New vesta installer

install/ubuntu/12.04/apache2/apache2.conf

@@ -11,7 +11,6 @@
 #	|	`-- *
 
 # Global configuration
-LockFile ${APACHE_LOCK_DIR}/accept.lock
 PidFile ${APACHE_PID_FILE}
 Timeout 30
 KeepAlive Off

install/ubuntu/12.04/deb_signing.key

@@ -0,0 +1,30 @@
+-----BEGIN PGP PUBLIC KEY BLOCK-----
+Version: GnuPG v1.4.12 (GNU/Linux)
+
+mQENBFJIGbEBCAC8SHOOFo7iDTbnC2GhNZ+uBGCh226Dn1QPoFZNFM/DNakHZ6rD
+G3wzr8++eKz4fJual/VLllE2N9XDPuxbozb3LLkcyY1WzJqtIXbXhFGQ/SuIeT+x
+QY90XU6t2Ckze2c+zUniAWmJ8GSyVmXOoc9JxAQ1u47wvGXLzrjWXc8u8PNRYXuf
+fZplTL+dFu9P0d6lP8FGsV+r9wXvvazpRTz3+H8PKrGCYT55ZQIEdG9Jgamylto2
+oVPFXkwGML+TLw6oeCIBuz2y2vtivphW4MJ3ifQjDj7k3n+DTIxfDFs8lB6VRhhY
+2nMHCrcZC6U2mhmXmr6O4s1fu6irBVx05ejPABEBAAG0IFNlcmdoZXkgUm9kaW4g
+PHNraWRAdmVzdGFjcC5jb20+iQE4BBMBAgAiBQJSSBmxAhsDBgsJCAcDAgYVCAIJ
+CgsEFgIDAQIeAQIXgAAKCRBCxbITCh93FPdqB/93GjV9g+wBfeZYLHQK9MDU2wBb
+VloYOJJae6IvYKYQVAJayD3PbHdpxrF8s9e23vdnmb9jKu6jX6oV54EIyqP2HPiN
+QYc8wcea+eSHerznBixCtoQh8mtdWGFeN71zU/ig7L5qlOVF/EmxDVZTFUeivFxh
+IV6qyBnktQKktE45585yKZyyLtfGoXA54DGK69OtJFh+wdkKEMmUXocMl7wUrxW6
+Cx2CuKeEXEgvwu8mRHQi3S3T9XP456qWEn5dWyMVcP660IzEuZfSJApZusNK7zG3
+WMy0/EuX7xHNY3mcNxTOUN1LsO7iHnhHD9+iKWJo9parGkMZzc92MpjDK/g7uQEN
+BFJIGbEBCAC7k5QEA9WQM7E3ceNaeLMrA9lXfuzaNCcySq7ONdVAa5PxzbSKdHvz
+QFoL1VFqBTYQ038lbil1XqnoM0zvIfAI3LcpS8sq92El/vPxp6jZh2Ari9Uw7x95
+k2cZMgI67g+zQMGdjVRA155nFQRCgg000xU4F7JA6+WsuLlVUmccsDv7YWJExMtC
+YPxiuz5DFu8RALnw4Ckts+dbwsrcvUHhkm9b6RAsdCKjjRpUZjLgdltjH83gUVvt
+i1YmdjjsVpt95dtsaG+ad852g/Rk8EdxNMkjPF6HLA67CLADP9wYaj80yPcPtylS
+ycvPtcclVeHkFBRVM8xZpQd4iD19MWI1ABEBAAGJAR8EGAECAAkFAlJIGbECGwwA
+CgkQQsWyEwofdxQ7tQgAhB0FwTs7L8Qr63DHC2yAnXVxgtTAY1/36CccNXVculyR
++EkLcwahms9AKhz7eQb+Mud+5vH0GRohLp2npgO38CjVUfIP5d+Y6dsthmrkF6p8
+XdV1dVK9vWX+i/YZSw/Mded30Cq4P2Yhq9EaemMT0rtli8lz2NnkZ9dFJZk1lzJC
+CZmRpbjSNWqRU4f7qyh21lYk/OC/0XE8fh8CaO23TZ+6gBionoCztwb7NyC9OArN
+qYlNnbmh9iNqdblykPS3bkjf34n2xyMgnIehNrM89tk8PY4UfNPhgT1TMD9W3Svq
+ynNZvLuF/FIDwDeC1qcfjGbfDn9fXO/lMIIRooQYKQ==
+=J2HJ
+-----END PGP PUBLIC KEY BLOCK-----

install/ubuntu/12.04/dovecot/conf.d/20-imap.conf

@@ -0,0 +1,58 @@
+##
+## IMAP specific settings
+##
+
+protocol imap {
+  # Maximum IMAP command line length. Some clients generate very long command
+  # lines with huge mailboxes, so you may need to raise this if you get
+  # "Too long argument" or "IMAP command line too large" errors often.
+  #imap_max_line_length = 64k
+
+  # Maximum number of IMAP connections allowed for a user from each IP address.
+  # NOTE: The username is compared case-sensitively.
+  #mail_max_userip_connections = 10
+
+  # Space separated list of plugins to load (default is global mail_plugins).
+  #mail_plugins = $mail_plugins
+
+  # IMAP logout format string:
+  #  %i - total number of bytes read from client
+  #  %o - total number of bytes sent to client
+  #imap_logout_format = bytes=%i/%o
+
+  # Override the IMAP CAPABILITY response. If the value begins with '+',
+  # add the given capabilities on top of the defaults (e.g. +XFOO XBAR).
+  #imap_capability = 
+
+  # How long to wait between "OK Still here" notifications when client is
+  # IDLEing.
+  #imap_idle_notify_interval = 2 mins
+
+  # ID field names and values to send to clients. Using * as the value makes
+  # Dovecot use the default value. The following fields have default values
+  # currently: name, version, os, os-version, support-url, support-email.
+  #imap_id_send = 
+
+  # ID fields sent by client to log. * means everything.
+  #imap_id_log =
+
+  # Workarounds for various client bugs:
+  #   delay-newmail:
+  #     Send EXISTS/RECENT new mail notifications only when replying to NOOP
+  #     and CHECK commands. Some clients ignore them otherwise, for example OSX
+  #     Mail (<v2.1). Outlook Express breaks more badly though, without this it
+  #     may show user "Message no longer in server" errors. Note that OE6 still
+  #     breaks even with this workaround if synchronization is set to
+  #     "Headers Only".
+  #   tb-extra-mailbox-sep:
+  #     Thunderbird gets somehow confused with LAYOUT=fs (mbox and dbox) and
+  #     adds extra '/' suffixes to mailbox names. This option causes Dovecot to
+  #     ignore the extra '/' instead of treating it as invalid mailbox name.
+  #   tb-lsub-flags:
+  #     Show \Noselect flags for LSUB replies with LAYOUT=fs (e.g. mbox).
+  #     This makes Thunderbird realize they aren't selectable and show them
+  #     greyed out, instead of only later giving "not selectable" popup error.
+  #
+  # The list is space-separated.
+  #imap_client_workarounds = 
+}

