github/vesta
1
0
Fork 0
mirror of https://github.com/serghey-rodin/vesta.git synced 2025-08-21 05:44:07 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions

Compare commits

base: github:0.9.8-25
Branches Tags
github:master
github:vesta-2.0
github:feature/r-1.0.0.7
github:fix/edit-server
github:feature/reset-mail
github:release/1.0.0-6-api
github:release/1.0.0-6-ui
github:feature/responsive-design
github:feature/disk-percentage-values
github:feature/static-media
github:feature/api-enhancements
github:feature/improved-panel-and-fm
github:Skamasle-patch-10
github:feature/improved-le-and-csr
github:feature/restart-system
github:feature/improved-web-and-server
github:feature/improved-react-ui
github:feature/updated-api-responses
github:feature/react-ui-and-api
github:feature/new-api-interface
github:feature/new-react-ui
github:release/react-integration
github:react-integration
github:Skamasle-patch-9
github:Skamasle-patch-8
github:react-fm
github:dpeca-patch-2
github:Skamasle-patch-7
github:Skamasle-patch-6
github:Skamasle-patch-5
github:Skamasle-patch-4
github:Skamasle-patch-3
github:madeITBelgium-patch-5
github:madeITBelgium-patch-4
github:Skamasle-patch-2
github:dpeca-patch-exim-3
github:dpeca-patch-exim-2
github:dpeca-patch-exim-1
github:Skamasle-patch-1
github:madeITBelgium-patch-1462
github:dpeca-patch-1
github:revert-1323-permissions
github:madeITBelgium-patch-3
github:madeITBelgium-patch-1
github:madeITBelgium-patch-2
github:revert-1065-patch-12
github:madeITBelgium-patch-fix-xxd
github:SysVoid-patch-1
github:revert-516-fix-sec-osci
github:js-stuff
github:0.9.8-9
github:0.9.7
github:0.9.6
github:0.9.5
github:0.9.4
github:1.0.0-5
github:1.0.0-4
github:1.0.0-3
github:0.9.8-27
github:0.9.8-25
github:0.9.8-24
github:0.9.8-23
github:0.9.8-21
github:0.9.8-20
github:0.9.8-19
github:0.9.8-18
github:0.9.8-17
github:0.9.8-16
github:0.9.8-15
github:0.9.8-13
github:0.9.8-12
github:0.9.8-11
github:0.9.8-10
..
compare: github:master
Branches Tags
github:master
github:vesta-2.0
github:feature/r-1.0.0.7
github:fix/edit-server
github:feature/reset-mail
github:release/1.0.0-6-api
github:release/1.0.0-6-ui
github:feature/responsive-design
github:feature/disk-percentage-values
github:feature/static-media
github:feature/api-enhancements
github:feature/improved-panel-and-fm
github:Skamasle-patch-10
github:feature/improved-le-and-csr
github:feature/restart-system
github:feature/improved-web-and-server
github:feature/improved-react-ui
github:feature/updated-api-responses
github:feature/react-ui-and-api
github:feature/new-api-interface
github:feature/new-react-ui
github:release/react-integration
github:react-integration
github:Skamasle-patch-9
github:Skamasle-patch-8
github:react-fm
github:dpeca-patch-2
github:Skamasle-patch-7
github:Skamasle-patch-6
github:Skamasle-patch-5
github:Skamasle-patch-4
github:Skamasle-patch-3
github:madeITBelgium-patch-5
github:madeITBelgium-patch-4
github:Skamasle-patch-2
github:dpeca-patch-exim-3
github:dpeca-patch-exim-2
github:dpeca-patch-exim-1
github:Skamasle-patch-1
github:madeITBelgium-patch-1462
github:dpeca-patch-1
github:revert-1323-permissions
github:madeITBelgium-patch-3
github:madeITBelgium-patch-1
github:madeITBelgium-patch-2
github:revert-1065-patch-12
github:madeITBelgium-patch-fix-xxd
github:SysVoid-patch-1
github:revert-516-fix-sec-osci
github:js-stuff
github:0.9.8-9
github:0.9.7
github:0.9.6
github:0.9.5
github:0.9.4
github:1.0.0-5
github:1.0.0-4
github:1.0.0-3
github:0.9.8-27
github:0.9.8-25
github:0.9.8-24
github:0.9.8-23
github:0.9.8-21
github:0.9.8-20
github:0.9.8-19
github:0.9.8-18
github:0.9.8-17
github:0.9.8-16
github:0.9.8-15
github:0.9.8-13
github:0.9.8-12
github:0.9.8-11
github:0.9.8-10

304 commits
0.9.8-25 ... master

Author SHA1 Message Date
Rafael G. Martins
873693b2ed
 		Merge pull request #2302 from pdapnz/fix_bug_url_parsing 
fix bug https://github.com/outroll/vesta/issues/2301
 2025-04-25 13:41:17 +10:00
Rafael G. Martins
2a91899846
 		Update README.md to use HTTPS 
Updating readme as new Vesta server requires HTTPS, otherwise installers get a 301 redirect.
 2024-07-02 13:34:58 +10:00
pdapnz
2a6852b805
 		fix bug https://github.com/outroll/vesta/issues/2301 2024-04-18 12:52:49 +03:00
Rafael G. Martins
f978badd95
 		Add community notice to readme 2024-02-26 13:42:55 +11:00
Anton Reutov
73d60c4591
 		Merge pull request #2271 from makss/fix/sys_temp_dir 
Added sys_temp_dir to all apache/php-fpm configs
 2022-12-08 13:41:08 +03:00
Anton Reutov
93f4b6c182
 		Merge pull request #2272 from makss/fix/lang_ru 
Fix lang file: Remove duplicate line
 2022-12-08 12:54:44 +03:00
makss
343a877f06 Remove duplicate line 2022-12-08 04:11:11 +02:00
makss
1d7978ae2c fix align 2022-12-08 02:35:36 +02:00
makss
762d7586e0 Added sys_temp_dir for php-fpm 2022-12-08 02:22:23 +02:00
makss
564af6aa2d Added sys_temp_dir for pma 2022-12-08 02:13:23 +02:00
makss
8f6ac637d8 Added sys_temp_dir in all apache2 templates 2022-12-08 02:03:15 +02:00
Anton Reutov
e6df9a65a2
 		1.0.0-7 2022-10-11 22:49:28 +03:00
Anton Reutov
ffd180b4f7
 		1.0.0-7 2022-10-11 22:47:22 +03:00
Anton Reutov
371cc02eda
 		1.0.0-7 2022-10-11 22:44:36 +03:00
Anton Reutov
94d60267a8
 		Merge pull request #2268 from serghey-rodin/feature/r-1.0.0.7 
Release UI 1.0.0.7
 2022-10-11 10:59:25 +03:00
Alexander
c053bb4c1c Fixed FM event listeners. 2022-10-10 20:21:54 +03:00
Alexander
4c78719897 Release UI 1.0.0.7 2022-10-04 22:32:09 +03:00
Anton Reutov
765a67a6eb
 		Merge pull request #2267 from akbarali1/master 
Update Lang uz.php
 2022-09-29 17:47:46 +03:00
Akbarali
99cb78ce81
 		Merge branch 'serghey-rodin:master' into master 2022-09-29 19:26:17 +05:00
Akbarali
56c66fdef0 Update uz.php 2022-09-29 19:23:21 +05:00
Anton Reutov
a2ebd2efdc
 		Merge pull request #2266 from akbarali1/master 
Added Uzbek language
 2022-09-28 14:53:21 +03:00
Akbarali
c28f745069 adding uzbek lang 2022-09-28 10:34:48 +05:00
Anton Reutov
1a37b33eb2
 		Choose php version 2022-09-15 21:01:39 +03:00
Anton Reutov
ee48d9a406
 		Merge pull request #2253 from kingofkya/master 
Add a templet for freescout helpdesk software
 2022-07-29 12:30:09 +03:00
Anton Reutov
b4dab88694
 		Merge pull request #2257 from serghey-rodin/fix/edit-server 
Fixed incorrect mail url in response.
 2022-07-29 12:29:30 +03:00
Anton Reutov
51e468c22f
 		Merge pull request #2258 from divinity76/patch-5 
fix xss / GH-2252
 2022-07-27 13:46:51 +03:00
divinity76
7c4e9bad7d
 		JSON not JS brainfart 2022-07-23 09:29:12 +02:00
divinity76
0682f7b10c
 		fix xss / GH-2252 
ref https://github.com/serghey-rodin/vesta/issues/2252
 2022-07-23 09:26:16 +02:00
Alexander
1ce9ec299c Fixed incorrect mail url in response. 2022-07-21 22:11:36 +03:00
Anton Reutov
e527827174
 		Merge pull request #2256 from serghey-rodin/feature/reset-mail 
Added mail reset in API
 2022-07-19 21:43:29 +03:00
Alexander
6714e1d35d Added mail reset in API 2022-07-19 20:02:53 +03:00
Anton Reutov
d386c3598c
 		Fix for Sed Injection Vulnerability 
Thanks to @hestiacp and @jaapmarcus for fix.
 2022-07-18 13:08:50 +03:00
Anton Reutov
39561c32c1
 		Fix for Sed Injection Vulnerability 
Thanks to @hestiacp and @jaapmarcus for fix.
 2022-07-18 13:06:39 +03:00
Travis Kneale
8bc587db41
 		freescout templetes 
Add config for https://freescout.net/
 2022-06-13 22:57:15 -07:00
Travis Kneale
da853d78cb
 		freescout templete 
Add config for https://freescout.net/
 2022-06-13 22:56:08 -07:00
Anton Reutov
956bc6697c
 		1.0.0-6 2022-02-24 12:00:41 +03:00
Anton
8efaf5fe93 react build 1.0.0.6 2022-02-23 18:49:31 +03:00
Anton Reutov
0b95fc283e
 		1.0.0-6 2022-01-16 03:23:18 +03:00
Anton Reutov
969dc68561
 		1.0.0-6 2022-01-16 03:22:32 +03:00
Alexander Osinskii
653348242f
 		Merge pull request #2220 from serghey-rodin/release/1.0.0-6-ui 
UI 1.0.0-6 release.
 2021-12-30 22:02:52 +00:00
Alexander Osinskii
64ddc9cfe8
 		Merge pull request #2221 from serghey-rodin/release/1.0.0-6-api 
API 1.0.0-6 release.
 2021-12-30 22:02:37 +00:00
Alexander
b7bdfd2d87 API 1.0.0-6 release. 2021-12-30 21:58:29 +00:00
Alexander
0420ecc0e6 UI 1.0.0-6 release. 2021-12-30 21:53:38 +00:00
Anton Reutov
22f3dd11e2
 		Merge pull request #2203 from devius/master 
Fix existing translations for Georgian Language.
 2021-12-03 13:34:32 +03:00
devius
df5962fc2e fix minor typos. 2021-12-03 04:01:14 +04:00
devius
c863a592a5 Fix existing strings and add new ones missing. 2021-12-03 03:59:46 +04:00
Serghey Rodin
067d43b418 react build 1.0.0.5 2021-11-23 00:45:37 +02:00
Alexander Osinskii
2f3041bf05
 		Merge pull request #2185 from serghey-rodin/feature/responsive-design 
Added new responsive design features.
 2021-11-22 23:45:51 +02:00
Alexander Osinskii
5dc474846b
 		Merge pull request #2184 from serghey-rodin/feature/disk-percentage-values 
Added disk and bandwidth percentage values to the session response.
 2021-11-22 23:45:44 +02:00
Alexander
4871bd1326 Removed desktop toolbar scrollbar. 2021-11-22 23:44:41 +02:00
Alexander
7ebcab3cbf Added new responsive design features. 2021-11-22 23:18:15 +02:00
Alexander
cae9a1550d Added disk and bandwidth percentage values to the session response. 2021-11-22 23:14:32 +02:00
Anton Reutov
7d317c4fe8
 		1.0.0-5 2021-11-22 02:57:10 +03:00
Anton Reutov
84bc07d8f1
 		1.0.0-5 2021-11-22 00:33:21 +03:00
Anton Reutov
97f558465e
 		Avoiding error if unzip destination exists 2021-11-21 21:18:47 +03:00
Serghey Rodin
f8936c6847
 		Merge pull request #2182 from misterV12/patch-1 
Dont match wildcard "*domains" and "databases*" while restoring
 2021-11-20 17:35:36 +02:00
misterV12
1dee07c3f1
 		Dont match wildcard "*domains" and "databases*" while restoring 2021-11-20 15:41:22 +01:00
Anton Reutov
2e7083668c Set correct quotation marks 2021-11-13 16:59:39 +03:00
Anton Reutov
bf65cae7f9
 		Fix for "chmod: changing permissions" 2021-11-13 11:42:53 +03:00
Anton Reutov
c7bef6bf33
 		1.0.0-5 2021-11-09 20:37:32 +03:00
Anton Reutov
bb4fc4c47d
 		1.0.0-5 2021-11-09 20:35:32 +03:00
Anton Reutov
e2e3d1d113
 		Merge pull request #1663 from serghey-rodin/dpeca-patch-exim-1 
Tell Exim to not to deny emails if ClamAV is unavailable or busy
 2021-11-07 01:03:38 +03:00
Anton Reutov
bdf140d3c9
 		Merge pull request #1665 from serghey-rodin/dpeca-patch-exim-3 
Block .jar extension in email attachments in Exim
 2021-11-07 00:55:15 +03:00
Alexander Osinskii
f53183cb7f
 		Merge pull request #2147 from serghey-rodin/feature/static-media 
Removed unused static media.
 2021-11-06 18:29:17 +02:00
Alexander Osinskii
1c46ce5cf7
 		Merge pull request #2146 from serghey-rodin/feature/api-enhancements 
Added few auxiliary values from user session. Improved user, web and …
 2021-11-06 18:29:06 +02:00
Alexander Osinskii
89b3328a0d
 		Merge pull request #2145 from serghey-rodin/feature/improved-panel-and-fm 
FM progress bar while uploading. Minor CPanel improvements as well as…
 2021-11-06 18:28:50 +02:00
Alexander
0c656b0c20 Removed unused static media. 2021-11-06 17:51:56 +02:00
Alexander
c308a42d2f Added few auxiliary values from user session. Improved user, web and server api endpoints. 2021-11-06 17:50:50 +02:00
Alexander
5b2c180d86 FM progress bar while uploading. Minor CPanel improvements as well as performance. 2021-11-06 17:47:44 +02:00
dpeca
eb5a045252
 		Hot fix for CentOS 6 for "systemctl" 
Because I made this issue :)
 2021-11-04 13:59:10 +01:00
Serghey Rodin
09e87f4af6 set rel date: Mon Nov 1 2021 2021-11-02 00:14:47 +02:00
Serghey Rodin
8ec606d5f6 fix dates in rpm history definition 2021-11-01 23:49:52 +02:00
Serghey Rodin
354bacf1f3 Merge branch 'master' of github.com:serghey-rodin/vesta 2021-11-01 23:43:46 +02:00
Serghey Rodin
c5612c827a update static react build 2021-11-01 23:41:59 +02:00
Serghey Rodin
a60b158049
 		Merge pull request #2129 from serghey-rodin/Skamasle-patch-10 
NGINX wont start in debian 9
 2021-11-01 23:38:45 +02:00
Serghey Rodin
790cd631a6 1.0.0-4 2021-11-01 23:38:15 +02:00
Serghey Rodin
32a6be9adf
 		Merge pull request #2128 from serghey-rodin/feature/improved-le-and-csr 
Improved LE support and CSR is now generted in modal window with cert…
 2021-11-01 23:33:35 +02:00
Maksim Usmanov | Maks
51a95b9d72
 		NGINX wont start in debian 9 2021-11-01 22:31:26 +01:00
Alexander
62d9652437 Improved LE support and CSR is now generted in modal window with cert prepopulating feature. 2021-11-01 23:29:05 +02:00
Anton Reutov
8f8dbd5b25
 		Update nginx.conf 2021-11-02 00:24:51 +03:00
Anton Reutov
60f75bc739
 		Update nginx.conf 2021-11-02 00:22:48 +03:00
Anton Reutov
fc2403dc2f
 		Update nginx.conf 2021-11-02 00:16:17 +03:00
Serghey Rodin
ddee8801a4
 		Merge pull request #2112 from serghey-rodin/feature/restart-system 
Added system reboot endpoint.
 2021-11-01 00:24:55 +02:00
Serghey Rodin
52a5425a94
 		Merge pull request #2111 from serghey-rodin/feature/improved-web-and-server 
Improved server sys tab and web backend template.
 2021-11-01 00:24:11 +02:00
Alexander
85ee500306 Added system reboot endpoint. 2021-11-01 00:22:15 +02:00
Serghey Rodin
85fb81f6d2 fix WEB_BACKEND/PROXY_SYSTEM switch 2021-11-01 00:17:22 +02:00
Alexander
f012520f0e Improved server sys tab and web backend template. 2021-11-01 00:16:35 +02:00
Serghey Rodin
96124cca25 add missing static files 2021-10-31 23:50:23 +02:00
Serghey Rodin
185f70651e 1.0.0-3 2021-10-31 23:46:12 +02:00
Serghey Rodin
612b8cbfc0 latest UI build 2021-10-31 23:43:14 +02:00
Serghey Rodin
d67ea881fc
 		Merge pull request #2109 from serghey-rodin/feature/improved-react-ui 
Improved new react ui and added view for CSR generation.
 2021-10-31 23:32:13 +02:00
Serghey Rodin
604f1948e4
 		Merge pull request #2108 from serghey-rodin/feature/updated-api-responses 
Updated and improved API respones.
