echo > /etc/nginx/conf.d/vesta.conf + mkdir -p /var/log/nginx/domains + update-rc.d nginx defaults + service nginx start + check_result $? "nginx start failed" +fi + + +#----------------------------------------------------------# +# Configure Apache # +#----------------------------------------------------------# + +if [ "$apache" = 'yes' ]; then + wget $vestacp/apache2/apache2.conf -O /etc/apache2/apache2.conf + wget $vestacp/apache2/status.conf -O /etc/apache2/mods-enabled/status.conf + wget $vestacp/logrotate/apache2 -O /etc/logrotate.d/apache2 + a2enmod rewrite + a2enmod suexec + a2enmod ssl + a2enmod actions + a2enmod ruid2 + mkdir -p /etc/apache2/conf.d + echo > /etc/apache2/conf.d/vesta.conf + echo "# Powered by vesta" > /etc/apache2/sites-available/default + echo "# Powered by vesta" > /etc/apache2/sites-available/default-ssl + echo "# Powered by vesta" > /etc/apache2/ports.conf + echo -e "/home\npublic_html/cgi-bin" > /etc/apache2/suexec/www-data + touch /var/log/apache2/access.log /var/log/apache2/error.log + mkdir -p /var/log/apache2/domains + chmod a+x /var/log/apache2 + chmod 640 /var/log/apache2/access.log /var/log/apache2/error.log + chmod 751 /var/log/apache2/domains + update-rc.d apache2 defaults + service apache2 start + check_result $? "apache2 start failed" +fi + + +#----------------------------------------------------------# +# Configure PHP-FPM # +#----------------------------------------------------------# + +if [ "$phpfpm" = 'yes' ]; then + wget $vestacp/php5-fpm/www.conf -O /etc/php5/fpm/pool.d/www.conf + update-rc.d php5-fpm defaults + service php5-fpm start + check_result $? "php-fpm start failed" +fi + + +#----------------------------------------------------------# +# Configure PHP # +#----------------------------------------------------------# + +ZONE=$(timedatectl 2>/dev/null|grep Timezone|awk '{print $2}') +if [ -z "$ZONE" ]; then + ZONE='UTC' +fi +sed -i "s/;date.timezone =/date.timezone = $ZONE/g" /etc/php5/apache2/php.ini +sed -i "s/;date.timezone =/date.timezone = $ZONE/g" /etc/php5/cli/php.ini +sed -i 's%_open_tag = Off%_open_tag = On%g' /etc/php5/apache2/php.ini +sed -i 's%_open_tag = Off%_open_tag = On%g' /etc/php5/cli/php.ini + + +#----------------------------------------------------------# +# Configure VSFTPD # +#----------------------------------------------------------# + +if [ "$vsftpd" = 'yes' ]; then + wget $vestacp/vsftpd/vsftpd.conf -O /etc/vsftpd.conf + update-rc.d vsftpd defaults + service vsftpd start + check_result $? "vsftpd start failed" +fi + + +#----------------------------------------------------------# +# Configure ProFTPD # +#----------------------------------------------------------# + +if [ "$proftpd" = 'yes' ]; then + echo "127.0.0.1 $servername" >> /etc/hosts + wget $vestacp/proftpd/proftpd.conf -O /etc/proftpd/proftpd.conf + update-rc.d proftpd defaults + service proftpd start + check_result $? "proftpd start failed" +fi + + +#----------------------------------------------------------# +# Configure MySQL/MariaDB # +#----------------------------------------------------------# + +if [ "$mysql" = 'yes' ]; then + mycnf="my-small.cnf" + if [ $memory -gt 1200000 ]; then + mycnf="my-medium.cnf" + fi + if [ $memory -gt 3900000 ]; then + mycnf="my-large.cnf" + fi + + # MySQL configuration + wget $vestacp/mysql/$mycnf -O /etc/mysql/my.cnf + mysql_install_db update-rc.d mysql defaults -fi -service mysql stop > /dev/null 2>&1 -service mysql start -if [ "$?" -ne 0 ]; then - echo "Error: mysql start failed" - exit 1 -fi -mysqladmin -u root password $mpass -echo -e "[client]\npassword='$mpass'\n" > /root/.my.cnf -chmod 600 /root/.my.cnf -mysql -e "DELETE FROM mysql.user WHERE User=''" -mysql -e "DROP DATABASE test" > /dev/null 2>&1 -mysql -e "DELETE FROM mysql.db WHERE Db='test' OR Db='test\\_%'" -mysql -e "DELETE FROM mysql.user WHERE user='' or password='';" -mysql -e "FLUSH PRIVILEGES" + service mysql start + check_result $? "mysql start failed" -# Bind configuration -wget $CHOST/$VERSION/named.conf -O /etc/bind/named.conf -sed -i "s%listen-on%//listen%" /etc/bind/named.conf.options -chown root:bind /etc/bind/named.conf -chmod 640 /etc/bind/named.conf -update-rc.d bind9 defaults -service bind9 stop > /dev/null 2>&1 -service bind9 start -if [ "$?" -ne 0 ]; then - echo "Error: bind9 start failed" - exit 1 + # Securing MySQL installation + mysqladmin -u root password $vpass + echo -e "[client]\npassword='$vpass'\n" > /root/.my.cnf + chmod 600 /root/.my.cnf + mysql -e "DELETE FROM mysql.user WHERE User=''" + mysql -e "DROP DATABASE test" >/dev/null 2>&1 + mysql -e "DELETE FROM mysql.db WHERE Db='test' OR Db='test\\_%'" + mysql -e "DELETE FROM mysql.user WHERE user='' or password='';" + mysql -e "FLUSH PRIVILEGES" + + # Configuring phpMyAdmin + if [ "$apache" = 'yes' ]; then + wget $vestacp/pma/apache.conf -O /etc/phpmyadmin/apache.conf + ln -s /etc/phpmyadmin/apache.conf /etc/apache2/conf.d/phpmyadmin.conf + fi + wget $vestacp/pma/config.inc.php -O /etc/phpmyadmin/config.inc.php + chmod 777 /var/lib/phpmyadmin/tmp fi -# Exim -wget $CHOST/$VERSION/exim4.conf.template -O /etc/exim4/exim4.conf.template -if [ "$srv_type" != 'micro' ] && [ "$srv_type" != 'small' ]; then - sed -i "s/#SPAM/SPAM/g" /etc/exim4/exim4.conf.template - sed -i "s/#CLAMD/CLAMD/g" /etc/exim4/exim4.conf.template -fi -wget $CHOST/$VERSION/dnsbl.conf -O /etc/exim4/dnsbl.conf -wget $CHOST/$VERSION/spam-blocks.conf -O /etc/exim4/spam-blocks.conf -touch /etc/exim4/white-blocks.conf -rm -rf /etc/exim4/domains -mkdir -p /etc/exim4/domains -chmod 640 /etc/exim4/exim4.conf.template -gpasswd -a Debian-exim mail -if [ -e /etc/init.d/sendmail ]; then - update-rc.d -f sendmail remove - service sendmail stop -fi -if [ -e /etc/init.d/postfix ]; then - update-rc.d -f postfix remove - service postfix stop -fi -rm -f /etc/alternatives/mta -ln -s /usr/sbin/exim4 /etc/alternatives/mta -update-rc.d exim4 defaults -service exim4 stop > /dev/null 2>&1 -service exim4 start -if [ "$?" -ne 0 ]; then - echo "Error: exim start failed" - exit +#----------------------------------------------------------# +# Configure PostgreSQL # +#----------------------------------------------------------# + +if [ "$postgresql" = 'yes' ]; then + wget $vestacp/postgresql/pg_hba.conf -O /etc/postgresql/*/main/pg_hba.conf + service postgresql restart + sudo -u postgres psql -c "ALTER USER postgres WITH PASSWORD '$vpass'" 2>/dev/null + + # Configuring phpPgAdmin + if [ "$apache" = 'yes' ]; then + wget $vestacp/pga/phppgadmin.conf -O /etc/apache2/conf.d/phppgadmin.conf + fi + wget $vestacp/pga/config.inc.php -O /etc/phppgadmin/config.inc.php fi -# Dovecot configuration -wget $CHOST/$VERSION/dovecot.conf -O /etc/dovecot/dovecot.conf -cd /etc/dovecot/ -wget $CHOST/$VERSION/dovecot-conf.d.tar.gz -rm -rf conf.d *.ext README -tar -xzf dovecot-conf.d.tar.gz -rm -f dovecot-conf.d.tar.gz -chown -R root:root /etc/dovecot -gpasswd -a dovecot