install/ubuntu/12.04/exim/exim4.conf.template

@@ -108,7 +108,7 @@ acl_check_rcpt:
   require message       = relay not permitted
           domains       = +local_domains : +relay_to_domains
 
-  deny    message       = smtp auth required
+  deny    message       = smtp auth requried
          sender_domains = +local_domains
          !authenticated = *
 

install/ubuntu/12.04/fail2ban/action.d/vesta.conf

@@ -7,4 +7,3 @@ actionstop = /usr/local/vesta/bin/v-delete-firewall-chain <name>
 actioncheck = iptables -n -L INPUT | grep -q 'fail2ban-<name>[ \t]'
 actionban = /usr/local/vesta/bin/v-add-firewall-ban <ip> <name>
 actionunban = /usr/local/vesta/bin/v-delete-firewall-ban <ip> <name>
-

install/ubuntu/12.04/fail2ban/jail.local

@@ -2,7 +2,7 @@
 enabled  = true
 filter   = sshd
 action   = vesta[name=SSH]
-logpath  = /var/log/secure
+logpath  = /var/log/auth.log
 maxretry = 5
 
 [vsftpd-iptables]
@@ -16,7 +16,7 @@ maxretry = 5
 enabled = true
 filter  = exim
 action  = vesta[name=MAIL]
-logpath = /var/log/exim/main.log
+logpath = /var/log/exim4/mainlog
 
 [dovecot-iptables]
 enabled = true
@@ -28,7 +28,7 @@ logpath = /var/log/dovecot.log
 enabled  = false
 filter   = mysqld-auth
 action   = vesta[name=DB]
-logpath  = /var/log/mysqld.log
+logpath  = /var/log/mysql.log
 maxretry = 5
 
 [vesta-iptables]

install/ubuntu/12.04/firewall/ports.conf

@@ -11,6 +11,6 @@ PROTOCOL='TCP' PORT='143'
 PROTOCOL='TCP' PORT='3306'
 PROTOCOL='TCP' PORT='5432'
 PROTOCOL='TCP' PORT='8080'
-PROTOCOL='TCP' PORT='8443'
+PROTOCOL='TCP' PORT='8433'
 PROTOCOL='TCP' PORT='8083'
 PROTOCOL='TCP' PORT='12000:12100'

install/ubuntu/12.04/firewall/rules.conf

@@ -1,6 +1,6 @@
 RULE='1' ACTION='ACCEPT' PROTOCOL='ICMP' PORT='0' IP='0.0.0.0/0' COMMENT='PING' SUSPENDED='no' TIME='17:13:48' DATE='2014-09-16'
 RULE='2' ACTION='ACCEPT' PROTOCOL='TCP' PORT='8083' IP='0.0.0.0/0' COMMENT='VESTA' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25'
-RULE='3' ACTION='ACCEPT' PROTOCOL='TCP' PORT='3306,5432' IP='127.0.0.1/32' COMMENT='DB' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25'
+RULE='3' ACTION='ACCEPT' PROTOCOL='TCP' PORT='3306,5432' IP='0.0.0.0/0' COMMENT='DB' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25'
 RULE='4' ACTION='ACCEPT' PROTOCOL='TCP' PORT='143,993' IP='0.0.0.0/0' COMMENT='IMAP' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25'
 RULE='5' ACTION='ACCEPT' PROTOCOL='TCP' PORT='110,995' IP='0.0.0.0/0' COMMENT='POP3' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25'
 RULE='6' ACTION='ACCEPT' PROTOCOL='TCP' PORT='25,465,587,2525' IP='0.0.0.0/0' COMMENT='SMTP' SUSPENDED='no' TIME='07:40:16' DATE='2014-05-25'

install/ubuntu/12.04/logrotate/nginx

@@ -0,0 +1,13 @@
+/var/log/nginx/*log /var/log/nginx/domains/*log {
+        daily
+        missingok
+        rotate 52
+        compress
+        delaycompress
+        notifempty
+        create 640 nginx adm
+        sharedscripts
+        postrotate
+                [ -f /var/run/nginx.pid ] && kill -USR1 `cat /var/run/nginx.pid`
+        endscript
+}

install/ubuntu/12.04/mysql/my-large.cnf

@@ -0,0 +1,42 @@
+[client]
+port=3306
+socket=/var/run/mysqld/mysqld.sock
+
+[mysqld_safe]
+socket=/var/run/mysqld/mysqld.sock
+
+[mysqld]
+user=mysql
+pid-file=/var/run/mysqld/mysqld.pid
+socket=/var/run/mysqld/mysqld.sock
+port=3306
+basedir=/usr
+datadir=/var/lib/mysql
+tmpdir=/tmp
+lc-messages-dir=/usr/share/mysql
+log_error=/var/log/mysql/error.log
+
+symbolic-links=0
+
+skip-external-locking
+key_buffer_size = 256M
+max_allowed_packet = 32M
+table_open_cache = 256
+sort_buffer_size = 1M
+read_buffer_size = 1M
+read_rnd_buffer_size = 4M
+myisam_sort_buffer_size = 64M
+thread_cache_size = 8
+query_cache_size= 16M
+thread_concurrency = 8
+
+#innodb_use_native_aio = 0
+innodb_file_per_table
+
+max_connections=200
+max_user_connections=50
+wait_timeout=10
+interactive_timeout=50
+long_query_time=5
+
+!includedir /etc/mysql/conf.d/