 2021-10-31 23:31:37 +02:00
Alexander
e66ec829f7 Improved new react ui and added view for CSR generation. 2021-10-31 23:27:00 +02:00
Serghey Rodin
334ee00d25
 		Merge pull request #2090 from mix5003/exclude-react-build 
exclude react build tool from git
 2021-10-31 23:25:35 +02:00
Alexander
859e65647f Updated and improved API respones. 2021-10-31 23:24:42 +02:00
Serghey Rodin
387e6c8e0a revert back react handler 2021-10-31 21:46:06 +02:00
mix5003
ec355d8137 exclude react build 2021-10-31 16:59:51 +07:00
Serghey Rodin
b543c0c2f3 partially revert pr changes 2021-10-30 22:51:04 +03:00
Serghey Rodin
ed94787cd0
 		Merge pull request #2078 from mix5003/fix-v-ssl 
Fix Edit Web page error
 2021-10-30 22:49:13 +03:00
Serghey Rodin
5f86fab58b add backup validation for scheduled restore 2021-10-30 22:26:42 +03:00
mix5003
335fd746db fix ca name 2021-10-30 21:54:23 +07:00
mix5003
43a6fc23ef fix can not save proxy template 2021-10-30 21:28:08 +07:00
mix5003
57401060c8 fix can not edit proxy template 2021-10-30 21:05:45 +07:00
mix5003
b539119ead fix incorrect field name 2021-10-30 20:41:31 +07:00
Serghey Rodin
2c79b0874b hotfix: update package name condition 2021-10-30 16:39:10 +03:00
mix5003
fabe2f1ec7 fix incorrect v_ssl field name 2021-10-30 20:22:55 +07:00
Anton Reutov
06a97a5551
 		Merge pull request #2074 from mix5003/fix-fi 
fix incorrect open if
 2021-10-30 16:02:27 +03:00
Serghey Rodin
b0bcc43154 add %global debug_package %{nil} in vesta-softaculous spec 2021-10-30 13:46:50 +03:00
Serghey Rodin
b8083e008d add %global debug_package %{nil} in vesta-ioncube spec 2021-10-30 13:28:07 +03:00
Serghey Rodin
539a926026 add %global debug_package %{nil} 2021-10-30 12:36:39 +03:00
mix5003
1738423829 fix fi 2021-10-30 08:56:54 +07:00
Serghey Rodin
474257fd72 add ZEND_EXTRA_LIBS='-lresolv' 2021-10-29 18:39:08 +03:00
Serghey Rodin
8f10e5f94d add zip support for built-in php 2021-10-29 16:45:28 +03:00
Serghey Rodin
6e4c59ab0d update notifications 2021-10-29 14:37:29 +03:00
Serghey Rodin
781933ea48 new vesta logo 2021-10-29 13:55:35 +03:00
Serghey Rodin
a7c5714d85
 		Merge pull request #2073 from serghey-rodin/feature/react-ui-and-api 
Feature/react UI and api
 2021-10-29 13:46:52 +03:00
Alexander
1ab9e12f2c Updated react ui. 2021-10-29 13:07:10 +03:00
Alexander
0bb63b01c4 Removed server side pages rendering. 2021-10-29 13:02:40 +03:00
Serghey Rodin
be834ddd17 add react static build 2021-10-29 11:30:04 +03:00
Serghey Rodin
93e9fe9f99 disable old php api 2021-10-29 11:29:30 +03:00
Serghey Rodin
08513755b2 move react sources to src dir 2021-10-29 10:38:02 +03:00
Serghey Rodin
8e97eb2dad improved package check 2021-10-29 10:33:52 +03:00
Serghey Rodin
926376295a delete clamd.scan index.php 2021-10-28 23:30:21 +03:00
Serghey Rodin
718e458fc9 Merge branch 'master' of github.com:serghey-rodin/vesta 2021-10-28 23:29:24 +03:00
Serghey Rodin
dbbbe94d8f set version to 1.0.0 2021-10-28 23:28:57 +03:00
Serghey Rodin
bfc94fbd10 added dns record and user search 2021-10-28 23:22:31 +03:00
Serghey Rodin
fb9d3fddb0
 		Merge pull request #1988 from serghey-rodin/Skamasle-patch-9 
Fix reset password from CLI / roundcube
 2021-10-28 23:13:05 +03:00
Serghey Rodin
5f0856f1c4
 		Merge pull request #1975 from Daniyal-Javani/fix-ftp-restore-path 
Fix ftp restore path
 2021-10-28 23:09:26 +03:00
Serghey Rodin
70748e302e
 		Merge pull request #1798 from cmstew/cmstew-amazon-linux-clamd-patch 
cmstew amazon linux clamd patch
 2021-10-28 23:07:04 +03:00
Serghey Rodin
7444a6b0a9
 		Merge pull request #1791 from henri-hulski/backend_port 
Increment backend port also when commented
 2021-10-28 23:01:19 +03:00
Serghey Rodin
638ef7de51
 		Merge pull request #2040 from AiratHalitov/mem-rrd-patch 
Update v-update-sys-rrd-mem
 2021-10-28 22:56:40 +03:00
Serghey Rodin
3431bbbd8f
 		Merge pull request #2069 from lotarbo/patch-1 
refactor: drop TLSv1.1 support in rhel 7
 2021-10-28 22:53:56 +03:00
Serghey Rodin
f832525f65
 		Merge pull request #2071 from serghey-rodin/feature/new-react-ui 
Updated react UI and UX part.
 2021-10-28 22:52:55 +03:00
Serghey Rodin
350c6fc9c9
 		Merge pull request #2072 from serghey-rodin/feature/new-api-interface 
Integrated new api interface.
 2021-10-28 22:52:47 +03:00
Alexander
2ecb3a10ac Fixed cron autoupdates and firewall banlist. 2021-10-28 22:51:42 +03:00
Alexander
7540c9881d Fixed Packages, Firewall and Server tabs. 2021-10-28 22:36:05 +03:00
Alexander
b7cf917141 Fixed bulk actions and few minor UX bugs. 2021-10-28 11:01:06 +03:00
Alexander
2a12fec5ea Updated services and fixed minor bugs. 2021-10-28 10:55:00 +03:00
Alexander
4306a4fb4f Integrated new api interface. 2021-10-27 11:20:24 +03:00
Alexander
91e7d9ff4a Updated react UI and UX part. 2021-10-27 11:13:28 +03:00
Anton Reutov
4a9bfc94ad
 		Merge pull request #2068 from jaapmarcus/vesta-ioncube-missing 
Vesta-ioncube is missing
 2021-10-23 13:47:27 +03:00
Serghey Rodin
c520eb283a
 		Merge pull request #2070 from serghey-rodin/release/react-integration 
React integration ready for v1.0.0 release.
 2021-10-22 17:57:08 +03:00
Alexander
095e2e9e4a React integration ready for v1.0.0 release. 2021-10-22 17:55:25 +03:00
Bogdan Lotarev
bfe31a82df refactor: drop TLSv1.1 support in rhel 7 2021-10-19 20:05:16 +03:00
Serghey Rodin
67f2ad0c99
 		Merge pull request #2067 from serghey-rodin/react-integration 
React js integration with vesta control panel.
 2021-10-14 14:49:30 +03:00
Jaap Marcus
b6e7c18e29
 		Vesta-ioncube is missing 
Added check for vesta-ioncube
 2021-10-13 11:52:52 +02:00
Alexander
c12c21ec8b React js integration with vesta control panel. 2021-10-12 21:36:52 +03:00
Serghey Rodin
4c6dd0d719
 		Merge pull request #2063 from graileanu/fix-poweredby 
Vestacp.com link by https & solve wording confusion causing people to send abuse requests
 2021-10-07 20:42:37 +03:00
Grigore Raileanu
382732f87f Replaced http by https & changed wording 2021-09-23 17:56:05 +03:00
Anton Reutov
1308b508ff SSL for hostname 2021-08-26 21:37:11 +03:00
Anton Reutov
4feb62c4c8 SSL for hostname 2021-08-26 21:36:15 +03:00
Anton Reutov
404b405656 SSL for hostname 2021-08-26 21:35:12 +03:00
Anton Reutov
1ed1505169 SSL for hostname 2021-08-26 21:33:46 +03:00
Anton Reutov
aab2b4d31d Change default vesta port 2021-08-26 18:54:16 +03:00
Anton Reutov
3f5246b144 Change default vesta port 2021-08-26 18:47:53 +03:00
Anton Reutov
1ba4238b84 Update vst-install-debian.sh 2021-08-26 18:45:15 +03:00
Anton Reutov
47dab17c48 Change default vesta port 2021-08-26 12:53:11 +03:00
Anton Reutov
6b7dc97731 Change default vesta port 2021-08-25 23:03:07 +03:00
Anton Reutov
960e3a20df GUI Change default vesta port 2021-08-24 17:33:24 +03:00
Anton Reutov
7a6dc72f29 GUI Change default vesta port 2021-08-24 17:28:47 +03:00
Anton Reutov
402a69049c
 		Merge pull request #1790 from molny/master 
Check missing 'gnupg' package on latest fresh Ubuntu versions
 2021-08-23 18:02:13 +03:00
Anton Reutov
450fa0d7d0
 		Update vst-install-ubuntu.sh 2021-08-23 18:01:15 +03:00
Anton Reutov
6225820910
 		Fix for "Broken or Risky Cryptographic Algorithm" 
Fix for reflected XSS vulnerability, found by Brian Semrau
 2021-08-16 14:59:41 +03:00
Anton Reutov
2fc0dc34fe
 		Fix for "Broken or Risky Cryptographic Algorithm" 2021-08-16 14:56:37 +03:00
Anton Reutov
6fdfef4e88
 		Fix for possible file inclusion vulnerability in i18n.php 2021-08-16 12:36:08 +03:00
Anton Reutov
df9377519e
 		Merge pull request #1785 from JOduMonT/master 
add nginx template for invoice ninja
 2021-08-14 23:23:08 +03:00
Anton Reutov
e01adf78f8
 		Added ''LE SSL for hostname'' to section about the software being installed 2021-08-14 20:04:21 +03:00
Anton Reutov
a6884ad898
 		Added ''LE SSL for hostname'' to section about the software being installed 2021-08-14 20:01:30 +03:00
Anton Reutov
3a0bcfea66
 		Added ''LE SSL for hostname'' to section about the software being installed 2021-08-14 19:59:19 +03:00
Anton Reutov
cc2d60bf05
 		Added ''LE SSL for hostname'' to section about the software being installed 2021-08-14 19:57:06 +03:00
Anton Reutov
b4ec733dcc
 		Installing gnupg 2021-08-13 21:47:09 +03:00
Anton Reutov
14a9fa4f8b
 		Merge pull request #1799 from cmstew/auto-hostname-ssl 
Setting lets encrypt hostname ssl auto-renewal during install
 2021-08-13 21:09:20 +03:00
Anton Reutov
0403b0c4a3
 		fix backend_template for nginx 2021-08-12 20:03:19 +03:00
Anton Reutov
b1ca176d44
 		fix backend_template for nginx 2021-08-12 20:01:41 +03:00
Anton Reutov
d0e9395c9f
 		fix backend_template for nginx 2021-08-12 20:00:44 +03:00
Anton Reutov
4affb916ef
 		Merge pull request #1826 from webkmua/fix-package-backend 
fix backend_template save after package change
 2021-08-12 19:52:49 +03:00
Anton Reutov
9aeef63ff4
 		Merge pull request #1987 from clarkchentw/clarkchentw-patch-1 
Fix curl call
 2021-08-09 21:49:05 +03:00
Anton Reutov
a6cb9df163
 		TLS 1.0 drop & TLS 1.3 addition #1643 2021-08-05 19:29:37 +03:00
Anton Reutov
d20a682c1d
 		TLS 1.0 drop & TLS 1.3 addition #1643 2021-08-05 19:12:11 +03:00
Anton Reutov
6aaf189547
 		TLS 1.0 drop & TLS 1.3 addition #1643 2021-08-05 18:58:36 +03:00
Anton Reutov
cc97aeef02
 		Merge pull request #1643 from ioannidesalex/patch-62 
TLS 1.0 drop & TLS 1.3 addition
 2021-08-05 18:56:58 +03:00
Anton Reutov
10a59574d7
 		Merge pull request #1913 from kgrzelak/patch-1 
Update v-list-web-domain-ssl
 2021-08-04 22:01:56 +03:00
Anton Reutov
9f26aa785e
 		Merge pull request #1907 from AltiUP/patch-1 
Update v-add-web-domain-ftp
 2021-08-04 18:33:54 +03:00
Anton Reutov
29bdd18e95
 		Merge pull request #1949 from NIKTONIKTO717/patch-2 
Update vst-install-rhel.sh
 2021-08-03 17:04:41 +03:00
Anton Reutov
88e54a8671
 		sed nginx no #2009 2021-08-02 16:18:48 +03:00
Anton Reutov
f3872ada4a
 		sed nginx no #2009 2021-08-02 16:15:43 +03:00
Anton Reutov
06ff183f21
 		sed nginx no 2021-08-02 16:11:10 +03:00
Anton Reutov
b0f65509e0
 		Merge pull request #1978 from olympy/fix-renew-ssl-on-domain-match 
Fix issue #1977 / Letsencrypt ssl certificate update fails
 2021-08-02 14:26:46 +03:00
Anton Reutov
78133f35aa
 		Update vsftpd.conf to support TLS connections 2021-08-01 15:23:41 +03:00
Anton Reutov
350a19edb1
 		Merge pull request #2017 from dynanode/patch-3 
Update vsftpd.conf to support TLS connections
 2021-08-01 15:21:32 +03:00
Anton Reutov
98fd0827be
 		Merge pull request #1993 from BorysVrublevskyi/cs-cart_template 
cs-cart template for nginx php-fpm ubuntu 18.04
 2021-07-30 16:55:52 +03:00
Anton Reutov
a8ff57047c
 		Merge pull request #2034 from Ham3D/add_single_page_applications_support 
add single page applications support
 2021-07-30 15:17:11 +03:00
Anton Reutov
9d2c0ca64c
 		Changes to Cloudflare Infrastructure IPs List 2021-07-30 14:51:17 +03:00
Anton Reutov
55e58f5cce
 		Changes to Cloudflare Infrastructure IPs List 2021-07-30 14:48:55 +03:00
Anton Reutov
ffe3e1bbd9
 		Changes to Cloudflare Infrastructure IPs List 2021-07-30 14:47:41 +03:00
Anton Reutov
2a2cfee433
 		Merge pull request #2051 from byronjumbo/patch-2 
[Action May Be Required] Changes to Cloudflare Infrastructure IPs Lis…
 2021-07-30 14:42:16 +03:00
Anton Reutov
76072b7398
 		Change default vesta port 2021-07-29 20:29:51 +03:00
Anton Reutov
b378cf18ed
 		Update postinst 2021-07-29 16:47:04 +03:00
Anton Reutov
d68ac3993c
 		stopped to renew LE if domain is not exits more 2021-07-28 20:30:03 +03:00
Anton Reutov
0cdb05bb03
 		send email function to full backup 2021-07-28 20:24:25 +03:00
Anton Reutov
cde1cd6651
 		stopped to renew LE if domain is not exit more 2021-07-28 20:12:07 +03:00
Anton Reutov
0fcbadda78
 		Grep carefully for 'END CERTIFICATE' 2021-07-28 19:43:04 +03:00
Anton Reutov
d97adaeb6a
 		Disabling login with 'root' 2021-07-28 14:19:12 +03:00
Anton Reutov
6b3cd17202
 		Fixing Apache status public access 2021-07-28 11:22:31 +03:00
Anton Reutov
c582ff3766
 		Checking period value in /list/rrd/ 2021-07-27 22:19:45 +03:00
Anton Reutov
374d6c6b19
 		htmlentities() for token 2021-07-27 22:01:10 +03:00
Anton Reutov
1c801b2d60
 		Fix for downloading backup of other users 2021-07-27 21:50:33 +03:00
Anton Reutov
1ff5208968
 		Preventing admin to do loginas action without token 2021-07-27 20:58:34 +03:00
Anton Reutov
b123fa2178
 		Making sure chmod and chown does not follow symlinks 2021-07-27 15:38:29 +03:00
Anton Reutov
393c81d46c
 		Making sure chmod and chown does not follow symlinks 2021-07-27 15:27:20 +03:00
Anton Reutov
93eec18723
 		Making sure chmod and chown does not follow symlinks 2021-07-27 15:21:52 +03:00
Anton Reutov
45b13a2105
 		Making sure chmod and chown does not follow symlinks 2021-07-27 15:10:04 +03:00
Anton Reutov
f41ad21e1e
 		Update main.sh 2021-07-27 15:06:11 +03:00
Anton Reutov
8a60b257a2
 		Preventing uploads from other origin 2021-07-27 14:56:35 +03:00
Anton Reutov
ea1e22613e
 		Restrict v-make-tmp-file to tmp folder 2021-07-27 14:42:25 +03:00
Anton Reutov
bbe06d10b6
 		Checking licence format 2021-07-27 14:36:41 +03:00
Anton Reutov
3c31647926
 		Validate user input on domain 2021-07-27 14:35:40 +03:00
Anton Reutov
10bedc72f1
 		Merge pull request #2059 from zidingz/patch-1 
Create SECURITY.md
 2021-07-26 17:14:35 +03:00
Ziding Zhang
102ecb2c32
 		Create SECURITY.md 
For your consideration: a quick instruction for future security researchers.
 2021-07-26 15:08:34 +01:00
Anton Reutov
d0a21b4859
 		Ensure HTML will not be displayed in list log page 2021-07-26 17:08:17 +03:00
Anton Reutov
5f92fc5380
 		Added interface validation 2021-07-26 16:50:25 +03:00
Anton Reutov
a4e4542a6d
 		Checking licence format 2021-07-26 16:41:04 +03:00
Anton Reutov
c6b79fe5da
 		Check if it's vesta package 2021-07-26 14:59:10 +03:00
Byron Jumbo
04bf5fc042
 		[Action May Be Required] Changes to Cloudflare Infrastructure IPs Listed on cloudflare.com/ips 
If your security model relies on allowing a list of trusted Cloudflare IPs from cloudflare.com/ips (or via API) on your origin, please make the following changes to your allow list by May 7, 2021. This change is safe to make today.

Remove:
104.16.0.0/12

Add:
104.16.0.0/13
104.24.0.0/14
 2021-04-09 08:51:52 -05:00
Made I.T
bba7400b8a
 		Fix duplicated DNS records in DNS cluster 2020-12-10 12:13:46 +01:00
Airat Halitov
fb7f6254fa
 		Update v-update-sys-rrd-mem 2020-12-04 17:27:25 +05:00
Anton Reutov
1b85b7b313
 		Merge pull request #2030 from myrevery/patch-1 
Update cn.php
 2020-10-25 23:40:53 +03:00
dpeca
d7de756d70
 		Merge pull request #2039 from moucho/acme_v2_GET 
Deprecate GET acme v2
 2020-10-25 02:20:11 +02:00
moucho
2dc4adb08e Deprecate GET acme v2 2020-10-22 13:48:45 +02:00
Hamed hojjati
246ea6888d add single page applications support 2020-10-01 11:15:23 +03:30
myrevery
8d5c2e2e8e
 		Update cn.php 
Refine some details.