mail -update-rc.d dovecot defaults -service dovecot stop > /dev/null 2>&1 -service dovecot start -if [ "$?" -ne 0 ]; then - echo "Error: dovecot start failed" - exit 1 + +#----------------------------------------------------------# +# Configure Bind # +#----------------------------------------------------------# + +if [ "$named" = 'yes' ]; then + wget $vestacp/bind/named.conf -O /etc/bind/named.conf + sed -i "s%listen-on%//listen%" /etc/bind/named.conf.options + chown root:bind /etc/bind/named.conf + chmod 640 /etc/bind/named.conf + update-rc.d bind9 defaults + service bind9 start + check_result $? "bind9 start failed" fi -# ClamAV configuration -if [ "$srv_type" = 'medium' ] || [ "$srv_type" = 'large' ]; then - wget $CHOST/$VERSION/clamd.conf -O /etc/clamav/clamd.conf +#----------------------------------------------------------# +# Configure Exim # +#----------------------------------------------------------# + +if [ "$exim" = 'yes' ]; then + gpasswd -a Debian-exim mail + wget $vestacp/exim/exim4.conf.template -O /etc/exim4/exim4.conf.template + wget $vestacp/exim/dnsbl.conf -O /etc/exim4/dnsbl.conf + wget $vestacp/exim/spam-blocks.conf -O /etc/exim4/spam-blocks.conf + touch /etc/exim4/white-blocks.conf + + if [ "$spamd" = 'yes' ]; then + sed -i "s/#SPAM/SPAM/g" /etc/exim4/exim4.conf.template + fi + if [ "$clamd" = 'yes' ]; then + sed -i "s/#CLAMD/CLAMD/g" /etc/exim4/exim4.conf.template + fi + + chmod 640 /etc/exim4/exim4.conf.template + rm -rf /etc/exim4/domains + mkdir -p /etc/exim4/domains + + rm -f /etc/alternatives/mta + ln -s /usr/sbin/exim4 /etc/alternatives/mta + update-rc.d -f sendmail remove > /dev/null 2>&1 + service sendmail stop > /dev/null 2>&1 + update-rc.d -f postfix remove > /dev/null 2>&1 + service postfix stop > /dev/null 2>&1 + + update-rc.d exim4 defaults + service exim4 start + check_result $? "exim4 start failed" +fi + + +#----------------------------------------------------------# +# Configure Dovecot # +#----------------------------------------------------------# + +if [ "$dovecot" = 'yes' ]; then + gpasswd -a dovecot mail + wget $vestacp/dovecot.tar.gz -O /etc/dovecot.tar.gz + cd /etc + rm -rf dovecot dovecot.conf + tar -xzf dovecot.tar.gz + rm -f dovecot.tar.gz + chown -R root:root /etc/dovecot* + update-rc.d dovecot defaults + service dovecot start + check_result $? "dovecot start failed" +fi + + +#----------------------------------------------------------# +# Configure ClamAV # +#----------------------------------------------------------# + +if [ "$clamd" = 'yes' ]; then gpasswd -a clamav mail gpasswd -a clamav Debian-exim + wget $vestacp/clamav/clamd.conf -O /etc/clamav/clamd.conf /usr/bin/freshclam update-rc.d clamav-daemon defaults - service clamav-daemon stop > /dev/null 2>&1 service clamav-daemon start - if [ "$?" -ne 0 ]; then - echo "Error: clamav start failed" - exit 1 - fi + check_result $? "clamav-daeom start failed" fi -# SpamAssassin configuration -if [ "$srv_type" = 'medium' ] || [ "$srv_type" = 'large' ]; then + +#----------------------------------------------------------# +# Configure SpamAssassin # +#----------------------------------------------------------# + +if [ "$spamd" = 'yes' ]; then update-rc.d spamassassin defaults sed -i "s/ENABLED=0/ENABLED=1/" /etc/default/spamassassin - service spamassassin stop > /dev/null 2>&1 service spamassassin start - if [ "$?" -ne 0 ]; then - echo "Error: spamassassin start failed" - exit 1 + check_result $? "spamassassin