install/ubuntu/12.04/mysql/my-medium.cnf

@@ -15,11 +15,26 @@ datadir=/var/lib/mysql
 tmpdir=/tmp
 lc-messages-dir=/usr/share/mysql
 log_error=/var/log/mysql/error.log
-max_connections=200
-max_user_connections=30
-wait_timeout=30
-interactive_timeout=50
-long_query_time=5
+
+symbolic-links=0
+  
+skip-external-locking
+key_buffer_size = 16M
+max_allowed_packet = 16M
+table_open_cache = 64
+sort_buffer_size = 512K
+net_buffer_length = 8K
+read_buffer_size = 256K
+read_rnd_buffer_size = 512K
+myisam_sort_buffer_size = 8M
+
+#innodb_use_native_aio = 0
 innodb_file_per_table
 
+max_connections=70
+max_user_connections=30
+wait_timeout=10
+interactive_timeout=50
+long_query_time=5
+
 !includedir /etc/mysql/conf.d/

install/ubuntu/12.04/mysql/my-small.cnf

@@ -0,0 +1,40 @@
+[client]
+port=3306
+socket=/var/run/mysqld/mysqld.sock
+
+[mysqld_safe]
+socket=/var/run/mysqld/mysqld.sock
+
+[mysqld]
+user=mysql
+pid-file=/var/run/mysqld/mysqld.pid
+socket=/var/run/mysqld/mysqld.sock
+port=3306
+basedir=/usr
+datadir=/var/lib/mysql
+tmpdir=/tmp
+lc-messages-dir=/usr/share/mysql
+log_error=/var/log/mysql/error.log
+
+symbolic-links=0
+
+skip-external-locking
+key_buffer_size = 16K
+max_allowed_packet = 1M
+table_open_cache = 4
+sort_buffer_size = 64K
+read_buffer_size = 256K
+read_rnd_buffer_size = 256K
+net_buffer_length = 2K
+thread_stack = 240K
+
+#innodb_use_native_aio = 0
+innodb_file_per_table
+
+max_connections=30
+max_user_connections=20
+wait_timeout=10
+interactive_timeout=50
+long_query_time=5
+
+!includedir /etc/mysql/conf.d/

install/ubuntu/12.04/nginx/nginx.conf

@@ -1,5 +1,5 @@
 # Server globals
-user                    nginx;
+user                    www-data;
 worker_processes        2;
 error_log               /var/log/nginx/error.log;
 pid                     /var/run/nginx.pid;

install/ubuntu/12.04/nginx/phpmyadmin.inc

@@ -0,0 +1,15 @@
+location /phpmyadmin {
+    alias /usr/share/phpmyadmin/;
+
+    location ~ /(libraries|setup) {
+        return 404;
+    }
+
+    location ~ ^/phpmyadmin/(.*\.php)$ {
+        alias /usr/share/phpmyadmin/$1;
+        fastcgi_pass 127.0.0.1:9000;
+        fastcgi_index index.php;
+        include fastcgi_params;
+        fastcgi_param SCRIPT_FILENAME $request_filename;
+    }
+}

install/ubuntu/12.04/nginx/phppgadmin.inc

@@ -0,0 +1,11 @@
+location /phppgadmin {
+    alias /usr/share/phppgadmin/;
+
+    location ~ ^/phppgadmin/(.*\.php)$ {
+        alias /usr/share/phppgadmin/$1;
+        fastcgi_pass 127.0.0.1:9000;
+        fastcgi_index index.php;
+        include fastcgi_params;
+        fastcgi_param SCRIPT_FILENAME $request_filename;
+    }
+}

install/ubuntu/12.04/nginx/webmail.inc

@@ -0,0 +1,15 @@
+location /webmail {
+    alias /var/lib/roundcube/;
+
+    location ~ /(config|temp|logs) {
+        return 404;
+    }
+
+    location ~ ^/webmail/(.*\.php)$ {
+        alias /var/lib/roundcube/$1;
+        fastcgi_pass 127.0.0.1:9000;
+        fastcgi_index index.php;
+        include fastcgi_params;
+        fastcgi_param SCRIPT_FILENAME $request_filename;
+    }
+}

install/ubuntu/12.04/php5-fpm/www.conf

@@ -0,0 +1,10 @@
+[www]
+listen = 127.0.0.1:9000
+listen.allowed_clients = 127.0.0.1
+user = www-data
+group = www-data
+pm = dynamic
+pm.max_children = 50
+pm.start_servers = 5
+pm.min_spare_servers = 3
+pm.max_spare_servers = 35

install/ubuntu/12.04/pma/apache.conf

@@ -15,7 +15,7 @@ Alias /phpmyadmin /usr/share/phpmyadmin
 		php_admin_flag allow_url_fopen Off
 		php_value include_path .
 		php_admin_value upload_tmp_dir /var/lib/phpmyadmin/tmp
-		php_admin_value open_basedir /usr/share/phpmyadmin/:/etc/phpmyadmin/:/var/lib/phpmyadmin/:/usr/share/php/php-gettext:/usr/share/javascript:
+		php_admin_value open_basedir /usr/share/phpmyadmin/:/etc/phpmyadmin/:/var/lib/phpmyadmin/:/usr/share/php/php-gettext
 	</IfModule>
 
 </Directory>

install/ubuntu/12.04/proftpd/proftpd.conf

@@ -1,10 +1,14 @@
-LoadModule                      mod_vroot.c
 ServerName                      "FTP"
 ServerIdent                     on "FTP Server ready."
 ServerAdmin                     root@localhost
 DefaultServer                   on
-VRootEngine                     on
-DefaultRoot                     ~ !adm
+DefaultRoot                  ~ !adm
+
+<IfModule mod_vroot.c>
+    VRootEngine                 on
+    VRootAlias                  /etc/security/pam_env.conf etc/security/pam_env.conf
+</IfModule>
+
 AuthPAMConfig                   proftpd
 AuthOrder                       mod_auth_pam.c* mod_auth_unix.c
 UseReverseDNS                   off

install/ubuntu/12.04/roundcube/main.inc.php

@@ -175,6 +175,8 @@ $rcmail_config['smtp_timeout'] = 0;
 // ----------------------------------
 // SYSTEM
 // ----------------------------------
+include_once("/etc/roundcube/debian-db-roundcube.php");
+
 