 2020-09-03 12:49:00 -07:00
Anton Reutov
af94a23962
 		Merge pull request #2029 from myrevery/patch-1 
Update cn.php
 2020-08-26 16:22:54 +03:00
myrevery
ce5d209c13
 		Update cn.php 2020-08-25 14:58:01 -07:00
dpeca
ef0f62a59b
 		Also checking "" in order to detect manually chunked record 
And removing brackets, since they are not necessary when whole record is in one line
 2020-08-23 19:44:12 +02:00
dpeca
311827c4b3
 		Not chunking already manually chunked TXT records 2020-08-19 14:52:45 +02:00
dpeca
f74301b19f
 		Split long TXT entries into 255 chunks 2020-08-19 12:44:46 +02:00
dpeca
ccea621787
 		Merge pull request #1947 from dawindk/patch-1 
Only exclude logs folder from root, not in public_html
 2020-08-19 11:07:55 +02:00
dpeca
c171d5e68e
 		Merge pull request #1969 from joshbmarshall/joshbmarshall-patch-1 
Bugfix deleting a PostgreSQL database
 2020-08-19 11:06:39 +02:00
dynanode
3b96845f8a
 		Update vsftpd.conf to support TLS connections 
Updated config to support TLS 1.2 connections to vsftpd only.
 2020-06-25 13:59:51 +02:00
dpeca
e0ebf729f3
 		Avoid Let's Encrypt domain validation timeout 2020-06-23 20:20:11 +02:00
dpeca
83d0b9ed90
 		Allow quick restarting of nginx 
It can occur if domain has many aliases, and acme-challenge should be added many times

This fix will prevent this error:
```
May 14 21:39:08 server systemd[1]: nginx.service: Start request repeated too quickly.
May 14 21:39:08 server systemd[1]: nginx.service: Failed with result 'start-limit-hit'.
```
 2020-06-23 20:14:55 +02:00
dpeca
d9e9c64369
 		Fixing NS parameters in v-add-dns-on-web-alias 2020-06-23 20:10:54 +02:00
dpeca
8d9e349b23
 		Dont match subdomains while restoring domain 2020-06-23 20:08:59 +02:00
dpeca
a9e46047e9
 		Reset UPDATE_SSL_SCRIPT 2020-06-23 20:04:30 +02:00
dpeca
c377e19df8 Adding escapeshellarg on few more places in php code 2020-06-23 19:06:25 +02:00
dpeca
b6cadcd992 Fixing unnecessary slash in nginx configs for phpmyadmin and roundcube 2020-06-23 18:01:38 +02:00
Borys Vrublevskyi
37fc05081b cs-cart template for nginx php-fpm ubuntu 18.04 2020-04-16 16:47:23 +03:00
dpeca
cfc46bb2a9
 		Importing system enviroment in v-change-user-password 
Thanks to @ScIT-Raphael for discovering this bug
 2020-04-11 02:16:24 +02:00
dpeca
cc8a3e0c58
 		Correcting FTP link in v-backup-user 2020-04-09 20:53:27 +02:00
Maksim Usmanov | Maks
ce417f65a2
 		Fix reset password from CLI / roundcube 
This will fix bug when change password from cli

$quota is not defined
I not know if there is any function to get quota with a single comand, so I get alredy defined quota

With out this vesta will reset quota or not asign nothing in passwd file when quota password was reset
 2020-04-05 13:26:45 +02:00
Clark Chen
7177dbb4e7
 		Fill missing get data (module) 2020-03-30 16:55:13 +08:00
Clark Chen
e4710ae715
 		Fix curl call 
curl wasn't called properly, due to '&' character exist in url without quote around it
 2020-03-30 16:50:07 +08:00
Clark Chen
e75b62efad
 		Fix curl call 
curl wasn't called properly, due to '&' character exist in url without quote around it
 2020-03-30 16:48:22 +08:00
dpeca
58807feb80
 		Adding port to reset password link 2020-03-29 18:13:22 +02:00
dpeca
c915bff32e
 		Forbid changing root password 2020-03-24 20:40:47 +01:00
dpeca
00e1f46276
 		Limiting /etc/sudoers for Ubuntu 2020-03-23 19:34:39 +01:00
dpeca
c9844805a4
 		Limiting /etc/sudoers for Ubuntu 2020-03-23 19:31:42 +01:00
dpeca
c3c4de43d6
 		Preventing manipulation with $_SERVER['HTTP_HOST'] 2020-03-23 17:28:55 +01:00
dpeca
a5712542d7 Temporary fix for parsing backup conf 2020-03-23 01:21:57 +01:00
olymp
dae2eb0854 Letsencrypt ssl certificate update fails when you have domains like example.com and example.com.ua (beginning matches) 
issue #1977 https://github.com/serghey-rodin/vesta/issues/1977
 2020-02-23 12:50:32 +02:00
Daniyal Javani
993796fcf2 fix ftp restore path 2020-02-05 10:53:17 +03:30
Josh Marshall
99abd5ed05
 		Bugfix deleting a PostgreSQL database 
Was just a typo
 2020-01-09 00:52:10 +10:00
Anton Reutov
931fb5beeb
 		Merge pull request #1944 from nothinux/i18n-php 
update id.php
 2019-10-21 13:25:31 +03:00
NIKTONIKTO717
949c011321
 		Update vst-install-rhel.sh 
I only tried to fix bug #1933
 2019-10-09 15:23:39 +02:00
David Olsen
9d2ca4b592
 		Only exclude logs folder from root, not in webdata 
Restoring should not exclude logs in any folder down the tree. This causes errors when restoring wordpress with certain plugins that have folders named "logs". This change aligns the restore with the backup function https://github.com/serghey-rodin/vesta/blob/master/bin/v-backup-user#L226

You could also omit the exclusion entirely, as this folder you are excluding should never be in the backup.
 2019-10-07 10:40:56 +02:00
dpeca
f0782d1f82
 		Fixing broken autoreply output 
Broken in 0831a198b8 (diff-f07da7937954ae08bdb2e7379655ae29)
@sergio-nadal
 2019-10-03 16:15:36 +02:00
Alexandr Loskutov
d0ca10a5d3
 		Merge pull request #1945 from robindirksen1/patch-7 
Update nl.php
 2019-10-01 23:52:17 +03:00
Robin Dirksen
ec8631b2d2
 		Update nl.php 2019-10-01 16:28:03 +02:00
Taufik Mulyana
9947b17144 update id.php 2019-10-01 21:18:38 +07:00
T. Mulyana
6645586fb2
 		Merge pull request #1 from serghey-rodin/master 
update
 2019-10-01 20:42:54 +07:00
Serghey Rodin
270d29ff06 added month to the release log date 2019-09-29 00:17:54 +03:00
Serghey Rodin
52c32962a8 Release 0.9.8-26 2019-09-29 00:09:07 +03:00
Serghey Rodin
ae328a0935 added support for HTTP/2 Let's Encrypt servers 2019-09-24 01:08:17 +03:00
dpeca
84ef0a118f
 		Changing /usr/local/vesta to $VESTA 2019-08-24 16:13:03 +02:00
dpeca
e82ad200b7
 		Translated added string in sr.php 2019-08-18 16:37:00 +02:00
Krzysztof Grzelak
a9ddd4159c
 		Update v-list-web-domain-ssl 
Adding certificate support from CloudFlare
 2019-07-11 21:30:00 +02:00
CLSII
6d6e3f3723
 		Update v-add-web-domain-ftp 
Modification of the useradd request to find the right user group --> For the group it is : (id -g $user)
 2019-06-27 21:34:20 +02:00
Roman
e0a3439415 fix backend_template save after package change 2019-02-20 05:00:59 +02:00
cmstew
7f833efcde
 		Update vst-install-amazon.sh 
apparently the /var/run/clamav folder is still required for the sock file
 2019-01-05 13:08:59 -07:00
cmstew
3881e36967
 		Update vst-install-amazon.sh 
Keep /etc/clamd.conf as main file and link to it instead of using /etc/clamd.d/scan.conf.
 2019-01-05 13:02:23 -07:00
cmstew
9f671ccf90
 		Update vst-install-amazon.sh 
- Cleaned up changes
- Removed unnecessary clamd code from Centos installer
 2019-01-02 08:18:06 -07:00
cmstew
be300fd82e
 		Update vst-install-rhel.sh 
Changed hostname variable to match rest of script
 2019-01-01 12:07:49 -07:00
cmstew
5852424830
 		Update vst-install-amazon.sh 
Changed hostname variable to match rest of script
 2019-01-01 12:07:43 -07:00
cmstew
bdb0959e1b
 		Update vst-install-debian.sh 
Changed hostname variable to match rest of script
 2019-01-01 12:07:34 -07:00
cmstew
d8f372d99c
 		Update vst-install-ubuntu.sh 
Changed hostname variable to match rest of script
 2019-01-01 12:07:30 -07:00
cmstew
3b58b4a8b7
 		Update vst-install-ubuntu.sh 
missed a change
 2018-12-31 19:10:18 -07:00
cmstew
c79785c790
 		Update vst-install-debian.sh 
missed a change
 2018-12-31 19:10:11 -07:00
cmstew
13e2f473e2
 		Update vst-install-amazon.sh 
missed a change
 2018-12-31 19:10:05 -07:00
cmstew
f8734d15e9
 		Update vst-install-ubuntu.sh 
- Added to help function for ssl
- Added argument for enabling Let's Encrypt SSL
- Added set_default_value 'ssl' 'no'
- Install Let's Encrypt on hostname, update certificate, and enable auto-renew if 'ssl' argument is 'yes'
 2018-12-31 15:48:29 -07:00
cmstew
7c9afbca32
 		Update vst-install-debian.sh 
- Added to help function for ssl
- Added argument for enabling Let's Encrypt SSL
- Added set_default_value 'ssl' 'no'
- Install Let's Encrypt on hostname, update certificate, and enable auto-renew if 'ssl' argument is 'yes'
 2018-12-31 15:48:25 -07:00
cmstew
1dae236693
 		Update vst-install-amazon.sh 
- Added to help function for ssl
- Added argument for enabling Let's Encrypt SSL
- Added set_default_value 'ssl' 'no'
- Install Let's Encrypt on hostname, update certificate, and enable auto-renew if 'ssl' argument is 'yes'
 2018-12-31 15:48:18 -07:00
cmstew
6689e5c839
 		Update vst-install-rhel.sh 
- Added to help function for ssl
- Added argument for enabling Let's Encrypt SSL
- Added set_default_value 'ssl' 'no'
- Install Let's Encrypt on hostname, update certificate, and enable auto-renew if 'ssl' argument is 'yes'
 2018-12-31 15:42:01 -07:00
cmstew
fb13db40ce
 		Update vst-install-amazon.sh 
cleaned up changes for clamd on amazon linux
 2018-12-29 12:47:58 -07:00
cmstew
57429a3203
 		Update vst-install-amazon.sh 
Added backup of /etc/clamd.d/scan.conf after installing clamd because the file is not there before.
 2018-12-28 15:59:21 -07:00
cmstew
b1e0e6a2a5
 		Fix clamd for Amazon Linux 2018-12-28 14:57:38 -07:00
cmstew
8d48fca193
 		Added clamd.scan 2018-12-28 13:53:19 -07:00
cmstew
041fd2914f
 		Create clamd.scan index page 2018-12-28 13:51:41 -07:00
Henri Hulski
95a345f2dc Increment backend port also when commented 
This allows to grep the incremented port also for other backends then php-fpm with `%backend_lsnr%` in the web template.
 2018-12-17 19:41:37 +01:00
Maxim Nosovets
cb67641bed Check missing 'gnupg' package on latest fresh Ubuntu versions 2018-12-14 15:20:14 +02:00
JOduMonT
965e23f30c template for mautic 2018-12-05 07:29:14 +01:00
JOduMonT
dccd29f455 add template for invoice ninja 2018-12-05 07:02:13 +01:00
dpeca
847e4f223b
 		Block .jar extension in email attachments in Exim 
I saw .jar files that contains viruses that ClamAV not detected at all.
Not sure if @serghey-rodin think this is OK idea, so let he decide.
 2018-07-27 17:39:38 +02:00
dpeca
33ba05c35b
 		Tell Exim to not to deny emails if ClamAV is unavailable or busy 
Not sure if @serghey-rodin think this is OK idea, so let he decide.
I had a situation when company sent too much attachments, ClamAV didn't so fast to scan them all immediately, and therefore became unavailable, so Exim started to deny messages, which caused very bad situation in company.
With this "patch" Exim will not deny emails if ClamAV is unavailable or busy.
 2018-07-27 17:27:56 +02:00
Alexandros Ioannides
979d6e7083
 		TLS 1.0 drop & TLS 1.3 addition 2018-07-03 23:57:11 +03:00
1182 changed files with 63658 additions and 10138 deletions
Download patch file Download diff file Expand all files Collapse all files

3
.gitignore vendored
View file

@ -4,3 +4,6 @@
*.gz
.vscode
.DS_Store
src/react/node_modules
src/react/build
/.idea

8
README.md
View file

@ -1,6 +1,8 @@
[Vesta Control Panel](http://vestacp.com/)
==================================================
Vesta is back under active development as of 25 February 2024. We are commited to open source, and will engage with the community to identify the new roadmap for Vesta. Stay tuned!
[![Join the chat at https://gitter.im/vesta-cp/Lobby](https://badges.gitter.im/vesta-cp/Lobby.svg)](https://gitter.im/vesta-cp/Lobby?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge)
* Vesta is an open source hosting control panel.