start failed" +fi + + +#----------------------------------------------------------# +# Configure RoundCube # +#----------------------------------------------------------# + +if [ "$exim" = 'yes' ] && [ "$mysql" = 'yes' ]; then + if [ "$apache" = 'yes' ]; then + wget $vestacp/roundcube/apache.conf -O /etc/roundcube/apache.conf + ln -s /etc/roundcube/apache.conf /etc/apache2/conf.d/roundcube.conf + fi + wget $vestacp/roundcube/main.inc.php -O /etc/roundcube/main.inc.php + wget $vestacp/roundcube/db.inc.php -O /etc/roundcube/db.inc.php + wget $vestacp/roundcube/vesta.php -O \ + /usr/share/roundcube/plugins/password/drivers/vesta.php + wget $vestacp/roundcube/config.inc.php -O \ + /etc/roundcube/plugins/password/config.inc.php + r="$(gen_pass)" + mysql -e "CREATE DATABASE roundcube" + mysql -e "GRANT ALL ON roundcube.* TO roundcube@localhost IDENTIFIED BY '$r'" + sed -i "s/%password%/$r/g" /etc/roundcube/db.inc.php + mysql roundcube < /usr/share/dbconfig-common/data/roundcube/install/mysql + php5enmod mcrypt 2>/dev/null + service apache2 restart + if [ "$release" -eq 8 ]; then + mv -f /etc/roundcube/main.inc.php /etc/roundcube/config.inc.php + mv -f /etc/roundcube/db.inc.php /etc/roundcube/debian-db-roundcube.php fi fi -# Fail2ban configuration -if [ -z "$disable_fail2ban" ]; then + +#----------------------------------------------------------# +# Configure Fail2Ban # +#----------------------------------------------------------# + +if [ "$fail2ban" = 'yes' ]; then cd /etc - wget $CHOST/$VERSION/fail2ban.tar.gz -O fail2ban.tar.gz + wget $vestacp/fail2ban.tar.gz -O fail2ban.tar.gz tar -xzf fail2ban.tar.gz rm -f fail2ban.tar.gz - chkconfig fail2ban on + if [ "$dovecot" = 'no' ]; then + fline=$(cat /etc/fail2ban/jail.local |grep -n dovecot-iptables -A 2) + fline=$(echo "$fline" |tail -n1 |cut -f 1 -d -) + sed -i "${fline}s/true/false/" /etc/fail2ban/jail.local + fi + if [ "$exim" = 'no' ]; then + fline=$(cat /etc/fail2ban/jail.local |grep -n exim-iptables -A 2) + fline=$(echo "$fline" |tail -n1 |cut -f 1 -d -) + sed -i "${fline}s/true/false/" /etc/fail2ban/jail.local + fi + update-rc.d fail2ban defaults service fail2ban start -else - sed -i "s/fail2ban//" $VESTA/conf/vestac.conf + check_result $? "fail2ban start failed" fi -# php configuration -sed -i "s/;date.timezone =/date.timezone = UTC/g" /etc/php5/apache2/php.ini -sed -i "s/;date.timezone =/date.timezone = UTC/g" /etc/php5/cli/php.ini -if [ "$codename" = 'saucy' ] || [ "$codename" = 'trusty' ]; then - ln -s /etc/php5/conf.d/mcrypt.ini /etc/php5/mods-available - php5enmod mcrypt - service apache2 restart -fi -# phpMyAdmin configuration -wget $CHOST/$VERSION/apache2-pma.conf -O /etc/phpmyadmin/apache.conf -wget $CHOST/$VERSION/pma.conf -O /etc/phpmyadmin/config.inc.php -ln -s /etc/phpmyadmin/apache.conf /etc/apache2/conf.d/phpmyadmin.conf -mv -f /etc/phpmyadmin/config-db.php /etc/phpmyadmin/config-db.php_ -chmod 777 /var/lib/phpmyadmin/tmp +#----------------------------------------------------------# +# Configure Admin User # +#----------------------------------------------------------# -# Roundcube configuration -wget $CHOST/$VERSION/apache2-webmail.conf -O /etc/roundcube/apache.conf -wget $CHOST/$VERSION/roundcube-main.conf -O /etc/roundcube/main.inc.php -wget $CHOST/$VERSION/roundcube-db.conf -O /etc/roundcube/db.inc.php -wget $CHOST/$VERSION/roundcube-driver.php -O \ - /usr/share/roundcube/plugins/password/drivers/vesta.php -wget $CHOST/$VERSION/roundcube-pw.conf -O \ - /etc/roundcube/plugins/password/config.inc.php -r="$(gen_pass)" -mysql -e "DROP DATABASE roundcube" > /dev/null 2>&1 -mysql -e "CREATE DATABASE roundcube" -mysql -e "GRANT ALL ON roundcube.