 // THIS OPTION WILL ALLOW THE INSTALLER TO RUN AND CAN EXPOSE SENSITIVE CONFIG DATA.
 // ONLY ENABLE IT IF YOU'RE REALLY SURE WHAT YOU'RE DOING!
@@ -437,6 +439,7 @@ $rcmail_config['trash_mbox'] = 'Trash';
 // these folders will also be displayed with localized names
 // NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP)
 $rcmail_config['default_folders'] = array('INBOX', 'Drafts', 'Sent', 'Spam', 'Trash');
+$rcmail_config['default_imap_folders'] = array('INBOX', 'Drafts', 'Sent', 'Spam', 'Trash');
 
 // automatically create the above listed default folders on first login
 $rcmail_config['create_default_folders'] = true;

install/ubuntu/12.04/sudo/admin

@@ -1,3 +1,7 @@
 # Created by vesta installer
+Defaults env_keep="VESTA"
+Defaults:admin !syslog
+Defaults:admin !requiretty
+
 admin   ALL=(ALL)       ALL
 admin   ALL=NOPASSWD:/usr/local/vesta/bin/*

install/ubuntu/12.04/templates/dns/default.tpl

@@ -0,0 +1,9 @@
+ID='1' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns1%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='2' RECORD='@' TYPE='NS' PRIORITY='' VALUE='%ns2%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='3' RECORD='@' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='4' RECORD='mail' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='5' RECORD='www' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='6' RECORD='pop' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='7' RECORD='ftp' TYPE='A' PRIORITY='' VALUE='%ip%' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='8' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='mail.%domain%.' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='9' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"v=spf1 a mx ip4:%ip% ?all"' SUSPENDED='no' TIME='%time%' DATE='%date%'

install/ubuntu/12.04/templates/dns/gmail.tpl

@@ -11,4 +11,4 @@ ID='10' RECORD='@' TYPE='MX' PRIORITY='5' VALUE='ALT1.ASPMX.L.GOOGLE.COM.' SUSPE
 ID='11' RECORD='@' TYPE='MX' PRIORITY='5' VALUE='ALT2.ASPMX.L.GOOGLE.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%'
 ID='12' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='ASPMX2.GOOGLEMAIL.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%'
 ID='13' RECORD='@' TYPE='MX' PRIORITY='10' VALUE='ASPMX3.GOOGLEMAIL.COM.' SUSPENDED='no' TIME='%time%' DATE='%date%'
-ID='14' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"v=spf1 a ip4:%ip% include:_spf.google.com ?all"' SUSPENDED='no' TIME='%time%' DATE='%date%'
+ID='14' RECORD='@' TYPE='TXT' PRIORITY='' VALUE='"v=spf1 a mx ip4:%ip% ?all"' SUSPENDED='no' TIME='%time%' DATE='%date%'

install/ubuntu/12.04/templates/web/apache2/basedir.stpl

@@ -15,9 +15,7 @@
         AllowOverride All
         SSLRequireSSL
         Options +Includes -Indexes +ExecCGI
-        php_admin_value open_basedir %docroot%:%home%/%user%/tmp
-        php_admin_value upload_tmp_dir %home%/%user%/tmp
-        php_admin_value session.save_path %home%/%user%/tmp
+        php_admin_value open_basedir %docroot%
     </Directory>
     <Directory %home%/%user%/web/%domain%/stats>
         AllowOverride All
@@ -37,7 +35,7 @@
         AssignUserID %user% %group%
     </IfModule>
 
-    Include %home%/%user%/conf/web/s%web_system%.%domain%.conf*
+    IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf*
 
 </VirtualHost>
 

install/ubuntu/12.04/templates/web/apache2/basedir.tpl

@@ -14,9 +14,7 @@
     <Directory %docroot%>
         AllowOverride All
         Options +Includes -Indexes +ExecCGI
-        php_admin_value open_basedir %docroot%:%home%/%user%/tmp
-        php_admin_value upload_tmp_dir %home%/%user%/tmp
-        php_admin_value session.save_path %home%/%user%/tmp
+        php_admin_value open_basedir %docroot%
     </Directory>
     <Directory %home%/%user%/web/%domain%/stats>
         AllowOverride All
@@ -31,7 +29,7 @@
         AssignUserID %user% %group%
     </IfModule>
 
-    Include %home%/%user%/conf/web/%web_system%.%domain%.conf*
+    IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf*
 
 </VirtualHost>
 

install/ubuntu/12.04/templates/web/apache2/default.stpl

@@ -34,7 +34,7 @@
         AssignUserID %user% %group%
     </IfModule>
 
-    Include %home%/%user%/conf/web/s%web_system%.%domain%.conf*
+    IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf*
 
 </VirtualHost>
 

install/ubuntu/12.04/templates/web/apache2/default.tpl

@@ -28,7 +28,7 @@
         AssignUserID %user% %group%
     </IfModule>
 
-    Include %home%/%user%/conf/web/%web_system%.%domain%.conf*
+    IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf*
 
 </VirtualHost>
 

install/ubuntu/12.04/templates/web/apache2/hosting.stpl

@@ -43,7 +43,7 @@
         AssignUserID %user% %group%
     </IfModule>
 
-    Include %home%/%user%/conf/web/s%web_system%.%domain%.conf*
+    IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf*
 
 </VirtualHost>
 

install/ubuntu/12.04/templates/web/apache2/hosting.tpl

@@ -37,7 +37,7 @@
         AssignUserID %user% %group%
     </IfModule>
 
-    Include %home%/%user%/conf/web/%web_system%.%domain%.conf*
+    IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf*
 