@ -16,7 +18,7 @@ ssh root@your.server
Download the installation script, and run it:
```bash
curl http://vestacp.com/pub/vst-install.sh | bash
curl https://vestacp.com/pub/vst-install.sh | bash
```
How to install (3 step)
@ -29,7 +31,7 @@ ssh root@your.server
Download the installation script:
```bash
curl -O http://vestacp.com/pub/vst-install.sh
curl -O https://vestacp.com/pub/vst-install.sh
```
Then run it:
```bash
@ -38,5 +40,5 @@ bash vst-install.sh
License
----------------------------
Vesta is licensed under [GPL v3 ](https://github.com/serghey-rodin/vesta/blob/master/LICENSE) license
Vesta is licensed under [GPL v3 ](https://github.com/outroll/vesta/blob/master/LICENSE) license

5
SECURITY.md Normal file
View file

@ -0,0 +1,5 @@
# Security Policy
## Reporting a Vulnerability
Please report security issues to dev@vestacp.com

4
bin/v-activate-vesta-license
View file

@ -27,7 +27,7 @@ source $VESTA/conf/vesta.conf
# Checking arg number
check_args '2' "$#" 'MODULE LICENSE'
is_user_format_valid "$license" "license"
#----------------------------------------------------------#
# Action #
@ -35,7 +35,7 @@ check_args '2' "$#" 'MODULE LICENSE'
# Activating license
v_host='https://vestacp.com/checkout'
answer=$(curl -s $v_host/activate.php?licence_key=$license&module=$module)
answer=$(curl -s "$v_host/activate.php?licence_key=$license&module=$module")
check_result $? "cant' connect to vestacp.com " $E_CONNECT
# Checking server answer

2
bin/v-add-dns-on-web-alias
View file

@ -55,7 +55,7 @@ if [ "$domain_lvl" -eq 1 ] || [ "${#top_domain}" -le '6' ]; then
fi
# Adding top-level domain and then its sub
$BIN/v-add-dns-domain $user $top_domain $ip '' '' '' '' '' $restart >> /dev/null
$BIN/v-add-dns-domain $user $top_domain $ip '' '' '' '' '' '' '' '' $restart >> /dev/null
# Checking top-level domain
if [ ! -e "$USER_DATA/dns/$top_domain.conf" ]; then

2
bin/v-add-firewall-chain
View file

@ -22,7 +22,7 @@ protocol=$(echo $protocol|tr '[:lower:]' '[:upper:]')
iptables="/sbin/iptables"
# Get vesta port by reading nginx.conf
vestaport=$(grep 'listen' /usr/local/vesta/nginx/conf/nginx.conf | awk '{print $2}' | sed "s|;||")
vestaport=$(grep 'listen' $VESTA/nginx/conf/nginx.conf | awk '{print $2}' | sed "s|;||")
if [ -z "$vestaport" ]; then
vestaport=8083
fi

170
bin/v-add-letsencrypt-domain
View file

@ -53,7 +53,10 @@ query_le_v2() {
post_data=$post_data'"payload":"'"$payload_"'",'
post_data=$post_data'"signature":"'"$signature_"'"}'
curl -s -i -d "$post_data" "$1" -H "$content"
# Save http response to file passed as "$4" arg or print to stdout if not provided
# http response headers are always sent to stdout
local save_to_file=${4:-"/dev/stdout"}
curl --silent --dump-header /dev/stdout --data "$post_data" "$1" --header "$content" --output "$save_to_file"
}
@ -70,11 +73,16 @@ is_object_unsuspended 'user' 'USER' "$user"
is_object_valid 'web' 'DOMAIN' "$domain"
is_object_unsuspended 'web' 'DOMAIN' "$domain"
get_domain_values 'web'
echo "-----------------------------------------------------------------------------------" >> /usr/local/vesta/log/letsencrypt.log
echo "[$(date)] : v-add-letsencrypt-domain $domain [$aliases]" >> /usr/local/vesta/log/letsencrypt.log
# check if alias is the letsencrypt wildcard domain, if not, make the normal checks
if [[ "$aliases" != "*.$domain" ]]; then
for alias in $(echo "$aliases" |tr ',' '\n' |sort -u); do
check_alias="$(echo $ALIAS |tr ',' '\n' |grep ^$alias$)"
if [ -z "$check_alias" ]; then
echo "[$(date)] : EXIT=domain alias $alias doesn't exist" >> /usr/local/vesta/log/letsencrypt.log
check_result $E_NOTEXIST "domain alias $alias doesn't exist"
fi
done
@ -85,11 +93,14 @@ fi;
#----------------------------------------------------------#
# Registering LetsEncrypt user account
echo "[$(date)] : v-add-letsencrypt-user $user" >> /usr/local/vesta/log/letsencrypt.log
$BIN/v-add-letsencrypt-user $user
echo "[$(date)] : result: $?" >> /usr/local/vesta/log/letsencrypt.log
if [ "$?" -ne 0 ]; then
touch $VESTA/data/queue/letsencrypt.pipe
sed -i "/ $domain /d" $VESTA/data/queue/letsencrypt.pipe
send_notice "LETSENCRYPT" "Account registration failed"
echo "[$(date)] : EXIT=LE account registration" >> /usr/local/vesta/log/letsencrypt.log
check_result $E_CONNECT "LE account registration" >/dev/null
fi
@ -98,9 +109,11 @@ source $USER_DATA/ssl/le.conf
# Checking wildcard alias
if [ "$aliases" = "*.$domain" ]; then
echo "[$(date)] : Checking wildcard alias" >> /usr/local/vesta/log/letsencrypt.log
wildcard='yes'
proto="dns-01"
if [ ! -e "$VESTA/data/users/$user/dns/$domain.conf" ]; then
echo "[$(date)] : EXIT=DNS domain $domain doesn't exist" >> /usr/local/vesta/log/letsencrypt.log
check_result $E_NOTEXIST "DNS domain $domain doesn't exist"
fi
else
@ -108,14 +121,21 @@ else
fi
# Requesting nonce / STEP 1
echo "[$(date)] : --- Requesting nonce / STEP 1 ---" >> /usr/local/vesta/log/letsencrypt.log
echo "[$(date)] : curl -s -I \"$API/directory\"" >> /usr/local/vesta/log/letsencrypt.log
answer=$(curl -s -I "$API/directory")
nonce=$(echo "$answer" |grep Nonce |cut -f2 -d \ |tr -d '\r\n')
status=$(echo "$answer"|grep HTTP/1.1 |tail -n1 |cut -f 2 -d ' ')
echo "[$(date)] : answer=$answer" >> /usr/local/vesta/log/letsencrypt.log
nonce=$(echo "$answer" |grep -i nonce |cut -f2 -d \ |tr -d '\r\n')
echo "[$(date)] : nonce=$nonce" >> /usr/local/vesta/log/letsencrypt.log
status=$(echo "$answer"|grep HTTP/ |tail -n1 |cut -f 2 -d ' ')
echo "[$(date)] : status=$status" >> /usr/local/vesta/log/letsencrypt.log
if [[ "$status" -ne 200 ]]; then
echo "[$(date)] : EXIT=Let's Encrypt nonce request status $status" >> /usr/local/vesta/log/letsencrypt.log
check_result $E_CONNECT "Let's Encrypt nonce request status $status"
fi
# Placing new order / STEP 2
echo "[$(date)] : --- Placing new order / STEP 2 ---" >> /usr/local/vesta/log/letsencrypt.log
url="$API/acme/new-order"
payload='{"identifiers":['
for identifier in $(echo $domain,$aliases |tr ',' '\n' |sort -u); do
@ -124,68 +144,116 @@ for identifier in $(echo $domain,$aliases |tr ',' '\n' |sort -u); do
done
payload=$(echo "$payload"|sed "s/,$//")
payload=$payload']}'
echo "[$(date)] : payload=$payload" >> /usr/local/vesta/log/letsencrypt.log
echo "[$(date)] : query_le_v2 \"$url\" \"$payload\" \"$nonce\"" >> /usr/local/vesta/log/letsencrypt.log
answer=$(query_le_v2 "$url" "$payload" "$nonce")
nonce=$(echo "$answer" |grep Nonce |cut -f2 -d \ |tr -d '\r\n')
echo "[$(date)] : answer=$answer" >> /usr/local/vesta/log/letsencrypt.log
nonce=$(echo "$answer" |grep -i nonce |cut -f2 -d \ |tr -d '\r\n')
echo "[$(date)] : nonce=$nonce" >> /usr/local/vesta/log/letsencrypt.log
authz=$(echo "$answer" |grep "acme/authz" |cut -f2 -d '"')
echo "[$(date)] : authz=$authz" >> /usr/local/vesta/log/letsencrypt.log
finalize=$(echo "$answer" |grep 'finalize":' |cut -f4 -d '"')
status=$(echo "$answer" |grep HTTP/1.1 |tail -n1 |cut -f2 -d ' ')
echo "[$(date)] : finalize=$finalize" >> /usr/local/vesta/log/letsencrypt.log
status=$(echo "$answer" |grep HTTP/ |tail -n1 |cut -f2 -d ' ')
echo "[$(date)] : status=$status" >> /usr/local/vesta/log/letsencrypt.log
if [[ "$status" -ne 201 ]]; then
echo "[$(date)] : EXIT=Let's Encrypt new auth status $status" >> /usr/local/vesta/log/letsencrypt.log
check_result $E_CONNECT "Let's Encrypt new auth status $status"
fi
# Requesting authorization token / STEP 3
echo "[$(date)] : --- Requesting authorization token / STEP 3 ---" >> /usr/local/vesta/log/letsencrypt.log
for auth in $authz; do
payload=''
echo "[$(date)] : for auth=$auth" >> /usr/local/vesta/log/letsencrypt.log
echo "[$(date)] : query_le_v2 \"$auth\" \"$payload\" \"$nonce\"" >> /usr/local/vesta/log/letsencrypt.log
answer=$(query_le_v2 "$auth" "$payload" "$nonce")
url=$(echo "$answer" |grep -A3 $proto |grep url |cut -f 4 -d \")
echo "[$(date)] : answer=$answer" >> /usr/local/vesta/log/letsencrypt.log
url=$(echo "$answer" |grep -A3 $proto |grep '"url"' |cut -f 4 -d \")
echo "[$(date)] : url=$url" >> /usr/local/vesta/log/letsencrypt.log
token=$(echo "$answer" |grep -A3 $proto |grep token |cut -f 4 -d \")
nonce=$(echo "$answer" |grep Nonce |cut -f2 -d \ |tr -d '\r\n')
status=$(echo "$answer"|grep HTTP/1.1 |tail -n1 |cut -f 2 -d ' ')
echo "[$(date)] : token=$token" >> /usr/local/vesta/log/letsencrypt.log
nonce=$(echo "$answer" |grep -i nonce |cut -f2 -d \ |tr -d '\r\n')
echo "[$(date)] : nonce=$nonce" >> /usr/local/vesta/log/letsencrypt.log
status=$(echo "$answer"|grep HTTP/ |tail -n1 |cut -f 2 -d ' ')
echo "[$(date)] : status=$status" >> /usr/local/vesta/log/letsencrypt.log
if [[ "$status" -ne 200 ]]; then
echo "[$(date)] : EXIT=Let's Encrypt acme/authz bad status $status" >> /usr/local/vesta/log/letsencrypt.log
check_result $E_CONNECT "Let's Encrypt acme/authz bad status $status"
fi
# Accepting challenge / STEP 4
# Configuring challenge / STEP 4
echo "[$(date)] : --- Configuring challenge / STEP 4 ---" >> /usr/local/vesta/log/letsencrypt.log
echo "[$(date)] : wildcard=$wildcard" >> /usr/local/vesta/log/letsencrypt.log
if [ "$wildcard" = 'yes' ]; then
record=$(printf "%s" "$token.$THUMB" |\
openssl dgst -sha256 -binary |encode_base64)
old_records=$($BIN/v-list-dns-records $user $domain plain|grep 'TXT')
old_records=$(echo "$old_records" |grep _acme-challenge |cut -f 1)
for old_record in $old_records; do
$BIN/v-delete-dns-record $user $domain $old_record
$BIN/v-delete-dns-record "$user" "$domain" "$old_record"
done
$BIN/v-add-dns-record $user $domain "_acme-challenge" "TXT" $record
check_result $? "DNS _acme-challenge record wasn't created"
$BIN/v-add-dns-record "$user" "$domain" "_acme-challenge" "TXT" "$record"
exitstatus=$?
echo "[$(date)] : v-add-dns-record \"$user\" \"$domain\" \"_acme-challenge\" \"TXT\" \"$record\"" >> /usr/local/vesta/log/letsencrypt.log
if [ "$exitstatus" -ne 0 ]; then
echo "[$(date)] : EXIT=DNS _acme-challenge record wasn't created" >> /usr/local/vesta/log/letsencrypt.log
fi
check_result $exitstatus "DNS _acme-challenge record wasn't created"
else
if [ "$WEB_SYSTEM" = 'nginx' ] || [ ! -z "$PROXY_SYSTEM" ]; then
if [ -f "/usr/local/vesta/web/inc/nginx_proxy" ]; then
# if vesta is behind main nginx
well_known="$HOMEDIR/$user/web/$domain/public_html/.well-known"
acme_challenge="$well_known/acme-challenge"
mkdir -p $acme_challenge
echo "$token.$THUMB" > $acme_challenge/$token
echo "[$(date)] : in $acme_challenge/$token we put: $token.$THUMB" >> /usr/local/vesta/log/letsencrypt.log
chown -R $user:$user $well_known
else
# default nginx method
conf="$HOMEDIR/$user/conf/web/nginx.$domain.conf_letsencrypt"
sconf="$HOMEDIR/$user/conf/web/snginx.$domain.conf_letsencrypt"
if [ ! -e "$conf" ]; then
# if [ ! -e "$conf" ]; then
echo 'location ~ "^/\.well-known/acme-challenge/(.*)$" {' \
> $conf
echo ' default_type text/plain;' >> $conf
echo ' return 200 "$1.'$THUMB'";' >> $conf
echo '}' >> $conf
fi
# fi
echo "[$(date)] : in $conf we put: $THUMB" >> /usr/local/vesta/log/letsencrypt.log
if [ ! -e "$sconf" ]; then
ln -s "$conf" "$sconf"
fi
echo "[$(date)] : v-restart-proxy" >> /usr/local/vesta/log/letsencrypt.log
$BIN/v-restart-proxy
check_result $? "Proxy restart failed" >/dev/null
if [ -z "$PROXY_SYSTEM" ]; then
# apache-less variant
echo "[$(date)] : v-restart-web" >> /usr/local/vesta/log/letsencrypt.log
$BIN/v-restart-web
fi
exitstatus=$?
if [ "$exitstatus" -ne 0 ]; then
echo "[$(date)] : EXIT=Proxy restart failed = $exitstatus" >> /usr/local/vesta/log/letsencrypt.log
fi
check_result $exitstatus "Proxy restart failed" >/dev/null
fi
else
well_known="$HOMEDIR/$user/web/$domain/public_html/.well-known"
acme_challenge="$well_known/acme-challenge"
mkdir -p $acme_challenge
echo "$token.$THUMB" > $acme_challenge/$token
chown -R $user:$user $well_known
echo "[$(date)] : in $acme_challenge/$token we put: $token.$THUMB" >> /usr/local/vesta/log/letsencrypt.log
# $BIN/v-restart-web
# check_result $? "Web restart failed" >/dev/null
fi
$BIN/v-restart-web
check_result $? "Web restart failed" >/dev/null
fi
# Requesting ACME validation / STEP 5
echo "[$(date)] : --- Requesting ACME validation / STEP 5 ---" >> /usr/local/vesta/log/letsencrypt.log
validation_check=$(echo "$answer" |grep '"valid"')
echo "[$(date)] : validation_check=$validation_check" >> /usr/local/vesta/log/letsencrypt.log
if [[ ! -z "$validation_check" ]]; then
validation='valid'
else
@ -195,22 +263,33 @@ for auth in $authz; do
# Doing pol check on status
i=1
while [ "$validation" = 'pending' ]; do
echo "[$(date)] : - Doing pol check on status" >> /usr/local/vesta/log/letsencrypt.log
payload='{}'
echo "[$(date)] : query_le_v2 \"$url\" \"$payload\" \"$nonce\"" >> /usr/local/vesta/log/letsencrypt.log
answer=$(query_le_v2 "$url" "$payload" "$nonce")
echo "[$(date)] : answer=$answer" >> /usr/local/vesta/log/letsencrypt.log
validation=$(echo "$answer"|grep -A1 $proto |tail -n1|cut -f4 -d \")
nonce=$(echo "$answer" |grep Nonce |cut -f2 -d \ |tr -d '\r\n')
status=$(echo "$answer"|grep HTTP/1.1 |tail -n1 |cut -f 2 -d ' ')
echo "[$(date)] : validation=$validation" >> /usr/local/vesta/log/letsencrypt.log
nonce=$(echo "$answer" |grep -i nonce |cut -f2 -d \ |tr -d '\r\n')
echo "[$(date)] : nonce=$nonce" >> /usr/local/vesta/log/letsencrypt.log
status=$(echo "$answer"|grep HTTP/ |tail -n1 |cut -f 2 -d ' ')
echo "[$(date)] : status=$status" >> /usr/local/vesta/log/letsencrypt.log
if [[ "$status" -ne 200 ]]; then
echo "[$(date)] : EXIT=Let's Encrypt validation status $status" >> /usr/local/vesta/log/letsencrypt.log
check_result $E_CONNECT "Let's Encrypt validation status $status"
fi
i=$((i + 1))
if [ "$i" -gt 10 ]; then
echo "[$(date)] : EXIT=Let's Encrypt domain validation timeout" >> /usr/local/vesta/log/letsencrypt.log
check_result $E_CONNECT "Let's Encrypt domain validation timeout"
fi
sleep 1
sleeping=$((i*2))
echo "[$(date)] : sleep $sleeping (i=$i)" >> /usr/local/vesta/log/letsencrypt.log
sleep $sleeping
done
if [ "$validation" = 'invalid' ]; then
echo "[$(date)] : EXIT=Let's Encrypt domain verification failed" >> /usr/local/vesta/log/letsencrypt.log
check_result $E_CONNECT "Let's Encrypt domain verification failed"
fi
done
@ -221,37 +300,69 @@ ssl_dir=$($BIN/v-generate-ssl-cert "$domain" "info@$domain" "US" "California"\
"San Francisco" "Vesta" "IT" "$aliases" |tail -n1 |awk '{print $2}')
# Sending CSR to finalize order / STEP 6
echo "[$(date)] : --- Sending CSR to finalize order / STEP 6 ---" >> /usr/local/vesta/log/letsencrypt.log
csr=$(openssl req -in $ssl_dir/$domain.csr -outform DER |encode_base64)
payload='{"csr":"'$csr'"}'
echo "[$(date)] : query_le_v2 \"$finalize\" \"$payload\" \"$nonce\"" >> /usr/local/vesta/log/letsencrypt.log
answer=$(query_le_v2 "$finalize" "$payload" "$nonce")
nonce=$(echo "$answer" |grep Nonce |cut -f2 -d \ |tr -d '\r\n')
status=$(echo "$answer"|grep HTTP/1.1 |tail -n1 |cut -f 2 -d ' ')
echo "[$(date)] : answer=$answer" >> /usr/local/vesta/log/letsencrypt.log
nonce=$(echo "$answer" |grep -i nonce |cut -f2 -d \ |tr -d '\r\n')
echo "[$(date)] : nonce=$nonce" >> /usr/local/vesta/log/letsencrypt.log
status=$(echo "$answer"|grep HTTP/ |tail -n1 |cut -f 2 -d ' ')
echo "[$(date)] : status=$status" >> /usr/local/vesta/log/letsencrypt.log
certificate=$(echo "$answer"|grep 'certificate":' |cut -f4 -d '"')
echo "[$(date)] : certificate=$certificate" >> /usr/local/vesta/log/letsencrypt.log
if [[ "$status" -ne 200 ]]; then
echo "[$(date)] : EXIT=Let's Encrypt finalize bad status $status" >> /usr/local/vesta/log/letsencrypt.log
check_result $E_CONNECT "Let's Encrypt finalize bad status $status"
fi
# Downloading signed certificate / STEP 7
curl -s "$certificate" -o $ssl_dir/$domain.pem
echo "[$(date)] : --- Downloading signed certificate / STEP 7 ---" >> /usr/local/vesta/log/letsencrypt.log
echo "[$(date)] : query_le_v2 \"$certificate\" \"\" \"$nonce\"" >> /usr/local/vesta/log/letsencrypt.log
answer=$(query_le_v2 "$certificate" "" "$nonce" "$ssl_dir/$domain.pem")
echo "[$(date)] : answer=$answer" >> /usr/local/vesta/log/letsencrypt.log
status=$(echo "$answer"|grep HTTP/ |tail -n1 |cut -f 2 -d ' ')
echo "[$(date)] : status=$status" >> /usr/local/vesta/log/letsencrypt.log
if [[ "$status" -ne 200 ]]; then
[ -d "$ssl_dir" ] && rm -rf "$ssl_dir"
echo "[$(date)] : EXIT=Let's Encrypt downloading signed cert failed status: $status" >> /usr/local/vesta/log/letsencrypt.log
check_result $E_NOTEXIST "Let's Encrypt downloading signed cert failed status: $status"
fi
# Splitting up downloaded pem
crt_end=$(grep -n END $ssl_dir/$domain.pem |head -n1 |cut -f1 -d:)
# echo "[$(date)] : - Splitting up downloaded pem" >> /usr/local/vesta/log/letsencrypt.log
crt_end=$(grep -n 'END CERTIFICATE' $ssl_dir/$domain.pem |head -n1 |cut -f1 -d:)
# echo "[$(date)] : crt_end=$crt_end" >> /usr/local/vesta/log/letsencrypt.log
head -n $crt_end $ssl_dir/$domain.pem > $ssl_dir/$domain.crt
pem_lines=$(wc -l $ssl_dir/$domain.pem |cut -f 1 -d ' ')
ca_end=$(grep -n "BEGIN" $ssl_dir/$domain.pem |tail -n1 |cut -f 1 -d :)
# echo "[$(date)] : pem_lines=$pem_lines" >> /usr/local/vesta/log/letsencrypt.log
ca_end=$(grep -n 'BEGIN CERTIFICATE' $ssl_dir/$domain.pem |tail -n1 |cut -f 1 -d :)
# echo "[$(date)] : ca_end=$ca_end" >> /usr/local/vesta/log/letsencrypt.log
ca_end=$(( pem_lines - crt_end + 1 ))
# echo "[$(date)] : ca_end=$ca_end" >> /usr/local/vesta/log/letsencrypt.log
tail -n $ca_end $ssl_dir/$domain.pem > $ssl_dir/$domain.ca
# Temporary fix for double "END CERTIFICATE"
if [[ $(head -n 1 $ssl_dir/$domain.ca) = "-----END CERTIFICATE-----" ]]; then
sed -i '1,2d' $ssl_dir/$domain.ca
fi
# Adding SSL
ssl_home=$(search_objects 'web' 'LETSENCRYPT' 'yes' 'SSL_HOME')
$BIN/v-delete-web-domain-ssl $user $domain >/dev/null 2>&1
echo "[$(date)] : v-add-web-domain-ssl $user $domain $ssl_dir $ssl_home" >> /usr/local/vesta/log/letsencrypt.log
$BIN/v-add-web-domain-ssl $user $domain $ssl_dir $ssl_home
if [ "$?" -ne '0' ]; then
exitstatus=$?