* TO roundcube@localhost IDENTIFIED BY '$r'" -sed -i "s/%password%/$r/g" /etc/roundcube/db.inc.php -mysql roundcube < /usr/share/dbconfig-common/data/roundcube/install/mysql -if [ "$codename" = 'saucy' ] || [ "$codename" = 'trusty' ]; then - wget $CHOST/$VERSION/roundcube-driver-new.php -O \ - /usr/share/roundcube/plugins/password/drivers/vesta.php - ln -s /etc/roundcube/apache.conf /etc/apache2/conf.d/ - service apache2 restart -fi -mkdir -p /var/log/roundcube/error -chmod -R 777 /var/log/roundcube - -# Deleting old admin user account if exists +# Deleting old admin user if [ ! -z "$(grep ^admin: /etc/passwd)" ] && [ "$force" = 'yes' ]; then chattr -i /home/admin/conf > /dev/null 2>&1 - userdel -f admin - chattr -i /home/admin/conf - mv -f /home/admin $vst_backups/home/ - rm -f /tmp/sess_* + userdel -f admin >/dev/null 2>&1 + chattr -i /home/admin/conf >/dev/null 2>&1 + mv -f /home/admin $vst_backups/home/ >/dev/null 2>&1 + rm -f /tmp/sess_* >/dev/null 2>&1 fi -if [ ! -z "$(grep ^admin: /etc/group)" ]; then +if [ ! -z "$(grep ^admin: /etc/group)" ] && [ "$force" = 'yes' ]; then groupdel admin > /dev/null 2>&1 fi -# Generating admin password if it wasn't set -if [ -z "$vpass" ]; then - vpass=$(gen_pass) -fi - -# Adding admin account +# Adding vesta account $VESTA/bin/v-add-user admin $vpass $email default System Administrator -if [ $? -ne 0 ]; then - echo "Error: can't create admin user" - exit 1 -fi +check_result $? "can't create admin user" $VESTA/bin/v-change-user-shell admin bash -$VESTA/bin/v-change-user-language admin en - -# Configure mysql host -$VESTA/bin/v-add-database-host mysql localhost root $mpass -$VESTA/bin/v-add-database admin default default $(gen_pass) mysql +$VESTA/bin/v-change-user-language admin $lang # Configuring system ips $VESTA/bin/v-update-sys-ip -# Firewall configuartion -cd $VESTA/data -wget $CHOST/$VERSION/firewall.tar.gz -O firewall.tar.gz -tar -xzf firewall.tar.gz -rm -f firewall.tar.gz -if [ "$disable_iptables" = 'yes' ]; then - sed -i "s/iptables//" $VESTA/conf/vesta.conf -else - /usr/local/vesta/bin/v-update-firewall -fi - # Get main ip -main_ip=$(ifconfig |grep 'inet addr:' |grep -v 127.0.0.1 |head -n1 | \ - cut -f2 -d: | cut -f1 -d ' ') +ip=$(ip addr|grep 'inet '|grep global|head -n1|awk '{print $2}'|cut -f1 -d/) -# Get remote ip -vst_ip=$(wget vestacp.com/what-is-my-ip/ -O - 2>/dev/null) -if [ ! -z "$vst_ip" ] && [ "$vst_ip" != "$main_ip" ]; then - # Set NAT association - $VESTA/bin/v-change-sys-ip-nat $main_ip $vst_ip +# Get public ip +pub_ip=$(wget vestacp.com/what-is-my-ip/ -O - 2>/dev/null) +if [ ! -z "$pub_ip" ] && [ "$pub_ip" != "$ip" ]; then + $VESTA/bin/v-change-sys-ip-nat $ip $pub_ip fi -if [ -z "$vst_ip" ]; then - vst_ip=$main_ip +if [ -z "$pub_ip" ]; then + ip=$main_ip fi -# Add default web domain -$VESTA/bin/v-add-web-domain admin default.domain $vst_ip +# Firewall configuration +if [ "$iptables" = 'yes' ]; then + $VESTA/bin/v-update-firewall +fi -# Add default dns domain -$VESTA/bin/v-add-dns-domain admin default.domain $vst_ip +# Configuring mysql host +if [ "$mysql" = 'yes' ]; then + $VESTA/bin/v-add-database-host mysql localhost root $vpass + $VESTA/bin/v-add-database admin default default $(gen_pass) mysql +fi -# Add default mail domain -$VESTA/bin/v-add-mail-domain admin default.domain +# Configuring pgsql host +if [ "$postgresql" = 'yes' ]; then + $VESTA/bin/v-add-database-host pgsql localhost postgres $vpass + $VESTA/bin/v-add-database admin db db $(gen_pass) pgsql +fi -# Configuring cron jobs +# Adding default domain +$VESTA/bin/v-add-domain admin $servername +check_result $? "can't create $servername domain" + +# Adding cron jobs command='sudo /usr/local/vesta/bin/v-update-sys-queue disk' $VESTA/bin/v-add-cron-job 'admin' '15' '02' '*' '*' '*' "$command" command='sudo /usr/local/vesta/bin/v-update-sys-queue traffic' @@ -854,35 +1147,42 @@ command='sudo /usr/local/vesta/bin/v-update-user-stats' $VESTA/bin/v-add-cron-job 'admin' '20' '00' '*' '*' '*' "$command" command='sudo /usr/local/vesta/bin/v-update-sys-rrd' $VESTA/bin/v-add-cron-job 'admin' '*/5' '*' '*' '*' '*' "$command" +service cron restart # Building inititall rrd images $VESTA/bin/v-update-sys-rrd -# Enable file system quota +# Enabling file system quota if [ "$quota" = 'yes' ]; then $VESTA/bin/v-add-sys-quota fi -# Start system service +# Starting vesta service update-rc.d vesta defaults -service vesta stop > /dev/null 2>&1 service vesta start -if [ "$?" -ne 0 ]; then - echo "Error: vesta start failed" - exit 1 +check_result $? "vesta start failed" + + +#----------------------------------------------------------# +# Vesta Access Info # +#----------------------------------------------------------# + +# Sending install notification to vestacp.com +wget vestacp.com/notify/?$codename -O /dev/null -q + +# Comparing hostname and ip +host_ip=$(host $servername| head -n 1 | awk '{print $NF}') +if [ "$host_ip" = "$ip" ]; then + ip="$servername" fi -# Send notification to vestacp.com -wget vestacp.com/notify/?$codename -O /dev/null - -# Send notification to admin email +# Sending notification to admin email echo -e "Congratulations, you have just successfully installed \ -the Vesta Control Panel +Vesta Control Panel -You can login in Vesta with following credentials: + https://$ip:8083 username: admin password: $vpass - https://$vst_ip:8083 We hope that you enjoy your installation of Vesta. Please \ feel free to contact us anytime if you have any questions. @@ -895,12 +1195,10 @@ vestacp.com team send_mail="$VESTA/web/inc/mail-wrapper.php" cat $tmpfile | $send_mail -s "Vesta Control Panel" $email -rm -f $tmpfile # Congrats echo '=======================================================' echo -echo echo ' _| _| _|_|_|_| _|_|_| _|_|_|_|_| _|_| ' echo ' _| _| _| _| _| _| _| ' echo ' _| _| _|_|_| _|_| _| _|_|_|_| ' @@ -908,20 +1206,7 @@ echo ' _| _| _| _| _| _| _| ' echo ' _| _|_|_|_| _|_|_| _| _| _| ' echo echo -echo '-------------------------------' -echo " https://$vst_ip:8083" -echo ' username: admin' -echo " password: $vpass" -echo '-------------------------------' -echo -echo -echo 'Congratulations,' -echo 'you have successfully installed Vesta Control Panel.' -echo -echo +cat $tmpfile +rm -f $tmpfile -# Tricky way to get new PATH variable -cd -bash - -#EOF +# EOF diff --git a/install/vst-install.sh b/install/vst-install.sh old mode 100644 new mode 100755 index 9c064ab01..9e05feea1 --- a/install/vst-install.sh +++ b/install/vst-install.sh @@ -5,10 +5,10 @@ # # Currently Supported Operating Systems: # -# RHEL 5, RHEL 6 -# CentOS 5, CentOS 6 -# Debian 7 -# Ubuntu LTS, Ubuntu 13.04, Ubuntu 13.10 +# RHEL 5, 6, 7 +# CentOS 5, 6, 7 +# Debian 7, 8 +# Ubuntu 12.04 - 15.04 # # Am I root?