 </VirtualHost>
 

install/ubuntu/12.04/templates/web/apache2/phpcgi.stpl

@@ -29,7 +29,7 @@
     SSLCertificateKeyFile %ssl_key%
     %ssl_ca_str%SSLCertificateChainFile %ssl_ca%
 
-    Include %home%/%user%/conf/web/s%web_system%.%domain%.conf*
+    IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf*
 
 </VirtualHost>
 

install/ubuntu/12.04/templates/web/apache2/phpcgi.tpl

@@ -22,7 +22,7 @@
     <Directory %home%/%user%/web/%domain%/stats>
         AllowOverride All
     </Directory>
-    Include %home%/%user%/conf/web/%web_system%.%domain%.conf*
+    IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf*
 
 </VirtualHost>
 

install/ubuntu/12.04/templates/web/apache2/phpfcgid.stpl

@@ -30,7 +30,7 @@
     SSLCertificateKeyFile %ssl_key%
     %ssl_ca_str%SSLCertificateChainFile %ssl_ca%
 
-    Include %home%/%user%/conf/web/s%web_system%.%domain%.conf*
+    IncludeOptional %home%/%user%/conf/web/s%web_system%.%domain%.conf*
 
 </VirtualHost>
 

install/ubuntu/12.04/templates/web/apache2/phpfcgid.tpl

@@ -22,7 +22,7 @@
     <Directory %home%/%user%/web/%domain%/stats>
         AllowOverride All
     </Directory>
-    Include %home%/%user%/conf/web/%web_system%.%domain%.conf*
+    IncludeOptional %home%/%user%/conf/web/%web_system%.%domain%.conf*
 
 </VirtualHost>
 

install/ubuntu/12.04/templates/web/nginx/caching.sh

@@ -0,0 +1,12 @@
+#!/bin/bash
+
+user=$1
+domain=$2
+ip=$3
+home=$4
+docroot=$5
+
+str="proxy_cache_path /var/cache/nginx/$domain levels=2"
+str="$str keys_zone=$domain:10m inactive=60m max_size=512m;"
+echo "$str" >> /etc/nginx/conf.d/01_caching_pool.conf
+

install/ubuntu/12.04/templates/web/nginx/caching.tpl

@@ -37,5 +37,5 @@ server {
     location ~ /\.hg/   {return 404;}
     location ~ /\.bzr/  {return 404;}
 
-    include %home%/%user%/web/conf/nginx.%domain%.conf*;
+    include %home%/%user%/conf/web/nginx.%domain%.conf*;
 }

install/ubuntu/12.04/templates/web/nginx/php5-fpm/cms_made_simple.stpl

@@ -0,0 +1,51 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location / {
+        try_files $uri $uri/ /index.php?page=$request_uri;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}

install/ubuntu/12.04/templates/web/nginx/php5-fpm/cms_made_simple.tpl

@@ -0,0 +1,47 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location / {
+        try_files $uri $uri/ /index.php?page=$request_uri;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}

install/ubuntu/12.04/templates/web/nginx/php5-fpm/codeigniter2.stpl

@@ -0,0 +1,56 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location / {
+        try_files $uri $uri/ /index.php;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location = /index.php {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            fastcgi_param  SCRIPT_FILENAME /var/www/html/ci$fastcgi_script_name;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    location ~ \.php$ {
+        return 444;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}

install/ubuntu/12.04/templates/web/nginx/php5-fpm/codeigniter2.tpl

@@ -0,0 +1,52 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location / {
+        try_files $uri $uri/ /index.php;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location = /index.php {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            fastcgi_param  SCRIPT_FILENAME /var/www/html/ci$fastcgi_script_name;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    location ~ \.php$ {
+        return 444;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}

install/ubuntu/12.04/templates/web/nginx/php5-fpm/codeigniter3.stpl

@@ -0,0 +1,51 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location / {
+        try_files $uri $uri/ /index.php;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}

install/ubuntu/12.04/templates/web/nginx/php5-fpm/codeigniter3.tpl

@@ -0,0 +1,47 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location / {
+        try_files $uri $uri/ /index.php;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}