echo "[$(date)] : v-add-web-domain-ssl status: $exitstatus" >> /usr/local/vesta/log/letsencrypt.log
if [ "$exitstatus" -ne '0' ]; then
touch $VESTA/data/queue/letsencrypt.pipe
sed -i "/ $domain /d" $VESTA/data/queue/letsencrypt.pipe
echo "[$(date)] : EXIT=$domain certificate installation failed" >> /usr/local/vesta/log/letsencrypt.log
send_notice 'LETSENCRYPT' "$domain certificate installation failed"
check_result $? "SSL install" >/dev/null
check_result $exitstatus "SSL install" >/dev/null
fi
# Adding LE autorenew cronjob
@ -268,6 +379,7 @@ if [ -z "$LETSENCRYPT" ]; then
fi
update_object_value 'web' 'DOMAIN' "$domain" '$LETSENCRYPT' 'yes'
reset_web_counter "$user" "$domain" 'LETSENCRYPT_FAIL_COUNT'
#----------------------------------------------------------#
# Vesta #
@ -279,7 +391,7 @@ sed -i "/ $domain /d" $VESTA/data/queue/letsencrypt.pipe
# Notifying user
send_notice 'LETSENCRYPT' "$domain SSL has been installed successfully"
echo "[$(date)] : EXIT=***** $domain SSL has been installed successfully *****" >> /usr/local/vesta/log/letsencrypt.log
# Logging
log_event "$OK" "$ARGUMENTS"

6
bin/v-add-letsencrypt-user
View file

@ -103,16 +103,16 @@ fi
# Requesting ACME nonce
nonce=$(curl -s -I "$API/directory" |grep Nonce |cut -f 2 -d \ |tr -d '\r\n')
nonce=$(curl -s -I "$API/directory" |grep -i nonce |cut -f2 -d\ |tr -d '\r\n')
# Creating ACME account
url="$API/acme/new-acct"
payload='{"termsOfServiceAgreed": true}'
answer=$(query_le_v2 "$url" "$payload" "$nonce")
kid=$(echo "$answer" |grep Location: |cut -f2 -d ' '|tr -d '\r')
kid=$(echo "$answer" |grep -i location: |cut -f2 -d ' '|tr -d '\r')
# Checking answer status
status=$(echo "$answer" |grep HTTP/1.1 |tail -n1 |cut -f2 -d ' ')
status=$(echo "$answer" |grep HTTP/ |tail -n1 |cut -f2 -d ' ')
if [[ "${status:0:2}" -ne "20" ]]; then
check_result $E_CONNECT "Let's Encrypt acc registration failed $status"
fi

8
bin/v-add-web-domain
View file

@ -48,6 +48,8 @@ is_object_unsuspended 'user' 'USER' "$user"
is_package_full 'WEB_DOMAINS' 'WEB_ALIASES'
is_domain_new 'web' "$domain,$aliases"
is_dir_symlink $HOMEDIR/$user/web
if_dir_exists $HOMEDIR/$user/web/$domain
is_dir_symlink $HOMEDIR/$user/web/$domain
if [ ! -z "$ip" ]; then
is_ip_valid "$ip" "$user"
else
@ -89,9 +91,9 @@ done
chown -R $user:$user $HOMEDIR/$user/web/$domain
chown root:$user /var/log/$WEB_SYSTEM/domains/$domain.* $conf
chmod 640 /var/log/$WEB_SYSTEM/domains/$domain.*
chmod 751 $HOMEDIR/$user/web/$domain $HOMEDIR/$user/web/$domain/*
chmod 551 $HOMEDIR/$user/web/$domain/stats $HOMEDIR/$user/web/$domain/logs
chmod 644 $HOMEDIR/$user/web/$domain/public_*html/*.*
sudo -u $user chmod 751 $HOMEDIR/$user/web/$domain $HOMEDIR/$user/web/$domain/*
sudo -u $user chmod 551 $HOMEDIR/$user/web/$domain/stats $HOMEDIR/$user/web/$domain/logs
sudo -u $user chmod 644 $HOMEDIR/$user/web/$domain/public_*html/*.*
# Addding PHP-FPM backend
if [ ! -z "$WEB_BACKEND" ]; then

2
bin/v-add-web-domain-backend
View file

@ -46,7 +46,7 @@ fi
# Allocating backend port
backend_port=9000
ports=$(grep -v '^;' $pool/* 2>/dev/null |grep listen |grep -o :[0-9].*)
ports=$(grep listen $pool/* 2>/dev/null |grep -o :[0-9].*)
ports=$(echo "$ports" |sed "s/://" |sort -n)
for port in $ports; do
if [ "$backend_port" -eq "$port" ]; then

2
bin/v-add-web-domain-ftp
View file

@ -84,7 +84,7 @@ fi
/usr/sbin/useradd $ftp_user \
-s $shell \
-o -u $(id -u $user) \
-g $(id -u $user) \
-g $(id -g $user) \
-M -d "$ftp_path_a" > /dev/null 2>&1
# Set ftp user password

2
bin/v-add-web-domain-ssl
View file

@ -143,6 +143,8 @@ if [ ! -z "$UPDATE_HOSTNAME_SSL" ] && [ "$UPDATE_HOSTNAME_SSL" = "yes" ]; then
fi
fi
UPDATE_SSL_SCRIPT=''
source $VESTA/conf/vesta.conf
if [ ! -z "$UPDATE_SSL_SCRIPT" ]; then
eval "$UPDATE_SSL_SCRIPT $user $domain"
fi

5
bin/v-backup-user
View file

@ -479,7 +479,8 @@ if [ "$USER" != '*' ]; then
exclusion=$(echo "$USER" |tr ',' '\n' |grep "^$udir$")
if [ -z "$exclusion" ]; then
((i ++))
udir_list="$udir_list $udir"
udir_str=$(echo "$udir" |sed -e "s|'|\\\'|g")
udir_list="$udir_list $udir_str"
echo -e "$(date "+%F %T") adding $udir" |tee -a $BACKUP/$user.log
# Backup files and dirs
@ -594,7 +595,7 @@ ftp_backup() {
fi
# Debug info
echo -e "$(date "+%F %T") Remote: ftp://$HOST$BPATH/$user.$backup_new_date.tar"
echo -e "$(date "+%F %T") Remote: ftp://$HOST/$BPATH/$user.$backup_new_date.tar"
# Checking ftp connection
fconn=$(ftpc)

5
bin/v-change-mail-account-password
View file

@ -52,8 +52,11 @@ salt=$(generate_password "$PW_MATRIX" "8")
md5="{MD5}$($BIN/v-generate-password-hash md5 $salt <<<$password)"
if [[ "$MAIL_SYSTEM" =~ exim ]]; then
quota=$(grep $account $VESTA/data/users/${user}/mail/${domain}.conf)
quota=$(echo $quota | awk '{ print $7 }' | sed -e "s/'//g" )
quota=$(echo $quota | cut -d "=" -f 2 | sed -e "s/unlimited/0/g")
sed -i "/^$account:/d" $HOMEDIR/$user/conf/mail/$domain/passwd
str="$account:$md5:$user:mail::$HOMEDIR/$user:$quota"
str="$account:$md5:$user:mail::$HOMEDIR/$user:${quota}M"
echo $str >> $HOMEDIR/$user/conf/mail/$domain/passwd
fi

1
bin/v-change-sys-config-value
View file

@ -28,6 +28,7 @@ PATH="$PATH:/usr/local/sbin:/sbin:/usr/sbin:/root/bin"
check_args '2' "$#" 'KEY VALUE'
is_format_valid 'key'
format_no_quotes "$value" 'value'
#----------------------------------------------------------#
# Action #

1
bin/v-change-sys-service-config
View file

@ -63,6 +63,7 @@ case $service in
spamd) dst=$($BIN/v-list-sys-spamd-config plain);;
spamassassin) dst=$($BIN/v-list-sys-spamd-config plain);;
clamd) dst=$($BIN/v-list-sys-clamd-config plain);;
clamd.scan) dst=$($BIN/v-list-sys-clamd-config plain);;
cron) dst='/etc/crontab';;
crond) dst='/etc/crontab';;
fail2ban) dst='/etc/fail2ban/jail.local';;

33
bin/v-change-user-package
View file

@ -16,16 +16,12 @@ force=$3
# Includes
source $VESTA/func/main.sh
source $VESTA/func/domain.sh
source $VESTA/conf/vesta.conf
is_package_avalable() {
usr_data=$(cat $USER_DATA/user.conf)
IFS=$'\n'
for key in $usr_data; do
eval ${key%%=*}=${key#*=}
done
source $USER_DATA/user.conf
WEB_DOMAINS='0'
DATABASES='0'
MAIL_DOMAINS='0'
@ -33,9 +29,13 @@ is_package_avalable() {
DISK_QUOTA='0'
BANDWIDTH='0'
pkg_data=$(cat $VESTA/data/packages/$package.pkg |grep -v TIME |\
grep -v DATE)
eval $pkg_data
pkg_data=$(cat $VESTA/data/packages/$package.pkg| egrep -v "TIME|DATE")
IFS=$'\n'
for str in $pkg_data; do
key=$(echo $str |cut -f 1 -d =)
value=$(echo $str |cut -f 2 -d \')
eval $key="$value"
done
# Checking usage agains package limits
if [ "$WEB_DOMAINS" != 'unlimited' ]; then
@ -73,11 +73,22 @@ is_package_avalable() {
check_result $E_LIMIT "Package doesn't cover BANDWIDTH usage"
fi
fi
# Checking templates
is_web_template_valid $WEB_TEMPLATE
is_dns_template_valid $DNS_TEMPLATE
is_proxy_template_valid $PROXY_TEMPLATE
}
change_user_package() {
eval $(cat $USER_DATA/user.conf)
eval $(cat $VESTA/data/packages/$package.pkg |egrep -v "TIME|DATE")
source $USER_DATA/user.conf
pkg_data=$(cat $VESTA/data/packages/$package.pkg| egrep -v "TIME|DATE")
IFS=$'\n'
for str in $pkg_data; do
key=$(echo $str |cut -f 1 -d =)
value=$(echo $str |cut -f 2 -d \')
eval $key="$value"
done
echo "FNAME='$FNAME'
LNAME='$LNAME'
PACKAGE='$package'

7
bin/v-change-user-password
View file

@ -13,6 +13,10 @@
user=$1
password=$2; HIDE=2
# Importing system enviroment as we run this script
# mostly by cron wich not read it by itself
source /etc/profile
# Includes
source $VESTA/func/main.sh
source $VESTA/conf/vesta.conf
@ -22,6 +26,9 @@ source $VESTA/conf/vesta.conf
# Verifications #
#----------------------------------------------------------#
if [ "$user" = "root" ]; then
check_result $E_FORBIDEN "Changing root password is forbiden"
fi
check_args '2' "$#" 'USER PASSWORD'
is_format_valid 'user'
is_object_valid 'user' 'USER' "$user"

60
bin/v-change-vesta-port Normal file
View file

@ -0,0 +1,60 @@
#!/bin/bash
# info: change vesta port
# options: port
#
# Function will change vesta port
#----------------------------------------------------------#
# Variable&Function #
#----------------------------------------------------------#
# Argument definition
port=$1
if [ -z "$VESTA" ]; then
VESTA="/usr/local/vesta"
fi
# Get current vesta port by reading nginx.conf
oldport=$(grep 'listen' $VESTA/nginx/conf/nginx.conf | awk '{print $2}' | sed "s|;||")
if [ -z "$oldport" ]; then
oldport=8083
fi
# Includes
source $VESTA/func/main.sh
#----------------------------------------------------------#
# Verifications #
#----------------------------------------------------------#
# Checking permissions
if [ "$(id -u)" != '0' ]; then
check_result $E_FORBIDEN "You must be root to execute this script"
fi
check_args '1' "$#" 'PORT'
is_int_format_valid "$port" 'port number'
#----------------------------------------------------------#
# Action #
#----------------------------------------------------------#
sed -i "s|$oldport;|$port;|g" $VESTA/nginx/conf/nginx.conf
if [ -f "/etc/roundcube/plugins/password/config.inc.php" ]; then
sed -i "s|'$oldport'|'$port'|g" /etc/roundcube/plugins/password/config.inc.php
fi
sed -i "s|'$oldport'|'$port'|g" $VESTA/data/firewall/rules.conf
$VESTA/bin/v-update-firewall
systemctl restart fail2ban.service
sed -i "s| $oldport | $port |g" /etc/iptables.rules
systemctl restart vesta
#----------------------------------------------------------#
# Vesta #
#----------------------------------------------------------#
# Logging
log_event "$OK" "$ARGUMENTS"
exit 0;

2
bin/v-change-web-domain-backend-tpl
View file

@ -52,7 +52,7 @@ rm -f $pool/$backend_type.conf
# Allocating backend port
backend_port=9000
ports=$(grep -v '^;' $pool/* 2>/dev/null |grep listen |grep -o :[0-9].*)
ports=$(grep listen $pool/* 2>/dev/null |grep -o :[0-9].*)
ports=$(echo "$ports" |sed "s/://" |sort -n)
for port in $ports; do
if [ "$backend_port" -eq "$port" ]; then

2
bin/v-deactivate-vesta-license
View file

@ -35,7 +35,7 @@ check_args '2' "$#" 'MODULE LICENSE'
# Activating license
v_host='https://vestacp.com/checkout'
answer=$(curl -s $v_host/cancel.php?licence_key=$license)
answer=$(curl -s "$v_host/cancel.php?licence_key=$license&module=$module")
check_result $? "cant' connect to vestacp.com " $E_CONNECT
# Checking server answer

8
bin/v-delete-web-domain-ssl
View file

@ -57,7 +57,13 @@ fi
# Deleting old certificate
tmpdir=$(mktemp -p $HOMEDIR/$user/web/$domain/private -d)
rm -f $HOMEDIR/$user/conf/web/ssl.$domain.*
# remove certificate files - do not use wildcard, as this might remove other domains
rm -f $HOMEDIR/$user/conf/web/ssl.$domain.ca
rm -f $HOMEDIR/$user/conf/web/ssl.$domain.crt
rm -f $HOMEDIR/$user/conf/web/ssl.$domain.key
rm -f $HOMEDIR/$user/conf/web/ssl.$domain.pem
mv $USER_DATA/ssl/$domain.* $tmpdir
chown -R $user:$user $tmpdir

2
bin/v-extract-fs-archive
View file

@ -82,7 +82,7 @@ fi
# Extracting ziped archive
if [ ! -z "$(echo $src_file |grep -i '.zip')" ]; then
sudo -u $user mkdir -p "$dst_dir" >/dev/null 2>&1
sudo -u $user unzip "$src_file" -d "$dst_dir" >/dev/null 2>&1
sudo -u $user unzip -o "$src_file" -d "$dst_dir" >/dev/null 2>&1
rc=$?