install/ubuntu/12.04/templates/web/nginx/php5-fpm/datalife_engine.stpl

@@ -0,0 +1,122 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location / {
+        rewrite "^/page/([0-9]+)(/?)$" /index.php?cstart=$1 last;
+
+        rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&cstart=$5&news_name=$6&seourl=$6 last;
+        rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last;
+        rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/print:page,([0-9]+),(.*).html(/?)+$" /engine/print.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last;
+        rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_name=$4&seourl=$4 last;
+
+        rewrite "^/([^.]+)/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$4&news_page=$2&cstart=$3&seourl=$5&seocat=$1 last;
+        rewrite "^/([^.]+)/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$2&seourl=$4&seocat=$1 last;
+        rewrite "^/([^.]+)/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$2&newsid=$3&seourl=$4&seocat=$1 last;
+        rewrite "^/([^.]+)/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&seourl=$3&seocat=$1 last;
+
+        rewrite "^/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$1&cstart=$2&seourl=$4 last;
+        rewrite "^/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&news_page=$1&seourl=$3 last;
+        rewrite "^/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$1&newsid=$2&seourl=$3 last;
+        rewrite "^/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$1&seourl=$2 last;
+
+        rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2&day=$3 last;
+        rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&day=$3&cstart=$4 last;
+
+        rewrite "^/([0-9]{4})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2 last;
+        rewrite "^/([0-9]{4})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&cstart=$3 last;
+
+        rewrite "^/([0-9]{4})(/?)+$" /index.php?year=$1 last;
+        rewrite "^/([0-9]{4})/page/([0-9]+)(/?)+$" /index.php?year=$1&cstart=$2 last;
+
+        rewrite "^/tags/([^/]*)(/?)+$" /index.php?do=tags&tag=$1 last;
+        rewrite "^/tags/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=tags&tag=$1&cstart=$2 last;
+
+        rewrite "^/xfsearch/([^/]*)(/?)+$" /index.php?do=xfsearch&xf=$1 last;
+        rewrite "^/xfsearch/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=xfsearch&xf=$1&cstart=$2 last;
+
+        rewrite "^/user/([^/]*)/rss.xml$" /engine/rss.php?subaction=allnews&user=$1 last;
+        rewrite "^/user/([^/]*)(/?)+$" /index.php?subaction=userinfo&user=$1 last;
+        rewrite "^/user/([^/]*)/page/([0-9]+)(/?)+$" /index.php?subaction=userinfo&user=$1&cstart=$2 last;
+        rewrite "^/user/([^/]*)/news(/?)+$" /index.php?subaction=allnews&user=$1 last;
+        rewrite "^/user/([^/]*)/news/page/([0-9]+)(/?)+$" /index.php?subaction=allnews&user=$1&cstart=$2 last;
+        rewrite "^/user/([^/]*)/news/rss.xml(/?)+$" /engine/rss.php?subaction=allnews&user=$1 last;
+
+        rewrite "^/lastnews(/?)+$" /index.php?do=lastnews last;
+        rewrite "^/lastnews/page/([0-9]+)(/?)+$" /index.php?do=lastnews&cstart=$1 last;
+
+        rewrite "^/catalog/([^/]*)/rss.xml$" /engine/rss.php?catalog=$1 last;
+        rewrite "^/catalog/([^/]*)(/?)+$" /index.php?catalog=$1 last;
+        rewrite "^/catalog/([^/]*)/page/([0-9]+)(/?)+$" /index.php?catalog=$1&cstart=$2 last;
+
+        rewrite "^/newposts(/?)+$" /index.php?subaction=newposts last;
+        rewrite "^/newposts/page/([0-9]+)(/?)+$" /index.php?subaction=newposts&cstart=$1 last;
+
+        rewrite "^/favorites(/?)+$" /index.php?do=favorites last;
+        rewrite "^/favorites/page/([0-9]+)(/?)+$" /index.php?do=favorites&cstart=$1 last;
+
+        rewrite "^/rules.html$" /index.php?do=rules last;
+        rewrite "^/statistics.html$" /index.php?do=stats last;
+        rewrite "^/addnews.html$" /index.php?do=addnews last;
+        rewrite "^/rss.xml$" /engine/rss.php last;
+        rewrite "^/sitemap.xml$" /uploads/sitemap.xml last;
+
+        if (!-d $request_filename) {
+                rewrite "^/([^.]+)/page/([0-9]+)(/?)+$" /index.php?do=cat&category=$1&cstart=$2 last;
+                rewrite "^/([^.]+)/?$" /index.php?do=cat&category=$1 last;
+        }
+
+        if (!-f $request_filename) {
+                rewrite "^/([^.]+)/rss.xml$" /engine/rss.php?do=cat&category=$1 last;
+                rewrite "^/page,([0-9]+),([^/]+).html$" /index.php?do=static&page=$2&news_page=$1 last;
+                rewrite "^/print:([^/]+).html$" /engine/print.php?do=static&page=$1 last;
+        }
+
+        if (!-f $request_filename) {
+                rewrite "^/([^/]+).html$" /index.php?do=static&page=$1 last;
+        }
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}

install/ubuntu/12.04/templates/web/nginx/php5-fpm/datalife_engine.tpl

@@ -0,0 +1,118 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location / {
+        rewrite "^/page/([0-9]+)(/?)$" /index.php?cstart=$1 last;
+
+        rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&cstart=$5&news_name=$6&seourl=$6 last;
+        rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page,([0-9]+),(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last;
+        rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/print:page,([0-9]+),(.*).html(/?)+$" /engine/print.php?subaction=showfull&year=$1&month=$2&day=$3&news_page=$4&news_name=$5&seourl=$5 last;
+        rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/(.*).html(/?)+$" /index.php?subaction=showfull&year=$1&month=$2&day=$3&news_name=$4&seourl=$4 last;
+
+        rewrite "^/([^.]+)/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$4&news_page=$2&cstart=$3&seourl=$5&seocat=$1 last;
+        rewrite "^/([^.]+)/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$2&seourl=$4&seocat=$1 last;
+        rewrite "^/([^.]+)/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$2&newsid=$3&seourl=$4&seocat=$1 last;
+        rewrite "^/([^.]+)/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&seourl=$3&seocat=$1 last;
+
+        rewrite "^/page,([0-9]+),([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$3&news_page=$1&cstart=$2&seourl=$4 last;
+        rewrite "^/page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$2&news_page=$1&seourl=$3 last;
+        rewrite "^/print:page,([0-9]+),([0-9]+)-(.*).html(/?)+$" /engine/print.php?news_page=$1&newsid=$2&seourl=$3 last;
+        rewrite "^/([0-9]+)-(.*).html(/?)+$" /index.php?newsid=$1&seourl=$2 last;
+
+        rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2&day=$3 last;
+        rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&day=$3&cstart=$4 last;
+
+        rewrite "^/([0-9]{4})/([0-9]{2})(/?)+$" /index.php?year=$1&month=$2 last;
+        rewrite "^/([0-9]{4})/([0-9]{2})/page/([0-9]+)(/?)+$" /index.php?year=$1&month=$2&cstart=$3 last;
+
+        rewrite "^/([0-9]{4})(/?)+$" /index.php?year=$1 last;
+        rewrite "^/([0-9]{4})/page/([0-9]+)(/?)+$" /index.php?year=$1&cstart=$2 last;
+
+        rewrite "^/tags/([^/]*)(/?)+$" /index.php?do=tags&tag=$1 last;
+        rewrite "^/tags/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=tags&tag=$1&cstart=$2 last;
+
+        rewrite "^/xfsearch/([^/]*)(/?)+$" /index.php?do=xfsearch&xf=$1 last;
+        rewrite "^/xfsearch/([^/]*)/page/([0-9]+)(/?)+$" /index.php?do=xfsearch&xf=$1&cstart=$2 last;
+
+        rewrite "^/user/([^/]*)/rss.xml$" /engine/rss.php?subaction=allnews&user=$1 last;
+        rewrite "^/user/([^/]*)(/?)+$" /index.php?subaction=userinfo&user=$1 last;
+        rewrite "^/user/([^/]*)/page/([0-9]+)(/?)+$" /index.php?subaction=userinfo&user=$1&cstart=$2 last;
+        rewrite "^/user/([^/]*)/news(/?)+$" /index.php?subaction=allnews&user=$1 last;
+        rewrite "^/user/([^/]*)/news/page/([0-9]+)(/?)+$" /index.php?subaction=allnews&user=$1&cstart=$2 last;
+        rewrite "^/user/([^/]*)/news/rss.xml(/?)+$" /engine/rss.php?subaction=allnews&user=$1 last;
+
+        rewrite "^/lastnews(/?)+$" /index.php?do=lastnews last;
+        rewrite "^/lastnews/page/([0-9]+)(/?)+$" /index.php?do=lastnews&cstart=$1 last;
+
+        rewrite "^/catalog/([^/]*)/rss.xml$" /engine/rss.php?catalog=$1 last;
+        rewrite "^/catalog/([^/]*)(/?)+$" /index.php?catalog=$1 last;
+        rewrite "^/catalog/([^/]*)/page/([0-9]+)(/?)+$" /index.php?catalog=$1&cstart=$2 last;
+
+        rewrite "^/newposts(/?)+$" /index.php?subaction=newposts last;
+        rewrite "^/newposts/page/([0-9]+)(/?)+$" /index.php?subaction=newposts&cstart=$1 last;
+
+        rewrite "^/favorites(/?)+$" /index.php?do=favorites last;
+        rewrite "^/favorites/page/([0-9]+)(/?)+$" /index.php?do=favorites&cstart=$1 last;
+
+        rewrite "^/rules.html$" /index.php?do=rules last;
+        rewrite "^/statistics.html$" /index.php?do=stats last;
+        rewrite "^/addnews.html$" /index.php?do=addnews last;
+        rewrite "^/rss.xml$" /engine/rss.php last;
+        rewrite "^/sitemap.xml$" /uploads/sitemap.xml last;
+
+        if (!-d $request_filename) {
+                rewrite "^/([^.]+)/page/([0-9]+)(/?)+$" /index.php?do=cat&category=$1&cstart=$2 last;
+                rewrite "^/([^.]+)/?$" /index.php?do=cat&category=$1 last;
+        }
+
+        if (!-f $request_filename) {
+                rewrite "^/([^.]+)/rss.xml$" /engine/rss.php?do=cat&category=$1 last;
+                rewrite "^/page,([0-9]+),([^/]+).html$" /index.php?do=static&page=$2&news_page=$1 last;
+                rewrite "^/print:([^/]+).html$" /engine/print.php?do=static&page=$1 last;
+        }
+
+        if (!-f $request_filename) {
+                rewrite "^/([^/]+).html$" /index.php?do=static&page=$1 last;
+        }
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}