fi

2
bin/v-generate-ssl-cert
View file

@ -67,7 +67,7 @@ fi
args_usage='DOMAIN EMAIL COUNTRY STATE CITY ORG UNIT [ALIASES] [FORMAT]'
check_args '7' "$#" "$args_usage"
is_format_valid 'domain_alias' 'format'
is_format_valid 'domain' 'alias' 'format'
#----------------------------------------------------------#

2
bin/v-list-user-backups
View file

@ -22,7 +22,7 @@ json_list() {
i=1
objects=$(grep BACKUP $USER_DATA/backup.conf |wc -l)
echo "{"
while read str; do
while read -r str; do
eval $str
echo -n ' "'$BACKUP'": {
"TYPE": "'$TYPE'",

8
bin/v-list-user-package
View file

@ -22,6 +22,7 @@ json_list() {
echo '{'
echo ' "'$PACKAGE'": {
"WEB_TEMPLATE": "'$WEB_TEMPLATE'",
"BACKEND_TEMPLATE": "'$BACKEND_TEMPLATE'",
"PROXY_TEMPLATE": "'$PROXY_TEMPLATE'",
"DNS_TEMPLATE": "'$DNS_TEMPLATE'",
"WEB_DOMAINS": "'$WEB_DOMAINS'",
@ -47,6 +48,7 @@ json_list() {
shell_list() {
echo "PACKAGE: $PACKAGE"
echo "WEB TEMPLATE: $WEB_TEMPLATE"
echo "BACKEND_TEMPLATE: $BACKEND_TEMPLATE"
echo "PROXY TEMPLATE: $PROXY_TEMPLATE"
echo "DNS TEMPLATE: $DNS_TEMPLATE"
echo "WEB DOMAINS: $WEB_DOMAINS"
@ -68,7 +70,7 @@ shell_list() {
# PLAIN list function
plain_list() {
echo -ne "$PACKAGE\t$WEB_TEMPLATE\t$PROXY_TEMPLATE\t$DNS_TEMPLATE\t"
echo -ne "$PACKAGE\t$WEB_TEMPLATE\t$BACKEND_TEMPLATE\t$PROXY_TEMPLATE\t$DNS_TEMPLATE\t"
echo -ne "$WEB_DOMAINS\t$WEB_ALIASES\t$DNS_DOMAINS\t$DNS_RECORDS\t"
echo -ne "$MAIL_DOMAINS\t$MAIL_ACCOUNTS\t$DATABASES\t$CRON_JOBS\t"
echo -e "$DISK_QUOTA\t$BANDWIDTH\t$NS\t$SHELL\t$BACKUPS\t$TIME\t$DATE"
@ -76,11 +78,11 @@ plain_list() {
# CSV list function
csv_list() {
echo -n "PACKAGE,WEB_TEMPLATE,PROXY_TEMPLATE,DNS_TEMPLATE,"
echo -n "PACKAGE,WEB_TEMPLATE,BACKEND_TEMPLATE,PROXY_TEMPLATE,DNS_TEMPLATE,"
echo -n "WEB_DOMAINS,WEB_ALIASES,DNS_DOMAINS,DNS_RECORDS,"
echo -n "MAIL_DOMAINS,MAIL_ACCOUNTS,DATABASES,CRON_JOBS,"
echo "DISK_QUOTA,BANDWIDTH,NS,SHELL,BACKUPS,TIME,DATE"
echo -n "$PACKAGE,$WEB_TEMPLATE,$PROXY_TEMPLATE,$DNS_TEMPLATE,"
echo -n "$PACKAGE,$WEB_TEMPLATE,$BACKEND_TEMPLATE,$PROXY_TEMPLATE,$DNS_TEMPLATE,"
echo -n "$WEB_DOMAINS,$WEB_ALIASES,$DNS_DOMAINS,$DNS_RECORDS,"
echo -n "$MAIL_DOMAINS,$MAIL_ACCOUNTS,$DATABASES,$CRON_JOBS,"
echo "$DISK_QUOTA,$BANDWIDTH,\"$NS\",$SHELL,$BACKUPS,$TIME,$DATE"

9
bin/v-list-user-packages
View file

@ -27,6 +27,7 @@ json_list() {
source $VESTA/data/packages/$package
echo -n ' "'$PACKAGE'": {
"WEB_TEMPLATE": "'$WEB_TEMPLATE'",
"BACKEND_TEMPLATE": "'$BACKEND_TEMPLATE'",
"PROXY_TEMPLATE": "'$PROXY_TEMPLATE'",
"DNS_TEMPLATE": "'$DNS_TEMPLATE'",
"WEB_DOMAINS": "'$WEB_DOMAINS'",
@ -65,7 +66,7 @@ shell_list() {
package_data=$(cat $VESTA/data/packages/$package)
package_data=$(echo "$package_data" |sed -e 's/unlimited/unlim/g')
eval $package_data
echo -n "$PACKAGE $WEB_TEMPLATE $WEB_DOMAINS $DNS_DOMAINS "
echo -n "$PACKAGE $WEB_TEMPLATE $BACKEND_TEMPLATE $WEB_DOMAINS $DNS_DOMAINS "
echo "$MAIL_DOMAINS $DATABASES $SHELL $DISK_QUOTA $BANDWIDTH"
done
}
@ -75,7 +76,7 @@ plain_list() {
for package in $packages; do
source $VESTA/data/packages/$package
PACKAGE=${package/.pkg/}
echo -ne "$PACKAGE\t$WEB_TEMPLATE\t$PROXY_TEMPLATE\t$DNS_TEMPLATE\t"
echo -ne "$PACKAGE\t$WEB_TEMPLATE\t$BACKEND_TEMPLATE\t$PROXY_TEMPLATE\t$DNS_TEMPLATE\t"
echo -ne "$WEB_DOMAINS\t$WEB_ALIASES\t$DNS_DOMAINS\t$DNS_RECORDS\t"
echo -ne "$MAIL_DOMAINS\t$MAIL_ACCOUNTS\t$DATABASES\t$CRON_JOBS\t"
echo -e "$DISK_QUOTA\t$BANDWIDTH\t$NS\t$SHELL\t$BACKUPS\t$TIME\t$DATE"
@ -84,13 +85,13 @@ plain_list() {
# CSV list function
csv_list() {
echo -n "PACKAGE,WEB_TEMPLATE,PROXY_TEMPLATE,DNS_TEMPLATE,"
echo -n "PACKAGE,WEB_TEMPLATE,BACKEND_TEMPLATE,PROXY_TEMPLATE,DNS_TEMPLATE,"
echo -n "WEB_DOMAINS,WEB_ALIASES,DNS_DOMAINS,DNS_RECORDS,"
echo -n "MAIL_DOMAINS,MAIL_ACCOUNTS,DATABASES,CRON_JOBS,"
echo "DISK_QUOTA,BANDWIDTH,NS,SHELL,BACKUPS,TIME,DATE"
for package in $packages; do
PACKAGE=${package/.pkg/}
echo -n "$PACKAGE,$WEB_TEMPLATE,$PROXY_TEMPLATE,$DNS_TEMPLATE,"
echo -n "$PACKAGE,$WEB_TEMPLATE,$BACKEND_TEMPLATE,$PROXY_TEMPLATE,$DNS_TEMPLATE,"
echo -n "$WEB_DOMAINS,$WEB_ALIASES,$DNS_DOMAINS,$DNS_RECORDS,"
echo -n "$MAIL_DOMAINS,$MAIL_ACCOUNTS,$DATABASES,$CRON_JOBS,"
echo "$DISK_QUOTA,$BANDWIDTH,\"$NS\",$SHELL,$BACKUPS,$TIME,$DATE"

2
bin/v-list-web-domain-ssl
View file

@ -112,7 +112,7 @@ if [ -e "$USER_DATA/ssl/$domain.crt" ]; then
crt=$(cat $USER_DATA/ssl/$domain.crt |sed ':a;N;$!ba;s/\n/\\n/g')
info=$(openssl x509 -text -in $USER_DATA/ssl/$domain.crt)
subj=$(echo "$info" |grep Subject: |cut -f 2 -d =)
subj=$(echo "$info" |grep Subject: |cut -f 2 -d =|cut -f 2 -d \")
before=$(echo "$info" |grep Before: |sed -e "s/.*Before: //")
after=$(echo "$info" |grep "After :" |sed -e "s/.*After : //")
signature=$(echo "$info" |grep "Algorithm:" |head -n1 )

6
bin/v-restart-proxy
View file

@ -50,7 +50,13 @@ if [ -z "$PROXY_SYSTEM" ] || [ "$PROXY_SYSTEM" = 'remote' ]; then
fi
# Restart system
if [ ! -f "/etc/debian_version" ]; then
service $PROXY_SYSTEM restart >/dev/null 2>&1
else
systemctl reset-failed $PROXY_SYSTEM
systemctl restart $PROXY_SYSTEM > /dev/null 2>&1
fi
if [ $? -ne 0 ]; then
send_email_report
check_result $E_RESTART "$PROXY_SYSTEM restart failed"

11
bin/v-restore-user
View file

@ -56,6 +56,7 @@ ftpc() {
quote USER $USERNAME
quote PASS $PASSWORD
binary
lcd $BACKUP
$1
$2
$3
@ -289,7 +290,7 @@ if [ "$web" != 'no' ] && [ ! -z "$WEB_SYSTEM" ]; then
if [ -z "$web" ] || [ "$web" = '*' ]; then
domains="$backup_domains"
else
echo "$web" |tr ',' '\n' > $tmpdir/selected.txt
echo "$web" | tr ',' '\n' | sed -e "s/^/^/" > $tmpdir/selected.txt
domains=$(echo "$backup_domains" |egrep -f $tmpdir/selected.txt)
fi
@ -409,7 +410,7 @@ if [ "$web" != 'no' ] && [ ! -z "$WEB_SYSTEM" ]; then
chown $user $tmpdir
chmod u+w $HOMEDIR/$user/web/$domain
sudo -u $user tar -xzpf $tmpdir/web/$domain/domain_data.tar.gz \
-C $HOMEDIR/$user/web/$domain/ --exclude=logs/* \
-C $HOMEDIR/$user/web/$domain/ --exclude=./logs/* \
2> $HOMEDIR/$user/web/$domain/restore_errors.log
if [ -e "$HOMEDIR/$user/web/$domain/restore_errors.log" ]; then
chown $user:$user $HOMEDIR/$user/web/$domain/restore_errors.log
@ -458,7 +459,7 @@ if [ "$dns" != 'no' ] && [ ! -z "$DNS_SYSTEM" ]; then
if [ -z "$dns" ] || [ "$dns" = '*' ]; then
domains="$backup_domains"
else
echo "$dns" |tr ',' '\n' > $tmpdir/selected.txt
echo "$dns" | tr ',' '\n' | sed -e "s/^/^/" > $tmpdir/selected.txt
domains=$(echo "$backup_domains" |egrep -f $tmpdir/selected.txt)
fi
@ -538,7 +539,7 @@ if [ "$mail" != 'no' ] && [ ! -z "$MAIL_SYSTEM" ]; then
if [ -z "$mail" ] || [ "$mail" = '*' ]; then
domains="$backup_domains"
else
echo "$mail" |tr ',' '\n' > $tmpdir/selected.txt
echo "$mail" | tr ',' '\n' | sed -e "s/^/^/" > $tmpdir/selected.txt
domains=$(echo "$backup_domains" |egrep -f $tmpdir/selected.txt)
fi
@ -635,7 +636,7 @@ if [ "$db" != 'no' ] && [ ! -z "$DB_SYSTEM" ]; then
if [ -z "$db" ] || [ "$db" = '*' ]; then
databases="$backup_databases"
else
echo "$db" |tr ',' '\n' > $tmpdir/selected.txt
echo "$db" |tr ',' '\n' | sed -e "s/$/$/" > $tmpdir/selected.txt
databases=$(echo "$backup_databases" |egrep -f $tmpdir/selected.txt)
fi

14
bin/v-schedule-user-restore
View file

@ -23,6 +23,19 @@ udir=$8
source $VESTA/func/main.sh
source $VESTA/conf/vesta.conf
# Check backup ownership function
is_backup_available() {
passed=false
if [[ $2 =~ ^$1.[0-9][0-9][0-9][0-9]-[0-9][0-9]-[0-9][0-9]_[0-9][0-9]-[0-9][0-9]-[0-9][0-9].tar$ ]]; then
passed=true
elif [[ $2 =~ ^$1.[0-9][0-9][0-9][0-9]-[0-9][0-9]-[0-9][0-9].tar$ ]]; then
passed=true
fi
if [ $passed = false ]; then
check_result $E_FORBIDEN "permission denied"
fi
}
#----------------------------------------------------------#
# Verifications #
@ -34,6 +47,7 @@ is_system_enabled "$BACKUP_SYSTEM" 'BACKUP_SYSTEM'
is_object_valid 'user' 'USER' "$user"
is_backup_enabled
is_backup_scheduled 'restore'
is_backup_available "$user" "$backup"
#----------------------------------------------------------#

23
bin/v-search-object
View file

@ -84,6 +84,22 @@ OLD_IFS=$IFS
IFS=$'\n'
# User loop
search_user=$(ls -1 $VESTA/data/users |grep $object)
for user in $search_user; do
if [ -e "$VESTA/data/users/$user/user.conf" ]; then
source $VESTA/data/users/$user/user.conf
((i ++))
type=$(echo $type|cut -f1 -d \.)
str="ID='$i' USER='$user' TYPE='user' KEY='$user'"
str="$str RESULT='$user' ALIAS=''"
str="$str LINK='$user' PARENT=''"
str="$str SUSPENDED='$SUSPENDED' TIME='$TIME'"
str="$str DATE='$DATE'"
echo $str >> $conf
fi
done
# User data loop
for user in $(ls $VESTA/data/users/); do
# Search query
search=$(grep "$object" \
@ -154,12 +170,13 @@ for user in $(ls $VESTA/data/users/); do
# DNS Records
if [ "$type" = 'dns' ]; then
if [ -n "$(echo $RECORD |grep $object)" ]; then
if [ -n "$(echo $RECORD $VALUE |grep $object)" ]; then
dom="$(echo $row|cut -f 1 -d :|cut -f 9 -d /|sed 's/.conf//')"
key="RECORD"
result="$RECORD.$DOMAIN"
result="$RECORD.$dom"
suspended=$SUSPENDED
object_link=$ID
object_parent=$DOMAIN
object_parent=$dom
object_time=$TIME
object_date=$DATE
((i ++))

32
bin/v-update-letsencrypt-ssl
View file

@ -23,12 +23,34 @@ source $VESTA/conf/vesta.conf
#----------------------------------------------------------#
lecounter=0
hostname=$(hostname)
echo "[$(date)] : -----------------------------------------------------------------------------------" >> /usr/local/vesta/log/letsencrypt_cron.log
# Checking user certificates
for user in $($BIN/v-list-users plain |cut -f 1); do
USER_DATA=$VESTA/data/users/$user
for domain in $(search_objects 'web' 'LETSENCRYPT' 'yes' 'DOMAIN'); do
limit_check=1
fail_counter=$(get_web_counter "$user" "$domain" 'LETSENCRYPT_FAIL_COUNT')
if [[ "$hostname" = "$domain" ]]; then
if [[ "$fail_counter" -eq 7 ]]; then
limit_check=0
fi
if [[ "$fail_counter" -eq 8 ]]; then
fail_counter=$(alter_web_counter "$user" "$domain" 'LETSENCRYPT_FAIL_COUNT')
send_email_to_admin "LetsEncrypt renewing hostname $hostname" "Warning: hostname $domain failed for LetsEncrypt renewing"
fi
fi
if [[ "$fail_counter" -ge 7 ]] && [[ "$limit_check" -eq 1 ]]; then
# echo "$domain failed $fail_counter times for LetsEncrypt renewing, skipping"
echo "[$(date)] : $domain failed $fail_counter times for LetsEncrypt renewing, skipping" >> /usr/local/vesta/log/letsencrypt_cron.log
continue;
fi
crt_data=$(openssl x509 -text -in $USER_DATA/ssl/$domain.crt)
not_after=$(echo "$crt_data" |grep "Not After" |cut -f 2,3,4 -d :)
expiration=$(date -d "$not_after" +%s)
@ -37,7 +59,7 @@ for user in $($BIN/v-list-users plain |cut -f 1); do
days_valid=$((seconds_valid / 86400))
if [[ "$days_valid" -lt 31 ]]; then
if [ $lecounter -gt 0 ]; then
sleep 10
sleep 120
fi
((lecounter++))
aliases=$(echo "$crt_data" |grep DNS:)
@ -47,7 +69,15 @@ for user in $($BIN/v-list-users plain |cut -f 1); do
aliases=$(echo "$aliases" |sed -e ':a;N;$!ba;s/\n/,/g')
msg=$($BIN/v-add-letsencrypt-domain $user $domain $aliases)
if [ $? -ne 0 ]; then
if [[ $msg == *"is suspended" ]]; then
echo "[$(date)] : SUSPENDED: $domain $msg" >> /usr/local/vesta/log/letsencrypt_cron.log
else
echo "[$(date)] : $domain $msg" >> /usr/local/vesta/log/letsencrypt_cron.log
echo "$domain $msg"
fail_counter=$(alter_web_counter "$user" "$domain" 'LETSENCRYPT_FAIL_COUNT')
echo "[$(date)] : fail_counter = $fail_counter" >> /usr/local/vesta/log/letsencrypt_cron.log
echo "fail_counter = $fail_counter"
fi
fi
fi
done

8
bin/v-update-sys-rrd-mem
View file

@ -61,13 +61,13 @@ fi
# Parsing data
if [ "$period" = 'daily' ]; then
mem=$(free -m)
used=$(echo "$mem" |grep Mem |awk '{print $3}')
used=$(echo "$mem" |awk '(NR == 2)' |awk '{print $3}')
if [ -z "$(echo "$mem" | grep available)" ]; then
free=$(echo "$mem" |grep buffers/cache |awk '{print $4}')
free=$(echo "$mem" |grep buff/cache |awk '{print $4}')
else
free=$(echo "$mem" |grep Mem |awk '{print $7}')
free=$(echo "$mem" |awk '(NR == 2)' |awk '{print $7}')
fi
swap=$(echo "$mem" |grep Swap |awk '{print $3}')
swap=$(echo "$mem" |awk '(NR == 3)' |awk '{print $3}')
# Updating rrd
rrdtool update $RRD/mem/mem.rrd N:$used:$swap:$free

20
bin/v-update-sys-vesta
View file

@ -28,6 +28,26 @@ source $VESTA/conf/vesta.conf
# Checking arg number
check_args '1' "$#" 'PACKAGE'
valid=0
if [ "$package" = "vesta" ]; then
valid=1
fi
if [ "$package" = "vesta-nginx" ]; then
valid=1
fi
if [ "$package" = "vesta-php" ]; then
valid=1
fi
if [ "$package" = "vesta-ioncube" ]; then
valid=1
fi
if [ "$package" = "vesta-softaculous" ]; then
valid=1
fi
if [ $valid -eq 0 ]; then
echo "Package $package is not valid"
exit 1
fi
#----------------------------------------------------------#
# Action #

2
func/db.sh
View file

@ -322,7 +322,7 @@ delete_pgsql_database() {
psql_connect $HOST
query="REVOKE ALL PRIVILEGES ON DATABASE $database FROM $DBUSER"
psql_qyery "$query" > /dev/null
psql_query "$query" > /dev/null
query="DROP DATABASE $database"
psql_query "$query" > /dev/null

18
func/domain.sh
View file

@ -412,6 +412,24 @@ update_domain_zone() {
VALUE=$(idn --quiet -a -t "$VALUE")
fi
# Split long TXT entries into 255 chunks
if [ "$TYPE" = 'TXT' ]; then
txtlength=${#VALUE}
if [ $txtlength -gt 255 ]; then
already_chunked=0
if [[ $VALUE == *"\" \""* ]] || [[ $VALUE == *"\"\""* ]]; then
already_chunked=1
fi
if [ $already_chunked -eq 0 ]; then
if [[ ${VALUE:0:1} = '"' ]]; then
txtlength=$(( $txtlength - 2 ))
VALUE=${VALUE:1:txtlength}
fi
VALUE=$(echo $VALUE | fold -w 255 | xargs -I '$' echo -n '"$"')
fi
fi
fi
if [ "$SUSPENDED" != 'yes' ]; then
eval echo -e "\"$fields\""|sed "s/%quote%/'/g" >> $zn_conf
fi

111
func/main.sh
View file

@ -296,6 +296,20 @@ is_dir_symlink() {
fi
}
# Check if file exists
if_file_exists() {
if [[ -f "$1" ]]; then
check_result $E_FORBIDEN "$1 file exists"
fi
}
# Check if directory exists
if_dir_exists() {
if [[ -d "$1" ]]; then
check_result $E_FORBIDEN "$1 directory exists"
fi
}
# Get object value
get_object_value() {
object=$(grep "$2='$3'" $USER_DATA/$1.conf)
@ -817,6 +831,23 @@ is_format_valid_shell() {
exit $E_INVALID
fi
}
format_no_quotes() {
exclude="['|\"]"
if [[ "$1" =~ $exclude ]]; then
check_result "$E_INVALID" "Invalid $2 contains qoutes (\" or ') :: $1"
fi
is_no_new_line_format "$1"
}
is_no_new_line_format() {
test=$(echo "$1" | head -n1 );
if [[ "$test" != "$1" ]]; then
check_result "$E_INVALID" "invalid value :: $1"
fi
}
# Format validation controller
is_format_valid() {
for arg_name in $*; do
@ -825,6 +856,7 @@ is_format_valid() {
case $arg_name in
account) is_user_format_valid "$arg" "$arg_name";;
action) is_fw_action_format_valid "$arg";;
alias) is_alias_format_valid "$arg" ;;
aliases) is_alias_format_valid "$arg" ;;
antispam) is_boolean_format_valid "$arg" 'antispam' ;;
antivirus) is_boolean_format_valid "$arg" 'antivirus' ;;
@ -850,6 +882,7 @@ is_format_valid() {
host) is_object_format_valid "$arg" "$arg_name" ;;
hour) is_cron_format_valid "$arg" $arg_name ;;
id) is_int_format_valid "$arg" 'id' ;;
interface) is_interface_format_valid "$arg" ;;
ip) is_ip_format_valid "$arg" ;;
ip_name) is_domain_format_valid "$arg" 'IP name';;
ip_status) is_ip_status_format_valid "$arg" ;;
@ -939,3 +972,81 @@ format_aliases() {
aliases=$(echo "$aliases" |tr '\n' ',' |sed -e "s/,$//")
fi
}
alter_web_counter() {
user=$1
domain=$2
USER_DATA=$VESTA/data/users/$user
varc=$3
vard="\$${varc}"
counter=$(get_object_value 'web' 'DOMAIN' "$domain" "$vard")
if [ -z "$counter" ]; then
add_object_key "web" 'DOMAIN' "$domain" "$varc" "TIME"
counter=0
fi
((counter++))
backup_counter=$counter
update_object_value 'web' 'DOMAIN' "$domain" "$vard" "$counter"
counter=$backup_counter
echo $counter
}
reset_web_counter() {
user=$1
domain=$2
USER_DATA=$VESTA/data/users/$user
varc=$3
vard="\$${varc}"
update_object_value 'web' 'DOMAIN' "$domain" "$vard" "0"
}
get_web_counter() {
user=$1
domain=$2
USER_DATA=$VESTA/data/users/$user
varc=$3
vard="\$${varc}"
counter=$(get_object_value 'web' 'DOMAIN' "$domain" "$vard")
if [ -z "$counter" ]; then
counter=0
fi
echo $counter
}
# Simple chmod wrapper that skips symlink files after glob expand
# Taken from HestiaCP
no_symlink_chmod() {
local filemode=$1; shift;
for i in "$@"; do
[[ -L ${i} ]] && continue
chmod "${filemode}" "${i}"
done
}
# $1 = subject
# $2 = body
send_email_to_admin() {
email=$(grep CONTACT /usr/local/vesta/data/users/admin/user.conf)
email=$(echo "$email" | cut -f 2 -d "'")
if [ -z "$email" ]; then
if [ ! -z "$NOTIFY_ADMIN_FULL_BACKUP" ]; then
email=$NOTIFY_ADMIN_FULL_BACKUP
fi
fi
if [ -z "$email" ]; then
return;
fi
echo "$2" | $SENDMAIL -s "$1" "$email" 'yes'
}

10
func/rebuild.sh
View file

@ -51,7 +51,7 @@ rebuild_user_conf() {
mkdir -p $HOMEDIR/$user/conf
chmod a+x $HOMEDIR/$user
chmod a+x $HOMEDIR/$user/conf
chown $user:$user $HOMEDIR/$user
chown --no-dereference $user:$user $HOMEDIR/$user
chown root:root $HOMEDIR/$user/conf
# Update disk pipe
@ -80,7 +80,7 @@ rebuild_user_conf() {
chmod 751 $HOMEDIR/$user/conf/web
chmod 751 $HOMEDIR/$user/web
chmod 771 $HOMEDIR/$user/tmp
chown $user:$user $HOMEDIR/$user/web
chown --no-dereference $user:$user $HOMEDIR/$user/web
if [ -z "$create_user" ]; then
$BIN/v-rebuild-web-domains $user $restart
fi
@ -183,10 +183,10 @@ rebuild_web_domain_conf() {
fi
# Set folder permissions
chmod 551 $HOMEDIR/$user/web/$domain \
no_symlink_chmod 551 $HOMEDIR/$user/web/$domain \
$HOMEDIR/$user/web/$domain/stats \
$HOMEDIR/$user/web/$domain/logs
chmod 751 $HOMEDIR/$user/web/$domain/private \
no_symlink_chmod 751 $HOMEDIR/$user/web/$domain/private \
$HOMEDIR/$user/web/$domain/cgi-bin \
$HOMEDIR/$user/web/$domain/public_html \
$HOMEDIR/$user/web/$domain/public_shtml \
@ -194,7 +194,7 @@ rebuild_web_domain_conf() {
chmod 640 /var/log/$WEB_SYSTEM/domains/$domain.*
# Set ownership
chown $user:$user $HOMEDIR/$user/web/$domain \
chown --no-dereference $user:$user $HOMEDIR/$user/web/$domain \
$HOMEDIR/$user/web/$domain/private \
$HOMEDIR/$user/web/$domain/cgi-bin \
$HOMEDIR/$user/web/$domain/public_html \

2
install/debian/7/nginx/phpmyadmin.inc
View file

@ -1,5 +1,5 @@
location /phpmyadmin {
alias /usr/share/phpmyadmin/;
alias /usr/share/phpmyadmin;
location ~ /(libraries|setup) {
return 404;

2
install/debian/7/nginx/phppgadmin.inc
View file

@ -1,5 +1,5 @@
location /phppgadmin {
alias /usr/share/phppgadmin/;
alias /usr/share/phppgadmin;
location ~ ^/phppgadmin/(.*\.php)$ {
alias /usr/share/phppgadmin/$1;

2
install/debian/7/nginx/webmail.inc
View file

@ -1,5 +1,5 @@
location /webmail {
alias /var/lib/roundcube/;
alias /var/lib/roundcube;
location ~ /(config|temp|logs) {
return 404;

1
install/debian/7/pma/apache.conf
View file

@ -15,6 +15,7 @@ Alias /phpmyadmin /usr/share/phpmyadmin
php_admin_flag allow_url_fopen Off
php_value include_path .
php_admin_value upload_tmp_dir /var/lib/phpmyadmin/tmp
php_admin_value sys_temp_dir /var/lib/phpmyadmin/tmp
php_admin_value open_basedir /usr/share/phpmyadmin/:/etc/phpmyadmin/:/var/lib/phpmyadmin/:/usr/share/php/php-gettext
</IfModule>

1
install/debian/7/templates/web/apache2/basedir.stpl
View file

@ -17,6 +17,7 @@
Options +Includes -Indexes +ExecCGI
php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp
php_admin_value upload_tmp_dir %home%/%user%/tmp
php_admin_value sys_temp_dir %home%/%user%/tmp
php_admin_value session.save_path %home%/%user%/tmp
php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%"
</Directory>

1
install/debian/7/templates/web/apache2/basedir.tpl
View file

@ -16,6 +16,7 @@
Options +Includes -Indexes +ExecCGI
php_admin_value open_basedir %docroot%:%home%/%user%/tmp
php_admin_value upload_tmp_dir %home%/%user%/tmp
php_admin_value sys_temp_dir %home%/%user%/tmp
php_admin_value session.save_path %home%/%user%/tmp
php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%"
</Directory>

1
install/debian/7/templates/web/apache2/default.stpl
View file

@ -17,6 +17,7 @@
Options +Includes -Indexes +ExecCGI
php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp
php_admin_value upload_tmp_dir %home%/%user%/tmp
php_admin_value sys_temp_dir %home%/%user%/tmp
php_admin_value session.save_path %home%/%user%/tmp
</Directory>
<Directory %home%/%user%/web/%domain%/stats>

1
install/debian/7/templates/web/apache2/default.tpl
View file

@ -16,6 +16,7 @@
Options +Includes -Indexes +ExecCGI
php_admin_value open_basedir %docroot%:%home%/%user%/tmp
php_admin_value upload_tmp_dir %home%/%user%/tmp
php_admin_value sys_temp_dir %home%/%user%/tmp
php_admin_value session.save_path %home%/%user%/tmp
</Directory>
<Directory %home%/%user%/web/%domain%/stats>

1
install/debian/7/templates/web/apache2/hosting.stpl
View file

@ -24,6 +24,7 @@
php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%"
php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube
php_admin_value upload_tmp_dir %home%/%user%/tmp
php_admin_value sys_temp_dir %home%/%user%/tmp
php_admin_value session.save_path %home%/%user%/tmp
</Directory>
<Directory %home%/%user%/web/%domain%/stats>

2
install/debian/7/templates/web/apache2/hosting.tpl
View file

@ -14,7 +14,6 @@
<Directory %docroot%>
AllowOverride All
Options +Includes -Indexes +ExecCGI
php_admin_value upload_tmp_dir %home%/%user%/tmp
php_admin_value upload_max_filesize 10M
php_admin_value max_execution_time 20
php_admin_value post_max_size 8M
@ -24,6 +23,7 @@
php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%"
php_admin_value open_basedir %docroot%:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube
php_admin_value upload_tmp_dir %home%/%user%/tmp
php_admin_value sys_temp_dir %home%/%user%/tmp
php_admin_value session.save_path %home%/%user%/tmp
</Directory>
<Directory %home%/%user%/web/%domain%/stats>

1
install/debian/7/templates/web/apache2/phpcgi.stpl
View file

@ -17,6 +17,7 @@
Options +Includes -Indexes +ExecCGI
php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp
php_admin_value upload_tmp_dir %home%/%user%/tmp
php_admin_value sys_temp_dir %home%/%user%/tmp
php_admin_value session.save_path %home%/%user%/tmp
Action phpcgi-script /cgi-bin/php
<Files *.php>

1
install/debian/7/templates/web/apache2/phpcgi.tpl
View file

@ -16,6 +16,7 @@
Options +Includes -Indexes +ExecCGI
php_admin_value open_basedir %docroot%:%home%/%user%/tmp
php_admin_value upload_tmp_dir %home%/%user%/tmp
php_admin_value sys_temp_dir %home%/%user%/tmp
php_admin_value session.save_path %home%/%user%/tmp
Action phpcgi-script /cgi-bin/php
<Files *.php>

1
install/debian/7/templates/web/apache2/phpfcgid.stpl
View file

@ -17,6 +17,7 @@
Options +Includes -Indexes +ExecCGI
php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp
php_admin_value upload_tmp_dir %home%/%user%/tmp
php_admin_value sys_temp_dir %home%/%user%/tmp
php_admin_value session.save_path %home%/%user%/tmp
<Files *.php>
SetHandler fcgid-script

1
install/debian/7/templates/web/apache2/phpfcgid.tpl
View file

@ -16,6 +16,7 @@
Options +Includes -Indexes +ExecCGI
php_admin_value open_basedir %docroot%:%home%/%user%/tmp
php_admin_value upload_tmp_dir %home%/%user%/tmp
php_admin_value sys_temp_dir %home%/%user%/tmp
php_admin_value session.save_path %home%/%user%/tmp
<Files *.php>
SetHandler fcgid-script

1
install/debian/7/templates/web/php5-fpm/default.tpl
View file

@ -11,6 +11,7 @@ pm.max_requests = 4000
pm.process_idle_timeout = 10s
pm.status_path = /status
php_admin_value[sys_temp_dir] = /home/%user%/tmp
php_admin_value[upload_tmp_dir] = /home/%user%/tmp
php_admin_value[session.save_path] = /home/%user%/tmp

1
install/debian/7/templates/web/php5-fpm/socket.tpl
View file

@ -14,6 +14,7 @@ pm.max_requests = 4000
pm.process_idle_timeout = 10s
pm.status_path = /status
php_admin_value[sys_temp_dir] = /home/%user%/tmp
php_admin_value[upload_tmp_dir] = /home/%user%/tmp
php_admin_value[session.save_path] = /home/%user%/tmp

2
install/debian/7/templates/web/skel/public_html/index.html
View file

@ -18,7 +18,7 @@
<body>
<h1>%domain%</h1>
<div>
<a href="http://vestacp.com/">Powered by VESTA</a>
<a href="https://vestacp.com/">Server control panel by VESTA</a>
</div>
</body>

2
install/debian/7/templates/web/skel/public_shtml/index.html
View file

@ -18,7 +18,7 @@
<body>
<h1>%domain%</h1>
<div>
<a href="http://vestacp.com/">Powered by VESTA</a>
<a href="https://vestacp.com/">Server control panel by VESTA</a>
</div>
</body>

2
install/debian/8/nginx/phpmyadmin.inc
View file

@ -1,5 +1,5 @@
location /phpmyadmin {
alias /usr/share/phpmyadmin/;
alias /usr/share/phpmyadmin;
location ~ /(libraries|setup) {
return 404;

2
install/debian/8/nginx/phppgadmin.inc
View file

@ -1,5 +1,5 @@
location /phppgadmin {
alias /usr/share/phppgadmin/;
alias /usr/share/phppgadmin;
location ~ ^/phppgadmin/(.*\.php)$ {
alias /usr/share/phppgadmin/$1;

2
install/debian/8/nginx/webmail.inc
View file

@ -1,5 +1,5 @@
location /webmail {
alias /var/lib/roundcube/;
alias /var/lib/roundcube;
location ~ /(config|temp|logs) {
return 404;

1
install/debian/8/pma/apache.conf
View file

@ -15,6 +15,7 @@ Alias /phpmyadmin /usr/share/phpmyadmin
php_admin_flag allow_url_fopen Off
php_value include_path .