install/ubuntu/12.04/templates/web/nginx/php5-fpm/default.stpl

@@ -0,0 +1,50 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %sdocroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location / {
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/snginx.%domain%.conf*;
+}

install/ubuntu/12.04/templates/web/nginx/php5-fpm/default.tpl

@@ -0,0 +1,46 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location / {
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}

install/ubuntu/12.04/templates/web/nginx/php5-fpm/dokuwiki.stpl

@@ -0,0 +1,67 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location / {
+        index doku.php;
+        try_files $uri $uri/ @dokuwiki;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    location ^~ /lib/ {
+        expires 30d;
+    }
+
+    location ^~ /conf/ { return 403; }
+    location ^~ /data/ { return 403; }
+
+    location @dokuwiki {
+        rewrite ^/_media/(.*) /lib/exe/fetch.php?media=$1 last;
+        rewrite ^/_detail/(.*) /lib/exe/detail.php?media=$1 last;
+        rewrite ^/_export/([^/]+)/(.*) /doku.php?do=export_$1&id=$2 last;
+        rewrite ^/(.*) /doku.php?id=$1 last;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}

install/ubuntu/12.04/templates/web/nginx/php5-fpm/dokuwiki.tpl

@@ -0,0 +1,62 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location / {
+        index doku.php;
+        try_files $uri $uri/ @dokuwiki;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    location ^~ /lib/ {
+        expires 30d;
+    }
+
+    location ^~ /conf/ { return 403; }
+    location ^~ /data/ { return 403; }
+    location @dokuwiki {
+        rewrite ^/_media/(.*) /lib/exe/fetch.php?media=$1 last;
+        rewrite ^/_detail/(.*) /lib/exe/detail.php?media=$1 last;
+        rewrite ^/_export/([^/]+)/(.*) /doku.php?do=export_$1&id=$2 last;
+        rewrite ^/(.*) /doku.php?id=$1 last;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}

install/ubuntu/12.04/templates/web/nginx/php5-fpm/drupal.stpl

@@ -0,0 +1,101 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    location ~* \.(txt|log)$ {
+        allow 192.168.0.0/16;
+        deny all;
+    }
+
+    location ~ \..*/.*\.php$ {
+        return 403;
+    }
+
+    # No no for private
+    location ~ ^/sites/.*/private/ {
+        return 403;
+    }
+
+    # Block access to "hidden" files and directories whose names begin with a
+    # period. This includes directories used by version control systems such
+    # as Subversion or Git to store control files.
+    location ~ (^|/)\. {
+            return 403;
+        }
+
+    location / {
+        try_files $uri @rewrite;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            fastcgi_param SCRIPT_FILENAME $request_filename;
+            fastcgi_intercept_errors on;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    location @rewrite {
+        # You have 2 options here
+        # For D7 and above:
+        # Clean URLs are handled in drupal_environment_initialize().
+        rewrite ^ /index.php;
+
+        # For Drupal 6 and bwlow:
+        # Some modules enforce no slash (/) at the end of the URL
+        # Else this rewrite block wouldn't be needed (GlobalRedirect)
+        #rewrite ^/(.*)$ /index.php?q=$1;
+    }
+
+    location ~ ^/sites/.*/files/styles/ {
+        try_files $uri @rewrite;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}