php_admin_value upload_tmp_dir /var/lib/phpmyadmin/tmp
php_admin_value sys_temp_dir /var/lib/phpmyadmin/tmp
php_admin_value open_basedir /usr/share/phpmyadmin/:/etc/phpmyadmin/:/var/lib/phpmyadmin/:/usr/share/php/php-gettext
</IfModule>

1
install/debian/8/templates/web/apache2/basedir.stpl
View file

@ -17,6 +17,7 @@
Options +Includes -Indexes +ExecCGI
php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp
php_admin_value upload_tmp_dir %home%/%user%/tmp
php_admin_value sys_temp_dir %home%/%user%/tmp
php_admin_value session.save_path %home%/%user%/tmp
php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%"
</Directory>

1
install/debian/8/templates/web/apache2/basedir.tpl
View file

@ -16,6 +16,7 @@
Options +Includes -Indexes +ExecCGI
php_admin_value open_basedir %docroot%:%home%/%user%/tmp
php_admin_value upload_tmp_dir %home%/%user%/tmp
php_admin_value sys_temp_dir %home%/%user%/tmp
php_admin_value session.save_path %home%/%user%/tmp
php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%"
</Directory>

1
install/debian/8/templates/web/apache2/default.stpl
View file

@ -17,6 +17,7 @@
Options +Includes -Indexes +ExecCGI
php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp
php_admin_value upload_tmp_dir %home%/%user%/tmp
php_admin_value sys_temp_dir %home%/%user%/tmp
php_admin_value session.save_path %home%/%user%/tmp
</Directory>
<Directory %home%/%user%/web/%domain%/stats>

1
install/debian/8/templates/web/apache2/default.tpl
View file

@ -16,6 +16,7 @@
Options +Includes -Indexes +ExecCGI
php_admin_value open_basedir %docroot%:%home%/%user%/tmp
php_admin_value upload_tmp_dir %home%/%user%/tmp
php_admin_value sys_temp_dir %home%/%user%/tmp
php_admin_value session.save_path %home%/%user%/tmp
</Directory>
<Directory %home%/%user%/web/%domain%/stats>

1
install/debian/8/templates/web/apache2/hosting.stpl
View file

@ -24,6 +24,7 @@
php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%"
php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube
php_admin_value upload_tmp_dir %home%/%user%/tmp
php_admin_value sys_temp_dir %home%/%user%/tmp
php_admin_value session.save_path %home%/%user%/tmp
</Directory>
<Directory %home%/%user%/web/%domain%/stats>

1
install/debian/8/templates/web/apache2/hosting.tpl
View file

@ -23,6 +23,7 @@
php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%"
php_admin_value open_basedir %docroot%:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube
php_admin_value upload_tmp_dir %home%/%user%/tmp
php_admin_value sys_temp_dir %home%/%user%/tmp
php_admin_value session.save_path %home%/%user%/tmp
</Directory>
<Directory %home%/%user%/web/%domain%/stats>

1
install/debian/8/templates/web/apache2/phpcgi.stpl
View file

@ -17,6 +17,7 @@
Options +Includes -Indexes +ExecCGI
php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp
php_admin_value upload_tmp_dir %home%/%user%/tmp
php_admin_value sys_temp_dir %home%/%user%/tmp
php_admin_value session.save_path %home%/%user%/tmp
Action phpcgi-script /cgi-bin/php
<Files *.php>

1
install/debian/8/templates/web/apache2/phpcgi.tpl
View file

@ -16,6 +16,7 @@
Options +Includes -Indexes +ExecCGI
php_admin_value open_basedir %docroot%:%home%/%user%/tmp
php_admin_value upload_tmp_dir %home%/%user%/tmp
php_admin_value sys_temp_dir %home%/%user%/tmp
php_admin_value session.save_path %home%/%user%/tmp
Action phpcgi-script /cgi-bin/php
<Files *.php>

1
install/debian/8/templates/web/apache2/phpfcgid.stpl
View file

@ -17,6 +17,7 @@
Options +Includes -Indexes +ExecCGI
php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp
php_admin_value upload_tmp_dir %home%/%user%/tmp
php_admin_value sys_temp_dir %home%/%user%/tmp
php_admin_value session.save_path %home%/%user%/tmp
<Files *.php>
SetHandler fcgid-script

1
install/debian/8/templates/web/apache2/phpfcgid.tpl
View file

@ -16,6 +16,7 @@
Options +Includes -Indexes +ExecCGI
php_admin_value open_basedir %docroot%:%home%/%user%/tmp
php_admin_value upload_tmp_dir %home%/%user%/tmp
php_admin_value sys_temp_dir %home%/%user%/tmp
php_admin_value session.save_path %home%/%user%/tmp
<Files *.php>
SetHandler fcgid-script

1
install/debian/8/templates/web/php5-fpm/default.tpl
View file

@ -11,6 +11,7 @@ pm.max_requests = 4000
pm.process_idle_timeout = 10s
pm.status_path = /status
php_admin_value[sys_temp_dir] = /home/%user%/tmp
php_admin_value[upload_tmp_dir] = /home/%user%/tmp
php_admin_value[session.save_path] = /home/%user%/tmp

1
install/debian/8/templates/web/php5-fpm/socket.tpl
View file

@ -14,6 +14,7 @@ pm.max_requests = 4000
pm.process_idle_timeout = 10s
pm.status_path = /status
php_admin_value[sys_temp_dir] = /home/%user%/tmp
php_admin_value[upload_tmp_dir] = /home/%user%/tmp
php_admin_value[session.save_path] = /home/%user%/tmp

2
install/debian/8/templates/web/skel/public_html/index.html
View file

@ -18,7 +18,7 @@
<body>
<h1>%domain%</h1>
<div>
<a href="http://vestacp.com/">Powered by VESTA</a>
<a href="https://vestacp.com/">Server control panel by VESTA</a>
</div>
</body>

2
install/debian/8/templates/web/skel/public_shtml/index.html
View file

@ -18,7 +18,7 @@
<body>
<h1>%domain%</h1>
<div>
<a href="http://vestacp.com/">Powered by VESTA</a>
<a href="https://vestacp.com/">Server control panel by VESTA</a>
</div>
</body>

4
install/debian/9/exim/exim4.conf.template
View file

@ -138,7 +138,7 @@ acl_check_rcpt:
acl_check_data:
.ifdef CLAMD
deny message = Message contains a virus ($malware_name) and has been rejected
malware = *
malware = */defer_ok
condition = ${if eq{$acl_m0}{yes}{yes}{no}}
.endif
@ -164,7 +164,7 @@ acl_check_data:
acl_check_mime:
deny message = Blacklisted file extension detected
condition = ${if match {${lc:$mime_filename}}{\N(\.ade|\.adp|\.bat|\.chm|\.cmd|\.com|\.cpl|\.exe|\.hta|\.ins|\.isp|\.jse|\.lib|\.lnk|\.mde|\.msc|\.msp|\.mst|\.pif|\.scr|\.sct|\.shb|\.sys|\.vb|\.vbe|\.vbs|\.vxd|\.wsc|\.wsf|\.wsh)$\N}{1}{0}}
condition = ${if match {${lc:$mime_filename}}{\N(\.ade|\.adp|\.bat|\.chm|\.cmd|\.com|\.cpl|\.exe|\.hta|\.ins|\.isp|\.jse|\.lib|\.lnk|\.mde|\.msc|\.msp|\.mst|\.pif|\.scr|\.sct|\.shb|\.sys|\.vb|\.vbe|\.vbs|\.vxd|\.wsc|\.wsf|\.wsh|\.jar)$\N}{1}{0}}
accept

10
install/debian/9/nginx/nginx.conf
View file

@ -75,7 +75,9 @@ http {
set_real_ip_from 103.21.244.0/22;
set_real_ip_from 103.22.200.0/22;
set_real_ip_from 103.31.4.0/22;
set_real_ip_from 104.16.0.0/12;
set_real_ip_from 104.16.0.0/13;
set_real_ip_from 104.24.0.0/14;
#set_real_ip_from 104.16.0.0/12;
set_real_ip_from 108.162.192.0/18;
set_real_ip_from 131.0.72.0/22;
set_real_ip_from 141.101.64.0/18;
@ -97,10 +99,10 @@ http {
# SSL PCI Compliance
ssl_session_cache shared:SSL:10m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_session_cache shared:SSL:20m;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_prefer_server_ciphers on;
ssl_ciphers "ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4";
ssl_ciphers "ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS";
# Error pages

2
install/debian/9/nginx/phpmyadmin.inc
View file

@ -1,5 +1,5 @@
location /phpmyadmin {
alias /usr/share/phpmyadmin/;
alias /usr/share/phpmyadmin;
location ~ /(libraries|setup) {
return 404;

2
install/debian/9/nginx/phppgadmin.inc
View file

@ -1,5 +1,5 @@
location /phppgadmin {
alias /usr/share/phppgadmin/;
alias /usr/share/phppgadmin;
location ~ ^/phppgadmin/(.*\.php)$ {
alias /usr/share/phppgadmin/$1;

2
install/debian/9/nginx/webmail.inc
View file

@ -1,5 +1,5 @@
location /webmail {
alias /var/lib/roundcube/;
alias /var/lib/roundcube;
location ~ /(config|temp|logs) {
return 404;

1
install/debian/9/pma/apache.conf
View file

@ -15,6 +15,7 @@ Alias /phpmyadmin /usr/share/phpmyadmin
php_admin_flag allow_url_fopen Off
php_value include_path .
php_admin_value upload_tmp_dir /var/lib/phpmyadmin/tmp
php_admin_value sys_temp_dir /var/lib/phpmyadmin/tmp
php_admin_value open_basedir /usr/share/phpmyadmin/:/etc/phpmyadmin/:/var/lib/phpmyadmin/:/usr/share/php/php-gettext
</IfModule>

1
install/debian/9/templates/web/apache2/basedir.stpl
View file

@ -17,6 +17,7 @@
Options +Includes -Indexes +ExecCGI
php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp
php_admin_value upload_tmp_dir %home%/%user%/tmp
php_admin_value sys_temp_dir %home%/%user%/tmp
php_admin_value session.save_path %home%/%user%/tmp
php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%"
</Directory>

1
install/debian/9/templates/web/apache2/basedir.tpl
View file

@ -16,6 +16,7 @@
Options +Includes -Indexes +ExecCGI
php_admin_value open_basedir %docroot%:%home%/%user%/tmp
php_admin_value upload_tmp_dir %home%/%user%/tmp
php_admin_value sys_temp_dir %home%/%user%/tmp
php_admin_value session.save_path %home%/%user%/tmp
php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%"
</Directory>

1
install/debian/9/templates/web/apache2/default.stpl
View file

@ -17,6 +17,7 @@
Options +Includes -Indexes +ExecCGI
php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp
php_admin_value upload_tmp_dir %home%/%user%/tmp
php_admin_value sys_temp_dir %home%/%user%/tmp
php_admin_value session.save_path %home%/%user%/tmp
</Directory>
<Directory %home%/%user%/web/%domain%/stats>

1
install/debian/9/templates/web/apache2/default.tpl
View file

@ -16,6 +16,7 @@
Options +Includes -Indexes +ExecCGI
php_admin_value open_basedir %docroot%:%home%/%user%/tmp
php_admin_value upload_tmp_dir %home%/%user%/tmp
php_admin_value sys_temp_dir %home%/%user%/tmp
php_admin_value session.save_path %home%/%user%/tmp
</Directory>
<Directory %home%/%user%/web/%domain%/stats>

1
install/debian/9/templates/web/apache2/hosting.stpl
View file

@ -24,6 +24,7 @@
php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%"
php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube
php_admin_value upload_tmp_dir %home%/%user%/tmp
php_admin_value sys_temp_dir %home%/%user%/tmp
php_admin_value session.save_path %home%/%user%/tmp
</Directory>
<Directory %home%/%user%/web/%domain%/stats>

1
install/debian/9/templates/web/apache2/hosting.tpl
View file

@ -23,6 +23,7 @@
php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f info@%domain_idn%"
php_admin_value open_basedir %docroot%:%home%/%user%/tmp:/bin:/usr/bin:/usr/local/bin:/var/www/html:/tmp:/usr/share:/etc/phpMyAdmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/etc/roundcubemail:/etc/roundcube:/var/lib/roundcube
php_admin_value upload_tmp_dir %home%/%user%/tmp
php_admin_value sys_temp_dir %home%/%user%/tmp
php_admin_value session.save_path %home%/%user%/tmp
</Directory>
<Directory %home%/%user%/web/%domain%/stats>

1
install/debian/9/templates/web/apache2/phpcgi.stpl
View file

@ -17,6 +17,7 @@
Options +Includes -Indexes +ExecCGI
php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp
php_admin_value upload_tmp_dir %home%/%user%/tmp
php_admin_value sys_temp_dir %home%/%user%/tmp
php_admin_value session.save_path %home%/%user%/tmp
Action phpcgi-script /cgi-bin/php
<Files *.php>

1
install/debian/9/templates/web/apache2/phpcgi.tpl
View file

@ -16,6 +16,7 @@
Options +Includes -Indexes +ExecCGI
php_admin_value open_basedir %docroot%:%home%/%user%/tmp
php_admin_value upload_tmp_dir %home%/%user%/tmp
php_admin_value sys_temp_dir %home%/%user%/tmp
php_admin_value session.save_path %home%/%user%/tmp
Action phpcgi-script /cgi-bin/php
<Files *.php>

1
install/debian/9/templates/web/apache2/phpfcgid.stpl
View file

@ -17,6 +17,7 @@
Options +Includes -Indexes +ExecCGI
php_admin_value open_basedir %sdocroot%:%home%/%user%/tmp
php_admin_value upload_tmp_dir %home%/%user%/tmp
php_admin_value sys_temp_dir %home%/%user%/tmp
php_admin_value session.save_path %home%/%user%/tmp
<Files *.php>
SetHandler fcgid-script

1
install/debian/9/templates/web/apache2/phpfcgid.tpl
View file

@ -16,6 +16,7 @@
Options +Includes -Indexes +ExecCGI
php_admin_value open_basedir %docroot%:%home%/%user%/tmp
php_admin_value upload_tmp_dir %home%/%user%/tmp
php_admin_value sys_temp_dir %home%/%user%/tmp
php_admin_value session.save_path %home%/%user%/tmp
<Files *.php>
SetHandler fcgid-script

64
install/debian/9/templates/web/nginx/php-fpm/invoiceninja.stpl Normal file
View file

@ -0,0 +1,64 @@
server {
listen %ip%:%web_ssl_port%;
server_name %domain_idn% %alias_idn%;
root %sdocroot%/public;
index index.php index.html index.htm;
access_log /var/log/nginx/domains/%domain%.log combined;
access_log /var/log/nginx/domains/%domain%.bytes bytes;
error_log /var/log/nginx/domains/%domain%.error.log error;
ssl on;
ssl_certificate %ssl_pem%;
ssl_certificate_key %ssl_key%;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
expires max;
}
location = /favicon.ico { access_log off; log_not_found off; }
location = /robots.txt { access_log off; log_not_found off; }
sendfile off;
location ~ \.php$ {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_pass %backend_lsnr%;
fastcgi_index index.php;
include /etc/nginx/fastcgi_params;
fastcgi_intercept_errors off;
fastcgi_buffer_size 16k;
fastcgi_buffers 4 16k;
}
}
error_page 403 /error/404.html;
error_page 404 /error/404.html;
error_page 500 502 503 504 /error/50x.html;
location /error/ {
alias %home%/%user%/web/%domain%/document_errors/;
}
location ~* "/\.(htaccess|htpasswd)$" {
deny all;
return 404;
}
location /vstats/ {
alias %home%/%user%/web/%domain%/stats/;
include %home%/%user%/conf/web/%domain%.auth*;
}
include /etc/nginx/conf.d/phpmyadmin.inc*;
include /etc/nginx/conf.d/phppgadmin.inc*;
include /etc/nginx/conf.d/webmail.inc*;
include %home%/%user%/conf/web/snginx.%domain%.conf*;
}

59
install/debian/9/templates/web/nginx/php-fpm/invoiceninja.tpl Normal file
View file

@ -0,0 +1,59 @@
server {
listen %ip%:%web_port%;
server_name %domain_idn% %alias_idn%;
root %docroot%/public;
index index.php index.html index.htm;
access_log /var/log/nginx/domains/%domain%.log combined;
access_log /var/log/nginx/domains/%domain%.bytes bytes;
error_log /var/log/nginx/domains/%domain%.error.log error;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
expires max;
}
location = /favicon.ico { access_log off; log_not_found off; }
location = /robots.txt { access_log off; log_not_found off; }
sendfile off;
location ~ \.php$ {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_pass %backend_lsnr%;
fastcgi_index index.php;
include /etc/nginx/fastcgi_params;
fastcgi_intercept_errors off;
fastcgi_buffer_size 16k;
fastcgi_buffers 4 16k;
}
error_page 403 /error/404.html;
error_page 404 /error/404.html;
error_page 500 502 503 504 /error/50x.html;
location /error/ {
alias %home%/%user%/web/%domain%/document_errors/;
}
location ~* "/\.(htaccess|htpasswd)$" {
deny all;
return 404;
}
location /vstats/ {
alias %home%/%user%/web/%domain%/stats/;
include %home%/%user%/conf/web/%domain%.auth*;
}
include /etc/nginx/conf.d/phpmyadmin.inc*;
include /etc/nginx/conf.d/phppgadmin.inc*;
include /etc/nginx/conf.d/webmail.inc*;
include %home%/%user%/conf/web/nginx.%domain%.conf*;
}

48
install/debian/9/templates/web/nginx/php-fpm/mautic.stpl Normal file
View file

@ -0,0 +1,48 @@
server {
listen %ip%:%web_ssl_port%;
server_name %domain_idn% %alias_idn%;
root %sdocroot%;
index index.php index.html index.htm;
access_log /var/log/nginx/domains/%domain%.log combined;
access_log /var/log/nginx/domains/%domain%.bytes bytes;
error_log /var/log/nginx/domains/%domain%.error.log error;
ssl on;
ssl_certificate %ssl_pem%;
ssl_certificate_key %ssl_key%;
location / {
try_files $uri /index.php?$query_string;
}
location ~ '\.php$' {
fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_pass %backend_lsnr%;
include /etc/nginx/fastcgi_params;
}
error_page 403 /error/404.html;
error_page 404 /error/404.html;
error_page 500 502 503 504 /error/50x.html;
location /error/ {
alias %home%/%user%/web/%domain%/document_errors/;
}
location ~* "/\.(htaccess|htpasswd)$" {
deny all;
return 404;
}
location /vstats/ {
alias %home%/%user%/web/%domain%/stats/;
include %home%/%user%/conf/web/%domain%.auth*;
}
include /etc/nginx/conf.d/phpmyadmin.inc*;
include /etc/nginx/conf.d/phppgadmin.inc*;
include /etc/nginx/conf.d/webmail.inc*;
include %home%/%user%/conf/web/snginx.%domain%.conf*;
}

44
install/debian/9/templates/web/nginx/php-fpm/mautic.tpl Normal file
View file

@ -0,0 +1,44 @@
server {
listen %ip%:%web_port%;
server_name %domain_idn% %alias_idn%;
root %docroot%;
index index.php index.html index.htm;
access_log /var/log/nginx/domains/%domain%.log combined;
access_log /var/log/nginx/domains/%domain%.bytes bytes;
error_log /var/log/nginx/domains/%domain%.error.log error;
location / {
try_files $uri /index.php?$query_string;
}
location ~ '\.php$' {
fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_pass %backend_lsnr%;
include /etc/nginx/fastcgi_params;
}
error_page 403 /error/404.html;
error_page 404 /error/404.html;
error_page 500 502 503 504 /error/50x.html;
location /error/ {
alias %home%/%user%/web/%domain%/document_errors/;
}
location ~* "/\.(htaccess|htpasswd)$" {
deny all;
return 404;
}
location /vstats/ {
alias %home%/%user%/web/%domain%/stats/;
include %home%/%user%/conf/web/%domain%.auth*;
}
include /etc/nginx/conf.d/phpmyadmin.inc*;
include /etc/nginx/conf.d/phppgadmin.inc*;
include /etc/nginx/conf.d/webmail.inc*;
include %home%/%user%/conf/web/nginx.%domain%.conf*;
}

1
install/debian/9/templates/web/php-fpm/default.tpl
View file

@ -11,6 +11,7 @@ pm.max_requests = 4000
pm.process_idle_timeout = 10s
pm.status_path = /status
php_admin_value[sys_temp_dir] = /home/%user%/tmp
php_admin_value[upload_tmp_dir] = /home/%user%/tmp
php_admin_value[session.save_path] = /home/%user%/tmp

1
install/debian/9/templates/web/php-fpm/socket.tpl
View file

@ -14,6 +14,7 @@ pm.max_requests = 4000
pm.process_idle_timeout = 10s
pm.status_path = /status
php_admin_value[sys_temp_dir] = /home/%user%/tmp
php_admin_value[upload_tmp_dir] = /home/%user%/tmp
php_admin_value[session.save_path] = /home/%user%/tmp

2
install/debian/9/templates/web/skel/public_html/index.html
View file

@ -18,7 +18,7 @@
<body>
<h1>%domain%</h1>
<div>
<a href="http://vestacp.com/">Powered by VESTA</a>
<a href="https://vestacp.com/">Server control panel by VESTA</a>
</div>
</body>

2
install/debian/9/templates/web/skel/public_shtml/index.html
View file

@ -18,7 +18,7 @@
<body>
<h1>%domain%</h1>
<div>
<a href="http://vestacp.com/">Powered by VESTA</a>
<a href="https://vestacp.com/">Server control panel by VESTA</a>
</div>
</body>

13
install/debian/9/vsftpd/vsftpd.conf
View file

@ -24,3 +24,16 @@ pasv_enable=YES
pasv_max_port=12100
pasv_min_port=12000
use_localtime=YES
ssl_enable=YES
allow_anon_ssl=YES
force_local_data_ssl=YES
force_local_logins_ssl=YES
ssl_tlsv1_2=YES
ssl_sslv2=NO
ssl_sslv3=NO
require_ssl_reuse=YES
ssl_ciphers=HIGH
idle_session_timeout=600
data_connection_timeout=120
rsa_cert_file=/usr/local/vesta/ssl/certificate.crt
rsa_private_key_file=/usr/local/vesta/ssl/certificate.key

Some files were not shown because too many files have changed in this diff Show more