install/ubuntu/12.04/templates/web/nginx/php5-fpm/drupal.tpl

@@ -0,0 +1,98 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    # Very rarely should these ever be accessed outside of your lan
+    location ~* \.(txt|log)$ {
+        allow 192.168.0.0/16;
+        deny all;
+    }
+
+    location ~ \..*/.*\.php$ {
+        return 403;
+        }
+
+    # No no for private
+    location ~ ^/sites/.*/private/ {
+        return 403;
+    }
+
+    # Block access to "hidden" files and directories whose names begin with a
+    # period. This includes directories used by version control systems such
+    # as Subversion or Git to store control files.
+    location ~ (^|/)\. {
+        return 403;
+    }
+
+    location / {
+        try_files $uri @rewrite;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            fastcgi_param SCRIPT_FILENAME $request_filename;
+            fastcgi_intercept_errors on;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    location @rewrite {
+        # You have 2 options here
+        # For D7 and above:
+        # Clean URLs are handled in drupal_environment_initialize().
+        rewrite ^ /index.php;
+
+        # For Drupal 6 and bwlow:
+        # Some modules enforce no slash (/) at the end of the URL
+        # Else this rewrite block wouldn't be needed (GlobalRedirect)
+        #rewrite ^/(.*)$ /index.php?q=$1;
+    }
+
+    location ~ ^/sites/.*/files/styles/ {
+        try_files $uri @rewrite;
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}

install/ubuntu/12.04/templates/web/nginx/php5-fpm/joomla.stpl

@@ -0,0 +1,58 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location / {
+        try_files $uri $uri/ /index.php?$args;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        # deny running scripts inside writable directories
+        location ~* /(images|cache|media|logs|tmp)/.*\.(php|pl|py|jsp|asp|sh|cgi)$ {
+            return 403;
+            error_page 403 /403_error.html;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}

install/ubuntu/12.04/templates/web/nginx/php5-fpm/joomla.tpl

@@ -0,0 +1,54 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location / {
+        try_files $uri $uri/ /index.php?$args;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+        }
+
+        # deny running scripts inside writable directories
+        location ~* /(images|cache|media|logs|tmp)/.*\.(php|pl|py|jsp|asp|sh|cgi)$ {
+            return 403;
+            error_page 403 /403_error.html;
+        }
+
+        location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return  404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}

install/ubuntu/12.04/templates/web/nginx/php5-fpm/owncloud.stpl

@@ -0,0 +1,80 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect;
+    rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect;
+    rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect;
+
+    error_page 403 = /core/templates/403.php;
+    error_page 404 = /core/templates/404.php;
+
+    location ~ ^/(?:\.htaccess|data|config|db_structure\.xml|README){
+        deny all;
+    }
+
+    location / {
+        # The following 2 rules are only needed with webfinger
+        rewrite ^/.well-known/host-meta /public.php?service=host-meta last;
+        rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last;
+        rewrite ^/.well-known/carddav /remote.php/carddav/ redirect;
+        rewrite ^/.well-known/caldav /remote.php/caldav/ redirect;
+        rewrite ^(/core/doc/[^\/]+/)$ $1/index.html;
+        try_files $uri $uri/ /index.php;
+
+        location ~ \.php(?:$|/) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            include         /etc/nginx/fastcgi_params;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_param PATH_INFO $fastcgi_path_info;
+            #fastcgi_param HTTPS on;
+            fastcgi_pass    %backend_lsnr%;
+        }
+    }
+
+    location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+        expires     max;
+        # Some basic cache-control for static files to be sent to the browser
+        add_header Pragma public;
+        add_header Cache-Control "public, must-revalidate, proxy-revalidate";
+    }
+
+    #error_page  403 /error/404.html;
+    #error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}

install/ubuntu/12.04/templates/web/nginx/php5-fpm/owncloud.tpl

@@ -0,0 +1,76 @@
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+            access_log off;
+    }
+
+    rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect;
+    rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect;
+    rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect;
+
+    error_page 403 = /core/templates/403.php;
+    error_page 404 = /core/templates/404.php;
+
+    location ~ ^/(?:\.htaccess|data|config|db_structure\.xml|README){
+        deny all;
+    }
+
+    location / {
+        # The following 2 rules are only needed with webfinger
+        rewrite ^/.well-known/host-meta /public.php?service=host-meta last;
+        rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last;
+        rewrite ^/.well-known/carddav /remote.php/carddav/ redirect;
+        rewrite ^/.well-known/caldav /remote.php/caldav/ redirect;
+        rewrite ^(/core/doc/[^\/]+/)$ $1/index.html;
+        try_files $uri $uri/ /index.php;
+
+        location ~ \.php(?:$|/) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            include         /etc/nginx/fastcgi_params;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_param PATH_INFO $fastcgi_path_info;
+            #fastcgi_param HTTPS on;
+            fastcgi_pass    %backend_lsnr%;
+        }
+    }
+
+    location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+        expires     max;
+        # Some basic cache-control for static files to be sent to the browser
+        add_header Pragma public;
+        add_header Cache-Control "public, must-revalidate, proxy-revalidate";
+    }
+
+    #error_page  403 /error/404.html;
+    #error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}

install/ubuntu/12.04/templates/web/nginx/php5-fpm/piwik.stpl

@@ -0,0 +1,68 @@
+server {
+    listen      %ip%:%web_ssl_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl         on;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+
+    location = /favicon.ico {
+        try_files /favicon.ico =204;
+    }
+
+    location / {
+        try_files $uri /index.php;
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            valid_referers none blocked %domain_idn% %alias_idn%;
+            if ($invalid_referer)  {
+                return 444;
+            }
+            expires     max;
+        }
+
+        location ~* ^/(?:index|piwik)\.php$ {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            if (!-f $document_root$fastcgi_script_name) {
+                return 404;
+            }
+
+            fastcgi_pass    %backend_lsnr%;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    # Any other attempt to access PHP files returns a 404.
+    location ~* ^.+\.php$ {
+        return 404; 
+    }
+
+    # Return a 404 for all text files.
+    location ~* ^/(?:README|LICENSE[^.]*|LEGALNOTICE)(?:\.txt)*$ {
+            return 404;
+        }
+
+    error_page  403 /error/404.html;
+    error_page  404 /error/404.html;
+    error_page  500 502 503 504 /error/50x.html;
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/nginx.%domain%.conf*;
+}